@rudderjs/auth 6.1.0 → 6.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -2
- package/dist/base-auth-controller.d.ts +29 -9
- package/dist/base-auth-controller.d.ts.map +1 -1
- package/dist/base-auth-controller.js +84 -10
- package/dist/base-auth-controller.js.map +1 -1
- package/dist/index.d.ts +2 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +31 -11
- package/dist/index.js.map +1 -1
- package/dist/password-reset.d.ts +3 -3
- package/dist/password-reset.d.ts.map +1 -1
- package/dist/password-reset.js +4 -4
- package/dist/password-reset.js.map +1 -1
- package/dist/verification.d.ts.map +1 -1
- package/dist/verification.js +50 -3
- package/dist/verification.js.map +1 -1
- package/package.json +18 -12
package/README.md
CHANGED
|
@@ -173,7 +173,7 @@ The `EloquentUserProvider` auto-wraps ORM model records with these methods (mapp
|
|
|
173
173
|
|
|
174
174
|
## Auth views
|
|
175
175
|
|
|
176
|
-
Ships React views for Login, Register, ForgotPassword, ResetPassword under `views/react/`. `create-rudder
|
|
176
|
+
Ships React views for Login, Register, ForgotPassword, ResetPassword under `views/react/`. `create-rudder` vendors them into `app/Views/Auth/` at scaffold time so the app owns the files from day one and can edit them freely.
|
|
177
177
|
|
|
178
178
|
The views POST credentials with an `X-CSRF-Token` header read via `getCsrfToken()` from `@rudderjs/middleware`, so they work with `CsrfMiddleware` on the web group out of the box. `@rudderjs/middleware` is already a dep of any standard RudderJS app via the bootstrap pattern.
|
|
179
179
|
|
|
@@ -189,7 +189,7 @@ The auth views were refactored to use semantic class names (`auth-wrap`, `form-c
|
|
|
189
189
|
|
|
190
190
|
If your app vendored the previous React auth views, you have two paths:
|
|
191
191
|
|
|
192
|
-
- **Re-vendor + update CSS** — copy the new view files (command above) and ensure your `app/index.css` defines the semantic class selectors. The reference CSS lives in `create-rudder
|
|
192
|
+
- **Re-vendor + update CSS** — copy the new view files (command above) and ensure your `app/index.css` defines the semantic class selectors. The reference CSS lives in `create-rudder/src/templates.ts` (`semanticRulesApply()` for Tailwind apps, `indexCssPlain()` for non-Tailwind apps).
|
|
193
193
|
- **Keep your existing vendored copies** — your old auth views still work, just don't pull in the new ones.
|
|
194
194
|
|
|
195
195
|
Bumping `@rudderjs/auth` alone won't touch your vendored copies; the views only get re-applied when you explicitly re-vendor.
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import type { AppRequest, AppResponse } from '@rudderjs/contracts';
|
|
1
|
+
import type { AppRequest, AppResponse, MiddlewareHandler } from '@rudderjs/contracts';
|
|
2
2
|
import type { PasswordBroker } from './password-reset.js';
|
|
3
3
|
/** Minimal surface the controller needs from a user Model. */
|
|
4
4
|
export interface AuthUserModelLike {
|
|
@@ -15,6 +15,13 @@ export interface AuthHashLike {
|
|
|
15
15
|
make(plain: string): Promise<string>;
|
|
16
16
|
check(plain: string, hashed: string): Promise<boolean>;
|
|
17
17
|
}
|
|
18
|
+
/** Per-method rate-limit middleware applied to `BaseAuthController` POST handlers. */
|
|
19
|
+
export interface AuthRateLimits {
|
|
20
|
+
signIn?: MiddlewareHandler | null;
|
|
21
|
+
signUp?: MiddlewareHandler | null;
|
|
22
|
+
requestPasswordReset?: MiddlewareHandler | null;
|
|
23
|
+
}
|
|
24
|
+
export declare const DEFAULT_AUTH_RATE_LIMITS: Readonly<Required<AuthRateLimits>>;
|
|
18
25
|
/**
|
|
19
26
|
* Laravel Breeze-style auth controller — subclass it and set `userModel` +
|
|
20
27
|
* `hash` to get the five POST handlers wired to `/auth/*`.
|
|
@@ -24,22 +31,24 @@ export interface AuthHashLike {
|
|
|
24
31
|
* convention. The `/api/*` namespace is reserved for token-based API auth
|
|
25
32
|
* (Sanctum / Passport bearer routes).
|
|
26
33
|
*
|
|
27
|
-
*
|
|
28
|
-
*
|
|
34
|
+
* **Default rate-limits** apply to `signIn` / `signUp` / `requestPasswordReset`
|
|
35
|
+
* out of the box (see {@link DEFAULT_AUTH_RATE_LIMITS}). Override per-method
|
|
36
|
+
* via the static `rateLimits` field on the subclass — or set it to `{}` to
|
|
37
|
+
* disable entirely (e.g. internal admin panels behind VPN auth):
|
|
29
38
|
*
|
|
30
39
|
* ```ts
|
|
31
|
-
* import { Middleware } from '@rudderjs/router'
|
|
32
40
|
* import { RateLimit } from '@rudderjs/middleware'
|
|
33
41
|
* import { BaseAuthController } from '@rudderjs/auth'
|
|
34
|
-
* import { Hash } from '@rudderjs/hash'
|
|
35
|
-
* import { User } from '../Models/User.js'
|
|
36
|
-
*
|
|
37
|
-
* const authLimit = RateLimit.perMinute(10).message('Too many attempts.')
|
|
38
42
|
*
|
|
39
|
-
* @Middleware([authLimit])
|
|
40
43
|
* export class AuthController extends BaseAuthController {
|
|
41
44
|
* protected userModel = User
|
|
42
45
|
* protected hash = Hash
|
|
46
|
+
*
|
|
47
|
+
* // Tighten one method, accept defaults for the rest.
|
|
48
|
+
* static override rateLimits = {
|
|
49
|
+
* ...DEFAULT_AUTH_RATE_LIMITS,
|
|
50
|
+
* signIn: RateLimit.perMinute(3).message('Too many login attempts.'),
|
|
51
|
+
* }
|
|
43
52
|
* }
|
|
44
53
|
* ```
|
|
45
54
|
*
|
|
@@ -59,6 +68,17 @@ export declare abstract class BaseAuthController {
|
|
|
59
68
|
protected abstract hash: AuthHashLike;
|
|
60
69
|
/** Optional — set to enable `/request-password-reset` + `/reset-password`. */
|
|
61
70
|
protected passwordBroker?: PasswordBroker;
|
|
71
|
+
/**
|
|
72
|
+
* Per-method rate-limit middleware. Defaults to {@link DEFAULT_AUTH_RATE_LIMITS}
|
|
73
|
+
* (credential-stuffing + email-flood protection). Override on the subclass
|
|
74
|
+
* to tighten / loosen individual methods, or set to `{}` to disable entirely.
|
|
75
|
+
*
|
|
76
|
+
* Read once when the controller's first instance is constructed (i.e. when
|
|
77
|
+
* `Route.registerController()` runs). Mutating after registration has no
|
|
78
|
+
* effect — re-mount the controller on a fresh `Router` if needed.
