npm - @ovixa/auth-client - Versions diffs - 0.1.0 → 0.1.1 - Mend

@ovixa/auth-client 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -5,6 +5,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/),
 and this project adheres to [Semantic Versioning](https://semver.org/).
+## [0.1.1] - 2026-01-28
+### Added
+- Documentation for `PASSWORD_RESET_REQUIRED` error code (403)
+- Guidance on handling forced password reset in login and token refresh flows
 ## [0.1.0] - 2026-01-26
 ### Added

package/README.md CHANGED Viewed

@@ -418,22 +418,57 @@ try {
 ### Error Codes
-| Code                  | Description                         |
-| --------------------- | ----------------------------------- |
-| `INVALID_CREDENTIALS` | Wrong email or password             |
-| `EMAIL_NOT_VERIFIED`  | User must verify email before login |
-| `INVALID_TOKEN`       | Token is invalid or malformed       |
-| `TOKEN_EXPIRED`       | Token has expired                   |
-| `INVALID_SIGNATURE`   | Token signature verification failed |
-| `INVALID_ISSUER`      | Token issuer doesn't match          |
-| `INVALID_AUDIENCE`    | Token audience doesn't match        |
-| `RATE_LIMITED`        | Too many requests                   |
-| `NETWORK_ERROR`       | Failed to reach auth service        |
-| `BAD_REQUEST`         | Invalid request parameters          |
-| `UNAUTHORIZED`        | Authentication required             |
-| `FORBIDDEN`           | Access denied                       |
-| `NOT_FOUND`           | Resource not found                  |
-| `SERVER_ERROR`        | Auth service error                  |
+| Code                      | Description                                  |
+| ------------------------- | -------------------------------------------- |
+| `INVALID_CREDENTIALS`     | Wrong email or password                      |
+| `EMAIL_NOT_VERIFIED`      | User must verify email before login          |
+| `PASSWORD_RESET_REQUIRED` | Account flagged for mandatory password reset |
+| `INVALID_TOKEN`           | Token is invalid or malformed                |
+| `TOKEN_EXPIRED`           | Token has expired                            |
+| `INVALID_SIGNATURE`       | Token signature verification failed          |
+| `INVALID_ISSUER`          | Token issuer doesn't match                   |
+| `INVALID_AUDIENCE`        | Token audience doesn't match                 |
+| `RATE_LIMITED`            | Too many requests                            |
+| `NETWORK_ERROR`           | Failed to reach auth service                 |
+| `BAD_REQUEST`             | Invalid request parameters                   |
+| `UNAUTHORIZED`            | Authentication required                      |
+| `FORBIDDEN`               | Access denied                                |
+| `NOT_FOUND`               | Resource not found                           |
+| `SERVER_ERROR`            | Auth service error                           |
+### Handling `PASSWORD_RESET_REQUIRED`
+When an administrator flags an account as compromised, login and token refresh will return a `403` error with code `PASSWORD_RESET_REQUIRED`. The user must complete a password reset before they can log in again.
+```typescript
+try {
+  const tokens = await auth.login({ email, password });
+} catch (error) {
+  if (error instanceof OvixaAuthError) {
+    if (error.code === 'PASSWORD_RESET_REQUIRED') {
+      // Redirect user to password reset flow
+      await auth.forgotPassword({ email });
+      // Show message: "Your account requires a password reset. Check your email."
+      return;
+    }
+    // Handle other errors...
+  }
+}
+```
+This also applies to token refresh - if you're using automatic token refresh in middleware, handle this error to redirect users to the password reset flow:
+```typescript
+try {
+  const newTokens = await auth.refreshToken(refreshToken);
+} catch (error) {
+  if (error instanceof OvixaAuthError && error.code === 'PASSWORD_RESET_REQUIRED') {
+    // Clear cookies and redirect to login with a message
+    clearAuthCookies();
+    redirect('/login?reason=password_reset_required');
+  }
+}
+```
 ## Types

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@ovixa/auth-client",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "description": "Client SDK for Ovixa Auth service",
   "type": "module",
   "main": "./dist/index.js",
@@ -57,11 +57,7 @@
     "express"
   ],
   "license": "MIT",
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/ovixa/platform.git",
-    "directory": "packages/auth-client"
-  },
+  "homepage": "https://www.npmjs.com/package/@ovixa/auth-client",
   "publishConfig": {
     "access": "public"
   },