@mostajs/auth 2.3.0 → 2.3.2

package/dist/components/PermissionGuard.js

@@ -2,7 +2,7 @@
 // Author: Dr Hamid MADANI drmdh@msn.com
 'use client';
 import { Fragment as _Fragment, jsx as _jsx } from "react/jsx-runtime";
-import { usePermissions } from '../hooks/usePermissions';
+import { usePermissions } from '../hooks/usePermissions.js';
 /**
  * Conditionally renders children based on user permissions.
  * Admin users bypass all permission checks.

package/dist/index.js

@@ -2,11 +2,11 @@
 // Author: Dr Hamid MADANI drmdh@msn.com
 // For server-side code (repos, seed, auth handlers), use '@mostajs/auth/server'
 // Permission helpers (pure utilities — no external dependency)
-export { hasPermission, hasAllPermissions, hasAnyPermission } from './helpers/permissions';
+export { hasPermission, hasAllPermissions, hasAnyPermission } from './helpers/permissions.js';
 // Schemas (re-export from rbac — pure data, no ORM)
 export { UserSchema, RoleSchema, PermissionSchema, PermissionCategorySchema } from '@mostajs/rbac';
 // Hooks
-export { usePermissions } from './hooks/usePermissions';
+export { usePermissions } from './hooks/usePermissions.js';
 // Components
-export { default as PermissionGuard } from './components/PermissionGuard';
-export { default as SessionProvider } from './components/SessionProvider';
+export { default as PermissionGuard } from './components/PermissionGuard.js';
+export { default as SessionProvider } from './components/SessionProvider.js';

package/dist/lib/auth-check.js

@@ -1,7 +1,7 @@
 // @mosta/auth — Server-side auth guards
 // Author: Dr Hamid MADANI drmdh@msn.com
 import { NextResponse } from 'next/server';
-import { hasPermission } from '../helpers/permissions';
+import { hasPermission } from '../helpers/permissions.js';
 import { getPermissionsForRoleFromDB } from '@mostajs/rbac/lib/permissions-server';
 /**
  * Create server-side guard functions bound to your auth() instance.

package/dist/lib/auth.js

@@ -5,7 +5,7 @@ import NextAuth from 'next-auth';
 import CredentialsProvider from 'next-auth/providers/credentials';
 import { getEnv } from '@mostajs/config';
 import { getRbacRepos } from '@mostajs/rbac/lib/repos-factory';
-import { comparePassword } from './password';
+import { comparePassword } from './password.js';
 /**
  * Create NextAuth handlers configured for MostaAuth RBAC.
  *

