@longzai-intelligence-auth/elysia 0.0.4 → 0.0.5

package/dist/plugins/rbac.plugin.js

@@ -1,42 +0,0 @@
-import { Elysia } from "elysia";
-import { createRoleChecker } from "@longzai-intelligence-auth/rbac";
-import { createJwtVerifier } from "@longzai-intelligence-auth/jwt";
-import { TokenMissingError, TokenInvalidError } from "@longzai-intelligence-auth/core";
-export function createRbacPlugin(options) {
-    const { jwt: jwtConfig, defaultTenantId = "default" } = options;
-    const roleChecker = createRoleChecker();
-    let verifierPromise = null;
-    const getVerifier = () => {
-        if (!verifierPromise) {
-            verifierPromise = createJwtVerifier(jwtConfig);
-        }
-        return verifierPromise;
-    };
-    return new Elysia({ name: "@longzai-intelligence-auth/rbac" })
-        .macro(({ onBeforeHandle }) => ({
-        permission(permission) {
-            onBeforeHandle(async ({ request }) => {
-                const authHeader = request.headers.get("Authorization");
-                const bearer = authHeader?.startsWith("Bearer ") ? authHeader.slice(7) : null;
-                if (!bearer) {
-                    throw new TokenMissingError();
-                }
-                const verifier = await getVerifier();
-                const result = await verifier.verifyAccessToken(bearer);
-                if (!result.success || !result.payload) {
-                    throw new TokenInvalidError(result.error);
-                }
-                const payload = result.payload;
-                const [resource, action] = permission.split(":");
-                if (!resource || !action) {
-                    throw new Error(`无效的权限格式: ${permission}，应为 resource:action`);
-                }
-                const hasPermission = roleChecker.hasPermission(payload, resource, action);
-                if (!hasPermission) {
-                    const { PermissionDeniedError } = await import("@longzai-intelligence/error");
-                    throw new PermissionDeniedError(resource, action);
-                }
-            });
-        },
-    }));
-}

package/dist/plugins/tenant.plugin.d.ts

@@ -1,38 +0,0 @@
-import { Elysia } from "elysia";
-import type { AuthBackendPort } from "@longzai-intelligence-auth/core";
-export type TenantPluginOptions = {
-    defaultTenantId?: string;
-    adapter?: AuthBackendPort;
-};
-export declare function createTenantPlugin(options?: TenantPluginOptions): Elysia<"", {
-    decorator: {};
-    store: {};
-    derive: {};
-    resolve: {};
-}, {
-    typebox: {};
-    error: {};
-}, {
-    schema: {};
-    standaloneSchema: {};
-    macro: {};
-    macroFn: {};
-    parser: {};
-    response: {};
-}, {}, {
-    derive: {
-        tenantId: string;
-    };
-    resolve: {};
-    schema: {};
-    standaloneSchema: {};
-    response: import("elysia").ExtractErrorFromHandle<{
-        tenantId: string;
-    }>;
-}, {
-    derive: {};
-    resolve: {};
-    schema: {};
-    standaloneSchema: {};
-    response: {};
-}>;

package/dist/plugins/tenant.plugin.js

@@ -1,19 +0,0 @@
-import { Elysia } from "elysia";
-export function createTenantPlugin(options = {}) {
-    const { defaultTenantId = "default", adapter } = options;
-    return new Elysia({ name: "@longzai-intelligence-auth/tenant" })
-        .derive(({ request }) => {
-        const headerTenantId = request.headers.get("x-tenant-id");
-        return { tenantId: headerTenantId ?? defaultTenantId };
-    })
-        .as("scoped")
-        .onBeforeHandle(async ({ tenantId }) => {
-        if (adapter && tenantId !== defaultTenantId) {
-            const result = await adapter.tenant.validateStatus(tenantId);
-            if (!result.valid) {
-                const { PermissionDeniedError } = await import("@longzai-intelligence/error");
-                throw new PermissionDeniedError("tenant", "access");
-            }
-        }
-    });
-}

