npm - @robelest/convex-auth - Versions diffs - 0.0.4-preview.2 → 0.0.4-preview.20 - Mend

@robelest/convex-auth 0.0.4-preview.2 → 0.0.4-preview.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (798) hide show

package/README.md +67 -26
package/dist/authorization/index.d.ts +63 -0
package/dist/authorization/index.d.ts.map +1 -0
package/dist/authorization/index.js +63 -0
package/dist/authorization/index.js.map +1 -0
package/dist/bin.cjs +6033 -27606
package/dist/client/core/types.d.ts +20 -0
package/dist/client/core/types.d.ts.map +1 -0
package/dist/client/index.d.ts +2 -299
package/dist/client/index.d.ts.map +1 -1
package/dist/client/index.js +407 -534
package/dist/client/index.js.map +1 -1
package/dist/component/_generated/api.d.ts +42 -0
package/dist/component/_generated/api.d.ts.map +1 -1
package/dist/component/_generated/api.js.map +1 -1
package/dist/component/_generated/component.d.ts +2546 -90
package/dist/component/_generated/component.d.ts.map +1 -1
package/dist/component/client/core/types.d.ts +2 -0
package/dist/component/client/index.d.ts +2 -0
package/dist/component/convex.config.d.ts +2 -2
package/dist/component/convex.config.d.ts.map +1 -1
package/dist/component/functions.d.ts +11 -9
package/dist/component/functions.d.ts.map +1 -1
package/dist/component/functions.js.map +1 -1
package/dist/component/index.d.ts +7 -11
package/dist/component/index.js +2 -3
package/dist/component/model.d.ts +153 -0
package/dist/component/model.d.ts.map +1 -0
package/dist/component/model.js +349 -0
package/dist/component/model.js.map +1 -0
package/dist/component/providers/anonymous.d.ts +54 -0
package/dist/component/providers/anonymous.d.ts.map +1 -0
package/dist/component/providers/credentials.d.ts +5 -5
package/dist/component/providers/credentials.d.ts.map +1 -1
package/dist/component/providers/device.d.ts +67 -0
package/dist/component/providers/device.d.ts.map +1 -0
package/dist/component/providers/email.d.ts +62 -0
package/dist/component/providers/email.d.ts.map +1 -0
package/dist/component/providers/oauth.d.ts.map +1 -1
package/dist/component/providers/oauth.js.map +1 -1
package/dist/component/providers/passkey.d.ts +57 -0
package/dist/component/providers/passkey.d.ts.map +1 -0
package/dist/component/providers/password.d.ts +88 -0
package/dist/component/providers/password.d.ts.map +1 -0
package/dist/component/providers/phone.d.ts +48 -0
package/dist/component/providers/phone.d.ts.map +1 -0
package/dist/component/providers/sso.d.ts +50 -0
package/dist/component/providers/sso.d.ts.map +1 -0
package/dist/component/providers/totp.d.ts +45 -0
package/dist/component/providers/totp.d.ts.map +1 -0
package/dist/component/public/enterprise/audit.d.ts +73 -0
package/dist/component/public/enterprise/audit.d.ts.map +1 -0
package/dist/component/public/enterprise/audit.js +108 -0
package/dist/component/public/enterprise/audit.js.map +1 -0
package/dist/component/public/enterprise/core.d.ts +176 -0
package/dist/component/public/enterprise/core.d.ts.map +1 -0
package/dist/component/public/enterprise/core.js +292 -0
package/dist/component/public/enterprise/core.js.map +1 -0
package/dist/component/public/enterprise/domains.d.ts +174 -0
package/dist/component/public/enterprise/domains.d.ts.map +1 -0
package/dist/component/public/enterprise/domains.js +271 -0
package/dist/component/public/enterprise/domains.js.map +1 -0
package/dist/component/public/enterprise/scim.d.ts +245 -0
package/dist/component/public/enterprise/scim.d.ts.map +1 -0
package/dist/component/public/enterprise/scim.js +344 -0
package/dist/component/public/enterprise/scim.js.map +1 -0
package/dist/component/public/enterprise/secrets.d.ts +78 -0
package/dist/component/public/enterprise/secrets.d.ts.map +1 -0
package/dist/component/public/enterprise/secrets.js +118 -0
package/dist/component/public/enterprise/secrets.js.map +1 -0
package/dist/component/public/enterprise/webhooks.d.ts +211 -0
package/dist/component/public/enterprise/webhooks.d.ts.map +1 -0
package/dist/component/public/enterprise/webhooks.js +300 -0
package/dist/component/public/enterprise/webhooks.js.map +1 -0
package/dist/component/public/factors/devices.d.ts +157 -0
package/dist/component/public/factors/devices.d.ts.map +1 -0
package/dist/component/public/factors/devices.js +216 -0
package/dist/component/public/factors/devices.js.map +1 -0
package/dist/component/public/factors/passkeys.d.ts +175 -0
package/dist/component/public/factors/passkeys.d.ts.map +1 -0
package/dist/component/public/factors/passkeys.js +238 -0
package/dist/component/public/factors/passkeys.js.map +1 -0
package/dist/component/public/factors/totp.d.ts +189 -0
package/dist/component/public/factors/totp.d.ts.map +1 -0
package/dist/component/public/factors/totp.js +254 -0
package/dist/component/public/factors/totp.js.map +1 -0
package/dist/component/public/groups/core.d.ts +137 -0
package/dist/component/public/groups/core.d.ts.map +1 -0
package/dist/component/public/groups/core.js +321 -0
package/dist/component/public/groups/core.js.map +1 -0
package/dist/component/public/groups/invites.d.ts +217 -0
package/dist/component/public/groups/invites.d.ts.map +1 -0
package/dist/component/public/groups/invites.js +457 -0
package/dist/component/public/groups/invites.js.map +1 -0
package/dist/component/public/groups/members.d.ts +204 -0
package/dist/component/public/groups/members.d.ts.map +1 -0
package/dist/component/public/groups/members.js +355 -0
package/dist/component/public/groups/members.js.map +1 -0
package/dist/component/public/identity/accounts.d.ts +147 -0
package/dist/component/public/identity/accounts.d.ts.map +1 -0
package/dist/component/public/identity/accounts.js +200 -0
package/dist/component/public/identity/accounts.js.map +1 -0
package/dist/component/public/identity/codes.d.ts +104 -0
package/dist/component/public/identity/codes.d.ts.map +1 -0
package/dist/component/public/identity/codes.js +140 -0
package/dist/component/public/identity/codes.js.map +1 -0
package/dist/component/public/identity/sessions.d.ts +128 -0
package/dist/component/public/identity/sessions.d.ts.map +1 -0
package/dist/component/public/identity/sessions.js +192 -0
package/dist/component/public/identity/sessions.js.map +1 -0
package/dist/component/public/identity/tokens.d.ts +169 -0
package/dist/component/public/identity/tokens.d.ts.map +1 -0
package/dist/component/public/identity/tokens.js +227 -0
package/dist/component/public/identity/tokens.js.map +1 -0
package/dist/component/public/identity/users.d.ts +212 -0
package/dist/component/public/identity/users.d.ts.map +1 -0
package/dist/component/public/identity/users.js +311 -0
package/dist/component/public/identity/users.js.map +1 -0
package/dist/component/public/identity/verifiers.d.ts +116 -0
package/dist/component/public/identity/verifiers.d.ts.map +1 -0
package/dist/component/public/identity/verifiers.js +154 -0
package/dist/component/public/identity/verifiers.js.map +1 -0
package/dist/component/public/security/keys.d.ts +209 -0
package/dist/component/public/security/keys.d.ts.map +1 -0
package/dist/component/public/security/keys.js +319 -0
package/dist/component/public/security/keys.js.map +1 -0
package/dist/component/public/security/limits.d.ts +114 -0
package/dist/component/public/security/limits.d.ts.map +1 -0
package/dist/component/public/security/limits.js +169 -0
package/dist/component/public/security/limits.js.map +1 -0
package/dist/component/public.d.ts +24 -271
package/dist/component/public.d.ts.map +1 -1
package/dist/component/public.js +21 -1229
package/dist/component/schema.d.ts +472 -109
package/dist/component/schema.js +162 -73
package/dist/component/schema.js.map +1 -1
package/dist/component/server/auth.d.ts +318 -373
package/dist/component/server/auth.d.ts.map +1 -1
