@supabase/gotrue-js 2.4.2 → 2.5.0

package/src/GoTrueClient.ts

@@ -1140,99 +1140,138 @@ export default class GoTrueClient {
   }
 
   private async _unenroll(params: MFAUnenrollParams): Promise<AuthMFAUnenrollResponse> {
-    const { data: sessionData, error: sessionError } = await this.getSession()
-    if (sessionError) {
-      return { data: null, error: sessionError }
-    }
+    try {
+      const { data: sessionData, error: sessionError } = await this.getSession()
+      if (sessionError) {
+        return { data: null, error: sessionError }
+      }
 
-    return await _request(this.fetch, 'DELETE', `${this.url}/factors/${params.factorId}`, {
-      headers: this.headers,
-      jwt: sessionData?.session?.access_token,
-    })
+      return await _request(this.fetch, 'DELETE', `${this.url}/factors/${params.factorId}`, {
+        headers: this.headers,
+        jwt: sessionData?.session?.access_token,
+      })
+    } catch (error) {
+      if (isAuthError(error)) {
+        return { data: null, error }
+      }
+      throw error
+    }
   }
 
   /**
-   * Deletes a registered factor from GoTrue
+   * Enrolls a factor
    * @param friendlyName Human readable name assigned to a device
    * @param factorType device which we're validating against. Can only be TOTP for now.
    * @param issuer domain which the user is enrolling with
    */
   private async _enroll(params: MFAEnrollParams): Promise<AuthMFAEnrollResponse> {
-    const { data: sessionData, error: sessionError } = await this.getSession()
-    if (sessionError) {
-      return { data: null, error: sessionError }
-    }
+    try {
+      const { data: sessionData, error: sessionError } = await this.getSession()
+      if (sessionError) {
+        return { data: null, error: sessionError }
+      }
 
-    const { data, error } = await _request(this.fetch, 'POST', `${this.url}/factors`, {
-      body: {
-        friendly_name: params.friendlyName,
-        factor_type: params.factorType,
-        issuer: params.issuer,
-      },
-      headers: this.headers,
-      jwt: sessionData?.session?.access_token,
-    })
+      const { data, error } = await _request(this.fetch, 'POST', `${this.url}/factors`, {
+        body: {
+          friendly_name: params.friendlyName,
+          factor_type: params.factorType,
+          issuer: params.issuer,
+        },
+        headers: this.headers,
+        jwt: sessionData?.session?.access_token,
+      })
 
-    if (error) {
-      return { data: null, error }
-    }
+      if (error) {
+        return { data: null, error }
+      }
 
-    if (data?.totp?.qr_code) {
-      data.totp.qr_code = `data:image/svg+xml;utf-8,${data.totp.qr_code}`
-    }
+      if (data?.totp?.qr_code) {
+        data.totp.qr_code = `data:image/svg+xml;utf-8,${data.totp.qr_code}`
+      }
 
-    return { data, error: null }
+      return { data, error: null }
+    } catch (error) {
+      if (isAuthError(error)) {
+        return { data: null, error }
+      }
+      throw error
+    }
   }
 
   /**
    * Validates a device as part of the enrollment step.
-   * @param factorID System assigned identifier for authenticator device as returned by enroll
+   * @param factorId System assigned identifier for authenticator device as returned by enroll
    * @param code Code Generated by an authenticator device
    */
   private async _verify(params: MFAVerifyParams): Promise<AuthMFAVerifyResponse> {
-    const { data: sessionData, error: sessionError } = await this.getSession()
-    if (sessionError) {
-      return { data: null, error: sessionError }
-    }
+    try {
+      const { data: sessionData, error: sessionError } = await this.getSession()
+      if (sessionError) {
+        return { data: null, error: sessionError }
+      }
 
-    const { data, error } = await _request(
-      this.fetch,
-      'POST',
-      `${this.url}/factors/${params.factorId}/verify`,
-      {
-        body: { code: params.code, challenge_id: params.challengeId },
-        headers: this.headers,
-        jwt: sessionData?.session?.access_token,
+      const { data, error } = await _request(
+        this.fetch,
+        'POST',
+        `${this.url}/factors/${params.factorId}/verify`,
+        {
+          body: { code: params.code, challenge_id: params.challengeId },
+          headers: this.headers,
+          jwt: sessionData?.session?.access_token,
+        }
+      )
+      if (error) {
+        return { data: null, error }
       }
-    )
-    if (error) {
-      return { data: null, error }
-    }
 
