@quvel-kit/core 1.1.0

package/dist/auth/boot/defineAuthGuard.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"defineAuthGuard.d.ts","sourceRoot":"","sources":["../../../src/auth/boot/defineAuthGuard.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,YAAY,CAAC;AAEzC,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAGhE;;GAEG;AACH,MAAM,WAAW,qBAAsB,SAAQ,eAAe;IAC5D;;;OAGG;IACH,eAAe,EAAE,MAAM,OAAO,CAAC;IAE/B;;;OAGG;IACH,wBAAwB,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC/C;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,qBAAqB,IAC7C,+BAA+B;IAC3C,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,CAAC,IAAI,EAAE;QAAE,IAAI,CAAC,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAE,KAAK,IAAI,CAAC;CAC5D,mBAyDF"}

package/dist/auth/boot/defineAuthGuard.js

@@ -0,0 +1,72 @@
+import { AuthGuard } from '../services/AuthGuard.js';
+/**
+ * Create auth guard boot function
+ *
+ * This helper creates a Quasar boot function that sets up authentication
+ * guards for the router using the framework-agnostic AuthGuard service.
+ *
+ * @param config - Auth guard configuration
+ * @returns Boot function for Quasar
+ *
+ * @example
+ * ```ts
+ * import { defineAuthGuard } from '@quvel-kit/core/auth';
+ * import { useSessionStore } from '../stores/sessionStore';
+ *
+ * export default boot(defineAuthGuard({
+ *   requireAuthByDefault: true,
+ *   loginRoute: 'login',
+ *   successRoute: 'dashboard',
+ *   isAuthenticated: () => useSessionStore().isAuthenticated,
+ *   ensureSessionInitialized: async () => {
+ *     const store = useSessionStore();
+ *     if (!store.isInitialized) {
+ *       await store.fetchSession();
+ *     }
+ *   },
+ * }));
+ * ```
+ */
+export function defineAuthGuard(config) {
+    return async ({ router, urlPath, redirect }) => {
+        const authGuard = new AuthGuard({
+            requireAuthByDefault: config.requireAuthByDefault,
+            loginRoute: config.loginRoute,
+            successRoute: config.successRoute,
+        });
+        const resolvedRoute = router.resolve(urlPath);
+        const routeAuthMeta = resolvedRoute?.meta.auth;
+        if (routeAuthMeta?.skipAuth === true) {
+            return;
+        }
+        try {
+            await config.ensureSessionInitialized();
+        }
+        catch {
+            // Ignore fetch errors - the user is just not authenticated
+        }
+        const initialCheck = authGuard.check(routeAuthMeta, config.isAuthenticated());
+        if (initialCheck.action === 'redirect') {
+            const route = initialCheck.route;
+            const redirectTarget = route.startsWith('/') ? { path: route } : { name: route };
+            redirect(redirectTarget);
+            return;
+        }
+        router.beforeEach(async (to, _from, next) => {
+            try {
+                await config.ensureSessionInitialized();
+            }
+            catch {
+                // Ignore fetch errors
+            }
+            const authCheck = authGuard.check(to.meta.auth, config.isAuthenticated());
+            if (authCheck.action === 'redirect') {
+                const route = authCheck.route;
+                const redirectTarget = route.startsWith('/') ? { path: route } : { name: route };
+                next(redirectTarget);
+                return;
+            }
+            next();
+        });
+    };
+}

package/dist/auth/enums/AuthStatusEnum.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Authentication status codes
+ */
+export declare enum AuthStatus {
+    USER_NOT_FOUND = "user_not_found",
+    INVALID_CREDENTIALS = "invalid_credentials",
+    EMAIL_ALREADY_IN_USE = "email_already_in_use",
+    EMAIL_NOT_VERIFIED = "email_not_verified",
+    LOGOUT_SUCCESS = "logout_success",
+    LOGIN_SUCCESS = "login_success",
+    REGISTER_SUCCESS = "register_success"
+}
+//# sourceMappingURL=AuthStatusEnum.d.ts.map