|
|
79
|
+
*/
|
|
80
|
+
static rateLimits: AuthRateLimits;
|
|
81
|
+
constructor();
|
|
62
82
|
signIn(req: AppRequest, res: AppResponse): Promise<void>;
|
|
63
83
|
signUp(req: AppRequest, res: AppResponse): Promise<void>;
|
|
64
84
|
signOut(_req: AppRequest, res: AppResponse): Promise<void>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"base-auth-controller.d.ts","sourceRoot":"","sources":["../src/base-auth-controller.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAA;
|
|
1
|
+
{"version":3,"file":"base-auth-controller.d.ts","sourceRoot":"","sources":["../src/base-auth-controller.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAA;AAIrF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAMzD,8DAA8D;AAC9D,MAAM,WAAW,iBAAiB;IAChC,KAAK,IAAI;QAAE,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,GAAG;YAAE,KAAK,IAAI,OAAO,CAAC,OAAO,CAAC,CAAA;SAAE,CAAA;KAAE,CAAA;IAChF,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAA;IACxE,MAAM,CAAC,EAAE,EAAE,MAAM,GAAG,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;CAC9E;AAED,sEAAsE;AACtE,MAAM,WAAW,YAAY;IAC3B,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;IACpC,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;CACvD;AAcD,sFAAsF;AACtF,MAAM,WAAW,cAAc;IAC7B,MAAM,CAAC,EAAgB,iBAAiB,GAAG,IAAI,CAAA;IAC/C,MAAM,CAAC,EAAgB,iBAAiB,GAAG,IAAI,CAAA;IAC/C,oBAAoB,CAAC,EAAE,iBAAiB,GAAG,IAAI,CAAA;CAChD;AAED,eAAO,MAAM,wBAAwB,EAAE,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,CAYtE,CAAA;AA0BF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AACH,8BACsB,kBAAkB;IACtC,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE,iBAAiB,CAAA;IAC/C,SAAS,CAAC,QAAQ,CAAC,IAAI,EAAO,YAAY,CAAA;IAE1C,8EAA8E;IAC9E,SAAS,CAAC,cAAc,CAAC,EAAE,cAAc,CAAA;IAEzC;;;;;;;;OAQG;IACH,MAAM,CAAC,UAAU,EAAE,cAAc,CAA2B;;IAwCtD,MAAM,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAiBxD,MAAM,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAyBxD,OAAO,CAAC,IAAI,EAAE,UAAU,EAAE,GAAG,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAM1D,oBAAoB,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAsBtE,aAAa,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAiCrE;;;OAGG;cACa,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAK5E"}
|
|
@@ -7,9 +7,37 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
|
|
|
7
7
|
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
8
8
|
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
9
9
|
};
|
|
10
|
+
var BaseAuthController_1;
|
|
10
11
|
import { Controller, Post } from '@rudderjs/router';
|
|
12
|
+
import { RateLimit } from '@rudderjs/middleware';
|
|
11
13
|
import { Auth } from './auth-manager.js';
|
|
12
14
|
import { toAuthenticatable } from './providers.js';
|
|
15
|
+
export const DEFAULT_AUTH_RATE_LIMITS = Object.freeze({
|
|
16
|
+
signIn: RateLimit.perMinute(10)
|
|
17
|
+
.message('Too many sign-in attempts. Please try again later.'),
|
|
18
|
+
signUp: RateLimit.perMinute(5)
|
|
19
|
+
.message('Too many sign-up attempts. Please try again later.'),
|
|
20
|
+
requestPasswordReset: RateLimit.perMinute(3)
|
|
21
|
+
.by((req) => {
|
|
22
|
+
const body = req.body;
|
|
23
|
+
const email = typeof body?.email === 'string' ? body.email : undefined;
|
|
24
|
+
return email ?? req.ip ?? 'unknown';
|
|
25
|
+
})
|
|
26
|
+
.message('Too many password reset requests. Please try again later.'),
|
|
27
|
+
});
|
|
28
|
+
// Tracks subclasses that have already had their rate-limit middleware injected
|
|
29
|
+
// so re-constructing the controller (`registerController` does `new Ctor()`)
|
|
30
|
+
// doesn't stack the same limiters repeatedly. Each subclass mutates only its
|
|
31
|
+
// own prototype's route metadata — siblings are isolated by the per-subclass
|
|
32
|
+
// metadata clone below.
|
|
33
|
+
const RATE_LIMITS_APPLIED = new WeakSet();
|
|
34
|
+
// Mirrors the private `ROUTE_DEFINITIONS` key in `@rudderjs/router`. Kept in
|
|
35
|
+
// sync deliberately so we can clone route metadata onto the subclass prototype
|
|
36
|
+
// without dragging a wider public surface through the router package. If the
|
|
37
|
+
// router renames this constant, the subclass test below catches the drift
|
|
38
|
+
// (routes would land on the wrong prototype and registerController would see
|
|
39
|
+
// the unmodified base routes).
|
|
40
|
+
const ROUTE_DEFINITIONS_KEY = 'rudderjs:route:definitions';
|
|
13
41
|
// ─── Base Controller ──────────────────────────────────────
|
|
14
42
|
/**
|
|
15
43
|
* Laravel Breeze-style auth controller — subclass it and set `userModel` +
|
|
@@ -20,22 +48,24 @@ import { toAuthenticatable } from './providers.js';
|
|
|
20
48
|
* convention. The `/api/*` namespace is reserved for token-based API auth
|
|
21
49
|
* (Sanctum / Passport bearer routes).
|
|
22
50
|
*
|
|
23
|
-
*
|
|
24
|
-
*
|
|
51
|
+
* **Default rate-limits** apply to `signIn` / `signUp` / `requestPasswordReset`
|
|
52
|
+
* out of the box (see {@link DEFAULT_AUTH_RATE_LIMITS}). Override per-method
|
|
53
|
+
* via the static `rateLimits` field on the subclass — or set it to `{}` to
|
|
54
|
+
* disable entirely (e.g. internal admin panels behind VPN auth):
|
|
25
55
|
*
|
|
26
56
|
* ```ts
|
|
27
|
-
* import { Middleware } from '@rudderjs/router'
|
|
28
57
|
* import { RateLimit } from '@rudderjs/middleware'
|
|
29
58
|
* import { BaseAuthController } from '@rudderjs/auth'
|
|
30
|
-
* import { Hash } from '@rudderjs/hash'
|
|
31
|
-
* import { User } from '../Models/User.js'
|
|
32
59
|
*
|
|
33
|
-
* const authLimit = RateLimit.perMinute(10).message('Too many attempts.')
|
|
34
|
-
*
|
|
35
|
-
* @Middleware([authLimit])
|
|
36
60
|
* export class AuthController extends BaseAuthController {
|
|
37
61
|
* protected userModel = User
|
|
38
62
|
* protected hash = Hash
|
|
63
|
+
*
|
|
64
|
+
* // Tighten one method, accept defaults for the rest.
|
|
65
|
+
* static override rateLimits = {
|
|
66
|
+
* ...DEFAULT_AUTH_RATE_LIMITS,
|
|
67
|
+
* signIn: RateLimit.perMinute(3).message('Too many login attempts.'),
|
|
68
|
+
* }
|
|
39
69
|
* }
|
|
40
70
|
* ```
|
|
41
71
|
*
|
|
@@ -51,8 +81,51 @@ import { toAuthenticatable } from './providers.js';
|
|
|
51
81
|
* can read and write the session.
|
|
52
82
|
*/
|
|
53
83
|
let BaseAuthController = class BaseAuthController {
|
|
84
|
+
static { BaseAuthController_1 = this; }
|
|
54
85
|
/** Optional — set to enable `/request-password-reset` + `/reset-password`. */
|
|
55
86
|
passwordBroker;
|
|
87
|
+
/**
|
|
88
|
+
* Per-method rate-limit middleware. Defaults to {@link DEFAULT_AUTH_RATE_LIMITS}
|
|
89
|
+
* (credential-stuffing + email-flood protection). Override on the subclass
|
|
90
|
+
* to tighten / loosen individual methods, or set to `{}` to disable entirely.
|
|
91
|
+
*
|
|
92
|
+
* Read once when the controller's first instance is constructed (i.e. when
|
|
93
|
+
* `Route.registerController()` runs). Mutating after registration has no
|
|
94
|
+
* effect — re-mount the controller on a fresh `Router` if needed.
|
|
95
|
+
*/
|
|
96
|
+
static rateLimits = DEFAULT_AUTH_RATE_LIMITS;
|
|
97
|
+
constructor() {
|
|
98
|
+
const ctor = this.constructor;
|
|
99
|
+
if (RATE_LIMITS_APPLIED.has(ctor))
|
|
100
|
+
return;
|
|
101
|
+
RATE_LIMITS_APPLIED.add(ctor);
|
|
102
|
+
// `@Post` decorators on this class populate `ROUTE_DEFINITIONS` on
|
|
103
|
+
// `BaseAuthController.prototype`. `Reflect.getMetadata` walks the
|
|
104
|
+
// prototype chain, so subclasses inherit those routes — but they're
|
|
105
|
+
// the SAME array, by reference. If two subclasses with different
|
|
106
|
+
// `rateLimits` both mutated that shared array, the second's limiters
|
|
107
|
+
// would stack on top of the first's. Clone the route definitions onto
|
|
108
|
+
// each subclass's own prototype (shallow-clone routes + their middleware
|
|
109
|
+
// arrays) before injecting so siblings stay isolated.
