@spfn/auth 0.2.0-beta.10 → 0.2.0-beta.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/README.md +169 -168
  2. package/dist/{dto-CRlgoCP5.d.ts → authenticate-CU6_zQaa.d.ts} +182 -182
  3. package/dist/index.d.ts +143 -130
  4. package/dist/index.js +24 -1
  5. package/dist/index.js.map +1 -1
  6. package/dist/nextjs/server.js +0 -1
  7. package/dist/nextjs/server.js.map +1 -1
  8. package/dist/server.d.ts +3 -366
  9. package/dist/server.js +49 -466
  10. package/dist/server.js.map +1 -1
  11. package/package.json +4 -11
package/dist/{dto-CRlgoCP5.d.ts → authenticate-CU6_zQaa.d.ts} RENAMED
@@ -1,8 +1,85 @@
1
+ import * as _spfn_core_route from '@spfn/core/route';
1
2
  import * as _sinclair_typebox from '@sinclair/typebox';
2
3
  import { Static } from '@sinclair/typebox';
3
- import * as _spfn_core_route from '@spfn/core/route';
4
4
  import { User } from '@spfn/auth/server';
5
5
 
6
+ /**
7
+ * Role information for client/API responses
8
+ */
9
+ interface Role {
10
+ id: number;
11
+ name: string;
12
+ displayName: string;
13
+ description: string | null;
14
+ isBuiltin: boolean;
15
+ isSystem: boolean;
16
+ isActive: boolean;
17
+ priority: number;
18
+ createdAt: Date;
19
+ updatedAt: Date;
20
+ }
21
+ /**
22
+ * Permission information for client/API responses
23
+ */
24
+ interface Permission {
25
+ id: number;
26
+ name: string;
27
+ displayName: string;
28
+ description: string | null;
29
+ category: string | null;
30
+ isBuiltin: boolean;
31
+ isSystem: boolean;
32
+ isActive: boolean;
33
+ metadata: Record<string, any> | null;
34
+ createdAt: Date;
35
+ updatedAt: Date;
36
+ }
37
+ interface AuthSession {
38
+ userId: number;
39
+ email: string | null;
40
+ emailVerified: boolean;
41
+ phoneVerified: boolean;
42
+ role: Role;
43
+ permissions: Permission[];
44
+ }
45
+ interface ProfileInfo {
46
+ profileId: number;
47
+ displayName: string;
48
+ firstName: string | null;
49
+ lastName: string | null;
50
+ avatarUrl: string | null;
51
+ bio: string | null;
52
+ locale: string;
53
+ timezone: string;
54
+ website: string | null;
55
+ location: string | null;
56
+ company: string | null;
57
+ jobTitle: string | null;
58
+ metadata: Record<string, any> | null;
59
+ createdAt: Date;
60
+ updatedAt: Date;
61
+ }
62
+ /**
63
+ * User Profile Response
64
+ *
65
+ * Complete user data including:
66
+ * - User fields at top level (userId, email, etc.)
