@joethebigbuddy/auth 0.0.1

package/dist/lib/types.d.ts

@@ -0,0 +1,161 @@
+import type { Clock, IdGenerator, IdentityProvider, LoggerPort, RefreshTokenStore, SessionStore } from './ports.js';
+export type Role = string;
+export type Permission = string;
+export interface RoleDefinition {
+    permissions?: Permission[];
+    inherits?: Role[];
+}
+export interface AuthSubject {
+    id: string;
+    login: string;
+    roles: Role[];
+    permissions?: Permission[];
+    attributes?: Record<string, unknown>;
+}
+export interface SessionRecord {
+    id: string;
+    subjectId: string;
+    createdAt: Date;
+    expiresAt: Date;
+    lastSeenAt: Date;
+    userAgent?: string;
+    ipAddress?: string;
+    revokedAt?: Date | null;
+    metadata?: Record<string, unknown>;
+}
+export interface RefreshTokenRecord {
+    tokenId: string;
+    sessionId: string;
+    subjectId: string;
+    token: string;
+    issuedAt: Date;
+    expiresAt: Date;
+    consumedAt?: Date | null;
+    revokedAt?: Date | null;
+    replacedByTokenId?: string | null;
+}
+export interface AuthPrincipal {
+    subjectId: string;
+    login: string;
+    roles: Role[];
+    permissions: Permission[];
+    sessionId: string;
+    accessTokenId: string;
+    issuedAt: Date;
+    expiresAt: Date;
+    attributes?: Record<string, unknown>;
+}
+export interface AuthorizationContext {
+    principal: AuthPrincipal;
+    resource?: unknown;
+}
+export type PolicyHandler = (context: AuthorizationContext) => boolean | Promise<boolean>;
+export interface AuthorizationRequirement {
+    roles?: Role[];
+    allOf?: Permission[];
+    anyOf?: Permission[];
+    noneOf?: Permission[];
+    policy?: string | PolicyHandler;
+}
+export interface AuthorizationDecision {
+    allowed: boolean;
+    reason?: 'missing_roles' | 'missing_permissions' | 'policy_denied';
+    missingRoles?: Role[];
+    missingPermissions?: Permission[];
+}
+export interface AuthModuleConfig {
+    issuer: string;
+    audience: string;
+    accessTokenTtlSeconds: number;
+    refreshTokenTtlSeconds: number;
+    sessionTtlSeconds: number;
+    allowSessionExtension: boolean;
+    signing: {
+        algorithm: 'HS256' | 'RS256';
+        secret?: string;
+        privateKey?: string;
+        publicKey?: string;
+    };
+}
+export interface AuthTokens {
+    accessToken: string;
+    refreshToken: string;
+    tokenType: 'Bearer';
+    accessTokenExpiresAt: Date;
+    refreshTokenExpiresAt: Date;
+    accessTokenId: string;
+    refreshTokenId: string;
+}
+export interface LoginInput {
+    login: string;
+    password: string;
+    ipAddress?: string;
+    userAgent?: string;
+    metadata?: Record<string, unknown>;
+}
+export interface LoginResult {
+    subject: AuthSubject;
+    principal: AuthPrincipal;
+    session: SessionRecord;
+    tokens: AuthTokens;
+}
+export interface RefreshInput {
+    refreshToken: string;
+    ipAddress?: string;
+    userAgent?: string;
+}
+export interface RefreshResult {
+    subject: AuthSubject;
+    principal: AuthPrincipal;
+    session: SessionRecord;
+    tokens: AuthTokens;
+}
+export interface CreateAuthModuleOptions {
+    identityProvider: IdentityProvider;
+    sessionStore: SessionStore;
+    refreshTokenStore: RefreshTokenStore;
+    logger?: LoggerPort;
+    clock?: Clock;
+    generateId?: IdGenerator;
+    authorization?: {
+        roles?: Record<Role, RoleDefinition>;
+        policies?: Record<string, PolicyHandler>;
+    };
+}
+export interface AuthModule {
+    readonly config: AuthModuleConfig;
+    login(input: LoginInput): Promise<LoginResult>;
+    refresh(input: RefreshInput): Promise<RefreshResult>;
+    logoutSession(sessionId: string): Promise<void>;
+    logoutByRefreshToken(refreshToken: string): Promise<void>;
+    logoutAll(subjectId: string): Promise<number>;
+    authenticateAccessToken(token: string): Promise<AuthPrincipal>;
+    getSession(sessionId: string): Promise<SessionRecord | null>;
+    listSessions(subjectId: string): Promise<SessionRecord[]>;
+    authorize(principal: AuthPrincipal, requirement: AuthorizationRequirement, resource?: unknown): Promise<AuthorizationDecision>;
+}
+export interface AccessTokenClaims {
+    sub: string;
+    sid: string;
+    login: string;
+    roles: Role[];
+    permissions: Permission[];
+    typ: 'access';
+    jti: string;
+    iat: number;
+    exp: number;
+    iss: string;
+    aud: string;
