@supabase/gotrue-js 2.41.0 → 2.42.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/main/GoTrueClient.d.ts +0 -13
- package/dist/main/GoTrueClient.d.ts.map +1 -1
- package/dist/main/GoTrueClient.js +180 -229
- package/dist/main/GoTrueClient.js.map +1 -1
- package/dist/main/lib/helpers.d.ts +0 -23
- package/dist/main/lib/helpers.d.ts.map +1 -1
- package/dist/main/lib/helpers.js +1 -94
- package/dist/main/lib/helpers.js.map +1 -1
- package/dist/main/lib/version.d.ts +1 -1
- package/dist/main/lib/version.js +1 -1
- package/dist/module/GoTrueClient.d.ts +0 -13
- package/dist/module/GoTrueClient.d.ts.map +1 -1
- package/dist/module/GoTrueClient.js +181 -230
- package/dist/module/GoTrueClient.js.map +1 -1
- package/dist/module/lib/helpers.d.ts +0 -23
- package/dist/module/lib/helpers.d.ts.map +1 -1
- package/dist/module/lib/helpers.js +0 -91
- package/dist/module/lib/helpers.js.map +1 -1
- package/dist/module/lib/version.d.ts +1 -1
- package/dist/module/lib/version.js +1 -1
- package/package.json +1 -1
- package/src/GoTrueClient.ts +205 -280
- package/src/lib/helpers.ts +0 -111
- package/src/lib/version.ts +1 -1
|
@@ -2,7 +2,7 @@ import GoTrueAdminApi from './GoTrueAdminApi';
|
|
|
2
2
|
import { DEFAULT_HEADERS, EXPIRY_MARGIN, GOTRUE_URL, STORAGE_KEY } from './lib/constants';
|
|
3
3
|
import { AuthImplicitGrantRedirectError, AuthPKCEGrantCodeExchangeError, AuthInvalidCredentialsError, AuthSessionMissingError, AuthInvalidTokenResponseError, AuthUnknownError, isAuthApiError, isAuthError, isAuthRetryableFetchError, } from './lib/errors';
|
|
4
4
|
import { _request, _sessionResponse, _userResponse, _ssoResponse } from './lib/fetch';
|
|
5
|
-
import { decodeJWTPayload, Deferred, getItemAsync, getParameterByName, isBrowser, removeItemAsync, resolveFetch, setItemAsync, uuid, retryable, sleep, generatePKCEVerifier, generatePKCEChallenge, supportsLocalStorage,
|
|
5
|
+
import { decodeJWTPayload, Deferred, getItemAsync, getParameterByName, isBrowser, removeItemAsync, resolveFetch, setItemAsync, uuid, retryable, sleep, generatePKCEVerifier, generatePKCEChallenge, supportsLocalStorage, } from './lib/helpers';
|
|
6
6
|
import localStorageAdapter from './lib/local-storage';
|
|
7
7
|
import { polyfillGlobalThis } from './lib/polyfills';
|
|
8
8
|
polyfillGlobalThis(); // Make "globalThis" available
|
|
@@ -133,6 +133,7 @@ export default class GoTrueClient {
|
|
|
133
133
|
}
|
|
134
134
|
const { session, redirectType } = data;
|
|
135
135
|
this._debug('#_initialize()', 'detected session in URL', session, 'redirect type', redirectType);
|
|
136
|
+
await this._saveSession(session);
|
|
136
137
|
setTimeout(async () => {
|
|
137
138
|
if (redirectType === 'recovery') {
|
|
138
139
|
await this._notifyAllSubscribers('PASSWORD_RECOVERY', session);
|
|
@@ -520,18 +521,16 @@ export default class GoTrueClient {
|
|
|
520
521
|
*/
|
|
521
522
|
async reauthenticate() {
|
|
522
523
|
try {
|
|
523
|
-
|
|
524
|
-
|
|
525
|
-
|
|
526
|
-
|
|
527
|
-
|
|
528
|
-
|
|
529
|
-
|
|
530
|
-
|
|
531
|
-
jwt: session.access_token,
|
|
532
|
-
});
|
|
533
|
-
return { data: { user: null, session: null }, error };
|
|
524
|
+
const { data: { session }, error: sessionError, } = await this.getSession();
|
|
525
|
+
if (sessionError)
|
|
526
|
+
throw sessionError;
|
|
527
|
+
if (!session)
|
|
528
|
+
throw new AuthSessionMissingError();
|
|
529
|
+
const { error } = await _request(this.fetch, 'GET', `${this.url}/reauthenticate`, {
|
|
530
|
+
headers: this.headers,
|
|
531
|
+
jwt: session.access_token,
|
|
534
532
|
});
|
|
533
|
+
return { data: { user: null, session: null }, error };
|
|
535
534
|
}
|
|
536
535
|
catch (error) {
|
|
537
536
|
if (isAuthError(error)) {
|
|
@@ -588,36 +587,10 @@ export default class GoTrueClient {
|
|
|
588
587
|
* The session returned can be null if the session is not detected which can happen in the event a user is not signed-in or has logged out.
