@robelest/convex-auth 0.0.3-preview.7 → 0.0.3-preview.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/client/index.d.ts +229 -248
- package/dist/client/index.d.ts.map +1 -1
- package/dist/client/index.js +758 -1067
- package/dist/client/index.js.map +1 -1
- package/dist/component/_generated/api.d.ts +65 -70
- package/dist/component/_generated/api.d.ts.map +1 -1
- package/dist/component/_generated/api.js +22 -27
- package/dist/component/_generated/api.js.map +1 -1
- package/dist/component/_generated/component.d.ts +369 -373
- package/dist/component/_generated/component.d.ts.map +1 -1
- package/dist/component/_generated/component.js +1 -11
- package/dist/component/_generated/dataModel.d.ts +11 -15
- package/dist/component/_generated/dataModel.d.ts.map +1 -1
- package/dist/component/_generated/dataModel.js +1 -11
- package/dist/component/_generated/server.d.ts +18 -22
- package/dist/component/_generated/server.d.ts.map +1 -1
- package/dist/component/_generated/server.js +66 -70
- package/dist/component/_generated/server.js.map +1 -1
- package/dist/component/_virtual/rolldown_runtime.js +18 -0
- package/dist/component/bridge.d.ts +45 -37
- package/dist/component/bridge.d.ts.map +1 -1
- package/dist/component/bridge.js +81 -88
- package/dist/component/bridge.js.map +1 -1
- package/dist/component/convex.config.d.ts +6 -2
- package/dist/component/convex.config.d.ts.map +1 -1
- package/dist/component/convex.config.js +6 -1
- package/dist/component/convex.config.js.map +1 -1
- package/dist/component/index.d.ts +4 -21
- package/dist/component/index.d.ts.map +1 -1
- package/dist/component/index.js +4 -18
- package/dist/component/providers/credentials.d.ts +38 -0
- package/dist/component/providers/credentials.d.ts.map +1 -0
- package/dist/component/providers/email.js +47 -0
- package/dist/component/providers/email.js.map +1 -0
- package/dist/component/providers/oauth.d.ts +25 -0
- package/dist/component/providers/oauth.d.ts.map +1 -0
- package/dist/component/providers/oauth.js +13 -0
- package/dist/component/providers/oauth.js.map +1 -0
- package/dist/component/public.d.ts +730 -721
- package/dist/component/public.d.ts.map +1 -1
- package/dist/component/public.js +1072 -1367
- package/dist/component/public.js.map +1 -1
- package/dist/component/schema.d.ts +417 -442
- package/dist/component/schema.d.ts.map +1 -1
- package/dist/component/schema.js +153 -297
- package/dist/component/schema.js.map +1 -1
- package/dist/component/server/auth.d.ts +506 -0
- package/dist/component/server/auth.d.ts.map +1 -0
- package/dist/component/server/auth.js +545 -0
- package/dist/component/server/auth.js.map +1 -0
- package/dist/component/server/cookies.js +44 -0
- package/dist/component/server/cookies.js.map +1 -0
- package/dist/component/server/errors.js +135 -0
- package/dist/component/server/errors.js.map +1 -0
- package/dist/component/server/implementation/db.js +86 -0
- package/dist/component/server/implementation/db.js.map +1 -0
- package/dist/component/server/implementation/device.js +135 -0
- package/dist/component/server/implementation/device.js.map +1 -0
- package/dist/component/server/implementation/index.d.ts +856 -0
- package/dist/component/server/implementation/index.d.ts.map +1 -0
- package/dist/component/server/implementation/index.js +610 -0
- package/dist/component/server/implementation/index.js.map +1 -0
- package/dist/component/server/implementation/keys.js +118 -0
- package/dist/component/server/implementation/keys.js.map +1 -0
- package/dist/component/server/implementation/mutations/account.js +39 -0
- package/dist/component/server/implementation/mutations/account.js.map +1 -0
- package/dist/component/server/implementation/mutations/code.js +62 -0
- package/dist/component/server/implementation/mutations/code.js.map +1 -0
- package/dist/component/server/implementation/mutations/index.js +70 -0
- package/dist/component/server/implementation/mutations/index.js.map +1 -0
- package/dist/component/server/implementation/mutations/invalidate.js +29 -0
- package/dist/component/server/implementation/mutations/invalidate.js.map +1 -0
- package/dist/component/server/implementation/mutations/oauth.js +51 -0
- package/dist/component/server/implementation/mutations/oauth.js.map +1 -0
- package/dist/component/server/implementation/mutations/refresh.js +85 -0
- package/dist/component/server/implementation/mutations/refresh.js.map +1 -0
- package/dist/component/server/implementation/mutations/register.js +65 -0
- package/dist/component/server/implementation/mutations/register.js.map +1 -0
- package/dist/component/server/implementation/mutations/retrieve.js +50 -0
- package/dist/component/server/implementation/mutations/retrieve.js.map +1 -0
- package/dist/component/server/implementation/mutations/signature.js +27 -0
- package/dist/component/server/implementation/mutations/signature.js.map +1 -0
- package/dist/component/server/implementation/mutations/signin.js +27 -0