package/dist/auth/enums/AuthStatusEnum.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthStatusEnum.d.ts","sourceRoot":"","sources":["../../../src/auth/enums/AuthStatusEnum.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,oBAAY,UAAU;IACpB,cAAc,mBAAmB;IACjC,mBAAmB,wBAAwB;IAC3C,oBAAoB,yBAAyB;IAC7C,kBAAkB,uBAAuB;IAEzC,cAAc,mBAAmB;IACjC,aAAa,kBAAkB;IAC/B,gBAAgB,qBAAqB;CACtC"}

package/dist/auth/enums/AuthStatusEnum.js

@@ -0,0 +1,13 @@
+/**
+ * Authentication status codes
+ */
+export var AuthStatus;
+(function (AuthStatus) {
+    AuthStatus["USER_NOT_FOUND"] = "user_not_found";
+    AuthStatus["INVALID_CREDENTIALS"] = "invalid_credentials";
+    AuthStatus["EMAIL_ALREADY_IN_USE"] = "email_already_in_use";
+    AuthStatus["EMAIL_NOT_VERIFIED"] = "email_not_verified";
+    AuthStatus["LOGOUT_SUCCESS"] = "logout_success";
+    AuthStatus["LOGIN_SUCCESS"] = "login_success";
+    AuthStatus["REGISTER_SUCCESS"] = "register_success";
+})(AuthStatus || (AuthStatus = {}));

package/dist/auth/index.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Authentication Module
+ *
+ * Framework-agnostic authentication services, types, and utilities.
+ */
+export { AuthService, PasswordResetService, TwoFactorService, TwoFactorChallengeService, AuthGuard, } from './services/index.js';
+export type { AuthCheckResult, AuthGuardConfig, TwoFactorQRResponse, TwoFactorSecretResponse, TwoFactorRecoveryCodesResponse, } from './services/index.js';
+export { defineAuthGuard } from './boot/defineAuthGuard.js';
+export type { DefineAuthGuardConfig } from './boot/defineAuthGuard.js';
+export type { AuthMeta } from './types/index.js';
+export { createAuthMeta, createGuestOnlyAuth, createProtectedAuth, createPublicAuth, createSkipAuth, } from './utils/auth-meta.js';
+export { AuthStatus } from './enums/AuthStatusEnum.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/auth/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EACL,WAAW,EACX,oBAAoB,EACpB,gBAAgB,EAChB,yBAAyB,EACzB,SAAS,GACV,MAAM,qBAAqB,CAAC;AAE7B,YAAY,EACV,eAAe,EACf,eAAe,EACf,mBAAmB,EACnB,uBAAuB,EACvB,8BAA8B,GAC/B,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAC5D,YAAY,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AAGvE,YAAY,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAGjD,OAAO,EACL,cAAc,EACd,mBAAmB,EACnB,mBAAmB,EACnB,gBAAgB,EAChB,cAAc,GACf,MAAM,sBAAsB,CAAC;AAG9B,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC"}

package/dist/auth/index.js

@@ -0,0 +1,13 @@
+/**
+ * Authentication Module
+ *
+ * Framework-agnostic authentication services, types, and utilities.
+ */
+// Services
+export { AuthService, PasswordResetService, TwoFactorService, TwoFactorChallengeService, AuthGuard, } from './services/index.js';
+// Boot helpers
+export { defineAuthGuard } from './boot/defineAuthGuard.js';
+// Utilities
+export { createAuthMeta, createGuestOnlyAuth, createProtectedAuth, createPublicAuth, createSkipAuth, } from './utils/auth-meta.js';
+// Enums
+export { AuthStatus } from './enums/AuthStatusEnum.js';