|
|
589
588
|
*/
|
|
590
589
|
async getSession() {
|
|
591
|
-
return this._useSession(async (result) => {
|
|
592
|
-
return result;
|
|
593
|
-
});
|
|
594
|
-
}
|
|
595
|
-
/**
|
|
596
|
-
* Use instead of {@link #getSession} inside the library. It is
|
|
597
|
-
* semantically usually what you want, as getting a session involves some
|
|
598
|
-
* processing afterwards that requires only one client operating on the
|
|
599
|
-
* session at once across multiple tabs or processes.
|
|
600
|
-
*/
|
|
601
|
-
async _useSession(fn) {
|
|
602
|
-
return await stackGuard('_useSession', async () => {
|
|
603
|
-
// the use of __loadSession here is the only correct use of the function!
|
|
604
|
-
const result = await this.__loadSession();
|
|
605
|
-
return await fn(result);
|
|
606
|
-
});
|
|
607
|
-
}
|
|
608
|
-
/**
|
|
609
|
-
* NEVER USE DIRECTLY!
|
|
610
|
-
*
|
|
611
|
-
* Always use {@link #_useSession}.
|
|
612
|
-
*/
|
|
613
|
-
async __loadSession() {
|
|
614
|
-
if (this.logDebugMessages && !isInStackGuard('_useSession')) {
|
|
615
|
-
throw new Error('Please use #_useSession()');
|
|
616
|
-
}
|
|
617
590
|
// make sure we've read the session from the url if there is one
|
|
618
591
|
// save to just await, as long we make sure _initialize() never throws
|
|
619
592
|
await this.initializePromise;
|
|
620
|
-
this._debug('#
|
|
593
|
+
this._debug('#getSession()', 'begin');
|
|
621
594
|
try {
|
|
622
595
|
let currentSession = null;
|
|
623
596
|
if (this.persistSession) {
|
|
@@ -643,7 +616,7 @@ export default class GoTrueClient {
|
|
|
643
616
|
const hasExpired = currentSession.expires_at
|
|
644
617
|
? currentSession.expires_at <= Date.now() / 1000
|
|
645
618
|
: false;
|
|
646
|
-
this._debug('#
|
|
619
|
+
this._debug('#getSession()', `session has${hasExpired ? '' : ' not'} expired`, 'expires_at', currentSession.expires_at);
|
|
647
620
|
if (!hasExpired) {
|
|
648
621
|
return { data: { session: currentSession }, error: null };
|
|
649
622
|
}
|
|
@@ -654,7 +627,7 @@ export default class GoTrueClient {
|
|
|
654
627
|
return { data: { session }, error: null };
|
|
655
628
|
}
|
|
656
629
|
finally {
|
|
657
|
-
this._debug('#
|
|
630
|
+
this._debug('#getSession()', 'end');
|
|
658
631
|
}
|
|
659
632
|
}
|
|
660
633
|
/**
|
|
@@ -662,22 +635,20 @@ export default class GoTrueClient {
|
|
|
662
635
|
* @param jwt Takes in an optional access token jwt. If no jwt is provided, getUser() will attempt to get the jwt from the current session.
