@factiii/auth 0.3.0 → 0.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +5 -1
- package/dist/{chunk-PYVDWODF.mjs → chunk-EHI4P63M.mjs} +0 -21
- package/dist/{hooks-B41uikq7.d.mts → hooks-yHGJ7C6_.d.mts} +3 -57
- package/dist/{hooks-B41uikq7.d.ts → hooks-yHGJ7C6_.d.ts} +3 -57
- package/dist/index.d.mts +39 -55
- package/dist/index.d.ts +39 -55
- package/dist/index.js +97 -193
- package/dist/index.mjs +93 -173
- package/dist/validators.d.mts +1 -1
- package/dist/validators.d.ts +1 -1
- package/dist/validators.js +0 -26
- package/dist/validators.mjs +1 -11
- package/package.json +1 -1
- package/prisma/schema.prisma +17 -19
package/README.md
CHANGED
|
@@ -69,13 +69,17 @@ createAuthRouter({
|
|
|
69
69
|
// ... 15+ lifecycle hooks
|
|
70
70
|
},
|
|
71
71
|
tokenSettings: {
|
|
72
|
-
|
|
72
|
+
jwtExpiry: 2592000, // JWT expiry in seconds (default: 30 days)
|
|
73
73
|
passwordResetExpiryMs: 3600000, // Reset token expiry (default: 1 hour)
|
|
74
74
|
otpValidityMs: 900000, // OTP validity window (default: 15 minutes)
|
|
75
75
|
},
|
|
76
76
|
});
|
|
77
77
|
```
|
|
78
78
|
|
|
79
|
+
## Auth Approach
|
|
80
|
+
|
|
81
|
+
Rolling-window JWT. A single token is stored in an HTTP cookie. Calling `refresh` re-issues it with a fresh expiry (default: 30 days), sliding the session forward for active users.
|
|
82
|
+
|
|
79
83
|
## Procedures
|
|
80
84
|
|
|
81
85
|
Auth procedures: `register`, `login`, `logout`, `refresh`, `changePassword`, `resetPassword`, `oAuthLogin`, `enableTwofa`, `disableTwofa`, `sendVerificationEmail`, `verifyEmail`, and more.
|
|
@@ -41,9 +41,6 @@ var twoFaVerifySchema = z.object({
|
|
|
41
41
|
code: z.string().min(6, { message: "Verification code is required" }),
|
|
42
42
|
sessionId: z.number().optional()
|
|
43
43
|
});
|
|
44
|
-
var twoFaSetupSchema = z.object({
|
|
45
|
-
code: z.string().min(6, { message: "Verification code is required" })
|
|
46
|
-
});
|
|
47
44
|
var twoFaResetSchema = z.object({
|
|
48
45
|
username: z.string().min(1),
|
|
49
46
|
password: z.string().min(1)
|
|
@@ -55,9 +52,6 @@ var twoFaResetVerifySchema = z.object({
|
|
|
55
52
|
var verifyEmailSchema = z.object({
|
|
56
53
|
code: z.string().min(1, { message: "Verification code is required" })
|
|
57
54
|
});
|
|
58
|
-
var resendVerificationSchema = z.object({
|
|
59
|
-
email: z.string().email().optional()
|
|
60
|
-
});
|
|
61
55
|
var biometricVerifySchema = z.object({});
|
|
62
56
|
var registerPushTokenSchema = z.object({
|
|
63
57
|
pushToken: z.string().min(1, { message: "Push token is required" })
|
|
@@ -71,19 +65,9 @@ var getTwofaSecretSchema = z.object({
|
|
|
71
65
|
var disableTwofaSchema = z.object({
|
|
72
66
|
password: z.string().min(1, { message: "Password is required" })
|
|
73
67
|
});
|
|
74
|
-
var logoutSchema = z.object({
|
|
75
|
-
allDevices: z.boolean().optional().default(false)
|
|
76
|
-
});
|
|
77
68
|
var endAllSessionsSchema = z.object({
|
|
78
69
|
skipCurrentSession: z.boolean().optional().default(true)
|
|
79
70
|
});
|
|
80
|
-
var otpLoginRequestSchema = z.object({
|
|
81
|
-
email: z.string().email({ message: "Invalid email address" })
|
|
82
|
-
});
|
|
83
|
-
var otpLoginVerifySchema = z.object({
|
|
84
|
-
