npm - @plyaz/auth - Versions diffs - 1.0.0 - Mend

@plyaz/auth 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (113) hide show

package/.github/pull_request_template.md +71 -0
package/.github/workflows/deploy.yml +9 -0
package/.github/workflows/publish.yml +14 -0
package/.github/workflows/security.yml +20 -0
package/README.md +89 -0
package/commits.txt +5 -0
package/dist/common/index.cjs +48 -0
package/dist/common/index.cjs.map +1 -0
package/dist/common/index.mjs +43 -0
package/dist/common/index.mjs.map +1 -0
package/dist/index.cjs +20411 -0
package/dist/index.cjs.map +1 -0
package/dist/index.mjs +5139 -0
package/dist/index.mjs.map +1 -0
package/eslint.config.mjs +13 -0
package/index.html +13 -0
package/package.json +141 -0
package/src/adapters/auth-adapter-factory.ts +26 -0
package/src/adapters/auth-adapter.mapper.ts +53 -0
package/src/adapters/base-auth.adapter.ts +119 -0
package/src/adapters/clerk/clerk.adapter.ts +204 -0
package/src/adapters/custom/custom.adapter.ts +119 -0
package/src/adapters/index.ts +4 -0
package/src/adapters/next-auth/authOptions.ts +81 -0
package/src/adapters/next-auth/next-auth.adapter.ts +211 -0
package/src/api/client.ts +37 -0
package/src/audit/audit.logger.ts +52 -0
package/src/client/components/ProtectedRoute.tsx +37 -0
package/src/client/hooks/useAuth.ts +128 -0
package/src/client/hooks/useConnectedAccounts.ts +108 -0
package/src/client/hooks/usePermissions.ts +36 -0
package/src/client/hooks/useRBAC.ts +36 -0
package/src/client/hooks/useSession.ts +18 -0
package/src/client/providers/AuthProvider.tsx +104 -0
package/src/client/store/auth.store.ts +306 -0
package/src/client/utils/storage.ts +70 -0
package/src/common/constants/oauth-providers.ts +49 -0
package/src/common/errors/auth.errors.ts +64 -0
package/src/common/errors/specific-auth-errors.ts +201 -0
package/src/common/index.ts +19 -0
package/src/common/regex/index.ts +27 -0
package/src/common/types/auth.types.ts +641 -0
package/src/common/types/index.ts +297 -0
package/src/common/utils/index.ts +84 -0
package/src/core/blacklist/token.blacklist.ts +60 -0
package/src/core/index.ts +2 -0
package/src/core/jwt/jwt.manager.ts +131 -0
package/src/core/session/session.manager.ts +56 -0
package/src/db/repositories/connected-account.repository.ts +415 -0
package/src/db/repositories/role.repository.ts +519 -0
package/src/db/repositories/session.repository.ts +308 -0
package/src/db/repositories/user.repository.ts +320 -0
package/src/flows/index.ts +2 -0
package/src/flows/sign-in.flow.ts +106 -0
package/src/flows/sign-up.flow.ts +121 -0
package/src/index.ts +54 -0
package/src/libs/clerk.helper.ts +36 -0
package/src/libs/supabase.helper.ts +255 -0
package/src/libs/supabaseClient.ts +6 -0
package/src/providers/base/auth-provider.interface.ts +42 -0
package/src/providers/base/index.ts +1 -0
package/src/providers/index.ts +2 -0
package/src/providers/oauth/facebook.provider.ts +97 -0
package/src/providers/oauth/github.provider.ts +148 -0
package/src/providers/oauth/google.provider.ts +126 -0
package/src/providers/oauth/index.ts +3 -0
package/src/rbac/dynamic-roles.ts +552 -0
package/src/rbac/index.ts +4 -0
package/src/rbac/permission-checker.ts +464 -0
package/src/rbac/role-hierarchy.ts +545 -0
package/src/rbac/role.manager.ts +75 -0
package/src/security/csrf/csrf.protection.ts +37 -0
package/src/security/index.ts +3 -0
package/src/security/rate-limiting/auth/auth.controller.ts +12 -0
package/src/security/rate-limiting/auth/rate-limiting.interface.ts +67 -0
package/src/security/rate-limiting/auth.module.ts +32 -0
package/src/server/auth.module.ts +158 -0
package/src/server/decorators/auth.decorator.ts +43 -0
package/src/server/decorators/auth.decorators.ts +31 -0
package/src/server/decorators/current-user.decorator.ts +49 -0
package/src/server/decorators/permission.decorator.ts +49 -0
package/src/server/guards/auth.guard.ts +56 -0
package/src/server/guards/custom-throttler.guard.ts +46 -0
package/src/server/guards/permissions.guard.ts +115 -0
package/src/server/guards/roles.guard.ts +31 -0
package/src/server/middleware/auth.middleware.ts +46 -0
package/src/server/middleware/index.ts +2 -0
package/src/server/middleware/middleware.ts +11 -0
package/src/server/middleware/session.middleware.ts +255 -0
package/src/server/services/account.service.ts +269 -0
package/src/server/services/auth.service.ts +79 -0
package/src/server/services/brute-force.service.ts +98 -0
package/src/server/services/index.ts +15 -0
package/src/server/services/rate-limiter.service.ts +60 -0
