@murumets-ee/auth 0.1.0 → 0.1.2

package/dist/{chunk-2GGGFSMD.js → chunk-CJL274PJ.js}

@@ -1 +1 @@
-var e=null;function a(){if(!e)throw new Error("@murumets-ee/auth not initialized. Add auth() to your toolkit config plugins.");return e}function m(r={}){return{name:"@murumets-ee/auth",init:async t=>{let{createAuthServer:u}=await import("./server-GEU5KK6Y.js"),i;if(r.audit!==!1){let{createAuditLogger:o,createAuditDbWriter:n,createLogger:g}=await import("@murumets-ee/logging");i=o({logger:g({name:"auth-audit"}),dbWriter:n(t.db.readWrite)})}e=u(r,t,i),t.logger.info("Auth plugin initialized")}}}export{a,m as b};
+var e=null;function a(){if(!e)throw new Error("@murumets-ee/auth not initialized. Add auth() to your toolkit config plugins.");return e}function m(r={}){return{name:"@murumets-ee/auth",init:async t=>{let{createAuthServer:u}=await import("./server-NWTKDUCB.js"),i;if(r.audit!==!1){let{createAuditLogger:o,createAuditDbWriter:n,createLogger:g}=await import("@murumets-ee/logging");i=o({logger:g({name:"auth-audit"}),dbWriter:n(t.db.readWrite)})}e=u(r,t,i),t.logger.info("Auth plugin initialized")}}}export{a,m as b};

package/dist/index.js

@@ -1 +1 @@
-import{a as f,b as c}from"./chunk-2GGGFSMD.js";import{a as o,b as s,c as u,d as i,e as n,f as m,g as a,h as p,i as d,j as l}from"./chunk-NH6AU5Z6.js";import"server-only";async function I(t,r){let e=await t.api.getSession({headers:r});return e?{user:{id:e.user.id,groups:[e.user.role??"viewer"],name:e.user.name??void 0,email:e.user.email??void 0},requestId:crypto.randomUUID()}:{requestId:crypto.randomUUID()}}export{s as ACTIONS,u as ACTIONS_WITH_PUBLISH,i as BUILT_IN_ROLES,n as METHOD_TO_ACTION,c as auth,l as buildDefaultRoles,m as buildInitialRoleDefinitions,a as buildPermissionChecker,p as buildResourceCatalog,d as buildStatements,o as createAccessControl,f as getAuth,I as resolveAuthContext};
+import{a as f,b as c}from"./chunk-CJL274PJ.js";import{a as o,b as s,c as u,d as i,e as n,f as m,g as a,h as p,i as d,j as l}from"./chunk-NH6AU5Z6.js";import"server-only";async function I(t,r){let e=await t.api.getSession({headers:r});return e?{user:{id:e.user.id,groups:[e.user.role??"viewer"],name:e.user.name??void 0,email:e.user.email??void 0},requestId:crypto.randomUUID()}:{requestId:crypto.randomUUID()}}export{s as ACTIONS,u as ACTIONS_WITH_PUBLISH,i as BUILT_IN_ROLES,n as METHOD_TO_ACTION,c as auth,l as buildDefaultRoles,m as buildInitialRoleDefinitions,a as buildPermissionChecker,p as buildResourceCatalog,d as buildStatements,o as createAccessControl,f as getAuth,I as resolveAuthContext};

package/dist/plugin.js

@@ -1 +1 @@
-import{a,b}from"./chunk-2GGGFSMD.js";export{b as auth,a as getAuth};
+import{a,b}from"./chunk-CJL274PJ.js";export{b as auth,a as getAuth};

