npm - @longzai-intelligence-auth/elysia - Versions diffs - 0.0.5 → 0.0.6 - Mend

@longzai-intelligence-auth/elysia 0.0.5 → 0.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -1,32 +1,122 @@
 import { DomainError } from "@longzai-intelligence/error";
-import { JwtConfig, LoggerService, RateLimiterPort, ResourceAction, TenantValidateFn, TokenVerifierPort, UnifiedAuthContext, UnifiedAuthContext as UnifiedAuthContext$1 } from "@longzai-intelligence-auth/core";
+import { JwtConfig, LoggerService, RateLimiterPort, ResourceAction, TokenVerifierPort, UnifiedAuthContext, UnifiedAuthContext as UnifiedAuthContext$1 } from "@longzai-intelligence-auth/core";
 import { Elysia } from "elysia";
 import { z } from "zod";
 //#region src/core/error-mapper.d.ts
-/** 根据 DomainError 类型映射 HTTP 状态码 */
+/**
+ * 根据 DomainError 类型映射 HTTP 状态码
+ *
+ * @param error - 领域错误实例
+ * @returns 对应的 HTTP 状态码
+ */
 declare function mapDomainErrorToStatus(error: DomainError): number;
 //#endregion
+//#region src/verifiers/static-token-verifier.d.ts
+/**
+ * 静态令牌验证器配置
+ */
+type StaticTokenVerifierOptions = {
+  /**
+   * 静态令牌（与 getToken 至少提供一个）
+   */
+  token?: string;
+  /**
+   * 动态获取令牌的回调，优先级高于 token
+   * 用于运行时从 secret manager / env 缓存等来源解析令牌
+   */
+  getToken?: () => string | null;
+  /**
+   * 验证通过后填充到 AccessTokenPayload.sub 中的主体标识
+   * 默认 "static"
+   */
+  subject?: string;
+  /**
+   * 验证通过后填充到 AccessTokenPayload.tenantId 中的租户标识
+   * 默认不设置
+   */
+  tenantId?: string;
+};
+/**
+ * 创建静态令牌验证器
+ *
+ * @param options - 静态令牌验证器配置
+ * @returns 实现 TokenVerifierPort 的静态令牌验证器
+ */
+declare function createStaticTokenVerifier(options: StaticTokenVerifierOptions): TokenVerifierPort;
+//#endregion
 //#region src/plugins/jwt-verify.plugin.d.ts
 /** JWT 验证插件解析后的认证上下文 */
 type VerifiedAuthContext = {
-  /** 用户 ID（来自 payload.sub） */userId: string; /** 租户 ID（来自 payload.tenantId，默认使用 defaultTenantId） */
-  tenantId: string; /** 角色列表 */
-  roles: string[]; /** 权限列表 */
-  permissions: string[]; /** JWT ID（用于 token 黑名单检查） */
+  /**
+   * 用户 ID（来自 payload.sub）
+   */
+  userId: string;
+  /**
+   * 租户 ID（来自 payload.tenantId，默认使用 defaultTenantId）
+   */
+  tenantId: string;
+  /**
+   * 角色列表
+   */
+  roles: string[];
+  /**
+   * 权限列表
+   */
+  permissions: string[];
+  /**
+   * JWT ID（用于 token 黑名单检查）
+   */
   jti?: string;
 };
+/**
+ * JWT 验证插件配置选项
+ *
+ * @typeParam T - 扩展 schema 类型，用于从 payload 中解析自定义业务字段
+ */
 type JwtVerifyPluginOptions<T extends z.ZodTypeAny = z.ZodUndefined> = {
-  /** 令牌验证器端口（用户注入，与 jwt 二选一） */verifier?: TokenVerifierPort; /** JWT 配置（与 verifier 二选一，未提供时使用默认配置） */
-  jwt?: JwtConfig; /** 默认租户 ID */
-  defaultTenantId?: string; /** 跳过认证的路径列表（精确匹配或前缀匹配，如 "/api/public/*"） */
-  publicPaths?: string[]; /** 扩展 schema，用于从 payload 中解析自定义业务字段 */
+  /**
+   * 令牌验证器端口（用户注入，与 jwt 二选一）
+   */
+  verifier?: TokenVerifierPort;
+  /**
+   * JWT 配置（与 verifier 二选一，未提供时使用默认配置）
+   */
+  jwt?: JwtConfig;
+  /**
+   * 默认租户 ID
+   */
+  defaultTenantId?: string;
+  /**
+   * 跳过认证的路径列表（精确匹配或前缀匹配，如 "/api/public/*"）
+   */
+  publicPaths?: string[];
+  /**
+   * 扩展 schema，用于从 payload 中解析自定义业务字段
+   */
   extendSchema?: T;
 };
-/** 从 extendSchema 提取额外字段类型 */
+/**
+ * 从 extendSchema 提取额外字段类型
+ *
+ * @typeParam T - 扩展 schema 类型，用于推断额外的业务字段类型
+ */
 type ExtractExtra<T extends z.ZodTypeAny> = T extends z.ZodUndefined ? Record<string, never> : z.infer<T>;
-/** 完整的认证上下文类型（基础字段 + 扩展字段） */
+/**
+ * 完整的认证上下文类型（基础字段 + 扩展字段）
+ *
+ * @typeParam T - 扩展 schema 类型，用于推断额外的业务字段类型
+ */
 type AuthContextWithExtra<T extends z.ZodTypeAny = z.ZodUndefined> = VerifiedAuthContext & ExtractExtra<T>;
+/**
+ * 创建 JWT 验证插件
+ *
+ * 该插件从请求头中提取 Bearer token 并验证，验证失败时抛出异常。
+ *
+ * @typeParam T - 扩展 schema 类型，用于从 payload 中解析自定义业务字段
+ * @param options - 插件配置选项
+ * @returns Elysia 插件实例
+ */
 declare function createJwtVerifyPlugin<T extends z.ZodTypeAny = z.ZodUndefined>(options: JwtVerifyPluginOptions<T>): Elysia<"", {
   decorator: {};
   store: {};
@@ -61,16 +151,46 @@ declare function createJwtVerifyPlugin<T extends z.ZodTypeAny = z.ZodUndefined>(
 }>;
 //#endregion
 //#region src/plugins/optional-jwt.plugin.d.ts
+/**
+ * 可选 JWT 认证插件配置选项
+ *
+ * @typeParam T - 扩展 schema 类型，用于从 payload 中解析自定义业务字段
+ */
 type OptionalJwtPluginOptions<T extends z.ZodTypeAny = z.ZodUndefined> = {
-  /** 令牌验证器端口（用户注入，与 jwt 二选一） */verifier?: TokenVerifierPort; /** JWT 配置（与 verifier 二选一，未提供时使用默认配置） */
-  jwt?: JwtConfig; /** 默认租户 ID */
-  defaultTenantId?: string; /** 扩展 schema，用于从 payload 中解析自定义业务字段 */
+  /**
+   * 令牌验证器端口（用户注入，与 jwt 二选一）
+   */
+  verifier?: TokenVerifierPort;
+  /**
+   * JWT 配置（与 verifier 二选一，未提供时使用默认配置）
+   */
+  jwt?: JwtConfig;
+  /**
+   * 默认租户 ID
+   */
+  defaultTenantId?: string;
+  /**
+   * 扩展 schema，用于从 payload 中解析自定义业务字段
+   */
   extendSchema?: T;
 };
-/** 可选认证上下文，auth 为 null 表示未认证 */
+/**
+ * 可选认证上下文，auth 为 null 表示未认证
+ *
+ * @typeParam T - 扩展 schema 类型，用于推断额外的业务字段类型
