@stackframe/js 2.8.2 → 2.8.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +29 -0
- package/dist/esm/lib/stack-app/api-keys/index.js +14 -6
- package/dist/esm/lib/stack-app/api-keys/index.js.map +1 -1
- package/dist/esm/lib/stack-app/apps/implementations/admin-app-impl.js +23 -20
- package/dist/esm/lib/stack-app/apps/implementations/admin-app-impl.js.map +1 -1
- package/dist/esm/lib/stack-app/apps/implementations/client-app-impl.js +161 -0
- package/dist/esm/lib/stack-app/apps/implementations/client-app-impl.js.map +1 -1
- package/dist/esm/lib/stack-app/apps/implementations/common.js +1 -1
- package/dist/esm/lib/stack-app/apps/implementations/common.js.map +1 -1
- package/dist/esm/lib/stack-app/apps/implementations/server-app-impl.js +106 -3
- package/dist/esm/lib/stack-app/apps/implementations/server-app-impl.js.map +1 -1
- package/dist/esm/lib/stack-app/apps/interfaces/admin-app.js.map +1 -1
- package/dist/esm/lib/stack-app/apps/interfaces/client-app.js.map +1 -1
- package/dist/esm/lib/stack-app/apps/interfaces/server-app.js.map +1 -1
- package/dist/esm/lib/stack-app/index.js.map +1 -1
- package/dist/esm/lib/stack-app/internal-api-keys/index.js +14 -0
- package/dist/esm/lib/stack-app/internal-api-keys/index.js.map +1 -0
- package/dist/esm/lib/stack-app/projects/index.js +3 -1
- package/dist/esm/lib/stack-app/projects/index.js.map +1 -1
- package/dist/esm/lib/stack-app/teams/index.js.map +1 -1
- package/dist/esm/lib/stack-app/users/index.js.map +1 -1
- package/dist/index.d.mts +94 -34
- package/dist/index.d.ts +94 -34
- package/dist/lib/stack-app/api-keys/index.js +16 -7
- package/dist/lib/stack-app/api-keys/index.js.map +1 -1
- package/dist/lib/stack-app/apps/implementations/admin-app-impl.js +22 -19
- package/dist/lib/stack-app/apps/implementations/admin-app-impl.js.map +1 -1
- package/dist/lib/stack-app/apps/implementations/client-app-impl.js +161 -0
- package/dist/lib/stack-app/apps/implementations/client-app-impl.js.map +1 -1
- package/dist/lib/stack-app/apps/implementations/common.js +1 -1
- package/dist/lib/stack-app/apps/implementations/common.js.map +1 -1
- package/dist/lib/stack-app/apps/implementations/server-app-impl.js +106 -3
- package/dist/lib/stack-app/apps/implementations/server-app-impl.js.map +1 -1
- package/dist/lib/stack-app/apps/interfaces/admin-app.js.map +1 -1
- package/dist/lib/stack-app/apps/interfaces/client-app.js.map +1 -1
- package/dist/lib/stack-app/apps/interfaces/server-app.js.map +1 -1
- package/dist/lib/stack-app/index.js.map +1 -1
- package/dist/lib/stack-app/internal-api-keys/index.js +39 -0
- package/dist/lib/stack-app/internal-api-keys/index.js.map +1 -0
- package/dist/lib/stack-app/project-configs/index.js.map +1 -1
- package/dist/lib/stack-app/projects/index.js +3 -1
- package/dist/lib/stack-app/projects/index.js.map +1 -1
- package/dist/lib/stack-app/teams/index.js.map +1 -1
- package/dist/lib/stack-app/users/index.js.map +1 -1
- package/package.json +3 -2
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../../src/lib/stack-app/users/index.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { KnownErrors } from \"@stackframe/stack-shared\";\nimport { CurrentUserCrud } from \"@stackframe/stack-shared/dist/interface/crud/current-user\";\nimport { UsersCrud } from \"@stackframe/stack-shared/dist/interface/crud/users\";\nimport { InternalSession } from \"@stackframe/stack-shared/dist/sessions\";\nimport { encodeBase64 } from \"@stackframe/stack-shared/dist/utils/bytes\";\nimport { GeoInfo } from \"@stackframe/stack-shared/dist/utils/geo\";\nimport { ReadonlyJson } from \"@stackframe/stack-shared/dist/utils/json\";\nimport { ProviderType } from \"@stackframe/stack-shared/dist/utils/oauth\";\nimport { Result } from \"@stackframe/stack-shared/dist/utils/results\";\nimport { AsyncStoreProperty } from \"../common\";\nimport { OAuthConnection } from \"../connected-accounts\";\nimport { ContactChannel, ContactChannelCreateOptions, ServerContactChannel, ServerContactChannelCreateOptions } from \"../contact-channels\";\nimport { AdminTeamPermission, TeamPermission } from \"../permissions\";\nimport { AdminOwnedProject, AdminProjectUpdateOptions } from \"../projects\";\nimport { EditableTeamMemberProfile, ServerTeam, ServerTeamCreateOptions, Team, TeamCreateOptions } from \"../teams\";\n\n\nexport type Session = {\n getTokens(): Promise<{ accessToken: string | null, refreshToken: string | null }>,\n};\n\n/**\n * Contains everything related to the current user session.\n */\nexport type Auth = {\n readonly _internalSession: InternalSession,\n readonly currentSession: Session,\n signOut(options?: { redirectUrl?: URL | string }): Promise<void>,\n\n /**\n * Returns headers for sending authenticated HTTP requests to external servers. Most commonly used in cross-origin\n * requests. Similar to `getAuthJson`, but specifically for HTTP requests.\n *\n * If you are using `tokenStore: \"cookie\"`, you don't need this for same-origin requests. However, most\n * browsers now disable third-party cookies by default, so we must pass authentication tokens by header instead\n * if the client and server are on different origins.\n *\n * This function returns a header object that can be used with `fetch` or other HTTP request libraries to send\n * authenticated requests.\n *\n * On the server, you can then pass in the `Request` object to the `tokenStore` option\n * of your Stack app. Please note that CORS does not allow most headers by default, so you\n * must include `x-stack-auth` in the [`Access-Control-Allow-Headers` header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers)\n * of the CORS preflight response.\n *\n * If you are not using HTTP (and hence cannot set headers), you will need to use the `getAuthJson()` function\n * instead.\n *\n * Example:\n *\n * ```ts\n * // client\n * const res = await fetch(\"https://api.example.com\", {\n * headers: {\n * ...await stackApp.getAuthHeaders()\n * // you can also add your own headers here\n * },\n * });\n *\n * // server\n * function handleRequest(req: Request) {\n * const user = await stackServerApp.getUser({ tokenStore: req });\n * return new Response(\"Welcome, \" + user.displayName);\n * }\n * ```\n */\n getAuthHeaders(): Promise<{ \"x-stack-auth\": string }>,\n\n /**\n * Creates a JSON-serializable object containing the information to authenticate a user on an external server.\n * Similar to `getAuthHeaders`, but returns an object that can be sent over any protocol instead of just\n * HTTP headers.\n *\n * While `getAuthHeaders` is the recommended way to send authentication tokens over HTTP, your app may use\n * a different protocol, for example WebSockets or gRPC. This function returns a token object that can be JSON-serialized and sent to the server in any way you like.\n *\n * On the server, you can pass in this token object into the `tokenStore` option to fetch user details.\n *\n * Example:\n *\n * ```ts\n * // client\n * const res = await rpcCall(rpcEndpoint, {\n * data: {\n * auth: await stackApp.getAuthJson(),\n * },\n * });\n *\n * // server\n * function handleRequest(data) {\n * const user = await stackServerApp.getUser({ tokenStore: data.auth });\n * return new Response(\"Welcome, \" + user.displayName);\n * }\n * ```\n */\n getAuthJson(): Promise<{ accessToken: string | null, refreshToken: string | null }>,\n registerPasskey(options?: { hostname?: string }): Promise<Result<undefined, KnownErrors[\"PasskeyRegistrationFailed\"] | KnownErrors[\"PasskeyWebAuthnError\"]>>,\n};\n\n/**\n * ```\n * +----------+-------------+-------------------+\n * | \\ | !Server | Server |\n * +----------+-------------+-------------------+\n * | !Session | User | ServerUser |\n * | Session | CurrentUser | CurrentServerUser |\n * +----------+-------------+-------------------+\n * ```\n *\n * The fields on each of these types are available iff:\n * BaseUser: true\n * Auth: Session\n * ServerBaseUser: Server\n * UserExtra: Session OR Server\n *\n * The types are defined as follows (in the typescript manner):\n * User = BaseUser\n * CurrentUser = BaseUser & Auth & UserExtra\n * ServerUser = BaseUser & ServerBaseUser & UserExtra\n * CurrentServerUser = BaseUser & ServerBaseUser & Auth & UserExtra\n **/\n\nexport type BaseUser = {\n readonly id: string,\n\n readonly displayName: string | null,\n\n /**\n * The user's email address.\n *\n * Note: This might NOT be unique across multiple users, so always use `id` for unique identification.\n */\n readonly primaryEmail: string | null,\n readonly primaryEmailVerified: boolean,\n readonly profileImageUrl: string | null,\n\n readonly signedUpAt: Date,\n\n readonly clientMetadata: any,\n readonly clientReadOnlyMetadata: any,\n\n /**\n * Whether the user has a password set.