email: z.string().email(),
|
|
85
|
-
code: z.number().min(1e5).max(999999)
|
|
86
|
-
});
|
|
87
71
|
function createSchemas(extensions) {
|
|
88
72
|
return {
|
|
89
73
|
signup: extensions?.signup ? signupSchema.merge(extensions.signup) : signupSchema,
|
|
@@ -101,19 +85,14 @@ export {
|
|
|
101
85
|
checkPasswordResetSchema,
|
|
102
86
|
changePasswordSchema,
|
|
103
87
|
twoFaVerifySchema,
|
|
104
|
-
twoFaSetupSchema,
|
|
105
88
|
twoFaResetSchema,
|
|
106
89
|
twoFaResetVerifySchema,
|
|
107
90
|
verifyEmailSchema,
|
|
108
|
-
resendVerificationSchema,
|
|
109
91
|
biometricVerifySchema,
|
|
110
92
|
registerPushTokenSchema,
|
|
111
93
|
deregisterPushTokenSchema,
|
|
112
94
|
getTwofaSecretSchema,
|
|
113
95
|
disableTwofaSchema,
|
|
114
|
-
logoutSchema,
|
|
115
96
|
endAllSessionsSchema,
|
|
116
|
-
otpLoginRequestSchema,
|
|
117
|
-
otpLoginVerifySchema,
|
|
118
97
|
createSchemas
|
|
119
98
|
};
|
|
@@ -8,12 +8,12 @@ declare const signupSchema: z.ZodObject<{
|
|
|
8
8
|
email: z.ZodString;
|
|
9
9
|
password: z.ZodEffects<z.ZodString, string, string>;
|
|
10
10
|
}, "strip", z.ZodTypeAny, {
|
|
11
|
-
email: string;
|
|
12
11
|
username: string;
|
|
12
|
+
email: string;
|
|
13
13
|
password: string;
|
|
14
14
|
}, {
|
|
15
|
-
email: string;
|
|
16
15
|
username: string;
|
|
16
|
+
email: string;
|
|
17
17
|
password: string;
|
|
18
18
|
}>;
|
|
19
19
|
/**
|
|
@@ -117,16 +117,6 @@ declare const twoFaVerifySchema: z.ZodObject<{
|
|
|
117
117
|
code: string;
|
|
118
118
|
sessionId?: number | undefined;
|
|
119
119
|
}>;
|
|
120
|
-
/**
|
|
121
|
-
* Schema for 2FA setup
|
|
122
|
-
*/
|
|
123
|
-
declare const twoFaSetupSchema: z.ZodObject<{
|
|
124
|
-
code: z.ZodString;
|
|
125
|
-
}, "strip", z.ZodTypeAny, {
|
|
126
|
-
code: string;
|
|
127
|
-
}, {
|
|
128
|
-
code: string;
|
|
129
|
-
}>;
|
|
130
120
|
/**
|
|
131
121
|
* Schema for 2FA reset request
|
|
132
122
|
*/
|
|
@@ -163,16 +153,6 @@ declare const verifyEmailSchema: z.ZodObject<{
|
|
|
163
153
|
}, {
|
|
164
154
|
code: string;
|
|
165
155
|
}>;
|
|
166
|
-
/**
|
|
167
|
-
* Schema for resending verification email
|
|
168
|
-
*/
|
|
169
|
-
declare const resendVerificationSchema: z.ZodObject<{
|
|
170
|
-
email: z.ZodOptional<z.ZodString>;
|
|
171
|
-
}, "strip", z.ZodTypeAny, {
|
|
172
|
-
email?: string | undefined;
|
|
173
|
-
}, {
|
|
174
|
-
email?: string | undefined;
|
|
175
|
-
}>;
|
|
176
156
|
/**
|
|
177
157
|
* Schema for biometric verification
|
|
178
158
|
*/
|
|
@@ -217,16 +197,6 @@ declare const disableTwofaSchema: z.ZodObject<{
|
|
|
217
197
|
}, {
|
|
218
198
|
password: string;
|
|
219
199
|
}>;
|
|
220
|
-
/**
|
|
221
|
-
* Schema for logout
|
|
222
|
-
*/
|
|
223
|
-
declare const logoutSchema: z.ZodObject<{
|
|
224
|
-
allDevices: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
|
|
225
|
-
}, "strip", z.ZodTypeAny, {
|
|
226
|
-
allDevices: boolean;
|
|
227
|
-
}, {
|
|
228
|
-
allDevices?: boolean | undefined;
|
|
229
|
-
}>;
|
|
230
200
|
/**
|
|
231
201
|
* Schema for ending all sessions
|
|
232
202
|
*/
|
|
@@ -237,29 +207,6 @@ declare const endAllSessionsSchema: z.ZodObject<{
|
|
|
237
207
|
}, {
|
|
238
208
|
skipCurrentSession?: boolean | undefined;
