@spfn/auth 0.2.0-beta.4 → 0.2.0-beta.40
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +713 -180
- package/dist/{dto-Bb2qFUO6.d.ts → authenticate-BbugF32w.d.ts} +420 -161
- package/dist/config.d.ts +156 -44
- package/dist/config.js +90 -35
- package/dist/config.js.map +1 -1
- package/dist/errors.d.ts +30 -2
- package/dist/errors.js +24 -0
- package/dist/errors.js.map +1 -1
- package/dist/index.d.ts +283 -113
- package/dist/index.js +58 -1
- package/dist/index.js.map +1 -1
- package/dist/nextjs/api.js +202 -1
- package/dist/nextjs/api.js.map +1 -1
- package/dist/nextjs/client.d.ts +28 -0
- package/dist/nextjs/client.js +80 -0
- package/dist/nextjs/client.js.map +1 -0
- package/dist/nextjs/server.d.ts +89 -2
- package/dist/nextjs/server.js +146 -21
- package/dist/nextjs/server.js.map +1 -1
- package/dist/server.d.ts +525 -404
- package/dist/server.js +1021 -492
- package/dist/server.js.map +1 -1
- package/migrations/0001_smooth_the_fury.sql +3 -0
- package/migrations/meta/0001_snapshot.json +1660 -0
- package/migrations/meta/_journal.json +7 -0
- package/package.json +13 -9
package/dist/index.d.ts
CHANGED
|
@@ -1,10 +1,38 @@
|
|
|
1
1
|
import * as _spfn_core_nextjs from '@spfn/core/nextjs';
|
|
2
|
-
import { R as RoleConfig, P as PermissionConfig,
|
|
3
|
-
export { k as AuthInitOptions, A as AuthSession, I as INVITATION_STATUSES, n as InvitationStatus, K as KEY_ALGORITHM, l as KeyAlgorithmType, i as PERMISSION_CATEGORIES, j as PermissionCategory, e as SOCIAL_PROVIDERS, p as SocialProvider, d as USER_STATUSES, o as UserStatus, h as VERIFICATION_PURPOSES, g as VERIFICATION_TARGET_TYPES, f as VerificationPurpose, V as VerificationTargetType } from './
|
|
2
|
+
import { R as RoleConfig, P as PermissionConfig, C as CheckAccountExistsResult, S as SendVerificationCodeResult, a as RegisterResult, L as LoginResult, b as RotateKeyResult, O as OAuthStartResult, U as UserProfile, c as ProfileInfo, m as mainAuthRouter } from './authenticate-BbugF32w.js';
|
|
3
|
+
export { k as AuthInitOptions, A as AuthSession, I as INVITATION_STATUSES, n as InvitationStatus, K as KEY_ALGORITHM, l as KeyAlgorithmType, i as PERMISSION_CATEGORIES, j as PermissionCategory, e as SOCIAL_PROVIDERS, p as SocialProvider, d as USER_STATUSES, o as UserStatus, h as VERIFICATION_PURPOSES, g as VERIFICATION_TARGET_TYPES, f as VerificationPurpose, V as VerificationTargetType } from './authenticate-BbugF32w.js';
|
|
4
4
|
import * as _spfn_core_route from '@spfn/core/route';
|
|
5
|
+
import { HttpMethod } from '@spfn/core/route';
|
|
5
6
|
import * as _sinclair_typebox from '@sinclair/typebox';
|
|
6
7
|
import '@spfn/auth/server';
|
|
7
8
|
|
|
9
|
+
/**
|
|
10
|
+
* Email regex pattern (RFC 5322 compliant)
|
|
11
|
+
* Validates: local-part@domain.tld
|
|
12
|
+
* - Local part: alphanumeric, dots, hyphens, underscores
|
|
13
|
+
* - Domain: alphanumeric, hyphens, dots
|
|
14
|
+
* - TLD: minimum 2 characters
|
|
15
|
+
*/
|
|
16
|
+
declare const EMAIL_PATTERN = "^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$";
|
|
17
|
+
/**
|
|
18
|
+
* Phone regex pattern (E.164 format)
|
|
19
|
+
* Format: +[country code][number] (1-15 digits total)
|
|
20
|
+
*/
|
|
21
|
+
declare const PHONE_PATTERN = "^\\+[1-9]\\d{1,14}$";
|
|
22
|
+
/**
|
|
23
|
+