\n */\n readonly hasPassword: boolean,\n readonly otpAuthEnabled: boolean,\n readonly passkeyAuthEnabled: boolean,\n\n readonly isMultiFactorRequired: boolean,\n readonly isAnonymous: boolean,\n toClientJson(): CurrentUserCrud[\"Client\"][\"Read\"],\n\n /**\n * @deprecated, use contact channel's usedForAuth instead\n */\n readonly emailAuthEnabled: boolean,\n /**\n * @deprecated\n */\n readonly oauthProviders: readonly { id: string }[],\n}\n\nexport type UserExtra = {\n setDisplayName(displayName: string): Promise<void>,\n /** @deprecated Use contact channel's sendVerificationEmail instead */\n sendVerificationEmail(): Promise<KnownErrors[\"EmailAlreadyVerified\"] | void>,\n setClientMetadata(metadata: any): Promise<void>,\n updatePassword(options: { oldPassword: string, newPassword: string}): Promise<KnownErrors[\"PasswordConfirmationMismatch\"] | KnownErrors[\"PasswordRequirementsNotMet\"] | void>,\n setPassword(options: { password: string }): Promise<KnownErrors[\"PasswordRequirementsNotMet\"] | void>,\n\n /**\n * A shorthand method to update multiple fields of the user at once.\n */\n update(update: UserUpdateOptions): Promise<void>,\n\n listContactChannels(): Promise<ContactChannel[]>,\n createContactChannel(data: ContactChannelCreateOptions): Promise<ContactChannel>,\n\n delete(): Promise<void>,\n\n getConnectedAccount(id: ProviderType, options: { or: 'redirect', scopes?: string[] }): Promise<OAuthConnection>,\n getConnectedAccount(id: ProviderType, options?: { or?: 'redirect' | 'throw' | 'return-null', scopes?: string[] }): Promise<OAuthConnection | null>,\n\n\n hasPermission(scope: Team, permissionId: string): Promise<boolean>,\n hasPermission(permissionId: string): Promise<boolean>,\n\n getPermission(scope: Team, permissionId: string): Promise<TeamPermission | null>,\n getPermission(permissionId: string): Promise<TeamPermission | null>,\n\n listPermissions(scope: Team, options?: { recursive?: boolean }): Promise<TeamPermission[]>,\n listPermissions(options?: { recursive?: boolean }): Promise<TeamPermission[]>,\n\n\n readonly selectedTeam: Team | null,\n setSelectedTeam(team: Team | null): Promise<void>,\n createTeam(data: TeamCreateOptions): Promise<Team>,\n leaveTeam(team: Team): Promise<void>,\n\n getActiveSessions(): Promise<ActiveSession[]>,\n revokeSession(sessionId: string): Promise<void>,\n getTeamProfile(team: Team): Promise<EditableTeamMemberProfile>,\n}\n& AsyncStoreProperty<\"team\", [id: string], Team | null, false>\n& AsyncStoreProperty<\"teams\", [], Team[], true>\n& AsyncStoreProperty<\"permission\", [scope: Team, permissionId: string, options?: { recursive?: boolean }], TeamPermission | null, false>\n& AsyncStoreProperty<\"permissions\", [scope: Team, options?: { recursive?: boolean }], TeamPermission[], true>;\n\nexport type InternalUserExtra =\n & {\n createProject(newProject: AdminProjectUpdateOptions & { displayName: string }): Promise<AdminOwnedProject>,\n }\n & AsyncStoreProperty<\"ownedProjects\", [], AdminOwnedProject[], true>\n\nexport type User = BaseUser;\n\nexport type CurrentUser = BaseUser & Auth & UserExtra;\n\nexport type CurrentInternalUser = CurrentUser & InternalUserExtra;\n\nexport type ProjectCurrentUser<ProjectId> = ProjectId extends \"internal\" ? CurrentInternalUser : CurrentUser;\n\n\nexport type ActiveSession = {\n id: string,\n userId: string,\n createdAt: Date,\n isImpersonation: boolean,\n lastUsedAt: Date | undefined,\n isCurrentSession: boolean,\n geoInfo?: GeoInfo,\n};\n\nexport type UserUpdateOptions = {\n displayName?: string,\n clientMetadata?: ReadonlyJson,\n selectedTeamId?: string | null,\n totpMultiFactorSecret?: Uint8Array | null,\n profileImageUrl?: string | null,\n otpAuthEnabled?: boolean,\n passkeyAuthEnabled?:boolean,\n}\nexport function userUpdateOptionsToCrud(options: UserUpdateOptions): CurrentUserCrud[\"Client\"][\"Update\"] {\n return {\n display_name: options.displayName,\n client_metadata: options.clientMetadata,\n selected_team_id: options.selectedTeamId,\n totp_secret_base64: options.totpMultiFactorSecret != null ? encodeBase64(options.totpMultiFactorSecret) : options.totpMultiFactorSecret,\n profile_image_url: options.profileImageUrl,\n otp_auth_enabled: options.otpAuthEnabled,\n passkey_auth_enabled: options.passkeyAuthEnabled,\n };\n}\n\n\nexport type ServerBaseUser = {\n setPrimaryEmail(email: string | null, options?: { verified?: boolean | undefined }): Promise<void>,\n\n readonly lastActiveAt: Date,\n\n readonly serverMetadata: any,\n setServerMetadata(metadata: any): Promise<void>,\n setClientReadOnlyMetadata(metadata: any): Promise<void>,\n\n createTeam(data: Omit<ServerTeamCreateOptions, \"creatorUserId\">): Promise<ServerTeam>,\n\n listContactChannels(): Promise<ServerContactChannel[]>,\n createContactChannel(data: ServerContactChannelCreateOptions): Promise<ServerContactChannel>,\n\n update(user: ServerUserUpdateOptions): Promise<void>,\n\n grantPermission(scope: Team, permissionId: string): Promise<void>,\n revokePermission(scope: Team, permissionId: string): Promise<void>,\n\n getPermission(scope: Team, permissionId: string): Promise<TeamPermission | null>,\n getPermission(permissionId: string): Promise<TeamPermission | null>,\n\n hasPermission(scope: Team, permissionId: string): Promise<boolean>,\n hasPermission(permissionId: string): Promise<boolean>,\n\n listPermissions(scope: Team, options?: { recursive?: boolean }): Promise<TeamPermission[]>,\n listPermissions(options?: { recursive?: boolean }): Promise<TeamPermission[]>,\n\n\n /**\n * Creates a new session object with a refresh token for this user. Can be used to impersonate them.\n */\n createSession(options?: { expiresInMillis?: number, isImpersonation?: boolean }): Promise<Session>,\n}\n& AsyncStoreProperty<\"team\", [id: string], ServerTeam | null, false>\n& AsyncStoreProperty<\"teams\", [], ServerTeam[], true>\n& AsyncStoreProperty<\"permission\", [scope: Team, permissionId: string, options?: { direct?: boolean }], AdminTeamPermission | null, false>\n& AsyncStoreProperty<\"permissions\", [scope: Team, options?: { direct?: boolean }], AdminTeamPermission[], true>;\n\n/**\n * A user including sensitive fields that should only be used on the server, never sent to the client\n * (such as sensitive information and serverMetadata).\n */\nexport type ServerUser = ServerBaseUser & BaseUser & UserExtra;\n\nexport type CurrentServerUser = Auth & ServerUser;\n\nexport type CurrentInternalServerUser = CurrentServerUser & InternalUserExtra;\n\nexport type ProjectCurrentServerUser<ProjectId> = ProjectId extends \"internal\" ? CurrentInternalServerUser : CurrentServerUser;\n\n\nexport type ServerUserUpdateOptions = {\n primaryEmail?: string | null,\n primaryEmailVerified?: boolean,\n primaryEmailAuthEnabled?: boolean,\n clientReadOnlyMetadata?: ReadonlyJson,\n serverMetadata?: ReadonlyJson,\n password?: string,\n} & UserUpdateOptions;\nexport function serverUserUpdateOptionsToCrud(options: ServerUserUpdateOptions): CurrentUserCrud[\"Server\"][\"Update\"] {\n return {\n display_name: options.displayName,\n primary_email: options.primaryEmail,\n client_metadata: options.clientMetadata,\n client_read_only_metadata: options.clientReadOnlyMetadata,\n server_metadata: options.serverMetadata,\n selected_team_id: options.selectedTeamId,\n primary_email_auth_enabled: options.primaryEmailAuthEnabled,\n primary_email_verified: options.primaryEmailVerified,\n password: options.password,\n profile_image_url: options.profileImageUrl,\n totp_secret_base64: options.totpMultiFactorSecret != null ? encodeBase64(options.totpMultiFactorSecret) : options.totpMultiFactorSecret,\n };\n}\n\n\nexport type ServerUserCreateOptions = {\n primaryEmail?: string | null,\n primaryEmailAuthEnabled?: boolean,\n password?: string,\n otpAuthEnabled?: boolean,\n displayName?: string,\n primaryEmailVerified?: boolean,\n clientMetadata?: any,\n clientReadOnlyMetadata?: any,\n serverMetadata?: any,\n}\nexport function serverUserCreateOptionsToCrud(options: ServerUserCreateOptions): UsersCrud[\"Server\"][\"Create\"] {\n return {\n primary_email: options.primaryEmail,\n password: options.password,\n otp_auth_enabled: options.otpAuthEnabled,\n primary_email_auth_enabled: options.primaryEmailAuthEnabled,\n display_name: options.displayName,\n primary_email_verified: options.primaryEmailVerified,\n client_metadata: options.clientMetadata,\n client_read_only_metadata: options.clientReadOnlyMetadata,\n server_metadata: options.serverMetadata,\n };\n}\n"],"mappings":";AAQA,SAAS,oBAAoB;AA8OtB,SAAS,wBAAwB,SAAiE;AACvG,SAAO;AAAA,IACL,cAAc,QAAQ;AAAA,IACtB,iBAAiB,QAAQ;AAAA,IACzB,kBAAkB,QAAQ;AAAA,IAC1B,oBAAoB,QAAQ,yBAAyB,OAAO,aAAa,QAAQ,qBAAqB,IAAI,QAAQ;AAAA,IAClH,mBAAmB,QAAQ;AAAA,IAC3B,kBAAkB,QAAQ;AAAA,IAC1B,sBAAsB,QAAQ;AAAA,EAChC;AACF;AA+DO,SAAS,8BAA8B,SAAuE;AACnH,SAAO;AAAA,IACL,cAAc,QAAQ;AAAA,IACtB,eAAe,QAAQ;AAAA,IACvB,iBAAiB,QAAQ;AAAA,IACzB,2BAA2B,QAAQ;AAAA,IACnC,iBAAiB,QAAQ;AAAA,IACzB,kBAAkB,QAAQ;AAAA,IAC1B,4BAA4B,QAAQ;AAAA,IACpC,wBAAwB,QAAQ;AAAA,IAChC,UAAU,QAAQ;AAAA,IAClB,mBAAmB,QAAQ;AAAA,IAC3B,oBAAoB,QAAQ,yBAAyB,OAAO,aAAa,QAAQ,qBAAqB,IAAI,QAAQ;AAAA,EACpH;AACF;AAcO,SAAS,8BAA8B,SAAiE;AAC7G,SAAO;AAAA,IACL,eAAe,QAAQ;AAAA,IACvB,UAAU,QAAQ;AAAA,IAClB,kBAAkB,QAAQ;AAAA,IAC1B,4BAA4B,QAAQ;AAAA,IACpC,cAAc,QAAQ;AAAA,IACtB,wBAAwB,QAAQ;AAAA,IAChC,iBAAiB,QAAQ;AAAA,IACzB,2BAA2B,QAAQ;AAAA,IACnC,iBAAiB,QAAQ;AAAA,EAC3B;AACF;","names":[]}
