npm - @nauth-toolkit/core - Versions diffs - 0.1.0 → 0.1.5 - Mend

@nauth-toolkit/core 0.1.0 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (184) hide show

package/LICENSE +90 -0
package/README.md +9 -0
package/package.json +8 -3
package/jest.config.js +0 -15
package/jest.setup.ts +0 -6
package/src/adapters/database-columns.ts +0 -165
package/src/adapters/express.adapter.ts +0 -385
package/src/adapters/fastify.adapter.ts +0 -416
package/src/adapters/index.ts +0 -16
package/src/adapters/storage.factory.ts +0 -143
package/src/bootstrap.ts +0 -374
package/src/dto/auth-challenge.dto.ts +0 -231
package/src/dto/auth-response.dto.ts +0 -253
package/src/dto/challenge-response.dto.ts +0 -234
package/src/dto/change-password-request.dto.ts +0 -50
package/src/dto/change-password-response.dto.ts +0 -29
package/src/dto/change-password.dto.ts +0 -57
package/src/dto/error-response.dto.ts +0 -136
package/src/dto/get-available-methods.dto.ts +0 -55
package/src/dto/get-challenge-data-response.dto.ts +0 -28
package/src/dto/get-challenge-data.dto.ts +0 -69
package/src/dto/get-client-info.dto.ts +0 -104
package/src/dto/get-device-token-response.dto.ts +0 -25
package/src/dto/get-events-by-type.dto.ts +0 -76
package/src/dto/get-ip-address-response.dto.ts +0 -24
package/src/dto/get-mfa-status.dto.ts +0 -94
package/src/dto/get-risk-assessment-history.dto.ts +0 -39
package/src/dto/get-session-id-response.dto.ts +0 -25
package/src/dto/get-setup-data-response.dto.ts +0 -31
package/src/dto/get-setup-data.dto.ts +0 -75
package/src/dto/get-suspicious-activity.dto.ts +0 -42
package/src/dto/get-user-agent-response.dto.ts +0 -23
package/src/dto/get-user-auth-history.dto.ts +0 -95
package/src/dto/get-user-by-email.dto.ts +0 -61
package/src/dto/get-user-by-id.dto.ts +0 -46
package/src/dto/get-user-devices.dto.ts +0 -53
package/src/dto/get-user-response.dto.ts +0 -17
package/src/dto/has-provider.dto.ts +0 -56
package/src/dto/index.ts +0 -57
package/src/dto/is-trusted-device-response.dto.ts +0 -34
package/src/dto/list-providers-response.dto.ts +0 -23
package/src/dto/login.dto.ts +0 -95
package/src/dto/logout-all-response.dto.ts +0 -24
package/src/dto/logout-all.dto.ts +0 -65
package/src/dto/logout-response.dto.ts +0 -25
package/src/dto/logout.dto.ts +0 -64
package/src/dto/refresh-token.dto.ts +0 -36
package/src/dto/remove-devices.dto.ts +0 -85
package/src/dto/resend-code-response.dto.ts +0 -32
package/src/dto/resend-code.dto.ts +0 -51
package/src/dto/reset-password.dto.ts +0 -115
package/src/dto/respond-challenge.dto.ts +0 -272
package/src/dto/set-mfa-exemption.dto.ts +0 -112
package/src/dto/set-must-change-password-response.dto.ts +0 -27
package/src/dto/set-must-change-password.dto.ts +0 -46
package/src/dto/set-preferred-method.dto.ts +0 -80
package/src/dto/setup-mfa.dto.ts +0 -98
package/src/dto/signup.dto.ts +0 -174
package/src/dto/social-auth.dto.ts +0 -422
package/src/dto/trust-device-response.dto.ts +0 -30
package/src/dto/trust-device.dto.ts +0 -9
package/src/dto/update-user-attributes-request.dto.ts +0 -51
package/src/dto/user-response.dto.ts +0 -138
package/src/dto/user-update.dto.ts +0 -222
package/src/dto/verify-email.dto.ts +0 -313
package/src/dto/verify-mfa-code.dto.ts +0 -103
package/src/dto/verify-phone-by-sub.dto.ts +0 -78
package/src/dto/verify-phone.dto.ts +0 -245
package/src/entities/auth-audit.entity.ts +0 -232
package/src/entities/challenge-session.entity.ts +0 -116
package/src/entities/index.ts +0 -29
package/src/entities/login-attempt.entity.ts +0 -64
package/src/entities/mfa-device.entity.ts +0 -151
package/src/entities/rate-limit.entity.ts +0 -44
package/src/entities/session.entity.ts +0 -180
package/src/entities/social-account.entity.ts +0 -96
package/src/entities/storage-lock.entity.ts +0 -39
package/src/entities/trusted-device.entity.ts +0 -112
package/src/entities/user.entity.ts +0 -243
package/src/entities/verification-token.entity.ts +0 -141
package/src/enums/auth-audit-event-type.enum.ts +0 -360
package/src/enums/error-codes.enum.ts +0 -420
package/src/enums/mfa-method.enum.ts +0 -97
package/src/enums/risk-factor.enum.ts +0 -111
package/src/exceptions/nauth.exception.ts +0 -231
package/src/handlers/auth.handler.ts +0 -260