package/dist/component/server/auth.js +204 -123
package/dist/component/server/auth.js.map +1 -1
package/dist/component/server/authError.js +34 -0
package/dist/component/server/authError.js.map +1 -0
package/dist/{server/providers.js → component/server/config.js} +43 -12
package/dist/component/server/config.js.map +1 -0
package/dist/component/server/cookies.js +3 -0
package/dist/component/server/cookies.js.map +1 -1
package/dist/component/server/core.js +713 -0
package/dist/component/server/core.js.map +1 -0
package/dist/component/server/crypto.js +38 -0
package/dist/component/server/crypto.js.map +1 -0
package/dist/{server/implementation → component/server}/db.js +2 -1
package/dist/component/server/db.js.map +1 -0
package/dist/component/server/device.js +109 -0
package/dist/component/server/device.js.map +1 -0
package/dist/component/server/enterprise/config.js +46 -0
package/dist/component/server/enterprise/config.js.map +1 -0
package/dist/component/server/enterprise/domain.js +885 -0
package/dist/component/server/enterprise/domain.js.map +1 -0
package/dist/component/server/enterprise/http.js +766 -0
package/dist/component/server/enterprise/http.js.map +1 -0
package/dist/component/server/enterprise/oidc.js +248 -0
package/dist/component/server/enterprise/oidc.js.map +1 -0
package/dist/component/server/enterprise/policy.js +85 -0
package/dist/component/server/enterprise/policy.js.map +1 -0
package/dist/component/server/enterprise/saml.js +338 -0
package/dist/component/server/enterprise/saml.js.map +1 -0
package/dist/component/server/enterprise/scim.js +97 -0
package/dist/component/server/enterprise/scim.js.map +1 -0
package/dist/component/server/enterprise/shared.js +51 -0
package/dist/component/server/enterprise/shared.js.map +1 -0
package/dist/component/server/errors.d.ts +1 -0
package/dist/component/server/errors.js +24 -16
package/dist/component/server/errors.js.map +1 -1
package/dist/component/server/http.js +288 -0
package/dist/component/server/http.js.map +1 -0
package/dist/component/server/identity.js +13 -0
package/dist/component/server/identity.js.map +1 -0
package/dist/component/server/{implementation/keys.js → keys.js} +9 -31
package/dist/component/server/keys.js.map +1 -0
package/dist/component/server/limits.js +61 -0
package/dist/component/server/limits.js.map +1 -0
package/dist/component/server/mutations/account.js +44 -0
package/dist/component/server/mutations/account.js.map +1 -0
package/dist/component/server/{implementation/mutations → mutations}/code.js +7 -4
package/dist/component/server/mutations/code.js.map +1 -0
package/dist/component/server/mutations/invalidate.js +32 -0
package/dist/component/server/mutations/invalidate.js.map +1 -0
package/dist/component/server/mutations/oauth.js +110 -0
package/dist/component/server/mutations/oauth.js.map +1 -0
package/dist/component/server/mutations/refresh.js +119 -0
package/dist/component/server/mutations/refresh.js.map +1 -0
package/dist/component/server/mutations/register.js +83 -0
package/dist/component/server/mutations/register.js.map +1 -0
package/dist/component/server/mutations/retrieve.js +65 -0
package/dist/component/server/mutations/retrieve.js.map +1 -0
package/dist/component/server/mutations/signature.js +32 -0
package/dist/component/server/mutations/signature.js.map +1 -0
package/dist/component/server/{implementation/mutations → mutations}/signin.js +2 -2
package/dist/component/server/mutations/signin.js.map +1 -0
package/dist/component/server/mutations/signout.js +27 -0
package/dist/component/server/mutations/signout.js.map +1 -0
package/dist/component/server/mutations/store/refs.js +15 -0
package/dist/component/server/mutations/store/refs.js.map +1 -0
package/dist/component/server/mutations/store.js +85 -0
package/dist/component/server/mutations/store.js.map +1 -0
package/dist/component/server/mutations/verifier.js +18 -0
package/dist/component/server/mutations/verifier.js.map +1 -0
package/dist/component/server/mutations/verify.js +98 -0
package/dist/component/server/mutations/verify.js.map +1 -0
package/dist/component/server/oauth.js +106 -60
package/dist/component/server/oauth.js.map +1 -1
package/dist/component/server/passkey.js +328 -0
package/dist/component/server/passkey.js.map +1 -0
package/dist/component/server/{implementation/redirects.js → redirects.js} +13 -11
package/dist/component/server/redirects.js.map +1 -0
package/dist/component/server/refresh.js +96 -0
package/dist/component/server/refresh.js.map +1 -0
package/dist/component/server/runtime.d.ts +136 -0
package/dist/component/server/runtime.d.ts.map +1 -0
package/dist/component/server/runtime.js +413 -0
package/dist/component/server/runtime.js.map +1 -0
package/dist/{server/implementation → component/server}/sessions.js +14 -8
package/dist/component/server/sessions.js.map +1 -0
package/dist/component/server/signin.js +201 -0
package/dist/component/server/signin.js.map +1 -0
package/dist/component/server/tokens.js +17 -0
package/dist/component/server/tokens.js.map +1 -0
package/dist/component/server/totp.js +148 -0
package/dist/component/server/totp.js.map +1 -0
package/dist/component/server/types.d.ts +387 -298
package/dist/component/server/types.d.ts.map +1 -1
package/dist/component/server/{implementation/types.js → types.js} +1 -1
package/dist/component/server/types.js.map +1 -0
package/dist/{server/implementation → component/server}/users.js +54 -35
package/dist/component/server/users.js.map +1 -0
package/dist/component/server/utils.js +110 -4
package/dist/component/server/utils.js.map +1 -1
package/dist/core/types.d.ts +369 -0
package/dist/core/types.d.ts.map +1 -0
package/dist/factors/device.js +105 -0
package/dist/factors/device.js.map +1 -0
package/dist/factors/passkey.js +181 -0
package/dist/factors/passkey.js.map +1 -0
package/dist/factors/totp.js +122 -0
package/dist/factors/totp.js.map +1 -0
package/dist/providers/anonymous.d.ts +3 -9
package/dist/providers/anonymous.d.ts.map +1 -1
package/dist/providers/anonymous.js +1 -18
package/dist/providers/anonymous.js.map +1 -1
package/dist/providers/credentials.d.ts +8 -10
package/dist/providers/credentials.d.ts.map +1 -1
package/dist/providers/credentials.js +3 -5
package/dist/providers/credentials.js.map +1 -1
package/dist/providers/device.d.ts +18 -10
package/dist/providers/device.d.ts.map +1 -1
package/dist/providers/device.js +4 -8
package/dist/providers/device.js.map +1 -1
package/dist/providers/email.d.ts +50 -23
package/dist/providers/email.d.ts.map +1 -1
package/dist/providers/email.js +58 -34
package/dist/providers/email.js.map +1 -1
package/dist/providers/index.d.ts +7 -3
package/dist/providers/index.js +4 -1
package/dist/providers/oauth.d.ts.map +1 -1
package/dist/providers/oauth.js.map +1 -1
package/dist/providers/passkey.d.ts +12 -9
package/dist/providers/passkey.d.ts.map +1 -1
package/dist/providers/passkey.js +1 -7
package/dist/providers/passkey.js.map +1 -1
package/dist/providers/password.d.ts +6 -12
package/dist/providers/password.d.ts.map +1 -1
package/dist/providers/password.js +189 -89
package/dist/providers/password.js.map +1 -1
package/dist/providers/phone.d.ts +40 -11
package/dist/providers/phone.d.ts.map +1 -1
package/dist/providers/phone.js +52 -21
package/dist/providers/phone.js.map +1 -1
package/dist/providers/sso.d.ts +50 -0
package/dist/providers/sso.d.ts.map +1 -0
package/dist/providers/sso.js +34 -0
package/dist/providers/sso.js.map +1 -0
package/dist/providers/totp.d.ts +12 -9
package/dist/providers/totp.d.ts.map +1 -1
package/dist/providers/totp.js +1 -7
package/dist/providers/totp.js.map +1 -1
package/dist/runtime/browser.js +68 -0
package/dist/runtime/browser.js.map +1 -0
package/dist/runtime/invite.js +51 -0
package/dist/runtime/invite.js.map +1 -0
package/dist/runtime/proxy.js +70 -0
