@nauth-toolkit/core 0.1.0

package/dist/entities/trusted-device.entity.js

@@ -0,0 +1,21 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BaseTrustedDevice = void 0;
+class BaseTrustedDevice {
+    id;
+    userId;
+    deviceTokenHash;
+    deviceId;
+    deviceName;
+    deviceType;
+    ipAddress;
+    userAgent;
+    platform;
+    browser;
+    trustedUntil;
+    lastUsedAt;
+    createdAt;
+    updatedAt;
+}
+exports.BaseTrustedDevice = BaseTrustedDevice;
+//# sourceMappingURL=trusted-device.entity.js.map

package/dist/entities/trusted-device.entity.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"trusted-device.entity.js","sourceRoot":"","sources":["../../src/entities/trusted-device.entity.ts"],"names":[],"mappings":";;;AAyBA,MAAa,iBAAiB;IAI5B,EAAE,CAAU;IAMZ,MAAM,CAAU;IAShB,eAAe,CAAU;IAOzB,QAAQ,CAAiB;IAMzB,UAAU,CAAiB;IAM3B,UAAU,CAAiB;IAM3B,SAAS,CAAiB;IAM1B,SAAS,CAAiB;IAM1B,QAAQ,CAAiB;IAMzB,OAAO,CAAiB;IAOxB,YAAY,CAAQ;IAMpB,UAAU,CAAe;IAKzB,SAAS,CAAQ;IAKjB,SAAS,CAAQ;CAClB;AAtFD,8CAsFC"}

package/dist/entities/user.entity.d.ts

@@ -0,0 +1,41 @@
+export declare class BaseUser {
+    id: number;
+    sub: string;
+    username?: string | null;
+    firstName?: string | null;
+    lastName?: string | null;
+    email: string;
+    phone?: string | null;
+    passwordHash?: string | null;
+    passwordChangedAt?: Date | null;
+    passwordHistory?: string[] | null;
+    mustChangePassword: boolean;
+    isEmailVerified: boolean;
+    isPhoneVerified: boolean;
+    isActive: boolean;
+    isLocked: boolean;
+    lockReason?: string | null;
+    lockedAt?: Date | null;
+    lockedUntil?: Date | null;
+    failedLoginAttempts: number;
+    lastFailedLoginAt?: Date | null;
+    lastLoginAt?: Date | null;
+    lastLoginIp?: string | null;
+    mfaEnabled: boolean;
+    mfaMethods?: string[] | null;
+    mfaEnforcedAt?: Date | null;
+    totpSecret?: string | null;
+    backupCodes?: string[] | null;
+    preferredMfaMethod?: string | null;
+    mfaExempt?: boolean;
+    mfaExemptReason?: string | null;
+    mfaExemptGrantedAt?: Date | null;
+    mfaExemptGrantedBy?: string | null;
+    hasSocialAuth: boolean;
+    socialProviders?: string[] | null;
+    metadata?: Record<string, unknown> | null;
+    createdAt: Date;
+    updatedAt: Date;
+    deletedAt?: Date | null;
+}
+//# sourceMappingURL=user.entity.d.ts.map

package/dist/entities/user.entity.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"user.entity.d.ts","sourceRoot":"","sources":["../../src/entities/user.entity.ts"],"names":[],"mappings":"AAUA,qBAAa,QAAQ;IAMnB,EAAE,EAAG,MAAM,CAAC;IAOZ,GAAG,EAAG,MAAM,CAAC;IAKb,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAKzB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAK1B,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAKzB,KAAK,EAAG,MAAM,CAAC;IAKf,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAMtB,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAM7B,iBAAiB,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAMhC,eAAe,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IAOlC,kBAAkB,EAAG,OAAO,CAAC;IAK7B,eAAe,EAAG,OAAO,CAAC;IAK1B,eAAe,EAAG,OAAO,CAAC;IAM1B,QAAQ,EAAG,OAAO,CAAC;IAMnB,QAAQ,EAAG,OAAO,CAAC;IAKnB,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAK3B,QAAQ,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAKvB,WAAW,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAK1B,mBAAmB,EAAG,MAAM,CAAC;IAK7B,iBAAiB,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAKhC,WAAW,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAK1B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAK5B,UAAU,EAAG,OAAO,CAAC;IAMrB,UAAU,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IAK7B,aAAa,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAM5B,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAM3B,WAAW,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IAM9B,kBAAkB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAanC,SAAS,CAAC,EAAE,OAAO,CAAC;IAUpB,eAAe,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAShC,kBAAkB,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IASjC,kBAAkB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAOnC,aAAa,EAAG,OAAO,CAAC;IAOxB,eAAe,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IAMlC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAK1C,SAAS,EAAG,IAAI,CAAC;IAKjB,SAAS,EAAG,IAAI,CAAC;IAMjB,SAAS,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;CACzB"}

package/dist/entities/user.entity.js

@@ -0,0 +1,45 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BaseUser = void 0;
+class BaseUser {
+    id;
+    sub;
+    username;
+    firstName;
+    lastName;
+    email;
+    phone;
+    passwordHash;
+    passwordChangedAt;
+    passwordHistory;
+    mustChangePassword;
+    isEmailVerified;
+    isPhoneVerified;
+    isActive;
+    isLocked;
+    lockReason;
+    lockedAt;
+    lockedUntil;
+    failedLoginAttempts;
+    lastFailedLoginAt;
+    lastLoginAt;
+    lastLoginIp;
+    mfaEnabled;
+    mfaMethods;
+    mfaEnforcedAt;
+    totpSecret;
+    backupCodes;
+    preferredMfaMethod;
+    mfaExempt;
+    mfaExemptReason;
+    mfaExemptGrantedAt;
+    mfaExemptGrantedBy;
+    hasSocialAuth;
+    socialProviders;
+    metadata;
+    createdAt;
+    updatedAt;
+    deletedAt;
+}
+exports.BaseUser = BaseUser;
+//# sourceMappingURL=user.entity.js.map

package/dist/entities/user.entity.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"user.entity.js","sourceRoot":"","sources":["../../src/entities/user.entity.ts"],"names":[],"mappings":";;;AAUA,MAAa,QAAQ;IAMnB,EAAE,CAAU;IAOZ,GAAG,CAAU;IAKb,QAAQ,CAAiB;IAKzB,SAAS,CAAiB;IAK1B,QAAQ,CAAiB;IAKzB,KAAK,CAAU;IAKf,KAAK,CAAiB;IAMtB,YAAY,CAAiB;IAM7B,iBAAiB,CAAe;IAMhC,eAAe,CAAmB;IAOlC,kBAAkB,CAAW;IAK7B,eAAe,CAAW;IAK1B,eAAe,CAAW;IAM1B,QAAQ,CAAW;IAMnB,QAAQ,CAAW;IAKnB,UAAU,CAAiB;IAK3B,QAAQ,CAAe;IAKvB,WAAW,CAAe;IAK1B,mBAAmB,CAAU;IAK7B,iBAAiB,CAAe;IAKhC,WAAW,CAAe;IAK1B,WAAW,CAAiB;IAK5B,UAAU,CAAW;IAMrB,UAAU,CAAmB;IAK7B,aAAa,CAAe;IAM5B,UAAU,CAAiB;IAM3B,WAAW,CAAmB;IAM9B,kBAAkB,CAAiB;IAanC,SAAS,CAAW;IAUpB,eAAe,CAAiB;IAShC,kBAAkB,CAAe;IASjC,kBAAkB,CAAiB;IAOnC,aAAa,CAAW;IAOxB,eAAe,CAAmB;IAMlC,QAAQ,CAAkC;IAK1C,SAAS,CAAQ;IAKjB,SAAS,CAAQ;IAMjB,SAAS,CAAe;CACzB;AAxOD,4BAwOC"}

