npm - @spfn/auth - Versions diffs - 0.1.0-alpha.1 → 0.1.0-alpha.87 - Mend

@spfn/auth 0.1.0-alpha.1 → 0.1.0-alpha.87

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (124) hide show

package/README.md +250 -0
package/dist/adapters/nextjs/api.d.ts +446 -0
package/dist/adapters/nextjs/api.js +3279 -0
package/dist/adapters/nextjs/api.js.map +1 -0
package/dist/adapters/nextjs/server.d.ts +246 -0
package/dist/adapters/nextjs/server.js +3645 -0
package/dist/adapters/nextjs/server.js.map +1 -0
package/dist/index.d.ts +3 -46
package/dist/index.js +7438 -7304
package/dist/index.js.map +1 -1
package/dist/lib/api/auth-codes-verify.d.ts +37 -0
package/dist/lib/api/auth-codes-verify.js +2949 -0
package/dist/lib/api/auth-codes-verify.js.map +1 -0
package/dist/lib/api/auth-codes.d.ts +37 -0
package/dist/lib/api/auth-codes.js +2949 -0
package/dist/lib/api/auth-codes.js.map +1 -0
package/dist/lib/api/auth-exists.d.ts +38 -0
package/dist/lib/api/auth-exists.js +2949 -0
package/dist/lib/api/auth-exists.js.map +1 -0
package/dist/lib/api/auth-invitations-accept.d.ts +38 -0
package/dist/lib/api/auth-invitations-accept.js +2883 -0
package/dist/lib/api/auth-invitations-accept.js.map +1 -0
package/dist/lib/api/auth-invitations-cancel.d.ts +37 -0
package/dist/lib/api/auth-invitations-cancel.js +2883 -0
package/dist/lib/api/auth-invitations-cancel.js.map +1 -0
package/dist/lib/api/auth-invitations-delete.d.ts +36 -0
package/dist/lib/api/auth-invitations-delete.js +2883 -0
package/dist/lib/api/auth-invitations-delete.js.map +1 -0
package/dist/lib/api/auth-invitations-resend.d.ts +37 -0
package/dist/lib/api/auth-invitations-resend.js +2883 -0
package/dist/lib/api/auth-invitations-resend.js.map +1 -0
package/dist/lib/api/auth-invitations.d.ts +109 -0
package/dist/lib/api/auth-invitations.js +2887 -0
package/dist/lib/api/auth-invitations.js.map +1 -0
package/dist/lib/api/auth-keys-rotate.d.ts +37 -0
package/dist/lib/api/auth-keys-rotate.js +2949 -0
package/dist/lib/api/auth-keys-rotate.js.map +1 -0
package/dist/lib/api/auth-login.d.ts +39 -0
package/dist/lib/api/auth-login.js +2949 -0
package/dist/lib/api/auth-login.js.map +1 -0
package/dist/lib/api/auth-logout.d.ts +36 -0
package/dist/lib/api/auth-logout.js +2949 -0
package/dist/lib/api/auth-logout.js.map +1 -0
package/dist/lib/api/auth-me.d.ts +50 -0
package/dist/lib/api/auth-me.js +2949 -0
package/dist/lib/api/auth-me.js.map +1 -0
package/dist/lib/api/auth-password.d.ts +36 -0
package/dist/lib/api/auth-password.js +2949 -0
package/dist/lib/api/auth-password.js.map +1 -0
package/dist/lib/api/auth-register.d.ts +38 -0
package/dist/lib/api/auth-register.js +2949 -0
package/dist/lib/api/auth-register.js.map +1 -0
package/dist/lib/api/index.d.ts +356 -0
package/dist/lib/api/index.js +3261 -0
package/dist/lib/api/index.js.map +1 -0
package/dist/lib/config.d.ts +70 -0
package/dist/lib/config.js +64 -0
package/dist/lib/config.js.map +1 -0
package/dist/lib/contracts/auth.d.ts +41 -1