|
|
239
209
|
}>;
|
|
240
|
-
/**
|
|
241
|
-
* Schema for OTP-based login request
|
|
242
|
-
*/
|
|
243
|
-
declare const otpLoginRequestSchema: z.ZodObject<{
|
|
244
|
-
email: z.ZodString;
|
|
245
|
-
}, "strip", z.ZodTypeAny, {
|
|
246
|
-
email: string;
|
|
247
|
-
}, {
|
|
248
|
-
email: string;
|
|
249
|
-
}>;
|
|
250
|
-
/**
|
|
251
|
-
* Schema for OTP-based login verification
|
|
252
|
-
*/
|
|
253
|
-
declare const otpLoginVerifySchema: z.ZodObject<{
|
|
254
|
-
email: z.ZodString;
|
|
255
|
-
code: z.ZodNumber;
|
|
256
|
-
}, "strip", z.ZodTypeAny, {
|
|
257
|
-
email: string;
|
|
258
|
-
code: number;
|
|
259
|
-
}, {
|
|
260
|
-
email: string;
|
|
261
|
-
code: number;
|
|
262
|
-
}>;
|
|
263
210
|
type SignupInput = z.infer<typeof signupSchema>;
|
|
264
211
|
type LoginInput = z.infer<typeof loginSchema>;
|
|
265
212
|
type OAuthLoginInput = z.infer<typeof oAuthLoginSchema>;
|
|
@@ -267,7 +214,6 @@ type ResetPasswordInput = z.infer<typeof resetPasswordSchema>;
|
|
|
267
214
|
type ChangePasswordInput = z.infer<typeof changePasswordSchema>;
|
|
268
215
|
type TwoFaVerifyInput = z.infer<typeof twoFaVerifySchema>;
|
|
269
216
|
type VerifyEmailInput = z.infer<typeof verifyEmailSchema>;
|
|
270
|
-
type LogoutInput = z.infer<typeof logoutSchema>;
|
|
271
217
|
/** Schemas used by auth procedures */
|
|
272
218
|
interface AuthSchemas {
|
|
273
219
|
signup: AnyZodObject;
|
|
@@ -397,4 +343,4 @@ interface AuthHooks<TExtensions extends SchemaExtensions = {}> {
|
|
|
397
343
|
} | null>;
|
|
398
344
|
}
|
|
399
345
|
|
|
400
|
-
export { type AuthHooks as A,
|
|
346
|
+
export { type AuthHooks as A, type ChangePasswordInput as C, type LoginInput as L, type OAuthLoginInput as O, type ResetPasswordInput as R, type SchemaExtensions as S, type TwoFaVerifyInput as T, type VerifyEmailInput as V, type SignupInput as a, biometricVerifySchema as b, changePasswordSchema as c, resetPasswordSchema as d, endAllSessionsSchema as e, twoFaVerifySchema as f, type AuthSchemas as g, type CreatedSchemas as h, type LoginSchemaInput as i, type OAuthSchemaInput as j, type SignupSchemaInput as k, loginSchema as l, checkPasswordResetSchema as m, createSchemas as n, oAuthLoginSchema as o, deregisterPushTokenSchema as p, disableTwofaSchema as q, requestPasswordResetSchema as r, signupSchema as s, twoFaResetSchema as t, getTwofaSecretSchema as u, verifyEmailSchema as v, registerPushTokenSchema as w, twoFaResetVerifySchema as x };
|
|
@@ -8,12 +8,12 @@ declare const signupSchema: z.ZodObject<{
|
|
|
8
8
|
email: z.ZodString;
|
|
9
9
|
password: z.ZodEffects<z.ZodString, string, string>;
|
|
10
10
|
}, "strip", z.ZodTypeAny, {
|
|
11
|
-
email: string;
|
|
12
11
|
username: string;
|
|
12
|
+
email: string;
|
|
13
13
|
password: string;
|
|
14
14
|
}, {
|
|
15
|
-
email: string;
|
|
16
15
|
username: string;
|
|
16
|
+
email: string;
|
|
17
17
|
password: string;
|
|
18
18
|
}>;
|
|
19
19
|
/**
|
|
@@ -117,16 +117,6 @@ declare const twoFaVerifySchema: z.ZodObject<{
|
|
|
117
117
|
code: string;
|
|
118
118
|
sessionId?: number | undefined;
|
|
119
119
|
}>;
|
|
120
|
-
/**
|
|
121
|
-
* Schema for 2FA setup
|
|
122
|
-
*/
|
|
123
|
-
declare const twoFaSetupSchema: z.ZodObject<{