package/dist/runtime/proxy.js.map +1 -0
package/dist/runtime/storage.js +37 -0
package/dist/runtime/storage.js.map +1 -0
package/dist/server/auth.d.ts +335 -370
package/dist/server/auth.d.ts.map +1 -1
package/dist/server/auth.js +204 -123
package/dist/server/auth.js.map +1 -1
package/dist/server/authError.d.ts +46 -0
package/dist/server/authError.d.ts.map +1 -0
package/dist/server/authError.js +34 -0
package/dist/server/authError.js.map +1 -0
package/dist/server/config.d.ts +1 -0
package/dist/{component/server/providers.js → server/config.js} +43 -12
package/dist/server/config.js.map +1 -0
package/dist/server/cookies.d.ts +1 -38
package/dist/server/cookies.js +3 -0
package/dist/server/cookies.js.map +1 -1
package/dist/server/core.d.ts +1436 -0
package/dist/server/core.d.ts.map +1 -0
package/dist/server/core.js +713 -0
package/dist/server/core.js.map +1 -0
package/dist/server/crypto.d.ts +8 -0
package/dist/server/crypto.d.ts.map +1 -0
package/dist/server/crypto.js +38 -0
package/dist/server/crypto.js.map +1 -0
package/dist/server/db.d.ts +1 -0
package/dist/{component/server/implementation → server}/db.js +2 -1
package/dist/server/db.js.map +1 -0
package/dist/server/device.d.ts +1 -0
package/dist/server/device.js +109 -0
package/dist/server/device.js.map +1 -0
package/dist/server/enterprise/config.d.ts +1 -0
package/dist/server/enterprise/config.js +46 -0
package/dist/server/enterprise/config.js.map +1 -0
package/dist/server/enterprise/domain.d.ts +409 -0
package/dist/server/enterprise/domain.d.ts.map +1 -0
package/dist/server/enterprise/domain.js +885 -0
package/dist/server/enterprise/domain.js.map +1 -0
package/dist/server/enterprise/http.d.ts +26 -0
package/dist/server/enterprise/http.d.ts.map +1 -0
package/dist/server/enterprise/http.js +766 -0
package/dist/server/enterprise/http.js.map +1 -0
package/dist/server/enterprise/oidc.d.ts +1 -0
package/dist/server/enterprise/oidc.js +248 -0
package/dist/server/enterprise/oidc.js.map +1 -0
package/dist/server/enterprise/policy.d.ts +1 -0
package/dist/server/enterprise/policy.js +85 -0
package/dist/server/enterprise/policy.js.map +1 -0
package/dist/server/enterprise/saml.d.ts +1 -0
package/dist/server/enterprise/saml.js +338 -0
package/dist/server/enterprise/saml.js.map +1 -0
package/dist/server/enterprise/scim.d.ts +1 -0
package/dist/server/enterprise/scim.js +97 -0
package/dist/server/enterprise/scim.js.map +1 -0
package/dist/server/enterprise/shared.d.ts +5 -0
package/dist/server/enterprise/shared.d.ts.map +1 -0
package/dist/server/enterprise/shared.js +51 -0
package/dist/server/enterprise/shared.js.map +1 -0
package/dist/server/enterprise/validators.d.ts +1 -0
package/dist/server/enterprise/validators.js +60 -0
package/dist/server/enterprise/validators.js.map +1 -0
package/dist/server/errors.d.ts +33 -1
package/dist/server/errors.d.ts.map +1 -1
package/dist/server/errors.js +44 -1
package/dist/server/errors.js.map +1 -1
package/dist/server/http.d.ts +59 -0
package/dist/server/http.d.ts.map +1 -0
package/dist/server/http.js +288 -0
package/dist/server/http.js.map +1 -0
package/dist/server/identity.d.ts +1 -0
package/dist/server/identity.js +13 -0
package/dist/server/identity.js.map +1 -0
package/dist/server/index.d.ts +4 -182
package/dist/server/index.js +4 -376
package/dist/server/keys.d.ts +1 -0
package/dist/server/{implementation/keys.js → keys.js} +9 -31
package/dist/server/keys.js.map +1 -0
package/dist/server/limits.d.ts +1 -0
package/dist/server/limits.js +61 -0
package/dist/server/limits.js.map +1 -0
package/dist/server/mounts.d.ts +647 -0
package/dist/server/mounts.d.ts.map +1 -0
package/dist/server/mounts.js +643 -0
package/dist/server/mounts.js.map +1 -0
package/dist/server/mutations/account.d.ts +30 -0
package/dist/server/mutations/account.d.ts.map +1 -0
package/dist/server/mutations/account.js +44 -0
package/dist/server/mutations/account.js.map +1 -0
package/dist/server/mutations/code.d.ts +30 -0
package/dist/server/mutations/code.d.ts.map +1 -0
package/dist/server/{implementation/mutations → mutations}/code.js +7 -4
package/dist/server/mutations/code.js.map +1 -0
package/dist/server/mutations/index.d.ts +14 -0
package/dist/server/mutations/index.js +15 -0
package/dist/server/mutations/invalidate.d.ts +20 -0
package/dist/server/mutations/invalidate.d.ts.map +1 -0
package/dist/server/mutations/invalidate.js +32 -0
package/dist/server/mutations/invalidate.js.map +1 -0
package/dist/server/mutations/oauth.d.ts +28 -0
package/dist/server/mutations/oauth.d.ts.map +1 -0
package/dist/server/mutations/oauth.js +110 -0
package/dist/server/mutations/oauth.js.map +1 -0
package/dist/server/mutations/refresh.d.ts +21 -0
package/dist/server/mutations/refresh.d.ts.map +1 -0
package/dist/server/mutations/refresh.js +119 -0
package/dist/server/mutations/refresh.js.map +1 -0
package/dist/server/mutations/register.d.ts +38 -0
package/dist/server/mutations/register.d.ts.map +1 -0
package/dist/server/mutations/register.js +83 -0
package/dist/server/mutations/register.js.map +1 -0
package/dist/server/mutations/retrieve.d.ts +33 -0
package/dist/server/mutations/retrieve.d.ts.map +1 -0
package/dist/server/mutations/retrieve.js +65 -0
package/dist/server/mutations/retrieve.js.map +1 -0
package/dist/server/mutations/signature.d.ts +22 -0
package/dist/server/mutations/signature.d.ts.map +1 -0
package/dist/server/mutations/signature.js +32 -0
package/dist/server/mutations/signature.js.map +1 -0
package/dist/server/mutations/signin.d.ts +22 -0
package/dist/server/mutations/signin.d.ts.map +1 -0
package/dist/server/{implementation/mutations → mutations}/signin.js +2 -2
package/dist/server/mutations/signin.js.map +1 -0
package/dist/server/mutations/signout.d.ts +16 -0
package/dist/server/mutations/signout.d.ts.map +1 -0
package/dist/server/mutations/signout.js +27 -0
package/dist/server/mutations/signout.js.map +1 -0
package/dist/server/mutations/store/refs.d.ts +12 -0
package/dist/server/mutations/store/refs.d.ts.map +1 -0
package/dist/server/mutations/store/refs.js +15 -0
package/dist/server/mutations/store/refs.js.map +1 -0
package/dist/server/mutations/store.d.ts +306 -0
package/dist/server/mutations/store.d.ts.map +1 -0
package/dist/server/mutations/store.js +85 -0
package/dist/server/mutations/store.js.map +1 -0
package/dist/server/mutations/verifier.d.ts +13 -0
package/dist/server/mutations/verifier.d.ts.map +1 -0
package/dist/server/mutations/verifier.js +18 -0
package/dist/server/mutations/verifier.js.map +1 -0
package/dist/server/mutations/verify.d.ts +26 -0
package/dist/server/mutations/verify.d.ts.map +1 -0
package/dist/server/mutations/verify.js +98 -0
package/dist/server/mutations/verify.js.map +1 -0
package/dist/server/oauth.d.ts +1 -48
package/dist/server/oauth.js +107 -64
package/dist/server/oauth.js.map +1 -1
package/dist/server/passkey.d.ts +27 -0
package/dist/server/passkey.d.ts.map +1 -0
package/dist/server/passkey.js +328 -0
package/dist/server/passkey.js.map +1 -0
package/dist/server/redirects.d.ts +1 -0
package/dist/server/{implementation/redirects.js → redirects.js} +13 -11
package/dist/server/redirects.js.map +1 -0
package/dist/server/refresh.d.ts +1 -0
package/dist/server/refresh.js +96 -0
package/dist/server/refresh.js.map +1 -0
package/dist/server/runtime.d.ts +136 -0
package/dist/server/runtime.d.ts.map +1 -0
package/dist/server/runtime.js +413 -0
package/dist/server/runtime.js.map +1 -0
package/dist/server/sessions.d.ts +1 -0
package/dist/{component/server/implementation → server}/sessions.js +14 -8
package/dist/server/sessions.js.map +1 -0
package/dist/server/signin.d.ts +1 -0
package/dist/server/signin.js +201 -0
package/dist/server/signin.js.map +1 -0
package/dist/server/ssr.d.ts +226 -0
package/dist/server/ssr.d.ts.map +1 -0