+ */
 type OptionalAuthContext<T extends z.ZodTypeAny = z.ZodUndefined> = {
   auth: (UnifiedAuthContext$1 & (T extends z.ZodUndefined ? Record<string, never> : z.infer<T>)) | null;
 };
+/**
+ * 创建可选 JWT 认证插件
+ *
+ * 该插件从请求头中提取 Bearer token 并验证，如果验证失败或无 token 则返回 null 认证上下文。
+ *
+ * @typeParam T - 扩展 schema 类型，用于从 payload 中解析自定义业务字段
+ * @param options - 插件配置选项
+ * @returns Elysia 插件实例
+ */
 declare function createOptionalJwtPlugin<T extends z.ZodTypeAny = z.ZodUndefined>(options: OptionalJwtPluginOptions<T>): Elysia<"", {
   decorator: {};
   store: {};
@@ -107,11 +227,26 @@ declare function createOptionalJwtPlugin<T extends z.ZodTypeAny = z.ZodUndefined
 //#region src/plugins/rbac.plugin.d.ts
 /** 用户角色策略接口，用于数据库查询权限 */
 type UserRoleStrategy = {
-  /** 查询用户在指定租户下的所有权限 */findPermissionsByUserId(userId: string, tenantId: string): Promise<ResourceAction[]>;
+  /**
+   * 查询用户在指定租户下的所有权限
+   */
+  findPermissionsByUserId(userId: string, tenantId: string): Promise<ResourceAction[]>;
 };
+/**
+ * RBAC 插件配置选项
+ */
 type RbacPluginOptions = {
-  /** 用户角色策略（用于数据库查询权限，优先于上下文权限） */userRole?: UserRoleStrategy;
+  /**
+   * 用户角色策略（用于数据库查询权限，优先于上下文权限）
+   */
+  userRole?: UserRoleStrategy;
 };
+/**
+ * 创建 RBAC 插件
+ *
+ * @param options - 插件配置选项
+ * @returns Elysia 插件实例
+ */
 declare function createRbacPlugin(options?: RbacPluginOptions): Elysia<"", {
   decorator: {};
   store: {};
@@ -148,15 +283,42 @@ declare function createRbacPlugin(options?: RbacPluginOptions): Elysia<"", {
 //#region src/plugins/api-key.plugin.d.ts
 /** API Key 认证的主体信息 */
 type ApiKeyPrincipal = {
-  /** 主体标识 */principalId: string; /** 租户 ID */
-  tenantId?: string; /** 角色列表 */
-  roles: string[]; /** 权限列表 */
+  /**
+   * 主体标识
+   */
+  principalId: string;
+  /**
+   * 租户 ID
+   */
+  tenantId?: string;
+  /**
+   * 角色列表
+   */
+  roles: string[];
+  /**
+   * 权限列表
+   */
   permissions: string[];
 };
+/**
+ * API Key 认证插件配置选项
+ */
 type ApiKeyPluginOptions = {
-  /** API Key 所在的请求头名称（默认 "x-api-key"） */header?: string; /** API Key 验证器，返回 null 表示无效 */
+  /**
+   * API Key 所在的请求头名称（默认 "x-api-key"）
+   */
+  header?: string;
+  /**
+   * API Key 验证器，返回 null 表示无效
+   */
   validator: (key: string) => Promise<ApiKeyPrincipal | null>;
 };
+/**
+ * 创建 API Key 认证插件
+ *
+ * @param options - 插件配置选项
+ * @returns Elysia 插件实例
+ */
 declare function createApiKeyPlugin(options: ApiKeyPluginOptions): Elysia<"", {
   decorator: {};
   store: {};
@@ -193,9 +355,21 @@ declare function createApiKeyPlugin(options: ApiKeyPluginOptions): Elysia<"", {
 //#region src/plugins/in-memory-api-key-validator.d.ts
 /** 内存 API Key 映射条目 */
 type InMemoryApiKeyEntry = {
-  /** 主体标识 */principalId: string; /** 租户ID（可选） */
-  tenantId?: string; /** 角色列表 */
-  roles: string[]; /** 权限列表 */
+  /**
+   * 主体标识
+   */
+  principalId: string;
+  /**
+   * 租户ID（可选）
+   */
+  tenantId?: string;
+  /**
+   * 角色列表
+   */
+  roles: string[];
+  /**
+   * 权限列表
+   */
   permissions: string[];
 };
 /** 内存 API Key 映射表 */
@@ -203,22 +377,55 @@ type InMemoryApiKeyMap = Record<string, InMemoryApiKeyEntry>;
 /**
  * 创建内存 API Key 验证器
  * 接受静态 API Key 映射，返回符合 createApiKeyPlugin 的 validator 函数
+ *
  * @param keyMap - API Key 到主体信息的映射
  * @returns validator 函数
  */
 declare function createInMemoryApiKeyValidator(keyMap: InMemoryApiKeyMap): (key: string) => Promise<ApiKeyPrincipal | null>;
 //#endregion
 //#region src/plugins/composite-auth.plugin.d.ts
+/**
+ * 组合认证插件配置选项
+ *
+ * 支持多种认证方式（JWT 和 API Key），优先尝试 JWT 认证。
+ */
 type CompositeAuthPluginOptions = {
-  /** 令牌验证器端口（用户注入，与 jwt 二选一） */verifier?: TokenVerifierPort; /** JWT 配置（与 verifier 二选一，未提供时使用默认配置） */
-  jwt?: JwtConfig; /** 默认租户 ID */
-  defaultTenantId?: string; /** API Key 验证器 */
-  apiKeyValidator?: (key: string) => Promise<ApiKeyPrincipal | null>; /** API Key 所在的请求头名称（默认 "x-api-key"） */
-  apiKeyHeader?: string; /** 跳过认证的路径列表（精确匹配或前缀匹配，如 "/api/public/*"） */
+  /**
+   * 令牌验证器端口（用户注入，与 jwt 二选一）
+   */
+  verifier?: TokenVerifierPort;
+  /**
+   * JWT 配置（与 verifier 二选一，未提供时使用默认配置）
+   */
+  jwt?: JwtConfig;
+  /**
+   * 默认租户 ID
+   */
+  defaultTenantId?: string;
+  /**
+   * API Key 验证器
+   */
+  apiKeyValidator?: (key: string) => Promise<ApiKeyPrincipal | null>;
+  /**
+   * API Key 所在的请求头名称（默认 "x-api-key"）
+   */
+  apiKeyHeader?: string;
+  /**
+   * 跳过认证的路径列表（精确匹配或前缀匹配，如 "/api/public/*"）
+   */
   publicPaths?: string[];
 };
 /** 组合认证上下文（向后兼容，内部使用 UnifiedAuthContext） */
 type CompositeAuthContext = UnifiedAuthContext$1;
+/**
+ * 创建组合认证插件
+ *
+ * 该插件支持多种认证方式（JWT 和 API Key），优先尝试 JWT 认证，
+ * 如果 JWT 认证失败则尝试 API Key 认证，未认证时返回 null。
+ *
+ * @param options - 插件配置选项
+ * @returns Elysia 插件实例
+ */
 declare function createCompositeAuthPlugin(options: CompositeAuthPluginOptions): Elysia<"", {
   decorator: {};
   store: {};
@@ -251,7 +458,12 @@ declare function createCompositeAuthPlugin(options: CompositeAuthPluginOptions):
   standaloneSchema: {};