package/dist/server.js

@@ -2,13 +2,13 @@
 // Author: Dr Hamid MADANI drmdh@msn.com
 // Import from '@mostajs/auth/server' in API routes and server code
 // Auth handler factories (depend on ORM via rbac repos)
-export { createAuthHandlers } from './lib/auth';
-export { createAuthChecks } from './lib/auth-check';
-export { createAuthMiddleware } from './middleware/auth-middleware';
+export { createAuthHandlers } from './lib/auth.js';
+export { createAuthChecks } from './lib/auth-check.js';
+export { createAuthMiddleware } from './middleware/auth-middleware.js';
 // Password utils
-export { hashPassword, comparePassword } from './lib/password';
+export { hashPassword, comparePassword } from './lib/password.js';
 // Framework-agnostic request authorization (apikey + scope checks)
-export { checkRequest } from './lib/check-request';
+export { checkRequest } from './lib/check-request.js';
 // Server-side permission DB lookup (re-export from rbac/server)
 export { getPermissionsForRoleFromDB } from '@mostajs/rbac/lib/permissions-server';
 // RBAC seed (re-export from rbac/server)
@@ -20,12 +20,12 @@ export { getSchemas, moduleInfo } from '@mostajs/rbac/lib/module-info';
 // Repositories (re-export from rbac/server)
 export { UserRepository, RoleRepository, PermissionRepository, PermissionCategoryRepository } from '@mostajs/rbac/server';
 // Registration
-export { createRegistrationHandler } from './lib/registration';
+export { createRegistrationHandler } from './lib/registration.js';
 // Email verification
-export { createVerificationHandlers, generateVerifyToken } from './lib/email-verification';
+export { createVerificationHandlers, generateVerifyToken } from './lib/email-verification.js';
 // Password reset
-export { createPasswordResetHandlers, generateResetToken } from './lib/password-reset';
+export { createPasswordResetHandlers, generateResetToken } from './lib/password-reset.js';
 // API key provider
-export { createApiKeyProvider } from './lib/apikey-provider';
+export { createApiKeyProvider } from './lib/apikey-provider.js';
 // Session enrichment
-export { enrichTokenWithPlan, enrichSessionWithPlan } from './lib/session-enrichment';
+export { enrichTokenWithPlan, enrichSessionWithPlan } from './lib/session-enrichment.js';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mostajs/auth",
-  "version": "2.3.0",
+  "version": "2.3.2",
   "description": "Authentication — NextAuth, password hashing, session management",
   "author": "Dr Hamid MADANI <drmdh@msn.com>",
   "license": "AGPL-3.0-or-later",
@@ -83,6 +83,11 @@
       "import": "./dist/lib/apikey-provider.js",
       "default": "./dist/lib/apikey-provider.js"
     },
+    "./lib/check-request": {
+      "types": "./dist/lib/check-request.d.ts",
+      "import": "./dist/lib/check-request.js",
+      "default": "./dist/lib/check-request.js"
+    },
     "./lib/session-enrichment": {
       "types": "./dist/lib/session-enrichment.d.ts",
       "import": "./dist/lib/session-enrichment.js",
@@ -114,7 +119,8 @@
     "node": ">=18.0.0"
   },
   "scripts": {
-    "build": "tsc",
+    "build": "tsc && npm run fix-esm",
+    "fix-esm": "find dist -name '*.js' -exec sed -i -E \"s|from '(\\\\.{1,2}/[^']+)'(;?)|from '\\\\1.js'\\\\2|g; s|from \\\"(\\\\.{1,2}/[^\\\"]+)\\\"(;?)|from \\\"\\\\1.js\\\"\\\\2|g\" {} \\; && find dist -name '*.js' -exec sed -i -E \"s|\\\\.js\\\\.js|.js|g\" {} \\;",
     "prepublishOnly": "npm run build"
   },
   "dependencies": {

package/dist/lib/permissions.d.ts

@@ -1,9 +0,0 @@
-/**
- * Check if a user has a specific permission.
- * Supports wildcard '*' for full access.
- */
-export declare function hasPermission(userPermissions: string[], requiredPermission: string): boolean;
-/**
- * Get permissions for a role from a static map.
- */
-export declare function getPermissionsForRole(rolePermissions: Record<string, string[]>, role: string): string[];

package/dist/lib/permissions.js

@@ -1,19 +0,0 @@
-// @mosta/auth — Permission helpers (client-safe)
-// Author: Dr Hamid MADANI drmdh@msn.com
-/**
- * Check if a user has a specific permission.
- * Supports wildcard '*' for full access.
- */
-export function hasPermission(userPermissions, requiredPermission) {
-    if (!userPermissions || userPermissions.length === 0)
-        return false;
-    if (userPermissions.includes('*'))
-        return true;
-    return userPermissions.includes(requiredPermission);
-}
-/**
- * Get permissions for a role from a static map.
- */
-export function getPermissionsForRole(rolePermissions, role) {
-    return rolePermissions[role] || [];
-}

package/dist/lib/rbac-seed.d.ts

@@ -1,15 +0,0 @@
-import type { CategoryDefinition, PermissionDefinition, RoleDefinition } from '../types/index';
-export interface SeedRBACOptions {
-    categories: CategoryDefinition[];
-    permissions: PermissionDefinition[];
-    roles: Record<string, RoleDefinition>;
-}
-/**
- * Idempotent seed of categories, permissions and roles.
- * Uses upsert — safe to call multiple times.
- */
-export declare function seedRBAC(options: SeedRBACOptions): Promise<{
-    categoryCount: number;
-    permissionCount: number;
-    roleCount: number;
-}>;

