@furystack/rest-service 12.0.0 → 12.1.1

package/CHANGELOG.md

@@ -1,5 +1,63 @@
 # Changelog
 
+## [12.1.1] - 2026-02-27
+
+### 🐛 Bug Fixes
+
+- Fixed `HttpAuthenticationSettings` not respecting its `TUser` and `TSession` generic type parameters when resolving data sets. `getUserDataSet` now uses the configurable `model` property instead of the hardcoded `User` class, and `getSessionDataSet` now uses the new `sessionModel` property instead of the hardcoded `DefaultSession` class. This allows custom user and session types to work correctly with `useHttpAuthentication`.
+
+## [12.1.0] - 2026-02-26
+
+### 🔧 Chores
+
+- Normalized line endings in `http-user-context.ts`, `http-authentication-settings.ts`, and related spec files
+
+### ✨ Features
+
+### `LoginResponseStrategy<TResult>` type
+
+New pluggable type that decouples login actions from session/token creation. A strategy turns an authenticated `User` into an `ActionResult<TResult>` — the generic parameter flows through to the action's return type for full type inference.
+
+```typescript
+import type { LoginResponseStrategy } from '@furystack/rest-service'
+
+type LoginResponseStrategy<TResult> = {
+  createLoginResponse: (user: User, injector: Injector) => Promise<ActionResult<TResult>>
+}
+```
+
+### `createCookieLoginStrategy(injector)`
+
+Factory that creates a cookie-based `LoginResponseStrategy<User>`. On login it generates a random session ID, persists it in the session DataSet, and returns the user with a `Set-Cookie` header.
+
+```typescript
+import { createCookieLoginStrategy } from '@furystack/rest-service'
+
+const cookieStrategy = createCookieLoginStrategy(injector)
+// cookieStrategy.createLoginResponse(user, injector) → ActionResult<User> with Set-Cookie header
+```
+
+### `createPasswordLoginAction(strategy)`
+
+Factory that creates a password-based login `RequestAction`. Authenticates via `HttpUserContext.authenticateUser()` then delegates session/token creation to the provided strategy. Includes timing-attack mitigation on failure.
+
+```typescript
+import { createPasswordLoginAction, createCookieLoginStrategy } from '@furystack/rest-service'
+
+const cookieStrategy = createCookieLoginStrategy(injector)
+const loginAction = createPasswordLoginAction(cookieStrategy)
+// loginAction: RequestAction<{ result: User; body: { username: string; password: string } }>
+```
+
+### 🧪 Tests
+
+- Added `login-response-strategy.spec.ts` — tests cookie strategy session creation, Set-Cookie headers, session persistence, and session ID uniqueness
+- Added `password-login-action.spec.ts` — tests strategy delegation, user forwarding, auth failure handling, and custom strategy result types
+
+### ⬆️ Dependencies
+
+- Bumped `@types/node` from ^25.3.0 to ^25.3.1
+
 ## [12.0.0] - 2026-02-26
 
 ### ✨ Features

package/esm/actions/index.d.ts

@@ -4,4 +4,5 @@ export * from './is-authenticated.js';
 export * from './login.js';
 export * from './logout.js';
 export * from './not-found-action.js';
+export * from './password-login-action.js';
 //# sourceMappingURL=index.d.ts.map

package/esm/actions/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/actions/index.ts"],"names":[],"mappings":"AAAA,cAAc,mBAAmB,CAAA;AACjC,cAAc,uBAAuB,CAAA;AACrC,cAAc,uBAAuB,CAAA;AACrC,cAAc,YAAY,CAAA;AAC1B,cAAc,aAAa,CAAA;AAC3B,cAAc,uBAAuB,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/actions/index.ts"],"names":[],"mappings":"AAAA,cAAc,mBAAmB,CAAA;AACjC,cAAc,uBAAuB,CAAA;AACrC,cAAc,uBAAuB,CAAA;AACrC,cAAc,YAAY,CAAA;AAC1B,cAAc,aAAa,CAAA;AAC3B,cAAc,uBAAuB,CAAA;AACrC,cAAc,4BAA4B,CAAA"}

package/esm/actions/index.js

@@ -4,4 +4,5 @@ export * from './is-authenticated.js';
 export * from './login.js';
 export * from './logout.js';
 export * from './not-found-action.js';
+export * from './password-login-action.js';
 //# sourceMappingURL=index.js.map

package/esm/actions/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/actions/index.ts"],"names":[],"mappings":"AAAA,cAAc,mBAAmB,CAAA;AACjC,cAAc,uBAAuB,CAAA;AACrC,cAAc,uBAAuB,CAAA;AACrC,cAAc,YAAY,CAAA;AAC1B,cAAc,aAAa,CAAA;AAC3B,cAAc,uBAAuB,CAAA"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/actions/index.ts"],"names":[],"mappings":"AAAA,cAAc,mBAAmB,CAAA;AACjC,cAAc,uBAAuB,CAAA;AACrC,cAAc,uBAAuB,CAAA;AACrC,cAAc,YAAY,CAAA;AAC1B,cAAc,aAAa,CAAA;AAC3B,cAAc,uBAAuB,CAAA;AACrC,cAAc,4BAA4B,CAAA"}

package/esm/actions/login.d.ts

@@ -1,9 +1,13 @@
 import type { User } from '@furystack/core';
 import type { RequestAction } from '../request-action-implementation.js';
 /**
- * Action that logs in the current user
- * Should be called with a JSON Post body with ``username`` and ``password`` fields.
- * Returns the current user instance
+ * Action that logs in the current user.
+ * Should be called with a JSON POST body with `username` and `password` fields.
+ * Returns the current user instance.
+ *
+ * @deprecated Use `createPasswordLoginAction(createCookieLoginStrategy(injector))` instead.
+ * This static action resolves services from the request-scoped injector on
+ * every call; the factory approach captures them once at setup time.
  */
 export declare const LoginAction: RequestAction<{
     result: User;

package/esm/actions/login.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../src/actions/login.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AAE3C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qCAAqC,CAAA;AAGxE;;;;GAIG;AAEH,eAAO,MAAM,WAAW,EAAE,aAAa,CAAC;IACtC,MAAM,EAAE,IAAI,CAAA;IACZ,IAAI,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAA;CAC7C,CAUA,CAAA"}
+{"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../src/actions/login.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AAK3C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qCAAqC,CAAA;AAGxE;;;;;;;;GAQG;AACH,eAAO,MAAM,WAAW,EAAE,aAAa,CAAC;IACtC,MAAM,EAAE,IAAI,CAAA;IACZ,IAAI,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAA;CAC7C,CAWA,CAAA"}

package/esm/actions/login.js

@@ -1,10 +1,15 @@
-import { HttpUserContext } from '../http-user-context.js';
 import { RequestError } from '@furystack/rest';
+import { sleepAsync } from '@furystack/utils';
+import { HttpUserContext } from '../http-user-context.js';
 import { JsonResult } from '../request-action-implementation.js';
 /**
- * Action that logs in the current user
- * Should be called with a JSON Post body with ``username`` and ``password`` fields.
- * Returns the current user instance
+ * Action that logs in the current user.
+ * Should be called with a JSON POST body with `username` and `password` fields.
+ * Returns the current user instance.
+ *
+ * @deprecated Use `createPasswordLoginAction(createCookieLoginStrategy(injector))` instead.
+ * This static action resolves services from the request-scoped injector on
+ * every call; the factory approach captures them once at setup time.
  */
 export const LoginAction = async ({ injector, getBody, response }) => {
     const userContext = injector.getInstance(HttpUserContext);
@@ -14,7 +19,8 @@ export const LoginAction = async ({ injector, getBody, response }) => {
         await userContext.cookieLogin(user, response);
         return JsonResult(user, 200);
     }
-    catch (error) {
+    catch {
+        await sleepAsync(Math.random() * 1000);
         throw new RequestError('Login Failed', 400);
     }
 };