67
+ * - Profile data as nested field (optional)
68
+ *
69
+ * Excludes:
70
+ * - Role and permissions (use auth session API)
71
+ */
72
+ interface UserProfile {
73
+ userId: number;
74
+ email: string | null;
75
+ emailVerified: boolean;
76
+ phoneVerified: boolean;
77
+ lastLoginAt: Date | null;
78
+ createdAt: Date;
79
+ updatedAt: Date;
80
+ profile: ProfileInfo | null;
81
+ }
82
+
6
83
  /**
7
84
  * @spfn/auth - Shared Types
8
85
  *
@@ -314,25 +391,94 @@ interface AuthInitOptions {
314
391
  * - Users: /_auth/users/*
315
392
  */
316
393
  declare const mainAuthRouter: _spfn_core_route.Router<{
317
- getUserProfile: _spfn_core_route.RouteDef<{}, {}, UserProfile>;
318
- updateUserProfile: _spfn_core_route.RouteDef<{
394
+ checkAccountExists: _spfn_core_route.RouteDef<{
395
+ body: _sinclair_typebox.TUnion<[_sinclair_typebox.TObject<{
396
+ email: _sinclair_typebox.TString;
397
+ }>, _sinclair_typebox.TObject<{
398
+ phone: _sinclair_typebox.TString;
399
+ }>]>;
400
+ }, {}, CheckAccountExistsResult>;
401
+ sendVerificationCode: _spfn_core_route.RouteDef<{
319
402
  body: _sinclair_typebox.TObject<{
320
- displayName: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
321
- firstName: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
322
- lastName: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
323
- avatarUrl: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
324
- bio: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
325
- locale: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
326
- timezone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
327
- dateOfBirth: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
328
- gender: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
329
- website: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
330
- location: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
331
- company: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
332
- jobTitle: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
333
- metadata: _sinclair_typebox.TOptional<_sinclair_typebox.TRecord<_sinclair_typebox.TString, _sinclair_typebox.TAny>>;
403
+ target: _sinclair_typebox.TString;
404
+ targetType: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"email">, _sinclair_typebox.TLiteral<"phone">]>;
405
+ purpose: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"registration">, _sinclair_typebox.TLiteral<"login">, _sinclair_typebox.TLiteral<"password_reset">, _sinclair_typebox.TLiteral<"email_change">, _sinclair_typebox.TLiteral<"phone_change">]>;
334
406
  }>;
335
- }, {}, ProfileInfo>;
407
+ }, {}, SendVerificationCodeResult>;
408
+ verifyCode: _spfn_core_route.RouteDef<{
409
+ body: _sinclair_typebox.TObject<{
410
+ target: _sinclair_typebox.TString;
411
+ targetType: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"email">, _sinclair_typebox.TLiteral<"phone">]>;
412
+ code: _sinclair_typebox.TString;
413
+ purpose: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"registration">, _sinclair_typebox.TLiteral<"login">, _sinclair_typebox.TLiteral<"password_reset">, _sinclair_typebox.TLiteral<"email_change">, _sinclair_typebox.TLiteral<"phone_change">]>;
414
+ }>;
415
+ }, {}, {
416
+ valid: boolean;
417
+ verificationToken: string;
418
+ }>;
419
+ register: _spfn_core_route.RouteDef<{
420
+ body: _sinclair_typebox.TObject<{
421
+ email: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
422
+ phone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
423
+ verificationToken: _sinclair_typebox.TString;
424
+ password: _sinclair_typebox.TString;
425
+ }>;
426
+ }, {
427
+ body: _sinclair_typebox.TObject<{
428
+ publicKey: _sinclair_typebox.TString;
429
+ keyId: _sinclair_typebox.TString;
430
+ fingerprint: _sinclair_typebox.TString;
431
+ algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
432
+ }>;
433
+ }, RegisterResult>;
434
+ login: _spfn_core_route.RouteDef<{
435
+ body: _sinclair_typebox.TObject<{
436
+ email: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
437
+ phone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
438
+ password: _sinclair_typebox.TString;
439
+ }>;
440
+ }, {
441
+ body: _sinclair_typebox.TObject<{
