@djangocfg/api 2.1.426 → 2.1.428
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +56 -0
- package/dist/auth-server.cjs +248 -32
- package/dist/auth-server.cjs.map +1 -1
- package/dist/auth-server.mjs +248 -32
- package/dist/auth-server.mjs.map +1 -1
- package/dist/auth.cjs +271 -29
- package/dist/auth.cjs.map +1 -1
- package/dist/auth.mjs +271 -29
- package/dist/auth.mjs.map +1 -1
- package/dist/clients.cjs +222 -25
- package/dist/clients.cjs.map +1 -1
- package/dist/clients.d.cts +35 -28
- package/dist/clients.d.ts +35 -28
- package/dist/clients.mjs +222 -25
- package/dist/clients.mjs.map +1 -1
- package/dist/hooks.cjs +117 -4
- package/dist/hooks.cjs.map +1 -1
- package/dist/hooks.mjs +117 -4
- package/dist/hooks.mjs.map +1 -1
- package/dist/index.cjs +277 -26
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +98 -29
- package/dist/index.d.ts +98 -29
- package/dist/index.mjs +277 -26
- package/dist/index.mjs.map +1 -1
- package/package.json +2 -2
- package/src/_api/generated/client/index.ts +1 -0
- package/src/_api/generated/client/utils.gen.ts +2 -2
- package/src/_api/generated/client.gen.ts +2 -2
- package/src/_api/generated/core/auth.gen.ts +7 -0
- package/src/_api/generated/core/params.gen.ts +10 -8
- package/src/_api/generated/core/pathSerializer.gen.ts +6 -6
- package/src/_api/generated/core/queryKeySerializer.gen.ts +1 -1
- package/src/_api/generated/core/utils.gen.ts +4 -4
- package/src/_api/generated/helpers/auth.ts +127 -1
- package/src/_api/generated/sdk.gen.ts +149 -53
- package/src/auth/context/AuthContext.tsx +8 -0
- package/src/auth/utils/env.ts +18 -0
- package/src/auth/utils/logger.ts +11 -4
- package/src/index.ts +12 -0
- package/src/log-control.ts +81 -0
package/dist/index.mjs
CHANGED
|
@@ -304,6 +304,99 @@ async function tryRefresh() {
|
|
|
304
304
|
return _refreshInflight;
|
|
305
305
|
}
|
|
306
306
|
__name(tryRefresh, "tryRefresh");
|
|
307
|
+
function dpopEnabled() {
|
|
308
|
+
try {
|
|
309
|
+
return typeof process !== "undefined" && process.env?.NEXT_PUBLIC_DPOP_ENABLED === "true";
|
|
310
|
+
} catch {
|
|
311
|
+
return false;
|
|
312
|
+
}
|
|
313
|
+
}
|
|
314
|
+
__name(dpopEnabled, "dpopEnabled");
|
|
315
|
+
var _DPOP_DB = "cfg-auth";
|
|
316
|
+
var _DPOP_STORE = "keys";
|
|
317
|
+
var _DPOP_KEY_ID = "dpop-ec-p256";
|
|
318
|
+
function _idbOpen() {
|
|
319
|
+
return new Promise((resolve, reject) => {
|
|
320
|
+
const req = indexedDB.open(_DPOP_DB, 1);
|
|
321
|
+
req.onupgradeneeded = () => req.result.createObjectStore(_DPOP_STORE);
|
|
322
|
+
req.onsuccess = () => resolve(req.result);
|
|
323
|
+
req.onerror = () => reject(req.error);
|
|
324
|
+
});
|
|
325
|
+
}
|
|
326
|
+
__name(_idbOpen, "_idbOpen");
|
|
327
|
+
function _idbGet(key) {
|
|
328
|
+
return _idbOpen().then((db) => new Promise((resolve, reject) => {