package/dist/server/ssr.js +786 -0
package/dist/server/ssr.js.map +1 -0
package/dist/server/templates.d.ts +1 -21
package/dist/server/templates.js +2 -1
package/dist/server/templates.js.map +1 -1
package/dist/server/tokens.d.ts +1 -0
package/dist/server/tokens.js +17 -0
package/dist/server/tokens.js.map +1 -0
package/dist/server/totp.d.ts +1 -0
package/dist/server/totp.js +148 -0
package/dist/server/totp.js.map +1 -0
package/dist/server/types.d.ts +498 -306
package/dist/server/types.d.ts.map +1 -1
package/dist/server/types.js +108 -1
package/dist/server/types.js.map +1 -0
package/dist/server/users.d.ts +1 -0
package/dist/{component/server/implementation → server}/users.js +54 -35
package/dist/server/users.js.map +1 -0
package/dist/server/utils.d.ts +1 -6
package/dist/server/utils.js +110 -4
package/dist/server/utils.js.map +1 -1
package/package.json +49 -46
package/src/authorization/index.ts +83 -0
package/src/cli/bin.ts +5 -0
package/src/cli/command.ts +6 -5
package/src/cli/index.ts +456 -248
package/src/cli/keys.ts +3 -0
package/src/client/core/types.ts +437 -0
package/src/client/factors/device.ts +160 -0
package/src/client/factors/passkey.ts +282 -0
package/src/client/factors/totp.ts +150 -0
package/src/client/index.ts +745 -989
package/src/client/runtime/browser.ts +112 -0
package/src/client/runtime/invite.ts +65 -0
package/src/client/runtime/proxy.ts +111 -0
package/src/client/runtime/storage.ts +79 -0
package/src/component/_generated/api.ts +42 -0
package/src/component/_generated/component.ts +3123 -102
package/src/component/functions.ts +38 -22
package/src/component/index.ts +10 -20
package/src/component/model.ts +449 -0
package/src/component/public/enterprise/audit.ts +120 -0
package/src/component/public/enterprise/core.ts +354 -0
package/src/component/public/enterprise/domains.ts +323 -0
package/src/component/public/enterprise/scim.ts +396 -0
package/src/component/public/enterprise/secrets.ts +132 -0
package/src/component/public/enterprise/webhooks.ts +306 -0
package/src/component/public/factors/devices.ts +223 -0
package/src/component/public/factors/passkeys.ts +242 -0
package/src/component/public/factors/totp.ts +258 -0
package/src/component/public/groups/core.ts +481 -0
package/src/component/public/groups/invites.ts +602 -0
package/src/component/public/groups/members.ts +409 -0
package/src/component/public/identity/accounts.ts +206 -0
package/src/component/public/identity/codes.ts +148 -0
package/src/component/public/identity/sessions.ts +209 -0
package/src/component/public/identity/tokens.ts +250 -0
package/src/component/public/identity/users.ts +354 -0
package/src/component/public/identity/verifiers.ts +157 -0
package/src/component/public/security/keys.ts +365 -0
package/src/component/public/security/limits.ts +173 -0
package/src/component/public.ts +26 -1766
package/src/component/schema.ts +273 -100
package/src/providers/anonymous.ts +10 -20
package/src/providers/credentials.ts +14 -22
package/src/providers/device.ts +3 -14
package/src/providers/email.ts +83 -47
package/src/providers/index.ts +7 -0
package/src/providers/oauth.ts +5 -3
package/src/providers/passkey.ts +0 -13
package/src/providers/password.ts +307 -130
package/src/providers/phone.ts +81 -37
package/src/providers/sso.ts +54 -0
package/src/providers/totp.ts +0 -13
package/src/samlify.d.ts +53 -0
package/src/server/auth.ts +701 -247
package/src/server/authError.ts +44 -0
package/src/server/{providers.ts → config.ts} +84 -15
package/src/server/cookies.ts +8 -1
package/src/server/core.ts +2095 -0
package/src/server/crypto.ts +88 -0
package/src/server/{implementation/db.ts → db.ts} +90 -15
package/src/server/device.ts +221 -0
package/src/server/enterprise/config.ts +51 -0
package/src/server/enterprise/domain.ts +1751 -0
package/src/server/enterprise/http.ts +1324 -0
package/src/server/enterprise/oidc.ts +500 -0
package/src/server/enterprise/policy.ts +128 -0
package/src/server/enterprise/saml.ts +578 -0
package/src/server/enterprise/scim.ts +135 -0
package/src/server/enterprise/shared.ts +134 -0
package/src/server/enterprise/validators.ts +93 -0
package/src/server/errors.ts +130 -119
package/src/server/http.ts +531 -0
package/src/server/identity.ts +18 -0
package/src/server/index.ts +32 -650
package/src/server/{implementation/keys.ts → keys.ts} +16 -44
package/src/server/limits.ts +134 -0
package/src/server/mounts.ts +948 -0
package/src/server/mutations/account.ts +76 -0
package/src/server/{implementation/mutations → mutations}/code.ts +22 -11
package/src/server/mutations/index.ts +13 -0
package/src/server/mutations/invalidate.ts +50 -0
package/src/server/mutations/oauth.ts +237 -0
package/src/server/mutations/refresh.ts +298 -0
package/src/server/mutations/register.ts +200 -0
package/src/server/mutations/retrieve.ts +109 -0
package/src/server/mutations/signature.ts +50 -0
package/src/server/{implementation/mutations → mutations}/signin.ts +9 -7
package/src/server/mutations/signout.ts +43 -0
package/src/server/mutations/store/refs.ts +10 -0
package/src/server/mutations/store.ts +138 -0
package/src/server/mutations/verifier.ts +34 -0
package/src/server/mutations/verify.ts +202 -0
package/src/server/oauth.ts +243 -131
package/src/server/passkey.ts +784 -0
package/src/server/{implementation/redirects.ts → redirects.ts} +21 -16
package/src/server/refresh.ts +222 -0
package/src/server/runtime.ts +880 -0
package/src/server/{implementation/sessions.ts → sessions.ts} +33 -25
package/src/server/signin.ts +438 -0
package/src/server/ssr.ts +1764 -0
package/src/server/templates.ts +8 -3
package/src/server/{implementation/tokens.ts → tokens.ts} +11 -5
package/src/server/totp.ts +349 -0
package/src/server/types.ts +972 -207
package/src/server/{implementation/users.ts → users.ts} +129 -75
package/src/server/utils.ts +192 -5
package/src/test.ts +28 -4
package/dist/component/providers/email.js +0 -47
package/dist/component/providers/email.js.map +0 -1
package/dist/component/public.js.map +0 -1
package/dist/component/server/implementation/db.js.map +0 -1
package/dist/component/server/implementation/device.js +0 -135
package/dist/component/server/implementation/device.js.map +0 -1
package/dist/component/server/implementation/index.d.ts +0 -870
package/dist/component/server/implementation/index.d.ts.map +0 -1
package/dist/component/server/implementation/index.js +0 -610
package/dist/component/server/implementation/index.js.map +0 -1
package/dist/component/server/implementation/keys.js.map +0 -1
package/dist/component/server/implementation/mutations/account.js +0 -39
package/dist/component/server/implementation/mutations/account.js.map +0 -1
package/dist/component/server/implementation/mutations/code.js.map +0 -1
package/dist/component/server/implementation/mutations/index.js +0 -70
package/dist/component/server/implementation/mutations/index.js.map +0 -1
package/dist/component/server/implementation/mutations/invalidate.js +0 -29
package/dist/component/server/implementation/mutations/invalidate.js.map +0 -1
package/dist/component/server/implementation/mutations/oauth.js +0 -51
package/dist/component/server/implementation/mutations/oauth.js.map +0 -1
package/dist/component/server/implementation/mutations/refresh.js +0 -85
package/dist/component/server/implementation/mutations/refresh.js.map +0 -1
package/dist/component/server/implementation/mutations/register.js +0 -65
package/dist/component/server/implementation/mutations/register.js.map +0 -1
package/dist/component/server/implementation/mutations/retrieve.js +0 -50
package/dist/component/server/implementation/mutations/retrieve.js.map +0 -1
package/dist/component/server/implementation/mutations/signature.js +0 -27
package/dist/component/server/implementation/mutations/signature.js.map +0 -1
