@mars-stack/core 7.0.6 → 8.0.1

package/dist/auth/password-hash.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Hashes a password using SHA-256 prehash followed by bcrypt (cost 12).
+ * Safe to import from Prisma seed scripts and other Node contexts outside Next.js.
+ */
+export declare function hashPassword(password: string): Promise<string>;
+/**
+ * Verifies a plaintext password against a stored bcrypt hash.
+ */
+export declare function verifyPassword(plainPassword: string, hashedPassword: string): Promise<boolean>;
+//# sourceMappingURL=password-hash.d.ts.map

package/dist/auth/password-hash.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"password-hash.d.ts","sourceRoot":"","sources":["../../src/auth/password-hash.ts"],"names":[],"mappings":"AAWA;;;GAGG;AACH,wBAAsB,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAIpE;AAED;;GAEG;AACH,wBAAsB,cAAc,CAClC,aAAa,EAAE,MAAM,EACrB,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,OAAO,CAAC,CAMlB"}

package/dist/auth/password-hash.js

@@ -0,0 +1 @@
+export { hashPassword, verifyPassword } from '../chunk-6WI62GWT.js';

package/dist/auth/password-schema.d.ts

@@ -0,0 +1,4 @@
+import { z } from 'zod';
+/** Zod schema enforcing password strength rules: 8-100 chars, mixed case, digit, special char, no common patterns. */
+export declare const passwordSchema: z.ZodString;
+//# sourceMappingURL=password-schema.d.ts.map

package/dist/auth/password-schema.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"password-schema.d.ts","sourceRoot":"","sources":["../../src/auth/password-schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,sHAAsH;AACtH,eAAO,MAAM,cAAc,aAYqE,CAAC"}

package/dist/auth/password-schema.js

@@ -0,0 +1 @@
+export { passwordSchema } from '../chunk-BJY4ZUID.js';

package/dist/auth/password.d.ts

@@ -1,28 +1,4 @@
 import 'server-only';
-import { z } from 'zod';
-/** Zod schema enforcing password strength rules: 8-100 chars, mixed case, digit, special char, no common patterns. */
-export declare const passwordSchema: z.ZodString;
-/**
- * Hashes a password using SHA-256 prehash followed by bcrypt (cost 12).
- * The prehash step allows bcrypt to work with passwords of any length while
- * maintaining a domain separator to prevent cross-protocol collisions.
- *
- * @param password - The plaintext password to hash
- * @returns The bcrypt hash string
- * @example
- * const hash = await hashPassword('mySecureP@ss1');
- */
-export declare function hashPassword(password: string): Promise<string>;
-/**
- * Verifies a plaintext password against a stored bcrypt hash.
- * Attempts prehashed comparison first, then falls back to direct comparison
- * for backwards compatibility with legacy hashes.
- *
- * @param plainPassword - The plaintext password to verify
- * @param hashedPassword - The stored bcrypt hash
- * @returns True if the password matches
- * @example
- * const valid = await verifyPassword('mySecureP@ss1', storedHash);
- */
-export declare function verifyPassword(plainPassword: string, hashedPassword: string): Promise<boolean>;
+export { passwordSchema } from './password-schema';
+export { hashPassword, verifyPassword } from './password-hash';
 //# sourceMappingURL=password.d.ts.map

package/dist/auth/password.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"password.d.ts","sourceRoot":"","sources":["../../src/auth/password.ts"],"names":[],"mappings":"AAAA,OAAO,aAAa,CAAC;AAErB,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAaxB,sHAAsH;AACtH,eAAO,MAAM,cAAc,aAYqE,CAAC;AAEjG;;;;;;;;;GASG;AACH,wBAAsB,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAIpE;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,cAAc,CAClC,aAAa,EAAE,MAAM,EACrB,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,OAAO,CAAC,CAMlB"}
+{"version":3,"file":"password.d.ts","sourceRoot":"","sources":["../../src/auth/password.ts"],"names":[],"mappings":"AAAA,OAAO,aAAa,CAAC;AAErB,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/auth/password.js

