@nauth-toolkit/core 0.1.14 → 0.1.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (623) hide show
  1. package/dist/adapters/database-columns.d.ts +70 -0
  2. package/dist/adapters/database-columns.d.ts.map +1 -1
  3. package/dist/adapters/database-columns.js +76 -2
  4. package/dist/adapters/database-columns.js.map +1 -1
  5. package/dist/adapters/express.adapter.d.ts +66 -0
  6. package/dist/adapters/express.adapter.d.ts.map +1 -1
  7. package/dist/adapters/express.adapter.js +80 -0
  8. package/dist/adapters/express.adapter.js.map +1 -1
  9. package/dist/adapters/fastify.adapter.d.ts +42 -0
  10. package/dist/adapters/fastify.adapter.d.ts.map +1 -1
  11. package/dist/adapters/fastify.adapter.js +86 -0
  12. package/dist/adapters/fastify.adapter.js.map +1 -1
  13. package/dist/adapters/index.d.ts +5 -0
  14. package/dist/adapters/index.d.ts.map +1 -1
  15. package/dist/adapters/index.js +9 -0
  16. package/dist/adapters/index.js.map +1 -1
  17. package/dist/adapters/storage.factory.d.ts +107 -0
  18. package/dist/adapters/storage.factory.d.ts.map +1 -1
  19. package/dist/adapters/storage.factory.js +114 -0
  20. package/dist/adapters/storage.factory.js.map +1 -1
  21. package/dist/adapters.d.ts +8 -0
  22. package/dist/adapters.d.ts.map +1 -1
  23. package/dist/adapters.js +8 -0
  24. package/dist/adapters.js.map +1 -1
  25. package/dist/bootstrap.d.ts +82 -0
  26. package/dist/bootstrap.d.ts.map +1 -1
  27. package/dist/bootstrap.js +106 -0
  28. package/dist/bootstrap.js.map +1 -1
  29. package/dist/dto/admin-set-password.dto.d.ts +90 -0
  30. package/dist/dto/admin-set-password.dto.d.ts.map +1 -1
  31. package/dist/dto/admin-set-password.dto.js +91 -0
  32. package/dist/dto/admin-set-password.dto.js.map +1 -1
  33. package/dist/dto/auth-challenge.dto.d.ts +170 -0
  34. package/dist/dto/auth-challenge.dto.d.ts.map +1 -1
  35. package/dist/dto/auth-challenge.dto.js +170 -0
  36. package/dist/dto/auth-challenge.dto.js.map +1 -1
  37. package/dist/dto/auth-response.dto.d.ts +196 -0
  38. package/dist/dto/auth-response.dto.d.ts.map +1 -1
  39. package/dist/dto/auth-response.dto.js +149 -0
  40. package/dist/dto/auth-response.dto.js.map +1 -1
  41. package/dist/dto/challenge-response.dto.d.ts +155 -0
  42. package/dist/dto/challenge-response.dto.d.ts.map +1 -1
  43. package/dist/dto/challenge-response.dto.js +8 -0
  44. package/dist/dto/challenge-response.dto.js.map +1 -1
  45. package/dist/dto/change-password-request.dto.d.ts +35 -0
  46. package/dist/dto/change-password-request.dto.d.ts.map +1 -1
  47. package/dist/dto/change-password-request.dto.js +35 -0
  48. package/dist/dto/change-password-request.dto.js.map +1 -1
  49. package/dist/dto/change-password-response.dto.d.ts +25 -0
  50. package/dist/dto/change-password-response.dto.d.ts.map +1 -1
  51. package/dist/dto/change-password-response.dto.js +25 -0
  52. package/dist/dto/change-password-response.dto.js.map +1 -1
  53. package/dist/dto/change-password.dto.d.ts +45 -0
  54. package/dist/dto/change-password.dto.d.ts.map +1 -1
  55. package/dist/dto/change-password.dto.js +45 -0
  56. package/dist/dto/change-password.dto.js.map +1 -1
  57. package/dist/dto/confirm-forgot-password.dto.d.ts +59 -0
  58. package/dist/dto/confirm-forgot-password.dto.d.ts.map +1 -1
  59. package/dist/dto/confirm-forgot-password.dto.js +59 -0
  60. package/dist/dto/confirm-forgot-password.dto.js.map +1 -1
  61. package/dist/dto/error-response.dto.d.ts +103 -0
  62. package/dist/dto/error-response.dto.d.ts.map +1 -1
  63. package/dist/dto/error-response.dto.js +103 -0
  64. package/dist/dto/error-response.dto.js.map +1 -1
  65. package/dist/dto/forgot-password.dto.d.ts +58 -0
  66. package/dist/dto/forgot-password.dto.d.ts.map +1 -1
  67. package/dist/dto/forgot-password.dto.js +58 -0
  68. package/dist/dto/forgot-password.dto.js.map +1 -1
  69. package/dist/dto/get-available-methods.dto.d.ts +37 -0
  70. package/dist/dto/get-available-methods.dto.d.ts.map +1 -1
  71. package/dist/dto/get-available-methods.dto.js +37 -0
  72. package/dist/dto/get-available-methods.dto.js.map +1 -1
  73. package/dist/dto/get-challenge-data-response.dto.d.ts +24 -0
  74. package/dist/dto/get-challenge-data-response.dto.d.ts.map +1 -1
  75. package/dist/dto/get-challenge-data-response.dto.js +24 -0
  76. package/dist/dto/get-challenge-data-response.dto.js.map +1 -1
  77. package/dist/dto/get-challenge-data.dto.d.ts +46 -0
  78. package/dist/dto/get-challenge-data.dto.d.ts.map +1 -1
  79. package/dist/dto/get-challenge-data.dto.js +46 -0
  80. package/dist/dto/get-challenge-data.dto.js.map +1 -1
  81. package/dist/dto/get-client-info.dto.d.ts +74 -0
  82. package/dist/dto/get-client-info.dto.d.ts.map +1 -1
  83. package/dist/dto/get-client-info.dto.js +74 -0
  84. package/dist/dto/get-client-info.dto.js.map +1 -1
  85. package/dist/dto/get-device-token-response.dto.d.ts +21 -0
  86. package/dist/dto/get-device-token-response.dto.d.ts.map +1 -1
  87. package/dist/dto/get-device-token-response.dto.js +21 -0
  88. package/dist/dto/get-device-token-response.dto.js.map +1 -1
  89. package/dist/dto/get-events-by-type.dto.d.ts +50 -0
  90. package/dist/dto/get-events-by-type.dto.d.ts.map +1 -1
  91. package/dist/dto/get-events-by-type.dto.js +50 -0
  92. package/dist/dto/get-events-by-type.dto.js.map +1 -1
  93. package/dist/dto/get-ip-address-response.dto.d.ts +20 -0
  94. package/dist/dto/get-ip-address-response.dto.d.ts.map +1 -1
  95. package/dist/dto/get-ip-address-response.dto.js +20 -0
  96. package/dist/dto/get-ip-address-response.dto.js.map +1 -1
  97. package/dist/dto/get-mfa-status.dto.d.ts +59 -0
  98. package/dist/dto/get-mfa-status.dto.d.ts.map +1 -1
  99. package/dist/dto/get-mfa-status.dto.js +59 -0
  100. package/dist/dto/get-mfa-status.dto.js.map +1 -1
  101. package/dist/dto/get-risk-assessment-history.dto.d.ts +28 -0
  102. package/dist/dto/get-risk-assessment-history.dto.d.ts.map +1 -1
  103. package/dist/dto/get-risk-assessment-history.dto.js +28 -0
  104. package/dist/dto/get-risk-assessment-history.dto.js.map +1 -1
  105. package/dist/dto/get-session-id-response.dto.d.ts +21 -0
  106. package/dist/dto/get-session-id-response.dto.d.ts.map +1 -1
  107. package/dist/dto/get-session-id-response.dto.js +21 -0
  108. package/dist/dto/get-session-id-response.dto.js.map +1 -1
  109. package/dist/dto/get-setup-data-response.dto.d.ts +27 -0
  110. package/dist/dto/get-setup-data-response.dto.d.ts.map +1 -1
  111. package/dist/dto/get-setup-data-response.dto.js +27 -0