package/dist/component/server/implementation/mutations/signin.js.map +0 -1
package/dist/component/server/implementation/mutations/signout.js +0 -27
package/dist/component/server/implementation/mutations/signout.js.map +0 -1
package/dist/component/server/implementation/mutations/store.js +0 -12
package/dist/component/server/implementation/mutations/store.js.map +0 -1
package/dist/component/server/implementation/mutations/verifier.js +0 -16
package/dist/component/server/implementation/mutations/verifier.js.map +0 -1
package/dist/component/server/implementation/mutations/verify.js +0 -105
package/dist/component/server/implementation/mutations/verify.js.map +0 -1
package/dist/component/server/implementation/passkey.js +0 -307
package/dist/component/server/implementation/passkey.js.map +0 -1
package/dist/component/server/implementation/provider.js +0 -19
package/dist/component/server/implementation/provider.js.map +0 -1
package/dist/component/server/implementation/ratelimit.js +0 -48
package/dist/component/server/implementation/ratelimit.js.map +0 -1
package/dist/component/server/implementation/redirects.js.map +0 -1
package/dist/component/server/implementation/refresh.js +0 -109
package/dist/component/server/implementation/refresh.js.map +0 -1
package/dist/component/server/implementation/sessions.js.map +0 -1
package/dist/component/server/implementation/signin.js +0 -148
package/dist/component/server/implementation/signin.js.map +0 -1
package/dist/component/server/implementation/tokens.js +0 -15
package/dist/component/server/implementation/tokens.js.map +0 -1
package/dist/component/server/implementation/totp.js +0 -142
package/dist/component/server/implementation/totp.js.map +0 -1
package/dist/component/server/implementation/types.d.ts +0 -42
package/dist/component/server/implementation/types.d.ts.map +0 -1
package/dist/component/server/implementation/types.js.map +0 -1
package/dist/component/server/implementation/users.js.map +0 -1
package/dist/component/server/implementation/utils.js +0 -56
package/dist/component/server/implementation/utils.js.map +0 -1
package/dist/component/server/providers.js.map +0 -1
package/dist/component/server/templates.js +0 -84
package/dist/component/server/templates.js.map +0 -1
package/dist/server/cookies.d.ts.map +0 -1
package/dist/server/implementation/db.d.ts +0 -86
package/dist/server/implementation/db.d.ts.map +0 -1
package/dist/server/implementation/db.js.map +0 -1
package/dist/server/implementation/device.d.ts +0 -30
package/dist/server/implementation/device.d.ts.map +0 -1
package/dist/server/implementation/device.js +0 -135
package/dist/server/implementation/device.js.map +0 -1
package/dist/server/implementation/index.d.ts +0 -870
package/dist/server/implementation/index.d.ts.map +0 -1
package/dist/server/implementation/index.js +0 -610
package/dist/server/implementation/index.js.map +0 -1
package/dist/server/implementation/keys.d.ts +0 -66
package/dist/server/implementation/keys.d.ts.map +0 -1
package/dist/server/implementation/keys.js.map +0 -1
package/dist/server/implementation/mutations/account.d.ts +0 -27
package/dist/server/implementation/mutations/account.d.ts.map +0 -1
package/dist/server/implementation/mutations/account.js +0 -39
package/dist/server/implementation/mutations/account.js.map +0 -1
package/dist/server/implementation/mutations/code.d.ts +0 -29
package/dist/server/implementation/mutations/code.d.ts.map +0 -1
package/dist/server/implementation/mutations/code.js.map +0 -1
package/dist/server/implementation/mutations/index.d.ts +0 -310
package/dist/server/implementation/mutations/index.d.ts.map +0 -1
package/dist/server/implementation/mutations/index.js +0 -70
package/dist/server/implementation/mutations/index.js.map +0 -1
package/dist/server/implementation/mutations/invalidate.d.ts +0 -18
package/dist/server/implementation/mutations/invalidate.d.ts.map +0 -1
package/dist/server/implementation/mutations/invalidate.js +0 -29
package/dist/server/implementation/mutations/invalidate.js.map +0 -1
package/dist/server/implementation/mutations/oauth.d.ts +0 -23
package/dist/server/implementation/mutations/oauth.d.ts.map +0 -1
package/dist/server/implementation/mutations/oauth.js +0 -51
package/dist/server/implementation/mutations/oauth.js.map +0 -1
package/dist/server/implementation/mutations/refresh.d.ts +0 -20
package/dist/server/implementation/mutations/refresh.d.ts.map +0 -1
package/dist/server/implementation/mutations/refresh.js +0 -85
package/dist/server/implementation/mutations/refresh.js.map +0 -1
package/dist/server/implementation/mutations/register.d.ts +0 -37
package/dist/server/implementation/mutations/register.d.ts.map +0 -1
package/dist/server/implementation/mutations/register.js +0 -65
package/dist/server/implementation/mutations/register.js.map +0 -1
package/dist/server/implementation/mutations/retrieve.d.ts +0 -31
package/dist/server/implementation/mutations/retrieve.d.ts.map +0 -1
package/dist/server/implementation/mutations/retrieve.js +0 -50
package/dist/server/implementation/mutations/retrieve.js.map +0 -1
package/dist/server/implementation/mutations/signature.d.ts +0 -19
package/dist/server/implementation/mutations/signature.d.ts.map +0 -1
package/dist/server/implementation/mutations/signature.js +0 -27
package/dist/server/implementation/mutations/signature.js.map +0 -1
package/dist/server/implementation/mutations/signin.d.ts +0 -21
package/dist/server/implementation/mutations/signin.d.ts.map +0 -1
package/dist/server/implementation/mutations/signin.js.map +0 -1
package/dist/server/implementation/mutations/signout.d.ts +0 -14
package/dist/server/implementation/mutations/signout.d.ts.map +0 -1
package/dist/server/implementation/mutations/signout.js +0 -27
package/dist/server/implementation/mutations/signout.js.map +0 -1
package/dist/server/implementation/mutations/store.d.ts +0 -11
package/dist/server/implementation/mutations/store.d.ts.map +0 -1
package/dist/server/implementation/mutations/store.js +0 -12
package/dist/server/implementation/mutations/store.js.map +0 -1
package/dist/server/implementation/mutations/verifier.d.ts +0 -11
package/dist/server/implementation/mutations/verifier.d.ts.map +0 -1
package/dist/server/implementation/mutations/verifier.js +0 -16
package/dist/server/implementation/mutations/verifier.js.map +0 -1
package/dist/server/implementation/mutations/verify.d.ts +0 -25
package/dist/server/implementation/mutations/verify.d.ts.map +0 -1
package/dist/server/implementation/mutations/verify.js +0 -105
package/dist/server/implementation/mutations/verify.js.map +0 -1
package/dist/server/implementation/passkey.d.ts +0 -24
package/dist/server/implementation/passkey.d.ts.map +0 -1
package/dist/server/implementation/passkey.js +0 -307
package/dist/server/implementation/passkey.js.map +0 -1
package/dist/server/implementation/provider.d.ts +0 -10
package/dist/server/implementation/provider.d.ts.map +0 -1
package/dist/server/implementation/provider.js +0 -19
package/dist/server/implementation/provider.js.map +0 -1
package/dist/server/implementation/ratelimit.d.ts +0 -10
package/dist/server/implementation/ratelimit.d.ts.map +0 -1
package/dist/server/implementation/ratelimit.js +0 -48
package/dist/server/implementation/ratelimit.js.map +0 -1
package/dist/server/implementation/redirects.d.ts +0 -10
package/dist/server/implementation/redirects.d.ts.map +0 -1
package/dist/server/implementation/redirects.js.map +0 -1
package/dist/server/implementation/refresh.d.ts +0 -37
package/dist/server/implementation/refresh.d.ts.map +0 -1
package/dist/server/implementation/refresh.js +0 -109
package/dist/server/implementation/refresh.js.map +0 -1
package/dist/server/implementation/sessions.d.ts +0 -29
package/dist/server/implementation/sessions.d.ts.map +0 -1