   response: {};
 }>;
-/** 创建要求认证的组合认证插件（未认证时抛出异常） */
+/**
+ * 创建要求认证的组合认证插件（未认证时抛出异常）
+ *
+ * @param options - 插件配置选项
+ * @returns Elysia 插件实例
+ */
 declare function createRequiredCompositeAuthPlugin(options: CompositeAuthPluginOptions): Elysia<"", {
   decorator: {};
   store: {};
@@ -285,50 +497,30 @@ declare function createRequiredCompositeAuthPlugin(options: CompositeAuthPluginO
   response: {};
 }>;
 //#endregion
-//#region src/plugins/tenant.plugin.d.ts
-type TenantPluginOptions = {
-  /** 默认租户 ID */defaultTenantId?: string; /** 租户验证函数 */
-  validateFn?: TenantValidateFn;
-};
-declare function createTenantPlugin(options?: TenantPluginOptions): Elysia<"", {
-  decorator: {};
-  store: {};
-  derive: {
-    tenantId: string;
-  };
-  resolve: {};
-}, {
-  typebox: {};
-  error: {};
-}, {
-  schema: {};
-  standaloneSchema: {};
-  macro: {};
-  macroFn: {};
-  parser: {};
-  response: import("elysia").ExtractErrorFromHandle<{
-    tenantId: string;
-  }> & {};
-}, {}, {
-  derive: {};
-  resolve: {};
-  schema: {};
-  standaloneSchema: {};
-  response: {};
-}, {
-  derive: {};
-  resolve: {};
-  schema: {};
-  standaloneSchema: {};
-  response: {};
-}>;
-//#endregion
 //#region src/plugins/rate-limit.plugin.d.ts
+/**
+ * 速率限制插件配置选项
+ */
 type RateLimitPluginOptions = {
-  /** 速率限制器端口（用户注入） */limiter: RateLimiterPort; /** 日志服务 */
-  logger?: LoggerService; /** 键生成器（用于从请求中提取限制键） */
+  /**
+   * 速率限制器端口（用户注入）
+   */
+  limiter: RateLimiterPort;
+  /**
+   * 日志服务
+   */
+  logger?: LoggerService;
+  /**
+   * 键生成器（用于从请求中提取限制键）
+   */
   keyGenerator?: (request: Request) => string;
 };
+/**
+ * 创建速率限制插件
+ *
+ * @param options - 插件配置选项
+ * @returns Elysia 插件实例
+ */
 declare function createRateLimitPlugin(options: RateLimitPluginOptions): Elysia<"", {
   decorator: {};
   store: {};
@@ -444,13 +636,42 @@ declare function createLoggerPlugin(options: LoggerPluginOptions): Elysia<"", {
 }>;
 //#endregion
 //#region src/presets/basic-preset.d.ts
+/**
+ * 基础预设配置选项
+ *
+ * @typeParam T - 扩展 schema 类型，用于从 payload 中解析自定义业务字段
+ */
 type BasicPresetOptions<T extends z.ZodTypeAny = z.ZodUndefined> = {
-  /** 令牌验证器端口（用户注入） */tokenVerifier: TokenVerifierPort; /** 默认租户 ID */
-  defaultTenantId?: string; /** 日志服务 */
-  logger?: LoggerService; /** 跳过认证的路径列表（精确匹配或前缀匹配，如 "/api/public/*"） */
-  publicPaths?: string[]; /** 扩展 schema，用于从 payload 中解析自定义业务字段 */
+  /**
+   * 令牌验证器端口（用户注入）
+   */
+  tokenVerifier: TokenVerifierPort;
+  /**
+   * 默认租户 ID
+   */
+  defaultTenantId?: string;
+  /**
+   * 日志服务
+   */
+  logger?: LoggerService;
+  /**
+   * 跳过认证的路径列表（精确匹配或前缀匹配，如 "/api/public/*"）
+   */
+  publicPaths?: string[];
+  /**
+   * 扩展 schema，用于从 payload 中解析自定义业务字段
+   */
   extendSchema?: T;
 };
+/**
+ * 创建基础预设插件
+ *
+ * 该预设包含 JWT 验证插件和错误处理插件，提供完整的认证功能。
+ *
+ * @typeParam T - 扩展 schema 类型，用于从 payload 中解析自定义业务字段
+ * @param options - 预设配置选项
+ * @returns Elysia 插件实例
+ */
 declare function createBasicPreset<T extends z.ZodTypeAny = z.ZodUndefined>(options: BasicPresetOptions<T>): Elysia<"", {
   decorator: {};
   store: {};
@@ -517,24 +738,59 @@ declare function createBasicPreset<T extends z.ZodTypeAny = z.ZodUndefined>(opti
 }>;
 //#endregion
 //#region src/presets/standard-preset.d.ts
+/**
+ * 标准预设配置选项
+ *
+ * @typeParam T - 扩展 schema 类型，用于从 payload 中解析自定义业务字段
+ */
 type StandardPresetOptions<T extends z.ZodTypeAny = z.ZodUndefined> = {
-  /** 令牌验证器端口（用户注入） */tokenVerifier: TokenVerifierPort; /** 速率限制器端口（可选，用户注入） */
-  rateLimiter?: RateLimiterPort; /** 默认租户 ID */
-  defaultTenantId?: string; /** 租户验证函数 */
-  validateFn?: TenantValidateFn; /** 用户角色策略 */
-  userRole?: UserRoleStrategy; /** 日志服务 */
-  logger?: LoggerService; /** 跳过认证的路径列表（精确匹配或前缀匹配，如 "/api/public/*"） */
-  publicPaths?: string[]; /** 扩展 schema，用于从 payload 中解析自定义业务字段（仅在未使用 apiKeyValidator 时生效） */
-  extendSchema?: T; /** API Key 验证器（提供后使用组合认证插件替代 JWT 验证插件） */
+  /**
+   * 令牌验证器端口（用户注入）
+   */
+  tokenVerifier: TokenVerifierPort;
+  /**
+   * 速率限制器端口（可选，用户注入）
+   */
+  rateLimiter?: RateLimiterPort;
+  /**
+   * 默认租户 ID
+   */
+  defaultTenantId?: string;
+  /**
+   * 用户角色策略
+   */
+  userRole?: UserRoleStrategy;
+  /**
+   * 日志服务
+   */
+  logger?: LoggerService;
+  /**
+   * 跳过认证的路径列表（精确匹配或前缀匹配，如 "/api/public/*"）
+   */
+  publicPaths?: string[];
+  /**
+   * 扩展 schema，用于从 payload 中解析自定义业务字段（仅在未使用 apiKeyValidator 时生效）
+   */
+  extendSchema?: T;
+  /**
+   * API Key 验证器（提供后使用组合认证插件替代 JWT 验证插件）
+   */
   apiKeyValidator?: (key: string) => Promise<ApiKeyPrincipal | null>;
 };
+/**
+ * 创建标准预设插件
+ *
+ * 该预设包含认证插件、RBAC 插件、可选的限流插件和错误处理插件。
+ *
+ * @typeParam T - 扩展 schema 类型，用于从 payload 中解析自定义业务字段
+ * @param options - 预设配置选项
+ * @returns Elysia 插件实例
+ */
 declare function createStandardPreset<T extends z.ZodTypeAny = z.ZodUndefined>(options: StandardPresetOptions<T>): Elysia<"", {
   decorator: {};
   store: {};
   derive: {