* SHA-256 fingerprint pattern (64 hex characters)
|
|
24
|
+
*/
|
|
25
|
+
declare const FINGERPRINT_PATTERN = "^[a-f0-9]{64}$";
|
|
26
|
+
/**
|
|
27
|
+
* UUID v4 pattern (8-4-4-4-12 format)
|
|
28
|
+
*/
|
|
29
|
+
declare const UUID_PATTERN = "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$";
|
|
30
|
+
/**
|
|
31
|
+
* Base64 pattern (DER encoded keys)
|
|
32
|
+
* Matches standard Base64 with padding
|
|
33
|
+
*/
|
|
34
|
+
declare const BASE64_PATTERN = "^[A-Za-z0-9+/]+=*$";
|
|
35
|
+
|
|
8
36
|
/**
|
|
9
37
|
* @spfn/auth - Built-in Roles and Permissions
|
|
10
38
|
*
|
|
@@ -31,31 +59,16 @@ type BuiltinRoleName = keyof typeof BUILTIN_ROLE_PERMISSIONS;
|
|
|
31
59
|
type BuiltinPermissionName = typeof BUILTIN_PERMISSIONS[keyof typeof BUILTIN_PERMISSIONS]['name'];
|
|
32
60
|
|
|
33
61
|
/**
|
|
34
|
-
*
|
|
35
|
-
*
|
|
36
|
-
* -
|
|
37
|
-
* - Domain: alphanumeric, hyphens, dots
|
|
38
|
-
* - TLD: minimum 2 characters
|
|
39
|
-
*/
|
|
40
|
-
declare const EMAIL_PATTERN = "^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$";
|
|
41
|
-
/**
|
|
42
|
-
* Phone regex pattern (E.164 format)
|
|
43
|
-
* Format: +[country code][number] (1-15 digits total)
|
|
44
|
-
*/
|
|
45
|
-
declare const PHONE_PATTERN = "^\\+[1-9]\\d{1,14}$";
|
|
46
|
-
/**
|
|
47
|
-
* SHA-256 fingerprint pattern (64 hex characters)
|
|
48
|
-
*/
|
|
49
|
-
declare const FINGERPRINT_PATTERN = "^[a-f0-9]{64}$";
|
|
50
|
-
/**
|
|
51
|
-
* UUID v4 pattern (8-4-4-4-12 format)
|
|
52
|
-
*/
|
|
53
|
-
declare const UUID_PATTERN = "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$";
|
|
54
|
-
/**
|
|
55
|
-
* Base64 pattern (DER encoded keys)
|
|
56
|
-
* Matches standard Base64 with padding
|
|
62
|
+
* Route Map (Auto-generated)
|
|
63
|
+
*
|
|
64
|
+
* DO NOT EDIT - This file is generated by @spfn/core:route-map generator
|
|
57
65
|
*/
|
|
58
|
-
|
|
66
|
+
|
|
67
|
+
interface RouteInfo {
|
|
68
|
+
method: HttpMethod;
|
|
69
|
+
path: string;
|
|
70
|
+
}
|
|
71
|
+
declare const routeMap: Record<string, RouteInfo>;
|
|
59
72
|
|
|
60
73
|
/**
|
|
61
74
|
* Type-safe API client for auth routes
|
|
@@ -74,25 +87,142 @@ declare const BASE64_PATTERN = "^[A-Za-z0-9+/]+=*$";
|
|
|
74
87
|
* ```
|
|
75
88
|
*/
|
|
76
89
|
declare const authApi: _spfn_core_nextjs.Client<_spfn_core_route.Router<{
|
|
77
|
-
|
|
78
|
-
|
|
90
|
+
checkAccountExists: _spfn_core_route.RouteDef<{
|
|
91
|
+
body: _sinclair_typebox.TUnion<[_sinclair_typebox.TObject<{
|
|
92
|
+
email: _sinclair_typebox.TString;
|
|
93
|
+
}>, _sinclair_typebox.TObject<{
|
|
94
|
+
phone: _sinclair_typebox.TString;
|
|
95
|
+
}>]>;
|
|
96
|
+
}, {}, CheckAccountExistsResult>;
|
|
97
|
+
sendVerificationCode: _spfn_core_route.RouteDef<{
|
|
79
98
|
body: _sinclair_typebox.TObject<{
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
avatarUrl: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
84
|
-
bio: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
85
|
-
locale: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
86
|
-
timezone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
87
|
-
dateOfBirth: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
88
|
-
gender: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
89
|
-
website: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
