@djangocfg/api 2.1.427 → 2.1.428
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +56 -0
- package/dist/auth-server.cjs +248 -32
- package/dist/auth-server.cjs.map +1 -1
- package/dist/auth-server.mjs +248 -32
- package/dist/auth-server.mjs.map +1 -1
- package/dist/auth.cjs +271 -29
- package/dist/auth.cjs.map +1 -1
- package/dist/auth.mjs +271 -29
- package/dist/auth.mjs.map +1 -1
- package/dist/clients.cjs +222 -25
- package/dist/clients.cjs.map +1 -1
- package/dist/clients.d.cts +35 -28
- package/dist/clients.d.ts +35 -28
- package/dist/clients.mjs +222 -25
- package/dist/clients.mjs.map +1 -1
- package/dist/hooks.cjs +117 -4
- package/dist/hooks.cjs.map +1 -1
- package/dist/hooks.mjs +117 -4
- package/dist/hooks.mjs.map +1 -1
- package/dist/index.cjs +277 -26
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +98 -29
- package/dist/index.d.ts +98 -29
- package/dist/index.mjs +277 -26
- package/dist/index.mjs.map +1 -1
- package/package.json +2 -2
- package/src/_api/generated/client/index.ts +1 -0
- package/src/_api/generated/client/utils.gen.ts +2 -2
- package/src/_api/generated/client.gen.ts +2 -2
- package/src/_api/generated/core/auth.gen.ts +7 -0
- package/src/_api/generated/core/params.gen.ts +10 -8
- package/src/_api/generated/core/pathSerializer.gen.ts +6 -6
- package/src/_api/generated/core/queryKeySerializer.gen.ts +1 -1
- package/src/_api/generated/core/utils.gen.ts +4 -4
- package/src/_api/generated/helpers/auth.ts +127 -1
- package/src/_api/generated/sdk.gen.ts +149 -53
- package/src/auth/context/AuthContext.tsx +8 -0
- package/src/auth/utils/env.ts +18 -0
- package/src/auth/utils/logger.ts +11 -4
- package/src/index.ts +12 -0
- package/src/log-control.ts +81 -0
package/dist/index.cjs
CHANGED
|
@@ -43,11 +43,20 @@ __export(index_exports, {
|
|
|
43
43
|
MemoryStorageAdapter: () => MemoryStorageAdapter,
|
|
44
44
|
NetworkError: () => NetworkError,
|
|
45
45
|
api: () => CfgAccountsApi,
|
|
46
|
+
applyRoleLogPolicy: () => applyRoleLogPolicy,
|
|
46
47
|
auth: () => auth,
|
|
47
48
|
defaultLogger: () => defaultLogger,
|
|
48
49
|
dispatchValidationError: () => dispatchValidationError,
|
|
50
|
+
dpopEnabled: () => dpopEnabled2,
|
|
49
51
|
formatZodError: () => formatZodError,
|
|
50
|
-
|
|
52
|
+
getLogLevel: () => getLogLevel,
|
|
53
|
+
isBrowser: () => isBrowser2,
|
|
54
|
+
isDev: () => isDev,
|
|
55
|
+
isProd: () => isProd,
|
|
56
|
+
isStaticBuild: () => isStaticBuild,
|
|
57
|
+
onLogLevelChange: () => onLogLevelChange,
|
|
58
|
+
onValidationError: () => onValidationError,
|
|
59
|
+
setLogLevel: () => setLogLevel
|
|
51
60
|
});
|
|
52
61
|
module.exports = __toCommonJS(index_exports);
|
|
53
62
|
|
|
@@ -354,6 +363,99 @@ async function tryRefresh() {
|
|
|
354
363
|
return _refreshInflight;
|
|
355
364
|
}
|
|
356
365
|
__name(tryRefresh, "tryRefresh");
|
|
