npm - @eaccess/auth - Versions diffs - 0.1.3 → 0.1.4 - Mend

@eaccess/auth 0.1.3 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.d.cts CHANGED Viewed

@@ -263,7 +263,6 @@ declare global {
     namespace Express {
         interface Request {
             auth: AuthManager$1;
-            authAdmin: AuthAdminManager;
         }
     }
 }
@@ -290,6 +289,55 @@ interface AuthManager$1 {
     verifyPassword(password: string): Promise<boolean>;
     logoutEverywhere(): Promise<void>;
     logoutEverywhereElse(): Promise<void>;
+    createUser(credentials: {
+        email: string;
+        password: string;
+    }, userId?: string | number, callback?: TokenCallback): Promise<AuthAccount>;
+    deleteUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }): Promise<void>;
+    addRoleForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, role: number): Promise<void>;
+    removeRoleForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, role: number): Promise<void>;
+    hasRoleForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, role: number): Promise<boolean>;
+    changePasswordForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, password: string): Promise<void>;
+    setStatusForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, status: number): Promise<void>;
+    initiatePasswordResetForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, expiresAfter?: string | number | null, callback?: TokenCallback): Promise<void>;
+    forceLogoutForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }): Promise<void>;
+    loginAsUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }): Promise<void>;
     providers: {
         github?: OAuthProvider;
         google?: OAuthProvider;
@@ -460,93 +508,150 @@ interface TwoFactorManager$1 {
      */
     getContact(mechanism: TwoFactorMechanism.EMAIL | TwoFactorMechanism.SMS): Promise<string | null>;
 }
-interface AuthAdminManager {
-    createUser(credentials: {
+declare function createAuthMiddleware(config: AuthConfig): (req: Request, res: Response, next: NextFunction) => Promise<void>;
+declare function createAuthTables(config: AuthConfig): Promise<void>;
+declare function dropAuthTables(config: AuthConfig): Promise<void>;
+declare function cleanupExpiredTokens(config: AuthConfig): Promise<void>;
+declare function getAuthTableStats(config: AuthConfig): Promise<{
+    accounts: number;
+    providers: number;
+    confirmations: number;
+    remembers: number;
+    resets: number;
+    twoFactorMethods: number;
+    twoFactorTokens: number;
+    expiredConfirmations: number;
+    expiredRemembers: number;
+    expiredResets: number;
+    expiredTwoFactorTokens: number;
+}>;
+interface AuthContext {
+    createUser: (credentials: {
         email: string;
         password: string;
-    }, userId?: string | number, callback?: TokenCallback): Promise<AuthAccount>;
-    loginAsUserBy(identifier: {
-        accountId?: number;
-        email?: string;
-        userId?: string;
-    }): Promise<void>;
-    deleteUserBy(identifier: {
+    }, userId?: string | number, callback?: TokenCallback) => Promise<AuthAccount>;
+    register: (email: string, password: string, userId?: string | number, callback?: TokenCallback) => Promise<AuthAccount>;
+    deleteUserBy: (identifier: {
         accountId?: number;
         email?: string;
         userId?: string;
-    }): Promise<void>;
-    addRoleForUserBy(identifier: {
+    }) => Promise<void>;
+    addRoleForUserBy: (identifier: {