package/dist/entities/verification-token.entity.d.ts

@@ -0,0 +1,19 @@
+export declare class BaseVerificationToken {
+    id: number;
+    userId: number;
+    challengeSessionId?: number | null;
+    type: 'email' | 'phone' | 'password_reset';
+    token: string;
+    code?: string | null;
+    expiresAt: Date;
+    attempts: number;
+    usedAt?: Date | null;
+    ipAddress?: string | null;
+    userAgent?: string | null;
+    metadata?: Record<string, unknown> | null;
+    createdAt: Date;
+    isExpired(): boolean;
+    isUsed(): boolean;
+    maxAttemptsExceeded(maxAttempts: number): boolean;
+}
+//# sourceMappingURL=verification-token.entity.d.ts.map

package/dist/entities/verification-token.entity.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verification-token.entity.d.ts","sourceRoot":"","sources":["../../src/entities/verification-token.entity.ts"],"names":[],"mappings":"AAWA,qBAAa,qBAAqB;IAIhC,EAAE,EAAG,MAAM,CAAC;IAMZ,MAAM,EAAG,MAAM,CAAC;IAQhB,kBAAkB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAQnC,IAAI,EAAG,OAAO,GAAG,OAAO,GAAG,gBAAgB,CAAC;IAM5C,KAAK,EAAG,MAAM,CAAC;IAMf,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAMrB,SAAS,EAAG,IAAI,CAAC;IAMjB,QAAQ,EAAG,MAAM,CAAC;IAMlB,MAAM,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAMrB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAM1B,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAM1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAK1C,SAAS,EAAG,IAAI,CAAC;IAcjB,SAAS,IAAI,OAAO;IAgBpB,MAAM,IAAI,OAAO;IAiBjB,mBAAmB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO;CAGlD"}

package/dist/entities/verification-token.entity.js

@@ -0,0 +1,29 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BaseVerificationToken = void 0;
+class BaseVerificationToken {
+    id;
+    userId;
+    challengeSessionId;
+    type;
+    token;
+    code;
+    expiresAt;
+    attempts;
+    usedAt;
+    ipAddress;
+    userAgent;
+    metadata;
+    createdAt;
+    isExpired() {
+        return new Date() > this.expiresAt;
+    }
+    isUsed() {
+        return this.usedAt !== null && this.usedAt !== undefined;
+    }
+    maxAttemptsExceeded(maxAttempts) {
+        return this.attempts >= maxAttempts;
+    }
+}
+exports.BaseVerificationToken = BaseVerificationToken;
+//# sourceMappingURL=verification-token.entity.js.map

package/dist/entities/verification-token.entity.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verification-token.entity.js","sourceRoot":"","sources":["../../src/entities/verification-token.entity.ts"],"names":[],"mappings":";;;AAWA,MAAa,qBAAqB;IAIhC,EAAE,CAAU;IAMZ,MAAM,CAAU;IAQhB,kBAAkB,CAAiB;IAQnC,IAAI,CAAwC;IAM5C,KAAK,CAAU;IAMf,IAAI,CAAiB;IAMrB,SAAS,CAAQ;IAMjB,QAAQ,CAAU;IAMlB,MAAM,CAAe;IAMrB,SAAS,CAAiB;IAM1B,SAAS,CAAiB;IAM1B,QAAQ,CAAkC;IAK1C,SAAS,CAAQ;IAcjB,SAAS;QACP,OAAO,IAAI,IAAI,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC;IACrC,CAAC;IAcD,MAAM;QACJ,OAAO,IAAI,CAAC,MAAM,KAAK,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,CAAC;IAC3D,CAAC;IAeD,mBAAmB,CAAC,WAAmB;QACrC,OAAO,IAAI,CAAC,QAAQ,IAAI,WAAW,CAAC;IACtC,CAAC;CACF;AAjID,sDAiIC"}

package/dist/enums/auth-audit-event-type.enum.d.ts

@@ -0,0 +1,55 @@
+export declare enum AuthAuditEventType {
+    LOGIN_ATTEMPT = "LOGIN_ATTEMPT",
+    LOGIN_SUCCESS = "LOGIN_SUCCESS",
+    LOGIN_FAILED = "LOGIN_FAILED",
+    LOGIN_BLOCKED = "LOGIN_BLOCKED",
+    SESSION_CREATED = "SESSION_CREATED",
+    SESSION_REVOKED = "SESSION_REVOKED",
+    GLOBAL_SIGNOUT = "GLOBAL_SIGNOUT",
+    PASSWORD_CHANGED = "PASSWORD_CHANGED",
+    PASSWORD_RESET_REQUESTED = "PASSWORD_RESET_REQUESTED",
+    PASSWORD_RESET_COMPLETED = "PASSWORD_RESET_COMPLETED",
+    PASSWORD_FORCE_CHANGE_SET = "PASSWORD_FORCE_CHANGE_SET",
+    PASSWORD_FORCE_CHANGE_COMPLETED = "PASSWORD_FORCE_CHANGE_COMPLETED",
+    MFA_ENABLED = "MFA_ENABLED",
+    MFA_DISABLED = "MFA_DISABLED",
+    MFA_DEVICE_ADDED = "MFA_DEVICE_ADDED",
+    MFA_DEVICE_REMOVED = "MFA_DEVICE_REMOVED",
+    MFA_DEVICE_UPDATED = "MFA_DEVICE_UPDATED",
+    MFA_VERIFICATION_SUCCESS = "MFA_VERIFICATION_SUCCESS",
+    MFA_VERIFICATION_FAILED = "MFA_VERIFICATION_FAILED",
+    MFA_EXEMPTION_GRANTED = "MFA_EXEMPTION_GRANTED",
+    MFA_EXEMPTION_REVOKED = "MFA_EXEMPTION_REVOKED",
+    MFA_BACKUP_CODES_GENERATED = "MFA_BACKUP_CODES_GENERATED",
+    MFA_BACKUP_CODE_USED = "MFA_BACKUP_CODE_USED",
+    MFA_PREFERRED_METHOD_UPDATED = "MFA_PREFERRED_METHOD_UPDATED",
+    DEVICE_TRUSTED = "DEVICE_TRUSTED",
+    DEVICE_UNTRUSTED = "DEVICE_UNTRUSTED",
+    ADAPTIVE_MFA_RISK_ASSESSED = "ADAPTIVE_MFA_RISK_ASSESSED",
+    ADAPTIVE_MFA_TRIGGERED = "ADAPTIVE_MFA_TRIGGERED",
+    ADAPTIVE_MFA_BYPASSED = "ADAPTIVE_MFA_BYPASSED",
+    EMAIL_VERIFIED = "EMAIL_VERIFIED",
+    EMAIL_VERIFICATION_REQUESTED = "EMAIL_VERIFICATION_REQUESTED",
+    EMAIL_VERIFICATION_FAILED = "EMAIL_VERIFICATION_FAILED",
+    PHONE_VERIFIED = "PHONE_VERIFIED",
+    PHONE_VERIFICATION_REQUESTED = "PHONE_VERIFICATION_REQUESTED",
+    PHONE_VERIFICATION_FAILED = "PHONE_VERIFICATION_FAILED",
+    ACCOUNT_CREATED = "ACCOUNT_CREATED",
+    ACCOUNT_ACTIVATED = "ACCOUNT_ACTIVATED",
+    ACCOUNT_DEACTIVATED = "ACCOUNT_DEACTIVATED",
+    ACCOUNT_LOCKED = "ACCOUNT_LOCKED",
+    ACCOUNT_UNLOCKED = "ACCOUNT_UNLOCKED",
+    ACCOUNT_DELETED = "ACCOUNT_DELETED",
+    PROFILE_UPDATED = "PROFILE_UPDATED",
+    EMAIL_CHANGED = "EMAIL_CHANGED",
+    PHONE_CHANGED = "PHONE_CHANGED",
+    USERNAME_CHANGED = "USERNAME_CHANGED",
+    SOCIAL_LOGIN = "SOCIAL_LOGIN",
+    SOCIAL_ACCOUNT_LINKED = "SOCIAL_ACCOUNT_LINKED",
+    SOCIAL_ACCOUNT_UNLINKED = "SOCIAL_ACCOUNT_UNLINKED",
+    CHALLENGE_CREATED = "CHALLENGE_CREATED",
+    CHALLENGE_COMPLETED = "CHALLENGE_COMPLETED",
+    CHALLENGE_ATTEMPT_FAILED = "CHALLENGE_ATTEMPT_FAILED",
+    SUSPICIOUS_ACTIVITY = "SUSPICIOUS_ACTIVITY"
+}
+//# sourceMappingURL=auth-audit-event-type.enum.d.ts.map

