@plyaz/auth 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (46) hide show
  1. package/commits.txt +2 -5
  2. package/dist/index.cjs +389 -15649
  3. package/dist/index.cjs.map +1 -1
  4. package/dist/index.mjs +96 -139
  5. package/dist/index.mjs.map +1 -1
  6. package/package.json +3 -2
  7. package/release_message.txt +25 -0
  8. package/src/adapters/clerk/clerk.adapter.ts +1 -1
  9. package/src/adapters/next-auth/next-auth.adapter.ts +2 -2
  10. package/src/client/hooks/index.ts +5 -0
  11. package/src/client/hooks/useAuth.ts +4 -125
  12. package/src/client/hooks/useConnectedAccounts.ts +1 -13
  13. package/src/client/hooks/usePermissions.ts +6 -10
  14. package/src/client/hooks/useRBAC.ts +2 -8
  15. package/src/client/hooks/useSession.ts +4 -7
  16. package/src/client/index.ts +3 -0
  17. package/src/client/providers/AuthProvider.tsx +4 -89
  18. package/src/client/store/auth.store.ts +5 -72
  19. package/src/client/utils/createAuthContextValues.ts +66 -0
  20. package/src/client/utils/handleAuthAction.ts +29 -0
  21. package/src/core/blacklist/token.blacklist.ts +1 -5
  22. package/src/db/repositories/connected-account.repository.ts +11 -11
  23. package/src/db/repositories/user.repository.ts +20 -18
  24. package/src/flows/sign-in.flow.ts +1 -38
  25. package/src/flows/sign-up.flow.ts +11 -56
  26. package/src/index.ts +1 -8
  27. package/src/libs/supabase.helper.ts +8 -7
  28. package/src/providers/base/auth-provider.interface.ts +2 -21
  29. package/src/rbac/dynamic-roles.ts +22 -68
  30. package/src/rbac/permission-checker.ts +3 -32
  31. package/src/rbac/role-hierarchy.ts +0 -30
  32. package/src/server/decorators/current-user.decorator.ts +3 -2
  33. package/src/server/middleware/session.middleware.ts +1 -14
  34. package/src/server/services/auth.service.ts +16 -16
  35. package/src/server/services/session.service.ts +3 -4
  36. package/src/server/services/token.service.ts +3 -3
  37. package/src/session/cookie-store.ts +18 -18
  38. package/src/session/enhanced-session-manager.ts +2 -49
  39. package/src/session/redis-store.ts +2 -50
  40. package/src/strategies/oauth.strategy.ts +1 -8
  41. package/src/tokens/refresh-token-manager.ts +1 -100
  42. package/src/tokens/token-validator.ts +2 -46
  43. package/src/common/errors/auth.errors.ts +0 -64
  44. package/src/common/errors/specific-auth-errors.ts +0 -197
  45. package/src/common/types/auth.types.ts +0 -650
  46. package/src/common/types/index.ts +0 -303
package/src/common/errors/auth.errors.ts DELETED
@@ -1,64 +0,0 @@
1
- // /**
2
- // * @fileoverview Authentication error classes for @plyaz/auth
3
- // * @module @plyaz/auth/errors
4
- // *
5
- // * @description
6
- // * Defines custom error classes for authentication and authorization failures.
7
- // * These errors provide structured error information for proper error handling
8
- // * throughout the authentication system. Includes both specific error classes
9
- // * and legacy compatibility classes.