         accountId?: number;
         email?: string;
         userId?: string;
-    }, role: number): Promise<void>;
-    removeRoleForUserBy(identifier: {
+    }, role: number) => Promise<void>;
+    removeRoleForUserBy: (identifier: {
         accountId?: number;
         email?: string;
         userId?: string;
-    }, role: number): Promise<void>;
-    hasRoleForUserBy(identifier: {
+    }, role: number) => Promise<void>;
+    hasRoleForUserBy: (identifier: {
         accountId?: number;
         email?: string;
         userId?: string;
-    }, role: number): Promise<boolean>;
-    changePasswordForUserBy(identifier: {
+    }, role: number) => Promise<boolean>;
+    changePasswordForUserBy: (identifier: {
         accountId?: number;
         email?: string;
         userId?: string;
-    }, password: string): Promise<void>;
-    setStatusForUserBy(identifier: {
+    }, password: string) => Promise<void>;
+    setStatusForUserBy: (identifier: {
         accountId?: number;
         email?: string;
         userId?: string;
-    }, status: number): Promise<void>;
-    initiatePasswordResetForUserBy(identifier: {
+    }, status: number) => Promise<void>;
+    initiatePasswordResetForUserBy: (identifier: {
         accountId?: number;
         email?: string;
         userId?: string;
-    }, expiresAfter?: string | number | null, callback?: TokenCallback): Promise<void>;
-    forceLogoutForUserBy(identifier: {
+    }, expiresAfter?: string | number | null, callback?: TokenCallback) => Promise<void>;
+    resetPassword: (email: string, expiresAfter?: string | number | null, maxOpenRequests?: number | null, callback?: TokenCallback) => Promise<void>;
+    confirmResetPassword: (token: string, password: string) => Promise<{
+        accountId: number;
+        email: string;
+    }>;
+    forceLogoutForUserBy: (identifier: {
         accountId?: number;
         email?: string;
         userId?: string;
-    }): Promise<void>;
+    }) => Promise<{
+        accountId: number;
+    }>;
 }
+declare function createAuthContext(config: AuthConfig): AuthContext;
-declare function createAuthMiddleware(config: AuthConfig): (req: Request, res: Response, next: NextFunction) => Promise<void>;
-declare function createAuthTables(config: AuthConfig): Promise<void>;
-declare function dropAuthTables(config: AuthConfig): Promise<void>;
-declare function cleanupExpiredTokens(config: AuthConfig): Promise<void>;
-declare function getAuthTableStats(config: AuthConfig): Promise<{
-    accounts: number;
-    providers: number;
-    confirmations: number;
-    remembers: number;
-    resets: number;
-    twoFactorMethods: number;
-    twoFactorTokens: number;
-    expiredConfirmations: number;
-    expiredRemembers: number;
-    expiredResets: number;
-    expiredTwoFactorTokens: number;
-}>;
-/**
- * Create a new user account without requiring Express request/response objects.
- * This function is suitable for use in seeders, CLI tools, and other standalone contexts.
- *
- * @param config - Auth configuration containing database connection and settings
- * @param credentials - Email and password for new account
- * @param userId - Optional user ID to link this auth account to. If not provided, a UUID will be generated automatically.
- * @param callback - If provided, account is created unverified and callback receives confirmation token. Create a URL like /confirm/{token} and call confirmEmail() in that handler. If omitted, account is immediately verified.