package/dist/lib/rbac-seed.js

@@ -1,38 +0,0 @@
-// @mosta/auth — RBAC Seed function
-// Author: Dr Hamid MADANI drmdh@msn.com
-import { getDialect } from '@mostajs/orm';
-import { PermissionCategoryRepository } from '../repositories/permission-category.repository';
-import { PermissionRepository } from '../repositories/permission.repository';
-import { RoleRepository } from '../repositories/role.repository';
-/**
- * Idempotent seed of categories, permissions and roles.
- * Uses upsert — safe to call multiple times.
- */
-export async function seedRBAC(options) {
-    const dialect = await getDialect();
-    const catRepo = new PermissionCategoryRepository(dialect);
-    const permRepo = new PermissionRepository(dialect);
-    const roleRepo = new RoleRepository(dialect);
-    // 1. Upsert categories
-    for (const cat of options.categories) {
-        await catRepo.upsert({ name: cat.name }, cat);
-    }
-    // 2. Upsert permissions — build code→id map
-    const permissionMap = {};
-    for (const pDef of options.permissions) {
-        const perm = await permRepo.upsert({ name: pDef.name }, { name: pDef.name, description: pDef.description, category: pDef.category });
-        permissionMap[pDef.code] = perm.id;
-    }
-    // 3. Upsert roles with permission IDs
-    for (const [, roleDef] of Object.entries(options.roles)) {
-        const permissionIds = roleDef.permissions
-            .map((code) => permissionMap[code])
-            .filter(Boolean);
-        await roleRepo.upsert({ name: roleDef.name }, { name: roleDef.name, description: roleDef.description, permissions: permissionIds });
-    }
-    return {
-        categoryCount: options.categories.length,
-        permissionCount: options.permissions.length,
-        roleCount: Object.keys(options.roles).length,
-    };
-}

package/dist/repositories/permission-category.repository.d.ts

@@ -1,10 +0,0 @@
-import { BaseRepository } from '@mostajs/orm';
-import type { IDialect } from '@mostajs/orm';
-import type { PermissionCategoryDTO } from '../types/index';
-export declare class PermissionCategoryRepository extends BaseRepository<PermissionCategoryDTO> {
-    constructor(dialect: IDialect);
-    /** Find all sorted by order then name */
-    findAllOrdered(): Promise<PermissionCategoryDTO[]>;
-    /** Find by name (unique) */
-    findByName(name: string): Promise<PermissionCategoryDTO | null>;
-}

package/dist/repositories/permission-category.repository.js

@@ -1,17 +0,0 @@
-// @mosta/auth — PermissionCategoryRepository
-// Author: Dr Hamid MADANI drmdh@msn.com
-import { BaseRepository } from '@mostajs/orm';
-import { PermissionCategorySchema } from '../schemas/permission-category.schema';
-export class PermissionCategoryRepository extends BaseRepository {
-    constructor(dialect) {
-        super(PermissionCategorySchema, dialect);
-    }
-    /** Find all sorted by order then name */
-    async findAllOrdered() {
-        return this.findAll({}, { sort: { order: 1, name: 1 } });
-    }
-    /** Find by name (unique) */
-    async findByName(name) {
-        return this.findOne({ name });
-    }
-}

package/dist/repositories/permission.repository.d.ts

@@ -1,12 +0,0 @@
-import { BaseRepository } from '@mostajs/orm';
-import type { IDialect } from '@mostajs/orm';
-import type { PermissionDTO } from '../types/index';
-export declare class PermissionRepository extends BaseRepository<PermissionDTO> {
-    constructor(dialect: IDialect);
-    /** Find all sorted by category then name */
-    findAllSorted(): Promise<PermissionDTO[]>;
-    /** Find by name (unique) */
-    findByName(name: string): Promise<PermissionDTO | null>;
-    /** Count permissions in a category */
-    countByCategory(category: string): Promise<number>;
-}

package/dist/repositories/permission.repository.js

@@ -1,21 +0,0 @@
-// @mosta/auth — PermissionRepository
-// Author: Dr Hamid MADANI drmdh@msn.com
-import { BaseRepository } from '@mostajs/orm';
-import { PermissionSchema } from '../schemas/permission.schema';
-export class PermissionRepository extends BaseRepository {
-    constructor(dialect) {
-        super(PermissionSchema, dialect);
-    }
-    /** Find all sorted by category then name */
-    async findAllSorted() {
-        return this.findAll({}, { sort: { category: 1, name: 1 } });
-    }
-    /** Find by name (unique) */
-    async findByName(name) {
-        return this.findOne({ name });
-    }
-    /** Count permissions in a category */
-    async countByCategory(category) {
-        return this.count({ category });
-    }
-}

