@delopay/sdk 0.3.3 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/index.cjs +55 -26
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.d.cts +79 -19
  4. package/dist/index.d.ts +79 -19
  5. package/dist/index.js +55 -26
  6. package/dist/index.js.map +1 -1
  7. package/package.json +1 -1
package/dist/index.cjs CHANGED
@@ -2070,31 +2070,29 @@ var Users = class {
2070
2070
  return this.request("POST", "/user/forgot_password", { body: params });
2071
2071
  }
2072
2072
  /**
2073
- * Reset a user's password using the email link token.
2073
+ * Commit a password reset.
2074
2074
  *
2075
- * The email link delivers an `EmailToken`, but `/user/reset_password` is
2076
- * gated by `SinglePurposeJWTAuth` which expects a different JWT type
2077
- * (`SinglePurposeToken`). The SDK hides this two-step dance:
2078
- *
2079
- * 1. Exchange the EmailToken for a SinglePurposeToken at `/user/from_email`
2080
- * (`crates/router/src/core/user.rs:2773`, no auth required).
2081
- * 2. Call `/user/reset_password` with the SinglePurposeToken as
2082
- * `Authorization: Bearer` and the original EmailToken in the body —
2083
- * the handler decodes body.token as an EmailToken to look up the user
2084
- * (`crates/router/src/core/user.rs:687`).
2085
- *
2086
- * Callers just pass `{ password, token }` (the token from the URL).
2075
+ * The caller is responsible for obtaining a `SinglePurposeToken` with
2076
+ * `purpose: reset_password` via the email-token exchange + TOTP flow
2077
+ * (see `fromEmail`, `beginTotp`, `updateTotp`/`verifyTotp`,
2078
+ * `generateRecoveryCodes`, `terminate2fa`) and setting it on the client
2079
+ * via `setJwtToken` before calling this method. `body.token` must still
2080
+ * be the original `EmailToken` from the reset-link URL — the handler
2081
+ * decodes it a second time to find the user
2082
+ * (`delopay-backend/crates/router/src/core/user.rs:687`).
2087
2083
  */
2088
2084
  async resetPassword(params) {
2089
- const exchange = await this.request(
2090
- "POST",
2091
- "/user/from_email",
2092
- { body: { token: params.token } }
2093
- );
2094
- return this.request("POST", "/user/reset_password", {
2095
- body: { token: params.token, password: params.password },
2096
- headers: { Authorization: `Bearer ${exchange.token}` }
2097
- });
2085
+ return this.request("POST", "/user/reset_password", { body: params });
2086
+ }
2087
+ /**
2088
+ * Exchange an email-link token (`EmailToken`) for a single-purpose JWT
2089
+ * that drives the next step of the flow (TOTP, verify email, accept
2090
+ * invitation, etc.). No authentication required.
2091
+ *
2092
+ * The `token_type` in the response tells you which step to run next.
2093
+ */
2094
+ async fromEmail(params) {
2095
+ return this.request("POST", "/user/from_email", { body: params });
2098
2096
  }
2099
2097
  async verifyEmail(params) {
2100
2098
  return this.request("POST", "/user/verify_email", { body: params });
@@ -2123,9 +2121,24 @@ var Users = class {
2123
2121
  async acceptInvitation(params) {
2124
2122
  return this.request("POST", "/user/user/invite/accept", { body: params });
2125
2123
  }
2124
+ /**
2125
+ * Start TOTP setup (or no-op if already set).
2126
+ *
2127
+ * Returns the QR-code payload when the user has no TOTP configured yet;
2128
+ * returns `{ secret: null }` when the user is already set up (caller
2129
+ * should then prompt for a 6-digit code and call `verifyTotp`).
2130
+ *
2131
+ * Requires `Authorization: Bearer <SPT{purpose:totp}>`.
2132
+ */
2126
2133
  async beginTotp() {
2127
2134
  return this.request("GET", "/user/2fa/totp/begin");
2128
2135
  }
2136
+ /**
2137
+ * Verify a 6-digit TOTP code for a user whose TOTP is already set up.
2138
+ * Marks the code as used in Redis so subsequent flow steps can advance.
2139
+ *
2140
+ * Requires `Authorization: Bearer <SPT{purpose:totp}>`.
2141
+ */
2129
2142
  async verifyTotp(params) {
2130
2143
  return this.request("POST", "/user/2fa/totp/verify", { body: params });
2131
2144
  }
@@ -2192,13 +2205,29 @@ var Users = class {
2192
2205
  async check2faStatusV2() {
2193
2206
  return this.request("GET", "/user/2fa/v2");
2194
2207
  }
2195
- /** Update TOTP. `PUT /user/2fa/totp/verify` */
2208
+ /**
2209
+ * Finish first-time TOTP setup: commit the secret generated by `beginTotp`
2210
+ * against a 6-digit code from the user's authenticator app.
2211
+ *
2212
+ * `PUT /user/2fa/totp/verify`. Requires `Authorization: Bearer <SPT{purpose:totp}>`.
2213
+ */
2196
2214
  async updateTotp(params) {
2197
2215
  return this.request("PUT", "/user/2fa/totp/verify", { body: params });
2198
2216
  }
2199
- /** Terminate 2FA. `GET /user/2fa/terminate` */
2200
- async terminate2fa() {
2201
- return this.request("GET", "/user/2fa/terminate");
2217
+ /**
2218
+ * Complete the TOTP step and advance to the next flow stage (e.g.
2219
+ * `reset_password`). Returns a fresh single-purpose token with the
2220
+ * next `token_type`.
2221
+ *
2222
+ * `GET /user/2fa/terminate`. Requires `Authorization: Bearer <SPT{purpose:totp}>`.
2223
+ */
2224
+ async terminate2fa(query) {
2225
+ if (query === void 0) {
2226
+ return this.request("GET", "/user/2fa/terminate");
2227
+ }
2228
+ return this.request("GET", "/user/2fa/terminate", {
2229
+ query
2230
+ });
2202
2231
  }
2203
2232
  /** Create auth method. `POST /user/auth` */
2204
2233
  async createAuthMethod(params) {