- * @returns The created account record
- * @throws {EmailTakenError} Email is already registered
- * @throws {InvalidPasswordError} Password doesn't meet length requirements
- */
 declare function createUser(config: AuthConfig, credentials: {
     email: string;
     password: string;
 }, userId?: string | number, callback?: TokenCallback): Promise<AuthAccount>;
+declare function register(config: AuthConfig, email: string, password: string, userId?: string | number, callback?: TokenCallback): Promise<AuthAccount>;
+declare function deleteUserBy(config: AuthConfig, identifier: {
+    accountId?: number;
+    email?: string;
+    userId?: string;
+}): Promise<void>;
+declare function addRoleForUserBy(config: AuthConfig, identifier: {
+    accountId?: number;
+    email?: string;
+    userId?: string;
+}, role: number): Promise<void>;
+declare function removeRoleForUserBy(config: AuthConfig, identifier: {
+    accountId?: number;
+    email?: string;
+    userId?: string;
+}, role: number): Promise<void>;
+declare function hasRoleForUserBy(config: AuthConfig, identifier: {
+    accountId?: number;
+    email?: string;
+    userId?: string;
+}, role: number): Promise<boolean>;
+declare function changePasswordForUserBy(config: AuthConfig, identifier: {
+    accountId?: number;
+    email?: string;
+    userId?: string;
+}, password: string): Promise<void>;
+declare function setStatusForUserBy(config: AuthConfig, identifier: {
+    accountId?: number;
+    email?: string;
+    userId?: string;
+}, status: number): Promise<void>;
+declare function initiatePasswordResetForUserBy(config: AuthConfig, identifier: {
+    accountId?: number;
+    email?: string;
+    userId?: string;
+}, expiresAfter?: string | number | null, callback?: TokenCallback): Promise<void>;
+declare function resetPassword(config: AuthConfig, email: string, expiresAfter?: string | number | null, maxOpenRequests?: number | null, callback?: TokenCallback): Promise<void>;
+declare function confirmResetPassword(config: AuthConfig, token: string, password: string): Promise<{
+    accountId: number;
+    email: string;
+}>;
+declare function forceLogoutForUserBy(config: AuthConfig, identifier: {
+    accountId?: number;
+    email?: string;
+    userId?: string;
+}): Promise<{
+    accountId: number;
+}>;
+declare const authFunctions_addRoleForUserBy: typeof addRoleForUserBy;
+declare const authFunctions_changePasswordForUserBy: typeof changePasswordForUserBy;
+declare const authFunctions_confirmResetPassword: typeof confirmResetPassword;
+declare const authFunctions_createUser: typeof createUser;
+declare const authFunctions_deleteUserBy: typeof deleteUserBy;
+declare const authFunctions_forceLogoutForUserBy: typeof forceLogoutForUserBy;
+declare const authFunctions_hasRoleForUserBy: typeof hasRoleForUserBy;
+declare const authFunctions_initiatePasswordResetForUserBy: typeof initiatePasswordResetForUserBy;
+declare const authFunctions_register: typeof register;
+declare const authFunctions_removeRoleForUserBy: typeof removeRoleForUserBy;
+declare const authFunctions_resetPassword: typeof resetPassword;
+declare const authFunctions_setStatusForUserBy: typeof setStatusForUserBy;
+declare namespace authFunctions {
+  export { authFunctions_addRoleForUserBy as addRoleForUserBy, authFunctions_changePasswordForUserBy as changePasswordForUserBy, authFunctions_confirmResetPassword as confirmResetPassword, authFunctions_createUser as createUser, authFunctions_deleteUserBy as deleteUserBy, authFunctions_forceLogoutForUserBy as forceLogoutForUserBy, authFunctions_hasRoleForUserBy as hasRoleForUserBy, authFunctions_initiatePasswordResetForUserBy as initiatePasswordResetForUserBy, authFunctions_register as register, authFunctions_removeRoleForUserBy as removeRoleForUserBy, authFunctions_resetPassword as resetPassword, authFunctions_setStatusForUserBy as setStatusForUserBy };
+}
 type UserIdentifier = {
     accountId?: number;
@@ -968,6 +1073,63 @@ declare class AuthManager implements AuthManager$1 {
      * Logs out everywhere else, then logs out current session.
      */
     logoutEverywhere(): Promise<void>;
+    private findAccountByIdentifier;
+    createUser(credentials: {
+        email: string;
+        password: string;
+    }, userId?: string | number, callback?: TokenCallback): Promise<AuthAccount>;
+    deleteUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }): Promise<void>;
+    addRoleForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, role: number): Promise<void>;
+    removeRoleForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, role: number): Promise<void>;
+    hasRoleForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, role: number): Promise<boolean>;
+    changePasswordForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, password: string): Promise<void>;
+    setStatusForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, status: number): Promise<void>;
+    initiatePasswordResetForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, expiresAfter?: string | number | null, callback?: TokenCallback): Promise<void>;
+    forceLogoutForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }): Promise<void>;
+    /**
+     * Log in as another user (admin function).