package/dist/repositories/role.repository.d.ts

@@ -1,18 +0,0 @@
-import { BaseRepository } from '@mostajs/orm';
-import type { IDialect } from '@mostajs/orm';
-import type { RoleDTO } from '../types/index';
-export declare class RoleRepository extends BaseRepository<RoleDTO> {
-    constructor(dialect: IDialect);
-    /** Find all roles with permissions populated */
-    findAllWithPermissions(): Promise<RoleDTO[]>;
-    /** Find a role by name */
-    findByName(name: string): Promise<RoleDTO | null>;
-    /** Find role by ID with permissions populated */
-    findByIdWithPermissions(id: string): Promise<RoleDTO | null>;
-    /** Add a permission to a role */
-    addPermission(roleId: string, permissionId: string): Promise<RoleDTO | null>;
-    /** Remove a permission from a role */
-    removePermission(roleId: string, permissionId: string): Promise<RoleDTO | null>;
-    /** Remove a permission from ALL roles (cascade) */
-    removePermissionFromAll(permissionId: string): Promise<number>;
-}

package/dist/repositories/role.repository.js

@@ -1,33 +0,0 @@
-// @mosta/auth — RoleRepository
-// Author: Dr Hamid MADANI drmdh@msn.com
-import { BaseRepository } from '@mostajs/orm';
-import { RoleSchema } from '../schemas/role.schema';
-export class RoleRepository extends BaseRepository {
-    constructor(dialect) {
-        super(RoleSchema, dialect);
-    }
-    /** Find all roles with permissions populated */
-    async findAllWithPermissions() {
-        return this.findWithRelations({}, ['permissions']);
-    }
-    /** Find a role by name */
-    async findByName(name) {
-        return this.findOne({ name });
-    }
-    /** Find role by ID with permissions populated */
-    async findByIdWithPermissions(id) {
-        return this.findByIdWithRelations(id, ['permissions']);
-    }
-    /** Add a permission to a role */
-    async addPermission(roleId, permissionId) {
-        return this.addToSet(roleId, 'permissions', permissionId);
-    }
-    /** Remove a permission from a role */
-    async removePermission(roleId, permissionId) {
-        return this.pull(roleId, 'permissions', permissionId);
-    }
-    /** Remove a permission from ALL roles (cascade) */
-    async removePermissionFromAll(permissionId) {
-        return this.updateMany({ permissions: permissionId }, { $pull: { permissions: permissionId } });
-    }
-}

package/dist/repositories/user.repository.d.ts

@@ -1,24 +0,0 @@
-import { BaseRepository } from '@mostajs/orm';
-import type { IDialect, FilterQuery, QueryOptions } from '@mostajs/orm';
-import type { UserDTO } from '../types/index';
-export declare class UserRepository extends BaseRepository<UserDTO> {
-    constructor(dialect: IDialect);
-    /** List users without password field */
-    findAllSafe(filter?: FilterQuery, options?: QueryOptions): Promise<UserDTO[]>;
-    /** Find a single user by ID without password */
-    findByIdSafe(id: string): Promise<UserDTO | null>;
-    /** Find user by email (for authentication) */
-    findByEmail(email: string): Promise<UserDTO | null>;
-    /** Update lastLoginAt timestamp */
-    updateLastLogin(id: string): Promise<void>;
-    /** Find user by ID with roles populated */
-    findByIdWithRoles(id: string): Promise<UserDTO | null>;
-    /** Find all users with roles populated (no password) */
-    findAllWithRoles(filter?: FilterQuery, options?: QueryOptions): Promise<UserDTO[]>;
-    /** Count users having a specific role */
-    countByRole(roleId: string): Promise<number>;
-    /** Add a role to a user */
-    addRole(userId: string, roleId: string): Promise<UserDTO | null>;
-    /** Remove a role from a user */
-    removeRole(userId: string, roleId: string): Promise<UserDTO | null>;
-}