|
|
110
|
+
const baseRoutes = Reflect.getMetadata(ROUTE_DEFINITIONS_KEY, BaseAuthController_1.prototype) ?? [];
|
|
111
|
+
const cloned = baseRoutes.map((r) => ({
|
|
112
|
+
...r,
|
|
113
|
+
middleware: [...r.middleware],
|
|
114
|
+
}));
|
|
115
|
+
for (const route of cloned) {
|
|
116
|
+
const key = String(route.handlerKey);
|
|
117
|
+
const limiter = ctor.rateLimits[key];
|
|
118
|
+
if (!limiter)
|
|
119
|
+
continue;
|
|
120
|
+
// Prepend the configured limiter onto the cloned route's middleware
|
|
121
|
+
// array. `registerController` reads route.middleware verbatim — so the
|
|
122
|
+
// limiter ends up first in the chain, ahead of any per-route middleware
|
|
123
|
+
// a subclass adds and ahead of the handler. Mutation is local to the
|
|
124
|
+
// cloned route (subclass-owned), so sibling subclasses stay isolated.
|
|
125
|
+
route.middleware = [limiter, ...route.middleware];
|
|
126
|
+
}
|
|
127
|
+
Reflect.defineMetadata(ROUTE_DEFINITIONS_KEY, cloned, ctor.prototype);
|
|
128
|
+
}
|
|
56
129
|
async signIn(req, res) {
|
|
57
130
|
const { email, password } = req.body;
|
|
58
131
|
if (!email || !password) {
|
|
@@ -171,8 +244,9 @@ __decorate([
|
|
|
171
244
|
__metadata("design:paramtypes", [Object, Object]),
|
|
172
245
|
__metadata("design:returntype", Promise)
|
|
173
246
|
], BaseAuthController.prototype, "resetPassword", null);
|
|
174
|
-
BaseAuthController = __decorate([
|
|
175
|
-
Controller('/auth')
|
|
247
|
+
BaseAuthController = BaseAuthController_1 = __decorate([
|
|
248
|
+
Controller('/auth'),
|
|
249
|
+
__metadata("design:paramtypes", [])
|
|
176
250
|
], BaseAuthController);
|
|
177
251
|
export { BaseAuthController };
|
|
178
252
|
//# sourceMappingURL=base-auth-controller.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"base-auth-controller.js","sourceRoot":"","sources":["../src/base-auth-controller.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"base-auth-controller.js","sourceRoot":"","sources":["../src/base-auth-controller.ts"],"names":[],"mappings":";;;;;;;;;;AAAA,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAA;AAEnD,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAA;AAChD,OAAO,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AACxC,OAAO,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AAuClD,MAAM,CAAC,MAAM,wBAAwB,GAAuC,MAAM,CAAC,MAAM,CAAC;IACxF,MAAM,EAAE,SAAS,CAAC,SAAS,CAAC,EAAE,CAAC;SAC5B,OAAO,CAAC,oDAAoD,CAAC;IAChE,MAAM,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC;SAC3B,OAAO,CAAC,oDAAoD,CAAC;IAChE,oBAAoB,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC;SACzC,EAAE,CAAC,CAAC,GAAG,EAAE,EAAE;QACV,MAAM,IAAI,GAAG,GAAG,CAAC,IAA8C,CAAA;QAC/D,MAAM,KAAK,GAAG,OAAO,IAAI,EAAE,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAA;QACtE,OAAO,KAAK,IAAK,GAAkC,CAAC,EAAE,IAAI,SAAS,CAAA;IACrE,CAAC,CAAC;SACD,OAAO,CAAC,2DAA2D,CAAC;CACxE,CAAC,CAAA;AAEF,+EAA+E;AAC/E,6EAA6E;AAC7E,6EAA6E;AAC7E,6EAA6E;AAC7E,wBAAwB;AACxB,MAAM,mBAAmB,GAAG,IAAI,OAAO,EAAkC,CAAA;AAEzE,6EAA6E;AAC7E,+EAA+E;AAC/E,6EAA6E;AAC7E,0EAA0E;AAC1E,6EAA6E;AAC7E,+BAA+B;AAC/B,MAAM,qBAAqB,GAAG,4BAA4B,CAAA;AAS1D,6DAA6D;AAE7D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AAEI,IAAe,kBAAkB,GAAjC,MAAe,kBAAkB;;IAItC,8EAA8E;IACpE,cAAc,CAAiB;IAEzC;;;;;;;;OAQG;IACH,MAAM,CAAC,UAAU,GAAmB,wBAAwB,CAAA;IAE5D;QACE,MAAM,IAAI,GAAG,IAAI,CAAC,WAAwC,CAAA;QAC1D,IAAI,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,OAAM;QACzC,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;QAE7B,mEAAmE;QACnE,kEAAkE;QAClE,oEAAoE;QACpE,iEAAiE;QACjE,qEAAqE;QACrE,sEAAsE;QACtE,yEAAyE;QACzE,sDAAsD;QACtD,MAAM,UAAU,GAAI,OAAO,CAAC,WAAW,CACrC,qBAAqB,EACrB,oBAAkB,CAAC,SAAS,CACS,IAAI,EAAE,CAAA;QAC7C,MAAM,MAAM,GAA0B,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC3D,GAAG,CAAC;YACJ,UAAU,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC;SAC9B,CAAC,CAAC,CAAA;QAEH,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAyB,CAAA;YAC5D,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;YACpC,IAAI,CAAC,OAAO;gBAAE,SAAQ;YACtB,oEAAoE;YACpE,uEAAuE;YACvE,wEAAwE;YACxE,qEAAqE;YACrE,sEAAsE;YACtE,KAAK,CAAC,UAAU,GAAG,CAAC,OAAO,EAAE,GAAG,KAAK,CAAC,UAAU,CAAC,CAAA;QACnD,CAAC;QAED,OAAO,CAAC,cAAc,CAAC,qBAAqB,EAAE,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,CAAA;IACvE,CAAC;IAGK,AAAN,KAAK,CAAC,MAAM,CAAC,GAAe,EAAE,GAAgB;QAC5C,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,IAA6C,CAAA;QAC7E,IAAI,CAAC,KAAK,IAAI,CAAC,QAAQ,EAAE,CAAC;YACxB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,kCAAkC,EAAE,CAAC,CAAA;YACrE,OAAM;QACR,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAA;QACvD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,4BAA4B,EAAE,CAAC,CAAA;YAC/D,OAAM;QACR,CAAC;QAED,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;IACxB,CAAC;IAGK,AAAN,KAAK,CAAC,MAAM,CAAC,GAAe,EAAE,GAAgB;QAC5C,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,IAA4D,CAAA;QAClG,IAAI,CAAC,KAAK,IAAI,CAAC,QAAQ,EAAE,CAAC;YACxB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,kCAAkC,EAAE,CAAC,CAAA;YACrE,OAAM;QACR,CAAC;QACD,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,yCAAyC,EAAE,CAAC,CAAA;YAC5E,OAAM;QACR,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,KAAK,EAAE,CAAA;QAC3E,IAAI,QAAQ,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,4CAA4C,EAAE,CAAC,CAAA;YAC/E,OAAM;QACR,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QAC7C,MAAM,IAAI,GAAK,MAAM,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,IAAI,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAA;QAEzF,MAAM,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,IAA+B,CAAC,CAAC,CAAA;QACpE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;IACxB,CAAC;IAGK,AAAN,KAAK,CAAC,OAAO,CAAC,IAAgB,EAAE,GAAgB;QAC9C,MAAM,IAAI,CAAC,MAAM,EAAE,CAAA;QACnB,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;IACxB,CAAC;IAGK,AAAN,KAAK,CAAC,oBAAoB,CAAC,GAAe,EAAE,GAAgB;QAC1D,MAAM,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC,IAA0B,CAAA;QAChD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,oBAAoB,EAAE,CAAC,CAAA;YACvD,OAAM;QACR,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,2EAA2E;YAC3E,sEAAsE;YACtE,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAA;YAC5B,OAAM;QACR,CAAC;QAED,MAAM,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;YACxE,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;QACzC,CAAC,CAAC,CAAA;QAEF,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAA;IAC9B,CAAC;IAGK,AAAN,KAAK,CAAC,aAAa,CAAC,GAAe,EAAE,GAAgB;QACnD,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,GAAG,CAAC,IAEzC,CAAA;QACD,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,IAAI,CAAC,WAAW,EAAE,CAAC;YACrC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,8CAA8C,EAAE,CAAC,CAAA;YACjF,OAAM;QACR,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,gCAAgC,EAAE,CAAC,CAAA;YACnE,OAAM;QACR,