  112. package/dist/dto/get-setup-data-response.dto.js.map +1 -1
  113. package/dist/dto/get-setup-data.dto.d.ts +51 -0
  114. package/dist/dto/get-setup-data.dto.d.ts.map +1 -1
  115. package/dist/dto/get-setup-data.dto.js +51 -0
  116. package/dist/dto/get-setup-data.dto.js.map +1 -1
  117. package/dist/dto/get-suspicious-activity.dto.d.ts +31 -0
  118. package/dist/dto/get-suspicious-activity.dto.d.ts.map +1 -1
  119. package/dist/dto/get-suspicious-activity.dto.js +31 -0
  120. package/dist/dto/get-suspicious-activity.dto.js.map +1 -1
  121. package/dist/dto/get-user-agent-response.dto.d.ts +19 -0
  122. package/dist/dto/get-user-agent-response.dto.d.ts.map +1 -1
  123. package/dist/dto/get-user-agent-response.dto.js +19 -0
  124. package/dist/dto/get-user-agent-response.dto.js.map +1 -1
  125. package/dist/dto/get-user-auth-history.dto.d.ts +64 -0
  126. package/dist/dto/get-user-auth-history.dto.d.ts.map +1 -1
  127. package/dist/dto/get-user-auth-history.dto.js +64 -0
  128. package/dist/dto/get-user-auth-history.dto.js.map +1 -1
  129. package/dist/dto/get-user-by-email.dto.d.ts +42 -0
  130. package/dist/dto/get-user-by-email.dto.d.ts.map +1 -1
  131. package/dist/dto/get-user-by-email.dto.js +42 -0
  132. package/dist/dto/get-user-by-email.dto.js.map +1 -1
  133. package/dist/dto/get-user-by-id.dto.d.ts +32 -0
  134. package/dist/dto/get-user-by-id.dto.d.ts.map +1 -1
  135. package/dist/dto/get-user-by-id.dto.js +32 -0
  136. package/dist/dto/get-user-by-id.dto.js.map +1 -1
  137. package/dist/dto/get-user-devices.dto.d.ts +34 -0
  138. package/dist/dto/get-user-devices.dto.d.ts.map +1 -1
  139. package/dist/dto/get-user-devices.dto.js +34 -0
  140. package/dist/dto/get-user-devices.dto.js.map +1 -1
  141. package/dist/dto/get-user-response.dto.d.ts +14 -0
  142. package/dist/dto/get-user-response.dto.d.ts.map +1 -1
  143. package/dist/dto/get-user-response.dto.js +15 -0
  144. package/dist/dto/get-user-response.dto.js.map +1 -1
  145. package/dist/dto/has-provider.dto.d.ts +33 -0
  146. package/dist/dto/has-provider.dto.d.ts.map +1 -1
  147. package/dist/dto/has-provider.dto.js +33 -0
  148. package/dist/dto/has-provider.dto.js.map +1 -1
  149. package/dist/dto/index.js +5 -0
  150. package/dist/dto/index.js.map +1 -1
  151. package/dist/dto/is-trusted-device-response.dto.d.ts +28 -0
  152. package/dist/dto/is-trusted-device-response.dto.d.ts.map +1 -1
  153. package/dist/dto/is-trusted-device-response.dto.js +28 -0
  154. package/dist/dto/is-trusted-device-response.dto.js.map +1 -1
  155. package/dist/dto/list-providers-response.dto.d.ts +19 -0
  156. package/dist/dto/list-providers-response.dto.d.ts.map +1 -1
  157. package/dist/dto/list-providers-response.dto.js +19 -0
  158. package/dist/dto/list-providers-response.dto.js.map +1 -1
  159. package/dist/dto/login.dto.d.ts +48 -0
  160. package/dist/dto/login.dto.d.ts.map +1 -1
  161. package/dist/dto/login.dto.js +50 -1
  162. package/dist/dto/login.dto.js.map +1 -1
  163. package/dist/dto/logout-all-response.dto.d.ts +20 -0
  164. package/dist/dto/logout-all-response.dto.d.ts.map +1 -1
  165. package/dist/dto/logout-all-response.dto.js +20 -0
  166. package/dist/dto/logout-all-response.dto.js.map +1 -1
  167. package/dist/dto/logout-all.dto.d.ts +42 -0
  168. package/dist/dto/logout-all.dto.d.ts.map +1 -1
  169. package/dist/dto/logout-all.dto.js +42 -0
  170. package/dist/dto/logout-all.dto.js.map +1 -1
  171. package/dist/dto/logout-response.dto.d.ts +21 -0
  172. package/dist/dto/logout-response.dto.d.ts.map +1 -1
  173. package/dist/dto/logout-response.dto.js +21 -0
  174. package/dist/dto/logout-response.dto.js.map +1 -1
  175. package/dist/dto/logout.dto.d.ts +45 -0
  176. package/dist/dto/logout.dto.d.ts.map +1 -1
  177. package/dist/dto/logout.dto.js +45 -0
  178. package/dist/dto/logout.dto.js.map +1 -1
  179. package/dist/dto/refresh-token.dto.d.ts +28 -0
  180. package/dist/dto/refresh-token.dto.d.ts.map +1 -1
  181. package/dist/dto/refresh-token.dto.js +28 -0
  182. package/dist/dto/refresh-token.dto.js.map +1 -1
  183. package/dist/dto/remove-devices.dto.d.ts +51 -0
  184. package/dist/dto/remove-devices.dto.d.ts.map +1 -1
  185. package/dist/dto/remove-devices.dto.js +51 -0
  186. package/dist/dto/remove-devices.dto.js.map +1 -1
  187. package/dist/dto/resend-code-response.dto.d.ts +28 -0
  188. package/dist/dto/resend-code-response.dto.d.ts.map +1 -1
  189. package/dist/dto/resend-code-response.dto.js +28 -0
  190. package/dist/dto/resend-code-response.dto.js.map +1 -1
  191. package/dist/dto/resend-code.dto.d.ts +37 -0
  192. package/dist/dto/resend-code.dto.d.ts.map +1 -1
  193. package/dist/dto/resend-code.dto.js +37 -0
  194. package/dist/dto/resend-code.dto.js.map +1 -1
  195. package/dist/dto/reset-password.dto.d.ts +74 -0
  196. package/dist/dto/reset-password.dto.d.ts.map +1 -1
  197. package/dist/dto/reset-password.dto.js +76 -1
  198. package/dist/dto/reset-password.dto.js.map +1 -1
  199. package/dist/dto/respond-challenge.dto.d.ts +147 -0
  200. package/dist/dto/respond-challenge.dto.d.ts.map +1 -1
  201. package/dist/dto/respond-challenge.dto.js +162 -0
  202. package/dist/dto/respond-challenge.dto.js.map +1 -1
  203. package/dist/dto/set-mfa-exemption.dto.d.ts +65 -0
  204. package/dist/dto/set-mfa-exemption.dto.d.ts.map +1 -1
  205. package/dist/dto/set-mfa-exemption.dto.js +65 -0
  206. package/dist/dto/set-mfa-exemption.dto.js.map +1 -1
  207. package/dist/dto/set-must-change-password-response.dto.d.ts +23 -0
  208. package/dist/dto/set-must-change-password-response.dto.d.ts.map +1 -1
  209. package/dist/dto/set-must-change-password-response.dto.js +23 -0
  210. package/dist/dto/set-must-change-password-response.dto.js.map +1 -1
  211. package/dist/dto/set-must-change-password.dto.d.ts +32 -0
  212. package/dist/dto/set-must-change-password.dto.d.ts.map +1 -1
  213. package/dist/dto/set-must-change-password.dto.js +32 -0
  214. package/dist/dto/set-must-change-password.dto.js.map +1 -1
  215. package/dist/dto/set-preferred-method.dto.d.ts +48 -0
  216. package/dist/dto/set-preferred-method.dto.d.ts.map +1 -1
  217. package/dist/dto/set-preferred-method.dto.js +48 -0
  218. package/dist/dto/set-preferred-method.dto.js.map +1 -1
  219. package/dist/dto/setup-mfa.dto.d.ts +62 -0
  220. package/dist/dto/setup-mfa.dto.d.ts.map +1 -1
  221. package/dist/dto/setup-mfa.dto.js +62 -0
  222. package/dist/dto/setup-mfa.dto.js.map +1 -1
  223. package/dist/dto/signup.dto.d.ts +92 -0
  224. package/dist/dto/signup.dto.d.ts.map +1 -1
