@rudderjs/auth 6.1.0 → 6.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/base-auth-controller.d.ts +29 -9
- package/dist/base-auth-controller.d.ts.map +1 -1
- package/dist/base-auth-controller.js +84 -10
- package/dist/base-auth-controller.js.map +1 -1
- package/dist/index.d.ts +2 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +31 -11
- package/dist/index.js.map +1 -1
- package/dist/verification.d.ts.map +1 -1
- package/dist/verification.js +50 -3
- package/dist/verification.js.map +1 -1
- package/package.json +13 -7
package/README.md
CHANGED
|
@@ -173,7 +173,7 @@ The `EloquentUserProvider` auto-wraps ORM model records with these methods (mapp
|
|
|
173
173
|
|
|
174
174
|
## Auth views
|
|
175
175
|
|
|
176
|
-
Ships React views for Login, Register, ForgotPassword, ResetPassword under `views/react/`. `create-rudder
|
|
176
|
+
Ships React views for Login, Register, ForgotPassword, ResetPassword under `views/react/`. `create-rudder` vendors them into `app/Views/Auth/` at scaffold time so the app owns the files from day one and can edit them freely.
|
|
177
177
|
|
|
178
178
|
The views POST credentials with an `X-CSRF-Token` header read via `getCsrfToken()` from `@rudderjs/middleware`, so they work with `CsrfMiddleware` on the web group out of the box. `@rudderjs/middleware` is already a dep of any standard RudderJS app via the bootstrap pattern.
|
|
179
179
|
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import type { AppRequest, AppResponse } from '@rudderjs/contracts';
|
|
1
|
+
import type { AppRequest, AppResponse, MiddlewareHandler } from '@rudderjs/contracts';
|
|
2
2
|
import type { PasswordBroker } from './password-reset.js';
|
|
3
3
|
/** Minimal surface the controller needs from a user Model. */
|
|
4
4
|
export interface AuthUserModelLike {
|
|
@@ -15,6 +15,13 @@ export interface AuthHashLike {
|
|
|
15
15
|
make(plain: string): Promise<string>;
|
|
16
16
|
check(plain: string, hashed: string): Promise<boolean>;
|
|
17
17
|
}
|
|
18
|
+
/** Per-method rate-limit middleware applied to `BaseAuthController` POST handlers. */
|
|
19
|
+
export interface AuthRateLimits {
|
|
20
|
+
signIn?: MiddlewareHandler | null;
|
|
21
|
+
signUp?: MiddlewareHandler | null;
|
|
22
|
+
requestPasswordReset?: MiddlewareHandler | null;
|
|
23
|
+
}
|
|
24
|
+
export declare const DEFAULT_AUTH_RATE_LIMITS: Readonly<Required<AuthRateLimits>>;
|
|
18
25
|
/**
|
|
19
26
|
* Laravel Breeze-style auth controller — subclass it and set `userModel` +
|
|
20
27
|
* `hash` to get the five POST handlers wired to `/auth/*`.
|
|
@@ -24,22 +31,24 @@ export interface AuthHashLike {
|
|
|
24
31
|
* convention. The `/api/*` namespace is reserved for token-based API auth
|
|
25
32
|
* (Sanctum / Passport bearer routes).
|
|
26
33
|
*
|
|
27
|
-
*
|
|
28
|
-
*
|
|
34
|
+
* **Default rate-limits** apply to `signIn` / `signUp` / `requestPasswordReset`
|
|
35
|
+
* out of the box (see {@link DEFAULT_AUTH_RATE_LIMITS}). Override per-method
|
|
36
|
+
* via the static `rateLimits` field on the subclass — or set it to `{}` to
|
|
37
|
+
* disable entirely (e.g. internal admin panels behind VPN auth):
|
|
29
38
|
*
|
|
30
39
|
* ```ts
|
|
31
|
-
* import { Middleware } from '@rudderjs/router'
|
|
32
40
|
* import { RateLimit } from '@rudderjs/middleware'
|
|
33
41
|
* import { BaseAuthController } from '@rudderjs/auth'
|
|
34
|
-
* import { Hash } from '@rudderjs/hash'
|
|
35
|
-
* import { User } from '../Models/User.js'
|
|
36
|
-
*
|
|
37
|
-
* const authLimit = RateLimit.perMinute(10).message('Too many attempts.')
|
|
38
42
|
*
|
|
39
|
-
* @Middleware([authLimit])
|
|
40
43
|
* export class AuthController extends BaseAuthController {
|
|
41
44
|
* protected userModel = User
|
|
42
45
|
* protected hash = Hash
|
|
46
|
+
*
|
|
47
|
+
* // Tighten one method, accept defaults for the rest.
|
|
48
|
+
* static override rateLimits = {
|
|
49
|
+
* ...DEFAULT_AUTH_RATE_LIMITS,
|
|
50
|
+
* signIn: RateLimit.perMinute(3).message('Too many login attempts.'),
|
|
51
|
+
* }
|
|
43
52
|
* }
|
|
44
53
|
* ```
|
|
45
54
|
*
|
|
@@ -59,6 +68,17 @@ export declare abstract class BaseAuthController {
|
|
|
59
68
|
protected abstract hash: AuthHashLike;
|
|
60
69
|
/** Optional — set to enable `/request-password-reset` + `/reset-password`. */
|
|
61
70
|
protected passwordBroker?: PasswordBroker;
|
|
71
|
+
/**
|
|
72
|
+
* Per-method rate-limit middleware. Defaults to {@link DEFAULT_AUTH_RATE_LIMITS}
|
|
73
|
+
* (credential-stuffing + email-flood protection). Override on the subclass
|
|
74
|
+
* to tighten / loosen individual methods, or set to `{}` to disable entirely.
|
|
75
|
+
*
|
|
76
|
+
* Read once when the controller's first instance is constructed (i.e. when
|
|
77
|
+
* `Route.registerController()` runs). Mutating after registration has no
|
|
78
|
+
* effect — re-mount the controller on a fresh `Router` if needed.