package/dist/server/implementation/sessions.js.map +0 -1
package/dist/server/implementation/signin.d.ts +0 -55
package/dist/server/implementation/signin.d.ts.map +0 -1
package/dist/server/implementation/signin.js +0 -148
package/dist/server/implementation/signin.js.map +0 -1
package/dist/server/implementation/tokens.d.ts +0 -11
package/dist/server/implementation/tokens.d.ts.map +0 -1
package/dist/server/implementation/tokens.js +0 -15
package/dist/server/implementation/tokens.js.map +0 -1
package/dist/server/implementation/totp.d.ts +0 -31
package/dist/server/implementation/totp.d.ts.map +0 -1
package/dist/server/implementation/totp.js +0 -142
package/dist/server/implementation/totp.js.map +0 -1
package/dist/server/implementation/types.d.ts +0 -189
package/dist/server/implementation/types.d.ts.map +0 -1
package/dist/server/implementation/types.js +0 -97
package/dist/server/implementation/types.js.map +0 -1
package/dist/server/implementation/users.d.ts +0 -30
package/dist/server/implementation/users.d.ts.map +0 -1
package/dist/server/implementation/users.js.map +0 -1
package/dist/server/implementation/utils.d.ts +0 -19
package/dist/server/implementation/utils.d.ts.map +0 -1
package/dist/server/implementation/utils.js +0 -56
package/dist/server/implementation/utils.js.map +0 -1
package/dist/server/index.d.ts.map +0 -1
package/dist/server/index.js.map +0 -1
package/dist/server/oauth.d.ts.map +0 -1
package/dist/server/providers.d.ts +0 -72
package/dist/server/providers.d.ts.map +0 -1
package/dist/server/providers.js.map +0 -1
package/dist/server/templates.d.ts.map +0 -1
package/dist/server/utils.d.ts.map +0 -1
package/dist/server/version.d.ts +0 -5
package/dist/server/version.d.ts.map +0 -1
package/dist/server/version.js +0 -6
package/dist/server/version.js.map +0 -1
package/src/cli/utils.ts +0 -248
package/src/server/implementation/device.ts +0 -307
package/src/server/implementation/index.ts +0 -1583
package/src/server/implementation/mutations/account.ts +0 -50
package/src/server/implementation/mutations/index.ts +0 -157
package/src/server/implementation/mutations/invalidate.ts +0 -42
package/src/server/implementation/mutations/oauth.ts +0 -73
package/src/server/implementation/mutations/refresh.ts +0 -175
package/src/server/implementation/mutations/register.ts +0 -100
package/src/server/implementation/mutations/retrieve.ts +0 -79
package/src/server/implementation/mutations/signature.ts +0 -39
package/src/server/implementation/mutations/signout.ts +0 -35
package/src/server/implementation/mutations/store.ts +0 -7
package/src/server/implementation/mutations/verifier.ts +0 -24
package/src/server/implementation/mutations/verify.ts +0 -194
package/src/server/implementation/passkey.ts +0 -620
package/src/server/implementation/provider.ts +0 -36
package/src/server/implementation/ratelimit.ts +0 -79
package/src/server/implementation/refresh.ts +0 -172
package/src/server/implementation/signin.ts +0 -296
package/src/server/implementation/totp.ts +0 -342
package/src/server/implementation/types.ts +0 -444
package/src/server/implementation/utils.ts +0 -91
package/src/server/version.ts +0 -2

package/src/server/{implementation/users.ts → users.ts} RENAMED Viewed

@@ -1,9 +1,11 @@
+import { Fx } from "@robelest/fx";
 import { GenericId } from "convex/values";
+import { authDb } from "./db";
+import { AuthError } from "./authError";
 import { Doc, MutationCtx } from "./types";
-import { AuthProviderMaterializedConfig, ConvexAuthConfig } from "../types";
+import { AuthProviderMaterializedConfig, ConvexAuthConfig } from "./types";
 import { LOG_LEVELS, logWithLevel } from "./utils";
-import { authDb } from "./db";
-import { throwAuthError } from "../errors";
 type CreateOrUpdateUserArgs = {
   type: "oauth" | "credentials" | "email" | "phone" | "verification";
@@ -14,24 +16,43 @@ type CreateOrUpdateUserArgs = {
     emailVerified?: boolean;
     phoneVerified?: boolean;
   };
+  accountExtend?: Record<string, unknown>;
   shouldLinkViaEmail?: boolean;
   shouldLinkViaPhone?: boolean;
 };
+function mergeExtend(
+  existing: unknown,
+  incoming: Record<string, unknown> | undefined,
+) {
+  if (!incoming) {
+    return undefined;
+  }
+  const existingRecord =
+    typeof existing === "object" &&
+    existing !== null &&
+    !Array.isArray(existing)
+      ? (existing as Record<string, unknown>)
+      : undefined;
+  return existingRecord ? { ...existingRecord, ...incoming } : incoming;
+}
+/** @internal */
 export async function upsertUserAndAccount(
   ctx: MutationCtx,
-  sessionId: GenericId<"session"> | null,
+  sessionId: GenericId<"Session"> | null,
   account:
-    | { existingAccount: Doc<"account"> }
+    | { existingAccount: Doc<"Account"> }
     | {
         providerAccountId: string;
         secret?: string;
       },
   args: CreateOrUpdateUserArgs,
   config: ConvexAuthConfig,
+  opts?: { existingUserId?: GenericId<"User"> },
 ): Promise<{
-  userId: GenericId<"user">;
-  accountId: GenericId<"account">;
+  userId: GenericId<"User">;
+  accountId: GenericId<"Account">;
 }> {
   const userId = await defaultCreateOrUpdateUser(
     ctx,
@@ -39,17 +60,25 @@ export async function upsertUserAndAccount(
     "existingAccount" in account ? account.existingAccount : null,
     args,
     config,
+    opts?.existingUserId ?? null,
+  );
+  const accountId = await createOrUpdateAccount(
+    ctx,
+    userId,
+    account,
+    args,
+    config,
   );
-  const accountId = await createOrUpdateAccount(ctx, userId, account, args, config);
   return { userId, accountId };
 }
 async function defaultCreateOrUpdateUser(
   ctx: MutationCtx,
-  existingSessionId: GenericId<"session"> | null,
-  existingAccount: Doc<"account"> | null,
+  existingSessionId: GenericId<"Session"> | null,
+  existingAccount: Doc<"Account"> | null,
   args: CreateOrUpdateUserArgs,
   config: ConvexAuthConfig,
+  existingUserIdOverride: GenericId<"User"> | null,
 ) {
   logWithLevel(LOG_LEVELS.DEBUG, "defaultCreateOrUpdateUser args:", {
     existingAccountId: existingAccount?._id,
@@ -69,6 +98,7 @@ async function defaultCreateOrUpdateUser(
   const {
     provider,
     profile: {
+      id: _profileId,
       emailVerified: profileEmailVerified,
       phoneVerified: profilePhoneVerified,
       ...profile
@@ -76,57 +106,76 @@ async function defaultCreateOrUpdateUser(
   } = args;
   const emailVerified =
     profileEmailVerified ??
-    (provider.type === "oauth" &&
-      provider.allowDangerousEmailAccountLinking !== false);
+    (provider.type === "oauth" && provider.accountLinking !== "none");
   const phoneVerified = profilePhoneVerified ?? false;
   const shouldLinkViaEmail =
     args.shouldLinkViaEmail || emailVerified || provider.type === "email";
   const shouldLinkViaPhone =
     args.shouldLinkViaPhone || phoneVerified || provider.type === "phone";
-  let userId = existingUserId;
+  let userId = existingUserId ?? existingUserIdOverride;
   if (existingUserId === null) {
     const existingUserWithVerifiedEmailId =
       typeof profile.email === "string" && shouldLinkViaEmail
-        ? (await uniqueUserWithVerifiedEmail(ctx, profile.email, config))?._id ??
-          null
+        ? ((await uniqueUserWithVerifiedEmail(ctx, profile.email, config))
+            ?._id ?? null)
         : null;
     const existingUserWithVerifiedPhoneId =
       typeof profile.phone === "string" && shouldLinkViaPhone
-        ? (await uniqueUserWithVerifiedPhone(ctx, profile.phone, config))?._id ??
-          null
+        ? ((await uniqueUserWithVerifiedPhone(ctx, profile.phone, config))
+            ?._id ?? null)
         : null;
-    // If there is both email and phone verified user
-    // already we can't link.