|
|
329
|
+
const tx = db.transaction(_DPOP_STORE, "readonly");
|
|
330
|
+
const req = tx.objectStore(_DPOP_STORE).get(key);
|
|
331
|
+
req.onsuccess = () => resolve(req.result);
|
|
332
|
+
req.onerror = () => reject(req.error);
|
|
333
|
+
}));
|
|
334
|
+
}
|
|
335
|
+
__name(_idbGet, "_idbGet");
|
|
336
|
+
function _idbPut(key, value) {
|
|
337
|
+
return _idbOpen().then((db) => new Promise((resolve, reject) => {
|
|
338
|
+
const tx = db.transaction(_DPOP_STORE, "readwrite");
|
|
339
|
+
tx.objectStore(_DPOP_STORE).put(value, key);
|
|
340
|
+
tx.oncomplete = () => resolve();
|
|
341
|
+
tx.onerror = () => reject(tx.error);
|
|
342
|
+
}));
|
|
343
|
+
}
|
|
344
|
+
__name(_idbPut, "_idbPut");
|
|
345
|
+
var _dpopKeyPromise = null;
|
|
346
|
+
function _getDpopKeyPair() {
|
|
347
|
+
if (_dpopKeyPromise) return _dpopKeyPromise;
|
|
348
|
+
_dpopKeyPromise = (async () => {
|
|
349
|
+
const existing = await _idbGet(_DPOP_KEY_ID).catch(() => void 0);
|
|
350
|
+
if (existing) return existing;
|
|
351
|
+
const pair = await crypto.subtle.generateKey(
|
|
352
|
+
{ name: "ECDSA", namedCurve: "P-256" },
|
|
353
|
+
false,
|
|
354
|
+
// extractable:false — JS can sign but never export the private key
|
|
355
|
+
["sign"]
|
|
356
|
+
);
|
|
357
|
+
await _idbPut(_DPOP_KEY_ID, pair).catch(() => {
|
|
358
|
+
});
|
|
359
|
+
return pair;
|
|
360
|
+
})();
|
|
361
|
+
return _dpopKeyPromise;
|
|
362
|
+
}
|
|
363
|
+
__name(_getDpopKeyPair, "_getDpopKeyPair");
|
|
364
|
+
function _b64urlFromBytes(bytes) {
|
|
365
|
+
const arr = bytes instanceof Uint8Array ? bytes : new Uint8Array(bytes);
|
|
366
|
+
let s = "";
|
|
367
|
+
for (let i = 0; i < arr.length; i++) s += String.fromCharCode(arr[i]);
|
|
368
|
+
return btoa(s).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
|
|
369
|
+
}
|
|
370
|
+
__name(_b64urlFromBytes, "_b64urlFromBytes");
|
|
371
|
+
function _b64urlFromString(str) {
|
|
372
|
+
return _b64urlFromBytes(new TextEncoder().encode(str));
|
|
373
|
+
}
|
|
374
|
+
__name(_b64urlFromString, "_b64urlFromString");
|
|
375
|
+
async function _publicJwk(pub) {
|
|
376
|
+
const jwk = await crypto.subtle.exportKey("jwk", pub);
|
|
377
|
+
return { kty: "EC", crv: "P-256", x: jwk.x, y: jwk.y };
|
|
378
|
+
}
|
|
379
|
+
__name(_publicJwk, "_publicJwk");
|
|
380
|
+
async function _makeDpopProof(method, url) {
|
|
381
|
+
try {
|
|
382
|
+
const pair = await _getDpopKeyPair();
|
|
383
|
+
const jwk = await _publicJwk(pair.publicKey);
|
|
384
|
+
const header = { typ: "dpop+jwt", alg: "ES256", jwk };
|
|
385
|
+
const htu = url.split("#")[0].split("?")[0];
|
|
386
|
+
const jti = crypto.randomUUID && crypto.randomUUID() || _b64urlFromBytes(crypto.getRandomValues(new Uint8Array(16)));
|
|
387
|
+