|
|
79
|
+
*/
|
|
80
|
+
static rateLimits: AuthRateLimits;
|
|
81
|
+
constructor();
|
|
62
82
|
signIn(req: AppRequest, res: AppResponse): Promise<void>;
|
|
63
83
|
signUp(req: AppRequest, res: AppResponse): Promise<void>;
|
|
64
84
|
signOut(_req: AppRequest, res: AppResponse): Promise<void>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"base-auth-controller.d.ts","sourceRoot":"","sources":["../src/base-auth-controller.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAA;
|
|
1
|
+
{"version":3,"file":"base-auth-controller.d.ts","sourceRoot":"","sources":["../src/base-auth-controller.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAA;AAIrF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAMzD,8DAA8D;AAC9D,MAAM,WAAW,iBAAiB;IAChC,KAAK,IAAI;QAAE,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,GAAG;YAAE,KAAK,IAAI,OAAO,CAAC,OAAO,CAAC,CAAA;SAAE,CAAA;KAAE,CAAA;IAChF,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAA;IACxE,MAAM,CAAC,EAAE,EAAE,MAAM,GAAG,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;CAC9E;AAED,sEAAsE;AACtE,MAAM,WAAW,YAAY;IAC3B,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;IACpC,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;CACvD;AAcD,sFAAsF;AACtF,MAAM,WAAW,cAAc;IAC7B,MAAM,CAAC,EAAgB,iBAAiB,GAAG,IAAI,CAAA;IAC/C,MAAM,CAAC,EAAgB,iBAAiB,GAAG,IAAI,CAAA;IAC/C,oBAAoB,CAAC,EAAE,iBAAiB,GAAG,IAAI,CAAA;CAChD;AAED,eAAO,MAAM,wBAAwB,EAAE,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,CAYtE,CAAA;AA0BF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AACH,8BACsB,kBAAkB;IACtC,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE,iBAAiB,CAAA;IAC/C,SAAS,CAAC,QAAQ,CAAC,IAAI,EAAO,YAAY,CAAA;IAE1C,8EAA8E;IAC9E,SAAS,CAAC,cAAc,CAAC,EAAE,cAAc,CAAA;IAEzC;;;;;;;;OAQG;IACH,MAAM,CAAC,UAAU,EAAE,cAAc,CAA2B;;IAwCtD,MAAM,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAiBxD,MAAM,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAyBxD,OAAO,CAAC,IAAI,EAAE,UAAU,EAAE,GAAG,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAM1D,oBAAoB,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAsBtE,aAAa,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAiCrE;;;OAGG;cACa,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAK5E"}
|
|
@@ -7,9 +7,37 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
|
|
|
7
7
|
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
8
8
|
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
9
9
|
};
|
|
10
|
+
var BaseAuthController_1;
|
|
10
11
|
import { Controller, Post } from '@rudderjs/router';
|
|
12
|
+
import { RateLimit } from '@rudderjs/middleware';
|
|
11
13
|
import { Auth } from './auth-manager.js';
|
|
12
14
|
import { toAuthenticatable } from './providers.js';
|
|
15
|
+
export const DEFAULT_AUTH_RATE_LIMITS = Object.freeze({
|
|
16
|
+
signIn: RateLimit.perMinute(10)
|
|
17
|
+
.message('Too many sign-in attempts. Please try again later.'),
|
|
18
|
+
signUp: RateLimit.perMinute(5)
|
|
19
|
+
.message('Too many sign-up attempts. Please try again later.'),
|
|
20
|
+
requestPasswordReset: RateLimit.perMinute(3)
|
|
21
|
+
.by((req) => {
|
|
22
|
+
const body = req.body;
|
|
23
|
+
const email = typeof body?.email === 'string' ? body.email : undefined;
|
|
24
|
+
return email ?? req.ip ?? 'unknown';
|
|
25
|
+
})
|
|
26
|
+
.message('Too many password reset requests. Please try again later.'),
|
|
27
|
+
});
|
|
28
|
+
// Tracks subclasses that have already had their rate-limit middleware injected
|
|
29
|
+
// so re-constructing the controller (`registerController` does `new Ctor()`)
|
|
30
|
+
// doesn't stack the same limiters repeatedly. Each subclass mutates only its
|
|
31
|
+
// own prototype's route metadata — siblings are isolated by the per-subclass
|
|
32
|
+
// metadata clone below.
|
|
33
|
+
const RATE_LIMITS_APPLIED = new WeakSet();
|
|
34
|
+
// Mirrors the private `ROUTE_DEFINITIONS` key in `@rudderjs/router`. Kept in
|
|
35
|
+
// sync deliberately so we can clone route metadata onto the subclass prototype
|
|
36
|
+
// without dragging a wider public surface through the router package. If the
|
|
37
|
+
// router renames this constant, the subclass test below catches the drift
|
|
38
|
+
// (routes would land on the wrong prototype and registerController would see
|
|
39
|
+
// the unmodified base routes).
|
|
40
|
+
const ROUTE_DEFINITIONS_KEY = 'rudderjs:route:definitions';
|
|
13
41
|
// ─── Base Controller ──────────────────────────────────────
|
|
14
42
|
/**
|
|
15
43
|
* Laravel Breeze-style auth controller — subclass it and set `userModel` +
|
|
@@ -20,22 +48,24 @@ import { toAuthenticatable } from './providers.js';
|
|
|
20
48
|
* convention. The `/api/*` namespace is reserved for token-based API auth
|
|
21
49
|
* (Sanctum / Passport bearer routes).
|
|
22
50
|
*
|
|
23
|
-
*
|
|
24
|
-
*
|
|
51
|
+
* **Default rate-limits** apply to `signIn` / `signUp` / `requestPasswordReset`
|
|
52
|
+
* out of the box (see {@link DEFAULT_AUTH_RATE_LIMITS}). Override per-method
|
|
53
|
+
* via the static `rateLimits` field on the subclass — or set it to `{}` to
|
|
54
|
+
* disable entirely (e.g. internal admin panels behind VPN auth):
|
|
25
55
|
*
|
|
26
56
|
* ```ts
|
|
27
|
-
* import { Middleware } from '@rudderjs/router'
|
|
28
57
|
* import { RateLimit } from '@rudderjs/middleware'
|
|
29
58
|
* import { BaseAuthController } from '@rudderjs/auth'
|
|
30
|
-
* import { Hash } from '@rudderjs/hash'
|
|
31
|
-
* import { User } from '../Models/User.js'
|
|
32
59
|
*
|
|
33
|
-
* const authLimit = RateLimit.perMinute(10).message('Too many attempts.')
|
|
34
|
-
*
|
|
35
|
-
* @Middleware([authLimit])
|
|
36
60
|
* export class AuthController extends BaseAuthController {
|
|
37
61
|
* protected userModel = User
|
|
38
62
|
* protected hash = Hash
|
|
63
|
+
*
|
|
64
|
+
* // Tighten one method, accept defaults for the rest.
|
|
65
|
+
* static override rateLimits = {
|
|
66
|
+
* ...DEFAULT_AUTH_RATE_LIMITS,
|
|
67
|
+
* signIn: RateLimit.perMinute(3).message('Too many login attempts.'),
|
|
68
|
+
* }
|
|
39
69
|
* }
|
|
40
70
|
* ```
|
|
41
71
|
*
|
|
@@ -51,8 +81,51 @@ import { toAuthenticatable } from './providers.js';
|
|
|
51
81
|
* can read and write the session.
|
|
52
82
|
*/
|
|
53
83
|
let BaseAuthController = class BaseAuthController {
|
|
84
|
+
static { BaseAuthController_1 = this; }
|
|
54
85
|
/** Optional — set to enable `/request-password-reset` + `/reset-password`. */
|
|
55
86
|
passwordBroker;
|
|
87
|
+
/**
|
|
88
|
+
* Per-method rate-limit middleware. Defaults to {@link DEFAULT_AUTH_RATE_LIMITS}
|
|
89
|
+
* (credential-stuffing + email-flood protection). Override on the subclass
|
|
90
|
+
* to tighten / loosen individual methods, or set to `{}` to disable entirely.
|
|
91
|
+
*
|
|
92
|
+
* Read once when the controller's first instance is constructed (i.e. when
|
|
93
|
+
* `Route.registerController()` runs). Mutating after registration has no
|
|
94
|
+
* effect — re-mount the controller on a fresh `Router` if needed.
