@factiii/auth 0.1.0

package/dist/hooks-B4Kl294A.d.mts

@@ -0,0 +1,400 @@
+import { z, AnyZodObject } from 'zod';
+
+/**
+ * Schema for user registration
+ */
+declare const signupSchema: z.ZodObject<{
+    username: z.ZodString;
+    email: z.ZodString;
+    password: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    username: string;
+    email: string;
+    password: string;
+}, {
+    username: string;
+    email: string;
+    password: string;
+}>;
+/**
+ * Schema for user login
+ */
+declare const loginSchema: z.ZodObject<{
+    username: z.ZodString;
+    password: z.ZodString;
+    code: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    username: string;
+    password: string;
+    code?: string | undefined;
+}, {
+    username: string;
+    password: string;
+    code?: string | undefined;
+}>;
+/**
+ * Schema for OAuth login
+ */
+declare const oAuthLoginSchema: z.ZodObject<{
+    idToken: z.ZodString;
+    user: z.ZodOptional<z.ZodObject<{
+        email: z.ZodOptional<z.ZodString>;
+    }, "strip", z.ZodTypeAny, {
+        email?: string | undefined;
+    }, {
+        email?: string | undefined;
+    }>>;
+    provider: z.ZodEnum<["GOOGLE", "APPLE"]>;
+}, "strip", z.ZodTypeAny, {
+    idToken: string;
+    provider: "GOOGLE" | "APPLE";
+    user?: {
+        email?: string | undefined;
+    } | undefined;
+}, {
+    idToken: string;
+    provider: "GOOGLE" | "APPLE";
+    user?: {
+        email?: string | undefined;
+    } | undefined;
+}>;
+/**
+ * Schema for password reset request
+ */
+declare const requestPasswordResetSchema: z.ZodObject<{
+    email: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    email: string;
+}, {
+    email: string;
+}>;
+/**
+ * Schema for password reset confirmation
+ */
+declare const resetPasswordSchema: z.ZodObject<{
+    token: z.ZodString;
+    password: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    password: string;
+    token: string;
+}, {
+    password: string;
+    token: string;
+}>;
+/**
+ * Schema for checking password reset token
+ */
+declare const checkPasswordResetSchema: z.ZodObject<{
+    token: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    token: string;
+}, {
+    token: string;
+}>;
+/**
+ * Schema for changing password (authenticated)
+ */
+declare const changePasswordSchema: z.ZodObject<{
+    currentPassword: z.ZodString;
+    newPassword: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    currentPassword: string;
+    newPassword: string;
+}, {
+    currentPassword: string;
+    newPassword: string;
+}>;
+/**
+ * Schema for 2FA verification
+ */
+declare const twoFaVerifySchema: z.ZodObject<{
+    code: z.ZodString;
+    sessionId: z.ZodOptional<z.ZodNumber>;
+}, "strip", z.ZodTypeAny, {
+    code: string;
+    sessionId?: number | undefined;
+}, {
+    code: string;
+    sessionId?: number | undefined;
+}>;
+/**
+ * Schema for 2FA setup
+ */
+declare const twoFaSetupSchema: z.ZodObject<{
+    code: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    code: string;
+}, {
+    code: string;
+}>;
+/**
+ * Schema for 2FA reset request
+ */
+declare const twoFaResetSchema: z.ZodObject<{
+    username: z.ZodString;
+    password: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    username: string;
+    password: string;
+}, {
+    username: string;
+    password: string;
+}>;
+/**
+ * Schema for 2FA reset verification
+ */
+declare const twoFaResetVerifySchema: z.ZodObject<{
+    code: z.ZodNumber;
+    username: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    username: string;
+    code: number;
+}, {
+    username: string;
+    code: number;
+}>;
+/**
+ * Schema for email verification
+ */
+declare const verifyEmailSchema: z.ZodObject<{
+    code: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    code: string;
+}, {
+    code: string;
+}>;
+/**
+ * Schema for resending verification email
+ */
+declare const resendVerificationSchema: z.ZodObject<{
+    email: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    email?: string | undefined;
+}, {
+    email?: string | undefined;
+}>;
+/**
+ * Schema for biometric verification
+ */
+declare const biometricVerifySchema: z.ZodObject<{}, "strip", z.ZodTypeAny, {}, {}>;
+/**
+ * Schema for push token registration
+ */
+declare const registerPushTokenSchema: z.ZodObject<{
+    pushToken: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    pushToken: string;
+}, {
+    pushToken: string;
+}>;
+/**
+ * Schema for push token deregistration
+ */
+declare const deregisterPushTokenSchema: z.ZodObject<{
+    pushToken: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    pushToken: string;
+}, {
+    pushToken: string;
+}>;
+/**
+ * Schema for getting 2FA secret
+ */
+declare const getTwofaSecretSchema: z.ZodObject<{
+    pushCode: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    pushCode: string;
+}, {
+    pushCode: string;
+}>;
+/**
+ * Schema for disabling 2FA
+ */