90
|
-
location: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
91
|
-
company: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
92
|
-
jobTitle: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
93
|
-
metadata: _sinclair_typebox.TOptional<_sinclair_typebox.TRecord<_sinclair_typebox.TString, _sinclair_typebox.TAny>>;
|
|
99
|
+
target: _sinclair_typebox.TString;
|
|
100
|
+
targetType: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"email">, _sinclair_typebox.TLiteral<"phone">]>;
|
|
101
|
+
purpose: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"registration">, _sinclair_typebox.TLiteral<"login">, _sinclair_typebox.TLiteral<"password_reset">, _sinclair_typebox.TLiteral<"email_change">, _sinclair_typebox.TLiteral<"phone_change">]>;
|
|
94
102
|
}>;
|
|
95
|
-
}, {},
|
|
103
|
+
}, {}, SendVerificationCodeResult>;
|
|
104
|
+
verifyCode: _spfn_core_route.RouteDef<{
|
|
105
|
+
body: _sinclair_typebox.TObject<{
|
|
106
|
+
target: _sinclair_typebox.TString;
|
|
107
|
+
targetType: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"email">, _sinclair_typebox.TLiteral<"phone">]>;
|
|
108
|
+
code: _sinclair_typebox.TString;
|
|
109
|
+
purpose: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"registration">, _sinclair_typebox.TLiteral<"login">, _sinclair_typebox.TLiteral<"password_reset">, _sinclair_typebox.TLiteral<"email_change">, _sinclair_typebox.TLiteral<"phone_change">]>;
|
|
110
|
+
}>;
|
|
111
|
+
}, {}, {
|
|
112
|
+
valid: boolean;
|
|
113
|
+
verificationToken: string;
|
|
114
|
+
}>;
|
|
115
|
+
register: _spfn_core_route.RouteDef<{
|
|
116
|
+
body: _sinclair_typebox.TObject<{
|
|
117
|
+
email: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
118
|
+
phone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
119
|
+
verificationToken: _sinclair_typebox.TString;
|
|
120
|
+
password: _sinclair_typebox.TString;
|
|
121
|
+
metadata: _sinclair_typebox.TOptional<_sinclair_typebox.TRecord<_sinclair_typebox.TString, _sinclair_typebox.TUnknown>>;
|
|
122
|
+
}>;
|
|
123
|
+
}, {
|
|
124
|
+
body: _sinclair_typebox.TObject<{
|
|
125
|
+
publicKey: _sinclair_typebox.TString;
|
|
126
|
+
keyId: _sinclair_typebox.TString;
|
|
127
|
+
fingerprint: _sinclair_typebox.TString;
|
|
128
|
+
algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
|
|
129
|
+
}>;
|
|
130
|
+
}, RegisterResult>;
|
|
131
|
+
login: _spfn_core_route.RouteDef<{
|
|
132
|
+
body: _sinclair_typebox.TObject<{
|
|
133
|
+
email: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
134
|
+
phone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
135
|
+
password: _sinclair_typebox.TString;
|
|
136
|
+
}>;
|
|
137
|
+
}, {
|
|
138
|
+
body: _sinclair_typebox.TObject<{
|
|
139
|
+
publicKey: _sinclair_typebox.TString;
|
|
140
|
+
keyId: _sinclair_typebox.TString;
|
|
141
|
+
fingerprint: _sinclair_typebox.TString;
|
|
142
|
+
algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
|
|
143
|
+
oldKeyId: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
144
|
+
}>;
|
|
145
|
+
}, LoginResult>;
|
|
146
|
+
logout: _spfn_core_route.RouteDef<{}, {}, void>;
|
|
147
|
+
rotateKey: _spfn_core_route.RouteDef<{}, {
|
|
148
|
+
body: _sinclair_typebox.TObject<{
|
|
149
|
+
publicKey: _sinclair_typebox.TString;
|
|
150
|
+