package/dist/enums/auth-audit-event-type.enum.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-audit-event-type.enum.d.ts","sourceRoot":"","sources":["../../src/enums/auth-audit-event-type.enum.ts"],"names":[],"mappings":"AAkCA,oBAAY,kBAAkB;IAgB5B,aAAa,kBAAkB;IAK/B,aAAa,kBAAkB;IAK/B,YAAY,iBAAiB;IAQ7B,aAAa,kBAAkB;IAS/B,eAAe,oBAAoB;IAKnC,eAAe,oBAAoB;IAQnC,cAAc,mBAAmB;IASjC,gBAAgB,qBAAqB;IAKrC,wBAAwB,6BAA6B;IAKrD,wBAAwB,6BAA6B;IAKrD,yBAAyB,8BAA8B;IAKvD,+BAA+B,oCAAoC;IASnE,WAAW,gBAAgB;IAK3B,YAAY,iBAAiB;IAK7B,gBAAgB,qBAAqB;IAKrC,kBAAkB,uBAAuB;IAKzC,kBAAkB,uBAAuB;IAKzC,wBAAwB,6BAA6B;IAKrD,uBAAuB,4BAA4B;IAKnD,qBAAqB,0BAA0B;IAK/C,qBAAqB,0BAA0B;IAK/C,0BAA0B,+BAA+B;IAKzD,oBAAoB,yBAAyB;IAK7C,4BAA4B,iCAAiC;IAK7D,cAAc,mBAAmB;IAKjC,gBAAgB,qBAAqB;IAYrC,0BAA0B,+BAA+B;IAOzD,sBAAsB,2BAA2B;IAOjD,qBAAqB,0BAA0B;IAS/C,cAAc,mBAAmB;IAKjC,4BAA4B,iCAAiC;IAK7D,yBAAyB,8BAA8B;IAKvD,cAAc,mBAAmB;IAKjC,4BAA4B,iCAAiC;IAK7D,yBAAyB,8BAA8B;IASvD,eAAe,oBAAoB;IAKnC,iBAAiB,sBAAsB;IAKvC,mBAAmB,wBAAwB;IAK3C,cAAc,mBAAmB;IAKjC,gBAAgB,qBAAqB;IAKrC,eAAe,oBAAoB;IASnC,eAAe,oBAAoB;IAKnC,aAAa,kBAAkB;IAK/B,aAAa,kBAAkB;IAK/B,gBAAgB,qBAAqB;IASrC,YAAY,iBAAiB;IAK7B,qBAAqB,0BAA0B;IAK/C,uBAAuB,4BAA4B;IASnD,iBAAiB,sBAAsB;IAKvC,mBAAmB,wBAAwB;IAK3C,wBAAwB,6BAA6B;IASrD,mBAAmB,wBAAwB;CAC5C"}

package/dist/enums/auth-audit-event-type.enum.js

@@ -0,0 +1,59 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthAuditEventType = void 0;
+var AuthAuditEventType;
+(function (AuthAuditEventType) {
+    AuthAuditEventType["LOGIN_ATTEMPT"] = "LOGIN_ATTEMPT";
+    AuthAuditEventType["LOGIN_SUCCESS"] = "LOGIN_SUCCESS";
+    AuthAuditEventType["LOGIN_FAILED"] = "LOGIN_FAILED";
+    AuthAuditEventType["LOGIN_BLOCKED"] = "LOGIN_BLOCKED";
+    AuthAuditEventType["SESSION_CREATED"] = "SESSION_CREATED";
+    AuthAuditEventType["SESSION_REVOKED"] = "SESSION_REVOKED";
+    AuthAuditEventType["GLOBAL_SIGNOUT"] = "GLOBAL_SIGNOUT";
+    AuthAuditEventType["PASSWORD_CHANGED"] = "PASSWORD_CHANGED";
+    AuthAuditEventType["PASSWORD_RESET_REQUESTED"] = "PASSWORD_RESET_REQUESTED";
+    AuthAuditEventType["PASSWORD_RESET_COMPLETED"] = "PASSWORD_RESET_COMPLETED";
+    AuthAuditEventType["PASSWORD_FORCE_CHANGE_SET"] = "PASSWORD_FORCE_CHANGE_SET";
+    AuthAuditEventType["PASSWORD_FORCE_CHANGE_COMPLETED"] = "PASSWORD_FORCE_CHANGE_COMPLETED";
+    AuthAuditEventType["MFA_ENABLED"] = "MFA_ENABLED";
+    AuthAuditEventType["MFA_DISABLED"] = "MFA_DISABLED";
+    AuthAuditEventType["MFA_DEVICE_ADDED"] = "MFA_DEVICE_ADDED";
+    AuthAuditEventType["MFA_DEVICE_REMOVED"] = "MFA_DEVICE_REMOVED";
+    AuthAuditEventType["MFA_DEVICE_UPDATED"] = "MFA_DEVICE_UPDATED";
+    AuthAuditEventType["MFA_VERIFICATION_SUCCESS"] = "MFA_VERIFICATION_SUCCESS";
+    AuthAuditEventType["MFA_VERIFICATION_FAILED"] = "MFA_VERIFICATION_FAILED";
+    AuthAuditEventType["MFA_EXEMPTION_GRANTED"] = "MFA_EXEMPTION_GRANTED";
+    AuthAuditEventType["MFA_EXEMPTION_REVOKED"] = "MFA_EXEMPTION_REVOKED";
+    AuthAuditEventType["MFA_BACKUP_CODES_GENERATED"] = "MFA_BACKUP_CODES_GENERATED";
+    AuthAuditEventType["MFA_BACKUP_CODE_USED"] = "MFA_BACKUP_CODE_USED";
+    AuthAuditEventType["MFA_PREFERRED_METHOD_UPDATED"] = "MFA_PREFERRED_METHOD_UPDATED";
+    AuthAuditEventType["DEVICE_TRUSTED"] = "DEVICE_TRUSTED";
+    AuthAuditEventType["DEVICE_UNTRUSTED"] = "DEVICE_UNTRUSTED";
+    AuthAuditEventType["ADAPTIVE_MFA_RISK_ASSESSED"] = "ADAPTIVE_MFA_RISK_ASSESSED";
+    AuthAuditEventType["ADAPTIVE_MFA_TRIGGERED"] = "ADAPTIVE_MFA_TRIGGERED";
+    AuthAuditEventType["ADAPTIVE_MFA_BYPASSED"] = "ADAPTIVE_MFA_BYPASSED";
+    AuthAuditEventType["EMAIL_VERIFIED"] = "EMAIL_VERIFIED";
+    AuthAuditEventType["EMAIL_VERIFICATION_REQUESTED"] = "EMAIL_VERIFICATION_REQUESTED";
+    AuthAuditEventType["EMAIL_VERIFICATION_FAILED"] = "EMAIL_VERIFICATION_FAILED";
+    AuthAuditEventType["PHONE_VERIFIED"] = "PHONE_VERIFIED";
+    AuthAuditEventType["PHONE_VERIFICATION_REQUESTED"] = "PHONE_VERIFICATION_REQUESTED";
+    AuthAuditEventType["PHONE_VERIFICATION_FAILED"] = "PHONE_VERIFICATION_FAILED";
+    AuthAuditEventType["ACCOUNT_CREATED"] = "ACCOUNT_CREATED";
+    AuthAuditEventType["ACCOUNT_ACTIVATED"] = "ACCOUNT_ACTIVATED";
+    AuthAuditEventType["ACCOUNT_DEACTIVATED"] = "ACCOUNT_DEACTIVATED";
+    AuthAuditEventType["ACCOUNT_LOCKED"] = "ACCOUNT_LOCKED";
+    AuthAuditEventType["ACCOUNT_UNLOCKED"] = "ACCOUNT_UNLOCKED";
+    AuthAuditEventType["ACCOUNT_DELETED"] = "ACCOUNT_DELETED";
+    AuthAuditEventType["PROFILE_UPDATED"] = "PROFILE_UPDATED";
+    AuthAuditEventType["EMAIL_CHANGED"] = "EMAIL_CHANGED";
+    AuthAuditEventType["PHONE_CHANGED"] = "PHONE_CHANGED";
+    AuthAuditEventType["USERNAME_CHANGED"] = "USERNAME_CHANGED";
+    AuthAuditEventType["SOCIAL_LOGIN"] = "SOCIAL_LOGIN";
+    AuthAuditEventType["SOCIAL_ACCOUNT_LINKED"] = "SOCIAL_ACCOUNT_LINKED";
+    AuthAuditEventType["SOCIAL_ACCOUNT_UNLINKED"] = "SOCIAL_ACCOUNT_UNLINKED";
+    AuthAuditEventType["CHALLENGE_CREATED"] = "CHALLENGE_CREATED";
+    AuthAuditEventType["CHALLENGE_COMPLETED"] = "CHALLENGE_COMPLETED";
+    AuthAuditEventType["CHALLENGE_ATTEMPT_FAILED"] = "CHALLENGE_ATTEMPT_FAILED";
+    AuthAuditEventType["SUSPICIOUS_ACTIVITY"] = "SUSPICIOUS_ACTIVITY";
+})(AuthAuditEventType || (exports.AuthAuditEventType = AuthAuditEventType = {}));
+//# sourceMappingURL=auth-audit-event-type.enum.js.map

