@spfn/auth 0.2.0-beta.59 → 0.2.0-beta.60
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{authenticate-CZW-7GE2.d.ts → authenticate-B_HkYBzq.d.ts} +3 -46
- package/dist/index.d.ts +4 -3
- package/dist/nextjs/api.js +336 -79
- package/dist/nextjs/api.js.map +1 -1
- package/dist/nextjs/server.d.ts +4 -4
- package/dist/nextjs/server.js +157 -22
- package/dist/nextjs/server.js.map +1 -1
- package/dist/server.d.ts +59 -106
- package/dist/session-Dbvz9Sdp.d.ts +53 -0
- package/dist/types-B1CzVZkU.d.ts +45 -0
- package/package.json +4 -4
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
import { K as KeyAlgorithmType } from './types-B1CzVZkU.js';
|
|
2
|
+
|
|
3
|
+
/**
|
|
4
|
+
* @spfn/auth - Client Session Management
|
|
5
|
+
*
|
|
6
|
+
* Uses Jose JWE (JSON Web Encryption) to securely store session data in cookies
|
|
7
|
+
* More efficient than Iron Session with better Edge Runtime support
|
|
8
|
+
*/
|
|
9
|
+
|
|
10
|
+
interface SessionData {
|
|
11
|
+
userId: string;
|
|
12
|
+
privateKey: string;
|
|
13
|
+
keyId: string;
|
|
14
|
+
algorithm: KeyAlgorithmType;
|
|
15
|
+
}
|
|
16
|
+
/**
|
|
17
|
+
* Seal session data into encrypted JWT (JWE)
|
|
18
|
+
*
|
|
19
|
+
* @param data - Session data to encrypt
|
|
20
|
+
* @param ttl - Time to live in seconds (default: 7 days)
|
|
21
|
+
* @returns Encrypted JWT string
|
|
22
|
+
*/
|
|
23
|
+
declare function sealSession(data: SessionData, ttl?: number): Promise<string>;
|
|
24
|
+
/**
|
|
25
|
+
* Unseal encrypted JWT (JWE) to session data
|
|
26
|
+
*
|
|
27
|
+
* @param jwt - Encrypted JWT string
|
|
28
|
+
* @returns Session data
|
|
29
|
+
* @throws Error if session is invalid or expired
|
|
30
|
+
*/
|
|
31
|
+
declare function unsealSession(jwt: string): Promise<SessionData>;
|
|
32
|
+
/**
|
|
33
|
+
* Get session metadata without decrypting
|
|
34
|
+
*
|
|
35
|
+
* @param jwt - Encrypted JWT string
|
|
36
|
+
* @returns Session metadata or null if invalid
|
|
37
|
+
*/
|
|
38
|
+
declare function getSessionInfo(jwt: string): Promise<{
|
|
39
|
+
issuedAt: Date;
|
|
40
|
+
expiresAt: Date;
|
|
41
|
+
issuer: string;
|
|
42
|
+
audience: string;
|
|
43
|
+
} | null>;
|
|
44
|
+
/**
|
|
45
|
+
* Check if session is about to expire (within threshold)
|
|
46
|
+
*
|
|
47
|
+
* @param jwt - Encrypted JWT string
|
|
48
|
+
* @param thresholdHours - Hours before expiry to trigger refresh (default: 24)
|
|
49
|
+
* @returns True if session should be refreshed
|
|
50
|
+
*/
|
|
51
|
+
declare function shouldRefreshSession(jwt: string, thresholdHours?: number): Promise<boolean>;
|
|
52
|
+
|
|
53
|
+
export { type SessionData as S, shouldRefreshSession as a, getSessionInfo as g, sealSession as s, unsealSession as u };
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @spfn/auth - Shared Types
|
|
3
|
+
*
|
|
4
|
+