keyId: _sinclair_typebox.TString;
|
|
151
|
+
fingerprint: _sinclair_typebox.TString;
|
|
152
|
+
algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
|
|
153
|
+
}>;
|
|
154
|
+
}, RotateKeyResult>;
|
|
155
|
+
changePassword: _spfn_core_route.RouteDef<{
|
|
156
|
+
body: _sinclair_typebox.TObject<{
|
|
157
|
+
currentPassword: _sinclair_typebox.TString;
|
|
158
|
+
newPassword: _sinclair_typebox.TString;
|
|
159
|
+
}>;
|
|
160
|
+
}, {}, void>;
|
|
161
|
+
getAuthSession: _spfn_core_route.RouteDef<{}, {}, {
|
|
162
|
+
role: {
|
|
163
|
+
id: number;
|
|
164
|
+
name: string;
|
|
165
|
+
displayName: string;
|
|
166
|
+
priority: number;
|
|
167
|
+
};
|
|
168
|
+
permissions: {
|
|
169
|
+
id: number;
|
|
170
|
+
name: string;
|
|
171
|
+
displayName: string;
|
|
172
|
+
category: "auth" | "custom" | "user" | "rbac" | "system" | undefined;
|
|
173
|
+
}[];
|
|
174
|
+
userId: number;
|
|
175
|
+
email: string | null;
|
|
176
|
+
emailVerified: boolean;
|
|
177
|
+
phoneVerified: boolean;
|
|
178
|
+
}>;
|
|
179
|
+
oauthGoogleStart: _spfn_core_route.RouteDef<{
|
|
180
|
+
query: _sinclair_typebox.TObject<{
|
|
181
|
+
state: _sinclair_typebox.TString;
|
|
182
|
+
}>;
|
|
183
|
+
}, {}, Response>;
|
|
184
|
+
oauthGoogleCallback: _spfn_core_route.RouteDef<{
|
|
185
|
+
query: _sinclair_typebox.TObject<{
|
|
186
|
+
code: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
187
|
+
state: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
188
|
+
error: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
189
|
+
error_description: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
190
|
+
}>;
|
|
191
|
+
}, {}, Response>;
|
|
192
|
+
oauthStart: _spfn_core_route.RouteDef<{
|
|
193
|
+
body: _sinclair_typebox.TObject<{
|
|
194
|
+
provider: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"google" | "github" | "kakao" | "naver">[]>;
|
|
195
|
+
returnUrl: _sinclair_typebox.TString;
|
|
196
|
+
publicKey: _sinclair_typebox.TString;
|
|
197
|
+
keyId: _sinclair_typebox.TString;
|
|
198
|
+
fingerprint: _sinclair_typebox.TString;
|
|
199
|
+
algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
|
|
200
|
+
metadata: _sinclair_typebox.TOptional<_sinclair_typebox.TRecord<_sinclair_typebox.TString, _sinclair_typebox.TUnknown>>;
|
|
201
|
+
}>;
|
|
202
|
+
}, {}, OAuthStartResult>;
|
|
203
|
+
oauthProviders: _spfn_core_route.RouteDef<{}, {}, {
|
|
204
|
+
providers: ("google" | "github" | "kakao" | "naver")[];
|
|
205
|
+
}>;
|
|
206
|
+
getGoogleOAuthUrl: _spfn_core_route.RouteDef<{
|
|
207
|
+
body: _sinclair_typebox.TObject<{
|
|
208
|
+
returnUrl: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
209
|
+
state: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
210
|
+
}>;
|
|
211
|
+
}, {}, {
|
|
212
|
+
authUrl: string;
|
|
213
|
+
}>;
|
|
214
|
+
oauthFinalize: _spfn_core_route.RouteDef<{
|
|
215
|
+
body: _sinclair_typebox.TObject<{
|
|
216
|
+
userId: _sinclair_typebox.TString;
|
|
217
|
+
keyId: _sinclair_typebox.TString;
|
|
218
|
+
returnUrl: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
219
|
+
}>;
|
|
220
|
+
}, {}, {
|
|
221
|
+
success: boolean;
|
|
222
|
+
userId: string;
|
|
223
|
+
keyId: string;
|
|
224
|
+
returnUrl: string;
|
|
225
|
+
}>;
|
|
96
226
|
getInvitation: _spfn_core_route.RouteDef<{
|
|
97
