@plyaz/types 1.27.6 → 1.27.8

package/dist/auth/types.d.ts

@@ -737,3 +737,165 @@ export interface AuthErrorOptions {
  * Type for a single error definition object.
  */
 export type AuthErrorDefinition = (typeof AUTH_ERROR_DEFINITIONS)[AuthErrorCodeValue];
+/**
+ * @fileoverview Authentication error codes for @plyaz/auth
+ * @module @plyaz/auth/constants/auth-error-codes
+ *
+ * @description
+ * Standardized error codes for authentication system failures.
+ * These codes provide consistent error identification across the entire
+ * auth system, enabling proper error handling, logging, and user feedback.
+ * Used by error classes, services, and frontend components.
+ *
+ * @example
+ * ```typescript
+ * import { AUTH_ERROR_CODES } from '@plyaz/auth';
+ *
+ * throw new InvalidCredentialsError(AUTH_ERROR_CODES.INVALID_CREDENTIALS);
+ *
+ * if (error.code === AUTH_ERROR_CODES.TOKEN_EXPIRED) {
+ *   // Handle token expiration
+ * }
+ * ```
+ */
+/**
+ * Authentication error codes
+ * Standardized error identifiers for consistent error handling
+ */
+/**
+ * Type for authentication error codes
+ */
+export type AuthErrorCode = (typeof AUTH_ERROR_CODES)[keyof typeof AUTH_ERROR_CODES];
+/**
+ * Error code to HTTP status mapping
+ * Maps error codes to appropriate HTTP status codes
+ */
+export declare const ERROR_CODE_TO_HTTP_STATUS: Record<AuthErrorCode, number>;
+/**
+ * Error code descriptions for logging and debugging
+ */
+export declare const ERROR_CODE_DESCRIPTIONS: Record<AuthErrorCode, string>;
+/**
+ * @fileoverview Interfaces and types for @plyaz/auth
+ * @module @plyaz/auth/interfaces
+ */
+export interface AuthUser {
+    id: string;
+    email: string;
+    clerkUserId?: string;
+    authProvider: string;
+    firstName?: string;
+    lastName?: string;
+    displayName: string;
+    avatarUrl?: string;
+    phoneNumber?: string;
+    isActive: boolean;
+    isVerified: boolean;
+    createdAt: Date;
+    updatedAt: Date;
+    lastLoginAt?: Date;
+    roles?: string[];
+    passwordHash?: string;
+    isSuspended?: boolean;
+}
+export interface UserRepository {
+    findById(id: string): Promise<AuthUser | null>;
+    findByEmail(email: string): Promise<AuthUser | null>;
+    create(data: CreateUserData): Promise<AuthUser>;
+    update(id: string, data: UpdateUserData): Promise<AuthUser>;
+    delete(id: string): Promise<void>;
+}
+export interface SessionRepository {
+    create(data: CreateSessionData): Promise<Session>;
+    findById(id: string): Promise<Session | null>;
+    findByUserId(userId: string): Promise<Session[]>;
+    invalidate(sessionId: string): Promise<void>;
+    delete(sessionId: string): Promise<void>;
+    deleteByUserId(userId: string): Promise<void>;
+    updateLastActive(sessionId: string): Promise<void>;
+}
+export interface ConnectedAccountRepository {
+    create(data: CreateConnectedAccountData): Promise<ConnectedAccount>;
+    findById(id: string): Promise<ConnectedAccount | null>;
+    findByUserId(userId: string): Promise<ConnectedAccount[]>;
+    findByProvider(provider: string, providerAccountId: string): Promise<ConnectedAccount | null>;
+    update(id: string, data: UpdateConnectedAccountData): Promise<ConnectedAccount>;
+    delete(id: string): Promise<void>;
+}
+export interface JWTConfig {
+    privateKey: string;
+    publicKey: string;
+    issuer: string;
+    audience: string;
+    accessTokenTTL: string;
+    refreshTokenTTL: string;
+    algorithm?: string;
+}
+export interface SessionConfig {
+    maxConcurrentSessions: number;
+    sessionTTL: number;
+    cleanupInterval: number;
+}
+/**
+ * @fileoverview OAuth provider constants for @plyaz/auth
+ * @module @plyaz/auth/constants/oauth-providers
+ *
+ * @description
+ * Defines supported OAuth providers and their configurations.