package/src/handlers/client-info.handler.ts +0 -101
package/src/handlers/csrf.handler.ts +0 -156
package/src/handlers/token-delivery.handler.ts +0 -118
package/src/index.ts +0 -118
package/src/interfaces/client-info.interface.ts +0 -85
package/src/interfaces/config.interface.ts +0 -2135
package/src/interfaces/entities.interface.ts +0 -226
package/src/interfaces/index.ts +0 -15
package/src/interfaces/logger.interface.ts +0 -283
package/src/interfaces/mfa-provider.interface.ts +0 -154
package/src/interfaces/oauth.interface.ts +0 -148
package/src/interfaces/provider.interface.ts +0 -47
package/src/interfaces/social-auth-provider.interface.ts +0 -131
package/src/interfaces/storage-adapter.interface.ts +0 -82
package/src/interfaces/template.interface.ts +0 -510
package/src/interfaces/token-verifier.interface.ts +0 -110
package/src/internal.ts +0 -178
package/src/platform/interfaces.ts +0 -299
package/src/schemas/auth-config.schema.ts +0 -646
package/src/services/adaptive-mfa-decision.service.spec.ts +0 -1058
package/src/services/adaptive-mfa-decision.service.ts +0 -457
package/src/services/auth-audit.service.spec.ts +0 -675
package/src/services/auth-audit.service.ts +0 -558
package/src/services/auth-challenge-helper.service.spec.ts +0 -3227
package/src/services/auth-challenge-helper.service.ts +0 -825
package/src/services/auth-flow-context-builder.service.ts +0 -520
package/src/services/auth-flow-rules.ts +0 -202
package/src/services/auth-flow-state-definitions.ts +0 -190
package/src/services/auth-flow-state-machine.service.ts +0 -207
package/src/services/auth-flow-state-machine.types.ts +0 -316
package/src/services/auth.service.spec.ts +0 -4195
package/src/services/auth.service.ts +0 -3727
package/src/services/challenge.service.spec.ts +0 -1363
package/src/services/challenge.service.ts +0 -696
package/src/services/client-info.service.spec.ts +0 -572
package/src/services/client-info.service.ts +0 -374
package/src/services/csrf.service.ts +0 -54
package/src/services/email-verification.service.spec.ts +0 -1229
package/src/services/email-verification.service.ts +0 -578
package/src/services/geo-location.service.spec.ts +0 -603
package/src/services/geo-location.service.ts +0 -599
package/src/services/index.ts +0 -13
package/src/services/jwt.service.spec.ts +0 -882
package/src/services/jwt.service.ts +0 -621
package/src/services/mfa-base.service.spec.ts +0 -246
package/src/services/mfa-base.service.ts +0 -611
package/src/services/mfa.service.spec.ts +0 -693
package/src/services/mfa.service.ts +0 -960
package/src/services/password.service.spec.ts +0 -166
package/src/services/password.service.ts +0 -309
package/src/services/phone-verification.service.spec.ts +0 -1120
package/src/services/phone-verification.service.ts +0 -751
package/src/services/risk-detection.service.spec.ts +0 -1292
package/src/services/risk-detection.service.ts +0 -1012
package/src/services/risk-scoring.service.spec.ts +0 -204
package/src/services/risk-scoring.service.ts +0 -131
package/src/services/session.service.spec.ts +0 -1293
package/src/services/session.service.ts +0 -803
package/src/services/social-account.service.spec.ts +0 -725
package/src/services/social-auth-base.service.spec.ts +0 -418
package/src/services/social-auth-base.service.ts +0 -581
package/src/services/social-auth.service.spec.ts +0 -238
package/src/services/social-auth.service.ts +0 -436
package/src/services/social-provider-registry.service.spec.ts +0 -238
package/src/services/social-provider-registry.service.ts +0 -122
package/src/services/trusted-device.service.spec.ts +0 -505
package/src/services/trusted-device.service.ts +0 -339
package/src/storage/account-lockout-storage.service.spec.ts +0 -310
package/src/storage/account-lockout-storage.service.ts +0 -89
package/src/storage/index.ts +0 -3
package/src/storage/memory-storage.adapter.ts +0 -443
package/src/storage/rate-limit-storage.service.spec.ts +0 -247
package/src/storage/rate-limit-storage.service.ts +0 -38
package/src/templates/html-template.engine.spec.ts +0 -161
package/src/templates/html-template.engine.ts +0 -688
package/src/templates/index.ts +0 -7
package/src/utils/common-passwords.spec.ts +0 -230