package/dist/enums/auth-audit-event-type.enum.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-audit-event-type.enum.js","sourceRoot":"","sources":["../../src/enums/auth-audit-event-type.enum.ts"],"names":[],"mappings":";;;AAkCA,IAAY,kBAqUX;AArUD,WAAY,kBAAkB;IAgB5B,qDAA+B,CAAA;IAK/B,qDAA+B,CAAA;IAK/B,mDAA6B,CAAA;IAQ7B,qDAA+B,CAAA;IAS/B,yDAAmC,CAAA;IAKnC,yDAAmC,CAAA;IAQnC,uDAAiC,CAAA;IASjC,2DAAqC,CAAA;IAKrC,2EAAqD,CAAA;IAKrD,2EAAqD,CAAA;IAKrD,6EAAuD,CAAA;IAKvD,yFAAmE,CAAA;IASnE,iDAA2B,CAAA;IAK3B,mDAA6B,CAAA;IAK7B,2DAAqC,CAAA;IAKrC,+DAAyC,CAAA;IAKzC,+DAAyC,CAAA;IAKzC,2EAAqD,CAAA;IAKrD,yEAAmD,CAAA;IAKnD,qEAA+C,CAAA;IAK/C,qEAA+C,CAAA;IAK/C,+EAAyD,CAAA;IAKzD,mEAA6C,CAAA;IAK7C,mFAA6D,CAAA;IAK7D,uDAAiC,CAAA;IAKjC,2DAAqC,CAAA;IAYrC,+EAAyD,CAAA;IAOzD,uEAAiD,CAAA;IAOjD,qEAA+C,CAAA;IAS/C,uDAAiC,CAAA;IAKjC,mFAA6D,CAAA;IAK7D,6EAAuD,CAAA;IAKvD,uDAAiC,CAAA;IAKjC,mFAA6D,CAAA;IAK7D,6EAAuD,CAAA;IASvD,yDAAmC,CAAA;IAKnC,6DAAuC,CAAA;IAKvC,iEAA2C,CAAA;IAK3C,uDAAiC,CAAA;IAKjC,2DAAqC,CAAA;IAKrC,yDAAmC,CAAA;IASnC,yDAAmC,CAAA;IAKnC,qDAA+B,CAAA;IAK/B,qDAA+B,CAAA;IAK/B,2DAAqC,CAAA;IASrC,mDAA6B,CAAA;IAK7B,qEAA+C,CAAA;IAK/C,yEAAmD,CAAA;IASnD,6DAAuC,CAAA;IAKvC,iEAA2C,CAAA;IAK3C,2EAAqD,CAAA;IASrD,iEAA2C,CAAA;AAC7C,CAAC,EArUW,kBAAkB,kCAAlB,kBAAkB,QAqU7B"}