+     * Creates a new session as the target user without requiring their password.
+     *
+     * @param identifier - Find user by accountId, email, or userId
+     * @throws {UserNotFoundError} No account matches the identifier
+     */
+    loginAsUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }): Promise<void>;
 }
 declare abstract class BaseOAuthProvider implements OAuthProvider {
@@ -1006,4 +1168,4 @@ declare class AzureProvider extends BaseOAuthProvider {
     protected exchangeCodeForToken(code: string, tokenUrl: string): Promise<string>;
 }
-export { ActivityLogger, type AuthAccount, type AuthActivity, AuthActivityAction, type AuthActivityActionType, type AuthAdminManager, type AuthConfig, type AuthConfirmation, AuthError, type AuthManager$1 as AuthManager, type AuthProvider, type AuthRemember, type AuthReset, AuthRole, type AuthSession, AuthStatus, AzureProvider, type AzureProviderConfig, BaseOAuthProvider, ConfirmationExpiredError, ConfirmationNotFoundError, EmailNotVerifiedError, EmailTakenError, GitHubProvider, type GitHubProviderConfig, GoogleProvider, type GoogleProviderConfig, InvalidBackupCodeError, InvalidEmailError, InvalidPasswordError, InvalidTokenError, InvalidTwoFactorCodeError, type OAuthProvider, type OAuthProviderConfig, type OAuthUserData, OtpProvider, ResetDisabledError, ResetExpiredError, ResetNotFoundError, SecondFactorRequiredError, type TokenCallback, TooManyResetsError, TotpProvider, TwoFactorAlreadyEnabledError, type TwoFactorChallenge, TwoFactorExpiredError, TwoFactorManager, TwoFactorMechanism, type TwoFactorMethod, TwoFactorNotSetupError, TwoFactorSetupIncompleteError, type TwoFactorSetupResult, type TwoFactorToken, type UserIdentifier, UserInactiveError, UserNotFoundError, UserNotLoggedInError, addRoleToUser, cleanupExpiredTokens, createAuthMiddleware, createAuthTables, createUser, dropAuthTables, getAuthTableStats, getUserRoles, isValidEmail, removeRoleFromUser, setUserRoles, validateEmail };
+export { ActivityLogger, type AuthAccount, type AuthActivity, AuthActivityAction, type AuthActivityActionType, type AuthConfig, type AuthConfirmation, type AuthContext, AuthError, type AuthManager$1 as AuthManager, type AuthProvider, type AuthRemember, type AuthReset, AuthRole, type AuthSession, AuthStatus, AzureProvider, type AzureProviderConfig, BaseOAuthProvider, ConfirmationExpiredError, ConfirmationNotFoundError, EmailNotVerifiedError, EmailTakenError, GitHubProvider, type GitHubProviderConfig, GoogleProvider, type GoogleProviderConfig, InvalidBackupCodeError, InvalidEmailError, InvalidPasswordError, InvalidTokenError, InvalidTwoFactorCodeError, type OAuthProvider, type OAuthProviderConfig, type OAuthUserData, OtpProvider, ResetDisabledError, ResetExpiredError, ResetNotFoundError, SecondFactorRequiredError, type TokenCallback, TooManyResetsError, TotpProvider, TwoFactorAlreadyEnabledError, type TwoFactorChallenge, TwoFactorExpiredError, TwoFactorManager, TwoFactorMechanism, type TwoFactorMethod, TwoFactorNotSetupError, TwoFactorSetupIncompleteError, type TwoFactorSetupResult, type TwoFactorToken, type UserIdentifier, UserInactiveError, UserNotFoundError, UserNotLoggedInError, addRoleToUser, authFunctions, cleanupExpiredTokens, createAuthContext, createAuthMiddleware, createAuthTables, dropAuthTables, getAuthTableStats, getUserRoles, isValidEmail, removeRoleFromUser, setUserRoles, validateEmail };

package/dist/index.d.ts CHANGED Viewed

@@ -263,7 +263,6 @@ declare global {
     namespace Express {
         interface Request {
             auth: AuthManager$1;
-            authAdmin: AuthAdminManager;
         }
     }
 }
@@ -290,6 +289,55 @@ interface AuthManager$1 {
     verifyPassword(password: string): Promise<boolean>;
     logoutEverywhere(): Promise<void>;
     logoutEverywhereElse(): Promise<void>;
+    createUser(credentials: {
+        email: string;
+        password: string;
