npm - @meridianjs/auth - Versions diffs - 1.31.0 → 2.0.0 - Mend

@meridianjs/auth 1.31.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.d.mts CHANGED Viewed

@@ -94,6 +94,12 @@ declare class AuthModuleService extends AuthModuleService_base {
     resetPassword(token: string, newPassword: string): Promise<void>;
     /** Verify a JWT and return its decoded payload. Throws if invalid or expired. */
     verifyToken(token: string, secret: string): JwtPayload;
+    /**
+     * Issue a fresh JWT for a user by reading their current state from the DB.
+     * Uses `retrieveUserFresh` to bypass the identity map cache.
+     * Useful after updating a user's role or app_role_id outside the auth flow.
+     */
+    issueToken(userId: string): Promise<AuthResult>;
     /** Resolve permissions for a given app_role_id — gracefully degrades if module not loaded. */
     private resolvePermissions;
     private signToken;

package/dist/index.d.ts CHANGED Viewed

@@ -94,6 +94,12 @@ declare class AuthModuleService extends AuthModuleService_base {
     resetPassword(token: string, newPassword: string): Promise<void>;
     /** Verify a JWT and return its decoded payload. Throws if invalid or expired. */
     verifyToken(token: string, secret: string): JwtPayload;
+    /**
+     * Issue a fresh JWT for a user by reading their current state from the DB.
+     * Uses `retrieveUserFresh` to bypass the identity map cache.
+     * Useful after updating a user's role or app_role_id outside the auth flow.
+     */
+    issueToken(userId: string): Promise<AuthResult>;
     /** Resolve permissions for a given app_role_id — gracefully degrades if module not loaded. */
     private resolvePermissions;
     private signToken;

package/dist/index.js CHANGED Viewed

@@ -299,6 +299,32 @@ var AuthModuleService = class extends (0, import_framework_utils.MeridianService
   verifyToken(token, secret) {
     return import_jsonwebtoken.default.verify(token, secret, { algorithms: ["HS256"] });
   }
+  /**
+   * Issue a fresh JWT for a user by reading their current state from the DB.
+   * Uses `retrieveUserFresh` to bypass the identity map cache.
+   * Useful after updating a user's role or app_role_id outside the auth flow.
+   */
+  async issueToken(userId) {
+    const userService = this.container.resolve("userModuleService");
+    const config = this.container.resolve("config");
+    const user = await userService.retrieveUserFresh(userId);
+    if (!user) {
+      throw Object.assign(new Error("User not found"), { status: 404 });
+    }
+    const permissions = await this.resolvePermissions(user.app_role_id);
+    const { token, jti, expiresAt } = this.signToken(user.id, null, [user.role ?? "member"], permissions, config.projectConfig.jwtSecret);
+    await userService.createSession(jti, user.id, expiresAt).catch(() => {
+    });
+    return {
+      user: {
+        id: user.id,
+        email: user.email,
+        first_name: user.first_name ?? null,
+        last_name: user.last_name ?? null
+      },
+      token
+    };
+  }
   /** Resolve permissions for a given app_role_id — gracefully degrades if module not loaded. */
   async resolvePermissions(appRoleId) {
     if (!appRoleId) return [];

package/dist/index.mjs CHANGED Viewed

@@ -259,6 +259,32 @@ var AuthModuleService = class extends MeridianService({}) {
   verifyToken(token, secret) {
     return jwt.verify(token, secret, { algorithms: ["HS256"] });
   }
+  /**
+   * Issue a fresh JWT for a user by reading their current state from the DB.
+   * Uses `retrieveUserFresh` to bypass the identity map cache.
+   * Useful after updating a user's role or app_role_id outside the auth flow.
+   */
+  async issueToken(userId) {
+    const userService = this.container.resolve("userModuleService");
+    const config = this.container.resolve("config");
+    const user = await userService.retrieveUserFresh(userId);
+    if (!user) {
+      throw Object.assign(new Error("User not found"), { status: 404 });
+    }
+    const permissions = await this.resolvePermissions(user.app_role_id);
+    const { token, jti, expiresAt } = this.signToken(user.id, null, [user.role ?? "member"], permissions, config.projectConfig.jwtSecret);
+    await userService.createSession(jti, user.id, expiresAt).catch(() => {
+    });
+    return {
+      user: {
+        id: user.id,
+        email: user.email,
+        first_name: user.first_name ?? null,
+        last_name: user.last_name ?? null
+      },
+      token
+    };
+  }
   /** Resolve permissions for a given app_role_id — gracefully degrades if module not loaded. */
   async resolvePermissions(appRoleId) {
     if (!appRoleId) return [];

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@meridianjs/auth",
-  "version": "1.31.0",
+  "version": "2.0.0",
   "description": "Meridian auth module — JWT authentication and middleware",
   "main": "./dist/index.js",
   "module": "./dist/index.mjs",
@@ -26,8 +26,8 @@
     "prepublishOnly": "npm run build"
   },
   "dependencies": {
-    "@meridianjs/types": "^1.31.0",
-    "@meridianjs/framework-utils": "^1.31.0",
+    "@meridianjs/types": "^2.0.0",
+    "@meridianjs/framework-utils": "^2.0.0",
     "jsonwebtoken": "^9.0.2",
     "bcrypt": "^5.1.1"
   },