package/dist/enums/error-codes.enum.d.ts

@@ -0,0 +1,53 @@
+export declare enum AuthErrorCode {
+    INVALID_CREDENTIALS = "AUTH_INVALID_CREDENTIALS",
+    ACCOUNT_LOCKED = "AUTH_ACCOUNT_LOCKED",
+    ACCOUNT_INACTIVE = "AUTH_ACCOUNT_INACTIVE",
+    TOKEN_EXPIRED = "AUTH_TOKEN_EXPIRED",
+    TOKEN_INVALID = "AUTH_TOKEN_INVALID",
+    BEARER_NOT_ALLOWED = "AUTH_BEARER_NOT_ALLOWED",
+    COOKIES_NOT_ALLOWED = "AUTH_COOKIES_NOT_ALLOWED",
+    CSRF_TOKEN_INVALID = "AUTH_CSRF_TOKEN_INVALID",
+    CSRF_TOKEN_MISSING = "AUTH_CSRF_TOKEN_MISSING",
+    TOKEN_REUSE_DETECTED = "AUTH_TOKEN_REUSE_DETECTED",
+    SESSION_NOT_FOUND = "AUTH_SESSION_NOT_FOUND",
+    SESSION_EXPIRED = "AUTH_SESSION_EXPIRED",
+    SIGNUP_DISABLED = "SIGNUP_DISABLED",
+    EMAIL_EXISTS = "SIGNUP_EMAIL_EXISTS",
+    USERNAME_EXISTS = "SIGNUP_USERNAME_EXISTS",
+    PHONE_EXISTS = "SIGNUP_PHONE_EXISTS",
+    WEAK_PASSWORD = "SIGNUP_WEAK_PASSWORD",
+    PHONE_REQUIRED = "SIGNUP_PHONE_REQUIRED",
+    SIGNUP_NOT_ALLOWED = "SIGNUP_NOT_ALLOWED",
+    VERIFICATION_CODE_INVALID = "VERIFY_CODE_INVALID",
+    VERIFICATION_CODE_EXPIRED = "VERIFY_CODE_EXPIRED",
+    VERIFICATION_TOO_MANY_ATTEMPTS = "VERIFY_TOO_MANY_ATTEMPTS",
+    ALREADY_VERIFIED = "VERIFY_ALREADY_VERIFIED",
+    MFA_SETUP_REQUIRED = "MFA_SETUP_REQUIRED",
+    RATE_LIMIT_SMS = "RATE_LIMIT_SMS",
+    RATE_LIMIT_EMAIL = "RATE_LIMIT_EMAIL",
+    RATE_LIMIT_LOGIN = "RATE_LIMIT_LOGIN",
+    RATE_LIMIT_RESEND = "RATE_LIMIT_RESEND",
+    SOCIAL_TOKEN_INVALID = "SOCIAL_TOKEN_INVALID",
+    SOCIAL_ACCOUNT_LINKED = "SOCIAL_ACCOUNT_LINKED",
+    SOCIAL_CONFIG_MISSING = "SOCIAL_CONFIG_MISSING",
+    SOCIAL_EMAIL_REQUIRED = "SOCIAL_EMAIL_REQUIRED",
+    SOCIAL_ACCOUNT_NOT_FOUND = "SOCIAL_ACCOUNT_NOT_FOUND",
+    CHALLENGE_EXPIRED = "CHALLENGE_EXPIRED",
+    CHALLENGE_INVALID = "CHALLENGE_INVALID",
+    CHALLENGE_TYPE_MISMATCH = "CHALLENGE_TYPE_MISMATCH",
+    CHALLENGE_MAX_ATTEMPTS = "CHALLENGE_MAX_ATTEMPTS",
+    CHALLENGE_ALREADY_COMPLETED = "CHALLENGE_ALREADY_COMPLETED",
+    VALIDATION_FAILED = "VALIDATION_FAILED",
+    INVALID_PHONE_FORMAT = "VALIDATION_INVALID_PHONE",
+    INVALID_EMAIL_FORMAT = "VALIDATION_INVALID_EMAIL",
+    INVALID_PASSWORD_FORMAT = "VALIDATION_INVALID_PASSWORD",
+    PASSWORD_INCORRECT = "PASSWORD_INCORRECT",
+    PASSWORD_REUSED = "PASSWORD_REUSED",
+    PASSWORD_CHANGE_NOT_ALLOWED = "PASSWORD_CHANGE_NOT_ALLOWED",
+    NOT_FOUND = "RESOURCE_NOT_FOUND",
+    INTERNAL_ERROR = "INTERNAL_ERROR",
+    FORBIDDEN = "FORBIDDEN",
+    SERVICE_UNAVAILABLE = "SERVICE_UNAVAILABLE",
+    SIGNIN_BLOCKED_HIGH_RISK = "SIGNIN_BLOCKED_HIGH_RISK"
+}
+//# sourceMappingURL=error-codes.enum.d.ts.map

package/dist/enums/error-codes.enum.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"error-codes.enum.d.ts","sourceRoot":"","sources":["../../src/enums/error-codes.enum.ts"],"names":[],"mappings":"AA4BA,oBAAY,aAAa;IAUvB,mBAAmB,6BAA6B;IAOhD,cAAc,wBAAwB;IAOtC,gBAAgB,0BAA0B;IAO1C,aAAa,uBAAuB;IAOpC,aAAa,uBAAuB;IAQpC,kBAAkB,4BAA4B;IAO9C,mBAAmB,6BAA6B;IAOhD,kBAAkB,4BAA4B;IAO9C,kBAAkB,4BAA4B;IAO9C,oBAAoB,8BAA8B;IAKlD,iBAAiB,2BAA2B;IAK5C,eAAe,yBAAyB;IAWxC,eAAe,oBAAoB;IAOnC,YAAY,wBAAwB;IAOpC,eAAe,2BAA2B;IAO1C,YAAY,wBAAwB;IAOpC,aAAa,yBAAyB;IAOtC,cAAc,0BAA0B;IAKxC,kBAAkB,uBAAuB;IAWzC,yBAAyB,wBAAwB;IAOjD,yBAAyB,wBAAwB;IAOjD,8BAA8B,6BAA6B;IAO3D,gBAAgB,4BAA4B;IAa5C,kBAAkB,uBAAuB;IAWzC,cAAc,mBAAmB;IAOjC,gBAAgB,qBAAqB;IAOrC,gBAAgB,qBAAqB;IAOrC,iBAAiB,sBAAsB;IAWvC,oBAAoB,yBAAyB;IAO7C,qBAAqB,0BAA0B;IAO/C,qBAAqB,0BAA0B;IAO/C,qBAAqB,0BAA0B;IAO/C,wBAAwB,6BAA6B;IAWrD,iBAAiB,sBAAsB;IAOvC,iBAAiB,sBAAsB;IAOvC,uBAAuB,4BAA4B;IAOnD,sBAAsB,2BAA2B;IAKjD,2BAA2B,gCAAgC;IAW3D,iBAAiB,sBAAsB;IAOvC,oBAAoB,6BAA6B;IAKjD,oBAAoB,6BAA6B;IAOjD,uBAAuB,gCAAgC;IAWvD,kBAAkB,uBAAuB;IAOzC,eAAe,oBAAoB;IAOnC,2BAA2B,gCAAgC;IAS3D,SAAS,uBAAuB;IAOhC,cAAc,mBAAmB;IAOjC,SAAS,cAAc;IAOvB,mBAAmB,wBAAwB;IAiB3C,wBAAwB,6BAA6B;CACtD"}