package/src/server/services/session.service.ts +287 -0
package/src/server/services/token.service.ts +262 -0
package/src/session/cookie-store.ts +255 -0
package/src/session/enhanced-session-manager.ts +406 -0
package/src/session/index.ts +14 -0
package/src/session/memory-store.ts +320 -0
package/src/session/redis-store.ts +443 -0
package/src/strategies/oauth.strategy.ts +128 -0
package/src/strategies/traditional-auth.strategy.ts +116 -0
package/src/tokens/index.ts +4 -0
package/src/tokens/refresh-token-manager.ts +448 -0
package/src/tokens/token-validator.ts +311 -0
package/tsconfig.build.json +28 -0
package/tsconfig.json +38 -0
package/tsup.config.mjs +28 -0
package/vitest.config.mjs +16 -0
package/vitest.setup.d.ts +2 -0
package/vitest.setup.d.ts.map +1 -0
package/vitest.setup.ts +1 -0

package/src/session/memory-store.ts ADDED Viewed

@@ -0,0 +1,320 @@
+/**
+ * @fileoverview Memory-based session store for @plyaz/auth
+ * @module @plyaz/auth/session/memory-store
+ *
+ * @description
+ * Implements session storage using in-memory storage. Provides fast session
+ * access but sessions are lost on server restart. Suitable for development,
+ * testing, or single-instance applications where session persistence across
+ * restarts is not required.
+ *
+ * @example
+ * ```typescript
+ * import { MemoryStore } from '@plyaz/auth';
+ *
+ * const store = new MemoryStore({
+ *   maxSessionsPerUser: 10,
+ *   cleanupInterval: 300
+ * });
+ *
+ * await store.set('session_123', sessionData, 3600);
+ * ```
+ */
+import { NUMERIX } from "@plyaz/config";
+import type { SessionData, SessionStore, SessionStoreConfig } from "@plyaz/types";
+/**
+ * Memory store configuration
+ */
+export interface MemoryStoreConfig extends Partial<SessionStoreConfig> {
+  /** Enable automatic cleanup */
+  autoCleanup?: boolean;
+}
+/**
+ * Memory-based session store implementation
+ * Stores session data in server memory (Map)
+ */
+export class MemoryStore implements SessionStore {
+  private readonly config: Required<MemoryStoreConfig>;
+  private readonly sessions = new Map<string, SessionData>();
+  private readonly userSessions = new Map<string, Set<string>>();
+  private cleanupTimer?:string;
+  constructor(config: MemoryStoreConfig = {}) {
+    this.config = {
+      defaultTTL: 3600,
+      maxSessionsPerUser: 5,
+      cleanupInterval: 300,
+      keyPrefix: 'session:',
+      autoCleanup: true,
+      ...config
+    };
+    // Start automatic cleanup if enabled
+    if (this.config.autoCleanup) {
+      this.startCleanupTimer();
+    }
+  }
+  /**
+   * Store session data in memory
+   * @param sessionId - Session identifier
+   * @param data - Session data to store
+   * @param ttlSeconds - Time to live in seconds
+   */
+  async set(sessionId: string, data: SessionData, ttlSeconds: number): Promise<void> {
+    const sessionData: SessionData = {
+      ...data,
+      expiresAt: new Date(Date.now() + ttlSeconds * NUMERIX.THOUSAND)
+    };
+    // Enforce session limits per user
+    await this.enforceSessionLimits(data.userId);
+    // Store session
+    this.sessions.set(sessionId, sessionData);
+    // Track user sessions
+    if (!this.userSessions.has(data.userId)) {
+      this.userSessions.set(data.userId, new Set());
+    }
+    this.userSessions.get(data.userId)!.add(sessionId);
+  }
+  /**
+   * Retrieve session data from memory
+   * @param sessionId - Session identifier
+   * @returns Session data or null if not found/expired
+   */
+  async get(sessionId: string): Promise<SessionData | null> {
+    const data = this.sessions.get(sessionId);
+    if (!data) {
+      return null;
+    }
+    // Check expiration
+    if (data.expiresAt < new Date()) {
+      await this.delete(sessionId);
+      return null;
+    }
+    return data;
+  }
+  /**
+   * Delete session from memory
+   * @param sessionId - Session identifier
+   */
+  async delete(sessionId: string): Promise<void> {
+    const data = this.sessions.get(sessionId);
+    if (data) {
+      // Remove from sessions
+      this.sessions.delete(sessionId);
+      // Remove from user sessions tracking
+      const userSessionSet = this.userSessions.get(data.userId);
+      if (userSessionSet) {
+        userSessionSet.delete(sessionId);
+        if (userSessionSet.size === 0) {
+          this.userSessions.delete(data.userId);
+        }
+      }
+    }
+  }
+  /**
+   * Delete all sessions for a user
+   * @param userId - User identifier
+   * @returns Number of deleted sessions
+   */
