npm - @morojs/moro - Versions diffs - 1.0.3 → 1.2.0 - Mend

@morojs/moro 1.0.3 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (55) hide show

package/README.md +57 -2
package/dist/core/auth/morojs-adapter.d.ts +94 -0
package/dist/core/auth/morojs-adapter.js +288 -0
package/dist/core/auth/morojs-adapter.js.map +1 -0
package/dist/core/config/file-loader.d.ts +18 -0
package/dist/core/config/file-loader.js +345 -0
package/dist/core/config/file-loader.js.map +1 -0
package/dist/core/config/index.d.ts +6 -0
package/dist/core/config/index.js +15 -0
package/dist/core/config/index.js.map +1 -1
package/dist/core/config/loader.d.ts +2 -1
package/dist/core/config/loader.js +15 -2
package/dist/core/config/loader.js.map +1 -1
package/dist/core/config/utils.js +50 -3
package/dist/core/config/utils.js.map +1 -1
package/dist/core/http/http-server.d.ts +2 -0
package/dist/core/http/http-server.js +52 -9
package/dist/core/http/http-server.js.map +1 -1
package/dist/core/middleware/built-in/auth-helpers.d.ts +124 -0
package/dist/core/middleware/built-in/auth-helpers.js +338 -0
package/dist/core/middleware/built-in/auth-helpers.js.map +1 -0
package/dist/core/middleware/built-in/auth-providers.d.ts +125 -0
package/dist/core/middleware/built-in/auth-providers.js +394 -0
package/dist/core/middleware/built-in/auth-providers.js.map +1 -0
package/dist/core/middleware/built-in/auth.d.ts +29 -1
package/dist/core/middleware/built-in/auth.js +259 -16
package/dist/core/middleware/built-in/auth.js.map +1 -1
package/dist/core/middleware/built-in/index.d.ts +3 -1
package/dist/core/middleware/built-in/index.js +19 -1
package/dist/core/middleware/built-in/index.js.map +1 -1
package/dist/index.d.ts +5 -1
package/dist/index.js +11 -2
package/dist/index.js.map +1 -1
package/dist/moro.d.ts +1 -0
package/dist/moro.js +19 -1
package/dist/moro.js.map +1 -1
package/dist/types/auth.d.ts +367 -0
package/dist/types/auth.js +28 -0
package/dist/types/auth.js.map +1 -0
package/package.json +6 -2
package/src/core/auth/README.md +339 -0
package/src/core/auth/morojs-adapter.ts +402 -0
package/src/core/config/file-loader.ts +398 -0
package/src/core/config/index.ts +18 -0
package/src/core/config/loader.ts +18 -2
package/src/core/config/utils.ts +53 -3
package/src/core/http/http-server.ts +61 -10
package/src/core/middleware/built-in/auth-helpers.ts +401 -0
package/src/core/middleware/built-in/auth-providers.ts +480 -0
package/src/core/middleware/built-in/auth.ts +306 -16
package/src/core/middleware/built-in/index.ts +22 -0
package/src/index.ts +30 -1
package/src/moro.ts +29 -1
package/src/types/auth.ts +440 -0
package/tsconfig.json +1 -1