227
|
params: _sinclair_typebox.TObject<{
|
|
98
228
|
token: _sinclair_typebox.TString;
|
|
@@ -193,99 +323,139 @@ declare const authApi: _spfn_core_nextjs.Client<_spfn_core_route.Router<{
|
|
|
193
323
|
id: _sinclair_typebox.TNumber;
|
|
194
324
|
}>;
|
|
195
325
|
}, {}, void>;
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
email: _sinclair_typebox.TString;
|
|
199
|
-
}>, _sinclair_typebox.TObject<{
|
|
200
|
-
phone: _sinclair_typebox.TString;
|
|
201
|
-
}>]>;
|
|
202
|
-
}, {}, CheckAccountExistsResult>;
|
|
203
|
-
sendVerificationCode: _spfn_core_route.RouteDef<{
|
|
326
|
+
getUserProfile: _spfn_core_route.RouteDef<{}, {}, UserProfile>;
|
|
327
|
+
updateUserProfile: _spfn_core_route.RouteDef<{
|
|
204
328
|
body: _sinclair_typebox.TObject<{
|
|
205
|
-
|
|
206
|
-
|
|
207
|
-
|
|
329
|
+
displayName: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
330
|
+
firstName: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
331
|
+
lastName: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
332
|
+
avatarUrl: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
333
|
+
bio: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
334
|
+
locale: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
335
|
+
timezone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
336
|
+
dateOfBirth: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
337
|
+
gender: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
338
|
+
website: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
339
|
+
location: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
340
|
+
company: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
341
|
+
jobTitle: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
342
|
+
metadata: _sinclair_typebox.TOptional<_sinclair_typebox.TRecord<_sinclair_typebox.TString, _sinclair_typebox.TAny>>;
|
|
208
343
|
}>;
|
|
209
|
-
}, {},
|
|
210
|
-
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
targetType: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"email">, _sinclair_typebox.TLiteral<"phone">]>;
|
|
214
|
-
code: _sinclair_typebox.TString;
|
|
215
|
-
purpose: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"registration">, _sinclair_typebox.TLiteral<"login">, _sinclair_typebox.TLiteral<"password_reset">, _sinclair_typebox.TLiteral<"email_change">, _sinclair_typebox.TLiteral<"phone_change">]>;
|
|
344
|
+
}, {}, ProfileInfo>;
|
|
345
|
+
checkUsername: _spfn_core_route.RouteDef<{
|
|
346
|
+
query: _sinclair_typebox.TObject<{
|
|
347
|
+
username: _sinclair_typebox.TString;
|
|
216
348
|
}>;
|
|
217
349
|
}, {}, {
|
|
218
|
-
|
|
219
|
-
verificationToken: string;
|
|
350
|
+
available: boolean;
|
|
220
351
|
}>;
|
|
221
|
-
|
|
352
|
+
updateUsername: _spfn_core_route.RouteDef<{
|
|
222
353
|
body: _sinclair_typebox.TObject<{
|
|
223
|
-
|
|
224
|
-
phone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
225
|
-
verificationToken: _sinclair_typebox.TString;
|
|
226
|
-
password: _sinclair_typebox.TString;
|
|
354
|
+
username: _sinclair_typebox.TUnion<[_sinclair_typebox.TString, _sinclair_typebox.TNull]>;
|
|
227
355
|
}>;
|
|
228
|
-
}, {
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
|
|
241
|
-
|
|
242
|
-
}
|
|
356
|
+
}, {}, {
|
|
357
|
+
createdAt: Date;
|
|
358
|
+
updatedAt: Date;