|
|
95
|
+
*/
|
|
96
|
+
static rateLimits = DEFAULT_AUTH_RATE_LIMITS;
|
|
97
|
+
constructor() {
|
|
98
|
+
const ctor = this.constructor;
|
|
99
|
+
if (RATE_LIMITS_APPLIED.has(ctor))
|
|
100
|
+
return;
|
|
101
|
+
RATE_LIMITS_APPLIED.add(ctor);
|
|
102
|
+
// `@Post` decorators on this class populate `ROUTE_DEFINITIONS` on
|
|
103
|
+
// `BaseAuthController.prototype`. `Reflect.getMetadata` walks the
|
|
104
|
+
// prototype chain, so subclasses inherit those routes — but they're
|
|
105
|
+
// the SAME array, by reference. If two subclasses with different
|
|
106
|
+
// `rateLimits` both mutated that shared array, the second's limiters
|
|
107
|
+
// would stack on top of the first's. Clone the route definitions onto
|
|
108
|
+
// each subclass's own prototype (shallow-clone routes + their middleware
|
|
109
|
+
// arrays) before injecting so siblings stay isolated.
|
|
110
|
+
const baseRoutes = Reflect.getMetadata(ROUTE_DEFINITIONS_KEY, BaseAuthController_1.prototype) ?? [];
|
|
111
|
+
const cloned = baseRoutes.map((r) => ({
|
|
112
|
+
...r,
|
|
113
|
+
middleware: [...r.middleware],
|
|
114
|
+
}));
|
|
115
|
+
for (const route of cloned) {
|
|
116
|
+
const key = String(route.handlerKey);
|
|
117
|
+
const limiter = ctor.rateLimits[key];
|
|
118
|
+
if (!limiter)
|
|
119
|
+
continue;
|
|
120
|
+
// Prepend the configured limiter onto the cloned route's middleware
|
|
121
|
+
// array. `registerController` reads route.middleware verbatim — so the
|
|
122
|
+
// limiter ends up first in the chain, ahead of any per-route middleware
|
|
123
|
+
// a subclass adds and ahead of the handler. Mutation is local to the
|
|
124
|
+
// cloned route (subclass-owned), so sibling subclasses stay isolated.
|
|
125
|
+
route.middleware = [limiter, ...route.middleware];
|
|
126
|
+
}
|
|
127
|
+
Reflect.defineMetadata(ROUTE_DEFINITIONS_KEY, cloned, ctor.prototype);
|
|
128
|
+
}
|
|
56
129
|
async signIn(req, res) {
|
|
57
130
|
const { email, password } = req.body;
|
|
58
131
|
if (!email || !password) {
|
|
@@ -171,8 +244,9 @@ __decorate([
|
|
|
171
244
|
__metadata("design:paramtypes", [Object, Object]),
|
|
172
245
|
__metadata("design:returntype", Promise)
|
|
173
246
|
], BaseAuthController.prototype, "resetPassword", null);
|
|
174
|
-
BaseAuthController = __decorate([
|
|
175
|
-
Controller('/auth')
|
|
247
|
+
BaseAuthController = BaseAuthController_1 = __decorate([
|
|
248
|
+
Controller('/auth'),
|
|
249
|
+
__metadata("design:paramtypes", [])
|
|
176
250
|
], BaseAuthController);
|
|
177
251
|
export { BaseAuthController };
|
|
178
252
|
//# sourceMappingURL=base-auth-controller.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"base-auth-controller.js","sourceRoot":"","sources":["../src/base-auth-controller.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"base-auth-controller.js","sourceRoot":"","sources":["../src/base-auth-controller.ts"],"names":[],"mappings":";;;;;;;;;;AAAA,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAA;AAEnD,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAA;AAChD,OAAO,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AACxC,OAAO,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AAuClD,MAAM,CAAC,MAAM,wBAAwB,GAAuC,MAAM,CAAC,MAAM,CAAC;IACxF,MAAM,EAAE,SAAS,CAAC,SAAS,CAAC,EAAE,CAAC;SAC5B,OAAO,CAAC,oDAAoD,CAAC;IAChE,MAAM,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC;SAC3B,OAAO,CAAC,oDAAoD,CAAC;IAChE,oBAAoB,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC;SACzC,EAAE,CAAC,CAAC,GAAG,EAAE,EAAE;QACV,MAAM,IAAI,GAAG,GAAG,CAAC,IAA8C,CAAA;QAC/D,MAAM,KAAK,GAAG,OAAO,IAAI,EAAE,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAA;QACtE,OAAO,KAAK,IAAK,GAAkC,CAAC,EAAE,IAAI,SAAS,CAAA;IACrE,CAAC,CAAC;SACD,OAAO,CAAC,2DAA2D,CAAC;CACxE,CAAC,CAAA;AAEF,+EAA+E;AAC/E,6EAA6E;AAC7E,6EAA6E;AAC7E,6EAA6E;AAC7E,wBAAwB;AACxB,MAAM,mBAAmB,GAAG,IAAI,OAAO,EAAkC,CAAA;AAEzE,6EAA6E;AAC7E,+EAA+E;AAC/E,6EAA6E;AAC7E,0EAA0E;AAC1E,6EAA6E;AAC7E,+BAA+B;AAC/B,MAAM,qBAAqB,GAAG,4BAA4B,CAAA;AAS1D,6DAA6D;AAE7D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AAEI,IAAe,kBAAkB,GAAjC,MAAe,kBAAkB;;IAItC,8EAA8E;IACpE,cAAc,CAAiB;IAEzC;;;;;;;;OAQG;IACH,MAAM,CAAC,UAAU,GAAmB,wBAAwB,CAAA;IAE5D;QACE,MAAM,IAAI,GAAG,IAAI,CAAC,WAAwC,CAAA;QAC1D,IAAI,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,OAAM;QACzC,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;QAE7B,mEAAmE;QACnE,kEAAkE;QAClE,oEAAoE;QACpE,iEAAiE;QACjE,qEAAqE;QACrE,sEAAsE;QACtE,yEAAyE;QACzE,sDAAsD;QACtD,MAAM,UAAU,GAAI,OAAO,CAAC,WAAW,CACrC,qBAAqB,EACrB,oBAAkB,CAAC,SAAS,CACS,IAAI,EAAE,CAAA;QAC7C,MAAM,MAAM,GAA0B,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC3D,GAAG,CAAC;YACJ,UAAU,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC;SAC9B,CAAC,CAAC,CAAA;QAEH,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAyB,CAAA;YAC5D,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;YACpC,IAAI,CAAC,OAAO;gBAAE,SAAQ;YACtB,oEAAoE;YACpE,uEAAuE;YACvE,wEAAwE;YACxE,qEAAqE;YACrE,sEAAsE;YACtE,KAAK,CAAC,UAAU,GAAG,CAAC,OAAO,EAAE,GAAG,KAAK,CAAC,UAAU,CAAC,CAAA;QACnD,CAAC;QAED,OAAO,CAAC,cAAc,CAAC,qBAAqB,EAAE,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,CAAA;IACvE,CAAC;IAGK,AAAN,KAAK,CAAC,MAAM,CAAC,GAAe,EAAE,GAAgB;QAC5C,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,IAA6C,CAAA;QAC7E,IAAI,CAAC,KAAK,IAAI,CAAC,QAAQ,EAAE,CAAC;YACxB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,kCAAkC,EAAE,CAAC,CAAA;YACrE,OAAM;QACR,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAA;QACvD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,4BAA4B,EAAE,CAAC,CAAA;YAC/D,OAAM;QACR,CAAC;QAED,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;IACxB,CAAC;IAGK,AAAN,KAAK,CAAC,MAAM,CAAC,GAAe,EAAE,GAAgB;QAC5C,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,IAA4D,CAAA;QAClG,IAAI,CAAC,KAAK,IAAI,CAAC,QAAQ,EAAE,CAAC;YACxB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,kCAAkC,EAAE,CAAC,CAAA;YACrE,OAAM;QACR,CAAC;QACD,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,yCAAyC,EAAE,CAAC,CAAA;YAC5E,OAAM;QACR,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,KAAK,EAAE,CAAA;QAC3E,IAAI,QAAQ,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,4CAA4C,EAAE,CAAC,CAAA;YAC/E,OAAM;QACR,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QAC7C,MAAM,IAAI,GAAK,MAAM,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,IAAI,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAA;QAEzF,MAAM,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,IAA+B,CAAC,CAAC,CAAA;QACpE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;IACxB,CAAC;IAGK,AAAN,KAAK,CAAC,OAAO,CAAC,IAAgB,EAAE,GAAgB;QAC9C,MAAM,IAAI,CAAC,MAAM,EAAE,CAAA;QACnB,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;IACxB,CAAC;IAGK,AAAN,KAAK,CAAC,oBAAoB,CAAC,GAAe,EAAE,GAAgB;QAC1D,MAAM,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC,IAA0B,CAAA;QAChD