@factiii/auth 0.3.0 → 0.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +5 -1
- package/dist/{chunk-PYVDWODF.mjs → chunk-EHI4P63M.mjs} +0 -21
- package/dist/{hooks-B41uikq7.d.mts → hooks-yHGJ7C6_.d.mts} +3 -57
- package/dist/{hooks-B41uikq7.d.ts → hooks-yHGJ7C6_.d.ts} +3 -57
- package/dist/index.d.mts +39 -55
- package/dist/index.d.ts +39 -55
- package/dist/index.js +97 -193
- package/dist/index.mjs +93 -173
- package/dist/validators.d.mts +1 -1
- package/dist/validators.d.ts +1 -1
- package/dist/validators.js +0 -26
- package/dist/validators.mjs +1 -11
- package/package.json +1 -1
- package/prisma/schema.prisma +17 -19
package/dist/index.d.ts
CHANGED
|
@@ -6,9 +6,8 @@ import { PrismaClient } from '@prisma/client';
|
|
|
6
6
|
import * as _trpc_server from '@trpc/server';
|
|
7
7
|
import * as zod from 'zod';
|
|
8
8
|
import { CreateHTTPContextOptions } from '@trpc/server/adapters/standalone';
|
|
9
|
-
import { S as SchemaExtensions, A as AuthHooks } from './hooks-
|
|
10
|
-
export { C as ChangePasswordInput, L as LoginInput,
|
|
11
|
-
import { SignOptions } from 'jsonwebtoken';
|
|
9
|
+
import { S as SchemaExtensions, A as AuthHooks } from './hooks-yHGJ7C6_.js';
|
|
10
|
+
export { C as ChangePasswordInput, L as LoginInput, O as OAuthLoginInput, R as ResetPasswordInput, a as SignupInput, T as TwoFaVerifyInput, V as VerifyEmailInput, b as biometricVerifySchema, c as changePasswordSchema, e as endAllSessionsSchema, l as loginSchema, o as oAuthLoginSchema, r as requestPasswordResetSchema, d as resetPasswordSchema, s as signupSchema, t as twoFaResetSchema, f as twoFaVerifySchema, v as verifyEmailSchema } from './hooks-yHGJ7C6_.js';
|
|
12
11
|
|
|
13
12
|
//# sourceMappingURL=TRPCError.d.ts.map
|
|
14
13
|
//#endregion
|
|
@@ -160,13 +159,6 @@ interface JwtPayload {
|
|
|
160
159
|
exp?: number;
|
|
161
160
|
iat?: number;
|
|
162
161
|
}
|
|
163
|
-
/**
|
|
164
|
-
* Credentials returned after successful authentication
|
|
165
|
-
*/
|
|
166
|
-
interface AuthCredentials {
|
|
167
|
-
accessToken: string;
|
|
168
|
-
refreshToken: string;
|
|
169
|
-
}
|
|
170
162
|
/**
|
|
171
163
|
* Cookie settings for auth tokens
|
|
172
164
|
*/
|
|
@@ -175,8 +167,7 @@ interface CookieSettings {
|
|
|
175
167
|
sameSite: 'Strict' | 'Lax' | 'None';
|
|
176
168
|
domain?: string;
|
|
177
169
|
httpOnly: boolean;
|
|
178
|
-
|
|
179
|
-
refreshTokenPath: string;
|
|
170
|
+
path: string;
|
|
180
171
|
maxAge: number;
|
|
181
172
|
}
|
|
182
173
|
|
|
@@ -219,8 +210,8 @@ declare function createOAuthVerifier(keys: OAuthKeys): (provider: OAuthProvider,
|
|
|
219
210
|
* Token and OTP expiry settings
|
|
220
211
|
*/
|
|
221
212
|
interface TokenSettings {
|
|
222
|
-
/**
|
|
223
|
-
|
|
213
|
+
/** JWT expiry in seconds (default: 30 days) */
|
|
214
|
+
jwtExpiry: number;
|
|
224
215
|
/** Password reset token expiry in ms (default: 1 hour) */
|
|
225
216
|
passwordResetExpiryMs: number;
|
|
226
217
|
/** OTP validity window in ms (default: 15 minutes) */
|
|
@@ -294,8 +285,7 @@ interface AuthConfig<TExtensions extends SchemaExtensions = {}> {
|
|
|
294
285
|
* Cookie storage keys
|
|
295
286
|
*/
|
|
296
287
|
storageKeys?: {