const payload = { htm: method.toUpperCase(), htu, iat: Math.floor(Date.now() / 1e3), jti };
|
|
388
|
+
const signingInput = `${_b64urlFromString(JSON.stringify(header))}.${_b64urlFromString(JSON.stringify(payload))}`;
|
|
389
|
+
const sig = await crypto.subtle.sign(
|
|
390
|
+
{ name: "ECDSA", hash: "SHA-256" },
|
|
391
|
+
pair.privateKey,
|
|
392
|
+
new TextEncoder().encode(signingInput)
|
|
393
|
+
);
|
|
394
|
+
return `${signingInput}.${_b64urlFromBytes(sig)}`;
|
|
395
|
+
} catch {
|
|
396
|
+
return null;
|
|
397
|
+
}
|
|
398
|
+
}
|
|
399
|
+
__name(_makeDpopProof, "_makeDpopProof");
|
|
307
400
|
function installAuthOnClient(client2) {
|
|
308
401
|
if (_client) return;
|
|
309
402
|
_client = client2;
|
|
@@ -311,7 +404,7 @@ function installAuthOnClient(client2) {
|
|
|
311
404
|
baseUrl: auth.getBaseUrl(),
|
|
312
405
|
credentials: _withCredentials ? "include" : "same-origin"
|
|
313
406
|
});
|
|
314
|
-
client2.interceptors.request.use((request) => {
|
|
407
|
+
client2.interceptors.request.use(async (request) => {
|
|
315
408
|
const token = auth.getToken();
|
|
316
409
|
if (token) request.headers.set("Authorization", `Bearer ${token}`);
|
|
317
410
|
const locale = auth.getLocale();
|
|
@@ -324,6 +417,10 @@ function installAuthOnClient(client2) {
|
|
|
324
417
|
} catch {
|
|
325
418
|
}
|
|
326
419
|
request.headers.set("X-Client-Time", (/* @__PURE__ */ new Date()).toISOString());
|
|
420
|
+
if (dpopEnabled() && typeof window !== "undefined") {
|
|
421
|
+
const proof = await _makeDpopProof(request.method, request.url);
|
|
422
|
+
if (proof) request.headers.set("DPoP", proof);
|
|
423
|
+
}
|
|
327
424
|
return request;
|
|
328
425
|
});
|
|
329
426
|
client2.interceptors.error.use((err, res, req) => {
|
|
@@ -357,6 +454,10 @@ function installAuthOnClient(client2) {
|
|
|
357
454
|
const retry = request.clone();
|
|
358
455
|
retry.headers.set("Authorization", `Bearer ${newToken}`);
|
|
359
456
|
retry.headers.set(RETRY_MARKER, "1");
|
|
457
|
+
if (dpopEnabled() && typeof window !== "undefined") {
|
|
458
|
+
const proof = await _makeDpopProof(retry.method, retry.url);
|
|
459
|
+
if (proof) retry.headers.set("DPoP", proof);
|
|
460
|
+
}
|
|
360
461
|
try {
|
|
361
462
|
const retried = await fetch(retry);
|
|
362
463
|
if (retried.status === 401 && _onUnauthorized) {
|
|
@@ -1306,7 +1407,11 @@ var CfgAccountsApiKey = class {
|
|
|
1306
1407
|
static cfgAccountsApiKeyRetrieve(options) {
|
|
1307
1408
|
return (options?.client ?? client).get({
|
|
1308
1409
|
security: [
|
|
1309
|
-
{
|
|
1410
|
+
{
|
|
1411
|
+
key: "jwtAuth",
|
|
1412
|
+
scheme: "bearer",
|
|
1413
|
+
type: "http"
|
|
1414
|
+
},
|
|
1310
1415
|
{
|
|
1311
1416
|
in: "cookie",
|
|
1312
1417
|
name: "sessionid",
|
|
@@ -1326,7 +1431,11 @@ var CfgAccountsApiKey = class {
|
|
|
1326
1431
|
