@shahadpichen/docpush 1.0.6 → 1.0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli/commands/init.d.ts.map +1 -1
- package/dist/cli/commands/init.js +17 -10
- package/dist/cli/commands/init.js.map +1 -1
- package/dist/core/config/schema.d.ts +5 -25
- package/dist/core/config/schema.d.ts.map +1 -1
- package/dist/core/config/schema.js +3 -16
- package/dist/core/config/schema.js.map +1 -1
- package/dist/server/auth/index.d.ts +0 -1
- package/dist/server/auth/index.d.ts.map +1 -1
- package/dist/server/auth/index.js +1 -8
- package/dist/server/auth/index.js.map +1 -1
- package/dist/server/auth/oauth.js +3 -3
- package/dist/server/auth/oauth.js.map +1 -1
- package/dist/server/routes/auth.d.ts.map +1 -1
- package/dist/server/routes/auth.js +0 -33
- package/dist/server/routes/auth.js.map +1 -1
- package/package.json +1 -1
- package/templates/.env.example +3 -6
- package/templates/docs.config.js +11 -0
- package/dist/server/auth/magic-link.d.ts +0 -10
- package/dist/server/auth/magic-link.d.ts.map +0 -1
- package/dist/server/auth/magic-link.js +0 -94
- package/dist/server/auth/magic-link.js.map +0 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"init.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/init.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"init.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/init.ts"],"names":[],"mappings":"AA6FA,wBAAsB,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC,CAsCjD"}
|
|
@@ -33,21 +33,29 @@ const CONFIG_TEMPLATE = `module.exports = {
|
|
|
33
33
|
},
|
|
34
34
|
|
|
35
35
|
// Authentication mode
|
|
36
|
+
// Option 1: Public mode - anyone can edit, admin password for approvals
|
|
36
37
|
auth: {
|
|
37
|
-
mode: 'public',
|
|
38
|
-
adminPassword: 'changeme' // TODO: Change this password!
|
|
38
|
+
mode: 'public',
|
|
39
|
+
adminPassword: 'changeme' // TODO: Change this password!
|
|
39
40
|
},
|
|
40
41
|
|
|
41
|
-
//
|
|
42
|
+
// Option 2: Domain-restricted - OAuth login with email domain check
|
|
43
|
+
// auth: {
|
|
44
|
+
// mode: 'domain-restricted',
|
|
45
|
+
// providers: ['google'], // Options: 'google', 'github'
|
|
46
|
+
// allowedDomains: ['yourcompany.com']
|
|
47
|
+
// },
|
|
48
|
+
|
|
49
|
+
// Admin users (required for all modes)
|
|
42
50
|
admins: {
|
|
43
51
|
emails: ['admin@example.com'] // TODO: Add your admin emails
|
|
44
52
|
},
|
|
45
53
|
|
|
46
54
|
// Optional: Component paths (for npx docpush add)
|
|
47
55
|
components: {
|
|
48
|
-
uiPath: './src/components/ui',
|
|
49
|
-
libPath: './src/lib',
|
|
50
|
-
aliasPrefix: '@'
|
|
56
|
+
uiPath: './src/components/ui',
|
|
57
|
+
libPath: './src/lib',
|
|
58
|
+
aliasPrefix: '@'
|
|
51
59
|
},
|
|
52
60
|
|
|
53
61
|
// Optional: Branding
|
|
@@ -65,10 +73,9 @@ SESSION_SECRET=generate-random-string-here-change-in-production
|
|
|
65
73
|
# Database (optional - uses SQLite if not provided)
|
|
66
74
|
# DATABASE_PATH=./docpush.db
|
|
67
75
|
|
|
68
|
-
#
|
|
69
|
-
#
|
|
70
|
-
|
|
71
|
-
# Auth - OAuth (only if using this mode)
|
|
76
|
+
# OAuth - Required for domain-restricted mode
|
|
77
|
+
# GOOGLE_CLIENT_ID=your_client_id
|
|
78
|
+
# GOOGLE_CLIENT_SECRET=your_client_secret
|
|
72
79
|
# GITHUB_CLIENT_ID=your_client_id
|
|
73
80
|
# GITHUB_CLIENT_SECRET=your_client_secret
|
|
74
81
|
# GOOGLE_CLIENT_ID=your_client_id
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"init.js","sourceRoot":"","sources":["../../../src/cli/commands/init.ts"],"names":[],"mappings":";;;;;
|
|
1
|
+
{"version":3,"file":"init.js","sourceRoot":"","sources":["../../../src/cli/commands/init.ts"],"names":[],"mappings":";;;;;AA6FA,kCAsCC;AAlID,kDAA0B;AAC1B,wDAA0B;AAE1B,MAAM,gBAAgB,GAAG;;;;;;;;;;;;;;;;CAgBxB,CAAC;AAEF,MAAM,eAAe,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAyCvB,CAAC;AAEF,MAAM,YAAY,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;CA0BpB,CAAC;AAEK,KAAK,UAAU,WAAW;IAC/B,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC,CAAC;IAExD,wBAAwB;IACxB,MAAM,kBAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;IAC7B,MAAM,kBAAE,CAAC,SAAS,CAAC,mBAAmB,EAAE,gBAAgB,CAAC,CAAC;IAC1D,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,sCAAsC,CAAC,CAAC;IAEtE,wBAAwB;IACxB,IAAI,CAAC,CAAC,MAAM,kBAAE,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC,EAAE,CAAC;QAC/C,MAAM,kBAAE,CAAC,SAAS,CAAC,kBAAkB,EAAE,eAAe,CAAC,CAAC;QACxD,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,wBAAwB,CAAC,CAAC;IAC1D,