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,CAC5C,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,EACvC,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;YAC7C,MAAM,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAA;QAC7E,CAAC,CACF,CAAA;QAED,IAAI,MAAM,KAAK,gBAAgB,EAAE,CAAC;YAChC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;YACtB,OAAM;QACR,CAAC;QACD,IAAI,MAAM,KAAK,eAAe,EAAE,CAAC;YAC/B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,0BAA0B,EAAE,CAAC,CAAA;YAC7D,OAAM;QACR,CAAC;QACD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAC,CAAA;IAChE,CAAC;IAED;;;OAGG;IACO,KAAK,CAAC,cAAc,CAAC,KAAa,EAAE,KAAa;QACzD,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,uBAAuB,CAAA;QACjE,MAAM,GAAG,GAAO,GAAG,OAAO,yBAAyB,KAAK,UAAU,kBAAkB,CAAC,KAAK,CAAC,EAAE,CAAA;QAC7F,OAAO,CAAC,GAAG,CAAC,sCAAsC,KAAK,KAAK,GAAG,EAAE,CAAC,CAAA;IACpE,CAAC;;AA/GK;IADL,IAAI,CAAC,gBAAgB,CAAC;;;;gDAetB;AAGK;IADL,IAAI,CAAC,gBAAgB,CAAC;;;;gDAuBtB;AAGK;IADL,IAAI,CAAC,WAAW,CAAC;;;;iDAIjB;AAGK;IADL,IAAI,CAAC,yBAAyB,CAAC;;;;8DAoB/B;AAGK;IADL,IAAI,CAAC,iBAAiB,CAAC;;;;uDAgCvB;AA7JmB,kBAAkB;IADvC,UAAU,CAAC,OAAO,CAAC;;GACE,kBAAkB,CAwKvC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -15,8 +15,8 @@ export { Gate, Policy, AuthorizationError } from './gate.js';
|
|
|
15
15
|
export { PasswordBroker, MemoryTokenRepository } from './password-reset.js';
|
|
16
16
|
export { EnsureEmailIsVerified, verificationUrl, handleEmailVerification, mustVerifyEmail } from './verification.js';
|
|
17
17
|
export { RequireGuest } from './require-guest.js';
|
|
18
|
-
export { BaseAuthController } from './base-auth-controller.js';
|
|
19
|
-
export type { AuthUserModelLike, AuthHashLike } from './base-auth-controller.js';
|
|
18
|
+
export { BaseAuthController, DEFAULT_AUTH_RATE_LIMITS } from './base-auth-controller.js';
|
|
19
|
+
export type { AuthUserModelLike, AuthHashLike, AuthRateLimits } from './base-auth-controller.js';
|
|
20
20
|
export type { Authenticatable, AuthUser, Guard, UserProvider } from './contracts.js';
|
|
21
21
|
export type { MustVerifyEmail } from './verification.js';
|
|
22
22
|
export type { TokenRepository, PasswordResetStatus, PasswordResetConfig } from './password-reset.js';
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAA8B,MAAM,gBAAgB,CAAA;AAC5E,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAA;AAE5D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AAK9C,OAAO,QAAQ,qBAAqB,CAAC;IACnC,UAAU,UAAU;QAClB,IAAI,CAAC,EAAE,QAAQ,CAAA;KAChB;CACF;AAID,OAAO,iBAAiB,CAAA;AAIxB,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AAC9C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AACzE,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AACxE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,kBAAkB,EAAE,MAAM,WAAW,CAAA;AAC5D,OAAO,EAAE,cAAc,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAA;AAC3E,OAAO,EAAE,qBAAqB,EAAE,eAAe,EAAE,uBAAuB,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACpH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAA;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAA8B,MAAM,gBAAgB,CAAA;AAC5E,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAA;AAE5D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AAK9C,OAAO,QAAQ,qBAAqB,CAAC;IACnC,UAAU,UAAU;QAClB,IAAI,CAAC,EAAE,QAAQ,CAAA;KAChB;CACF;AAID,OAAO,iBAAiB,CAAA;AAIxB,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AAC9C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AACzE,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AACxE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,kBAAkB,EAAE,MAAM,WAAW,CAAA;AAC5D,OAAO,EAAE,cAAc,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAA;AAC3E,OAAO,EAAE,qBAAqB,EAAE,eAAe,EAAE,uBAAuB,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACpH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,kBAAkB,EAAE,wBAAwB,EAAE,MAAM,2BAA2B,CAAA;AACxF,YAAY,EAAE,iBAAiB,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAA;AAEhG,YAAY,EAAE,eAAe,EAAE,QAAQ,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AACpF,YAAY,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACxD,YAAY,EAAE,eAAe,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAA;AACpG,YAAY,EAAE,UAAU,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAA;AACxF,YAAY,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAetD;;;;;GAKG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,OAAO,GAAG,QAAQ,CAsBnD;AAID;;;GAGG;AACH,wBAAgB,cAAc,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,iBAAiB,CAwDpE;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,iBAAiB,CAoBjE;AAID;;;;;;;;;;;GAWG;AACH,qBAAa,YAAa,SAAQ,eAAe;IAC/C,QAAQ,IAAI,IAAI;IAgBV,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;CAkC5B"}
|
package/dist/index.js
CHANGED
|
@@ -12,7 +12,7 @@ export { Gate, Policy, AuthorizationError } from './gate.js';
|
|
|
12
12
|
export { PasswordBroker, MemoryTokenRepository } from './password-reset.js';
|
|
13
13
|
export { EnsureEmailIsVerified, verificationUrl, handleEmailVerification, mustVerifyEmail } from './verification.js';
|
|
14
14
|
export { RequireGuest } from './require-guest.js';
|
|
15
|
-
export { BaseAuthController } from './base-auth-controller.js';
|
|
15
|
+
export { BaseAuthController, DEFAULT_AUTH_RATE_LIMITS } from './base-auth-controller.js';
|
|
16
16
|
// ─── Helpers ──────────────────────────────────────────────
|
|
17
17
|
/**
|
|
18
18
|
* Always-stripped column names. `password` is the obvious one; both
|
|
@@ -90,21 +90,41 @@ export function AuthMiddleware(guardName) {
|
|
|
90
90
|
const initialUid = session?.get('auth_user_id');
|
|
91
91
|
if (initialUid)
|
|
92
92
|
await syncUser();
|
|
93
|
-
|
|
94
|
-
//
|
|
95
|
-
//
|
|
93
|
+
// try/finally so a handler that signs the user in (or out) and then
|
|
94
|
+
// throws still produces a consistent `req.user` snapshot for the error
|
|
95
|
+
// renderer — without it the sync block was skipped and the renderer
|
|
96
|
+
// saw stale (or empty) auth state.
|
|
97
|
+
let handlerError;
|
|
98
|
+
let handlerThrew = false;
|
|
99
|
+
try {
|
|
100
|
+
await next();
|
|
101
|
+
}
|
|
102
|
+
catch (err) {
|
|
103
|
+
handlerError = err;
|
|
104
|
+
handlerThrew = true;
|
|
105
|
+
}
|
|
96
106
|
const finalUid = session?.get('auth_user_id');
|
|
97
107
|
if (finalUid !== initialUid) {
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
108
|
+
try {
|
|
109
|
+
if (finalUid)
|
|
110
|
+
await syncUser();
|
|
111
|
+
else {
|
|
112
|
+
delete rawReq['__rjs_user'];
|
|
113
|
+
try {
|
|
114
|
+
delete req['user'];
|
|
115
|
+
}
|
|
116
|
+
catch { /* read-only */ }
|
|
104
117
|
}
|
|
105
|
-
|
|
118
|
+
}
|
|
119
|
+
catch (syncErr) {
|
|
120
|
+
// Never let a sync failure mask the original handler error; only
|
|
121
|
+
// surface the sync error when the handler itself succeeded.