|
|
124
|
-
code: z.ZodString;
|
|
125
|
-
}, "strip", z.ZodTypeAny, {
|
|
126
|
-
code: string;
|
|
127
|
-
}, {
|
|
128
|
-
code: string;
|
|
129
|
-
}>;
|
|
130
120
|
/**
|
|
131
121
|
* Schema for 2FA reset request
|
|
132
122
|
*/
|
|
@@ -163,16 +153,6 @@ declare const verifyEmailSchema: z.ZodObject<{
|
|
|
163
153
|
}, {
|
|
164
154
|
code: string;
|
|
165
155
|
}>;
|
|
166
|
-
/**
|
|
167
|
-
* Schema for resending verification email
|
|
168
|
-
*/
|
|
169
|
-
declare const resendVerificationSchema: z.ZodObject<{
|
|
170
|
-
email: z.ZodOptional<z.ZodString>;
|
|
171
|
-
}, "strip", z.ZodTypeAny, {
|
|
172
|
-
email?: string | undefined;
|
|
173
|
-
}, {
|
|
174
|
-
email?: string | undefined;
|
|
175
|
-
}>;
|
|
176
156
|
/**
|
|
177
157
|
* Schema for biometric verification
|
|
178
158
|
*/
|
|
@@ -217,16 +197,6 @@ declare const disableTwofaSchema: z.ZodObject<{
|
|
|
217
197
|
}, {
|
|
218
198
|
password: string;
|
|
219
199
|
}>;
|
|
220
|
-
/**
|
|
221
|
-
* Schema for logout
|
|
222
|
-
*/
|
|
223
|
-
declare const logoutSchema: z.ZodObject<{
|
|
224
|
-
allDevices: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
|
|
225
|
-
}, "strip", z.ZodTypeAny, {
|
|
226
|
-
allDevices: boolean;
|
|
227
|
-
}, {
|
|
228
|
-
allDevices?: boolean | undefined;
|
|
229
|
-
}>;
|
|
230
200
|
/**
|
|
231
201
|
* Schema for ending all sessions
|
|
232
202
|
*/
|
|
@@ -237,29 +207,6 @@ declare const endAllSessionsSchema: z.ZodObject<{
|
|
|
237
207
|
}, {
|
|
238
208
|
skipCurrentSession?: boolean | undefined;
|
|
239
209
|
}>;
|
|
240
|
-
/**
|
|
241
|
-
* Schema for OTP-based login request
|
|
242
|
-
*/
|
|
243
|
-
declare const otpLoginRequestSchema: z.ZodObject<{
|
|
244
|
-
email: z.ZodString;
|
|
245
|
-
}, "strip", z.ZodTypeAny, {
|
|
246
|
-
email: string;
|
|
247
|
-
}, {
|
|
248
|
-
email: string;
|
|
249
|
-
}>;
|
|
250
|
-
/**
|
|
251
|
-
* Schema for OTP-based login verification
|
|
252
|
-
*/
|
|
253
|
-
declare const otpLoginVerifySchema: z.ZodObject<{
|
|
254
|
-
email: z.ZodString;
|
|
255
|
-
code: z.ZodNumber;
|
|
256
|
-
}, "strip", z.ZodTypeAny, {
|
|
257
|
-
email: string;
|
|
258
|
-
code: number;
|
|
259
|
-
}, {
|
|
260
|
-
email: string;
|
|
261
|
-
code: number;
|
|
262
|
-
}>;
|
|
263
210
|
type SignupInput = z.infer<typeof signupSchema>;
|
|
264
211
|
type LoginInput = z.infer<typeof loginSchema>;
|
|
265
212
|
type OAuthLoginInput = z.infer<typeof oAuthLoginSchema>;
|
|
@@ -267,7 +214,6 @@ type ResetPasswordInput = z.infer<typeof resetPasswordSchema>;
|
|
|
267
214
|
type ChangePasswordInput = z.infer<typeof changePasswordSchema>;
|
|
268
215
|
type TwoFaVerifyInput = z.infer<typeof twoFaVerifySchema>;
|
|
269
216
|
type VerifyEmailInput = z.infer<typeof verifyEmailSchema>;
|
|
270
|
-
type LogoutInput = z.infer<typeof logoutSchema>;
|
|
271
217
|
/** Schemas used by auth procedures */
|
|
272
218
|
interface AuthSchemas {
|
|
273
219
|
signup: AnyZodObject;
|
|
@@ -397,4 +343,4 @@ interface AuthHooks<TExtensions extends SchemaExtensions = {}> {
|
|
|
397
343
|
} | null>;
|
|
398
344
|
}
|
|
399
345
|
|
|
400
|
-
export { type AuthHooks as A,
|
|
346
|
+