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,oBAAoB,EAAE,CAAC,CAAA;YACvD,OAAM;QACR,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,2EAA2E;YAC3E,sEAAsE;YACtE,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAA;YAC5B,OAAM;QACR,CAAC;QAED,MAAM,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;YACxE,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;QACzC,CAAC,CAAC,CAAA;QAEF,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAA;IAC9B,CAAC;IAGK,AAAN,KAAK,CAAC,aAAa,CAAC,GAAe,EAAE,GAAgB;QACnD,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,GAAG,CAAC,IAEzC,CAAA;QACD,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,IAAI,CAAC,WAAW,EAAE,CAAC;YACrC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,8CAA8C,EAAE,CAAC,CAAA;YACjF,OAAM;QACR,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,gCAAgC,EAAE,CAAC,CAAA;YACnE,OAAM;QACR,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,CAC5C,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,EACvC,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;YAC7C,MAAM,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAA;QAC7E,CAAC,CACF,CAAA;QAED,IAAI,MAAM,KAAK,gBAAgB,EAAE,CAAC;YAChC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;YACtB,OAAM;QACR,CAAC;QACD,IAAI,MAAM,KAAK,eAAe,EAAE,CAAC;YAC/B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,0BAA0B,EAAE,CAAC,CAAA;YAC7D,OAAM;QACR,CAAC;QACD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAC,CAAA;IAChE,CAAC;IAED;;;OAGG;IACO,KAAK,CAAC,cAAc,CAAC,KAAa,EAAE,KAAa;QACzD,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,uBAAuB,CAAA;QACjE,MAAM,GAAG,GAAO,GAAG,OAAO,yBAAyB,KAAK,UAAU,kBAAkB,CAAC,KAAK,CAAC,EAAE,CAAA;QAC7F,OAAO,CAAC,GAAG,CAAC,sCAAsC,KAAK,KAAK,GAAG,EAAE,CAAC,CAAA;IACpE,CAAC;;AA/GK;IADL,IAAI,CAAC,gBAAgB,CAAC;;;;gDAetB;AAGK;IADL,IAAI,CAAC,gBAAgB,CAAC;;;;gDAuBtB;AAGK;IADL,IAAI,CAAC,WAAW,CAAC;;;;iDAIjB;AAGK;IADL,IAAI,CAAC,yBAAyB,CAAC;;;;8DAoB/B;AAGK;IADL,IAAI,CAAC,iBAAiB,CAAC;;;;uDAgCvB;AA7JmB,kBAAkB;IADvC,UAAU,CAAC,OAAO,CAAC;;GACE,kBAAkB,CAwKvC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -15,8 +15,8 @@ export { Gate, Policy, AuthorizationError } from './gate.js';
|
|
|
15
15
|
export { PasswordBroker, MemoryTokenRepository } from './password-reset.js';
|
|
16
16
|
export { EnsureEmailIsVerified, verificationUrl, handleEmailVerification, mustVerifyEmail } from './verification.js';
|
|
17
17
|
export { RequireGuest } from './require-guest.js';
|
|
18
|
-
export { BaseAuthController } from './base-auth-controller.js';
|
|
19
|
-
export type { AuthUserModelLike, AuthHashLike } from './base-auth-controller.js';
|
|
18
|
+
export { BaseAuthController, DEFAULT_AUTH_RATE_LIMITS } from './base-auth-controller.js';
|
|
19
|
+
export type { AuthUserModelLike, AuthHashLike, AuthRateLimits } from './base-auth-controller.js';
|
|
20
20
|
export type { Authenticatable, AuthUser, Guard, UserProvider } from './contracts.js';
|
|
21
21
|
export type { MustVerifyEmail } from './verification.js';
|
|
22
22
|
export type { TokenRepository, PasswordResetStatus, PasswordResetConfig } from './password-reset.js';
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAA8B,MAAM,gBAAgB,CAAA;AAC5E,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAA;AAE5D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AAK9C,OAAO,QAAQ,qBAAqB,CAAC;IACnC,UAAU,UAAU;QAClB,IAAI,CAAC,EAAE,QAAQ,CAAA;KAChB;CACF;AAID,OAAO,iBAAiB,CAAA;AAIxB,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AAC9C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AACzE,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AACxE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,kBAAkB,EAAE,MAAM,WAAW,CAAA;AAC5D,OAAO,EAAE,cAAc,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAA;AAC3E,OAAO,EAAE,qBAAqB,EAAE,eAAe,EAAE,uBAAuB,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACpH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAA;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAA8B,MAAM,gBAAgB,CAAA;AAC5E,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAA;AAE5D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AAK9C,OAAO,QAAQ,qBAAqB,CAAC;IACnC,UAAU,UAAU;QAClB,IAAI,CAAC,EAAE,QAAQ,CAAA;KAChB;CACF;AAID,OAAO,iBAAiB,CAAA;AAIxB,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AAC9C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AACzE,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AACxE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,kBAAkB,EAAE,MAAM,WAAW,CAAA;AAC5D,OAAO,EAAE,cAAc,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAA;AAC3E,OAAO,EAAE,qBAAqB,EAAE,eAAe,EAAE,uBAAuB,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACpH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,kBAAkB,EAAE,wBAAwB,EAAE,MAAM,2BAA2B,CAAA;AACxF,YAAY,EAAE,iBAAiB,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAA;AAEhG,YAAY,EAAE,eAAe,EAAE,QAAQ,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AACpF,YAAY,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACxD,YAAY,EAAE,eAAe,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAA;AACpG,YAAY,EAAE,UAAU,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAA;AACxF,YAAY,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAetD;;;;;GAKG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,OAAO,GAAG,QAAQ,CAsBnD;AAID;;;GAGG;AACH,wBAAgB,cAAc,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,iBAAiB,CAwDpE;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,iBAAiB,CAoBjE;AAID;;;;;;;;;;;GAWG;AACH,qBAAa,YAAa,SAAQ,eAAe;IAC/C,QAAQ,IAAI,IAAI;IAgBV,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;CAkC5B"}
|
package/dist/index.js
CHANGED
|
@@ -12,7 +12,7 @@ export { Gate, Policy, AuthorizationError } from './gate.js';
|
|
|
12
12
|
export { PasswordBroker, MemoryTokenRepository } from './password-reset.js';
|
|
13
13
|
export { EnsureEmailIsVerified, verificationUrl, handleEmailVerification, mustVerifyEmail } from './verification.js';
|
|
14
14
|
export { RequireGuest } from './require-guest.js';
|
|
15
|
-
export { BaseAuthController } from './base-auth-controller.js';
|
|
15
|
+
export { BaseAuthController, DEFAULT_AUTH_RATE_LIMITS } from './base-auth-controller.js';
|
|
16
16
|
// ─── Helpers ──────────────────────────────────────────────
|
|
17
17
|
/**
|
|
18
18
|
* Always-stripped column names. `password` is the obvious one; both
|
|
@@ -90,21 +90,41 @@ export function AuthMiddleware(guardName) {
|
|
|
90
90
|
const initialUid = session?.get('auth_user_id');
|
|
91
91
|
if (initialUid)
|
|
92
92
|
await syncUser();
|
|
93
|
-
|
|
94
|
-
//
|
|
95
|
-
//
|
|
93
|
+
// try/finally so a handler that signs the user in (or out) and then
|
|
94
|
+
// throws still produces a consistent `req.user` snapshot for the error
|
|
95
|
+
// renderer — without it the sync block was skipped and the renderer
|
|
96
|
+
// saw stale (or empty) auth state.