     readonly requirePermission: (resource: string, action: string) => Promise<void>;
-  } & {
-    tenantId: string;
   };
   resolve: {};
 }, {
@@ -556,15 +812,6 @@ declare function createStandardPreset<T extends z.ZodTypeAny = z.ZodUndefined>(o
   response: import("elysia").ExtractErrorFromHandle<{
     readonly requirePermission: (resource: string, action: string) => Promise<void>;
   }>;
-} & {
-  schema: {};
-  standaloneSchema: {};
-  macro: {};
-  macroFn: {};
-  parser: {};
-  response: import("elysia").ExtractErrorFromHandle<{
-    tenantId: string;
-  }> & {};
 } & {
   schema: {};
   standaloneSchema: {};
@@ -591,13 +838,13 @@ declare function createStandardPreset<T extends z.ZodTypeAny = z.ZodUndefined>(o
   schema: {};
   standaloneSchema: {};
   response: {};
-}, ({
+}, (({
   derive: {};
   resolve: {};
   schema: {};
   standaloneSchema: {};
   response: {};
-} & {
+} & ({
   derive: {
     auth: import("@longzai-intelligence-auth/core").UnifiedAuthContext;
   };
@@ -607,19 +854,7 @@ declare function createStandardPreset<T extends z.ZodTypeAny = z.ZodUndefined>(o
   response: import("elysia").ExtractErrorFromHandle<{
     auth: import("@longzai-intelligence-auth/core").UnifiedAuthContext;
   }>;
-} & {
-  derive: {};
-  resolve: {};
-  schema: {};
-  standaloneSchema: {};
-  response: {};
-}) | ({
-  derive: {};
-  resolve: {};
-  schema: {};
-  standaloneSchema: {};
-  response: {};
-} & {
+} | {
   derive: {
     readonly auth: any;
   };
@@ -629,20 +864,36 @@ declare function createStandardPreset<T extends z.ZodTypeAny = z.ZodUndefined>(o
   response: import("elysia").ExtractErrorFromHandle<{
     readonly auth: any;
   }>;
-} & {
+})) & {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}) & {
   derive: {};
   resolve: {};
   schema: {};
   standaloneSchema: {};
   response: {};
-})>;
+}>;
 //#endregion
 //#region src/utils/extract-client-ip.d.ts
-/** 从请求中提取客户端 IP 地址 */
+/**
+ * 从请求中提取客户端 IP 地址
+ *
+ * @param request - HTTP 请求对象
+ * @returns 客户端 IP 地址，如果无法提取则返回 undefined
+ */
 declare function extractClientIp(request: Request): string | undefined;
 //#endregion
 //#region src/utils/extract-user-agent.d.ts
-/** 从请求中提取用户代理 */
+/**
+ * 从请求中提取用户代理
+ *
+ * @param request - HTTP 请求对象
+ * @returns 用户代理字符串，如果无法提取则返回 undefined
+ */
 declare function extractUserAgent(request: Request): string | undefined;
 //#endregion
-export { type ApiKeyPluginOptions, type ApiKeyPrincipal, type AuthContextWithExtra, type BasicPresetOptions, type CompositeAuthContext, type CompositeAuthPluginOptions, type ErrorHandlerPluginOptions, type ExtractExtra, type InMemoryApiKeyEntry, type InMemoryApiKeyMap, type JwtVerifyPluginOptions, type LoggerPluginOptions, type OptionalAuthContext, type OptionalJwtPluginOptions, type RateLimitPluginOptions, type RbacPluginOptions, type StandardPresetOptions, type TenantPluginOptions, type UnifiedAuthContext, type UserRoleStrategy, type VerifiedAuthContext, createApiKeyPlugin, createBasicPreset, createCompositeAuthPlugin, createErrorHandlerPlugin, createInMemoryApiKeyValidator, createJwtVerifyPlugin, createLoggerPlugin, createOptionalJwtPlugin, createRateLimitPlugin, createRbacPlugin, createRequiredCompositeAuthPlugin, createStandardPreset, createTenantPlugin, extractClientIp, extractUserAgent, mapDomainErrorToStatus };
+export { type ApiKeyPluginOptions, type ApiKeyPrincipal, type AuthContextWithExtra, type BasicPresetOptions, type CompositeAuthContext, type CompositeAuthPluginOptions, type ErrorHandlerPluginOptions, type ExtractExtra, type InMemoryApiKeyEntry, type InMemoryApiKeyMap, type JwtVerifyPluginOptions, type LoggerPluginOptions, type OptionalAuthContext, type OptionalJwtPluginOptions, type RateLimitPluginOptions, type RbacPluginOptions, type StandardPresetOptions, type StaticTokenVerifierOptions, type UnifiedAuthContext, type UserRoleStrategy, type VerifiedAuthContext, createApiKeyPlugin, createBasicPreset, createCompositeAuthPlugin, createErrorHandlerPlugin, createInMemoryApiKeyValidator, createJwtVerifyPlugin, createLoggerPlugin, createOptionalJwtPlugin, createRateLimitPlugin, createRbacPlugin, createRequiredCompositeAuthPlugin, createStandardPreset, createStaticTokenVerifier, extractClientIp, extractUserAgent, mapDomainErrorToStatus };

package/dist/index.js CHANGED Viewed

	@@ -1 +1 @@