+    }, userId?: string | number, callback?: TokenCallback): Promise<AuthAccount>;
+    deleteUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }): Promise<void>;
+    addRoleForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, role: number): Promise<void>;
+    removeRoleForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, role: number): Promise<void>;
+    hasRoleForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, role: number): Promise<boolean>;
+    changePasswordForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, password: string): Promise<void>;
+    setStatusForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, status: number): Promise<void>;
+    initiatePasswordResetForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, expiresAfter?: string | number | null, callback?: TokenCallback): Promise<void>;
+    forceLogoutForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }): Promise<void>;
+    loginAsUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }): Promise<void>;
     providers: {
         github?: OAuthProvider;
         google?: OAuthProvider;
@@ -460,93 +508,150 @@ interface TwoFactorManager$1 {
      */
     getContact(mechanism: TwoFactorMechanism.EMAIL | TwoFactorMechanism.SMS): Promise<string | null>;
 }
-interface AuthAdminManager {
-    createUser(credentials: {
+declare function createAuthMiddleware(config: AuthConfig): (req: Request, res: Response, next: NextFunction) => Promise<void>;
+declare function createAuthTables(config: AuthConfig): Promise<void>;
+declare function dropAuthTables(config: AuthConfig): Promise<void>;
+declare function cleanupExpiredTokens(config: AuthConfig): Promise<void>;
+declare function getAuthTableStats(config: AuthConfig): Promise<{
+    accounts: number;
+    providers: number;
+    confirmations: number;
+    remembers: number;
+    resets: number;
+    twoFactorMethods: number;
+    twoFactorTokens: number;
+    expiredConfirmations: number;
+    expiredRemembers: number;
+    expiredResets: number;
+    expiredTwoFactorTokens: number;
+}>;
+interface AuthContext {
+    createUser: (credentials: {
         email: string;
         password: string;
-    }, userId?: string | number, callback?: TokenCallback): Promise<AuthAccount>;
-    loginAsUserBy(identifier: {
-        accountId?: number;
-        email?: string;
-        userId?: string;
-    }): Promise<void>;
-    deleteUserBy(identifier: {
+    }, userId?: string | number, callback?: TokenCallback) => Promise<AuthAccount>;
+    register: (email: string, password: string, userId?: string | number, callback?: TokenCallback) => Promise<AuthAccount>;
+    deleteUserBy: (identifier: {
         accountId?: number;
         email?: string;
         userId?: string;
-    }): Promise<void>;
-    addRoleForUserBy(identifier: {
+    }) => Promise<void>;
+    addRoleForUserBy: (identifier: {
         accountId?: number;
         email?: string;
         userId?: string;
-    }, role: number): Promise<void>;
-    removeRoleForUserBy(identifier: {
+    }, role: number) => Promise<void>;
+    removeRoleForUserBy: (identifier: {
         accountId?: number;
         email?: string;
         userId?: string;
-    }, role: number): Promise<void>;
-    hasRoleForUserBy(identifier: {
+    }, role: number) => Promise<void>;
+    hasRoleForUserBy: (identifier: {
         accountId?: number;
         email?: string;
         userId?: string;
-    }, role: number): Promise<boolean>;
-    changePasswordForUserBy(identifier: {
+    }, role: number) => Promise<boolean>;
+    changePasswordForUserBy: (identifier: {
         accountId?: number;
         email?: string;
         userId?: string;
-    }, password: string): Promise<void>;
-    setStatusForUserBy(identifier: {
+    }, password: string) => Promise<void>;
+    setStatusForUserBy: (identifier: {
         accountId?: number;
         email?: string;