|
|
663
636
|
*/
|
|
664
637
|
async getUser(jwt) {
|
|
638
|
+
var _a, _b;
|
|
665
639
|
try {
|
|
666
|
-
|
|
667
|
-
|
|
668
|
-
if (
|
|
669
|
-
|
|
670
|
-
if (error) {
|
|
671
|
-
throw error;
|
|
672
|
-
}
|
|
673
|
-
// Default to Authorization header if there is no existing session
|
|
674
|
-
jwt = (_b = (_a = data.session) === null || _a === void 0 ? void 0 : _a.access_token) !== null && _b !== void 0 ? _b : undefined;
|
|
640
|
+
if (!jwt) {
|
|
641
|
+
const { data, error } = await this.getSession();
|
|
642
|
+
if (error) {
|
|
643
|
+
throw error;
|
|
675
644
|
}
|
|
676
|
-
|
|
677
|
-
|
|
678
|
-
|
|
679
|
-
|
|
680
|
-
|
|
645
|
+
// Default to Authorization header if there is no existing session
|
|
646
|
+
jwt = (_b = (_a = data.session) === null || _a === void 0 ? void 0 : _a.access_token) !== null && _b !== void 0 ? _b : undefined;
|
|
647
|
+
}
|
|
648
|
+
return await _request(this.fetch, 'GET', `${this.url}/user`, {
|
|
649
|
+
headers: this.headers,
|
|
650
|
+
jwt: jwt,
|
|
651
|
+
xform: _userResponse,
|
|
681
652
|
});
|
|
682
653
|
}
|
|
683
654
|
catch (error) {
|
|
@@ -692,29 +663,27 @@ export default class GoTrueClient {
|
|
|
692
663
|
*/
|
|
693
664
|
async updateUser(attributes, options = {}) {
|
|
694
665
|
try {
|
|
695
|
-
|
|
696
|
-
|
|
697
|
-
|
|
698
|
-
|
|
699
|
-
|
|
700
|
-
|
|
701
|
-
|
|
702
|
-
|
|
703
|
-
|
|
704
|
-
|
|
705
|
-
|
|
706
|
-
|
|
707
|
-
|
|
708
|
-
|
|
709
|
-
xform: _userResponse,
|
|
710
|
-
});
|
|
711
|
-
if (userError)
|
|
712
|
-
throw userError;
|
|
713
|
-
session.user = data.user;
|
|
714
|
-
await this._saveSession(session);
|
|
715
|
-
await this._notifyAllSubscribers('USER_UPDATED', session);
|
|
716
|
-
return { data: { user: session.user }, error: null };
|
|
666
|
+
const { data: sessionData, error: sessionError } = await this.getSession();
|
|
667
|
+
if (sessionError) {
|
|
668
|
+
throw sessionError;
|
|
669
|
+
}
|
|
670
|
+
if (!sessionData.session) {
|
|
671
|
+
throw new AuthSessionMissingError();
|
|
672
|
+
}
|
|
673
|
+
const session = sessionData.session;
|
|
674
|
+
const { data, error: userError } = await _request(this.fetch, 'PUT', `${this.url}/user`, {
|
|
675
|
+
headers: this.headers,
|
|
676
|
+
redirectTo: options === null || options === void 0 ? void 0 : options.emailRedirectTo,
|
|
677
|
+
body: attributes,
|
|
678
|
+
jwt: session.access_token,
|
|
679
|
+
xform: _userResponse,
|
|
717
680
|
});
|
|
681
|
+
if (userError)
|
|
682
|
+
throw userError;
|
|
683
|
+
session.user = data.user;
|
|
684
|
+
await this._saveSession(session);
|
|
685
|
+
await this._notifyAllSubscribers('USER_UPDATED', session);
|
|
686
|
+
return { data: { user: session.user }, error: null };
|
|
718
687
|
}
|
|
719
688
|
catch (error) {
|
|
720
689
|
if (isAuthError(error)) {
|
|
@@ -790,28 +759,26 @@ export default class GoTrueClient {
|
|
|
790
759
|
* @param currentSession The current session. If passed in, it must contain a refresh token.