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,yCAAyC,CAAC,CAAC;IAC5E,CAAC;IAED,yBAAyB;IACzB,MAAM,kBAAE,CAAC,SAAS,CAAC,gBAAgB,EAAE,YAAY,CAAC,CAAC;IACnD,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,sBAAsB,CAAC,CAAC;IAEtD,iCAAiC;IACjC,MAAM,OAAO,GAAG,gBAAgB,CAAC;IACjC,IAAI,MAAM,kBAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QACjC,MAAM,GAAG,GAAG,MAAM,kBAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACvC,GAAG,CAAC,OAAO,GAAG;YACZ,GAAG,GAAG,CAAC,OAAO;YACd,UAAU,EAAE,eAAe;YAC3B,YAAY,EAAE,eAAe;SAC9B,CAAC;QACF,MAAM,kBAAE,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC,CAAC;QAChD,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,8BAA8B,CAAC,CAAC;IAChE,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC;IAC5C,OAAO,CAAC,GAAG,CAAC,mDAAmD,CAAC,CAAC;IACjE,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;IAC9D,OAAO,CAAC,GAAG,CAAC,8DAA8D,CAAC,CAAC;IAC5E,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;AAC9C,CAAC"}
|
|
@@ -27,28 +27,16 @@ export declare const configSchema: z.ZodObject<{
|
|
|
27
27
|
adminPassword: string;
|
|
28
28
|
}>, z.ZodObject<{
|
|
29
29
|
mode: z.ZodLiteral<"domain-restricted">;
|
|
30
|
+
providers: z.ZodArray<z.ZodEnum<["github", "google"]>, "many">;
|
|
30
31
|
allowedDomains: z.ZodArray<z.ZodString, "many">;
|
|
31
|
-
emailFrom: z.ZodString;
|
|
32
32
|
}, "strip", z.ZodTypeAny, {
|
|
33
33
|
mode: "domain-restricted";
|
|
34
|
+
providers: ("github" | "google")[];
|
|
34
35
|
allowedDomains: string[];
|
|
35
|
-
emailFrom: string;
|
|
36
36
|
}, {
|
|
37
37
|
mode: "domain-restricted";
|
|
38
|
-
allowedDomains: string[];
|
|
39
|
-
emailFrom: string;
|
|
40
|
-
}>, z.ZodObject<{
|
|
41
|
-
mode: z.ZodLiteral<"oauth">;
|
|
42
|
-
providers: z.ZodArray<z.ZodEnum<["github", "google"]>, "many">;
|
|
43
|
-
allowedDomains: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
44
|
-
}, "strip", z.ZodTypeAny, {
|
|
45
|
-
mode: "oauth";
|
|
46
|
-
providers: ("github" | "google")[];
|
|
47
|
-
allowedDomains?: string[] | undefined;
|
|
48
|
-
}, {
|
|
49
|
-
mode: "oauth";
|
|
50
38
|
providers: ("github" | "google")[];
|
|
51
|
-
allowedDomains
|
|
39
|
+
allowedDomains: string[];
|
|
52
40
|
}>]>;
|
|
53
41
|
admins: z.ZodObject<{
|
|
54
42
|
emails: z.ZodArray<z.ZodString, "many">;
|
|
@@ -79,12 +67,8 @@ export declare const configSchema: z.ZodObject<{
|
|
|
79
67
|
adminPassword: string;
|
|
80
68
|
} | {
|
|
81
69
|
mode: "domain-restricted";
|
|
82
|
-
allowedDomains: string[];
|
|
83
|
-
emailFrom: string;
|
|
84
|
-
} | {
|
|
85
|
-
mode: "oauth";
|
|
86
70
|
providers: ("github" | "google")[];
|
|
87
|
-
allowedDomains
|
|
71
|
+
allowedDomains: string[];
|
|
88
72
|
};
|
|
89
73
|
admins: {
|
|
90
74
|
emails: string[];
|
|
@@ -105,12 +89,8 @@ export declare const configSchema: z.ZodObject<{
|
|
|
105
89
|
adminPassword: string;
|
|
106
90
|
} | {
|
|
107
91
|
mode: "domain-restricted";
|
|
108
|
-
allowedDomains: string[];
|
|
109
|
-
emailFrom: string;
|
|
110
|
-
} | {
|
|
111
|
-
mode: "oauth";
|
|
112
92
|
providers: ("github" | "google")[];
|
|
113
|
-
allowedDomains
|
|
93
|
+
allowedDomains: string[];
|
|
114
94
|
};
|
|
115
95
|
admins: {
|
|
116
96
|
emails: string[];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../../src/core/config/schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;
|
|
1
|
+
{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../../src/core/config/schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAcxB,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAwBvB,CAAC;AAEH,MAAM,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,YAAY,CAAC,CAAC;AAEtD,UAAU,mBAAmB;IAC3B,KAAK,EAAE,OAAO,CAAC;IACf,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,MAAM,CAAC,EAAE,UAAU,GAAG,mBAAmB,CA0DpE"}
|
|
@@ -10,13 +10,8 @@ const publicAuthSchema = zod_1.z.object({
|
|
|
10
10
|
});
|
|
11
11
|
const domainRestrictedAuthSchema = zod_1.z.object({
|
|
12
12
|
mode: zod_1.z.literal('domain-restricted'),
|
|
13
|
-
allowedDomains: zod_1.z.array(zod_1.z.string()).min(1, 'At least one domain required'),
|
|
14
|
-
emailFrom: zod_1.z.string().email('Valid email required for sending magic links'),
|
|
15
|
-
});
|
|
16
|
-
const oauthAuthSchema = zod_1.z.object({
|
|
17
|
-
mode: zod_1.z.literal('oauth'),
|
|
18
13
|
providers: zod_1.z.array(zod_1.z.enum(['github', 'google'])).min(1, 'At least one OAuth provider required'),
|
|
19
|
-
allowedDomains: zod_1.z.array(zod_1.z.string()).