package/esm/actions/login.js.map

@@ -1 +1 @@
-{"version":3,"file":"login.js","sourceRoot":"","sources":["../../src/actions/login.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAA;AAEzD,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAE9C,OAAO,EAAE,UAAU,EAAE,MAAM,qCAAqC,CAAA;AAEhE;;;;GAIG;AAEH,MAAM,CAAC,MAAM,WAAW,GAGnB,KAAK,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE;IAC7C,MAAM,WAAW,GAAG,QAAQ,CAAC,WAAW,CAAC,eAAe,CAAC,CAAA;IACzD,MAAM,IAAI,GAAG,MAAM,OAAO,EAAE,CAAA;IAC5B,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,gBAAgB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;QAC7E,MAAM,WAAW,CAAC,WAAW,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAA;QAC7C,OAAO,UAAU,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;IAC9B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,YAAY,CAAC,cAAc,EAAE,GAAG,CAAC,CAAA;IAC7C,CAAC;AACH,CAAC,CAAA"}
+{"version":3,"file":"login.js","sourceRoot":"","sources":["../../src/actions/login.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAE7C,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAA;AAEzD,OAAO,EAAE,UAAU,EAAE,MAAM,qCAAqC,CAAA;AAEhE;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,WAAW,GAGnB,KAAK,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE;IAC7C,MAAM,WAAW,GAAG,QAAQ,CAAC,WAAW,CAAC,eAAe,CAAC,CAAA;IACzD,MAAM,IAAI,GAAG,MAAM,OAAO,EAAE,CAAA;IAC5B,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,gBAAgB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;QAC7E,MAAM,WAAW,CAAC,WAAW,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAA;QAC7C,OAAO,UAAU,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,UAAU,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAA;QACtC,MAAM,IAAI,YAAY,CAAC,cAAc,EAAE,GAAG,CAAC,CAAA;IAC7C,CAAC;AACH,CAAC,CAAA"}

package/esm/actions/password-login-action.d.ts

@@ -0,0 +1,24 @@
+import type { LoginResponseStrategy } from '../login-response-strategy.js';
+import type { RequestAction } from '../request-action-implementation.js';
+/**
+ * Creates a login {@link RequestAction} that authenticates a user by
+ * username + password, then delegates session/token creation to the
+ * provided {@link LoginResponseStrategy}.
+ *
+ * The return type is inferred from the strategy:
+ * - Cookie strategy -> `ActionResult<User>`
+ * - JWT strategy   -> `ActionResult<{ accessToken: string; refreshToken: string }>`
+ *
+ * A random delay (0-1 s) is added on failure to mitigate timing attacks.
+ *
+ * @param strategy The login response strategy that produces the session/token result
+ * @returns A `RequestAction` that can be wired into a REST API route
+ */
+export declare const createPasswordLoginAction: <TResult>(strategy: LoginResponseStrategy<TResult>) => RequestAction<{
+    result: TResult;
+    body: {
+        username: string;
+        password: string;
+    };
+}>;
+//# sourceMappingURL=password-login-action.d.ts.map

package/esm/actions/password-login-action.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"password-login-action.d.ts","sourceRoot":"","sources":["../../src/actions/password-login-action.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAA;AAC1E,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qCAAqC,CAAA;AAExE;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,yBAAyB,GAAI,OAAO,EAC/C,UAAU,qBAAqB,CAAC,OAAO,CAAC,KACvC,aAAa,CAAC;IAAE,MAAM,EAAE,OAAO,CAAC;IAAC,IAAI,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAA;CAAE,CAWjF,CAAA"}

package/esm/actions/password-login-action.js

@@ -0,0 +1,31 @@
+import { RequestError } from '@furystack/rest';
+import { sleepAsync } from '@furystack/utils';
+import { HttpUserContext } from '../http-user-context.js';
+/**
+ * Creates a login {@link RequestAction} that authenticates a user by
+ * username + password, then delegates session/token creation to the
+ * provided {@link LoginResponseStrategy}.
+ *
+ * The return type is inferred from the strategy:
+ * - Cookie strategy -> `ActionResult<User>`
+ * - JWT strategy   -> `ActionResult<{ accessToken: string; refreshToken: string }>`
+ *
+ * A random delay (0-1 s) is added on failure to mitigate timing attacks.
+ *
+ * @param strategy The login response strategy that produces the session/token result
+ * @returns A `RequestAction` that can be wired into a REST API route
+ */
+export const createPasswordLoginAction = (strategy) => {
+    return async ({ injector, getBody }) => {
+        const body = await getBody();
+        try {
+            const user = await injector.getInstance(HttpUserContext).authenticateUser(body.username, body.password);
+            return strategy.createLoginResponse(user, injector);
+        }
+        catch {
+            await sleepAsync(Math.random() * 1000);
+            throw new RequestError('Login Failed', 400);
+        }
+    };
+};
+//# sourceMappingURL=password-login-action.js.map

package/esm/actions/password-login-action.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"password-login-action.js","sourceRoot":"","sources":["../../src/actions/password-login-action.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAE7C,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAA;AAIzD;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG,CACvC,QAAwC,EAC0C,EAAE;IACpF,OAAO,KAAK,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,EAAE,EAAE;QACrC,MAAM,IAAI,GAAG,MAAM,OAAO,EAAE,CAAA;QAC5B,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;YACvG,OAAO,QAAQ,CAAC,mBAAmB,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAA;QACrD,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,UAAU,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAA;YACtC,MAAM,IAAI,YAAY,CAAC,cAAc,EAAE,GAAG,CAAC,CAAA;QAC7C,CAAC;IACH,CAAC,CAAA;AACH,CAAC,CAAA"}

package/esm/actions/password-login-action.spec.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=password-login-action.spec.d.ts.map

package/esm/actions/password-login-action.spec.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"password-login-action.spec.d.ts","sourceRoot":"","sources":["../../src/actions/password-login-action.spec.ts"],"names":[],"mappings":""}

