@nauth-toolkit/core 0.1.65 → 0.1.67

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (29) hide show
  1. package/dist/dto/forgot-password.dto.d.ts +23 -0
  2. package/dist/dto/forgot-password.dto.d.ts.map +1 -1
  3. package/dist/dto/forgot-password.dto.js +35 -0
  4. package/dist/dto/forgot-password.dto.js.map +1 -1
  5. package/dist/interfaces/config.interface.d.ts +16 -45
  6. package/dist/interfaces/config.interface.d.ts.map +1 -1
  7. package/dist/interfaces/provider.interface.d.ts +7 -2
  8. package/dist/interfaces/provider.interface.d.ts.map +1 -1
  9. package/dist/interfaces/storage-adapter.interface.d.ts +12 -1
  10. package/dist/interfaces/storage-adapter.interface.d.ts.map +1 -1
  11. package/dist/schemas/auth-config.schema.d.ts +11 -43
  12. package/dist/schemas/auth-config.schema.d.ts.map +1 -1
  13. package/dist/schemas/auth-config.schema.js +2 -5
  14. package/dist/schemas/auth-config.schema.js.map +1 -1
  15. package/dist/services/auth-service-internal-helpers.d.ts.map +1 -1
  16. package/dist/services/auth-service-internal-helpers.js +2 -1
  17. package/dist/services/auth-service-internal-helpers.js.map +1 -1
  18. package/dist/services/auth.service.d.ts.map +1 -1
  19. package/dist/services/auth.service.js +3 -1
  20. package/dist/services/auth.service.js.map +1 -1
  21. package/dist/services/password-reset.service.d.ts +4 -1
  22. package/dist/services/password-reset.service.d.ts.map +1 -1
  23. package/dist/services/password-reset.service.js +17 -6
  24. package/dist/services/password-reset.service.js.map +1 -1
  25. package/dist/storage/account-lockout-storage.service.d.ts +2 -1
  26. package/dist/storage/account-lockout-storage.service.d.ts.map +1 -1
  27. package/dist/storage/account-lockout-storage.service.js +12 -2
  28. package/dist/storage/account-lockout-storage.service.js.map +1 -1
  29. package/package.json +1 -1
package/dist/storage/account-lockout-storage.service.js CHANGED
@@ -17,11 +17,12 @@ class AccountLockoutStorageService {
17
17
  /**
18
18
  * Record failed login attempt for an IP address
19
19
  * @param ipAddress - IP address that made the failed attempt
20
+ * @param ttlSeconds - Optional TTL (seconds) for the attempt counter window
20
21
  * @returns Number of failed attempts for this IP
21
22
  */
22
- async recordFailedAttempt(ipAddress) {
23
+ async recordFailedAttempt(ipAddress, ttlSeconds) {
23
24
  const key = this.getKey(ipAddress);
24
- return await this.storageAdapter.incr(key);
25
+ return await this.storageAdapter.incr(key, ttlSeconds);
25
26
  }
26
27
  /**
27
28
  * Get failed attempts count for an IP address
@@ -56,6 +57,15 @@ class AccountLockoutStorageService {
56
57
  lockedUntil: new Date(Date.now() + duration * 1000).toISOString(),
57
58
  });
58
59
  await this.storageAdapter.set(lockKey, lockData, duration);
60
+ // ============================================================================
61
+ // IMPORTANT: Reset attempt counter on lock
62
+ // ============================================================================
63
+ // WHY:
64
+ // - Without this, a user can remain at/above maxAttempts and get re-locked immediately
65
+ // once the lock TTL expires (especially when attempt counters are long-lived).
66
+ // - Lock duration is the penalty window; after it expires, users should get a fresh
67
+ // attempt budget within the next attempt window.
