@softwarepatterns/am 0.0.2 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +114 -76
- package/dist/index.cjs +1 -1
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.ts +104 -284
- package/dist/index.mjs +1 -1
- package/dist/index.mjs.map +1 -1
- package/dist/types/auth.d.ts +88 -279
- package/dist/types/types.d.ts +16 -5
- package/package.json +19 -4
package/dist/index.mjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.mjs","sources":["../src/auth.ts"],"sourcesContent":[null],"names":["STATE","Symbol","resolveStorage","storageConfig","window","localStorage","getBrowserLocalStorage","readJson","storage","key","raw","JSON","parse","safeParse","getItem","writeJson","value","setItem","stringify","removeKey","removeItem","writeTokensIfNewer","next","curRaw","cur","isSessionTokens","expiresAt","writeProfileIfNewer","isSessionProfile","lastUpdatedAt","x","accessToken","refreshToken","expiresIn","tokenType","id","accountId","status","identity","getState","session","camelCaseStr","str","replace","_","letter","toUpperCase","camelCaseObj","input","Array","isArray","map","item","obj","result","Object","keys","prototype","hasOwnProperty","call","snakeCaseStr","toLowerCase","snakeCaseObj","AuthError","Error","constructor","problem","super","title","this","name","freeze","type","code","detail","invalidParams","defaultConfig","fetchFn","f","globalThis","fetch","bind","async","defaultFetchFn","baseUrl","earlyRefreshMs","tokensStorageKey","profileStorageKey","handleResponse","res","json","contentType","headers","get","includes","readJsonSafe","ok","isProblemJson","statusText","undefined","toGenericProblem","getProblemJson","unauthGet","path","query","qs","URLSearchParams","toString","url","method","Accept","unauthPost","body","authFetch","state","init","config","Authorization","tokens","isExpired","early","Math","min","max","Date","now","refresh","cleared","refreshPromise","toSessionTokens","onRefresh","doRefresh","isUnauthenticatedAuthError","e","authFetchWithRefresh","e2","onUnauthenticated","authGet","toSessionProfile","profile","handleAuthenticationResponse","AuthSession","initial","merged","profilePromise","setState","restoreSession","tokensRaw","profileRaw","clear","clearAuth","idToken","toJSON","fromJSON","refetchProfile","onProfileRefetch","doRefetchProfile","sendVerificationEmail","authPost","user","Am","options","createAuthSession","acceptInvite","checkEmail","csrfSession","csrfToken","signIn","signInWithToken","token","signUp","resetPassword","sendMagicLink","sendPasswordReset"],"mappings":"AAaA,MACMA,EAAQC,OAAO,SAwCrB,SAASC,EAAeC,GACtB,OAAKA,EACiB,iBAAlBA,EAZN,WACE,IACE,MAAsB,oBAAXC,OAA+B,KACrCA,OAAOC,aACLD,OAAOC,aADmB,IAEnC,CAAE,MACA,OAAO,IACT,CACF,CAI+CC,GACtCH,EAFoB,IAG7B,CAWA,SAASI,EAAYC,EAA6BC,GAChD,OAAKD,EAVP,SAAsBE,GACpB,IAAKA,EAAK,OAAO,KACjB,IACE,OAAOC,KAAKC,MAAMF,EACpB,CAAE,MACA,OAAO,IACT,CACF,CAISG,CAAaL,EAAQM,QAAQL,IADf,IAEvB,CAEA,SAASM,EACPP,EACAC,EACAO,GAEA,GAAKR,EACL,IACEA,EAAQS,QAAQR,EAAKE,KAAKO,UAAUF,GACtC,CAAE,MAAO,CACX,CAEA,SAASG,EAAUX,EAA6BC,GAC9C,GAAKD,EACL,IACEA,EAAQY,WAAWX,EACrB,CAAE,MAAO,CACX,CAQA,SAASY,EACPb,EACAC,EACAa,GAEA,IAAKd,EAAS,OAEd,MAAMe,EAAShB,EAAkBC,EAASC,GACpCe,EAAMC,EAAgBF,GAAUA,EAAS,KAEhC,OAAXA,GAAoBC,GAAKL,EAAUX,EAASC,GAC5Ce,GAAOA,EAAIE,WAAaJ,EAAKI,WAEjCX,EAAUP,EAASC,EAAKa,EAC1B,CAEA,SAASK,EACPnB,EACAC,EACAa,GAEA,IAAKd,EAAS,OAEd,MAAMe,EAAShB,EAAkBC,EAASC,GACpCe,EAAMI,EAAiBL,GAAUA,EAAS,KAEjC,OAAXA,GAAoBC,GAAKL,EAAUX,EAASC,GAC5Ce,GAAOA,EAAIK,eAAiBP,EAAKO,eAErCd,EAAUP,EAASC,EAAKa,EAC1B,CAEA,SAASG,EAAgBK,GACvB,QACIA,GACuB,iBAAlBA,EAAEC,aACiB,iBAAnBD,EAAEE,cACc,iBAAhBF,EAAEJ,WACc,iBAAhBI,EAAEG,WACO,WAAhBH,EAAEI,SAEN,CAEA,SAASN,EAAiBE,GACxB,QACIA,GACc,iBAATA,EAAEK,IACc,iBAAhBL,EAAEM,WACW,iBAAbN,EAAEO,QACkB,iBAApBP,EAAED,gBACc,iBAAfC,EAAEQ,UAAwC,OAAfR,EAAEQ,SAEzC,CAEA,SAASC,EAASC,GAChB,OAAQA,EAAgBxC,EAC1B,CAMA,SAASyC,EAAaC,GACpB,OAAOA,EAAIC,QAAQ,YAAa,CAACC,EAAGC,IAAWA,EAAOC,cACxD,CAEA,SAASC,EAAaC,GACpB,GAAc,OAAVA,GAAmC,iBAAVA,EAC3B,OAAOA,EAGT,GAAIC,MAAMC,QAAQF,GAChB,OAAOA,EAAMG,IAAKC,GAASL,EAAaK,IAG1C,MAAMC,EAAML,EACNM,EAAkC,CAAA,EAExC,IAAK,MAAM7C,KAAO8C,OAAOC,KAAKH,GACxBE,OAAOE,UAAUC,eAAeC,KAAKN,EAAK5C,KAC5C6C,EAAOb,EAAahC,IAAQsC,EAAaM,EAAI5C,KAIjD,OAAO6C,CACT,CAEA,SAASM,EAAalB,GACpB,OAAOA,EAAIC,QAAQ,SAAWE,GAAW,IAAIA,EAAOgB,gBACtD,CAEA,SAASC,EAAad,GACpB,GAAc,OAAVA,GAAmC,iBAAVA,EAC3B,OAAOA,EAGT,GAAIC,MAAMC,QAAQF,GAChB,OAAOA,EAAMG,IAAKC,GAASU,EAAaV,IAG1C,MAAMC,EAAML,EACNM,EAAkC,CAAA,EAExC,IAAK,MAAM7C,KAAO8C,OAAOC,KAAKH,GACxBE,OAAOE,UAAUC,eAAeC,KAAKN,EAAK5C,KAC5C6C,EAAOM,EAAanD,IAAQqD,EAAaT,EAAI5C,KAIjD,OAAO6C,CACT,CA8CM,MAAOS,UAAkBC,MAG7B,WAAAC,CAAYC,GACVC,MAAMD,EAAQE,OACdC,KAAKC,KAAO,YACZD,KAAKH,QAAUX,OAAOgB,OAAOL,EAC/B,CACA,QAAIM,GACF,OAAOH,KAAKH,QAAQM,IACtB,CACA,SAAIJ,GACF,OAAOC,KAAKH,QAAQE,KACtB,CACA,UAAI/B,GACF,OAAOgC,KAAKH,QAAQ7B,MACtB,CACA,QAAIoC,GACF,OAAOJ,KAAKH,QAAQO,IACtB,CACA,UAAIC,GACF,OAAOL,KAAKH,QAAQQ,MACtB,CACA,iBAAIC,GACF,OAAON,KAAKH,QAAQS,aACtB,EAgBF,MAAMC,EAAwB,CAC5BC,QAdF,WACE,MAAMC,EAAKC,WAAmBC,MAC9B,MAAiB,mBAANF,EACFA,EAAEG,KAAKF,YAGTG,UACL,MAAM,IAAIlB,MACR,4FAGN,CAGWmB,GACTC,QAAS,+BACTC,eA7RgB