366
|
+
function dpopEnabled() {
|
|
367
|
+
try {
|
|
368
|
+
return typeof process !== "undefined" && process.env?.NEXT_PUBLIC_DPOP_ENABLED === "true";
|
|
369
|
+
} catch {
|
|
370
|
+
return false;
|
|
371
|
+
}
|
|
372
|
+
}
|
|
373
|
+
__name(dpopEnabled, "dpopEnabled");
|
|
374
|
+
var _DPOP_DB = "cfg-auth";
|
|
375
|
+
var _DPOP_STORE = "keys";
|
|
376
|
+
var _DPOP_KEY_ID = "dpop-ec-p256";
|
|
377
|
+
function _idbOpen() {
|
|
378
|
+
return new Promise((resolve, reject) => {
|
|
379
|
+
const req = indexedDB.open(_DPOP_DB, 1);
|
|
380
|
+
req.onupgradeneeded = () => req.result.createObjectStore(_DPOP_STORE);
|
|
381
|
+
req.onsuccess = () => resolve(req.result);
|
|
382
|
+
req.onerror = () => reject(req.error);
|
|
383
|
+
});
|
|
384
|
+
}
|
|
385
|
+
__name(_idbOpen, "_idbOpen");
|
|
386
|
+
function _idbGet(key) {
|
|
387
|
+
return _idbOpen().then((db) => new Promise((resolve, reject) => {
|
|
388
|
+
const tx = db.transaction(_DPOP_STORE, "readonly");
|
|
389
|
+
const req = tx.objectStore(_DPOP_STORE).get(key);
|
|
390
|
+
req.onsuccess = () => resolve(req.result);
|
|
391
|
+
req.onerror = () => reject(req.error);
|
|
392
|
+
}));
|
|
393
|
+
}
|
|
394
|
+
__name(_idbGet, "_idbGet");
|
|
395
|
+
function _idbPut(key, value) {
|
|
396
|
+
return _idbOpen().then((db) => new Promise((resolve, reject) => {
|
|
397
|
+
const tx = db.transaction(_DPOP_STORE, "readwrite");
|
|
398
|
+
tx.objectStore(_DPOP_STORE).put(value, key);
|
|
399
|
+
tx.oncomplete = () => resolve();
|
|
400
|
+
tx.onerror = () => reject(tx.error);
|
|
401
|
+
}));
|
|
402
|
+
}
|
|
403
|
+
__name(_idbPut, "_idbPut");
|
|
404
|
+
var _dpopKeyPromise = null;
|
|
405
|
+
function _getDpopKeyPair() {
|
|
406
|
+
if (_dpopKeyPromise) return _dpopKeyPromise;
|
|
407
|
+
_dpopKeyPromise = (async () => {
|
|
408
|
+
const existing = await _idbGet(_DPOP_KEY_ID).catch(() => void 0);
|
|
409
|
+
if (existing) return existing;
|
|
410
|
+
const pair = await crypto.subtle.generateKey(
|
|
411
|
+
{ name: "ECDSA", namedCurve: "P-256" },
|
|
412
|
+
false,
|
|
413
|
+
// extractable:false — JS can sign but never export the private key
|
|
414
|
+
["sign"]
|
|
415
|
+
);
|
|
416
|
+
await _idbPut(_DPOP_KEY_ID, pair).catch(() => {
|
|
417
|
+
});
|
|
418
|
+
return pair;
|
|
419
|
+
})();
|
|
420
|
+
return _dpopKeyPromise;
|
|
421
|
+
}
|
|
422
|
+
__name(_getDpopKeyPair, "_getDpopKeyPair");
|
|
423
|
+
function _b64urlFromBytes(bytes) {
|
|
424
|
+
const arr = bytes instanceof Uint8Array ? bytes : new Uint8Array(bytes);
|
|
425
|
+
let s = "";
|
|
426
|
+
for (let i = 0; i < arr.length; i++) s += String.fromCharCode(arr[i]);
|
|
427
|
+
return btoa(s).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
|
|
428
|
+
}
|
|
429
|
+
__name(_b64urlFromBytes, "_b64urlFromBytes");
|
|
430
|
+
function _b64urlFromString(str) {