@@ -1 +1,3 @@
-export { hashPassword, passwordSchema, verifyPassword } from '../chunk-WO6FHJHG.js';
+export { passwordSchema } from '../chunk-BJY4ZUID.js';
+export { hashPassword, verifyPassword } from '../chunk-6WI62GWT.js';
+import 'server-only';

package/dist/auth/validators.js

@@ -1,4 +1,4 @@
-import { passwordSchema } from '../chunk-WO6FHJHG.js';
+import { passwordSchema } from '../chunk-BJY4ZUID.js';
 
 // src/auth/validators.ts
 function validateEmail(value) {

package/dist/{chunk-WO6FHJHG.js → chunk-6WI62GWT.js}

@@ -1,7 +1,4 @@
-import 'server-only';
-import { z } from 'zod';
-
-// src/auth/password.ts
+// src/auth/password-hash.ts
 var PASSWORD_PREHASH_DOMAIN = "mars-password-v1";
 async function sha256Prehash(password) {
   const payload = `${PASSWORD_PREHASH_DOMAIN}:${password}`;
@@ -9,10 +6,6 @@ async function sha256Prehash(password) {
   const digest = await crypto.subtle.digest("SHA-256", data);
   return Array.from(new Uint8Array(digest)).map((b) => b.toString(16).padStart(2, "0")).join("");
 }
-var passwordSchema = z.string().min(8, "Password must be at least 8 characters").max(100, "Password must be less than 100 characters").regex(/[A-Z]/, "Password must contain at least one uppercase letter").regex(/[a-z]/, "Password must contain at least one lowercase letter").regex(/[0-9]/, "Password must contain at least one number").regex(/[^A-Za-z0-9]/, "Password must contain at least one special character").refine(
-  (password) => !password.toLowerCase().includes("password"),
-  "Password cannot contain 'password'"
-).refine((password) => !password.includes("123"), "Password cannot contain sequential numbers");
 async function hashPassword(password) {
   const { hash } = await import('bcryptjs');
   const prehashed = await sha256Prehash(password);
@@ -26,4 +19,4 @@ async function verifyPassword(plainPassword, hashedPassword) {
   return compare(plainPassword, hashedPassword);
 }
 
-export { hashPassword, passwordSchema, verifyPassword };
+export { hashPassword, verifyPassword };

package/dist/chunk-BJY4ZUID.js

@@ -0,0 +1,9 @@
+import { z } from 'zod';
+
+// src/auth/password-schema.ts
+var passwordSchema = z.string().min(8, "Password must be at least 8 characters").max(100, "Password must be less than 100 characters").regex(/[A-Z]/, "Password must contain at least one uppercase letter").regex(/[a-z]/, "Password must contain at least one lowercase letter").regex(/[0-9]/, "Password must contain at least one number").regex(/[^A-Za-z0-9]/, "Password must contain at least one special character").refine(
+  (password) => !password.toLowerCase().includes("password"),
+  "Password cannot contain 'password'"
+).refine((password) => !password.includes("123"), "Password cannot contain sequential numbers");
+
+export { passwordSchema };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mars-stack/core",
-  "version": "7.0.6",
+  "version": "8.0.1",
   "license": "MIT",
   "repository": {
     "type": "git",
@@ -32,6 +32,14 @@
       "types": "./dist/auth/password.d.ts",
       "import": "./dist/auth/password.js"
     },
+    "./auth/password-schema": {
+      "types": "./dist/auth/password-schema.d.ts",
+      "import": "./dist/auth/password-schema.js"
+    },
+    "./auth/password-hash": {
+      "types": "./dist/auth/password-hash.d.ts",
+      "import": "./dist/auth/password-hash.js"
+    },
     "./auth/verification": {
       "types": "./dist/auth/verification.d.ts",
       "import": "./dist/auth/verification.js"