@robelest/convex-auth 0.0.2-preview.1 → 0.0.2-preview.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/client/index.d.ts +84 -30
- package/dist/client/index.d.ts.map +1 -1
- package/dist/client/index.js +259 -59
- package/dist/client/index.js.map +1 -1
- package/dist/component/index.d.ts +2 -2
- package/dist/component/index.d.ts.map +1 -1
- package/dist/component/index.js +2 -2
- package/dist/component/index.js.map +1 -1
- package/dist/providers/{Anonymous.d.ts → anonymous.d.ts} +8 -8
- package/dist/providers/{Anonymous.d.ts.map → anonymous.d.ts.map} +1 -1
- package/dist/providers/{Anonymous.js → anonymous.js} +9 -10
- package/dist/providers/anonymous.js.map +1 -0
- package/dist/providers/{ConvexCredentials.d.ts → credentials.d.ts} +11 -11
- package/dist/providers/credentials.d.ts.map +1 -0
- package/dist/providers/{ConvexCredentials.js → credentials.js} +8 -8
- package/dist/providers/credentials.js.map +1 -0
- package/dist/providers/{Email.d.ts → email.d.ts} +6 -6
- package/dist/providers/email.d.ts.map +1 -0
- package/dist/providers/{Email.js → email.js} +6 -6
- package/dist/providers/email.js.map +1 -0
- package/dist/providers/{Password.d.ts → password.d.ts} +10 -10
- package/dist/providers/{Password.d.ts.map → password.d.ts.map} +1 -1
- package/dist/providers/{Password.js → password.js} +19 -20
- package/dist/providers/password.js.map +1 -0
- package/dist/providers/{Phone.d.ts → phone.d.ts} +3 -3
- package/dist/providers/{Phone.d.ts.map → phone.d.ts.map} +1 -1
- package/dist/providers/{Phone.js → phone.js} +3 -3
- package/dist/providers/{Phone.js.map → phone.js.map} +1 -1
- package/dist/server/implementation/index.d.ts +73 -159
- package/dist/server/implementation/index.d.ts.map +1 -1
- package/dist/server/implementation/index.js +74 -100
- package/dist/server/implementation/index.js.map +1 -1
- package/dist/server/implementation/sessions.d.ts +2 -20
- package/dist/server/implementation/sessions.d.ts.map +1 -1
- package/dist/server/implementation/sessions.js +2 -20
- package/dist/server/implementation/sessions.js.map +1 -1
- package/dist/server/index.d.ts +18 -0
- package/dist/server/index.d.ts.map +1 -1
- package/dist/server/index.js +255 -0
- package/dist/server/index.js.map +1 -1
- package/dist/server/provider_utils.d.ts.map +1 -1
- package/dist/server/types.d.ts +70 -9
- package/dist/server/types.d.ts.map +1 -1
- package/package.json +3 -6
- package/src/client/index.ts +347 -110
- package/src/component/index.ts +1 -8
- package/src/providers/{Anonymous.ts → anonymous.ts} +10 -11
- package/src/providers/{ConvexCredentials.ts → credentials.ts} +11 -11
- package/src/providers/{Email.ts → email.ts} +5 -5
- package/src/providers/{Password.ts → password.ts} +22 -27
- package/src/providers/{Phone.ts → phone.ts} +2 -2
- package/src/server/implementation/index.ts +119 -231
- package/src/server/implementation/sessions.ts +2 -20
- package/src/server/index.ts +373 -0
- package/src/server/types.ts +95 -8
- package/dist/providers/Anonymous.js.map +0 -1
- package/dist/providers/ConvexCredentials.d.ts.map +0 -1
- package/dist/providers/ConvexCredentials.js.map +0 -1
- package/dist/providers/Email.d.ts.map +0 -1
- package/dist/providers/Email.js.map +0 -1
- package/dist/providers/Password.js.map +0 -1
- package/providers/Anonymous/package.json +0 -6
- package/providers/ConvexCredentials/package.json +0 -6
- package/providers/Email/package.json +0 -6
- package/providers/Password/package.json +0 -6
- package/providers/Phone/package.json +0 -6
- package/server/package.json +0 -6
package/src/server/index.ts
CHANGED
|
@@ -1,4 +1,10 @@
|
|
|
1
|
+