  225. package/dist/dto/signup.dto.js +93 -0
  226. package/dist/dto/signup.dto.js.map +1 -1
  227. package/dist/dto/social-auth.dto.d.ts +234 -0
  228. package/dist/dto/social-auth.dto.d.ts.map +1 -1
  229. package/dist/dto/social-auth.dto.js +234 -0
  230. package/dist/dto/social-auth.dto.js.map +1 -1
  231. package/dist/dto/trust-device-response.dto.d.ts +26 -0
  232. package/dist/dto/trust-device-response.dto.d.ts.map +1 -1
  233. package/dist/dto/trust-device-response.dto.js +26 -0
  234. package/dist/dto/trust-device-response.dto.js.map +1 -1
  235. package/dist/dto/trust-device.dto.d.ts +9 -0
  236. package/dist/dto/trust-device.dto.d.ts.map +1 -1
  237. package/dist/dto/trust-device.dto.js +9 -0
  238. package/dist/dto/trust-device.dto.js.map +1 -1
  239. package/dist/dto/update-user-attributes-request.dto.d.ts +36 -0
  240. package/dist/dto/update-user-attributes-request.dto.d.ts.map +1 -1
  241. package/dist/dto/update-user-attributes-request.dto.js +36 -0
  242. package/dist/dto/update-user-attributes-request.dto.js.map +1 -1
  243. package/dist/dto/user-response.dto.d.ts +81 -0
  244. package/dist/dto/user-response.dto.d.ts.map +1 -1
  245. package/dist/dto/user-response.dto.js +84 -2
  246. package/dist/dto/user-response.dto.js.map +1 -1
  247. package/dist/dto/user-update.dto.d.ts +132 -0
  248. package/dist/dto/user-update.dto.d.ts.map +1 -1
  249. package/dist/dto/user-update.dto.js +133 -0
  250. package/dist/dto/user-update.dto.js.map +1 -1
  251. package/dist/dto/verify-email.dto.d.ts +171 -0
  252. package/dist/dto/verify-email.dto.d.ts.map +1 -1
  253. package/dist/dto/verify-email.dto.js +173 -1
  254. package/dist/dto/verify-email.dto.js.map +1 -1
  255. package/dist/dto/verify-mfa-code.dto.d.ts +65 -0
  256. package/dist/dto/verify-mfa-code.dto.d.ts.map +1 -1
  257. package/dist/dto/verify-mfa-code.dto.js +65 -0
  258. package/dist/dto/verify-mfa-code.dto.js.map +1 -1
  259. package/dist/dto/verify-phone-by-sub.dto.d.ts +49 -0
  260. package/dist/dto/verify-phone-by-sub.dto.d.ts.map +1 -1
  261. package/dist/dto/verify-phone-by-sub.dto.js +49 -0
  262. package/dist/dto/verify-phone-by-sub.dto.js.map +1 -1
  263. package/dist/dto/verify-phone.dto.d.ts +139 -0
  264. package/dist/dto/verify-phone.dto.d.ts.map +1 -1
  265. package/dist/dto/verify-phone.dto.js +142 -1
  266. package/dist/dto/verify-phone.dto.js.map +1 -1
  267. package/dist/dto.d.ts +10 -0
  268. package/dist/dto.d.ts.map +1 -1
  269. package/dist/dto.js +10 -0
  270. package/dist/dto.js.map +1 -1
  271. package/dist/entities/auth-audit.entity.d.ts +159 -0
  272. package/dist/entities/auth-audit.entity.d.ts.map +1 -1
  273. package/dist/entities/auth-audit.entity.js +166 -0
  274. package/dist/entities/auth-audit.entity.js.map +1 -1
  275. package/dist/entities/challenge-session.entity.d.ts +87 -0
  276. package/dist/entities/challenge-session.entity.d.ts.map +1 -1
  277. package/dist/entities/challenge-session.entity.js +87 -0
  278. package/dist/entities/challenge-session.entity.js.map +1 -1
  279. package/dist/entities/index.d.ts +18 -0
  280. package/dist/entities/index.d.ts.map +1 -1
  281. package/dist/entities/index.js +18 -0
  282. package/dist/entities/index.js.map +1 -1
  283. package/dist/entities/login-attempt.entity.d.ts +43 -0
  284. package/dist/entities/login-attempt.entity.d.ts.map +1 -1
  285. package/dist/entities/login-attempt.entity.js +43 -0
  286. package/dist/entities/login-attempt.entity.js.map +1 -1
  287. package/dist/entities/mfa-device.entity.d.ts +112 -0
  288. package/dist/entities/mfa-device.entity.d.ts.map +1 -1
  289. package/dist/entities/mfa-device.entity.js +112 -0
  290. package/dist/entities/mfa-device.entity.js.map +1 -1
  291. package/dist/entities/rate-limit.entity.d.ts +31 -0
  292. package/dist/entities/rate-limit.entity.d.ts.map +1 -1
  293. package/dist/entities/rate-limit.entity.js +31 -0
  294. package/dist/entities/rate-limit.entity.js.map +1 -1
  295. package/dist/entities/session.entity.d.ts +121 -0
  296. package/dist/entities/session.entity.d.ts.map +1 -1
  297. package/dist/entities/session.entity.js +121 -0
  298. package/dist/entities/session.entity.js.map +1 -1
  299. package/dist/entities/social-account.entity.d.ts +75 -0
  300. package/dist/entities/social-account.entity.d.ts.map +1 -1
  301. package/dist/entities/social-account.entity.js +75 -0
  302. package/dist/entities/social-account.entity.js.map +1 -1
  303. package/dist/entities/storage-lock.entity.d.ts +28 -0
  304. package/dist/entities/storage-lock.entity.d.ts.map +1 -1
  305. package/dist/entities/storage-lock.entity.js +28 -0
  306. package/dist/entities/storage-lock.entity.js.map +1 -1
  307. package/dist/entities/trusted-device.entity.d.ts +83 -0
  308. package/dist/entities/trusted-device.entity.d.ts.map +1 -1
  309. package/dist/entities/trusted-device.entity.js +83 -0
  310. package/dist/entities/trusted-device.entity.js.map +1 -1
  311. package/dist/entities/user.entity.d.ts +166 -0
  312. package/dist/entities/user.entity.d.ts.map +1 -1
  313. package/dist/entities/user.entity.js +166 -0
  314. package/dist/entities/user.entity.js.map +1 -1
  315. package/dist/entities/verification-token.entity.d.ts +102 -0
  316. package/dist/entities/verification-token.entity.d.ts.map +1 -1
  317. package/dist/entities/verification-token.entity.js +102 -0
  318. package/dist/entities/verification-token.entity.js.map +1 -1
  319. package/dist/entities.d.ts +8 -0
  320. package/dist/entities.d.ts.map +1 -1
  321. package/dist/entities.js +8 -0
  322. package/dist/entities.js.map +1 -1
  323. package/dist/enums/auth-audit-event-type.enum.d.ts +211 -0
  324. package/dist/enums/auth-audit-event-type.enum.d.ts.map +1 -1
  325. package/dist/enums/auth-audit-event-type.enum.js +244 -0
  326. package/dist/enums/auth-audit-event-type.enum.js.map +1 -1
  327. package/dist/enums/error-codes.enum.d.ts +296 -0
  328. package/dist/enums/error-codes.enum.d.ts.map +1 -1
  329. package/dist/enums/error-codes.enum.js +332 -0
  330. package/dist/enums/error-codes.enum.js.map +1 -1
  331. package/dist/enums/mfa-method.enum.d.ts +74 -0
  332. package/dist/enums/mfa-method.enum.d.ts.map +1 -1
  333. package/dist/enums/mfa-method.enum.js +64 -0
  334. package/dist/enums/mfa-method.enum.js.map +1 -1
  335. package/dist/enums/risk-factor.enum.d.ts +91 -0
  336. package/dist/enums/risk-factor.enum.d.ts.map +1 -1
  337. package/dist/enums/risk-factor.enum.js +97 -0
  338. package/dist/enums/risk-factor.enum.js.map +1 -1