-    if (
-      existingUserWithVerifiedEmailId !== null &&
-      existingUserWithVerifiedPhoneId !== null
-    ) {
-      logWithLevel(
-        LOG_LEVELS.DEBUG,
-        `Found existing email and phone verified users, so not linking: email: ${existingUserWithVerifiedEmailId}, phone: ${existingUserWithVerifiedPhoneId}`,
-      );
-      userId = null;
-    } else if (existingUserWithVerifiedEmailId !== null) {
-      logWithLevel(
-        LOG_LEVELS.DEBUG,
-        `Found existing email verified user, linking: ${existingUserWithVerifiedEmailId}`,
-      );
-      userId = existingUserWithVerifiedEmailId;
-    } else if (existingUserWithVerifiedPhoneId !== null) {
-      logWithLevel(
-        LOG_LEVELS.DEBUG,
-        `Found existing phone verified user, linking: ${existingUserWithVerifiedPhoneId}`,
-      );
-      userId = existingUserWithVerifiedPhoneId;
-    } else {
-      logWithLevel(
-        LOG_LEVELS.DEBUG,
-        "No existing verified users found, creating new user",
-      );
-      userId = null;
-    }
+    const linkDispatch = {
+      tag:
+        existingUserWithVerifiedEmailId !== null &&
+        existingUserWithVerifiedPhoneId !== null
+          ? "both"
+          : existingUserWithVerifiedEmailId !== null
+            ? "email"
+            : existingUserWithVerifiedPhoneId !== null
+              ? "phone"
+              : "none",
+      existingUserWithVerifiedEmailId,
+      existingUserWithVerifiedPhoneId,
+    } as const;
+    const linkHandlers = {
+      both: () =>
+        Fx.sync(() => {
+          logWithLevel(
+            LOG_LEVELS.DEBUG,
+            `Found existing email and phone verified users, so not linking: email: ${linkDispatch.existingUserWithVerifiedEmailId}, phone: ${linkDispatch.existingUserWithVerifiedPhoneId}`,
+          );
+          return null;
+        }),
+      email: () =>
+        Fx.sync(() => {
+          logWithLevel(
+            LOG_LEVELS.DEBUG,
+            `Found existing email verified user, linking: ${linkDispatch.existingUserWithVerifiedEmailId}`,
+          );
+          return linkDispatch.existingUserWithVerifiedEmailId;
+        }),
+      phone: () =>
+        Fx.sync(() => {
+          logWithLevel(
+            LOG_LEVELS.DEBUG,
+            `Found existing phone verified user, linking: ${linkDispatch.existingUserWithVerifiedPhoneId}`,
+          );
+          return linkDispatch.existingUserWithVerifiedPhoneId;
+        }),
+      none: () =>
+        Fx.sync(() => {
+          logWithLevel(
+            LOG_LEVELS.DEBUG,
+            "No existing verified users found, creating new user",
+          );
+          return null;
+        }),
+    } as const;
+    userId = await Fx.run(linkHandlers[linkDispatch.tag]());
   }
   const userData = {
     ...(emailVerified ? { emailVerificationTime: Date.now() } : null),
@@ -135,16 +184,21 @@ async function defaultCreateOrUpdateUser(
   };
   const existingOrLinkedUserId = userId;
   if (userId !== null) {
-    try {
-      await db.users.patch(userId, userData);
-    } catch (error) {
-      throwAuthError("USER_UPDATE_FAILED", `Could not update user document with ID \`${userId}\`, ` +
-          `either the user has been deleted but their account has not, ` +
-          `or the profile data doesn't match the \`users\` table schema: ` +
-          `${(error as Error).message}`);
-    }
+    await Fx.run(
+      Fx.from({
+        ok: () => db.users.patch(userId!, userData),
+        err: (error) =>
+          new AuthError(
+            "USER_UPDATE_FAILED",
+            `Could not update user document with ID \`${userId}\`, ` +
+              `either the user has been deleted but their account has not, ` +
+              `or the profile data doesn't match the \`users\` table schema: ` +
+              `${(error as Error).message}`,
+          ),
+      }).pipe(Fx.recover((e) => Fx.fatal(e.toConvexError()))),
+    );
   } else {
-    userId = (await db.users.insert(userData)) as GenericId<"user">;
+    userId = (await db.users.insert(userData)) as GenericId<"User">;
   }
   const afterUserCreatedOrUpdated = config.callbacks?.afterUserCreatedOrUpdated;
   if (afterUserCreatedOrUpdated !== undefined) {
@@ -172,7 +226,7 @@ async function uniqueUserWithVerifiedEmail(
   config: ConvexAuthConfig,
 ) {
   const db = authDb(ctx, config);
-  return (await db.users.findByVerifiedEmail(email)) as Doc<"user"> | null;
+  return (await db.users.findByVerifiedEmail(email)) as Doc<"User"> | null;
 }
 async function uniqueUserWithVerifiedPhone(
@@ -181,14 +235,14 @@ async function uniqueUserWithVerifiedPhone(
   config: ConvexAuthConfig,
 ) {
   const db = authDb(ctx, config);
-  return (await db.users.findByVerifiedPhone(phone)) as Doc<"user"> | null;
+  return (await db.users.findByVerifiedPhone(phone)) as Doc<"User"> | null;
 }
 async function createOrUpdateAccount(
   ctx: MutationCtx,
-  userId: GenericId<"user">,
+  userId: GenericId<"User">,
   account:
-    | { existingAccount: Doc<"account"> }
+    | { existingAccount: Doc<"Account"> }
     | {
         providerAccountId: string;
         secret?: string;
@@ -197,6 +251,10 @@ async function createOrUpdateAccount(
   config: ConvexAuthConfig,
 ) {
   const db = authDb(ctx, config);
+  const mergedExtend =
+    "existingAccount" in account
+      ? mergeExtend(account.existingAccount.extend, args.accountExtend)
+      : args.accountExtend;
   const accountId =
     "existingAccount" in account
       ? account.existingAccount._id
@@ -205,7 +263,8 @@ async function createOrUpdateAccount(
           provider: args.provider.id,
           providerAccountId: account.providerAccountId,
           secret: account.secret,
-        })) as GenericId<"account">);
+          extend: mergedExtend,
+        })) as GenericId<"Account">);
   // This is never used with the default `createOrUpdateUser` implementation,
   // but it is used for manual linking via custom `createOrUpdateUser`:
   if (
@@ -214,23 +273,18 @@ async function createOrUpdateAccount(
   ) {
     await db.accounts.patch(accountId, { userId });
   }
+  const accountPatchData: Record<string, unknown> = {};
+  if (mergedExtend) {
+    accountPatchData.extend = mergedExtend;
+  }
   if (args.profile.emailVerified) {
-    await db.accounts.patch(accountId, { emailVerified: args.profile.email });
+    accountPatchData.emailVerified = args.profile.email;
   }
   if (args.profile.phoneVerified) {
-    await db.accounts.patch(accountId, { phoneVerified: args.profile.phone });
+    accountPatchData.phoneVerified = args.profile.phone;
   }
-  return accountId;
-}
-export async function getAccountOrThrow(
-  ctx: MutationCtx,
-  existingAccountId: GenericId<"account">,
-  config: ConvexAuthConfig,
-) {
-  const existingAccount = await authDb(ctx, config).accounts.getById(existingAccountId);
-  if (existingAccount === null) {
-    throwAuthError("ACCOUNT_NOT_FOUND", `Expected an account to exist for ID "${existingAccountId}"`);
+  if (Object.keys(accountPatchData).length > 0) {
+    await db.accounts.patch(accountId, accountPatchData);
   }
-  return existingAccount;
+  return accountId;
 }

package/src/server/utils.ts CHANGED Viewed

@@ -1,14 +1,201 @@
-import { throwAuthError } from "./errors";
+import {
+  RandomReader,
+  generateRandomString as osloGenerateRandomString,
+} from "@oslojs/crypto/random";
+import { sha256 as rawSha256 } from "@oslojs/crypto/sha2";
+import {
+  decodeBase64urlIgnorePadding,
+  encodeBase64urlNoPadding,
+  encodeHexLowerCase,
+} from "@oslojs/encoding";
+import { AuthError } from "./authError";
+/**
+ * Require an environment variable to be set, throwing at config time if missing.
+ *
+ * Uses `AuthError.toConvexError()` directly since this is a synchronous guard
+ * called inline in many expressions — not suitable for Fx pipeline wrapping.
+ */
+/** @internal */
 export function requireEnv(name: string) {
   const value = process.env[name];
   if (value === undefined) {
-    throwAuthError("MISSING_ENV_VAR", `Missing environment variable \`${name}\``, { variable: name });
+    throw new AuthError(
+      "MISSING_ENV_VAR",
+      `Missing environment variable \`${name}\``,
+      { variable: name },
+    ).toConvexError();
   }
   return value;
 }
+/** @internal */
 export function isLocalHost(host?: string) {
-  return /(localhost|127\.0\.0\.1):\d+/.test(
-  host ?? "");
-}
+  if (host === undefined) {
+    return false;
+  }
+  const raw = host.includes("://") ? host : `http://${host}`;
+  let url: URL;
+  try {
+    url = new URL(raw);
+  } catch {
+    return false;
+  }
+  return (
+    url.hostname === "localhost" ||
+    url.hostname === "127.0.0.1" ||
+    url.hostname === "::1"
+  );
+}
+// Internal server utilities (merged from former internalUtils.ts)
+/** @internal */
+export const TOKEN_SUB_CLAIM_DIVIDER = "|";
+/** @internal */
+export const REFRESH_TOKEN_DIVIDER = "|";
+/** @internal */
+export async function sha256(input: string) {
+  return encodeHexLowerCase(rawSha256(new TextEncoder().encode(input)));
+}
+/** @internal */
+export function generateRandomString(length: number, alphabet: string) {
+  const random: RandomReader = {
