@rpcbase/auth 0.119.0 → 0.121.0

package/dist/handler-tJUJWqII.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"handler-tJUJWqII.js","names":["z","Route","requestSchema","object","email","string","RequestPayload","infer","responseSchema","success","boolean","error","optional","ResponsePayload","crypto","Api","ApiHandler","Ctx","models","sendEmail","AuthSessionUser","ResendOtp","resendOtp","RequestPayload","ResponsePayload","payload","ctx","Promise","User","getGlobal","parsed","requestSchema","safeParse","success","res","status","error","email","data","user","findOne","emailVerificationCode","randomInt","toString","padStart","emailVerificationExpiresAt","Date","now","save","to","subject","html","text","err","console","warn","api","post","Route"],"sources":["../src/api/resend-otp/index.ts","../src/api/resend-otp/handler.ts"],"sourcesContent":["import { z } from \"zod\"\n\n\nexport const Route = \"/api/rb/auth/resend-otp\"\n\nexport const requestSchema = z.object({\n  email: z.string().email(),\n})\n\nexport type RequestPayload = z.infer<typeof requestSchema>\n\nexport const responseSchema = z.object({\n  success: z.boolean(),\n  error: z.string().optional(),\n})\n\nexport type ResponsePayload = z.infer<typeof responseSchema>\n\n","import crypto from \"crypto\"\n\nimport { Api, ApiHandler, Ctx } from \"@rpcbase/api\"\nimport { models } from \"@rpcbase/db\"\nimport { sendEmail } from \"@rpcbase/server\"\n\nimport type { AuthSessionUser } from \"../../types\"\n\nimport * as ResendOtp from \"./index\"\n\n\nconst resendOtp: ApiHandler<ResendOtp.RequestPayload, ResendOtp.ResponsePayload, AuthSessionUser> = async (\n  payload,\n  ctx: Ctx<AuthSessionUser>\n): Promise<ResendOtp.ResponsePayload> => {\n  const User = await models.getGlobal(\"RBUser\", ctx)\n\n  const parsed = ResendOtp.requestSchema.safeParse(payload)\n\n  if (!parsed.success) {\n    ctx.res.status(400)\n    return { success: false, error: \"invalid_payload\" }\n  }\n\n  const { email } = parsed.data\n\n  const user = await User.findOne({ email })\n\n  if (!user) {\n    // TODO(auth): avoid account enumeration (return a generic success response even when the user doesn't exist)\n    ctx.res.status(404)\n    return { success: false, error: \"user_not_found\" }\n  }\n\n  // TODO(auth): add server-side throttling / rate limiting for resend-otp\n  const emailVerificationCode = crypto.randomInt(0, 1_000_000).toString().padStart(6, \"0\")\n  const emailVerificationExpiresAt = new Date(Date.now() + 10 * 60 * 1000)\n\n  user.emailVerificationCode = emailVerificationCode\n  user.emailVerificationExpiresAt = emailVerificationExpiresAt\n  await user.save()\n\n  try {\n    await sendEmail({\n      to: email,\n      subject: `Your verification code: ${emailVerificationCode}`,\n      html: `\n        <p>Your verification code is <strong>${emailVerificationCode}</strong>. It expires in 10 minutes.</p>\n        <p>If you didn't request this, you can ignore this message.</p>\n      `,\n      text: `Your verification code is ${emailVerificationCode}. It expires in 10 minutes. If you didn't request this, you can ignore this message.`,\n    })\n  } catch (err) {\n    console.warn(\"failed to resend otp email\", err)\n  }\n\n  return { success: true }\n}\n\nexport default (api: Api<AuthSessionUser>) => {\n  api.post(ResendOtp.Route, resendOtp)\n}\n"],"mappings":";;;;;AAGA,IAAaC,QAAQ;AAErB,IAAaC,gBAAgBF,OAAS,EACpCI,OAAOJ,QAAU,CAACI,OAAM,EACzB,CAAC;AAI4BJ,OAAS;CACrCS,SAAST,SAAW;CACpBW,OAAOX,QAAU,CAACY,UAAS;CAC5B,CAAC;;;ACHF,IAAMU,YAA8F,OAClGG,SACAC,QACuC;CACvC,MAAME,OAAO,MAAMV,OAAOW,UAAU,UAAUH,IAAI;CAElD,MAAMI,SAAAA,cAAiCE,UAAUP,QAAQ;AAEzD,KAAI,CAACK,OAAOG,SAAS;AACnBP,MAAIQ,IAAIC,OAAO,IAAI;AACnB,SAAO;GAAEF,SAAS;GAAOG,OAAO;GAAmB;;CAGrD,MAAM,EAAEC,UAAUP,OAAOQ;CAEzB,MAAMC,OAAO,MAAMX,KAAKY,QAAQ,EAAEH,OAAO,CAAC;AAE1C,KAAI,CAACE,MAAM;AAETb,MAAIQ,IAAIC,OAAO,IAAI;AACnB,SAAO;GAAEF,SAAS;GAAOG,OAAO;GAAkB;;CAIpD,MAAMK,wBAAwB3B,OAAO4B,UAAU,GAAG,IAAU,CAACC,UAAU,CAACC,SAAS,GAAG,IAAI;CACxF,MAAMC,6BAA6B,IAAIC,KAAKA,KAAKC,KAAK,GAAG,MAAU,IAAK;AAExER,MAAKE,wBAAwBA;AAC7BF,MAAKM,6BAA6BA;AAClC,OAAMN,KAAKS,MAAM;AAEjB,KAAI;AACF,QAAM7B,UAAU;GACd8B,IAAIZ;GACJa,SAAS,2BAA2BT;GACpCU,MAAM;+CACmCV,sBAAqB;;;GAG9DW,MAAM,6BAA6BX,sBAAqB;GACzD,CAAC;UACKY,KAAK;AACZC,UAAQC,KAAK,8BAA8BF,IAAI;;AAGjD,QAAO,EAAEpB,SAAS,MAAM;;AAG1B,IAAA,mBAAgBuB,QAA8B;AAC5CA,KAAIC,KAAKpC,OAAiBC,UAAU"}