package/esm/actions/password-login-action.spec.js

@@ -0,0 +1,105 @@
+import { InMemoryStore, StoreManager, User, addStore } from '@furystack/core';
+import { Injector } from '@furystack/inject';
+import { getRepository } from '@furystack/repository';
+import { PasswordAuthenticator, PasswordCredential, PasswordResetToken, usePasswordPolicy } from '@furystack/security';
+import { usingAsync } from '@furystack/utils';
+import { describe, expect, it, vi } from 'vitest';
+import { useHttpAuthentication } from '../helpers.js';
+import { DefaultSession } from '../models/default-session.js';
+import { JsonResult } from '../request-action-implementation.js';
+import { createPasswordLoginAction } from './password-login-action.js';
+const setupInjector = async (i, username, password) => {
+    addStore(i, new InMemoryStore({ model: User, primaryKey: 'username' }))
+        .addStore(new InMemoryStore({ model: DefaultSession, primaryKey: 'sessionId' }))
+        .addStore(new InMemoryStore({ model: PasswordCredential, primaryKey: 'userName' }))
+        .addStore(new InMemoryStore({ model: PasswordResetToken, primaryKey: 'token' }));
+    const repo = getRepository(i);
+    repo.createDataSet(User, 'username');
+    repo.createDataSet(DefaultSession, 'sessionId');
+    repo.createDataSet(PasswordCredential, 'userName');
+    repo.createDataSet(PasswordResetToken, 'token');
+    usePasswordPolicy(i);
+    useHttpAuthentication(i);
+    const sm = i.getInstance(StoreManager);
+    const pw = i.getInstance(PasswordAuthenticator);
+    const cred = await pw.hasher.createCredential(username, password);
+    await sm.getStoreFor(PasswordCredential, 'userName').add(cred);
+    await sm.getStoreFor(User, 'username').add({ username, roles: ['admin'] });
+};
+const mockStrategy = {
+    createLoginResponse: vi.fn(async (user) => JsonResult(user, 200)),
+};
+describe('createPasswordLoginAction', () => {
+    const request = {};
+    const response = {};
+    it('Should delegate to the strategy on successful authentication', async () => {
+        await usingAsync(new Injector(), async (i) => {
+            await setupInjector(i, 'testuser', 'testpass');
+            const action = createPasswordLoginAction(mockStrategy);
+            const result = await action({
+                injector: i,
+                request,
+                response,
+                getBody: () => Promise.resolve({ username: 'testuser', password: 'testpass' }),
+            });
+            expect(mockStrategy.createLoginResponse).toHaveBeenCalled();
+            expect(result.chunk.username).toBe('testuser');
+        });
+    });
+    it('Should pass the correct user to the strategy', async () => {
+        await usingAsync(new Injector(), async (i) => {
+            await setupInjector(i, 'testuser', 'testpass');
+            const strategyFn = vi.fn(async (user) => JsonResult(user, 200));
+            const strategy = { createLoginResponse: strategyFn };
+            const action = createPasswordLoginAction(strategy);
+            await action({
+                injector: i,
+                request,
+                response,
+                getBody: () => Promise.resolve({ username: 'testuser', password: 'testpass' }),
+            });
+            expect(strategyFn).toHaveBeenCalledWith(expect.objectContaining({ username: 'testuser', roles: ['admin'] }), i);
+        });
+    });
+    it('Should throw RequestError on invalid credentials', async () => {
+        await usingAsync(new Injector(), async (i) => {
+            await setupInjector(i, 'testuser', 'testpass');
+            const action = createPasswordLoginAction(mockStrategy);
+            await expect(action({
+                injector: i,
+                request,
+                response,
+                getBody: () => Promise.resolve({ username: 'testuser', password: 'wrongpass' }),
+            })).rejects.toThrow('Login Failed');
+        });
+    });
+    it('Should throw RequestError for nonexistent user', async () => {
+        await usingAsync(new Injector(), async (i) => {
+            await setupInjector(i, 'testuser', 'testpass');
+            const action = createPasswordLoginAction(mockStrategy);
+            await expect(action({
+                injector: i,
+                request,
+                response,
+                getBody: () => Promise.resolve({ username: 'nobody', password: 'nopass' }),
+            })).rejects.toThrow('Login Failed');
+        });
+    });
+    it('Should work with a custom result type from strategy', async () => {
+        await usingAsync(new Injector(), async (i) => {
+            await setupInjector(i, 'testuser', 'testpass');
+            const tokenStrategy = {
+                createLoginResponse: async () => JsonResult({ accessToken: 'tok123' }, 200),
+            };
+            const action = createPasswordLoginAction(tokenStrategy);
+            const result = await action({
+                injector: i,
+                request,
+                response,
+                getBody: () => Promise.resolve({ username: 'testuser', password: 'testpass' }),
+            });
+            expect(result.chunk.accessToken).toBe('tok123');
+        });
+    });
+});
+//# sourceMappingURL=password-login-action.spec.js.map