1	- import{AuthenticationError as e,DomainError as t,DuplicateEntityError as n,isBusinessRuleError as r,isConcurrencyError as i,isEntityNotFoundError as a,isPermissionDeniedError as o,isValidationError as s}from"@longzai-intelligence/error";import{AccountDisabledError as c,InvalidCredentialsError as l,MfaRequiredError as u,RateLimitExceededError as d,TokenExpiredError as f,TokenInvalidError as p,TokenMissingError as m,UserAlreadyExistsError as h,accessTokenPayloadSchema as g,createDefaultJwtConfig as _}from"@longzai-intelligence-auth/core";import{Elysia as v}from"elysia";import{JwtTokenVerifier as y}from"@longzai-intelligence-auth/jwt";function b(t){return s(t)?400:t instanceof f\|\|t instanceof p\|\|t instanceof m\|\|t instanceof u\|\|t instanceof l\|\|t instanceof c\|\|t instanceof e?401:o(t)?403:a(t)?404:t instanceof n\|\|t instanceof h?409:t instanceof d?429:i(t)?409:r(t)\|\|t.code===`PASSWORD_POLICY_VIOLATION`?422:500}function x(e,t){return{userId:e.sub,tenantId:e.tenantId??t,roles:e.roles??[],permissions:e.permissions??[],authMethod:`jwt`}}function S(e){return{userId:``,tenantId:e,roles:[],permissions:[],authMethod:`jwt`}}function C(e,t){return t.some(t=>t.endsWith(`/`)?e.startsWith(t.slice(0,-2)):e===t)}function w(e){return{algorithm:`HS256`,secret:e.secret,accessExpiresIn:e.accessExpiresIn,refreshExpiresIn:e.refreshExpiresIn}}function T(e,t){return e\|\|new y(w(t??_()))}function E(e){let{verifier:t,jwt:n,defaultTenantId:r=`default`,publicPaths:i=[],extendSchema:a}=e,o=T(t,n);return new v({name:`@longzai-intelligence-auth/jwt-verify`}).derive(async({request:e})=>{if(C(new URL(e.url).pathname,i)){let e=a?a.parse({}):{};return{auth:{...S(r),...e}}}let t=e.headers.get(`Authorization`),n=t?.startsWith(`Bearer `)?t.slice(7):null;if(!n)throw new m;let s=await o.verifyAccessToken(n);if(!s.success\|\|!s.payload)throw new p(s.error);g.parse(s.payload);let c=x(s.payload,r),l=a?a.parse(s.payload):{};return{auth:{...c,...l}}}).as(`scoped`)}function D(e){return{algorithm:`HS256`,secret:e.secret,accessExpiresIn:e.accessExpiresIn,refreshExpiresIn:e.refreshExpiresIn}}function O(e,t){return e\|\|new y(D(t??_()))}function k(e){let{verifier:t,jwt:n,defaultTenantId:r=`default`,extendSchema:i}=e,a=O(t,n);return new v({name:`@longzai-intelligence-auth/optional-jwt`}).derive(async({request:e})=>{let t=e.headers.get(`Authorization`),n=t?.startsWith(`Bearer `)?t.slice(7):null;if(!n)return{auth:null};try{let e=await a.verifyAccessToken(n);if(!e.success\|\|!e.payload)return{auth:null};g.parse(e.payload);let t=e.payload,o={userId:t.sub,tenantId:t.tenantId??r,roles:t.roles??[],permissions:t.permissions??[],authMethod:`jwt`},s=i?i.parse(t):{};return{auth:{...o,...s}}}catch{return{auth:null}}}).as(`scoped`)}function A(e,t,n){return e.some(e=>e.resource===``&&e.action===``\|\|e.resource===t&&e.action===``\|\|e.resource===``&&e.action===n\|\|e.resource===t&&e.action===n)}function j(e,t,n){let r=`${t}:${n}`;return e.includes(r)\|\|e.includes(`${t}:`)\|\|e.includes(`:${n}`)\|\|e.includes(`:`)}function M(e={}){let{userRole:t}=e;return new v({name:`@longzai-intelligence-auth/rbac`}).derive({as:`scoped`},async e=>{let n=e.auth;if(!n)throw new m;let r=n.userId,i=n.tenantId;return{requirePermission:async(e,a)=>{if(t){if(A(await t.findPermissionsByUserId(r,i),e,a))return;let{PermissionDeniedError:n}=await import(`@longzai-intelligence/error`);throw new n(e,a)}if(j(n.permissions??[],e,a))return;let{PermissionDeniedError:o}=await import(`@longzai-intelligence/error`);throw new o(e,a)}}}).as(`global`)}function N(e){let{header:t=`x-api-key`,validator:n}=e;return new v({name:`@longzai-intelligence-auth/api-key`}).derive(async({request:e})=>{let r=e.headers.get(t)??e.headers.get(t.toLowerCase());if(!r)throw new m(`缺少 API Key`);let i=await n(r);if(!i)throw new p(`无效的 API Key`);return{auth:{userId:i.principalId,tenantId:i.tenantId??`default`,roles:i.roles,permissions:i.permissions,authMethod:`api-key`}}}).as(`scoped`)}function P(e){return async t=>{let n=e[t];return n?{principalId:n.principalId,tenantId:n.tenantId,roles:n.roles,permissions:n.permissions}:null}}function F(e){return{authMethod:`jwt`,userId:e.userId,tenantId:e.tenantId,roles:e.roles,permissions:e.permissions}}function I(e,t){return{authMethod:`api-key`,userId:e.principalId,tenantId:e.tenantId??t,roles:e.roles,permissions:e.permissions}}function L(e){return{algorithm:`HS256`,secret:e.secret,accessExpiresIn:e.accessExpiresIn,refreshExpiresIn:e.refreshExpiresIn}}function R(e,t){return e\|\|new y(L(t??_()))}function z(e,t){return t.some(t=>t.endsWith(`/`)?e.startsWith(t.slice(0,-2)):e===t)}function B(e){let{verifier:t,jwt:n,defaultTenantId:r=`default`,apiKeyValidator:i,apiKeyHeader:a=`x-api-key`,publicPaths:o=[]}=e,s=R(t,n);return new v({name:`@longzai-intelligence-auth/composite-auth`}).derive(async({request:e})=>{if(z(new URL(e.url).pathname,o))return{auth:null};let t=e.headers.get(`Authorization`),n=t?.startsWith(`Bearer `)?t.slice(7):null;if(n)try{let e=await s.verifyAccessToken(n);if(e.success&&e.payload)return g.parse(e.payload),{auth:F({userId:e.payload.sub,tenantId:e.payload.tenantId??r,roles:e.payload.roles??[],permissions:e.payload.permissions??