+  async deleteByUserId(userId: string): Promise<number> {
+    const userSessionSet = this.userSessions.get(userId);
+    if (!userSessionSet) {
+      return 0;
+    }
+    const sessionIds = Array.from(userSessionSet);
+    let deletedCount = 0;
+    for (const sessionId of sessionIds) {
+      if (this.sessions.has(sessionId)) {
+        this.sessions.delete(sessionId);
+        deletedCount++;
+      }
+    }
+    // Clear user session tracking
+    this.userSessions.delete(userId);
+    return deletedCount;
+  }
+  /**
+   * Update session activity timestamp
+   * @param sessionId - Session identifier
+   */
+  async updateActivity(sessionId: string): Promise<void> {
+    const data = this.sessions.get(sessionId);
+    if (data) {
+      data.lastActivityAt = new Date();
+      this.sessions.set(sessionId, data);
+    }
+  }
+  /**
+   * Check if session exists and is valid
+   * @param sessionId - Session identifier
+   * @returns True if session exists and is valid
+   */
+  async exists(sessionId: string): Promise<boolean> {
+    const data = await this.get(sessionId);
+    return data !== null;
+  }
+  /**
+   * Get all active sessions for a user
+   * @param userId - User identifier
+   * @returns Array of session data
+   */
+  async getByUserId(userId: string): Promise<SessionData[]> {
+    const userSessionSet = this.userSessions.get(userId);
+    if (!userSessionSet) {
+      return [];
+    }
+    const userSessions: SessionData[] = [];
+    const now = new Date();
+    for (const sessionId of userSessionSet) {
+      const data = this.sessions.get(sessionId);
+      if (data && data.expiresAt > now) {
+        userSessions.push(data);
+      }
+    }
+    return userSessions;
+  }
+  /**
+   * Clean up expired sessions
+   * @returns Number of cleaned sessions
+   */
+  async cleanup(): Promise<number> {
+    let cleanedCount = 0;
+    const now = new Date();
+    const expiredSessions: string[] = [];
+    // Find expired sessions
+    for (const [sessionId, data] of this.sessions.entries()) {
+      if (data.expiresAt < now) {
+        expiredSessions.push(sessionId);
+      }
+    }
+    // Delete expired sessions
+    for (const sessionId of expiredSessions) {
+      await this.delete(sessionId);
+      cleanedCount++;
+    }
+    return cleanedCount;
+  }
+  /**
+   * Get session count for a user
+   * @param userId - User identifier
+   * @returns Session count
+   */
+  async getSessionCount(userId: string): Promise<number> {
+    const sessions = await this.getByUserId(userId);
+    return sessions.length;
+  }
+  /**
+   * Get total number of active sessions
+   * @returns Total session count
+   */
+  getTotalSessionCount(): number {
+    return this.sessions.size;
+  }
+  /**
+   * Get memory usage statistics
+   * @returns Memory usage information
+   */
+  getStats(): {
+    totalSessions: number;
+    totalUsers: number;
+    memoryUsage: number;
+  } {
+    return {
+      totalSessions: this.sessions.size,
+      totalUsers: this.userSessions.size,
+      memoryUsage: this.estimateMemoryUsage()
+    };
+  }
+  /**
+   * Destroy the store and cleanup resources
+   */
+  destroy(): void {
+    if (this.cleanupTimer) {
+      this.cleanupTimer = undefined;
+    }
+    this.sessions.clear();
+    this.userSessions.clear();
+  }
+  /**
+   * Enforce session limits per user
+   * @param userId - User identifier
+   * @private
+   */
+  private async enforceSessionLimits(userId: string): Promise<void> {
+    const userSessions = await this.getByUserId(userId);
+    if (userSessions.length >= this.config.maxSessionsPerUser) {
+      // Sort by last activity (oldest first)
+      userSessions.sort((a, b) => a.lastActivityAt.getTime() - b.lastActivityAt.getTime());
+      // Remove oldest sessions to make room
+      const sessionsToRemove = userSessions.length - this.config.maxSessionsPerUser + 1;
+      for (let i = 0; i < sessionsToRemove; i++) {
+        await this.delete(userSessions[i].id);
+      }
+    }
+  }
+  /**
+   * Start automatic cleanup timer
+   * @private
+   */
+  private startCleanupTimer(): void {
+  }
+  /**
+   * Estimate memory usage (rough calculation)
+   * @returns Estimated memory usage in bytes
+   * @private
+   */
+  private estimateMemoryUsage(): number {
+    let totalSize = 0;
+    for (const [sessionId, data] of this.sessions.entries()) {
+      totalSize += sessionId.length * NUMERIX.TWO; // UTF-16 encoding
+      totalSize += JSON.stringify(data).length * NUMERIX.TWO;
+    }
+    return totalSize;
+  }
+}