package/esm/actions/password-login-action.spec.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"password-login-action.spec.js","sourceRoot":"","sources":["../../src/actions/password-login-action.spec.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAA;AAC7E,OAAO,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAA;AAC5C,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAA;AACrD,OAAO,EAAE,qBAAqB,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAA;AACtH,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAE7C,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAA;AAEjD,OAAO,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAA;AAErD,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAA;AAC7D,OAAO,EAAE,UAAU,EAAE,MAAM,qCAAqC,CAAA;AAChE,OAAO,EAAE,yBAAyB,EAAE,MAAM,4BAA4B,CAAA;AAEtE,MAAM,aAAa,GAAG,KAAK,EAAE,CAAW,EAAE,QAAgB,EAAE,QAAgB,EAAE,EAAE;IAC9E,QAAQ,CAAC,CAAC,EAAE,IAAI,aAAa,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,UAAU,EAAE,CAAC,CAAC;SACpE,QAAQ,CAAC,IAAI,aAAa,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,UAAU,EAAE,WAAW,EAAE,CAAC,CAAC;SAC/E,QAAQ,CAAC,IAAI,aAAa,CAAC,EAAE,KAAK,EAAE,kBAAkB,EAAE,UAAU,EAAE,UAAU,EAAE,CAAC,CAAC;SAClF,QAAQ,CAAC,IAAI,aAAa,CAAC,EAAE,KAAK,EAAE,kBAAkB,EAAE,UAAU,EAAE,OAAO,EAAE,CAAC,CAAC,CAAA;IAElF,MAAM,IAAI,GAAG,aAAa,CAAC,CAAC,CAAC,CAAA;IAC7B,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,UAAU,CAAC,CAAA;IACpC,IAAI,CAAC,aAAa,CAAC,cAAc,EAAE,WAAW,CAAC,CAAA;IAC/C,IAAI,CAAC,aAAa,CAAC,kBAAkB,EAAE,UAAU,CAAC,CAAA;IAClD,IAAI,CAAC,aAAa,CAAC,kBAAkB,EAAE,OAAO,CAAC,CAAA;IAE/C,iBAAiB,CAAC,CAAC,CAAC,CAAA;IACpB,qBAAqB,CAAC,CAAC,CAAC,CAAA;IAExB,MAAM,EAAE,GAAG,CAAC,CAAC,WAAW,CAAC,YAAY,CAAC,CAAA;IACtC,MAAM,EAAE,GAAG,CAAC,CAAC,WAAW,CAAC,qBAAqB,CAAC,CAAA;IAC/C,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAA;IACjE,MAAM,EAAE,CAAC,WAAW,CAAC,kBAAkB,EAAE,UAAU,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IAC9D,MAAM,EAAE,CAAC,WAAW,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC,GAAG,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;AAC5E,CAAC,CAAA;AAED,MAAM,YAAY,GAAgC;IAChD,mBAAmB,EAAE,EAAE,CAAC,EAAE,CAAC,KAAK,EAAE,IAAU,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;CACxE,CAAA;AAED,QAAQ,CAAC,2BAA2B,EAAE,GAAG,EAAE;IACzC,MAAM,OAAO,GAAG,EAAqB,CAAA;IACrC,MAAM,QAAQ,GAAG,EAAoB,CAAA;IAErC,EAAE,CAAC,8DAA8D,EAAE,KAAK,IAAI,EAAE;QAC5E,MAAM,UAAU,CAAC,IAAI,QAAQ,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;YAC3C,MAAM,aAAa,CAAC,CAAC,EAAE,UAAU,EAAE,UAAU,CAAC,CAAA;YAC9C,MAAM,MAAM,GAAG,yBAAyB,CAAC,YAAY,CAAC,CAAA;YACtD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC;gBAC1B,QAAQ,EAAE,CAAC;gBACX,OAAO;gBACP,QAAQ;gBACR,OAAO,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;aAC/E,CAAC,CAAA;YACF,MAAM,CAAC,YAAY,CAAC,mBAAmB,CAAC,CAAC,gBAAgB,EAAE,CAAA;YAC3D,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QAChD,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,8CAA8C,EAAE,KAAK,IAAI,EAAE;QAC5D,MAAM,UAAU,CAAC,IAAI,QAAQ,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;YAC3C,MAAM,aAAa,CAAC,CAAC,EAAE,UAAU,EAAE,UAAU,CAAC,CAAA;YAC9C,MAAM,UAAU,GAAG,EAAE,CAAC,EAAE,CAAC,KAAK,EAAE,IAAU,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAA;YACrE,MAAM,QAAQ,GAAgC,EAAE,mBAAmB,EAAE,UAAU,EAAE,CAAA;YACjF,MAAM,MAAM,GAAG,yBAAyB,CAAC,QAAQ,CAAC,CAAA;YAClD,MAAM,MAAM,CAAC;gBACX,QAAQ,EAAE,CAAC;gBACX,OAAO;gBACP,QAAQ;gBACR,OAAO,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;aAC/E,CAAC,CAAA;YACF,MAAM,CAAC,UAAU,CAAC,CAAC,oBAAoB,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAA;QACjH,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,kDAAkD,EAAE,KAAK,IAAI,EAAE;QAChE,MAAM,UAAU,CAAC,IAAI,QAAQ,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;YAC3C,MAAM,aAAa,CAAC,CAAC,EAAE,UAAU,EAAE,UAAU,CAAC,CAAA;YAC9C,MAAM,MAAM,GAAG,yBAAyB,CAAC,YAAY,CAAC,CAAA;YACtD,MAAM,MAAM,CACV,MAAM,CAAC;gBACL,QAAQ,EAAE,CAAC;gBACX,OAAO;gBACP,QAAQ;gBACR,OAAO,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;aAChF,CAAC,CACH,CAAC,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,CAAA;QACnC,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,gDAAgD,EAAE,KAAK,IAAI,EAAE;QAC9D,MAAM,UAAU,CAAC,IAAI,QAAQ,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;YAC3C,MAAM,aAAa,CAAC,CAAC,EAAE,UAAU,EAAE,UAAU,CAAC,CAAA;YAC9C,MAAM,MAAM,GAAG,yBAAyB,CAAC,YAAY,CAAC,CAAA;YACtD,MAAM,MAAM,CACV,MAAM,CAAC;gBACL,QAAQ,EAAE,CAAC;gBACX,OAAO;gBACP,QAAQ;gBACR,OAAO,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC;aAC3E,CAAC,CACH,CAAC,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,CAAA;QACnC,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,qDAAqD,EAAE,KAAK,IAAI,EAAE;QACnE,MAAM,UAAU,CAAC,IAAI,QAAQ,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;YAC3C,MAAM,aAAa,CAAC,CAAC,EAAE,UAAU,EAAE,UAAU,CAAC,CAAA;YAC9C,MAAM,aAAa,GAAmD;gBACpE,mBAAmB,EAAE,KAAK,IAAI,EAAE,CAAC,UAAU,CAAC,EAAE,WAAW,EAAE,QAAQ,EAAE,EAAE,GAAG,CAAC;aAC5E,CAAA;YACD,MAAM,MAAM,GAAG,yBAAyB,CAAC,aAAa,CAAC,CAAA;YACvD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC;gBAC1B,QAAQ,EAAE,CAAC;gBACX,OAAO;gBACP,QAAQ;gBACR,OAAO,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;aAC/E,CAAC,CAAA;YACF,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACjD,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA"}

package/esm/helpers.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../src/helpers.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AAE3C,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAA;AACjD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAA;AAI9C,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAA;AAM3D,OAAO,EAAE,0BAA0B,EAAE,MAAM,mCAAmC,CAAA;AAC9E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAA;AACjE,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAEtD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAA;AAGrE;;;;GAIG;AACH,eAAO,MAAM,cAAc,GAAU,CAAC,SAAS,OAAO,EAAE,KAAK,mBAAmB,CAAC,CAAC,CAAC;;;EACpB,CAAA;AAE/D;;;;;;;;GAQG;AACH,eAAO,MAAM,qBAAqB,GAAI,KAAK,SAAS,IAAI,EAAE,QAAQ,SAAS,cAAc,EACvF,UAAU,QAAQ,EAClB,WAAW,OAAO,CAAC,0BAA0B,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,SAmChE,CAAA;AAED;;;;;;GAMG;AACH,eAAO,MAAM,cAAc,GAAI,SAAS;IAAE,QAAQ,EAAE,QAAQ,CAAA;CAAE,GAAG,mBAAmB,kBAGnF,CAAA;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+DG;AACH,eAAO,MAAM,QAAQ,GAAI,SAAS;IAAE,QAAQ,EAAE,QAAQ,CAAA;CAAE,GAAG,YAAY,kBAGtE,CAAA"}
+{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../src/helpers.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AAE3C,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAA;AACjD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAA;AAI9C,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAA;AAM3D,OAAO,EAAE,0BAA0B,EAAE,MAAM,mCAAmC,CAAA;AAC9E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAA;AACjE,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAEtD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAA;AAGrE;;;;GAIG;AACH,eAAO,MAAM,cAAc,GAAU,CAAC,SAAS,OAAO,EAAE,KAAK,mBAAmB,CAAC,CAAC,CAAC;;;EACpB,CAAA;AAE/D;;;;;;;;GAQG;AACH,eAAO,MAAM,qBAAqB,GAAI,KAAK,SAAS,IAAI,EAAE,QAAQ,SAAS,cAAc,EACvF,UAAU,QAAQ,EAClB,WAAW,OAAO,CAAC,0BAA0B,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,SAiChE,CAAA;AAED;;;;;;GAMG;AACH,eAAO,MAAM,cAAc,GAAI,SAAS;IAAE,QAAQ,EAAE,QAAQ,CAAA;CAAE,GAAG,mBAAmB,kBAGnF,CAAA;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+DG;AACH,eAAO,MAAM,QAAQ,GAAI,SAAS;IAAE,QAAQ,EAAE,QAAQ,CAAA;CAAE,GAAG,YAAY,kBAGtE,CAAA"}

package/esm/helpers.js

@@ -27,8 +27,6 @@ export const useHttpAuthentication = (injector, settings) => {
     const systemInjector = useSystemIdentityContext({ injector, username: 'useHttpAuthentication' });
     const passwordAuthenticator = injector.getInstance(PasswordAuthenticator);
     const userDataSet = mergedSettings.getUserDataSet(systemInjector);
-    // Narrow from DataSet<TSession, keyof TSession> to DataSet<DefaultSession, 'sessionId'>
-    // because the built-in providers operate on DefaultSession with the concrete 'sessionId' key
     const sessionDataSet = mergedSettings.getSessionDataSet(systemInjector);
     const providers = [];
     if (mergedSettings.enableBasicAuth) {