package/dist/{server-GEU5KK6Y.js → server-NWTKDUCB.js}

@@ -1 +1 @@
-import{i as l,j as p}from"./chunk-NH6AU5Z6.js";import{sql as f}from"drizzle-orm";import{betterAuth as w}from"better-auth";import{drizzleAdapter as y}from"better-auth/adapters/drizzle";import{APIError as b,createAuthMiddleware as h}from"better-auth/api";import{nextCookies as A}from"better-auth/next-js";import{admin as I}from"better-auth/plugins";import{createAccessControl as k}from"better-auth/plugins/access";import{organization as R}from"better-auth/plugins/organization";function c(n){let s=n?.context?.session,e=s?.user;return{id:e?.id??s?.userId,name:e?.name}}var S=new Set(["updatedAt","createdAt"]);function T(n,s){function e(t){s?.log(t).catch(()=>{})}let m=null;return{user:{create:{after:async t=>{try{await n.readWrite.execute(f`UPDATE "user" SET role = 'admin' WHERE id = ${t.id} AND (SELECT COUNT(*) FROM "user") = 1`)}catch{}e({action:"auth.signup",entityType:"user",entityId:t.id,userId:t.id,userName:t.name,changes:{fields:{name:t.name,email:t.email}}})}},update:{before:async t=>{let i={};for(let[r,a]of Object.entries(t))S.has(r)||r==="id"||(i[r]=a);m=Object.keys(i).length>0?i:null},after:async(t,i)=>{let r=c(i),a=m;m=null,e({action:"auth.user.update",entityType:"user",entityId:t.id,userId:r.id,userName:r.name,changes:a?{fields:a}:void 0,metadata:{targetUser:t.name}})}},delete:{after:async(t,i)=>{let r=c(i);e({action:"auth.user.delete",entityType:"user",entityId:t.id,userId:r.id,userName:r.name,metadata:{targetUser:t.name}})}}}}}var N=["/sign-in/email","/sign-in/social"],_="/sign-out",v={"/change-password":"auth.password.change","/forget-password":"auth.password.reset_request","/reset-password":"auth.password.reset"},P={"/admin/set-role":"auth.admin.set_role","/admin/ban-user":"auth.admin.ban","/admin/unban-user":"auth.admin.unban","/admin/create-user":"auth.admin.create_user","/admin/remove-user":"auth.admin.remove_user","/admin/impersonate-user":"auth.admin.impersonate","/admin/stop-impersonating":"auth.admin.stop_impersonating","/admin/revoke-session":"auth.admin.revoke_session","/admin/revoke-sessions":"auth.admin.revoke_sessions"};function E(n){function s(e){n.log(e).catch(()=>{})}return{after:h(async e=>{if(N.some(d=>e.path.startsWith(d))){let o=e.context.returned?.status;if(!o)return;if(o>=400){let u=e.body?.email;s({action:"auth.login.failed",metadata:{...typeof u=="string"?{email:u}:{},status:o,path:e.path}})}else{let u=e.context.newSession;u?.user?.id&&s({action:"auth.login",entityType:"user",entityId:u.user.id,userId:u.user.id,userName:u.user.name})}return}if(e.path===_){let d=e.context.returned;if(!d?.status||d.status<400){let o=c(e);o.id&&s({action:"auth.logout",entityType:"user",entityId:o.id,userId:o.id,userName:o.name})}return}let t=v[e.path];if(t){let d=e.context.returned;if(!d?.status||d.status<400){let o=c(e),u=e.body;s({action:t,entityType:"user",userId:o.id,userName:o.name,metadata:{...typeof u?.email=="string"?{email:u.email}:{},path:e.path}})}return}let i=P[e.path];if(!i)return;let r=e.context.returned;if(r?.status&&r.status>=400)return;let a=c(e),g=e.body;s({action:i,entityType:"user",entityId:g?.userId??void 0,userId:a.id,userName:a.name,metadata:{targetUserId:g?.userId,...g?.role?{role:g.role}:{},path:e.path}})})}}function D(n){return h(async s=>{if(s.path!=="/sign-up/email")return;let e=await n.readWrite.execute(f`SELECT COUNT(*)::text as count FROM "user"`);if(Number(e[0]?.count)>0)throw new b("FORBIDDEN",{message:"Sign-up is closed"})})}function q(n,s,e){let m=[...s.entities.values()],t=l(m),i=k(t),r=p(i,m),a={};return n.social?.google&&(a.google=n.social.google),n.social?.github&&(a.github=n.social.github),w({database:y(s.db.readWrite,{provider:"pg",...n.schema?{schema:n.schema}:{}}),emailAndPassword:{enabled:n.providers?.includes("email")??!0},socialProviders:a,session:{expiresIn:n.session?.expiresIn??3600*2,updateAge:n.session?.updateAge??3600},rateLimit:{enabled:!0,window:60,max:100,storage:"memory",customRules:{"/sign-in/email":{window:60,max:5},"/sign-in/social":{window:60,max:10},"/sign-up/email":{window:60,max:3},"/forget-password":{window:60,max:3},"/reset-password":{window:60,max:5},"/admin/*":{window:60,max:20}}},databaseHooks:T(s.db,e),hooks:{before:D(s.db),...e?E(e):{}},plugins:[I({ac:i,roles:r,defaultRole:"authenticated"}),...n.organizations?[R({ac:i,roles:r})]:[],...n.betterAuthPlugins??[],A()]})}export{q as createAuthServer};
