@nauth-toolkit/client 0.1.86 → 0.1.87

package/dist/index.d.mts

@@ -262,7 +262,7 @@ interface UpdateProfileRequest {
  * Change password request.
  */
 interface ChangePasswordRequest {
-    currentPassword: string;
+    oldPassword: string;
     newPassword: string;
 }
 /**
@@ -296,12 +296,11 @@ interface ConfirmForgotPasswordResponse {
     mustChangePassword: boolean;
 }
 /**
- * Reset password with code/token request (generic for both admin-initiated and user-initiated resets).
+ * Reset password with code request (generic for both admin-initiated and user-initiated resets).
  */
 interface ResetPasswordWithCodeRequest {
     identifier: string;
-    code?: string;
-    token?: string;
+    code: string;
     newPassword: string;
 }
 /**
@@ -568,7 +567,6 @@ interface NAuthEndpoints {
     mfaRemove: string;
     mfaPreferred: string;
     mfaBackupCodes: string;
-    mfaExemption: string;
     socialLinked: string;
     socialLink: string;
     socialUnlink: string;
@@ -1452,31 +1450,27 @@ declare class NAuthClient {
      */
     confirmForgotPassword(identifier: string, code: string, newPassword: string): Promise<ConfirmForgotPasswordResponse>;
     /**
-     * Reset password with code or token (works for both admin-initiated and user-initiated resets).
+     * Reset password with verification code (works for both admin-initiated and user-initiated resets).
      *
-     * Accepts either:
-     * - code: Short numeric code from email/SMS (6-10 digits)
-     * - token: Long hex token from reset link (64 chars)
+     * NOTE:
+     * - Links (when provided by the backend email provider) include the same verification code as a query param
+     *   (e.g., `...?code=123456`) so consumer apps stay code-only and consistent.
      *
      * WHY: Generic method that works for both admin-initiated (adminResetPassword) and
      * user-initiated (forgotPassword) password resets. Uses same backend endpoint.
      *
      * @param identifier - User identifier (email, username, phone)
-     * @param codeOrToken - Verification code OR token from link (one required)
+     * @param code - Verification code from email/SMS (6-10 digits)
      * @param newPassword - New password
      * @returns Success response
      * @throws {NAuthClientError} When reset fails
      *
      * @example
      * ```typescript
-     * // With code from email
      * await client.resetPasswordWithCode('user@example.com', '123456', 'NewPass123!');
-     *
-     * // With token from link
-     * await client.resetPasswordWithCode('user@example.com', '64-char-token', 'NewPass123!');
      * ```
      */
-    resetPasswordWithCode(identifier: string, codeOrToken: string, newPassword: string): Promise<ResetPasswordWithCodeResponse>;
+    resetPasswordWithCode(identifier: string, code: string, newPassword: string): Promise<ResetPasswordWithCodeResponse>;
     /**
      * Request password change (must change on next login).
      */
@@ -1519,9 +1513,10 @@ declare class NAuthClient {
      */
     generateBackupCodes(): Promise<string[]>;
     /**
-     * Set MFA exemption (admin/test scenarios).
+     * ============================================================================
+     * Event System
+     * ============================================================================
      */
-    setMfaExemption(exempt: boolean, reason?: string): Promise<void>;
     /**
      * Subscribe to authentication events.
      *