package/esm/helpers.js.map

@@ -1 +1 @@
-{"version":3,"file":"helpers.js","sourceRoot":"","sources":["../src/helpers.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,wBAAwB,EAAE,MAAM,iBAAiB,CAAA;AAI1D,OAAO,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAA;AAG3D,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAE7C,OAAO,EAAE,uBAAuB,EAAE,MAAM,mDAAmD,CAAA;AAC3F,OAAO,EAAE,wBAAwB,EAAE,MAAM,oDAAoD,CAAA;AAC7F,OAAO,EAAE,2BAA2B,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,uCAAuC,CAAA;AACpH,OAAO,EAAE,0BAA0B,EAAE,MAAM,mCAAmC,CAAA;AAG9E,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAEjD,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAA;AAEhE;;;;GAIG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,KAAK,EAAqB,GAA2B,EAAE,EAAE,CACrF,MAAM,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,EAAE,GAAG,GAAG,EAAE,CAAC,CAAA;AAE/D;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,CACnC,QAAkB,EAClB,QAA+D,EAC/D,EAAE;IACF,MAAM,cAAc,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,0BAA0B,EAAmB,EAAE,QAAQ,CAAC,CAAA;IACjG,MAAM,cAAc,GAAG,wBAAwB,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,uBAAuB,EAAE,CAAC,CAAA;IAChG,MAAM,qBAAqB,GAAG,QAAQ,CAAC,WAAW,CAAC,qBAAqB,CAAC,CAAA;IACzE,MAAM,WAAW,GAAG,cAAc,CAAC,cAAc,CAAC,cAAc,CAAC,CAAA;IACjE,wFAAwF;IACxF,6FAA6F;IAC7F,MAAM,cAAc,GAAG,cAAc,CAAC,iBAAiB,CAAC,cAAc,CAGrE,CAAA;IAED,MAAM,SAAS,GAA6B,EAAE,CAAA;IAE9C,IAAI,cAAc,CAAC,eAAe,EAAE,CAAC;QACnC,SAAS,CAAC,IAAI,CACZ,uBAAuB,CAAC,CAAC,QAAQ,EAAE,QAAQ,EAAE,EAAE,CAC7C,2BAA2B,CAAC,qBAAqB,EAAE,WAAW,EAAE,cAAc,EAAE,QAAQ,EAAE,QAAQ,CAAC,CACpG,CACF,CAAA;IACH,CAAC;IAED,SAAS,CAAC,IAAI,CACZ,wBAAwB,CACtB,cAAc,CAAC,UAAU,EACzB,CAAC,SAAS,EAAE,EAAE,CAAC,eAAe,CAAC,cAAc,EAAE,cAAc,EAAE,SAAS,CAAC,EACzE,CAAC,QAAQ,EAAE,EAAE,CAAC,cAAc,CAAC,WAAW,EAAE,cAAc,EAAE,QAAQ,CAAC,CACpE,CACF,CAAA;IAED,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,uBAAuB,IAAI,EAAE,CAAC,CAAC,CAAA;IAC5D,cAAc,CAAC,uBAAuB,GAAG,SAAS,CAAA;IAElD,QAAQ,CAAC,mBAAmB,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAA;AAC1E,CAAC,CAAA;AAED;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,OAAqD,EAAE,EAAE;IACtF,MAAM,EAAE,QAAQ,EAAE,GAAG,QAAQ,EAAE,GAAG,OAAO,CAAA;IACzC,OAAO,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAA;AAC1E,CAAC,CAAA;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+DG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,OAA8C,EAAE,EAAE;IACzE,MAAM,EAAE,QAAQ,EAAE,GAAG,QAAQ,EAAE,GAAG,OAAO,CAAA;IACzC,OAAO,QAAQ,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;AAC9D,CAAC,CAAA"}
+{"version":3,"file":"helpers.js","sourceRoot":"","sources":["../src/helpers.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,wBAAwB,EAAE,MAAM,iBAAiB,CAAA;AAI1D,OAAO,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAA;AAG3D,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAE7C,OAAO,EAAE,uBAAuB,EAAE,MAAM,mDAAmD,CAAA;AAC3F,OAAO,EAAE,wBAAwB,EAAE,MAAM,oDAAoD,CAAA;AAC7F,OAAO,EAAE,2BAA2B,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,uCAAuC,CAAA;AACpH,OAAO,EAAE,0BAA0B,EAAE,MAAM,mCAAmC,CAAA;AAG9E,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAEjD,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAA;AAEhE;;;;GAIG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,KAAK,EAAqB,GAA2B,EAAE,EAAE,CACrF,MAAM,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,EAAE,GAAG,GAAG,EAAE,CAAC,CAAA;AAE/D;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,CACnC,QAAkB,EAClB,QAA+D,EAC/D,EAAE;IACF,MAAM,cAAc,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,0BAA0B,EAAmB,EAAE,QAAQ,CAAC,CAAA;IACjG,MAAM,cAAc,GAAG,wBAAwB,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,uBAAuB,EAAE,CAAC,CAAA;IAChG,MAAM,qBAAqB,GAAG,QAAQ,CAAC,WAAW,CAAC,qBAAqB,CAAC,CAAA;IACzE,MAAM,WAAW,GAAG,cAAc,CAAC,cAAc,CAAC,cAAc,CAAyC,CAAA;IACzG,MAAM,cAAc,GAAG,cAAc,CAAC,iBAAiB,CAAC,cAAc,CAGrE,CAAA;IAED,MAAM,SAAS,GAA6B,EAAE,CAAA;IAE9C,IAAI,cAAc,CAAC,eAAe,EAAE,CAAC;QACnC,SAAS,CAAC,IAAI,CACZ,uBAAuB,CAAC,CAAC,QAAQ,EAAE,QAAQ,EAAE,EAAE,CAC7C,2BAA2B,CAAC,qBAAqB,EAAE,WAAW,EAAE,cAAc,EAAE,QAAQ,EAAE,QAAQ,CAAC,CACpG,CACF,CAAA;IACH,CAAC;IAED,SAAS,CAAC,IAAI,CACZ,wBAAwB,CACtB,cAAc,CAAC,UAAU,EACzB,CAAC,SAAS,EAAE,EAAE,CAAC,eAAe,CAAC,cAAc,EAAE,cAAc,EAAE,SAAS,CAAC,EACzE,CAAC,QAAQ,EAAE,EAAE,CAAC,cAAc,CAAC,WAAW,EAAE,cAAc,EAAE,QAAQ,CAAC,CACpE,CACF,CAAA;IAED,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,uBAAuB,IAAI,EAAE,CAAC,CAAC,CAAA;IAC5D,cAAc,CAAC,uBAAuB,GAAG,SAAS,CAAA;IAElD,QAAQ,CAAC,mBAAmB,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAA;AAC1E,CAAC,CAAA;AAED;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,OAAqD,EAAE,EAAE;IACtF,MAAM,EAAE,QAAQ,EAAE,GAAG,QAAQ,EAAE,GAAG,OAAO,CAAA;IACzC,OAAO,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAA;AAC1E,CAAC,CAAA;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+DG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,OAA8C,EAAE,EAAE;IACzE,MAAM,EAAE,QAAQ,EAAE,GAAG,QAAQ,EAAE,GAAG,OAAO,CAAA;IACzC,OAAO,QAAQ,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;AAC9D,CAAC,CAAA"}