static cfgAccountsApiKeyRegenerateCreate(options) {
|
|
1327
1432
|
return (options.client ?? client).post({
|
|
1328
1433
|
security: [
|
|
1329
|
-
{
|
|
1434
|
+
{
|
|
1435
|
+
key: "jwtAuth",
|
|
1436
|
+
scheme: "bearer",
|
|
1437
|
+
type: "http"
|
|
1438
|
+
},
|
|
1330
1439
|
{
|
|
1331
1440
|
in: "cookie",
|
|
1332
1441
|
name: "sessionid",
|
|
@@ -1350,7 +1459,11 @@ var CfgAccountsApiKey = class {
|
|
|
1350
1459
|
static cfgAccountsApiKeyTestCreate(options) {
|
|
1351
1460
|
return (options.client ?? client).post({
|
|
1352
1461
|
security: [
|
|
1353
|
-
{
|
|
1462
|
+
{
|
|
1463
|
+
key: "jwtAuth",
|
|
1464
|
+
scheme: "bearer",
|
|
1465
|
+
type: "http"
|
|
1466
|
+
},
|
|
1354
1467
|
{
|
|
1355
1468
|
in: "cookie",
|
|
1356
1469
|
name: "sessionid",
|
|
@@ -1378,7 +1491,11 @@ var CfgAccountsOauth = class {
|
|
|
1378
1491
|
*/
|
|
1379
1492
|
static cfgAccountsOauthConnectionsList(options) {
|
|
1380
1493
|
return (options?.client ?? client).get({
|
|
1381
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1494
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1495
|
+
key: "jwtAuthWithLastLogin",
|
|
1496
|
+
scheme: "bearer",
|
|
1497
|
+
type: "http"
|
|
1498
|
+
}],
|
|
1382
1499
|
url: "/cfg/accounts/oauth/connections/",
|
|
1383
1500
|
...options
|
|
1384
1501
|
});
|
|
@@ -1390,7 +1507,11 @@ var CfgAccountsOauth = class {
|
|
|
1390
1507
|
*/
|
|
1391
1508
|
static cfgAccountsOauthDisconnectCreate(options) {
|
|
1392
1509
|
return (options.client ?? client).post({
|
|
1393
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1510
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1511
|
+
key: "jwtAuthWithLastLogin",
|
|
1512
|
+
scheme: "bearer",
|
|
1513
|
+
type: "http"
|
|
1514
|
+
}],
|
|
1394
1515
|
url: "/cfg/accounts/oauth/disconnect/",
|
|
1395
1516
|
...options,
|
|
1396
1517
|
headers: {
|
|
@@ -1447,7 +1568,11 @@ var CfgAccounts = class {
|
|
|
1447
1568
|
*/
|
|
1448
1569
|
static cfgAccountsOtpRequestCreate(options) {
|
|
1449
1570
|
return (options.client ?? client).post({
|
|
1450
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1571
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1572
|
+
key: "jwtAuthWithLastLogin",
|
|
1573
|
+
scheme: "bearer",
|
|
1574
|
+
type: "http"
|
|
1575
|
+
}],
|
|
1451
1576
|
url: "/cfg/accounts/otp/request/",
|
|
1452
1577
|
...options,
|
|
1453
1578
|
headers: {
|
|
@@ -1468,7 +1593,11 @@ var CfgAccounts = class {
|
|
|
1468
1593
|
*/
|
|
1469
1594
|
static cfgAccountsOtpVerifyCreate(options) {
|
|
1470
1595
|
return (options.client ?? client).post({
|
|
1471
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1596
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1597
|
+
key: "jwtAuthWithLastLogin",
|
|
1598
|
+
scheme: "bearer",
|
|
1599
|
+
type: "http"
|
|
1600
|
+
}],
|