|
|
791
760
|
*/
|
|
792
761
|
async refreshSession(currentSession) {
|
|
762
|
+
var _a;
|
|
793
763
|
try {
|
|
794
|
-
|
|
795
|
-
|
|
796
|
-
if (!currentSession) {
|
|
797
|
-
const { data, error } = result;
|
|
798
|
-
if (error) {
|
|
799
|
-
throw error;
|
|
800
|
-
}
|
|
801
|
-
currentSession = (_a = data.session) !== null && _a !== void 0 ? _a : undefined;
|
|
802
|
-
}
|
|
803
|
-
if (!(currentSession === null || currentSession === void 0 ? void 0 : currentSession.refresh_token)) {
|
|
804
|
-
throw new AuthSessionMissingError();
|
|
805
|
-
}
|
|
806
|
-
const { session, error } = await this._callRefreshToken(currentSession.refresh_token);
|
|
764
|
+
if (!currentSession) {
|
|
765
|
+
const { data, error } = await this.getSession();
|
|
807
766
|
if (error) {
|
|
808
|
-
|
|
809
|
-
}
|
|
810
|
-
if (!session) {
|
|
811
|
-
return { data: { user: null, session: null }, error: null };
|
|
767
|
+
throw error;
|
|
812
768
|
}
|
|
813
|
-
|
|
814
|
-
}
|
|
769
|
+
currentSession = (_a = data.session) !== null && _a !== void 0 ? _a : undefined;
|
|
770
|
+
}
|
|
771
|
+
if (!(currentSession === null || currentSession === void 0 ? void 0 : currentSession.refresh_token)) {
|
|
772
|
+
throw new AuthSessionMissingError();
|
|
773
|
+
}
|
|
774
|
+
const { session, error } = await this._callRefreshToken(currentSession.refresh_token);
|
|
775
|
+
if (error) {
|
|
776
|
+
return { data: { user: null, session: null }, error: error };
|
|
777
|
+
}
|
|
778
|
+
if (!session) {
|
|
779
|
+
return { data: { user: null, session: null }, error: null };
|
|
780
|
+
}
|
|
781
|
+
return { data: { user: session.user, session }, error: null };
|
|
815
782
|
}
|
|
816
783
|
catch (error) {
|
|
817
784
|
if (isAuthError(error)) {
|
|
@@ -925,30 +892,28 @@ export default class GoTrueClient {
|
|
|
925
892
|
* If using others scope, no `SIGNED_OUT` event is fired!
|
|
926
893
|
*/
|
|
927
894
|
async signOut({ scope } = { scope: 'global' }) {
|
|
928
|
-
|
|
929
|
-
|
|
930
|
-
|
|
931
|
-
|
|
932
|
-
|
|
933
|
-
|
|
934
|
-
|
|
935
|
-
|
|
936
|
-
|
|
937
|
-
|
|
938
|
-
|
|
939
|
-
|
|
940
|
-
|
|
941
|
-
return { error };
|
|
942
|
-
}
|
|
895
|
+
var _a;
|
|
896
|
+
const { data, error: sessionError } = await this.getSession();
|
|
897
|
+
if (sessionError) {
|
|
898
|
+
return { error: sessionError };
|
|
899
|
+
}
|
|
900
|
+
const accessToken = (_a = data.session) === null || _a === void 0 ? void 0 : _a.access_token;
|
|
901
|
+
if (accessToken) {
|
|
902
|
+
const { error } = await this.admin.signOut(accessToken, scope);
|
|
903
|
+
if (error) {
|
|
904
|
+
// ignore 404s since user might not exist anymore
|
|
905
|
+
// ignore 401s since an invalid or expired JWT should sign out the current session
|
|
906
|
+
if (!(isAuthApiError(error) && (error.status === 404 || error.status === 401))) {
|
|
907
|
+
return { error };
|
|
943
908
|
}
|
|
944
909
|
}
|
|
945
|
-
|
|
946
|
-
|
|
947
|
-
|
|
948
|
-
|
|
949
|
-
|
|
950
|
-
|
|
951
|
-
}
|
|
910
|
+
}
|
|
911
|
+
if (scope !== 'others') {
|
|
912
|
+
await this._removeSession();
|
|
913
|
+
await removeItemAsync(this.storage, `${this.storageKey}-code-verifier`);
|
|
914
|
+
await this._notifyAllSubscribers('SIGNED_OUT', null);
|
|
915
|
+
}
|
|
916
|
+
return { error: null };
|
|
952
917
|
}
|
|
953
918
|
/**
|
|
954
919
|
* Receive a notification every time an auth event happens.
