@rpcbase/auth 0.97.0 → 0.99.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (37) hide show
  1. package/dist/api/sign-in/handler.d.ts.map +1 -1
  2. package/dist/api/verify-otp/handler.d.ts.map +1 -1
  3. package/dist/components/RememberMeCheckbox/index.d.ts +2 -2
  4. package/dist/components/RememberMeCheckbox/index.d.ts.map +1 -1
  5. package/dist/{handler-DJwOgqtP.js → handler-2sZNHSqb.js} +2 -2
  6. package/dist/{handler-DJwOgqtP.js.map → handler-2sZNHSqb.js.map} +1 -1
  7. package/dist/{handler-DvUXoOYN.js → handler-BQCMgGzx.js} +5 -5
  8. package/dist/{handler-DvUXoOYN.js.map → handler-BQCMgGzx.js.map} +1 -1
  9. package/dist/{handler-Zcu5rM1_.js → handler-D9OypiUL.js} +2 -2
  10. package/dist/{handler-Zcu5rM1_.js.map → handler-D9OypiUL.js.map} +1 -1
  11. package/dist/{handler-CUtZEFQm.js → handler-DP0y3Dhp.js} +5 -5
  12. package/dist/handler-DP0y3Dhp.js.map +1 -0
  13. package/dist/{handler-DyqylA1h.js → handler-DURJL_gJ.js} +5 -5
  14. package/dist/handler-DURJL_gJ.js.map +1 -0
  15. package/dist/{handler-sUCM6Ee3.js → handler-j0RdiReb.js} +2 -2
  16. package/dist/{handler-sUCM6Ee3.js.map → handler-j0RdiReb.js.map} +1 -1
  17. package/dist/{index-BCacnRCE.js → index-BfZTJlGT.js} +2 -2
  18. package/dist/{index-BCacnRCE.js.map → index-BfZTJlGT.js.map} +1 -1
  19. package/dist/{index-DdTRbuS-.js → index-DQy-Vgjt.js} +2 -2
  20. package/dist/{index-DdTRbuS-.js.map → index-DQy-Vgjt.js.map} +1 -1
  21. package/dist/index.js +3 -3
  22. package/dist/index.js.map +1 -1
  23. package/dist/{middleware-BiMXO6Dq.js → middleware-HjIzPByj.js} +3 -2
  24. package/dist/middleware-HjIzPByj.js.map +1 -0
  25. package/dist/middleware.d.ts.map +1 -1
  26. package/dist/oauth/index.js +12 -15
  27. package/dist/oauth/index.js.map +1 -1
  28. package/dist/oauth/lib.d.ts +9 -6
  29. package/dist/oauth/lib.d.ts.map +1 -1
  30. package/dist/routes.js +1 -1
  31. package/dist/{schemas-BCQJ62HD.js → schemas-Dn3gHDGz.js} +3 -3
  32. package/dist/schemas-Dn3gHDGz.js.map +1 -0
  33. package/package.json +1 -1
  34. package/dist/handler-CUtZEFQm.js.map +0 -1
  35. package/dist/handler-DyqylA1h.js.map +0 -1
  36. package/dist/middleware-BiMXO6Dq.js.map +0 -1
  37. package/dist/schemas-BCQJ62HD.js.map +0 -1
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@rpcbase/auth",
3
- "version": "0.97.0",
3
+ "version": "0.99.0",
4
4
  "type": "module",
5
5
  "files": [
6
6
  "dist",
package/dist/handler-CUtZEFQm.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"handler-CUtZEFQm.js","sources":["../src/api/sign-in/handler.ts"],"sourcesContent":["import { Api, ApiHandler, Ctx } from \"@rpcbase/api\"\nimport { models } from \"@rpcbase/db\"\nimport { verifyPasswordFromStorage } from \"@rpcbase/server\"\n\nimport type { AuthSessionUser } from \"../../types\"\n\nimport * as SignIn from \"./index\"\n\n\nconst signIn: ApiHandler<SignIn.RequestPayload, SignIn.ResponsePayload, AuthSessionUser> = async(\n payload,\n ctx: Ctx<AuthSessionUser>\n): Promise<SignIn.ResponsePayload> => {\n const User = await models.getGlobal(\"RBUser\", ctx)\n\n