|
|
431
|
+
return _b64urlFromBytes(new TextEncoder().encode(str));
|
|
432
|
+
}
|
|
433
|
+
__name(_b64urlFromString, "_b64urlFromString");
|
|
434
|
+
async function _publicJwk(pub) {
|
|
435
|
+
const jwk = await crypto.subtle.exportKey("jwk", pub);
|
|
436
|
+
return { kty: "EC", crv: "P-256", x: jwk.x, y: jwk.y };
|
|
437
|
+
}
|
|
438
|
+
__name(_publicJwk, "_publicJwk");
|
|
439
|
+
async function _makeDpopProof(method, url) {
|
|
440
|
+
try {
|
|
441
|
+
const pair = await _getDpopKeyPair();
|
|
442
|
+
const jwk = await _publicJwk(pair.publicKey);
|
|
443
|
+
const header = { typ: "dpop+jwt", alg: "ES256", jwk };
|
|
444
|
+
const htu = url.split("#")[0].split("?")[0];
|
|
445
|
+
const jti = crypto.randomUUID && crypto.randomUUID() || _b64urlFromBytes(crypto.getRandomValues(new Uint8Array(16)));
|
|
446
|
+
const payload = { htm: method.toUpperCase(), htu, iat: Math.floor(Date.now() / 1e3), jti };
|
|
447
|
+
const signingInput = `${_b64urlFromString(JSON.stringify(header))}.${_b64urlFromString(JSON.stringify(payload))}`;
|
|
448
|
+
const sig = await crypto.subtle.sign(
|
|
449
|
+
{ name: "ECDSA", hash: "SHA-256" },
|
|
450
|
+
pair.privateKey,
|
|
451
|
+
new TextEncoder().encode(signingInput)
|
|
452
|
+
);
|
|
453
|
+
return `${signingInput}.${_b64urlFromBytes(sig)}`;
|
|
454
|
+
} catch {
|
|
455
|
+
return null;
|
|
456
|
+
}
|
|
457
|
+
}
|
|
458
|
+
__name(_makeDpopProof, "_makeDpopProof");
|
|
357
459
|
function installAuthOnClient(client2) {
|
|
358
460
|
if (_client) return;
|
|
359
461
|
_client = client2;
|
|
@@ -361,7 +463,7 @@ function installAuthOnClient(client2) {
|
|
|
361
463
|
baseUrl: auth.getBaseUrl(),
|
|
362
464
|
credentials: _withCredentials ? "include" : "same-origin"
|
|
363
465
|
});
|
|
364
|
-
client2.interceptors.request.use((request) => {
|
|
466
|
+
client2.interceptors.request.use(async (request) => {
|
|
365
467
|
const token = auth.getToken();
|
|
366
468
|
if (token) request.headers.set("Authorization", `Bearer ${token}`);
|
|
367
469
|
const locale = auth.getLocale();
|
|
@@ -374,6 +476,10 @@ function installAuthOnClient(client2) {
|
|
|
374
476
|
} catch {
|
|
375
477
|
}
|
|
376
478
|
request.headers.set("X-Client-Time", (/* @__PURE__ */ new Date()).toISOString());
|
|
479
|
+
if (dpopEnabled() && typeof window !== "undefined") {
|
|
480
|
+
const proof = await _makeDpopProof(request.method, request.url);
|
|
481
|
+
if (proof) request.headers.set("DPoP", proof);
|
|
482
|
+
}
|
|
377
483
|
return request;
|
|
378
484
|
});
|
|
379
485
|
client2.interceptors.error.use((err, res, req) => {
|
|
@@ -407,6 +513,10 @@ function installAuthOnClient(client2) {
|
|
|
407
513
|
const retry = request.clone();
|
|
408
514
|
retry.headers.set("Authorization", `Bearer ${newToken}`);
|
|
409
515
|
retry.headers.set(RETRY_MARKER, "1");
|
|
516
|
+