,IA8RhB7E,QAAS,KACT8E,iBAAkB,YAClBC,kBAAmB,cA6CrB,MAAMC,EAAiBN,MAAOO,IAC5B,GAAmB,MAAfA,EAAIpD,OACN,OAGF,MAAMqD,EAAO3C,QA1CfmC,eAA4BO,GAC1B,MAAME,EAAcF,EAAIG,QAAQC,IAAI,iBAAmB,GACvD,IACGF,EAAYG,SAAS,sBACrBH,EAAYG,SAAS,SAEtB,OAAO,KACT,IACE,aAAaL,EAAIC,MACnB,CAAE,MACA,OAAO,IACT,CACF,CA8BkCK,CAAaN,IAE7C,IAAKA,EAAIO,GACP,MAAM,IAAIjC,EAtBd,SAAwB0B,EAAeC,GACrC,OA7BF,SAAuBD,GAErB,OADoBA,EAAIG,QAAQC,IAAI,iBAAmB,IACpCC,SAAS,2BAC9B,CA2BIG,CAAcR,IACdC,GACgB,iBAATA,GACc,iBAAdA,EAAKlB,MACU,iBAAfkB,EAAKtB,OACW,iBAAhBsB,EAAKrD,OAELqD,EAlBX,SAA0BD,EAAef,GACvC,MAAO,CACLF,KAAM,cACNJ,MAAOqB,EAAIS,YAAc,iBACzB7D,OAAQoD,EAAIpD,OACZqC,OAA0B,iBAAXA,EAAsBA,OAASyB,EAElD,CAaSC,CAAiBX,EAAKC,EAC/B,CAUwBW,CAAeZ,EAAKC,IAG1C,OAAOA,GAGHY,EAAYpB,OACdL,UAASO,WACXmB,EACAC,EAAgC,MAEhC,MAAMC,EAAK,IAAIC,gBACb5C,EAAa0C,IACbG,WACIC,EAAMH,EAAK,GAAGrB,IAAUmB,KAAQE,IAAO,GAAGrB,IAAUmB,IACpDd,QAAYZ,EAAQ+B,EAAK,CAC7BC,OAAQ,MACRjB,QAAS,CACPkB,OAAQ,sBAGZ,OAAOtB,EAAeC,IAGlBsB,EAAa7B,OACfL,UAASO,WACXmB,EACAS,KAEA,MAAMvB,QAAYZ,EAAQ,GAAGO,IAAUmB,IAAQ,CAC7CM,OAAQ,OACRjB,QAAS,CACPkB,OAAQ,mBACR,eAAgB,oBAElBE,KAAMrG,KAAKO,UAAU4C,EAAakD,MAEpC,OAAOxB,EAAeC,IASlBwB,EAAY/B,MAChBgC,EACAN,EACAO,EAAoB,CAAA,KAEpB,MAAM1B,QAAYyB,EAAME,OAAOvC,QAAQ+B,EAAK,IACvCO,EACHvB,QAAS,IACHuB,EAAKvB,SAAW,GACpByB,cAAe,UAAUH,EAAMI,OAAOvF,iBAI1C,OAAOyD,EAAeC,IAGlB8B,EAAaL,IACjB,MAAMM,EAAQC,KAAKC,IACjBD,KAAKE,IAAIT,EAAME,OAAO/B,eAAgB,GACtC,KAEF,OAAOuC,KAAKC,OAASX,EAAMI,OAAO5F,UAAY8F,GAG1CM,EAAU5C,MAAOgC,IACrB,IAAIA,EAAMa,QAAV,CAEKb,EAAMc,iBACTd,EAAMc,eAkIV9C,eAAyBgC,GACvB,MAAMrC,QAAEA,EAAOO,QAAEA,GAAY8B,EAAME,OAE7B3B,QAAYZ,EAAQ,GAAGO,iBAAwB,CACnDyB,OAAQ,OACRjB,QAAS,CACPkB,OAAQ,mBACR,eAAgB,oBAElBE,KAAMrG,KAAKO,UACT4C,EAAa,CAAE9B,aAAckF,EAAMI,OAAOtF,kBAIxCsF,EAASW,QAAsBzC,EAAeC,IACpDyB,EAAMI,OAASA,EAEf,MAAM9G,EAAUN,EAAegH,EAAME,OAAO5G,SAC5Ca,EAAmBb,EAAS0G,EAAME,OAAO9B,iBAAkBgC,SAErDJ,EAAME,OAAOc,YAAYZ,GACjC,CAvJ2Ba,CAAUjB,IAGnC,UACQA,EAAMc,cACd,SACEd,EAAMc,eAAiB,IACzB,CAVmB,GAafI,EAA8BC,GAC3BA,aAAatE,GAA0B,MAAbsE,EAAEhG,OAa/BiG,EAAuBpD,MAC3BgC,EACAN,EACAO,EAAoB,CAAA,KAEhBI,EAAUL,UACNY,EAAQZ,GAGhB,IACE,aAAaD,EAAUC,EAAON,EAAKO,EACrC,CAAE,MAAOkB,GAEP,IAAKD,EAA2BC,GAC9B,MAAMA,EAGR,GAAInB,EAAMa,QACR,MAAMM,EAGR,IAQE,aAHMP,EAAQZ,SAGDD,EAAUC,EAAON,EAAKO,EACrC,CAAE,MAAOoB,GAEP,GACErB,EAAME,OAAOoB,oBACZtB,EAAMa,SACPK,EAA2BG,GAE3B,UACQrB,EAAME,OAAOoB,kBAAkBD,EACvC,CAAE,MAAO,CAEX,MAAMA,CACR,CACF,GAQIE,EAAUvD,MACdgC,EACAX,EACAC,EAAgC,CAAA,KAEhC,MAAMC,EAAK,IAAIC,gBACb5C,EAAa0C,IACbG,WACIvB,EAAU8B,EAAME,OAAOhC,QACvBwB,EAAMH,EAAK,GAAGrB,IAAUmB,KAAQE,IAAO,GAAGrB,IAAUmB,IAC1D,aAAa+B,EAAqBpB,EAAON,EAAK,CAC5CC,OAAQ,MACRjB,QAAS,CACPkB,OAAQ,uBA2BRmB,EAAmBX,IACvB,MAAMrF,EAAwC,iBAArBqF,EAAOrF,UAAyBqF,EAAOrF,UAAY,EAC5E,MAAO,IACFqF,EACH5F,UAAWkG,KAAKC,MAAoB,IAAZ5F,IAItByG,EAAoBC,IACjB,IACFA,EACH9G,cAAe+F,KAAKC,QAqCxB,MAAMe,EAAgClD,IAC7B,CACL4B,OAAQW,EAAgBvC,EAAK4B,QAC7BqB,QAASD,EAAiBhD,EAAKiD,iBAetBE,EACX,WAAA5E,CAAY6E,EAAyB1B,GACnC,MAAM2B,EAAS,IAAKnE,KAAkBwC,GAEhCF,EAAe,IAChB4B,EACH1B,OAAQ2B,EACRf,eAAgB,KAChBgB,eAAgB,KAChBjB,SAAS,IA9cf,SAAkBvF,EAAsB0E,GACrC1E,EAAgBxC,GAASkH,CAC5B,CA+cI+B,CAAS5E,KAAM6C,GAEf,MAAM1G,EAAUN,EAAe6I,EAAOvI,SACtCa,EAAmBb,EAASuI,EAAOzD,iBAAkB4B,EAAMI,QAEvDJ,EAAMyB,SAERhH,EAAoBnB,EAASuI,EAAOxD,kBAAmB2B,EAAMyB,QAEjE,CAgBA,qBAAOO,CAAe9B,EAA0B,IAC9C,MAAM2B,EAAS,IAAKnE,KAAkBwC,GAChC5G,EAAUN,EAAe6I,EAAOvI,SACtC,IAAKA,EAAS,OAAO,KAErB,MAAM2I,EAAY5I,EAAkBC,EAASuI,EAAOzD,kBAC9CgC,EAAS7F,EAAgB0H,GAAaA,EAAY,KAExD,IAAK7B,EAIH,OAHkB,OAAd6B,GAAoBhI,EAAUX,EAASuI,EAAOzD,kBAElDnE,EAAUX,EAASuI,EAAOxD,mBACnB,KAGT,MAAM6D,EAAa7I,EAAkBC,EAASuI,EAAOxD,mBAC/CoD,EAAU/G,EAAiBwH,GAAcA,EAAa,KAO5D,OALmB,OAAfA,GAAwBT,GAE1BxH,EAAUX,EAASuI,EAAOxD,mBAGrB,IAAIsD,EAAY,CAAEvB,SAAQqB,WAAWI,EAC9C,CAOA,KAAAM,GACE,MAAMnC,EAAQ3E,EAAS8B,OA1kB3B,SAAmB+C,GACjB,MAAM5G,EAAUN,EAAekH,EAAO5G,SACtCW,EAAUX,EAAS4G,EAAO7B,mBAC1BpE,EAAUX,EAAS4G,EAAO9B,iBAC5B,CAukBIgE,CAAUpC,EAAME,QAChBF,EAAMa,SAAU,CAClB,CAEA,WAAAhG,GACE,OAAOQ,EAAS8B,MAAMiD,OAAOvF,WAC/B,CACA,YAAAC,GACE,OAAOO,EAAS8B,MAAMiD,OAAOtF,YAC/B,CACA,OAAAuH,GACE,OAAOhH,EAAS8B,MAAMiD,OAAOiC,OAC/B,CACA,SAAAtH,GACE,OAAOM,EAAS8B,MAAMiD,OAAOrF,SAC/B,CACA,SAAAP,GACE,OAAO,IAAIkG,KAAKrF,EAAS8B,MAAMiD,OAAO5F,UACxC,CACA,OAAAiH,GACE,OAAOpG,EAAS8B,MAAMsE,OACxB,CAEA,MAAAa,GACE,MAAMtC,EAAQ3E,EAAS8B,MACvB,MAAO,CAAEiD,OAAQJ,EAAMI,OAAQqB,QAASzB,EAAMyB,QAChD,CAMA,eAAOc,CACLX,EACA1B,GAEA,OAAO,IAAIyB,EAAYC,EAAS1B,EAClC,CAMA,SAAAG,GACE,OAAOA,EAAUhF,EAAS8B,MAC5B,CA0BA,WAAMW,CAAM4B,EAAmBO,EAAoB,IACjD,OAAOmB,EAAqB/F,EAAS8B,MAAOuC,EAAKO,EACnD,CAOA,aAAMW,GACJ,OAAOA,EAAQvF,EAAS8B,MAC1B,CAcA,oBAAMqF,GACJ,MAAMxC,EAAQ3E,EAAS8B,MACvB,IAAI6C,EAAMa,QAAV,CAKKb,EAAM8B,iBACT9B,EAAM8B,eA1MZ9D,eAAgCgC,GAC9B,MAAMyB,EAAUD,QAAuBD,EAAQvB,EAAO,WAAY,CAAA,IAClEA,EAAMyB,QAAUA,EAGhBhH,EADgBzB,EAAegH,EAAME,OAAO5G,SACf0G,EAAME,OAAO7B,kBAAmBoD,SAEvDzB,EAAME,OAAOuC,mBAAmBhB,GACxC,CAkM6BiB,CAAiB1C,IAG1C,UACQA,EAAM8B,cACd,SACE9B,EAAM8B,eAAiB,IACzB,CAVA,CAWF,CASA,2BAAMa,QAjRS3E,OACfgC,EACAX,EACAS,KAEA,MAAM5B,EAAU8B,EAAME,OAAOhC,QAC7B,aAAakD,EAAqBpB,EAAO,GAAG9B,IAAUmB,IAAQ,CAC5DM,OAAQ,OACRjB,QAAS,CACPkB,OAAQ,mBACR,eAAgB,oBAElBE,KAAMrG,KAAKO,UAAU4C,EAAakD,OAsQ5B8C,CAASvH,EAAS8B,MAAO,gCAAiC,CAAA,EAClE,CAQA,UAAM0F,CAAK5H,GACT,OAAOsG,EAAQlG,EAAS8B,MAAO,cAAclC,IAAM,GACrD,QAiBW6H,EAGX,WAAA/F,CAAYmD,GACV/C,KAAK4F,QAAU,IAAKrF,KAAkBwC,EACxC,CAMA,wBAAO8C,CACLpB,EACA1B,GAEA,OAAO,IAAI4C,EAAG5C,GAAQ8C,kBAAkBpB,EAC1C,CAMA,iBAAAoB,CAAkBpB,GAChB,OAAO,IAAID,EAAYC,EAASzE,KAAK4F,QACvC,CAUA,yBAAaE,CACX3D,EAIAY,GAEA,OAAO,IAAI4C,EAAG5C,GAAQ+C,aAAa3D,EACrC,CAUA,kBAAM2D,CAAa3D,GAIjB,MAAMsC,EAAUF,QACRtC,EAAUjC,KAAK4F,QAAS,sBAAuBzD,IAEvD,OAAO,IAAIqC,EAAYC,EAASzE,KAAK4F,QACvC,CAWA,uBAAaG,CACXpD,EACAI,GAMA,OAAO,IAAI4C,EAAG5C,GAAQgD,WAAWpD,EACnC,CAWA,gBAAMoD,CAAWpD,GASf,OAAOD,EAAW1C,KAAK4F,QAAS,oBAAqBjD,EACvD,CAQA,wBAAaqD,CACXjD,GAEA,OAAO,IAAI4C,EAAG5C,GAAQiD,aACxB,CAQA,iBAAMA,GACJ,OAAO/D,EAAUjC,KAAK4F,QAAS,qBACjC,CAWA,sBAAaK,CACXlD,GAEA,OAAO,IAAI4C,EAAG5C,GAAQkD,WACxB,CAWA,eAAMA,GACJ,OAAOhE,EAAUjC,KAAK4F,QAAS,mBACjC,CASA,mBAAaM,CACXvD,EAMAI,GAEA,OAAO,IAAI4C,EAAG5C,GAAQmD,OAAOvD,EAC/B,CASA,YAAMuD,CAAOvD,GAMX,MAAM8B,EAAUF,QACR7B,EAAW1C,KAAK4F,QAAS,gBAAiBjD,IAGlD,OAAO,IAAI6B,EAAYC,EAASzE,KAAK4F,QACvC,CAWA,4BAAaO,CACXC,EACArD,GAEA,OAAO,IAAI4C,EAAG5C,GAAQoD,gBAAgBC,EACxC,CAWA,qBAAMD,CAAgBC,GACpB,MAAMR,EAAU5F,KAAK4F,QACfnB,EAAUF,QACRtC,EAAU2D,EAAS,2BAA4B,CACnDQ,WAIJ,OAAO,IAAI5B,EAAYC,EAASmB,EAClC,CAUA,oBAAanC,CACX9F,EACAoF,GAEA,OAAO,IAAI4C,EAAG5C,GAAQU,QAAQ9F,EAChC,CAUA,aAAM8F,CAAQ9F,GACZ,OAAOiG,QACClB,EAAW1C,KAAK4F,QAAS,gBAAiB,CAC9CjI,iBAGN,CASA,mBAAa0I,CACX1D,EAMAI,GAEA,OAAO,IAAI4C,EAAG5C,GAAQsD,OAAO1D,EAC/B,CASA,YAAM0D,CAAO1D,GAMX,MAAM8B,EAAUF,QACR7B,EAAW1C,KAAK4F,QAAS,gBAAiBjD,IAGlD,OAAO,IAAI6B,EAAYC,EAASzE,KAAK4F,QACvC,CASA,0BAAaU,CACX3D,EAIAI,GAEA,OAAO,IAAI4C,EAAG5C,GAAQuD,cAAc3D,EACtC,CASA,mBAAM2D,CAAc3D,GAIlB,OAAOD,EAAW1C,KAAK4F,QAAS,uBAAwBjD,EAC1D,CASA,0BAAa4D,CACX5D,EAKAI,GAEA,OAAO,IAAI4C,EAAG5C,GAAQwD,cAAc5D,EACtC,CASA,mBAAM4D,CAAc5D,GAKlB,OAAOD,EAAW1C,KAAK4F,QAAS,wBAAyBjD,EAC3D,CAQA,8BAAa6D,CACX7D,EAKAI,GAEA,OAAO,IAAI4C,EAAG5C,GAAQyD,kBAAkB7D,EAC1C,CAQA,uBAAM6D,CAAkB7D,GAKtB,OAAOD,EAAW1C,KAAK4F,QAAS,4BAA6BjD,EAC/D"}
|
|
1
|
+
{"version":3,"file":"index.mjs","sources":["../src/auth.ts"],"sourcesContent":[null],"names":["SESSION_STATE","Symbol","AUTH_SESSION","AUTH_STATE","EMITTER","resolveStorage","storageConfig","window","localStorage","getBrowserLocalStorage","readJson","storage","key","raw","JSON","parse","safeParse","getItem","writeJson","value","setItem","stringify","removeKey","removeItem","writeTokensIfNewer","next","curRaw","cur","isSessionTokens","expiresAt","writeProfileIfNewer","isSessionProfile","lastUpdatedAt","x","accessToken","refreshToken","expiresIn","tokenType","id","applicationId","status","identity","getSessionState","session","getAuthState","am","setAuthSession","sessionState","event","set","listeners","fn","console","warn","setSessionStateEmitter","emitSessionStateEvent","emit","camelCaseStr","str","replace","_","letter","toUpperCase","camelCaseObj","input","Array","isArray","map","item","obj","result","Object","keys","prototype","hasOwnProperty","call","snakeCaseStr","toLowerCase","snakeCaseObj","AuthError","Error","constructor","problem","super","title","this","name","freeze","type","code","detail","invalidParams","defaultConfig","fetchFn","f","globalThis","fetch","bind","async","defaultFetchFn","baseUrl","earlyRefreshMs","tokensStorageKey","profileStorageKey","fetchSessionResponse","state","init","config","token","headers","Headers","withBearer","tokens","fetchSessionResponseEnsureFresh","isExpired","refresh","res","cleared","handleJsonOrThrow","json","contentType","get","includes","readJsonSafe","ok","isProblemJson","statusText","undefined","toGenericProblem","getProblemJson","getSessionJsonEnsureFresh","unauthGet","path","query","qs","URLSearchParams","toString","url","method","Accept","unauthPost","body","early","Math","min","max","Date","now","refreshPromise","e","isUnauthenticatedAuthError","toSessionTokens","doRefresh","toSessionProfile","profile","doRefetchProfile","authGet","handleAuthenticationResponse","AuthSession","initial","merged","profilePromise","setSessionState","clear","clearAuth","toJSON","fromJSON","refetchProfile","sendVerificationEmail","authPost","Am","createSession","restoreSession","tokensRaw","profileRaw","on","Set","add","delete","acceptInvite","checkEmail","csrfSession","csrfToken","signIn","signInWithToken","signUp","resetPassword","sendMagicLink","sendPasswordReset"],"mappings":"AAWA,MACMA,EAAgBC,OAAO,iBACvBC,EAAeD,OAAO,gBACtBE,EAAaF,OAAO,cACpBG,EAAUH,OAAO,WAiDvB,SAASI,EAAeC,GACtB,OAAKA,EACiB,iBAAlBA,EAZN,WACE,IACE,MAAsB,oBAAXC,OAA+B,KACrCA,OAAOC,aACLD,OAAOC,aADmB,IAEnC,CAAE,MACA,OAAO,IACT,CACF,CAI+CC,GACtCH,EAFoB,IAG7B,CAWA,SAASI,EAAYC,EAA6BC,GAChD,OAAKD,EAVP,SAAsBE,GACpB,IAAKA,EAAK,OAAO,KACjB,IACE,OAAOC,KAAKC,MAAMF,EACpB,CAAE,MACA,OAAO,IACT,CACF,CAISG,CAAaL,EAAQM,QAAQL,IADf,IAEvB,CAEA,SAASM,EACPP,EACAC,EACAO,GAEA,GAAKR,EACL,IACEA,EAAQS,QAAQR,EAAKE,KAAKO,UAAUF,GACtC,CAAE,MAAQ,CACZ,CAEA,SAASG,EAAUX,EAA6BC,GAC9C,GAAKD,EACL,IACEA,EAAQY,WAAWX,EACrB,CAAE,MAAQ,CACZ,CAQA,SAASY,EACPb,EACAC,EACAa,GAEA,IAAKd,EAAS,OAEd,MAAMe,EAAShB,EAAkBC,EAASC,GACpCe,EAAMC,EAAgBF,GAAUA,EAAS,KAEhC,OAAXA,GAAoBC,GAAKL,EAAUX,EAASC,GAC5Ce,GAAOA,EAAIE,WAAaJ,EAAKI,WAEjCX,EAAUP,EAASC,EAAKa,EAC1B,CAEA,SAASK,EACPnB,EACAC,EACAa,GAEA,IAAKd,EAAS,OAEd,MAAMe,EAAShB,EAAkBC,EAASC,GACpCe,EAAMI,EAAiBL,GAAUA,EAAS,KAEjC,OAAXA,GAAoBC,GAAKL,EAAUX,EAASC,GAC5Ce,GAAOA,EAAIK,eAAiBP,EAAKO,eAErCd,EAAUP,EAASC,EAAKa,EAC1B,CAEA,SAASG,EAAgBK,GACvB,QACIA,GACuB,iBAAlBA,EAAEC,aACiB,iBAAnBD,EAAEE,cACc,iBAAhBF,EAAEJ,WACc,iBAAhBI,EAAEG,WACO,WAAhBH,EAAEI,SAEN,CAEA,SAASN,EAAiBE,GACxB,QACIA,GACc,iBAATA,EAAEK,IACkB,iBAApBL,EAAEM,eACW,iBAAbN,EAAEO,QACkB,iBAApBP,EAAED,gBACc,iBAAfC,EAAEQ,UAAwC,OAAfR,EAAEQ,SAEzC,CAEA,SAASC,EAAgBC,GACvB,OAAQA,EAAgB3C,EAC1B,CAMA,SAAS4C,EAAaC,GACpB,OAAQA,EAAW1C,EACrB,CAUA,SAAS2C,EAAeD,EAAQF,GAC7BE,EAAW3C,GAAgByC,EAC5B,MAAMI,EAAeL,EAAgBC,IAKvC,SAAgCI,EAA4BF,GACzDE,EAAqB3C,GAAW,CAC/B4C,EACA7B,KAEA,MACM8B,EADYL,EAAaC,GACTK,UAAUF,GAChC,GAAKC,EACL,IAAK,MAAME,KAAMF,EACf,IACEE,EAAGhC,EACL,CAAE,MACAiC,QAAQC,KAAK,kDAAmDL,EAClE,EAGN,CApBEM,CAAuBP,EAAcF,GACrCU,EAAsBR,EAAc,gBAAiBJ,EACvD,CAoBA,SAASY,EACPR,EACAC,EACA7B,IAGAqC,EADcT,EAAqB3C,IAC9B4C,EAAO7B,EACd,CAEA,SAASsC,EAAaC,GACpB,OAAOA,EAAIC,QAAQ,YAAa,CAACC,EAAGC,IAAWA,EAAOC,cACxD,CAEA,SAASC,EAAaC,GACpB,GAAc,OAAVA,GAAmC,iBAAVA,EAC3B,OAAOA,EAGT,GAAIC,MAAMC,QAAQF,GAChB,OAAOA,EAAMG,IAAKC,GAASL,EAAaK,IAG1C,MAAMC,EAAML,EACNM,EAAkC,CAAA,EAExC,IAAK,MAAM1D,KAAO2D,OAAOC,KAAKH,GACxBE,OAAOE,UAAUC,eAAeC,KAAKN,EAAKzD,KAC5C0D,EAAOb,EAAa7C,IAAQmD,EAAaM,EAAIzD,KAIjD,OAAO0D,CACT,CAEA,SAASM,EAAalB,GACpB,OAAOA,EAAIC,QAAQ,SAAWE,GAAW,IAAIA,EAAOgB,gBACtD,CAEA,SAASC,EAAad,GACpB,GAAc,OAAVA,GAAmC,iBAAVA,EAC3B,OAAOA,EAGT,GAAIC,MAAMC,QAAQF,GAChB,OAAOA,EAAMG,IAAKC,GAASU,EAAaV,IAG1C,MAAMC,EAAML,EACNM,EAAkC,CAAA,EAExC,IAAK,MAAM1D,KAAO2D,OAAOC,KAAKH,GACxBE,OAAOE,UAAUC,eAAeC,KAAKN,EAAKzD,KAC5C0D,EAAOM,EAAahE,IAAQkE,EAAaT,EAAIzD,KAIjD,OAAO0D,CACT,CAwCM,MAAOS,UAAkBC,MAG7B,WAAAC,CAAYC,GACVC,MAAMD,EAAQE,OACdC,KAAKC,KAAO,YACZD,KAAKH,QAAUX,OAAOgB,OAAOL,EAC/B,CACA,QAAIM,GACF,OAAOH,KAAKH,QAAQM,IACtB,CACA,SAAIJ,GACF,OAAOC,KAAKH,QAAQE,KACtB,CACA,UAAI5C,GACF,OAAO6C,KAAKH,QAAQ1C,MACtB,CACA,QAAIiD,GACF,OAAOJ,KAAKH,QAAQO,IACtB,CACA,UAAIC,GACF,OAAOL,KAAKH,QAAQQ,MACtB,CACA,iBAAIC,GACF,OAAON,KAAKH,QAAQS,aACtB,EAgBF,MAAMC,EAAwB,CAC5BC,QAdF,WACE,MAAMC,EAAKC,WAAmBC,MAC9B,MAAiB,mBAANF,EACFA,EAAEG,KAAKF,YAGTG,UACL,MAAM,IAAIlB,MACR,4FAGN,CAGWmB,GACTC,QAAS,+BACTC,eAjVgB,IAkVhB1F,QAAS,KACT2F,iBAAkB,YAClBC,kBAAmB,cAqDrB,MAAMC,EAAuBN,MAC3BO,EACAzC,EACA0C,EAAoB,CAAA,IAEbD,EAAME,OAAOd,QAClB7B,EAbJ,SAAoB0C,EAAmBE,GACrC,MAAMC,EAAU,IAAIC,QAAQJ,EAAKG,SAEjC,OADAA,EAAQ5D,IAAI,gBAAiB,UAAU2D,KAChC,IAAKF,EAAMG,UACpB,CAUIE,CAAWL,EAAMD,EAAMO,OAAO9E,cAK5B+E,EAAkCf,MACtCO,EACAzC,EACA0C,EAAoB,CAAA,KAEhBQ,EAAUT,UACNU,EAAQV,GAGhB,IAAIW,QAAYZ,EAAqBC,EAAOzC,EAAO0C,GAEnD,OAAmB,MAAfU,EAAI5E,QACJiE,EAAMY,gBAEJF,EAAQV,GACdW,QAAYZ,EAAqBC,EAAOzC,EAAO0C,IAJhBU,GAS3BE,EAAoBpB,MAAOkB,IAC/B,GAAmB,MAAfA,EAAI5E,OAAgB,OAExB,MAAM+E,EAAOxD,QAhFfmC,eAA4BkB,GAC1B,MAAMI,EAAcJ,EAAIP,QAAQY,IAAI,iBAAmB,GACvD,IACGD,EAAYE,SAAS,sBACrBF,EAAYE,SAAS,SAEtB,OAAO,KACT,IACE,aAAaN,EAAIG,MACnB,CAAE,MACA,OAAO,IACT,CACF,CAoEkCI,CAAaP,IAE7C,IAAKA,EAAIQ,GACP,MAAM,IAAI7C,EA5Dd,SAAwBqC,EAAeG,GACrC,OA7BF,SAAuBH,GAErB,OADoBA,EAAIP,QAAQY,IAAI,iBAAmB,IACpCC,SAAS,2BAC9B,CA2BIG,CAAcT,IACdG,GACgB,iBAATA,GACc,iBAAdA,EAAK/B,MACU,iBAAf+B,EAAKnC,OACW,iBAAhBmC,EAAK/E,OAEL+E,EAlBX,SAA0BH,EAAe1B,GACvC,MAAO,CACLF,KAAM,cACNJ,MAAOgC,EAAIU,YAAc,iBACzBtF,OAAQ4E,EAAI5E,OACZkD,OAA0B,iBAAXA,EAAsBA,OAASqC,EAElD,CAaSC,CAAiBZ,EAAKG,EAC/B,CAgDwBU,CAAeb,EAAKG,IAG1C,OAAOA,GAGHW,EAA4BhC,MAChCO,EACAzC,EACA0C,EAAoB,CAAA,KAEpB,MAAMU,QAAYH,EAAgCR,EAAOzC,EAAO0C,GAChE,OAAOY,EAAkBF,IAIrBe,EAAYjC,OACdL,UAASO,WACXgC,EACAC,EAAgC,MAEhC,MAAMC,EAAK,IAAIC,gBACbzD,EAAauD,IACbG,WACIC,EAAMH,EAAK,GAAGlC,IAAUgC,KAAQE,IAAO,GAAGlC,IAAUgC,IACpDhB,QAAYvB,EAAQ4C,EAAK,CAC7BC,OAAQ,MACR7B,QAAS,CACP8B,OAAQ,sBAGZ,OAAOrB,EAAkBF,IAIrBwB,EAAa1C,OACfL,UAASO,WACXgC,EACAS,KAEA,MAAMzB,QAAYvB,EAAQ,GAAGO,IAAUgC,IAAQ,CAC7CM,OAAQ,OACR7B,QAAS,CACP8B,OAAQ,mBACR,eAAgB,oBAElBE,KAAM/H,KAAKO,UAAUyD,EAAa+D,MAEpC,OAAOvB,EAAkBF,IAGrBF,EAAaT,IACjB,MAAMqC,EAAQC,KAAKC,IACjBD,KAAKE,IAAIxC,EAAME,OAAON,eAAgB,GACtC,KAEF,OAAO6C,KAAKC,OAAS1C,EAAMO,OAAOnF,UAAYiH,GAG1C3B,EAAUjB,MAAOO,IACrB,IAAIA,EAAMY,QAAV,CAEKZ,EAAM2C,iBACT3C,EAAM2C,eAiEVlD,eAAyBO,GACvB,MAAMZ,QAAEA,EAAOO,QAAEA,GAAYK,EAAME,OAE7BS,QAAYvB,EAAQ,GAAGO,iBAAwB,CACnDsC,OAAQ,OACR7B,QAAS,CACP8B,OAAQ,mBACR,eAAgB,oBAElBE,KAAM/H,KAAKO,UACTyD,EAAa,CAAE3C,aAAcsE,EAAMO,OAAO7E,kBAI9C,IAAIoF,EACJ,IACEA,QAAaD,EAAkBF,EACjC,CAAE,MAAOiC,GAIP,MAHK5C,EAAMY,SAAWiC,EAA2BD,IAC/C9F,EAAsBkD,EAAO,kBAAmB4C,GAE5CA,CACR,CAEA,MAAMrC,EAASuC,EAAgBhC,GAC/Bd,EAAMO,OAASA,EAEf,MAAMrG,EAAUN,EAAeoG,EAAME,OAAOhG,SAC5Ca,EAAmBb,EAAS8F,EAAME,OAAOL,iBAAkBU,GAE3DzD,EAAsBkD,EAAO,UAAWO,EAC1C,CAhG2BwC,CAAU/C,IAGnC,UACQA,EAAM2C,cACd,SACE3C,EAAM2C,eAAiB,IACzB,CAVmB,GAafE,EAA8BD,GAC3BA,aAAatE,GAA0B,MAAbsE,EAAE7G,OAuC/B+G,EAAmBvC,IACvB,MAAM5E,EAAwC,iBAArB4E,EAAO5E,UAAyB4E,EAAO5E,UAAY,EAC5E,MAAO,IACF4E,EACHnF,UAAWqH,KAAKC,MAAoB,IAAZ/G,IAItBqH,EAAoBC,IACjB,IACFA,EACH1H,cAAekH,KAAKC,QAqCxBjD,eAAeyD,EAAiBlD,GAC9B,MAAMiD,EAAUD,OApFFvD,OACdO,EACA2B,EACAC,EAAgC,CAAA,KAEhC,MAAMC,EAAK,IAAIC,gBACbzD,EAAauD,IACbG,WACIpC,EAAUK,EAAME,OAAOP,QACvBqC,EAAMH,EAAK,GAAGlC,IAAUgC,KAAQE,IAAO,GAAGlC,IAAUgC,IAC1D,aAAaF,EAA0BzB,EAAOgC,EAAK,CACjDC,OAAQ,MACR7B,QAAS,CACP8B,OAAQ,uBAuE2BiB,CAAQnD,EAAO,WAAY,CAAA,IAClEA,EAAMiD,QAAUA,EAGhB5H,EADgBzB,EAAeoG,EAAME,OAAOhG,SACf8F,EAAME,OAAOJ,kBAAmBmD,GAE7DnG,EAAsBkD,EAAO,gBAAiBiD,EAChD,CAEA,MAAMG,EAAgCtC,IAC7B,CACLP,OAAQuC,EAAgBhC,EAAKP,QAC7B0C,QAASD,EAAiBlC,EAAKmC,iBAStBI,EACX,WAAA7E,CAAY8E,EAAyBpD,GACnC,MAAMqD,EAAS,IAAKpE,KAAkBe,GAEhCF,EAAsB,IACvBsD,EACHpD,OAAQqD,EACRZ,eAAgB,KAChBa,eAAgB,KAChB5C,SAAS,IApdf,SAAyB1E,EAAsB8D,GAC5C9D,EAAgB3C,GAAiByG,CACpC,CAqdIyD,CAAgB7E,KAAMoB,GAEtB,MAAM9F,EAAUN,EAAe2J,EAAOrJ,SACtCa,EAAmBb,EAASqJ,EAAO1D,iBAAkBG,EAAMO,QAEvDP,EAAMiD,SAER5H,EAAoBnB,EAASqJ,EAAOzD,kBAAmBE,EAAMiD,QAEjE,CAOA,KAAAS,GACE,MAAM1D,EAAQ/D,EAAgB2C,OAxiBlC,SAAmBsB,GACjB,MAAMhG,EAAUN,EAAesG,EAAOhG,SACtCW,EAAUX,EAASgG,EAAOJ,mBAC1BjF,EAAUX,EAASgG,EAAOL,iBAC5B,CAqiBI8D,CAAU3D,EAAME,QAChBF,EAAMY,SAAU,CAClB,CAEA,UAAIL,GACF,OAAOtE,EAAgB2C,MAAM2B,MAC/B,CAEA,WAAI0C,GACF,OAAOhH,EAAgB2C,MAAMqE,OAC/B,CAEA,MAAAW,GACE,MAAM5D,EAAQ/D,EAAgB2C,MAC9B,MAAO,CAAE2B,OAAQP,EAAMO,OAAQ0C,QAASjD,EAAMiD,QAChD,CAMA,eAAOY,CACLP,EACApD,GAEA,OAAO,IAAImD,EAAYC,EAASpD,EAClC,CAMA,SAAAO,GACE,OAAOA,EAAUxE,EAAgB2C,MACnC,CAiBA,WAAMW,CAAMyC,EAAmB/B,EAAoB,IACjD,OAAOO,EAAgCvE,EAAgB2C,MAAOoD,EAAK/B,EACrE,CAOA,aAAMS,GACJ,OAAOA,EAAQzE,EAAgB2C,MACjC,CAgBA,oBAAMkF,GACJ,MAAM9D,EAAQ/D,EAAgB2C,MAC9B,IAAIoB,EAAMY,QAAV,CAKKZ,EAAMwD,iBACTxD,EAAMwD,eAAiBN,EAAiBlD,IAG1C,UACQA,EAAMwD,cACd,SACExD,EAAMwD,eAAiB,IACzB,CAVA,CAWF,CAQA,2BAAMO,QA1NStE,OACfO,EACA2B,EACAS,KAEA,MAAMzC,EAAUK,EAAME,OAAOP,QAC7B,aAAa8B,EAA0BzB,EAAO,GAAGL,IAAUgC,IAAQ,CACjEM,OAAQ,OACR7B,QAAS,CACP8B,OAAQ,mBACR,eAAgB,oBAElBE,KAAM/H,KAAKO,UAAUyD,EAAa+D,OA+M5B4B,CAAS/H,EAAgB2C,MAAO,gCAAiC,CAAA,EACzE,QAeWqF,EACX,WAAAzF,CAAY0B,GAzlBd,IAAsB9D,EAAQ4D,EAAR5D,EA0lBLwC,KA1lBaoB,EA0lBP,CACjBE,OAAQ,IAAKf,KAAkBe,GAC/BzD,UAAW,CAAA,GA3lBdL,EAAW1C,GAAcsG,CA6lB1B,CAaA,WAAI9D,GACF,OAAsB0C,KAvmBLnF,IAAiB,IAwmBpC,CAOA,aAAAyK,CAAcZ,GACZ,MAAMpH,EAAU,IAAImH,EAAYC,EAASnH,EAAayC,MAAMsB,QAE5D,OADA7D,EAAeuC,KAAM1C,GACdA,CACT,CAcA,cAAAiI,GACE,MAAMjE,EAAS/D,EAAayC,MAAMsB,OAC5BhG,EAAUN,EAAesG,EAAOhG,SACtC,IAAKA,EAAS,OAAO,KAErB,MAAMkK,EAAYnK,EAAkBC,EAASgG,EAAOL,kBAC9CU,EAASpF,EAAgBiJ,GAAaA,EAAY,KAElDC,EAAapK,EAAkBC,EAASgG,EAAOJ,mBAC/CmD,EAAU3H,EAAiB+I,GAAcA,EAAa,KAE5D,IAAK9D,IAAW0C,EAGd,OAFApI,EAAUX,EAASgG,EAAOL,kBAC1BhF,EAAUX,EAASgG,EAAOJ,mBACnB,KAGT,MAAM5D,EAAU,IAAImH,EAAY,CAAE9C,SAAQ0C,WAAW/C,GAErD,OADA7D,EAAeuC,KAAM1C,GACdA,CACT,CAKA,EAAAoI,CAAiC/H,EAAUG,GACzC,MAAMD,EAAYN,EAAayC,MAAMnC,UAC/BD,EAAQC,EAAUF,KAAVE,EAAUF,GAAuB,IAAIgI,KAInD,OADA/H,EAAIgI,IAAI9H,GACD,IAAMF,EAAIiI,OAAO/H,EAC1B,CAOA,kBAAMgI,CAAa9C,GAIjB,MAAM1B,EAAS/D,EAAayC,MAAMsB,OAC5BoD,EAAUF,QACR1B,EAAUxB,EAAQ,sBAAuB0B,IAE3C1F,EAAU,IAAImH,EAAYC,EAASpD,GAEzC,OADA7D,EAAeuC,KAAM1C,GACdA,CACT,CAOA,gBAAMyI,CAAWvC,GASf,OAAOD,EAAWhG,EAAayC,MAAMsB,OAAQ,oBAAqBkC,EACpE,CAOA,iBAAMwC,GACJ,OAAOlD,EAAUvF,EAAayC,MAAMsB,OAAQ,qBAC9C,CAOA,eAAM2E,GACJ,OAAOnD,EAAUvF,EAAayC,MAAMsB,OAAQ,mBAC9C,CAOA,YAAM4E,CAAO1C,GAMX,MAAMlC,EAAS/D,EAAayC,MAAMsB,OAC5BoD,EAAUF,QACRjB,EAAWjC,EAAQ,gBAAiBkC,IAGtClG,EAAU,IAAImH,EAAYC,EAASpD,GAEzC,OADA7D,EAAeuC,KAAM1C,GACdA,CACT,CAOA,qBAAM6I,CAAgB5E,GACpB,MAAMD,EAAS/D,EAAayC,MAAMsB,OAC5BoD,EAAUF,QACR1B,EAAUxB,EAAQ,2BAA4B,CAClDC,WAIEjE,EAAU,IAAImH,EAAYC,EAASpD,GAEzC,OADA7D,EAAeuC,KAAM1C,GACdA,CACT,CAOA,YAAM8I,CAAO5C,GAMX,MAAMlC,EAAS/D,EAAayC,MAAMsB,OAC5BoD,EAAUF,QACRjB,EAAWjC,EAAQ,gBAAiBkC,IAGtClG,EAAU,IAAImH,EAAYC,EAASpD,GAEzC,OADA7D,EAAeuC,KAAM1C,GACdA,CACT,CAKA,mBAAM+I,CAAc7C,GAIlB,OAAOD,EAAWhG,EAAayC,MAAMsB,OAAQ,uBAAwBkC,EACvE,CAKA,mBAAM8C,CAAc9C,GAKlB,OAAOD,EAAWhG,EAAayC,MAAMsB,OAAQ,wBAAyBkC,EACxE,CAKA,uBAAM+C,CAAkB/C,GAKtB,OAAOD,EACLhG,EAAayC,MAAMsB,OACnB,4BACAkC,EAEJ"}
|
package/dist/types/auth.d.ts
CHANGED
|
@@ -1,38 +1,25 @@
|
|
|
1
|
-
import type { Authentication, ClientId, EmailCheckStatus, LoginMethod, ProblemDetails, SessionProfile, SessionTokens,
|
|
1
|
+
import type { Authentication, ClientId, EmailCheckStatus, LoginMethod, ProblemDetails, SessionProfile, SessionTokens, StorageLike } from "./types";
|
|
2
2
|
type StorageConfig = StorageLike | "localStorage" | null | undefined;
|
|
3
3
|
type FetchFn = (input: RequestInfo | URL, init?: RequestInit) => Promise<Response>;
|
|
4
4
|
type Config = {
|
|
5
5
|
baseUrl: string;
|
|
6
6
|
earlyRefreshMs: number;
|
|
7
7
|
fetchFn: FetchFn;
|
|
8
|
-
onRefresh?: (tokens: SessionTokens) => void | Promise<void>;
|
|
9
|
-
onProfileRefetch?: (profile: SessionProfile) => void | Promise<void>;
|
|
10
|
-
onUnauthenticated?: (e: AuthError) => void | Promise<void>;
|
|
11
8
|
profileStorageKey: string;
|
|
12
9
|
storage: StorageConfig;
|
|
13
10
|
tokensStorageKey: string;
|
|
14
11
|
};
|
|
12
|
+
type AuthEventMap = {
|
|
13
|
+
refresh: SessionTokens;
|
|
14
|
+
profileChange: SessionProfile;
|
|
15
|
+
unauthenticated: AuthError;
|
|
16
|
+
sessionChange: AuthSession | null;
|
|
17
|
+
};
|
|
15
18
|
/**
|
|
16
|
-
*
|
|
17
|
-
*
|
|
18
|
-
* Always thrown on non-2xx responses from auth endpoints. Contains structured ProblemDetails
|
|
19
|
-
* from the server when available.