|
|
122
|
+
if (!handlerThrew)
|
|
123
|
+
throw syncErr;
|
|
106
124
|
}
|
|
107
125
|
}
|
|
126
|
+
if (handlerThrew)
|
|
127
|
+
throw handlerError;
|
|
108
128
|
});
|
|
109
129
|
};
|
|
110
130
|
}
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,GAAG,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAA;AAE5E,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,WAAW,EAAmB,MAAM,mBAAmB,CAAA;AAYnF,uEAAuE;AACvE,sEAAsE;AACtE,OAAO,iBAAiB,CAAA;AAExB,6DAA6D;AAE7D,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AAC9C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AACzE,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AACxE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,kBAAkB,EAAE,MAAM,WAAW,CAAA;AAC5D,OAAO,EAAE,cAAc,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAA;AAC3E,OAAO,EAAE,qBAAqB,EAAE,eAAe,EAAE,uBAAuB,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACpH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAA;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,GAAG,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAA;AAE5E,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,WAAW,EAAmB,MAAM,mBAAmB,CAAA;AAYnF,uEAAuE;AACvE,sEAAsE;AACtE,OAAO,iBAAiB,CAAA;AAExB,6DAA6D;AAE7D,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AAC9C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AACzE,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AACxE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,kBAAkB,EAAE,MAAM,WAAW,CAAA;AAC5D,OAAO,EAAE,cAAc,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAA;AAC3E,OAAO,EAAE,qBAAqB,EAAE,eAAe,EAAE,uBAAuB,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACpH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,kBAAkB,EAAE,wBAAwB,EAAE,MAAM,2BAA2B,CAAA;AASxF,6DAA6D;AAE7D;;;;;;;;GAQG;AACH,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,CAAC,UAAU,EAAE,eAAe,EAAE,gBAAgB,CAAC,CAAC,CAAA;AAE9E;;;;;GAKG;AACH,MAAM,UAAU,WAAW,CAAC,IAAa;IACvC,MAAM,CAAC,GAAG,IAA+B,CAAA;IACzC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,CAAA;IACrC,MAAM,SAAS,GAAI,CAAC,CAAC,WAAW,CAAkC,CAAA;IAClE,IAAI,OAAO,SAAS,KAAK,UAAU,EAAE,CAAC;QACpC,KAAK,MAAM,CAAC,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;YAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;IAClD,CAAC;IACD,MAAM,KAAK,GAA4B,EAAE,CAAA;IACzC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;QACvC,IAAI,OAAO,CAAC,KAAK,UAAU;YAAE,SAAQ;QACrC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,SAAQ;QAC3B,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;IACd,CAAC;IACD,2EAA2E;IAC3E,2EAA2E;IAC3E,0EAA0E;IAC1E,OAAO;QACL,GAAG,KAAK;QACR,EAAE,EAAK,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QAChC,IAAI,EAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QAClC,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;KACpC,CAAA;AACH,CAAC;AAED,6DAA6D;AAE7D;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,SAAkB;IAC/C,OAAO,KAAK,UAAU,cAAc,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI;QACjD,MAAM,OAAO,GAAG,GAAG,EAAE,CAAC,IAAI,CAAc,cAAc,CAAC,CAAA;QACvD,MAAM,aAAa,GAAG,SAAS,IAAK,OAA6C,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAA;QAEvG,MAAM,MAAM,GAAG,GAAG,CAAC,GAA8B,CAAA;QACjD,MAAM,OAAO,GAAG,MAAM,CAAC,eAAe,CAA4C,CAAA;QAElF,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE;YAC1B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,IAAI,EAAE,CAAA;YACnD,IAAI,IAAI,EAAE,CAAC;gBACT,MAAM,KAAK,GAAG,WAAW,CAAC,IAAI,CAAC,CAAA;gBAC/B,MAAM,CAAC,YAAY,CAAC,GAAG,KAAK,CAAA;gBAC5B,IAAI,CAAC;oBAAE,GAA0C,CAAC,MAAM,CAAC,GAAG,KAAK,CAAA;gBAAC,CAAC;gBAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC;YAC/F,CAAC;iBAAM,CAAC;gBACN,OAAO,MAAM,CAAC,YAAY,CAAC,CAAA;gBAC3B,IAAI,CAAC;oBAAC,OAAQ,GAA0C,CAAC,MAAM,CAAC,CAAA;gBAAC,CAAC;gBAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC;YAC9F,CAAC;QACH,CAAC,CAAA;QAED,MAAM,WAAW,CAAC,OAAO,EAAE,KAAK,IAAI,EAAE;YACpC,wFAAwF;YACxF,MAAM,UAAU,GAAG,OAAO,EAAE,GAAG,CAAC,cAAc,CAAuB,CAAA;YACrE,IAAI,UAAU;gBAAE,MAAM,QAAQ,EAAE,CAAA;YAEhC,oEAAoE;YACpE,uEAAuE;YACvE,oEAAoE;YACpE,mCAAmC;YACnC,IAAI,YAAqB,CAAA;YACzB,IAAI,YAAY,GAAG,KAAK,CAAA;YACxB,IAAI,CAAC;gBACH,MAAM,IAAI,EAAE,CAAA;YACd,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,YAAY,GAAG,GAAG,CAAA;gBAClB,YAAY,GAAG,IAAI,CAAA;YACrB,CAAC;YAED,MAAM,QAAQ,GAAG,OAAO,EAAE,GAAG,CAAC,cAAc,CAAuB,CAAA;YACnE,IAAI,QAAQ,KAAK,UAAU,EAAE,CAAC;gBAC5B,IAAI,CAAC;oBACH,IAAI,QAAQ;wBAAE,MAAM,QAAQ,EAAE,CAAA;yBACzB,CAAC;wBACJ,OAAO,MAAM,CAAC,YAAY,CAAC,CAAA;wBAC3B,IAAI,CAAC;4BAAC,OAAQ,GAA0C,CAAC,MAAM,CAAC,CAAA;wBAAC,CAAC;wBAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC;oBAC9F,CAAC;gBACH,CAAC;gBAAC,OAAO,OAAO,EAAE,CAAC;oBACjB,iEAAiE;oBACjE,4DAA4D;oBAC5D,IAAI,CAAC,YAAY;wBAAE,MAAM,OAAO,CAAA;gBAClC,CAAC;YACH,CAAC;YAED,IAAI,YAAY;gBAAE,MAAM,YAAY,CAAA;QACtC,CAAC,CAAC,CAAA;IACJ,CAAC,CAAA;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,SAAkB;IAC5C,OAAO,KAAK,UAAU,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI;QAC9C,MAAM,OAAO,GAAG,GAAG,EAAE,CAAC,IAAI,CAAc,cAAc,CAAC,CAAA;QAEvD,MAAM,WAAW,CAAC,OAAO,EAAE,KAAK,IAAI,EAAE;YACpC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,IAAK,OAA6C,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;YAC3G,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,IAAI,EAAE,CAAA;YAE/B,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC,CAAA;gBAClD,OAAM;YACR,CAAC;YAED,MAAM,KAAK,GAAG,WAAW,CAAC,IAAI,CAAC,CAC9B;YAAC,GAAG,CAAC,GAA+B,CAAC,YAAY,CAAC,GAAG,KAAK,CAAA;YAC3D,IAAI,CAAC;gBAAE,GAA0C,CAAC,MAAM,CAAC,GAAG,KAAK,CAAA;YAAC,CAAC;YAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC;YAE7F,MAAM,IAAI,EAAE,CAAA;QACd,CAAC,CAAC,CAAA;IACJ,CAAC,CAAA;AACH,CAAC;AAED,6DAA6D;AAE7D;;;;;;;;;;;GAWG;AACH,MAAM,OAAO,YAAa,SAAQ,eAAe;IAC/C,QAAQ;QACN,yEAAyE;QACzE,2FAA2F;QAC3F,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,CAAC,kBAAkB,CAAC,gBAAgB,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,EAAE,gBAAgB,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,CAAA;QACzI,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,CAAC,kBAAkB,CAAC,gBAAgB,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,EAAE,gBAAgB,EAAE,GAAG,EAAE,kBAAkB,EAAE,CAAC,CAAA;QAE/I,sCAAsC;QACtC,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,kBAAkB,CAAC,WAAW,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAA;QACnF,IAAI,CAAC,SAAS,CAAC;YACb,EAAE,IAAI,EAAE,GAAG,SAAS,cAAc,EAAa,EAAE,EAAE,eAAe,EAAI,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,QAAiB,EAAE;YAClH,EAAE,IAAI,EAAE,GAAG,SAAS,yBAAyB,EAAE,EAAE,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,SAAkB,EAAE,MAAM,EAAE,QAAiB,EAAE;YAC9I,EAAE,IAAI,EAAE,GAAG,SAAS,qBAAqB,EAAM,EAAE,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,SAAkB,EAAE,MAAM,EAAE,YAAqB,EAAE;YAClJ,EAAE,IAAI,EAAE,GAAG,SAAS,wBAAwB,EAAG,EAAE,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,SAAkB,EAAE,MAAM,EAAE,OAAgB,EAAE;SAC9I,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,IAAI;QACR,MAAM,GAAG,GAAG,MAAM,CAAa,MAAM,CAAC,CAAA;QAEtC,6BAA6B;QAC7B,IAAI,SAA8D,CAAA;QAClE,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAoD,MAAM,CAAC,CAAA;YAC3F,SAAS,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,KAAK,EAAE,MAAM,CAAC,CAAA;QAChE,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,KAAK,CACb,kFAAkF,CACnF,CAAA;QACH,CAAC;QAED,0EAA0E;QAC1E,MAAM,UAAU,GAAG,GAAiB,EAAE;YACpC,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAe,gBAAgB,CAAC,CAAA;QACtD,CAAC,CAAA;QAED,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,GAAG,EAAE,SAAS,EAAE,UAAU,CAAC,CAAA;QAC3D,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,cAAc,EAAE,OAAO,CAAC,CAAA;QAC1C,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,CAAA;QAE/B,oEAAoE;QACpE,oEAAoE;QACpE,iFAAiF;QACjF,oDAAoD;QACpD,aAAa,CAAC,KAAK,EAAE,cAAc,EAAE,CAAC,CAAA;QAEtC,sEAAsE;QACtE,qEAAqE;QACrE,uEAAuE;QACvE,MAAM,wBAAwB,EAAE,CAAA;IAClC,CAAC;CACF;AAED,KAAK,UAAU,wBAAwB;IACrC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,uCAAuC,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAE1E,CAAA;QACR,IAAI,CAAC,GAAG,EAAE,2BAA2B;YAAE,OAAM;QAE7C,GAAG,CAAC,2BAA2B,CAAC,KAAK,EAAE,WAAW,EAAE,EAAE;YACpD,IAAI,CAAC;gBACH,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAA;gBAC3B,WAAW,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;YAC9C,CAAC;YAAC,MAAM,CAAC;gBACP,WAAW,CAAC,IAAI,GAAG,IAAI,CAAA;YACzB,CAAC;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,8CAA8C;IAChD,CAAC;AACH,CAAC"}
|
package/dist/password-reset.d.ts
CHANGED
|
@@ -18,11 +18,11 @@ export interface PasswordResetConfig {
|
|
|
18
18
|
* HMAC secret for hashing stored reset tokens. **Required in production**
|
|
19
19
|
* — the broker throws on construction when `NODE_ENV === 'production'`
|
|
20
20
|
* and this is unset. In dev/test, an unset secret falls back to a
|
|
21
|
-
* hardcoded placeholder with a one-time
|
|
21
|
+
* hardcoded placeholder with a one-time boot notice, so apps boot
|
|
22
22
|
* without configuration but the gap is visible.