|
|
97
|
+
let handlerError;
|
|
98
|
+
let handlerThrew = false;
|
|
99
|
+
try {
|
|
100
|
+
await next();
|
|
101
|
+
}
|
|
102
|
+
catch (err) {
|
|
103
|
+
handlerError = err;
|
|
104
|
+
handlerThrew = true;
|
|
105
|
+
}
|
|
96
106
|
const finalUid = session?.get('auth_user_id');
|
|
97
107
|
if (finalUid !== initialUid) {
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
108
|
+
try {
|
|
109
|
+
if (finalUid)
|
|
110
|
+
await syncUser();
|
|
111
|
+
else {
|
|
112
|
+
delete rawReq['__rjs_user'];
|
|
113
|
+
try {
|
|
114
|
+
delete req['user'];
|
|
115
|
+
}
|
|
116
|
+
catch { /* read-only */ }
|
|
104
117
|
}
|
|
105
|
-
|
|
118
|
+
}
|
|
119
|
+
catch (syncErr) {
|
|
120
|
+
// Never let a sync failure mask the original handler error; only
|
|
121
|
+
// surface the sync error when the handler itself succeeded.
|
|
122
|
+
if (!handlerThrew)
|
|
123
|
+
throw syncErr;
|
|
106
124
|
}
|
|
107
125
|
}
|
|
126
|
+
if (handlerThrew)
|
|
127
|
+
throw handlerError;
|
|
108
128
|
});
|
|
109
129
|
};
|
|
110
130
|
}
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,GAAG,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAA;AAE5E,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,WAAW,EAAmB,MAAM,mBAAmB,CAAA;AAYnF,uEAAuE;AACvE,sEAAsE;AACtE,OAAO,iBAAiB,CAAA;AAExB,6DAA6D;AAE7D,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AAC9C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AACzE,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AACxE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,kBAAkB,EAAE,MAAM,WAAW,CAAA;AAC5D,OAAO,EAAE,cAAc,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAA;AAC3E,OAAO,EAAE,qBAAqB,EAAE,eAAe,EAAE,uBAAuB,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACpH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAA;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,GAAG,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAA;AAE5E,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,WAAW,EAAmB,MAAM,mBAAmB,CAAA;AAYnF,uEAAuE;AACvE,sEAAsE;AACtE,OAAO,iBAAiB,CAAA;AAExB,6DAA6D;AAE7D,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AAC9C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AACzE,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AACxE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,kBAAkB,EAAE,MAAM,WAAW,CAAA;AAC5D,OAAO,EAAE,cAAc,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAA;AAC3E,OAAO,EAAE,qBAAqB,EAAE,eAAe,EAAE,uBAAuB,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACpH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,kBAAkB,EAAE,wBAAwB,EAAE,MAAM,2BAA2B,CAAA;AASxF,6DAA6D;AAE7D;;;;;;;;GAQG;AACH,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,CAAC,UAAU,EAAE,eAAe,EAAE,gBAAgB,CAAC,CAAC,CAAA;AAE9E;;;;;GAKG;AACH,MAAM,UAAU,WAAW,CAAC,IAAa;IACvC,MAAM,CAAC,GAAG,IAA+B,CAAA;IACzC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,CAAA;IACrC,MAAM,SAAS,GAAI,CAAC,CAAC,WAAW,CAAkC,CAAA;IAClE,IAAI,OAAO,SAAS,KAAK,UAAU,EAAE,CAAC;QACpC,KAAK,MAAM,CAAC,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;YAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;IAClD,CAAC;IACD,MAAM,KAAK,GAA4B,EAAE,CAAA;IACzC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;QACvC,IAAI,OAAO,CAAC,KAAK,UAAU;YAAE,SAAQ;QACrC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,SAAQ;QAC3B,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;IACd,CAAC;IACD,2EAA2E;IAC3E,2EAA2E;IAC3E,0EAA0E;IAC1E,OAAO;QACL,GAAG,KAAK;QACR,EAAE,EAAK,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QAChC,IAAI,EAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QAClC,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;KACpC,CAAA;AACH,CAAC;AAED,6DAA6D;AAE7D;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,SAAkB;IAC/C,OAAO,KAAK,UAAU,cAAc,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI;QACjD,MAAM,OAAO,GAAG,GAAG,EAAE,CAAC,IAAI,CAAc,cAAc,CAAC,CAAA;QACvD,MAAM,aAAa,GAAG,SAAS,IAAK,OAA6C,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAA;QAEvG,MAAM,MAAM,GAAG,GAAG,CAAC,GAA8B,CAAA;QACjD,MAAM,OAAO,GAAG,MAAM,CAAC,eAAe,CAA4C,CAAA;QAElF,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE;YAC1B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,IAAI,EAAE,CAAA;YACnD,IAAI,IAAI,EAAE,CAAC;gBACT,MAAM,KAAK,GAAG,WAAW,CAAC,IAAI,CAAC,CAAA;gBAC/B,MAAM,CAAC,YAAY,CAAC,GAAG,KAAK,CAAA;gBAC5B,IAAI,CAAC;oBAAE,GAA0C,CAAC,MAAM,CAAC,GAAG,KAAK,CAAA;gBAAC,CAAC;gBAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC;YAC/F,CAAC;iBAAM,CAAC;gBACN,OAAO,MAAM,CAAC,YAAY,CAAC,CAAA;gBAC3B,IAAI,CAAC;oBAAC,OAAQ,GAA0C,CAAC,MAAM,CAAC,CAAA;gBAAC,CAAC;gBAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC;YAC9F,CAAC;QACH,CAAC,CAAA;QAED,MAAM,WAAW,CAAC,OAAO,EAAE,KAAK,IAAI,EAAE;YACpC,wFAAwF;YACxF,MAAM,UAAU,GAAG,OAAO,EAAE,GAAG,CAAC,cAAc,CAAuB,CAAA;YACrE,IAAI,UAAU;gBAAE,MAAM,QAAQ,EAAE,CAAA;YAEhC,oEAAoE;YACpE,uEAAuE;YACvE,oEAAoE;YACpE,mCAAmC;YACnC,IAAI,YAAqB,CAAA;YACzB,IAAI,YAAY,GAAG,KAAK,CAAA;YACxB,IAAI,CAAC;gBACH,MAAM,IAAI,EAAE,CAAA;YACd,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,YAAY,GAAG,GAAG,CAAA;gBAClB,YAAY,GAAG,IAAI,CAAA;YACrB,CAAC;YAED,MAAM,QAAQ,GAAG,OAAO,EAAE,GAAG,CAAC,cAAc,CAAuB,CAAA;YACnE,IAAI,QAAQ,KAAK,UAAU,EAAE,CAAC;gBAC5B,IAAI,CAAC;oBACH,IAAI,QAAQ;wBAAE,MAAM,QAAQ,EAAE,CAAA;yBACzB,CAAC;wBACJ,OAAO,MAAM,CAAC,YAAY,CAAC,CAAA;wBAC3B,IAAI,CAAC;4BAAC,OAAQ,GAA0C,CAAC,MAAM,CAAC,CAAA;wBAAC,CAAC;wBAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC;oBAC9F,CAAC;gBACH,CAAC;gBAAC,OAAO,OAAO,EAAE,CAAC;oBACjB,iEAAiE;oBACjE,4DAA4D;oBAC5D,IAAI,CAAC,YAAY;wBAAE,MAAM,OAAO,CAAA;gBAClC,CAAC;YACH,CAAC;YAED,IAAI,YAAY;gBAAE,MAAM,YAAY,CAAA;QACtC,CAAC,CAAC,CAAA;IACJ,CAAC,CAAA;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,SAAkB;IAC5C,OAAO,KAAK,UAAU,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI;QAC9C,MAAM,OAAO,GAAG,GAAG,EAAE,CAAC,IAAI,CAAc,cAAc,CAAC,CAAA;QAEvD,MAAM,WAAW,CAAC,OAAO,EAAE,KAAK,IAAI,EAAE;YACpC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,IAAK,OAA6C,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;YAC3G,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,IAAI,EAAE,CAAA;YAE/B,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC,CAAA;gBAClD,OAAM;YACR,CAAC;YAED,MAAM,KAAK,GAAG,WAAW,CAAC,IAAI,CAAC,CAC9B;YAAC,GAAG,CAAC,GAA+B,CAAC,YAAY,CAAC,GAAG,KAAK,CAAA;YAC3D,IAAI,CAAC;gBAAE,GAA0C,CAAC,MAAM,CAAC,GAAG,KAAK,CAAA;YAAC,CAAC;YAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC;YAE7F,MAAM,IAAI,EAAE,CAAA;QACd,CAAC,CAAC,CAAA;IACJ,CAAC,CAAA;AACH,CAAC;AAED,6DAA6D;AAE7D;;;;;;;;;;;GAWG;AACH,MAAM,OAAO,YAAa,SAAQ,eAAe;IAC/C,QAAQ;QACN,yEAAyE;QACzE,2FAA2F;QAC3F,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,CAAC,kBAAkB,CAAC,gBAAgB,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,EAAE,gBAAgB,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,CAAA;QACzI,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,CAAC,kBAAkB,CAAC,gBAAgB,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,EAAE,gBAAgB,EAAE,GAAG,EAAE,kBAAkB,EAAE,CAAC,CAAA;QAE/I,sCAAsC;QACtC,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,kBAAkB,CAAC,WAAW,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAA;QACnF,IAAI,CAAC,SAAS,CAAC;YACb,EAAE,IAAI,EAAE,GAAG,SAAS,cAAc,EAAa,EAAE,EAAE,eAAe,EAAI,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,QAAiB,EAAE;YAClH,EAAE,IAAI,EAAE,GAAG,SAAS,yBAAyB,EAAE,EAAE,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,SAAkB,EAAE,MAAM,EAAE,QAAiB,EAAE;YAC9I,EAAE,IAAI,EAAE,GAAG,SAAS,qBAAqB,EAAM,EAAE,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,SAAkB,EAAE,MAAM,EAAE,YAAqB,EAAE;YAClJ,EAAE,IAAI,EAAE,GAAG,SAAS,wBAAwB,EAAG,EAAE,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,SAAkB,EAAE,MAAM,EAAE,OAAgB,EAAE;SAC9I,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,IAAI;QACR,MAAM,GAAG,GAAG,MAAM,CAAa,MAAM,CAAC,CAAA;QAEtC,6BAA6B;QAC7B,IAAI,SAA8D,CAAA;QAClE,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAoD,MAAM,CAAC,CAAA;YAC3F,SAAS,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,KAAK,EAAE,MAAM,CAAC,CAAA;QAChE,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,KAAK,CACb,kFAAkF,CACnF,CAAA;QACH,CAAC;QAED,0EAA0E;QAC1E,MAAM,UAAU,GAAG,GAAiB,EAAE;YACpC,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAe,gBAAgB,CAAC,CAAA;QACtD,CAAC,CAAA;QAED,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,GAAG,EAAE,SAAS,EAAE,UAAU,CAAC,CAAA;QAC3D,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,cAAc,EAAE,OAAO,CAAC,CAAA;QAC1C,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,CAAA;QAE/B,oEAAoE;QACpE,oEAAoE;QACpE,iFAAiF;QACjF,oDAAoD;QACpD,aAAa,CAAC,KAAK,EAAE,cAAc,EAAE,CAAC,CAAA;QAEtC,sEAAsE;QACtE,qEAAqE;QACrE,uEAAuE;QACvE,MAAM,wBAAwB,EAAE,CAAA;IAClC,CAAC;CACF;AAED,KAAK,UAAU,wBAAwB;IACrC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,uCAAuC,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAE1E,CAAA;QACR,IAAI,CAAC,GAAG,EAAE,2BAA2B;YAAE,OAAM;QAE7C,GAAG,CAAC,2BAA2B,CAAC,KAAK,EAAE,WAAW,EAAE,EAAE;YACpD,IAAI,CAAC;gBACH,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAA;gBAC3B,WAAW,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;YAC9C,CAAC;YAAC,MAAM,CAAC;gBACP,WAAW,CAAC,IAAI,GAAG,IAAI,CAAA;YACzB,CAAC;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,8CAA8C;IAChD,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verification.d.ts","sourceRoot":"","sources":["../src/verification.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAA;