import { ConvexHttpClient } from "convex/browser";
|
|
2
|
+
import { jwtDecode } from "jwt-decode";
|
|
1
3
|
import { parse, serialize } from "cookie";
|
|
4
|
+
import type {
|
|
5
|
+
SignInAction,
|
|
6
|
+
SignOutAction,
|
|
7
|
+
} from "./implementation/index.js";
|
|
2
8
|
import { isLocalHost } from "./utils.js";
|
|
3
9
|
|
|
4
10
|
export type AuthCookieConfig = {
|
|
@@ -11,6 +17,20 @@ export type AuthCookies = {
|
|
|
11
17
|
verifier: string | null;
|
|
12
18
|
};
|
|
13
19
|
|
|
20
|
+
export type ServerOptions = {
|
|
21
|
+
/** Convex deployment URL. */
|
|
22
|
+
url: string;
|
|
23
|
+
apiRoute?: string;
|
|
24
|
+
cookieMaxAge?: number | null;
|
|
25
|
+
verbose?: boolean;
|
|
26
|
+
shouldHandleCode?: ((request: Request) => boolean | Promise<boolean>) | boolean;
|
|
27
|
+
};
|
|
28
|
+
|
|
29
|
+
export type RefreshResult = {
|
|
30
|
+
response?: Response;
|
|
31
|
+
cookies?: string[];
|
|
32
|
+
};
|
|
33
|
+
|
|
14
34
|
export function authCookieNames(host?: string) {
|
|
15
35
|
const prefix = isLocalHost(host) ? "" : "__Host-";
|
|
16
36
|
return {
|
|
@@ -72,3 +92,356 @@ export function shouldProxyAuthAction(pathname: string, apiRoute: string) {
|
|
|
72
92
|
}
|
|
73
93
|
return pathname === apiRoute || pathname === `${apiRoute}/`;
|
|
74
94
|
}
|
|
95
|
+
|
|
96
|
+
const REQUIRED_TOKEN_LIFETIME_MS = 60_000;
|
|
97
|
+
const MINIMUM_REQUIRED_TOKEN_LIFETIME_MS = 10_000;
|
|
98
|
+
|
|
99
|
+
type DecodedToken = { exp?: number; iat?: number };
|
|
100
|
+
|
|
101
|
+
export function server(options: ServerOptions) {
|
|
102
|
+
const convexUrl = options.url;
|
|
103
|
+
const apiRoute = options.apiRoute ?? "/api/auth";
|
|
104
|
+
const cookieConfig = { maxAge: options.cookieMaxAge ?? null };
|
|
105
|
+
const verbose = options.verbose ?? false;
|
|
106
|
+
|
|
107
|
+
const logVerbose = (message: string) => {
|
|
108
|
+
if (!verbose) {
|
|
109
|
+
return;
|
|
110
|
+
}
|
|
111
|
+
console.debug(
|
|
112
|
+
`${new Date().toISOString()} [convex-auth/server] ${message}`,
|
|
113
|
+
);
|
|
114
|
+
};
|
|
115
|
+
|
|
116
|
+
const cookieHost = (request: Request) => {
|
|
117
|
+
return request.headers.get("host") ?? new URL(request.url).host;
|
|
118
|
+
};
|
|
119
|
+
|
|
120
|
+
const parseRequestCookies = (request: Request) => {
|
|
121
|
+
return parseAuthCookies(request.headers.get("cookie"), cookieHost(request));
|
|
122
|
+
};
|
|
123
|
+
|
|
124
|
+
const attachCookies = (response: Response, cookies: string[]) => {
|
|
125
|
+
for (const value of cookies) {
|
|
126
|
+
response.headers.append("Set-Cookie", value);
|
|
127
|
+
}
|
|
128
|
+
return response;
|
|
129
|
+
};
|
|
130
|
+
|
|
131
|
+
const jsonResponse = (body: unknown, status = 200) => {
|
|
132
|
+
return new Response(JSON.stringify(body), {
|
|
133
|
+
status,
|
|
134
|
+
headers: {
|
|
135
|
+
"Content-Type": "application/json",
|
|
136
|
+
},
|
|
137
|
+
});
|
|
138
|
+
};
|
|
139
|
+
|
|
140
|
+
const isCorsRequest = (request: Request) => {
|
|
141
|
+
const originHeader = request.headers.get("origin");
|
|
142
|
+
if (originHeader === null) {
|
|
143
|
+
return false;
|
|
144
|
+
}
|
|
145
|
+
const requestUrl = new URL(request.url);
|
|
146
|
+
const originUrl = new URL(originHeader);
|
|
147
|
+
return (
|
|
148
|
+
originUrl.host !== requestUrl.host ||
|
|
149
|
+
originUrl.protocol !== requestUrl.protocol
|
|
150
|
+
);
|
|
151
|
+
};
|
|
152
|
+
|
|
153
|
+
const decodeToken = (token: string): DecodedToken | null => {
|
|
154
|
+
try {
|
|
155
|
+
return jwtDecode<DecodedToken>(token);
|
|
156
|
+
} catch {
|
|
157
|
+
return null;
|
|
158
|
+
}
|