const parsed = SignIn.requestSchema.safeParse(payload)\n\n if (!parsed.success) {\n ctx.res.status(400)\n return { success: false, error: \"invalid_payload\" }\n }\n\n const { email, password } = parsed.data\n\n const user = await User.findOne({ email }, { password: 1, tenants: 1, tenantRoles: 1 })\n\n if (!user?.password) {\n ctx.res.status(401)\n return { success: false, error: \"invalid_credentials\" }\n }\n\n const stored = String(user.password)\n const passwordMatches = await verifyPasswordFromStorage(password, stored)\n\n if (!passwordMatches) {\n if (!stored.startsWith(\"$scrypt$\")) {\n console.warn(\"auth::sign-in invalid stored password format\", user._id.toString())\n }\n ctx.res.status(401)\n return { success: false, error: \"invalid_credentials\" }\n }\n\n const tenantId = user.tenants?.[0]?.toString?.() || \"00000000\"\n const signedInTenants = (user.tenants || []).map((t: any) => t.toString?.() || String(t)) || [tenantId]\n\n const tenantRolesRaw = (user as unknown as { tenantRoles?: unknown }).tenantRoles\n const tenantRoles = tenantRolesRaw instanceof Map\n ? Object.fromEntries(tenantRolesRaw.entries())\n : tenantRolesRaw && typeof tenantRolesRaw === \"object\"\n ? tenantRolesRaw\n : undefined\n\n if (!ctx.req.session) {\n ctx.res.status(500)\n return { success: false, error: \"session_unavailable\" }\n }\n\n ctx.req.session.user = {\n id: user._id.toString(),\n currentTenantId: tenantId,\n signedInTenants: signedInTenants.length ? signedInTenants : [tenantId],\n isEntryGateAuthorized: true,\n tenantRoles,\n }\n\n return { success: true, userId: user._id.toString(), tenantId }\n}\n\nexport default (api: Api<AuthSessionUser>) => {\n api.post(SignIn.Route, signIn)\n}\n"],"names":["SignIn.requestSchema","SignIn.Route"],"mappings":";;;AASA,MAAM,SAAqF,OACzF,SACA,QACoC;AACpC,QAAM,OAAO,MAAM,OAAO,UAAU,UAAU,GAAG;AAEjD,QAAM,SAASA,cAAqB,UAAU,OAAO;AAErD,MAAI,CAAC,OAAO,SAAS;AACnB,QAAI,IAAI,OAAO,GAAG;AAClB,WAAO,EAAE,SAAS,OAAO,OAAO,kBAAA;AAAA,EAClC;AAEA,QAAM,EAAE,OAAO,SAAA,IAAa,OAAO;AAEnC,QAAM,OAAO,MAAM,KAAK,QAAQ,EAAE,MAAA,GAAS,EAAE,UAAU,GAAG,SAAS,GAAG,aAAa,GAAG;AAEtF,MAAI,CAAC,MAAM,UAAU;AACnB,QAAI,IAAI,OAAO,GAAG;AAClB,WAAO,EAAE,SAAS,OAAO,OAAO,sBAAA;AAAA,EAClC;AAEA,QAAM,SAAS,OAAO,KAAK,QAAQ;AACnC,QAAM,kBAAkB,MAAM,0BAA0B,UAAU,MAAM;AAExE,MAAI,CAAC,iBAAiB;AACpB,QAAI,CAAC,OAAO,WAAW,UAAU,GAAG;AAClC,cAAQ,KAAK,gDAAgD,KAAK,IAAI,UAAU;AAAA,IAClF;AACA,QAAI,IAAI,OAAO,GAAG;AAClB,WAAO,EAAE,SAAS,OAAO,OAAO,sBAAA;AAAA,EAClC;AAEA,QAAM,WAAW,KAAK,UAAU,CAAC,GAAG,gBAAgB;AACpD,QAAM,mBAAmB,KAAK,WAAW,CAAA,GAAI,IAAI,CAAC,MAAW,EAAE,WAAA,KAAgB,OAAO,CAAC,CAAC,KAAK,CAAC,QAAQ;AAEtG,QAAM,iBAAkB,KAA8C;AACtE,QAAM,cAAc,0BAA0B,MAC1C,OAAO,YAAY,eAAe,QAAA,CAAS,IAC3C,kBAAkB,OAAO,mBAAmB,WAC1C,iBACA;AAEN,MAAI,CAAC,IAAI,IAAI,SAAS;AACpB,QAAI,IAAI,OAAO,GAAG;AAClB,WAAO,EAAE,SAAS,OAAO,OAAO,sBAAA;AAAA,EAClC;AAEA,MAAI,IAAI,QAAQ,OAAO;AAAA,IACrB,IAAI,KAAK,IAAI,SAAA;AAAA,IACb,iBAAiB;AAAA,IACjB,iBAAiB,gBAAgB,SAAS,kBAAkB,CAAC,QAAQ;AAAA,IACrE,uBAAuB;AAAA,IACvB;AAAA,EAAA;AAGF,SAAO,EAAE,SAAS,MAAM,QAAQ,KAAK,IAAI,SAAA,GAAY,SAAA;AACvD;AAEA,MAAA,UAAe,CAAC,QAA8B;AAC5C,MAAI,KAAKC,OAAc,MAAM;AAC/B;"}