|
|
1
|
+
{"version":3,"sources":["../../../../../src/lib/stack-app/users/index.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { KnownErrors } from \"@stackframe/stack-shared\";\nimport { CurrentUserCrud } from \"@stackframe/stack-shared/dist/interface/crud/current-user\";\nimport { UsersCrud } from \"@stackframe/stack-shared/dist/interface/crud/users\";\nimport { InternalSession } from \"@stackframe/stack-shared/dist/sessions\";\nimport { encodeBase64 } from \"@stackframe/stack-shared/dist/utils/bytes\";\nimport { GeoInfo } from \"@stackframe/stack-shared/dist/utils/geo\";\nimport { ReadonlyJson } from \"@stackframe/stack-shared/dist/utils/json\";\nimport { ProviderType } from \"@stackframe/stack-shared/dist/utils/oauth\";\nimport { Result } from \"@stackframe/stack-shared/dist/utils/results\";\nimport { ApiKeyCreationOptions, UserApiKey, UserApiKeyFirstView } from \"../api-keys\";\nimport { AsyncStoreProperty } from \"../common\";\nimport { OAuthConnection } from \"../connected-accounts\";\nimport { ContactChannel, ContactChannelCreateOptions, ServerContactChannel, ServerContactChannelCreateOptions } from \"../contact-channels\";\nimport { AdminTeamPermission, TeamPermission } from \"../permissions\";\nimport { AdminOwnedProject, AdminProjectUpdateOptions } from \"../projects\";\nimport { EditableTeamMemberProfile, ServerTeam, ServerTeamCreateOptions, Team, TeamCreateOptions } from \"../teams\";\n\n\nexport type Session = {\n getTokens(): Promise<{ accessToken: string | null, refreshToken: string | null }>,\n};\n\n/**\n * Contains everything related to the current user session.\n */\nexport type Auth = {\n readonly _internalSession: InternalSession,\n readonly currentSession: Session,\n signOut(options?: { redirectUrl?: URL | string }): Promise<void>,\n\n /**\n * Returns headers for sending authenticated HTTP requests to external servers. Most commonly used in cross-origin\n * requests. Similar to `getAuthJson`, but specifically for HTTP requests.\n *\n * If you are using `tokenStore: \"cookie\"`, you don't need this for same-origin requests. However, most\n * browsers now disable third-party cookies by default, so we must pass authentication tokens by header instead\n * if the client and server are on different origins.\n *\n * This function returns a header object that can be used with `fetch` or other HTTP request libraries to send\n * authenticated requests.\n *\n * On the server, you can then pass in the `Request` object to the `tokenStore` option\n * of your Stack app. Please note that CORS does not allow most headers by default, so you\n * must include `x-stack-auth` in the [`Access-Control-Allow-Headers` header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers)\n * of the CORS preflight response.\n *\n * If you are not using HTTP (and hence cannot set headers), you will need to use the `getAuthJson()` function\n * instead.\n *\n * Example:\n *\n * ```ts\n * // client\n * const res = await fetch(\"https://api.example.com\", {\n * headers: {\n * ...await stackApp.getAuthHeaders()\n * // you can also add your own headers here\n * },\n * });\n *\n * // server\n * function handleRequest(req: Request) {\n * const user = await stackServerApp.getUser({ tokenStore: req });\n * return new Response(\"Welcome, \" + user.displayName);\n * }\n * ```\n */\n getAuthHeaders(): Promise<{ \"x-stack-auth\": string }>,\n\n /**\n * Creates a JSON-serializable object containing the information to authenticate a user on an external server.\n * Similar to `getAuthHeaders`, but returns an object that can be sent over any protocol instead of just\n * HTTP headers.\n *\n * While `getAuthHeaders` is the recommended way to send authentication tokens over HTTP, your app may use\n * a different protocol, for example WebSockets or gRPC. This function returns a token object that can be JSON-serialized and sent to the server in any way you like.\n *\n * On the server, you can pass in this token object into the `tokenStore` option to fetch user details.\n *\n * Example:\n *\n * ```ts\n * // client\n * const res = await rpcCall(rpcEndpoint, {\n * data: {\n * auth: await stackApp.getAuthJson(),\n * },\n * });\n *\n * // server\n * function handleRequest(data) {\n * const user = await stackServerApp.getUser({ tokenStore: data.auth });\n * return new Response(\"Welcome, \" + user.displayName);\n * }\n * ```\n */\n getAuthJson(): Promise<{ accessToken: string | null, refreshToken: string | null }>,\n registerPasskey(options?: { hostname?: string }): Promise<Result<undefined, KnownErrors[\"PasskeyRegistrationFailed\"] | KnownErrors[\"PasskeyWebAuthnError\"]>>,\n};\n\n/**\n * ```\n * +----------+-------------+-------------------+\n * | \\ | !Server | Server |\n * +----------+-------------+-------------------+\n * | !Session | User | ServerUser |\n * | Session | CurrentUser | CurrentServerUser |\n * +----------+-------------+-------------------+\n * ```\n *\n * The fields on each of these types are available iff:\n * BaseUser: true\n * Auth: Session\n * ServerBaseUser: Server\n * UserExtra: Session OR Server\n *\n * The types are defined as follows (in the typescript manner):\n * User = BaseUser\n * CurrentUser = BaseUser & Auth & UserExtra\n * ServerUser = BaseUser & ServerBaseUser & UserExtra\n * CurrentServerUser = BaseUser & ServerBaseUser & Auth & UserExtra\n **/\n\nexport type BaseUser = {\n readonly id: string,\n\n readonly displayName: string | null,\n\n /**\n * The user's email address.\n *\n * Note: This might NOT be unique across multiple users, so always use `id` for unique identification.\n */\n readonly primaryEmail: string | null,\n readonly primaryEmailVerified: boolean,\n readonly profileImageUrl: string | null,\n\n readonly signedUpAt: Date,\n\n readonly clientMetadata: any,\n readonly clientReadOnlyMetadata: any,\n\n /**\n * Whether the user has a password set.\n */\n readonly hasPassword: boolean,\n readonly otpAuthEnabled: boolean,\n readonly passkeyAuthEnabled: boolean,\n\n readonly isMultiFactorRequired: boolean,\n readonly isAnonymous: boolean,\n toClientJson(): CurrentUserCrud[\"Client\"][\"Read\"],\n\n /**\n * @deprecated, use contact channel's usedForAuth instead\n */\n readonly emailAuthEnabled: boolean,\n /**\n * @deprecated\n */\n readonly oauthProviders: readonly { id: string }[],\n}\n\nexport type UserExtra = {\n setDisplayName(displayName: string): Promise<void>,\n /** @deprecated Use contact channel's sendVerificationEmail instead */\n sendVerificationEmail(): Promise<KnownErrors[\"EmailAlreadyVerified\"] | void>,\n setClientMetadata(metadata: any): Promise<void>,\n updatePassword(options: { oldPassword: string, newPassword: string}): Promise<KnownErrors[\"PasswordConfirmationMismatch\"] | KnownErrors[\"PasswordRequirementsNotMet\"] | void>,\n setPassword(options: { password: string }): Promise<KnownErrors[\"PasswordRequirementsNotMet\"] | void>,\n\n /**\n * A shorthand method to update multiple fields of the user at once.\n */\n update(update: UserUpdateOptions): Promise<void>,\n\n listContactChannels(): Promise<ContactChannel[]>,\n createContactChannel(data: ContactChannelCreateOptions): Promise<ContactChannel>,\n\n delete(): Promise<void>,\n\n getConnectedAccount(id: ProviderType, options: { or: 'redirect', scopes?: string[] }): Promise<OAuthConnection>,\n getConnectedAccount(id: ProviderType, options?: { or?: 'redirect' | 'throw' | 'return-null', scopes?: string[] }): Promise<OAuthConnection | null>,\n\n\n hasPermission(scope: Team, permissionId: string): Promise<boolean>,\n hasPermission(permissionId: string): Promise<boolean>,\n\n getPermission(scope: Team, permissionId: string): Promise<TeamPermission | null>,\n getPermission(permissionId: string): Promise<TeamPermission | null>,\n\n listPermissions(scope: Team, options?: { recursive?: boolean }): Promise<TeamPermission[]>,\n listPermissions(options?: { recursive?: boolean }): Promise<TeamPermission[]>,\n\n\n readonly selectedTeam: Team | null,\n setSelectedTeam(team: Team | null): Promise<void>,\n createTeam(data: TeamCreateOptions): Promise<Team>,\n leaveTeam(team: Team): Promise<void>,\n\n getActiveSessions(): Promise<ActiveSession[]>,\n revokeSession(sessionId: string): Promise<void>,\n getTeamProfile(team: Team): Promise<EditableTeamMemberProfile>,\n\n createApiKey(options: ApiKeyCreationOptions<\"user\">): Promise<UserApiKeyFirstView>,\n}\n& AsyncStoreProperty<\"apiKeys\", [], UserApiKey[], true>\n& AsyncStoreProperty<\"team\", [id: string], Team | null, false>\n& AsyncStoreProperty<\"teams\", [], Team[], true>\n& AsyncStoreProperty<\"permission\", [scope: Team, permissionId: string, options?: { recursive?: boolean }], TeamPermission | null, false>\n& AsyncStoreProperty<\"permissions\", [scope: Team, options?: { recursive?: boolean }], TeamPermission[], true>;\n\nexport type InternalUserExtra =\n & {\n createProject(newProject: AdminProjectUpdateOptions & { displayName: string }): Promise<AdminOwnedProject>,\n }\n & AsyncStoreProperty<\"ownedProjects\", [], AdminOwnedProject[], true>\n\nexport type User = BaseUser;\n\nexport type CurrentUser = BaseUser & Auth & UserExtra;\n\nexport type CurrentInternalUser = CurrentUser & InternalUserExtra;\n\nexport type ProjectCurrentUser<ProjectId> = ProjectId extends \"internal\" ? CurrentInternalUser : CurrentUser;\n\n\nexport type ActiveSession = {\n id: string,\n userId: string,\n createdAt: Date,\n isImpersonation: boolean,\n lastUsedAt: Date | undefined,\n isCurrentSession: boolean,\n geoInfo?: GeoInfo,\n};\n\nexport type UserUpdateOptions = {\n displayName?: string,\n clientMetadata?: ReadonlyJson,\n selectedTeamId?: string | null,\n totpMultiFactorSecret?: Uint8Array | null,\n profileImageUrl?: string | null,\n otpAuthEnabled?: boolean,\n passkeyAuthEnabled?:boolean,\n}\nexport function userUpdateOptionsToCrud(options: UserUpdateOptions): CurrentUserCrud[\"Client\"][\"Update\"] {\n return {\n display_name: options.displayName,\n client_metadata: options.clientMetadata,\n selected_team_id: options.selectedTeamId,\n totp_secret_base64: options.totpMultiFactorSecret != null ? encodeBase64(options.totpMultiFactorSecret) : options.totpMultiFactorSecret,\n profile_image_url: options.profileImageUrl,\n otp_auth_enabled: options.otpAuthEnabled,\n passkey_auth_enabled: options.passkeyAuthEnabled,\n };\n}\n\n\nexport type ServerBaseUser = {\n setPrimaryEmail(email: string | null, options?: { verified?: boolean | undefined }): Promise<void>,\n\n readonly lastActiveAt: Date,\n\n readonly serverMetadata: any,\n setServerMetadata(metadata: any): Promise<void>,\n setClientReadOnlyMetadata(metadata: any): Promise<void>,\n\n createTeam(data: Omit<ServerTeamCreateOptions, \"creatorUserId\">): Promise<ServerTeam>,\n\n listContactChannels(): Promise<ServerContactChannel[]>,\n createContactChannel(data: ServerContactChannelCreateOptions): Promise<ServerContactChannel>,\n\n update(user: ServerUserUpdateOptions): Promise<void>,\n\n grantPermission(scope: Team, permissionId: string): Promise<void>,\n revokePermission(scope: Team, permissionId: string): Promise<void>,\n\n getPermission(scope: Team, permissionId: string): Promise<TeamPermission | null>,\n getPermission(permissionId: string): Promise<TeamPermission | null>,\n\n hasPermission(scope: Team, permissionId: string): Promise<boolean>,\n hasPermission(permissionId: string): Promise<boolean>,\n\n listPermissions(scope: Team, options?: { recursive?: boolean }): Promise<TeamPermission[]>,\n listPermissions(options?: { recursive?: boolean }): Promise<TeamPermission[]>,\n\n\n /**\n * Creates a new session object with a refresh token for this user. Can be used to impersonate them.\n */\n createSession(options?: { expiresInMillis?: number, isImpersonation?: boolean }): Promise<Session>,\n}\n& AsyncStoreProperty<\"team\", [id: string], ServerTeam | null, false>\n& AsyncStoreProperty<\"teams\", [], ServerTeam[], true>\n& AsyncStoreProperty<\"permission\", [scope: Team, permissionId: string, options?: { direct?: boolean }], AdminTeamPermission | null, false>\n& AsyncStoreProperty<\"permissions\", [scope: Team, options?: { direct?: boolean }], AdminTeamPermission[], true>;\n\n/**\n * A user including sensitive fields that should only be used on the server, never sent to the client\n * (such as sensitive information and serverMetadata).\n */\nexport type ServerUser = ServerBaseUser & BaseUser & UserExtra;\n\nexport type CurrentServerUser = Auth & ServerUser;\n\nexport type CurrentInternalServerUser = CurrentServerUser & InternalUserExtra;\n\nexport type ProjectCurrentServerUser<ProjectId> = ProjectId extends \"internal\" ? CurrentInternalServerUser : CurrentServerUser;\n\n\nexport type ServerUserUpdateOptions = {\n primaryEmail?: string | null,\n primaryEmailVerified?: boolean,\n primaryEmailAuthEnabled?: boolean,\n clientReadOnlyMetadata?: ReadonlyJson,\n serverMetadata?: ReadonlyJson,\n password?: string,\n} & UserUpdateOptions;\nexport function serverUserUpdateOptionsToCrud(options: ServerUserUpdateOptions): CurrentUserCrud[\"Server\"][\"Update\"] {\n return {\n display_name: options.displayName,\n primary_email: options.primaryEmail,\n client_metadata: options.clientMetadata,\n client_read_only_metadata: options.clientReadOnlyMetadata,\n server_metadata: options.serverMetadata,\n selected_team_id: options.selectedTeamId,\n primary_email_auth_enabled: options.primaryEmailAuthEnabled,\n primary_email_verified: options.primaryEmailVerified,\n password: options.password,\n profile_image_url: options.profileImageUrl,\n totp_secret_base64: options.totpMultiFactorSecret != null ? encodeBase64(options.totpMultiFactorSecret) : options.totpMultiFactorSecret,\n };\n}\n\n\nexport type ServerUserCreateOptions = {\n primaryEmail?: string | null,\n primaryEmailAuthEnabled?: boolean,\n password?: string,\n otpAuthEnabled?: boolean,\n displayName?: string,\n primaryEmailVerified?: boolean,\n clientMetadata?: any,\n clientReadOnlyMetadata?: any,\n serverMetadata?: any,\n}\nexport function serverUserCreateOptionsToCrud(options: ServerUserCreateOptions): UsersCrud[\"Server\"][\"Create\"] {\n return {\n primary_email: options.primaryEmail,\n password: options.password,\n otp_auth_enabled: options.otpAuthEnabled,\n primary_email_auth_enabled: options.primaryEmailAuthEnabled,\n display_name: options.displayName,\n primary_email_verified: options.primaryEmailVerified,\n client_metadata: options.clientMetadata,\n client_read_only_metadata: options.clientReadOnlyMetadata,\n server_metadata: options.serverMetadata,\n };\n}\n"],"mappings":";AAQA,SAAS,oBAAoB;AAkPtB,SAAS,wBAAwB,SAAiE;AACvG,SAAO;AAAA,IACL,cAAc,QAAQ;AAAA,IACtB,iBAAiB,QAAQ;AAAA,IACzB,kBAAkB,QAAQ;AAAA,IAC1B,oBAAoB,QAAQ,yBAAyB,OAAO,aAAa,QAAQ,qBAAqB,IAAI,QAAQ;AAAA,IAClH,mBAAmB,QAAQ;AAAA,IAC3B,kBAAkB,QAAQ;AAAA,IAC1B,sBAAsB,QAAQ;AAAA,EAChC;AACF;AA+DO,SAAS,8BAA8B,SAAuE;AACnH,SAAO;AAAA,IACL,cAAc,QAAQ;AAAA,IACtB,eAAe,QAAQ;AAAA,IACvB,iBAAiB,QAAQ;AAAA,IACzB,2BAA2B,QAAQ;AAAA,IACnC,iBAAiB,QAAQ;AAAA,IACzB,kBAAkB,QAAQ;AAAA,IAC1B,4BAA4B,QAAQ;AAAA,IACpC,wBAAwB,QAAQ;AAAA,IAChC,UAAU,QAAQ;AAAA,IAClB,mBAAmB,QAAQ;AAAA,IAC3B,oBAAoB,QAAQ,yBAAyB,OAAO,aAAa,QAAQ,qBAAqB,IAAI,QAAQ;AAAA,EACpH;AACF;AAcO,SAAS,8BAA8B,SAAiE;AAC7G,SAAO;AAAA,IACL,eAAe,QAAQ;AAAA,IACvB,UAAU,QAAQ;AAAA,IAClB,kBAAkB,QAAQ;AAAA,IAC1B,4BAA4B,QAAQ;AAAA,IACpC,cAAc,QAAQ;AAAA,IACtB,wBAAwB,QAAQ;AAAA,IAChC,iBAAiB,QAAQ;AAAA,IACzB,2BAA2B,QAAQ;AAAA,IACnC,iBAAiB,QAAQ;AAAA,EAC3B;AACF;","names":[]}
|
package/dist/index.d.mts
CHANGED
|
@@ -5,8 +5,9 @@ import { ProviderType } from '@stackframe/stack-shared/dist/utils/oauth';
|
|
|
5
5
|
import { ProductionModeError } from '@stackframe/stack-shared/dist/helpers/production-mode';
|
|
6
6
|
import { EmailTemplateType } from '@stackframe/stack-shared/dist/interface/crud/email-templates';
|
|
7
7
|
import { InternalSession } from '@stackframe/stack-shared/dist/sessions';
|
|
8
|
-
import {
|
|
8
|
+
import { InternalApiKeysCrud } from '@stackframe/stack-shared/dist/interface/crud/internal-api-keys';
|
|
9
9
|
import { ReadonlyJson } from '@stackframe/stack-shared/dist/utils/json';
|
|
10
|
+
import { PrettifyType, IfAndOnlyIf } from '@stackframe/stack-shared/dist/utils/types';
|
|
10
11
|
import { GeoInfo } from '@stackframe/stack-shared/dist/utils/geo';
|
|
11
12
|
|
|
12
13
|
type RedirectToOptions = {
|
|
@@ -67,7 +68,27 @@ type OAuthScopesOnSignIn = {
|
|
|
67
68
|
/** @internal */
|
|
68
69
|
declare const stackAppInternalsSymbol: unique symbol;
|
|
69
70
|
|
|
70
|
-
type
|
|
71
|
+
type AdminSentEmail = {
|
|
72
|
+
id: string;
|
|
73
|
+
to: string[];
|
|
74
|
+
subject: string;
|
|
75
|
+
recipient: string;
|
|
76
|
+
sentAt: Date;
|
|
77
|
+
error?: unknown;
|
|
78
|
+
};
|
|
79
|
+
|
|
80
|
+
type AdminEmailTemplate = {
|
|
81
|
+
type: EmailTemplateType;
|
|
82
|
+
subject: string;
|
|
83
|
+
content: any;
|
|
84
|
+
isDefault: boolean;
|
|
85
|
+
};
|
|
86
|
+
type AdminEmailTemplateUpdateOptions = {
|
|
87
|
+
subject?: string;
|
|
88
|
+
content?: any;
|
|
89
|
+
};
|
|
90
|
+
|
|
91
|
+
type InternalApiKeyBase = {
|
|
71
92
|
id: string;
|
|
72
93
|
description: string;
|
|
73
94
|
expiresAt: Date;
|
|
@@ -77,13 +98,13 @@ type ApiKeyBase = {
|
|
|
77
98
|
whyInvalid(): "expired" | "manually-revoked" | null;
|
|
78
99
|
revoke(): Promise<void>;
|
|
79
100
|
};
|
|
80
|
-
type
|
|
81
|
-
type
|
|
101
|
+
type InternalApiKeyBaseCrudRead = Pick<InternalApiKeysCrud["Admin"]["Read"], "id" | "created_at_millis" | "description" | "expires_at_millis" | "manually_revoked_at_millis">;
|
|
102
|
+
type InternalApiKeyFirstView = {
|
|
82
103
|
publishableClientKey?: string;
|
|
83
104
|
secretServerKey?: string;
|
|
84
105
|
superSecretAdminKey?: string;
|
|
85
|
-
} &
|
|
86
|
-
type
|
|
106
|
+
} & InternalApiKeyBase;
|
|
107
|
+