|
159
|
+
};
|
|
160
|
+
|
|
161
|
+
const convexClient = (token?: string | null) => {
|
|
162
|
+
const client = new ConvexHttpClient(convexUrl);
|
|
163
|
+
if (token !== undefined && token !== null) {
|
|
164
|
+
client.setAuth(token);
|
|
165
|
+
}
|
|
166
|
+
return client;
|
|
167
|
+
};
|
|
168
|
+
|
|
169
|
+
const refreshTokens = async (
|
|
170
|
+
request: Request,
|
|
171
|
+
): Promise<{ token: string; refreshToken: string } | null | undefined> => {
|
|
172
|
+
const cookies = parseRequestCookies(request);
|
|
173
|
+
const { token, refreshToken } = cookies;
|
|
174
|
+
if (refreshToken === null && token === null) {
|
|
175
|
+
logVerbose("No auth cookies found, skipping refresh");
|
|
176
|
+
return undefined;
|
|
177
|
+
}
|
|
178
|
+
if (refreshToken === null || token === null) {
|
|
179
|
+
logVerbose("Only one auth cookie present, clearing auth cookies");
|
|
180
|
+
return null;
|
|
181
|
+
}
|
|
182
|
+
const decodedToken = decodeToken(token);
|
|
183
|
+
if (decodedToken?.exp === undefined || decodedToken.iat === undefined) {
|
|
184
|
+
logVerbose("Failed to decode token, clearing auth cookies");
|
|
185
|
+
return null;
|
|
186
|
+
}
|
|
187
|
+
const totalTokenLifetimeMs = decodedToken.exp * 1000 - decodedToken.iat * 1000;
|
|
188
|
+
const minimumExpiration =
|
|
189
|
+
Date.now() +
|
|
190
|
+
Math.min(
|
|
191
|
+
REQUIRED_TOKEN_LIFETIME_MS,
|
|
192
|
+
Math.max(MINIMUM_REQUIRED_TOKEN_LIFETIME_MS, totalTokenLifetimeMs / 10),
|
|
193
|
+
);
|
|
194
|
+
if (decodedToken.exp * 1000 > minimumExpiration) {
|
|
195
|
+
logVerbose("Token valid long enough, skipping refresh");
|
|
196
|
+
return undefined;
|
|
197
|
+
}
|
|
198
|
+
|
|
199
|
+
try {
|
|
200
|
+
const result = await convexClient().action(
|
|
201
|
+
"auth:signIn" as unknown as SignInAction,
|
|
202
|
+
{
|
|
203
|
+
refreshToken,
|
|
204
|
+
},
|
|
205
|
+
);
|
|
206
|
+
if (result.tokens === undefined) {
|
|
207
|
+
throw new Error("Invalid `auth:signIn` result for token refresh");
|
|
208
|
+
}
|
|
209
|
+
logVerbose(`Refreshed tokens, null=${result.tokens === null}`);
|
|
210
|
+
return result.tokens;
|
|
211
|
+
} catch (error) {
|
|
212
|
+
console.error(error);
|
|
213
|
+
logVerbose("Token refresh failed, clearing auth cookies");
|
|
214
|
+
return null;
|
|
215
|
+
}
|
|
216
|
+
};
|
|
217
|
+
|
|
218
|
+
return {
|
|
219
|
+
token(request: Request): string | null {
|
|
220
|
+
return parseRequestCookies(request).token;
|
|
221
|
+
},
|
|
222
|
+
|
|
223
|
+
async verify(request: Request): Promise<boolean> {
|
|
224
|
+
const token = parseRequestCookies(request).token;
|
|
225
|
+
if (token === null) {
|
|
226
|
+
return false;
|
|
227
|
+
}
|
|
228
|
+
const decodedToken = decodeToken(token);
|
|
229
|
+
if (decodedToken?.exp === undefined) {
|
|
230
|
+
return false;
|
|
231
|
+
}
|
|
232
|
+
return decodedToken.exp * 1000 > Date.now();
|
|
233
|
+
},
|
|
234
|
+
|
|
235
|
+
async proxy(request: Request): Promise<Response> {
|
|
236
|
+
const requestUrl = new URL(request.url);
|
|
237
|
+
if (!shouldProxyAuthAction(requestUrl.pathname, apiRoute)) {
|
|
238
|
+
return new Response("Invalid route", { status: 404 });
|
|
239
|
+
}
|
|
240
|
+
if (request.method !== "POST") {
|
|
241
|
+
return new Response("Invalid method", { status: 405 });
|
|
242
|
+
}
|
|
243
|
+
if (isCorsRequest(request)) {
|
|
244
|
+
return new Response("Invalid origin", { status: 403 });
|
|
245
|
+
}
|
|
246
|
+
|
|
247
|
+
const body = await request.json();
|
|
248
|
+
const action = body.action as string;
|
|
249
|
+
const args = (body.args ?? {}) as Record<string, any>;
|