package/dist/presets/basic-preset.d.ts

@@ -1,11 +0,0 @@
-import { Elysia } from "elysia";
-import type { JwtSignerConfig } from "@longzai-intelligence-auth/jwt";
-import type { LoggerService } from "@longzai-intelligence-auth/core";
-export type BasicPresetOptions = {
-    jwt: JwtSignerConfig;
-    defaultTenantId?: string;
-    logger?: LoggerService;
-};
-type AnyElysia = Elysia<any, any, any, any, any, any, any>;
-export declare function createBasicPreset(options: BasicPresetOptions): AnyElysia;
-export {};

package/dist/presets/basic-preset.js

@@ -1,11 +0,0 @@
-import { Elysia } from "elysia";
-import { createJwtVerifyPlugin } from "../plugins/jwt-verify.plugin";
-import { createErrorHandlerPlugin } from "../plugins/error-handler.plugin";
-export function createBasicPreset(options) {
-    return new Elysia({ name: "@longzai-intelligence-auth/basic-preset" })
-        .use(createJwtVerifyPlugin({
-        jwt: options.jwt,
-        defaultTenantId: options.defaultTenantId,
-    }))
-        .use(createErrorHandlerPlugin({ logger: options.logger }));
-}

package/dist/presets/standard-preset.d.ts

@@ -1,13 +0,0 @@
-import { Elysia } from "elysia";
-import type { JwtSignerConfig } from "@longzai-intelligence-auth/jwt";
-import type { AuthBackendPort } from "@longzai-intelligence-auth/core";
-import type { LoggerService } from "@longzai-intelligence-auth/core";
-export type StandardPresetOptions = {
-    jwt: JwtSignerConfig;
-    defaultTenantId?: string;
-    adapter: AuthBackendPort;
-    logger?: LoggerService;
-};
-type AnyElysia = Elysia<any, any, any, any, any, any, any>;
-export declare function createStandardPreset(options: StandardPresetOptions): AnyElysia;
-export {};

package/dist/presets/standard-preset.js

@@ -1,26 +0,0 @@
-import { Elysia } from "elysia";
-import { createJwtVerifyPlugin } from "../plugins/jwt-verify.plugin";
-import { createRbacPlugin } from "../plugins/rbac.plugin";
-import { createTenantPlugin } from "../plugins/tenant.plugin";
-import { createRateLimitPlugin } from "../plugins/rate-limit.plugin";
-import { createErrorHandlerPlugin } from "../plugins/error-handler.plugin";
-export function createStandardPreset(options) {
-    return new Elysia({ name: "@longzai-intelligence-auth/standard-preset" })
-        .use(createJwtVerifyPlugin({
-        jwt: options.jwt,
-        defaultTenantId: options.defaultTenantId,
-    }))
-        .use(createRbacPlugin({
-        jwt: options.jwt,
-        defaultTenantId: options.defaultTenantId,
-    }))
-        .use(createTenantPlugin({
-        defaultTenantId: options.defaultTenantId,
-        adapter: options.adapter,
-    }))
-        .use(createRateLimitPlugin({
-        windowSeconds: 60,
-        maxRequests: 100,
-    }))
-        .use(createErrorHandlerPlugin({ logger: options.logger }));
-}

package/dist/routes/auth.routes.d.ts

@@ -1,17 +0,0 @@
-import { Elysia } from "elysia";
-import type { JwtSignerConfig } from "@longzai-intelligence-auth/jwt";
-import type { AuthBackendPort, PasswordHasher } from "@longzai-intelligence-auth/core";
-export type AuthRoutesConfig = {
-    jwt: JwtSignerConfig;
-    adapter: AuthBackendPort;
-    passwordHasher: PasswordHasher;
-    defaultTenantId: string;
-};
-type AnyElysia = Elysia<any, any, any, any, any, any, any>;
-export declare function createAuthRoutes(config: AuthRoutesConfig): AnyElysia;
-export type MeRouteConfig = {
-    jwt: JwtSignerConfig;
-    defaultTenantId: string;
-};
-export declare function createMeRoute(config: MeRouteConfig): AnyElysia;
-export {};