package/dist/lib/contracts/auth.js +28 -0
package/dist/lib/contracts/auth.js.map +1 -1
package/dist/lib/contracts/index.d.ts +1 -1
package/dist/lib/contracts/index.js +28 -0
package/dist/lib/contracts/index.js.map +1 -1
package/dist/lib/crypto.d.ts +76 -0
package/dist/lib/crypto.js +127 -0
package/dist/lib/crypto.js.map +1 -0
package/dist/lib/index.d.ts +4 -0
package/dist/lib/index.js +313 -0
package/dist/lib/index.js.map +1 -0
package/dist/lib/session.d.ts +68 -0
package/dist/lib/session.js +126 -0
package/dist/lib/session.js.map +1 -0
package/dist/{api-BcQM4WKb.d.ts → lib/types/api.d.ts} +2 -2
package/dist/lib/types/api.js +1 -0
package/dist/lib/types/api.js.map +1 -0
package/dist/lib/types/index.d.ts +3 -0
package/dist/lib/types/index.js +2647 -0
package/dist/lib/types/index.js.map +1 -0
package/dist/lib/types/schemas.d.ts +45 -0
package/dist/lib/types/schemas.js +2647 -0
package/dist/lib/types/schemas.js.map +1 -0
package/dist/lib.d.ts +2 -0
package/dist/lib.js +1 -0
package/dist/lib.js.map +1 -0
package/dist/plugin.js +7438 -7304
package/dist/plugin.js.map +1 -1
package/dist/server/entities/index.d.ts +1 -0
package/dist/server/entities/index.js +23 -27
package/dist/server/entities/index.js.map +1 -1
package/dist/server/entities/invitations.js +12 -9
package/dist/server/entities/invitations.js.map +1 -1
package/dist/server/entities/permissions.js +8 -3
package/dist/server/entities/permissions.js.map +1 -1
package/dist/server/entities/role-permissions.js +12 -9
package/dist/server/entities/role-permissions.js.map +1 -1
package/dist/server/entities/roles.js +8 -3
package/dist/server/entities/roles.js.map +1 -1
package/dist/server/entities/schema.d.ts +14 -0
package/dist/server/entities/schema.js +7 -0
package/dist/server/entities/schema.js.map +1 -0
package/dist/server/entities/user-permissions.js +14 -12
package/dist/server/entities/user-permissions.js.map +1 -1
package/dist/server/entities/user-public-keys.js +12 -9
package/dist/server/entities/user-public-keys.js.map +1 -1
package/dist/server/entities/user-social-accounts.js +12 -9
package/dist/server/entities/user-social-accounts.js.map +1 -1
package/dist/server/entities/users.js +10 -6
package/dist/server/entities/users.js.map +1 -1
package/dist/server/entities/verification-codes.js +8 -3
package/dist/server/entities/verification-codes.js.map +1 -1
package/dist/server/routes/auth/index.js +497 -512
package/dist/server/routes/auth/index.js.map +1 -1
package/dist/server/routes/index.js +777 -545
package/dist/server/routes/index.js.map +1 -1
package/dist/server/routes/invitations/index.js +416 -230
package/dist/server/routes/invitations/index.js.map +1 -1
package/dist/server.d.ts +91 -62
package/dist/server.js +323 -327
package/dist/server.js.map +1 -1
package/migrations/{0000_tired_gambit.sql → 0000_familiar_firebrand.sql} +2 -0
package/migrations/meta/0000_snapshot.json +4 -2
package/migrations/meta/_journal.json +2 -2
package/package.json +41 -7