|
250
|
+
|
|
251
|
+
if (action !== "auth:signIn" && action !== "auth:signOut") {
|
|
252
|
+
return new Response("Invalid action", { status: 400 });
|
|
253
|
+
}
|
|
254
|
+
|
|
255
|
+
const currentCookies = parseRequestCookies(request);
|
|
256
|
+
const host = cookieHost(request);
|
|
257
|
+
|
|
258
|
+
if (action === "auth:signIn") {
|
|
259
|
+
if (args.refreshToken !== undefined) {
|
|
260
|
+
if (currentCookies.refreshToken === null) {
|
|
261
|
+
return jsonResponse({ tokens: null });
|
|
262
|
+
}
|
|
263
|
+
args.refreshToken = currentCookies.refreshToken;
|
|
264
|
+
}
|
|
265
|
+
const client = convexClient(
|
|
266
|
+
args.refreshToken !== undefined || args.params?.code !== undefined
|
|
267
|
+
? null
|
|
268
|
+
: currentCookies.token,
|
|
269
|
+
);
|
|
270
|
+
|
|
271
|
+
try {
|
|
272
|
+
const result = await client.action(
|
|
273
|
+
"auth:signIn" as unknown as SignInAction,
|
|
274
|
+
args,
|
|
275
|
+
);
|
|
276
|
+
if (result.redirect !== undefined) {
|
|
277
|
+
const response = jsonResponse({ redirect: result.redirect });
|
|
278
|
+
return attachCookies(
|
|
279
|
+
response,
|
|
280
|
+
serializeAuthCookies(
|
|
281
|
+
{
|
|
282
|
+
...currentCookies,
|
|
283
|
+
verifier: result.verifier ?? null,
|
|
284
|
+
},
|
|
285
|
+
host,
|
|
286
|
+
cookieConfig,
|
|
287
|
+
),
|
|
288
|
+
);
|
|
289
|
+
}
|
|
290
|
+
if (result.tokens !== undefined) {
|
|
291
|
+
const response = jsonResponse({
|
|
292
|
+
tokens:
|
|
293
|
+
result.tokens === null
|
|
294
|
+
? null
|
|
295
|
+
: { token: result.tokens.token, refreshToken: "dummy" },
|
|
296
|
+
});
|
|
297
|
+
return attachCookies(
|
|
298
|
+
response,
|
|
299
|
+
serializeAuthCookies(
|
|
300
|
+
{
|
|
301
|
+
token: result.tokens?.token ?? null,
|
|
302
|
+
refreshToken: result.tokens?.refreshToken ?? null,
|
|
303
|
+
verifier: null,
|
|
304
|
+
},
|
|
305
|
+
host,
|
|
306
|
+
cookieConfig,
|
|
307
|
+
),
|
|
308
|
+
);
|
|
309
|
+
}
|
|
310
|
+
return jsonResponse(result);
|
|
311
|
+
} catch (error) {
|
|
312
|
+
const response = jsonResponse({ error: (error as Error).message }, 400);
|
|
313
|
+
return attachCookies(
|
|
314
|
+
response,
|
|
315
|
+
serializeAuthCookies(
|
|
316
|
+
{
|
|
317
|
+
token: null,
|
|
318
|
+
refreshToken: null,
|
|
319
|
+
verifier: null,
|
|
320
|
+
},
|
|
321
|
+
host,
|
|
322
|
+
cookieConfig,
|
|
323
|
+
),
|
|
324
|
+
);
|
|
325
|
+
}
|
|
326
|
+
}
|
|
327
|
+
|
|
328
|
+
try {
|
|
329
|
+
await convexClient(currentCookies.token).action(
|
|
330
|
+
"auth:signOut" as unknown as SignOutAction,
|
|
331
|
+
);
|
|
332
|
+
} catch (error) {
|
|
333
|
+
console.error(error);
|
|
334
|
+
}
|
|
335
|
+
return attachCookies(
|
|
336
|
+
jsonResponse(null),
|
|
337
|
+
serializeAuthCookies(
|
|
338
|
+
{
|
|
339
|
+
token: null,
|
|
340
|
+
refreshToken: null,
|
|
341
|
+
verifier: null,
|
|
342
|
+
},
|
|
343
|
+
host,
|
|
344
|
+
cookieConfig,
|
|
345
|
+
),
|
|
346
|
+
);
|
|
347
|
+
},
|
|
348
|
+
|
|
349
|
+
async refresh(request: Request): Promise<RefreshResult> {
|
|
350
|
+
const host = cookieHost(request);
|
|
351
|
+
|
|
352
|
+
if (isCorsRequest(request)) {
|
|
353
|
+
return {
|
|
354
|
+
cookies: serializeAuthCookies(
|
|
355
|
+
{
|
|
356
|
+
token: null,
|
|
357
|
+
refreshToken: null,
|
|
358
|
+
verifier: null,
|
|
359
|
+
},
|
|
360
|
+
host,
|
|
361
|
+
cookieConfig,
|
|
362
|
+
),
|
|
363
|
+
};
|
|
364
|
+
}
|
|
365
|
+
|
|
366
|
+
const requestUrl = new URL(request.url);
|
|
367
|
+
const code = requestUrl.searchParams.get("code");
|
|
368
|
+
const shouldHandleCode =
|
|
369
|
+
options.shouldHandleCode === undefined