if (dpopEnabled() && typeof window !== "undefined") {
|
|
517
|
+
const proof = await _makeDpopProof(retry.method, retry.url);
|
|
518
|
+
if (proof) retry.headers.set("DPoP", proof);
|
|
519
|
+
}
|
|
410
520
|
try {
|
|
411
521
|
const retried = await fetch(retry);
|
|
412
522
|
if (retried.status === 401 && _onUnauthorized) {
|
|
@@ -1356,7 +1466,11 @@ var CfgAccountsApiKey = class {
|
|
|
1356
1466
|
static cfgAccountsApiKeyRetrieve(options) {
|
|
1357
1467
|
return (options?.client ?? client).get({
|
|
1358
1468
|
security: [
|
|
1359
|
-
{
|
|
1469
|
+
{
|
|
1470
|
+
key: "jwtAuth",
|
|
1471
|
+
scheme: "bearer",
|
|
1472
|
+
type: "http"
|
|
1473
|
+
},
|
|
1360
1474
|
{
|
|
1361
1475
|
in: "cookie",
|
|
1362
1476
|
name: "sessionid",
|
|
@@ -1376,7 +1490,11 @@ var CfgAccountsApiKey = class {
|
|
|
1376
1490
|
static cfgAccountsApiKeyRegenerateCreate(options) {
|
|
1377
1491
|
return (options.client ?? client).post({
|
|
1378
1492
|
security: [
|
|
1379
|
-
{
|
|
1493
|
+
{
|
|
1494
|
+
key: "jwtAuth",
|
|
1495
|
+
scheme: "bearer",
|
|
1496
|
+
type: "http"
|
|
1497
|
+
},
|
|
1380
1498
|
{
|
|
1381
1499
|
in: "cookie",
|
|
1382
1500
|
name: "sessionid",
|
|
@@ -1400,7 +1518,11 @@ var CfgAccountsApiKey = class {
|
|
|
1400
1518
|
static cfgAccountsApiKeyTestCreate(options) {
|
|
1401
1519
|
return (options.client ?? client).post({
|
|
1402
1520
|
security: [
|
|
1403
|
-
{
|
|
1521
|
+
{
|
|
1522
|
+
key: "jwtAuth",
|
|
1523
|
+
scheme: "bearer",
|
|
1524
|
+
type: "http"
|
|
1525
|
+
},
|
|
1404
1526
|
{
|
|
1405
1527
|
in: "cookie",
|
|
1406
1528
|
name: "sessionid",
|
|
@@ -1428,7 +1550,11 @@ var CfgAccountsOauth = class {
|
|
|
1428
1550
|
*/
|
|
1429
1551
|
static cfgAccountsOauthConnectionsList(options) {
|
|
1430
1552
|
return (options?.client ?? client).get({
|
|
1431
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1553
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1554
|
+
key: "jwtAuthWithLastLogin",
|
|
1555
|
+
scheme: "bearer",
|
|
1556
|
+
type: "http"
|
|
1557
|
+
}],
|
|
1432
1558
|
url: "/cfg/accounts/oauth/connections/",
|
|
1433
1559
|
...options
|
|
1434
1560
|
});
|
|
@@ -1440,7 +1566,11 @@ var CfgAccountsOauth = class {
|
|
|
1440
1566
|
*/
|
|
1441
1567
|
static cfgAccountsOauthDisconnectCreate(options) {
|
|
1442
1568
|
return (options.client ?? client).post({
|
|
1443
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1569
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1570
|
+
key: "jwtAuthWithLastLogin",
|
|
1571
|
+
scheme: "bearer",
|
|
1572
|
+
type: "http"
|
|
1573
|
+
}],
|
|
1444
1574
|
url: "/cfg/accounts/oauth/disconnect/",
|
|
1445
1575
|
...options,
|
|
1446
1576
|
headers: {
|
|
@@ -1497,7 +1627,11 @@ var CfgAccounts = class {
|
|
|
1497
1627
|
*/
|
|
1498
1628
|
static cfgAccountsOtpRequestCreate(options) {
|
|
1499
1629
|