package/src/utils/common-passwords.ts +0 -170
package/src/utils/context-storage.ts +0 -188
package/src/utils/cookie-names.util.ts +0 -67
package/src/utils/cookies.util.ts +0 -94
package/src/utils/index.ts +0 -12
package/src/utils/ip-extractor.spec.ts +0 -330
package/src/utils/ip-extractor.ts +0 -220
package/src/utils/nauth-logger.spec.ts +0 -388
package/src/utils/nauth-logger.ts +0 -215
package/src/utils/pii-redactor.spec.ts +0 -130
package/src/utils/pii-redactor.ts +0 -288
package/src/utils/setup/get-repositories.ts +0 -140
package/src/utils/setup/init-services.ts +0 -422
package/src/utils/setup/init-social.ts +0 -189
package/src/utils/setup/init-storage.ts +0 -94
package/src/utils/setup/register-mfa.ts +0 -165
package/src/utils/setup/run-nauth-migrations.ts +0 -61
package/src/utils/token-delivery-policy.ts +0 -38
package/src/validators/template.validator.ts +0 -219
package/tsconfig.json +0 -37
package/tsconfig.lint.json +0 -6

package/src/utils/setup/init-services.ts DELETED Viewed

@@ -1,422 +0,0 @@
-/**
- * Service Initialization Helper
- *
- * Initializes all NAuth services in correct dependency order.
- * Matches NestJS AuthModule service initialization.
- */
-import { Repository } from 'typeorm';
-// Public API imports
-import {
-  NAuthConfig,
-  NAuthLogger,
-  StorageAdapter,
-  ClientInfoService,
-  RateLimitStorageService,
-  AccountLockoutStorageService,
-  EmailVerificationService,
-  PhoneVerificationService,
-  MFAService,
-  AuthService,
-  SocialAuthService,
-  NAuthException,
-  AuthErrorCode,
-} from '../../index';
-// Internal API imports (for framework adapter use only)
-import {
-  PasswordService,
-  JwtService,
-  SessionService,
-  AuthAuditService, // Internal version with recordEvent()
-  ChallengeService,
-  TrustedDeviceService,
-  AuthFlowContextBuilder,
-  AuthFlowStateMachineService,
-  AuthChallengeHelperService,
-  SocialProviderRegistry,
-  GeoLocationService,
-  RiskDetectionService,
-  RiskScoringService,
-  AdaptiveMFADecisionService,
-} from '../../internal';
-import {
-  BaseUser,
-  BaseSession,
-  BaseLoginAttempt,
-  BaseVerificationToken,
-  BaseSocialAccount,
-  BaseChallengeSession,
-  BaseMFADevice,
-  BaseAuthAudit,
-  BaseTrustedDevice,
-} from '../../entities';
-/**
- * Service container returned by initServices()
- */
-export interface NAuthServices {
-  // Core services (always available)
-  passwordService: PasswordService;
-  jwtService: JwtService;
-  clientInfoService: ClientInfoService;
-  rateLimitStorageService: RateLimitStorageService;
-  accountLockoutStorageService: AccountLockoutStorageService;
-  sessionService: SessionService;
-  challengeService: ChallengeService;
-  emailVerificationService: EmailVerificationService;
-  authFlowContextBuilder: AuthFlowContextBuilder;
-  authFlowStateMachine: AuthFlowStateMachineService;
-  authChallengeHelperService: AuthChallengeHelperService;
-  authService: AuthService;
-  socialProviderRegistry: SocialProviderRegistry;
-  socialAuthService: SocialAuthService;
-  // Conditional services
-  auditService?: AuthAuditService;
-  phoneVerificationService?: PhoneVerificationService;
-  trustedDeviceService?: TrustedDeviceService;
-  mfaService?: MFAService;
-  geoLocationService?: GeoLocationService;
-  riskDetectionService?: RiskDetectionService;
-  riskScoringService?: RiskScoringService;
-  adaptiveMFADecisionService?: AdaptiveMFADecisionService;
-  csrfService?: unknown; // CsrfService (created in createNAuth)
-}
-/**
- * Initialize all services in correct dependency order
- *
- * Service initialization order matches NestJS AuthModule:
- * 1. PasswordService, JwtService (no dependencies)
- * 2. ClientInfoService (no dependencies)
- * 3. AuthAuditService (if enabled)
- * 4. RateLimitStorageService, AccountLockoutStorageService
- * 5. SessionService
- * 6. ChallengeService
- * 7. EmailVerificationService
- * 8. PhoneVerificationService (if SMS configured)
- * 9. TrustedDeviceService (if rememberDevices enabled)
- * 10. AuthFlowContextBuilder, AuthFlowStateMachine
- * 11. AuthChallengeHelperService
- * 12. MFAService (if enabled)
- * 13. AuthService
- * 14. SocialAuthService
- * 15. GeoLocationService (if MaxMind configured)
