@open-core/identity 1.0.0 → 1.2.0

package/dist/services/principal/local-principal.provider.js

@@ -1,4 +1,3 @@
-"use strict";
 var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
     var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
     if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
@@ -8,12 +7,10 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
 var __metadata = (this && this.__metadata) || function (k, v) {
     if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
 };
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.LocalPrincipalProvider = void 0;
-const tsyringe_1 = require("tsyringe");
-const framework_1 = require("@open-core/framework");
-const account_service_1 = require("../account.service");
-const account_repository_1 = require("../../repositories/account.repository");
+import { injectable } from "tsyringe";
+import { Utils } from "@open-core/framework";
+import { AccountService } from "../account.service";
+import { AccountRepository } from "../../repositories/account.repository";
 /**
  * Local principal provider that reads roles and permissions from local database.
  * This is the default/traditional principal provider for FiveM servers.
@@ -32,11 +29,11 @@ let LocalPrincipalProvider = class LocalPrincipalProvider {
     async getPrincipal(player) {
         const linked = player.accountID;
         if (!linked) {
-            throw new framework_1.Utils.AppError("UNAUTHORIZED", "Player is not authenticated (no linked account)", "server");
+            throw new Utils.AppError("UNAUTHORIZED", "Player is not authenticated (no linked account)", "server");
         }
         const result = await this.repo.findByLinkedIdWithRole(String(linked));
         if (!result) {
-            throw new framework_1.Utils.AppError("UNAUTHORIZED", "Linked account not found", "server");
+            throw new Utils.AppError("UNAUTHORIZED", "Linked account not found", "server");
         }
         const { account, role } = result;
         if (this.accounts.isBanExpired(account)) {
@@ -44,7 +41,7 @@ let LocalPrincipalProvider = class LocalPrincipalProvider {
             account.banned = false;
         }
         if (account.banned) {
-            throw new framework_1.Utils.AppError("PERMISSION_DENIED", "Account is banned", "server", {
+            throw new Utils.AppError("PERMISSION_DENIED", "Account is banned", "server", {
                 banReason: account.banReason,
                 banExpires: account.banExpires,
             });
@@ -106,9 +103,9 @@ let LocalPrincipalProvider = class LocalPrincipalProvider {
         return Array.from(base);
     }
 };
-exports.LocalPrincipalProvider = LocalPrincipalProvider;
-exports.LocalPrincipalProvider = LocalPrincipalProvider = __decorate([
-    (0, tsyringe_1.injectable)(),
-    __metadata("design:paramtypes", [account_service_1.AccountService,
-        account_repository_1.AccountRepository])
+LocalPrincipalProvider = __decorate([
+    injectable(),
+    __metadata("design:paramtypes", [AccountService,
+        AccountRepository])
 ], LocalPrincipalProvider);
+export { LocalPrincipalProvider };

package/dist/services/role.service.js

@@ -1,4 +1,3 @@
-"use strict";
 var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
     var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
     if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
@@ -8,10 +7,8 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
 var __metadata = (this && this.__metadata) || function (k, v) {
     if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
 };
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.RoleService = void 0;
-const tsyringe_1 = require("tsyringe");
-const role_repository_1 = require("../repositories/role.repository");
+import { injectable } from "tsyringe";
+import { RoleRepository } from "../repositories/role.repository";
 /**
  * Service for managing roles and their permissions.
  * Handles CRUD operations and permission management for roles.
@@ -138,8 +135,8 @@ let RoleService = class RoleService {
         await this.repo.updatePermissions(roleId, filtered);
     }
 };
-exports.RoleService = RoleService;
-exports.RoleService = RoleService = __decorate([
-    (0, tsyringe_1.injectable)(),
-    __metadata("design:paramtypes", [role_repository_1.RoleRepository])
+RoleService = __decorate([
+    injectable(),
+    __metadata("design:paramtypes", [RoleRepository])
 ], RoleService);
+export { RoleService };