- package/dist/component/server/implementation/mutations/signin.js.map +1 -0
- package/dist/component/server/implementation/mutations/signout.js +27 -0
- package/dist/component/server/implementation/mutations/signout.js.map +1 -0
- package/dist/component/server/implementation/mutations/store.js +12 -0
- package/dist/component/server/implementation/mutations/store.js.map +1 -0
- package/dist/component/server/implementation/mutations/verifier.js +16 -0
- package/dist/component/server/implementation/mutations/verifier.js.map +1 -0
- package/dist/component/server/implementation/mutations/verify.js +105 -0
- package/dist/component/server/implementation/mutations/verify.js.map +1 -0
- package/dist/component/server/implementation/passkey.js +308 -0
- package/dist/component/server/implementation/passkey.js.map +1 -0
- package/dist/component/server/implementation/provider.js +19 -0
- package/dist/component/server/implementation/provider.js.map +1 -0
- package/dist/component/server/implementation/ratelimit.js +48 -0
- package/dist/component/server/implementation/ratelimit.js.map +1 -0
- package/dist/component/server/implementation/redirects.js +32 -0
- package/dist/component/server/implementation/redirects.js.map +1 -0
- package/dist/component/server/implementation/refresh.js +109 -0
- package/dist/component/server/implementation/refresh.js.map +1 -0
- package/dist/component/server/implementation/sessions.js +65 -0
- package/dist/component/server/implementation/sessions.js.map +1 -0
- package/dist/component/server/implementation/signin.js +148 -0
- package/dist/component/server/implementation/signin.js.map +1 -0
- package/dist/component/server/implementation/tokens.js +15 -0
- package/dist/component/server/implementation/tokens.js.map +1 -0
- package/dist/component/server/implementation/totp.js +142 -0
- package/dist/component/server/implementation/totp.js.map +1 -0
- package/dist/component/server/implementation/types.d.ts +42 -0
- package/dist/component/server/implementation/types.d.ts.map +1 -0
- package/dist/component/server/implementation/types.js +79 -0
- package/dist/component/server/implementation/types.js.map +1 -0
- package/dist/component/server/implementation/users.js +101 -0
- package/dist/component/server/implementation/users.js.map +1 -0
- package/dist/component/server/implementation/utils.js +56 -0
- package/dist/component/server/implementation/utils.js.map +1 -0
- package/dist/component/server/oauth.js +159 -0
- package/dist/component/server/oauth.js.map +1 -0
- package/dist/component/server/providers.js +90 -0
- package/dist/component/server/providers.js.map +1 -0
- package/dist/component/server/templates.js +167 -0
- package/dist/component/server/templates.js.map +1 -0
- package/dist/component/server/types.d.ts +859 -0
- package/dist/component/server/types.d.ts.map +1 -0
- package/dist/component/server/utils.js +15 -0
- package/dist/component/server/utils.js.map +1 -0
- package/dist/component/server/version.js +6 -0
- package/dist/component/server/version.js.map +1 -0
- package/dist/providers/anonymous.d.ts +35 -40
- package/dist/providers/anonymous.d.ts.map +1 -1
- package/dist/providers/anonymous.js +60 -58
- package/dist/providers/anonymous.js.map +1 -1
- package/dist/providers/credentials.d.ts +39 -49
- package/dist/providers/credentials.d.ts.map +1 -1
- package/dist/providers/credentials.js +40 -53
- package/dist/providers/credentials.js.map +1 -1
- package/dist/providers/device.d.ts +33 -41
- package/dist/providers/device.d.ts.map +1 -1
- package/dist/providers/device.js +45 -58
- package/dist/providers/device.js.map +1 -1
- package/dist/providers/email.d.ts +6 -7
- package/dist/providers/email.d.ts.map +1 -1
- package/dist/providers/email.js +44 -50
- package/dist/providers/email.js.map +1 -1
- package/dist/providers/index.d.ts +8 -24
- package/dist/providers/index.js +9 -17
- package/dist/providers/oauth.d.ts +34 -44
- package/dist/providers/oauth.d.ts.map +1 -1
- package/dist/providers/oauth.js +37 -55
- package/dist/providers/oauth.js.map +1 -1
- package/dist/providers/passkey.d.ts +32 -37
- package/dist/providers/passkey.d.ts.map +1 -1
- package/dist/providers/passkey.js +44 -54
- package/dist/providers/passkey.js.map +1 -1
- package/dist/providers/password.d.ts +66 -81
- package/dist/providers/password.d.ts.map +1 -1
- package/dist/providers/password.js +159 -189
- package/dist/providers/password.js.map +1 -1
- package/dist/providers/phone.d.ts +6 -12
- package/dist/providers/phone.d.ts.map +1 -1
- package/dist/providers/phone.js +26 -37
- package/dist/providers/phone.js.map +1 -1
- package/dist/providers/totp.d.ts +20 -25
- package/dist/providers/totp.d.ts.map +1 -1
- package/dist/providers/totp.js +41 -51
- package/dist/providers/totp.js.map +1 -1
- package/dist/server/auth.d.ts +348 -379
- package/dist/server/auth.d.ts.map +1 -1
- package/dist/server/auth.js +535 -666
- package/dist/server/auth.js.map +1 -1
- package/dist/server/cookies.d.ts +26 -23
- package/dist/server/cookies.d.ts.map +1 -1
