@stackframe/stack 2.6.11 → 2.6.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (36) hide show
  1. package/CHANGELOG.md +38 -0
  2. package/dist/components/passkey-button.d.mts +7 -0
  3. package/dist/components/passkey-button.d.ts +7 -0
  4. package/dist/components/passkey-button.js +58 -0
  5. package/dist/components/passkey-button.js.map +1 -0
  6. package/dist/components-page/account-settings.js +343 -102
  7. package/dist/components-page/account-settings.js.map +1 -1
  8. package/dist/components-page/auth-page.d.mts +1 -0
  9. package/dist/components-page/auth-page.d.ts +1 -0
  10. package/dist/components-page/auth-page.js +5 -1
  11. package/dist/components-page/auth-page.js.map +1 -1
  12. package/dist/esm/components/passkey-button.js +34 -0
  13. package/dist/esm/components/passkey-button.js.map +1 -0
  14. package/dist/esm/components-page/account-settings.js +344 -103
  15. package/dist/esm/components-page/account-settings.js.map +1 -1
  16. package/dist/esm/components-page/auth-page.js +5 -1
  17. package/dist/esm/components-page/auth-page.js.map +1 -1
  18. package/dist/esm/generated/global-css.js +1 -1
  19. package/dist/esm/generated/global-css.js.map +1 -1
  20. package/dist/esm/generated/quetzal-translations.js +2268 -1824
  21. package/dist/esm/generated/quetzal-translations.js.map +1 -1
  22. package/dist/esm/lib/stack-app.js +197 -13
  23. package/dist/esm/lib/stack-app.js.map +1 -1
  24. package/dist/generated/global-css.d.mts +1 -1
  25. package/dist/generated/global-css.d.ts +1 -1
  26. package/dist/generated/global-css.js +1 -1
  27. package/dist/generated/global-css.js.map +1 -1
  28. package/dist/generated/quetzal-translations.d.mts +2 -2
  29. package/dist/generated/quetzal-translations.d.ts +2 -2
  30. package/dist/generated/quetzal-translations.js +2268 -1824
  31. package/dist/generated/quetzal-translations.js.map +1 -1
  32. package/dist/lib/stack-app.d.mts +60 -19
  33. package/dist/lib/stack-app.d.ts +60 -19
  34. package/dist/lib/stack-app.js +197 -13
  35. package/dist/lib/stack-app.js.map +1 -1
  36. package/package.json +5 -4
package/dist/lib/stack-app.d.mts CHANGED
@@ -67,6 +67,31 @@ type StackClientAppJson<HasTokenStore extends boolean, ProjectId extends string>
67
67
  uniqueIdentifier: string;
68
68
  };
69
69
  declare const stackAppInternalsSymbol: unique symbol;
70
+ type ContactChannel = {
71
+ id: string;
72
+ value: string;
73
+ type: 'email';
74
+ isPrimary: boolean;
75
+ isVerified: boolean;
76
+ usedForAuth: boolean;
77
+ sendVerificationEmail(): Promise<Result<undefined, KnownErrors["EmailAlreadyVerified"]>>;
78
+ update(data: ContactChannelUpdateOptions): Promise<void>;
79
+ delete(): Promise<void>;
80
+ };
81
+ type ContactChannelCreateOptions = {
82
+ value: string;
83
+ type: 'email';
84
+ usedForAuth: boolean;
85
+ };
86
+ type ContactChannelUpdateOptions = {
87
+ usedForAuth?: boolean;
88
+ value?: string;
89
+ isPrimary?: boolean;
90
+ };
91
+ type ServerContactChannel = ContactChannel;
92
+ type ServerContactChannelCreateOptions = ContactChannelCreateOptions & {
93
+ isVerified?: boolean;
94
+ };
70
95
  type Session = {
71
96
  getTokens(): Promise<{
72
97
  accessToken: string | null;
@@ -151,6 +176,7 @@ type Auth = {
151
176
  accessToken: string | null;
152
177
  refreshToken: string | null;
153
178
  }>;
179
+ registerPasskey(): Promise<Result<undefined, KnownErrors["PasskeyRegistrationFailed"] | KnownErrors["PasskeyWebAuthnError"]>>;
154
180
  };
155
181
  /**
156
182
  * ```
@@ -188,39 +214,48 @@ type BaseUser = {
188
214
  readonly signedUpAt: Date;
189
215
  readonly clientMetadata: any;
190
216
  readonly clientReadOnlyMetadata: any;
191
- /**
192
- * Whether the primary e-mail can be used for authentication.