|
|
297
|
-
|
|
298
|
-
refreshToken: string;
|
|
288
|
+
authToken: string;
|
|
299
289
|
};
|
|
300
290
|
/**
|
|
301
291
|
* Schema extensions for adding custom fields to auth inputs
|
|
@@ -309,7 +299,6 @@ declare function createAuthGuard(config: AuthConfig, t: TrpcBuilder): _trpc_serv
|
|
|
309
299
|
userId: number;
|
|
310
300
|
socketId: string | null;
|
|
311
301
|
sessionId: number;
|
|
312
|
-
refreshToken: string | undefined;
|
|
313
302
|
headers: http.IncomingHttpHeaders;
|
|
314
303
|
res: http.ServerResponse<http.IncomingMessage>;
|
|
315
304
|
ip: string | undefined;
|
|
@@ -327,8 +316,7 @@ declare const defaultCookieSettings: CookieSettings;
|
|
|
327
316
|
* Default storage keys
|
|
328
317
|
*/
|
|
329
318
|
declare const defaultStorageKeys: {
|
|
330
|
-
|
|
331
|
-
refreshToken: string;
|
|
319
|
+
authToken: string;
|
|
332
320
|
};
|
|
333
321
|
/**
|
|
334
322
|
* Create a fully resolved auth config with defaults applied
|
|
@@ -343,8 +331,7 @@ declare const defaultAuthConfig: {
|
|
|
343
331
|
tokenSettings: TokenSettings;
|
|
344
332
|
cookieSettings: CookieSettings;
|
|
345
333
|
storageKeys: {
|
|
346
|
-
|
|
347
|
-
refreshToken: string;
|
|
334
|
+
authToken: string;
|
|
348
335
|
};
|
|
349
336
|
};
|
|
350
337
|
|
|
@@ -392,7 +379,6 @@ type Meta = {
|
|
|
392
379
|
interface TrpcContext {
|
|
393
380
|
userId: number | null;
|
|
394
381
|
sessionId: number | null;
|
|
395
|
-
refreshToken: string | null;
|
|
396
382
|
socketId: string | null;
|
|
397
383
|
headers: CreateHTTPContextOptions['req']['headers'];
|
|
398
384
|
res: CreateHTTPContextOptions['res'];
|
|
@@ -673,12 +659,12 @@ declare function createAuthRouter<TExtensions extends SchemaExtensions = {}>(con
|
|
|
673
659
|
email: zod.ZodString;
|
|
674
660
|
password: zod.ZodEffects<zod.ZodString, string, string>;
|
|
675
661
|
}, "strip", zod.ZodTypeAny, {
|
|
676
|
-
email: string;
|
|
677
662
|
username: string;
|
|
663
|
+
email: string;
|
|
678
664
|
password: string;
|
|
679
665
|
}, {
|
|
680
|
-
email: string;
|
|
681
666
|
username: string;
|
|
667
|
+
email: string;
|
|
682
668
|
password: string;
|
|
683
669
|
}>>["in"] extends infer T_7 ? T_7 extends inferParser<[TExtensions["signup"]] extends [zod.AnyZodObject] ? zod.ZodObject<{
|
|
684
670
|
username: zod.ZodString;
|
|
@@ -697,12 +683,12 @@ declare function createAuthRouter<TExtensions extends SchemaExtensions = {}>(con
|
|
|
697
683
|
email: zod.ZodString;
|
|
698
684
|
password: zod.ZodEffects<zod.ZodString, string, string>;
|
|
699
685
|
}, "strip", zod.ZodTypeAny, {
|
|
700
|
-
email: string;
|
|
701
686
|
username: string;
|
|
687
|
+
email: string;
|
|
702
688
|
password: string;
|
|
703
689
|
}, {
|
|
704
|
-
email: string;
|
|
705
690
|
username: string;
|
|
691
|
+
email: string;
|
|
706
692
|
password: string;
|
|
707
693
|
}>>["in"] ? T_7 extends _trpc_server.TRPCUnsetMarker ? void : T_7 : never : never;
|
|
708
694
|
output: {
|
|
@@ -766,12 +752,17 @@ declare function createAuthRouter<TExtensions extends SchemaExtensions = {}>(con
|
|
|
766
752
|
code?: string | undefined;
|
|
767
753
|
}>>["in"] ? T_12 extends _trpc_server.TRPCUnsetMarker ? void : T_12 : never : never;