+ * Used by adapters, strategies, and frontend components to handle
+ * OAuth authentication flows. Provides standardized provider names
+ * and metadata for consistent provider handling.
+ *
+ * @example
+ * ```typescript
+ * import { OAUTH_PROVIDERS, OAuthProviderConfig } from '@plyaz/auth';
+ *
+ * const googleConfig = OAUTH_PROVIDER_CONFIGS[OAUTH_PROVIDERS.GOOGLE];
+ * const authUrl = `${googleConfig.authUrl}?client_id=${clientId}`;
+ * ```
+ */
+/**
+ * Supported OAuth providers
+ * Standardized provider identifiers used throughout the system
+ */
+export declare const OAUTH_PROVIDERS: {
+    /** Google OAuth 2.0 */
+    readonly GOOGLE: "GOOGLE";
+    /** Facebook OAuth 2.0 */
+    readonly FACEBOOK: "FACEBOOK";
+    /** Apple Sign In */
+    readonly APPLE: "APPLE";
+    /** GitHub OAuth 2.0 */
+    readonly GITHUB: "GITHUB";
+    /** Twitter OAuth 2.0 */
+    readonly TWITTER: "TWITTER";
+    /** LinkedIn OAuth 2.0 */
+    readonly LINKEDIN: "LINKEDIN";
+    /** Discord OAuth 2.0 */
+    readonly DISCORD: "DISCORD";
+    /** Microsoft OAuth 2.0 */
+    readonly MICROSOFT: "MICROSOFT";
+};
+/**
+ * Type for OAuth provider names
+ */
+export type OAuthProvider = typeof OAUTH_PROVIDERS[keyof typeof OAUTH_PROVIDERS];
+/**
+ * OAuth provider configuration interface
+ */
+export interface OAuthProviderConfig {
+    /** Provider display name */
+    name: string;
+    /** OAuth authorization URL */
+    authUrl: string;
+    /** OAuth token exchange URL */
+    tokenUrl: string;
+    /** OAuth user info URL */
+    userInfoUrl: string;
+    /** Required OAuth scopes */
+    scopes: string[];
+    /** Provider brand color (for UI) */
+    brandColor: string;
+    /** Provider icon name (for UI) */
+    iconName: string;
+}

package/dist/index.cjs

@@ -5988,6 +5988,46 @@ var AUTH_ERROR_DEFINITIONS = {
     retryable: false
   }
 };
+var USERROLESTATUS = /* @__PURE__ */ ((USERROLESTATUS2) => {
+  USERROLESTATUS2["ACTIVE"] = "ACTIVE";
+  USERROLESTATUS2["INACTIVE"] = "INACTIVE";
+  USERROLESTATUS2["SUSPENDED"] = "SUSPENDED";
+  return USERROLESTATUS2;
+})(USERROLESTATUS || {});
+var AUTHPROVIDER = /* @__PURE__ */ ((AUTHPROVIDER2) => {
+  AUTHPROVIDER2["EMAIL"] = "EMAIL";
+  AUTHPROVIDER2["CLERK"] = "CLERK";
+  AUTHPROVIDER2["GOOGLE"] = "GOOGLE";
+  AUTHPROVIDER2["FACEBOOK"] = "FACEBOOK";
+  AUTHPROVIDER2["APPLE"] = "APPLE";
+  AUTHPROVIDER2["WEB3"] = "WEB3";
+  AUTHPROVIDER2["NEXTAUTH"] = "NEXTAUTH";
+  return AUTHPROVIDER2;
+})(AUTHPROVIDER || {});
+var TOKENTYPE = /* @__PURE__ */ ((TOKENTYPE2) => {
+  TOKENTYPE2["BEARER"] = "Bearer";
+  TOKENTYPE2["JWT"] = "JWT";
+  return TOKENTYPE2;