|
|
20
|
-
*
|
|
21
|
-
* Most 400 errors will also contain `invalidParams` for parameters that caused
|
|
22
|
-
* the error, which can be used to display field-level validation messages.
|
|
19
|
+
* AuthError represents structured authentication failures from Accountmaker endpoints.
|
|
23
20
|
*
|
|
24
|
-
*
|
|
25
|
-
*
|
|
26
|
-
*
|
|
27
|
-
* Note that HTTP error codes are distinctly:
|
|
28
|
-
* - 400: Client error (bad request, invalid input, etc.)
|
|
29
|
-
* - 401: Unauthenticated (we don't know who you are)
|
|
30
|
-
* - 402: Payment required (e.g. billing issue)
|
|
31
|
-
* - 403: Unauthorized (we know who you are, but you don't have permission)
|
|
32
|
-
* - 404: Not found
|
|
33
|
-
* - 409: Conflict (email already registered, user already invited, etc.)
|
|
34
|
-
* - 429: Too many requests (rate limiting)
|
|
35
|
-
* - 500: Internal server error (server's fault)
|
|
21
|
+
* AuthError wraps RFC 7807 Problem Details. invalidParams may be present for field-level validation.
|
|
22
|
+
* Network failures throw other error types.
|
|
36
23
|
*
|
|
37
24
|
* Also note that the `type` field often contains a URI that points to documentation about the
|
|
38
25
|
* specific error type, including how to resolve it, code samples, and links to the RFCs or other
|
|
@@ -55,6 +42,16 @@ type Config = {
|
|
|
55
42
|
* }
|
|
56
43
|
* }
|
|
57
44
|
* ```
|
|
45
|
+
*
|
|
46
|
+
* Note that HTTP error codes are distinctly:
|
|
47
|
+
* - 400: Client error (bad request, invalid input, etc.)
|
|
48
|
+
* - 401: Unauthenticated (we don't know who you are)
|
|
49
|
+
* - 402: Payment required (e.g. billing issue)
|
|
50
|
+
* - 403: Unauthorized (we know who you are, but you don't have permission)
|
|
51
|
+
* - 404: Not found
|
|
52
|
+
* - 409: Conflict (email already registered, user already invited, etc.)
|
|
53
|
+
* - 429: Too many requests (rate limiting)
|
|
54
|
+
* - 500: Internal server error (server's fault)
|
|
58
55
|
*/
|
|
59
56
|
export declare class AuthError extends Error {
|
|
60
57
|
readonly problem: ProblemDetails;
|
|
@@ -67,45 +64,20 @@ export declare class AuthError extends Error {
|
|
|
67
64
|
get invalidParams(): ProblemDetails["invalidParams"] | undefined;
|
|
68
65
|
}
|
|
69
66
|
/**
|
|
70
|
-
*
|
|
67
|
+
* AuthSession represents an authenticated user with automatic token refresh and persisted state.
|
|
71
68
|
*
|
|
72
|
-
*
|
|
73
|
-
* requests.
|
|
74
|
-
*
|
|
75
|
-
* Features:
|
|
76
|
-
* - session.fetch() will always use a valid access token (refreshing automatically)
|
|
77
|
-
* - All non-2xx responses throw AuthError
|
|
78
|
-
* - Tokens and profile are automatically persisted to storage (if configured)
|
|
69
|
+
* AuthSession owns tokens, profile data, refresh logic, and authenticated requests.
|
|
79
70
|
*/
|
|
80
71
|
export declare class AuthSession {
|
|
81
72
|
constructor(initial: Authentication, config: Partial<Config>);
|
|
82
|
-
/**
|
|
83
|
-
* Restores an AuthSession from persisted storage. Returns null if no valid session
|
|
84
|
-
* is found.
|
|
85
|
-
*
|
|
86
|
-
* @example
|
|
87
|
-
* ```ts
|
|
88
|
-
* const session = AuthSession.restoreSession();
|
|
89
|
-
* if (session) {
|
|
90
|
-
* console.log("Restored session for user:", session.profile);
|
|
91
|
-
* } else {
|
|
92
|
-
* console.log("No valid session found.");
|
|
93
|
-
* }
|
|
94
|
-
* ```
|
|
95
|
-
*/
|
|
96
|
-
static restoreSession(config?: Partial<Config>): AuthSession | null;
|
|
97
73
|
/**
|
|
98
74
|
* Removes all persisted data (tokens, profile) from storage, and prevents future
|
|
99
|
-
*
|
|
75
|
+
* refreshes of token and profile data. Does NOT clear current token or profile data from the
|
|
100
76
|
* session memory, but effectively deactivates the session for future use.
|
|
101
77
|
*/
|
|
102
78
|
clear(): void;
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
idToken(): string | undefined;
|
|
106
|
-
expiresIn(): number;
|
|
107
|
-
expiresAt(): Date;
|
|
108
|
-
profile(): SessionProfile | null;
|
|
79
|
+
get tokens(): SessionTokens;
|
|
80
|
+
get profile(): SessionProfile;
|
|
109
81
|
toJSON(): Authentication;
|
|
110
82
|
/**
|
|
111
83
|
* Creates an AuthSession from existing authentication data. Useful for restoring
|
|
@@ -118,38 +90,31 @@ export declare class AuthSession {
|
|
|
118
90
|
*/
|
|
119
91
|
isExpired(): boolean;
|
|
120
92
|
/**
|
|
121
|
-
*
|
|
122
|
-
* session's access token. Any service can validate the token against Am's public
|
|
123
|
-
* keys at https://api.accountmaker.com/.well-known/jwks.json?client_id={clientId}
|
|
124
|
-
*
|
|
125
|
-
* Automatically:
|
|
126
|
-
* - Adds Authorization header
|
|
127
|
-
* - Refreshes token if expired
|
|
128
|
-
* - Retries once on 401 if refresh succeeds
|
|
129
|
-
*
|
|
130
|
-
* Assumes the response is JSON and parses it. Throws AuthError on non-2xx responses.
|
|
93
|
+
* Performs standard fetch() with a Bearer token and automatic refresh.
|
|
131
94
|
*
|
|
132
|
-
*
|
|
133
|
-
*
|
|
95
|
+
* Returns Response, does not parse the body, does not throw for HTTP status codes.
|
|
96
|
+
* Throws AuthError when refresh fails, trows runtime errors on network failure.
|
|
134
97
|
*
|
|
135
98
|
* @example
|
|
136
99
|
* ```ts
|
|
137
|
-
* const res = await session.fetch(
|
|
100
|
+
* const res = await session.fetch("/api/projects");
|
|
138
101
|
* const projects = await res.json();
|
|
139
102
|
* ```
|
|
140
103
|
*
|
|
141
|
-
*
|
|
142
|
-
*
|
|
104
|
+
* Any service can validate tokens using:
|
|
105
|
+
* https://api.accountmaker.com/.well-known/jwks.json?client_id={clientId}
|
|
143
106
|
*/
|
|
144
|
-
fetch(url: string | URL, init?: RequestInit): Promise<
|
|
107
|
+
fetch(url: string | URL, init?: RequestInit): Promise<Response>;
|
|
145
108
|
/**
|
|
146
|
-
*
|
|
147
|
-
*
|
|
148
|
-
*
|
|
109
|
+
* Replaces the access token using the refresh token.
|
|
110
|
+
*
|
|
111
|
+
* It is called automatically by all other methods when the access token is expired or near expiry.
|
|
149
112
|
*/
|
|
150
113
|
refresh(): Promise<void>;
|
|
151
114
|
/**
|
|
152
|
-
*
|
|
115
|
+
* refetchProfile() replaces the cached profile with server state.
|
|
116
|
+
*
|
|
117
|
+
* Concurrent calls are deduplicated.
|
|
153
118
|
*
|
|
154
119
|
* @example
|
|
155
120
|
* ```ts
|
|
@@ -162,29 +127,19 @@ export declare class AuthSession {
|
|
|
162
127
|
*/
|
|
163
128
|
refetchProfile(): Promise<void>;
|
|
164
129
|
/**
|
|
165
|
-
*
|
|
166
|
-
* called by the currently authenticated user or an account admin.
|
|
130
|
+
* Requests a verification email for the current user.
|
|
167
131
|
*
|
|
168
132
|
* Throws AuthError on network errors, etc.
|
|
169
133
|
* @throws AuthError
|
|
170
134
|
*/
|
|
171
135
|
sendVerificationEmail(): Promise<void>;
|
|
172
|
-
/**
|
|
173
|
-
* Fetches a user by ID.
|
|
174
|
-
*
|
|
175
|
-
* Throws AuthError on invalid user ID, network errors, etc.
|
|
176
|
-
* @throws AuthError
|
|
177
|
-
*/
|
|
178
|
-
user(id: UserId): Promise<UserResource>;
|
|
179
136
|
}
|
|
180
137
|
/**
|
|
181
|
-
*
|
|
182
|
-
* invite acceptance, and other unauthenticated actions.
|
|
138
|
+
* Am runs authentication flows and produces AuthSession.
|
|
183
139
|
*
|
|
184
|
-
*
|
|
185
|
-
* for all subsequent authenticated requests.
|
|
140
|
+
* Use Am before a session exists (sign-in, sign-up, magic link, invites, password reset, CSRF).