export { type AuthHooks as A, type ChangePasswordInput as C, type LoginInput as L, type OAuthLoginInput as O, type ResetPasswordInput as R, type SchemaExtensions as S, type TwoFaVerifyInput as T, type VerifyEmailInput as V, type SignupInput as a, biometricVerifySchema as b, changePasswordSchema as c, resetPasswordSchema as d, endAllSessionsSchema as e, twoFaVerifySchema as f, type AuthSchemas as g, type CreatedSchemas as h, type LoginSchemaInput as i, type OAuthSchemaInput as j, type SignupSchemaInput as k, loginSchema as l, checkPasswordResetSchema as m, createSchemas as n, oAuthLoginSchema as o, deregisterPushTokenSchema as p, disableTwofaSchema as q, requestPasswordResetSchema as r, signupSchema as s, twoFaResetSchema as t, getTwofaSecretSchema as u, verifyEmailSchema as v, registerPushTokenSchema as w, twoFaResetVerifySchema as x };
|
package/dist/index.d.mts
CHANGED
|
@@ -6,9 +6,8 @@ import { PrismaClient } from '@prisma/client';
|
|
|
6
6
|
import * as _trpc_server from '@trpc/server';
|
|
7
7
|
import * as zod from 'zod';
|
|
8
8
|
import { CreateHTTPContextOptions } from '@trpc/server/adapters/standalone';
|
|
9
|
-
import { S as SchemaExtensions, A as AuthHooks } from './hooks-
|
|
10
|
-
export { C as ChangePasswordInput, L as LoginInput,
|
|
11
|
-
import { SignOptions } from 'jsonwebtoken';
|
|
9
|
+
import { S as SchemaExtensions, A as AuthHooks } from './hooks-yHGJ7C6_.mjs';
|
|
10
|
+
export { C as ChangePasswordInput, L as LoginInput, O as OAuthLoginInput, R as ResetPasswordInput, a as SignupInput, T as TwoFaVerifyInput, V as VerifyEmailInput, b as biometricVerifySchema, c as changePasswordSchema, e as endAllSessionsSchema, l as loginSchema, o as oAuthLoginSchema, r as requestPasswordResetSchema, d as resetPasswordSchema, s as signupSchema, t as twoFaResetSchema, f as twoFaVerifySchema, v as verifyEmailSchema } from './hooks-yHGJ7C6_.mjs';
|
|
12
11
|
|
|
13
12
|
//# sourceMappingURL=TRPCError.d.ts.map
|
|
14
13
|
//#endregion
|
|
@@ -160,13 +159,6 @@ interface JwtPayload {
|
|
|
160
159
|
exp?: number;
|
|
161
160
|
iat?: number;
|
|
162
161
|
}
|
|
163
|
-
/**
|
|
164
|
-
* Credentials returned after successful authentication
|
|
165
|
-
*/
|
|
166
|
-
interface AuthCredentials {
|
|
167
|
-
accessToken: string;
|
|
168
|
-
refreshToken: string;
|
|
169
|
-
}
|
|
170
162
|
/**
|
|
171
163
|
* Cookie settings for auth tokens
|
|
172
164
|
*/
|
|
@@ -175,8 +167,7 @@ interface CookieSettings {
|
|
|
175
167
|
sameSite: 'Strict' | 'Lax' | 'None';
|
|
176
168
|
domain?: string;
|
|
177
169
|
httpOnly: boolean;
|
|
178
|
-
|
|
179
|
-
refreshTokenPath: string;
|
|
170
|
+
path: string;
|
|
180
171
|
maxAge: number;
|
|
181
172
|
}
|
|
182
173
|
|
|
@@ -219,8 +210,8 @@ declare function createOAuthVerifier(keys: OAuthKeys): (provider: OAuthProvider,
|
|
|
219
210
|
* Token and OTP expiry settings
|
|
220
211
|
*/
|
|
221
212
|
interface TokenSettings {
|
|
222
|
-
/**
|
|
223
|
-
|
|
213
|
+
/** JWT expiry in seconds (default: 30 days) */
|
|
214
|
+
jwtExpiry: number;
|
|
224
215
|
/** Password reset token expiry in ms (default: 1 hour) */
|
|
225
216
|
passwordResetExpiryMs: number;
|
|
226
217
|
/** OTP validity window in ms (default: 15 minutes) */
|
|
@@ -294,8 +285,7 @@ interface AuthConfig<TExtensions extends SchemaExtensions = {}> {
