npm - @objectstack/plugin-auth - Versions diffs - 3.2.7 → 3.2.8 - Mend

@objectstack/plugin-auth 3.2.7 → 3.2.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/dist/index.mjs CHANGED Viewed

@@ -510,145 +510,6 @@ var AuthManager = class {
   }
 };
-// src/auth-plugin.ts
-var AuthPlugin = class {
-  constructor(options = {}) {
-    this.name = "com.objectstack.auth";
-    this.type = "standard";
-    this.version = "1.0.0";
-    this.dependencies = [];
-    this.authManager = null;
-    this.options = {
-      registerRoutes: true,
-      basePath: "/api/v1/auth",
-      ...options
-    };
-  }
-  async init(ctx) {
-    ctx.logger.info("Initializing Auth Plugin...");
-    if (!this.options.secret) {
-      throw new Error("AuthPlugin: secret is required");
-    }
-    const dataEngine = ctx.getService("data");
-    if (!dataEngine) {
-      ctx.logger.warn("No data engine service found - auth will use in-memory storage");
-    }
-    this.authManager = new AuthManager({
-      ...this.options,
-      dataEngine
-    });
-    ctx.registerService("auth", this.authManager);
-    ctx.logger.info("Auth Plugin initialized successfully");
-  }
-  async start(ctx) {
-    ctx.logger.info("Starting Auth Plugin...");
-    if (!this.authManager) {
-      throw new Error("Auth manager not initialized");
-    }
-    if (this.options.registerRoutes) {
-      ctx.hook("kernel:ready", async () => {
-        let httpServer = null;
-        try {
-          httpServer = ctx.getService("http-server");
-        } catch {
-        }
-        if (httpServer) {
-          const serverWithPort = httpServer;
-          if (this.authManager && typeof serverWithPort.getPort === "function") {
-            const actualPort = serverWithPort.getPort();
-            if (actualPort) {
-              const configuredUrl = this.options.baseUrl || "http://localhost:3000";
-              const configuredOrigin = new URL(configuredUrl).origin;
-              const actualUrl = `http://localhost:${actualPort}`;
-              if (configuredOrigin !== actualUrl) {
-                this.authManager.setRuntimeBaseUrl(actualUrl);
-                ctx.logger.info(
-                  `Auth baseUrl auto-updated to ${actualUrl} (configured: ${configuredUrl})`
-                );
-              }
-            }
-          }
-          this.registerAuthRoutes(httpServer, ctx);
-          ctx.logger.info(`Auth routes registered at ${this.options.basePath}`);
-        } else {
-          ctx.logger.warn(
-            "No HTTP server available \u2014 auth routes not registered. Auth service is still available for MSW/mock environments via HttpDispatcher."
-          );
-        }
-      });
-    }
-    try {
-      const ql = ctx.getService("objectql");
-      if (ql && typeof ql.registerMiddleware === "function") {
-        ql.registerMiddleware(async (opCtx, next) => {
-          if (opCtx.context?.userId || opCtx.context?.isSystem) {
-            return next();
-          }
-          await next();
-        });
-        ctx.logger.info("Auth middleware registered on ObjectQL engine");
-      }
-    } catch (_e) {
-      ctx.logger.debug("ObjectQL engine not available, skipping auth middleware registration");
-    }
-    ctx.logger.info("Auth Plugin started successfully");
-  }
-  async destroy() {
-    this.authManager = null;
-  }
-  /**
-   * Register authentication routes with HTTP server
-   *
-   * Uses better-auth's universal handler for all authentication requests.
-   * This forwards all requests under basePath to better-auth, which handles:
-   * - Email/password authentication
-   * - OAuth providers (Google, GitHub, etc.)
-   * - Session management
-   * - Password reset
-   * - Email verification
-   * - 2FA, passkeys, magic links (if enabled)
-   */
-  registerAuthRoutes(httpServer, ctx) {
-    if (!this.authManager) return;
-    const basePath = this.options.basePath || "/api/v1/auth";
-    if (!("getRawApp" in httpServer) || typeof httpServer.getRawApp !== "function") {
-      ctx.logger.error("HTTP server does not support getRawApp() - wildcard routing requires Hono server");
-      throw new Error(
-        "AuthPlugin requires HonoServerPlugin for wildcard routing support. Please ensure HonoServerPlugin is loaded before AuthPlugin."