|
1472
1601
|
url: "/cfg/accounts/otp/verify/",
|
|
1473
1602
|
...options,
|
|
1474
1603
|
headers: {
|
|
@@ -1489,7 +1618,11 @@ var CfgAccountsProfile = class {
|
|
|
1489
1618
|
*/
|
|
1490
1619
|
static cfgAccountsProfileRetrieve(options) {
|
|
1491
1620
|
return (options?.client ?? client).get({
|
|
1492
|
-
security: [{
|
|
1621
|
+
security: [{
|
|
1622
|
+
key: "jwtAuth",
|
|
1623
|
+
scheme: "bearer",
|
|
1624
|
+
type: "http"
|
|
1625
|
+
}, {
|
|
1493
1626
|
in: "cookie",
|
|
1494
1627
|
name: "sessionid",
|
|
1495
1628
|
type: "apiKey"
|
|
@@ -1506,7 +1639,11 @@ var CfgAccountsProfile = class {
|
|
|
1506
1639
|
static cfgAccountsProfileAvatarCreate(options) {
|
|
1507
1640
|
return (options?.client ?? client).post({
|
|
1508
1641
|
...formDataBodySerializer,
|
|
1509
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1642
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1643
|
+
key: "jwtAuthWithLastLogin",
|
|
1644
|
+
scheme: "bearer",
|
|
1645
|
+
type: "http"
|
|
1646
|
+
}],
|
|
1510
1647
|
url: "/cfg/accounts/profile/avatar/",
|
|
1511
1648
|
...options,
|
|
1512
1649
|
headers: {
|
|
@@ -1532,7 +1669,11 @@ var CfgAccountsProfile = class {
|
|
|
1532
1669
|
*/
|
|
1533
1670
|
static cfgAccountsProfileDeleteCreate(options) {
|
|
1534
1671
|
return (options?.client ?? client).post({
|
|
1535
|
-
security: [{
|
|
1672
|
+
security: [{
|
|
1673
|
+
key: "jwtAuth",
|
|
1674
|
+
scheme: "bearer",
|
|
1675
|
+
type: "http"
|
|
1676
|
+
}, {
|
|
1536
1677
|
in: "cookie",
|
|
1537
1678
|
name: "sessionid",
|
|
1538
1679
|
type: "apiKey"
|
|
@@ -1548,7 +1689,11 @@ var CfgAccountsProfile = class {
|
|
|
1548
1689
|
*/
|
|
1549
1690
|
static cfgAccountsProfilePartialPartialUpdate(options) {
|
|
1550
1691
|
return (options?.client ?? client).patch({
|
|
1551
|
-
security: [{
|
|
1692
|
+
security: [{
|
|
1693
|
+
key: "jwtAuth",
|
|
1694
|
+
scheme: "bearer",
|
|
1695
|
+
type: "http"
|
|
1696
|
+
}, {
|
|
1552
1697
|
in: "cookie",
|
|
1553
1698
|
name: "sessionid",
|
|
1554
1699
|
type: "apiKey"
|
|
@@ -1568,7 +1713,11 @@ var CfgAccountsProfile = class {
|
|
|
1568
1713
|
*/
|
|
1569
1714
|
static cfgAccountsProfilePartialUpdate(options) {
|
|
1570
1715
|
return (options?.client ?? client).put({
|
|
1571
|
-
security: [{
|
|
1716
|
+
security: [{
|
|
1717
|
+
key: "jwtAuth",
|
|
1718
|
+
scheme: "bearer",
|
|
1719
|
+
type: "http"
|
|
1720
|
+
}, {
|
|
1572
1721
|
in: "cookie",
|
|
1573
1722
|
name: "sessionid",
|
|
1574
1723
|
type: "apiKey"
|
|
@@ -1588,7 +1737,11 @@ var CfgAccountsProfile = class {
|
|
|
1588
1737
|
*/
|
|
1589
1738
|
static cfgAccountsProfileUpdatePartialUpdate(options) {
|
|
1590
1739
|
return (options?.client ?? client).patch({
|
|
1591
|
-
security: [{
|
|
1740
|
+
security: [{
|
|
1741
|
+
key: "jwtAuth",
|
|
1742
|
+