|
|
14
|
+
allowedDomains: zod_1.z.array(zod_1.z.string()).min(1, 'At least one domain required'),
|
|
20
15
|
});
|
|
21
16
|
exports.configSchema = zod_1.z.object({
|
|
22
17
|
// GitHub repository configuration
|
|
@@ -27,11 +22,7 @@ exports.configSchema = zod_1.z.object({
|
|
|
27
22
|
docsPath: zod_1.z.string().default('docs'),
|
|
28
23
|
}),
|
|
29
24
|
// Authentication mode (discriminated union)
|
|
30
|
-
auth: zod_1.z.discriminatedUnion('mode', [
|
|
31
|
-
publicAuthSchema,
|
|
32
|
-
domainRestrictedAuthSchema,
|
|
33
|
-
oauthAuthSchema,
|
|
34
|
-
]),
|
|
25
|
+
auth: zod_1.z.discriminatedUnion('mode', [publicAuthSchema, domainRestrictedAuthSchema]),
|
|
35
26
|
// Admin users
|
|
36
27
|
admins: zod_1.z.object({
|
|
37
28
|
emails: zod_1.z.array(zod_1.z.string().email()).min(1, 'At least one admin email required'),
|
|
@@ -64,11 +55,7 @@ function validateEnv(config) {
|
|
|
64
55
|
if (config) {
|
|
65
56
|
switch (config.auth.mode) {
|
|
66
57
|
case 'domain-restricted':
|
|
67
|
-
|
|
68
|
-
result.missing.push('RESEND_API_KEY');
|
|
69
|
-
}
|
|
70
|
-
break;
|
|
71
|
-
case 'oauth':
|
|
58
|
+
// OAuth credentials required for domain-restricted
|
|
72
59
|
if (config.auth.providers.includes('github')) {
|
|
73
60
|
if (!process.env.GITHUB_CLIENT_ID)
|
|
74
61
|
result.missing.push('GITHUB_CLIENT_ID');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"schema.js","sourceRoot":"","sources":["../../../src/core/config/schema.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"schema.js","sourceRoot":"","sources":["../../../src/core/config/schema.ts"],"names":[],"mappings":";;;AAmDA,kCA0DC;AA7GD,6BAAwB;AAExB,oBAAoB;AACpB,MAAM,gBAAgB,GAAG,OAAC,CAAC,MAAM,CAAC;IAChC,IAAI,EAAE,OAAC,CAAC,OAAO,CAAC,QAAQ,CAAC;IACzB,aAAa,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,yCAAyC,CAAC;CAC5E,CAAC,CAAC;AAEH,MAAM,0BAA0B,GAAG,OAAC,CAAC,MAAM,CAAC;IAC1C,IAAI,EAAE,OAAC,CAAC,OAAO,CAAC,mBAAmB,CAAC;IACpC,SAAS,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,sCAAsC,CAAC;IAC/F,cAAc,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,8BAA8B,CAAC;CAC3E,CAAC,CAAC;AAEU,QAAA,YAAY,GAAG,OAAC,CAAC,MAAM,CAAC;IACnC,kCAAkC;IAClC,MAAM,EAAE,OAAC,CAAC,MAAM,CAAC;QACf,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,uBAAuB,CAAC;QACjD,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,sBAAsB,CAAC;QAC/C,MAAM,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC;QAClC,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC;KACrC,CAAC;IAEF,4CAA4C;IAC5C,IAAI,EAAE,OAAC,CAAC,kBAAkB,CAAC,MAAM,EAAE,CAAC,gBAAgB,EAAE,0BAA0B,CAAC,CAAC;IAElF,cAAc;IACd,MAAM,EAAE,OAAC,CAAC,MAAM,CAAC;QACf,MAAM,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,mCAAmC,CAAC;KAChF,CAAC;IAEF,oBAAoB;IACpB,QAAQ,EAAE,OAAC;SACR,MAAM,CAAC;QACN,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,eAAe,CAAC;QACzC,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KAC5B,CAAC;SACD,QAAQ,EAAE;CACd,CAAC,CAAC;AAUH;;GAEG;AACH,SAAgB,WAAW,CAAC,MAAmB;IAC7C,MAAM,MAAM,GAAwB;QAClC,KAAK,EAAE,IAAI;QACX,OAAO,EAAE,EAAE;QACX,QAAQ,EAAE,EAAE;KACb,CAAC;IAEF,kBAAkB;IAClB,MAAM,QAAQ,GAAG,CAAC,cAAc,EAAE,SAAS,EAAE,gBAAgB,CAAC,CAAC;IAE/D,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;QAC3B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC;IAED,4CAA4C;IAC5C,IAAI,MAAM,EAAE,CAAC;QACX,QAAQ,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YACzB,KAAK,mBAAmB;gBACtB,mDAAmD;gBACnD,IAAI,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAC7C,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB;wBAAE,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;oBAC3E,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB;wBAAE,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;gBACrF,CAAC;gBACD,IAAI,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAC7C,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB;wBAAE,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;oBAC3E,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB;wBAAE,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;gBACrF,CAAC;gBACD,MAAM;QACV,CAAC;IACH,CAAC;IAED,+BAA+B;IAC/B,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,KAAK,2BAA2B,EAAE,CAAC;QAC/D,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAC;IACzF,CAAC;IAED,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC1F,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;IACjE,CAAC;IAED,MAAM,CAAC,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC;IAE3C,iCAAiC;IACjC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CACb,4CAA4C,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC/F,CAAC;IACJ,CAAC;IAED,eAAe;IACf,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,OAAO,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QACtC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3D,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