package/dist/routes/auth.routes.js

@@ -1,145 +0,0 @@
-import { Elysia, t } from "elysia";
-import { createJwtSigner, createJwtVerifier } from "@longzai-intelligence-auth/jwt";
-import { validatePasswordPolicy } from "@longzai-intelligence-auth/password";
-import { createSessionManager } from "@longzai-intelligence-auth/session";
-import { createLoginUseCase } from "@longzai-intelligence-auth/session";
-import { createLogoutUseCase } from "@longzai-intelligence-auth/session";
-import { createRefreshSessionUseCase } from "@longzai-intelligence-auth/session";
-import { TokenMissingError, TokenInvalidError, UserAlreadyExistsError, PasswordPolicyViolationError, } from "@longzai-intelligence-auth/core";
-export function createAuthRoutes(config) {
-    const { jwt: jwtConfig, adapter, passwordHasher, defaultTenantId } = config;
-    const sessionManager = createSessionManager();
-    let signerPromise = null;
-    const getTokenSigner = () => {
-        if (!signerPromise) {
-            signerPromise = createJwtSigner(jwtConfig);
-        }
-        return signerPromise;
-    };
-    let verifierPromise = null;
-    const getVerifier = () => {
-        if (!verifierPromise) {
-            verifierPromise = createJwtVerifier(jwtConfig);
-        }
-        return verifierPromise;
-    };
-    return new Elysia({ name: "@longzai-intelligence-auth/routes", prefix: "/auth" })
-        .post("/login", async ({ body, request }) => {
-        const { email, password } = body;
-        const ipAddress = request.headers.get("x-forwarded-for") ?? request.headers.get("x-real-ip") ?? undefined;
-        const userAgent = request.headers.get("user-agent") ?? undefined;
-        const tokenSigner = await getTokenSigner();
-        const loginUseCase = createLoginUseCase({ adapter, tokenSigner, sessionManager, defaultTenantId });
-        return loginUseCase.execute(email, password, userAgent, ipAddress);
-    }, {
-        body: t.Object({
-            email: t.String({ format: "email" }),
-            password: t.String({ minLength: 1 }),
-        }),
-        detail: {
-            summary: "用户登录",
-            description: "使用邮箱和密码登录，返回访问令牌和刷新令牌",
-        },
-    })
-        .post("/logout", async ({ request }) => {
-        const authHeader = request.headers.get("Authorization");
-        const bearer = authHeader?.startsWith("Bearer ") ? authHeader.slice(7) : null;
-        if (!bearer) {
-            throw new TokenMissingError();
-        }
-        const verifier = await getVerifier();
-        const verifyResult = await verifier.verifyAccessToken(bearer);
-        if (!verifyResult.success || !verifyResult.payload) {
-            throw new TokenInvalidError(verifyResult.error);
-        }
-        const tokenSigner = await getTokenSigner();
-        const logoutUseCase = createLogoutUseCase({ adapter, tokenSigner, sessionManager });
-        return logoutUseCase.execute("session-revoked");
-    }, {
-        detail: {
-            summary: "用户登出",
-            description: "使当前会话失效",
-        },
-    })
-        .post("/refresh", async ({ body }) => {
-        const { refreshToken } = body;
-        const tokenSigner = await getTokenSigner();
-        const refreshSessionUseCase = createRefreshSessionUseCase({ adapter, tokenSigner, sessionManager });
-        return refreshSessionUseCase.execute(refreshToken);
-    }, {
-        body: t.Object({
-            refreshToken: t.String({ minLength: 1 }),
-        }),
-        detail: {
-            summary: "刷新令牌",
-            description: "使用刷新令牌获取新的访问令牌",
-        },
-    })
-        .post("/register", async ({ body }) => {
-        const { email, password, name } = body;
-        const validation = validatePasswordPolicy(password);
-        if (!validation.valid) {
-            throw new PasswordPolicyViolationError(validation.errors.join(", "));
-        }
-        const existingUser = await adapter.user.findByEmail(email);
-        if (existingUser) {
-            throw new UserAlreadyExistsError();
-        }
-        const passwordHash = await passwordHasher.hash(password);
-        const newUser = await adapter.user.create({
-            email,
-            username: email,
-            passwordHash,
-            displayName: name,
-        });
-        return {
-            userId: newUser.id,
-            message: "注册成功",
-        };
-    }, {
-        body: t.Object({
-            email: t.String({ format: "email" }),
-            password: t.String({ minLength: 8 }),
-            name: t.String({ minLength: 1 }),
-        }),
-        detail: {
-            summary: "用户注册",
-            description: "创建新用户账户",
-        },
-    });
-}
-export function createMeRoute(config) {
-    const { jwt: jwtConfig, defaultTenantId } = config;
-    let verifierPromise = null;
-    const getVerifier = () => {
-        if (!verifierPromise) {
-            verifierPromise = createJwtVerifier(jwtConfig);
-        }
-        return verifierPromise;
-    };
-    return new Elysia({ name: "@longzai-intelligence-auth/me-route", prefix: "/auth" })
-        .get("/me", async ({ request }) => {
-        const authHeader = request.headers.get("Authorization");
-        const bearer = authHeader?.startsWith("Bearer ") ? authHeader.slice(7) : null;
-        if (!bearer) {
-            throw new TokenMissingError();
-        }
-        const verifier = await getVerifier();
-        const result = await verifier.verifyAccessToken(bearer);
-        if (!result.success || !result.payload) {
-            throw new TokenInvalidError(result.error);
-        }
-        const payload = result.payload;
-        const userId = payload.sub;
-        const tenantId = payload.tenantId ?? defaultTenantId;
-        return {
-            userId,
-            ...(tenantId ? { tenantId } : {}),
-        };
-    }, {
-        detail: {
-            summary: "获取当前用户信息",
-            description: "使用 Bearer Token 获取当前认证用户的信息",
-        },
-    });
-}