scheme: "bearer",
|
|
1743
|
+
type: "http"
|
|
1744
|
+
}, {
|
|
1592
1745
|
in: "cookie",
|
|
1593
1746
|
name: "sessionid",
|
|
1594
1747
|
type: "apiKey"
|
|
@@ -1608,7 +1761,11 @@ var CfgAccountsProfile = class {
|
|
|
1608
1761
|
*/
|
|
1609
1762
|
static cfgAccountsProfileUpdateUpdate(options) {
|
|
1610
1763
|
return (options?.client ?? client).put({
|
|
1611
|
-
security: [{
|
|
1764
|
+
security: [{
|
|
1765
|
+
key: "jwtAuth",
|
|
1766
|
+
scheme: "bearer",
|
|
1767
|
+
type: "http"
|
|
1768
|
+
}, {
|
|
1612
1769
|
in: "cookie",
|
|
1613
1770
|
name: "sessionid",
|
|
1614
1771
|
type: "apiKey"
|
|
@@ -1651,7 +1808,11 @@ var CfgCentrifugo = class {
|
|
|
1651
1808
|
*/
|
|
1652
1809
|
static cfgCentrifugoAuthTokenRetrieve(options) {
|
|
1653
1810
|
return (options?.client ?? client).get({
|
|
1654
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1811
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1812
|
+
key: "jwtAuthWithLastLogin",
|
|
1813
|
+
scheme: "bearer",
|
|
1814
|
+
type: "http"
|
|
1815
|
+
}],
|
|
1655
1816
|
url: "/cfg/centrifugo/auth/token/",
|
|
1656
1817
|
...options
|
|
1657
1818
|
});
|
|
@@ -1666,7 +1827,11 @@ var CfgTotpBackupCodes = class {
|
|
|
1666
1827
|
*/
|
|
1667
1828
|
static cfgTotpBackupCodesRetrieve(options) {
|
|
1668
1829
|
return (options?.client ?? client).get({
|
|
1669
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1830
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1831
|
+
key: "jwtAuthWithLastLogin",
|
|
1832
|
+
scheme: "bearer",
|
|
1833
|
+
type: "http"
|
|
1834
|
+
}],
|
|
1670
1835
|
url: "/cfg/totp/backup-codes/",
|
|
1671
1836
|
...options
|
|
1672
1837
|
});
|
|
@@ -1679,7 +1844,11 @@ var CfgTotpBackupCodes = class {
|
|
|
1679
1844
|
*/
|
|
1680
1845
|
static cfgTotpBackupCodesRegenerateCreate(options) {
|
|
1681
1846
|
return (options.client ?? client).post({
|
|
1682
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1847
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1848
|
+
key: "jwtAuthWithLastLogin",
|
|
1849
|
+
scheme: "bearer",
|
|
1850
|
+
type: "http"
|
|
1851
|
+
}],
|
|
1683
1852
|
url: "/cfg/totp/backup-codes/regenerate/",
|
|
1684
1853
|
...options,
|
|
1685
1854
|
headers: {
|
|
@@ -1698,7 +1867,11 @@ var CfgTotp = class {
|
|
|
1698
1867
|
*/
|
|
1699
1868
|
static cfgTotpDevicesRetrieve(options) {
|
|
1700
1869
|
return (options?.client ?? client).get({
|
|
1701
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1870
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1871
|
+
key: "jwtAuthWithLastLogin",
|
|
1872
|
+
scheme: "bearer",
|
|
1873
|
+
type: "http"
|
|
1874
|
+
}],
|
|
1702
1875
|
url: "/cfg/totp/devices/",
|
|
1703
1876
|
...options
|
|
1704
1877
|
});
|
|
@@ -1710,7 +1883,11 @@ var CfgTotp = class {
|
|
|
1710
1883
|
*/
|
|
1711
1884