10
- // *
11
- // * @example
12
- // * ```typescript
13
- // * import { InvalidCredentialsError, TokenExpiredError } from '@plyaz/auth';
14
- // *
15
- // * throw new InvalidCredentialsError('Invalid email or password');
16
- // * throw new TokenExpiredError('Access token has expired');
17
- // * ```
18
- // */
19
-
20
- // // Re-export all specific error classes
21
-
22
- // // Legacy error classes for backward compatibility
23
- // export class AuthError extends Error {
24
- // constructor(message: string, public code: string) {
25
- // super(message);
26
- // this.name = 'AuthError';
27
- // }
28
- // }
29
-
30
- // export class AuthenticationError extends AuthError {
31
- // constructor(message = 'Authentication failed') {
32
- // super(message, 'AUTH_FAILED');
33
- // }
34
- // }
35
-
36
- // export class AuthorizationError extends AuthError {
37
- // constructor(message = 'Access denied') {
38
- // super(message, 'ACCESS_DENIED');
39
- // }
40
- // }
41
-
42
- // export class TokenExpiredError extends AuthError {
43
- // constructor(message = 'Token has expired') {
44
- // super(message, 'TOKEN_EXPIRED');
45
- // }
46
- // }
47
-
48
- // export class InvalidTokenError extends AuthError {
49
- // constructor(message = 'Invalid token') {
50
- // super(message, 'INVALID_TOKEN');
51
- // }
52
- // }
53
-
54
- // export class SessionNotFoundError extends AuthError {
55
- // constructor(message = 'Session not found') {
56
- // super(message, 'SESSION_NOT_FOUND');
57
- // }
58
- // }
59
-
60
- // export class UserNotFoundError extends AuthError {
61
- // constructor(message = 'User not found') {
62
- // super(message, 'USER_NOT_FOUND');
63
- // }
64
- // }
package/src/common/errors/specific-auth-errors.ts DELETED
@@ -1,197 +0,0 @@
1
- // /**
2
- // * @fileoverview Specific authentication error classes for @plyaz/auth
3
- // * @module @plyaz/auth/errors/specific-auth-errors
4
- // *
5
- // * @description
6
- // * Defines specific error classes for different authentication failure scenarios.
7
- // * Each error class provides structured error information including error codes,
8
- // * HTTP status codes, and localized messages. Used throughout the auth system
9
- // * for consistent error handling and user feedback.
10
- // *
11
- // * @example
12
- // * ```typescript
13
- // * import { InvalidCredentialsError, TokenExpiredError } from '@plyaz/auth';
14
- // *
15
- // * // Throw specific error
16
- // * throw new InvalidCredentialsError('Invalid email or password');
17
- // *
18
- // * // Handle specific error
19
- // * if (error instanceof TokenExpiredError) {
20
- // * // Refresh token logic
21
- // * }
22
- // * ```
23
- // */
24
-
25
- // import { AUTH_ERROR_CODES, ERROR_CODE_TO_HTTP_STATUS } from "@plyaz/types";
26
-
27
- // /**
28
- // * Base authentication error class
29
- // * Provides common error structure for all auth-related errors
30
- // */
31
- // export abstract class BaseAuthError extends Error {
32
- // /** Error code for programmatic handling */
33
- // public readonly code: string;
34
- // /** HTTP status code for API responses */
35
- // public readonly statusCode: number;
36
- // /** Additional error context */
37
- // public readonly context?: Record<string, styr>;
38
-
39
- // constructor(
40
- // message: string,
41
- // code: string,
42
- // statusCode: number,
43
- // context?: Record<string, any>
44
- // ) {
45
- // super(message);
46
- // this.name = this.constructor.name;
47
- // this.code = code;
48
- // this.statusCode = statusCode;
49
- // this.context = context;
50
-
51
- // // Maintain proper stack trace
52
- // if (Error.captureStackTrace) {
53
- // Error.captureStackTrace(this, this.constructor);
54
- // }
55
- // }
56
- // }
57
-
58
- // /**
59
- // * Invalid credentials error
60
- // * Thrown when email/password combination is incorrect
61
- // */
62
- // export class InvalidCredentialsError extends BaseAuthError {
63
- // constructor(message = 'Invalid email or password', context?: Record<string, any>) {
64
- // super(
65
- // message,
66
- // AUTH_ERROR_CODES.INVALID_CREDENTIALS,
67
- // ERROR_CODE_TO_HTTP_STATUS[AUTH_ERROR_CODES.INVALID_CREDENTIALS],