- package/dist/server/cookies.js +38 -28
- package/dist/server/cookies.js.map +1 -1
- package/dist/server/errors.d.ts +89 -94
- package/dist/server/errors.d.ts.map +1 -1
- package/dist/server/errors.js +165 -178
- package/dist/server/errors.js.map +1 -1
- package/dist/server/implementation/db.d.ts +79 -76
- package/dist/server/implementation/db.d.ts.map +1 -1
- package/dist/server/implementation/db.js +84 -58
- package/dist/server/implementation/db.js.map +1 -1
- package/dist/server/implementation/device.d.ts +17 -25
- package/dist/server/implementation/device.d.ts.map +1 -1
- package/dist/server/implementation/device.js +119 -187
- package/dist/server/implementation/device.js.map +1 -1
- package/dist/server/implementation/index.d.ts +789 -786
- package/dist/server/implementation/index.d.ts.map +1 -1
- package/dist/server/implementation/index.js +602 -1111
- package/dist/server/implementation/index.js.map +1 -1
- package/dist/server/implementation/keys.d.ts +21 -29
- package/dist/server/implementation/keys.d.ts.map +1 -1
- package/dist/server/implementation/keys.js +101 -122
- package/dist/server/implementation/keys.js.map +1 -1
- package/dist/server/implementation/mutations/account.d.ts +24 -20
- package/dist/server/implementation/mutations/account.d.ts.map +1 -1
- package/dist/server/implementation/mutations/account.js +34 -33
- package/dist/server/implementation/mutations/account.js.map +1 -1
- package/dist/server/implementation/mutations/code.d.ts +25 -21
- package/dist/server/implementation/mutations/code.d.ts.map +1 -1
- package/dist/server/implementation/mutations/code.js +55 -49
- package/dist/server/implementation/mutations/code.js.map +1 -1
- package/dist/server/implementation/mutations/index.d.ts +300 -294
- package/dist/server/implementation/mutations/index.d.ts.map +1 -1
- package/dist/server/implementation/mutations/index.js +67 -105
- package/dist/server/implementation/mutations/index.js.map +1 -1
- package/dist/server/implementation/mutations/invalidate.d.ts +14 -9
- package/dist/server/implementation/mutations/invalidate.d.ts.map +1 -1
- package/dist/server/implementation/mutations/invalidate.js +24 -26
- package/dist/server/implementation/mutations/invalidate.js.map +1 -1
- package/dist/server/implementation/mutations/oauth.d.ts +19 -15
- package/dist/server/implementation/mutations/oauth.d.ts.map +1 -1
- package/dist/server/implementation/mutations/oauth.js +46 -43
- package/dist/server/implementation/mutations/oauth.js.map +1 -1
- package/dist/server/implementation/mutations/refresh.d.ts +14 -10
- package/dist/server/implementation/mutations/refresh.d.ts.map +1 -1
- package/dist/server/implementation/mutations/refresh.js +81 -98
- package/dist/server/implementation/mutations/refresh.js.map +1 -1
- package/dist/server/implementation/mutations/register.d.ts +32 -28
- package/dist/server/implementation/mutations/register.d.ts.map +1 -1
- package/dist/server/implementation/mutations/register.js +60 -57
- package/dist/server/implementation/mutations/register.js.map +1 -1
- package/dist/server/implementation/mutations/retrieve.d.ts +26 -22
- package/dist/server/implementation/mutations/retrieve.d.ts.map +1 -1
- package/dist/server/implementation/mutations/retrieve.js +45 -44
- package/dist/server/implementation/mutations/retrieve.js.map +1 -1
- package/dist/server/implementation/mutations/signature.d.ts +14 -10
- package/dist/server/implementation/mutations/signature.d.ts.map +1 -1
- package/dist/server/implementation/mutations/signature.js +22 -21
- package/dist/server/implementation/mutations/signature.js.map +1 -1
- package/dist/server/implementation/mutations/signin.d.ts +16 -12
- package/dist/server/implementation/mutations/signin.d.ts.map +1 -1
- package/dist/server/implementation/mutations/signin.js +22 -22
- package/dist/server/implementation/mutations/signin.js.map +1 -1
- package/dist/server/implementation/mutations/signout.d.ts +10 -7
- package/dist/server/implementation/mutations/signout.d.ts.map +1 -1
- package/dist/server/implementation/mutations/signout.js +24 -20
- package/dist/server/implementation/mutations/signout.js.map +1 -1
- package/dist/server/implementation/mutations/store.d.ts +4 -1
- package/dist/server/implementation/mutations/store.d.ts.map +1 -1
- package/dist/server/implementation/mutations/store.js +10 -6
- package/dist/server/implementation/mutations/store.js.map +1 -1
- package/dist/server/implementation/mutations/verifier.d.ts +8 -5
- package/dist/server/implementation/mutations/verifier.d.ts.map +1 -1
- package/dist/server/implementation/mutations/verifier.js +13 -12
- package/dist/server/implementation/mutations/verifier.js.map +1 -1
- package/dist/server/implementation/mutations/verify.d.ts +21 -17
- package/dist/server/implementation/mutations/verify.d.ts.map +1 -1
- package/dist/server/implementation/mutations/verify.js +99 -112
- package/dist/server/implementation/mutations/verify.js.map +1 -1