type InternalApiKey = {
|
|
87
108
|
publishableClientKey: null | {
|
|
88
109
|
lastFour: string;
|
|
89
110
|
};
|
|
@@ -93,8 +114,8 @@ type ApiKey = {
|
|
|
93
114
|
superSecretAdminKey: null | {
|
|
94
115
|
lastFour: string;
|
|
95
116
|
};
|
|
96
|
-
} &
|
|
97
|
-
type
|
|
117
|
+
} & InternalApiKeyBase;
|
|
118
|
+
type InternalApiKeyCreateOptions = {
|
|
98
119
|
description: string;
|
|
99
120
|
expiresAt: Date;
|
|
100
121
|
hasPublishableClientKey: boolean;
|
|
@@ -102,26 +123,6 @@ type ApiKeyCreateOptions = {
|
|
|
102
123
|
hasSuperSecretAdminKey: boolean;
|
|
103
124
|
};
|
|
104
125
|
|
|
105
|
-
type AdminSentEmail = {
|
|
106
|
-
id: string;
|
|
107
|
-
to: string[];
|
|
108
|
-
subject: string;
|
|
109
|
-
recipient: string;
|
|
110
|
-
sentAt: Date;
|
|
111
|
-
error?: unknown;
|
|
112
|
-
};
|
|
113
|
-
|
|
114
|
-
type AdminEmailTemplate = {
|
|
115
|
-
type: EmailTemplateType;
|
|
116
|
-
subject: string;
|
|
117
|
-
content: any;
|
|
118
|
-
isDefault: boolean;
|
|
119
|
-
};
|
|
120
|
-
type AdminEmailTemplateUpdateOptions = {
|
|
121
|
-
subject?: string;
|
|
122
|
-
content?: any;
|
|
123
|
-
};
|
|
124
|
-
|
|
125
126
|
type TeamPermission = {
|
|
126
127
|
id: string;
|
|
127
128
|
};
|
|
@@ -155,6 +156,46 @@ type AdminProjectPermissionDefinitionCreateOptions = {
|
|
|
155
156
|
};
|
|
156
157
|
type AdminProjectPermissionDefinitionUpdateOptions = Partial<AdminProjectPermissionDefinitionCreateOptions>;
|
|
157
158
|
|
|
159
|
+
type ApiKeyType = "user" | "team";
|
|
160
|
+
type ApiKey<Type extends ApiKeyType = ApiKeyType, IsFirstView extends boolean = false> = {
|
|
161
|
+
id: string;
|
|
162
|
+
description: string;
|
|
163
|
+
expiresAt?: Date;
|
|
164
|
+
manuallyRevokedAt?: Date | null;
|
|
165
|
+
createdAt: Date;
|
|
166
|
+
value: IfAndOnlyIf<IsFirstView, true, string, {
|
|
167
|
+
lastFour: string;
|
|
168
|
+
}>;
|
|
169
|
+
update(options: ApiKeyUpdateOptions<Type>): Promise<void>;
|
|
170
|
+
revoke: () => Promise<void>;
|
|
171
|
+
isValid: () => boolean;
|
|
172
|
+
whyInvalid: () => "manually-revoked" | "expired" | null;
|
|
173
|
+
} & (("user" extends Type ? {
|
|
174
|
+
type: "user";
|
|
175
|
+
userId: string;
|
|
176
|
+
} : never) | ("team" extends Type ? {
|
|
177
|
+
type: "team";
|
|
178
|
+
teamId: string;
|
|
179
|
+
} : never));
|
|
180
|
+
type UserApiKeyFirstView = PrettifyType<ApiKey<"user", true>>;
|
|
181
|
+
type UserApiKey = PrettifyType<ApiKey<"user", false>>;
|
|
182
|
+
type TeamApiKeyFirstView = PrettifyType<ApiKey<"team", true>>;
|
|
183
|
+
type TeamApiKey = PrettifyType<ApiKey<"team", false>>;
|
|
184
|
+
type ApiKeyCreationOptions<Type extends ApiKeyType = ApiKeyType> = {
|
|
185
|
+
description: string;
|
|
186
|
+
expiresAt: Date | null;
|
|
187
|
+
/**
|
|
188
|
+
* Whether the API key should be considered public. A public API key will not be detected by the secret scanner, which
|
|
189
|
+
* automatically revokes API keys when it detects that they may have been exposed to the public.
|
|
190
|
+
*/
|
|
191
|
+
isPublic?: boolean;
|
|
192
|
+
};
|
|
193
|
+
type ApiKeyUpdateOptions<Type extends ApiKeyType = ApiKeyType> = {
|
|
194
|
+
description?: string;
|
|
195
|
+
expiresAt?: Date | null;
|
|
196
|
+
revoked?: boolean;
|
|
197
|
+
};
|
|
198
|
+
|
|
158
199
|
type Connection = {
|
|
159
200
|
id: string;
|
|
160
201
|
};
|
|
@@ -386,7 +427,8 @@ type UserExtra = {
|
|
|
386
427
|
getActiveSessions(): Promise<ActiveSession[]>;
|
|
387
428
|
revokeSession(sessionId: string): Promise<void>;
|
|
388
429
|
getTeamProfile(team: Team): Promise<EditableTeamMemberProfile>;
|
|
389
|
-
|
|
430
|
+
createApiKey(options: ApiKeyCreationOptions<"user">): Promise<UserApiKeyFirstView>;
|
|
431
|
+
} & AsyncStoreProperty<"apiKeys", [], UserApiKey[], true> & AsyncStoreProperty<"team", [id: string], Team | null, false> & AsyncStoreProperty<"teams", [], Team[], true> & AsyncStoreProperty<"permission", [scope: Team, permissionId: string, options?: {
|
|
390
432
|
recursive?: boolean;
|
|
391
433
|
}], TeamPermission | null, false> & AsyncStoreProperty<"permissions", [scope: Team, options?: {
|
|
392
434
|
recursive?: boolean;
|
|
@@ -517,7 +559,8 @@ type Team = {
|
|
|
517
559
|
listInvitations(): Promise<TeamInvitation[]>;
|
|
518
560
|
update(update: TeamUpdateOptions): Promise<void>;
|
|
519
561
|
delete(): Promise<void>;
|
|
520
|
-
|
|
562
|
+
createApiKey(options: ApiKeyCreationOptions<"team">): Promise<TeamApiKeyFirstView>;
|
|
563
|
+
} & AsyncStoreProperty<"apiKeys", [], TeamApiKey[], true>;
|
|
521
564
|
type TeamUpdateOptions = {
|
|
522
565
|
displayName?: string;
|
|
523
566
|
profileImageUrl?: string | null;
|
|
@@ -584,10 +627,17 @@ type StackServerApp<HasTokenStore extends boolean = boolean, ProjectId extends s
|
|
|
584
627
|
}): Promise<ProjectCurrentServerUser<ProjectId>>;
|
|
585
628
|
getUser(options?: GetUserOptions<HasTokenStore>): Promise<ProjectCurrentServerUser<ProjectId> | null>;
|
|
586
629
|
getUser(id: string): Promise<ServerUser | null>;
|
|
630
|
+
getUser(options: {
|
|
631
|
+
apiKey: string;
|
|
632
|
+
}): Promise<ServerUser | null>;
|
|
633
|
+
getTeam(id: string): Promise<ServerTeam | null>;
|
|
634
|
+
getTeam(options: {
|
|
635
|
+
apiKey: string;
|
|
636
|
+
}): Promise<ServerTeam | null>;
|
|
587
637
|
listUsers(options?: ServerListUsersOptions): Promise<ServerUser[] & {
|
|
588
638
|
nextCursor: string | null;
|
|
589
639
|
}>;
|
|
590
|
-
} & AsyncStoreProperty<"user", [id: string], ServerUser | null, false> & Omit<AsyncStoreProperty<"users", [], ServerUser[], true>, "listUsers" | "useUsers"> & AsyncStoreProperty<"
|
|
640
|
+
} & AsyncStoreProperty<"user", [id: string], ServerUser | null, false> & Omit<AsyncStoreProperty<"users", [], ServerUser[], true>, "listUsers" | "useUsers"> & AsyncStoreProperty<"teams", [], ServerTeam[], true> & StackClientApp<HasTokenStore, ProjectId>);
|
|
591
641
|
declare const StackServerApp: StackServerAppConstructor;
|
|
592
642
|
|
|
593
643
|
type StackAdminAppConstructorOptions<HasTokenStore extends boolean, ProjectId extends string> = ((StackServerAppConstructorOptions<HasTokenStore, ProjectId> & {
|
|
@@ -599,11 +649,11 @@ type StackAdminAppConstructor = {
|
|
|
599
649
|
new <HasTokenStore extends boolean, ProjectId extends string>(options: StackAdminAppConstructorOptions<HasTokenStore, ProjectId>): StackAdminApp<HasTokenStore, ProjectId>;
|
|
600
650
|
new (options: StackAdminAppConstructorOptions<boolean, string>): StackAdminApp<boolean, string>;
|
|
601
651
|
};
|
|
602
|
-
type StackAdminApp<HasTokenStore extends boolean = boolean, ProjectId extends string = string> = (AsyncStoreProperty<"project", [], AdminProject, false> & AsyncStoreProperty<"
|
|
652
|
+
type StackAdminApp<HasTokenStore extends boolean = boolean, ProjectId extends string = string> = (AsyncStoreProperty<"project", [], AdminProject, false> & AsyncStoreProperty<"internalApiKeys", [], InternalApiKey[], true> & AsyncStoreProperty<"teamPermissionDefinitions", [], AdminTeamPermissionDefinition[], true> & AsyncStoreProperty<"projectPermissionDefinitions", [], AdminProjectPermissionDefinition[], true> & {
|
|
603
653
|
listEmailTemplates(): Promise<AdminEmailTemplate[]>;
|
|
604
654
|
updateEmailTemplate(type: EmailTemplateType, data: AdminEmailTemplateUpdateOptions): Promise<void>;
|
|
605
655
|
resetEmailTemplate(type: EmailTemplateType): Promise<void>;
|
|
606
|
-
|
|
656
|
+
createInternalApiKey(options: InternalApiKeyCreateOptions): Promise<InternalApiKeyFirstView>;
|
|
607
657
|
createTeamPermissionDefinition(data: AdminTeamPermissionDefinitionCreateOptions): Promise<AdminTeamPermission>;
|
|
608
658
|
updateTeamPermissionDefinition(permissionId: string, data: AdminTeamPermissionDefinitionUpdateOptions): Promise<void>;
|
|
609
659
|
deleteTeamPermissionDefinition(permissionId: string): Promise<void>;
|
|
@@ -628,6 +678,8 @@ type ProjectConfig = {
|
|
|
628
678
|
readonly clientTeamCreationEnabled: boolean;
|
|
629
679
|
readonly clientUserDeletionEnabled: boolean;
|
|
630
680
|
readonly oauthProviders: OAuthProviderConfig[];
|
|
681
|
+
readonly allowUserApiKeys: boolean;
|
|
682
|
+
readonly allowTeamApiKeys: boolean;
|
|
631
683
|
};
|
|
632
684
|
type OAuthProviderConfig = {
|
|
633
685
|
readonly id: string;
|
|
@@ -649,6 +701,8 @@ type AdminProjectConfig = {
|
|
|
649
701
|
readonly teamMemberDefaultPermissions: AdminTeamPermission[];
|
|
650
702
|
readonly userDefaultPermissions: AdminTeamPermission[];
|
|
651
703
|
readonly oauthAccountMergeStrategy: 'link_method' | 'raise_error' | 'allow_duplicates';
|
|
704
|
+
readonly allowUserApiKeys: boolean;
|
|
705
|
+
readonly allowTeamApiKeys: boolean;
|
|
652
706
|
};
|
|
653
707
|
type AdminEmailConfig = ({
|
|
654
708
|
type: "standard";
|
|
@@ -702,6 +756,8 @@ type AdminProjectConfigUpdateOptions = {
|
|
|
702
756
|
id: string;
|
|
703
757
|
}[];
|
|
704
758
|
oauthAccountMergeStrategy?: 'link_method' | 'raise_error' | 'allow_duplicates';