- * 16. Risk services (if adaptive MFA configured)
- *
- * @param config - NAuth configuration
- * @param repositories - Repository container
- * @param storageAdapter - Initialized storage adapter
- * @param logger - Logger instance
- * @param emailProvider - Email provider instance
- * @param smsProvider - SMS provider instance (optional)
- * @returns Service container with all initialized services
- */
-export function initServices(
-  config: NAuthConfig,
-  repositories: {
-    userRepository: Repository<BaseUser>;
-    sessionRepository: Repository<BaseSession>;
-    loginAttemptRepository: Repository<BaseLoginAttempt>;
-    verificationTokenRepository: Repository<BaseVerificationToken>;
-    socialAccountRepository: Repository<BaseSocialAccount>;
-    challengeSessionRepository: Repository<BaseChallengeSession>;
-    mfaDeviceRepository: Repository<BaseMFADevice>;
-    authAuditRepository: Repository<BaseAuthAudit>;
-    trustedDeviceRepository: Repository<BaseTrustedDevice> | null;
-  },
-  storageAdapter: StorageAdapter,
-  logger: NAuthLogger,
-  emailProvider: unknown,
-  smsProvider?: unknown,
-): NAuthServices {
-  // ============================================================================
-  // 1. Core Services (No Dependencies)
-  // ============================================================================
-  const passwordService = new PasswordService(config.password);
-  const jwtService = new JwtService(config.jwt);
-  const clientInfoService = new ClientInfoService();
-  // ============================================================================
-  // 2. Audit Service (Conditional)
-  // ============================================================================
-  const auditService =
-    config.auditLogs?.enabled !== false
-      ? new AuthAuditService(repositories.authAuditRepository, repositories.userRepository, logger, clientInfoService)
-      : undefined;
-  // ============================================================================
-  // 3. Storage Services
-  // ============================================================================
-  const rateLimitStorageService = new RateLimitStorageService(storageAdapter);
-  const accountLockoutStorageService = new AccountLockoutStorageService(storageAdapter);
-  // ============================================================================
-  // 4. Session Service
-  // ============================================================================
-  const sessionService = new SessionService(
-    repositories.sessionRepository,
-    storageAdapter,
-    clientInfoService,
-    config,
-    logger,
-    auditService,
-  );
-  // ============================================================================
-  // 5. Challenge Service
-  // ============================================================================
-  const challengeService = new ChallengeService(
-    repositories.challengeSessionRepository,
-    clientInfoService,
-    logger,
-    auditService,
-    config, // Pass config for maxAttempts
-  );
-  // ============================================================================
-  // 6. Email Provider and Verification Service
-  // ============================================================================
-  if (!emailProvider) {
-    throw new NAuthException(
-      AuthErrorCode.VALIDATION_FAILED,
-      'emailProvider is required. Install and configure an email package:\n' +
-        '  yarn add @nauth-toolkit/email-console (for dev)\n' +
-        '  yarn add @nauth-toolkit/email-nodemailer (for production)',
-    );
-  }
-  // Validate email provider has required method
-  if (typeof (emailProvider as any).sendVerificationEmail !== 'function') {
-    throw new NAuthException(
-      AuthErrorCode.VALIDATION_FAILED,
-      'emailProvider must implement sendVerificationEmail method',
-    );
-  }
-  // Inject logger into email provider if it supports it
-  if (emailProvider && typeof (emailProvider as any).setLogger === 'function') {
-    (emailProvider as any).setLogger(logger);
-  }
-  // Inject global variables from email config if provider supports it
