npm - @mostajs/auth - Versions diffs - 1.0.3 → 2.0.0 - Mend

@mostajs/auth 1.0.3 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/dist/helpers/permissions.d.ts +3 -0
package/dist/helpers/permissions.js +16 -0
package/dist/index.d.ts +1 -10
package/dist/index.js +5 -18
package/dist/lib/auth-check.js +1 -1
package/dist/lib/auth.js +7 -13
package/dist/register.d.ts +7 -2
package/dist/server.d.ts +9 -0
package/dist/server.js +15 -0
package/package.json +9 -5

package/dist/helpers/permissions.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export declare function hasPermission(userPermissions: string[], requiredPermission: string): boolean;
+export declare function hasAllPermissions(userPermissions: string[], requiredPermissions: string[]): boolean;
+export declare function hasAnyPermission(userPermissions: string[], requiredPermissions: string[]): boolean;

package/dist/helpers/permissions.js ADDED Viewed

@@ -0,0 +1,16 @@
+// Permission helpers — pure utility functions (zero dependencies)
+// Originates from @mostajs/socle — inlined here to avoid the dependency
+// Author: Dr Hamid MADANI drmdh@msn.com
+export function hasPermission(userPermissions, requiredPermission) {
+    if (!userPermissions || userPermissions.length === 0)
+        return false;
+    if (userPermissions.includes('*'))
+        return true;
+    return userPermissions.includes(requiredPermission);
+}
+export function hasAllPermissions(userPermissions, requiredPermissions) {
+    return requiredPermissions.every(p => hasPermission(userPermissions, p));
+}
+export function hasAnyPermission(userPermissions, requiredPermissions) {
+    return requiredPermissions.some(p => hasPermission(userPermissions, p));
+}

package/dist/index.d.ts CHANGED Viewed

@@ -1,14 +1,5 @@
-export { createAuthHandlers } from './lib/auth';
-export { createAuthChecks } from './lib/auth-check';
-export { createAuthMiddleware } from './middleware/auth-middleware';
-export type { AuthMiddlewareOptions } from './middleware/auth-middleware';
-export { hashPassword, comparePassword } from './lib/password';
-export { hasPermission, hasAllPermissions, hasAnyPermission } from '@mostajs/socle';
-export { getPermissionsForRoleFromDB } from '@mostajs/rbac/lib/permissions-server';
-export { seedRBAC } from '@mostajs/rbac/lib/rbac-seed';
-export type { SeedRBACOptions } from '@mostajs/rbac/lib/rbac-seed';
+export { hasPermission, hasAllPermissions, hasAnyPermission } from './helpers/permissions';
 export { UserSchema, RoleSchema, PermissionSchema, PermissionCategorySchema } from '@mostajs/rbac';
-export { UserRepository, RoleRepository, PermissionRepository, PermissionCategoryRepository } from '@mostajs/rbac';
 export { usePermissions } from './hooks/usePermissions';
 export { default as PermissionGuard } from './components/PermissionGuard';
 export { default as SessionProvider } from './components/SessionProvider';

package/dist/index.js CHANGED Viewed

@@ -1,23 +1,10 @@
-// @mostajs/auth — Barrel exports
+// @mostajs/auth — Client-safe barrel (NO ORM imports)
 // Author: Dr Hamid MADANI drmdh@msn.com
-// Phase 3: schemas/repos/seed moved to @mostajs/rbac.
-// Re-exported here for backwards compatibility.
-// Auth factory
-export { createAuthHandlers } from './lib/auth';
-export { createAuthChecks } from './lib/auth-check';
-export { createAuthMiddleware } from './middleware/auth-middleware';
-// Password utils (stays in auth — it's authentication)
-export { hashPassword, comparePassword } from './lib/password';
-// Permission helpers (hasPermission now lives in @mostajs/socle)
-export { hasPermission, hasAllPermissions, hasAnyPermission } from '@mostajs/socle';
-// Server-side permission DB lookup (re-export from rbac)
-export { getPermissionsForRoleFromDB } from '@mostajs/rbac/lib/permissions-server';
-// RBAC seed (re-export from rbac)
-export { seedRBAC } from '@mostajs/rbac/lib/rbac-seed';
-// Schemas (re-export from rbac)
+// For server-side code (repos, seed, auth handlers), use '@mostajs/auth/server'
+// Permission helpers (pure utilities — no external dependency)
+export { hasPermission, hasAllPermissions, hasAnyPermission } from './helpers/permissions';
+// Schemas (re-export from rbac — pure data, no ORM)
 export { UserSchema, RoleSchema, PermissionSchema, PermissionCategorySchema } from '@mostajs/rbac';
-// Repositories (re-export from rbac)
-export { UserRepository, RoleRepository, PermissionRepository, PermissionCategoryRepository } from '@mostajs/rbac';
 // Hooks
 export { usePermissions } from './hooks/usePermissions';
 // Components

