@murumets-ee/auth 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/dist/admin/index.cjs +1 -0
  2. package/dist/admin/index.d.cts +72 -0
  3. package/dist/{chunk-2GGGFSMD.js → chunk-CJL274PJ.js} +1 -1
  4. package/dist/client.cjs +1 -0
  5. package/dist/client.d.cts +2064 -0
  6. package/dist/index.cjs +1 -0
  7. package/dist/index.d.cts +114 -0
  8. package/dist/index.js +1 -1
  9. package/dist/plugin-C-MA3A5U.d.cts +993 -0
  10. package/dist/plugin.cjs +1 -0
  11. package/dist/plugin.d.cts +6 -0
  12. package/dist/plugin.js +1 -1
  13. package/dist/{server-GEU5KK6Y.js → server-NWTKDUCB.js} +1 -1
  14. package/package.json +13 -9
package/dist/plugin.cjs ADDED
@@ -0,0 +1 @@
1
+ "use strict";var L=Object.create;var p=Object.defineProperty;var x=Object.getOwnPropertyDescriptor;var D=Object.getOwnPropertyNames;var H=Object.getPrototypeOf,M=Object.prototype.hasOwnProperty;var b=(t,n)=>()=>(t&&(n=t(t=0)),n);var w=(t,n)=>{for(var e in n)p(t,e,{get:n[e],enumerable:!0})},A=(t,n,e,s)=>{if(n&&typeof n=="object"||typeof n=="function")for(let r of D(n))!M.call(t,r)&&r!==e&&p(t,r,{get:()=>n[r],enumerable:!(s=x(n,r))||s.enumerable});return t};var U=(t,n,e)=>(e=t!=null?L(H(t)):{},A(n||!t||!t.__esModule?p(e,"default",{value:t,enumerable:!0}):e,t)),W=t=>A(p({},"__esModule",{value:!0}),t);function R(t){return t.behaviors?.some(n=>n.name==="publishable")??!1}function I(t){let n={...f};for(let e of t)n[e.name]=R(e)?F:j;return n}function T(t,n){let e={},s={};e.user=[...f.user],e.session=[...f.session],s.user=[],s.session=[];for(let r of n)e[r.name]=R(r)?["view","create","update","delete","publish"]:["view","create","update","delete"],s[r.name]=["view"];return{admin:t.newRole(e),authenticated:t.newRole(s)}}var z,j,F,f,S=b(()=>{"use strict";z=require("better-auth/plugins/access"),j=["view","create","update","delete"],F=["view","create","update","delete","publish"];f={user:["create","list","set-role","ban","impersonate","delete","set-password","get","update"],session:["list","revoke","delete"]}});var C={};w(C,{createAuthServer:()=>X});function m(t){let n=t?.context?.session,e=n?.user;return{id:e?.id??n?.userId,name:e?.name}}function G(t,n){function e(r){n?.log(r).catch(()=>{})}let s=null;return{user:{create:{after:async r=>{try{await t.readWrite.execute(h.sql`UPDATE "user" SET role = 'admin' WHERE id = ${r.id} AND (SELECT COUNT(*) FROM "user") = 1`)}catch{}e({action:"auth.signup",entityType:"user",entityId:r.id,userId:r.id,userName:r.name,changes:{fields:{name:r.name,email:r.email}}})}},update:{before:async r=>{let o={};for(let[i,a]of Object.entries(r))q.has(i)||i==="id"||(o[i]=a);s=Object.keys(o).length>0?o:null},after:async(r,o)=>{let i=m(o),a=s;s=null,e({action:"auth.user.update",entityType:"user",entityId:r.id,userId:i.id,userName:i.name,changes:a?{fields:a}:void 0,metadata:{targetUser:r.name}})}},delete:{after:async(r,o)=>{let i=m(o);e({action:"auth.user.delete",entityType:"user",entityId:r.id,userId:i.id,userName:i.name,metadata:{targetUser:r.name}})}}}}}function Q(t){function n(e){t.log(e).catch(()=>{})}return{after:(0,g.createAuthMiddleware)(async e=>{if(B.some(c=>e.path.startsWith(c))){let u=e.context.returned?.status;if(!u)return;if(u>=400){let d=e.body?.email;n({action:"auth.login.failed",metadata:{...typeof d=="string"?