+import{i as l,j as p}from"./chunk-NH6AU5Z6.js";import{betterAuth as w}from"better-auth";import{drizzleAdapter as y}from"better-auth/adapters/drizzle";import{APIError as b,createAuthMiddleware as f}from"better-auth/api";import{nextCookies as A}from"better-auth/next-js";import{admin as I}from"better-auth/plugins";import{createAccessControl as k}from"better-auth/plugins/access";import{organization as R}from"better-auth/plugins/organization";import{sql as h}from"drizzle-orm";function c(n){let s=n?.context?.session,e=s?.user;return{id:e?.id??s?.userId,name:e?.name}}var S=new Set(["updatedAt","createdAt"]);function T(n,s){function e(t){s?.log(t).catch(()=>{})}let m=null;return{user:{create:{after:async t=>{try{await n.readWrite.execute(h`UPDATE "user" SET role = 'admin' WHERE id = ${t.id} AND (SELECT COUNT(*) FROM "user") = 1`)}catch{}e({action:"auth.signup",entityType:"user",entityId:t.id,userId:t.id,userName:t.name,changes:{fields:{name:t.name,email:t.email}}})}},update:{before:async t=>{let i={};for(let[r,a]of Object.entries(t))S.has(r)||r==="id"||(i[r]=a);m=Object.keys(i).length>0?i:null},after:async(t,i)=>{let r=c(i),a=m;m=null,e({action:"auth.user.update",entityType:"user",entityId:t.id,userId:r.id,userName:r.name,changes:a?{fields:a}:void 0,metadata:{targetUser:t.name}})}},delete:{after:async(t,i)=>{let r=c(i);e({action:"auth.user.delete",entityType:"user",entityId:t.id,userId:r.id,userName:r.name,metadata:{targetUser:t.name}})}}}}}var N=["/sign-in/email","/sign-in/social"],_="/sign-out",v={"/change-password":"auth.password.change","/forget-password":"auth.password.reset_request","/reset-password":"auth.password.reset"},P={"/admin/set-role":"auth.admin.set_role","/admin/ban-user":"auth.admin.ban","/admin/unban-user":"auth.admin.unban","/admin/create-user":"auth.admin.create_user","/admin/remove-user":"auth.admin.remove_user","/admin/impersonate-user":"auth.admin.impersonate","/admin/stop-impersonating":"auth.admin.stop_impersonating","/admin/revoke-session":"auth.admin.revoke_session","/admin/revoke-sessions":"auth.admin.revoke_sessions"};function E(n){function s(e){n.log(e).catch(()=>{})}return{after:f(async e=>{if(N.some(d=>e.path.startsWith(d))){let o=e.context.returned?.status;if(!o)return;if(o>=400){let u=e.body?.email;s({action:"auth.login.failed",metadata:{...typeof u=="string"?{email:u}:{},status:o,path:e.path}})}else{let u=e.context.newSession;u?.user?.id&&s({action:"auth.login",entityType:"user",entityId:u.user.id,userId:u.user.id,userName:u.user.name})}return}if(e.path===_){let d=e.context.returned;if(!d?.status||d.status<400){let o=c(e);o.id&&s({action:"auth.logout",entityType:"user",entityId:o.id,userId:o.id,userName:o.name})}return}let t=v[e.path];if(t){let d=e.context.returned;if(!d?.status||d.status<400){let o=c(e),u=e.body;s({action:t,entityType:"user",userId:o.id,userName:o.name,metadata:{...typeof u?.email=="string"?{email:u.email}:{},path:e.path}})}return}let i=P[e.path];if(!i)return;let r=e.context.returned;if(r?.status&&r.status>=400)return;let a=c(e),g=e.body;s({action:i,entityType:"user",entityId:g?.userId??void 0,userId:a.id,userName:a.name,metadata:{targetUserId:g?.userId,...g?.role?{role:g.role}:{},path:e.path}})})}}function D(n){return f(async s=>{if(s.path!=="/sign-up/email")return;let e=await n.readWrite.execute(h`SELECT COUNT(*)::text as count FROM "user"`);if(Number(e[0]?.count)>0)throw new b("FORBIDDEN",{message:"Sign-up is closed"})})}function q(n,s,e){let m=[...s.entities.values()],t=l(m),i=k(t),r=p(i,m),a={};return n.social?.google&&(a.google=n.social.google),n.social?.github&&(a.github=n.social.github),w({database:y(s.db.readWrite,{provider:"pg",...n.schema?{schema:n.schema}:{}}),emailAndPassword:{enabled:n.providers?.includes("email")??!0},socialProviders:a,session:{expiresIn:n.session?.expiresIn??3600*2,updateAge:n.session?.updateAge??3600},rateLimit:{enabled:!0,window:60,max:100,storage:"memory",customRules:{"/sign-in/email":{window:60,max:5},"/sign-in/social":{window:60,max:10},"/sign-up/email":{window:60,max:3},"/forget-password":{window:60,max:3},"/reset-password":{window:60,max:5},"/admin/*":{window:60,max:20}}},databaseHooks:T(s.db,e),hooks:{before:D(s.db),...e?E(e):{}},plugins:[I({ac:i,roles:r,defaultRole:"authenticated"}),...n.organizations?[R({ac:i,roles:r})]:[],...n.betterAuthPlugins??[],A()]})}export{q as createAuthServer};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@murumets-ee/auth",
-  "version": "0.1.0",
+  "version": "0.1.2",
   "license": "Elastic-2.0",
   "type": "module",
   "exports": {
@@ -28,10 +28,10 @@
     "better-auth": "^1.4.0",
     "drizzle-orm": "^0.45.0",
     "server-only": "^0.0.1",
-    "@murumets-ee/core": "0.1.0",
-    "@murumets-ee/db": "0.1.0",
-    "@murumets-ee/logging": "0.1.0",
-    "@murumets-ee/entity": "0.1.0"
+    "@murumets-ee/core": "0.1.3",
+    "@murumets-ee/entity": "0.1.2",
+    "@murumets-ee/db": "0.1.2",
+    "@murumets-ee/logging": "0.1.3"
   },
   "devDependencies": {
     "@types/node": "^22.10.5",