|
|
370
|
+
? true
|
|
371
|
+
: typeof options.shouldHandleCode === "function"
|
|
372
|
+
? await options.shouldHandleCode(request)
|
|
373
|
+
: options.shouldHandleCode;
|
|
374
|
+
|
|
375
|
+
if (
|
|
376
|
+
code !== null &&
|
|
377
|
+
request.method === "GET" &&
|
|
378
|
+
request.headers.get("accept")?.includes("text/html") &&
|
|
379
|
+
shouldHandleCode
|
|
380
|
+
) {
|
|
381
|
+
const requestCookies = parseRequestCookies(request);
|
|
382
|
+
const redirectUrl = new URL(requestUrl);
|
|
383
|
+
redirectUrl.searchParams.delete("code");
|
|
384
|
+
try {
|
|
385
|
+
const result = await convexClient().action(
|
|
386
|
+
"auth:signIn" as unknown as SignInAction,
|
|
387
|
+
{
|
|
388
|
+
params: { code },
|
|
389
|
+
verifier: requestCookies.verifier ?? undefined,
|
|
390
|
+
},
|
|
391
|
+
);
|
|
392
|
+
if (result.tokens === undefined) {
|
|
393
|
+
throw new Error("Invalid `auth:signIn` result for code exchange");
|
|
394
|
+
}
|
|
395
|
+
const response = Response.redirect(redirectUrl.toString(), 302);
|
|
396
|
+
return {
|
|
397
|
+
response: attachCookies(
|
|
398
|
+
response,
|
|
399
|
+
serializeAuthCookies(
|
|
400
|
+
{
|
|
401
|
+
token: result.tokens?.token ?? null,
|
|
402
|
+
refreshToken: result.tokens?.refreshToken ?? null,
|
|
403
|
+
verifier: null,
|
|
404
|
+
},
|
|
405
|
+
host,
|
|
406
|
+
cookieConfig,
|
|
407
|
+
),
|
|
408
|
+
),
|
|
409
|
+
};
|
|
410
|
+
} catch (error) {
|
|
411
|
+
console.error(error);
|
|
412
|
+
const response = Response.redirect(redirectUrl.toString(), 302);
|
|
413
|
+
return {
|
|
414
|
+
response: attachCookies(
|
|
415
|
+
response,
|
|
416
|
+
serializeAuthCookies(
|
|
417
|
+
{
|
|
418
|
+
token: null,
|
|
419
|
+
refreshToken: null,
|
|
420
|
+
verifier: null,
|
|
421
|
+
},
|
|
422
|
+
host,
|
|
423
|
+
cookieConfig,
|
|
424
|
+
),
|
|
425
|
+
),
|
|
426
|
+
};
|
|
427
|
+
}
|
|
428
|
+
}
|
|
429
|
+
|
|
430
|
+
const tokens = await refreshTokens(request);
|
|
431
|
+
if (tokens === undefined) {
|
|
432
|
+
return {};
|
|
433
|
+
}
|
|
434
|
+
return {
|
|
435
|
+
cookies: serializeAuthCookies(
|
|
436
|
+
{
|
|
437
|
+
token: tokens?.token ?? null,
|
|
438
|
+
refreshToken: tokens?.refreshToken ?? null,
|
|
439
|
+
verifier: null,
|
|
440
|
+
},
|
|
441
|
+
host,
|
|
442
|
+
cookieConfig,
|
|
443
|
+
),
|
|
444
|
+
};
|
|
445
|
+
},
|
|
446
|
+
};
|
|
447
|
+
}
|
package/src/server/types.ts
CHANGED
|
@@ -14,11 +14,11 @@ import {
|
|
|
14
14
|
GenericMutationCtx,
|
|
15
15
|
} from "convex/server";
|
|
16
16
|
import { GenericId, Value } from "convex/values";
|
|
17
|
-
import {
|
|
17
|
+
import { CredentialsUserConfig } from "../providers/credentials.js";
|
|
18
18
|
import { GenericDoc } from "./convex_types.js";
|
|
19
19
|
|
|
20
20
|
/**
|
|
21
|
-
* The config for the Convex Auth library, passed to `
|
|
21
|
+
* The config for the Convex Auth library, passed to `Auth`.
|
|
22
22
|
*/
|
|
23
23
|
export type ConvexAuthConfig = {
|
|
24
24
|
/**
|
|
@@ -89,9 +89,9 @@ export type ConvexAuthConfig = {
|
|
|
89
89
|
*
|
|
90
90
|
* ```ts
|
|
91
91
|
* import GitHub from "@auth/core/providers/github";
|
|
92
|
-
* import {
|
|
92
|
+
* import { Auth } from "@robelest/convex-auth/component";
|
|
93
93
|
*
|
|
94
|
-
* export const { auth, signIn, signOut, store } =
|
|
94
|
+
* export const { auth, signIn, signOut, store } = Auth({
|
|
95
95
|
* providers: [GitHub],
|
|
96
96
|
* callbacks: {
|
|
97
97
|
* async redirect({ redirectTo }) {
|
|
@@ -349,22 +349,109 @@ export type PhoneUserConfig<
|
|
|
349
349
|
/**
|
|
350
350
|
* Similar to Auth.js Credentials config.