|
|
759
|
+
allowUserApiKeys?: boolean;
|
|
760
|
+
allowTeamApiKeys?: boolean;
|
|
705
761
|
};
|
|
706
762
|
|
|
707
763
|
type Project = {
|
|
@@ -781,6 +837,10 @@ type StackClientApp<HasTokenStore extends boolean = boolean, ProjectId extends s
|
|
|
781
837
|
}): Promise<Result<undefined, KnownErrors["UserWithEmailAlreadyExists"] | KnownErrors["PasswordRequirementsNotMet"]>>;
|
|
782
838
|
signInWithPasskey(): Promise<Result<undefined, KnownErrors["PasskeyAuthenticationFailed"] | KnownErrors["InvalidTotpCode"] | KnownErrors["PasskeyWebAuthnError"]>>;
|
|
783
839
|
callOAuthCallback(): Promise<boolean>;
|
|
840
|
+
promptCliLogin(options: {
|
|
841
|
+
appUrl: string;
|
|
842
|
+
expiresInMillis?: number;
|
|
843
|
+
}): Promise<Result<string, KnownErrors["CliAuthError"] | KnownErrors["CliAuthExpiredError"] | KnownErrors["CliAuthUsedError"]>>;
|
|
784
844
|
sendForgotPasswordEmail(email: string, options?: {
|
|
785
845
|
callbackUrl?: string;
|
|
786
846
|
}): Promise<Result<undefined, KnownErrors["UserNotFound"]>>;
|
|
@@ -823,4 +883,4 @@ type StackClientApp<HasTokenStore extends boolean = boolean, ProjectId extends s
|
|
|
823
883
|
});
|
|
824
884
|
declare const StackClientApp: StackClientAppConstructor;
|
|
825
885
|
|
|
826
|
-
export { type AdminDomainConfig, type AdminEmailConfig, type AdminOAuthProviderConfig, type AdminOwnedProject, type AdminProject, type AdminProjectConfig, type AdminProjectConfigUpdateOptions, type AdminProjectCreateOptions, type AdminProjectPermission, type AdminProjectPermissionDefinition, type AdminProjectPermissionDefinitionCreateOptions, type AdminProjectPermissionDefinitionUpdateOptions, type AdminProjectUpdateOptions, type AdminSentEmail, type AdminTeamPermission, type AdminTeamPermissionDefinition, type AdminTeamPermissionDefinitionCreateOptions, type AdminTeamPermissionDefinitionUpdateOptions, type
|
|
886
|
+
export { type AdminDomainConfig, type AdminEmailConfig, type AdminOAuthProviderConfig, type AdminOwnedProject, type AdminProject, type AdminProjectConfig, type AdminProjectConfigUpdateOptions, type AdminProjectCreateOptions, type AdminProjectPermission, type AdminProjectPermissionDefinition, type AdminProjectPermissionDefinitionCreateOptions, type AdminProjectPermissionDefinitionUpdateOptions, type AdminProjectUpdateOptions, type AdminSentEmail, type AdminTeamPermission, type AdminTeamPermissionDefinition, type AdminTeamPermissionDefinitionCreateOptions, type AdminTeamPermissionDefinitionUpdateOptions, type Auth, type Connection, type ContactChannel, type CurrentInternalServerUser, type CurrentInternalUser, type CurrentServerUser, type CurrentUser, type EditableTeamMemberProfile, type GetUserOptions, type HandlerUrls, type InternalApiKey, type InternalApiKeyBase, type InternalApiKeyBaseCrudRead, type InternalApiKeyCreateOptions, type InternalApiKeyFirstView, type OAuthConnection, type OAuthProviderConfig, type OAuthScopesOnSignIn, type Project, type ProjectConfig, type ServerContactChannel, type ServerListUsersOptions, type ServerTeam, type ServerTeamCreateOptions, type ServerTeamMemberProfile, type ServerTeamUpdateOptions, type ServerTeamUser, type ServerUser, type Session, StackAdminApp, type StackAdminAppConstructor, type StackAdminAppConstructorOptions, StackClientApp, type StackClientAppConstructor, type StackClientAppConstructorOptions, type StackClientAppJson, StackServerApp, type StackServerAppConstructor, type StackServerAppConstructorOptions, type Team, type TeamCreateOptions, type TeamInvitation, type TeamMemberProfile, type TeamUpdateOptions, type TeamUser, type User, stackAppInternalsSymbol };
|
package/dist/index.d.ts
CHANGED
|
@@ -5,8 +5,9 @@ import { ProviderType } from '@stackframe/stack-shared/dist/utils/oauth';
|
|
|
5
5
|
import { ProductionModeError } from '@stackframe/stack-shared/dist/helpers/production-mode';
|
|
6
6
|
import { EmailTemplateType } from '@stackframe/stack-shared/dist/interface/crud/email-templates';
|
|
7
7
|
import { InternalSession } from '@stackframe/stack-shared/dist/sessions';
|
|
8
|
-
import {
|
|
8
|
+
import { InternalApiKeysCrud } from '@stackframe/stack-shared/dist/interface/crud/internal-api-keys';
|
|
9
9
|
import { ReadonlyJson } from '@stackframe/stack-shared/dist/utils/json';
|
|
10
|
+
import { PrettifyType, IfAndOnlyIf } from '@stackframe/stack-shared/dist/utils/types';
|
|
10
11
|
import { GeoInfo } from '@stackframe/stack-shared/dist/utils/geo';
|
|
11
12
|
|
|
12
13
|
type RedirectToOptions = {
|
|
@@ -67,7 +68,27 @@ type OAuthScopesOnSignIn = {
|
|
|
67
68
|
/** @internal */
|
|
68
69
|
declare const stackAppInternalsSymbol: unique symbol;
|
|
69
70
|
|
|
70
|
-
type
|
|
71
|
+
type AdminSentEmail = {
|
|
72
|
+
id: string;
|
|
73
|
+
to: string[];
|
|
74
|
+
subject: string;
|
|
75
|
+
recipient: string;
|
|
76
|
+
sentAt: Date;
|
|
77
|
+
error?: unknown;
|
|
78
|
+
};
|
|
79
|
+
|
|
80
|
+
type AdminEmailTemplate = {
|
|
81
|
+
type: EmailTemplateType;
|
|
82
|
+
subject: string;
|
|
83
|
+
content: any;
|
|
84
|
+
isDefault: boolean;
|
|
85
|
+
};
|
|
86
|
+
type AdminEmailTemplateUpdateOptions = {
|
|
87
|
+
subject?: string;
|
|
88
|
+
content?: any;
|
|
89
|
+
};
|
|
90
|
+
|
|
91
|
+
type InternalApiKeyBase = {
|
|
71
92
|
id: string;
|
|
72
93
|
description: string;
|
|
73
94
|
expiresAt: Date;
|
|
@@ -77,13 +98,13 @@ type ApiKeyBase = {
|
|
|
77
98
|
whyInvalid(): "expired" | "manually-revoked" | null;
|
|
78
99
|
revoke(): Promise<void>;
|
|
79
100
|
};
|
|
80
|
-
type
|
|
81
|
-
type
|
|
101
|
+
type InternalApiKeyBaseCrudRead = Pick<InternalApiKeysCrud["Admin"]["Read"], "id" | "created_at_millis" | "description" | "expires_at_millis" | "manually_revoked_at_millis">;
|
|
102
|
+
type InternalApiKeyFirstView = {
|
|
82
103
|
publishableClientKey?: string;
|
|
83
104
|
secretServerKey?: string;
|
|
84
105
|
superSecretAdminKey?: string;
|
|
85
|
-
} &
|
|
86
|
-
type
|
|
106
|
+
} & InternalApiKeyBase;
|
|
107
|
+
type InternalApiKey = {
|
|
87
108
|
publishableClientKey: null | {
|
|
88
109
|
lastFour: string;
|
|
89
110
|
};
|
|
@@ -93,8 +114,8 @@ type ApiKey = {
|
|
|
93
114
|
superSecretAdminKey: null | {
|
|
94
115
|
lastFour: string;
|
|
95
116
|
};
|
|
96
|
-
} &
|
|
97
|
-
type
|
|
117
|
+
} & InternalApiKeyBase;
|
|
118
|
+
type InternalApiKeyCreateOptions = {
|
|
98
119
|
description: string;
|
|
99
120
|
expiresAt: Date;
|
|
100
121
|
hasPublishableClientKey: boolean;
|
|
@@ -102,26 +123,6 @@ type ApiKeyCreateOptions = {
|
|
|
102
123
|
hasSuperSecretAdminKey: boolean;
|
|
103
124
|
};
|
|
104
125
|
|
|
105
|
-
type AdminSentEmail = {
|
|
106
|
-
id: string;
|
|
107
|
-
to: string[];
|
|
108
|
-
subject: string;
|
|
109
|
-
recipient: string;
|
|
110
|
-
sentAt: Date;
|
|
111
|
-
error?: unknown;
|
|
112
|
-
};
|
|
113
|
-
|
|
114
|
-
type AdminEmailTemplate = {
|
|
115
|
-
type: EmailTemplateType;
|
|
116
|
-
subject: string;
|
|
117
|
-
content: any;
|
|
118
|
-
isDefault: boolean;
|
|
119
|
-
};
|
|
120
|
-
type AdminEmailTemplateUpdateOptions = {
|
|
121
|
-
subject?: string;
|
|
122
|
-
content?: any;
|
|
123
|
-
};
|
|
124
|
-
|
|
125
126
|
type TeamPermission = {
|
|
126
127
|
id: string;
|
|
127
128
|
};
|
|
@@ -155,6 +156,46 @@ type AdminProjectPermissionDefinitionCreateOptions = {
|
|
|
155
156
|
};
|
|
156
157
|
type AdminProjectPermissionDefinitionUpdateOptions = Partial<AdminProjectPermissionDefinitionCreateOptions>;
|
|
157
158
|
|
|
159
|
+
type ApiKeyType = "user" | "team";
|
|
160
|
+
type ApiKey<Type extends ApiKeyType = ApiKeyType, IsFirstView extends boolean = false> = {
|
|
161
|
+
id: string;
|
|
162
|
+
description: string;
|
|
163
|
+
expiresAt?: Date;
|
|
164
|
+
manuallyRevokedAt?: Date | null;
|
|
165
|
+
createdAt: Date;
|
|
166
|
+
value: IfAndOnlyIf<IsFirstView, true, string, {
|
|
167
|
+
lastFour: string;
|
|
168
|
+
}>;
|
|
169
|
+
update(options: ApiKeyUpdateOptions<Type>): Promise<void>;
|
|
170
|
+
revoke: () => Promise<void>;
|
|
171
|
+
isValid: () => boolean;
|
|
172
|
+
whyInvalid: () => "manually-revoked" | "expired" | null;
|
|
173
|
+
} & (("user" extends Type ? {
|
|
174
|
+
type: "user";
|
|
175
|
+
userId: string;
|
|
176
|
+
} : never) | ("team" extends Type ? {
|
|
177
|
+
type: "team";
|
|
178
|
+
teamId: string;
|
|
179
|
+
} : never));
|
|
180
|
+
type UserApiKeyFirstView = PrettifyType<ApiKey<"user", true>>;
|
|
181
|
+
type UserApiKey = PrettifyType<ApiKey<"user", false>>;
|
|
182
|
+
type TeamApiKeyFirstView = PrettifyType<ApiKey<"team", true>>;
|
|
183
|
+
type TeamApiKey = PrettifyType<ApiKey<"team", false>>;
|
|
184
|
+
type ApiKeyCreationOptions<Type extends ApiKeyType = ApiKeyType> = {
|
|
185
|
+
description: string;
|
|
186
|
+
expiresAt: Date | null;
|
|
187
|
+
/**
|
|
188
|
+
* Whether the API key should be considered public. A public API key will not be detected by the secret scanner, which
|
|
189
|
+
* automatically revokes API keys when it detects that they may have been exposed to the public.