193
- */
194
- readonly emailAuthEnabled: boolean;
195
217
  /**
196
218
  * Whether the user has a password set.
197
219
  */
198
220
  readonly hasPassword: boolean;
199
- /**
200
- * @deprecated
201
- */
202
- readonly oauthProviders: readonly {
203
- id: string;
204
- }[];
221
+ readonly otpAuthEnabled: boolean;
222
+ readonly passkeyAuthEnabled: boolean;
205
223
  readonly isMultiFactorRequired: boolean;
206
224
  /**
207
225
  * A shorthand method to update multiple fields of the user at once.
208
226
  */
209
227
  readonly selectedTeam: Team | null;
210
228
  toClientJson(): CurrentUserCrud["Client"]["Read"];
229
+ /**
230
+ * @deprecated, use contact channel's usedForAuth instead
231
+ */
232
+ readonly emailAuthEnabled: boolean;
233
+ /**
234
+ * @deprecated
235
+ */
236
+ readonly oauthProviders: readonly {
237
+ id: string;
238
+ }[];
211
239
  };
212
240
  type UserExtra = {
213
241
  setDisplayName(displayName: string): Promise<void>;
242
+ /** @deprecated Use contact channel's sendVerificationEmail instead */
214
243
  sendVerificationEmail(): Promise<KnownErrors["EmailAlreadyVerified"] | void>;
215
244
  setClientMetadata(metadata: any): Promise<void>;
216
245
  updatePassword(options: {
217
246
  oldPassword: string;
218
247
  newPassword: string;
219
248
  }): Promise<KnownErrors["PasswordConfirmationMismatch"] | KnownErrors["PasswordRequirementsNotMet"] | void>;
249
+ setPassword(options: {
250
+ password: string;
251
+ }): Promise<KnownErrors["PasswordRequirementsNotMet"] | void>;
220
252
  /**
221
253
  * A shorthand method to update multiple fields of the user at once.
222
254
  */
223
255
  update(update: UserUpdateOptions): Promise<void>;
256
+ useContactChannels(): ContactChannel[];
257
+ listContactChannels(): Promise<ContactChannel[]>;
258
+ createContactChannel(data: ContactChannelCreateOptions): Promise<ContactChannel>;
224
259
  delete(): Promise<void>;
225
260
  getConnectedAccount(id: ProviderType, options: {
226
261
  or: 'redirect';
@@ -263,6 +298,8 @@ type UserUpdateOptions = {
263
298
  selectedTeamId?: string | null;
264
299
  totpMultiFactorSecret?: Uint8Array | null;
265
300
  profileImageUrl?: string | null;
301
+ otpAuthEnabled?: boolean;
302
+ passkeyAuthEnabled?: boolean;
266
303
  };
267
304
  type ServerBaseUser = {
268
305
  setPrimaryEmail(email: string, options?: {
@@ -272,14 +309,12 @@ type ServerBaseUser = {
272
309
  readonly serverMetadata: any;
273
310
  setServerMetadata(metadata: any): Promise<void>;
274
311
  setClientReadOnlyMetadata(metadata: any): Promise<void>;
275
- updatePassword(options: {
276
- oldPassword?: string;
277
- newPassword: string;
278
- }): Promise<KnownErrors["PasswordConfirmationMismatch"] | KnownErrors["PasswordRequirementsNotMet"] | void>;
312
+ useContactChannels(): ServerContactChannel[];
313
+ listContactChannels(): Promise<ServerContactChannel[]>;
314
+ createContactChannel(data: ServerContactChannelCreateOptions): Promise<ServerContactChannel>;
279
315
  update(user: ServerUserUpdateOptions): Promise<void>;
280
316
  grantPermission(scope: Team, permissionId: string): Promise<void>;
281
317
  revokePermission(scope: Team, permissionId: string): Promise<void>;
282
- hasPermission(scope: Team, permissionId: string): Promise<boolean>;
283
318
  /**
284
319
  * Creates a new session object with a refresh token for this user. Can be used to impersonate them.