package/esm/http-authentication-settings.d.ts

@@ -1,6 +1,5 @@
 import { User } from '@furystack/core';
 import type { Constructable, Injector } from '@furystack/inject';
-import type { DataSet } from '@furystack/repository';
 import type { AuthenticationProvider } from './authentication-providers/authentication-provider.js';
 import { DefaultSession } from './models/default-session.js';
 /**
@@ -8,8 +7,9 @@ import { DefaultSession } from './models/default-session.js';
  */
 export declare class HttpAuthenticationSettings<TUser extends User, TSession extends DefaultSession> {
     model: Constructable<TUser>;
-    getUserDataSet: (injector: Injector) => DataSet<User, "username", import("@furystack/core").WithOptionalId<User, "username">>;
-    getSessionDataSet: (injector: Injector) => DataSet<TSession, keyof TSession>;
+    getUserDataSet: (injector: Injector) => import("@furystack/repository").DataSet<TUser, "username" & keyof TUser, import("@furystack/core").WithOptionalId<TUser, "username" & keyof TUser>>;
+    sessionModel: Constructable<TSession>;
+    getSessionDataSet: (injector: Injector) => import("@furystack/repository").DataSet<TSession, "sessionId" & keyof TSession, import("@furystack/core").WithOptionalId<TSession, "sessionId" & keyof TSession>>;
     cookieName: string;
     enableBasicAuth: boolean;
     /**

package/esm/http-authentication-settings.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"http-authentication-settings.d.ts","sourceRoot":"","sources":["../src/http-authentication-settings.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AACtC,OAAO,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAA;AAEhE,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAA;AAEpD,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,uDAAuD,CAAA;AACnG,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAA;AAE5D;;GAEG;AACH,qBACa,0BAA0B,CAAC,KAAK,SAAS,IAAI,EAAE,QAAQ,SAAS,cAAc;IAClF,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,CAA+B;IAE1D,cAAc,GAAI,UAAU,QAAQ,2FAA8C;IAElF,iBAAiB,EAAE,CAAC,QAAQ,EAAE,QAAQ,KAAK,OAAO,CAAC,QAAQ,EAAE,MAAM,QAAQ,CAAC,CACmB;IAE/F,UAAU,SAAQ;IAClB,eAAe,UAAO;IAE7B;;;;OAIG;IACI,uBAAuB,EAAE,sBAAsB,EAAE,CAAK;CAC9D"}
+{"version":3,"file":"http-authentication-settings.d.ts","sourceRoot":"","sources":["../src/http-authentication-settings.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AACtC,OAAO,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAA;AAGhE,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,uDAAuD,CAAA;AACnG,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAA;AAE5D;;GAEG;AACH,qBACa,0BAA0B,CAAC,KAAK,SAAS,IAAI,EAAE,QAAQ,SAAS,cAAc;IAClF,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,CAA+B;IAE1D,cAAc,GAAI,UAAU,QAAQ,yJACkC;IAEtE,YAAY,EAAE,aAAa,CAAC,QAAQ,CAAC,CAA4C;IAEjF,iBAAiB,GAAI,UAAU,QAAQ,uKAC2C;IAElF,UAAU,SAAQ;IAClB,eAAe,UAAO;IAE7B;;;;OAIG;IACI,uBAAuB,EAAE,sBAAsB,EAAE,CAAK;CAC9D"}

package/esm/http-authentication-settings.js

@@ -13,8 +13,9 @@ import { DefaultSession } from './models/default-session.js';
  */
 let HttpAuthenticationSettings = class HttpAuthenticationSettings {
     model = User;
-    getUserDataSet = (injector) => getDataSetFor(injector, User, 'username');
-    getSessionDataSet = (injector) => getDataSetFor(injector, DefaultSession, 'sessionId');
+    getUserDataSet = (injector) => getDataSetFor(injector, this.model, 'username');
+    sessionModel = DefaultSession;
+    getSessionDataSet = (injector) => getDataSetFor(injector, this.sessionModel, 'sessionId');
     cookieName = 'fss';
     enableBasicAuth = true;
     /**

package/esm/http-authentication-settings.js.map

@@ -1 +1 @@
-{"version":3,"file":"http-authentication-settings.js","sourceRoot":"","sources":["../src/http-authentication-settings.ts"],"names":[],"mappings":";;;;;;AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AAEtC,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AAE9C,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAA;AAErD,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAA;AAE5D;;GAEG;AAEI,IAAM,0BAA0B,GAAhC,MAAM,0BAA0B;IAC9B,KAAK,GAAyB,IAA4B,CAAA;IAE1D,cAAc,GAAG,CAAC,QAAkB,EAAE,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,EAAE,UAAU,CAAC,CAAA;IAElF,iBAAiB,GAA8D,CAAC,QAAQ,EAAE,EAAE,CACjG,aAAa,CAAC,QAAQ,EAAE,cAAc,EAAE,WAAW,CAAiD,CAAA;IAE/F,UAAU,GAAG,KAAK,CAAA;IAClB,eAAe,GAAG,IAAI,CAAA;IAE7B;;;;OAIG;IACI,uBAAuB,GAA6B,EAAE,CAAA;CAC9D,CAAA;AAjBY,0BAA0B;IADtC,UAAU,CAAC,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;GACzB,0BAA0B,CAiBtC"}
+{"version":3,"file":"http-authentication-settings.js","sourceRoot":"","sources":["../src/http-authentication-settings.ts"],"names":[],"mappings":";;;;;;AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AAEtC,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AAC9C,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAA;AAErD,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAA;AAE5D;;GAEG;AAEI,IAAM,0BAA0B,GAAhC,MAAM,0BAA0B;IAC9B,KAAK,GAAyB,IAA4B,CAAA;IAE1D,cAAc,GAAG,CAAC,QAAkB,EAAE,EAAE,CAC7C,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,KAAK,EAAE,UAAsC,CAAC,CAAA;IAEtE,YAAY,GAA4B,cAAyC,CAAA;IAEjF,iBAAiB,GAAG,CAAC,QAAkB,EAAE,EAAE,CAChD,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,YAAY,EAAE,WAA2C,CAAC,CAAA;IAElF,UAAU,GAAG,KAAK,CAAA;IAClB,eAAe,GAAG,IAAI,CAAA;IAE7B;;;;OAIG;IACI,uBAAuB,GAA6B,EAAE,CAAA;CAC9D,CAAA;AApBY,0BAA0B;IADtC,UAAU,CAAC,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;GACzB,0BAA0B,CAoBtC"}

package/esm/http-user-context.d.ts

@@ -7,7 +7,7 @@ import type { DefaultSession } from './models/default-session.js';
  */
 export declare class HttpUserContext {
     getUserDataSet: () => import("@furystack/repository").DataSet<User, "username", import("@furystack/core").WithOptionalId<User, "username">>;
-    getSessionDataSet: () => import("@furystack/repository").DataSet<DefaultSession, keyof DefaultSession, import("@furystack/core").WithOptionalId<DefaultSession, keyof DefaultSession>>;
+    getSessionDataSet: () => import("@furystack/repository").DataSet<DefaultSession, "sessionId", import("@furystack/core").WithOptionalId<DefaultSession, "sessionId">>;
     private getUserByName;
     private user?;
     /**