  339. package/dist/exceptions/nauth.exception.d.ts +149 -0
  340. package/dist/exceptions/nauth.exception.d.ts.map +1 -1
  341. package/dist/exceptions/nauth.exception.js +159 -0
  342. package/dist/exceptions/nauth.exception.js.map +1 -1
  343. package/dist/handlers/auth.handler.d.ts +32 -0
  344. package/dist/handlers/auth.handler.d.ts.map +1 -1
  345. package/dist/handlers/auth.handler.js +47 -1
  346. package/dist/handlers/auth.handler.js.map +1 -1
  347. package/dist/handlers/client-info.handler.d.ts +25 -0
  348. package/dist/handlers/client-info.handler.d.ts.map +1 -1
  349. package/dist/handlers/client-info.handler.js +36 -2
  350. package/dist/handlers/client-info.handler.js.map +1 -1
  351. package/dist/handlers/csrf.handler.d.ts +32 -0
  352. package/dist/handlers/csrf.handler.d.ts.map +1 -1
  353. package/dist/handlers/csrf.handler.js +49 -1
  354. package/dist/handlers/csrf.handler.js.map +1 -1
  355. package/dist/handlers/token-delivery.handler.d.ts +16 -0
  356. package/dist/handlers/token-delivery.handler.d.ts.map +1 -1
  357. package/dist/handlers/token-delivery.handler.js +22 -1
  358. package/dist/handlers/token-delivery.handler.js.map +1 -1
  359. package/dist/index.d.ts +34 -0
  360. package/dist/index.d.ts.map +1 -1
  361. package/dist/index.js +67 -0
  362. package/dist/index.js.map +1 -1
  363. package/dist/interfaces/client-info.interface.d.ts +58 -0
  364. package/dist/interfaces/client-info.interface.d.ts.map +1 -1
  365. package/dist/interfaces/config.interface.d.ts +1774 -0
  366. package/dist/interfaces/config.interface.d.ts.map +1 -1
  367. package/dist/interfaces/config.interface.js +16 -0
  368. package/dist/interfaces/config.interface.js.map +1 -1
  369. package/dist/interfaces/entities.interface.d.ts +48 -0
  370. package/dist/interfaces/entities.interface.d.ts.map +1 -1
  371. package/dist/interfaces/entities.interface.js +8 -0
  372. package/dist/interfaces/entities.interface.js.map +1 -1
  373. package/dist/interfaces/index.js +5 -0
  374. package/dist/interfaces/index.js.map +1 -1
  375. package/dist/interfaces/logger.interface.d.ts +213 -0
  376. package/dist/interfaces/logger.interface.d.ts.map +1 -1
  377. package/dist/interfaces/logger.interface.js +35 -0
  378. package/dist/interfaces/logger.interface.js.map +1 -1
  379. package/dist/interfaces/mfa-provider.interface.d.ts +134 -0
  380. package/dist/interfaces/mfa-provider.interface.d.ts.map +1 -1
  381. package/dist/interfaces/oauth.interface.d.ts +110 -0
  382. package/dist/interfaces/oauth.interface.d.ts.map +1 -1
  383. package/dist/interfaces/provider.interface.d.ts +83 -0
  384. package/dist/interfaces/provider.interface.d.ts.map +1 -1
  385. package/dist/interfaces/sms-template.interface.d.ts +246 -0
  386. package/dist/interfaces/sms-template.interface.d.ts.map +1 -1
  387. package/dist/interfaces/sms-template.interface.js +26 -0
  388. package/dist/interfaces/sms-template.interface.js.map +1 -1
  389. package/dist/interfaces/social-auth-provider.interface.d.ts +115 -0
  390. package/dist/interfaces/social-auth-provider.interface.d.ts.map +1 -1
  391. package/dist/interfaces/storage-adapter.interface.d.ts +37 -0
  392. package/dist/interfaces/storage-adapter.interface.d.ts.map +1 -1
  393. package/dist/interfaces/template.interface.d.ts +351 -0
  394. package/dist/interfaces/template.interface.d.ts.map +1 -1
  395. package/dist/interfaces/template.interface.js +13 -0
  396. package/dist/interfaces/template.interface.js.map +1 -1
  397. package/dist/interfaces/token-verifier.interface.d.ts +101 -0
  398. package/dist/interfaces/token-verifier.interface.d.ts.map +1 -1
  399. package/dist/interfaces.d.ts +8 -0
  400. package/dist/interfaces.d.ts.map +1 -1
  401. package/dist/interfaces.js +8 -0
  402. package/dist/interfaces.js.map +1 -1
  403. package/dist/internal.d.ts +120 -0
  404. package/dist/internal.d.ts.map +1 -1
  405. package/dist/internal.js +138 -0
  406. package/dist/internal.js.map +1 -1
  407. package/dist/platform/interfaces.d.ts +187 -0
  408. package/dist/platform/interfaces.d.ts.map +1 -1
  409. package/dist/platform/interfaces.js +11 -0
  410. package/dist/platform/interfaces.js.map +1 -1
  411. package/dist/schemas/auth-config.schema.d.ts +48 -0
  412. package/dist/schemas/auth-config.schema.d.ts.map +1 -1
  413. package/dist/schemas/auth-config.schema.js +188 -9
  414. package/dist/schemas/auth-config.schema.js.map +1 -1
  415. package/dist/services/adaptive-mfa-decision.service.d.ts +144 -0
  416. package/dist/services/adaptive-mfa-decision.service.d.ts.map +1 -1
  417. package/dist/services/adaptive-mfa-decision.service.js +151 -5
  418. package/dist/services/adaptive-mfa-decision.service.js.map +1 -1
  419. package/dist/services/auth-audit.service.d.ts +195 -0
  420. package/dist/services/auth-audit.service.d.ts.map +1 -1
  421. package/dist/services/auth-audit.service.js +228 -1
  422. package/dist/services/auth-audit.service.js.map +1 -1
  423. package/dist/services/auth-challenge-helper.service.d.ts +144 -1
  424. package/dist/services/auth-challenge-helper.service.d.ts.map +1 -1
  425. package/dist/services/auth-challenge-helper.service.js +295 -16
  426. package/dist/services/auth-challenge-helper.service.js.map +1 -1
  427. package/dist/services/auth-flow-context-builder.service.d.ts +120 -1
  428. package/dist/services/auth-flow-context-builder.service.d.ts.map +1 -1
  429. package/dist/services/auth-flow-context-builder.service.js +184 -5
  430. package/dist/services/auth-flow-context-builder.service.js.map +1 -1
  431. package/dist/services/auth-flow-rules.d.ts +136 -0
  432. package/dist/services/auth-flow-rules.d.ts.map +1 -1
  433. package/dist/services/auth-flow-rules.js +137 -0
  434. package/dist/services/auth-flow-rules.js.map +1 -1
  435. package/dist/services/auth-flow-state-definitions.d.ts +40 -0
  436. package/dist/services/auth-flow-state-definitions.d.ts.map +1 -1
  437. package/dist/services/auth-flow-state-definitions.js +98 -0
  438. package/dist/services/auth-flow-state-definitions.js.map +1 -1
  439. package/dist/services/auth-flow-state-machine.service.d.ts +91 -0
  440. package/dist/services/auth-flow-state-machine.service.d.ts.map +1 -1
  441. package/dist/services/auth-flow-state-machine.service.js +102 -0
  442. package/dist/services/auth-flow-state-machine.service.js.map +1 -1
  443. package/dist/services/auth-flow-state-machine.types.d.ts +221 -0
  444. package/dist/services/auth-flow-state-machine.types.d.ts.map +1 -1