         userId?: string;
-    }, status: number): Promise<void>;
-    initiatePasswordResetForUserBy(identifier: {
+    }, status: number) => Promise<void>;
+    initiatePasswordResetForUserBy: (identifier: {
         accountId?: number;
         email?: string;
         userId?: string;
-    }, expiresAfter?: string | number | null, callback?: TokenCallback): Promise<void>;
-    forceLogoutForUserBy(identifier: {
+    }, expiresAfter?: string | number | null, callback?: TokenCallback) => Promise<void>;
+    resetPassword: (email: string, expiresAfter?: string | number | null, maxOpenRequests?: number | null, callback?: TokenCallback) => Promise<void>;
+    confirmResetPassword: (token: string, password: string) => Promise<{
+        accountId: number;
+        email: string;
+    }>;
+    forceLogoutForUserBy: (identifier: {
         accountId?: number;
         email?: string;
         userId?: string;
-    }): Promise<void>;
+    }) => Promise<{
+        accountId: number;
+    }>;
 }
+declare function createAuthContext(config: AuthConfig): AuthContext;
-declare function createAuthMiddleware(config: AuthConfig): (req: Request, res: Response, next: NextFunction) => Promise<void>;
-declare function createAuthTables(config: AuthConfig): Promise<void>;
-declare function dropAuthTables(config: AuthConfig): Promise<void>;
-declare function cleanupExpiredTokens(config: AuthConfig): Promise<void>;
-declare function getAuthTableStats(config: AuthConfig): Promise<{
-    accounts: number;
-    providers: number;
-    confirmations: number;
-    remembers: number;
-    resets: number;
-    twoFactorMethods: number;
-    twoFactorTokens: number;
-    expiredConfirmations: number;
-    expiredRemembers: number;
-    expiredResets: number;
-    expiredTwoFactorTokens: number;
-}>;
-/**
- * Create a new user account without requiring Express request/response objects.
- * This function is suitable for use in seeders, CLI tools, and other standalone contexts.
- *
- * @param config - Auth configuration containing database connection and settings
- * @param credentials - Email and password for new account
- * @param userId - Optional user ID to link this auth account to. If not provided, a UUID will be generated automatically.
- * @param callback - If provided, account is created unverified and callback receives confirmation token. Create a URL like /confirm/{token} and call confirmEmail() in that handler. If omitted, account is immediately verified.
- * @returns The created account record
- * @throws {EmailTakenError} Email is already registered
- * @throws {InvalidPasswordError} Password doesn't meet length requirements
- */
 declare function createUser(config: AuthConfig, credentials: {
     email: string;
     password: string;
 }, userId?: string | number, callback?: TokenCallback): Promise<AuthAccount>;
+declare function register(config: AuthConfig, email: string, password: string, userId?: string | number, callback?: TokenCallback): Promise<AuthAccount>;
+declare function deleteUserBy(config: AuthConfig, identifier: {
+    accountId?: number;
+    email?: string;
+    userId?: string;
+}): Promise<void>;
+declare function addRoleForUserBy(config: AuthConfig, identifier: {
+    accountId?: number;
+    email?: string;
+    userId?: string;
+}, role: number): Promise<void>;
+declare function removeRoleForUserBy(config: AuthConfig, identifier: {
+    accountId?: number;
+    email?: string;
+    userId?: string;
+}, role: number): Promise<void>;
+declare function hasRoleForUserBy(config: AuthConfig, identifier: {
+    accountId?: number;
+    email?: string;
+    userId?: string;
+}, role: number): Promise<boolean>;
+declare function changePasswordForUserBy(config: AuthConfig, identifier: {
+    accountId?: number;
+    email?: string;
+    userId?: string;
+}, password: string): Promise<void>;
+declare function setStatusForUserBy(config: AuthConfig, identifier: {