|
|
359
|
+
id: number;
|
|
360
|
+
email: string | null;
|
|
361
|
+
phone: string | null;
|
|
362
|
+
username: string | null;
|
|
363
|
+
passwordHash: string | null;
|
|
364
|
+
passwordChangeRequired: boolean;
|
|
365
|
+
roleId: number;
|
|
366
|
+
status: "active" | "inactive" | "suspended";
|
|
367
|
+
emailVerifiedAt: Date | null;
|
|
368
|
+
phoneVerifiedAt: Date | null;
|
|
369
|
+
lastLoginAt: Date | null;
|
|
370
|
+
}>;
|
|
371
|
+
updateLocale: _spfn_core_route.RouteDef<{
|
|
243
372
|
body: _sinclair_typebox.TObject<{
|
|
244
|
-
|
|
245
|
-
keyId: _sinclair_typebox.TString;
|
|
246
|
-
fingerprint: _sinclair_typebox.TString;
|
|
247
|
-
algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
|
|
248
|
-
oldKeyId: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
373
|
+
locale: _sinclair_typebox.TString;
|
|
249
374
|
}>;
|
|
250
|
-
},
|
|
251
|
-
|
|
252
|
-
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
}, {
|
|
257
|
-
body: _sinclair_typebox.TObject<{
|
|
258
|
-
publicKey: _sinclair_typebox.TString;
|
|
259
|
-
keyId: _sinclair_typebox.TString;
|
|
260
|
-
fingerprint: _sinclair_typebox.TString;
|
|
261
|
-
algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
|
|
375
|
+
}, {}, {
|
|
376
|
+
locale: string;
|
|
377
|
+
}>;
|
|
378
|
+
listRoles: _spfn_core_route.RouteDef<{
|
|
379
|
+
query: _sinclair_typebox.TObject<{
|
|
380
|
+
includeInactive: _sinclair_typebox.TOptional<_sinclair_typebox.TBoolean>;
|
|
262
381
|
}>;
|
|
263
|
-
},
|
|
264
|
-
|
|
382
|
+
}, {}, {
|
|
383
|
+
roles: {
|
|
384
|
+
description: string | null;
|
|
385
|
+
id: number;
|
|
386
|
+
name: string;
|
|
387
|
+
displayName: string;
|
|
388
|
+
isBuiltin: boolean;
|
|
389
|
+
isSystem: boolean;
|
|
390
|
+
isActive: boolean;
|
|
391
|
+
priority: number;
|
|
392
|
+
createdAt: Date;
|
|
393
|
+
updatedAt: Date;
|
|
394
|
+
}[];
|
|
395
|
+
}>;
|
|
396
|
+
createAdminRole: _spfn_core_route.RouteDef<{
|
|
265
397
|
body: _sinclair_typebox.TObject<{
|
|
266
|
-
|
|
267
|
-
|
|
398
|
+
name: _sinclair_typebox.TString;
|
|
399
|
+
displayName: _sinclair_typebox.TString;
|
|
400
|
+
description: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
401
|
+
priority: _sinclair_typebox.TOptional<_sinclair_typebox.TNumber>;
|
|
402
|
+
permissionIds: _sinclair_typebox.TOptional<_sinclair_typebox.TArray<_sinclair_typebox.TNumber>>;
|
|
268
403
|
}>;
|
|
269
|
-
}, {},
|
|
270
|
-
getAuthSession: _spfn_core_route.RouteDef<{}, {}, {
|
|
404
|
+
}, {}, {
|
|
271
405
|
role: {
|
|
406
|
+
description: string | null;
|
|
272
407
|
id: number;
|
|
273
408
|
name: string;
|
|
274
409
|
displayName: string;
|
|
410
|
+
isBuiltin: boolean;
|
|
411
|
+
isSystem: boolean;
|
|
412
|
+
isActive: boolean;
|
|
275
413
|
priority: number;
|
|
414
|
+
createdAt: Date;
|
|
415
|
+
updatedAt: Date;
|
|
276
416
|
};
|
|
277
|
-
|
|
417
|
+
}>;
|
|
418
|
+
updateAdminRole: _spfn_core_route.RouteDef<{
|
|
419
|
+
params: _sinclair_typebox.TObject<{
|
|
420
|
+
id: _sinclair_typebox.TNumber;
|
|
421
|
+
}>;
|
|
422
|
+
body: _sinclair_typebox.TObject<{
|
|
423
|
+
displayName: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
424
|
+
description: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
|
|
425
|
+