|
|
@@ -970,21 +935,19 @@ export default class GoTrueClient {
|
|
|
970
935
|
return { data: { subscription } };
|
|
971
936
|
}
|
|
972
937
|
async _emitInitialSession(id) {
|
|
973
|
-
|
|
974
|
-
|
|
975
|
-
|
|
976
|
-
|
|
977
|
-
|
|
978
|
-
|
|
979
|
-
|
|
980
|
-
|
|
981
|
-
|
|
982
|
-
|
|
983
|
-
|
|
984
|
-
|
|
985
|
-
|
|
986
|
-
}
|
|
987
|
-
});
|
|
938
|
+
var _a, _b;
|
|
939
|
+
try {
|
|
940
|
+
const { data: { session }, error, } = await this.getSession();
|
|
941
|
+
if (error)
|
|
942
|
+
throw error;
|
|
943
|
+
await ((_a = this.stateChangeEmitters.get(id)) === null || _a === void 0 ? void 0 : _a.callback('INITIAL_SESSION', session));
|
|
944
|
+
this._debug('INITIAL_SESSION', 'callback id', id, 'session', session);
|
|
945
|
+
}
|
|
946
|
+
catch (err) {
|
|
947
|
+
await ((_b = this.stateChangeEmitters.get(id)) === null || _b === void 0 ? void 0 : _b.callback('INITIAL_SESSION', null));
|
|
948
|
+
this._debug('INITIAL_SESSION', 'callback id', id, 'error', err);
|
|
949
|
+
console.error(err);
|
|
950
|
+
}
|
|
988
951
|
}
|
|
989
952
|
/**
|
|
990
953
|
* Sends a password reset request to an email address.
|
|
@@ -1324,19 +1287,17 @@ export default class GoTrueClient {
|
|
|
1324
1287
|
try {
|
|
1325
1288
|
const now = Date.now();
|
|
1326
1289
|
try {
|
|
1327
|
-
|
|
1328
|
-
|
|
1329
|
-
|
|
1330
|
-
|
|
1331
|
-
|
|
1332
|
-
|
|
1333
|
-
|
|
1334
|
-
|
|
1335
|
-
|
|
1336
|
-
|
|
1337
|
-
|
|
1338
|
-
}
|
|
1339
|
-
});
|
|
1290
|
+
const { data: { session }, } = await this.getSession();
|
|
1291
|
+
if (!session || !session.refresh_token || !session.expires_at) {
|
|
1292
|
+
this._debug('#_autoRefreshTokenTick()', 'no session');
|
|
1293
|
+
return;
|
|
1294
|
+
}
|
|
1295
|
+
// session will expire in this many ticks (or has already expired if <= 0)
|
|
1296
|
+
const expiresInTicks = Math.floor((session.expires_at * 1000 - now) / AUTO_REFRESH_TICK_DURATION);
|
|
1297
|
+
this._debug('#_autoRefreshTokenTick()', `access token expires in ${expiresInTicks} ticks, a tick lasts ${AUTO_REFRESH_TICK_DURATION}ms, refresh threshold is ${AUTO_REFRESH_TICK_THRESHOLD} ticks`);
|
|
1298
|
+
if (expiresInTicks <= AUTO_REFRESH_TICK_THRESHOLD) {
|
|
1299
|
+
await this._callRefreshToken(session.refresh_token);
|
|
1300
|
+
}
|
|
1340
1301
|
}
|
|
1341
1302
|
catch (e) {
|
|
1342
1303
|
console.error('Auto refresh tick failed with error. This is likely a transient error.', e);
|
|
@@ -1428,17 +1389,15 @@ export default class GoTrueClient {
|
|
|
1428
1389
|
return `${this.url}/authorize?${urlParams.join('&')}`;
|
|
1429
1390
|
}
|
|
1430