+    read(bytes) {
+      crypto.getRandomValues(bytes as Uint8Array<ArrayBuffer>);
+    },
+  };
+  return osloGenerateRandomString(random, alphabet, length);
+}
+/** @internal */
+export function errorMessage(error: unknown) {
+  return error instanceof Error ? error.message : String(error);
+}
+/** @internal */
+export function logError(error: unknown) {
+  logWithLevel(
+    LOG_LEVELS.ERROR,
+    error instanceof Error
+      ? error.message + "\n" + error.stack?.replace("\\n", "\n")
+      : error,
+  );
+}
+/** @internal */
+export const LOG_LEVELS = {
+  ERROR: "ERROR",
+  WARN: "WARN",
+  INFO: "INFO",
+  DEBUG: "DEBUG",
+} as const;
+type LogLevel = keyof typeof LOG_LEVELS;
+/** @internal */
+export function logWithLevel(level: LogLevel, ...args: unknown[]) {
+  const configuredLogLevel =
+    LOG_LEVELS[
+      (process.env.AUTH_LOG_LEVEL as LogLevel | undefined) ?? "INFO"
+    ] ?? "INFO";
+  switch (level) {
+    case "ERROR":
+      console.error(...args);
+      break;
+    case "WARN":
+      if (configuredLogLevel !== "ERROR") {
+        console.warn(...args);
+      }
+      break;
+    case "INFO":
+      if (configuredLogLevel === "INFO" || configuredLogLevel === "DEBUG") {
+        console.info(...args);
+      }
+      break;
+    case "DEBUG":
+      if (configuredLogLevel === "DEBUG") {
+        console.debug(...args);
+      }
+      break;
+  }
+}
+const UNREDACTED_LENGTH = 5;
+/** @internal */
+export function maybeRedact(value: string) {
+  if (value === "") {
+    return "";
+  }
+  const shouldRedact = process.env.AUTH_LOG_SECRETS !== "true";
+  if (shouldRedact) {
+    if (value.length < UNREDACTED_LENGTH * 2) {
+      return "<redacted>";
+    }
+    return (
+      value.substring(0, UNREDACTED_LENGTH) +
+      "<redacted>" +
+      value.substring(value.length - UNREDACTED_LENGTH)
+    );
+  } else {
+    return value;
+  }
+}
+const SECRET_KEY_ENV = "AUTH_SECRET_ENCRYPTION_KEY";
+const SECRET_IV_LENGTH = 12;
+function toArrayBuffer(bytes: Uint8Array) {
+  return bytes.buffer.slice(
+    bytes.byteOffset,
+    bytes.byteOffset + bytes.byteLength,
+  ) as ArrayBuffer;
+}
+async function getSecretCryptoKey() {
+  const material = requireEnv(SECRET_KEY_ENV);
+  const rawKey = rawSha256(new TextEncoder().encode(material));
+  return await crypto.subtle.importKey(
+    "raw",
+    toArrayBuffer(rawKey),
+    { name: "AES-GCM" },
+    false,
+    ["encrypt", "decrypt"],
+  );
+}
+/** @internal */
+export async function encryptSecret(value: string) {
+  const key = await getSecretCryptoKey();
+  const iv = crypto.getRandomValues(new Uint8Array(SECRET_IV_LENGTH));
+  const encrypted = await crypto.subtle.encrypt(
+    { name: "AES-GCM", iv: toArrayBuffer(iv) },
+    key,
+    toArrayBuffer(new TextEncoder().encode(value)),
+  );
+  return `${encodeBase64urlNoPadding(iv)}.${encodeBase64urlNoPadding(new Uint8Array(encrypted))}`;
+}
+/** @internal */
+export async function decryptSecret(ciphertext: string) {
+  const [ivEncoded, payloadEncoded] = ciphertext.split(".");
+  if (!ivEncoded || !payloadEncoded) {
+    throw new AuthError(
+      "INVALID_PARAMETERS",
+      "Stored enterprise secret is malformed.",
+    ).toConvexError();
+  }
+  const key = await getSecretCryptoKey();
+  const decrypted = await crypto.subtle.decrypt(
+    {
+      name: "AES-GCM",
+      iv: toArrayBuffer(decodeBase64urlIgnorePadding(ivEncoded)),
+    },
+    key,
+    toArrayBuffer(decodeBase64urlIgnorePadding(payloadEncoded)),
+  );
+  return new TextDecoder().decode(decrypted);
+}

package/src/test.ts CHANGED Viewed

@@ -1,15 +1,33 @@
-import type { GenericSchema, SchemaDefinition } from "convex/server";
 import type { TestConvex } from "convex-test";
+import type { GenericSchema, SchemaDefinition } from "convex/server";
 import schema from "./component/schema";
 type ImportMetaWithGlob = ImportMeta & {
   glob: (pattern: string) => Record<string, () => Promise<unknown>>;
 };
-const modules = (import.meta as ImportMetaWithGlob).glob(
-  "./component/**/*.ts",
-);
+const modules = (import.meta as ImportMetaWithGlob).glob("./component/**/*.ts");
+/**
+ * Register the Convex Auth component in a `convex-test` environment.
+ *
+ * Use this in tests to mount the bundled auth component under a chosen
+ * component name before invoking its functions.
+ *
+ * @param t - The `convex-test` test harness.
+ * @param name - Component mount name. Defaults to `"auth"`.
+ * @returns Nothing.
+ *
+ * @example
+ * ```ts
+ * import { convexTest } from "convex-test";
+ * import { register } from "@robelest/convex-auth/test";
+ *
+ * const t = convexTest(schema);
+ * register(t);
+ * ```
+ */
 export function register(
   t: TestConvex<SchemaDefinition<GenericSchema, boolean>>,
   name: string = "auth",
@@ -17,6 +35,12 @@ export function register(
   t.registerComponent(name, schema, modules);
 }
+/**
+ * Test helpers bundled for `convex-test` setups.
+ *
+ * Exposes the auth component `schema`, lazily discovered `modules`, and the
+ * `register()` helper as a convenience default export.
+ */
 export default {
   register,
   schema,

package/dist/component/providers/email.js DELETED Viewed

@@ -1,47 +0,0 @@
-//#region src/providers/email.ts
-/**
-* Email providers send a token to the user's email address
-* for sign-in.
-*
-* When you use this function to create your config, by default it
-* checks that there is an `email` field during token verification
-* that matches the `email` used during the initial `signIn` call.
-*
-* If you want the "magic link behavior", where only the token is needed,
-* you can override the `authorize` method to skip the check:
-*
-* ```ts
-* import email from "@robelest/convex-auth/providers/email";
-* import { Auth } from "@robelest/convex-auth/component";
-*
-* export const { auth, signIn, signOut, store } = Auth({
-*   providers: [
-*     email({ authorize: undefined }),
-*   ],
-* });
-* ```
-*
-* Make sure the token has high enough entropy to be secure.
-*
-* @param config - Email provider options including `sendVerificationRequest`.
-* @returns An `EmailConfig` to include in your `providers` array.
-*/
-function email(config) {
-	return {
-		id: "email",
-		type: "email",
-		name: "Email",
-		from: "Auth.js <no-reply@authjs.dev>",
-		maxAge: 3600,
-		authorize: async (params, account) => {
-			if (typeof params.email !== "string") throw new Error("Token verification requires an `email` in params of `signIn`.");
-			if (account.providerAccountId !== params.email) throw new Error("Short verification code requires a matching `email` in params of `signIn`.");
-		},
-		sendVerificationRequest: config.sendVerificationRequest,
-		options: config
-	};
-}
-//#endregion
-export { email as default };
-//# sourceMappingURL=email.js.map

package/dist/component/providers/email.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"email.js","names":[],"sources":["../../../src/providers/email.ts"],"sourcesContent":["/**\n * Simplifies creating custom email providers, such as for sending OTPs.\n *\n * @module\n */\n\nimport { GenericDataModel } from \"convex/server\";\nimport { EmailConfig, EmailUserConfig } from \"../server/types\";\n\n/**\n * Email providers send a token to the user's email address\n * for sign-in.\n *\n * When you use this function to create your config, by default it\n * checks that there is an `email` field during token verification\n * that matches the `email` used during the initial `signIn` call.\n *\n * If you want the \"magic link behavior\", where only the token is needed,\n * you can override the `authorize` method to skip the check:\n *\n * ```ts\n * import email from \"@robelest/convex-auth/providers/email\";\n * import { Auth } from \"@robelest/convex-auth/component\";\n *\n * export const { auth, signIn, signOut, store } = Auth({\n * providers: [\n * email({ authorize: undefined }),\n * ],\n * });\n * ```\n *\n * Make sure the token has high enough entropy to be secure.\n *\n * @param config - Email provider options including `sendVerificationRequest`.\n * @returns An `EmailConfig` to include in your `providers` array.\n */\nexport default function email<DataModel extends GenericDataModel>(\n config: EmailUserConfig<DataModel> &\n Pick<EmailConfig, \"sendVerificationRequest\">,\n): EmailConfig<DataModel> {\n return {\n id: \"email\",\n type: \"email\",\n name: \"Email\",\n from: \"Auth.js <no-reply@authjs.dev>\",\n maxAge: 60 * 60, // 1 hour\n authorize: async (params, account) => {\n if (typeof params.email !== \"string\") {\n throw new Error(\n \"Token verification requires an `email` in params of `signIn`.\",\n );\n }\n if (account.providerAccountId !== params.email) {\n throw new Error(\n \"Short verification code requires a matching `email` \" +\n \"in params of `signIn`.\",\n );\n }\n },\n sendVerificationRequest: config.sendVerificationRequest,\n options: config,\n };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoCA,SAAwB,MACtB,QAEwB;AACxB,QAAO;EACL,IAAI;EACJ,MAAM;EACN,MAAM;EACN,MAAM;EACN,QAAQ;EACR,WAAW,OAAO,QAAQ,YAAY;AACpC,OAAI,OAAO,OAAO,UAAU,SAC1B,OAAM,IAAI,MACR,gEACD;AAEH,OAAI,QAAQ,sBAAsB,OAAO,MACvC,OAAM,IAAI,MACR,6EAED;;EAGL,yBAAyB,OAAO;EAChC,SAAS;EACV"}