package/dist/handler-DyqylA1h.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"handler-DyqylA1h.js","sources":["../src/api/verify-otp/index.ts","../src/api/verify-otp/handler.ts"],"sourcesContent":["import { z } from \"zod\"\n\n\nexport const Route = \"/api/rb/auth/verify-otp\"\n\nexport const requestSchema = z.object({\n email: z.string().email(),\n code: z.string().length(6, \"Code must be 6 digits\"),\n rememberMe: z.boolean().default(true),\n})\n\nexport type RequestPayload = z.infer<typeof requestSchema>\n\nexport const responseSchema = z.object({\n success: z.boolean(),\n error: z.string().optional(),\n userId: z.string().optional(),\n tenantId: z.string().optional(),\n})\n\nexport type ResponsePayload = z.infer<typeof responseSchema>\n","import { Api, ApiHandler, Ctx } from \"@rpcbase/api\"\nimport { models } from \"@rpcbase/db\"\n\nimport type { AuthSessionUser } from \"../../types\"\n\nimport * as VerifyOtp from \"./index\"\n\n\nconst verifyOtp: ApiHandler<VerifyOtp.RequestPayload, VerifyOtp.ResponsePayload, AuthSessionUser> = async (\n payload,\n ctx: Ctx<AuthSessionUser>\n): Promise<VerifyOtp.ResponsePayload> => {\n const User = await models.getGlobal(\"RBUser\", ctx)\n\n const parsed = VerifyOtp.requestSchema.safeParse(payload)\n\n if (!parsed.success) {\n ctx.res.status(400)\n return { success: false, error: \"invalid_payload\" }\n }\n\n const { email, code } = parsed.data\n\n const user = await User.findOne({ email }, { emailVerificationCode: 1, emailVerificationExpiresAt: 1, tenants: 1, tenantRoles: 1 })\n\n if (!user) {\n ctx.res.status(404)\n return { success: false, error: \"user_not_found\" }\n }\n\n const storedCode = user.emailVerificationCode\n const expiresAt = user.emailVerificationExpiresAt\n\n const isExpired = expiresAt instanceof Date && expiresAt.getTime() < Date.now()\n if (!storedCode || storedCode !== code || isExpired) {\n ctx.res.status(400)\n return { success: false, error: \"invalid_code\" }\n }\n\n user.emailVerificationCode = undefined\n user.emailVerificationExpiresAt = undefined\n await user.save()\n\n const tenantId = user.tenants?.[0]?.toString?.() || \"00000000\"\n const signedInTenants = (user.tenants || []).map((t: any) => t.toString?.() || String(t)) || [tenantId]\n\n const tenantRolesRaw = (user as unknown as { tenantRoles?: unknown }).tenantRoles\n const tenantRoles = tenantRolesRaw instanceof Map\n ? Object.fromEntries(tenantRolesRaw.entries())\n : tenantRolesRaw && typeof tenantRolesRaw === \"object\"\n ? tenantRolesRaw\n : undefined\n\n if (!ctx.req.session) {\n ctx.res.status(500)\n return { success: false, error: \"session_unavailable\" }\n }\n\n ctx.req.session.user = {\n id: user._id.toString(),\n currentTenantId: tenantId,\n signedInTenants: signedInTenants.length ? signedInTenants : [tenantId],\n isEntryGateAuthorized: true,\n tenantRoles,\n }\n\n return { success: true, userId: user._id.toString(), tenantId }\n}\n\nexport default (api: Api<AuthSessionUser>) => {\n