package/dist/auth/services/AuthGuard.d.ts

@@ -0,0 +1,58 @@
+import type { AuthMeta } from '../types/auth-meta.js';
+/**
+ * Configuration options for AuthGuard
+ */
+export interface AuthGuardConfig {
+    /**
+     * Whether authentication is required by default for all routes
+     * @default true
+     */
+    requireAuthByDefault?: boolean;
+    /**
+     * Route name/path to redirect to for login
+     */
+    loginRoute: string;
+    /**
+     * Route name/path to redirect to after successful authentication
+     */
+    successRoute: string;
+}
+/**
+ * Result of an auth check
+ */
+export interface AuthCheckResult {
+    /**
+     * Action to take: 'continue' allows navigation, 'redirect' blocks it
+     */
+    action: 'continue' | 'redirect';
+    /**
+     * Route to redirect to (only present when action is 'redirect')
+     */
+    route?: string;
+}
+/**
+ * Framework-agnostic authentication guard service.
+ *
+ * Evaluates route authentication requirements and determines
+ * whether navigation should proceed or redirect.
+ *
+ * This service contains the core auth logic that can be used
+ * by any routing framework's middleware/guards.
+ */
+export declare class AuthGuard {
+    private config;
+    constructor(config: AuthGuardConfig);
+    /**
+     * Updates the guard configuration
+     */
+    setConfig(config: Partial<AuthGuardConfig>): void;
+    /**
+     * Performs an authentication check for a route
+     *
+     * @param authMeta - The auth metadata from the route
+     * @param isAuthenticated - Whether the user is currently authenticated
+     * @returns The result indicating whether to continue or redirect
+     */
+    check(authMeta: AuthMeta | undefined, isAuthenticated: boolean): AuthCheckResult;
+}
+//# sourceMappingURL=AuthGuard.d.ts.map

package/dist/auth/services/AuthGuard.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthGuard.d.ts","sourceRoot":"","sources":["../../../src/auth/services/AuthGuard.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AAEtD;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B;;;OAGG;IACH,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAE/B;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B;;OAEG;IACH,MAAM,EAAE,UAAU,GAAG,UAAU,CAAC;IAEhC;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;;;;;;GAQG;AACH,qBAAa,SAAS;IACpB,OAAO,CAAC,MAAM,CAAkB;gBAEpB,MAAM,EAAE,eAAe;IAOnC;;OAEG;IACH,SAAS,CAAC,MAAM,EAAE,OAAO,CAAC,eAAe,CAAC,GAAG,IAAI;IAIjD;;;;;;OAMG;IACH,KAAK,CAAC,QAAQ,EAAE,QAAQ,GAAG,SAAS,EAAE,eAAe,EAAE,OAAO,GAAG,eAAe;CA4BjF"}

package/dist/auth/services/AuthGuard.js

@@ -0,0 +1,51 @@
+/**
+ * Framework-agnostic authentication guard service.
+ *
+ * Evaluates route authentication requirements and determines
+ * whether navigation should proceed or redirect.
+ *
+ * This service contains the core auth logic that can be used
+ * by any routing framework's middleware/guards.
+ */
+export class AuthGuard {
+    config;
+    constructor(config) {
+        this.config = {
+            requireAuthByDefault: true,
+            ...config,
+        };
+    }
+    /**
+     * Updates the guard configuration
+     */
+    setConfig(config) {
+        this.config = { ...this.config, ...config };
+    }
+    /**
+     * Performs an authentication check for a route
+     *
+     * @param authMeta - The auth metadata from the route
+     * @param isAuthenticated - Whether the user is currently authenticated
+     * @returns The result indicating whether to continue or redirect
+     */
+    check(authMeta, isAuthenticated) {
+        const authConfig = authMeta || {};
+        if (authConfig.skipAuth === true) {
+            return { action: 'continue' };
+        }
+        if (authConfig.guestOnly === true) {
+            if (isAuthenticated) {
+                const redirectTarget = authConfig.redirectTo || this.config.successRoute;
+                return { action: 'redirect', route: redirectTarget };
+            }
+            return { action: 'continue' };
+        }
+        const routeRequiresAuth = authConfig.requiresAuth !== undefined
+            ? authConfig.requiresAuth
+            : this.config.requireAuthByDefault;
+        if (routeRequiresAuth && !isAuthenticated) {
+            return { action: 'redirect', route: this.config.loginRoute };
+        }
+        return { action: 'continue' };
+    }
+}