[]})}}catch{}if(i){let t=e.headers.get(a)??e.headers.get(a.toLowerCase());if(t){let e=await i(t);if(e)return{auth:I(e,r)}}}return{auth:null}}).as(`scoped`)}function V(e){let{verifier:t,jwt:n,defaultTenantId:r=`default`,apiKeyValidator:i,apiKeyHeader:a=`x-api-key`,publicPaths:o=[]}=e,s=R(t,n);return new v({name:`@longzai-intelligence-auth/required-composite-auth`}).derive(async({request:e})=>{if(z(new URL(e.url).pathname,o))return{auth:{authMethod:`jwt`,userId:``,tenantId:r,roles:[],permissions:[]}};let t=e.headers.get(`Authorization`),n=t?.startsWith(`Bearer `)?t.slice(7):null;if(n)try{let e=await s.verifyAccessToken(n);if(e.success&&e.payload)return g.parse(e.payload),{auth:F({userId:e.payload.sub,tenantId:e.payload.tenantId??r,roles:e.payload.roles??[],permissions:e.payload.permissions??[]})}}catch{}if(i){let t=e.headers.get(a)??e.headers.get(a.toLowerCase());if(t){let e=await i(t);if(e)return{auth:I(e,r)}}}throw Error(`认证失败：需要提供有效的 JWT Token 或 API Key`)}).as(`scoped`)}function H(e~~={}~~){~~let{defaultTenantId:t=`default`,validateFn:n}=e;~~return ~~new v({name:`@longzai-intelligence-auth/tenant`}).derive(({request:~~e~~})=>({tenantId:e~~.headers.get(`x-tenant-id`)??t})).as(`scoped`).onBeforeHandle(async({tenantId:e})=>{if(n&&e!==t&&!(await n(e)).valid){let{PermissionDeniedError:e}=await import(`@longzai-intelligence/error`);throw new e(`tenant`,`access`)}}).as(`global`)}function U(e){return e.headers.get(`x-forwarded-for`)?.split(`,`)[0]?.trim()??e.headers.get(`x-real-ip`)??`unknown`}function W(e){let{limiter:t,logger:n}=e,r=e.keyGenerator??U;return new v({name:`@longzai-intelligence-auth/rate-limit`}).derive(({request:e})=>({clientIp:r(e)})).derive(async({clientIp:e,request:r})=>{let i=new URL(r.url).pathname,a=`${e}:${i}`,o=await t.checkLimit(a);if(!o.allowed)throw n?.warn(`限流触发`,{clientIp:e,path:i}),new d;return{rateLimitRemaining:o.remaining}}).as(`global`)}function G(e={}){let{logger:n}=e;return new v({name:`@longzai-intelligence-auth/error-handler`}).onError(({code:e,error:r,set:i})=>{if(r instanceof t)return i.status=b(r),{code:r.code,message:r.message,...r.context&&Object.keys(r.context).length>0?{details:r.context}:{}};switch(e){case`VALIDATION`:return i.status=400,{code:`VALIDATION_ERROR`,message:`请求参数验证失败`,details:r.all.map(e=>({path:e.path,message:e.summary}))};case`NOT_FOUND`:return i.status=404,{code:`NOT_FOUND`,message:`未找到请求的资源`};case`PARSE`:return i.status=400,{code:`PARSE_ERROR`,message:`请求数据解析失败`};default:return n?.error(`未预期的错误`,{error:r instanceof Error?r.message:String(r),stack:r instanceof Error?r.stack:void 0}),i.status=500,{code:`INTERNAL_ERROR`,message:`服务器内部错误`}}}).as(`global`)}function K(e){let{logger:t}=e;return new v({name:`@longzai-intelligence-auth/logger`}).onRequest(({request:e})=>{t.info(`${e.method} ${e.url}`)}).onAfterResponse(({request:e,set:n})=>{t.info(`${e.method} ${e.url} ${n.status}`)}).onError(({request:e,error:n})=>{t.error(`${e.method} ${e.url} 请求错误`,{error:n instanceof Error?n.message:String(n)})}).as(`global`)}function q(e){return new v({name:`@longzai-intelligence-auth/basic-preset`}).use(E({verifier:e.tokenVerifier,defaultTenantId:e.defaultTenantId,publicPaths:e.publicPaths,extendSchema:e.extendSchema})).use(G({logger:e.logger}))}function J(e){let t=e.apiKeyValidator?V({verifier:e.tokenVerifier,defaultTenantId:e.defaultTenantId,publicPaths:e.publicPaths,apiKeyValidator:e.apiKeyValidator}):E({verifier:e.tokenVerifier,defaultTenantId:e.defaultTenantId,publicPaths:e.publicPaths,extendSchema:e.extendSchema}),n=new v({name:`@longzai-intelligence-auth/standard-preset`}).use(t).use(M({userRole:e.userRole}))~~.use(H({defaultTenantId:e.defaultTenantId,validateFn:e.validateFn}))~~;return e.rateLimiter&&n.use(W({limiter:e.rateLimiter,logger:e.logger})),n.use(G({logger:e.logger}))}function Y(e){return e.headers.get(`x-forwarded-for`)?.split(`,`)[0]?.trim()??e.headers.get(`x-real-ip`)??void 0}function X(e){return e.headers.get(`user-agent`)??void 0}export{N as createApiKeyPlugin,q as createBasicPreset,B as createCompositeAuthPlugin,G as createErrorHandlerPlugin,P as createInMemoryApiKeyValidator,E as createJwtVerifyPlugin,K as createLoggerPlugin,k as createOptionalJwtPlugin,W as createRateLimitPlugin,M as createRbacPlugin,V as createRequiredCompositeAuthPlugin,J as createStandardPreset,H as ~~createTenantPlugin~~,Y as extractClientIp,X as extractUserAgent,b as mapDomainErrorToStatus};
1	+ import{AuthenticationError as e,DomainError as t,DuplicateEntityError as n,isBusinessRuleError as r,isConcurrencyError as i,isEntityNotFoundError as a,isPermissionDeniedError as o,isValidationError as s}from"@longzai-intelligence/error";import{AccountDisabledError as c,InvalidCredentialsError as l,MfaRequiredError as u,RateLimitExceededError as d,TokenExpiredError as f,TokenInvalidError as p,TokenMissingError as m,UserAlreadyExistsError as h,accessTokenPayloadSchema as g,createDefaultJwtConfig as _}from"@longzai-intelligence-auth/core";import v from"node:crypto";import{Elysia as y}from"elysia";import{JwtTokenVerifier as b}from"@longzai-intelligence-auth/jwt";function x(t){return s(t)?400:t instanceof f\|\|t instanceof p\|\|t instanceof m\|\|t instanceof u\|\|t instanceof l\|\|t instanceof c\|\|t instanceof e?401:o(t)?403:a(t)?404:t instanceof n\|\|t instanceof h?409:t instanceof d?429:i(t)?409:r(t)\|\|t.code===`PASSWORD_POLICY_VIOLATION`?422:500}function S(e,t){let n=Buffer.from(e,`utf-8`),r=Buffer.from(t,`utf-8`);if(n.length!