-    await this._saveSession({
-      expires_at: Math.round(Date.now() / 1000) + data.expires_in,
-      ...data,
-    })
-    this._notifyAllSubscribers('MFA_CHALLENGE_VERIFIED', data)
+      await this._saveSession({
+        expires_at: Math.round(Date.now() / 1000) + data.expires_in,
+        ...data,
+      })
+      this._notifyAllSubscribers('MFA_CHALLENGE_VERIFIED', data)
 
-    return { data, error }
+      return { data, error }
+    } catch (error) {
+      if (isAuthError(error)) {
+        return { data: null, error }
+      }
+      throw error
+    }
   }
 
   /**
    * Creates a challenge which a user can verify against
-   * @param factorID System assigned identifier for authenticator device as returned by enroll
+   * @param factorId System assigned identifier for authenticator device as returned by enroll
    */
   private async _challenge(params: MFAChallengeParams): Promise<AuthMFAChallengeResponse> {
-    const { data: sessionData, error: sessionError } = await this.getSession()
-    if (sessionError) {
-      return { data: null, error: sessionError }
-    }
+    try {
+      const { data: sessionData, error: sessionError } = await this.getSession()
+      if (sessionError) {
+        return { data: null, error: sessionError }
+      }
 
-    return await _request(this.fetch, 'POST', `${this.url}/factors/${params.factorId}/challenge`, {
-      headers: this.headers,
-      jwt: sessionData?.session?.access_token,
-    })
+      return await _request(
+        this.fetch,
+        'POST',
+        `${this.url}/factors/${params.factorId}/challenge`,
+        {
+          headers: this.headers,
+          jwt: sessionData?.session?.access_token,
+        }
+      )
+    } catch (error) {
+      if (isAuthError(error)) {
+        return { data: null, error }
+      }
+      throw error
+    }
   }
+
+  /**
+   * Creates a challenge and immediately verifies it
+   * @param factorId System assigned identifier for authenticator device as returned by enroll
+   * @param code Code Generated by an authenticator device
+   */
   private async _challengeAndVerify(
     params: MFAChallengeAndVerifyParams
   ): Promise<AuthMFAVerifyResponse> {
@@ -1275,6 +1314,10 @@ export default class GoTrueClient {
     }
   }
 
+  /**
+   * Gets the current and next authenticator assurance level (AAL)
+   * and the current authentication methods for the session (AMR)
+   */
   private async _getAuthenticatorAssuranceLevel(): Promise<AuthMFAGetAuthenticatorAssuranceLevelResponse> {
     const {
       data: { session },

package/src/lib/helpers.ts

@@ -13,7 +13,7 @@ export function uuid() {
   })
 }
 
-export const isBrowser = () => typeof window !== 'undefined'
+export const isBrowser = () => typeof document !== 'undefined'
 
 export function getParameterByName(name: string, url?: string) {
   if (!url) url = window?.location?.href || ''

package/src/lib/types.ts

@@ -595,8 +595,11 @@ export type GenerateLinkType =
   | 'email_change_new'
 
 export type MFAEnrollParams = {
+  /** The type of factor being enrolled. */
   factorType: 'totp'
+  /** Domain which the user is enrolled with. */
   issuer?: string
+  /** Human readable name assigned to the factor. */
   friendlyName?: string
 }
 
@@ -606,10 +609,10 @@ export type MFAUnenrollParams = {
 }
 
 export type MFAVerifyParams = {
-  /** ID of the factor being verified. */
+  /** ID of the factor being verified. Returned in enroll(). */
   factorId: string
 
-  /** ID of the challenge being verified. */
+  /** ID of the challenge being verified. Returned in challenge(). */
   challengeId: string
 