  445. package/dist/services/auth-flow-state-machine.types.js +47 -0
  446. package/dist/services/auth-flow-state-machine.types.js.map +1 -1
  447. package/dist/services/auth.service.d.ts +397 -1
  448. package/dist/services/auth.service.d.ts.map +1 -1
  449. package/dist/services/auth.service.js +943 -27
  450. package/dist/services/auth.service.js.map +1 -1
  451. package/dist/services/challenge.service.d.ts +255 -1
  452. package/dist/services/challenge.service.d.ts.map +1 -1
  453. package/dist/services/challenge.service.js +327 -3
  454. package/dist/services/challenge.service.js.map +1 -1
  455. package/dist/services/client-info.service.d.ts +143 -0
  456. package/dist/services/client-info.service.d.ts.map +1 -1
  457. package/dist/services/client-info.service.js +161 -0
  458. package/dist/services/client-info.service.js.map +1 -1
  459. package/dist/services/csrf.service.d.ts +15 -0
  460. package/dist/services/csrf.service.d.ts.map +1 -1
  461. package/dist/services/csrf.service.js +16 -0
  462. package/dist/services/csrf.service.js.map +1 -1
  463. package/dist/services/email-verification.service.d.ts +52 -0
  464. package/dist/services/email-verification.service.d.ts.map +1 -1
  465. package/dist/services/email-verification.service.js +149 -10
  466. package/dist/services/email-verification.service.js.map +1 -1
  467. package/dist/services/geo-location.service.d.ts +105 -0
  468. package/dist/services/geo-location.service.d.ts.map +1 -1
  469. package/dist/services/geo-location.service.js +188 -2
  470. package/dist/services/geo-location.service.js.map +1 -1
  471. package/dist/services/jwt.service.d.ts +257 -0
  472. package/dist/services/jwt.service.d.ts.map +1 -1
  473. package/dist/services/jwt.service.js +284 -1
  474. package/dist/services/jwt.service.js.map +1 -1
  475. package/dist/services/mfa-base.service.d.ts +179 -1
  476. package/dist/services/mfa-base.service.d.ts.map +1 -1
  477. package/dist/services/mfa-base.service.js +256 -2
  478. package/dist/services/mfa-base.service.js.map +1 -1
  479. package/dist/services/mfa.service.d.ts +304 -0
  480. package/dist/services/mfa.service.d.ts.map +1 -1
  481. package/dist/services/mfa.service.js +380 -0
  482. package/dist/services/mfa.service.js.map +1 -1
  483. package/dist/services/password-reset.service.d.ts +46 -0
  484. package/dist/services/password-reset.service.d.ts.map +1 -1
  485. package/dist/services/password-reset.service.js +79 -0
  486. package/dist/services/password-reset.service.js.map +1 -1
  487. package/dist/services/password.service.d.ts +139 -0
  488. package/dist/services/password.service.d.ts.map +1 -1
  489. package/dist/services/password.service.js +167 -9
  490. package/dist/services/password.service.js.map +1 -1
  491. package/dist/services/phone-verification.service.d.ts +75 -0
  492. package/dist/services/phone-verification.service.d.ts.map +1 -1
  493. package/dist/services/phone-verification.service.js +188 -6
  494. package/dist/services/phone-verification.service.js.map +1 -1
  495. package/dist/services/risk-detection.service.d.ts +198 -0
  496. package/dist/services/risk-detection.service.d.ts.map +1 -1
  497. package/dist/services/risk-detection.service.js +358 -11
  498. package/dist/services/risk-detection.service.js.map +1 -1
  499. package/dist/services/risk-scoring.service.d.ts +84 -0
  500. package/dist/services/risk-scoring.service.d.ts.map +1 -1
  501. package/dist/services/risk-scoring.service.js +87 -0
  502. package/dist/services/risk-scoring.service.js.map +1 -1
  503. package/dist/services/session.service.d.ts +204 -0
  504. package/dist/services/session.service.d.ts.map +1 -1
  505. package/dist/services/session.service.js +289 -4
  506. package/dist/services/session.service.js.map +1 -1
  507. package/dist/services/social-auth-base.service.d.ts +123 -1
  508. package/dist/services/social-auth-base.service.d.ts.map +1 -1
  509. package/dist/services/social-auth-base.service.js +155 -2
  510. package/dist/services/social-auth-base.service.js.map +1 -1
  511. package/dist/services/social-auth.service.d.ts +191 -0
  512. package/dist/services/social-auth.service.d.ts.map +1 -1
  513. package/dist/services/social-auth.service.js +215 -2
  514. package/dist/services/social-auth.service.js.map +1 -1
  515. package/dist/services/social-provider-registry.service.d.ts +86 -0
  516. package/dist/services/social-provider-registry.service.d.ts.map +1 -1
  517. package/dist/services/social-provider-registry.service.js +86 -0
  518. package/dist/services/social-provider-registry.service.js.map +1 -1
  519. package/dist/services/trusted-device.service.d.ts +105 -0
  520. package/dist/services/trusted-device.service.d.ts.map +1 -1
  521. package/dist/services/trusted-device.service.js +133 -4
  522. package/dist/services/trusted-device.service.js.map +1 -1
  523. package/dist/storage/account-lockout-storage.service.d.ts +35 -0
  524. package/dist/storage/account-lockout-storage.service.d.ts.map +1 -1
  525. package/dist/storage/account-lockout-storage.service.js +35 -0
  526. package/dist/storage/account-lockout-storage.service.js.map +1 -1
  527. package/dist/storage/memory-storage.adapter.d.ts +148 -0
  528. package/dist/storage/memory-storage.adapter.d.ts.map +1 -1
  529. package/dist/storage/memory-storage.adapter.js +201 -6
  530. package/dist/storage/memory-storage.adapter.js.map +1 -1
  531. package/dist/storage/rate-limit-storage.service.d.ts +3 -0
  532. package/dist/storage/rate-limit-storage.service.d.ts.map +1 -1
  533. package/dist/storage/rate-limit-storage.service.js +4 -0
  534. package/dist/storage/rate-limit-storage.service.js.map +1 -1
  535. package/dist/storage.d.ts +8 -0
  536. package/dist/storage.d.ts.map +1 -1
  537. package/dist/storage.js +8 -0
  538. package/dist/storage.js.map +1 -1
  539. package/dist/templates/html-template.engine.d.ts +110 -0
  540. package/dist/templates/html-template.engine.d.ts.map +1 -1
  541. package/dist/templates/html-template.engine.js +147 -0
  542. package/dist/templates/html-template.engine.js.map +1 -1
  543. package/dist/templates/index.d.ts +5 -0
  544. package/dist/templates/index.d.ts.map +1 -1
  545. package/dist/templates/index.js +5 -0
  546. package/dist/templates/index.js.map +1 -1
  547. package/dist/templates/sms-template.engine.d.ts +151 -0
  548. package/dist/templates/sms-template.engine.d.ts.map +1 -1
  549. package/dist/templates/sms-template.engine.js +171 -0
  550. package/dist/templates/sms-template.engine.js.map +1 -1