{email:d}:{},status:u,path:e.path}})}else{let d=e.context.newSession;d?.user?.id&&n({action:"auth.login",entityType:"user",entityId:d.user.id,userId:d.user.id,userName:d.user.name})}return}if(e.path===K){let c=e.context.returned;if(!c?.status||c.status<400){let u=m(e);u.id&&n({action:"auth.logout",entityType:"user",entityId:u.id,userId:u.id,userName:u.name})}return}let r=$[e.path];if(r){let c=e.context.returned;if(!c?.status||c.status<400){let u=m(e),d=e.body;n({action:r,entityType:"user",userId:u.id,userName:u.name,metadata:{...typeof d?.email=="string"?{email:d.email}:{},path:e.path}})}return}let o=J[e.path];if(!o)return;let i=e.context.returned;if(i?.status&&i.status>=400)return;let a=m(e),l=e.body;n({action:o,entityType:"user",entityId:l?.userId??void 0,userId:a.id,userName:a.name,metadata:{targetUserId:l?.userId,...l?.role?{role:l.role}:{},path:e.path}})})}}function V(t){return(0,g.createAuthMiddleware)(async n=>{if(n.path!=="/sign-up/email")return;let e=await t.readWrite.execute(h.sql`SELECT COUNT(*)::text as count FROM "user"`);if(Number(e[0]?.count)>0)throw new g.APIError("FORBIDDEN",{message:"Sign-up is closed"})})}function X(t,n,e){let s=[...n.entities.values()],r=I(s),o=(0,_.createAccessControl)(r),i=T(o,s),a={};return t.social?.google&&(a.google=t.social.google),t.social?.github&&(a.github=t.social.github),(0,k.betterAuth)({database:(0,v.drizzleAdapter)(n.db.readWrite,{provider:"pg",...t.schema?{schema:t.schema}:{}}),emailAndPassword:{enabled:t.providers?.includes("email")??!0},socialProviders:a,session:{expiresIn:t.session?.expiresIn??3600*2,updateAge:t.session?.updateAge??3600},rateLimit:{enabled:!0,window:60,max:100,storage:"memory",customRules:{"/sign-in/email":{window:60,max:5},"/sign-in/social":{window:60,max:10},"/sign-up/email":{window:60,max:3},"/forget-password":{window:60,max:3},"/reset-password":{window:60,max:5},"/admin/*":{window:60,max:20}}},databaseHooks:G(n.db,e),hooks:{before:V(n.db),...e?Q(e):{}},plugins:[(0,E.admin)({ac:o,roles:i,defaultRole:"authenticated"}),...t.organizations?[(0,N.organization)({ac:o,roles:i})]:[],...t.betterAuthPlugins??[],(0,P.nextCookies)()]})}var k,v,g,P,E,_,N,h,q,B,K,$,J,O=b(()=>{"use strict";k=require("better-auth"),v=require("better-auth/adapters/drizzle"),g=require("better-auth/api"),P=require("better-auth/next-js"),E=require("better-auth/plugins"),_=require("better-auth/plugins/access"),N=require("better-auth/plugins/organization"),h=require("drizzle-orm");S();q=new Set(["updatedAt","createdAt"]);B=["/sign-in/email","/sign-in/social"],K="/sign-out",$={"/change-password":"auth.password.change","/forget-password":"auth.password.reset_request","/reset-password":"auth.password.reset"},J={"/admin/set-role":"auth.admin.set_role","/admin/ban-user":"auth.admin.ban","/admin/unban-user":"auth.admin.unban","/admin/create-user":"auth.admin.create_user","/admin/remove-user":"auth.admin.remove_user","/admin/impersonate-user":"auth.admin.impersonate","/admin/stop-impersonating":"auth.admin.stop_impersonating","/admin/revoke-session":"auth.admin.revoke_session","/admin/revoke-sessions":"auth.admin.revoke_sessions"}});var ee={};w(ee,{auth:()=>Z,getAuth:()=>Y});module.exports=W(ee);var y=null;function Y(){if(!y)throw new Error("@murumets-ee/auth not initialized. Add auth() to your toolkit config plugins.");return y}function Z(t={}){return{name:"@murumets-ee/auth",init:async n=>{let{createAuthServer:e}=await Promise.resolve().then(()=>(O(),C)),s;if(t.audit!==!1){let{createAuditLogger:r,createAuditDbWriter:o,createLogger:i}=await import("@murumets-ee/logging");s=r({logger:i({name:"auth-audit"}),dbWriter:o(n.db.readWrite)})}y=e(t,n,s),n.logger.info("Auth plugin initialized")}}}0&&(module.exports={auth,getAuth});
package/dist/plugin.d.cts ADDED
@@ -0,0 +1,6 @@
1
+ import '@murumets-ee/core';
2