+declare const disableTwofaSchema: z.ZodObject<{
+    password: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    password: string;
+}, {
+    password: string;
+}>;
+/**
+ * Schema for logout
+ */
+declare const logoutSchema: z.ZodObject<{
+    allDevices: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+}, "strip", z.ZodTypeAny, {
+    allDevices: boolean;
+}, {
+    allDevices?: boolean | undefined;
+}>;
+/**
+ * Schema for ending all sessions
+ */
+declare const endAllSessionsSchema: z.ZodObject<{
+    skipCurrentSession: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+}, "strip", z.ZodTypeAny, {
+    skipCurrentSession: boolean;
+}, {
+    skipCurrentSession?: boolean | undefined;
+}>;
+/**
+ * Schema for OTP-based login request
+ */
+declare const otpLoginRequestSchema: z.ZodObject<{
+    email: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    email: string;
+}, {
+    email: string;
+}>;
+/**
+ * Schema for OTP-based login verification
+ */
+declare const otpLoginVerifySchema: z.ZodObject<{
+    email: z.ZodString;
+    code: z.ZodNumber;
+}, "strip", z.ZodTypeAny, {
+    email: string;
+    code: number;
+}, {
+    email: string;
+    code: number;
+}>;
+type SignupInput = z.infer<typeof signupSchema>;
+type LoginInput = z.infer<typeof loginSchema>;
+type OAuthLoginInput = z.infer<typeof oAuthLoginSchema>;
+type ResetPasswordInput = z.infer<typeof resetPasswordSchema>;
+type ChangePasswordInput = z.infer<typeof changePasswordSchema>;
+type TwoFaVerifyInput = z.infer<typeof twoFaVerifySchema>;
+type VerifyEmailInput = z.infer<typeof verifyEmailSchema>;
+type LogoutInput = z.infer<typeof logoutSchema>;
+/** Schemas used by auth procedures */
+interface AuthSchemas {
+    signup: AnyZodObject;
+    login: AnyZodObject;
+    oauth: AnyZodObject;
+}
+/**
+ * Compute merged ZodObject type.
+ * When TExt is defined, produces a schema with both base and extension shapes.
+ * When TExt is undefined, produces the base schema.
+ */
+type MergedSchema<TBase extends AnyZodObject, TExt extends AnyZodObject | undefined> = [
+    TExt
+] extends [AnyZodObject] ? z.ZodObject<TBase['shape'] & TExt['shape'], 'strip', z.ZodTypeAny> : TBase;
+/** Result type from createSchemas - preserves concrete schema types */
+type CreatedSchemas<TExtensions extends SchemaExtensions = {}> = {
+    signup: MergedSchema<typeof signupSchema, TExtensions['signup']>;
+    login: MergedSchema<typeof loginSchema, TExtensions['login']>;
+    oauth: MergedSchema<typeof oAuthLoginSchema, TExtensions['oauth']>;
+};
+type SignupSchemaInput<TExtensions extends SchemaExtensions = {}> = SignupInput & (TExtensions['signup'] extends AnyZodObject ? z.infer<TExtensions['signup']> : {});
+type LoginSchemaInput<TExtensions extends SchemaExtensions = {}> = LoginInput & (TExtensions['login'] extends AnyZodObject ? z.infer<TExtensions['login']> : {});
+type OAuthSchemaInput<TExtensions extends SchemaExtensions = {}> = OAuthLoginInput & (TExtensions['oauth'] extends AnyZodObject ? z.infer<TExtensions['oauth']> : {});
+/** Create schemas with optional extensions merged in */
+declare function createSchemas<TExtensions extends SchemaExtensions = {}>(extensions?: TExtensions): CreatedSchemas<TExtensions>;
+
+/**
+ * Schema extensions for adding custom fields to auth inputs
+ */
+interface SchemaExtensions {
+    signup?: AnyZodObject;
+    login?: AnyZodObject;
+    oauth?: AnyZodObject;
+}
+type BaseSignupInput = z.infer<typeof signupSchema>;
+type BaseLoginInput = z.infer<typeof loginSchema>;
+type BaseOAuthInput = z.infer<typeof oAuthLoginSchema>;
+/** Input types that include base fields plus any extension fields */
+type ExtendedSignupInput<TExtensions extends SchemaExtensions> = BaseSignupInput & (TExtensions['signup'] extends AnyZodObject ? z.infer<TExtensions['signup']> : Record<string, unknown>);
+type ExtendedLoginInput<TExtensions extends SchemaExtensions> = BaseLoginInput & (TExtensions['login'] extends AnyZodObject ? z.infer<TExtensions['login']> : Record<string, unknown>);
+type ExtendedOAuthInput<TExtensions extends SchemaExtensions> = BaseOAuthInput & (TExtensions['oauth'] extends AnyZodObject ? z.infer<TExtensions['oauth']> : Record<string, unknown>);
+/**
+ * Lifecycle hooks for extending auth behavior with business logic
+ * @template TExtensions - Schema extensions to merge with base input types
+ */
+interface AuthHooks<TExtensions extends SchemaExtensions = {}> {
+    /**
+     * Called before user registration validation
+     * Use this to add custom validation or check business rules
+     */
+    beforeRegister?: (input: ExtendedSignupInput<TExtensions>) => Promise<void>;
+    /**
+     * Called before user login validation
+     * Use this to add custom validation or check business rules
+     */
+    beforeLogin?: (input: ExtendedLoginInput<TExtensions>) => Promise<void>;
+    /**
+     * Called after a new user is created
+     * Use this to set up user preferences, default data, etc.