==r.length){let e=Buffer.alloc(n.length);return v.timingSafeEqual(n,e),!1}return v.timingSafeEqual(n,r)}function C(e){let{token:t,getToken:n,subject:r=`static`,tenantId:i}=e;if(!t&&!n)throw Error(`createStaticTokenVerifier 需要至少提供 token 或 getToken 之一`);let a=()=>{if(n){let e=n();if(e)return e}return t??null};return{async verifyAccessToken(e){let t=a();return t?S(e,t)?{success:!0,payload:{sub:r,type:`access`,...i!==void 0&&{tenantId:i}}}:{success:!1,error:`静态令牌不匹配`}:{success:!1,error:`静态令牌未配置`}},async verifyRefreshToken(){return{success:!1,error:`静态令牌模式不支持 refresh token`}}}}function w(e,t){return{userId:e.sub,tenantId:e.tenantId??t,roles:e.roles??[],permissions:e.permissions??[],authMethod:`jwt`}}function T(e){return{userId:``,tenantId:e,roles:[],permissions:[],authMethod:`jwt`}}function E(e,t){return t.some(t=>t.endsWith(`/`)?e.startsWith(t.slice(0,-2)):e===t)}function D(e){return{algorithm:`HS256`,secret:e.secret,accessExpiresIn:e.accessExpiresIn,refreshExpiresIn:e.refreshExpiresIn}}function O(e,t){return e\|\|new b(D(t??_()))}function k(e){let{verifier:t,jwt:n,defaultTenantId:r=`default`,publicPaths:i=[],extendSchema:a}=e,o=O(t,n);return new y({name:`@longzai-intelligence-auth/jwt-verify`}).derive(async({request:e})=>{if(E(new URL(e.url).pathname,i)){let e=a?a.parse({}):{};return{auth:{...T(r),...e}}}let t=e.headers.get(`Authorization`),n=t?.startsWith(`Bearer `)?t.slice(7):null;if(!n)throw new m;let s=await o.verifyAccessToken(n);if(!s.success\|\|!s.payload)throw new p(s.error);g.parse(s.payload);let c=w(s.payload,r),l=a?a.parse(s.payload):{};return{auth:{...c,...l}}}).as(`scoped`)}function A(e){return{algorithm:`HS256`,secret:e.secret,accessExpiresIn:e.accessExpiresIn,refreshExpiresIn:e.refreshExpiresIn}}function j(e,t){return e\|\|new b(A(t??_()))}function M(e){let{verifier:t,jwt:n,defaultTenantId:r=`default`,extendSchema:i}=e,a=j(t,n);return new y({name:`@longzai-intelligence-auth/optional-jwt`}).derive(async({request:e})=>{let t=e.headers.get(`Authorization`),n=t?.startsWith(`Bearer `)?t.slice(7):null;if(!n)return{auth:null};try{let e=await a.verifyAccessToken(n);if(!e.success\|\|!e.payload)return{auth:null};g.parse(e.payload);let t=e.payload,o={userId:t.sub,tenantId:t.tenantId??r,roles:t.roles??[],permissions:t.permissions??[],authMethod:`jwt`},s=i?i.parse(t):{};return{auth:{...o,...s}}}catch{return{auth:null}}}).as(`scoped`)}function N(e,t,n){return e.some(e=>e.resource===``&&e.action===``\|\|e.resource===t&&e.action===``\|\|e.resource===``&&e.action===n\|\|e.resource===t&&e.action===n)}function P(e,t,n){let r=`${t}:${n}`;return e.includes(r)\|\|e.includes(`${t}:`)\|\|e.includes(`:${n}`)\|\|e.includes(`:`)}function F(e={}){let{userRole:t}=e;return new y({name:`@longzai-intelligence-auth/rbac`}).derive({as:`scoped`},async e=>{let n=e.auth;if(!n)throw new m;let r=n.userId,i=n.tenantId;return{requirePermission:async(e,a)=>{if(t){if(N(await t.findPermissionsByUserId(r,i),e,a))return;let{PermissionDeniedError:n}=await import(`@longzai-intelligence/error`);throw new n(e,a)}if(P(n.permissions??[],e,a))return;let{PermissionDeniedError:o}=await import(`@longzai-intelligence/error`);throw new o(e,a)}}}).as(`global`)}function I(e){let{header:t=`x-api-key`,validator:n}=e;return new y({name:`@longzai-intelligence-auth/api-key`}).derive(async({request:e})=>{let r=e.headers.get(t)??e.headers.get(t.toLowerCase());if(!r)throw new m(`缺少 API Key`);let i=await n(r);if(!i)throw new p(`无效的 API Key`);return{auth:{userId:i.principalId,tenantId:i.tenantId??`default`,roles:i.roles,permissions:i.permissions,authMethod:`api-key`}}}).as(`scoped`)}function L(e){return async t=>{let n=e[t];return n?{principalId:n.principalId,tenantId:n.tenantId,roles:n.roles,permissions:n.permissions}:null}}function R(e){return{authMethod:`jwt`,userId:e.userId,tenantId:e.tenantId,roles:e.roles,permissions:e.permissions}}function z(e,t){return{authMethod:`api-key`,userId:e.principalId,tenantId:e.tenantId??t,roles:e.roles,permissions:e.permissions}}function B(e){return{algorithm:`HS256`,secret:e.secret,accessExpiresIn:e.accessExpiresIn,refreshExpiresIn:e.refreshExpiresIn}}function V(e,t){return e\|\|new b(B(t??_()))}function H(e,t){return t.some(t=>t.endsWith(`/`)?e.startsWith(t.slice(0,-2)):e===t)}function U(e){let{verifier:t,jwt:n,defaultTenantId:r=`default`,apiKeyValidator:i,apiKeyHeader:a=`x-api-key`,publicPaths:o=[]}=e,s=V(t,n);return new y({name:`@longzai-intelligence-auth/composite-auth`}).derive(async({request:e})=>{if(H(new URL(e.url).pathname,o))return{auth:null};let t=e.headers.get(`Authorization`),n=t?.startsWith(`Bearer `)?t.slice(7):null;if(n)try{let e=await s.verifyAccessToken(n);if(e.success&&e.payload)return g.parse(e.payload),{auth:R({userId:e.payload.sub,tenantId:e.payload.tenantId??r,roles:e.payload.roles??