-      );
-    }
-    const rawApp = httpServer.getRawApp();
-    rawApp.all(`${basePath}/*`, async (c) => {
-      try {
-        const response = await this.authManager.handleRequest(c.req.raw);
-        if (response.status >= 500) {
-          try {
-            const body = await response.clone().text();
-            ctx.logger.error("[AuthPlugin] better-auth returned server error", new Error(`HTTP ${response.status}: ${body}`));
-          } catch {
-            ctx.logger.error("[AuthPlugin] better-auth returned server error", new Error(`HTTP ${response.status}: (unable to read body)`));
-          }
-        }
-        return response;
-      } catch (error) {
-        const err = error instanceof Error ? error : new Error(String(error));
-        ctx.logger.error("Auth request error:", err);
-        return new Response(
-          JSON.stringify({
-            success: false,
-            error: err.message
-          }),
-          {
-            status: 500,
-            headers: { "Content-Type": "application/json" }
-          }
-        );
-      }
-    });
-    ctx.logger.info(`Auth routes registered: All requests under ${basePath}/* forwarded to better-auth`);
-  }
-};
 // src/objects/sys-user.object.ts
 import { ObjectSchema, Field } from "@objectstack/spec/data";
 var SysUser = ObjectSchema.create({
@@ -1358,6 +1219,165 @@ var SysTwoFactor = ObjectSchema11.create({
     mru: false
   }
 });
+// src/auth-plugin.ts
+var AuthPlugin = class {
+  constructor(options = {}) {
+    this.name = "com.objectstack.auth";
+    this.type = "standard";
+    this.version = "1.0.0";
+    this.dependencies = [];
+    this.authManager = null;
+    this.options = {
+      registerRoutes: true,
+      basePath: "/api/v1/auth",
+      ...options
+    };
+  }
+  async init(ctx) {
+    ctx.logger.info("Initializing Auth Plugin...");
+    if (!this.options.secret) {
+      throw new Error("AuthPlugin: secret is required");
+    }
+    const dataEngine = ctx.getService("data");
+    if (!dataEngine) {
+      ctx.logger.warn("No data engine service found - auth will use in-memory storage");
+    }
+    this.authManager = new AuthManager({
+      ...this.options,
+      dataEngine
+    });
+    ctx.registerService("auth", this.authManager);
+    ctx.registerService("app.com.objectstack.system", {
+      id: "com.objectstack.system",
+      name: "System",
+      version: "1.0.0",
+      type: "plugin",
+      namespace: "sys",
+      objects: [
+        SysUser,
+        SysSession,
+        SysAccount,
+        SysVerification,
+        SysOrganization,
+        SysMember,
+        SysInvitation,
+        SysTeam,
+        SysTeamMember,
+        SysApiKey,
+        SysTwoFactor
+      ]
+    });
+    ctx.logger.info("Auth Plugin initialized successfully");
+  }
+  async start(ctx) {
+    ctx.logger.info("Starting Auth Plugin...");
+    if (!this.authManager) {
+      throw new Error("Auth manager not initialized");
+    }
+    if (this.options.registerRoutes) {
+      ctx.hook("kernel:ready", async () => {
+        let httpServer = null;
+        try {
+          httpServer = ctx.getService("http-server");
+        } catch {
+        }
+        if (httpServer) {
+          const serverWithPort = httpServer;
+          if (this.authManager && typeof serverWithPort.getPort === "function") {
+            const actualPort = serverWithPort.getPort();
+            if (actualPort) {
+              const configuredUrl = this.options.baseUrl || "http://localhost:3000";
+              const configuredOrigin = new URL(configuredUrl).origin;
+              const actualUrl = `http://localhost:${actualPort}`;
+              if (configuredOrigin !== actualUrl) {
+                this.authManager.setRuntimeBaseUrl(actualUrl);
+                ctx.logger.info(
+                  `Auth baseUrl auto-updated to ${actualUrl} (configured: ${configuredUrl})`
+                );
+              }
+            }
+          }
+          this.registerAuthRoutes(httpServer, ctx);
+          ctx.logger.info(`Auth routes registered at ${this.options.basePath}`);
+        } else {
+          ctx.logger.warn(
+            "No HTTP server available \u2014 auth routes not registered. Auth service is still available for MSW/mock environments via HttpDispatcher."
+          );
+        }
+      });
+    }
+    try {
+      const ql = ctx.getService("objectql");
+      if (ql && typeof ql.registerMiddleware === "function") {
+        ql.registerMiddleware(async (opCtx, next) => {
+          if (opCtx.context?.userId || opCtx.context?.isSystem) {
+            return next();
+          }
+          await next();
+        });
+        ctx.logger.info("Auth middleware registered on ObjectQL engine");
+      }
+    } catch (_e) {
+      ctx.logger.debug("ObjectQL engine not available, skipping auth middleware registration");
+    }
+    ctx.logger.info("Auth Plugin started successfully");
+  }
+  async destroy() {
+    this.authManager = null;
+  }
+  /**
+   * Register authentication routes with HTTP server
+   *
+   * Uses better-auth's universal handler for all authentication requests.
+   * This forwards all requests under basePath to better-auth, which handles:
+   * - Email/password authentication
+   * - OAuth providers (Google, GitHub, etc.)
+   * - Session management
+   * - Password reset
+   * - Email verification
+   * - 2FA, passkeys, magic links (if enabled)
+   */
+  registerAuthRoutes(httpServer, ctx) {
+    if (!this.authManager) return;
+    const basePath = this.options.basePath || "/api/v1/auth";
+    if (!("getRawApp" in httpServer) || typeof httpServer.getRawApp !== "function") {
+      ctx.logger.error("HTTP server does not support getRawApp() - wildcard routing requires Hono server");
+      throw new Error(
+        "AuthPlugin requires HonoServerPlugin for wildcard routing support. Please ensure HonoServerPlugin is loaded before AuthPlugin."
+      );
+    }
+    const rawApp = httpServer.getRawApp();
+    rawApp.all(`${basePath}/*`, async (c) => {
+      try {
+        const response = await this.authManager.handleRequest(c.req.raw);
+        if (response.status >= 500) {
+          try {
+            const body = await response.clone().text();
+            ctx.logger.error("[AuthPlugin] better-auth returned server error", new Error(`HTTP ${response.status}: ${body}`));
+          } catch {
+            ctx.logger.error("[AuthPlugin] better-auth returned server error", new Error(`HTTP ${response.status}: (unable to read body)`));
+          }
+        }
+        return response;
+      } catch (error) {
+        const err = error instanceof Error ? error : new Error(String(error));
+        ctx.logger.error("Auth request error:", err);
+        return new Response(
+          JSON.stringify({
+            success: false,
+            error: err.message
+          }),
+          {
+            status: 500,
+            headers: { "Content-Type": "application/json" }
+          }
+        );
+      }
+    });
+    ctx.logger.info(`Auth routes registered: All requests under ${basePath}/* forwarded to better-auth`);
+  }
+};
 export {
   AUTH_ACCOUNT_CONFIG,
   AUTH_INVITATION_SCHEMA,