package/dist/auth/services/AuthService.d.ts

@@ -0,0 +1,52 @@
+import { Service } from '../../services/Service.js';
+import { ServiceContainer } from '../../container/ServiceContainer.js';
+import type { RegisterService } from '../../container/types.js';
+import type { IUser } from '../../types/user.types.js';
+import { AuthStatus } from '../enums/AuthStatusEnum.js';
+/**
+ * Service responsible for handling login, registration, and session management.
+ */
+export declare class AuthService extends Service implements RegisterService {
+    private api;
+    /**
+     * Registers the service with the container.
+     *
+     * @param container - The service container instance.
+     */
+    register({ api }: ServiceContainer): void;
+    /**
+     * Fetches the current user session.
+     *
+     * @returns The user data or null if not authenticated.
+     */
+    fetchSession(): Promise<IUser | null>;
+    /**
+     * Logs the user out.
+     */
+    logout(): Promise<void>;
+    /**
+     * Authenticates a user with email and password.
+     *
+     * @param email - The user's email.
+     * @param password - The user's password.
+     * @returns The authenticated user data or two-factor challenge indication.
+     */
+    login(email: string, password: string): Promise<{
+        user?: IUser;
+        two_factor?: boolean;
+    }>;
+    /**
+     * Registers a new user.
+     *
+     * @param email - The user's email.
+     * @param password - The user's password.
+     * @param name - The user's name.
+     * @param recaptchaToken - Google reCAPTCHA token for verification
+     * @returns The registration status and user data.
+     */
+    signUp(email: string, password: string, name: string, recaptchaToken?: string): Promise<{
+        status: AuthStatus;
+        user: IUser;
+    }>;
+}
+//# sourceMappingURL=AuthService.d.ts.map

package/dist/auth/services/AuthService.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthService.d.ts","sourceRoot":"","sources":["../../../src/auth/services/AuthService.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,2BAA2B,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qCAAqC,CAAC;AACvE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAEhE,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,2BAA2B,CAAC;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAExD;;GAEG;AACH,qBAAa,WAAY,SAAQ,OAAQ,YAAW,eAAe;IACjE,OAAO,CAAC,GAAG,CAAc;IAEzB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,GAAG,EAAE,EAAE,gBAAgB,GAAG,IAAI;IAIzC;;;;OAIG;IACG,YAAY,IAAI,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC;IAY3C;;OAEG;IACG,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;IAI7B;;;;;;OAMG;IACG,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,IAAI,CAAC,EAAE,KAAK,CAAC;QAAC,UAAU,CAAC,EAAE,OAAO,CAAA;KAAE,CAAC;IAO7F;;;;;;;;OAQG;IACG,MAAM,CACV,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,MAAM,EACZ,cAAc,CAAC,EAAE,MAAM,GACtB,OAAO,CAAC;QACT,MAAM,EAAE,UAAU,CAAC;QACnB,IAAI,EAAE,KAAK,CAAC;KACb,CAAC;CAWH"}

package/dist/auth/services/AuthService.js

@@ -0,0 +1,67 @@
+import { Service } from '../../services/Service.js';
+/**
+ * Service responsible for handling login, registration, and session management.
+ */
+export class AuthService extends Service {
+    api;
+    /**
+     * Registers the service with the container.
+     *
+     * @param container - The service container instance.
+     */
+    register({ api }) {
+        this.api = api;
+    }
+    /**
+     * Fetches the current user session.
+     *
+     * @returns The user data or null if not authenticated.
+     */
+    async fetchSession() {
+        try {
+            const { data } = await this.api.get('/auth/session', {
+                requiresSessionCookie: true,
+            });
+            return data;
+        }
+        catch {
+            return null;
+        }
+    }
+    /**
+     * Logs the user out.
+     */
+    async logout() {
+        await this.api.post('/auth/logout');
+    }
+    /**
+     * Authenticates a user with email and password.
+     *
+     * @param email - The user's email.
+     * @param password - The user's password.
+     * @returns The authenticated user data or two-factor challenge indication.
+     */
+    async login(email, password) {
+        return await this.api.post('/auth/login', {
+            email,
+            password,
+        });
+    }
+    /**
+     * Registers a new user.
+     *
+     * @param email - The user's email.
+     * @param password - The user's password.
+     * @param name - The user's name.
+     * @param recaptchaToken - Google reCAPTCHA token for verification
+     * @returns The registration status and user data.
+     */
+    async signUp(email, password, name, recaptchaToken) {
+        return await this.api.post('/auth/register', {
+            email,
+            password,
+            name,
+            captcha_token: recaptchaToken,
+        });
+    }
+}