|
|
1
|
+
{"version":3,"file":"verification.d.ts","sourceRoot":"","sources":["../src/verification.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAA;AAE5D,OAAO,KAAK,EAAE,eAAe,EAAY,MAAM,gBAAgB,CAAA;AAI/D;;;;;;;;;GASG;AACH,MAAM,WAAW,eAAe;IAC9B,gBAAgB,IAAI,OAAO,CAAA;IAC3B,mBAAmB,IAAI,OAAO,CAAC,IAAI,CAAC,CAAA;IACpC,uBAAuB,IAAI,MAAM,CAAA;CAClC;AAED,mDAAmD;AACnD,wBAAgB,eAAe,CAAC,IAAI,EAAE,OAAO,GAAG,IAAI,IAAI,eAAe,GAAG,eAAe,CAOxF;AAID;;;;;;;GAOG;AACH,wBAAgB,qBAAqB,IAAI,iBAAiB,CA0CzD;AAmBD;;;;;;;;;;;GAWG;AACH,wBAAgB,eAAe,CAAC,IAAI,EAAE,eAAe,GAAG;IAAE,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAAC,iBAAiB,CAAC,IAAI,MAAM,CAAA;CAAE,GAAG,MAAM,CAQtH;AAID;;;;;;;;;;;GAWG;AACH,wBAAsB,uBAAuB,CAC3C,EAAE,EAAE,MAAM,EACV,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,CAAC,eAAe,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,GACpF,OAAO,CAAC,OAAO,CAAC,CAgBlB"}
|
package/dist/verification.js
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { createHash, timingSafeEqual as cryptoTimingSafeEqual } from 'node:crypto';
|
|
2
2
|
import { Url } from '@rudderjs/router';
|
|
3
|
+
import { Auth } from './auth-manager.js';
|
|
3
4
|
/** Type guard for users that must verify email. */
|
|
4
5
|
export function mustVerifyEmail(user) {
|
|
5
6
|
const u = user;
|
|
@@ -18,19 +19,65 @@ export function mustVerifyEmail(user) {
|
|
|
18
19
|
*/
|
|
19
20
|
export function EnsureEmailIsVerified() {
|
|
20
21
|
return async function EnsureEmailIsVerified(req, res, next) {
|
|
21
|
-
|
|
22
|
+
// Re-resolve via the live guard first — `req.user` is a serialized
|
|
23
|
+
// snapshot produced by `userToPlain()`. The snapshot drops methods and
|
|
24
|
+
// its `emailVerifiedAt` is whatever survived JSON serialization (a Date
|
|
25
|
+
// becomes a string; a mass-assigned column could be anything). The live
|
|
26
|
+
// Model still has typed columns AND any `MustVerifyEmail` mixin
|
|
27
|
+
// contract. Fall back to the snapshot only when no auth context is set
|
|
28
|
+
// (e.g. apps wiring this without `AuthMiddleware` / `RequireAuth`) or
|
|
29
|
+
// the guard couldn't resolve a user but the snapshot still has one.
|
|
30
|
+
let user;
|
|
31
|
+
try {
|
|
32
|
+
user = await Auth.user();
|
|
33
|
+
}
|
|
34
|
+
catch {
|
|
35
|
+
user = null;
|
|
36
|
+
}
|
|
37
|
+
if (!user) {
|
|
38
|
+
const snapshot = req.user;
|
|
39
|
+
user = (snapshot ?? null);
|
|
40
|
+
}
|
|
22
41
|
if (!user) {
|
|
23
42
|
res.status(401).json({ message: 'Unauthorized.' });
|
|
24
43
|
return;
|
|
25
44
|
}
|
|
26
|
-
//
|
|
27
|
-
|
|
45
|
+
// Preferred path — the User Model implements `MustVerifyEmail`. The
|
|
46
|
+
// mixin owns the truth ("is this user verified?") and rules out the
|
|
47
|
+
// truthy-anything bug entirely.
|
|
48
|
+
if (mustVerifyEmail(user)) {
|
|
49
|
+
if (user.hasVerifiedEmail()) {
|
|
50
|
+
await next();
|
|
51
|
+
return;
|
|
52
|
+
}
|
|
53
|
+
res.status(403).json({ message: 'Your email address is not verified.' });
|
|
54
|
+
return;
|
|
55
|
+
}
|
|
56
|
+
// Fallback — User without the mixin. Tighten the snapshot check so a
|
|
57
|
+
// mass-assigned `"false"` / `0` / non-date string can never pass.
|
|
58
|
+
const verifiedAt = user['emailVerifiedAt'];
|
|
59
|
+
if (isVerifiedTimestamp(verifiedAt)) {
|
|
28
60
|
await next();
|
|
29
61
|
return;
|
|
30
62
|
}
|
|
31
63
|
res.status(403).json({ message: 'Your email address is not verified.' });
|
|
32
64
|
};
|
|
33
65
|
}
|
|
66
|
+
/**
|
|
67
|
+
* Verified-state predicate — accepts a real `Date` or an ISO-shaped string
|
|
68
|
+
* `Date.parse` can consume. Rejects every other truthy value (the snapshot
|
|
69
|
+
* could otherwise carry `"false"`, `0`, `"unverified"`, etc. through a
|
|
70
|
+
* mass-assignable column and silently pass the gate).
|
|
71
|
+
*/
|
|
72
|
+
function isVerifiedTimestamp(v) {
|
|
73
|
+
if (v instanceof Date)
|
|
74
|
+
return !isNaN(v.getTime());
|
|
75
|
+
if (typeof v === 'string' && v.length > 0) {
|
|
76
|
+
const t = Date.parse(v);
|
|
77
|
+
return !isNaN(t);
|
|
78
|
+
}
|
|
79
|
+
return false;
|
|
80
|
+
}
|
|
34
81
|
// ─── Verification URL helper ────────────────────────────────
|
|
35
82
|
/**
|
|
36
83
|
* Generate a signed email verification URL for a user.