-  if (emailProvider && typeof (emailProvider as any).setGlobalVariables === 'function' && config.email) {
-    const globalVars: Record<string, any> = {};
-    // Extract top-level branding fields
-    if (config.email.appName) globalVars.appName = config.email.appName;
-    if (config.email.companyName) globalVars.companyName = config.email.companyName;
-    if (config.email.logoUrl) globalVars.logoUrl = config.email.logoUrl;
-    if (config.email.supportEmail) globalVars.supportEmail = config.email.supportEmail;
-    if (config.email.dashboardUrl) globalVars.dashboardUrl = config.email.dashboardUrl;
-    if (config.email.brandColor) globalVars.brandColor = config.email.brandColor;
-    if (config.email.footerDisclaimer) globalVars.footerDisclaimer = config.email.footerDisclaimer;
-    // Merge with templates.globalVariables (templates.globalVariables takes precedence)
-    const mergedVars = {
-      ...globalVars,
-      ...(config.email.templates?.globalVariables || {}),
-    };
-    (emailProvider as any).setGlobalVariables(mergedVars);
-  }
-  const emailVerificationService = new EmailVerificationService(
-    repositories.verificationTokenRepository,
-    repositories.userRepository,
-    emailProvider as any,
-    storageAdapter,
-    config,
-    clientInfoService,
-    logger,
-    auditService,
-  );
-  // ============================================================================
-  // 7. SMS Provider and Phone Verification Service (Conditional)
-  // ============================================================================
-  let phoneVerificationService: PhoneVerificationService | undefined;
-  if (smsProvider) {
-    // Inject logger into SMS provider if it supports it
-    if (smsProvider && typeof (smsProvider as any).setLogger === 'function') {
-      (smsProvider as any).setLogger(logger);
-    }
-    phoneVerificationService = new PhoneVerificationService(
-      repositories.verificationTokenRepository,
-      repositories.userRepository,
-      smsProvider as any,
-      storageAdapter,
-      config,
-      clientInfoService,
-      logger,
-      auditService,
-    );
-  }
-  // ============================================================================
-  // 8. Trusted Device Service (Conditional)
-  // ============================================================================
-  const trustedDeviceService = repositories.trustedDeviceRepository
-    ? new TrustedDeviceService(config, logger, repositories.trustedDeviceRepository)
-    : undefined;
-  // ============================================================================
-  // 9. Auth Flow Services
-  // ============================================================================
-  const authFlowContextBuilder = new AuthFlowContextBuilder(
-    trustedDeviceService,
-    undefined, // adaptiveMFADecisionService - will be set later
-    clientInfoService,
-    logger,
-  );
-  const authFlowStateMachine = new AuthFlowStateMachineService(authFlowContextBuilder, logger);
-  const authChallengeHelperService = new AuthChallengeHelperService(
-    challengeService,
-    jwtService,
-    sessionService,
-    repositories.mfaDeviceRepository,
-    logger,
-    authFlowStateMachine,
-    authFlowContextBuilder,
-    clientInfoService,
-    emailVerificationService,
-    phoneVerificationService,
-  );
-  // ============================================================================
-  // 10. MFA Service (Conditional)
-  // ============================================================================
-  const mfaService = new MFAService(
-    repositories.mfaDeviceRepository,
-    repositories.userRepository,
-    challengeService,
-    config,
-    logger,
-    auditService,
-    clientInfoService,
-  );
-  // ============================================================================
-  // 11. Auth Service
-  // ============================================================================
-  const authService = new AuthService(
-    repositories.userRepository,
-    repositories.loginAttemptRepository,
-    passwordService,
-    jwtService,
-    sessionService,
-    challengeService,
-    authChallengeHelperService,
-    emailVerificationService,
-    clientInfoService,