1391
|
async _unenroll(params) {
|
|
1392
|
+
var _a;
|
|
1431
1393
|
try {
|
|
1432
|
-
|
|
1433
|
-
|
|
1434
|
-
|
|
1435
|
-
|
|
1436
|
-
|
|
1437
|
-
|
|
1438
|
-
|
|
1439
|
-
headers: this.headers,
|
|
1440
|
-
jwt: (_a = sessionData === null || sessionData === void 0 ? void 0 : sessionData.session) === null || _a === void 0 ? void 0 : _a.access_token,
|
|
1441
|
-
});
|
|
1394
|
+
const { data: sessionData, error: sessionError } = await this.getSession();
|
|
1395
|
+
if (sessionError) {
|
|
1396
|
+
return { data: null, error: sessionError };
|
|
1397
|
+
}
|
|
1398
|
+
return await _request(this.fetch, 'DELETE', `${this.url}/factors/${params.factorId}`, {
|
|
1399
|
+
headers: this.headers,
|
|
1400
|
+
jwt: (_a = sessionData === null || sessionData === void 0 ? void 0 : sessionData.session) === null || _a === void 0 ? void 0 : _a.access_token,
|
|
1442
1401
|
});
|
|
1443
1402
|
}
|
|
1444
1403
|
catch (error) {
|
|
@@ -1452,30 +1411,28 @@ export default class GoTrueClient {
|
|
|
1452
1411
|
* {@see GoTrueMFAApi#enroll}
|
|
1453
1412
|
*/
|
|
1454
1413
|
async _enroll(params) {
|
|
1414
|
+
var _a, _b;
|
|
1455
1415
|
try {
|
|
1456
|
-
|
|
1457
|
-
|
|
1458
|
-
|
|
1459
|
-
|
|
1460
|
-
|
|
1461
|
-
|
|
1462
|
-
|
|
1463
|
-
|
|
1464
|
-
|
|
1465
|
-
|
|
1466
|
-
|
|
1467
|
-
|
|
1468
|
-
headers: this.headers,
|
|
1469
|
-
jwt: (_a = sessionData === null || sessionData === void 0 ? void 0 : sessionData.session) === null || _a === void 0 ? void 0 : _a.access_token,
|
|
1470
|
-
});
|
|
1471
|
-
if (error) {
|
|
1472
|
-
return { data: null, error };
|
|
1473
|
-
}
|
|
1474
|
-
if ((_b = data === null || data === void 0 ? void 0 : data.totp) === null || _b === void 0 ? void 0 : _b.qr_code) {
|
|
1475
|
-
data.totp.qr_code = `data:image/svg+xml;utf-8,${data.totp.qr_code}`;
|
|
1476
|
-
}
|
|
1477
|
-
return { data, error: null };
|
|
1416
|
+
const { data: sessionData, error: sessionError } = await this.getSession();
|
|
1417
|
+
if (sessionError) {
|
|
1418
|
+
return { data: null, error: sessionError };
|
|
1419
|
+
}
|
|
1420
|
+
const { data, error } = await _request(this.fetch, 'POST', `${this.url}/factors`, {
|
|
1421
|
+
body: {
|
|
1422
|
+
friendly_name: params.friendlyName,
|
|
1423
|
+
factor_type: params.factorType,
|
|
1424
|
+
issuer: params.issuer,
|
|
1425
|
+
},
|
|
1426
|
+
headers: this.headers,
|
|
1427
|
+
jwt: (_a = sessionData === null || sessionData === void 0 ? void 0 : sessionData.session) === null || _a === void 0 ? void 0 : _a.access_token,
|
|
1478
1428
|
});
|
|
1429
|
+
if (error) {
|
|
1430
|
+