68
- // context
69
- // );
70
- // }
71
- // }
72
-
73
- // /**
74
- // * Token expired error
75
- // * Thrown when access or refresh token has expired
76
- // */
77
- // export class TokenExpiredError extends BaseAuthError {
78
- // constructor(message = 'Authentication token has expired', context?: Record<string, any>) {
79
- // super(
80
- // message,
81
- // AUTH_ERROR_CODES.TOKEN_EXPIRED,
82
- // ERROR_CODE_TO_HTTP_STATUS[AUTH_ERROR_CODES.TOKEN_EXPIRED],
83
- // context
84
- // );
85
- // }
86
- // }
87
-
88
- // /**
89
- // * Token invalid error
90
- // * Thrown when token signature is invalid or malformed
91
- // */
92
- // export class TokenInvalidError extends BaseAuthError {
93
- // constructor(message = 'Authentication token is invalid', context?: Record<string, any>) {
94
- // super(
95
- // message,
96
- // AUTH_ERROR_CODES.TOKEN_INVALID,
97
- // ERROR_CODE_TO_HTTP_STATUS[AUTH_ERROR_CODES.TOKEN_INVALID],
98
- // context
99
- // );
100
- // }
101
- // }
102
-
103
- // /**
104
- // * Token revoked error
105
- // * Thrown when token has been blacklisted/revoked
106
- // */
107
- // export class TokenRevokedError extends BaseAuthError {
108
- // constructor(message = 'Authentication token has been revoked', context?: Record<string, any>) {
109
- // super(
110
- // message,
111
- // AUTH_ERROR_CODES.TOKEN_REVOKED,
112
- // ERROR_CODE_TO_HTTP_STATUS[AUTH_ERROR_CODES.TOKEN_REVOKED],
113
- // context
114
- // );
115
- // }
116
- // }
117
-
118
- // /**
119
- // * Session expired error
120
- // * Thrown when user session is no longer valid
121
- // */
122
- // export class SessionExpiredError extends BaseAuthError {
123
- // constructor(message = 'User session has expired', context?: Record<string, any>) {
124
- // super(
125
- // message,
126
- // AUTH_ERROR_CODES.SESSION_EXPIRED,
127
- // ERROR_CODE_TO_HTTP_STATUS[AUTH_ERROR_CODES.SESSION_EXPIRED],
128
- // context
129
- // );
130
- // }
131
- // }
132
-
133
- // /**
134
- // * Insufficient permissions error
135
- // * Thrown when user lacks required permissions for action
136
- // */
137
- // export class InsufficientPermissionsError extends BaseAuthError {
138
- // constructor(
139
- // resource?: string,
140
- // action?: string,
141
- // message = 'Insufficient permissions for this action'
142
- // ) {
143
- // const context = resource && action ? { resource, action } : undefined;
144
- // super(
145
- // message,
146
- // AUTH_ERROR_CODES.INSUFFICIENT_PERMISSIONS,
147
- // ERROR_CODE_TO_HTTP_STATUS[AUTH_ERROR_CODES.INSUFFICIENT_PERMISSIONS],
148
- // context
149
- // );
150
- // }
151
- // }
152
-
153
- // /**
154
- // * Role required error
155
- // * Thrown when user lacks required role for action
156
- // */
157
- // export class RoleRequiredError extends BaseAuthError {
158
- // constructor(requiredRole?: string, message = 'Required role not found') {
159
- // const context = requiredRole ? { requiredRole } : undefined;
160
- // super(
161
- // message,
162
- // AUTH_ERROR_CODES.ROLE_REQUIRED,
163
- // ERROR_CODE_TO_HTTP_STATUS[AUTH_ERROR_CODES.ROLE_REQUIRED],
164
- // context
165
- // );
166
- // }
167
- // }
168
-
169
- // /**
170
- // * Account locked error
171
- // * Thrown when account is locked due to failed attempts
172
- // */
173
- // export class AccountLockedError extends BaseAuthError {
174
- // constructor(message = 'Account is locked due to failed attempts', context?: Record<string, any>) {
175
- // super(
176
- // message,
177
- // AUTH_ERROR_CODES.ACCOUNT_LOCKED,
178
- // ERROR_CODE_TO_HTTP_STATUS[AUTH_ERROR_CODES.ACCOUNT_LOCKED],
179
- // context
180
- // );
181
- // }
182
- // }
183
-
184
- // /**
185
- // * Account suspended error
186
- // * Thrown when account has been suspended by admin
187
- // */
188
- // export class AccountSuspendedError extends BaseAuthError {
189
- // constructor(message = 'Account has been suspended', context?: Record<string, any>) {
190
- // super(
191
- // message,
192
- // AUTH_ERROR_CODES.ACCOUNT_SUSPENDED,
193
- // ERROR_CODE_TO_HTTP_STATUS[AUTH_ERROR_CODES.ACCOUNT_SUSPENDED],
194
- // context
195
- // );
196
- // }
197
- // }