[],permissions:e.payload.permissions??[]})}}catch{}if(i){let t=e.headers.get(a)??e.headers.get(a.toLowerCase());if(t){let e=await i(t);if(e)return{auth:z(e,r)}}}return{auth:null}}).as(`scoped`)}function W(e){let{verifier:t,jwt:n,defaultTenantId:r=`default`,apiKeyValidator:i,apiKeyHeader:a=`x-api-key`,publicPaths:o=[]}=e,s=V(t,n);return new y({name:`@longzai-intelligence-auth/required-composite-auth`}).derive(async({request:e})=>{if(H(new URL(e.url).pathname,o))return{auth:{authMethod:`jwt`,userId:``,tenantId:r,roles:[],permissions:[]}};let t=e.headers.get(`Authorization`),n=t?.startsWith(`Bearer `)?t.slice(7):null;if(n)try{let e=await s.verifyAccessToken(n);if(e.success&&e.payload)return g.parse(e.payload),{auth:R({userId:e.payload.sub,tenantId:e.payload.tenantId??r,roles:e.payload.roles??[],permissions:e.payload.permissions??[]})}}catch{}if(i){let t=e.headers.get(a)??e.headers.get(a.toLowerCase());if(t){let e=await i(t);if(e)return{auth:z(e,r)}}}throw Error(`认证失败：需要提供有效的 JWT Token 或 API Key`)}).as(`scoped`)}function G(e){return e.headers.get(`x-forwarded-for`)?.split(`,`)[0]?.trim()??e.headers.get(`x-real-ip`)??`unknown`}function K(e){let{limiter:t,logger:n}=e,r=e.keyGenerator??G;return new y({name:`@longzai-intelligence-auth/rate-limit`}).derive(({request:e})=>({clientIp:r(e)})).derive(async({clientIp:e,request:r})=>{let i=new URL(r.url).pathname,a=`${e}:${i}`,o=await t.checkLimit(a);if(!o.allowed)throw n?.warn(`限流触发`,{clientIp:e,path:i}),new d;return{rateLimitRemaining:o.remaining}}).as(`global`)}function q(e={}){let{logger:n}=e;return new y({name:`@longzai-intelligence-auth/error-handler`}).onError(({code:e,error:r,set:i})=>{if(r instanceof t)return i.status=x(r),{code:r.code,message:r.message,...r.context&&Object.keys(r.context).length>0?{details:r.context}:{}};switch(e){case`VALIDATION`:return i.status=400,{code:`VALIDATION_ERROR`,message:`请求参数验证失败`,details:r.all.map(e=>({path:e.path,message:e.summary}))};case`NOT_FOUND`:return i.status=404,{code:`NOT_FOUND`,message:`未找到请求的资源`};case`PARSE`:return i.status=400,{code:`PARSE_ERROR`,message:`请求数据解析失败`};default:return n?.error(`未预期的错误`,{error:r instanceof Error?r.message:String(r),stack:r instanceof Error?r.stack:void 0}),i.status=500,{code:`INTERNAL_ERROR`,message:`服务器内部错误`}}}).as(`global`)}function J(e){let{logger:t}=e;return new y({name:`@longzai-intelligence-auth/logger`}).onRequest(({request:e})=>{t.info(`${e.method} ${e.url}`)}).onAfterResponse(({request:e,set:n})=>{t.info(`${e.method} ${e.url} ${n.status}`)}).onError(({request:e,error:n})=>{t.error(`${e.method} ${e.url} 请求错误`,{error:n instanceof Error?n.message:String(n)})}).as(`global`)}function Y(e){return new y({name:`@longzai-intelligence-auth/basic-preset`}).use(k({verifier:e.tokenVerifier,defaultTenantId:e.defaultTenantId,publicPaths:e.publicPaths,extendSchema:e.extendSchema})).use(q({logger:e.logger}))}function X(e){let t=e.apiKeyValidator?W({verifier:e.tokenVerifier,defaultTenantId:e.defaultTenantId,publicPaths:e.publicPaths,apiKeyValidator:e.apiKeyValidator}):k({verifier:e.tokenVerifier,defaultTenantId:e.defaultTenantId,publicPaths:e.publicPaths,extendSchema:e.extendSchema}),n=new y({name:`@longzai-intelligence-auth/standard-preset`}).use(t).use(F({userRole:e.userRole}));return e.rateLimiter&&n.use(K({limiter:e.rateLimiter,logger:e.logger})),n.use(q({logger:e.logger}))}function Z(e){return e.headers.get(`x-forwarded-for`)?.split(`,`)[0]?.trim()??e.headers.get(`x-real-ip`)??void 0}function Q(e){return e.headers.get(`user-agent`)??void 0}export{I as createApiKeyPlugin,Y as createBasicPreset,U as createCompositeAuthPlugin,q as createErrorHandlerPlugin,L as createInMemoryApiKeyValidator,k as createJwtVerifyPlugin,J as createLoggerPlugin,M as createOptionalJwtPlugin,K as createRateLimitPlugin,F as createRbacPlugin,W as createRequiredCompositeAuthPlugin,X as createStandardPreset,C as createStaticTokenVerifier,Z as extractClientIp,Q as extractUserAgent,x as mapDomainErrorToStatus};

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@longzai-intelligence-auth/elysia",
-  "version": "0.0.5",
+  "version": "0.0.6",
   "license": "UNLICENSED",
   "type": "module",
   "sideEffects": false,
@@ -33,11 +33,11 @@
     "test:coverage": "bun test --coverage",
     "test:unit": "bun test src/__tests__/unit/",
     "test:integration": "bun test src/__tests__/integration/",
-    "clean": "rm -rf dist out .cache"
+    "clean": "rimraf dist out .cache"
   },
   "dependencies": {
-    "@longzai-intelligence-auth/core": "0.0.5",
-    "@longzai-intelligence-auth/jwt": "0.0.5",
+    "@longzai-intelligence-auth/core": "0.0.6",
+    "@longzai-intelligence-auth/jwt": "0.0.6",
     "@longzai-intelligence/error": "^0.0.5",
     "@elysiajs/bearer": "^1.3",
     "zod": "^3.24"