return { data: null, error };
|
|
1431
|
+
}
|
|
1432
|
+
if ((_b = data === null || data === void 0 ? void 0 : data.totp) === null || _b === void 0 ? void 0 : _b.qr_code) {
|
|
1433
|
+
data.totp.qr_code = `data:image/svg+xml;utf-8,${data.totp.qr_code}`;
|
|
1434
|
+
}
|
|
1435
|
+
return { data, error: null };
|
|
1479
1436
|
}
|
|
1480
1437
|
catch (error) {
|
|
1481
1438
|
if (isAuthError(error)) {
|
|
@@ -1488,25 +1445,23 @@ export default class GoTrueClient {
|
|
|
1488
1445
|
* {@see GoTrueMFAApi#verify}
|
|
1489
1446
|
*/
|
|
1490
1447
|
async _verify(params) {
|
|
1448
|
+
var _a;
|
|
1491
1449
|
try {
|
|
1492
|
-
|
|
1493
|
-
|
|
1494
|
-
|
|
1495
|
-
|
|
1496
|
-
|
|
1497
|
-
}
|
|
1498
|
-
|
|
1499
|
-
|
|
1500
|
-
headers: this.headers,
|
|
1501
|
-
jwt: (_a = sessionData === null || sessionData === void 0 ? void 0 : sessionData.session) === null || _a === void 0 ? void 0 : _a.access_token,
|
|
1502
|
-
});
|
|
1503
|
-
if (error) {
|
|
1504
|
-
return { data: null, error };
|
|
1505
|
-
}
|
|
1506
|
-
await this._saveSession(Object.assign({ expires_at: Math.round(Date.now() / 1000) + data.expires_in }, data));
|
|
1507
|
-
await this._notifyAllSubscribers('MFA_CHALLENGE_VERIFIED', data);
|
|
1508
|
-
return { data, error };
|
|
1450
|
+
const { data: sessionData, error: sessionError } = await this.getSession();
|
|
1451
|
+
if (sessionError) {
|
|
1452
|
+
return { data: null, error: sessionError };
|
|
1453
|
+
}
|
|
1454
|
+
const { data, error } = await _request(this.fetch, 'POST', `${this.url}/factors/${params.factorId}/verify`, {
|
|
1455
|
+
body: { code: params.code, challenge_id: params.challengeId },
|
|
1456
|
+
headers: this.headers,
|
|
1457
|
+
jwt: (_a = sessionData === null || sessionData === void 0 ? void 0 : sessionData.session) === null || _a === void 0 ? void 0 : _a.access_token,
|
|
1509
1458
|
});
|
|
1459
|
+
if (error) {
|
|
1460
|
+
return { data: null, error };
|
|
1461
|
+
}
|
|
1462
|
+
await this._saveSession(Object.assign({ expires_at: Math.round(Date.now() / 1000) + data.expires_in }, data));
|
|
1463
|
+
await this._notifyAllSubscribers('MFA_CHALLENGE_VERIFIED', data);
|
|
1464
|
+
return { data, error };
|
|
1510
1465
|
}
|
|
1511
1466
|
catch (error) {
|
|
1512
1467
|
if (isAuthError(error)) {
|
|
@@ -1519,17 +1474,15 @@ export default class GoTrueClient {
|
|
|
1519
1474
|
* {@see GoTrueMFAApi#challenge}
|
|
1520
1475
|
*/
|
|
1521
1476
|
async _challenge(params) {
|
|
1477
|
+
var _a;
|
|
1522
1478
|
try {
|
|
1523
|
-
|
|
1524
|
-
|
|
1525
|
-
|
|
1526
|
-
|
|
1527
|
-
|
|
1528
|
-
|
|
1529
|
-
|
|
1530
|
-