+ export { b as auth, g as getAuth } from './plugin-C-MA3A5U.cjs';
3
+ import 'better-auth/plugins';
4
+ import 'better-auth';
5
+ import '@murumets-ee/logging';
6
+ import 'better-auth/plugins/access';
package/dist/plugin.js CHANGED
@@ -1 +1 @@
1
- import{a,b}from"./chunk-2GGGFSMD.js";export{b as auth,a as getAuth};
1
+ import{a,b}from"./chunk-CJL274PJ.js";export{b as auth,a as getAuth};
package/dist/{server-GEU5KK6Y.js → server-NWTKDUCB.js} RENAMED
@@ -1 +1 @@
1
- import{i as l,j as p}from"./chunk-NH6AU5Z6.js";import{sql as f}from"drizzle-orm";import{betterAuth as w}from"better-auth";import{drizzleAdapter as y}from"better-auth/adapters/drizzle";import{APIError as b,createAuthMiddleware as h}from"better-auth/api";import{nextCookies as A}from"better-auth/next-js";import{admin as I}from"better-auth/plugins";import{createAccessControl as k}from"better-auth/plugins/access";import{organization as R}from"better-auth/plugins/organization";function c(n){let s=n?.context?.session,e=s?.user;return{id:e?.id??s?.userId,name:e?.name}}var S=new Set(["updatedAt","createdAt"]);function T(n,s){function e(t){s?.log(t).catch(()=>{})}let m=null;return{user:{create:{after:async t=>{try{await n.readWrite.execute(f`UPDATE "user" SET role = 'admin' WHERE id = ${t.id} AND (SELECT COUNT(*) FROM "user") = 1`)}catch{}e({action:"auth.signup",entityType:"user",entityId:t.id,userId:t.id,userName:t.name,changes:{fields:{name:t.name,email:t.email}}})}},update:{before:async t=>{let i={};for(let[r,a]of Object.entries(t))S.has(r)||r==="id"||(i[r]=a);m=Object.keys(i).length>0?i:null},after:async(t,i)=>{let r=c(i),a=m;m=null,e({action:"auth.user.update",entityType:"user",entityId:t.id,userId:r.id,userName:r.name,changes:a?{fields:a}:void 0,metadata:{targetUser:t.name}})}},delete:{after:async(t,i)=>{let r=c(i);e({action:"auth.user.delete",entityType:"user",entityId:t.id,userId:r.id,userName:r.name,metadata:{targetUser:t.name}})}}}}}var N=["/sign-in/email","/sign-in/social"],_="/sign-out",v={"/change-password":"auth.password.change","/forget-password":"auth.password.reset_request","/reset-password":"auth.password.reset"},P={"/admin/set-role":"auth.admin.set_role","/admin/ban-user":"auth.admin.ban","/admin/unban-user":"auth.admin.unban","/admin/create-user":"auth.admin.create_user","/admin/remove-user":"auth.admin.remove_user","/admin/impersonate-user":"auth.admin.impersonate","/admin/stop-impersonating":"auth.admin.stop_impersonating","/admin/revoke-session":"auth.admin.revoke_session","/admin/revoke-sessions":"auth.admin.revoke_sessions"};function E(n){function s(e){n.log(e).catch(()=>{})}return{after:h(async e=>{if(N.some(d=>e.path.startsWith(d))){let o=e.context.returned?.status;if(!o)return;if(o>=400){let u=e.body?.email;s({action:"auth.login.failed",metadata:{...typeof u=="string"?{email:u}:{},status:o,path:e.path}})}else{let u=e.context.newSession;u?.user?.id&&s({action:"auth.login",entityType:"user",entityId:u.user.id,userId:u.user.id,userName:u.user.name})}return}if(e.path===_){let d=e.context.returned;if(!d?.status||d.status<400){let o=c(e);o.id&&s({action:"auth.logout",entityType:"user",entityId:o.id,userId:o.id,userName:o.name})}return}let t=v[e.path];if(t){let d=e.context.returned;if(!d?.status||d.status<400){let o=c(e),u=e.body;s({action:t,entityType:"user",userId:o.id,userName:o.name,metadata:{...typeof u?.email=="string"?{email:u.email}:{},path:e.path}})}return}let i=P[e.path];if(!i)return;let r=e.context.returned;if(r?.status&&r.status>=400)return;let a=c(e),g=e.body;s({action:i,entityType:"user",entityId:g?.userId??void 0,userId:a.id,userName:a.name,metadata:{targetUserId:g?.userId,...g?.role?