+    attributes?: Record<string, unknown>;
+}
+export interface RefreshTokenClaims {
+    sub: string;
+    sid: string;
+    typ: 'refresh';
+    jti: string;
+    iat: number;
+    exp: number;
+    iss: string;
+    aud: string;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/lib/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/lib/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,KAAK,EAAE,WAAW,EAAE,gBAAgB,EAAE,UAAU,EAAE,iBAAiB,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAEpH,MAAM,MAAM,IAAI,GAAG,MAAM,CAAC;AAC1B,MAAM,MAAM,UAAU,GAAG,MAAM,CAAC;AAEhC,MAAM,WAAW,cAAc;IAC7B,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC;IAC3B,QAAQ,CAAC,EAAE,IAAI,EAAE,CAAC;CACnB;AAED,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,IAAI,EAAE,CAAC;IACd,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC;IAC3B,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACtC;AAED,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;IAChB,UAAU,EAAE,IAAI,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,IAAI,CAAC;IACf,SAAS,EAAE,IAAI,CAAC;IAChB,UAAU,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IACzB,SAAS,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IACxB,iBAAiB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACnC;AAED,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,IAAI,EAAE,CAAC;IACd,WAAW,EAAE,UAAU,EAAE,CAAC;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,IAAI,CAAC;IACf,SAAS,EAAE,IAAI,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACtC;AAED,MAAM,WAAW,oBAAoB;IACnC,SAAS,EAAE,aAAa,CAAC;IACzB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,MAAM,aAAa,GAAG,CAAC,OAAO,EAAE,oBAAoB,KAAK,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;AAE1F,MAAM,WAAW,wBAAwB;IACvC,KAAK,CAAC,EAAE,IAAI,EAAE,CAAC;IACf,KAAK,CAAC,EAAE,UAAU,EAAE,CAAC;IACrB,KAAK,CAAC,EAAE,UAAU,EAAE,CAAC;IACrB,MAAM,CAAC,EAAE,UAAU,EAAE,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,GAAG,aAAa,CAAC;CACjC;AAED,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,eAAe,GAAG,qBAAqB,GAAG,eAAe,CAAC;IACnE,YAAY,CAAC,EAAE,IAAI,EAAE,CAAC;IACtB,kBAAkB,CAAC,EAAE,UAAU,EAAE,CAAC;CACnC;AAED,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,sBAAsB,EAAE,MAAM,CAAC;IAC/B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,qBAAqB,EAAE,OAAO,CAAC;IAC/B,OAAO,EAAE;QACP,SAAS,EAAE,OAAO,GAAG,OAAO,CAAC;QAC7B,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,CAAC;CACH;AAED,MAAM,WAAW,UAAU;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,QAAQ,CAAC;IACpB,oBAAoB,EAAE,IAAI,CAAC;IAC3B,qBAAqB,EAAE,IAAI,CAAC;IAC5B,aAAa,EAAE,MAAM,CAAC;IACtB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,UAAU;IACzB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,WAAW,CAAC;IACrB,SAAS,EAAE,aAAa,CAAC;IACzB,OAAO,EAAE,aAAa,CAAC;IACvB,MAAM,EAAE,UAAU,CAAC;CACpB;AAED,MAAM,WAAW,YAAY;IAC3B,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,WAAW,CAAC;IACrB,SAAS,EAAE,aAAa,CAAC;IACzB,OAAO,EAAE,aAAa,CAAC;IACvB,MAAM,EAAE,UAAU,CAAC;CACpB;AAED,MAAM,WAAW,uBAAuB;IACtC,gBAAgB,EAAE,gBAAgB,CAAC;IACnC,YAAY,EAAE,YAAY,CAAC;IAC3B,iBAAiB,EAAE,iBAAiB,CAAC;IACrC,MAAM,CAAC,EAAE,UAAU,CAAC;IACpB,KAAK,CAAC,EAAE,KAAK,CAAC;IACd,UAAU,CAAC,EAAE,WAAW,CAAC;IACzB,aAAa,CAAC,EAAE;QACd,KAAK,CAAC,EAAE,MAAM,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;QACrC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;KAC1C,CAAC;CACH;AAED,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,MAAM,EAAE,gBAAgB,CAAC;IAClC,KAAK,CAAC,KAAK,EAAE,UAAU,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;IAC/C,OAAO,CAAC,KAAK,EAAE,YAAY,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;IACrD,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAChD,oBAAoB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1D,SAAS,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC9C,uBAAuB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;IAC/D,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC;IAC7D,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC;IAC1D,SAAS,CAAC,SAAS,EAAE,aAAa,EAAE,WAAW,EAAE,wBAAwB,EAAE,QAAQ,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAAC;CAChI;AAED,MAAM,WAAW,iBAAiB;IAChC,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,IAAI,EAAE,CAAC;IACd,WAAW,EAAE,UAAU,EAAE,CAAC;IAC1B,GAAG,EAAE,QAAQ,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACtC;AAED,MAAM,WAAW,kBAAkB;IACjC,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,SAAS,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACb"}