285
320
  */
@@ -307,8 +342,10 @@ type ServerUserUpdateOptions = {
307
342
  password?: string;
308
343
  } & UserUpdateOptions;
309
344
  type ServerUserCreateOptions = {
310
- primaryEmail: string;
311
- password: string;
345
+ primaryEmail?: string;
346
+ primaryEmailAuthEnabled?: boolean;
347
+ password?: string;
348
+ otpAuthEnabled?: boolean;
312
349
  displayName?: string;
313
350
  primaryEmailVerified?: boolean;
314
351
  };
@@ -346,6 +383,7 @@ type ProjectConfig = {
346
383
  readonly signUpEnabled: boolean;
347
384
  readonly credentialEnabled: boolean;
348
385
  readonly magicLinkEnabled: boolean;
386
+ readonly passkeyEnabled: boolean;
349
387
  readonly clientTeamCreationEnabled: boolean;
350
388
  readonly clientUserDeletionEnabled: boolean;
351
389
  readonly oauthProviders: OAuthProviderConfig[];
@@ -358,6 +396,7 @@ type AdminProjectConfig = {
358
396
  readonly signUpEnabled: boolean;
359
397
  readonly credentialEnabled: boolean;
360
398
  readonly magicLinkEnabled: boolean;
399
+ readonly passkeyEnabled: boolean;
361
400
  readonly clientTeamCreationEnabled: boolean;
362
401
  readonly clientUserDeletionEnabled: boolean;
363
402
  readonly legacyGlobalJwtSigning: boolean;
@@ -405,6 +444,7 @@ type AdminProjectConfigUpdateOptions = {
405
444
  signUpEnabled?: boolean;
406
445
  credentialEnabled?: boolean;
407
446
  magicLinkEnabled?: boolean;
447
+ passkeyEnabled?: boolean;
408
448
  clientTeamCreationEnabled?: boolean;
409
449
  clientUserDeletionEnabled?: boolean;
410
450
  allowLocalhost?: boolean;
@@ -475,7 +515,7 @@ type Team = {
475
515
  clientReadOnlyMetadata: any;
476
516
  inviteUser(options: {
477
517
  email: string;
478
- }): Promise<Result<undefined, KnownErrors["TeamPermissionRequired"]>>;
518
+ }): Promise<void>;
479
519
  listUsers(): Promise<TeamUser[]>;
480
520
  useUsers(): TeamUser[];
481
521
  update(update: TeamUpdateOptions): Promise<void>;
@@ -503,7 +543,7 @@ type ServerTeam = {
503
543
  addUser(userId: string): Promise<void>;
504
544
  inviteUser(options: {
505
545
  email: string;
506
- }): Promise<Result<undefined, KnownErrors["TeamPermissionRequired"]>>;
546
+ }): Promise<void>;
507
547
  removeUser(userId: string): Promise<void>;
508
548
  } & Team;
509
549
  type ServerTeamCreateOptions = TeamCreateOptions;
@@ -566,6 +606,7 @@ type StackClientApp<HasTokenStore extends boolean = boolean, ProjectId extends s
566
606
  password: string;
567
607
  noRedirect?: boolean;
568
608
  }): Promise<Result<undefined, KnownErrors["UserEmailAlreadyExists"] | KnownErrors["PasswordRequirementsNotMet"]>>;
609
+ signInWithPasskey(): Promise<Result<undefined, KnownErrors["PasskeyAuthenticationFailed"] | KnownErrors["InvalidTotpCode"] | KnownErrors["PasskeyWebAuthnError"]>>;
569
610
  callOAuthCallback(): Promise<boolean>;
570
611
  sendForgotPasswordEmail(email: string): Promise<Result<undefined, KnownErrors["UserNotFound"]>>;
571
612
  sendMagicLinkEmail(email: string): Promise<Result<{
package/dist/lib/stack-app.d.ts CHANGED
@@ -67,6 +67,31 @@ type StackClientAppJson<HasTokenStore extends boolean, ProjectId extends string>
67
67
  uniqueIdentifier: string;
68
68
  };
69
69
  declare const stackAppInternalsSymbol: unique symbol;
70
+ type ContactChannel = {
71
+ id: string;
72
+ value: string;
73
+ type: 'email';
74
+ isPrimary: boolean;
75
+ isVerified: boolean;
76
+ usedForAuth: boolean;
77
+ sendVerificationEmail(): Promise<Result<undefined, KnownErrors["EmailAlreadyVerified"]>>;
78
+ update(data: ContactChannelUpdateOptions): Promise<void>;
79
+ delete(): Promise<void>;
80
+ };
81
+ type ContactChannelCreateOptions = {
82
+ value: string;
83
+ type: 'email';
84
+ usedForAuth: boolean;
85
+ };
86
+ type ContactChannelUpdateOptions = {
87
+ usedForAuth?: boolean;
88
+ value?: string;
89
+ isPrimary?: boolean;
90
+ };
91
+ type ServerContactChannel = ContactChannel;
92
+ type ServerContactChannelCreateOptions = ContactChannelCreateOptions & {
93
+ isVerified?: boolean;
94
+ };
70
95
  type Session = {
71
96
  getTokens(): Promise<{
72
97
  accessToken: string | null;
@@ -151,6 +176,7 @@ type Auth = {
151
176
  accessToken: string | null;
152
177
  refreshToken: string | null;
153
178
  }>;
179
+ registerPasskey(): Promise<Result<undefined, KnownErrors["PasskeyRegistrationFailed"] | KnownErrors["PasskeyWebAuthnError"]>>;
154
180
  };
155
181
  /**
156
182
  * ```
@@ -188,39 +214,48 @@ type BaseUser = {
188
214
  readonly signedUpAt: Date;
189
215
  readonly clientMetadata: any;
190
216
  readonly clientReadOnlyMetadata: any;
191
- /**
192
- * Whether the primary e-mail can be used for authentication.