|
|
186
141
|
*
|
|
187
|
-
*
|
|
142
|
+
* @example
|
|
188
143
|
* ```ts
|
|
189
144
|
* const am = new Am();
|
|
190
145
|
* const session = await am.signIn({ email: 'user@example.com', password: 'secret' });
|
|
@@ -192,68 +147,55 @@ export declare class AuthSession {
|
|
|
192
147
|
* ```
|
|
193
148
|
*/
|
|
194
149
|
export declare class Am {
|
|
195
|
-
private options;
|
|
196
150
|
constructor(config?: Partial<Config>);
|
|
197
151
|
/**
|
|
198
|
-
*
|
|
199
|
-
*
|
|
152
|
+
* session returns the current AuthSession or null.
|
|
153
|
+
*
|
|
154
|
+
* Use restoreSession() to load from storage.
|
|
155
|
+
*
|
|
156
|
+
* @example
|
|
157
|
+
* ```ts
|
|
158
|
+
* const session = am.session;
|
|
159
|
+
* if (!session) throw new Error("Not authenticated");
|
|
160
|
+
* ```
|
|
200
161
|
*/
|
|
201
|
-
|
|
162
|
+
get session(): AuthSession | null;
|
|
202
163
|
/**
|
|
203
|
-
*
|
|
204
|
-
*
|
|
164
|
+
* Constructs AuthSession from existing tokens and profile.
|
|
165
|
+
*
|
|
166
|
+
* Use this after a server-side auth handshake or custom persistence.
|
|
205
167
|
*/
|
|
206
|
-
|
|
168
|
+
createSession(initial: Authentication): AuthSession;
|
|
207
169
|
/**
|
|
208
|
-
*
|
|
209
|
-
* containing fresh tokens and profile. Tokens are automatically persisted (if
|
|
210
|
-
* storage is enabled).
|
|
170
|
+
* restoreSession loads AuthSession from storage or returns null.
|
|
211
171
|
*
|
|
212
|
-
*
|
|
213
|
-
*
|
|
172
|
+
* Invalid or partial stored data is cleared.
|
|
173
|
+
*
|
|
174
|
+
* @example
|
|
175
|
+
* ```ts
|
|
176
|
+
* const am = new Am({ storage: 'localStorage' });
|
|
177
|
+
* const session = am.restoreSession();
|
|
178
|
+
* if (session) session.fetch("/api/me");
|
|
179
|
+
* ```
|
|
214
180
|
*/
|
|
215
|
-
|
|
216
|
-
clientId: ClientId;
|
|
217
|
-
token: string;
|
|
218
|
-
}, config?: Partial<Config>): Promise<AuthSession>;
|
|
181
|
+
restoreSession(): AuthSession | null;
|
|
219
182
|
/**
|
|
220
|
-
*
|
|
221
|
-
|
|
222
|
-
|
|
183
|
+
* Subscribes to auth events and returns an unsubscribe function.
|
|
184
|
+
*/
|
|
185
|
+
on<K extends keyof AuthEventMap>(event: K, fn: (v: AuthEventMap[K]) => void): () => boolean;
|
|
186
|
+
/**
|
|
187
|
+
* acceptInvite exchanges an invite token for a fresh AuthSession.
|
|
223
188
|
*
|
|
224
|
-
* Throws AuthError on invalid or
|
|
225
|
-
* @throws AuthError
|
|
189
|
+
* Throws AuthError on invalid, expired, or already-used tokens.
|
|
226
190
|
*/
|
|
227
191
|
acceptInvite(query: {
|
|
228
192
|
clientId: ClientId;
|
|
229
193
|
token: string;
|
|
230
194
|
}): Promise<AuthSession>;
|
|
231
195
|
/**
|
|
232
|
-
*
|
|
233
|
-
* email is associated with an active account, and what login methods are preferred and
|
|
234
|
-
* available for that user. This can be used to enforce login expierences for enterprise SSO or
|
|
235
|
-
* to prefer passwordless login methods.
|
|
236
|
-
*
|
|
237
|
-
* Throws AuthError on invalid client ID, network errors, etc.
|
|
238
|
-
* @throws AuthError
|
|
239
|
-
*/
|
|
240
|
-
static checkEmail(body: {
|
|
241
|
-
clientId: ClientId;
|
|
242
|
-
email: string;
|
|
243
|
-
csrfToken?: string;
|
|
244
|
-
}, config?: Partial<Config>): Promise<{
|
|
245
|
-
status: EmailCheckStatus;
|
|
246
|
-
preferred: LoginMethod[];
|
|
247
|
-
available: LoginMethod[];
|
|
248
|
-
}>;
|
|
249
|
-
/**
|
|
250
|
-
* Checks the status of an email address for authentication purposes. Indicates whether the
|
|
251
|
-
* email is associated with an active account, and what login methods are preferred and
|
|
252
|
-
* available for that user. This can be used to enforce login expierences for enterprise SSO or
|
|
253
|
-
* to prefer passwordless login methods.
|
|
196
|
+
* checkEmail returns how an email should authenticate for this client.
|
|
254
197
|
*
|
|
255
|
-
*
|
|
256
|
-
* @throws AuthError
|
|
198
|
+
* Use this to choose password vs magic link vs SSO before rendering a login form.
|
|
257
199
|
*/
|
|
258
200
|
checkEmail(body: {
|
|
259
201
|
clientId: ClientId;
|
|
@@ -265,66 +207,25 @@ export declare class Am {
|
|
|
265
207
|
available: LoginMethod[];
|
|
266
208
|
}>;
|
|
267
209
|
/**
|
|
268
|
-
*
|
|
269
|
-
* to get the signed token to include in the form. When the form is submitted, the server
|
|
270
|
-
* will verify the signed token against the session cookie. This prevents a certain class
|
|
271
|
-
* of CSRF attacks that rely on being able to read values from the target site.
|
|
272
|
-
*/
|
|
273
|
-
static csrfSession(config?: Partial<Config>): Promise<{
|
|
274
|
-
csrfToken: string;
|
|
275
|
-
}>;
|
|
276
|
-
/**
|
|
277
|
-
* When called, sets a httpOnly CSRF session cookie. Then when rendering a form, call csrfToken()
|
|
278
|
-
* to get the signed token to include in the form. When the form is submitted, the server
|
|
279
|
-
* will verify the signed token against the session cookie. This prevents a certain class
|
|
280
|
-
* of CSRF attacks that rely on being able to read values from the target site.
|
|
281
|
-
*/
|
|
282
|
-
csrfSession(): Promise<{
|
|
283
|
-
csrfToken: string;
|
|
284
|
-
}>;
|
|
285
|
-
/**
|
|
286
|
-
* Fetches a signed CSRF token for use in forms. Call csrfSession() first to set a httpOnly CSRF
|
|
287
|
-
* session cookie, then call this method to get the signed token, then include the token in your
|
|
288
|
-
* form submissions. When the form is submitted, the server will verify the signed token against
|
|
289
|
-
* the httpOnly session cookie. This prevents a certain class of CSRF attacks that rely on being
|
|
290
|
-
* able to read values from the target site.
|
|
210
|
+
* Sets the httpOnly CSRF cookie.
|
|
291
211
|
*
|
|
292
|
-
*
|
|
212
|
+
* Call csrfToken() next to fetch a signed token for form posts.
|
|
293
213
|
*/
|
|
294
|
-
|
|
214
|
+
csrfSession(): Promise<{
|
|
295
215
|
csrfToken: string;
|
|
296
216
|
}>;
|
|
297
217
|
/**
|
|
298
|
-
*
|
|
299
|
-
* session cookie, then call this method to get the signed token, then include the token in your
|
|
300
|
-
* form submissions. When the form is submitted, the server will verify the signed token against
|
|
301
|
-
* the httpOnly session cookie. This prevents a certain class of CSRF attacks that rely on being
|
|
302
|
-
* able to read values from the target site.
|
|
218
|
+
* Returns a signed CSRF token for form posts.
|
|
303
219
|
*
|
|
304
|
-
*
|
|
220
|
+
* Call csrfSession() first to set the CSRF cookie.
|
|
305
221
|
*/
|
|
306
222
|
csrfToken(): Promise<{
|
|
307
223
|
csrfToken: string;
|
|
308
224
|
}>;
|
|
309
225
|
/**
|
|
310
|
-
*
|
|
311
|
-
* Tokens are automatically persisted (if storage is enabled).
|
|
312
|
-
*
|
|
313
|
-
* Throws AuthError on invalid credentials, unverified email, etc.
|
|
314
|
-
* @throws AuthError
|
|
315
|
-
*/
|
|
316
|
-
static signIn(body: {
|
|
317
|
-
clientId: ClientId;
|
|
318
|
-
email: string;
|
|
319
|
-
password: string;
|
|
320
|
-
csrfToken?: string;
|
|
321
|
-
}, config?: Partial<Config>): Promise<AuthSession>;
|
|
322
|
-
/**
|
|
323
|
-
* On success, returns an AuthSession containing fresh tokens and profile.
|
|
324
|
-
* Tokens are automatically persisted (if storage is enabled).
|
|
226
|
+
* Authenticates with email and password and returns a new AuthSession.
|
|
325
227
|
*
|
|
326
|
-
*
|
|
327
|
-
* @throws AuthError
|
|
228
|
+
* Tokens and profile are persisted when storage is configured.
|
|
328
229
|
*/
|
|
329
230
|
signIn(body: {
|
|
330
231
|
clientId: ClientId;
|
|
@@ -333,62 +234,15 @@ export declare class Am {
|
|
|
333
234
|
csrfToken?: string;
|
|
334
235
|
}): Promise<AuthSession>;
|
|
335
236
|
/**
|
|
336
|
-
* Authenticates
|
|
337
|
-
*
|
|
338
|
-
* On success, returns an AuthSession containing fresh tokens and profile.
|
|
339
|
-
* Tokens are automatically persisted (if storage is enabled).
|
|
340
|
-
*
|
|
341
|
-
* Throws AuthError on invalid or expired token, etc.