68
+ await this.resetFailedAttempts(ipAddress);
59
69
  }
60
70
  /**
61
71
  * Unlock an IP address and reset failed attempts
package/dist/storage/account-lockout-storage.service.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"account-lockout-storage.service.js","sourceRoot":"","sources":["../../src/storage/account-lockout-storage.service.ts"],"names":[],"mappings":";;;AAEA;;;;;GAKG;AACH,MAAa,4BAA4B;IAIV;IAHZ,SAAS,GAAG,mBAAmB,CAAC;IAChC,aAAa,GAAG,kBAAkB,CAAC;IAEpD,YAA6B,cAA8B;QAA9B,mBAAc,GAAd,cAAc,CAAgB;IAAG,CAAC;IAE/D;;;;OAIG;IACH,KAAK,CAAC,mBAAmB,CAAC,SAAiB;QACzC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACnC,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC7C,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CAAC,SAAiB;QACvC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACnC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACjD,OAAO,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACzC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,eAAe,CAAC,SAAiB;QACrC,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;QAC3C,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACnD,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,aAAa,CAAC,SAAiB,EAAE,QAAgB,EAAE,MAAc;QACrE,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;QAC3C,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC;YAC9B,MAAM;YACN,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAClC,WAAW,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;SAClE,CAAC,CAAC;QAEH,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC7D,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,eAAe,CAAC,SAAiB;QACrC,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;QAC3C,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACvC,MAAM,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC;IAC5C,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,mBAAmB,CAAC,SAAiB;QACzC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACnC,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACrC,CAAC;IAEO,MAAM,CAAC,SAAiB;QAC9B,OAAO,GAAG,IAAI,CAAC,SAAS,GAAG,SAAS,EAAE,CAAC;IACzC,CAAC;IAEO,UAAU,CAAC,SAAiB;QAClC,OAAO,GAAG,IAAI,CAAC,aAAa,GAAG,SAAS,EAAE,CAAC;IAC7C,CAAC;CACF;AAhFD,oEAgFC"}
1
+ {"version":3,"file":"account-lockout-storage.service.js","sourceRoot":"","sources":["../../src/storage/account-lockout-storage.service.ts"],"names":[],"mappings":";;;AAEA;;;;;GAKG;AACH,MAAa,4BAA4B;IAIV;IAHZ,SAAS,GAAG,mBAAmB,CAAC;IAChC,aAAa,GAAG,kBAAkB,CAAC;IAEpD,YAA6B,cAA8B;QAA9B,mBAAc,GAAd,cAAc,CAAgB;IAAG,CAAC;IAE/D;;;;;OAKG;IACH,KAAK,CAAC,mBAAmB,CAAC,SAAiB,EAAE,UAAmB;QAC9D,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACnC,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;IACzD,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CAAC,SAAiB;QACvC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACnC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACjD,OAAO,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACzC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,eAAe,CAAC,SAAiB;QACrC,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;QAC3C,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACnD,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,aAAa,CAAC,SAAiB,EAAE,QAAgB,EAAE,MAAc;QACrE,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;QAC3C,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC;YAC9B,MAAM;YACN,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAClC,WAAW,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;SAClE,CAAC,CAAC;QAEH,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAE3D,+EAA+E;QAC/E,2CAA2C;QAC3C,+EAA+E;QAC/E,OAAO;QACP,uFAAuF;QACvF,iFAAiF;QACjF,oFAAoF;QACpF,mDAAmD;QACnD,MAAM,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC;IAC5C,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,eAAe,CAAC,SAAiB;QACrC,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;QAC3C,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACvC,MAAM,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC;IAC5C,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,mBAAmB,CAAC,SAAiB;QACzC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACnC,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACrC,CAAC;IAEO,MAAM,CAAC,SAAiB;QAC9B,OAAO,GAAG,IAAI,CAAC,SAAS,GAAG,SAAS,EAAE,CAAC;IACzC,CAAC;IAEO,UAAU,CAAC,SAAiB;QAClC,OAAO,GAAG,IAAI,CAAC,aAAa,GAAG,SAAS,EAAE,CAAC;IAC7C,CAAC;CACF;AA3FD,oEA2FC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@nauth-toolkit/core",
3
- "version": "0.1.65",
3
+ "version": "0.1.67",
4
4
  "description": "Core authentication toolkit for Node JS",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",