193
- */
194
- readonly emailAuthEnabled: boolean;
195
217
  /**
196
218
  * Whether the user has a password set.
197
219
  */
198
220
  readonly hasPassword: boolean;
199
- /**
200
- * @deprecated
201
- */
202
- readonly oauthProviders: readonly {
203
- id: string;
204
- }[];
221
+ readonly otpAuthEnabled: boolean;
222
+ readonly passkeyAuthEnabled: boolean;
205
223
  readonly isMultiFactorRequired: boolean;
206
224
  /**
207
225
  * A shorthand method to update multiple fields of the user at once.
208
226
  */
209
227
  readonly selectedTeam: Team | null;
210
228
  toClientJson(): CurrentUserCrud["Client"]["Read"];
229
+ /**
230
+ * @deprecated, use contact channel's usedForAuth instead
231
+ */
232
+ readonly emailAuthEnabled: boolean;
233
+ /**
234
+ * @deprecated
235
+ */
236
+ readonly oauthProviders: readonly {
237
+ id: string;
238
+ }[];
211
239
  };
212
240
  type UserExtra = {
213
241
  setDisplayName(displayName: string): Promise<void>;
242
+ /** @deprecated Use contact channel's sendVerificationEmail instead */
214
243
  sendVerificationEmail(): Promise<KnownErrors["EmailAlreadyVerified"] | void>;
215
244
  setClientMetadata(metadata: any): Promise<void>;
216
245
  updatePassword(options: {
217
246
  oldPassword: string;
218
247
  newPassword: string;
219
248
  }): Promise<KnownErrors["PasswordConfirmationMismatch"] | KnownErrors["PasswordRequirementsNotMet"] | void>;
249
+ setPassword(options: {
250
+ password: string;
251
+ }): Promise<KnownErrors["PasswordRequirementsNotMet"] | void>;
220
252
  /**
221
253
  * A shorthand method to update multiple fields of the user at once.
222
254
  */
223
255
  update(update: UserUpdateOptions): Promise<void>;
256
+ useContactChannels(): ContactChannel[];
257
+ listContactChannels(): Promise<ContactChannel[]>;
258
+ createContactChannel(data: ContactChannelCreateOptions): Promise<ContactChannel>;
224
259
  delete(): Promise<void>;
225
260
  getConnectedAccount(id: ProviderType, options: {
226
261
  or: 'redirect';
@@ -263,6 +298,8 @@ type UserUpdateOptions = {
263
298
  selectedTeamId?: string | null;
264
299
  totpMultiFactorSecret?: Uint8Array | null;
265
300
  profileImageUrl?: string | null;
301
+ otpAuthEnabled?: boolean;
302
+ passkeyAuthEnabled?: boolean;
266
303
  };
267
304
  type ServerBaseUser = {
268
305
  setPrimaryEmail(email: string, options?: {
@@ -272,14 +309,12 @@ type ServerBaseUser = {
272
309
  readonly serverMetadata: any;
273
310
  setServerMetadata(metadata: any): Promise<void>;
274
311
  setClientReadOnlyMetadata(metadata: any): Promise<void>;
275
- updatePassword(options: {
276
- oldPassword?: string;
277
- newPassword: string;
278
- }): Promise<KnownErrors["PasswordConfirmationMismatch"] | KnownErrors["PasswordRequirementsNotMet"] | void>;
312
+ useContactChannels(): ServerContactChannel[];
313
+ listContactChannels(): Promise<ServerContactChannel[]>;
314
+ createContactChannel(data: ServerContactChannelCreateOptions): Promise<ServerContactChannel>;
279
315
  update(user: ServerUserUpdateOptions): Promise<void>;
280
316
  grantPermission(scope: Team, permissionId: string): Promise<void>;
281
317
  revokePermission(scope: Team, permissionId: string): Promise<void>;
282
- hasPermission(scope: Team, permissionId: string): Promise<boolean>;
283
318
  /**
284
319
  * Creates a new session object with a refresh token for this user. Can be used to impersonate them.