|
static cfgTotpDevicesDestroy(options) {
|
|
1712
1885
|
return (options.client ?? client).delete({
|
|
1713
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1886
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1887
|
+
key: "jwtAuthWithLastLogin",
|
|
1888
|
+
scheme: "bearer",
|
|
1889
|
+
type: "http"
|
|
1890
|
+
}],
|
|
1714
1891
|
url: "/cfg/totp/devices/{id}/",
|
|
1715
1892
|
...options
|
|
1716
1893
|
});
|
|
@@ -1722,7 +1899,11 @@ var CfgTotp = class {
|
|
|
1722
1899
|
*/
|
|
1723
1900
|
static cfgTotpDisableCreate(options) {
|
|
1724
1901
|
return (options.client ?? client).post({
|
|
1725
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1902
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1903
|
+
key: "jwtAuthWithLastLogin",
|
|
1904
|
+
scheme: "bearer",
|
|
1905
|
+
type: "http"
|
|
1906
|
+
}],
|
|
1726
1907
|
url: "/cfg/totp/disable/",
|
|
1727
1908
|
...options,
|
|
1728
1909
|
headers: {
|
|
@@ -1743,7 +1924,11 @@ var CfgTotpSetup = class {
|
|
|
1743
1924
|
*/
|
|
1744
1925
|
static cfgTotpSetupCreate(options) {
|
|
1745
1926
|
return (options?.client ?? client).post({
|
|
1746
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1927
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1928
|
+
key: "jwtAuthWithLastLogin",
|
|
1929
|
+
scheme: "bearer",
|
|
1930
|
+
type: "http"
|
|
1931
|
+
}],
|
|
1747
1932
|
url: "/cfg/totp/setup/",
|
|
1748
1933
|
...options,
|
|
1749
1934
|
headers: {
|
|
@@ -1759,7 +1944,11 @@ var CfgTotpSetup = class {
|
|
|
1759
1944
|
*/
|
|
1760
1945
|
static cfgTotpSetupConfirmCreate(options) {
|
|
1761
1946
|
return (options.client ?? client).post({
|
|
1762
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1947
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1948
|
+
key: "jwtAuthWithLastLogin",
|
|
1949
|
+
scheme: "bearer",
|
|
1950
|
+
type: "http"
|
|
1951
|
+
}],
|
|
1763
1952
|
url: "/cfg/totp/setup/confirm/",
|
|
1764
1953
|
...options,
|
|
1765
1954
|
headers: {
|
|
@@ -1780,7 +1969,11 @@ var CfgTotpVerify = class {
|
|
|
1780
1969
|
*/
|
|
1781
1970
|
static cfgTotpVerifyCreate(options) {
|
|
1782
1971
|
return (options.client ?? client).post({
|
|
1783
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1972
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1973
|
+
key: "jwtAuthWithLastLogin",
|
|
1974
|
+
scheme: "bearer",
|
|
1975
|
+
type: "http"
|
|
1976
|
+
}],
|
|
1784
1977
|
url: "/cfg/totp/verify/",
|
|
1785
1978
|
...options,
|
|
1786
1979
|
headers: {
|
|
@@ -1796,7 +1989,11 @@ var CfgTotpVerify = class {
|
|
|
1796
1989
|
*/
|
|
1797
1990
|
static cfgTotpVerifyBackupCreate(options) {
|
|
1798
1991
|
return (options.client ?? client).post({
|
|
1799
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1992
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1993
