@meistrari/auth-nuxt 2.3.1 → 2.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +7 -0
- package/dist/module.json +1 -1
- package/dist/runtime/composables/application-auth.d.ts +1 -0
- package/dist/runtime/composables/application-auth.js +10 -1
- package/dist/runtime/composables/state.d.ts +2 -4
- package/dist/runtime/helpers/token.d.ts +15 -0
- package/dist/runtime/helpers/token.js +19 -0
- package/dist/runtime/plugins/application-token-refresh.js +1 -11
- package/package.json +2 -2
package/README.md
CHANGED
|
@@ -8,6 +8,13 @@ A Nuxt module that provides comprehensive authentication, organization managemen
|
|
|
8
8
|
npm install @meistrari/auth-nuxt
|
|
9
9
|
```
|
|
10
10
|
|
|
11
|
+
## Prerequisites
|
|
12
|
+
|
|
13
|
+
Before setting up the SDK, make sure the following are configured in the Auth API:
|
|
14
|
+
|
|
15
|
+
1. **Allowed Origins**: Your application URL (e.g., `https://your-app.com`) must be added to the allowed origins list in the Auth API. This ensures the Auth API accepts requests from your application.
|
|
16
|
+
2. **Allowed Email Domains**: The email domains of users who will access the application must be added to the allowed email domains list in the Auth API. For example, if your users sign in with `@company.com` emails, that domain must be whitelisted.
|
|
17
|
+
|
|
11
18
|
## Setup
|
|
12
19
|
|
|
13
20
|
Add the module to your `nuxt.config.ts`:
|
package/dist/module.json
CHANGED
|
@@ -40,6 +40,7 @@ export declare function useTelaApplicationAuth(): {
|
|
|
40
40
|
getAvailableOrganizations: () => Promise<FullOrganization[]>;
|
|
41
41
|
switchOrganization: (organizationId: string) => Promise<void>;
|
|
42
42
|
refreshToken: () => Promise<void>;
|
|
43
|
+
getToken: () => Promise<string | null | undefined>;
|
|
43
44
|
user: import("vue").Ref<{
|
|
44
45
|
id: string;
|
|
45
46
|
createdAt: Date;
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { navigateTo, useCookie, useRuntimeConfig } from "#app";
|
|
2
2
|
import { AuthorizationFlowError, isTokenExpired, RefreshTokenExpiredError, UserNotLoggedInError } from "@meistrari/auth-core";
|
|
3
3
|
import { useApplicationSessionState } from "./state.js";
|
|
4
|
+
import { willTokenExpireIn } from "../helpers/token.js";
|
|
4
5
|
const FIFTEEN_MINUTES = 60 * 15;
|
|
5
6
|
const ONE_MINUTE = 60 * 1e3;
|
|
6
7
|
export function useTelaApplicationAuth() {
|
|
@@ -87,6 +88,13 @@ export function useTelaApplicationAuth() {
|
|
|
87
88
|
throw error;
|
|
88
89
|
}
|
|
89
90
|
}
|
|
91
|
+
async function getToken() {
|
|
92
|
+
const shouldRefresh = accessTokenCookie.value ? willTokenExpireIn(accessTokenCookie.value, ONE_MINUTE * 2) : true;
|
|
93
|
+
if (shouldRefresh) {
|
|
94
|
+
await refreshToken();
|
|
95
|
+
}
|
|
96
|
+
return accessTokenCookie.value;
|
|
97
|
+
}
|
|
90
98
|
return {
|
|
91
99
|
...state,
|
|
92
100
|
login,
|
|
@@ -94,6 +102,7 @@ export function useTelaApplicationAuth() {
|
|
|
94
102
|
initSession,
|
|
95
103
|
getAvailableOrganizations,
|
|
96
104
|
switchOrganization,
|
|
97
|
-
refreshToken
|
|
105
|
+
refreshToken,
|
|
106
|
+
getToken
|
|
98
107
|
};
|
|
99
108
|
}
|
|
@@ -100,13 +100,12 @@ export declare function useSessionState(): {
|
|
|
100
100
|
export declare function useOrganizationState(): {
|
|
101
101
|
activeOrganization: import("vue").Ref<FullOrganization | null, FullOrganization | null>;
|
|
102
102
|
activeMember: import("vue").Ref<{
|
|
103
|
-
[x: string]: string | number | boolean | string[] | Record<string, any> | (string & Record<never, never>) | Date | number[] | undefined;
|
|
104
103
|
id: string;
|
|
105
104
|
organizationId: string;
|
|
106
105
|
role: "org:admin" | "org:member" | "org:reviewer";
|
|
107
106
|
createdAt: Date;
|
|
108
107
|
userId: string;
|
|
109
|
-
teamId?: string | undefined | undefined;
|
|
108
|
+