package/dist/lib/config.d.ts ADDED Viewed

@@ -0,0 +1,70 @@
+/**
+ * @spfn/auth - Global Configuration
+ *
+ * Manages global auth configuration including session TTL
+ */
+/**
+ * Cookie names used by SPFN Auth
+ */
+declare const COOKIE_NAMES: {
+    /** Encrypted session data (userId, privateKey, keyId, algorithm) */
+    readonly SESSION: "spfn_session";
+    /** Current key ID (for key rotation) */
+    readonly SESSION_KEY_ID: "spfn_session_key_id";
+};
+/**
+ * Parse duration string to seconds
+ *
+ * Supports: '30d', '12h', '45m', '3600s', or plain number
+ *
+ * @example
+ * parseDuration('30d')   // 2592000 (30 days in seconds)
+ * parseDuration('12h')   // 43200
+ * parseDuration('45m')   // 2700
+ * parseDuration('3600')  // 3600
+ */
+declare function parseDuration(duration: string | number): number;
+/**
+ * Auth configuration
+ */
+interface AuthConfig {
+    /**
+     * Default session TTL in seconds or duration string
+     *
+     * Supports:
+     * - Number: seconds (e.g., 2592000)
+     * - String: '30d', '12h', '45m', '3600s'
+     *
+     * @default 7d (7 days)
+     */
+    sessionTtl?: string | number;
+}
+/**
+ * Configure global auth settings
+ *
+ * @param config - Auth configuration
+ *
+ * @example
+ * ```typescript
+ * configureAuth({
+ *   sessionTtl: '30d',  // 30 days
+ * });
+ * ```
+ */
+declare function configureAuth(config: AuthConfig): void;
+/**
+ * Get current auth configuration
+ */
+declare function getAuthConfig(): AuthConfig;
+/**
+ * Get session TTL in seconds
+ *
+ * Priority:
+ * 1. Runtime override (remember parameter)
+ * 2. Global config (configureAuth)
+ * 3. Environment variable (SPFN_AUTH_SESSION_TTL)
+ * 4. Default (7 days)
+ */
+declare function getSessionTtl(override?: string | number): number;
+export { type AuthConfig, COOKIE_NAMES, configureAuth, getAuthConfig, getSessionTtl, parseDuration };

package/dist/lib/config.js ADDED Viewed

@@ -0,0 +1,64 @@
+// src/lib/config.ts
+var COOKIE_NAMES = {
+  /** Encrypted session data (userId, privateKey, keyId, algorithm) */
+  SESSION: "spfn_session",
+  /** Current key ID (for key rotation) */
+  SESSION_KEY_ID: "spfn_session_key_id"
+};
+function parseDuration(duration) {
+  if (typeof duration === "number") {
+    return duration;
+  }
+  const match = duration.match(/^(\d+)([dhms]?)$/);
+  if (!match) {
+    throw new Error(`Invalid duration format: ${duration}. Use format like '30d', '12h', '45m', '3600s', or plain number.`);
+  }
+  const value = parseInt(match[1], 10);
+  const unit = match[2] || "s";
+  switch (unit) {
+    case "d":
+      return value * 24 * 60 * 60;
+    case "h":
+      return value * 60 * 60;
+    case "m":
+      return value * 60;
+    case "s":
+      return value;
+    default:
+      throw new Error(`Unknown duration unit: ${unit}`);
+  }
+}
+var globalConfig = {
+  sessionTtl: "7d"
+  // Default: 7 days
+};
+function configureAuth(config) {
+  globalConfig = {
+    ...globalConfig,
+    ...config
+  };
+}
+function getAuthConfig() {
+  return { ...globalConfig };
+}
+function getSessionTtl(override) {
+  if (override !== void 0) {
+    return parseDuration(override);
+  }
+  if (globalConfig.sessionTtl !== void 0) {
+    return parseDuration(globalConfig.sessionTtl);
+  }
+  const envTtl = process.env.SPFN_AUTH_SESSION_TTL;
+  if (envTtl) {
+    return parseDuration(envTtl);
+  }
+  return 7 * 24 * 60 * 60;
+}
+export {
+  COOKIE_NAMES,
+  configureAuth,
+  getAuthConfig,
+  getSessionTtl,
+  parseDuration
+};
+//# sourceMappingURL=config.js.map