|
|
351
351
|
*/
|
|
352
|
-
export type ConvexCredentialsConfig =
|
|
352
|
+
export type ConvexCredentialsConfig = CredentialsUserConfig<any> & {
|
|
353
353
|
type: "credentials";
|
|
354
354
|
id: string;
|
|
355
355
|
};
|
|
356
356
|
|
|
357
|
+
export type AuthAccountCredentials = {
|
|
358
|
+
id: string;
|
|
359
|
+
secret?: string;
|
|
360
|
+
};
|
|
361
|
+
|
|
362
|
+
export type AuthCreateAccountArgs = {
|
|
363
|
+
provider: string;
|
|
364
|
+
account: AuthAccountCredentials;
|
|
365
|
+
profile: Record<string, unknown> & {
|
|
366
|
+
email?: string;
|
|
367
|
+
phone?: string;
|
|
368
|
+
emailVerified?: boolean;
|
|
369
|
+
phoneVerified?: boolean;
|
|
370
|
+
};
|
|
371
|
+
shouldLinkViaEmail?: boolean;
|
|
372
|
+
shouldLinkViaPhone?: boolean;
|
|
373
|
+
};
|
|
374
|
+
|
|
375
|
+
export type AuthRetrieveAccountArgs = {
|
|
376
|
+
provider: string;
|
|
377
|
+
account: AuthAccountCredentials;
|
|
378
|
+
};
|
|
379
|
+
|
|
380
|
+
export type AuthUpdateAccountCredentialsArgs = {
|
|
381
|
+
provider: string;
|
|
382
|
+
account: {
|
|
383
|
+
id: string;
|
|
384
|
+
secret: string;
|
|
385
|
+
};
|
|
386
|
+
};
|
|
387
|
+
|
|
388
|
+
export type AuthInvalidateSessionsArgs = {
|
|
389
|
+
userId: GenericId<"user">;
|
|
390
|
+
except?: GenericId<"session">[];
|
|
391
|
+
};
|
|
392
|
+
|
|
393
|
+
export type AuthProviderSignInArgs = {
|
|
394
|
+
accountId?: GenericId<"account">;
|
|
395
|
+
params?: Record<string, Value | undefined>;
|
|
396
|
+
};
|
|
397
|
+
|
|
398
|
+
export type AuthProviderSignInResult = {
|
|
399
|
+
userId: GenericId<"user">;
|
|
400
|
+
sessionId: GenericId<"session">;
|
|
401
|
+
} | null;
|
|
402
|
+
|
|
403
|
+
export type AuthServerHelpers = {
|
|
404
|
+
account: {
|
|
405
|
+
create: (
|
|
406
|
+
ctx: GenericActionCtx<any>,
|
|
407
|
+
args: AuthCreateAccountArgs,
|
|
408
|
+
) => Promise<{
|
|
409
|
+
account: GenericDoc<GenericDataModel, "account">;
|
|
410
|
+
user: GenericDoc<GenericDataModel, "user">;
|
|
411
|
+
}>;
|
|
412
|
+
get: (
|
|
413
|
+
ctx: GenericActionCtx<any>,
|
|
414
|
+
args: AuthRetrieveAccountArgs,
|
|
415
|
+
) => Promise<{
|
|
416
|
+
account: GenericDoc<GenericDataModel, "account">;
|
|
417
|
+
user: GenericDoc<GenericDataModel, "user">;
|
|
418
|
+
}>;
|
|
419
|
+
updateCredentials: (
|
|
420
|
+
ctx: GenericActionCtx<any>,
|
|
421
|
+
args: AuthUpdateAccountCredentialsArgs,
|
|
422
|
+
) => Promise<void>;
|
|
423
|
+
};
|
|
424
|
+
session: {
|
|
425
|
+
current: (
|
|
426
|
+
ctx: { auth: GenericActionCtx<GenericDataModel>["auth"] },
|
|
427
|
+
) => Promise<GenericId<"session"> | null>;
|
|
428
|
+
invalidate: (
|
|
429
|
+
ctx: GenericActionCtx<any>,
|
|
430
|
+
args: AuthInvalidateSessionsArgs,
|
|
431
|
+
) => Promise<void>;
|
|
432
|
+
};
|
|
433
|
+
provider: {
|
|
434
|
+
signIn: (
|
|
435
|
+
ctx: GenericActionCtx<any>,
|
|
436
|
+
provider: AuthProviderConfig,
|
|
437
|
+
args: AuthProviderSignInArgs,
|
|
438
|
+
) => Promise<AuthProviderSignInResult>;
|
|
439
|
+
};
|
|
440
|
+
};
|
|
441
|
+
|
|
357
442
|
/**
|
|
358
443
|
* Your `ActionCtx` enriched with `ctx.auth.config` field with
|
|
359
|
-
* the config passed to `
|
|
444
|
+
* the config passed to `Auth`.
|
|
360
445
|
*/
|
|
361
446
|
export type GenericActionCtxWithAuthConfig<DataModel extends GenericDataModel> =
|
|
362
447
|
GenericActionCtx<DataModel> & {
|
|
363
|
-
auth:
|
|
448
|
+
auth: GenericActionCtx<DataModel>["auth"] & {
|
|
449
|
+
config: ConvexAuthMaterializedConfig;
|
|
450
|
+
} & AuthServerHelpers;
|
|
364
451
|
};
|
|
365
452
|
|
|
366
453
|
/**
|
|
367
|
-
* The config for the Convex Auth library, passed to `
|
|
454
|
+
* The config for the Convex Auth library, passed to `Auth`,
|
|
368
455
|
* with defaults and initialized providers.