teamId?: string | undefined | undefined | undefined;
|
|
110
109
|
user: {
|
|
111
110
|
id: string;
|
|
112
111
|
email: string;
|
|
@@ -114,13 +113,12 @@ export declare function useOrganizationState(): {
|
|
|
114
113
|
image?: string | undefined;
|
|
115
114
|
};
|
|
116
115
|
} | null, {
|
|
117
|
-
[x: string]: string | number | boolean | string[] | Record<string, any> | (string & Record<never, never>) | Date | number[] | undefined;
|
|
118
116
|
id: string;
|
|
119
117
|
organizationId: string;
|
|
120
118
|
role: "org:admin" | "org:member" | "org:reviewer";
|
|
121
119
|
createdAt: Date;
|
|
122
120
|
userId: string;
|
|
123
|
-
teamId?: string | undefined | undefined;
|
|
121
|
+
teamId?: string | undefined | undefined | undefined;
|
|
124
122
|
user: {
|
|
125
123
|
id: string;
|
|
126
124
|
email: string;
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Parses a JWT token to extract its expiration time
|
|
3
|
+
*
|
|
4
|
+
* @param token - The JWT token string
|
|
5
|
+
* @returns The expiration timestamp in milliseconds, or null if parsing fails
|
|
6
|
+
*/
|
|
7
|
+
export declare function parseTokenExpiry(token: string): number | null;
|
|
8
|
+
/**
|
|
9
|
+
* Checks if a JWT token will expire within a certain time window, or if it is already expired
|
|
10
|
+
*
|
|
11
|
+
* @param token - The JWT token string
|
|
12
|
+
* @param timeWindow - The time window in milliseconds
|
|
13
|
+
* @returns True if the token will expire within the time window, false otherwise
|
|
14
|
+
*/
|
|
15
|
+
export declare function willTokenExpireIn(token: string, timeWindow: number): boolean | 0;
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import { decodeJwt } from "jose";
|
|
2
|
+
export function parseTokenExpiry(token) {
|
|
3
|
+
try {
|
|
4
|
+
const payload = decodeJwt(token);
|
|
5
|
+
if (!payload.exp)
|
|
6
|
+
return null;
|
|
7
|
+
return payload.exp * 1e3;
|
|
8
|
+
} catch {
|
|
9
|
+
return null;
|
|
10
|
+
}
|
|
11
|
+
}
|
|
12
|
+
export function willTokenExpireIn(token, timeWindow) {
|
|
13
|
+
const now = Date.now();
|
|
14
|
+
const expiry = parseTokenExpiry(token);
|
|
15
|
+
if (expiry === null) {
|
|
16
|
+
return true;
|
|
17
|
+
}
|
|
18
|
+
return expiry && expiry - timeWindow <= now;
|
|
19
|
+
}
|
|
@@ -1,22 +1,12 @@
|
|
|
1
1
|
import { defineNuxtPlugin, useCookie, useRuntimeConfig } from "#app";
|
|
2
2
|
import { isTokenExpired } from "@meistrari/auth-core";
|
|
3
|
-
import { decodeJwt } from "jose";
|
|
4
3
|
import { useTelaApplicationAuth } from "../composables/application-auth.js";
|
|
5
4
|
import { useApplicationSessionState } from "../composables/state.js";
|
|
6
5
|
import { createNuxtAuthClient } from "../shared.js";
|
|
6
|
+
import { parseTokenExpiry } from "../helpers/token.js";
|
|
7
7
|
const SEVEN_DAYS = 60 * 60 * 24 * 7;
|
|
8
8
|
const FIFTEEN_MINUTES = 60 * 15;
|
|
9
9
|
const TWO_MINUTES = 2 * 60 * 1e3;
|
|
10
|
-
function parseTokenExpiry(token) {
|
|
11
|
-
try {
|
|
12
|
-
const payload = decodeJwt(token);
|
|
13
|
-
if (!payload.exp)
|
|
14
|
-
return null;
|
|
15
|
-
return payload.exp * 1e3;
|
|
16
|
-
} catch {
|
|
17
|
-
return null;
|
|
18
|
-
}
|
|
19
|
-
}
|
|
20
10
|
export default defineNuxtPlugin({
|
|
21
11
|
name: "tela-application-token-refresh",
|
|
22
12
|
enforce: "post",
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@meistrari/auth-nuxt",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.4.0",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"exports": {
|
|
6
6
|
".": {
|
|
@@ -31,7 +31,7 @@
|
|
|
31
31
|
"build": "nuxt-module-build build --stub && nuxt-module-build prepare && nuxt-module-build build"
|
|
32
32
|
},
|
|
33
33
|
"dependencies": {
|
|
34
|
-
"@meistrari/auth-core": "1.11.
|
|
34
|
+
"@meistrari/auth-core": "1.11.2",
|
|
35
35
|
"jose": "6.1.3"
|
|
36
36
|
},
|
|
37
37
|
"peerDependencies": {
|