package/dist/auth/services/PasswordResetService.d.ts

@@ -0,0 +1,34 @@
+import { Service } from '../../services/Service.js';
+import { ServiceContainer } from '../../container/ServiceContainer.js';
+import type { RegisterService } from '../../container/types.js';
+/**
+ * Service responsible for handling password reset operations.
+ */
+export declare class PasswordResetService extends Service implements RegisterService {
+    private api;
+    /**
+     * Registers the service with the container.
+     *
+     * @param container - The service container instance.
+     */
+    register({ api }: ServiceContainer): void;
+    /**
+     * Sends a password reset link to the user's email.
+     *
+     * @param email - The user's email.
+     * @param recaptchaToken - Google reCAPTCHA token for verification
+     * @returns A promise that resolves when the request is complete.
+     */
+    sendPasswordResetLink(email: string, recaptchaToken?: string): Promise<void>;
+    /**
+     * Resets a user's password using a token.
+     *
+     * @param token - The password reset token.
+     * @param email - The user's email.
+     * @param password - The new password.
+     * @param passwordConfirmation - The password confirmation.
+     * @returns A promise that resolves when the password has been reset.
+     */
+    resetPassword(token: string, email: string, password: string, passwordConfirmation: string): Promise<void>;
+}
+//# sourceMappingURL=PasswordResetService.d.ts.map

package/dist/auth/services/PasswordResetService.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"PasswordResetService.d.ts","sourceRoot":"","sources":["../../../src/auth/services/PasswordResetService.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,2BAA2B,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qCAAqC,CAAC;AACvE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAGhE;;GAEG;AACH,qBAAa,oBAAqB,SAAQ,OAAQ,YAAW,eAAe;IAC1E,OAAO,CAAC,GAAG,CAAc;IAEzB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,GAAG,EAAE,EAAE,gBAAgB,GAAG,IAAI;IAIzC;;;;;;OAMG;IACH,qBAAqB,CAAC,KAAK,EAAE,MAAM,EAAE,cAAc,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAO5E;;;;;;;;OAQG;IACH,aAAa,CACX,KAAK,EAAE,MAAM,EACb,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,EAChB,oBAAoB,EAAE,MAAM,GAC3B,OAAO,CAAC,IAAI,CAAC;CAQjB"}

package/dist/auth/services/PasswordResetService.js

@@ -0,0 +1,45 @@
+import { Service } from '../../services/Service.js';
+/**
+ * Service responsible for handling password reset operations.
+ */
+export class PasswordResetService extends Service {
+    api;
+    /**
+     * Registers the service with the container.
+     *
+     * @param container - The service container instance.
+     */
+    register({ api }) {
+        this.api = api;
+    }
+    /**
+     * Sends a password reset link to the user's email.
+     *
+     * @param email - The user's email.
+     * @param recaptchaToken - Google reCAPTCHA token for verification
+     * @returns A promise that resolves when the request is complete.
+     */
+    sendPasswordResetLink(email, recaptchaToken) {
+        return this.api.post('/auth/forgot-password', {
+            email,
+            captcha_token: recaptchaToken,
+        });
+    }
+    /**
+     * Resets a user's password using a token.
+     *
+     * @param token - The password reset token.
+     * @param email - The user's email.
+     * @param password - The new password.
+     * @param passwordConfirmation - The password confirmation.
+     * @returns A promise that resolves when the password has been reset.
+     */
+    resetPassword(token, email, password, passwordConfirmation) {
+        return this.api.post('/auth/reset-password', {
+            token,
+            email,
+            password,
+            password_confirmation: passwordConfirmation,
+        });
+    }
+}