|
|
190
|
+
*/
|
|
191
|
+
isPublic?: boolean;
|
|
192
|
+
};
|
|
193
|
+
type ApiKeyUpdateOptions<Type extends ApiKeyType = ApiKeyType> = {
|
|
194
|
+
description?: string;
|
|
195
|
+
expiresAt?: Date | null;
|
|
196
|
+
revoked?: boolean;
|
|
197
|
+
};
|
|
198
|
+
|
|
158
199
|
type Connection = {
|
|
159
200
|
id: string;
|
|
160
201
|
};
|
|
@@ -386,7 +427,8 @@ type UserExtra = {
|
|
|
386
427
|
getActiveSessions(): Promise<ActiveSession[]>;
|
|
387
428
|
revokeSession(sessionId: string): Promise<void>;
|
|
388
429
|
getTeamProfile(team: Team): Promise<EditableTeamMemberProfile>;
|
|
389
|
-
|
|
430
|
+
createApiKey(options: ApiKeyCreationOptions<"user">): Promise<UserApiKeyFirstView>;
|
|
431
|
+
} & AsyncStoreProperty<"apiKeys", [], UserApiKey[], true> & AsyncStoreProperty<"team", [id: string], Team | null, false> & AsyncStoreProperty<"teams", [], Team[], true> & AsyncStoreProperty<"permission", [scope: Team, permissionId: string, options?: {
|
|
390
432
|
recursive?: boolean;
|
|
391
433
|
}], TeamPermission | null, false> & AsyncStoreProperty<"permissions", [scope: Team, options?: {
|
|
392
434
|
recursive?: boolean;
|
|
@@ -517,7 +559,8 @@ type Team = {
|
|
|
517
559
|
listInvitations(): Promise<TeamInvitation[]>;
|
|
518
560
|
update(update: TeamUpdateOptions): Promise<void>;
|
|
519
561
|
delete(): Promise<void>;
|
|
520
|
-
|
|
562
|
+
createApiKey(options: ApiKeyCreationOptions<"team">): Promise<TeamApiKeyFirstView>;
|
|
563
|
+
} & AsyncStoreProperty<"apiKeys", [], TeamApiKey[], true>;
|
|
521
564
|
type TeamUpdateOptions = {
|
|
522
565
|
displayName?: string;
|
|
523
566
|
profileImageUrl?: string | null;
|
|
@@ -584,10 +627,17 @@ type StackServerApp<HasTokenStore extends boolean = boolean, ProjectId extends s
|
|
|
584
627
|
}): Promise<ProjectCurrentServerUser<ProjectId>>;
|
|
585
628
|
getUser(options?: GetUserOptions<HasTokenStore>): Promise<ProjectCurrentServerUser<ProjectId> | null>;
|
|
586
629
|
getUser(id: string): Promise<ServerUser | null>;
|
|
630
|
+
getUser(options: {
|
|
631
|
+
apiKey: string;
|
|
632
|
+
}): Promise<ServerUser | null>;
|
|
633
|
+
getTeam(id: string): Promise<ServerTeam | null>;
|
|
634
|
+
getTeam(options: {
|
|
635
|
+
apiKey: string;
|
|
636
|
+
}): Promise<ServerTeam | null>;
|
|
587
637
|
listUsers(options?: ServerListUsersOptions): Promise<ServerUser[] & {
|
|
588
638
|
nextCursor: string | null;
|
|
589
639
|
}>;
|
|
590
|
-
} & AsyncStoreProperty<"user", [id: string], ServerUser | null, false> & Omit<AsyncStoreProperty<"users", [], ServerUser[], true>, "listUsers" | "useUsers"> & AsyncStoreProperty<"
|
|
640
|
+
} & AsyncStoreProperty<"user", [id: string], ServerUser | null, false> & Omit<AsyncStoreProperty<"users", [], ServerUser[], true>, "listUsers" | "useUsers"> & AsyncStoreProperty<"teams", [], ServerTeam[], true> & StackClientApp<HasTokenStore, ProjectId>);
|
|
591
641
|
declare const StackServerApp: StackServerAppConstructor;
|
|
592
642
|
|
|
593
643
|
type StackAdminAppConstructorOptions<HasTokenStore extends boolean, ProjectId extends string> = ((StackServerAppConstructorOptions<HasTokenStore, ProjectId> & {
|
|
@@ -599,11 +649,11 @@ type StackAdminAppConstructor = {
|
|
|
599
649
|
new <HasTokenStore extends boolean, ProjectId extends string>(options: StackAdminAppConstructorOptions<HasTokenStore, ProjectId>): StackAdminApp<HasTokenStore, ProjectId>;
|
|
600
650
|
new (options: StackAdminAppConstructorOptions<boolean, string>): StackAdminApp<boolean, string>;
|
|
601
651
|
};
|
|
602
|
-
type StackAdminApp<HasTokenStore extends boolean = boolean, ProjectId extends string = string> = (AsyncStoreProperty<"project", [], AdminProject, false> & AsyncStoreProperty<"
|
|
652
|
+
type StackAdminApp<HasTokenStore extends boolean = boolean, ProjectId extends string = string> = (AsyncStoreProperty<"project", [], AdminProject, false> & AsyncStoreProperty<"internalApiKeys", [], InternalApiKey[], true> & AsyncStoreProperty<"teamPermissionDefinitions", [], AdminTeamPermissionDefinition[], true> & AsyncStoreProperty<"projectPermissionDefinitions", [], AdminProjectPermissionDefinition[], true> & {
|
|
603
653
|
listEmailTemplates(): Promise<AdminEmailTemplate[]>;
|
|
604
654
|
updateEmailTemplate(type: EmailTemplateType, data: AdminEmailTemplateUpdateOptions): Promise<void>;
|
|
605
655
|
resetEmailTemplate(type: EmailTemplateType): Promise<void>;
|
|
606
|
-
|
|
656
|
+
createInternalApiKey(options: InternalApiKeyCreateOptions): Promise<InternalApiKeyFirstView>;
|
|
607
657
|
createTeamPermissionDefinition(data: AdminTeamPermissionDefinitionCreateOptions): Promise<AdminTeamPermission>;
|
|
608
658
|
updateTeamPermissionDefinition(permissionId: string, data: AdminTeamPermissionDefinitionUpdateOptions): Promise<void>;
|
|
609
659
|
deleteTeamPermissionDefinition(permissionId: string): Promise<void>;
|
|
@@ -628,6 +678,8 @@ type ProjectConfig = {
|
|
|
628
678
|
readonly clientTeamCreationEnabled: boolean;
|
|
629
679
|
readonly clientUserDeletionEnabled: boolean;
|
|
630
680
|
readonly oauthProviders: OAuthProviderConfig[];
|
|
681
|
+
readonly allowUserApiKeys: boolean;
|
|
682
|
+
readonly allowTeamApiKeys: boolean;
|
|
631
683
|
};
|
|
632
684
|
type OAuthProviderConfig = {
|
|
633
685
|
readonly id: string;
|
|
@@ -649,6 +701,8 @@ type AdminProjectConfig = {
|
|
|
649
701
|
readonly teamMemberDefaultPermissions: AdminTeamPermission[];
|
|
650
702
|
readonly userDefaultPermissions: AdminTeamPermission[];
|
|
651
703
|
readonly oauthAccountMergeStrategy: 'link_method' | 'raise_error' | 'allow_duplicates';
|
|
704
|
+
readonly allowUserApiKeys: boolean;
|
|
705
|
+
readonly allowTeamApiKeys: boolean;
|
|
652
706
|
};
|
|
653
707
|
type AdminEmailConfig = ({
|
|
654
708
|
type: "standard";
|
|
@@ -702,6 +756,8 @@ type AdminProjectConfigUpdateOptions = {
|
|
|
702
756
|
id: string;
|
|
703
757
|
}[];
|
|
704
758
|
oauthAccountMergeStrategy?: 'link_method' | 'raise_error' | 'allow_duplicates';
|
|
759
|
+
allowUserApiKeys?: boolean;
|
|
760
|
+
allowTeamApiKeys?: boolean;
|
|
705
761
|
};
|
|
706
762
|
|
|
707
763
|
type Project = {
|
|
@@ -781,6 +837,10 @@ type StackClientApp<HasTokenStore extends boolean = boolean, ProjectId extends s
|
|
|
781
837
|
}): Promise<Result<undefined, KnownErrors["UserWithEmailAlreadyExists"] | KnownErrors["PasswordRequirementsNotMet"]>>;
|
|
782
838
|
signInWithPasskey(): Promise<Result<undefined, KnownErrors["PasskeyAuthenticationFailed"] | KnownErrors["InvalidTotpCode"] | KnownErrors["PasskeyWebAuthnError"]>>;
|
|
783
839
|
callOAuthCallback(): Promise<boolean>;
|
|
840
|
+
promptCliLogin(options: {
|
|
841
|
+
appUrl: string;
|
|
842
|
+
expiresInMillis?: number;
|
|
843
|
+
}): Promise<Result<string, KnownErrors["CliAuthError"] | KnownErrors["CliAuthExpiredError"] | KnownErrors["CliAuthUsedError"]>>;
|
|
784
844
|
sendForgotPasswordEmail(email: string, options?: {
|
|
785
845
|
callbackUrl?: string;
|
|
786
846
|
}): Promise<Result<undefined, KnownErrors["UserNotFound"]>>;
|
|
@@ -823,4 +883,4 @@ type StackClientApp<HasTokenStore extends boolean = boolean, ProjectId extends s
|
|
|
823
883
|
});
|
|
824
884
|
declare const StackClientApp: StackClientAppConstructor;
|
|
825
885
|
|
|
826
|
-
export { type AdminDomainConfig, type AdminEmailConfig, type AdminOAuthProviderConfig, type AdminOwnedProject, type AdminProject, type AdminProjectConfig, type AdminProjectConfigUpdateOptions, type AdminProjectCreateOptions, type AdminProjectPermission, type AdminProjectPermissionDefinition, type AdminProjectPermissionDefinitionCreateOptions, type AdminProjectPermissionDefinitionUpdateOptions, type AdminProjectUpdateOptions, type AdminSentEmail, type AdminTeamPermission, type AdminTeamPermissionDefinition, type AdminTeamPermissionDefinitionCreateOptions, type AdminTeamPermissionDefinitionUpdateOptions, type
|
|
886
|
+