|
@@ -13,6 +13,5 @@ export interface AuthUser {
|
|
|
13
13
|
*/
|
|
14
14
|
export declare function setupAuth(config: DocsConfig): void;
|
|
15
15
|
export { setupPublicAuth } from './public';
|
|
16
|
-
export { setupMagicLinkAuth, sendMagicLink } from './magic-link';
|
|
17
16
|
export { setupOAuth } from './oauth';
|
|
18
17
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/server/auth/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/server/auth/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAIpD,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,QAAQ,GAAG,OAAO,CAAC;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,MAAM,EAAE,UAAU,QA0B3C;AAED,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAC3C,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC"}
|
|
@@ -3,10 +3,9 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.setupOAuth = exports.
|
|
6
|
+
exports.setupOAuth = exports.setupPublicAuth = void 0;
|
|
7
7
|
exports.setupAuth = setupAuth;
|
|
8
8
|
const passport_1 = __importDefault(require("passport"));
|
|
9
|
-
const magic_link_1 = require("./magic-link");
|
|
10
9
|
const oauth_1 = require("./oauth");
|
|
11
10
|
const public_1 = require("./public");
|
|
12
11
|
/**
|
|
@@ -33,18 +32,12 @@ function setupAuth(config) {
|
|
|
33
32
|
(0, public_1.setupPublicAuth)(config);
|
|
34
33
|
break;
|
|
35
34
|
case 'domain-restricted':
|
|
36
|
-
(0, magic_link_1.setupMagicLinkAuth)(config);
|
|
37
|
-
break;
|
|
38
|
-
case 'oauth':
|
|
39
35
|
(0, oauth_1.setupOAuth)(config);
|
|
40
36
|
break;
|
|
41
37
|
}
|
|
42
38
|
}
|
|
43
39
|
var public_2 = require("./public");
|
|
44
40
|
Object.defineProperty(exports, "setupPublicAuth", { enumerable: true, get: function () { return public_2.setupPublicAuth; } });
|
|
45
|
-
var magic_link_2 = require("./magic-link");
|
|
46
|
-
Object.defineProperty(exports, "setupMagicLinkAuth", { enumerable: true, get: function () { return magic_link_2.setupMagicLinkAuth; } });
|
|
47
|
-
Object.defineProperty(exports, "sendMagicLink", { enumerable: true, get: function () { return magic_link_2.sendMagicLink; } });
|
|
48
41
|
var oauth_2 = require("./oauth");
|
|
49
42
|
Object.defineProperty(exports, "setupOAuth", { enumerable: true, get: function () { return oauth_2.setupOAuth; } });
|
|
50
43
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/server/auth/index.ts"],"names":[],"mappings":";;;;;;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/server/auth/index.ts"],"names":[],"mappings":";;;;;;AAkBA,8BA0BC;AA5CD,wDAAgC;AAEhC,mCAAqC;AACrC,qCAA2C;AAY3C;;GAEG;AACH,SAAgB,SAAS,CAAC,MAAkB;IAC1C,wBAAwB;IACxB,kBAAQ,CAAC,aAAa,CAAC,CAAC,IAAkB,EAAE,IAAI,EAAE,EAAE;QAClD,MAAM,QAAQ,GAAG,IAAgB,CAAC;QAClC,IAAI,CAAC,IAAI,EAAE;YACT,EAAE,EAAE,QAAQ,CAAC,EAAE;YACf,KAAK,EAAE,QAAQ,CAAC,KAAK;YACrB,IAAI,EAAE,QAAQ,CAAC,IAAI;YACnB,IAAI,EAAE,QAAQ,CAAC,IAAI;YACnB,MAAM,EAAE,QAAQ,CAAC,MAAM;SACxB,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,kBAAQ,CAAC,eAAe,CAAC,CAAC,IAAc,EAAE,IAAI,EAAE,EAAE;QAChD,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACnB,CAAC,CAAC,CAAC;IAEH,qCAAqC;IACrC,QAAQ,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QACzB,KAAK,QAAQ;YACX,IAAA,wBAAe,EAAC,MAAM,CAAC,CAAC;YACxB,MAAM;QACR,KAAK,mBAAmB;YACtB,IAAA,kBAAU,EAAC,MAAM,CAAC,CAAC;YACnB,MAAM;IACV,CAAC;AACH,CAAC;AAED,mCAA2C;AAAlC,yGAAA,eAAe,OAAA;AACxB,iCAAqC;AAA5B,mGAAA,UAAU,OAAA"}
|
|
@@ -11,10 +11,10 @@ const passport_google_oauth20_1 = require("passport-google-oauth20");
|
|
|
11
11
|
* OAuth authentication (GitHub, Google)
|
|
12
12
|
*/
|
|
13
13
|
function setupOAuth(config) {
|
|
14
|
-
if (config.auth.mode !== '