package/src/types/auth.ts ADDED Viewed

@@ -0,0 +1,440 @@
+// Auth.js Types for MoroJS
+export interface AuthProvider {
+  id: string;
+  name: string;
+  type: 'oauth' | 'oidc' | 'credentials' | 'email';
+  // OAuth/OIDC specific
+  authorization?: string | { url: string; params?: Record<string, any> };
+  token?: string | { url: string; params?: Record<string, any> };
+  userinfo?: string | { url: string; params?: Record<string, any> };
+  issuer?: string;
+  wellKnown?: string;
+  // Client configuration
+  clientId?: string;
+  clientSecret?: string;
+  // Scope and claims
+  scope?: string;
+  claims?: Record<string, any>;
+  // Profile mapping
+  profile?: (profile: any, tokens: any) => Promise<any> | any;
+  // Custom authorization parameters
+  authorization_params?: Record<string, any>;
+  // Token handling
+  token_endpoint_auth_method?: 'client_secret_post' | 'client_secret_basic';
+  // Additional provider-specific options
+  [key: string]: any;
+}
+export interface OAuthProvider extends AuthProvider {
+  type: 'oauth';
+  authorization: string | { url: string; params?: Record<string, any> };
+  token: string | { url: string; params?: Record<string, any> };
+  userinfo?: string | { url: string; params?: Record<string, any> };
+}
+export interface OIDCProvider extends AuthProvider {
+  type: 'oidc';
+  issuer: string;
+  wellKnown?: string;
+}
+export interface CredentialsProvider extends AuthProvider {
+  type: 'credentials';
+  credentials: Record<
+    string,
+    {
+      label?: string;
+      type?: string;
+      placeholder?: string;
+      [key: string]: any;
+    }
+  >;
+  authorize: (credentials: Record<string, any>, req: any) => Promise<any> | any;
+}
+export interface EmailProvider extends AuthProvider {
+  type: 'email';
+  server:
+    | string
+    | {
+        host: string;
+        port: number;
+        auth: {
+          user: string;
+          pass: string;
+        };
+        secure?: boolean;
+        tls?: any;
+      };
+  from: string;
+  sendVerificationRequest?: (params: {
+    identifier: string;
+    url: string;
+    expires: Date;
+    provider: EmailProvider;
+    token: string;
+    theme: any;
+    request: any;
+  }) => Promise<void>;
+}
+export interface AuthUser {
+  id: string;
+  name?: string | null;
+  email?: string | null;
+  image?: string | null;
+  emailVerified?: Date | null;
+  [key: string]: any;
+}
+export interface AuthAccount {
+  userId: string;
+  type: 'oauth' | 'oidc' | 'email' | 'credentials';
+  provider: string;
+  providerAccountId: string;
+  access_token?: string;
+  expires_at?: number;
+  id_token?: string;
+  refresh_token?: string;
+  refresh_token_expires_in?: number;
+  scope?: string;
+  token_type?: string;
+  session_state?: string;
+  [key: string]: any;
+}
+export interface AuthSession {
+  sessionToken: string;
+  userId: string;
+  expires: Date;
+  user: AuthUser;
+  [key: string]: any;
+}
+export interface VerificationToken {
+  identifier: string;
+  token: string;
+  expires: Date;
+}
+export interface AuthJWT {
+  name?: string | null;
+  email?: string | null;
+  picture?: string | null;
+  sub?: string;
+  iat?: number;
+  exp?: number;
+  jti?: string;
+  [key: string]: any;
+}
+export interface AuthCallbacks {
+  signIn?: (params: {
+    user: AuthUser;
+    account: AuthAccount | null;
+    profile?: any;
+    email?: { verificationRequest?: boolean };
+    credentials?: Record<string, any>;
+  }) => Awaitable<boolean | string>;
+  redirect?: (params: { url: string; baseUrl: string }) => Awaitable<string>;
+  session?: (params: {
+    session: AuthSession;
+    user: AuthUser;
+    token: AuthJWT;
+  }) => Awaitable<AuthSession>;
+  jwt?: (params: {
+    token: AuthJWT;
+    user?: AuthUser;
+    account?: AuthAccount;
+    profile?: any;
+    trigger?: 'signIn' | 'signUp' | 'update';
+    isNewUser?: boolean;
+    session?: any;
+  }) => Awaitable<AuthJWT>;
+}
+export interface AuthPages {
+  signIn?: string;
+  signOut?: string;
+  error?: string;
+  verifyRequest?: string;
+  newUser?: string;
+}
+export interface AuthEvents {
+  signIn?: (message: {
+    user: AuthUser;
+    account: AuthAccount | null;
+    profile?: any;
+    isNewUser?: boolean;
+  }) => Awaitable<void>;
+  signOut?: (message: { session: AuthSession; token: AuthJWT }) => Awaitable<void>;
+  createUser?: (message: { user: AuthUser }) => Awaitable<void>;
+  updateUser?: (message: { user: AuthUser }) => Awaitable<void>;
+  linkAccount?: (message: {
+    user: AuthUser;
+    account: AuthAccount;
+    profile: any;
+  }) => Awaitable<void>;
+  session?: (message: { session: AuthSession; token: AuthJWT }) => Awaitable<void>;
+}
+export interface AuthCookies {
+  sessionToken: {
+    name: string;
+    options?: CookieOptions;
+  };
+  callbackUrl: {
+    name: string;
+    options?: CookieOptions;
+  };
+  csrfToken: {
+    name: string;
+    options?: CookieOptions;
+  };
+  pkceCodeVerifier: {
+    name: string;
+    options?: CookieOptions;
+  };
+  state: {
+    name: string;
+    options?: CookieOptions;
+  };
+  nonce: {
+    name: string;
+    options?: CookieOptions;
+  };
+}
+export interface CookieOptions {
+  domain?: string;
+  expires?: Date;
+  httpOnly?: boolean;
+  maxAge?: number;
+  path?: string;
+  sameSite?: 'strict' | 'lax' | 'none';