- package/dist/server/implementation/passkey.d.ts +14 -23
- package/dist/server/implementation/passkey.d.ts.map +1 -1
- package/dist/server/implementation/passkey.js +280 -414
- package/dist/server/implementation/passkey.js.map +1 -1
- package/dist/server/implementation/provider.d.ts +9 -6
- package/dist/server/implementation/provider.d.ts.map +1 -1
- package/dist/server/implementation/provider.js +16 -19
- package/dist/server/implementation/provider.js.map +1 -1
- package/dist/server/implementation/ratelimit.d.ts +9 -5
- package/dist/server/implementation/ratelimit.d.ts.map +1 -1
- package/dist/server/implementation/ratelimit.js +39 -41
- package/dist/server/implementation/ratelimit.js.map +1 -1
- package/dist/server/implementation/redirects.d.ts +8 -4
- package/dist/server/implementation/redirects.d.ts.map +1 -1
- package/dist/server/implementation/redirects.js +25 -29
- package/dist/server/implementation/redirects.js.map +1 -1
- package/dist/server/implementation/refresh.d.ts +18 -14
- package/dist/server/implementation/refresh.d.ts.map +1 -1
- package/dist/server/implementation/refresh.js +99 -107
- package/dist/server/implementation/refresh.js.map +1 -1
- package/dist/server/implementation/sessions.d.ts +19 -15
- package/dist/server/implementation/sessions.d.ts.map +1 -1
- package/dist/server/implementation/sessions.js +56 -58
- package/dist/server/implementation/sessions.js.map +1 -1
- package/dist/server/implementation/signin.d.ts +42 -39
- package/dist/server/implementation/signin.d.ts.map +1 -1
- package/dist/server/implementation/signin.js +140 -161
- package/dist/server/implementation/signin.js.map +1 -1
- package/dist/server/implementation/tokens.d.ts +8 -4
- package/dist/server/implementation/tokens.d.ts.map +1 -1
- package/dist/server/implementation/tokens.js +12 -15
- package/dist/server/implementation/tokens.js.map +1 -1
- package/dist/server/implementation/totp.d.ts +17 -26
- package/dist/server/implementation/totp.d.ts.map +1 -1
- package/dist/server/implementation/totp.js +127 -196
- package/dist/server/implementation/totp.js.map +1 -1
- package/dist/server/implementation/types.d.ts +162 -159
- package/dist/server/implementation/types.d.ts.map +1 -1
- package/dist/server/implementation/types.js +72 -59
- package/dist/server/implementation/types.js.map +1 -1
- package/dist/server/implementation/users.d.ts +23 -20
- package/dist/server/implementation/users.d.ts.map +1 -1
- package/dist/server/implementation/users.js +90 -123
- package/dist/server/implementation/users.js.map +1 -1
- package/dist/server/implementation/utils.d.ts +16 -14
- package/dist/server/implementation/utils.d.ts.map +1 -1
- package/dist/server/implementation/utils.js +46 -62
- package/dist/server/implementation/utils.js.map +1 -1
- package/dist/server/index.d.ts +93 -100
- package/dist/server/index.d.ts.map +1 -1
- package/dist/server/index.js +362 -457
- package/dist/server/index.js.map +1 -1
- package/dist/server/oauth.d.ts +27 -28
- package/dist/server/oauth.d.ts.map +1 -1
- package/dist/server/oauth.js +140 -189
- package/dist/server/oauth.js.map +1 -1
- package/dist/server/providers.d.ts +55 -49
- package/dist/server/providers.d.ts.map +1 -1
- package/dist/server/providers.js +73 -88
- package/dist/server/providers.js.map +1 -1
- package/dist/server/templates.d.ts +5 -2
- package/dist/server/templates.d.ts.map +1 -1
- package/dist/server/templates.js +43 -36
- package/dist/server/templates.js.map +1 -1
- package/dist/server/types.d.ts +707 -727
- package/dist/server/types.d.ts.map +1 -1
- package/dist/server/types.js +1 -2
- package/dist/server/utils.d.ts +5 -2
- package/dist/server/utils.d.ts.map +1 -1
- package/dist/server/utils.js +12 -9
- package/dist/server/utils.js.map +1 -1
- package/dist/server/version.d.ts +4 -1
- package/dist/server/version.d.ts.map +1 -1
- package/dist/server/version.js +5 -2
- package/dist/server/version.js.map +1 -1
- package/package.json +5 -7
- package/src/component/index.ts +2 -0
- package/src/server/auth.ts +19 -11
- package/src/server/implementation/index.ts +3 -3
- package/src/server/version.ts +1 -1
- package/dist/component/_generated/component.js.map +0 -1
- package/dist/component/_generated/dataModel.js.map +0 -1
- package/dist/component/index.js.map +0 -1
- package/dist/providers/index.d.ts.map +0 -1
- package/dist/providers/index.js.map +0 -1
- package/dist/server/types.js.map +0 -1
package/dist/client/index.d.ts
CHANGED
|
@@ -1,5 +1,7 @@
|
|
|
1
|
+
import { AUTH_ERRORS, AuthErrorCode, isAuthError, parseAuthError } from "../server/errors.js";
|
|
1
2
|
import { Value } from "convex/values";
|
|
2
|
-
|
|
3
|
+
|
|
4
|
+
//#region src/client/index.d.ts
|
|
3
5
|
/**
|
|
4
6
|
* Structural interface for any Convex client.
|
|
5
7
|
* Satisfied by `ConvexClient` (`convex/browser`),
|
|
@@ -10,17 +12,17 @@ export { isAuthError, parseAuthError, AUTH_ERRORS, type AuthErrorCode, } from ".
|
|
|
10
12
|
* during sign-out for a clean deauthentication.