package/dist/repositories/user.repository.js

@@ -1,45 +0,0 @@
-// @mosta/auth — UserRepository
-// Author: Dr Hamid MADANI drmdh@msn.com
-import { BaseRepository } from '@mostajs/orm';
-import { UserSchema } from '../schemas/user.schema';
-export class UserRepository extends BaseRepository {
-    constructor(dialect) {
-        super(UserSchema, dialect);
-    }
-    /** List users without password field */
-    async findAllSafe(filter = {}, options) {
-        return this.findAll(filter, { ...options, exclude: ['password'] });
-    }
-    /** Find a single user by ID without password */
-    async findByIdSafe(id) {
-        return this.findById(id, { exclude: ['password'] });
-    }
-    /** Find user by email (for authentication) */
-    async findByEmail(email) {
-        return this.findOne({ email: email.toLowerCase() });
-    }
-    /** Update lastLoginAt timestamp */
-    async updateLastLogin(id) {
-        await this.update(id, { lastLoginAt: new Date() });
-    }
-    /** Find user by ID with roles populated */
-    async findByIdWithRoles(id) {
-        return this.findByIdWithRelations(id, ['roles']);
-    }
-    /** Find all users with roles populated (no password) */
-    async findAllWithRoles(filter = {}, options) {
-        return this.findWithRelations(filter, ['roles'], { ...options, exclude: ['password'] });
-    }
-    /** Count users having a specific role */
-    async countByRole(roleId) {
-        return this.count({ roles: roleId });
-    }
-    /** Add a role to a user */
-    async addRole(userId, roleId) {
-        return this.addToSet(userId, 'roles', roleId);
-    }
-    /** Remove a role from a user */
-    async removeRole(userId, roleId) {
-        return this.pull(userId, 'roles', roleId);
-    }
-}

package/dist/schemas/permission-category.schema.d.ts

@@ -1,2 +0,0 @@
-import type { EntitySchema } from '@mostajs/orm';
-export declare const PermissionCategorySchema: EntitySchema;

package/dist/schemas/permission-category.schema.js

@@ -1,17 +0,0 @@
-export const PermissionCategorySchema = {
-    name: 'PermissionCategory',
-    collection: 'permission_categories',
-    timestamps: true,
-    fields: {
-        name: { type: 'string', required: true, unique: true, lowercase: true, trim: true },
-        label: { type: 'string', required: true, trim: true },
-        description: { type: 'string' },
-        icon: { type: 'string' },
-        order: { type: 'number', default: 0 },
-        system: { type: 'boolean', default: false },
-    },
-    relations: {},
-    indexes: [
-        { fields: { order: 'asc', name: 'asc' } },
-    ],
-};

package/dist/schemas/permission.schema.d.ts

@@ -1,2 +0,0 @@
-import type { EntitySchema } from '@mostajs/orm';
-export declare const PermissionSchema: EntitySchema;

package/dist/schemas/permission.schema.js

@@ -1,12 +0,0 @@
-export const PermissionSchema = {
-    name: 'Permission',
-    collection: 'permissions',
-    timestamps: true,
-    fields: {
-        name: { type: 'string', required: true, unique: true },
-        description: { type: 'string' },
-        category: { type: 'string' },
-    },
-    relations: {},
-    indexes: [],
-};

package/dist/schemas/role.schema.d.ts

@@ -1,2 +0,0 @@
-import type { EntitySchema } from '@mostajs/orm';
-export declare const RoleSchema: EntitySchema;

package/dist/schemas/role.schema.js

@@ -1,13 +0,0 @@
-export const RoleSchema = {
-    name: 'Role',
-    collection: 'roles',
-    timestamps: true,
-    fields: {
-        name: { type: 'string', required: true, unique: true },
-        description: { type: 'string' },
-    },
-    relations: {
-        permissions: { target: 'Permission', type: 'many-to-many', through: 'role_permissions' },
-    },
-    indexes: [],
-};

package/dist/schemas/user.schema.d.ts

@@ -1,2 +0,0 @@
-import type { EntitySchema } from '@mostajs/orm';
-export declare const UserSchema: EntitySchema;

package/dist/schemas/user.schema.js

@@ -1,20 +0,0 @@
-export const UserSchema = {
-    name: 'User',
-    collection: 'users',
-    timestamps: true,
-    fields: {
-        email: { type: 'string', required: true, unique: true, lowercase: true, trim: true },
-        password: { type: 'string', required: true },
-        firstName: { type: 'string', required: true, trim: true },
-        lastName: { type: 'string', required: true, trim: true },
-        phone: { type: 'string', trim: true },
-        status: { type: 'string', enum: ['active', 'locked', 'disabled'], default: 'active' },
-        lastLoginAt: { type: 'date' },
-    },
-    relations: {
-        roles: { target: 'Role', type: 'many-to-many', through: 'user_roles' },
-    },
-    indexes: [
-        { fields: { status: 'asc' } },
-    ],
-};