442
+ publicKey: _sinclair_typebox.TString;
443
+ keyId: _sinclair_typebox.TString;
444
+ fingerprint: _sinclair_typebox.TString;
445
+ algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
446
+ oldKeyId: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
447
+ }>;
448
+ }, LoginResult>;
449
+ logout: _spfn_core_route.RouteDef<{}, {}, void>;
450
+ rotateKey: _spfn_core_route.RouteDef<{}, {
451
+ body: _sinclair_typebox.TObject<{
452
+ publicKey: _sinclair_typebox.TString;
453
+ keyId: _sinclair_typebox.TString;
454
+ fingerprint: _sinclair_typebox.TString;
455
+ algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
456
+ }>;
457
+ }, RotateKeyResult>;
458
+ changePassword: _spfn_core_route.RouteDef<{
459
+ body: _sinclair_typebox.TObject<{
460
+ currentPassword: _sinclair_typebox.TString;
461
+ newPassword: _sinclair_typebox.TString;
462
+ }>;
463
+ }, {}, void>;
464
+ getAuthSession: _spfn_core_route.RouteDef<{}, {}, {
465
+ role: {
466
+ id: number;
467
+ name: string;
468
+ displayName: string;
469
+ priority: number;
470
+ };
471
+ permissions: {
472
+ id: number;
473
+ name: string;
474
+ displayName: string;
475
+ category: "auth" | "custom" | "user" | "rbac" | "system" | undefined;
476
+ }[];
477
+ userId: number;
478
+ email: string | null;
479
+ emailVerified: boolean;
480
+ phoneVerified: boolean;
481
+ }>;
336
482
  getInvitation: _spfn_core_route.RouteDef<{
337
483
  params: _sinclair_typebox.TObject<{
338
484
  token: _sinclair_typebox.TString;
@@ -433,94 +579,25 @@ declare const mainAuthRouter: _spfn_core_route.Router<{
433
579
  id: _sinclair_typebox.TNumber;
434
580
  }>;
435
581
  }, {}, void>;
436
- checkAccountExists: _spfn_core_route.RouteDef<{
437
- body: _sinclair_typebox.TUnion<[_sinclair_typebox.TObject<{
438
- email: _sinclair_typebox.TString;
439
- }>, _sinclair_typebox.TObject<{
440
- phone: _sinclair_typebox.TString;
441
- }>]>;
442
- }, {}, CheckAccountExistsResult>;
443
- sendVerificationCode: _spfn_core_route.RouteDef<{
444
- body: _sinclair_typebox.TObject<{
445
- target: _sinclair_typebox.TString;
446
- targetType: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"email">, _sinclair_typebox.TLiteral<"phone">]>;
447
- purpose: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"registration">, _sinclair_typebox.TLiteral<"login">, _sinclair_typebox.TLiteral<"password_reset">, _sinclair_typebox.TLiteral<"email_change">, _sinclair_typebox.TLiteral<"phone_change">]>;
448
- }>;
449
- }, {}, SendVerificationCodeResult>;
450
- verifyCode: _spfn_core_route.RouteDef<{
451
- body: _sinclair_typebox.TObject<{
452
- target: _sinclair_typebox.TString;
453
- targetType: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"email">, _sinclair_typebox.TLiteral<"phone">]>;
454
- code: _sinclair_typebox.TString;
455
- purpose: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"registration">, _sinclair_typebox.TLiteral<"login">, _sinclair_typebox.TLiteral<"password_reset">, _sinclair_typebox.TLiteral<"email_change">, _sinclair_typebox.TLiteral<"phone_change">]>;
456
- }>;
457
- }, {}, {
458
- valid: boolean;
459
- verificationToken: string;
460
- }>;
461
- register: _spfn_core_route.RouteDef<{
462
- body: _sinclair_typebox.TObject<{
463
- email: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
464
- phone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
465
- verificationToken: _sinclair_typebox.TString;
466
- password: _sinclair_typebox.TString;
467
- }>;
468
- }, {
469
- body: _sinclair_typebox.TObject<{
470
- publicKey: _sinclair_typebox.TString;
471
- keyId: _sinclair_typebox.TString;
472
- fingerprint: _sinclair_typebox.TString;
473
- algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
474
- }>;
475
- }, RegisterResult>;
476
- login: _spfn_core_route.RouteDef<{
477
- body: _sinclair_typebox.TObject<{
478
- email: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
479
- phone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
480
- password: _sinclair_typebox.TString;
481
- }>;
482
- }, {
483
- body: _sinclair_typebox.TObject<{
484
- publicKey: _sinclair_typebox.TString;
485
- keyId: _sinclair_typebox.TString;
486
- fingerprint: _sinclair_typebox.TString;