|
|
11
13
|
*/
|
|
12
14
|
interface ConvexTransport {
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
15
|
+
action(action: any, args: any): Promise<any>;
|
|
16
|
+
setAuth(fetchToken: (args: {
|
|
17
|
+
forceRefreshToken: boolean;
|
|
18
|
+
}) => Promise<string | null | undefined>, onChange?: (isAuthenticated: boolean) => void): void;
|
|
19
|
+
clearAuth?(): void;
|
|
18
20
|
}
|
|
19
21
|
/** Pluggable key-value storage (defaults to `localStorage`). */
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
22
|
+
interface Storage {
|
|
23
|
+
getItem(key: string): string | null | undefined | Promise<string | null | undefined>;
|
|
24
|
+
setItem(key: string, value: string): void | Promise<void>;
|
|
25
|
+
removeItem(key: string): void | Promise<void>;
|
|
24
26
|
}
|
|
25
27
|
/**
|
|
26
28
|
* Device code response returned when signing in with the `"device"` provider.
|
|
@@ -28,19 +30,13 @@ export interface Storage {
|
|
|
28
30
|
* The device displays the `userCode` (or `verificationUriComplete`) and
|
|
29
31
|
* polls via `auth.device.poll()` until the user authorizes.
|
|
30
32
|
*/
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
/** Verification URL with user code pre-filled as `?code=XXXX-XXXX`. */
|
|
39
|
-
verificationUriComplete: string;
|
|
40
|
-
/** Lifetime of the codes in seconds. */
|
|
41
|
-
expiresIn: number;
|
|
42
|
-
/** Minimum polling interval in seconds. */
|
|
43
|
-
interval: number;
|
|
33
|
+
type DeviceCodeResult = {
|
|
34
|
+
/** High-entropy device code used for polling (keep secret). */deviceCode: string; /** Short human-readable code the user enters (e.g. "WDJB-MJHT"). */
|
|
35
|
+
userCode: string; /** Base verification URL (e.g. "https://myapp.com/device"). */
|
|
36
|
+
verificationUri: string; /** Verification URL with user code pre-filled as `?code=XXXX-XXXX`. */
|
|
37
|
+
verificationUriComplete: string; /** Lifetime of the codes in seconds. */
|
|
38
|
+
expiresIn: number; /** Minimum polling interval in seconds. */
|
|
39
|
+
interval: number;
|
|
44
40
|
};
|
|
45
41
|
/**
|
|
46
42
|
* Result of a `signIn` call.
|
|
@@ -51,64 +47,54 @@ export type DeviceCodeResult = {
|
|
|
51
47
|
* - `deviceCode` — device flow initiated; display the code and poll via `auth.device.poll()`.
|
|
52
48
|
* - `verifier` — opaque string for multi-step flows (TOTP, passkey).
|
|
53
49
|
*/
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
totpRequired?: boolean;
|
|
61
|
-
/** Device code response for the device authorization flow (RFC 8628). */
|
|
62
|
-
deviceCode?: DeviceCodeResult;
|
|
63
|
-
/** Opaque verifier for multi-step flows (pass to `totp.verify` or passkey phase 2). */
|
|
64
|
-
verifier?: string;
|
|
50
|
+
type SignInResult = {
|
|
51
|
+
/** `true` when sign-in completed and the user is authenticated. */signingIn: boolean; /** OAuth redirect URL. Present when the provider requires a browser redirect. */
|
|
52
|
+
redirect?: URL; /** `true` when the account has TOTP enabled and a code is required. */
|
|
53
|
+
totpRequired?: boolean; /** Device code response for the device authorization flow (RFC 8628). */
|
|
54
|
+
deviceCode?: DeviceCodeResult; /** Opaque verifier for multi-step flows (pass to `totp.verify` or passkey phase 2). */
|
|
55
|
+
verifier?: string;
|
|
65
56
|
};
|
|
66
57
|
/** Reactive auth state snapshot returned by `auth.state` and `auth.onChange`. */
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
isAuthenticated: boolean;
|
|
72
|
-
/** The raw JWT string, or `null` when not authenticated. */
|
|
73
|
-
token: string | null;
|
|
58
|
+
type AuthState = {
|
|
59
|
+
/** `true` during initial hydration before the first token is resolved. */isLoading: boolean; /** `true` when a valid JWT exists (user is signed in). */
|
|
60
|
+
isAuthenticated: boolean; /** The raw JWT string, or `null` when not authenticated. */
|
|
61
|
+
token: string | null;
|
|
74
62
|
};
|
|
75
63
|
/** Options for {@link client}. */
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
*/
|
|
111
|
-
token?: string | null;
|
|
64
|
+
type ClientOptions = {
|
|
65
|
+
/** Any Convex client (`ConvexClient` or `ConvexReactClient`). */convex: ConvexTransport;
|
|
66
|
+
/**
|
|
67
|
+
* Convex deployment URL. Derived automatically from the client internals
|
|
68
|
+
* when omitted — pass explicitly only if auto-detection fails.
|
|
69
|
+
*/
|
|
70
|
+
url?: string;
|
|
71
|
+
/**
|
|
72
|
+
* Key-value storage for persisting tokens.
|
|
73
|
+
*
|
|
74
|
+
* - Defaults to `localStorage` in SPA mode.
|
|
75
|
+
* - Defaults to `null` (in-memory only) when `proxy` is set,
|
|
76
|
+
* since httpOnly cookies handle persistence.
|
|
77
|
+
*/
|
|
78
|
+
storage?: Storage | null; /** Override how the URL bar is updated after OAuth code exchange. */
|
|
79
|
+
replaceURL?: (relativeUrl: string) => void | Promise<void>;
|
|
80
|
+
/**
|
|
81
|
+
* SSR proxy endpoint (e.g. `"/api/auth"`).