|
|
14
|
+
if (config.auth.mode !== 'domain-restricted')
|
|
15
15
|
return;
|
|
16
|
-
// Get allowed domains from
|
|
17
|
-
const allowedDomains = config.auth.allowedDomains
|
|
16
|
+
// Get allowed domains from config (required for domain-restricted)
|
|
17
|
+
const allowedDomains = config.auth.allowedDomains;
|
|
18
18
|
// GitHub OAuth
|
|
19
19
|
if (config.auth.providers.includes('github') &&
|
|
20
20
|
process.env.GITHUB_CLIENT_ID &&
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth.js","sourceRoot":"","sources":["../../../src/server/auth/oauth.ts"],"names":[],"mappings":";;;;;AAiBA,gCA2GC;AA5HD,wDAAgC;AAChC,uDAA6F;AAC7F,qEAAoG;AAYpG;;GAEG;AACH,SAAgB,UAAU,CAAC,MAAkB;IAC3C,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,KAAK,
|
|
1
|
+
{"version":3,"file":"oauth.js","sourceRoot":"","sources":["../../../src/server/auth/oauth.ts"],"names":[],"mappings":";;;;;AAiBA,gCA2GC;AA5HD,wDAAgC;AAChC,uDAA6F;AAC7F,qEAAoG;AAYpG;;GAEG;AACH,SAAgB,UAAU,CAAC,MAAkB;IAC3C,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,KAAK,mBAAmB;QAAE,OAAO;IAErD,mEAAmE;IACnE,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC;IAElD,eAAe;IACf,IACE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,gBAAgB;QAC5B,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAChC,CAAC;QACD,kBAAQ,CAAC,GAAG,CACV,IAAI,2BAAc,CAChB;YACE,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB;YACtC,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB;YAC9C,WAAW,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,2BAA2B;YAC9D,KAAK,EAAE,CAAC,YAAY,CAAC;SACtB,EACD,KAAK,EACH,WAAmB,EACnB,YAAoB,EACpB,OAAsB,EACtB,IAA2D,EAC3D,EAAE;YACF,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,IAAI,GAAG,OAAO,CAAC,QAAQ,aAAa,CAAC;gBAE7E,yCAAyC;gBACzC,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC9B,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;oBACnC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;wBACrC,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;oBAC3B,CAAC;gBACH,CAAC;gBAED,MAAM,IAAI,GAAc;oBACtB,EAAE,EAAE,UAAU,OAAO,CAAC,EAAE,EAAE;oBAC1B,KAAK;oBACL,IAAI,EAAE,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,QAAQ,IAAI,aAAa;oBAC9D,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK;oBAClC,QAAQ,EAAE,QAAQ;oBAClB,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ;iBAChE,CAAC;gBAEF,OAAO,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YAC1B,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,IAAI,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC;YAC3E,CAAC;QACH,CAAC,CACF,CACF,CAAC;IACJ,CAAC;IAED,eAAe;IACf,IACE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,gBAAgB;QAC5B,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAChC,CAAC;QACD,kBAAQ,CAAC,GAAG,CACV,IAAI,kCAAc,CAChB;YACE,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB;YACtC,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB;YAC9C,WAAW,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,2BAA2B;YAC9D,KAAK,EAAE,CAAC,SAAS,EAAE,OAAO,CAAC;SAC5B,EACD,KAAK,EACH,WAAmB,EACnB,YAAoB,EACpB,OAAsB,EACtB,IAA2D,EAC3D,EAAE;YACF,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC;gBAEzC,IAAI,CAAC,KAAK,EAAE,CAAC;oBACX,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;gBAC3B,CAAC;gBAED,yCAAyC;gBACzC,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC9B,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;oBACnC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;wBACrC,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;oBAC3B,CAAC;gBACH,CAAC;gBAED,MAAM,IAAI,GAAc;oBACtB,EAAE,EAAE,UAAU,OAAO,CAAC,EAAE,EAAE;oBAC1B,KAAK;oBACL,IAAI,EAAE,OAAO,CAAC,WAAW,IAAI,aAAa;oBAC1C,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK;oBAClC,QAAQ,EAAE,QAAQ;oBAClB,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ;iBAChE,CAAC;gBAEF,OAAO,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YAC1B,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,IAAI,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC;YAC3E,CAAC;QACH,CAAC,CACF,CACF,CAAC;IACJ,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/server/routes/auth.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/server/routes/auth.ts"],"names":[],"mappings":"AAKA,QAAA,MAAM,MAAM,4CAAmB,CAAC;AAgFhC,eAAe,MAAM,CAAC"}