return (options.client ?? client).post({
|
|
1500
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1630
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1631
|
+
key: "jwtAuthWithLastLogin",
|
|
1632
|
+
scheme: "bearer",
|
|
1633
|
+
type: "http"
|
|
1634
|
+
}],
|
|
1501
1635
|
url: "/cfg/accounts/otp/request/",
|
|
1502
1636
|
...options,
|
|
1503
1637
|
headers: {
|
|
@@ -1518,7 +1652,11 @@ var CfgAccounts = class {
|
|
|
1518
1652
|
*/
|
|
1519
1653
|
static cfgAccountsOtpVerifyCreate(options) {
|
|
1520
1654
|
return (options.client ?? client).post({
|
|
1521
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1655
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1656
|
+
key: "jwtAuthWithLastLogin",
|
|
1657
|
+
scheme: "bearer",
|
|
1658
|
+
type: "http"
|
|
1659
|
+
}],
|
|
1522
1660
|
url: "/cfg/accounts/otp/verify/",
|
|
1523
1661
|
...options,
|
|
1524
1662
|
headers: {
|
|
@@ -1539,7 +1677,11 @@ var CfgAccountsProfile = class {
|
|
|
1539
1677
|
*/
|
|
1540
1678
|
static cfgAccountsProfileRetrieve(options) {
|
|
1541
1679
|
return (options?.client ?? client).get({
|
|
1542
|
-
security: [{
|
|
1680
|
+
security: [{
|
|
1681
|
+
key: "jwtAuth",
|
|
1682
|
+
scheme: "bearer",
|
|
1683
|
+
type: "http"
|
|
1684
|
+
}, {
|
|
1543
1685
|
in: "cookie",
|
|
1544
1686
|
name: "sessionid",
|
|
1545
1687
|
type: "apiKey"
|
|
@@ -1556,7 +1698,11 @@ var CfgAccountsProfile = class {
|
|
|
1556
1698
|
static cfgAccountsProfileAvatarCreate(options) {
|
|
1557
1699
|
return (options?.client ?? client).post({
|
|
1558
1700
|
...formDataBodySerializer,
|
|
1559
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1701
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1702
|
+
key: "jwtAuthWithLastLogin",
|
|
1703
|
+
scheme: "bearer",
|
|
1704
|
+
type: "http"
|
|
1705
|
+
}],
|
|
1560
1706
|
url: "/cfg/accounts/profile/avatar/",
|
|
1561
1707
|
...options,
|
|
1562
1708
|
headers: {
|
|
@@ -1582,7 +1728,11 @@ var CfgAccountsProfile = class {
|
|
|
1582
1728
|
*/
|
|
1583
1729
|
static cfgAccountsProfileDeleteCreate(options) {
|
|
1584
1730
|
return (options?.client ?? client).post({
|
|
1585
|
-
security: [{
|
|
1731
|
+
security: [{
|
|
1732
|
+
key: "jwtAuth",
|
|
1733
|
+
scheme: "bearer",
|
|
1734
|
+
type: "http"
|
|
1735
|
+
}, {
|
|
1586
1736
|
in: "cookie",
|
|
1587
1737
|
name: "sessionid",
|
|
1588
1738
|
type: "apiKey"
|
|
@@ -1598,7 +1748,11 @@ var CfgAccountsProfile = class {
|
|
|
1598
1748
|
*/
|
|
1599
1749
|
static cfgAccountsProfilePartialPartialUpdate(options) {
|
|
1600
1750
|
return (options?.client ?? client).patch({
|
|
1601
|
-
security: [{
|
|
1751
|
+
security: [{
|
|
1752
|
+
key: "jwtAuth",
|
|
1753
|
+
scheme: "bearer",
|
|
1754
|
+
type: "http"
|
|
1755
|
+
}, {
|
|
1602
1756
|
in: "cookie",
|
|
1603
1757
|
name: "sessionid",
|
|
1604
1758
|
type: "apiKey"