package/dist/auth/services/TwoFactorChallengeService.d.ts

@@ -0,0 +1,22 @@
+import { Service } from '../../services/Service.js';
+import { ServiceContainer } from '../../container/ServiceContainer.js';
+import type { RegisterService } from '../../container/types.js';
+/**
+ * Service for handling two-factor authentication challenges during login.
+ */
+export declare class TwoFactorChallengeService extends Service implements RegisterService {
+    private api;
+    /**
+     * Registers the service.
+     */
+    register({ api }: ServiceContainer): void;
+    /**
+     * Submit two-factor authentication code to complete login
+     */
+    submitCode(code: string): Promise<void>;
+    /**
+     * Submit recovery code to complete login
+     */
+    submitRecoveryCode(recovery_code: string): Promise<void>;
+}
+//# sourceMappingURL=TwoFactorChallengeService.d.ts.map

package/dist/auth/services/TwoFactorChallengeService.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"TwoFactorChallengeService.d.ts","sourceRoot":"","sources":["../../../src/auth/services/TwoFactorChallengeService.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,2BAA2B,CAAC;AAEpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qCAAqC,CAAC;AACvE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAEhE;;GAEG;AACH,qBAAa,yBAA0B,SAAQ,OAAQ,YAAW,eAAe;IAC/E,OAAO,CAAC,GAAG,CAAc;IAEzB;;OAEG;IACH,QAAQ,CAAC,EAAE,GAAG,EAAE,EAAE,gBAAgB,GAAG,IAAI;IAIzC;;OAEG;IACG,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAM7C;;OAEG;IACG,kBAAkB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAK/D"}

package/dist/auth/services/TwoFactorChallengeService.js

@@ -0,0 +1,29 @@
+import { Service } from '../../services/Service.js';
+/**
+ * Service for handling two-factor authentication challenges during login.
+ */
+export class TwoFactorChallengeService extends Service {
+    api;
+    /**
+     * Registers the service.
+     */
+    register({ api }) {
+        this.api = api;
+    }
+    /**
+     * Submit two-factor authentication code to complete login
+     */
+    async submitCode(code) {
+        await this.api.post('/auth/two-factor-challenge', {
+            code,
+        });
+    }
+    /**
+     * Submit recovery code to complete login
+     */
+    async submitRecoveryCode(recovery_code) {
+        await this.api.post('/auth/two-factor-challenge', {
+            recovery_code,
+        });
+    }
+}

package/dist/auth/services/TwoFactorService.d.ts

@@ -0,0 +1,64 @@
+import { Service } from '../../services/Service.js';
+import { ServiceContainer } from '../../container/ServiceContainer.js';
+import type { RegisterService } from '../../container/types.js';
+/**
+ * Interface for two-factor authentication response data
+ */
+export interface TwoFactorQRResponse {
+    svg: string;
+}
+export interface TwoFactorSecretResponse {
+    secretKey: string;
+}
+export interface TwoFactorRecoveryCodesResponse {
+    recoveryCodes: string[];
+}
+/**
+ * Service for managing two-factor authentication operations.
+ */
+export declare class TwoFactorService extends Service implements RegisterService {
+    private api;
+    /**
+     * Registers the service.
+     */
+    register({ api }: ServiceContainer): void;
+    /**
+     * Confirm user password before sensitive operations
+     */
+    confirmPassword(password: string): Promise<void>;
+    /**
+     * Check if password confirmation is still valid
+     */
+    checkPasswordConfirmation(): Promise<{
+        confirmed: boolean;
+    }>;
+    /**
+     * Enable two-factor authentication for the current user
+     */
+    enable(): Promise<void>;
+    /**
+     * Disable two-factor authentication for the current user
+     */
+    disable(): Promise<void>;
+    /**
+     * Get the QR code for setting up two-factor authentication
+     */
+    getQRCode(): Promise<TwoFactorQRResponse>;
+    /**
+     * Get the secret key for manual entry
+     */
+    getSecretKey(): Promise<TwoFactorSecretResponse>;
+    /**
+     * Confirm two-factor authentication setup with verification code
+     */
+    confirm(code: string): Promise<void>;
+    /**
+     * Get recovery codes for two-factor authentication
+     */
+    getRecoveryCodes(): Promise<string[]>;
+    /**
+     * Regenerate recovery codes for two-factor authentication
+     */
+    regenerateRecoveryCodes(): Promise<string[]>;
+}
+//# sourceMappingURL=TwoFactorService.d.ts.map