package/dist/lib/config.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../src/lib/config.ts"],"sourcesContent":["/**\n * @spfn/auth - Global Configuration\n *\n * Manages global auth configuration including session TTL\n */\n\n/**\n * Cookie names used by SPFN Auth\n */\nexport const COOKIE_NAMES = {\n /** Encrypted session data (userId, privateKey, keyId, algorithm) */\n SESSION: 'spfn_session',\n /** Current key ID (for key rotation) */\n SESSION_KEY_ID: 'spfn_session_key_id',\n} as const;\n\n/**\n * Parse duration string to seconds\n *\n * Supports: '30d', '12h', '45m', '3600s', or plain number\n *\n * @example\n * parseDuration('30d') // 2592000 (30 days in seconds)\n * parseDuration('12h') // 43200\n * parseDuration('45m') // 2700\n * parseDuration('3600') // 3600\n */\nexport function parseDuration(duration: string | number): number\n{\n if (typeof duration === 'number')\n {\n return duration;\n }\n\n const match = duration.match(/^(\\d+)([dhms]?)$/);\n if (!match)\n {\n throw new Error(`Invalid duration format: ${duration}. Use format like '30d', '12h', '45m', '3600s', or plain number.`);\n }\n\n const value = parseInt(match[1], 10);\n const unit = match[2] || 's';\n\n switch (unit)\n {\n case 'd':\n return value * 24 * 60 * 60;\n case 'h':\n return value * 60 * 60;\n case 'm':\n return value * 60;\n case 's':\n return value;\n default:\n throw new Error(`Unknown duration unit: ${unit}`);\n }\n}\n\n/**\n * Auth configuration\n */\nexport interface AuthConfig\n{\n /**\n * Default session TTL in seconds or duration string\n *\n * Supports:\n * - Number: seconds (e.g., 2592000)\n * - String: '30d', '12h', '45m', '3600s'\n *\n * @default 7d (7 days)\n */\n sessionTtl?: string | number;\n}\n\n/**\n * Global auth configuration state\n */\nlet globalConfig: AuthConfig = {\n sessionTtl: '7d', // Default: 7 days\n};\n\n/**\n * Configure global auth settings\n *\n * @param config - Auth configuration\n *\n * @example\n * ```typescript\n * configureAuth({\n * sessionTtl: '30d', // 30 days\n * });\n * ```\n */\nexport function configureAuth(config: AuthConfig): void\n{\n globalConfig = {\n ...globalConfig,\n ...config,\n };\n}\n\n/**\n * Get current auth configuration\n */\nexport function getAuthConfig(): AuthConfig\n{\n return { ...globalConfig };\n}\n\n/**\n * Get session TTL in seconds\n *\n * Priority:\n * 1. Runtime override (remember parameter)\n * 2. Global config (configureAuth)\n * 3. Environment variable (SPFN_AUTH_SESSION_TTL)\n * 4. Default (7 days)\n */\nexport function getSessionTtl(override?: string | number): number\n{\n // 1. Runtime override\n if (override !== undefined)\n {\n return parseDuration(override);\n }\n\n // 2. Global config\n if (globalConfig.sessionTtl !== undefined)\n {\n return parseDuration(globalConfig.sessionTtl);\n }\n\n // 3. Environment variable\n const envTtl = process.env.SPFN_AUTH_SESSION_TTL;\n if (envTtl)\n {\n return parseDuration(envTtl);\n }\n\n // 4. Default: 7 days\n return 7 * 24 * 60 * 60;\n}"],"mappings":";AASO,IAAM,eAAe;AAAA;AAAA,EAExB,SAAS;AAAA;AAAA,EAET,gBAAgB;AACpB;AAaO,SAAS,cAAc,UAC9B;AACI,MAAI,OAAO,aAAa,UACxB;AACI,WAAO;AAAA,EACX;AAEA,QAAM,QAAQ,SAAS,MAAM,kBAAkB;AAC/C,MAAI,CAAC,OACL;AACI,UAAM,IAAI,MAAM,4BAA4B,QAAQ,kEAAkE;AAAA,EAC1H;AAEA,QAAM,QAAQ,SAAS,MAAM,CAAC,GAAG,EAAE;AACnC,QAAM,OAAO,MAAM,CAAC,KAAK;AAEzB,UAAQ,MACR;AAAA,IACI,KAAK;AACD,aAAO,QAAQ,KAAK,KAAK;AAAA,IAC7B,KAAK;AACD,aAAO,QAAQ,KAAK;AAAA,IACxB,KAAK;AACD,aAAO,QAAQ;AAAA,IACnB,KAAK;AACD,aAAO;AAAA,IACX;AACI,YAAM,IAAI,MAAM,0BAA0B,IAAI,EAAE;AAAA,EACxD;AACJ;AAsBA,IAAI,eAA2B;AAAA,EAC3B,YAAY;AAAA;AAChB;AAcO,SAAS,cAAc,QAC9B;AACI,iBAAe;AAAA,IACX,GAAG;AAAA,IACH,GAAG;AAAA,EACP;AACJ;AAKO,SAAS,gBAChB;AACI,SAAO,EAAE,GAAG,aAAa;AAC7B;AAWO,SAAS,cAAc,UAC9B;AAEI,MAAI,aAAa,QACjB;AACI,WAAO,cAAc,QAAQ;AAAA,EACjC;AAGA,MAAI,aAAa,eAAe,QAChC;AACI,WAAO,cAAc,aAAa,UAAU;AAAA,EAChD;AAGA,QAAM,SAAS,QAAQ,IAAI;AAC3B,MAAI,QACJ;AACI,WAAO,cAAc,MAAM;AAAA,EAC/B;AAGA,SAAO,IAAI,KAAK,KAAK;AACzB;","names":[]}