package/dist/index.d.ts

@@ -262,7 +262,7 @@ interface UpdateProfileRequest {
  * Change password request.
  */
 interface ChangePasswordRequest {
-    currentPassword: string;
+    oldPassword: string;
     newPassword: string;
 }
 /**
@@ -296,12 +296,11 @@ interface ConfirmForgotPasswordResponse {
     mustChangePassword: boolean;
 }
 /**
- * Reset password with code/token request (generic for both admin-initiated and user-initiated resets).
+ * Reset password with code request (generic for both admin-initiated and user-initiated resets).
  */
 interface ResetPasswordWithCodeRequest {
     identifier: string;
-    code?: string;
-    token?: string;
+    code: string;
     newPassword: string;
 }
 /**
@@ -568,7 +567,6 @@ interface NAuthEndpoints {
     mfaRemove: string;
     mfaPreferred: string;
     mfaBackupCodes: string;
-    mfaExemption: string;
     socialLinked: string;
     socialLink: string;
     socialUnlink: string;
@@ -1452,31 +1450,27 @@ declare class NAuthClient {
      */
     confirmForgotPassword(identifier: string, code: string, newPassword: string): Promise<ConfirmForgotPasswordResponse>;
     /**
-     * Reset password with code or token (works for both admin-initiated and user-initiated resets).
+     * Reset password with verification code (works for both admin-initiated and user-initiated resets).
      *
-     * Accepts either:
-     * - code: Short numeric code from email/SMS (6-10 digits)
-     * - token: Long hex token from reset link (64 chars)
+     * NOTE:
+     * - Links (when provided by the backend email provider) include the same verification code as a query param
+     *   (e.g., `...?code=123456`) so consumer apps stay code-only and consistent.
      *
      * WHY: Generic method that works for both admin-initiated (adminResetPassword) and
      * user-initiated (forgotPassword) password resets. Uses same backend endpoint.
      *
      * @param identifier - User identifier (email, username, phone)
-     * @param codeOrToken - Verification code OR token from link (one required)
+     * @param code - Verification code from email/SMS (6-10 digits)
      * @param newPassword - New password
      * @returns Success response
      * @throws {NAuthClientError} When reset fails
      *
      * @example
      * ```typescript
-     * // With code from email
      * await client.resetPasswordWithCode('user@example.com', '123456', 'NewPass123!');
-     *
-     * // With token from link
-     * await client.resetPasswordWithCode('user@example.com', '64-char-token', 'NewPass123!');
      * ```
      */
-    resetPasswordWithCode(identifier: string, codeOrToken: string, newPassword: string): Promise<ResetPasswordWithCodeResponse>;
+    resetPasswordWithCode(identifier: string, code: string, newPassword: string): Promise<ResetPasswordWithCodeResponse>;
     /**
      * Request password change (must change on next login).
      */
@@ -1519,9 +1513,10 @@ declare class NAuthClient {
      */
     generateBackupCodes(): Promise<string[]>;
     /**
-     * Set MFA exemption (admin/test scenarios).
+     * ============================================================================
+     * Event System
+     * ============================================================================
      */
-    setMfaExemption(exempt: boolean, reason?: string): Promise<void>;
     /**
      * Subscribe to authentication events.
      *

package/dist/index.mjs

@@ -126,7 +126,6 @@ var defaultEndpoints = {
   mfaRemove: "/mfa/method",
   mfaPreferred: "/mfa/preferred-method",
   mfaBackupCodes: "/mfa/backup-codes/generate",
-  mfaExemption: "/mfa/exemption",
   socialLinked: "/social/linked",
   socialLink: "/social/link",
   socialUnlink: "/social/unlink",
@@ -1026,7 +1025,7 @@ var NAuthClient = class {
    * Change user password.
    */
   async changePassword(oldPassword, newPassword) {
-    const payload = { currentPassword: oldPassword, newPassword };
+    const payload = { oldPassword, newPassword };
     await this.post(this.config.endpoints.changePassword, payload, true);
   }
   /**
@@ -1046,35 +1045,30 @@ var NAuthClient = class {
     return result;
   }
   /**
-   * Reset password with code or token (works for both admin-initiated and user-initiated resets).
+   * Reset password with verification code (works for both admin-initiated and user-initiated resets).
    *
-   * Accepts either:
-   * - code: Short numeric code from email/SMS (6-10 digits)
-   * - token: Long hex token from reset link (64 chars)
+   * NOTE:
+   * - Links (when provided by the backend email provider) include the same verification code as a query param
+   *   (e.g., `...?code=123456`) so consumer apps stay code-only and consistent.
    *
    * WHY: Generic method that works for both admin-initiated (adminResetPassword) and
    * user-initiated (forgotPassword) password resets. Uses same backend endpoint.
    *
    * @param identifier - User identifier (email, username, phone)
-   * @param codeOrToken - Verification code OR token from link (one required)
+   * @param code - Verification code from email/SMS (6-10 digits)
    * @param newPassword - New password
    * @returns Success response
    * @throws {NAuthClientError} When reset fails
    *
    * @example
    * ```typescript
-   * // With code from email
    * await client.resetPasswordWithCode('user@example.com', '123456', 'NewPass123!');
-   *
-   * // With token from link
-   * await client.resetPasswordWithCode('user@example.com', '64-char-token', 'NewPass123!');
    * ```
    */
-  async resetPasswordWithCode(identifier, codeOrToken, newPassword) {
-    const isToken = codeOrToken.length > 10;
+  async resetPasswordWithCode(identifier, code, newPassword) {
     const payload = {
       identifier,
-      ...isToken ? { token: codeOrToken } : { code: codeOrToken },
+      code,
       newPassword
     };
     const result = await this.post(
@@ -1144,14 +1138,10 @@ var NAuthClient = class {
     return result.codes;
   }
   /**
-   * Set MFA exemption (admin/test scenarios).
+   * ============================================================================
+   * Event System
+   * ============================================================================
    */
-  async setMfaExemption(exempt, reason) {
-    await this.post(this.config.endpoints.mfaExemption, { exempt, reason }, true);
-  }
-  // ============================================================================
-  // Event System
-  // ============================================================================
   /**
    * Subscribe to authentication events.
    *