  551. package/dist/templates.d.ts +8 -0
  552. package/dist/templates.d.ts.map +1 -1
  553. package/dist/templates.js +8 -0
  554. package/dist/templates.js.map +1 -1
  555. package/dist/utils/common-passwords.d.ts +42 -0
  556. package/dist/utils/common-passwords.d.ts.map +1 -1
  557. package/dist/utils/common-passwords.js +88 -0
  558. package/dist/utils/common-passwords.js.map +1 -1
  559. package/dist/utils/context-storage.d.ts +129 -0
  560. package/dist/utils/context-storage.d.ts.map +1 -1
  561. package/dist/utils/context-storage.js +129 -0
  562. package/dist/utils/context-storage.js.map +1 -1
  563. package/dist/utils/cookie-names.util.d.ts +35 -0
  564. package/dist/utils/cookie-names.util.d.ts.map +1 -1
  565. package/dist/utils/cookie-names.util.js +37 -0
  566. package/dist/utils/cookie-names.util.js.map +1 -1
  567. package/dist/utils/cookies.util.d.ts +19 -0
  568. package/dist/utils/cookies.util.d.ts.map +1 -1
  569. package/dist/utils/cookies.util.js +30 -3
  570. package/dist/utils/cookies.util.js.map +1 -1
  571. package/dist/utils/index.d.ts +3 -0
  572. package/dist/utils/index.d.ts.map +1 -1
  573. package/dist/utils/index.js +4 -0
  574. package/dist/utils/index.js.map +1 -1
  575. package/dist/utils/ip-extractor.d.ts +88 -0
  576. package/dist/utils/ip-extractor.d.ts.map +1 -1
  577. package/dist/utils/ip-extractor.js +109 -16
  578. package/dist/utils/ip-extractor.js.map +1 -1
  579. package/dist/utils/nauth-logger.d.ts +70 -0
  580. package/dist/utils/nauth-logger.d.ts.map +1 -1
  581. package/dist/utils/nauth-logger.js +82 -4
  582. package/dist/utils/nauth-logger.js.map +1 -1
  583. package/dist/utils/pii-redactor.d.ts +70 -0
  584. package/dist/utils/pii-redactor.d.ts.map +1 -1
  585. package/dist/utils/pii-redactor.js +102 -0
  586. package/dist/utils/pii-redactor.js.map +1 -1
  587. package/dist/utils/setup/get-repositories.d.ts +16 -0
  588. package/dist/utils/setup/get-repositories.d.ts.map +1 -1
  589. package/dist/utils/setup/get-repositories.js +21 -0
  590. package/dist/utils/setup/get-repositories.js.map +1 -1
  591. package/dist/utils/setup/init-services.d.ts +40 -1
  592. package/dist/utils/setup/init-services.d.ts.map +1 -1
  593. package/dist/utils/setup/init-services.js +98 -0
  594. package/dist/utils/setup/init-services.js.map +1 -1
  595. package/dist/utils/setup/init-social.d.ts +27 -0
  596. package/dist/utils/setup/init-social.d.ts.map +1 -1
  597. package/dist/utils/setup/init-social.js +49 -0
  598. package/dist/utils/setup/init-social.js.map +1 -1
  599. package/dist/utils/setup/init-storage.d.ts +22 -0
  600. package/dist/utils/setup/init-storage.d.ts.map +1 -1
  601. package/dist/utils/setup/init-storage.js +36 -0
  602. package/dist/utils/setup/init-storage.js.map +1 -1
  603. package/dist/utils/setup/register-mfa.d.ts +22 -0
  604. package/dist/utils/setup/register-mfa.d.ts.map +1 -1
  605. package/dist/utils/setup/register-mfa.js +41 -0
  606. package/dist/utils/setup/register-mfa.js.map +1 -1
  607. package/dist/utils/setup/run-nauth-migrations.d.ts +7 -0
  608. package/dist/utils/setup/run-nauth-migrations.d.ts.map +1 -1
  609. package/dist/utils/setup/run-nauth-migrations.js +8 -0
  610. package/dist/utils/setup/run-nauth-migrations.js.map +1 -1
  611. package/dist/utils/token-delivery-policy.d.ts +17 -0
  612. package/dist/utils/token-delivery-policy.d.ts.map +1 -1
  613. package/dist/utils/token-delivery-policy.js +17 -0
  614. package/dist/utils/token-delivery-policy.js.map +1 -1
  615. package/dist/utils.d.ts +8 -0
  616. package/dist/utils.d.ts.map +1 -1
  617. package/dist/utils.js +8 -0
  618. package/dist/utils.js.map +1 -1
  619. package/dist/validators/template.validator.d.ts +80 -0
  620. package/dist/validators/template.validator.d.ts.map +1 -1
  621. package/dist/validators/template.validator.js +94 -0
  622. package/dist/validators/template.validator.js.map +1 -1
  623. package/package.json +7 -2
package/dist/services/challenge.service.d.ts CHANGED
@@ -6,27 +6,281 @@ import { NAuthLogger } from '../utils/nauth-logger';
6
6
  import { InternalAuthAuditService as AuthAuditService } from './auth-audit.service';
7
7
  import { ClientInfoService } from './client-info.service';
8
8
  import { NAuthConfig } from '../interfaces/config.interface';
9
+ /**
10
+ * Challenge Session Service
11
+ *
12
+ * Manages authentication challenge sessions for the challenge-response flow.
13
+ * Challenge sessions are temporary, short-lived sessions (typically 15 minutes)
14
+ * that track pending authentication challenges similar to AWS Cognito.
15
+ *
16
+ * Handles:
17
+ * - Challenge session creation and validation
18
+ * - Session expiration and cleanup
19
+ * - Attempt tracking and rate limiting
20
+ * - Secure session token generation
21
+ *
22
+ * @example
23
+ * ```typescript
24
+ * // Create a challenge session
25
+ * const session = await challengeService.createChallengeSession(
26
+ * user,
27
+ * AuthChallenge.VERIFY_EMAIL,
28
+ * { email: user.email }
29
+ * );
30
+ *
31
+ * // Validate and consume a challenge session
32
+ * const validSession = await challengeService.validateAndConsumeSession(
33
+ * sessionToken,
34
+ * AuthChallenge.VERIFY_EMAIL
35
+ * );
36
+ * ```
37
+ */
9
38
  export declare class ChallengeService {
10
39
  private readonly challengeSessionRepository;
11
40
  private readonly clientInfoService;
12
41
  private readonly logger;
13
42
  private readonly auditService?;
14
43
  private readonly config?;
44
+ /**
45
+ * Default challenge session expiration time (15 minutes)
46
+ */
15
47
  private readonly DEFAULT_EXPIRATION_MINUTES;
48
+ /**
49
+ * Default maximum attempts per challenge session
50
+ */
16
51
  private readonly DEFAULT_MAX_ATTEMPTS;
17
- constructor(challengeSessionRepository: Repository<BaseChallengeSession>, clientInfoService: ClientInfoService, logger: NAuthLogger, auditService?: AuthAuditService | undefined, config?: NAuthConfig | undefined);
52
+ constructor(challengeSessionRepository: Repository<BaseChallengeSession>, clientInfoService: ClientInfoService, logger: NAuthLogger, auditService?: AuthAuditService | undefined, // Optional - audit trail service (enabled via config.auditLogs.enabled)
53
+ config?: NAuthConfig | undefined);
54
+ /**
55
+ * Per-user cleanup throttle map to avoid frequent cleanup writes
56
+ */
18
57
  private readonly lastCleanupByUserId;
58
+ /**
59
+ * Create a new challenge session
60
+ *
61
+ * Generates a unique session token and stores challenge metadata.