package/esm/http-user-context.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"http-user-context.d.ts","sourceRoot":"","sources":["../src/http-user-context.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AAM3C,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,MAAM,CAAA;AAE3C,OAAO,EAAE,0BAA0B,EAAE,MAAM,mCAAmC,CAAA;AAC9E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAA;AAEjE;;GAEG;AACH,qBACa,eAAe;IACnB,cAAc,8HAAgE;IAE9E,iBAAiB,sKAAmE;IAE3F,OAAO,CAAC,aAAa,CAOpB;IAED,OAAO,CAAC,IAAI,CAAC,CAAM;IAEnB;;;OAGG;IACU,eAAe,CAAC,OAAO,EAAE,eAAe;IASrD;;;;;OAKG;IACU,YAAY,CAAC,OAAO,EAAE,eAAe,EAAE,GAAG,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;IAUzF;;;;;OAKG;IACU,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM;IAanD,cAAc,CAAC,OAAO,EAAE,IAAI,CAAC,eAAe,EAAE,SAAS,CAAC;IAQ9D,uBAAuB,CAAC,OAAO,EAAE,IAAI,CAAC,eAAe,EAAE,SAAS,CAAC,GAAG,MAAM,GAAG,IAAI;IAIxF;;;;;OAKG;IACU,mBAAmB,CAAC,OAAO,EAAE,IAAI,CAAC,eAAe,EAAE,SAAS,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IAQ1F;;;;;OAKG;IACU,WAAW,CACtB,IAAI,EAAE,IAAI,EACV,cAAc,EAAE;QAAE,SAAS,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,KAAK,IAAI,CAAA;KAAE,GACrE,OAAO,CAAC,IAAI,CAAC;IAQH,YAAY,CACvB,OAAO,EAAE,IAAI,CAAC,eAAe,EAAE,SAAS,CAAC,EACzC,QAAQ,EAAE;QAAE,SAAS,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,KAAK,IAAI,CAAA;KAAE;IAalE,SACwB,cAAc,EAAE,0BAA0B,CAAC,IAAI,EAAE,cAAc,CAAC,CAAA;IAExF,iBACyB,cAAc,CAAU;IAEjD,iBACyB,aAAa,CAAuB;IAEtD,IAAI;CAiBZ"}
+{"version":3,"file":"http-user-context.d.ts","sourceRoot":"","sources":["../src/http-user-context.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AAM3C,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,MAAM,CAAA;AAE3C,OAAO,EAAE,0BAA0B,EAAE,MAAM,mCAAmC,CAAA;AAC9E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAA;AAEjE;;GAEG;AACH,qBACa,eAAe;IACnB,cAAc,8HAAgE;IAE9E,iBAAiB,oJAAmE;IAE3F,OAAO,CAAC,aAAa,CAOpB;IAED,OAAO,CAAC,IAAI,CAAC,CAAM;IAEnB;;;OAGG;IACU,eAAe,CAAC,OAAO,EAAE,eAAe;IASrD;;;;;OAKG;IACU,YAAY,CAAC,OAAO,EAAE,eAAe,EAAE,GAAG,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;IAUzF;;;;;OAKG;IACU,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM;IAanD,cAAc,CAAC,OAAO,EAAE,IAAI,CAAC,eAAe,EAAE,SAAS,CAAC;IAQ9D,uBAAuB,CAAC,OAAO,EAAE,IAAI,CAAC,eAAe,EAAE,SAAS,CAAC,GAAG,MAAM,GAAG,IAAI;IAIxF;;;;;OAKG;IACU,mBAAmB,CAAC,OAAO,EAAE,IAAI,CAAC,eAAe,EAAE,SAAS,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IAQ1F;;;;;OAKG;IACU,WAAW,CACtB,IAAI,EAAE,IAAI,EACV,cAAc,EAAE;QAAE,SAAS,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,KAAK,IAAI,CAAA;KAAE,GACrE,OAAO,CAAC,IAAI,CAAC;IAQH,YAAY,CACvB,OAAO,EAAE,IAAI,CAAC,eAAe,EAAE,SAAS,CAAC,EACzC,QAAQ,EAAE;QAAE,SAAS,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,KAAK,IAAI,CAAA;KAAE;IAalE,SACwB,cAAc,EAAE,0BAA0B,CAAC,IAAI,EAAE,cAAc,CAAC,CAAA;IAExF,iBACyB,cAAc,CAAU;IAEjD,iBACyB,aAAa,CAAuB;IAEtD,IAAI;CAiBZ"}

package/esm/index.d.ts

@@ -9,6 +9,7 @@ export * from './get-schema-from-api.js';
 export * from './helpers.js';
 export * from './http-authentication-settings.js';
 export * from './http-user-context.js';
+export * from './login-response-strategy.js';
 export * from './mime-types.js';
 export * from './models/index.js';
 export * from './proxy-manager.js';

package/esm/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,oBAAoB,CAAA;AAClC,cAAc,sBAAsB,CAAA;AACpC,cAAc,kBAAkB,CAAA;AAChC,cAAc,mBAAmB,CAAA;AACjC,cAAc,qCAAqC,CAAA;AACnD,cAAc,gBAAgB,CAAA;AAC9B,cAAc,gCAAgC,CAAA;AAC9C,cAAc,0BAA0B,CAAA;AACxC,cAAc,cAAc,CAAA;AAC5B,cAAc,mCAAmC,CAAA;AACjD,cAAc,wBAAwB,CAAA;AACtC,cAAc,iBAAiB,CAAA;AAC/B,cAAc,mBAAmB,CAAA;AACjC,cAAc,oBAAoB,CAAA;AAClC,cAAc,qBAAqB,CAAA;AACnC,cAAc,oCAAoC,CAAA;AAClD,cAAc,6BAA6B,CAAA;AAC3C,cAAc,qBAAqB,CAAA;AACnC,cAAc,iCAAiC,CAAA;AAC/C,cAAc,4BAA4B,CAAA;AAC1C,cAAc,eAAe,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,oBAAoB,CAAA;AAClC,cAAc,sBAAsB,CAAA;AACpC,cAAc,kBAAkB,CAAA;AAChC,cAAc,mBAAmB,CAAA;AACjC,cAAc,qCAAqC,CAAA;AACnD,cAAc,gBAAgB,CAAA;AAC9B,cAAc,gCAAgC,CAAA;AAC9C,cAAc,0BAA0B,CAAA;AACxC,cAAc,cAAc,CAAA;AAC5B,cAAc,mCAAmC,CAAA;AACjD,cAAc,wBAAwB,CAAA;AACtC,cAAc,8BAA8B,CAAA;AAC5C,cAAc,iBAAiB,CAAA;AAC/B,cAAc,mBAAmB,CAAA;AACjC,cAAc,oBAAoB,CAAA;AAClC,cAAc,qBAAqB,CAAA;AACnC,cAAc,oCAAoC,CAAA;AAClD,cAAc,6BAA6B,CAAA;AAC3C,cAAc,qBAAqB,CAAA;AACnC,cAAc,iCAAiC,CAAA;AAC/C,cAAc,4BAA4B,CAAA;AAC1C,cAAc,eAAe,CAAA"}

package/esm/index.js

@@ -9,6 +9,7 @@ export * from './get-schema-from-api.js';
 export * from './helpers.js';
 export * from './http-authentication-settings.js';
 export * from './http-user-context.js';
+export * from './login-response-strategy.js';
 export * from './mime-types.js';
 export * from './models/index.js';
 export * from './proxy-manager.js';