package/dist/lib/contracts/auth.d.ts CHANGED Viewed

@@ -258,5 +258,45 @@ declare const changePasswordContract: {
         }>;
     }>]>;
 };
+/**
+ * GET /me - Get current user info
+ *
+ * Returns authenticated user's information including role and permissions
+ * Requires authentication
+ * Final path: /_auth/me (prefix added from package.json)
+ */
+declare const getMeContract: {
+    readonly method: "GET";
+    readonly path: "/_auth/me";
+    readonly body: _sinclair_typebox.TObject<{}>;
+    readonly response: _sinclair_typebox.TUnion<[_sinclair_typebox.TObject<{
+        success: _sinclair_typebox.TLiteral<true>;
+        data: _sinclair_typebox.TObject<{
+            userId: _sinclair_typebox.TString;
+            email: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            phone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            role: _sinclair_typebox.TObject<{
+                id: _sinclair_typebox.TNumber;
+                name: _sinclair_typebox.TString;
+                displayName: _sinclair_typebox.TString;
+                priority: _sinclair_typebox.TNumber;
+            }>;
+            permissions: _sinclair_typebox.TArray<_sinclair_typebox.TObject<{
+                id: _sinclair_typebox.TNumber;
+                name: _sinclair_typebox.TString;
+                displayName: _sinclair_typebox.TString;
+                category: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            }>>;
+        }>;
+        message: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+    }>, _sinclair_typebox.TObject<{
+        success: _sinclair_typebox.TLiteral<false>;
+        error: _sinclair_typebox.TObject<{
+            code: _sinclair_typebox.TString;
+            message: _sinclair_typebox.TString;
+            details: _sinclair_typebox.TOptional<_sinclair_typebox.TAny>;
+        }>;
+    }>]>;
+};
-export { changePasswordContract, checkAccountExistsContract, loginContract, logoutContract, registerContract, rotateKeyContract, sendVerificationCodeContract, verifyCodeContract };
+export { changePasswordContract, checkAccountExistsContract, getMeContract, loginContract, logoutContract, registerContract, rotateKeyContract, sendVerificationCodeContract, verifyCodeContract };

package/dist/lib/contracts/auth.js CHANGED Viewed

@@ -2910,9 +2910,37 @@ var changePasswordContract = {
     })
   )
 };
+var getMeContract = {
+  method: "GET",
+  path: "/_auth/me",
+  body: Type.Object({}),
+  response: ApiResponseSchema(
+    Type.Object({
+      userId: Type.String({ description: "User ID" }),
+      email: Type.Optional(Type.String({ description: "User email address" })),
+      phone: Type.Optional(Type.String({ description: "User phone number" })),
+      role: Type.Object({
+        id: Type.Number({ description: "Role ID" }),
+        name: Type.String({ description: "Role name (e.g., user, admin)" }),
+        displayName: Type.String({ description: "Display name for UI" }),
+        priority: Type.Number({ description: "Role priority level" })
+      }, { description: "User role information" }),
+      permissions: Type.Array(
+        Type.Object({
+          id: Type.Number({ description: "Permission ID" }),
+          name: Type.String({ description: "Permission name (e.g., user:delete)" }),
+          displayName: Type.String({ description: "Display name for UI" }),
+          category: Type.Optional(Type.String({ description: "Permission category" }))
+        }),
+        { description: "List of permissions granted through role" }
+      )
+    })
+  )
+};
 export {
   changePasswordContract,
   checkAccountExistsContract,
+  getMeContract,
   loginContract,
   logoutContract,
   registerContract,