62
+ * The session token is returned to the client and must be submitted
63
+ * when responding to the challenge.
64
+ *
65
+ * **Deduplication:**
66
+ * If an active (non-completed, non-expired) session already exists for the same user
67
+ * and challenge type, this method returns the existing session instead of creating
68
+ * a duplicate. This prevents:
69
+ * - Excessive `CHALLENGE_CREATED` audit events
70
+ * - Database bloat from duplicate sessions
71
+ * - User confusion from multiple active sessions for the same challenge
72
+ *
73
+ * @param user - User the challenge session belongs to
74
+ * @param challengeName - Type of challenge (VERIFY_EMAIL, VERIFY_PHONE, etc.)
75
+ * @param metadata - Challenge-specific data
76
+ * @returns Challenge session with session token (new or existing)
77
+ * @remarks Client info (ipAddress, userAgent) is automatically extracted from ClientInfoService context
78
+ *
79
+ * @example
80
+ * ```typescript
81
+ * const session = await challengeService.createChallengeSession(
82
+ * user,
83
+ * AuthChallenge.VERIFY_EMAIL,
84
+ * { email: user.email, verificationTokenId: tokenId }
85
+ * );
86
+ * // Returns: { sessionToken: 'uuid-here', expiresAt: Date, ... }
87
+ * // If called again before completion, returns same session (no duplicate audit event)
88
+ * ```
89
+ */
19
90
  createChallengeSession(user: IUser, challengeName: AuthChallenge, metadata?: Record<string, unknown>): Promise<IChallengeSession>;
91
+ /**
92
+ * Validate a challenge session token for code requests
93
+ *
94
+ * Validates session for requesting new verification codes (SMS, email, etc.).
95
+ * Skips max attempts check since requesting a new code is not a verification attempt.
96
+ * This method is used internally by nauth when sending verification codes.
97
+ *
98
+ * @param sessionToken - Session token to validate
99
+ * @param expectedChallenge - Expected challenge type (optional, for additional verification)
100
+ * @returns Valid challenge session
101
+ * @throws {UnauthorizedException} If session is invalid, expired, or already completed
102
+ *
103
+ * @example
104
+ * ```typescript
105
+ * // Used internally by nauth when sending verification codes
106
+ * const session = await challengeService.validateSessionForCodeRequest(
107
+ * 'session-token-123',
108
+ * AuthChallenge.MFA_REQUIRED
109
+ * );
110
+ * ```
111
+ */
20
112
  validateSessionForCodeRequest(sessionToken: string, expectedChallenge?: AuthChallenge): Promise<IChallengeSession>;
113
+ /**
114
+ * Validate a challenge session token
115
+ *
116
+ * Checks if the session token is valid, not expired, not completed,
117
+ * and matches the expected challenge type. Does NOT consume the session.
118
+ * Enforces max attempts check for verification attempts.
119
+ *
120
+ * @param sessionToken - Session token to validate
121
+ * @param expectedChallenge - Expected challenge type (optional, for additional verification)
122
+ * @returns Valid challenge session
123
+ * @throws {UnauthorizedException} If session is invalid, expired, or already completed
124
+ *
125
+ * @example
126
+ * ```typescript
127
+ * try {
128
+ * const session = await challengeService.validateSession(
129
+ * 'session-token-123',
130
+ * AuthChallenge.VERIFY_EMAIL
131
+ * );
132
+ * // Session is valid, proceed with verification
133
+ * } catch (error) {
134
+ * // Session is invalid
135
+ * }
136
+ * ```
137
+ */
21
138
  validateSession(sessionToken: string, expectedChallenge?: AuthChallenge): Promise<IChallengeSession>;
139
+ /**
140
+ * Internal method to validate challenge session
141
+ *
142
+ * @param sessionToken - Session token to validate
143
+ * @param expectedChallenge - Expected challenge type (optional)
144
+ * @param skipMaxAttemptsCheck - If true, skip max attempts check (for code requests)
145
+ * @returns Valid challenge session
146
+ * @private
147
+ */
22
148
  private validateSessionInternal;
149
+ /**
150
+ * Increment attempt counter for a challenge session
151
+ *
152
+ * Tracks failed attempts to complete a challenge.
153
+ * Used to prevent brute-force attacks on verification codes.
154
+ *
155
+ * @param session - Challenge session to increment
156
+ * @returns Updated session
157
+ *
158
+ * @example
159
+ * ```typescript
160
+ * await challengeService.incrementAttempts(session);
161
+ * ```
162
+ */
23
163
  incrementAttempts(session: IChallengeSession): Promise<IChallengeSession>;
164
+ /**
165
+ * Validate and consume a challenge session
166
+ *
167
+ * Validates the session and marks it as completed if validation succeeds.
168
+ * This method should be called only after successful challenge completion.
169
+ *
170
+ * @param sessionToken - Session token to validate and consume
171
+ * @param expectedChallenge - Expected challenge type
172
+ * @returns Valid, completed challenge session with user
173
+ * @throws {UnauthorizedException} If session is invalid
174
+ *
175
+ * @example
176
+ * ```typescript
177
+ * const session = await challengeService.validateAndConsumeSession(
178
+ * 'session-token-123',
179
+ * AuthChallenge.VERIFY_EMAIL
180
+ * );
181
+ * // Session is now marked complete and cannot be reused
182
+ * ```
183
+ */
24
184
  validateAndConsumeSession(sessionToken: string, expectedChallenge: AuthChallenge): Promise<IChallengeSession>;
185
+ /**
186
+ * Update challenge session metadata
187
+ *
188
+ * Updates the metadata field of an existing challenge session.
189
+ * Used to store additional challenge-specific data (e.g., passkey challenge).
190
+ *
191
+ * @param sessionToken - Session token to update
192
+ * @param metadata - Metadata to merge into existing metadata
193
+ * @returns Updated challenge session
194
+ * @throws {NAuthException} If session not found or invalid
195
+ *
196
+ * @example
197
+ * ```typescript
198
+ * await challengeService.updateMetadata('session-token-123', {
199
+ * passkeyChallenge: 'base64-challenge-string'
200
+ * });
201
+ * ```
202
+ */
25
203
  updateMetadata(sessionToken: string, metadata: Record<string, unknown>): Promise<IChallengeSession>;
204
+ /**
205
+ * Clean up expired or completed challenge sessions for a user
206
+ *
207
+ * Removes old sessions to prevent database bloat.
208
+ * Called automatically when creating new challenge sessions.
209
+ *
210
+ * @param userId - User ID to clean up sessions for
211
+ *
212
+ * @example
213
+ * ```typescript
214
+ * await challengeService.cleanupExpiredSessions(user.id);
215
+ * ```
216
+ */
26
217
  cleanupExpiredSessions(userId: number): Promise<void>;
218
+ /**
219
+ * Clean up all expired challenge sessions (for all users)
220
+ *
221
+ * Should be called periodically (e.g., via cron job) to maintain
222
+ * database health.