|
|
342
|
-
* @throws AuthError
|
|
343
|
-
*/
|
|
344
|
-
static signInWithToken(token: string, config?: Partial<Config>): Promise<AuthSession>;
|
|
345
|
-
/**
|
|
346
|
-
* Authenticates using a one-time token (e.g., magic link or invite token).
|
|
237
|
+
* Authenticates with a one-time token and returns a new AuthSession.
|
|
347
238
|
*
|
|
348
|
-
*
|
|
349
|
-
* Tokens are automatically persisted (if storage is enabled).
|
|
350
|
-
*
|
|
351
|
-
* Throws AuthError on invalid or expired token, etc.
|
|
352
|
-
* @throws AuthError
|
|
239
|
+
* Use this for magic links and similar one-time login flows.
|
|
353
240
|
*/
|
|
354
241
|
signInWithToken(token: string): Promise<AuthSession>;
|
|
355
242
|
/**
|
|
356
|
-
*
|
|
357
|
-
* persist tokens. Use AuthSession.refresh() to refresh and persist tokens in an
|
|
358
|
-
* existing session.
|
|
359
|
-
*
|
|
360
|
-
* Throws AuthError on invalid or expired refresh token, etc.
|
|
361
|
-
* @throws AuthError
|
|
362
|
-
*/
|
|
363
|
-
static refresh(refreshToken: string, config?: Partial<Config>): Promise<SessionTokens>;
|
|
364
|
-
/**
|
|
365
|
-
* Manually refreshes session tokens using the provided refresh token. Does NOT
|
|
366
|
-
* persist tokens. Use AuthSession.refresh() to refresh and persist tokens in an
|
|
367
|
-
* existing session.
|
|
368
|
-
*
|
|
369
|
-
* Throws AuthError on invalid or expired refresh token, etc.
|
|
370
|
-
* @throws AuthError
|
|
371
|
-
*/
|
|
372
|
-
refresh(refreshToken: string): Promise<SessionTokens>;
|
|
373
|
-
/**
|
|
374
|
-
* Successful registration immediately authenticates the user and returns an
|
|
375
|
-
* AuthSession. Tokens are automatically persisted (if storage is enabled).
|
|
376
|
-
*
|
|
377
|
-
* Throws AuthError on invalid data, existing email, etc.
|
|
378
|
-
* @throws AuthError
|
|
379
|
-
*/
|
|
380
|
-
static signUp(body: {
|
|
381
|
-
clientId: ClientId;
|
|
382
|
-
email: string;
|
|
383
|
-
password: string;
|
|
384
|
-
csrfToken?: string;
|
|
385
|
-
}, config?: Partial<Config>): Promise<AuthSession>;
|
|
386
|
-
/**
|
|
387
|
-
* Successful registration immediately authenticates the user and returns an
|
|
388
|
-
* AuthSession. Tokens are automatically persisted (if storage is enabled).
|
|
243
|
+
* Creates a new user and returns a new AuthSession.
|
|
389
244
|
*
|
|
390
|
-
*
|
|
391
|
-
* @throws AuthError
|
|
245
|
+
* Tokens and profile are persisted when storage is configured.
|
|
392
246
|
*/
|
|
393
247
|
signUp(body: {
|
|
394
248
|
clientId: ClientId;
|
|
@@ -397,45 +251,14 @@ export declare class Am {
|
|
|
397
251
|
csrfToken?: string;
|
|
398
252
|
}): Promise<AuthSession>;
|
|
399
253
|
/**
|
|
400
|
-
*
|
|
401
|
-
* the user's password is updated.
|
|
402
|
-
*
|
|
403
|
-
* Throws AuthError on invalid or expired token, weak password, etc.
|
|
404
|
-
* @throws AuthError
|
|
405
|
-
*/
|
|
406
|
-
static resetPassword(body: {
|
|
407
|
-
token: string;
|
|
408
|
-
newPassword: string;
|
|
409
|
-
}, config?: Partial<Config>): Promise<void>;
|
|
410
|
-
/**
|
|
411
|
-
* Completes a password reset using the token received via email. On success,
|
|
412
|
-
* the user's password is updated.
|
|
413
|
-
*
|
|
414
|
-
* Throws AuthError on invalid or expired token, weak password, etc.
|
|
415
|
-
* @throws AuthError
|
|
254
|
+
* Sets a new password using a one-time reset token.
|
|
416
255
|
*/
|
|
417
256
|
resetPassword(body: {
|
|
418
257
|
token: string;
|
|
419
258
|
newPassword: string;
|
|
420
259
|
}): Promise<void>;
|
|
421
260
|
/**
|
|
422
|
-
* Sends a
|
|
423
|
-
* passwordless authentication.
|
|
424
|
-
*
|
|
425
|
-
* Throws AuthError on invalid email format, etc.
|
|
426
|
-
* @throws AuthError
|
|
427
|
-
*/
|
|
428
|
-
static sendMagicLink(body: {
|
|
429
|
-
clientId: ClientId;
|
|
430
|
-
email: string;
|
|
431
|
-
csrfToken?: string;
|
|
432
|
-
}, config?: Partial<Config>): Promise<void>;
|
|
433
|
-
/**
|
|
434
|
-
* Sends a magic link email to the specified address. A magic link allows
|
|
435
|
-
* passwordless authentication.
|
|
436
|
-
*
|
|
437
|
-
* Throws AuthError on invalid email format, etc.
|
|
438
|
-
* @throws AuthError
|
|
261
|
+
* Sends a one-time sign-in link to an email address.
|
|
439
262
|
*/
|
|
440
263
|
sendMagicLink(body: {
|
|
441
264
|
clientId: ClientId;
|
|
@@ -443,21 +266,7 @@ export declare class Am {
|
|
|
443
266
|
csrfToken?: string;
|
|
444
267
|
}): Promise<void>;
|
|
445
268
|
/**
|
|
446
|
-
* Sends a password reset
|
|
447
|
-
*
|
|
448
|
-
* Throws AuthError on invalid email format, etc.
|
|
449
|
-
* @throws AuthError
|
|
450
|
-
*/
|
|
451
|
-
static sendPasswordReset(body: {
|
|
452
|
-
clientId: ClientId;
|
|
453
|
-
email: string;
|
|
454
|
-
csrfToken?: string;
|
|
455
|
-
}, config?: Partial<Config>): Promise<void>;
|
|
456
|
-
/**
|
|
457
|
-
* Sends a password reset email to the specified address.
|
|
458
|
-
*
|
|
459
|
-
* Throws AuthError on invalid email format, etc.
|
|
460
|
-
* @throws AuthError
|
|
269
|
+
* Sends a password reset link to an email address.
|
|
461
270
|
*/
|
|
462
271
|
sendPasswordReset(body: {
|
|
463
272
|
clientId: ClientId;
|
package/dist/types/types.d.ts
CHANGED
|
@@ -57,6 +57,8 @@ export type UserId = `uid${string}`;
|
|
|
57
57
|
export type AccountId = `acc${string}`;
|
|
58
58
|
/** Identifier for a membership linking a user to an account. */
|
|
59
59
|
export type MembershipId = `mbr${string}`;
|
|
60
|
+
/** Identifier for an application (namespace for users and clients). */
|
|
61
|
+
export type ApplicationId = `app${string}`;
|
|
60
62
|
/**
|
|
61
63
|
* Possible statuses for an account.
|
|
62
64
|
*
|
|
@@ -80,6 +82,8 @@ export type AccountStatus = "active" | "trial" | "past_due" | "suspended" | "clo
|
|
|
80
82
|
*/
|
|
81
83
|
export type AccountResource = {
|
|
82
84
|
id: AccountId;
|
|
85
|
+
/** Parent application ID - accounts always belong to an application */
|
|
86
|
+
parentId: ApplicationId;
|
|
83
87
|
/** Display name chosen by the account owner */
|
|
84
88
|
name: string | null;
|
|
85
89
|
/** URL to the account's avatar image */
|
|
@@ -98,14 +102,17 @@ export type AccountResource = {
|
|
|
98
102
|
* - suspended: Access restricted due to billing or policy
|
|
99
103
|
* - closed: Permanently closed
|
|
100
104
|
*/
|
|
101
|
-
export type UserStatus = "active" | "
|
|
105
|
+
export type UserStatus = "active" | "disabled" | "suspended" | "deleted";
|
|
102
106
|
/**
|
|
103
107
|
* A reference to a user. Will not be deleted even due to GDPR requests or account closures,
|
|
104
108
|
* to maintain referential integrity in audit logs and historical records.
|
|
109
|
+
*
|
|
110
|
+
* Users belong to an Application. They access Accounts via Memberships.
|
|
105
111
|
*/
|
|
106
112
|
export type UserResource = {
|
|
107
113
|
id: UserId;
|
|
108
|
-
|
|
114
|
+
/** The application this user belongs to */
|
|
115
|
+
applicationId: ApplicationId;
|
|
109
116
|
status: UserStatus;
|
|
110
117
|
preferredMembershipId: MembershipId | null;
|
|
111
118
|
};
|
|
@@ -174,17 +181,21 @@ export type SessionTokens = {
|
|
|
174
181
|
export type SessionProfile = UserResource & {
|
|
175
182
|
identity: UserIdentity | null;
|
|
176
183
|
emailCredentials: EmailCredential[];
|
|
177
|
-
memberships: Membership
|
|
178
|
-
|
|
184
|
+
memberships: (Membership & {
|
|
185
|
+
account: AccountResource;
|
|
186
|
+
})[];
|
|
187
|
+
/** Currently active membership in the accessToken */
|
|
179
188
|
activeMembership: Membership | null;
|
|
180
189
|
lastUpdatedAt: number;
|
|
190
|
+
/** Convenience: the account ID from the active membership (for navigation) */
|
|
191
|
+
accountId: AccountId | null;
|
|
181
192
|
};
|
|
182
193
|
/**
|
|
183
194
|
* Combined authentication state containing tokens and optional profile.
|
|
184
195
|
*/
|
|
185
196
|
export type Authentication = {
|
|
186
197
|
tokens: SessionTokens;
|
|
187
|
-
profile: SessionProfile
|
|
198
|
+
profile: SessionProfile;
|
|
188
199
|
};
|
|
189
200
|
/**
|
|
190
201
|
* Result of checkEmail() indicating whether the email is registered.
|