+})(TOKENTYPE || {});
+var PROVIDERTYPE = /* @__PURE__ */ ((PROVIDERTYPE2) => {
+  PROVIDERTYPE2["OAUTH"] = "OAUTH";
+  PROVIDERTYPE2["WEB3"] = "WEB3";
+  PROVIDERTYPE2["EMAIL"] = "EMAIL";
+  return PROVIDERTYPE2;
+})(PROVIDERTYPE || {});
+var SESSIONSTATUS = /* @__PURE__ */ ((SESSIONSTATUS2) => {
+  SESSIONSTATUS2["ACTIVE"] = "ACTIVE";
+  SESSIONSTATUS2["EXPIRED"] = "EXPIRED";
+  SESSIONSTATUS2["REVOKED"] = "REVOKED";
+  return SESSIONSTATUS2;
+})(SESSIONSTATUS || {});
+var MFATYPE = /* @__PURE__ */ ((MFATYPE2) => {
+  MFATYPE2["TOTP"] = "TOTP";
+  MFATYPE2["SMS"] = "SMS";
+  MFATYPE2["EMAIL"] = "EMAIL";
+  MFATYPE2["BackupCodes"] = "BACKUP_CODES";
+  return MFATYPE2;
+})(MFATYPE || {});
 var DEFAULT_PASSWORD = 8;
 var ContactUsFormSchema = zod.z.object({
   name: zod.z.string({ error: "errors.form.missingField" }).min(1, "errors.form.nameMissing"),
@@ -6016,6 +6056,90 @@ var AUTH_ERROR_CODES = {
   ACCOUNT_LOCKED: "AUTH_ACCOUNT_LOCKED",
   ACCOUNT_SUSPENDED: "AUTH_ACCOUNT_SUSPENDED"
 };
+var ERROR_CODE_TO_HTTP_STATUS = {
+  [AUTH_ERROR_CODES.INVALID_CREDENTIALS]: 401,
+  [AUTH_ERROR_CODES.TOKEN_EXPIRED]: 401,
+  [AUTH_ERROR_CODES.TOKEN_INVALID]: 401,
+  [AUTH_ERROR_CODES.TOKEN_REVOKED]: 401,
+  [AUTH_ERROR_CODES.SESSION_EXPIRED]: 401,
+  [AUTH_ERROR_CODES.MFA_REQUIRED]: 401,
+  [AUTH_ERROR_CODES.MFA_INVALID]: 401,
+  [AUTH_ERROR_CODES.INSUFFICIENT_PERMISSIONS]: 403,
+  [AUTH_ERROR_CODES.ROLE_REQUIRED]: 403,
+  [AUTH_ERROR_CODES.WALLET_SIGNATURE_INVALID]: 401,
+  [AUTH_ERROR_CODES.NONCE_EXPIRED]: 401,
+  [AUTH_ERROR_CODES.NONCE_ALREADY_USED]: 401,
+  [AUTH_ERROR_CODES.ACCOUNT_LOCKED]: 423,
+  [AUTH_ERROR_CODES.ACCOUNT_SUSPENDED]: 423
+};
+var ERROR_CODE_DESCRIPTIONS = {
+  [AUTH_ERROR_CODES.INVALID_CREDENTIALS]: "errors.auth.invalid_credentials",
+  [AUTH_ERROR_CODES.TOKEN_EXPIRED]: "errors.auth.token_expired",
+  [AUTH_ERROR_CODES.TOKEN_INVALID]: "errors.auth.token_invalid",
+  [AUTH_ERROR_CODES.TOKEN_REVOKED]: "errors.auth.token_revoked",
+  [AUTH_ERROR_CODES.SESSION_EXPIRED]: "errors.auth.session_expired",
+  [AUTH_ERROR_CODES.MFA_REQUIRED]: "errors.auth.mfa_required",
+  [AUTH_ERROR_CODES.MFA_INVALID]: "errors.auth.mfa_invalid",
+  [AUTH_ERROR_CODES.INSUFFICIENT_PERMISSIONS]: "errors.auth.insufficient_permissions",
+  [AUTH_ERROR_CODES.ROLE_REQUIRED]: "errors.auth.role_required",
+  [AUTH_ERROR_CODES.WALLET_SIGNATURE_INVALID]: "errors.auth.wallet_signature_invalid",
+  [AUTH_ERROR_CODES.NONCE_EXPIRED]: "errors.auth.nonce_expired",
+  [AUTH_ERROR_CODES.NONCE_ALREADY_USED]: "errors.auth.nonce_already_used",
+  [AUTH_ERROR_CODES.ACCOUNT_LOCKED]: "errors.auth.account_locked",