|
+
key: "jwtAuthWithLastLogin",
|
|
1994
|
+
scheme: "bearer",
|
|
1995
|
+
type: "http"
|
|
1996
|
+
}],
|
|
1800
1997
|
url: "/cfg/totp/verify/backup/",
|
|
1801
1998
|
...options,
|
|
1802
1999
|
headers: {
|
|
@@ -2137,6 +2334,51 @@ var API3 = class {
|
|
|
2137
2334
|
var CfgAccountsApi = new API();
|
|
2138
2335
|
var CfgCentrifugoApi = new API2();
|
|
2139
2336
|
var CfgTotpApi = new API3();
|
|
2337
|
+
|
|
2338
|
+
// src/auth/utils/env.ts
|
|
2339
|
+
var isDev = process.env.NODE_ENV === "development";
|
|
2340
|
+
var isProd = !isDev;
|
|
2341
|
+
var isBrowser2 = typeof window !== "undefined";
|
|
2342
|
+
var isStaticBuild = process.env.NEXT_PUBLIC_STATIC_BUILD === "true";
|
|
2343
|
+
var dpopEnabled2 = process.env.NEXT_PUBLIC_DPOP_ENABLED === "true";
|
|
2344
|
+
|
|
2345
|
+
// src/log-control.ts
|
|
2346
|
+
var verboseByDefault = isDev || isStaticBuild;
|
|
2347
|
+
var DEFAULT_LEVEL = verboseByDefault ? 4 : 1;
|
|
2348
|
+
var _level = DEFAULT_LEVEL;
|
|
2349
|
+
var _subscribers = /* @__PURE__ */ new Set();
|
|
2350
|
+
function getLogLevel() {
|
|
2351
|
+
return _level;
|
|
2352
|
+
}
|
|
2353
|
+
__name(getLogLevel, "getLogLevel");
|
|
2354
|
+
function setLogLevel(level) {
|
|
2355
|
+
_level = level;
|
|
2356
|
+
for (const fn of _subscribers) {
|
|
2357
|
+
try {
|
|
2358
|
+
fn(level);
|
|
2359
|
+
} catch {
|
|
2360
|
+
}
|
|
2361
|
+
}
|
|
2362
|
+
}
|
|
2363
|
+
__name(setLogLevel, "setLogLevel");
|
|
2364
|
+
function onLogLevelChange(fn) {
|
|
2365
|
+
_subscribers.add(fn);
|
|
2366
|
+
try {
|
|
2367
|
+
fn(_level);
|
|
2368
|
+
} catch {
|
|
2369
|
+
}
|
|
2370
|
+
return () => _subscribers.delete(fn);
|
|
2371
|
+
}
|
|
2372
|
+
__name(onLogLevelChange, "onLogLevelChange");
|
|
2373
|
+
function applyRoleLogPolicy(opts) {
|
|
2374
|
+
const devMode = opts.isDev ?? verboseByDefault;
|
|
2375
|
+
if (opts.isAdmin || devMode) {
|
|
2376
|
+
setLogLevel(4);
|
|
2377
|
+
} else {
|
|
2378
|
+
setLogLevel(1);
|
|
2379
|
+
}
|
|
2380
|
+
}
|
|
2381
|
+
__name(applyRoleLogPolicy, "applyRoleLogPolicy");
|
|
2140
2382
|
export {
|
|
2141
2383
|
APIError,
|
|
2142
2384
|
APILogger,
|
|
@@ -2161,10 +2403,19 @@ export {
|
|
|
2161
2403
|
MemoryStorageAdapter,
|
|
2162
2404
|
NetworkError,
|
|
2163
2405
|
CfgAccountsApi as api,
|
|
2406
|
+
applyRoleLogPolicy,
|
|
2164
2407
|
auth,
|
|
2165
2408
|
defaultLogger,
|
|
2166
2409
|
dispatchValidationError,
|
|
2410
|
+
dpopEnabled2 as dpopEnabled,
|
|
2167
2411
|
formatZodError,
|
|
2168
|
-
|
|
2412
|
+
getLogLevel,
|
|
2413
|
+
isBrowser2 as isBrowser,
|
|
2414
|
+
isDev,
|
|
2415
|
+
isProd,
|
|
2416
|
+
isStaticBuild,
|
|
2417
|
+
onLogLevelChange,
|
|
2418
|
+
onValidationError,
|
|
2419
|
+
setLogLevel
|
|
2169
2420
|
};
|
|
2170
2421
|
//# sourceMappingURL=index.mjs.map
|