-    accountLockoutStorageService,
-    config,
-    logger,
-    auditService,
-    phoneVerificationService,
-    mfaService,
-    repositories.mfaDeviceRepository,
-    trustedDeviceService,
-  );
-  // ============================================================================
-  // 12. Social Auth Services
-  // ============================================================================
-  const socialProviderRegistry = new SocialProviderRegistry();
-  const socialAuthService = new SocialAuthService(
-    socialProviderRegistry,
-    repositories.userRepository,
-    repositories.socialAccountRepository,
-    authService,
-    logger,
-    auditService,
-  );
-  // ============================================================================
-  // 13. GeoLocation Service (Conditional)
-  // ============================================================================
-  let geoLocationService: GeoLocationService | undefined;
-  if (config.geoLocation?.maxMind) {
-    try {
-      // Try to load MaxMind module (optional peer dependency)
-      const maxMindModule = require('@maxmind/geoip2-node');
-      geoLocationService = new GeoLocationService(config, storageAdapter, maxMindModule, logger);
-    } catch {
-      // MaxMind module not installed - service remains undefined
-      logger?.warn?.('MaxMind GeoIP2 module not installed. Geolocation features will be disabled.');
-    }
-  }
-  // ============================================================================
-  // 14. Risk Detection and Adaptive MFA Services (Conditional)
-  // ============================================================================
-  // Always create risk services (needed for adaptive MFA)
-  const riskDetectionService = new RiskDetectionService(
-    repositories.sessionRepository,
-    repositories.authAuditRepository,
-    config,
-    logger,
-    trustedDeviceService,
-  );
-  const riskScoringService = new RiskScoringService(config, logger);
-  const adaptiveMFADecisionService = new AdaptiveMFADecisionService(
-    riskDetectionService,
-    riskScoringService,
-    storageAdapter,
-    clientInfoService,
-    config,
-    logger,
-    auditService,
-  );
-  // Now inject adaptiveMFADecisionService into authFlowContextBuilder
-  (authFlowContextBuilder as any).adaptiveMFADecisionService = adaptiveMFADecisionService;
-  // ============================================================================
-  // Return Service Container
-  // ============================================================================
-  return {
-    passwordService,
-    jwtService,
-    clientInfoService,
-    rateLimitStorageService,
-    accountLockoutStorageService,
-    sessionService,
-    challengeService,
-    emailVerificationService,
-    authFlowContextBuilder,
-    authFlowStateMachine,
-    authChallengeHelperService,
-    authService,
-    socialProviderRegistry,
-    socialAuthService,
-    auditService,
-    phoneVerificationService,
-    trustedDeviceService,
-    mfaService,
-    geoLocationService,
-    riskDetectionService,
-    riskScoringService,
-    adaptiveMFADecisionService,
-  };
-}

package/src/utils/setup/init-social.ts DELETED Viewed

@@ -1,189 +0,0 @@
-/**
- * Social Authentication Provider Initialization
- *
- * Dynamically loads and initializes social auth providers based on configuration.
- */
-// Public API imports
-import {
-  NAuthConfig,
-  NAuthLogger,
-  SocialAuthService,
-  AuthService,
-  ClientInfoService,
-  AuthAuditService,
-  PhoneVerificationService,
-  BaseUser,
-} from '../../index';
-// Internal API imports (for framework adapter use only)
-import {
-  JwtService,
-  SessionService,
-  AuthChallengeHelperService,
-  SocialProviderRegistry,
-  TrustedDeviceService,
-} from '../../internal';
-import { Repository } from 'typeorm';
-export interface NAuthSocialProviders {
-  googleAuth?: any;
-  appleAuth?: any;
-  facebookAuth?: any;
-}
-/**
- * Initialize and register social authentication providers
- *
- * Dynamically imports social provider packages based on configuration.
- * Each provider is initialized with all required services and registered
- * with the SocialAuthService registry.