package/dist/middleware-BbKZ_rOe.js

@@ -1,18 +0,0 @@
-//#region src/middleware.ts
-var isAuthenticated = (req) => {
-	const sessionUser = req.session?.user;
-	return Boolean(sessionUser?.id);
-};
-var restrictSessionMiddleware = (req, res, next) => {
-	if (isAuthenticated(req)) return next();
-	res.status(401).json({ error: "unauthorized" });
-};
-var requireSession = restrictSessionMiddleware;
-var redirectAuthMiddleware = (req, res, next) => {
-	if (req.path.startsWith("/app") && !isAuthenticated(req)) return res.redirect("/auth/sign-in");
-	next();
-};
-//#endregion
-export { requireSession as n, restrictSessionMiddleware as r, redirectAuthMiddleware as t };
-
-//# sourceMappingURL=middleware-BbKZ_rOe.js.map

package/dist/middleware-BbKZ_rOe.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"middleware-BbKZ_rOe.js","names":["Middleware","AuthSessionUser","isAuthenticated","req","Parameters","sessionUser","session","user","id","Boolean","restrictSessionMiddleware","res","next","status","json","error","requireSession","redirectAuthMiddleware","path","startsWith","redirect"],"sources":["../src/middleware.ts"],"sourcesContent":["import type { Middleware } from \"@rpcbase/api\"\n\nimport type { AuthSessionUser } from \"./types\"\n\n\nconst isAuthenticated = (req: Parameters<Middleware>[0]): req is Parameters<Middleware<AuthSessionUser>>[0] => {\n  const sessionUser = req.session?.user as { id?: unknown } | undefined\n  return Boolean(sessionUser?.id)\n}\n\nexport const restrictSessionMiddleware: Middleware<AuthSessionUser> = (req, res, next) => {\n  if (isAuthenticated(req)) {\n    return next()\n  }\n\n  res.status(401).json({ error: \"unauthorized\" })\n}\n\nexport const requireSession = restrictSessionMiddleware\n\nexport const redirectAuthMiddleware: Middleware<AuthSessionUser> = (req, res, next) => {\n  if (req.path.startsWith(\"/app\") && !isAuthenticated(req)) {\n    return res.redirect(\"/auth/sign-in\")\n  }\n\n  next()\n}\n"],"mappings":";AAKA,IAAME,mBAAmBC,QAAsF;CAC7G,MAAME,cAAcF,IAAIG,SAASC;AACjC,QAAOE,QAAQJ,aAAaG,GAAG;;AAGjC,IAAaE,6BAA0DP,KAAKQ,KAAKC,SAAS;AACxF,KAAIV,gBAAgBC,IAAI,CACtB,QAAOS,MAAM;AAGfD,KAAIE,OAAO,IAAI,CAACC,KAAK,EAAEC,OAAO,gBAAgB,CAAC;;AAGjD,IAAaC,iBAAiBN;AAE9B,IAAaO,0BAAuDd,KAAKQ,KAAKC,SAAS;AACrF,KAAIT,IAAIe,KAAKC,WAAW,OAAO,IAAI,CAACjB,gBAAgBC,IAAI,CACtD,QAAOQ,IAAIS,SAAS,gBAAgB;AAGtCR,OAAM"}