+  secure?: boolean;
+}
+export interface AuthTheme {
+  colorScheme?: 'light' | 'dark' | 'auto';
+  logo?: string;
+  brandColor?: string;
+  buttonText?: string;
+  [key: string]: any;
+}
+export interface AuthLogger {
+  error: (code: string, metadata?: any) => void;
+  warn: (code: string) => void;
+  debug: (code: string, metadata?: any) => void;
+}
+export interface AuthAdapter {
+  createUser?: (user: Omit<AuthUser, 'id'>) => Awaitable<AuthUser>;
+  getUser?: (id: string) => Awaitable<AuthUser | null>;
+  getUserByEmail?: (email: string) => Awaitable<AuthUser | null>;
+  getUserByAccount?: (
+    providerAccountId: Pick<AuthAccount, 'provider' | 'providerAccountId'>
+  ) => Awaitable<AuthUser | null>;
+  updateUser?: (user: Partial<AuthUser> & Pick<AuthUser, 'id'>) => Awaitable<AuthUser>;
+  deleteUser?: (userId: string) => Awaitable<void>;
+  linkAccount?: (account: AuthAccount) => Awaitable<void>;
+  unlinkAccount?: (
+    providerAccountId: Pick<AuthAccount, 'provider' | 'providerAccountId'>
+  ) => Awaitable<void>;
+  createSession?: (session: {
+    sessionToken: string;
+    userId: string;
+    expires: Date;
+  }) => Awaitable<AuthSession>;
+  getSessionAndUser?: (
+    sessionToken: string
+  ) => Awaitable<{ session: AuthSession; user: AuthUser } | null>;
+  updateSession?: (
+    session: Partial<AuthSession> & Pick<AuthSession, 'sessionToken'>
+  ) => Awaitable<AuthSession | null | undefined>;
+  deleteSession?: (sessionToken: string) => Awaitable<void>;
+  createVerificationToken?: (
+    verificationToken: VerificationToken
+  ) => Awaitable<VerificationToken | null | undefined>;
+  useVerificationToken?: (params: {
+    identifier: string;
+    token: string;
+  }) => Awaitable<VerificationToken | null>;
+}
+export interface AuthOptions {
+  // Core configuration
+  providers: AuthProvider[];
+  secret?: string;
+  // Session configuration
+  session?: {
+    strategy?: 'jwt' | 'database';
+    maxAge?: number; // in seconds
+    updateAge?: number; // in seconds
+    generateSessionToken?: () => string;
+  };
+  // JWT configuration
+  jwt?: {
+    secret?: string;
+    maxAge?: number;
+    encode?: (params: { token?: AuthJWT; secret: string; maxAge?: number }) => Awaitable<string>;
+    decode?: (params: { token?: string; secret: string }) => Awaitable<AuthJWT | null>;
+  };
+  // Callbacks
+  callbacks?: AuthCallbacks;
+  // Events
+  events?: AuthEvents;
+  // Adapter
+  adapter?: AuthAdapter;
+  // Pages
+  pages?: AuthPages;
+  // Cookies
+  cookies?: Partial<AuthCookies>;
+  // Theme
+  theme?: AuthTheme;
+  // Logger
+  logger?: AuthLogger;
+  // Configuration
+  debug?: boolean;
+  basePath?: string;
+  useSecureCookies?: boolean;
+  trustHost?: boolean;
+  // CSRF
+  skipCSRFCheck?: string[];
+  // Experimental features
+  experimental?: {
+    enableWebAuthn?: boolean;
+    [key: string]: any;
+  };
+}
+export interface AuthRequest {
+  user?: AuthUser;
+  session?: AuthSession;
+  token?: string;
+  isAuthenticated: boolean;
+  // Auth methods
+  signIn: (
+    provider?: string,
+    options?: {
+      callbackUrl?: string;
+      redirect?: boolean;
+      [key: string]: any;
+    }
+  ) => Promise<any>;
+  signOut: (options?: { callbackUrl?: string; redirect?: boolean }) => Promise<any>;
+  getSession: () => Promise<AuthSession | null>;
+  getToken: () => Promise<AuthJWT | null>;
+  // CSRF protection
+  getCsrfToken: () => Promise<string>;
+  // Providers
+  getProviders: () => Promise<Record<string, AuthProvider>>;
+}
+export interface AuthResponse {
+  status: number;
+  headers?: Record<string, string>;
+  body?: any;
+  redirect?: string;
+}
+export interface AuthConfig extends AuthOptions {
+  // Runtime configuration
+  basePath: string;
+  baseUrl: string;
+  // Internal state
+  providers: AuthProvider[];
+  // Computed values
+  skipCSRFCheck: string[];
+  useSecureCookies: boolean;
+}
+// Utility types
+export type Awaitable<T> = T | Promise<T>;
+export type ProviderType = 'oauth' | 'oidc' | 'credentials' | 'email';
+export type SignInOptions = {
+  callbackUrl?: string;
+  redirect?: boolean;
+  [key: string]: any;
+};
+export type SignOutOptions = {
+  callbackUrl?: string;
+  redirect?: boolean;
+};
+// Error types
+export interface AuthError extends Error {
+  type: string;
+  code?: string;
+}
+export class SignInError extends Error implements AuthError {
+  type = 'SignInError';
+  code?: string;
+  constructor(message: string, code?: string) {
+    super(message);
+    this.code = code;
+  }
+}
+export class CallbackError extends Error implements AuthError {
+  type = 'CallbackError';
+  code?: string;
+  constructor(message: string, code?: string) {
+    super(message);
+    this.code = code;
+  }
+}
+export class SessionError extends Error implements AuthError {
+  type = 'SessionError';
+  code?: string;
+  constructor(message: string, code?: string) {
+    super(message);
+    this.code = code;
+  }
+}
+// Re-export for convenience
+export type { AuthProvider as Provider };
+export type { AuthUser as User };
+export type { AuthSession as Session };
+export type { AuthAccount as Account };
+export type { AuthJWT as JWT };

package/tsconfig.json CHANGED Viewed

@@ -18,4 +18,4 @@
   },
   "include": ["src/**/*"],
   "exclude": ["node_modules", "dist"]
-}
+}