|
|
@@ -1618,7 +1772,11 @@ var CfgAccountsProfile = class {
|
|
|
1618
1772
|
*/
|
|
1619
1773
|
static cfgAccountsProfilePartialUpdate(options) {
|
|
1620
1774
|
return (options?.client ?? client).put({
|
|
1621
|
-
security: [{
|
|
1775
|
+
security: [{
|
|
1776
|
+
key: "jwtAuth",
|
|
1777
|
+
scheme: "bearer",
|
|
1778
|
+
type: "http"
|
|
1779
|
+
}, {
|
|
1622
1780
|
in: "cookie",
|
|
1623
1781
|
name: "sessionid",
|
|
1624
1782
|
type: "apiKey"
|
|
@@ -1638,7 +1796,11 @@ var CfgAccountsProfile = class {
|
|
|
1638
1796
|
*/
|
|
1639
1797
|
static cfgAccountsProfileUpdatePartialUpdate(options) {
|
|
1640
1798
|
return (options?.client ?? client).patch({
|
|
1641
|
-
security: [{
|
|
1799
|
+
security: [{
|
|
1800
|
+
key: "jwtAuth",
|
|
1801
|
+
scheme: "bearer",
|
|
1802
|
+
type: "http"
|
|
1803
|
+
}, {
|
|
1642
1804
|
in: "cookie",
|
|
1643
1805
|
name: "sessionid",
|
|
1644
1806
|
type: "apiKey"
|
|
@@ -1658,7 +1820,11 @@ var CfgAccountsProfile = class {
|
|
|
1658
1820
|
*/
|
|
1659
1821
|
static cfgAccountsProfileUpdateUpdate(options) {
|
|
1660
1822
|
return (options?.client ?? client).put({
|
|
1661
|
-
security: [{
|
|
1823
|
+
security: [{
|
|
1824
|
+
key: "jwtAuth",
|
|
1825
|
+
scheme: "bearer",
|
|
1826
|
+
type: "http"
|
|
1827
|
+
}, {
|
|
1662
1828
|
in: "cookie",
|
|
1663
1829
|
name: "sessionid",
|
|
1664
1830
|
type: "apiKey"
|
|
@@ -1701,7 +1867,11 @@ var CfgCentrifugo = class {
|
|
|
1701
1867
|
*/
|
|
1702
1868
|
static cfgCentrifugoAuthTokenRetrieve(options) {
|
|
1703
1869
|
return (options?.client ?? client).get({
|
|
1704
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1870
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1871
|
+
key: "jwtAuthWithLastLogin",
|
|
1872
|
+
scheme: "bearer",
|
|
1873
|
+
type: "http"
|
|
1874
|
+
}],
|
|
1705
1875
|
url: "/cfg/centrifugo/auth/token/",
|
|
1706
1876
|
...options
|
|
1707
1877
|
});
|
|
@@ -1716,7 +1886,11 @@ var CfgTotpBackupCodes = class {
|
|
|
1716
1886
|
*/
|
|
1717
1887
|
static cfgTotpBackupCodesRetrieve(options) {
|
|
1718
1888
|
return (options?.client ?? client).get({
|
|
1719
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1889
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1890
|
+
key: "jwtAuthWithLastLogin",
|
|
1891
|
+
scheme: "bearer",
|
|
1892
|
+
type: "http"
|
|
1893
|
+
}],
|
|
1720
1894
|
url: "/cfg/totp/backup-codes/",
|
|
1721
1895
|
...options
|
|
1722
1896
|
});
|
|
@@ -1729,7 +1903,11 @@ var CfgTotpBackupCodes = class {
|
|
|
1729
1903
|
*/
|
|
1730
1904
|
static cfgTotpBackupCodesRegenerateCreate(options) {
|
|
1731
1905
|
return (options.client ?? client).post({
|
|
1732
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1906
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1907
|
+
key: "jwtAuthWithLastLogin",
|
|
1908
|
+
scheme: "bearer",
|
|
1909
|
+