package/dist/lib/auth-check.js CHANGED Viewed

@@ -1,7 +1,7 @@
 // @mosta/auth — Server-side auth guards
 // Author: Dr Hamid MADANI drmdh@msn.com
 import { NextResponse } from 'next/server';
-import { hasPermission } from '@mostajs/socle';
+import { hasPermission } from '../helpers/permissions';
 import { getPermissionsForRoleFromDB } from '@mostajs/rbac/lib/permissions-server';
 /**
  * Create server-side guard functions bound to your auth() instance.

package/dist/lib/auth.js CHANGED Viewed

@@ -3,13 +3,8 @@
 // Phase 3: schemas/repos imported from @mostajs/rbac
 import NextAuth from 'next-auth';
 import CredentialsProvider from 'next-auth/providers/credentials';
-import { getDialect, registerSchemas } from '@mostajs/orm';
-import { UserRepository, RoleRepository } from '@mostajs/rbac';
-import { UserSchema, RoleSchema, PermissionSchema, PermissionCategorySchema } from '@mostajs/rbac';
+import { getRbacRepos } from '@mostajs/rbac/lib/repos-factory';
 import { comparePassword } from './password';
-// Auto-register RBAC schemas into ORM registry (idempotent)
-// Must run before getDialect() to ensure relations are resolvable
-registerSchemas([UserSchema, RoleSchema, PermissionSchema, PermissionCategorySchema]);
 /**
  * Create NextAuth handlers configured for MostaAuth RBAC.
  *
@@ -38,8 +33,8 @@ export function createAuthHandlers(rolePermissions, config) {
                 async authorize(credentials) {
                     if (!credentials?.email || !credentials?.password)
                         return null;
-                    const uRepo = new UserRepository(await getDialect());
-                    const user = await uRepo.findByEmail(credentials.email);
+                    const { users } = await getRbacRepos();
+                    const user = await users.findByEmail(credentials.email);
                     if (!user)
                         return null;
                     if (user.status !== 'active')
@@ -47,7 +42,7 @@ export function createAuthHandlers(rolePermissions, config) {
                     const valid = await comparePassword(credentials.password, user.password);
                     if (!valid)
                         return null;
-                    await uRepo.updateLastLogin(user.id);
+                    await users.updateLastLogin(user.id);
                     const { roleNames, permissions } = await resolveUserPermissions(user.id, rolePermissions);
                     return {
                         id: user.id,
@@ -100,9 +95,8 @@ export function createAuthHandlers(rolePermissions, config) {
 // ─── Internal: resolve user→roles→permissions ─────────────────
 async function resolveUserPermissions(userId, fallbackMap) {
     try {
-        const uRepo = new UserRepository(await getDialect());
-        const rRepo = new RoleRepository(await getDialect());
-        const userWithRoles = await uRepo.findByIdWithRoles(userId);
+        const { users, roles: rolesRepo } = await getRbacRepos();
+        const userWithRoles = await users.findByIdWithRoles(userId);
         if (userWithRoles?.roles?.length) {
             const roleNames = [];
             const permissions = [];
@@ -112,7 +106,7 @@ async function resolveUserPermissions(userId, fallbackMap) {
                 if (roleName)
                     roleNames.push(roleName);
                 if (roleId) {
-                    const roleWithPerms = await rRepo.findByIdWithPermissions(roleId);
+                    const roleWithPerms = await rolesRepo.findByIdWithPermissions(roleId);
                     if (roleWithPerms?.permissions) {
                         for (const perm of roleWithPerms.permissions) {
                             const permName = typeof perm === 'string' ? perm : perm?.name;