+  [AUTH_ERROR_CODES.ACCOUNT_SUSPENDED]: "errors.auth.account_suspended"
+};
+var OAUTH_PROVIDERS = {
+  /** Google OAuth 2.0 */
+  GOOGLE: "GOOGLE",
+  /** Facebook OAuth 2.0 */
+  FACEBOOK: "FACEBOOK",
+  /** Apple Sign In */
+  APPLE: "APPLE",
+  /** GitHub OAuth 2.0 */
+  GITHUB: "GITHUB",
+  /** Twitter OAuth 2.0 */
+  TWITTER: "TWITTER",
+  /** LinkedIn OAuth 2.0 */
+  LINKEDIN: "LINKEDIN",
+  /** Discord OAuth 2.0 */
+  DISCORD: "DISCORD",
+  /** Microsoft OAuth 2.0 */
+  MICROSOFT: "MICROSOFT"
+};
+
+// src/auth/auth-events.ts
+var AUTH_EVENTS = {
+  /** User successfully authenticated */
+  USER_AUTHENTICATED: "auth.user.authenticated",
+  /** User signed up (new account created) */
+  USER_SIGNED_UP: "auth.user.signed_up",
+  /** User logged out */
+  USER_LOGGED_OUT: "auth.user.logged_out",
+  /** Authentication attempt failed */
+  AUTHENTICATION_FAILED: "auth.authentication.failed",
+  /** Session created */
+  SESSION_CREATED: "auth.session.created",
+  /** Session expired */
+  SESSION_EXPIRED: "auth.session.expired",
+  /** Session refreshed */
+  SESSION_REFRESHED: "auth.session.refreshed",
+  /** Session invalidated (logout) */
+  SESSION_INVALIDATED: "auth.session.invalidated",
+  /** Account linked to user */
+  ACCOUNT_LINKED: "auth.account.linked",
+  /** Account unlinked from user */
+  ACCOUNT_UNLINKED: "auth.account.unlinked",
+  /** Role assigned to user */
+  ROLE_ASSIGNED: "auth.rbac.role_assigned",
+  /** Role revoked from user */
+  ROLE_REVOKED: "auth.rbac.role_revoked",
+  /** Suspicious login attempt detected */
+  SUSPICIOUS_LOGIN_ATTEMPT: "auth.security.suspicious_login",
+  /** Password changed */
+  PASSWORD_CHANGED: "auth.password.changed",
+  /** Password reset requested */
+  PASSWORD_RESET_REQUESTED: "auth.password.reset_requested"
+};
 
 // src/core/modules.ts
 var BACKEND_RUNTIMES = [
@@ -9048,8 +9172,10 @@ exports.API_ERROR_CODES = API_ERROR_CODES;
 exports.APP_CONTEXTS = APP_CONTEXTS;
 exports.ATHLETE_PROFILE_ERRORS = ATHLETE_PROFILE_ERRORS;
 exports.AUDIT_OPERATION = AUDIT_OPERATION;
+exports.AUTHPROVIDER = AUTHPROVIDER;
 exports.AUTH_ERROR_CODES = AUTH_ERROR_CODES;
 exports.AUTH_ERROR_DEFINITIONS = AUTH_ERROR_DEFINITIONS;
+exports.AUTH_EVENTS = AUTH_EVENTS;
 exports.AUTH_PROVIDER = AUTH_PROVIDER;
 exports.AUTH_PROVIDER_TYPE = AUTH_PROVIDER_TYPE;
 exports.ApiEventAction = ApiEventAction;
@@ -9099,6 +9225,8 @@ exports.ENTITY_TYPE = ENTITY_TYPE;
 exports.ERROR_CATEGORY = ERROR_CATEGORY;
 exports.ERROR_CATEGORY_TO_EMITTER_KEY = ERROR_CATEGORY_TO_EMITTER_KEY;
 exports.ERROR_CODES = ERROR_CODES;
+exports.ERROR_CODE_DESCRIPTIONS = ERROR_CODE_DESCRIPTIONS;