export { type AdminDomainConfig, type AdminEmailConfig, type AdminOAuthProviderConfig, type AdminOwnedProject, type AdminProject, type AdminProjectConfig, type AdminProjectConfigUpdateOptions, type AdminProjectCreateOptions, type AdminProjectPermission, type AdminProjectPermissionDefinition, type AdminProjectPermissionDefinitionCreateOptions, type AdminProjectPermissionDefinitionUpdateOptions, type AdminProjectUpdateOptions, type AdminSentEmail, type AdminTeamPermission, type AdminTeamPermissionDefinition, type AdminTeamPermissionDefinitionCreateOptions, type AdminTeamPermissionDefinitionUpdateOptions, type Auth, type Connection, type ContactChannel, type CurrentInternalServerUser, type CurrentInternalUser, type CurrentServerUser, type CurrentUser, type EditableTeamMemberProfile, type GetUserOptions, type HandlerUrls, type InternalApiKey, type InternalApiKeyBase, type InternalApiKeyBaseCrudRead, type InternalApiKeyCreateOptions, type InternalApiKeyFirstView, type OAuthConnection, type OAuthProviderConfig, type OAuthScopesOnSignIn, type Project, type ProjectConfig, type ServerContactChannel, type ServerListUsersOptions, type ServerTeam, type ServerTeamCreateOptions, type ServerTeamMemberProfile, type ServerTeamUpdateOptions, type ServerTeamUser, type ServerUser, type Session, StackAdminApp, type StackAdminAppConstructor, type StackAdminAppConstructorOptions, StackClientApp, type StackClientAppConstructor, type StackClientAppConstructorOptions, type StackClientAppJson, StackServerApp, type StackServerAppConstructor, type StackServerAppConstructorOptions, type Team, type TeamCreateOptions, type TeamInvitation, type TeamMemberProfile, type TeamUpdateOptions, type TeamUser, type User, stackAppInternalsSymbol };
|
|
@@ -20,20 +20,29 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
|
|
|
20
20
|
// src/lib/stack-app/api-keys/index.ts
|
|
21
21
|
var api_keys_exports = {};
|
|
22
22
|
__export(api_keys_exports, {
|
|
23
|
-
|
|
23
|
+
apiKeyCreationOptionsToCrud: () => apiKeyCreationOptionsToCrud,
|
|
24
|
+
apiKeyUpdateOptionsToCrud: () => apiKeyUpdateOptionsToCrud
|
|
24
25
|
});
|
|
25
26
|
module.exports = __toCommonJS(api_keys_exports);
|
|
26
|
-
|
|
27
|
+
var import_objects = require("@stackframe/stack-shared/dist/utils/objects");
|
|
28
|
+
async function apiKeyCreationOptionsToCrud(type, userIdOrTeamId, options) {
|
|
27
29
|
return {
|
|
28
30
|
description: options.description,
|
|
29
|
-
expires_at_millis: options.expiresAt.getTime(),
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
has_super_secret_admin_key: options.hasSuperSecretAdminKey
|
|
31
|
+
expires_at_millis: options.expiresAt == null ? options.expiresAt : options.expiresAt.getTime(),
|
|
32
|
+
is_public: options.isPublic,
|
|
33
|
+
...type === "user" ? { user_id: userIdOrTeamId } : { team_id: userIdOrTeamId }
|
|
33
34
|
};
|
|
34
35
|
}
|
|
36
|
+
async function apiKeyUpdateOptionsToCrud(type, options) {
|
|
37
|
+
return (0, import_objects.filterUndefined)({
|
|
38
|
+
description: options.description,
|
|
39
|
+
expires_at_millis: options.expiresAt == null ? options.expiresAt : options.expiresAt.getTime(),
|
|
40
|
+
revoked: options.revoked
|
|
41
|
+
});
|
|
42
|
+
}
|
|
35
43
|
// Annotate the CommonJS export names for ESM import in node:
|
|
36
44
|
0 && (module.exports = {
|
|
37
|
-
|
|
45
|
+
apiKeyCreationOptionsToCrud,
|
|
46
|
+
apiKeyUpdateOptionsToCrud
|
|
38
47
|
});
|
|
39
48
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/lib/stack-app/api-keys/index.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport {
|
|
1
|
+
{"version":3,"sources":["../../../../src/lib/stack-app/api-keys/index.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { TeamApiKeysCrud, UserApiKeysCrud, teamApiKeysCreateInputSchema, userApiKeysCreateInputSchema } from \"@stackframe/stack-shared/dist/interface/crud/project-api-keys\";\nimport { filterUndefined } from \"@stackframe/stack-shared/dist/utils/objects\";\nimport { IfAndOnlyIf, PrettifyType } from \"@stackframe/stack-shared/dist/utils/types\";\nimport type * as yup from \"yup\";\n\nexport type ApiKeyType = \"user\" | \"team\";\n\nexport type ApiKey<Type extends ApiKeyType = ApiKeyType, IsFirstView extends boolean = false> =\n & {\n id: string,\n description: string,\n expiresAt?: Date,\n manuallyRevokedAt?: Date | null,\n createdAt: Date,\n value: IfAndOnlyIf<IsFirstView, true, string, { lastFour: string }>,\n update(options: ApiKeyUpdateOptions<Type>): Promise<void>,\n revoke: () => Promise<void>,\n isValid: () => boolean,\n whyInvalid: () => \"manually-revoked\" | \"expired\" | null,\n }\n & (\n | (\"user\" extends Type ? { type: \"user\", userId: string } : never)\n | (\"team\" extends Type ? { type: \"team\", teamId: string } : never)\n );\n\nexport type UserApiKeyFirstView = PrettifyType<ApiKey<\"user\", true>>;\nexport type UserApiKey = PrettifyType<ApiKey<\"user\", false>>;\n\nexport type TeamApiKeyFirstView = PrettifyType<ApiKey<\"team\", true>>;\nexport type TeamApiKey = PrettifyType<ApiKey<\"team\", false>>;\n\nexport type ApiKeyCreationOptions<Type extends ApiKeyType = ApiKeyType> =\n & {\n description: string,\n expiresAt: Date | null,\n /**\n * Whether the API key should be considered public. A public API key will not be detected by the secret scanner, which\n * automatically revokes API keys when it detects that they may have been exposed to the public.\n */\n isPublic?: boolean,\n };\nexport function apiKeyCreationOptionsToCrud(type: \"user\", userId: string, options: ApiKeyCreationOptions<\"user\">): Promise<yup.InferType<typeof userApiKeysCreateInputSchema>>;\nexport function apiKeyCreationOptionsToCrud(type: \"team\", teamId: string, options: ApiKeyCreationOptions<\"team\">): Promise<yup.InferType<typeof teamApiKeysCreateInputSchema>>;\nexport function apiKeyCreationOptionsToCrud(type: ApiKeyType, userIdOrTeamId: string, options: ApiKeyCreationOptions): Promise<yup.InferType<typeof userApiKeysCreateInputSchema> | yup.InferType<typeof teamApiKeysCreateInputSchema>>;\nexport async function apiKeyCreationOptionsToCrud(type: ApiKeyType, userIdOrTeamId: string, options: ApiKeyCreationOptions): Promise<yup.InferType<typeof userApiKeysCreateInputSchema> | yup.InferType<typeof teamApiKeysCreateInputSchema>> {\n return {\n description: options.description,\n expires_at_millis: options.expiresAt == null ? options.expiresAt : options.expiresAt.getTime(),\n is_public: options.isPublic,\n ...(type === \"user\" ? { user_id: userIdOrTeamId } : { team_id: userIdOrTeamId }),\n };\n}\n\n\nexport type ApiKeyUpdateOptions<Type extends ApiKeyType = ApiKeyType> = {\n description?: string,\n expiresAt?: Date | null,\n revoked?: boolean,\n};\nexport function apiKeyUpdateOptionsToCrud(type: \"user\", options: ApiKeyUpdateOptions<\"user\">): Promise<UserApiKeysCrud[\"Client\"][\"Update\"]>;\nexport function apiKeyUpdateOptionsToCrud(type: \"team\", options: ApiKeyUpdateOptions<\"team\">): Promise<TeamApiKeysCrud[\"Client\"][\"Update\"]>;\nexport function apiKeyUpdateOptionsToCrud(type: ApiKeyType, options: ApiKeyUpdateOptions): Promise<UserApiKeysCrud[\"Client\"][\"Update\"] | TeamApiKeysCrud[\"Client\"][\"Update\"]>;\nexport async function apiKeyUpdateOptionsToCrud(type: ApiKeyType, options: ApiKeyUpdateOptions): Promise<UserApiKeysCrud[\"Client\"][\"Update\"] | TeamApiKeysCrud[\"Client\"][\"Update\"]> {\n return filterUndefined({\n description: options.description,\n expires_at_millis: options.expiresAt == null ? options.expiresAt : options.expiresAt.getTime(),\n revoked: options.revoked,\n });\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAKA,qBAAgC;AA2ChC,eAAsB,4BAA4B,MAAkB,gBAAwB,SAAkJ;AAC5O,SAAO;AAAA,IACL,aAAa,QAAQ;AAAA,IACrB,mBAAmB,QAAQ,aAAa,OAAO,QAAQ,YAAY,QAAQ,UAAU,QAAQ;AAAA,IAC7F,WAAW,QAAQ;AAAA,IACnB,GAAI,SAAS,SAAS,EAAE,SAAS,eAAe,IAAI,EAAE,SAAS,eAAe;AAAA,EAChF;AACF;AAWA,eAAsB,0BAA0B,MAAkB,SAAkH;AAClL,aAAO,gCAAgB;AAAA,IACrB,aAAa,QAAQ;AAAA,IACrB,mBAAmB,QAAQ,aAAa,OAAO,QAAQ,YAAY,QAAQ,UAAU,QAAQ;AAAA,IAC7F,SAAS,QAAQ;AAAA,EACnB,CAAC;AACH;","names":[]}
|