|
|
@@ -5,7 +5,6 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
6
|
const express_1 = __importDefault(require("express"));
|
|
7
7
|
const passport_1 = __importDefault(require("passport"));
|
|
8
|
-
const magic_link_1 = require("../auth/magic-link");
|
|
9
8
|
const router = express_1.default.Router();
|
|
10
9
|
/**
|
|
11
10
|
* GET /api/auth/me
|
|
@@ -45,38 +44,6 @@ router.post('/logout', (req, res) => {
|
|
|
45
44
|
res.json({ success: true });
|
|
46
45
|
});
|
|
47
46
|
});
|
|
48
|
-
/**
|
|
49
|
-
* POST /api/auth/magic-link
|
|
50
|
-
* Send magic link email (domain-restricted mode)
|
|
51
|
-
*/
|
|
52
|
-
router.post('/magic-link', async (req, res, next) => {
|
|
53
|
-
try {
|
|
54
|
-
const config = req.config;
|
|
55
|
-
const { email } = req.body;
|
|
56
|
-
if (!email) {
|
|
57
|
-
return res.status(400).json({ error: 'Email required' });
|
|
58
|
-
}
|
|
59
|
-
if (config.auth.mode !== 'domain-restricted') {
|
|
60
|
-
return res.status(400).json({ error: 'Magic link not available in this mode' });
|
|
61
|
-
}
|
|
62
|
-
await (0, magic_link_1.sendMagicLink)(email, config);
|
|
63
|
-
res.json({ success: true, message: 'Check your email for the login link' });
|
|
64
|
-
}
|
|
65
|
-
catch (error) {
|
|
66
|
-
const message = error instanceof Error ? error.message : 'Unknown error';
|
|
67
|
-
res.status(400).json({ error: message });
|
|
68
|
-
}
|
|
69
|
-
});
|
|
70
|
-
/**
|
|
71
|
-
* POST /api/auth/verify
|
|
72
|
-
* Verify magic link token
|
|
73
|
-
*/
|
|
74
|
-
router.post('/verify', passport_1.default.authenticate('magic-link'), (req, res) => {
|
|
75
|
-
res.json({
|
|
76
|
-
success: true,
|
|
77
|
-
user: req.user,
|
|
78
|
-
});
|
|
79
|
-
});
|
|
80
47
|
/**
|
|
81
48
|
* GET /api/auth/github
|
|
82
49
|
* Start GitHub OAuth flow
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/server/routes/auth.ts"],"names":[],"mappings":";;;;;AAAA,sDAA8B;AAC9B,wDAAgC;
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/server/routes/auth.ts"],"names":[],"mappings":";;;;;AAAA,sDAA8B;AAC9B,wDAAgC;AAIhC,MAAM,MAAM,GAAG,iBAAO,CAAC,MAAM,EAAE,CAAC;AAEhC;;;GAGG;AACH,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IAC7B,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;QACb,OAAO,GAAG,CAAC,IAAI,CAAC;YACd,aAAa,EAAE,IAAI;YACnB,IAAI,EAAE,GAAG,CAAC,IAAI;SACf,CAAC,CAAC;IACL,CAAC;IAED,2DAA2D;IAC3D,MAAM,MAAM,GAAG,GAAG,CAAC,MAAoB,CAAC;IACxC,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAClC,OAAO,GAAG,CAAC,IAAI,CAAC;YACd,aAAa,EAAE,IAAI;YACnB,IAAI,EAAE;gBACJ,EAAE,EAAE,WAAW;gBACf,KAAK,EAAE,IAAI;gBACX,IAAI,EAAE,kBAAkB;gBACxB,IAAI,EAAE,QAAQ;aACf;SACF,CAAC,CAAC;IACL,CAAC;IAED,GAAG,CAAC,IAAI,CAAC,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC,CAAC;AACrC,CAAC,CAAC,CAAC;AAEH;;;GAGG;AACH,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IAClC,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE;QACjB,IAAI,GAAG,EAAE,CAAC;YACR,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC,CAAC;QAC1D,CAAC;QACD,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH;;;GAGG;AACH,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,kBAAQ,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC;AAEvD;;;GAGG;AACH,MAAM,CAAC,GAAG,CACR,kBAAkB,EAClB,kBAAQ,CAAC,YAAY,CAAC,QAAQ,EAAE,EAAE,eAAe,EAAE,qBAAqB,EAAE,CAAC,EAC3E,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IACX,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;AACpB,CAAC,CACF,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,kBAAQ,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC;AAEvD;;;GAGG;AACH,MAAM,CAAC,GAAG,CACR,kBAAkB,EAClB,kBAAQ,CAAC,YAAY,CAAC,QAAQ,EAAE,EAAE,eAAe,EAAE,qBAAqB,EAAE,CAAC,EAC3E,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IACX,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;AACpB,CAAC,CACF,CAAC;AAEF,kBAAe,MAAM,CAAC"}
|
package/package.json
CHANGED
package/templates/.env.example
CHANGED
|
@@ -10,11 +10,8 @@ APP_URL=http://localhost:3000
|
|
|
10
10
|
# Required: Session secret (generate a random string for production)
|
|
11
11
|
SESSION_SECRET=your-secret-key-here
|
|
12
12
|
|
|
13
|
-
#
|
|
14
|
-
# RESEND_API_KEY=re_your_resend_key
|
|
15
|
-
|
|
16
|
-
# Optional: For OAuth auth mode
|