   /** Verification code provided by the user. */
@@ -617,12 +620,12 @@ export type MFAVerifyParams = {
 }
 
 export type MFAChallengeParams = {
-  /** ID of the factor to be challenged. */
+  /** ID of the factor to be challenged. Returned in enroll(). */
   factorId: string
 }
 
 export type MFAChallengeAndVerifyParams = {
-  /** ID of the factor being verified. */
+  /** ID of the factor being verified. Returned in enroll(). */
   factorId: string
   /** Verification code provided by the user. */
   code: string
@@ -755,54 +758,38 @@ export type AuthMFAGetAuthenticatorAssuranceLevelResponse =
  */
 export interface GoTrueMFAApi {
   /**
-   * Starts the enrollment process for a new Multi-Factor Authentication
-   * factor. This method creates a new factor in the 'unverified' state.
-   * Present the QR code or secret to the user and ask them to add it to their
-   * authenticator app. Ask the user to provide you with an authenticator code
-   * from their app and verify it by calling challenge and then verify.
+   * Starts the enrollment process for a new Multi-Factor Authentication (MFA)
+   * factor. This method creates a new `unverified` factor.
+   * To verify a factor, present the QR code or secret to the user and ask them to add it to their
+   * authenticator app.
+   * The user has to enter the code from their authenticator app to verify it.
    *
-   * The first successful verification of an unverified factor activates the
-   * factor. All other sessions are logged out and the current one gets an
-   * `aal2` authenticator level.
-   *
-   * @see {@link GoTrueMFAApi#challenge}
-   * @see {@link GoTrueMFAApi#verify}
-   * @see {@link GoTrueMFAApi#getAuthenticatorAssuranceLevel}
+   * Upon verifying a factor, all other sessions are logged out and the current session's authenticator level is promoted to `aal2`.
    *
    */
   enroll(params: MFAEnrollParams): Promise<AuthMFAEnrollResponse>
 
   /**
    * Prepares a challenge used to verify that a user has access to a MFA
-   * factor. Provide the challenge ID and verification code by calling
-   * {@link GoTrueMFAApi#verify}.
-   *
+   * factor.
    */
   challenge(params: MFAChallengeParams): Promise<AuthMFAChallengeResponse>
 
   /**
-   * Verifies a verification code against a challenge. The verification code is
+   * Verifies a code against a challenge. The verification code is
    * provided by the user by entering a code seen in their authenticator app.
-   *
-   * @see {@link GoTrueMFAApi#challenge}
-   *
    */
   verify(params: MFAVerifyParams): Promise<AuthMFAVerifyResponse>
 
   /**
-   * Unenroll removes a MFA factor. Unverified factors can safely be ignored
-   * and it's not necessary to unenroll them. Unenrolling a verified MFA factor
-   * cannot be done from a session with an `aal1` authenticator level.
-   *
+   * Unenroll removes a MFA factor.
+   * A user has to have an `aal2` authenticator level in order to unenroll a `verified` factor.
    */
   unenroll(params: MFAUnenrollParams): Promise<AuthMFAUnenrollResponse>
 
   /**
    * Helper method which creates a challenge and immediately uses the given code to verify against it thereafter. The verification code is
    * provided by the user by entering a code seen in their authenticator app.
-   *
-   * @see {@link GoTrueMFAApi#challengeAndVerify}
-   *
    */
   challengeAndVerify(params: MFAChallengeAndVerifyParams): Promise<AuthMFAVerifyResponse>
 
@@ -877,7 +864,7 @@ export type AuthMFAAdminListFactorsResponse =
  * @expermental
  */
 export type AuthMFAAdminListFactorsParams = {
-  /** ID of the user for which to list all MFA factors. */
+  /** ID of the user. */
   userId: string
 }
 
@@ -888,15 +875,14 @@ export type AuthMFAAdminListFactorsParams = {
  */
 export interface GoTrueAdminMFAApi {
   /**
-   * Lists all factors attached to a user.
+   * Lists all factors associated to a user.
    *
    */
   listFactors(params: AuthMFAAdminListFactorsParams): Promise<AuthMFAAdminListFactorsResponse>
 
   /**
    * Deletes a factor on a user. This will log the user out of all active
-   * sessions (if the deleted factor was verified). There's no need to delete
-   * unverified factors.
+   * sessions if the deleted factor was verified.
    *
    * @see {@link GoTrueMFAApi#unenroll}
    *
@@ -927,3 +913,10 @@ export type CallRefreshTokenResult =
       session: null
       error: AuthError
     }
+
+export type PageParams = {
+  /** The page number */
+  page?: number
+  /** Number of items returned per page */
+  perPage?: number
+}

package/src/lib/version.ts

@@ -1,2 +1,2 @@
 // Generated by genversion.
-export const version = '2.4.2'
+export const version = '2.5.0'