package/dist/enums/error-codes.enum.js

@@ -0,0 +1,57 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthErrorCode = void 0;
+var AuthErrorCode;
+(function (AuthErrorCode) {
+    AuthErrorCode["INVALID_CREDENTIALS"] = "AUTH_INVALID_CREDENTIALS";
+    AuthErrorCode["ACCOUNT_LOCKED"] = "AUTH_ACCOUNT_LOCKED";
+    AuthErrorCode["ACCOUNT_INACTIVE"] = "AUTH_ACCOUNT_INACTIVE";
+    AuthErrorCode["TOKEN_EXPIRED"] = "AUTH_TOKEN_EXPIRED";
+    AuthErrorCode["TOKEN_INVALID"] = "AUTH_TOKEN_INVALID";
+    AuthErrorCode["BEARER_NOT_ALLOWED"] = "AUTH_BEARER_NOT_ALLOWED";
+    AuthErrorCode["COOKIES_NOT_ALLOWED"] = "AUTH_COOKIES_NOT_ALLOWED";
+    AuthErrorCode["CSRF_TOKEN_INVALID"] = "AUTH_CSRF_TOKEN_INVALID";
+    AuthErrorCode["CSRF_TOKEN_MISSING"] = "AUTH_CSRF_TOKEN_MISSING";
+    AuthErrorCode["TOKEN_REUSE_DETECTED"] = "AUTH_TOKEN_REUSE_DETECTED";
+    AuthErrorCode["SESSION_NOT_FOUND"] = "AUTH_SESSION_NOT_FOUND";
+    AuthErrorCode["SESSION_EXPIRED"] = "AUTH_SESSION_EXPIRED";
+    AuthErrorCode["SIGNUP_DISABLED"] = "SIGNUP_DISABLED";
+    AuthErrorCode["EMAIL_EXISTS"] = "SIGNUP_EMAIL_EXISTS";
+    AuthErrorCode["USERNAME_EXISTS"] = "SIGNUP_USERNAME_EXISTS";
+    AuthErrorCode["PHONE_EXISTS"] = "SIGNUP_PHONE_EXISTS";
+    AuthErrorCode["WEAK_PASSWORD"] = "SIGNUP_WEAK_PASSWORD";
+    AuthErrorCode["PHONE_REQUIRED"] = "SIGNUP_PHONE_REQUIRED";
+    AuthErrorCode["SIGNUP_NOT_ALLOWED"] = "SIGNUP_NOT_ALLOWED";
+    AuthErrorCode["VERIFICATION_CODE_INVALID"] = "VERIFY_CODE_INVALID";
+    AuthErrorCode["VERIFICATION_CODE_EXPIRED"] = "VERIFY_CODE_EXPIRED";
+    AuthErrorCode["VERIFICATION_TOO_MANY_ATTEMPTS"] = "VERIFY_TOO_MANY_ATTEMPTS";
+    AuthErrorCode["ALREADY_VERIFIED"] = "VERIFY_ALREADY_VERIFIED";
+    AuthErrorCode["MFA_SETUP_REQUIRED"] = "MFA_SETUP_REQUIRED";
+    AuthErrorCode["RATE_LIMIT_SMS"] = "RATE_LIMIT_SMS";
+    AuthErrorCode["RATE_LIMIT_EMAIL"] = "RATE_LIMIT_EMAIL";
+    AuthErrorCode["RATE_LIMIT_LOGIN"] = "RATE_LIMIT_LOGIN";
+    AuthErrorCode["RATE_LIMIT_RESEND"] = "RATE_LIMIT_RESEND";
+    AuthErrorCode["SOCIAL_TOKEN_INVALID"] = "SOCIAL_TOKEN_INVALID";
+    AuthErrorCode["SOCIAL_ACCOUNT_LINKED"] = "SOCIAL_ACCOUNT_LINKED";
+    AuthErrorCode["SOCIAL_CONFIG_MISSING"] = "SOCIAL_CONFIG_MISSING";
+    AuthErrorCode["SOCIAL_EMAIL_REQUIRED"] = "SOCIAL_EMAIL_REQUIRED";
+    AuthErrorCode["SOCIAL_ACCOUNT_NOT_FOUND"] = "SOCIAL_ACCOUNT_NOT_FOUND";
+    AuthErrorCode["CHALLENGE_EXPIRED"] = "CHALLENGE_EXPIRED";
+    AuthErrorCode["CHALLENGE_INVALID"] = "CHALLENGE_INVALID";
+    AuthErrorCode["CHALLENGE_TYPE_MISMATCH"] = "CHALLENGE_TYPE_MISMATCH";
+    AuthErrorCode["CHALLENGE_MAX_ATTEMPTS"] = "CHALLENGE_MAX_ATTEMPTS";
+    AuthErrorCode["CHALLENGE_ALREADY_COMPLETED"] = "CHALLENGE_ALREADY_COMPLETED";
+    AuthErrorCode["VALIDATION_FAILED"] = "VALIDATION_FAILED";
+    AuthErrorCode["INVALID_PHONE_FORMAT"] = "VALIDATION_INVALID_PHONE";
+    AuthErrorCode["INVALID_EMAIL_FORMAT"] = "VALIDATION_INVALID_EMAIL";
+    AuthErrorCode["INVALID_PASSWORD_FORMAT"] = "VALIDATION_INVALID_PASSWORD";
+    AuthErrorCode["PASSWORD_INCORRECT"] = "PASSWORD_INCORRECT";
+    AuthErrorCode["PASSWORD_REUSED"] = "PASSWORD_REUSED";
+    AuthErrorCode["PASSWORD_CHANGE_NOT_ALLOWED"] = "PASSWORD_CHANGE_NOT_ALLOWED";
+    AuthErrorCode["NOT_FOUND"] = "RESOURCE_NOT_FOUND";
+    AuthErrorCode["INTERNAL_ERROR"] = "INTERNAL_ERROR";
+    AuthErrorCode["FORBIDDEN"] = "FORBIDDEN";
+    AuthErrorCode["SERVICE_UNAVAILABLE"] = "SERVICE_UNAVAILABLE";
+    AuthErrorCode["SIGNIN_BLOCKED_HIGH_RISK"] = "SIGNIN_BLOCKED_HIGH_RISK";
+})(AuthErrorCode || (exports.AuthErrorCode = AuthErrorCode = {}));
+//# sourceMappingURL=error-codes.enum.js.map

package/dist/enums/error-codes.enum.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"error-codes.enum.js","sourceRoot":"","sources":["../../src/enums/error-codes.enum.ts"],"names":[],"mappings":";;;AA4BA,IAAY,aAuYX;AAvYD,WAAY,aAAa;IAUvB,iEAAgD,CAAA;IAOhD,uDAAsC,CAAA;IAOtC,2DAA0C,CAAA;IAO1C,qDAAoC,CAAA;IAOpC,qDAAoC,CAAA;IAQpC,+DAA8C,CAAA;IAO9C,iEAAgD,CAAA;IAOhD,+DAA8C,CAAA;IAO9C,+DAA8C,CAAA;IAO9C,mEAAkD,CAAA;IAKlD,6DAA4C,CAAA;IAK5C,yDAAwC,CAAA;IAWxC,oDAAmC,CAAA;IAOnC,qDAAoC,CAAA;IAOpC,2DAA0C,CAAA;IAO1C,qDAAoC,CAAA;IAOpC,uDAAsC,CAAA;IAOtC,yDAAwC,CAAA;IAKxC,0DAAyC,CAAA;IAWzC,kEAAiD,CAAA;IAOjD,kEAAiD,CAAA;IAOjD,4EAA2D,CAAA;IAO3D,6DAA4C,CAAA;IAa5C,0DAAyC,CAAA;IAWzC,kDAAiC,CAAA;IAOjC,sDAAqC,CAAA;IAOrC,sDAAqC,CAAA;IAOrC,wDAAuC,CAAA;IAWvC,8DAA6C,CAAA;IAO7C,gEAA+C,CAAA;IAO/C,gEAA+C,CAAA;IAO/C,gEAA+C,CAAA;IAO/C,sEAAqD,CAAA;IAWrD,wDAAuC,CAAA;IAOvC,wDAAuC,CAAA;IAOvC,oEAAmD,CAAA;IAOnD,kEAAiD,CAAA;IAKjD,4EAA2D,CAAA;IAW3D,wDAAuC,CAAA;IAOvC,kEAAiD,CAAA;IAKjD,kEAAiD,CAAA;IAOjD,wEAAuD,CAAA;IAWvD,0DAAyC,CAAA;IAOzC,oDAAmC,CAAA;IAOnC,4EAA2D,CAAA;IAS3D,iDAAgC,CAAA;IAOhC,kDAAiC,CAAA;IAOjC,wCAAuB,CAAA;IAOvB,4DAA2C,CAAA;IAiB3C,sEAAqD,CAAA;AACvD,CAAC,EAvYW,aAAa,6BAAb,aAAa,QAuYxB"}

package/dist/enums/mfa-method.enum.d.ts

@@ -0,0 +1,11 @@
+export declare enum MFAMethod {
+    TOTP = "totp",
+    SMS = "sms",
+    EMAIL = "email",
+    PASSKEY = "passkey",
+    BACKUP = "backup"
+}
+export type MFADeviceMethod = MFAMethod.TOTP | MFAMethod.SMS | MFAMethod.EMAIL | MFAMethod.PASSKEY;
+export type MFAVerificationMethod = MFADeviceMethod | MFAMethod.BACKUP;
+export declare const MFADeviceMethods: readonly MFADeviceMethod[];
+//# sourceMappingURL=mfa-method.enum.d.ts.map