priority: _sinclair_typebox.TOptional<_sinclair_typebox.TNumber>;
|
|
426
|
+
isActive: _sinclair_typebox.TOptional<_sinclair_typebox.TBoolean>;
|
|
427
|
+
}>;
|
|
428
|
+
}, {}, {
|
|
429
|
+
role: {
|
|
430
|
+
description: string | null;
|
|
278
431
|
id: number;
|
|
279
432
|
name: string;
|
|
280
433
|
displayName: string;
|
|
281
|
-
|
|
282
|
-
|
|
434
|
+
isBuiltin: boolean;
|
|
435
|
+
isSystem: boolean;
|
|
436
|
+
isActive: boolean;
|
|
437
|
+
priority: number;
|
|
438
|
+
createdAt: Date;
|
|
439
|
+
updatedAt: Date;
|
|
440
|
+
};
|
|
441
|
+
}>;
|
|
442
|
+
deleteAdminRole: _spfn_core_route.RouteDef<{
|
|
443
|
+
params: _sinclair_typebox.TObject<{
|
|
444
|
+
id: _sinclair_typebox.TNumber;
|
|
445
|
+
}>;
|
|
446
|
+
}, {}, void>;
|
|
447
|
+
updateUserRole: _spfn_core_route.RouteDef<{
|
|
448
|
+
params: _sinclair_typebox.TObject<{
|
|
449
|
+
userId: _sinclair_typebox.TNumber;
|
|
450
|
+
}>;
|
|
451
|
+
body: _sinclair_typebox.TObject<{
|
|
452
|
+
roleId: _sinclair_typebox.TNumber;
|
|
453
|
+
}>;
|
|
454
|
+
}, {}, {
|
|
283
455
|
userId: number;
|
|
284
|
-
|
|
285
|
-
emailVerified: boolean;
|
|
286
|
-
phoneVerified: boolean;
|
|
456
|
+
roleId: number;
|
|
287
457
|
}>;
|
|
288
458
|
}>>;
|
|
289
459
|
type AuthRouter = typeof mainAuthRouter;
|
|
290
460
|
|
|
291
|
-
export { type AuthRouter, BASE64_PATTERN, BUILTIN_PERMISSIONS, BUILTIN_ROLES, BUILTIN_ROLE_PERMISSIONS, type BuiltinPermissionName, type BuiltinRoleName, EMAIL_PATTERN, FINGERPRINT_PATTERN, PHONE_PATTERN, PermissionConfig, ProfileInfo, RoleConfig, UUID_PATTERN, UserProfile, authApi };
|
|
461
|
+
export { type AuthRouter, BASE64_PATTERN, BUILTIN_PERMISSIONS, BUILTIN_ROLES, BUILTIN_ROLE_PERMISSIONS, type BuiltinPermissionName, type BuiltinRoleName, EMAIL_PATTERN, FINGERPRINT_PATTERN, PHONE_PATTERN, PermissionConfig, ProfileInfo, RoleConfig, UUID_PATTERN, UserProfile, authApi, routeMap as authRouteMap };
|
package/dist/index.js
CHANGED
|
@@ -102,6 +102,24 @@ var VerificationTokenTargetMismatchError = class extends ValidationError {
|
|
|
102
102
|
this.name = "VerificationTokenTargetMismatchError";
|
|
103
103
|
}
|
|
104
104
|
};
|
|
105
|
+
var ReservedUsernameError = class extends ValidationError {
|
|
106
|
+
constructor(data = {}) {
|
|
107
|
+
super({
|
|
108
|
+
message: data.message || "This username is reserved",
|
|
109
|
+
details: { username: data.username, ...data.details }
|
|
110
|
+
});
|
|
111
|
+
this.name = "ReservedUsernameError";
|
|
112
|
+
}
|
|
113
|
+
};
|
|
114
|
+
var UsernameAlreadyTakenError = class extends ConflictError {
|
|
115
|
+
constructor(data = {}) {
|
|
116
|
+
super({
|
|
117
|
+
message: data.message || "Username is already taken",
|
|
118
|
+
details: { username: data.username, ...data.details }
|
|
119
|
+
});
|
|
120
|
+
this.name = "UsernameAlreadyTakenError";
|
|
121
|
+
}
|
|
122
|
+
};
|
|
105
123
|
var InsufficientPermissionsError = class extends ForbiddenError {
|
|
106
124
|
constructor(data = {}) {
|
|
107
125
|
const requiredPermissions = data.requiredPermissions || [];
|
|
@@ -132,6 +150,8 @@ authErrorRegistry.append([
|
|
|
132
150
|
KeyExpiredError,
|
|
133
151
|
AccountDisabledError,
|
|
134
152
|
AccountAlreadyExistsError,
|
|
153
|
+
ReservedUsernameError,
|
|
154
|
+
UsernameAlreadyTakenError,
|
|
135
155
|