|
|
|
294
285
|
* Cookie storage keys
|
|
295
286
|
*/
|
|
296
287
|
storageKeys?: {
|
|
297
|
-
|
|
298
|
-
refreshToken: string;
|
|
288
|
+
authToken: string;
|
|
299
289
|
};
|
|
300
290
|
/**
|
|
301
291
|
* Schema extensions for adding custom fields to auth inputs
|
|
@@ -309,7 +299,6 @@ declare function createAuthGuard(config: AuthConfig, t: TrpcBuilder): _trpc_serv
|
|
|
309
299
|
userId: number;
|
|
310
300
|
socketId: string | null;
|
|
311
301
|
sessionId: number;
|
|
312
|
-
refreshToken: string | undefined;
|
|
313
302
|
headers: http.IncomingHttpHeaders;
|
|
314
303
|
res: http.ServerResponse<http.IncomingMessage>;
|
|
315
304
|
ip: string | undefined;
|
|
@@ -327,8 +316,7 @@ declare const defaultCookieSettings: CookieSettings;
|
|
|
327
316
|
* Default storage keys
|
|
328
317
|
*/
|
|
329
318
|
declare const defaultStorageKeys: {
|
|
330
|
-
|
|
331
|
-
refreshToken: string;
|
|
319
|
+
authToken: string;
|
|
332
320
|
};
|
|
333
321
|
/**
|
|
334
322
|
* Create a fully resolved auth config with defaults applied
|
|
@@ -343,8 +331,7 @@ declare const defaultAuthConfig: {
|
|
|
343
331
|
tokenSettings: TokenSettings;
|
|
344
332
|
cookieSettings: CookieSettings;
|
|
345
333
|
storageKeys: {
|
|
346
|
-
|
|
347
|
-
refreshToken: string;
|
|
334
|
+
authToken: string;
|
|
348
335
|
};
|
|
349
336
|
};
|
|
350
337
|
|
|
@@ -392,7 +379,6 @@ type Meta = {
|
|
|
392
379
|
interface TrpcContext {
|
|
393
380
|
userId: number | null;
|
|
394
381
|
sessionId: number | null;
|
|
395
|
-
refreshToken: string | null;
|
|
396
382
|
socketId: string | null;
|
|
397
383
|
headers: CreateHTTPContextOptions['req']['headers'];
|
|
398
384
|
res: CreateHTTPContextOptions['res'];
|
|
@@ -673,12 +659,12 @@ declare function createAuthRouter<TExtensions extends SchemaExtensions = {}>(con
|
|
|
673
659
|
email: zod.ZodString;
|
|
674
660
|
password: zod.ZodEffects<zod.ZodString, string, string>;
|
|
675
661
|
}, "strip", zod.ZodTypeAny, {
|
|
676
|
-
email: string;
|
|
677
662
|
username: string;
|
|
663
|
+
email: string;
|
|
678
664
|
password: string;
|
|
679
665
|
}, {
|
|
680
|
-
email: string;
|
|
681
666
|
username: string;
|
|
667
|
+
email: string;
|
|
682
668
|
password: string;
|
|
683
669
|
}>>["in"] extends infer T_7 ? T_7 extends inferParser<[TExtensions["signup"]] extends [zod.AnyZodObject] ? zod.ZodObject<{
|
|
684
670
|
username: zod.ZodString;
|
|
@@ -697,12 +683,12 @@ declare function createAuthRouter<TExtensions extends SchemaExtensions = {}>(con
|
|
|
697
683
|
email: zod.ZodString;
|
|
698
684
|
password: zod.ZodEffects<zod.ZodString, string, string>;
|
|
699
685
|
}, "strip", zod.ZodTypeAny, {
|
|
700
|
-
email: string;
|
|
701
686
|
username: string;
|
|
687
|
+
email: string;
|
|
702
688
|
password: string;
|
|
703
689
|
}, {
|
|
704
|
-
email: string;
|
|
705
690
|
username: string;
|
|
691
|
+
email: string;
|
|
706
692
|
password: string;
|
|
707
693
|
}>>["in"] ? T_7 extends _trpc_server.TRPCUnsetMarker ? void : T_7 : never : never;
|
|
708
694
|
output: {
|
|
@@ -766,12 +752,17 @@ declare function createAuthRouter<TExtensions extends SchemaExtensions = {}>(con
|
|
|
766
752
|
code?: string | undefined;
|