|
|
82
|
+
*
|
|
83
|
+
* When set, `signIn`/`signOut`/token refresh POST to this URL
|
|
84
|
+
* (with `credentials: "include"`) instead of calling Convex directly.
|
|
85
|
+
* The server handles httpOnly cookies for token persistence.
|
|
86
|
+
*
|
|
87
|
+
* Pair with {@link ClientOptions.token} for flash-free SSR hydration.
|
|
88
|
+
*/
|
|
89
|
+
proxy?: string;
|
|
90
|
+
/**
|
|
91
|
+
* JWT from server-side hydration.
|
|
92
|
+
*
|
|
93
|
+
* In proxy mode the server reads the JWT from an httpOnly cookie
|
|
94
|
+
* and passes it to the client during SSR. This avoids a loading
|
|
95
|
+
* flash on first render — the client is immediately authenticated.
|
|
96
|
+
*/
|
|
97
|
+
token?: string | null;
|
|
112
98
|
};
|
|
113
99
|
/**
|
|
114
100
|
* Create a framework-agnostic auth client.
|
|
@@ -143,176 +129,171 @@ export type ClientOptions = {
|
|
|
143
129
|
* @param options - Client configuration. See {@link ClientOptions}.
|
|
144
130
|
* @returns Auth client with `signIn`, `signOut`, `onChange`, `state`, `passkey`, and `totp`.
|
|
145
131
|
*/
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
205
|
-
|
|
206
|
-
|
|
207
|
-
|
|
208
|
-
|
|
209
|
-
|
|
210
|
-
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
|
|
215
|
-
|
|
216
|
-
|
|
217
|
-
|
|
218
|
-
|
|
219
|
-
|
|
220
|
-
|
|
221
|
-
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
|
|
241
|
-
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
245
|
-
|
|
246
|
-
|
|
247
|
-
|
|
248
|
-
|
|
249
|
-
|
|
250
|
-
|
|
251
|
-
|
|
252
|
-
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
|
|
267
|
-
|
|
268
|
-
|
|
269
|
-
|
|
270
|
-
|
|
271
|
-
|
|
272
|
-
|
|
273
|
-
|
|
274
|
-
|
|
275
|
-
|
|
276
|
-
|
|
277
|
-
|
|
278
|
-
|
|
279
|
-
|
|
280
|
-
|
|
281
|
-
|
|
282
|
-
|
|
283
|
-
|
|
284
|
-
|
|
285
|
-
|
|
286
|
-
|
|
287
|
-
|
|
288
|
-
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
|
|
294
|
-
|
|
295
|
-
|
|
296
|
-
|
|
297
|
-
|
|
298
|
-
|
|
299
|
-
|
|
300
|
-
|
|
301
|
-
|
|
302
|
-
|
|
303
|
-
|
|
304
|
-
|
|
305
|
-
|
|
306
|
-
|
|
307
|
-
|
|
308
|
-
|
|
309
|
-
|
|
310
|
-
* await auth.device.verify(userCode);
|
|
311
|
-
* ```
|
|
312
|
-
*
|
|
313
|
-
* @param userCode - The user code entered by the user (e.g. "WDJB-MJHT").
|
|
314
|
-
*/
|
|
315
|
-
verify: (userCode: string) => Promise<void>;
|
|
316
|
-
};
|
|
132
|
+
declare function client(options: ClientOptions): {
|
|
133
|
+
/** Current auth state snapshot. */readonly state: AuthState; /** Sign in with a provider. See {@link SignInResult} for return shape. */
|
|
134
|
+
signIn: (provider?: string, args?: FormData | Record<string, Value>) => Promise<SignInResult>; /** Sign out and clear all token state. */
|
|
135
|
+
signOut: () => Promise<void>; /** Subscribe to auth state changes. Returns an unsubscribe function. */
|
|
136
|
+
onChange: (cb: (state: AuthState) => void) => (() => void); /** Passkey (WebAuthn) authentication helpers. */
|
|
137
|
+
passkey: {
|
|
138
|
+
/**
|
|
139
|
+
* Check if WebAuthn passkeys are supported in the current environment.
|
|
140
|
+
*/
|
|
141
|
+
isSupported: () => boolean;
|
|
142
|
+
/**
|
|
143
|
+
* Check if conditional UI (autofill-assisted passkey sign-in) is supported.
|
|
144
|
+
*
|
|
145
|
+
* ```ts
|
|
146
|
+
* if (await auth.passkey.isAutofillSupported()) {
|
|
147
|
+
* auth.passkey.authenticate({ autofill: true });
|
|
148
|
+
* }
|
|
149
|
+
* ```
|
|
150
|
+
*/
|
|
151
|
+
isAutofillSupported: () => Promise<boolean>;
|
|
152
|
+
/**
|
|
153
|
+
* Register a new passkey for the current or new user.
|
|
154
|
+
*
|
|
155
|
+
* Performs the full two-round-trip WebAuthn registration ceremony:
|
|
156
|
+
* 1. Requests creation options from the server (challenge, RP info)
|
|
157
|
+
* 2. Calls `navigator.credentials.create()` with the options
|
|
158
|
+
* 3. Sends the attestation back to the server for verification
|
|
159
|
+
* 4. Server creates user + account + passkey records and returns tokens
|
|
160
|
+
*
|
|
161
|
+
* Works in both SPA and proxy (SSR) modes.