- *
- * @param config - NAuth configuration
- * @param providerRegistry - Social provider registry (internal)
- * @param authService - Core authentication service
- * @param socialAuthService - Social authentication service
- * @param jwtService - JWT token service
- * @param sessionService - Session management service
- * @param challengeHelper - Auth challenge helper service
- * @param clientInfoService - Client information service
- * @param logger - Logger instance
- * @param socialAuthStateStore - Shared state store for OAuth CSRF protection
- * @param phoneVerificationService - Phone verification service (optional)
- * @param auditService - Audit logging service (optional)
- * @param trustedDeviceService - Trusted device service (optional)
- * @returns Object containing initialized social providers
- */
-export async function initSocialAuth(
-  config: NAuthConfig,
-  providerRegistry: SocialProviderRegistry,
-  authService: AuthService,
-  socialAuthService: SocialAuthService,
-  jwtService: JwtService,
-  sessionService: SessionService,
-  challengeHelper: AuthChallengeHelperService,
-  clientInfoService: ClientInfoService,
-  logger: NAuthLogger,
-  socialAuthStateStore: Map<string, { timestamp: number; provider: string }>,
-  userRepository: Repository<BaseUser>,
-  phoneVerificationService?: PhoneVerificationService,
-  auditService?: AuthAuditService,
-  trustedDeviceService?: TrustedDeviceService,
-): Promise<NAuthSocialProviders> {
-  const providers: NAuthSocialProviders = {};
-  // ============================================================================
-  // Google OAuth Provider
-  // ============================================================================
-  if (config.social?.google?.enabled) {
-    try {
-      // @ts-ignore - Optional peer dependency, may not be installed
-      const { GoogleSocialAuthService, TokenVerifierService } = await import('@nauth-toolkit/social-google');
-      // Create token verifier for native mobile token validation
-      const tokenVerifier = new TokenVerifierService(config);
-      providers.googleAuth = new GoogleSocialAuthService(
-        config,
-        logger,
-        authService,
-        socialAuthService,
-        jwtService,
-        sessionService,
-        challengeHelper,
-        clientInfoService,
-        socialAuthStateStore,
-        userRepository,
-        phoneVerificationService,
-        auditService,
-        trustedDeviceService,
-        tokenVerifier,
-      );
-      // Register with registry
-      providerRegistry.registerProvider(providers.googleAuth);
-      logger?.debug?.('Google OAuth provider initialized');
-    } catch (error) {
-      logger?.warn?.(
-        'Google OAuth provider not available. Install @nauth-toolkit/social-google to enable Google authentication.',
-      );
-    }
-  }
-  // ============================================================================
-  // Apple Sign-In Provider
-  // ============================================================================
-  if (config.social?.apple?.enabled) {
-    try {
-      // @ts-ignore - Optional peer dependency, may not be installed
-      const { AppleSocialAuthService, TokenVerifierService } = await import('@nauth-toolkit/social-apple');
-      // Create token verifier for native mobile token validation
-      const tokenVerifier = new TokenVerifierService(config);
-      providers.appleAuth = new AppleSocialAuthService(
-        config,
-        logger,
-        authService,
-        socialAuthService,
-        jwtService,
-        sessionService,
-        challengeHelper,
-        clientInfoService,
-        socialAuthStateStore,
-        userRepository,
-        phoneVerificationService,
-        auditService,
-        trustedDeviceService,
-        tokenVerifier,
-      );
-      // Register with registry
-      providerRegistry.registerProvider(providers.appleAuth);
-      logger?.debug?.('Apple Sign-In provider initialized');
-    } catch (error) {
-      logger?.warn?.(
-        'Apple Sign-In provider not available. Install @nauth-toolkit/social-apple to enable Apple authentication.',
-      );
-    }
-  }
-  // ============================================================================
-  // Facebook OAuth Provider
-  // ============================================================================
-  if (config.social?.facebook?.enabled) {
-    try {
-      // @ts-ignore - Optional peer dependency, may not be installed
-      const { FacebookSocialAuthService, TokenVerifierService } = await import('@nauth-toolkit/social-facebook');
-      // Create token verifier for native mobile token validation
-      const tokenVerifier = new TokenVerifierService(config);
-      providers.facebookAuth = new FacebookSocialAuthService(
-        config,
-        logger,
-        authService,
-        socialAuthService,
-        jwtService,
-        sessionService,
-        challengeHelper,
-        clientInfoService,
-        socialAuthStateStore,
-        userRepository,
-        phoneVerificationService,
-        auditService,
-        trustedDeviceService,
-        tokenVerifier,
-      );
-      // Register with registry
-      providerRegistry.registerProvider(providers.facebookAuth);
-      logger?.debug?.('Facebook OAuth provider initialized');
-    } catch (error) {
-      logger?.warn?.(
-        'Facebook OAuth provider not available. Install @nauth-toolkit/social-facebook to enable Facebook authentication.',
-      );
-    }
-  }
-  return providers;
-}

package/src/utils/setup/init-storage.ts DELETED Viewed

@@ -1,94 +0,0 @@
-/**
- * Storage Adapter Initialization Helper
- *
- * Initializes storage adapter with repository injection and proper error handling.