package/dist/enums/mfa-method.enum.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mfa-method.enum.d.ts","sourceRoot":"","sources":["../../src/enums/mfa-method.enum.ts"],"names":[],"mappings":"AAsCA,oBAAY,SAAS;IAKnB,IAAI,SAAS;IAMb,GAAG,QAAQ;IAMX,KAAK,UAAU;IAOf,OAAO,YAAY;IAOnB,MAAM,WAAW;CAClB;AAOD,MAAM,MAAM,eAAe,GAAG,SAAS,CAAC,IAAI,GAAG,SAAS,CAAC,GAAG,GAAG,SAAS,CAAC,KAAK,GAAG,SAAS,CAAC,OAAO,CAAC;AAOnG,MAAM,MAAM,qBAAqB,GAAG,eAAe,GAAG,SAAS,CAAC,MAAM,CAAC;AAOvE,eAAO,MAAM,gBAAgB,EAAE,SAAS,eAAe,EAK7C,CAAC"}

package/dist/enums/mfa-method.enum.js

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MFADeviceMethods = exports.MFAMethod = void 0;
+var MFAMethod;
+(function (MFAMethod) {
+    MFAMethod["TOTP"] = "totp";
+    MFAMethod["SMS"] = "sms";
+    MFAMethod["EMAIL"] = "email";
+    MFAMethod["PASSKEY"] = "passkey";
+    MFAMethod["BACKUP"] = "backup";
+})(MFAMethod || (exports.MFAMethod = MFAMethod = {}));
+exports.MFADeviceMethods = [
+    MFAMethod.TOTP,
+    MFAMethod.SMS,
+    MFAMethod.EMAIL,
+    MFAMethod.PASSKEY,
+];
+//# sourceMappingURL=mfa-method.enum.js.map

package/dist/enums/mfa-method.enum.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mfa-method.enum.js","sourceRoot":"","sources":["../../src/enums/mfa-method.enum.ts"],"names":[],"mappings":";;;AAsCA,IAAY,SAgCX;AAhCD,WAAY,SAAS;IAKnB,0BAAa,CAAA;IAMb,wBAAW,CAAA;IAMX,4BAAe,CAAA;IAOf,gCAAmB,CAAA;IAOnB,8BAAiB,CAAA;AACnB,CAAC,EAhCW,SAAS,yBAAT,SAAS,QAgCpB;AAqBY,QAAA,gBAAgB,GAA+B;IAC1D,SAAS,CAAC,IAAI;IACd,SAAS,CAAC,GAAG;IACb,SAAS,CAAC,KAAK;IACf,SAAS,CAAC,OAAO;CACT,CAAC"}

package/dist/enums/risk-factor.enum.d.ts

@@ -0,0 +1,14 @@
+export declare enum RiskFactor {
+    NEW_DEVICE = "new_device",
+    NEW_IP = "new_ip",
+    NEW_COUNTRY = "new_country",
+    IMPOSSIBLE_TRAVEL = "impossible_travel",
+    SUSPICIOUS_ACTIVITY = "suspicious_activity",
+    INCOMPLETE_LOCATION_DATA = "incomplete_location_data",
+    TOKEN_THEFT_ATTEMPT = "token_theft_attempt",
+    REFRESH_TOKEN_REUSE_DIFFERENT_SESSION = "refresh_token_reuse_different_session",
+    TOKEN_REUSE_ATTEMPT = "token_reuse_attempt",
+    TAMPERED_DEVICE_TOKEN = "tampered_device_token",
+    MFA_BYPASS_ATTEMPT = "mfa_bypass_attempt"
+}
+//# sourceMappingURL=risk-factor.enum.d.ts.map

package/dist/enums/risk-factor.enum.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"risk-factor.enum.d.ts","sourceRoot":"","sources":["../../src/enums/risk-factor.enum.ts"],"names":[],"mappings":"AAkCA,oBAAY,UAAU;IASpB,UAAU,eAAe;IAOzB,MAAM,WAAW;IAMjB,WAAW,gBAAgB;IAM3B,iBAAiB,sBAAsB;IAMvC,mBAAmB,wBAAwB;IAO3C,wBAAwB,6BAA6B;IAUrD,mBAAmB,wBAAwB;IAM3C,qCAAqC,0CAA0C;IAM/E,mBAAmB,wBAAwB;IAM3C,qBAAqB,0BAA0B;IAM/C,kBAAkB,uBAAuB;CAC1C"}

package/dist/enums/risk-factor.enum.js

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RiskFactor = void 0;
+var RiskFactor;
+(function (RiskFactor) {
+    RiskFactor["NEW_DEVICE"] = "new_device";
+    RiskFactor["NEW_IP"] = "new_ip";
+    RiskFactor["NEW_COUNTRY"] = "new_country";
+    RiskFactor["IMPOSSIBLE_TRAVEL"] = "impossible_travel";
+    RiskFactor["SUSPICIOUS_ACTIVITY"] = "suspicious_activity";
+    RiskFactor["INCOMPLETE_LOCATION_DATA"] = "incomplete_location_data";
+    RiskFactor["TOKEN_THEFT_ATTEMPT"] = "token_theft_attempt";
+    RiskFactor["REFRESH_TOKEN_REUSE_DIFFERENT_SESSION"] = "refresh_token_reuse_different_session";
+    RiskFactor["TOKEN_REUSE_ATTEMPT"] = "token_reuse_attempt";
+    RiskFactor["TAMPERED_DEVICE_TOKEN"] = "tampered_device_token";
+    RiskFactor["MFA_BYPASS_ATTEMPT"] = "mfa_bypass_attempt";
+})(RiskFactor || (exports.RiskFactor = RiskFactor = {}));
+//# sourceMappingURL=risk-factor.enum.js.map

package/dist/enums/risk-factor.enum.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"risk-factor.enum.js","sourceRoot":"","sources":["../../src/enums/risk-factor.enum.ts"],"names":[],"mappings":";;;AAkCA,IAAY,UA4EX;AA5ED,WAAY,UAAU;IASpB,uCAAyB,CAAA;IAOzB,+BAAiB,CAAA;IAMjB,yCAA2B,CAAA;IAM3B,qDAAuC,CAAA;IAMvC,yDAA2C,CAAA;IAO3C,mEAAqD,CAAA;IAUrD,yDAA2C,CAAA;IAM3C,6FAA+E,CAAA;IAM/E,yDAA2C,CAAA;IAM3C,6DAA+C,CAAA;IAM/C,uDAAyC,CAAA;AAC3C,CAAC,EA5EW,UAAU,0BAAV,UAAU,QA4ErB"}

package/dist/exceptions/nauth.exception.d.ts

@@ -0,0 +1,18 @@
+import { AuthErrorCode } from '../enums/error-codes.enum';
+export declare class NAuthException extends Error {
+    readonly code: AuthErrorCode;
+    readonly details?: Record<string, unknown>;
+    readonly timestamp: string;
+    constructor(code: AuthErrorCode, message: string, details?: Record<string, unknown>);
+    getCode(): AuthErrorCode;
+    getDetails(): Record<string, unknown> | undefined;
+    isCode(code: AuthErrorCode): boolean;
+    toJSON(): {
+        code: string;
+        message: string;
+        details?: Record<string, unknown>;
+        timestamp: string;
+    };
+}
+export declare function getHttpStatusForErrorCode(code: AuthErrorCode): number;
+//# sourceMappingURL=nauth.exception.d.ts.map

package/dist/exceptions/nauth.exception.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"nauth.exception.d.ts","sourceRoot":"","sources":["../../src/exceptions/nauth.exception.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AA0D1D,qBAAa,cAAe,SAAQ,KAAK;IAIvC,SAAgB,IAAI,EAAE,aAAa,CAAC;IAKpC,SAAgB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAKlD,SAAgB,SAAS,EAAE,MAAM,CAAC;gBAuBtB,IAAI,EAAE,aAAa,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IAsBnF,OAAO,IAAI,aAAa;IASxB,UAAU,IAAI,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAAS;IAqBjD,MAAM,CAAC,IAAI,EAAE,aAAa,GAAG,OAAO;IAqBpC,MAAM,IAAI;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE;CAQlG;AAqBD,wBAAgB,yBAAyB,CAAC,IAAI,EAAE,aAAa,GAAG,MAAM,CAiCrE"}