+    accountId?: number;
+    email?: string;
+    userId?: string;
+}, status: number): Promise<void>;
+declare function initiatePasswordResetForUserBy(config: AuthConfig, identifier: {
+    accountId?: number;
+    email?: string;
+    userId?: string;
+}, expiresAfter?: string | number | null, callback?: TokenCallback): Promise<void>;
+declare function resetPassword(config: AuthConfig, email: string, expiresAfter?: string | number | null, maxOpenRequests?: number | null, callback?: TokenCallback): Promise<void>;
+declare function confirmResetPassword(config: AuthConfig, token: string, password: string): Promise<{
+    accountId: number;
+    email: string;
+}>;
+declare function forceLogoutForUserBy(config: AuthConfig, identifier: {
+    accountId?: number;
+    email?: string;
+    userId?: string;
+}): Promise<{
+    accountId: number;
+}>;
+declare const authFunctions_addRoleForUserBy: typeof addRoleForUserBy;
+declare const authFunctions_changePasswordForUserBy: typeof changePasswordForUserBy;
+declare const authFunctions_confirmResetPassword: typeof confirmResetPassword;
+declare const authFunctions_createUser: typeof createUser;
+declare const authFunctions_deleteUserBy: typeof deleteUserBy;
+declare const authFunctions_forceLogoutForUserBy: typeof forceLogoutForUserBy;
+declare const authFunctions_hasRoleForUserBy: typeof hasRoleForUserBy;
+declare const authFunctions_initiatePasswordResetForUserBy: typeof initiatePasswordResetForUserBy;
+declare const authFunctions_register: typeof register;
+declare const authFunctions_removeRoleForUserBy: typeof removeRoleForUserBy;
+declare const authFunctions_resetPassword: typeof resetPassword;
+declare const authFunctions_setStatusForUserBy: typeof setStatusForUserBy;
+declare namespace authFunctions {
+  export { authFunctions_addRoleForUserBy as addRoleForUserBy, authFunctions_changePasswordForUserBy as changePasswordForUserBy, authFunctions_confirmResetPassword as confirmResetPassword, authFunctions_createUser as createUser, authFunctions_deleteUserBy as deleteUserBy, authFunctions_forceLogoutForUserBy as forceLogoutForUserBy, authFunctions_hasRoleForUserBy as hasRoleForUserBy, authFunctions_initiatePasswordResetForUserBy as initiatePasswordResetForUserBy, authFunctions_register as register, authFunctions_removeRoleForUserBy as removeRoleForUserBy, authFunctions_resetPassword as resetPassword, authFunctions_setStatusForUserBy as setStatusForUserBy };
+}
 type UserIdentifier = {
     accountId?: number;
@@ -968,6 +1073,63 @@ declare class AuthManager implements AuthManager$1 {
      * Logs out everywhere else, then logs out current session.
      */
     logoutEverywhere(): Promise<void>;
+    private findAccountByIdentifier;
+    createUser(credentials: {
+        email: string;
+        password: string;
+    }, userId?: string | number, callback?: TokenCallback): Promise<AuthAccount>;
+    deleteUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }): Promise<void>;
+    addRoleForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, role: number): Promise<void>;
+    removeRoleForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, role: number): Promise<void>;
+    hasRoleForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, role: number): Promise<boolean>;
+    changePasswordForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, password: string): Promise<void>;
+    setStatusForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, status: number): Promise<void>;
+    initiatePasswordResetForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }, expiresAfter?: string | number | null, callback?: TokenCallback): Promise<void>;
+    forceLogoutForUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }): Promise<void>;
+    /**
+     * Log in as another user (admin function).
+     * Creates a new session as the target user without requiring their password.