|
17
|
-
# GITHUB_CLIENT_ID=your_github_oauth_client_id
|
|
18
|
-
# GITHUB_CLIENT_SECRET=your_github_oauth_client_secret
|
|
13
|
+
# OAuth - Required for domain-restricted auth mode
|
|
19
14
|
# GOOGLE_CLIENT_ID=your_google_oauth_client_id
|
|
20
15
|
# GOOGLE_CLIENT_SECRET=your_google_oauth_client_secret
|
|
16
|
+
# GITHUB_CLIENT_ID=your_github_oauth_client_id
|
|
17
|
+
# GITHUB_CLIENT_SECRET=your_github_oauth_client_secret
|
package/templates/docs.config.js
CHANGED
|
@@ -8,13 +8,24 @@ module.exports = {
|
|
|
8
8
|
branch: "main",
|
|
9
9
|
docsPath: "docs",
|
|
10
10
|
},
|
|
11
|
+
|
|
12
|
+
// Auth Mode 1: Public - anyone can edit, admin password for approvals
|
|
11
13
|
auth: {
|
|
12
14
|
mode: "public",
|
|
13
15
|
adminPassword: "change-me-in-production",
|
|
14
16
|
},
|
|
17
|
+
|
|
18
|
+
// Auth Mode 2: Domain-restricted - OAuth login with email domain check
|
|
19
|
+
// auth: {
|
|
20
|
+
// mode: "domain-restricted",
|
|
21
|
+
// providers: ["google"], // or ["github"]
|
|
22
|
+
// allowedDomains: ["yourcompany.com"],
|
|
23
|
+
// },
|
|
24
|
+
|
|
15
25
|
admins: {
|
|
16
26
|
emails: ["admin@example.com"],
|
|
17
27
|
},
|
|
28
|
+
|
|
18
29
|
branding: {
|
|
19
30
|
name: "My Documentation",
|
|
20
31
|
},
|
|
@@ -1,10 +0,0 @@
|
|
|
1
|
-
import type { DocsConfig } from '../../core/config';
|
|
2
|
-
/**
|
|
3
|
-
* Domain-restricted authentication via magic link emails
|
|
4
|
-
*/
|
|
5
|
-
export declare function setupMagicLinkAuth(config: DocsConfig): void;
|
|
6
|
-
/**
|
|
7
|
-
* Send magic link email
|
|
8
|
-
*/
|
|
9
|
-
export declare function sendMagicLink(email: string, config: DocsConfig): Promise<boolean>;
|
|
10
|
-
//# sourceMappingURL=magic-link.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"magic-link.d.ts","sourceRoot":"","sources":["../../../src/server/auth/magic-link.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAKpD;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,UAAU,QA4CpD;AAED;;GAEG;AACH,wBAAsB,aAAa,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,CA0CvF"}
|
|
@@ -1,94 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
-
};
|
|
5
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.setupMagicLinkAuth = setupMagicLinkAuth;
|
|
7
|
-
exports.sendMagicLink = sendMagicLink;
|
|
8
|
-
const passport_1 = __importDefault(require("passport"));
|
|
9
|
-
const passport_custom_1 = require("passport-custom");
|
|
10
|
-
const resend_1 = require("resend");
|
|
11
|
-
const storage_1 = require("../storage");
|
|
12
|
-
let resend = null;
|
|
13
|
-
/**
|
|
14
|
-
* Domain-restricted authentication via magic link emails
|
|
15
|
-
*/
|
|
16
|
-
function setupMagicLinkAuth(config) {
|
|
17
|
-
if (config.auth.mode !== 'domain-restricted')
|
|
18
|
-
return;
|
|
19
|
-
// Initialize Resend
|
|
20
|
-
if (process.env.RESEND_API_KEY) {
|
|
21
|
-
resend = new resend_1.Resend(process.env.RESEND_API_KEY);
|
|
22
|
-
}
|
|
23
|
-
// Magic link verification strategy
|
|
24
|
-
passport_1.default.use('magic-link', new passport_custom_1.Strategy(async (req, done) => {
|
|
25
|
-
const { token } = req.body;
|
|
26
|
-
if (!token) {
|
|
27
|
-
return done(null, false);
|
|
28
|
-
}
|
|
29
|
-
const email = await (0, storage_1.verifyMagicLink)(token);
|
|
30
|
-
if (!email) {
|
|
31
|
-
return done(null, false);
|
|
32
|
-
}
|
|
33
|
-
// Check if email domain is allowed
|
|
34
|
-
if (config.auth.mode === 'domain-restricted') {
|
|
35
|
-
const domain = email.split('@')[1];
|
|
36
|
-
if (!config.auth.allowedDomains.includes(domain)) {
|
|
37
|
-
return done(null, false);
|
|
38
|
-
}
|
|
39
|
-
}
|
|
40
|
-
// Create user session
|
|
41
|
-
const sessionToken = await (0, storage_1.createSession)(email, email);
|
|
42
|
-
return done(null, {
|
|
43
|
-
id: email,
|
|
44
|
-
email,
|
|
45
|
-
name: email.split('@')[0],
|
|
46
|
-
role: config.admins.emails.includes(email) ? 'admin' : 'editor',
|
|
47
|
-
sessionToken,
|
|
48
|
-
});
|
|
49
|
-
}));
|
|
50
|
-
}
|
|
51
|
-
/**
|
|
52
|
-
* Send magic link email
|
|
53
|
-
*/
|
|
54
|
-
async function sendMagicLink(email, config) {
|
|
55
|
-
if (config.auth.mode !== 'domain-restricted') {
|
|
56
|
-