{role:g.role}:{},path:e.path}})})}}function D(n){return h(async s=>{if(s.path!=="/sign-up/email")return;let e=await n.readWrite.execute(f`SELECT COUNT(*)::text as count FROM "user"`);if(Number(e[0]?.count)>0)throw new b("FORBIDDEN",{message:"Sign-up is closed"})})}function q(n,s,e){let m=[...s.entities.values()],t=l(m),i=k(t),r=p(i,m),a={};return n.social?.google&&(a.google=n.social.google),n.social?.github&&(a.github=n.social.github),w({database:y(s.db.readWrite,{provider:"pg",...n.schema?{schema:n.schema}:{}}),emailAndPassword:{enabled:n.providers?.includes("email")??!0},socialProviders:a,session:{expiresIn:n.session?.expiresIn??3600*2,updateAge:n.session?.updateAge??3600},rateLimit:{enabled:!0,window:60,max:100,storage:"memory",customRules:{"/sign-in/email":{window:60,max:5},"/sign-in/social":{window:60,max:10},"/sign-up/email":{window:60,max:3},"/forget-password":{window:60,max:3},"/reset-password":{window:60,max:5},"/admin/*":{window:60,max:20}}},databaseHooks:T(s.db,e),hooks:{before:D(s.db),...e?E(e):{}},plugins:[I({ac:i,roles:r,defaultRole:"authenticated"}),...n.organizations?[R({ac:i,roles:r})]:[],...n.betterAuthPlugins??[],A()]})}export{q as createAuthServer};
1
+ import{i as l,j as p}from"./chunk-NH6AU5Z6.js";import{betterAuth as w}from"better-auth";import{drizzleAdapter as y}from"better-auth/adapters/drizzle";import{APIError as b,createAuthMiddleware as f}from"better-auth/api";import{nextCookies as A}from"better-auth/next-js";import{admin as I}from"better-auth/plugins";import{createAccessControl as k}from"better-auth/plugins/access";import{organization as R}from"better-auth/plugins/organization";import{sql as h}from"drizzle-orm";function c(n){let s=n?.context?.session,e=s?.user;return{id:e?.id??s?.userId,name:e?.name}}var S=new Set(["updatedAt","createdAt"]);function T(n,s){function e(t){s?.log(t).catch(()=>{})}let m=null;return{user:{create:{after:async t=>{try{await n.readWrite.execute(h`UPDATE "user" SET role = 'admin' WHERE id = ${t.id} AND (SELECT COUNT(*) FROM "user") = 1`)}catch{}e({action:"auth.signup",entityType:"user",entityId:t.id,userId:t.id,userName:t.name,changes:{fields:{name:t.name,email:t.email}}})}},update:{before:async t=>{let i={};for(let[r,a]of Object.entries(t))S.has(r)||r==="id"||(i[r]=a);m=Object.keys(i).length>0?i:null},after:async(t,i)=>{let r=c(i),a=m;m=null,e({action:"auth.user.update",entityType:"user",entityId:t.id,userId:r.id,userName:r.name,changes:a?{fields:a}:void 0,metadata:{targetUser:t.name}})}},delete:{after:async(t,i)=>{let r=c(i);e({action:"auth.user.delete",entityType:"user",entityId:t.id,userId:r.id,userName:r.name,metadata:{targetUser:t.name}})}}}}}var N=["/sign-in/email","/sign-in/social"],_="/sign-out",v={"/change-password":"auth.password.change","/forget-password":"auth.password.reset_request","/reset-password":"auth.password.reset"},P={"/admin/set-role":"auth.admin.set_role","/admin/ban-user":"auth.admin.ban","/admin/unban-user":"auth.admin.unban","/admin/create-user":"auth.admin.create_user","/admin/remove-user":"auth.admin.remove_user","/admin/impersonate-user":"auth.admin.impersonate","/admin/stop-impersonating":"auth.admin.stop_impersonating","/admin/revoke-session":"auth.admin.revoke_session","/admin/revoke-sessions":"auth.admin.revoke_sessions"};function E(n){function s(e){n.log(e).catch(()=>{})}return{after:f(async e=>{if(N.some(d=>e.path.startsWith(d))){let o=e.context.returned?.status;if(!o)return;if(o>=400){let u=e.body?.email;s({action:"auth.login.failed",metadata:{...typeof u=="string"?