+     *
+     * @param identifier - Find user by accountId, email, or userId
+     * @throws {UserNotFoundError} No account matches the identifier
+     */
+    loginAsUserBy(identifier: {
+        accountId?: number;
+        email?: string;
+        userId?: string;
+    }): Promise<void>;
 }
 declare abstract class BaseOAuthProvider implements OAuthProvider {
@@ -1006,4 +1168,4 @@ declare class AzureProvider extends BaseOAuthProvider {
     protected exchangeCodeForToken(code: string, tokenUrl: string): Promise<string>;
 }
-export { ActivityLogger, type AuthAccount, type AuthActivity, AuthActivityAction, type AuthActivityActionType, type AuthAdminManager, type AuthConfig, type AuthConfirmation, AuthError, type AuthManager$1 as AuthManager, type AuthProvider, type AuthRemember, type AuthReset, AuthRole, type AuthSession, AuthStatus, AzureProvider, type AzureProviderConfig, BaseOAuthProvider, ConfirmationExpiredError, ConfirmationNotFoundError, EmailNotVerifiedError, EmailTakenError, GitHubProvider, type GitHubProviderConfig, GoogleProvider, type GoogleProviderConfig, InvalidBackupCodeError, InvalidEmailError, InvalidPasswordError, InvalidTokenError, InvalidTwoFactorCodeError, type OAuthProvider, type OAuthProviderConfig, type OAuthUserData, OtpProvider, ResetDisabledError, ResetExpiredError, ResetNotFoundError, SecondFactorRequiredError, type TokenCallback, TooManyResetsError, TotpProvider, TwoFactorAlreadyEnabledError, type TwoFactorChallenge, TwoFactorExpiredError, TwoFactorManager, TwoFactorMechanism, type TwoFactorMethod, TwoFactorNotSetupError, TwoFactorSetupIncompleteError, type TwoFactorSetupResult, type TwoFactorToken, type UserIdentifier, UserInactiveError, UserNotFoundError, UserNotLoggedInError, addRoleToUser, cleanupExpiredTokens, createAuthMiddleware, createAuthTables, createUser, dropAuthTables, getAuthTableStats, getUserRoles, isValidEmail, removeRoleFromUser, setUserRoles, validateEmail };
+export { ActivityLogger, type AuthAccount, type AuthActivity, AuthActivityAction, type AuthActivityActionType, type AuthConfig, type AuthConfirmation, type AuthContext, AuthError, type AuthManager$1 as AuthManager, type AuthProvider, type AuthRemember, type AuthReset, AuthRole, type AuthSession, AuthStatus, AzureProvider, type AzureProviderConfig, BaseOAuthProvider, ConfirmationExpiredError, ConfirmationNotFoundError, EmailNotVerifiedError, EmailTakenError, GitHubProvider, type GitHubProviderConfig, GoogleProvider, type GoogleProviderConfig, InvalidBackupCodeError, InvalidEmailError, InvalidPasswordError, InvalidTokenError, InvalidTwoFactorCodeError, type OAuthProvider, type OAuthProviderConfig, type OAuthUserData, OtpProvider, ResetDisabledError, ResetExpiredError, ResetNotFoundError, SecondFactorRequiredError, type TokenCallback, TooManyResetsError, TotpProvider, TwoFactorAlreadyEnabledError, type TwoFactorChallenge, TwoFactorExpiredError, TwoFactorManager, TwoFactorMechanism, type TwoFactorMethod, TwoFactorNotSetupError, TwoFactorSetupIncompleteError, type TwoFactorSetupResult, type TwoFactorToken, type UserIdentifier, UserInactiveError, UserNotFoundError, UserNotLoggedInError, addRoleToUser, authFunctions, cleanupExpiredTokens, createAuthContext, createAuthMiddleware, createAuthTables, dropAuthTables, getAuthTableStats, getUserRoles, isValidEmail, removeRoleFromUser, setUserRoles, validateEmail };