@prsm/auth 1.0.0 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +8 -6
- package/package.json +2 -2
- package/src/user-roles.js +3 -2
- package/types/user-roles.d.ts +4 -3
package/README.md
CHANGED
|
@@ -1,14 +1,16 @@
|
|
|
1
|
-
<
|
|
1
|
+
<p align="center">
|
|
2
|
+
<img src="logo.svg" width="80" height="80" alt="auth logo">
|
|
3
|
+
</p>
|
|
2
4
|
|
|
3
|
-
|
|
5
|
+
<h1 align="center">@prsm/auth</h1>
|
|
4
6
|
|
|
5
|
-
|
|
6
|
-
|
|
7
|
+
<p align="center">
|
|
8
|
+
<a href="https://github.com/prsmjs/auth/actions/workflows/test.yml"><img src="https://github.com/prsmjs/auth/actions/workflows/test.yml/badge.svg" alt="test"></a>
|
|
9
|
+
<a href="https://www.npmjs.com/package/@prsm/auth"><img src="https://img.shields.io/npm/v/@prsm/auth" alt="npm"></a>
|
|
10
|
+
</p>
|
|
7
11
|
|
|
8
12
|
PostgreSQL-backed authentication for Express. It owns its own auth tables and links to your user records through `user_id`, so it stays out of the way of however you model application users. One middleware attaches everything to `req.auth`: registration, login, sessions, remember-me, email confirmation, password reset, OAuth, role bitmasks, two-factor authentication, and audited impersonation.
|
|
9
13
|
|
|
10
|
-
It runs on a single shared PostgreSQL database behind any number of stateless app instances. Session storage is delegated to `express-session`, so you pick the store. Optional PostgreSQL `LISTEN/NOTIFY` propagates bans, role changes, and force-logouts across the fleet the instant they happen, with no Redis required.
|
|
11
|
-
|
|
12
14
|
## Install
|
|
13
15
|
|
|
14
16
|
```bash
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@prsm/auth",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.2",
|
|
4
4
|
"description": "PostgreSQL-backed authentication for Express: sessions, remember-me, password reset, email confirmation, OAuth, roles, two-factor, and audited impersonation",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"exports": {
|
|
@@ -46,7 +46,7 @@
|
|
|
46
46
|
},
|
|
47
47
|
"peerDependencies": {
|
|
48
48
|
"cookie-parser": "^1.4.0",
|
|
49
|
-
"express": "^5.0.0",
|
|
49
|
+
"express": "^4.17.0 || ^5.0.0",
|
|
50
50
|
"express-session": "^1.18.0",
|
|
51
51
|
"pg": "^8.0.0"
|
|
52
52
|
},
|
package/src/user-roles.js
CHANGED
|
@@ -13,8 +13,9 @@ const MAX_ROLES = 31
|
|
|
13
13
|
* Define a set of named roles as a frozen bitmask map. Each role gets the next
|
|
14
14
|
* power-of-two bit. Capped at 31 because postgres INTEGER is 32-bit signed.
|
|
15
15
|
*
|
|
16
|
-
* @
|
|
17
|
-
* @
|
|
16
|
+
* @template {string} K
|
|
17
|
+
* @param {...K} names
|
|
18
|
+
* @returns {Readonly<Record<K, number>>}
|
|
18
19
|
*/
|
|
19
20
|
export function defineRoles(...names) {
|
|
20
21
|
if (names.length > MAX_ROLES) {
|
package/types/user-roles.d.ts
CHANGED
|
@@ -2,10 +2,11 @@
|
|
|
2
2
|
* Define a set of named roles as a frozen bitmask map. Each role gets the next
|
|
3
3
|
* power-of-two bit. Capped at 31 because postgres INTEGER is 32-bit signed.
|
|
4
4
|
*
|
|
5
|
-
* @
|
|
6
|
-
* @
|
|
5
|
+
* @template {string} K
|
|
6
|
+
* @param {...K} names
|
|
7
|
+
* @returns {Readonly<Record<K, number>>}
|
|
7
8
|
*/
|
|
8
|
-
export function defineRoles(...names:
|
|
9
|
+
export function defineRoles<K extends string>(...names: K[]): Readonly<Record<K, number>>;
|
|
9
10
|
/**
|
|
10
11
|
* Add a role to a user's account using bitwise OR.
|
|
11
12
|
*
|