{email:u}:{},status:o,path:e.path}})}else{let u=e.context.newSession;u?.user?.id&&s({action:"auth.login",entityType:"user",entityId:u.user.id,userId:u.user.id,userName:u.user.name})}return}if(e.path===_){let d=e.context.returned;if(!d?.status||d.status<400){let o=c(e);o.id&&s({action:"auth.logout",entityType:"user",entityId:o.id,userId:o.id,userName:o.name})}return}let t=v[e.path];if(t){let d=e.context.returned;if(!d?.status||d.status<400){let o=c(e),u=e.body;s({action:t,entityType:"user",userId:o.id,userName:o.name,metadata:{...typeof u?.email=="string"?{email:u.email}:{},path:e.path}})}return}let i=P[e.path];if(!i)return;let r=e.context.returned;if(r?.status&&r.status>=400)return;let a=c(e),g=e.body;s({action:i,entityType:"user",entityId:g?.userId??void 0,userId:a.id,userName:a.name,metadata:{targetUserId:g?.userId,...g?.role?{role:g.role}:{},path:e.path}})})}}function D(n){return f(async s=>{if(s.path!=="/sign-up/email")return;let e=await n.readWrite.execute(h`SELECT COUNT(*)::text as count FROM "user"`);if(Number(e[0]?.count)>0)throw new b("FORBIDDEN",{message:"Sign-up is closed"})})}function q(n,s,e){let m=[...s.entities.values()],t=l(m),i=k(t),r=p(i,m),a={};return n.social?.google&&(a.google=n.social.google),n.social?.github&&(a.github=n.social.github),w({database:y(s.db.readWrite,{provider:"pg",...n.schema?{schema:n.schema}:{}}),emailAndPassword:{enabled:n.providers?.includes("email")??!0},socialProviders:a,session:{expiresIn:n.session?.expiresIn??3600*2,updateAge:n.session?.updateAge??3600},rateLimit:{enabled:!0,window:60,max:100,storage:"memory",customRules:{"/sign-in/email":{window:60,max:5},"/sign-in/social":{window:60,max:10},"/sign-up/email":{window:60,max:3},"/forget-password":{window:60,max:3},"/reset-password":{window:60,max:5},"/admin/*":{window:60,max:20}}},databaseHooks:T(s.db,e),hooks:{before:D(s.db),...e?E(e):{}},plugins:[I({ac:i,roles:r,defaultRole:"authenticated"}),...n.organizations?[R({ac:i,roles:r})]:[],...n.betterAuthPlugins??[],A()]})}export{q as createAuthServer};
package/package.json CHANGED
@@ -1,24 +1,28 @@
1
1
  {
2
2
  "name": "@murumets-ee/auth",
3
- "version": "0.1.0",
3
+ "version": "0.1.1",
4
4
  "license": "Elastic-2.0",
5
5
  "type": "module",
6
6
  "exports": {
7
7
  ".": {
8
8
  "types": "./dist/index.d.ts",
9
- "import": "./dist/index.js"
9
+ "import": "./dist/index.js",
10
+ "require": "./dist/index.cjs"
10
11
  },
11
12
  "./client": {
12
13
  "types": "./dist/client.d.ts",
13
- "import": "./dist/client.js"
14
+ "import": "./dist/client.js",
15
+ "require": "./dist/client.cjs"
14
16
  },
15
17
  "./plugin": {
16
18
  "types": "./dist/plugin.d.ts",
17
- "import": "./dist/plugin.js"
19
+ "import": "./dist/plugin.js",
20
+ "require": "./dist/plugin.cjs"
18
21
  },
19
22
  "./admin": {
20
23
  "types": "./dist/admin/index.d.ts",
21
- "import": "./dist/admin/index.js"
24
+ "import": "./dist/admin/index.js",
25
+ "require": "./dist/admin/index.cjs"
22
26
  }
23
27
  },
24
28
  "files": [
@@ -28,10 +32,10 @@
28
32
  "better-auth": "^1.4.0",
29
33
  "drizzle-orm": "^0.45.0",
30
34
  "server-only": "^0.0.1",
31
- "@murumets-ee/core": "0.1.0",
32
- "@murumets-ee/db": "0.1.0",
33
- "@murumets-ee/logging": "0.1.0",
34
- "@murumets-ee/entity": "0.1.0"
35
+ "@murumets-ee/core": "0.1.1",
36
+ "@murumets-ee/db": "0.1.1",
37
+ "@murumets-ee/logging": "0.1.1",
38
+ "@murumets-ee/entity": "0.1.1"
35
39
  },
36
40
  "devDependencies": {
37
41
  "@types/node": "^22.10.5",