+     */
+    onUserCreated?: (userId: number, input: ExtendedSignupInput<TExtensions> | ExtendedOAuthInput<TExtensions>) => Promise<void>;
+    /**
+     * Called after successful login
+     * Use this to update activity status, send notifications, etc.
+     */
+    onUserLogin?: (userId: number, sessionId: number) => Promise<void>;
+    /**
+     * Called to get additional data for session creation
+     * Return an object with extra fields to include in session.create
+     */
+    getSessionData?: (input: ExtendedSignupInput<TExtensions> | ExtendedLoginInput<TExtensions> | ExtendedOAuthInput<TExtensions>) => Promise<Record<string, unknown>>;
+    /**
+     * Called after a new session is created
+     */
+    onSessionCreated?: (sessionId: number, input: ExtendedSignupInput<TExtensions> | ExtendedLoginInput<TExtensions> | ExtendedOAuthInput<TExtensions>) => Promise<void>;
+    /**
+     * Called when a session is revoked
+     */
+    onSessionRevoked?: (sessionId: number, socketId: string | null, reason: string) => Promise<void>;
+    /**
+     * Called after user logs out
+     */
+    afterLogout?: (userId: number, sessionId: number, socketId: string | null) => Promise<void>;
+    /**
+     * Called on token refresh
+     */
+    onRefresh?: (userId: number) => Promise<void>;
+    /**
+     * Called after password is changed
+     */
+    onPasswordChanged?: (userId: number) => Promise<void>;
+    /**
+     * Called after email is verified
+     */
+    onEmailVerified?: (userId: number) => Promise<void>;
+    /**
+     * Called after 2FA is enabled/disabled
+     */
+    onTwoFaStatusChanged?: (userId: number, enabled: boolean) => Promise<void>;
+    /**
+     * Called after OAuth account is linked
+     */
+    onOAuthLinked?: (userId: number, provider: 'GOOGLE' | 'APPLE') => Promise<void>;
+    /**
+     * Custom validation for biometric verification
+     * Return timeout in ms, or null to skip timeout enforcement
+     */
+    getBiometricTimeout?: () => Promise<number | null>;
+    /**
+     * Called after biometric verification
+     */
+    onBiometricVerified?: (userId: number) => Promise<void>;
+    /**
+     * Called to log errors (e.g., server errors, auth errors)
+     * Provides a hook for centralized error logging
+     * Returns error ID for linking purposes
+     */
+    logError?: (params: {
+        type: 'SERVER_ERROR' | 'DATABASE_ERROR' | 'SECURITY' | 'OTHER';
+        description: string;
+        stack: string;
+        ip?: string;
+        userId?: number | null;
+    }) => Promise<{
+        errorId: number;
+        stackId: number;
+    } | null>;
+}
+
+export { type AuthHooks as A, getTwofaSecretSchema as B, type ChangePasswordInput as C, registerPushTokenSchema as D, resendVerificationSchema as E, twoFaResetVerifySchema as F, type LoginInput as L, type OAuthLoginInput as O, type ResetPasswordInput as R, type SchemaExtensions as S, type TwoFaVerifyInput as T, type VerifyEmailInput as V, type LogoutInput as a, type SignupInput as b, biometricVerifySchema as c, changePasswordSchema as d, endAllSessionsSchema as e, logoutSchema as f, otpLoginRequestSchema as g, otpLoginVerifySchema as h, resetPasswordSchema as i, twoFaSetupSchema as j, twoFaVerifySchema as k, loginSchema as l, type AuthSchemas as m, type CreatedSchemas as n, oAuthLoginSchema as o, type LoginSchemaInput as p, type OAuthSchemaInput as q, requestPasswordResetSchema as r, signupSchema as s, twoFaResetSchema as t, type SignupSchemaInput as u, verifyEmailSchema as v, checkPasswordResetSchema as w, createSchemas as x, deregisterPushTokenSchema as y, disableTwofaSchema as z };