+exports.ERROR_CODE_TO_HTTP_STATUS = ERROR_CODE_TO_HTTP_STATUS;
 exports.ERROR_DEFINITIONS = ERROR_DEFINITIONS;
 exports.ERROR_EVENTS = ERROR_EVENTS;
 exports.ERROR_EXCEPTIONS_NAMESPACES = ERROR_EXCEPTIONS_NAMESPACES;
@@ -9166,6 +9294,7 @@ exports.MEDIA_ENTITY = MEDIA_ENTITY;
 exports.MEDIA_EXTENSIONS = MEDIA_EXTENSIONS;
 exports.MEDIA_MIME_PREFIXES = MEDIA_MIME_PREFIXES;
 exports.MEDIA_VARIANT_TYPE = MEDIA_VARIANT_TYPE;
+exports.MFATYPE = MFATYPE;
 exports.MIME_TYPES = MIME_TYPES;
 exports.NETWORK_CONFIDENCE_LEVELS = NETWORK_CONFIDENCE_LEVELS;
 exports.NETWORK_EVENTS = NETWORK_EVENTS;
@@ -9178,6 +9307,7 @@ exports.NOTIFICATION_PROVIDERS = NOTIFICATION_PROVIDERS;
 exports.NetworkPresetNames = NetworkPresetNames;
 exports.NotificationCategorySchema = NotificationCategorySchema;
 exports.NotificationEventAction = NotificationEventAction;
+exports.OAUTH_PROVIDERS = OAUTH_PROVIDERS;
 exports.OBSERVABILITY_METRICS = OBSERVABILITY_METRICS;
 exports.OBSERVABILITY_SPANS = OBSERVABILITY_SPANS;
 exports.ONBOARD_LINK_TYPE = ONBOARD_LINK_TYPE;
@@ -9202,6 +9332,7 @@ exports.PERFORMANCE_EVENTS = PERFORMANCE_EVENTS;
 exports.PERFORMANCE_METRIC_TYPE = PERFORMANCE_METRIC_TYPE;
 exports.PRIORITY_LEVEL = PRIORITY_LEVEL;
 exports.PRODUCT_TYPE = PRODUCT_TYPE;
+exports.PROVIDERTYPE = PROVIDERTYPE;
 exports.PROVIDER_PRODUCT_STATUS = PROVIDER_PRODUCT_STATUS;
 exports.PUB_SUB_EVENT = PUB_SUB_EVENT;
 exports.PhoneSchema = PhoneSchema;
@@ -9223,6 +9354,7 @@ exports.ROUTING_STRATEGY = ROUTING_STRATEGY;
 exports.RTT_THRESHOLDS = RTT_THRESHOLDS;
 exports.SECURITY_THREAT_TYPE = SECURITY_THREAT_TYPE;
 exports.SERVICE_KEYS = SERVICE_KEYS;
+exports.SESSIONSTATUS = SESSIONSTATUS;
 exports.SIGNATURE_METHOD = SIGNATURE_METHOD;
 exports.SORT_DIRECTION = SORT_DIRECTION;
 exports.SPEED_THRESHOLDS = SPEED_THRESHOLDS;
@@ -9263,6 +9395,7 @@ exports.TEMPLATE_DOCUMENT_TYPE_SCHEMA = TEMPLATE_DOCUMENT_TYPE_SCHEMA;
 exports.TEMPLATE_OUTPUT_FORMAT = TEMPLATE_OUTPUT_FORMAT;
 exports.TEMPLATE_VARIABLE_TYPE = TEMPLATE_VARIABLE_TYPE;
 exports.TEMPLATE_VARIABLE_TYPE_SCHEMA = TEMPLATE_VARIABLE_TYPE_SCHEMA;
+exports.TOKENTYPE = TOKENTYPE;
 exports.TOKEN_TYPE = TOKEN_TYPE;
 exports.TRACKING_PHASES = TRACKING_PHASES;
 exports.TRANSACTION_TYPE = TRANSACTION_TYPE;
@@ -9279,6 +9412,7 @@ exports.UNIFIED_OPERATIONS = UNIFIED_OPERATIONS;
 exports.UNIVERSAL_RUNTIMES = UNIVERSAL_RUNTIMES;
 exports.UPDATE_STRATEGIES = UPDATE_STRATEGIES;
 exports.UPLOAD_STATUS = UPLOAD_STATUS;
+exports.USERROLESTATUS = USERROLESTATUS;
 exports.USER_ROLE = USER_ROLE;
 exports.USER_ROLE_STATUS = USER_ROLE_STATUS;
 exports.USER_STATUS = USER_STATUS;