api.post(VerifyOtp.Route, verifyOtp)\n}\n"],"names":["z.object","z.string","z.boolean","VerifyOtp.requestSchema","VerifyOtp.Route"],"mappings":";;AAGO,MAAM,QAAQ;AAEd,MAAM,gBAAgBA,OAAS;AAAA,EACpC,OAAOC,OAAE,EAAS,MAAA;AAAA,EAClB,MAAMA,OAAE,EAAS,OAAO,GAAG,uBAAuB;AAAA,EAClD,YAAYC,UAAY,QAAQ,IAAI;AACtC,CAAC;AAI6BF,OAAS;AAAA,EACrC,SAASE,QAAE;AAAA,EACX,OAAOD,OAAE,EAAS,SAAA;AAAA,EAClB,QAAQA,OAAE,EAAS,SAAA;AAAA,EACnB,UAAUA,OAAE,EAAS,SAAA;AACvB,CAAC;ACVD,MAAM,YAA8F,OAClG,SACA,QACuC;AACvC,QAAM,OAAO,MAAM,OAAO,UAAU,UAAU,GAAG;AAEjD,QAAM,SAASE,cAAwB,UAAU,OAAO;AAExD,MAAI,CAAC,OAAO,SAAS;AACnB,QAAI,IAAI,OAAO,GAAG;AAClB,WAAO,EAAE,SAAS,OAAO,OAAO,kBAAA;AAAA,EAClC;AAEA,QAAM,EAAE,OAAO,KAAA,IAAS,OAAO;AAE/B,QAAM,OAAO,MAAM,KAAK,QAAQ,EAAE,SAAS,EAAE,uBAAuB,GAAG,4BAA4B,GAAG,SAAS,GAAG,aAAa,GAAG;AAElI,MAAI,CAAC,MAAM;AACT,QAAI,IAAI,OAAO,GAAG;AAClB,WAAO,EAAE,SAAS,OAAO,OAAO,iBAAA;AAAA,EAClC;AAEA,QAAM,aAAa,KAAK;AACxB,QAAM,YAAY,KAAK;AAEvB,QAAM,YAAY,qBAAqB,QAAQ,UAAU,QAAA,IAAY,KAAK,IAAA;AAC1E,MAAI,CAAC,cAAc,eAAe,QAAQ,WAAW;AACnD,QAAI,IAAI,OAAO,GAAG;AAClB,WAAO,EAAE,SAAS,OAAO,OAAO,eAAA;AAAA,EAClC;AAEA,OAAK,wBAAwB;AAC7B,OAAK,6BAA6B;AAClC,QAAM,KAAK,KAAA;AAEX,QAAM,WAAW,KAAK,UAAU,CAAC,GAAG,gBAAgB;AACpD,QAAM,mBAAmB,KAAK,WAAW,CAAA,GAAI,IAAI,CAAC,MAAW,EAAE,WAAA,KAAgB,OAAO,CAAC,CAAC,KAAK,CAAC,QAAQ;AAEtG,QAAM,iBAAkB,KAA8C;AACtE,QAAM,cAAc,0BAA0B,MAC1C,OAAO,YAAY,eAAe,QAAA,CAAS,IAC3C,kBAAkB,OAAO,mBAAmB,WAC1C,iBACA;AAEN,MAAI,CAAC,IAAI,IAAI,SAAS;AACpB,QAAI,IAAI,OAAO,GAAG;AAClB,WAAO,EAAE,SAAS,OAAO,OAAO,sBAAA;AAAA,EAClC;AAEA,MAAI,IAAI,QAAQ,OAAO;AAAA,IACrB,IAAI,KAAK,IAAI,SAAA;AAAA,IACb,iBAAiB;AAAA,IACjB,iBAAiB,gBAAgB,SAAS,kBAAkB,CAAC,QAAQ;AAAA,IACrE,uBAAuB;AAAA,IACvB;AAAA,EAAA;AAGF,SAAO,EAAE,SAAS,MAAM,QAAQ,KAAK,IAAI,SAAA,GAAY,SAAA;AACvD;AAEA,MAAA,UAAe,CAAC,QAA8B;AAC5C,MAAI,KAAKC,OAAiB,SAAS;AACrC;"}
package/dist/middleware-BiMXO6Dq.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"middleware-BiMXO6Dq.js","sources":["../src/middleware.ts"],"sourcesContent":["import type { Middleware } from \"@rpcbase/api\"\n\nimport type { AuthSessionUser } from \"./types\"\n\n\nconst isAuthenticated = (req: Parameters<Middleware>[0]): req is Parameters<Middleware<AuthSessionUser>>[0] => {\n return Boolean((req as any).session?.user?.id)\n}\n\nexport const restrictSessionMiddleware: Middleware<AuthSessionUser> = (req, res, next) => {\n if (isAuthenticated(req)) {\n return next()\n }\n\n res.status(401).json({ error: \"unauthorized\" })\n}\n\nexport const requireSession = restrictSessionMiddleware\n\nexport const redirectAuthMiddleware: Middleware<AuthSessionUser> = (req, res, next) => {\n if (req.path.startsWith(\"/app\") && !isAuthenticated(req)) {\n return res.redirect(\"/auth/sign-in\")\n }\n\n next()\n}\n"],"names":[],"mappings":"AAKA,MAAM,kBAAkB,CAAC,QAAsF;AAC7G,SAAO,QAAS,IAAY,SAAS,MAAM,EAAE;AAC/C;AAEO,MAAM,4BAAyD,CAAC,KAAK,KAAK,SAAS;AACxF,MAAI,gBAAgB,GAAG,GAAG;AACxB,WAAO,KAAA;AAAA,EACT;AAEA,MAAI,OAAO,GAAG,EAAE,KAAK,EAAE,OAAO,gBAAgB;AAChD;AAEO,MAAM,iBAAiB;AAEvB,MAAM,yBAAsD,CAAC,KAAK,KAAK,SAAS;AACrF,MAAI,IAAI,KAAK,WAAW,MAAM,KAAK,CAAC,gBAAgB,GAAG,GAAG;AACxD,WAAO,IAAI,SAAS,eAAe;AAAA,EACrC;AAEA,OAAA;AACF;"}