InvalidVerificationCodeError,
|
|
136
156
|
InvalidVerificationTokenError,
|
|
137
157
|
InvalidKeyFingerprintError,
|
|
@@ -141,6 +161,42 @@ authErrorRegistry.append([
|
|
|
141
161
|
InsufficientRoleError
|
|
142
162
|
]);
|
|
143
163
|
|
|
164
|
+
// src/generated/route-map.ts
|
|
165
|
+
var routeMap = {
|
|
166
|
+
checkAccountExists: { method: "POST", path: "/_auth/exists" },
|
|
167
|
+
sendVerificationCode: { method: "POST", path: "/_auth/codes" },
|
|
168
|
+
verifyCode: { method: "POST", path: "/_auth/codes/verify" },
|
|
169
|
+
register: { method: "POST", path: "/_auth/register" },
|
|
170
|
+
login: { method: "POST", path: "/_auth/login" },
|
|
171
|
+
logout: { method: "POST", path: "/_auth/logout" },
|
|
172
|
+
rotateKey: { method: "POST", path: "/_auth/keys/rotate" },
|
|
173
|
+
changePassword: { method: "PUT", path: "/_auth/password" },
|
|
174
|
+
getAuthSession: { method: "GET", path: "/_auth/session" },
|
|
175
|
+
getInvitation: { method: "GET", path: "/_auth/invitations/:token" },
|
|
176
|
+
acceptInvitation: { method: "POST", path: "/_auth/invitations/accept" },
|
|
177
|
+
createInvitation: { method: "POST", path: "/_auth/invitations" },
|
|
178
|
+
listInvitations: { method: "GET", path: "/_auth/invitations" },
|
|
179
|
+
cancelInvitation: { method: "POST", path: "/_auth/invitations/cancel" },
|
|
180
|
+
resendInvitation: { method: "POST", path: "/_auth/invitations/resend" },
|
|
181
|
+
deleteInvitation: { method: "POST", path: "/_auth/invitations/delete" },
|
|
182
|
+
getUserProfile: { method: "GET", path: "/_auth/users/profile" },
|
|
183
|
+
updateUserProfile: { method: "PATCH", path: "/_auth/users/profile" },
|
|
184
|
+
checkUsername: { method: "GET", path: "/_auth/users/username/check" },
|
|
185
|
+
updateUsername: { method: "PATCH", path: "/_auth/users/username" },
|
|
186
|
+
updateLocale: { method: "PATCH", path: "/_auth/users/locale" },
|
|
187
|
+
oauthGoogleStart: { method: "GET", path: "/_auth/oauth/google" },
|
|
188
|
+
oauthGoogleCallback: { method: "GET", path: "/_auth/oauth/google/callback" },
|
|
189
|
+
oauthStart: { method: "POST", path: "/_auth/oauth/start" },
|
|
190
|
+
oauthProviders: { method: "GET", path: "/_auth/oauth/providers" },
|
|
191
|
+
getGoogleOAuthUrl: { method: "POST", path: "/_auth/oauth/google/url" },
|
|
192
|
+
oauthFinalize: { method: "POST", path: "/_auth/oauth/finalize" },
|
|
193
|
+
listRoles: { method: "GET", path: "/_auth/admin/roles" },
|
|
194
|
+
createAdminRole: { method: "POST", path: "/_auth/admin/roles" },
|
|
195
|
+
updateAdminRole: { method: "PATCH", path: "/_auth/admin/roles/:id" },
|
|
196
|
+
deleteAdminRole: { method: "DELETE", path: "/_auth/admin/roles/:id" },
|
|
197
|
+
updateUserRole: { method: "PATCH", path: "/_auth/admin/users/:userId/role" }
|
|
198
|
+
};
|
|
199
|
+
|
|
144
200
|
// src/lib/types.ts
|
|
145
201
|
var EMAIL_PATTERN = "^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$";
|
|
146
202
|
var PHONE_PATTERN = "^\\+[1-9]\\d{1,14}$";
|
|
@@ -2941,6 +2997,7 @@ export {
|
|
|
2941
2997
|
UUID_PATTERN,
|
|
2942
2998
|
VERIFICATION_PURPOSES,
|
|
2943
2999
|
VERIFICATION_TARGET_TYPES,
|
|
2944
|
-
authApi
|
|
3000
|
+
authApi,
|
|
3001
|
+
routeMap as authRouteMap
|
|
2945
3002
|
};
|
|
2946
3003
|
//# sourceMappingURL=index.js.map
|