223
+ *
224
+ * @returns Number of sessions deleted
225
+ *
226
+ * @example
227
+ * ```typescript
228
+ * // In a scheduled job
229
+ * const deleted = await challengeService.cleanupAllExpiredSessions();
230
+ * logger.log(`Cleaned up ${deleted} expired challenge sessions`);
231
+ * ```
232
+ */
27
233
  cleanupAllExpiredSessions(): Promise<number>;
234
+ /**
235
+ * Delete challenge sessions by challenge name for a user
236
+ *
237
+ * Removes all active (not completed, not expired) challenge sessions
238
+ * of the specified type for a user. Used to clean up phantom challenges
239
+ * when user completes the requirement (e.g., sets up MFA).
240
+ *
241
+ * @param userId - Internal user ID
242
+ * @param challengeName - Challenge type to delete
243
+ * @returns Number of sessions deleted
244
+ *
245
+ * @example
246
+ * ```typescript
247
+ * // Clear MFA_SETUP_REQUIRED challenge when user sets up MFA
248
+ * const deleted = await challengeService.deleteUserChallengeSessions(
249
+ * user.id,
250
+ * AuthChallenge.MFA_SETUP_REQUIRED
251
+ * );
252
+ * ```
253
+ */
28
254
  deleteUserChallengeSessions(userId: number, challengeName: AuthChallenge): Promise<number>;
255
+ /**
256
+ * Mask email address for display in challenge parameters
257
+ *
258
+ * Shows first character and domain, hides the rest.
259
+ *
260
+ * @param email - Email to mask
261
+ * @returns Masked email
262
+ *
263
+ * @example
264
+ * ```typescript
265
+ * maskEmail('john.doe@example.com')
266
+ * // Returns: 'j***@example.com'
267
+ * ```
268
+ */
29
269
  maskEmail(email: string): string;
270
+ /**
271
+ * Mask phone number for display in challenge parameters
272
+ *
273
+ * Shows last 4 digits, hides the rest.
274
+ *
275
+ * @param phone - Phone to mask
276
+ * @returns Masked phone
277
+ *
278
+ * @example
279
+ * ```typescript
280
+ * maskPhone('+1234567890')
281
+ * // Returns: '***-***-7890'
282
+ * ```
283
+ */
30
284
  maskPhone(phone: string): string;
31
285
  }
32
286
  //# sourceMappingURL=challenge.service.d.ts.map
package/dist/services/challenge.service.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"challenge.service.d.ts","sourceRoot":"","sources":["../../src/services/challenge.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AAC5E,OAAO,EAAE,UAAU,EAAY,MAAM,SAAS,CAAC;AAC/C,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAEnD,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,wBAAwB,IAAI,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AAIpF,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;AA+B7D,qBAAa,gBAAgB;IAYzB,OAAO,CAAC,QAAQ,CAAC,0BAA0B;IAC3C,OAAO,CAAC,QAAQ,CAAC,iBAAiB;IAClC,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;IAC9B,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;IAZ1B,OAAO,CAAC,QAAQ,CAAC,0BAA0B,CAAM;IAKjD,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAK;gBAGvB,0BAA0B,EAAE,UAAU,CAAC,oBAAoB,CAAC,EAC5D,iBAAiB,EAAE,iBAAiB,EACpC,MAAM,EAAE,WAAW,EACnB,YAAY,CAAC,EAAE,gBAAgB,YAAA,EAC/B,MAAM,CAAC,EAAE,WAAW,YAAA;IAMvC,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAkC;IAsChE,sBAAsB,CAC1B,IAAI,EAAE,KAAK,EACX,aAAa,EAAE,aAAa,EAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GACjC,OAAO,CAAC,iBAAiB,CAAC;IAqKvB,6BAA6B,CACjC,YAAY,EAAE,MAAM,EACpB,iBAAiB,CAAC,EAAE,aAAa,GAChC,OAAO,CAAC,iBAAiB,CAAC;IA6BvB,eAAe,CAAC,YAAY,EAAE,MAAM,EAAE,iBAAiB,CAAC,EAAE,aAAa,GAAG,OAAO,CAAC,iBAAiB,CAAC;YAa5F,uBAAuB;IA8D/B,iBAAiB,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAsFzE,yBAAyB,CAAC,YAAY,EAAE,MAAM,EAAE,iBAAiB,EAAE,aAAa,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAwE7G,cAAc,CAAC,YAAY,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,iBAAiB,CAAC;IA2CnG,sBAAsB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA2BrD,yBAAyB,IAAI,OAAO,CAAC,MAAM,CAAC;IA+B5C,2BAA2B,CAAC,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC;IAiChG,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAoBhC,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;CAKjC"}
1
+ {"version":3,"file":"challenge.service.d.ts","sourceRoot":"","sources":["../../src/services/challenge.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AAC5E,OAAO,EAAE,UAAU,EAAY,MAAM,SAAS,CAAC;AAC/C,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAEnD,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,wBAAwB,IAAI,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AAIpF,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;AAE7D;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,qBAAa,gBAAgB;IAYzB,OAAO,CAAC,QAAQ,CAAC,0BAA0B;IAC3C,OAAO,CAAC,QAAQ,CAAC,iBAAiB;IAClC,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;IAC9B,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;IAf1B;;OAEG;IACH,OAAO,CAAC,QAAQ,CAAC,0BAA0B,CAAM;IAEjD;;OAEG;IACH,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAK;gBAGvB,0BAA0B,EAAE,UAAU,CAAC,oBAAoB,CAAC,EAC5D,iBAAiB,EAAE,iBAAiB,EACpC,MAAM,EAAE,WAAW,EACnB,YAAY,CAAC,EAAE,gBAAgB,YAAA,EAAE,wEAAwE;IACzG,MAAM,CAAC,EAAE,WAAW,YAAA;IAGvC;;OAEG;IACH,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAkC;IAMtE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA+BG;IACG,sBAAsB,CAC1B,IAAI,EAAE,KAAK,EACX,aAAa,EAAE,aAAa,EAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GACjC,OAAO,CAAC,iBAAiB,CAAC;IAgJ7B;;;;;;;;;;;;;;;;;;;;OAoBG;IACG,6BAA6B,CACjC,YAAY,EAAE,MAAM,EACpB,iBAAiB,CAAC,EAAE,aAAa,GAChC,OAAO,CAAC,iBAAiB,CAAC;IAI7B;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACG,eAAe,CAAC,YAAY,EAAE,MAAM,EAAE,iBAAiB,CAAC,EAAE,aAAa,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAI1G;;;;;;;;OAQG;YACW,uBAAuB;IAgDrC;;;;;;;;;;;;;OAaG;IACG,iBAAiB,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAkE/E;;;;;;;;;;;;;;;;;;;OAmBG;IACG,yBAAyB,CAAC,YAAY,EAAE,MAAM,EAAE,iBAAiB,EAAE,aAAa,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAsDnH;;;;;;;;;;;;;;;;;OAiBG;IACG,cAAc,CAAC,YAAY,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,iBAAiB,CAAC;IA8BzG;;;;;;;;;;;;OAYG;IACG,sBAAsB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAY3D;;;;;;;;;;;;;;OAcG;IACG,yBAAyB,IAAI,OAAO,CAAC,MAAM,CAAC;IAWlD;;;;;;;;;;;;;;;;;;;OAmBG;IACG,2BAA2B,CAAC,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC;IAmBhG;;;;;;;;;;;;;OAaG;IACH,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAMhC;;;;;;;;;;;;;OAaG;IACH,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;CAKjC"}