@longzai-intelligence-auth/session 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/index.d.ts +8 -0
  2. package/dist/index.js +4 -0
  3. package/dist/session-manager.d.ts +9 -0
  4. package/dist/session-manager.js +26 -0
  5. package/dist/use-cases/login.d.ts +15 -0
  6. package/dist/use-cases/login.js +37 -0
  7. package/dist/use-cases/logout.d.ts +14 -0
  8. package/dist/use-cases/logout.js +10 -0
  9. package/dist/use-cases/refresh-session.d.ts +14 -0
  10. package/dist/use-cases/refresh-session.js +39 -0
  11. package/package.json +52 -0
package/dist/index.d.ts ADDED
@@ -0,0 +1,8 @@
1
+ export type { SessionManager } from "./session-manager";
2
+ export { createSessionManager } from "./session-manager";
3
+ export type { CreateSessionDeps, LoginUseCase } from "./use-cases/login";
4
+ export { createLoginUseCase } from "./use-cases/login";
5
+ export type { LogoutUseCase } from "./use-cases/logout";
6
+ export { createLogoutUseCase } from "./use-cases/logout";
7
+ export type { RefreshSessionUseCase } from "./use-cases/refresh-session";
8
+ export { createRefreshSessionUseCase } from "./use-cases/refresh-session";
package/dist/index.js ADDED
@@ -0,0 +1,4 @@
1
+ export { createSessionManager } from "./session-manager";
2
+ export { createLoginUseCase } from "./use-cases/login";
3
+ export { createLogoutUseCase } from "./use-cases/logout";
4
+ export { createRefreshSessionUseCase } from "./use-cases/refresh-session";
package/dist/session-manager.d.ts ADDED
@@ -0,0 +1,9 @@
1
+ type SessionManager = {
2
+ generateRefreshToken(): string;
3
+ hashRefreshToken(token: string): Promise<string>;
4
+ verifyRefreshToken(token: string, storedHash: string): Promise<boolean>;
5
+ generateSessionId(): string;
6
+ };
7
+ declare function createSessionManager(): SessionManager;
8
+ export type { SessionManager };
9
+ export { createSessionManager };
package/dist/session-manager.js ADDED
@@ -0,0 +1,26 @@
1
+ import { createHash, getRandomValues } from "node:crypto";
2
+ function createSessionManager() {
3
+ function generateRefreshToken() {
4
+ const bytes = new Uint8Array(64);
5
+ getRandomValues(bytes);
6
+ return Buffer.from(bytes).toString("hex");
7
+ }
8
+ function hashRefreshToken(token) {
9
+ const hash = createHash("sha256").update(token).digest("hex");
10
+ return Promise.resolve(hash);
11
+ }
12
+ async function verifyRefreshToken(token, storedHash) {
13
+ const hash = await hashRefreshToken(token);
14
+ return hash === storedHash;
15
+ }
16
+ function generateSessionId() {
17
+ return crypto.randomUUID();
18
+ }
19
+ return {
20
+ generateRefreshToken,
21
+ hashRefreshToken,
22
+ verifyRefreshToken,
23
+ generateSessionId,
24
+ };
25
+ }
26
+ export { createSessionManager };
package/dist/use-cases/login.d.ts ADDED
@@ -0,0 +1,15 @@
1
+ import type { LoginResponse } from "@longzai-intelligence-auth/core";
2
+ import type { AuthBackendPort, TokenSigner } from "@longzai-intelligence-auth/core";
3
+ import type { SessionManager } from "../session-manager";
4
+ type CreateSessionDeps = {
5
+ adapter: AuthBackendPort;
6
+ tokenSigner: TokenSigner;
7
+ sessionManager: SessionManager;
8
+ defaultTenantId: string;
9
+ };
10
+ type LoginUseCase = {
11
