@spfn/auth 0.2.0-beta.50 → 0.2.0-beta.52
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/server.d.ts +6 -3
- package/dist/server.js +17 -3
- package/dist/server.js.map +1 -1
- package/package.json +4 -4
package/dist/server.d.ts
CHANGED
|
@@ -5159,14 +5159,17 @@ declare function shouldRefreshSession(jwt: string, thresholdHours?: number): Pro
|
|
|
5159
5159
|
*/
|
|
5160
5160
|
/**
|
|
5161
5161
|
* Cookie names used by SPFN Auth
|
|
5162
|
+
*
|
|
5163
|
+
* Names include a port-based suffix so that multiple dev instances
|
|
5164
|
+
* on different ports don't overwrite each other's cookies.
|
|
5162
5165
|
*/
|
|
5163
5166
|
declare const COOKIE_NAMES: {
|
|
5164
5167
|
/** Encrypted session data (userId, privateKey, keyId, algorithm) */
|
|
5165
|
-
readonly SESSION:
|
|
5168
|
+
readonly SESSION: string;
|
|
5166
5169
|
/** Current key ID (for key rotation) */
|
|
5167
|
-
readonly SESSION_KEY_ID:
|
|
5170
|
+
readonly SESSION_KEY_ID: string;
|
|
5168
5171
|
/** Pending OAuth session (privateKey, keyId, algorithm) - temporary during OAuth flow */
|
|
5169
|
-
readonly OAUTH_PENDING:
|
|
5172
|
+
readonly OAUTH_PENDING: string;
|
|
5170
5173
|
};
|
|
5171
5174
|
/**
|
|
5172
5175
|
* Parse duration string to seconds
|
package/dist/server.js
CHANGED
|
@@ -7086,6 +7086,10 @@ function getKeyExpiryDate() {
|
|
|
7086
7086
|
}
|
|
7087
7087
|
async function registerPublicKeyService(params) {
|
|
7088
7088
|
const { userId, keyId, publicKey, fingerprint, algorithm = "ES256" } = params;
|
|
7089
|
+
const existing = await keysRepository.findActiveByKeyId(keyId);
|
|
7090
|
+
if (existing) {
|
|
7091
|
+
return;
|
|
7092
|
+
}
|
|
7089
7093
|
const isValidFingerprint = verifyKeyFingerprint(publicKey, fingerprint);
|
|
7090
7094
|
if (!isValidFingerprint) {
|
|
7091
7095
|
throw new InvalidKeyFingerprintError();
|
|
@@ -7420,13 +7424,23 @@ import { createHash } from "crypto";
|
|
|
7420
7424
|
|
|
7421
7425
|
// src/server/lib/config.ts
|
|
7422
7426
|
import { env as env5 } from "@spfn/auth/config";
|
|
7427
|
+
function getCookieSuffix() {
|
|
7428
|
+
const port = process.env.PORT;
|
|
7429
|
+
return port ? `_${port}` : "";
|
|
7430
|
+
}
|
|
7423
7431
|
var COOKIE_NAMES = {
|
|
7424
7432
|
/** Encrypted session data (userId, privateKey, keyId, algorithm) */
|
|
7425
|
-
SESSION
|
|
7433
|
+
get SESSION() {
|
|
7434
|
+
return `spfn_session${getCookieSuffix()}`;
|
|
7435
|
+
},
|
|
7426
7436
|
/** Current key ID (for key rotation) */
|
|
7427
|
-
SESSION_KEY_ID
|
|
7437
|
+
get SESSION_KEY_ID() {
|
|
7438
|
+
return `spfn_session_key_id${getCookieSuffix()}`;
|
|
7439
|
+
},
|
|
7428
7440
|
/** Pending OAuth session (privateKey, keyId, algorithm) - temporary during OAuth flow */
|
|
7429
|
-
OAUTH_PENDING
|
|
7441
|
+
get OAUTH_PENDING() {
|
|
7442
|
+
return `spfn_oauth_pending${getCookieSuffix()}`;
|
|
7443
|
+
}
|
|
7430
7444
|
};
|
|
7431
7445
|
function parseDuration(duration) {
|
|
7432
7446
|
if (typeof duration === "number") {
|