|
|
162
|
+
*
|
|
163
|
+
* ```ts
|
|
164
|
+
* await auth.passkey.register({ name: "MacBook Touch ID" });
|
|
165
|
+
* ```
|
|
166
|
+
*
|
|
167
|
+
* @param opts.name - Friendly name for this passkey
|
|
168
|
+
* @param opts.email - Email to associate with the new account
|
|
169
|
+
* @param opts.userName - Username for the credential (defaults to email)
|
|
170
|
+
* @param opts.userDisplayName - Display name for the credential
|
|
171
|
+
* @returns `{ signingIn: true }` on success
|
|
172
|
+
*/
|
|
173
|
+
register: (opts?: {
|
|
174
|
+
name?: string;
|
|
175
|
+
email?: string;
|
|
176
|
+
userName?: string;
|
|
177
|
+
userDisplayName?: string;
|
|
178
|
+
}) => Promise<SignInResult>;
|
|
179
|
+
/**
|
|
180
|
+
* Authenticate with an existing passkey.
|
|
181
|
+
*
|
|
182
|
+
* Performs the full two-round-trip WebAuthn authentication ceremony:
|
|
183
|
+
* 1. Requests assertion options from the server (challenge, allowed credentials)
|
|
184
|
+
* 2. Calls `navigator.credentials.get()` with the options
|
|
185
|
+
* 3. Sends the assertion back to the server for signature verification
|
|
186
|
+
* 4. Server verifies signature, updates counter, creates session, returns tokens
|
|
187
|
+
*
|
|
188
|
+
* Works in both SPA and proxy (SSR) modes.
|
|
189
|
+
*
|
|
190
|
+
* ```ts
|
|
191
|
+
* // Discoverable credential (no email needed)
|
|
192
|
+
* await auth.passkey.authenticate();
|
|
193
|
+
*
|
|
194
|
+
* // Scoped to a specific user's credentials
|
|
195
|
+
* await auth.passkey.authenticate({ email: "user@example.com" });
|
|
196
|
+
*
|
|
197
|
+
* // Autofill-assisted (conditional UI)
|
|
198
|
+
* await auth.passkey.authenticate({ autofill: true });
|
|
199
|
+
* ```
|
|
200
|
+
*
|
|
201
|
+
* @param opts.email - Scope to credentials for this email's user
|
|
202
|
+
* @param opts.autofill - Use conditional mediation (autofill UI)
|
|
203
|
+
* @returns `{ signingIn: true }` on success
|
|
204
|
+
*/
|
|
205
|
+
authenticate: (opts?: {
|
|
206
|
+
email?: string;
|
|
207
|
+
autofill?: boolean;
|
|
208
|
+
}) => Promise<SignInResult>;
|
|
209
|
+
}; /** TOTP two-factor authentication helpers. */
|
|
210
|
+
totp: {
|
|
211
|
+
/**
|
|
212
|
+
* Start TOTP enrollment. Must be authenticated.
|
|
213
|
+
*
|
|
214
|
+
* Returns a URI for QR code display and a base32 secret for manual entry.
|
|
215
|
+
*
|
|
216
|
+
* ```ts
|
|
217
|
+
* const setup = await auth.totp.setup();
|
|
218
|
+
* // Display QR code from setup.uri
|
|
219
|
+
* // Or show setup.secret for manual entry
|
|
220
|
+
* ```
|
|
221
|
+
*/
|
|
222
|
+
setup: (opts?: {
|
|
223
|
+
name?: string;
|
|
224
|
+
accountName?: string;
|
|
225
|
+
}) => Promise<{
|
|
226
|
+
uri: string;
|
|
227
|
+
secret: string;
|
|
228
|
+
verifier: string;
|
|
229
|
+
totpId: string;
|
|
230
|
+
}>;
|
|
231
|
+
/**
|
|
232
|
+
* Complete TOTP enrollment by verifying the first code from the authenticator app.
|
|
233
|
+
*
|
|
234
|
+
* ```ts
|
|
235
|
+
* await auth.totp.confirm({ code: "123456", verifier: setup.verifier, totpId: setup.totpId });
|
|
236
|
+
* ```
|
|
237
|
+
*/
|
|
238
|
+
confirm: (opts: {
|
|
239
|
+
code: string;
|
|
240
|
+
verifier: string;
|
|
241
|
+
totpId: string;
|
|
242
|
+
}) => Promise<void>;
|
|
243
|
+
/**
|
|
244
|
+
* Complete 2FA verification during sign-in.
|
|
245
|
+
*
|
|
246
|
+
* Called after a credentials sign-in returns `totpRequired: true`.
|
|
247
|
+
*
|
|
248
|
+
* ```ts
|
|
249
|
+
* const result = await auth.signIn("password", { email, password });
|
|
250
|
+
* if (result.totpRequired) {
|
|
251
|
+
* await auth.totp.verify({ code: "123456", verifier: result.verifier! });
|
|
252
|
+
* }
|
|
253
|
+
* ```
|
|
254
|
+
*/
|
|
255
|
+
verify: (opts: {
|
|
256
|
+
code: string;
|
|
257
|
+
verifier: string;
|
|
258
|
+
}) => Promise<void>;
|
|
259
|
+
}; /** Device authorization (RFC 8628) helpers. */
|
|
260
|
+
device: {
|
|
261
|
+
/**
|
|
262
|
+
* Poll for device authorization status.
|
|
263
|
+
*
|
|
264
|
+
* The device calls this repeatedly (respecting `interval`) after
|
|
265
|
+
* initiating a device flow via `signIn("device")`. Returns when
|
|
266
|
+
* the user authorizes, or throws on timeout/denial.