|
767
753
|
}>>["in"] ? T_12 extends _trpc_server.TRPCUnsetMarker ? void : T_12 : never : never;
|
|
768
754
|
output: {
|
|
755
|
+
success: boolean;
|
|
756
|
+
requires2FA: boolean;
|
|
757
|
+
user?: undefined;
|
|
758
|
+
} | {
|
|
769
759
|
success: boolean;
|
|
770
760
|
user: {
|
|
771
761
|
id: number;
|
|
772
762
|
email: string;
|
|
773
763
|
username: string;
|
|
774
764
|
};
|
|
765
|
+
requires2FA?: undefined;
|
|
775
766
|
};
|
|
776
767
|
meta: Meta;
|
|
777
768
|
}>;
|
|
@@ -877,7 +868,6 @@ declare function createAuthRouter<TExtensions extends SchemaExtensions = {}>(con
|
|
|
877
868
|
procedure: _trpc_server.TRPCProcedureBuilder<TrpcContext, Meta, {
|
|
878
869
|
sessionId: number;
|
|
879
870
|
userId: number;
|
|
880
|
-
refreshToken: string | undefined;
|
|
881
871
|
socketId: string | null;
|
|
882
872
|
headers: http.IncomingHttpHeaders;
|
|
883
873
|
res: http.ServerResponse<http.IncomingMessage>;
|
|
@@ -886,7 +876,6 @@ declare function createAuthRouter<TExtensions extends SchemaExtensions = {}>(con
|
|
|
886
876
|
authProcedure: _trpc_server.TRPCProcedureBuilder<TrpcContext, Meta, {
|
|
887
877
|
sessionId: number;
|
|
888
878
|
userId: number;
|
|
889
|
-
refreshToken: string | undefined;
|
|
890
879
|
socketId: string | null;
|
|
891
880
|
headers: http.IncomingHttpHeaders;
|
|
892
881
|
res: http.ServerResponse<http.IncomingMessage>;
|
|
@@ -916,76 +905,71 @@ declare function isMobileDevice(userAgent: string): boolean;
|
|
|
916
905
|
declare function isNativeApp(userAgent: string): boolean;
|
|
917
906
|
|
|
918
907
|
/**
|
|
919
|
-
* Default storage
|
|
908
|
+
* Default storage key for auth cookie
|
|
920
909
|
*/
|
|
921
910
|
declare const DEFAULT_STORAGE_KEYS: {
|
|
922
|
-
|
|
923
|
-
REFRESH_TOKEN: string;
|
|
911
|
+
AUTH_TOKEN: string;
|
|
924
912
|
};
|
|
925
913
|
/**
|
|
926
|
-
* Parse auth
|
|
914
|
+
* Parse auth token from cookie header
|
|
927
915
|
* @param cookieHeader - Raw cookie header string
|
|
928
916
|
* @param storageKeys - Custom storage keys (optional)
|
|
929
|
-
* @returns Parsed
|
|
917
|
+
* @returns Parsed auth token
|
|
930
918
|
*/
|
|
931
|
-
declare function
|
|
932
|
-
|
|
933
|
-
refreshToken: string;
|
|
919
|
+
declare function parseAuthCookie(cookieHeader: string | undefined, storageKeys?: {
|
|
920
|
+
authToken: string;
|
|
934
921
|
}): {
|
|
935
|
-
|
|
936
|
-
refreshToken?: string;
|
|
922
|
+
authToken?: string;
|
|
937
923
|
};
|
|
938
924
|
/**
|
|
939
|
-
* Set auth
|
|
925
|
+
* Set auth cookie on response
|
|
940
926
|
* @param res - HTTP response object
|
|
941
|
-
* @param
|
|
927
|
+
* @param authToken - Auth JWT token
|
|
942
928
|
* @param settings - Cookie settings
|
|
943
929
|
* @param storageKeys - Storage key names
|
|
944
930
|
*/
|
|
945
|
-
declare function
|
|
946
|
-
|
|
947
|
-
refreshToken: string;
|
|
931
|
+
declare function setAuthCookie(res: CreateHTTPContextOptions['res'], authToken: string, settings: Partial<CookieSettings>, storageKeys?: {
|
|
932
|
+
authToken: string;
|
|
948
933
|
}): void;
|
|
949
934
|
/**
|
|
950
|
-
* Clear auth
|
|
935
|
+
* Clear auth cookie (for logout)
|
|
951
936
|
* @param res - HTTP response object
|
|
952
937
|