package/dist/lib/types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=types.js.map

package/dist/lib/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/lib/types.ts"],"names":[],"mappings":""}

package/dist/logging.d.ts

@@ -0,0 +1,2 @@
+export * from './lib/adapters/logging/create-logging-adapter.js';
+//# sourceMappingURL=logging.d.ts.map

package/dist/logging.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"logging.d.ts","sourceRoot":"","sources":["../src/logging.ts"],"names":[],"mappings":"AAAA,cAAc,kDAAkD,CAAC"}

package/dist/logging.js

@@ -0,0 +1,2 @@
+export * from './lib/adapters/logging/create-logging-adapter.js';
+//# sourceMappingURL=logging.js.map

package/dist/logging.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logging.js","sourceRoot":"","sources":["../src/logging.ts"],"names":[],"mappings":"AAAA,cAAc,kDAAkD,CAAC"}

package/dist/memory.d.ts

@@ -0,0 +1,3 @@
+export * from './lib/adapters/memory/memory-refresh-token-store.js';
+export * from './lib/adapters/memory/memory-session-store.js';
+//# sourceMappingURL=memory.d.ts.map

package/dist/memory.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"memory.d.ts","sourceRoot":"","sources":["../src/memory.ts"],"names":[],"mappings":"AAAA,cAAc,qDAAqD,CAAC;AACpE,cAAc,+CAA+C,CAAC"}

package/dist/memory.js

@@ -0,0 +1,3 @@
+export * from './lib/adapters/memory/memory-refresh-token-store.js';
+export * from './lib/adapters/memory/memory-session-store.js';
+//# sourceMappingURL=memory.js.map

package/dist/memory.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"memory.js","sourceRoot":"","sources":["../src/memory.ts"],"names":[],"mappings":"AAAA,cAAc,qDAAqD,CAAC;AACpE,cAAc,+CAA+C,CAAC"}

package/dist/postgres.d.ts

@@ -0,0 +1,5 @@
+export * from './lib/adapters/postgres/create-postgres-auth-storage.js';
+export * from './lib/adapters/postgres/postgres-refresh-token-store.js';
+export * from './lib/adapters/postgres/postgres-session-store.js';
+export * from './lib/adapters/postgres/shared.js';
+//# sourceMappingURL=postgres.d.ts.map

package/dist/postgres.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"postgres.d.ts","sourceRoot":"","sources":["../src/postgres.ts"],"names":[],"mappings":"AAAA,cAAc,yDAAyD,CAAC;AACxE,cAAc,yDAAyD,CAAC;AACxE,cAAc,mDAAmD,CAAC;AAClE,cAAc,mCAAmC,CAAC"}