package/esm/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,oBAAoB,CAAA;AAClC,cAAc,sBAAsB,CAAA;AACpC,cAAc,kBAAkB,CAAA;AAChC,cAAc,mBAAmB,CAAA;AACjC,cAAc,qCAAqC,CAAA;AACnD,cAAc,gBAAgB,CAAA;AAC9B,cAAc,gCAAgC,CAAA;AAC9C,cAAc,0BAA0B,CAAA;AACxC,cAAc,cAAc,CAAA;AAC5B,cAAc,mCAAmC,CAAA;AACjD,cAAc,wBAAwB,CAAA;AACtC,cAAc,iBAAiB,CAAA;AAC/B,cAAc,mBAAmB,CAAA;AACjC,cAAc,oBAAoB,CAAA;AAClC,cAAc,qBAAqB,CAAA;AACnC,cAAc,oCAAoC,CAAA;AAClD,cAAc,6BAA6B,CAAA;AAC3C,cAAc,qBAAqB,CAAA;AACnC,cAAc,iCAAiC,CAAA;AAC/C,cAAc,4BAA4B,CAAA;AAC1C,cAAc,eAAe,CAAA"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,oBAAoB,CAAA;AAClC,cAAc,sBAAsB,CAAA;AACpC,cAAc,kBAAkB,CAAA;AAChC,cAAc,mBAAmB,CAAA;AACjC,cAAc,qCAAqC,CAAA;AACnD,cAAc,gBAAgB,CAAA;AAC9B,cAAc,gCAAgC,CAAA;AAC9C,cAAc,0BAA0B,CAAA;AACxC,cAAc,cAAc,CAAA;AAC5B,cAAc,mCAAmC,CAAA;AACjD,cAAc,wBAAwB,CAAA;AACtC,cAAc,8BAA8B,CAAA;AAC5C,cAAc,iBAAiB,CAAA;AAC/B,cAAc,mBAAmB,CAAA;AACjC,cAAc,oBAAoB,CAAA;AAClC,cAAc,qBAAqB,CAAA;AACnC,cAAc,oCAAoC,CAAA;AAClD,cAAc,6BAA6B,CAAA;AAC3C,cAAc,qBAAqB,CAAA;AACnC,cAAc,iCAAiC,CAAA;AAC/C,cAAc,4BAA4B,CAAA;AAC1C,cAAc,eAAe,CAAA"}

package/esm/login-response-strategy.d.ts

@@ -0,0 +1,28 @@
+import type { User } from '@furystack/core';
+import type { Injector } from '@furystack/inject';
+import type { ActionResult } from './request-action-implementation.js';
+/**
+ * A pluggable strategy that turns an authenticated {@link User} into an
+ * {@link ActionResult} containing the session/token data for the client.
+ *
+ * Pass a concrete strategy to action factories like
+ * {@link createPasswordLoginAction} or `createGoogleLoginAction` to
+ * decouple the authentication mechanism from the session/token mechanism.
+ *
+ * @typeParam TResult The shape of the response body (e.g. `User` for cookies,
+ *   `{ accessToken: string; refreshToken: string }` for JWT)
+ */
+export type LoginResponseStrategy<TResult> = {
+    createLoginResponse: (user: User, injector: Injector) => Promise<ActionResult<TResult>>;
+};
+/**
+ * Creates a cookie-based {@link LoginResponseStrategy}.
+ *
+ * On each login it generates a random session ID, persists it in the session
+ * DataSet, and returns the user with a `Set-Cookie` header.
+ *
+ * @param injector The root injector (must have {@link HttpAuthenticationSettings} configured)
+ * @returns A strategy that returns `ActionResult<User>`
+ */
+export declare const createCookieLoginStrategy: (injector: Injector) => LoginResponseStrategy<User>;
+//# sourceMappingURL=login-response-strategy.d.ts.map

package/esm/login-response-strategy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"login-response-strategy.d.ts","sourceRoot":"","sources":["../src/login-response-strategy.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AAE3C,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAA;AAIjD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oCAAoC,CAAA;AAGtE;;;;;;;;;;GAUG;AACH,MAAM,MAAM,qBAAqB,CAAC,OAAO,IAAI;IAC3C,mBAAmB,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,KAAK,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAA;CACxF,CAAA;AAED;;;;;;;;GAQG;AACH,eAAO,MAAM,yBAAyB,GAAI,UAAU,QAAQ,KAAG,qBAAqB,CAAC,IAAI,CAcxF,CAAA"}

package/esm/login-response-strategy.js

@@ -0,0 +1,28 @@
+import { useSystemIdentityContext } from '@furystack/core';
+import { randomBytes } from 'crypto';
+import { HttpAuthenticationSettings } from './http-authentication-settings.js';
+import { JsonResult } from './request-action-implementation.js';
+/**
+ * Creates a cookie-based {@link LoginResponseStrategy}.
+ *
+ * On each login it generates a random session ID, persists it in the session
+ * DataSet, and returns the user with a `Set-Cookie` header.
+ *
+ * @param injector The root injector (must have {@link HttpAuthenticationSettings} configured)
+ * @returns A strategy that returns `ActionResult<User>`
+ */
+export const createCookieLoginStrategy = (injector) => {
+    const settings = injector.getInstance(HttpAuthenticationSettings);
+    const systemInjector = useSystemIdentityContext({ injector, username: 'CookieLoginStrategy' });
+    return {
+        createLoginResponse: async (user) => {
+            const sessionDataSet = settings.getSessionDataSet(systemInjector);
+            const sessionId = randomBytes(32).toString('hex');
+            await sessionDataSet.add(systemInjector, { sessionId, username: user.username });
+            return JsonResult(user, 200, {
+                'Set-Cookie': `${settings.cookieName}=${sessionId}; Path=/; HttpOnly`,
+            });
+        },
+    };
+};
+//# sourceMappingURL=login-response-strategy.js.map

package/esm/login-response-strategy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"login-response-strategy.js","sourceRoot":"","sources":["../src/login-response-strategy.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,wBAAwB,EAAE,MAAM,iBAAiB,CAAA;AAE1D,OAAO,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAA;AAEpC,OAAO,EAAE,0BAA0B,EAAE,MAAM,mCAAmC,CAAA;AAE9E,OAAO,EAAE,UAAU,EAAE,MAAM,oCAAoC,CAAA;AAiB/D;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG,CAAC,QAAkB,EAA+B,EAAE;IAC3F,MAAM,QAAQ,GAAG,QAAQ,CAAC,WAAW,CAAC,0BAA0B,CAAC,CAAA;IACjE,MAAM,cAAc,GAAG,wBAAwB,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,qBAAqB,EAAE,CAAC,CAAA;IAE9F,OAAO;QACL,mBAAmB,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;YAClC,MAAM,cAAc,GAAG,QAAQ,CAAC,iBAAiB,CAAC,cAAc,CAAC,CAAA;YACjE,MAAM,SAAS,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;YACjD,MAAM,cAAc,CAAC,GAAG,CAAC,cAAc,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAA;YAChF,OAAO,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE;gBAC3B,YAAY,EAAE,GAAG,QAAQ,CAAC,UAAU,IAAI,SAAS,oBAAoB;aACtE,CAAC,CAAA;QACJ,CAAC;KACF,CAAA;AACH,CAAC,CAAA"}

package/esm/login-response-strategy.spec.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=login-response-strategy.spec.d.ts.map

package/esm/login-response-strategy.spec.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"login-response-strategy.spec.d.ts","sourceRoot":"","sources":["../src/login-response-strategy.spec.ts"],"names":[],"mappings":""}