type: "http"
|
|
1910
|
+
}],
|
|
1733
1911
|
url: "/cfg/totp/backup-codes/regenerate/",
|
|
1734
1912
|
...options,
|
|
1735
1913
|
headers: {
|
|
@@ -1748,7 +1926,11 @@ var CfgTotp = class {
|
|
|
1748
1926
|
*/
|
|
1749
1927
|
static cfgTotpDevicesRetrieve(options) {
|
|
1750
1928
|
return (options?.client ?? client).get({
|
|
1751
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1929
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1930
|
+
key: "jwtAuthWithLastLogin",
|
|
1931
|
+
scheme: "bearer",
|
|
1932
|
+
type: "http"
|
|
1933
|
+
}],
|
|
1752
1934
|
url: "/cfg/totp/devices/",
|
|
1753
1935
|
...options
|
|
1754
1936
|
});
|
|
@@ -1760,7 +1942,11 @@ var CfgTotp = class {
|
|
|
1760
1942
|
*/
|
|
1761
1943
|
static cfgTotpDevicesDestroy(options) {
|
|
1762
1944
|
return (options.client ?? client).delete({
|
|
1763
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1945
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1946
|
+
key: "jwtAuthWithLastLogin",
|
|
1947
|
+
scheme: "bearer",
|
|
1948
|
+
type: "http"
|
|
1949
|
+
}],
|
|
1764
1950
|
url: "/cfg/totp/devices/{id}/",
|
|
1765
1951
|
...options
|
|
1766
1952
|
});
|
|
@@ -1772,7 +1958,11 @@ var CfgTotp = class {
|
|
|
1772
1958
|
*/
|
|
1773
1959
|
static cfgTotpDisableCreate(options) {
|
|
1774
1960
|
return (options.client ?? client).post({
|
|
1775
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1961
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1962
|
+
key: "jwtAuthWithLastLogin",
|
|
1963
|
+
scheme: "bearer",
|
|
1964
|
+
type: "http"
|
|
1965
|
+
}],
|
|
1776
1966
|
url: "/cfg/totp/disable/",
|
|
1777
1967
|
...options,
|
|
1778
1968
|
headers: {
|
|
@@ -1793,7 +1983,11 @@ var CfgTotpSetup = class {
|
|
|
1793
1983
|
*/
|
|
1794
1984
|
static cfgTotpSetupCreate(options) {
|
|
1795
1985
|
return (options?.client ?? client).post({
|
|
1796
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1986
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
1987
|
+
key: "jwtAuthWithLastLogin",
|
|
1988
|
+
scheme: "bearer",
|
|
1989
|
+
type: "http"
|
|
1990
|
+
}],
|
|
1797
1991
|
url: "/cfg/totp/setup/",
|
|
1798
1992
|
...options,
|
|
1799
1993
|
headers: {
|
|
@@ -1809,7 +2003,11 @@ var CfgTotpSetup = class {
|
|
|
1809
2003
|
*/
|
|
1810
2004
|
static cfgTotpSetupConfirmCreate(options) {
|
|
1811
2005
|
return (options.client ?? client).post({
|
|
1812
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
2006
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
2007
|
+
key: "jwtAuthWithLastLogin",
|
|
2008
|
+
scheme: "bearer",
|
|
2009
|
+
type: "http"
|
|
2010
|
+
}],
|
|
1813
2011
|
url: "/cfg/totp/setup/confirm/",
|
|
1814
2012
|
...options,
|
|
1815
2013
|
headers: {
|
|
@@ -1830,7 +2028,11 @@ var CfgTotpVerify = class {
|
|
|
1830
2028
|
*/
|
|
1831
2029
|
static cfgTotpVerifyCreate(options) {