|
|
267
|
+
*
|
|
268
|
+
* ```ts
|
|
269
|
+
* const result = await auth.signIn("device");
|
|
270
|
+
* const { deviceCode } = result;
|
|
271
|
+
* // Display deviceCode.userCode to the user, then poll:
|
|
272
|
+
* await auth.device.poll(deviceCode);
|
|
273
|
+
* // User is now signed in
|
|
274
|
+
* ```
|
|
275
|
+
*
|
|
276
|
+
* @param code - The {@link DeviceCodeResult} from `signIn("device")`.
|
|
277
|
+
* @returns Resolves when the device is authorized and tokens are stored.
|
|
278
|
+
* @throws When the code expires, is denied, or polling encounters an error.
|
|
279
|
+
*/
|
|
280
|
+
poll: (code: DeviceCodeResult) => Promise<void>;
|
|
281
|
+
/**
|
|
282
|
+
* Authorize a device from the verification page.
|
|
283
|
+
*
|
|
284
|
+
* Called by an authenticated user on the verification page after
|
|
285
|
+
* they enter the user code displayed on the device.
|
|
286
|
+
*
|
|
287
|
+
* ```ts
|
|
288
|
+
* // On the /device verification page:
|
|
289
|
+
* await auth.device.verify(userCode);
|
|
290
|
+
* ```
|
|
291
|
+
*
|
|
292
|
+
* @param userCode - The user code entered by the user (e.g. "WDJB-MJHT").
|
|
293
|
+
*/
|
|
294
|
+
verify: (userCode: string) => Promise<void>;
|
|
295
|
+
};
|
|
317
296
|
};
|
|
297
|
+
//#endregion
|
|
298
|
+
export { AUTH_ERRORS, type AuthErrorCode, AuthState, ClientOptions, DeviceCodeResult, SignInResult, Storage, client, isAuthError, parseAuthError };
|
|
318
299
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","
|
|
1
|
+
{"version":3,"file":"index.d.ts","names":[],"sources":["../../src/client/index.ts"],"mappings":";;;;;;AAS0B;;;;;;;UAWhB,eAAA;EACR,MAAA,CAAO,MAAA,OAAa,IAAA,QAAY,OAAA;EAChC,OAAA,CACE,UAAA,GAAa,IAAA;IACX,iBAAA;EAAA,MACI,OAAA,6BACN,QAAA,IAAY,eAAA;EAEd,SAAA;AAAA;;UAIe,OAAA;EACf,OAAA,CACE,GAAA,uCAC6B,OAAA;EAC/B,OAAA,CAAQ,GAAA,UAAa,KAAA,kBAAuB,OAAA;EAC5C,UAAA,CAAW,GAAA,kBAAqB,OAAA;AAAA;;;;;;;KActB,gBAAA;EAjBR,+DAmBF,UAAA,UAjBA;EAmBA,QAAA,UAnBqB;EAqBrB,eAAA,UApBA;EAsBA,uBAAA,UAtBgC;EAwBhC,SAAA,UAxBuC;EA0BvC,QAAA;AAAA;;;;;;;;;;KAYU,YAAA;EAAA,mEAEV,SAAA;EAEA,QAAA,GAAW,GAAA,EAFX;EAIA,YAAA,YAFW;EAIX,UAAA,GAAa,gBAAA,EAAb;EAEA,QAAA;AAAA;;KAIU,SAAA;EAAA,0EAEV,SAAA;EAEA,eAAA,WAFA;EAIA,KAAA;AAAA;;KAIU,aAAA;EAAA,iEAEV,MAAA,EAAQ,eAAA;;;;;EAKR,GAAA;EAUoD;;;;;;;EAFpD,OAAA,GAAU,OAAA,SAEmC;EAA7C,UAAA,IAAc,WAAA,oBAA+B,OAAA;EAkB7C;;;AA2DF;;;;;;EAnEE,KAAA;EAmSoB;;;;;;;EA3RpB,KAAA;AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBA2Dc,MAAA,CAAO,OAAA,EAAS,aAAA;EAkkBxB,mDAqfS,SAAA;8BAx1BI,IAAA,GACV,QAAA,GAAW,MAAA,SAAe,KAAA,MAChC,OAAA,CAAQ,YAAA,GAoWE;gCAkJA;kBAlSU,KAAA,EAAO,SAAA;;IAmSjB;;;;IAoHe;;;;;;;;;+BAlTK,OAAA;IAiV7B;;;;;;;;;;;;;;;;;;;;;;MA3SE,IAAA;MACA,KAAA;MACA,QAAA;MACA,eAAA;IAAA,MAED,OAAA,CAAQ,YAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;MAkJA,KAAA;MAAgB,QAAA;IAAA,MACxB,OAAA,CAAQ,YAAA;EAAA;;;;;;;;;;;;;;MAoHA,IAAA;MAAe,WAAA;IAAA,MACvB,OAAA;MAAU,GAAA;MAAa,MAAA;MAAgB,QAAA;MAAkB,MAAA;IAAA;;;;;;;;;MA4B1D,IAAA;MACA,QAAA;MACA,MAAA;IAAA,MACE,OAAA;;;;;;;;;;;;;;MA8CmB,IAAA;MAAc,QAAA;IAAA,MAAqB,OAAA;EAAA;;;;;;;;;;;;;;;;;;;;;iBAsDvC,gBAAA,KAAmB,OAAA;;;;;;;;;;;;;;kCAiFJ,OAAA;EAAA;AAAA"}
|