package/dist/postgres.js

@@ -0,0 +1,5 @@
+export * from './lib/adapters/postgres/create-postgres-auth-storage.js';
+export * from './lib/adapters/postgres/postgres-refresh-token-store.js';
+export * from './lib/adapters/postgres/postgres-session-store.js';
+export * from './lib/adapters/postgres/shared.js';
+//# sourceMappingURL=postgres.js.map

package/dist/postgres.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"postgres.js","sourceRoot":"","sources":["../src/postgres.ts"],"names":[],"mappings":"AAAA,cAAc,yDAAyD,CAAC;AACxE,cAAc,yDAAyD,CAAC;AACxE,cAAc,mDAAmD,CAAC;AAClE,cAAc,mCAAmC,CAAC"}

package/dist/redis.d.ts

@@ -0,0 +1,5 @@
+export * from './lib/adapters/redis/create-redis-auth-storage.js';
+export * from './lib/adapters/redis/redis-refresh-token-store.js';
+export * from './lib/adapters/redis/redis-session-store.js';
+export * from './lib/adapters/redis/shared.js';
+//# sourceMappingURL=redis.d.ts.map

package/dist/redis.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"redis.d.ts","sourceRoot":"","sources":["../src/redis.ts"],"names":[],"mappings":"AAAA,cAAc,mDAAmD,CAAC;AAClE,cAAc,mDAAmD,CAAC;AAClE,cAAc,6CAA6C,CAAC;AAC5D,cAAc,gCAAgC,CAAC"}

package/dist/redis.js

@@ -0,0 +1,5 @@
+export * from './lib/adapters/redis/create-redis-auth-storage.js';
+export * from './lib/adapters/redis/redis-refresh-token-store.js';
+export * from './lib/adapters/redis/redis-session-store.js';
+export * from './lib/adapters/redis/shared.js';
+//# sourceMappingURL=redis.js.map

package/dist/redis.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"redis.js","sourceRoot":"","sources":["../src/redis.ts"],"names":[],"mappings":"AAAA,cAAc,mDAAmD,CAAC;AAClE,cAAc,mDAAmD,CAAC;AAClE,cAAc,6CAA6C,CAAC;AAC5D,cAAc,gCAAgC,CAAC"}

package/package.json

@@ -0,0 +1,69 @@
+{
+  "name": "@joethebigbuddy/auth",
+  "version": "0.0.1",
+  "description": "TypeScript authentication and authorization module for Node.js applications",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    },
+    "./express": {
+      "types": "./dist/express.d.ts",
+      "import": "./dist/express.js"
+    },
+    "./memory": {
+      "types": "./dist/memory.d.ts",
+      "import": "./dist/memory.js"
+    },
+    "./postgres": {
+      "types": "./dist/postgres.d.ts",
+      "import": "./dist/postgres.js"
+    },
+    "./redis": {
+      "types": "./dist/redis.d.ts",
+      "import": "./dist/redis.js"
+    },
+    "./logging": {
+      "types": "./dist/logging.d.ts",
+      "import": "./dist/logging.js"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsc -p tsconfig.json",
+    "dev": "tsc -p tsconfig.json --watch",
+    "test": "vitest --run",
+    "test:watch": "vitest --watch",
+    "test:unit": "vitest --run 'tests/**/*.test.ts'",
+    "test:coverage": "vitest --coverage",
+    "lint": "eslint .",
+    "typecheck": "tsc --noEmit",
+    "clean": "rimraf dist"
+  },
+  "dependencies": {
+    "@joethebigbuddy/logging": "^0.0.2",
+    "express": "^5.1.0",
+    "jsonwebtoken": "^9.0.2"
+    ,
+    "pg": "^8.16.3",
+    "redis": "^5.8.2"
+  },
+  "devDependencies": {
+    "@eslint/js": "^9.39.4",
+    "@types/express": "^5.0.6",
+    "@types/jsonwebtoken": "^9.0.6",
+    "@types/node": "^22.18.0",
+    "@types/pg": "^8.15.5",
+    "@vitest/coverage-v8": "^4.0.18",
+    "eslint": "^9.39.2",
+    "rimraf": "^6.1.2",
+    "typescript": "^5.3.0",
+    "typescript-eslint": "^8.46.2",
+    "vitest": "^4.0.18"
+  }
+}