487
- algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
488
- oldKeyId: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
489
- }>;
490
- }, LoginResult>;
491
- logout: _spfn_core_route.RouteDef<{}, {}, void>;
492
- rotateKey: _spfn_core_route.RouteDef<{}, {
493
- body: _sinclair_typebox.TObject<{
494
- publicKey: _sinclair_typebox.TString;
495
- keyId: _sinclair_typebox.TString;
496
- fingerprint: _sinclair_typebox.TString;
497
- algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
498
- }>;
499
- }, RotateKeyResult>;
500
- changePassword: _spfn_core_route.RouteDef<{
582
+ getUserProfile: _spfn_core_route.RouteDef<{}, {}, UserProfile>;
583
+ updateUserProfile: _spfn_core_route.RouteDef<{
501
584
  body: _sinclair_typebox.TObject<{
502
- currentPassword: _sinclair_typebox.TString;
503
- newPassword: _sinclair_typebox.TString;
585
+ displayName: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
586
+ firstName: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
587
+ lastName: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
588
+ avatarUrl: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
589
+ bio: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
590
+ locale: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
591
+ timezone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
592
+ dateOfBirth: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
593
+ gender: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
594
+ website: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
595
+ location: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
596
+ company: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
597
+ jobTitle: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
598
+ metadata: _sinclair_typebox.TOptional<_sinclair_typebox.TRecord<_sinclair_typebox.TString, _sinclair_typebox.TAny>>;
504
599
  }>;
505
- }, {}, void>;
506
- getAuthSession: _spfn_core_route.RouteDef<{}, {}, {
507
- role: {
508
- id: number;
509
- name: string;
510
- displayName: string;
511
- priority: number;
512
- };
513
- permissions: {
514
- id: number;
515
- name: string;
516
- displayName: string;
517
- category: "auth" | "custom" | "user" | "rbac" | "system" | undefined;
518
- }[];
519
- userId: number;
520
- email: string | null;
521
- emailVerified: boolean;
522
- phoneVerified: boolean;
523
- }>;
600
+ }, {}, ProfileInfo>;
524
601
  }>;
525
602
 
526
603
  interface AuthContext {
@@ -565,81 +642,4 @@ declare module 'hono' {
565
642
  */
566
643
  declare const authenticate: _spfn_core_route.NamedMiddleware<"auth">;
567
644
 
568
- /**
569
- * Role information for client/API responses
570
- */
571
- interface Role {
572
- id: number;
573
- name: string;
574
- displayName: string;
575
- description: string | null;
576
- isBuiltin: boolean;
577
- isSystem: boolean;
578
- isActive: boolean;
579
- priority: number;
580
- createdAt: Date;
581
- updatedAt: Date;
582
- }
583
- /**
584
- * Permission information for client/API responses
585
- */
586
- interface Permission {
587
- id: number;
588
- name: string;
589
- displayName: string;
590
- description: string | null;
591
- category: string | null;
592
- isBuiltin: boolean;
593
- isSystem: boolean;
594
- isActive: boolean;
595
- metadata: Record<string, any> | null;
596
- createdAt: Date;
597
- updatedAt: Date;
598
- }
599
- interface AuthSession {
600
- userId: number;
601
- email: string | null;
602
- emailVerified: boolean;
603
- phoneVerified: boolean;
604
- role: Role;
605
- permissions: Permission[];
606
- }
607
- interface ProfileInfo {
608
- profileId: number;
609
- displayName: string;
610
- firstName: string | null;
611
- lastName: string | null;
612
- avatarUrl: string | null;
613
- bio: string | null;
614
- locale: string;
615
- timezone: string;
616
- website: string | null;
617
- location: string | null;
618
- company: string | null;
619
- jobTitle: string | null;
620
- metadata: Record<string, any> | null;
621
- createdAt: Date;
622
- updatedAt: Date;
623
- }
624
- /**
625
- * User Profile Response
626
- *
627
- * Complete user data including:
628
- * - User fields at top level (userId, email, etc.)