- */
-import { Repository } from 'typeorm';
-import { StorageAdapter, LoggerService, NAuthConfig, NAuthException, AuthErrorCode } from '../../index';
-/**
- * Initialize storage adapter
- *
- * Handles:
- * - Logger injection (if adapter supports it)
- * - Repository injection (for DatabaseStorageAdapter)
- * - Adapter initialization
- * - Fallback to DatabaseStorageAdapter if no adapter provided and repositories available
- * - Error if no adapter and no repositories (prevents unsafe defaults)
- *
- * @param config - NAuth configuration
- * @param rateLimitRepo - RateLimit repository (nullable)
- * @param storageLockRepo - StorageLock repository (nullable)
- * @param logger - Logger instance
- * @returns Initialized StorageAdapter
- * @throws {NAuthException} If no adapter provided and DatabaseStorageAdapter cannot be created
- */
-export async function initStorage(
-  config: NAuthConfig,
-  rateLimitRepo: Repository<any> | null,
-  storageLockRepo: Repository<any> | null,
-  logger: LoggerService,
-): Promise<StorageAdapter> {
-  // If storage adapter explicitly provided, use it
-  if (config.storageAdapter) {
-    const adapter = config.storageAdapter;
-    // Inject logger if adapter supports it
-    if (adapter && typeof (adapter as any).setLogger === 'function') {
-      (adapter as any).setLogger(logger);
-    }
-    // Inject repositories into DatabaseStorageAdapter if it supports it
-    if (adapter && typeof (adapter as any).setRepositories === 'function') {
-      if (rateLimitRepo && storageLockRepo) {
-        (adapter as any).setRepositories(rateLimitRepo, storageLockRepo);
-      }
-    }
-    await adapter.initialize();
-    return adapter;
-  }
-  // No storage adapter provided - try to use DatabaseStorageAdapter if repositories available
-  if (rateLimitRepo && storageLockRepo) {
-    try {
-      // Lazy import to avoid bundling if not used
-      // @ts-ignore - Dynamic import of optional peer dependency
-      const { DatabaseStorageAdapter } = await import('@nauth-toolkit/storage-database');
-      const adapter = new DatabaseStorageAdapter(null, null, logger as any);
-      adapter.setRepositories(rateLimitRepo as any, storageLockRepo as any);
-      await adapter.initialize();
-      logger?.warn?.(
-        'WARNING: Storage adapter not provided. Using DatabaseStorageAdapter as default. ' +
-          'For production, explicitly configure storageAdapter in your config.',
-      );
-      return adapter;
-    } catch (error) {
-      // If DatabaseStorageAdapter import fails, fall through to error
-      logger?.error?.(
-        'Failed to create DatabaseStorageAdapter. Please explicitly configure storageAdapter in your config.',
-        { error },
-      );
-    }
-  }
-  // No storage adapter provided and no repositories available - REQUIRE explicit configuration
-  throw new NAuthException(
-    AuthErrorCode.VALIDATION_FAILED,
-    'Storage adapter is REQUIRED for production deployments. ' +
-      'MemoryStorageAdapter is NOT safe for production (data lost on restart, not shared across instances). ' +
-      'Please configure storageAdapter in your NAuthConfig:\n\n' +
-      'Option 1: DatabaseStorageAdapter (recommended if you have a database)\n' +
-      '  import { createDatabaseStorageAdapter } from "@nauth-toolkit/express";\n' +
-      '  storageAdapter: createDatabaseStorageAdapter()\n\n' +
-      'Option 2: RedisStorageAdapter (for high-performance multi-server deployments)\n' +
-      '  import { createRedisStorageAdapter } from "@nauth-toolkit/express";\n' +
-      '  storageAdapter: createRedisStorageAdapter(process.env.REDIS_URL)\n\n' +
-      'Make sure to include storage entities in your DataSource configuration:\n' +
-      '  import { getNAuthStorageEntities } from "@nauth-toolkit/database-typeorm-postgres";\n' +
-      '  entities: [...getNAuthEntities(), ...getNAuthStorageEntities()]',
-  );
-}