|
|
23
23
|
*
|
|
24
|
-
* Set this
|
|
25
|
-
* hashes are bound to your app instance.
|
|
24
|
+
* Set this from `AUTH_SECRET` (the scaffolder default — a random string
|
|
25
|
+
* >= 32 chars) so stored token hashes are bound to your app instance.
|
|
26
26
|
*/
|
|
27
27
|
secret?: string;
|
|
28
28
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"password-reset.d.ts","sourceRoot":"","sources":["../src/password-reset.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"password-reset.d.ts","sourceRoot":"","sources":["../src/password-reset.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAInE,MAAM,WAAW,eAAe;IAC9B,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IACpE,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,IAAI,CAAA;KAAE,GAAG,IAAI,CAAC,CAAA;IACvE,MAAM,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IACpC,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC,CAAA;CAC/B;AAID,MAAM,MAAM,mBAAmB,GAC3B,iBAAiB,GACjB,gBAAgB,GAChB,cAAc,GACd,eAAe,GACf,eAAe,GACf,WAAW,CAAA;AAIf,MAAM,WAAW,mBAAmB;IAClC,yDAAyD;IACzD,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,sEAAsE;IACtE,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB;;;;;;;;;OASG;IACH,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB;AAMD,qBAAa,cAAc;IAMvB,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,KAAK;IACtB,OAAO,CAAC,QAAQ,CAAC,MAAM;IAPzB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAQ;IAC/B,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAQ;IACjC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAQ;gBAGZ,MAAM,EAAE,eAAe,EACvB,KAAK,EAAE,YAAY,EACnB,MAAM,GAAE,mBAAwB;IAoBnD;;;;OAIG;IACG,aAAa,CACjB,WAAW,EAAE;QAAE,KAAK,EAAE,MAAM,CAAA;KAAE,EAC9B,QAAQ,EAAE,CAAC,IAAI,EAAE,eAAe,EAAE,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,GAChE,OAAO,CAAC,mBAAmB,CAAC;IA0B/B;;;;OAIG;IACG,KAAK,CACT,WAAW,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,EAC/D,QAAQ,EAAE,CAAC,IAAI,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,GACnE,OAAO,CAAC,mBAAmB,CAAC;IAwB/B,OAAO,CAAC,SAAS;IAIjB,OAAO,CAAC,WAAW;CAMpB;AAID;;;;;;GAMG;AACH,qBAAa,qBAAsB,YAAW,eAAe;IAC3D,OAAO,CAAC,KAAK,CAAyE;IAEhF,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAIpE,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,IAAI,CAAA;KAAE,GAAG,IAAI,CAAC;IAKvE,MAAM,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIpC,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;CAMrC"}
|
package/dist/password-reset.js
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { createHmac, randomBytes, timingSafeEqual } from 'node:crypto';
|
|
2
|
+
import { bootNotice } from '@rudderjs/core';
|
|
2
3
|
// ─── Password Broker ──────────────────────────────────────
|
|
3
4
|
let _devSecretWarned = false;
|
|
4
5
|
export class PasswordBroker {
|
|
@@ -18,13 +19,12 @@ export class PasswordBroker {
|
|
|
18
19
|
this.secret = config.secret;
|
|
19
20
|
}
|
|
20
21
|
else if (process.env['NODE_ENV'] === 'production') {
|
|
21
|
-
throw new Error('[@rudderjs/auth] PasswordBroker requires `secret` in production. ' +
|
|
22
|
-
'
|
|
22
|
+
throw new Error('[@rudderjs/auth] PasswordBroker requires a `secret` in production. ' +
|
|
23
|
+
'Pass it as the `secret` option to new PasswordBroker(repo, users, { secret }) — e.g. from AUTH_SECRET in .env.');
|
|
23
24
|
}
|
|
24
25
|
else {
|
|
25
26
|
if (!_devSecretWarned) {
|
|
26
|
-
|
|
27
|
-
'Set auth.passwords.secret for production.');
|
|
27
|
+
bootNotice('auth', 'using a dev password secret — pass `secret` to PasswordBroker (e.g. from AUTH_SECRET) for production');
|
|
28
28
|
_devSecretWarned = true;
|
|
29
29
|
}
|
|
30
30
|
this.secret = 'password-reset';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"password-reset.js","sourceRoot":"","sources":["../src/password-reset.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,aAAa,CAAA;
|
|
1
|
+
{"version":3,"file":"password-reset.js","sourceRoot":"","sources":["../src/password-reset.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,aAAa,CAAA;AACtE,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAA;AA0C3C,6DAA6D;AAE7D,IAAI,gBAAgB,GAAG,KAAK,CAAA;AAE5B,MAAM,OAAO,cAAc;IAMN;IACA;IACA;IAPF,MAAM,CAAQ;IACd,QAAQ,CAAQ;IAChB,MAAM,CAAQ;IAE/B,YACmB,MAAuB,EACvB,KAAmB,EACnB,SAA8B,EAAE;QAFhC,WAAM,GAAN,MAAM,CAAiB;QACvB,UAAK,GAAL,KAAK,CAAc;QACnB,WAAM,GAAN,MAAM,CAA0B;QAEjD,IAAI,CAAC,MAAM,GAAK,MAAM,CAAC,MAAM,IAAM,EAAE,CAAA;QACrC,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAA;QACrC,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;YAClB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAA;QAC7B,CAAC;aAAM,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,KAAK,YAAY,EAAE,CAAC;YACpD,MAAM,IAAI,KAAK,CACb,qEAAqE;gBACrE,gHAAgH,CACjH,CAAA;QACH,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACtB,UAAU,CAAC,MAAM,EAAE,sGAAsG,CAAC,CAAA;gBAC1H,gBAAgB,GAAG,IAAI,CAAA;YACzB,CAAC;YACD,IAAI,CAAC,MAAM,GAAG,gBAAgB,CAAA;QAChC,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,aAAa,CACjB,WAA8B,EAC9B,QAAiE;QAEjE,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAAE,KAAK,EAAE,WAAW,CAAC,KAAK,EAAE,CAAC,CAAA;QACjF,IAAI,CAAC,IAAI;YAAE,OAAO,cAAc,CAAA;QAEhC,iBAAiB;QACjB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAA;QAC1D,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,OAAO,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC,GAAG,IAAI,CAAA;YAClE,IAAI,OAAO,GAAG,IAAI,CAAC,QAAQ;gBAAE,OAAO,WAAW,CAAA;QACjD,CAAC;QAED,iBAAiB;QACjB,MAAM,UAAU,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;QAClD,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAA;QAC9C,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,CAAA;QAE7D,mCAAmC;QACnC,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAA;QAC3C,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,KAAK,EAAE,WAAW,EAAE,SAAS,CAAC,CAAA;QAEnE,qCAAqC;QACrC,MAAM,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAC,CAAA;QAEhC,OAAO,iBAAiB,CAAA;IAC1B,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,KAAK,CACT,WAA+D,EAC/D,QAAoE;QAEpE,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAAE,KAAK,EAAE,WAAW,CAAC,KAAK,EAAE,CAAC,CAAA;QACjF,IAAI,CAAC,IAAI;YAAE,OAAO,cAAc,CAAA;QAEhC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAA;QACxD,IAAI,CAAC,MAAM;YAAE,OAAO,eAAe,CAAA;QAEnC,eAAe;QACf,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC;YAAE,OAAO,eAAe,CAAA;QAE9E,eAAe;QACf,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC,GAAG,MAAM,CAAA;QAC9D,IAAI,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;YACtB,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAA;YAC3C,OAAO,eAAe,CAAA;QACxB,CAAC;QAED,QAAQ;QACR,MAAM,QAAQ,CAAC,IAAI,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAA;QAC1C,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAA;QAE3C,OAAO,gBAAgB,CAAA;IACzB,CAAC;IAEO,SAAS,CAAC,KAAa;QAC7B,OAAO,UAAU,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IACtE,CAAC;IAEO,WAAW,CAAC,KAAa,EAAE,MAAc;QAC/C,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,KAAK,CAAC,CAAA;QAC1D,MAAM,MAAM,GAAK,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;QAC3C,IAAI,QAAQ,CAAC,MAAM,KAAK,MAAM,CAAC,MAAM;YAAE,OAAO,KAAK,CAAA;QACnD,OAAO,eAAe,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;IAC1C,CAAC;CACF;AAED,6DAA6D;AAE7D;;;;;;GAMG;AACH,MAAM,OAAO,qBAAqB;IACxB,KAAK,GAAG,IAAI,GAAG,EAA+D,CAAA;IAEtF,KAAK,CAAC,MAAM,CAAC,KAAa,EAAE,KAAa,EAAE,SAAe;QACxD,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAE,SAAS,EAAE,CAAC,CAAA;IACpE,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,KAAa;QACtB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,CAAA;QACnC,OAAO,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,SAAS,EAAE,KAAK,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,IAAI,CAAA;IAC1E,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,KAAa;QACxB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IAC1B,CAAC;IAED,KAAK,CAAC,aAAa;QACjB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;QACtB,KAAK,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACxC,IAAI,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,GAAG;gBAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QAC/D,CAAC;IACH,CAAC;CACF"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verification.d.ts","sourceRoot":"","sources":["../src/verification.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAA;
|
|
1
|
+
{"version":3,"file":"verification.d.ts","sourceRoot":"","sources":["../src/verification.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAA;AAE5D,OAAO,KAAK,EAAE,eAAe,EAAY,MAAM,gBAAgB,CAAA;AAI/D;;;;;;;;;GASG;AACH,MAAM,WAAW,eAAe;IAC9B,gBAAgB,IAAI,OAAO,CAAA;IAC3B,mBAAmB,IAAI,OAAO,CAAC,IAAI,CAAC,CAAA;IACpC,uBAAuB,IAAI,MAAM,CAAA;CAClC;AAED,mDAAmD;AACnD,wBAAgB,eAAe,CAAC,IAAI,EAAE,OAAO,GAAG,IAAI,IAAI,eAAe,GAAG,eAAe,CAOxF;AAID;;;;;;;GAOG;AACH,wBAAgB,qBAAqB,IAAI,iBAAiB,CA0CzD;AAmBD;;;;;;;;;;;GAWG;AACH,wBAAgB,eAAe,CAAC,IAAI,EAAE,eAAe,GAAG;IAAE,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAAC,iBAAiB,CAAC,IAAI,MAAM,CAAA;CAAE,GAAG,MAAM,CAQtH;AAID;;;;;;;;;;;GAWG;AACH,wBAAsB,uBAAuB,CAC3C,EAAE,EAAE,MAAM,EACV,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,CAAC,eAAe,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,GACpF,OAAO,CAAC,OAAO,CAAC,CAgBlB"}
|
package/dist/verification.js
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { createHash, timingSafeEqual as cryptoTimingSafeEqual } from 'node:crypto';
|
|
2
2
|
import { Url } from '@rudderjs/router';
|
|
3
|
+
import { Auth } from './auth-manager.js';
|
|
3
4
|
/** Type guard for users that must verify email. */
|
|
4
5
|
export function mustVerifyEmail(user) {
|
|
5
6
|
const u = user;
|
|
@@ -18,19 +19,65 @@ export function mustVerifyEmail(user) {
|
|
|
18
19
|
*/
|
|
19
20
|
export function EnsureEmailIsVerified() {
|
|
20
21
|
return async function EnsureEmailIsVerified(req, res, next) {
|
|
21
|
-
|
|
22
|
+
// Re-resolve via the live guard first — `req.user` is a serialized
|
|
23
|
+
// snapshot produced by `userToPlain()`. The snapshot drops methods and
|
|
24
|
+
// its `emailVerifiedAt` is whatever survived JSON serialization (a Date
|
|
25
|
+
// becomes a string; a mass-assigned column could be anything). The live
|
|
26
|
+
// Model still has typed columns AND any `MustVerifyEmail` mixin
|
|
27
|
+
// contract. Fall back to the snapshot only when no auth context is set
|
|
28
|
+
// (e.g. apps wiring this without `AuthMiddleware` / `RequireAuth`) or
|
|
29
|
+
// the guard couldn't resolve a user but the snapshot still has one.
|
|
30
|
+
let user;
|
|
31
|
+
try {
|
|
32
|
+
user = await Auth.user();
|
|
33
|
+
}
|
|
34
|
+
catch {
|
|
35
|
+
user = null;
|
|
36
|
+
}
|
|
37
|
+
if (!user) {
|
|
38
|
+
const snapshot = req.user;
|
|
39
|
+
user = (snapshot ?? null);
|
|
40
|
+
}
|
|
22
41
|
if (!user) {
|
|
23
42
|
res.status(401).json({ message: 'Unauthorized.' });
|
|
24
43
|
return;
|
|
25
44
|
}
|
|
26
|
-
//
|
|
27
|
-
|
|
45
|
+
// Preferred path — the User Model implements `MustVerifyEmail`. The
|
|
46
|
+
// mixin owns the truth ("is this user verified?") and rules out the
|
|
47
|
+
// truthy-anything bug entirely.
|
|
48
|
+
if (mustVerifyEmail(user)) {
|
|
49
|
+
if (user.hasVerifiedEmail()) {
|
|
50
|
+
await next();
|
|
51
|
+
return;
|
|
52
|
+
}
|
|
53
|
+
res.status(403).json({ message: 'Your email address is not verified.' });
|
|
54
|
+
return;
|
|
55
|
+
}
|
|
56
|
+
// Fallback — User without the mixin. Tighten the snapshot check so a
|
|
57
|
+
// mass-assigned `"false"` / `0` / non-date string can never pass.
|
|
58
|
+
const verifiedAt = user['emailVerifiedAt'];
|
|
59
|
+
if (isVerifiedTimestamp(verifiedAt)) {
|
|
28
60
|
await next();
|
|
29
61
|
return;
|
|
30
62
|
}
|
|
31
63
|
res.status(403).json({ message: 'Your email address is not verified.' });
|
|
32
64
|
};
|
|
33
65
|
}
|
|
66
|
+
/**
|
|
67
|
+
* Verified-state predicate — accepts a real `Date` or an ISO-shaped string
|
|
68
|
+
* `Date.parse` can consume. Rejects every other truthy value (the snapshot
|
|
69
|
+
* could otherwise carry `"false"`, `0`, `"unverified"`, etc. through a
|
|
70
|
+
* mass-assignable column and silently pass the gate).
|
|
71
|
+
*/
|
|
72
|
+
function isVerifiedTimestamp(v) {
|
|
73
|
+
if (v instanceof Date)
|
|
74
|
+
return !isNaN(v.getTime());
|
|
75
|
+
if (typeof v === 'string' && v.length > 0) {
|
|
76
|
+
const t = Date.parse(v);
|
|
77
|
+
return !isNaN(t);
|
|
78
|
+
}
|
|
79
|
+
return false;
|
|
80
|
+
}
|
|
34
81
|
// ─── Verification URL helper ────────────────────────────────
|
|
35
82
|
/**
|
|
36
83
|
* Generate a signed email verification URL for a user.