|
package/dist/verification.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verification.js","sourceRoot":"","sources":["../src/verification.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,eAAe,IAAI,qBAAqB,EAAE,MAAM,aAAa,CAAA;AAClF,OAAO,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAA;
|
|
1
|
+
{"version":3,"file":"verification.js","sourceRoot":"","sources":["../src/verification.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,eAAe,IAAI,qBAAqB,EAAE,MAAM,aAAa,CAAA;AAClF,OAAO,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAA;AAEtC,OAAO,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AAqBxC,mDAAmD;AACnD,MAAM,UAAU,eAAe,CAAC,IAAa;IAC3C,MAAM,CAAC,GAAG,IAA+B,CAAA;IACzC,OAAO,CACL,OAAO,CAAC,CAAC,kBAAkB,CAAC,KAAK,UAAU;QAC3C,OAAO,CAAC,CAAC,qBAAqB,CAAC,KAAK,UAAU;QAC9C,OAAO,CAAC,CAAC,yBAAyB,CAAC,KAAK,UAAU,CACnD,CAAA;AACH,CAAC;AAED,gEAAgE;AAEhE;;;;;;;GAOG;AACH,MAAM,UAAU,qBAAqB;IACnC,OAAO,KAAK,UAAU,qBAAqB,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI;QACxD,mEAAmE;QACnE,uEAAuE;QACvE,wEAAwE;QACxE,wEAAwE;QACxE,gEAAgE;QAChE,uEAAuE;QACvE,sEAAsE;QACtE,oEAAoE;QACpE,IAAI,IAA4B,CAAA;QAChC,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAA;QAC1B,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,GAAG,IAAI,CAAA;QACb,CAAC;QACD,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,QAAQ,GAAI,GAAsC,CAAC,IAAI,CAAA;YAC7D,IAAI,GAAG,CAAC,QAAQ,IAAI,IAAI,CAA2B,CAAA;QACrD,CAAC;QAED,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC,CAAA;YAClD,OAAM;QACR,CAAC;QAED,oEAAoE;QACpE,oEAAoE;QACpE,gCAAgC;QAChC,IAAI,eAAe,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1B,IAAI,IAAI,CAAC,gBAAgB,EAAE,EAAE,CAAC;gBAAC,MAAM,IAAI,EAAE,CAAC;gBAAC,OAAM;YAAC,CAAC;YACrD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,qCAAqC,EAAE,CAAC,CAAA;YACxE,OAAM;QACR,CAAC;QAED,qEAAqE;QACrE,kEAAkE;QAClE,MAAM,UAAU,GAAI,IAA2C,CAAC,iBAAiB,CAAC,CAAA;QAClF,IAAI,mBAAmB,CAAC,UAAU,CAAC,EAAE,CAAC;YAAC,MAAM,IAAI,EAAE,CAAC;YAAC,OAAM;QAAC,CAAC;QAE7D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,qCAAqC,EAAE,CAAC,CAAA;IAC1E,CAAC,CAAA;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,mBAAmB,CAAC,CAAU;IACrC,IAAI,CAAC,YAAY,IAAI;QAAE,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAA;IACjD,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1C,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACvB,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAClB,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC;AAED,+DAA+D;AAE/D;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,eAAe,CAAC,IAA8E;IAC5G,MAAM,EAAE,GAAM,IAAI,CAAC,iBAAiB,EAAE,EAAE,IAAI,MAAM,CAAE,IAA2C,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAA;IAC5G,MAAM,KAAK,GAAG,IAAI,CAAC,uBAAuB,EAAE,CAAA;IAE5C,gDAAgD;IAChD,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,CAAA;IAE3B,OAAO,GAAG,CAAC,oBAAoB,CAAC,qBAAqB,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;AAC5E,CAAC;AAED,+DAA+D;AAE/D;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,EAAU,EACV,IAAY,EACZ,QAAqF;IAErF,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,EAAE,CAAC,CAAA;IAC/B,IAAI,CAAC,IAAI;QAAE,OAAO,KAAK,CAAA;IAEvB,MAAM,KAAK,GAAO,IAAI,CAAC,uBAAuB,EAAE,CAAA;IAChD,MAAM,QAAQ,GAAI,OAAO,CAAC,KAAK,CAAC,CAAA;IAEhC,MAAM,OAAO,GAAO,MAAM,CAAC,IAAI,CAAC,IAAI,EAAM,KAAK,CAAC,CAAA;IAChD,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAA;IAChD,IAAI,OAAO,CAAC,MAAM,KAAK,WAAW,CAAC,MAAM,IAAI,CAAC,qBAAqB,CAAC,OAAO,EAAE,WAAW,CAAC;QAAE,OAAO,KAAK,CAAA;IAEvG,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,CAAC;QAC7B,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAA;IAClC,CAAC;IAED,OAAO,IAAI,CAAA;AACb,CAAC;AAED,+DAA+D;AAE/D,SAAS,OAAO,CAAC,KAAa;IAC5B,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;AACzD,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@rudderjs/auth",
|
|
3
|
-
"version": "6.
|
|
3
|
+
"version": "6.2.0",
|
|
4
4
|
"rudderjs": {
|
|
5
5
|
"provider": "AuthProvider",
|
|
6
6
|
"stage": "infrastructure",
|
|
@@ -52,12 +52,13 @@
|
|
|
52
52
|
},
|
|
53
53
|
"dependencies": {
|
|
54
54
|
"@rudderjs/console": "^1.1.0",
|
|
55
|
-
"@rudderjs/contracts": "^1.
|
|
56
|
-
"@rudderjs/core": "^1.
|
|
55
|
+
"@rudderjs/contracts": "^1.8.0",
|
|
56
|
+
"@rudderjs/core": "^1.2.0"
|
|
57
57
|
},
|
|
58
58
|
"peerDependencies": {
|
|
59
59
|
"@rudderjs/hash": "^1.1.0",
|
|
60
|
-
"@rudderjs/
|
|
60
|
+
"@rudderjs/middleware": "^1.1.2",
|
|
61
|
+
"@rudderjs/router": "^1.6.0",
|
|
61
62
|
"@rudderjs/session": "^2.1.0",
|
|
62
63
|
"@rudderjs/view": "^1.2.1",
|
|
63
64
|
"@rudderjs/vite": "^2.2.1"
|
|
@@ -66,6 +67,9 @@
|
|
|
66
67
|
"@rudderjs/hash": {
|
|
67
68
|
"optional": false
|
|
68
69
|
},
|
|
70
|
+
"@rudderjs/middleware": {
|
|
71
|
+
"optional": false
|
|
72
|
+
},
|
|
69
73
|
"@rudderjs/router": {
|
|
70
74
|
"optional": false
|
|
71
75
|
},
|
|
@@ -84,10 +88,12 @@
|
|
|
84
88
|
"reflect-metadata": "^0.2.2",
|
|
85
89
|
"typescript": "^5.4.0",
|
|
86
90
|
"@rudderjs/hash": "^1.1.0",
|
|
87
|
-
"@rudderjs/
|
|
91
|
+
"@rudderjs/middleware": "^1.1.2",
|
|
92
|
+
"@rudderjs/router": "^1.6.0",
|
|
88
93
|
"@rudderjs/session": "^2.1.0",
|
|
89
94
|
"@rudderjs/view": "^1.2.1",
|
|
90
|
-
"@rudderjs/vite": "^2.2.1"
|
|
95
|
+
"@rudderjs/vite": "^2.2.1",
|
|
96
|
+
"@rudderjs/cache": "^1.2.0"
|
|
91
97
|
},
|
|
92
98
|
"author": "Suleiman Shahbari",
|
|
93
99
|
"scripts": {
|
|
@@ -95,7 +101,7 @@
|
|
|
95
101
|
"dev": "tsc -p tsconfig.build.json --watch",
|
|
96
102
|
"typecheck": "tsc --noEmit",
|
|
97
103
|
"lint": "eslint src",
|
|
98
|
-
"test": "tsc -p tsconfig.test.json && node --test dist-test/index.test.js",
|
|
104
|
+
"test": "tsc -p tsconfig.test.json && node --test dist-test/index.test.js dist-test/middleware-and-verification-fixes.test.js dist-test/base-auth-controller-rate-limits.test.js",
|
|
99
105
|
"clean": "rm -rf dist"
|
|
100
106
|
}
|
|
101
107
|
}
|