|
|
369
456
|
*
|
|
370
457
|
* See {@link ConvexAuthConfig}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"Anonymous.js","sourceRoot":"","sources":["../../src/providers/Anonymous.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,iBAAiB,MAAM,mDAAmD,CAAC;AAClF,OAAO,EAEL,aAAa,GACd,MAAM,iCAAiC,CAAC;AAoCzC;;;;GAIG;AACH,MAAM,CAAC,OAAO,UAAU,SAAS,CAC/B,SAAqC,EAAE;IAEvC,MAAM,QAAQ,GAAG,MAAM,CAAC,EAAE,IAAI,WAAW,CAAC;IAC1C,OAAO,iBAAiB,CAAY;QAClC,EAAE,EAAE,WAAW;QACf,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE;YAC/B,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC;YACvE,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE;gBACxC,QAAQ;gBACR,OAAO,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE,EAAE;gBACpC,OAAO,EAAE,OAAc;aACxB,CAAC,CAAC;YACH,MAAM;YACN,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC;QAC9B,CAAC;QACD,GAAG,MAAM;KACV,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"ConvexCredentials.d.ts","sourceRoot":"","sources":["../../src/providers/ConvexCredentials.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAEH,OAAO,EACL,kBAAkB,EAClB,uBAAuB,EACvB,8BAA8B,EAC/B,MAAM,iCAAiC,CAAC;AACzC,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAEjD;;GAEG;AACH,MAAM,WAAW,2BAA2B,CAC1C,SAAS,SAAS,gBAAgB,GAAG,gBAAgB;IAErD;;;OAGG;IACH,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ;;;;;;;OAOG;IACH,SAAS,EAAE;IACT;;;;;;OAMG;IACH,WAAW,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,KAAK,GAAG,SAAS,CAAC,CAAC,EACvD,GAAG,EAAE,8BAA8B,CAAC,SAAS,CAAC,KAC3C,OAAO,CAAC;QACX,MAAM,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;QAC1B,SAAS,CAAC,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC;KAClC,GAAG,IAAI,CAAC,CAAC;IACV;;;;;;;;OAQG;IACH,MAAM,CAAC,EAAE;QACP;;WAEG;QACH,UAAU,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;QAChD;;;WAGG;QACH,YAAY,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;KAClE,CAAC;IACF;;;;OAIG;IACH,cAAc,CAAC,EAAE,CAAC,kBAAkB,GAAG,SAAS,CAAC,EAAE,CAAC;CACrD;AAED;;;GAGG;AACH,MAAM,CAAC,OAAO,UAAU,iBAAiB,CAAC,SAAS,SAAS,gBAAgB,EAC1E,MAAM,EAAE,2BAA2B,CAAC,SAAS,CAAC,GAC7C,uBAAuB,CAQzB"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"ConvexCredentials.js","sourceRoot":"","sources":["../../src/providers/ConvexCredentials.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAuEH;;;GAGG;AACH,MAAM,CAAC,OAAO,UAAU,iBAAiB,CACvC,MAA8C;IAE9C,OAAO;QACL,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,aAAa;QACnB,SAAS,EAAE,KAAK,IAAI,EAAE,CAAC,IAAI;QAC3B,4BAA4B;QAC5B,OAAO,EAAE,MAAM;KAChB,CAAC;AACJ,CAAC"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"Email.d.ts","sourceRoot":"","sources":["../../src/providers/Email.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAElE;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,wBAAgB,KAAK,CAAC,SAAS,SAAS,gBAAgB,EACtD,MAAM,EAAE,eAAe,CAAC,SAAS,CAAC,GAChC,IAAI,CAAC,WAAW,EAAE,yBAAyB,CAAC,GAC7C,WAAW,CAAC,SAAS,CAAC,CAuBxB"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"Email.js","sourceRoot":"","sources":["../../src/providers/Email.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAKH;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,UAAU,KAAK,CACnB,MAC8C;IAE9C,OAAO;QACL,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,OAAO;QACb,IAAI,EAAE,OAAO;QACb,IAAI,EAAE,+BAA+B;QACrC,MAAM,EAAE,EAAE,GAAG,EAAE,EAAE,SAAS;QAC1B,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE;YACnC,IAAI,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gBACrC,MAAM,IAAI,KAAK,CACb,+DAA+D,CAChE,CAAC;YACJ,CAAC;YACD,IAAI,OAAO,CAAC,iBAAiB,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC;gBAC/C,MAAM,IAAI,KAAK,CACb,sDAAsD;oBACpD,wBAAwB,CAC3B,CAAC;YACJ,CAAC;QACH,CAAC;QACD,uBAAuB,EAAE,MAAM,CAAC,uBAAuB;QACvD,OAAO,EAAE,MAAM;KAChB,CAAC;AACJ,CAAC"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"Password.js","sourceRoot":"","sources":["../../src/providers/Password.