package/dist/setup.js

@@ -1,18 +1,15 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.setupIdentity = setupIdentity;
-const account_repository_1 = require("./repositories/account.repository");
-const role_repository_1 = require("./repositories/role.repository");
-const account_service_1 = require("./services/account.service");
-const role_service_1 = require("./services/role.service");
-const memory_cache_service_1 = require("./services/cache/memory-cache.service");
-const local_auth_provider_1 = require("./services/auth/local-auth.provider");
-const credentials_auth_provider_1 = require("./services/auth/credentials-auth.provider");
-const api_auth_provider_1 = require("./services/auth/api-auth.provider");
-const local_principal_provider_1 = require("./services/principal/local-principal.provider");
-const api_principal_provider_1 = require("./services/principal/api-principal.provider");
-const identity_auth_provider_1 = require("./services/identity-auth.provider");
-const identity_principal_provider_1 = require("./services/identity-principal.provider");
+import { AccountRepository } from "./repositories/account.repository";
+import { RoleRepository } from "./repositories/role.repository";
+import { AccountService } from "./services/account.service";
+import { RoleService } from "./services/role.service";
+import { MemoryCacheService } from "./services/cache/memory-cache.service";
+import { LocalAuthProvider } from "./services/auth/local-auth.provider";
+import { CredentialsAuthProvider } from "./services/auth/credentials-auth.provider";
+import { ApiAuthProvider } from "./services/auth/api-auth.provider";
+import { LocalPrincipalProvider } from "./services/principal/local-principal.provider";
+import { ApiPrincipalProvider } from "./services/principal/api-principal.provider";
+import { IdentityAuthProvider } from "./services/identity-auth.provider";
+import { IdentityPrincipalProvider } from "./services/identity-principal.provider";
 /**
  * Register all Identity module singletons with the DI container.
  *
@@ -45,49 +42,49 @@ const identity_principal_provider_1 = require("./services/identity-principal.pro
  * });
  * ```
  */
-function setupIdentity(container, options = {}) {
+export function setupIdentity(container, options = {}) {
     const { authProvider = "local", principalProvider = "local", useDatabase = authProvider !== "api" && principalProvider !== "api", } = options;
     // Always register cache service (needed for API providers)
-    container.registerSingleton(memory_cache_service_1.MemoryCacheService);
+    container.registerSingleton(MemoryCacheService);
     // Register database-dependent services only if needed
     if (useDatabase) {
-        container.registerSingleton(account_repository_1.AccountRepository);
-        container.registerSingleton(role_repository_1.RoleRepository);
-        container.registerSingleton(account_service_1.AccountService);
-        container.registerSingleton(role_service_1.RoleService);
+        container.registerSingleton(AccountRepository);
+        container.registerSingleton(RoleRepository);
+        container.registerSingleton(AccountService);
+        container.registerSingleton(RoleService);
     }
     // Register Auth Provider based on strategy
     switch (authProvider) {
         case "credentials":
-            container.registerSingleton("AuthProviderContract", credentials_auth_provider_1.CredentialsAuthProvider);
+            container.registerSingleton("AuthProviderContract", CredentialsAuthProvider);
             // Also register as IdentityAuthProvider for backward compatibility
             // Note: CredentialsAuthProvider is not compatible with IdentityAuthProvider interface
             // Users should use the new provider directly
             break;
         case "api":
-            container.registerSingleton("AuthProviderContract", api_auth_provider_1.ApiAuthProvider);
+            container.registerSingleton("AuthProviderContract", ApiAuthProvider);
             // Note: ApiAuthProvider is not compatible with IdentityAuthProvider interface
             // Users should use the new provider directly
             break;
         case "local":
         default:
-            container.registerSingleton("AuthProviderContract", local_auth_provider_1.LocalAuthProvider);
+            container.registerSingleton("AuthProviderContract", LocalAuthProvider);
             // Register LocalAuthProvider as the legacy IdentityAuthProvider for compatibility
-            container.registerSingleton(identity_auth_provider_1.IdentityAuthProvider, local_auth_provider_1.LocalAuthProvider);
+            container.registerSingleton(IdentityAuthProvider, LocalAuthProvider);
             break;
     }
     // Register Principal Provider based on strategy
     switch (principalProvider) {
         case "api":
-            container.registerSingleton("PrincipalProviderContract", api_principal_provider_1.ApiPrincipalProvider);
+            container.registerSingleton("PrincipalProviderContract", ApiPrincipalProvider);
             // Note: ApiPrincipalProvider is not compatible with IdentityPrincipalProvider interface
             // Users should use the new provider directly
             break;
         case "local":
         default:
-            container.registerSingleton("PrincipalProviderContract", local_principal_provider_1.LocalPrincipalProvider);
+            container.registerSingleton("PrincipalProviderContract", LocalPrincipalProvider);
             // Register LocalPrincipalProvider as the legacy IdentityPrincipalProvider for compatibility
-            container.registerSingleton(identity_principal_provider_1.IdentityPrincipalProvider, local_principal_provider_1.LocalPrincipalProvider);
+            container.registerSingleton(IdentityPrincipalProvider, LocalPrincipalProvider);
             break;
     }
 }

package/dist/types/auth.types.js

@@ -1,2 +1 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
+export {};

package/dist/types/index.js

@@ -1,2 +1 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
+export {};

package/package.json

@@ -1,9 +1,17 @@
 {
   "name": "@open-core/identity",
-  "version": "1.0.0",
-  "description": "Flexible identity and authentication system for OpenCore Framework",
+  "version": "1.2.0",
+  "description": "Enterprise-grade identity, authentication, and authorization plugin for OpenCore Framework",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "require": "./dist/index.js"
+    },
+    "./package.json": "./package.json"
+  },
   "scripts": {
     "build": "tsc -p tsconfig.json",
     "clean": "rimraf dist",
@@ -30,7 +38,7 @@
   },
   "packageManager": "pnpm@10.13.1",
   "dependencies": {
-    "@open-core/framework": "^1.0.1-beta.1",
+    "@open-core/framework": "^0.2.4",
     "bcrypt": "^6.0.0",
     "reflect-metadata": "^0.2.2",
     "tsyringe": "^4.10.0",
@@ -39,15 +47,12 @@
   },
   "devDependencies": {
     "@types/bcrypt": "^6.0.0",
-    "@types/node": "^22.7.5",
-    "@typescript-eslint/eslint-plugin": "^8.48.1",
-    "@typescript-eslint/parser": "^8.48.1",
+    "@types/node": "^22.19.1",
     "eslint": "^9.39.1",
     "eslint-config-prettier": "^10.1.8",
-    "eslint-plugin-import": "^2.32.0",
     "eslint-plugin-prettier": "^5.5.4",
     "prettier": "3.7.1",
-    "rimraf": "^6.0.1",
+    "rimraf": "^6.1.2",
     "typescript": "^5.9.3"
   },
   "files": [

package/migrations/001_accounts_table.sql

@@ -1,16 +0,0 @@
-CREATE TABLE IF NOT EXISTS accounts (
-  id INT AUTO_INCREMENT PRIMARY KEY,
-  linked_id VARCHAR(255) UNIQUE NULL,
-  external_source VARCHAR(32) NULL,
-  license VARCHAR(64) UNIQUE,
-  discord VARCHAR(32) UNIQUE,
-  steam VARCHAR(32) UNIQUE,
-  username VARCHAR(64),
-  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-  last_login_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-  banned BOOLEAN DEFAULT FALSE,
-  ban_reason TEXT,
-  ban_expires TIMESTAMP NULL,
-  permissions JSON DEFAULT '[]'
-);
-

package/migrations/002_roles_table.sql

@@ -1,21 +0,0 @@
--- Migration 002: Create roles table
--- This table stores security roles/ranks with hierarchical permissions.
-
-CREATE TABLE IF NOT EXISTS roles (
-  id INT AUTO_INCREMENT PRIMARY KEY,
-  name VARCHAR(64) NOT NULL UNIQUE,
-  display_name VARCHAR(128) NOT NULL,
-  rank INT NOT NULL DEFAULT 0,
-  permissions JSON DEFAULT '[]',
-  is_default BOOLEAN DEFAULT FALSE,
-  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-  
-  INDEX idx_name (name),
-  INDEX idx_is_default (is_default)
-);
-
--- Insert default role for new accounts
-INSERT INTO roles (name, display_name, rank, permissions, is_default) 
-VALUES ('user', 'Player', 0, '[]', TRUE)
-ON DUPLICATE KEY UPDATE name=name;
-

package/migrations/003_alter_accounts_add_role.sql

@@ -1,24 +0,0 @@
--- Migration 003: Alter accounts table to use role-based permissions
--- IMPORTANT: Run this AFTER creating roles and inserting at least a default role.
-
--- Add role_id foreign key column
-ALTER TABLE accounts 
-  ADD COLUMN role_id INT NULL AFTER username;
-
--- Add custom_permissions column for per-account overrides
-ALTER TABLE accounts 
-  ADD COLUMN custom_permissions JSON DEFAULT '[]' AFTER role_id;
-
--- Drop old flat permissions column
-ALTER TABLE accounts 
-  DROP COLUMN IF EXISTS permissions;
-
--- Add foreign key constraint to roles
-ALTER TABLE accounts 
-  ADD CONSTRAINT fk_accounts_role
-  FOREIGN KEY (role_id) REFERENCES roles(id) 
-  ON DELETE SET NULL;
-
--- Add index for faster role lookups
-CREATE INDEX idx_role_id ON accounts(role_id);
-

package/migrations/004_rename_uuid_to_linked_id.sql

@@ -1,12 +0,0 @@
--- Migration to rename uuid column to linked_id and add external_source
--- This migration is for existing installations that already have the accounts table
-
--- Rename uuid column to linked_id and increase length to support various ID formats
-ALTER TABLE accounts CHANGE COLUMN uuid linked_id VARCHAR(255) UNIQUE NULL;
-
--- Add external_source column to track account origin
-ALTER TABLE accounts ADD COLUMN external_source VARCHAR(32) NULL AFTER linked_id;
-
--- Update existing records to mark them as 'local' source
-UPDATE accounts SET external_source = 'local' WHERE external_source IS NULL;
-

package/migrations/005_add_password_hash.sql

@@ -1,7 +0,0 @@
--- Add password_hash column for credentials-based authentication
--- This is optional and only needed if using CredentialsAuthProvider
-
-ALTER TABLE accounts ADD COLUMN password_hash VARCHAR(255) NULL AFTER username;
-
--- Note: For existing systems, passwords can be set via AccountService.setPassword()
-