+ execute(email: string, password: string, deviceInfo?: string, ipAddress?: string): Promise<LoginResponse>;
12
+ };
13
+ declare function createLoginUseCase(deps: CreateSessionDeps): LoginUseCase;
14
+ export type { CreateSessionDeps, LoginUseCase };
15
+ export { createLoginUseCase };
package/dist/use-cases/login.js ADDED
@@ -0,0 +1,37 @@
1
+ import { InvalidCredentialsError, AccountDisabledError } from "@longzai-intelligence-auth/core";
2
+ function createLoginUseCase(deps) {
3
+ const { adapter, tokenSigner, sessionManager, defaultTenantId } = deps;
4
+ return {
5
+ async execute(email, password, deviceInfo, ipAddress) {
6
+ const verifyResult = await adapter.user.verifyPassword(email, password);
7
+ if (!verifyResult.success || !verifyResult.user) {
8
+ throw new InvalidCredentialsError();
9
+ }
10
+ const user = verifyResult.user;
11
+ if (user.status !== "active") {
12
+ throw new AccountDisabledError();
13
+ }
14
+ const refreshToken = sessionManager.generateRefreshToken();
15
+ const refreshTokenHash = await sessionManager.hashRefreshToken(refreshToken);
16
+ const expiresAt = new Date(Date.now() + 7 * 24 * 60 * 60 * 1000).toISOString();
17
+ await adapter.session.create({
18
+ userId: user.id,
19
+ tenantId: defaultTenantId,
20
+ refreshTokenHash,
21
+ deviceInfo,
22
+ ipAddress,
23
+ expiresAt,
24
+ });
25
+ const accessToken = await tokenSigner.signAccessToken({
26
+ sub: user.id,
27
+ type: "access",
28
+ tenantId: defaultTenantId,
29
+ });
30
+ return {
31
+ accessToken,
32
+ refreshToken,
33
+ };
34
+ },
35
+ };
36
+ }
37
+ export { createLoginUseCase };
package/dist/use-cases/logout.d.ts ADDED
@@ -0,0 +1,14 @@
1
+ import type { MessageResponse } from "@longzai-intelligence-auth/core";
2
+ import type { AuthBackendPort, TokenSigner } from "@longzai-intelligence-auth/core";
3
+ import type { SessionManager } from "../session-manager";
4
+ type CreateSessionDeps = {
5
+ adapter: AuthBackendPort;
6
+ tokenSigner: TokenSigner;
7
+ sessionManager: SessionManager;
8
+ };
9
+ type LogoutUseCase = {
10
+ execute(sessionId: string): Promise<MessageResponse>;
11
+ };
12
+ declare function createLogoutUseCase(deps: CreateSessionDeps): LogoutUseCase;
13
+ export type { CreateSessionDeps, LogoutUseCase };
14
+ export { createLogoutUseCase };
package/dist/use-cases/logout.js ADDED
@@ -0,0 +1,10 @@
1
+ function createLogoutUseCase(deps) {
2
+ const { adapter } = deps;
3
+ return {
4
+ async execute(sessionId) {
5
+ await adapter.session.revoke(sessionId);
6
+ return { message: "登出成功" };
7
+ },
8
+ };
9
+ }
10
+ export { createLogoutUseCase };
package/dist/use-cases/refresh-session.d.ts ADDED
@@ -0,0 +1,14 @@
1
+ import type { RefreshTokenResponse } from "@longzai-intelligence-auth/core";
2
+ import type { AuthBackendPort, TokenSigner } from "@longzai-intelligence-auth/core";
3
+ import type { SessionManager } from "../session-manager";
4
+ type CreateSessionDeps = {
5
+ adapter: AuthBackendPort;
6
+ tokenSigner: TokenSigner;
7
+ sessionManager: SessionManager;
8
+ };
9
+ type RefreshSessionUseCase = {
10
+ execute(refreshToken: string): Promise<RefreshTokenResponse>;
11
+ };
12
+ declare function createRefreshSessionUseCase(deps: CreateSessionDeps): RefreshSessionUseCase;
13
+ export type { CreateSessionDeps, RefreshSessionUseCase };
14