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAAO,iBAEN,MAAM,mDAAmD,CAAC;AAC3D,OAAO,EAIL,aAAa,EACb,kBAAkB,EAClB,wBAAwB,EACxB,eAAe,EACf,iBAAiB,GAClB,MAAM,iCAAiC,CAAC;AAOzC,OAAO,EAAE,MAAM,EAAE,MAAM,OAAO,CAAC;AA4D/B;;;;;;;;GAQG;AACH,MAAM,CAAC,OAAO,UAAU,QAAQ,CAC9B,SAAoC,EAAE;IAEtC,MAAM,QAAQ,GAAG,MAAM,CAAC,EAAE,IAAI,UAAU,CAAC;IACzC,OAAO,iBAAiB,CAAY;QAClC,EAAE,EAAE,UAAU;QACd,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE;YAC/B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAc,CAAC;YACnC,MAAM,kBAAkB,GACtB,IAAI,KAAK,QAAQ;gBACf,CAAC,CAAE,MAAM,CAAC,QAAmB;gBAC7B,CAAC,CAAC,IAAI,KAAK,oBAAoB;oBAC7B,CAAC,CAAE,MAAM,CAAC,WAAsB;oBAChC,CAAC,CAAC,IAAI,CAAC;YACb,IAAI,kBAAkB,KAAK,IAAI,EAAE,CAAC;gBAChC,IAAI,MAAM,CAAC,4BAA4B,KAAK,SAAS,EAAE,CAAC;oBACtD,MAAM,CAAC,4BAA4B,CAAC,kBAAkB,CAAC,CAAC;gBAC1D,CAAC;qBAAM,CAAC;oBACN,mCAAmC,CAAC,kBAAkB,CAAC,CAAC;gBAC1D,CAAC;YACH,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,cAAc,CAAC,MAAM,CAAC,CAAC;YACxE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC;YAC1B,MAAM,MAAM,GAAG,MAAM,CAAC,QAAkB,CAAC;YACzC,IAAI,OAAyC,CAAC;YAC9C,IAAI,IAAmC,CAAC;YACxC,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACtB,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;oBACzB,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;gBAChE,CAAC;gBACD,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE;oBACvC,QAAQ;oBACR,OAAO,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE;oBAC9B,OAAO,EAAE,OAAc;oBACvB,kBAAkB,EAAE,MAAM,CAAC,MAAM,KAAK,SAAS;oBAC/C,kBAAkB,EAAE,KAAK;iBAC1B,CAAC,CAAC;gBACH,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,CAAC;YAChC,CAAC;iBAAM,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC7B,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;oBACzB,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;gBAChE,CAAC;gBACD,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC,GAAG,EAAE;oBAC3C,QAAQ;oBACR,OAAO,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE;iBAC/B,CAAC,CAAC;gBACH,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;oBACvB,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;gBACzC,CAAC;gBACD,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,SAAS,CAAC,CAAC;gBAChC,0CAA0C;YAC5C,CAAC;iBAAM,IAAI,IAAI,KAAK,OAAO,EAAE,CAAC;gBAC5B,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;oBAClB,MAAM,IAAI,KAAK,CAAC,qCAAqC,QAAQ,EAAE,CAAC,CAAC;gBACnE,CAAC;gBACD,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,eAAe,CAAC,GAAG,EAAE;oBAC7C,QAAQ;oBACR,OAAO,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE;iBACvB,CAAC,CAAC;gBACH,OAAO,MAAM,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,KAAK,EAAE;oBAChD,SAAS,EAAE,OAAO,CAAC,GAAG;oBACtB,MAAM;iBACP,CAAC,CAAC;YACL,CAAC;iBAAM,IAAI,IAAI,KAAK,oBAAoB,EAAE,CAAC;gBACzC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;oBAClB,MAAM,IAAI,KAAK,CAAC,qCAAqC,QAAQ,EAAE,CAAC,CAAC;gBACnE,CAAC;gBACD,IAAI,MAAM,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;oBACrC,MAAM,IAAI,KAAK,CACb,2DAA2D,CAC5D,CAAC;gBACJ,CAAC;gBACD,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,KAAK,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;gBACtE,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;oBACpB,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;gBAClC,CAAC;gBACD,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,CAAC;gBACrC,MAAM,MAAM,GAAG,MAAM,CAAC,WAAqB,CAAC;gBAC5C,MAAM,wBAAwB,CAAC,GAAG,EAAE;oBAClC,QAAQ;oBACR,OAAO,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE;iBAC/B,CAAC,CAAC;gBACH,MAAM,kBAAkB,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;gBAC/D,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;gBAC7B,MAAM;gBACN,qDAAqD;YACvD,CAAC;iBAAM,IAAI,IAAI,KAAK,oBAAoB,EAAE,CAAC;gBACzC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;oBACnB,MAAM,IAAI,KAAK,CAAC,yCAAyC,QAAQ,EAAE,CAAC,CAAC;gBACvE,CAAC;gBACD,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,eAAe,CAAC,GAAG,EAAE;oBAC7C,QAAQ;oBACR,OAAO,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE;iBACvB,CAAC,CAAC;gBACH,OAAO,MAAM,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE;oBACjD,SAAS,EAAE,OAAO,CAAC,GAAG;oBACtB,MAAM;iBACP,CAAC,CAAC;gBACH,MAAM;YACR,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,KAAK,CACb,0CAA0C;oBACxC,uDAAuD;oBACvD,uBAAuB,CAC1B,CAAC;YACJ,CAAC;YACD,qDAAqD;YACrD,IAAI,MAAM,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;gBAC5C,OAAO,MAAM,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE;oBACjD,SAAS,EAAE,OAAO,CAAC,GAAG;oBACtB,MAAM;iBACP,CAAC,CAAC;YACL,CAAC;YACD,MAAM;YACN,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC;QAC9B,CAAC;QACD,MAAM,EAAE;YACN,KAAK,CAAC,UAAU,CAAC,QAAgB;gBAC/B,OAAO,MAAM,IAAI,MAAM,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC3C,CAAC;YACD,KAAK,CAAC,YAAY,CAAC,QAAgB,EAAE,IAAY;gBAC/C,OAAO,MAAM,IAAI,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;YACnD,CAAC;SACF;QACD,cAAc,EAAE,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC;QAC7C,GAAG,MAAM;KACV,CAAC,CAAC;AACL,CAAC;AAED,SAAS,mCAAmC,CAAC,QAAgB;IAC3D,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACtC,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,MAA+B;IACrD,OAAO;QACL,KAAK,EAAE,MAAM,CAAC,KAAe;KAC9B,CAAC;AACJ,CAAC"}
|