629
- * - Profile data as nested field (optional)
630
- *
631
- * Excludes:
632
- * - Role and permissions (use auth session API)
633
- */
634
- interface UserProfile {
635
- userId: number;
636
- email: string | null;
637
- emailVerified: boolean;
638
- phoneVerified: boolean;
639
- lastLoginAt: Date | null;
640
- createdAt: Date;
641
- updatedAt: Date;
642
- profile: ProfileInfo | null;
643
- }
644
-
645
- export { VerificationPurposeSchema as $, type AuthSession as A, type ChangePasswordParams as B, type CheckAccountExistsResult as C, sendVerificationCodeService as D, verifyCodeService as E, type SendVerificationCodeParams as F, type VerifyCodeParams as G, type VerifyCodeResult as H, INVITATION_STATUSES as I, registerPublicKeyService as J, KEY_ALGORITHM as K, type LoginResult as L, rotateKeyService as M, revokeKeyService as N, type RegisterPublicKeyParams as O, type PermissionConfig as P, type RotateKeyParams as Q, type RoleConfig as R, type SendVerificationCodeResult as S, type RevokeKeyParams as T, type UserProfile as U, type VerificationTargetType as V, authenticate as W, EmailSchema as X, PhoneSchema as Y, PasswordSchema as Z, TargetTypeSchema as _, type ProfileInfo as a, type RegisterResult as b, type RotateKeyResult as c, USER_STATUSES as d, SOCIAL_PROVIDERS as e, type VerificationPurpose as f, VERIFICATION_TARGET_TYPES as g, VERIFICATION_PURPOSES as h, PERMISSION_CATEGORIES as i, type PermissionCategory as j, type AuthInitOptions as k, type KeyAlgorithmType as l, mainAuthRouter as m, type InvitationStatus as n, type UserStatus as o, type SocialProvider as p, type AuthContext as q, checkAccountExistsService as r, registerService as s, loginService as t, logoutService as u, changePasswordService as v, type CheckAccountExistsParams as w, type RegisterParams as x, type LoginParams as y, type LogoutParams as z };
645
+ export { VerificationPurposeSchema as $, type AuthSession as A, type ChangePasswordParams as B, type CheckAccountExistsResult as C, sendVerificationCodeService as D, verifyCodeService as E, type SendVerificationCodeParams as F, type VerifyCodeParams as G, type VerifyCodeResult as H, INVITATION_STATUSES as I, registerPublicKeyService as J, KEY_ALGORITHM as K, type LoginResult as L, rotateKeyService as M, revokeKeyService as N, type RegisterPublicKeyParams as O, type PermissionConfig as P, type RotateKeyParams as Q, type RoleConfig as R, type SendVerificationCodeResult as S, type RevokeKeyParams as T, type UserProfile as U, type VerificationTargetType as V, authenticate as W, EmailSchema as X, PhoneSchema as Y, PasswordSchema as Z, TargetTypeSchema as _, type RegisterResult as a, type RotateKeyResult as b, type ProfileInfo as c, USER_STATUSES as d, SOCIAL_PROVIDERS as e, type VerificationPurpose as f, VERIFICATION_TARGET_TYPES as g, VERIFICATION_PURPOSES as h, PERMISSION_CATEGORIES as i, type PermissionCategory as j, type AuthInitOptions as k, type KeyAlgorithmType as l, mainAuthRouter as m, type InvitationStatus as n, type UserStatus as o, type SocialProvider as p, type AuthContext as q, checkAccountExistsService as r, registerService as s, loginService as t, logoutService as u, changePasswordService as v, type CheckAccountExistsParams as w, type RegisterParams as x, type LoginParams as y, type LogoutParams as z };