package/dist/types/auth-plugin-config.d.ts

@@ -1,40 +0,0 @@
-import type { JwtSignerConfig } from "@longzai-intelligence-auth/jwt";
-import type { AuthBackendPort, PasswordHasher } from "@longzai-intelligence-auth/core";
-import type { LoggerService } from "@longzai-intelligence-auth/core";
-export type JwtStrategyConfig = {
-    strategy: "jwt";
-    jwt: JwtSignerConfig;
-    defaultTenantId?: string;
-};
-export type StandaloneStrategyConfig = {
-    strategy: "standalone";
-    jwt: JwtSignerConfig;
-    adapter: AuthBackendPort;
-    passwordHasher: PasswordHasher;
-    defaultTenantId?: string;
-};
-export type EnvBasicStrategyConfig = {
-    strategy: "env-basic";
-    jwt: JwtSignerConfig;
-    adminUsername?: string;
-    adminPassword?: string;
-    defaultTenantId?: string;
-};
-export type AuthPluginConfig = (JwtStrategyConfig & {
-    registerRoutes?: boolean;
-}) | (StandaloneStrategyConfig & {
-    registerRoutes?: boolean;
-}) | (EnvBasicStrategyConfig & {
-    registerRoutes?: boolean;
-});
-export type AuthPluginOptions = AuthPluginConfig & {
-    logger?: LoggerService;
-};
-export type StrategyName = AuthPluginConfig["strategy"];
-export type StrategyContext = {
-    strategy: StrategyName;
-    defaultTenantId: string;
-    registerRoutes: boolean;
-    adapter?: AuthBackendPort;
-    passwordHasher?: PasswordHasher;
-};

package/dist/types/auth-plugin-config.js

@@ -1 +0,0 @@
-export {};

package/dist/utils/extract-client-ip.d.ts

@@ -1 +0,0 @@
-export declare function extractClientIp(request: Request): string | undefined;

package/dist/utils/extract-client-ip.js

@@ -1,5 +0,0 @@
-export function extractClientIp(request) {
-    return request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()
-        ?? request.headers.get("x-real-ip")
-        ?? undefined;
-}

package/dist/utils/extract-user-agent.d.ts

@@ -1 +0,0 @@
-export declare function extractUserAgent(request: Request): string | undefined;

package/dist/utils/extract-user-agent.js

@@ -1,3 +0,0 @@
-export function extractUserAgent(request) {
-    return request.headers.get("user-agent") ?? undefined;
-}