|
package/dist/verification.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verification.js","sourceRoot":"","sources":["../src/verification.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,eAAe,IAAI,qBAAqB,EAAE,MAAM,aAAa,CAAA;AAClF,OAAO,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAA;
|
|
1
|
+
{"version":3,"file":"verification.js","sourceRoot":"","sources":["../src/verification.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,eAAe,IAAI,qBAAqB,EAAE,MAAM,aAAa,CAAA;AAClF,OAAO,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAA;AAEtC,OAAO,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AAqBxC,mDAAmD;AACnD,MAAM,UAAU,eAAe,CAAC,IAAa;IAC3C,MAAM,CAAC,GAAG,IAA+B,CAAA;IACzC,OAAO,CACL,OAAO,CAAC,CAAC,kBAAkB,CAAC,KAAK,UAAU;QAC3C,OAAO,CAAC,CAAC,qBAAqB,CAAC,KAAK,UAAU;QAC9C,OAAO,CAAC,CAAC,yBAAyB,CAAC,KAAK,UAAU,CACnD,CAAA;AACH,CAAC;AAED,gEAAgE;AAEhE;;;;;;;GAOG;AACH,MAAM,UAAU,qBAAqB;IACnC,OAAO,KAAK,UAAU,qBAAqB,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI;QACxD,mEAAmE;QACnE,uEAAuE;QACvE,wEAAwE;QACxE,wEAAwE;QACxE,gEAAgE;QAChE,uEAAuE;QACvE,sEAAsE;QACtE,oEAAoE;QACpE,IAAI,IAA4B,CAAA;QAChC,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAA;QAC1B,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,GAAG,IAAI,CAAA;QACb,CAAC;QACD,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,QAAQ,GAAI,GAAsC,CAAC,IAAI,CAAA;YAC7D,IAAI,GAAG,CAAC,QAAQ,IAAI,IAAI,CAA2B,CAAA;QACrD,CAAC;QAED,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC,CAAA;YAClD,OAAM;QACR,CAAC;QAED,oEAAoE;QACpE,oEAAoE;QACpE,gCAAgC;QAChC,IAAI,eAAe,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1B,IAAI,IAAI,CAAC,gBAAgB,EAAE,EAAE,CAAC;gBAAC,MAAM,IAAI,EAAE,CAAC;gBAAC,OAAM;YAAC,CAAC;YACrD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,qCAAqC,EAAE,CAAC,CAAA;YACxE,OAAM;QACR,CAAC;QAED,qEAAqE;QACrE,kEAAkE;QAClE,MAAM,UAAU,GAAI,IAA2C,CAAC,iBAAiB,CAAC,CAAA;QAClF,IAAI,mBAAmB,CAAC,UAAU,CAAC,EAAE,CAAC;YAAC,MAAM,IAAI,EAAE,CAAC;YAAC,OAAM;QAAC,CAAC;QAE7D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,qCAAqC,EAAE,CAAC,CAAA;IAC1E,CAAC,CAAA;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,mBAAmB,CAAC,CAAU;IACrC,IAAI,CAAC,YAAY,IAAI;QAAE,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAA;IACjD,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1C,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACvB,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAClB,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC;AAED,+DAA+D;AAE/D;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,eAAe,CAAC,IAA8E;IAC5G,MAAM,EAAE,GAAM,IAAI,CAAC,iBAAiB,EAAE,EAAE,IAAI,MAAM,CAAE,IAA2C,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAA;IAC5G,MAAM,KAAK,GAAG,IAAI,CAAC,uBAAuB,EAAE,CAAA;IAE5C,gDAAgD;IAChD,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,CAAA;IAE3B,OAAO,GAAG,CAAC,oBAAoB,CAAC,qBAAqB,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;AAC5E,CAAC;AAED,+DAA+D;AAE/D;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,EAAU,EACV,IAAY,EACZ,QAAqF;IAErF,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,EAAE,CAAC,CAAA;IAC/B,IAAI,CAAC,IAAI;QAAE,OAAO,KAAK,CAAA;IAEvB,MAAM,KAAK,GAAO,IAAI,CAAC,uBAAuB,EAAE,CAAA;IAChD,MAAM,QAAQ,GAAI,OAAO,CAAC,KAAK,CAAC,CAAA;IAEhC,MAAM,OAAO,GAAO,MAAM,CAAC,IAAI,CAAC,IAAI,EAAM,KAAK,CAAC,CAAA;IAChD,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAA;IAChD,IAAI,OAAO,CAAC,MAAM,KAAK,WAAW,CAAC,MAAM,IAAI,CAAC,qBAAqB,CAAC,OAAO,EAAE,WAAW,CAAC;QAAE,OAAO,KAAK,CAAA;IAEvG,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,CAAC;QAC7B,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAA;IAClC,CAAC;IAED,OAAO,IAAI,CAAA;AACb,CAAC;AAED,+DAA+D;AAE/D,SAAS,OAAO,CAAC,KAAa;IAC5B,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;AACzD,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@rudderjs/auth",
|
|
3
|
-
"version": "6.1
|
|
3
|
+
"version": "6.2.1",
|
|
4
4
|
"rudderjs": {
|
|
5
5
|
"provider": "AuthProvider",
|
|
6
6
|
"stage": "infrastructure",
|
|
@@ -52,20 +52,24 @@
|
|
|
52
52
|
},
|
|
53
53
|
"dependencies": {
|
|
54
54
|
"@rudderjs/console": "^1.1.0",
|
|
55
|
-
"@rudderjs/contracts": "^1.
|
|
56
|
-
"@rudderjs/core": "^1.
|
|
55
|
+
"@rudderjs/contracts": "^1.8.0",
|
|
56
|
+
"@rudderjs/core": "^1.5.0"
|
|
57
57
|
},
|
|
58
58
|
"peerDependencies": {
|
|
59
59
|
"@rudderjs/hash": "^1.1.0",
|
|
60
|
-
"@rudderjs/
|
|
61
|
-
"@rudderjs/
|
|
62
|
-
"@rudderjs/
|
|
63
|
-
"@rudderjs/
|
|
60
|
+
"@rudderjs/middleware": "^1.1.2",
|
|
61
|
+
"@rudderjs/router": "^1.7.0",
|
|
62
|
+
"@rudderjs/session": "^2.1.1",
|
|
63
|
+
"@rudderjs/view": "^1.2.2",
|
|
64
|
+
"@rudderjs/vite": "^2.7.3"
|
|
64
65
|
},
|
|
65
66
|
"peerDependenciesMeta": {
|
|
66
67
|
"@rudderjs/hash": {
|
|
67
68
|
"optional": false
|
|
68
69
|
},
|
|
70
|
+
"@rudderjs/middleware": {
|
|
71
|
+
"optional": false
|
|
72
|
+
},
|
|
69
73
|
"@rudderjs/router": {
|
|
70
74
|
"optional": false
|
|
71
75
|
},
|
|
@@ -84,10 +88,12 @@
|
|
|
84
88
|
"reflect-metadata": "^0.2.2",
|
|
85
89
|
"typescript": "^5.4.0",
|
|
86
90
|
"@rudderjs/hash": "^1.1.0",
|
|
87
|
-
"@rudderjs/
|
|
88
|
-
"@rudderjs/
|
|
89
|
-
"@rudderjs/
|
|
90
|
-
"@rudderjs/
|
|
91
|
+
"@rudderjs/middleware": "^1.1.2",
|
|
92
|
+
"@rudderjs/router": "^1.7.0",
|
|
93
|
+
"@rudderjs/session": "^2.1.1",
|
|
94
|
+
"@rudderjs/view": "^1.2.2",
|
|
95
|
+
"@rudderjs/vite": "^2.7.3",
|
|
96
|
+
"@rudderjs/cache": "^1.3.2"
|
|
91
97
|
},
|
|
92
98
|
"author": "Suleiman Shahbari",
|
|
93
99
|
"scripts": {
|
|
@@ -95,7 +101,7 @@
|
|
|
95
101
|
"dev": "tsc -p tsconfig.build.json --watch",
|
|
96
102
|
"typecheck": "tsc --noEmit",
|
|
97
103
|
"lint": "eslint src",
|
|
98
|
-
"test": "tsc -p tsconfig.test.json && node --test dist-test/index.test.js",
|
|
104
|
+
"test": "tsc -p tsconfig.test.json && node --test dist-test/index.test.js dist-test/middleware-and-verification-fixes.test.js dist-test/base-auth-controller-rate-limits.test.js",
|
|
99
105
|
"clean": "rm -rf dist"
|
|
100
106
|
}
|
|
101
107
|
}
|