package/dist/register.d.ts CHANGED Viewed

@@ -1,4 +1,9 @@
-import type { ModuleRegistration } from '@mostajs/socle';
+/** Minimal registration shape — avoids hard dependency on @mostajs/socle */
+interface ModuleRegistrationLike {
+    manifest: Record<string, unknown>;
+    [key: string]: unknown;
+}
 export declare function register(registry: {
-    register(r: ModuleRegistration): void;
+    register(r: ModuleRegistrationLike): void;
 }): void;
+export {};

package/dist/server.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+export { createAuthHandlers } from './lib/auth';
+export { createAuthChecks } from './lib/auth-check';
+export { createAuthMiddleware } from './middleware/auth-middleware';
+export type { AuthMiddlewareOptions } from './middleware/auth-middleware';
+export { hashPassword, comparePassword } from './lib/password';
+export { getPermissionsForRoleFromDB } from '@mostajs/rbac/lib/permissions-server';
+export { seedRBAC } from '@mostajs/rbac/lib/rbac-seed';
+export type { SeedRBACOptions } from '@mostajs/rbac/lib/rbac-seed';
+export { UserRepository, RoleRepository, PermissionRepository, PermissionCategoryRepository } from '@mostajs/rbac/server';

package/dist/server.js ADDED Viewed

@@ -0,0 +1,15 @@
+// @mostajs/auth/server — Server-side exports (ORM-dependent)
+// Author: Dr Hamid MADANI drmdh@msn.com
+// Import from '@mostajs/auth/server' in API routes and server code
+// Auth handler factories (depend on ORM via rbac repos)
+export { createAuthHandlers } from './lib/auth';
+export { createAuthChecks } from './lib/auth-check';
+export { createAuthMiddleware } from './middleware/auth-middleware';
+// Password utils
+export { hashPassword, comparePassword } from './lib/password';
+// Server-side permission DB lookup (re-export from rbac/server)
+export { getPermissionsForRoleFromDB } from '@mostajs/rbac/lib/permissions-server';
+// RBAC seed (re-export from rbac/server)
+export { seedRBAC } from '@mostajs/rbac/lib/rbac-seed';
+// Repositories (re-export from rbac/server)
+export { UserRepository, RoleRepository, PermissionRepository, PermissionCategoryRepository } from '@mostajs/rbac/server';

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@mostajs/auth",
-  "version": "1.0.3",
+  "version": "2.0.0",
   "description": "Authentication — NextAuth, password hashing, session management",
   "author": "Dr Hamid MADANI <drmdh@msn.com>",
   "license": "MIT",
@@ -53,6 +53,11 @@
       "import": "./dist/middleware/auth-middleware.js",
       "default": "./dist/middleware/auth-middleware.js"
     },
+    "./server": {
+      "types": "./dist/server.d.ts",
+      "import": "./dist/server.js",
+      "default": "./dist/server.js"
+    },
     "./register": {
       "types": "./dist/register.d.ts",
       "import": "./dist/register.js",
@@ -88,19 +93,18 @@
     "prepublishOnly": "npm run build"
   },
   "dependencies": {
-    "@mostajs/orm": "^1.0.0",
+    "@mostajs/net": "^2.0.0",
+    "@mostajs/orm": "^1.7.0",
     "bcryptjs": "^2.4.3"
   },
   "peerDependencies": {
     "@mostajs/rbac": ">=1.0.0",
-    "@mostajs/socle": ">=2.0.0",
     "next": ">=14",
     "next-auth": ">=5.0.0-beta.25",
     "react": ">=18"
   },
   "devDependencies": {
-    "@mostajs/rbac": "^1.0.4",
-    "@mostajs/socle": "^2.0.0",
+    "@mostajs/rbac": "^2.0.1",
     "@types/bcryptjs": "^2.4.0",
     "@types/node": "^25.3.3",
     "@types/react": "^19.0.0",