|
|
1832
2030
|
return (options.client ?? client).post({
|
|
1833
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
2031
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
2032
|
+
key: "jwtAuthWithLastLogin",
|
|
2033
|
+
scheme: "bearer",
|
|
2034
|
+
type: "http"
|
|
2035
|
+
}],
|
|
1834
2036
|
url: "/cfg/totp/verify/",
|
|
1835
2037
|
...options,
|
|
1836
2038
|
headers: {
|
|
@@ -1846,7 +2048,11 @@ var CfgTotpVerify = class {
|
|
|
1846
2048
|
*/
|
|
1847
2049
|
static cfgTotpVerifyBackupCreate(options) {
|
|
1848
2050
|
return (options.client ?? client).post({
|
|
1849
|
-
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
2051
|
+
security: [{ name: "X-API-Key", type: "apiKey" }, {
|
|
2052
|
+
key: "jwtAuthWithLastLogin",
|
|
2053
|
+
scheme: "bearer",
|
|
2054
|
+
type: "http"
|
|
2055
|
+
}],
|
|
1850
2056
|
url: "/cfg/totp/verify/backup/",
|
|
1851
2057
|
...options,
|
|
1852
2058
|
headers: {
|
|
@@ -2187,4 +2393,49 @@ var API3 = class {
|
|
|
2187
2393
|
var CfgAccountsApi = new API();
|
|
2188
2394
|
var CfgCentrifugoApi = new API2();
|
|
2189
2395
|
var CfgTotpApi = new API3();
|
|
2396
|
+
|
|
2397
|
+
// src/auth/utils/env.ts
|
|
2398
|
+
var isDev = process.env.NODE_ENV === "development";
|
|
2399
|
+
var isProd = !isDev;
|
|
2400
|
+
var isBrowser2 = typeof window !== "undefined";
|
|
2401
|
+
var isStaticBuild = process.env.NEXT_PUBLIC_STATIC_BUILD === "true";
|
|
2402
|
+
var dpopEnabled2 = process.env.NEXT_PUBLIC_DPOP_ENABLED === "true";
|
|
2403
|
+
|
|
2404
|
+
// src/log-control.ts
|
|
2405
|
+
var verboseByDefault = isDev || isStaticBuild;
|
|
2406
|
+
var DEFAULT_LEVEL = verboseByDefault ? 4 : 1;
|
|
2407
|
+
var _level = DEFAULT_LEVEL;
|
|
2408
|
+
var _subscribers = /* @__PURE__ */ new Set();
|
|
2409
|
+
function getLogLevel() {
|
|
2410
|
+
return _level;
|
|
2411
|
+
}
|
|
2412
|
+
__name(getLogLevel, "getLogLevel");
|
|
2413
|
+
function setLogLevel(level) {
|
|
2414
|
+
_level = level;
|
|
2415
|
+
for (const fn of _subscribers) {
|
|
2416
|
+
try {
|
|
2417
|
+
fn(level);
|
|
2418
|
+
} catch {
|
|
2419
|
+
}
|
|
2420
|
+
}
|
|
2421
|
+
}
|
|
2422
|
+
__name(setLogLevel, "setLogLevel");
|
|
2423
|
+
function onLogLevelChange(fn) {
|
|
2424
|
+
_subscribers.add(fn);
|
|
2425
|
+
try {
|
|
2426
|
+
fn(_level);
|
|
2427
|
+
} catch {
|
|
2428
|
+
}
|
|
2429
|
+
return () => _subscribers.delete(fn);
|
|
2430
|
+
}
|
|
2431
|
+
__name(onLogLevelChange, "onLogLevelChange");
|
|
2432
|
+
function applyRoleLogPolicy(opts) {
|
|
2433
|
+
const devMode = opts.isDev ?? verboseByDefault;
|
|
2434
|
+
if (opts.isAdmin || devMode) {
|
|
2435
|
+
setLogLevel(4);
|
|
2436
|
+
} else {
|
|
2437
|
+
setLogLevel(1);
|
|
2438
|
+
}
|
|
2439
|
+
}
|
|
2440
|
+
__name(applyRoleLogPolicy, "applyRoleLogPolicy");
|
|
2190
2441
|
//# sourceMappingURL=index.cjs.map
|