package/dist/exceptions/nauth.exception.js

@@ -0,0 +1,64 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NAuthException = void 0;
+exports.getHttpStatusForErrorCode = getHttpStatusForErrorCode;
+const error_codes_enum_1 = require("../enums/error-codes.enum");
+class NAuthException extends Error {
+    code;
+    details;
+    timestamp;
+    constructor(code, message, details) {
+        super(message);
+        this.code = code;
+        this.details = details;
+        this.timestamp = new Date().toISOString();
+        this.name = 'NAuthException';
+        Object.setPrototypeOf(this, NAuthException.prototype);
+        if (Error.captureStackTrace) {
+            Error.captureStackTrace(this, this.constructor);
+        }
+    }
+    getCode() {
+        return this.code;
+    }
+    getDetails() {
+        return this.details;
+    }
+    isCode(code) {
+        return this.code === code;
+    }
+    toJSON() {
+        return {
+            code: this.code,
+            message: this.message,
+            details: this.details,
+            timestamp: this.timestamp,
+        };
+    }
+}
+exports.NAuthException = NAuthException;
+function getHttpStatusForErrorCode(code) {
+    if (code.startsWith('RATE_LIMIT_'))
+        return 429;
+    if (code.startsWith('AUTH_')) {
+        if (code === error_codes_enum_1.AuthErrorCode.ACCOUNT_INACTIVE || code === error_codes_enum_1.AuthErrorCode.ACCOUNT_LOCKED)
+            return 403;
+        return 401;
+    }
+    if (code === error_codes_enum_1.AuthErrorCode.EMAIL_EXISTS ||
+        code === error_codes_enum_1.AuthErrorCode.USERNAME_EXISTS ||
+        code === error_codes_enum_1.AuthErrorCode.PHONE_EXISTS)
+        return 409;
+    if (code === error_codes_enum_1.AuthErrorCode.SIGNUP_DISABLED)
+        return 403;
+    if (code.startsWith('VALIDATION_') || code.startsWith('INVALID_'))
+        return 400;
+    if (code === error_codes_enum_1.AuthErrorCode.NOT_FOUND)
+        return 404;
+    if (code === error_codes_enum_1.AuthErrorCode.FORBIDDEN)
+        return 403;
+    if (code === error_codes_enum_1.AuthErrorCode.INTERNAL_ERROR || code === error_codes_enum_1.AuthErrorCode.SERVICE_UNAVAILABLE)
+        return 500;
+    return 400;
+}
+//# sourceMappingURL=nauth.exception.js.map

package/dist/exceptions/nauth.exception.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"nauth.exception.js","sourceRoot":"","sources":["../../src/exceptions/nauth.exception.ts"],"names":[],"mappings":";;;AAqMA,8DAiCC;AAtOD,gEAA0D;AA0D1D,MAAa,cAAe,SAAQ,KAAK;IAIvB,IAAI,CAAgB;IAKpB,OAAO,CAA2B;IAKlC,SAAS,CAAS;IAuBlC,YAAY,IAAmB,EAAE,OAAe,EAAE,OAAiC;QACjF,KAAK,CAAC,OAAO,CAAC,CAAC;QAEf,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAC1C,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;QAG7B,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,cAAc,CAAC,SAAS,CAAC,CAAC;QAGtD,IAAI,KAAK,CAAC,iBAAiB,EAAE,CAAC;YAC5B,KAAK,CAAC,iBAAiB,CAAC,IAAI,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAOD,OAAO;QACL,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAOD,UAAU;QACR,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAmBD,MAAM,CAAC,IAAmB;QACxB,OAAO,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC;IAC5B,CAAC;IAmBD,MAAM;QACJ,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC;IACJ,CAAC;CACF;AAtHD,wCAsHC;AAqBD,SAAgB,yBAAyB,CAAC,IAAmB;IAE3D,IAAI,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC;QAAE,OAAO,GAAG,CAAC;IAG/C,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC7B,IAAI,IAAI,KAAK,gCAAa,CAAC,gBAAgB,IAAI,IAAI,KAAK,gCAAa,CAAC,cAAc;YAAE,OAAO,GAAG,CAAC;QACjG,OAAO,GAAG,CAAC;IACb,CAAC;IAGD,IACE,IAAI,KAAK,gCAAa,CAAC,YAAY;QACnC,IAAI,KAAK,gCAAa,CAAC,eAAe;QACtC,IAAI,KAAK,gCAAa,CAAC,YAAY;QAEnC,OAAO,GAAG,CAAC;IACb,IAAI,IAAI,KAAK,gCAAa,CAAC,eAAe;QAAE,OAAO,GAAG,CAAC;IAGvD,IAAI,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC;QAAE,OAAO,GAAG,CAAC;IAG9E,IAAI,IAAI,KAAK,gCAAa,CAAC,SAAS;QAAE,OAAO,GAAG,CAAC;IAGjD,IAAI,IAAI,KAAK,gCAAa,CAAC,SAAS;QAAE,OAAO,GAAG,CAAC;IAGjD,IAAI,IAAI,KAAK,gCAAa,CAAC,cAAc,IAAI,IAAI,KAAK,gCAAa,CAAC,mBAAmB;QAAE,OAAO,GAAG,CAAC;IAGpG,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/handlers/auth.handler.d.ts

@@ -0,0 +1,18 @@
+import { Repository } from 'typeorm';
+import { NAuthConfig, BaseUser, NAuthLogger } from '../index';
+import { JwtService, SessionService } from '../internal';
+import { NAuthRequest, NAuthResponse } from '../platform/interfaces';
+export declare class AuthHandler {
+    private jwtService;
+    private sessionService;
+    private userRepository;
+    private config;
+    private logger?;
+    constructor(jwtService: JwtService, sessionService: SessionService, userRepository: Repository<BaseUser>, config: NAuthConfig, logger?: NAuthLogger | undefined);
+    handle(req: NAuthRequest, _res: NAuthResponse, next: () => Promise<void> | void): Promise<void>;
+    private extractToken;
+    private updateClientInfoSessionId;
+    private updateClientInfoUserId;
+    private getUserSelectFields;
+}
+//# sourceMappingURL=auth.handler.d.ts.map

package/dist/handlers/auth.handler.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.handler.d.ts","sourceRoot":"","sources":["../../src/handlers/auth.handler.ts"],"names":[],"mappings":"AAUA,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EACL,WAAW,EAIX,QAAQ,EAER,WAAW,EAGZ,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAQrE,qBAAa,WAAW;IAEpB,OAAO,CAAC,UAAU;IAClB,OAAO,CAAC,cAAc;IACtB,OAAO,CAAC,cAAc;IACtB,OAAO,CAAC,MAAM;IACd,OAAO,CAAC,MAAM,CAAC;gBAJP,UAAU,EAAE,UAAU,EACtB,cAAc,EAAE,cAAc,EAC9B,cAAc,EAAE,UAAU,CAAC,QAAQ,CAAC,EACpC,MAAM,EAAE,WAAW,EACnB,MAAM,CAAC,EAAE,WAAW,YAAA;IAQjB,MAAM,CAAC,GAAG,EAAE,YAAY,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAwG5G,OAAO,CAAC,YAAY;IA8CpB,OAAO,CAAC,yBAAyB;IAejC,OAAO,CAAC,sBAAsB;IAe9B,OAAO,CAAC,mBAAmB;CAkC5B"}