|
|
768
754
|
output: {
|
|
755
|
+
success: boolean;
|
|
756
|
+
requires2FA: boolean;
|
|
757
|
+
user?: undefined;
|
|
758
|
+
} | {
|
|
769
759
|
success: boolean;
|
|
770
760
|
user: {
|
|
771
761
|
id: number;
|
|
772
762
|
email: string;
|
|
773
763
|
username: string;
|
|
774
764
|
};
|
|
765
|
+
requires2FA?: undefined;
|
|
775
766
|
};
|
|
776
767
|
meta: Meta;
|
|
777
768
|
}>;
|
|
@@ -877,7 +868,6 @@ declare function createAuthRouter<TExtensions extends SchemaExtensions = {}>(con
|
|
|
877
868
|
procedure: _trpc_server.TRPCProcedureBuilder<TrpcContext, Meta, {
|
|
878
869
|
sessionId: number;
|
|
879
870
|
userId: number;
|
|
880
|
-
refreshToken: string | undefined;
|
|
881
871
|
socketId: string | null;
|
|
882
872
|
headers: http.IncomingHttpHeaders;
|
|
883
873
|
res: http.ServerResponse<http.IncomingMessage>;
|
|
@@ -886,7 +876,6 @@ declare function createAuthRouter<TExtensions extends SchemaExtensions = {}>(con
|
|
|
886
876
|
authProcedure: _trpc_server.TRPCProcedureBuilder<TrpcContext, Meta, {
|
|
887
877
|
sessionId: number;
|
|
888
878
|
userId: number;
|
|
889
|
-
refreshToken: string | undefined;
|
|
890
879
|
socketId: string | null;
|
|
891
880
|
headers: http.IncomingHttpHeaders;
|
|
892
881
|
res: http.ServerResponse<http.IncomingMessage>;
|
|
@@ -916,76 +905,71 @@ declare function isMobileDevice(userAgent: string): boolean;
|
|
|
916
905
|
declare function isNativeApp(userAgent: string): boolean;
|
|
917
906
|
|
|
918
907
|
/**
|
|
919
|
-
* Default storage
|
|
908
|
+
* Default storage key for auth cookie
|
|
920
909
|
*/
|
|
921
910
|
declare const DEFAULT_STORAGE_KEYS: {
|
|
922
|
-
|
|
923
|
-
REFRESH_TOKEN: string;
|
|
911
|
+
AUTH_TOKEN: string;
|
|
924
912
|
};
|
|
925
913
|
/**
|
|
926
|
-
* Parse auth
|
|
914
|
+
* Parse auth token from cookie header
|
|
927
915
|
* @param cookieHeader - Raw cookie header string
|
|
928
916
|
* @param storageKeys - Custom storage keys (optional)
|
|
929
|
-
* @returns Parsed
|
|
917
|
+
* @returns Parsed auth token
|
|
930
918
|
*/
|
|
931
|
-
declare function
|
|
932
|
-
|
|
933
|
-
refreshToken: string;
|
|
919
|
+
declare function parseAuthCookie(cookieHeader: string | undefined, storageKeys?: {
|
|
920
|
+
authToken: string;
|
|
934
921
|
}): {
|
|
935
|
-
|
|
936
|
-
refreshToken?: string;
|
|
922
|
+
authToken?: string;
|
|
937
923
|
};
|
|
938
924
|
/**
|
|
939
|
-
* Set auth
|
|
925
|
+
* Set auth cookie on response
|
|
940
926
|
* @param res - HTTP response object
|
|
941
|
-
* @param
|
|
927
|
+
* @param authToken - Auth JWT token
|
|
942
928
|
* @param settings - Cookie settings
|
|
943
929
|
* @param storageKeys - Storage key names
|
|
944
930
|
*/
|
|
945
|
-
declare function
|
|
946
|
-
|
|
947
|
-
refreshToken: string;
|
|
931
|
+
declare function setAuthCookie(res: CreateHTTPContextOptions['res'], authToken: string, settings: Partial<CookieSettings>, storageKeys?: {
|
|
932
|
+
authToken: string;
|
|
948
933
|
}): void;
|
|
949
934
|
/**
|
|
950
|
-
* Clear auth
|
|
935
|
+
* Clear auth cookie (for logout)
|
|
951
936
|
* @param res - HTTP response object
|
|
952
937
|
* @param settings - Cookie settings
|
|
953