* Common types and constants used across the auth package
|
|
5
|
+
*/
|
|
6
|
+
/**
|
|
7
|
+
* Supported JWT signature algorithms
|
|
8
|
+
*
|
|
9
|
+
* - ES256: ECDSA with P-256 and SHA-256 (recommended, smaller keys)
|
|
10
|
+
* - RS256: RSA with SHA-256 (fallback, larger keys)
|
|
11
|
+
*/
|
|
12
|
+
declare const KEY_ALGORITHM: readonly ["ES256", "RS256"];
|
|
13
|
+
/**
|
|
14
|
+
* Key algorithm type derived from the const array
|
|
15
|
+
*/
|
|
16
|
+
type KeyAlgorithmType = typeof KEY_ALGORITHM[number];
|
|
17
|
+
/**
|
|
18
|
+
* Invitation status enum values
|
|
19
|
+
* Single source of truth for all invitation statuses
|
|
20
|
+
*/
|
|
21
|
+
declare const INVITATION_STATUSES: readonly ["pending", "accepted", "expired", "cancelled"];
|
|
22
|
+
/**
|
|
23
|
+
* Invitation status type derived from the const array
|
|
24
|
+
*/
|
|
25
|
+
type InvitationStatus = typeof INVITATION_STATUSES[number];
|
|
26
|
+
/**
|
|
27
|
+
* User status enum values
|
|
28
|
+
* Single source of truth for all user statuses
|
|
29
|
+
*/
|
|
30
|
+
declare const USER_STATUSES: readonly ["active", "inactive", "suspended"];
|
|
31
|
+
/**
|
|
32
|
+
* User status type derived from the const array
|
|
33
|
+
*/
|
|
34
|
+
type UserStatus = typeof USER_STATUSES[number];
|
|
35
|
+
/**
|
|
36
|
+
* Social provider enum values
|
|
37
|
+
* Single source of truth for supported OAuth providers
|
|
38
|
+
*/
|
|
39
|
+
declare const SOCIAL_PROVIDERS: readonly ["google", "github", "kakao", "naver"];
|
|
40
|
+
/**
|
|
41
|
+
* Social provider type derived from the const array
|
|
42
|
+
*/
|
|
43
|
+
type SocialProvider = typeof SOCIAL_PROVIDERS[number];
|
|
44
|
+
|
|
45
|
+
export { INVITATION_STATUSES as I, type KeyAlgorithmType as K, SOCIAL_PROVIDERS as S, USER_STATUSES as U, KEY_ALGORITHM as a, type InvitationStatus as b, type UserStatus as c, type SocialProvider as d };
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@spfn/auth",
|
|
3
|
-
"version": "0.2.0-beta.
|
|
3
|
+
"version": "0.2.0-beta.60",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"description": "Authentication, authorization, and RBAC module for SPFN",
|
|
6
6
|
"main": "./dist/index.js",
|
|
@@ -85,8 +85,8 @@
|
|
|
85
85
|
"jose": "^6.1.0",
|
|
86
86
|
"jsonwebtoken": "^9.0.2",
|
|
87
87
|
"postgres": "^3.4.0",
|
|
88
|
-
"@spfn/core": "0.2.0-beta.
|
|
89
|
-
"@spfn/notification": "0.1.0-beta.
|
|
88
|
+
"@spfn/core": "0.2.0-beta.45",
|
|
89
|
+
"@spfn/notification": "0.1.0-beta.18"
|
|
90
90
|
},
|
|
91
91
|
"devDependencies": {
|
|
92
92
|
"@types/bcryptjs": "^2.4.6",
|
|
@@ -103,7 +103,7 @@
|
|
|
103
103
|
"tsx": "^4.20.6",
|
|
104
104
|
"typescript": "^5.3.3",
|
|
105
105
|
"vitest": "^4.0.6",
|
|
106
|
-
"spfn": "0.2.0-beta.
|
|
106
|
+
"spfn": "0.2.0-beta.46"
|
|
107
107
|
},
|
|
108
108
|
"peerDependencies": {
|
|
109
109
|
"next": "^15.0.0 || ^16.0.0"
|