throw new Error('Magic link only available in domain-restricted mode');
|
|
57
|
-
}
|
|
58
|
-
// Check domain
|
|
59
|
-
const domain = email.split('@')[1];
|
|
60
|
-
if (!config.auth.allowedDomains.includes(domain)) {
|
|
61
|
-
throw new Error(`Email domain @${domain} is not allowed`);
|
|
62
|
-
}
|
|
63
|
-
// Create magic link token
|
|
64
|
-
const token = await (0, storage_1.createMagicLink)(email);
|
|
65
|
-
const loginUrl = `${process.env.APP_URL}/auth/verify?token=${token}`;
|
|
66
|
-
// Send email via Resend
|
|
67
|
-
if (!resend) {
|
|
68
|
-
console.log('[DEV] Magic link for', email, ':', loginUrl);
|
|
69
|
-
return true;
|
|
70
|
-
}
|
|
71
|
-
try {
|
|
72
|
-
await resend.emails.send({
|
|
73
|
-
from: config.auth.emailFrom,
|
|
74
|
-
to: email,
|
|
75
|
-
subject: 'Sign in to Documentation',
|
|
76
|
-
html: `
|
|
77
|
-
<h2>Sign in to Documentation</h2>
|
|
78
|
-
<p>Click the link below to sign in. This link expires in 15 minutes.</p>
|
|
79
|
-
<a href="${loginUrl}" style="display: inline-block; padding: 12px 24px; background: #0070f3; color: white; text-decoration: none; border-radius: 6px;">
|
|
80
|
-
Sign In
|
|
81
|
-
</a>
|
|
82
|
-
<p style="color: #666; font-size: 12px; margin-top: 20px;">
|
|
83
|
-
If you didn't request this email, you can safely ignore it.
|
|
84
|
-
</p>
|
|
85
|
-
`,
|
|
86
|
-
});
|
|
87
|
-
return true;
|
|
88
|
-
}
|
|
89
|
-
catch (error) {
|
|
90
|
-
console.error('Failed to send magic link email:', error);
|
|
91
|
-
throw new Error('Failed to send email');
|
|
92
|
-
}
|
|
93
|
-
}
|
|
94
|
-
//# sourceMappingURL=magic-link.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"magic-link.js","sourceRoot":"","sources":["../../../src/server/auth/magic-link.ts"],"names":[],"mappings":";;;;;AAWA,gDA4CC;AAKD,sCA0CC;AAtGD,wDAAgC;AAChC,qDAA6D;AAC7D,mCAAgC;AAEhC,wCAA6E;AAE7E,IAAI,MAAM,GAAkB,IAAI,CAAC;AAEjC;;GAEG;AACH,SAAgB,kBAAkB,CAAC,MAAkB;IACnD,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,KAAK,mBAAmB;QAAE,OAAO;IAErD,oBAAoB;IACpB,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC;QAC/B,MAAM,GAAG,IAAI,eAAM,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAClD,CAAC;IAED,mCAAmC;IACnC,kBAAQ,CAAC,GAAG,CACV,YAAY,EACZ,IAAI,0BAAc,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACrC,MAAM,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;QAE3B,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAC3B,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAA,yBAAe,EAAC,KAAK,CAAC,CAAC;QAE3C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAC3B,CAAC;QAED,mCAAmC;QACnC,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;YAC7C,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YACnC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjD,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;QAED,sBAAsB;QACtB,MAAM,YAAY,GAAG,MAAM,IAAA,uBAAa,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QAEvD,OAAO,IAAI,CAAC,IAAI,EAAE;YAChB,EAAE,EAAE,KAAK;YACT,KAAK;YACL,IAAI,EAAE,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACzB,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ;YAC/D,YAAY;SACb,CAAC,CAAC;IACL,CAAC,CAAC,CACH,CAAC;AACJ,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,aAAa,CAAC,KAAa,EAAE,MAAkB;IACnE,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;QAC7C,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;IACzE,CAAC;IAED,eAAe;IACf,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACnC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QACjD,MAAM,IAAI,KAAK,CAAC,iBAAiB,MAAM,iBAAiB,CAAC,CAAC;IAC5D,CAAC;IAED,0BAA0B;IAC1B,MAAM,KAAK,GAAG,MAAM,IAAA,yBAAe,EAAC,KAAK,CAAC,CAAC;IAC3C,MAAM,QAAQ,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,sBAAsB,KAAK,EAAE,CAAC;IAErE,wBAAwB;IACxB,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,CAAC,GAAG,CAAC,sBAAsB,EAAE,KAAK,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC;QAC1D,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC;YACvB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS;YAC3B,EAAE,EAAE,KAAK;YACT,OAAO,EAAE,0BAA0B;YACnC,IAAI,EAAE;;;mBAGO,QAAQ;;;;;;OAMpB;SACF,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;QACzD,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;IAC1C,CAAC;AACH,CAAC"}
|