938
|
* @param storageKeys - Storage key names
|
|
954
939
|
*/
|
|
955
|
-
declare function
|
|
956
|
-
|
|
957
|
-
refreshToken: string;
|
|
940
|
+
declare function clearAuthCookie(res: CreateHTTPContextOptions['res'], settings: Partial<CookieSettings>, storageKeys?: {
|
|
941
|
+
authToken: string;
|
|
958
942
|
}): void;
|
|
959
943
|
|
|
960
944
|
/**
|
|
961
|
-
* Options for creating
|
|
945
|
+
* Options for creating auth tokens
|
|
962
946
|
*/
|
|
963
947
|
interface CreateTokenOptions {
|
|
964
948
|
secret: string;
|
|
965
|
-
expiresIn:
|
|
949
|
+
expiresIn: number;
|
|
966
950
|
}
|
|
967
951
|
/**
|
|
968
|
-
* Options for verifying
|
|
952
|
+
* Options for verifying auth tokens
|
|
969
953
|
*/
|
|
970
954
|
interface VerifyTokenOptions {
|
|
971
955
|
secret: string;
|
|
972
956
|
ignoreExpiration?: boolean;
|
|
973
957
|
}
|
|
974
958
|
/**
|
|
975
|
-
* Create a JWT
|
|
959
|
+
* Create a JWT auth token
|
|
976
960
|
* @param payload - Token payload containing session and user info
|
|
977
961
|
* @param options - Token creation options
|
|
978
962
|
* @returns Signed JWT token
|
|
979
963
|
*/
|
|
980
|
-
declare function
|
|
964
|
+
declare function createAuthToken(payload: Omit<JwtPayload, 'exp' | 'iat'>, options: CreateTokenOptions): string;
|
|
981
965
|
/**
|
|
982
|
-
* Verify and decode a JWT
|
|
966
|
+
* Verify and decode a JWT auth token
|
|
983
967
|
* @param token - JWT token to verify
|
|
984
968
|
* @param options - Verification options
|
|
985
969
|
* @returns Decoded token payload
|
|
986
970
|
* @throws Error if token is invalid or expired
|
|
987
971
|
*/
|
|
988
|
-
declare function
|
|
972
|
+
declare function verifyAuthToken(token: string, options: VerifyTokenOptions): JwtPayload;
|
|
989
973
|
/**
|
|
990
974
|
* Decode a JWT token without verification
|
|
991
975
|
* @param token - JWT token to decode
|
|
@@ -1060,4 +1044,4 @@ declare function verifyTotp(code: string, secret: string): Promise<boolean>;
|
|
|
1060
1044
|
*/
|
|
1061
1045
|
declare function generateOtp(min?: number, max?: number): number;
|
|
1062
1046
|
|
|
1063
|
-
export { type AuthConfig, type AuthFeatures, AuthHooks, type AuthRouter, DEFAULT_STORAGE_KEYS, type EmailAdapter, type OAuthKeys, type OAuthProvider, type OAuthResult, OAuthVerificationError, SchemaExtensions, type TokenSettings, type TrpcContext, cleanBase32String,
|
|
1047
|
+
export { type AuthConfig, type AuthFeatures, AuthHooks, type AuthRouter, DEFAULT_STORAGE_KEYS, type EmailAdapter, type OAuthKeys, type OAuthProvider, type OAuthResult, OAuthVerificationError, SchemaExtensions, type TokenSettings, type TrpcContext, cleanBase32String, clearAuthCookie, comparePassword, createAuthConfig, createAuthGuard, createAuthRouter, createAuthToken, createConsoleEmailAdapter, createNoopEmailAdapter, createOAuthVerifier, decodeToken, defaultAuthConfig, defaultCookieSettings, defaultStorageKeys, defaultTokenSettings, detectBrowser, generateOtp, generateTotpCode, generateTotpSecret, hashPassword, isMobileDevice, isNativeApp, isTokenExpiredError, isTokenInvalidError, parseAuthCookie, setAuthCookie, validatePasswordStrength, verifyAuthToken, verifyTotp };
|