+ export { createRefreshSessionUseCase };
package/dist/use-cases/refresh-session.js ADDED
@@ -0,0 +1,39 @@
1
+ import { SessionNotFoundError, SessionExpiredError } from "@longzai-intelligence-auth/core";
2
+ function createRefreshSessionUseCase(deps) {
3
+ const { adapter, tokenSigner, sessionManager } = deps;
4
+ return {
5
+ async execute(refreshToken) {
6
+ const refreshTokenHash = await sessionManager.hashRefreshToken(refreshToken);
7
+ const session = await adapter.session.findByRefreshTokenHash(refreshTokenHash);
8
+ if (!session) {
9
+ throw new SessionNotFoundError();
10
+ }
11
+ if (new Date(session.expiresAt) < new Date()) {
12
+ await adapter.session.revoke(session.id);
13
+ throw new SessionExpiredError();
14
+ }
15
+ const newRefreshToken = sessionManager.generateRefreshToken();
16
+ const newRefreshTokenHash = await sessionManager.hashRefreshToken(newRefreshToken);
17
+ const newExpiresAt = new Date(Date.now() + 7 * 24 * 60 * 60 * 1000).toISOString();
18
+ await adapter.session.create({
19
+ userId: session.userId,
20
+ tenantId: session.tenantId,
21
+ refreshTokenHash: newRefreshTokenHash,
22
+ deviceInfo: session.deviceInfo ?? undefined,
23
+ ipAddress: session.ipAddress ?? undefined,
24
+ expiresAt: newExpiresAt,
25
+ });
26
+ await adapter.session.revoke(session.id);
27
+ const accessToken = await tokenSigner.signAccessToken({
28
+ sub: session.userId,
29
+ type: "access",
30
+ tenantId: session.tenantId,
31
+ });
32
+ return {
33
+ accessToken,
34
+ refreshToken: newRefreshToken,
35
+ };
36
+ },
37
+ };
38
+ }
39
+ export { createRefreshSessionUseCase };
package/package.json ADDED
@@ -0,0 +1,52 @@
1
+ {
2
+ "name": "@longzai-intelligence-auth/session",
3
+ "version": "0.0.2",
4
+ "license": "UNLICENSED",
5
+ "repository": {
6
+ "type": "git",
7
+ "url": "https://github.com/longzai/longzai-intelligence-auth",
8
+ "directory": "packages/session"
9
+ },
10
+ "files": [
11
+ "dist"
12
+ ],
13
+ "type": "module",
14
+ "sideEffects": false,
15
+ "main": "./dist/index.cjs",
16
+ "module": "./dist/index.js",
17
+ "types": "./dist/index.d.ts",
18
+ "exports": {
19
+ ".": {
20
+ "import": {
21
+ "types": "./dist/index.d.ts",
22
+ "default": "./dist/index.js"
23
+ },
24
+ "require": {
25
+ "types": "./dist/index.d.cts",
26
+ "default": "./dist/index.cjs"
27
+ }
28
+ }
29
+ },
30
+ "publishConfig": {
31
+ "access": "public"
32
+ },
33
+ "scripts": {
34
+ "build": "bun build src/index.ts --outdir dist --target bun",
35
+ "build:declaration": "tsgo --declaration --emitDeclarationOnly --outDir dist -p tsconfig/app.json",
36
+ "build:prod": "NODE_ENV=production tsdown",
37
+ "prepublishOnly": "bun run build:prod",
38
+ "typecheck": "bun run typecheck:app && bun run typecheck:node && bun run typecheck:test",
39
+ "typecheck:app": "tsgo --noEmit -p tsconfig/app.json",
40
+ "typecheck:node": "tsgo --noEmit -p tsconfig/node.json",
41
+ "typecheck:test": "tsgo --noEmit -p tsconfig/test.json",
42
+ "lint": "oxlint && oxfmt --check",
43
+ "lint:fix": "oxlint --fix && oxfmt",
44
+ "test": "bun test",
45
+ "test:watch": "bun test --watch",
46
+ "test:coverage": "bun test --coverage",
47
+ "clean": "rm -rf dist out .cache"
48
+ },
49
+ "dependencies": {
50
+ "@longzai-intelligence-auth/core": "0.0.1"
51
+ }
52
+ }