285
320
  */
@@ -307,8 +342,10 @@ type ServerUserUpdateOptions = {
307
342
  password?: string;
308
343
  } & UserUpdateOptions;
309
344
  type ServerUserCreateOptions = {
310
- primaryEmail: string;
311
- password: string;
345
+ primaryEmail?: string;
346
+ primaryEmailAuthEnabled?: boolean;
347
+ password?: string;
348
+ otpAuthEnabled?: boolean;
312
349
  displayName?: string;
313
350
  primaryEmailVerified?: boolean;
314
351
  };
@@ -346,6 +383,7 @@ type ProjectConfig = {
346
383
  readonly signUpEnabled: boolean;
347
384
  readonly credentialEnabled: boolean;
348
385
  readonly magicLinkEnabled: boolean;
386
+ readonly passkeyEnabled: boolean;
349
387
  readonly clientTeamCreationEnabled: boolean;
350
388
  readonly clientUserDeletionEnabled: boolean;
351
389
  readonly oauthProviders: OAuthProviderConfig[];
@@ -358,6 +396,7 @@ type AdminProjectConfig = {
358
396
  readonly signUpEnabled: boolean;
359
397
  readonly credentialEnabled: boolean;
360
398
  readonly magicLinkEnabled: boolean;
399
+ readonly passkeyEnabled: boolean;
361
400
  readonly clientTeamCreationEnabled: boolean;
362
401
  readonly clientUserDeletionEnabled: boolean;
363
402
  readonly legacyGlobalJwtSigning: boolean;
@@ -405,6 +444,7 @@ type AdminProjectConfigUpdateOptions = {
405
444
  signUpEnabled?: boolean;
406
445
  credentialEnabled?: boolean;
407
446
  magicLinkEnabled?: boolean;
447
+ passkeyEnabled?: boolean;
408
448
  clientTeamCreationEnabled?: boolean;
409
449
  clientUserDeletionEnabled?: boolean;
410
450
  allowLocalhost?: boolean;
@@ -475,7 +515,7 @@ type Team = {
475
515
  clientReadOnlyMetadata: any;
476
516
  inviteUser(options: {
477
517
  email: string;
478
- }): Promise<Result<undefined, KnownErrors["TeamPermissionRequired"]>>;
518
+ }): Promise<void>;
479
519
  listUsers(): Promise<TeamUser[]>;
480
520
  useUsers(): TeamUser[];
481
521
  update(update: TeamUpdateOptions): Promise<void>;
@@ -503,7 +543,7 @@ type ServerTeam = {
503
543
  addUser(userId: string): Promise<void>;
504
544
  inviteUser(options: {
505
545
  email: string;
506
- }): Promise<Result<undefined, KnownErrors["TeamPermissionRequired"]>>;
546
+ }): Promise<void>;
507
547
  removeUser(userId: string): Promise<void>;
508
548
  } & Team;
509
549
  type ServerTeamCreateOptions = TeamCreateOptions;
@@ -566,6 +606,7 @@ type StackClientApp<HasTokenStore extends boolean = boolean, ProjectId extends s
566
606
  password: string;
567
607
  noRedirect?: boolean;
568
608
  }): Promise<Result<undefined, KnownErrors["UserEmailAlreadyExists"] | KnownErrors["PasswordRequirementsNotMet"]>>;
609
+ signInWithPasskey(): Promise<Result<undefined, KnownErrors["PasskeyAuthenticationFailed"] | KnownErrors["InvalidTotpCode"] | KnownErrors["PasskeyWebAuthnError"]>>;
569
610
  callOAuthCallback(): Promise<boolean>;
570
611
  sendForgotPasswordEmail(email: string): Promise<Result<undefined, KnownErrors["UserNotFound"]>>;
571
612
  sendMagicLinkEmail(email: string): Promise<Result<{