headers: this.headers,
|
|
1531
|
-
jwt: (_a = sessionData === null || sessionData === void 0 ? void 0 : sessionData.session) === null || _a === void 0 ? void 0 : _a.access_token,
|
|
1532
|
-
});
|
|
1479
|
+
const { data: sessionData, error: sessionError } = await this.getSession();
|
|
1480
|
+
if (sessionError) {
|
|
1481
|
+
return { data: null, error: sessionError };
|
|
1482
|
+
}
|
|
1483
|
+
return await _request(this.fetch, 'POST', `${this.url}/factors/${params.factorId}/challenge`, {
|
|
1484
|
+
headers: this.headers,
|
|
1485
|
+
jwt: (_a = sessionData === null || sessionData === void 0 ? void 0 : sessionData.session) === null || _a === void 0 ? void 0 : _a.access_token,
|
|
1533
1486
|
});
|
|
1534
1487
|
}
|
|
1535
1488
|
catch (error) {
|
|
@@ -1577,31 +1530,29 @@ export default class GoTrueClient {
|
|
|
1577
1530
|
* {@see GoTrueMFAApi#getAuthenticatorAssuranceLevel}
|
|
1578
1531
|
*/
|
|
1579
1532
|
async _getAuthenticatorAssuranceLevel() {
|
|
1580
|
-
|
|
1581
|
-
|
|
1582
|
-
|
|
1583
|
-
|
|
1584
|
-
|
|
1585
|
-
|
|
1586
|
-
|
|
1587
|
-
|
|
1588
|
-
|
|
1589
|
-
|
|
1590
|
-
|
|
1591
|
-
|
|
1592
|
-
|
|
1593
|
-
|
|
1594
|
-
|
|
1595
|
-
|
|
1596
|
-
|
|
1597
|
-
|
|
1598
|
-
|
|
1599
|
-
|
|
1600
|
-
|
|
1601
|
-
|
|
1602
|
-
|
|
1603
|
-
return { data: { currentLevel, nextLevel, currentAuthenticationMethods }, error: null };
|
|
1604
|
-
});
|
|
1533
|
+
var _a, _b;
|
|
1534
|
+
const { data: { session }, error: sessionError, } = await this.getSession();
|
|
1535
|
+
if (sessionError) {
|
|
1536
|
+
return { data: null, error: sessionError };
|
|
1537
|
+
}
|
|
1538
|
+
if (!session) {
|
|
1539
|
+
return {
|
|
1540
|
+
data: { currentLevel: null, nextLevel: null, currentAuthenticationMethods: [] },
|
|
1541
|
+
error: null,
|
|
1542
|
+
};
|
|
1543
|
+
}
|
|
1544
|
+
const payload = this._decodeJWT(session.access_token);
|
|
1545
|
+
let currentLevel = null;
|
|
1546
|
+
if (payload.aal) {
|
|
1547
|
+
currentLevel = payload.aal;
|
|
1548
|
+
}
|
|
1549
|
+
let nextLevel = currentLevel;
|
|
1550
|
+
const verifiedFactors = (_b = (_a = session.user.factors) === null || _a === void 0 ? void 0 : _a.filter((factor) => factor.status === 'verified')) !== null && _b !== void 0 ? _b : [];
|
|
1551
|
+
if (verifiedFactors.length > 0) {
|
|
1552
|
+
nextLevel = 'aal2';
|
|
1553
|
+
}
|
|
1554
|
+
const currentAuthenticationMethods = payload.amr || [];
|
|
1555
|
+
return { data: { currentLevel, nextLevel, currentAuthenticationMethods }, error: null };
|
|
1605
1556
|
}
|
|
1606
1557
|
}
|
|
1607
1558
|
GoTrueClient.nextInstanceID = 0;
|