* @param settings - Cookie settings
|
|
953
938
|
* @param storageKeys - Storage key names
|
|
954
939
|
*/
|
|
955
|
-
declare function
|
|
956
|
-
|
|
957
|
-
refreshToken: string;
|
|
940
|
+
declare function clearAuthCookie(res: CreateHTTPContextOptions['res'], settings: Partial<CookieSettings>, storageKeys?: {
|
|
941
|
+
authToken: string;
|
|
958
942
|
}): void;
|
|
959
943
|
|
|
960
944
|
/**
|
|
961
|
-
* Options for creating
|
|
945
|
+
* Options for creating auth tokens
|
|
962
946
|
*/
|
|
963
947
|
interface CreateTokenOptions {
|
|
964
948
|
secret: string;
|
|
965
|
-
expiresIn:
|
|
949
|
+
expiresIn: number;
|
|
966
950
|
}
|
|
967
951
|
/**
|
|
968
|
-
* Options for verifying
|
|
952
|
+
* Options for verifying auth tokens
|
|
969
953
|
*/
|
|
970
954
|
interface VerifyTokenOptions {
|
|
971
955
|
secret: string;
|
|
972
956
|
ignoreExpiration?: boolean;
|
|
973
957
|
}
|
|
974
958
|
/**
|
|
975
|
-
* Create a JWT
|
|
959
|
+
* Create a JWT auth token
|
|
976
960
|
* @param payload - Token payload containing session and user info
|
|
977
961
|
* @param options - Token creation options
|
|
978
962
|
* @returns Signed JWT token
|
|
979
963
|
*/
|
|
980
|
-
declare function
|
|
964
|
+
declare function createAuthToken(payload: Omit<JwtPayload, 'exp' | 'iat'>, options: CreateTokenOptions): string;
|
|
981
965
|
/**
|
|
982
|
-
* Verify and decode a JWT
|
|
966
|
+
* Verify and decode a JWT auth token
|
|
983
967
|
* @param token - JWT token to verify
|
|
984
968
|
* @param options - Verification options
|
|
985
969
|
* @returns Decoded token payload
|
|
986
970
|
* @throws Error if token is invalid or expired
|
|
987
971
|
*/
|
|
988
|
-
declare function
|
|
972
|
+
declare function verifyAuthToken(token: string, options: VerifyTokenOptions): JwtPayload;
|
|
989
973
|
/**
|
|
990
974
|
* Decode a JWT token without verification
|
|
991
975
|
* @param token - JWT token to decode
|
|
@@ -1060,4 +1044,4 @@ declare function verifyTotp(code: string, secret: string): Promise<boolean>;
|
|
|
1060
1044
|
*/
|
|
1061
1045
|
declare function generateOtp(min?: number, max?: number): number;
|
|
1062
1046
|
|
|
1063
|
-
export { type AuthConfig, type AuthFeatures, AuthHooks, type AuthRouter, DEFAULT_STORAGE_KEYS, type EmailAdapter, type OAuthKeys, type OAuthProvider, type OAuthResult, OAuthVerificationError, SchemaExtensions, type TokenSettings, type TrpcContext, cleanBase32String,
|
|
1047
|
+
export { type AuthConfig, type AuthFeatures, AuthHooks, type AuthRouter, DEFAULT_STORAGE_KEYS, type EmailAdapter, type OAuthKeys, type OAuthProvider, type OAuthResult, OAuthVerificationError, SchemaExtensions, type TokenSettings, type TrpcContext, cleanBase32String, clearAuthCookie, comparePassword, createAuthConfig, createAuthGuard, createAuthRouter, createAuthToken, createConsoleEmailAdapter, createNoopEmailAdapter, createOAuthVerifier, decodeToken, defaultAuthConfig, defaultCookieSettings, defaultStorageKeys, defaultTokenSettings, detectBrowser, generateOtp, generateTotpCode, generateTotpSecret, hashPassword, isMobileDevice, isNativeApp, isTokenExpiredError, isTokenInvalidError, parseAuthCookie, setAuthCookie, validatePasswordStrength, verifyAuthToken, verifyTotp };
|