package/dist/auth/services/TwoFactorService.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"TwoFactorService.d.ts","sourceRoot":"","sources":["../../../src/auth/services/TwoFactorService.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,2BAA2B,CAAC;AAEpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qCAAqC,CAAC;AACvE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAEhE;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,uBAAuB;IACtC,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,8BAA8B;IAC7C,aAAa,EAAE,MAAM,EAAE,CAAC;CACzB;AAED;;GAEG;AACH,qBAAa,gBAAiB,SAAQ,OAAQ,YAAW,eAAe;IACtE,OAAO,CAAC,GAAG,CAAc;IAEzB;;OAEG;IACH,QAAQ,CAAC,EAAE,GAAG,EAAE,EAAE,gBAAgB,GAAG,IAAI;IAIzC;;OAEG;IACG,eAAe,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAItD;;OAEG;IACG,yBAAyB,IAAI,OAAO,CAAC;QAAE,SAAS,EAAE,OAAO,CAAA;KAAE,CAAC;IAIlE;;OAEG;IACG,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;IAI7B;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAI9B;;OAEG;IACG,SAAS,IAAI,OAAO,CAAC,mBAAmB,CAAC;IAI/C;;OAEG;IACG,YAAY,IAAI,OAAO,CAAC,uBAAuB,CAAC;IAItD;;OAEG;IACG,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI1C;;OAEG;IACG,gBAAgB,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;IAI3C;;OAEG;IACG,uBAAuB,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;CAKnD"}

package/dist/auth/services/TwoFactorService.js

@@ -0,0 +1,68 @@
+import { Service } from '../../services/Service.js';
+/**
+ * Service for managing two-factor authentication operations.
+ */
+export class TwoFactorService extends Service {
+    api;
+    /**
+     * Registers the service.
+     */
+    register({ api }) {
+        this.api = api;
+    }
+    /**
+     * Confirm user password before sensitive operations
+     */
+    async confirmPassword(password) {
+        await this.api.post('/auth/user/confirm-password', { password });
+    }
+    /**
+     * Check if password confirmation is still valid
+     */
+    async checkPasswordConfirmation() {
+        return await this.api.get('/auth/user/confirmed-password-status');
+    }
+    /**
+     * Enable two-factor authentication for the current user
+     */
+    async enable() {
+        await this.api.post('/auth/user/two-factor-authentication');
+    }
+    /**
+     * Disable two-factor authentication for the current user
+     */
+    async disable() {
+        await this.api.delete('/auth/user/two-factor-authentication');
+    }
+    /**
+     * Get the QR code for setting up two-factor authentication
+     */
+    async getQRCode() {
+        return await this.api.get('/auth/user/two-factor-qr-code');
+    }
+    /**
+     * Get the secret key for manual entry
+     */
+    async getSecretKey() {
+        return await this.api.get('/auth/user/two-factor-secret-key');
+    }
+    /**
+     * Confirm two-factor authentication setup with verification code
+     */
+    async confirm(code) {
+        await this.api.post('/auth/user/confirmed-two-factor-authentication', { code });
+    }
+    /**
+     * Get recovery codes for two-factor authentication
+     */
+    async getRecoveryCodes() {
+        return await this.api.get('/auth/user/two-factor-recovery-codes');
+    }
+    /**
+     * Regenerate recovery codes for two-factor authentication
+     */
+    async regenerateRecoveryCodes() {
+        await this.api.post('/auth/user/two-factor-recovery-codes');
+        return await this.api.get('/auth/user/two-factor-recovery-codes');
+    }
+}