@take-out/better-auth-utils 0.0.66 → 0.0.68
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +74 -104
- package/dist/cjs/createAuthClient.cjs +38 -27
- package/dist/cjs/createAuthClient.js +32 -37
- package/dist/cjs/createAuthClient.js.map +2 -2
- package/dist/cjs/createAuthClient.native.js +57 -33
- package/dist/cjs/createAuthClient.native.js.map +1 -1
- package/dist/cjs/server.cjs +94 -0
- package/dist/cjs/server.js +87 -0
- package/dist/cjs/server.js.map +6 -0
- package/dist/cjs/server.native.js +196 -0
- package/dist/cjs/server.native.js.map +1 -0
- package/dist/esm/createAuthClient.js +32 -37
- package/dist/esm/createAuthClient.js.map +2 -2
- package/dist/esm/createAuthClient.mjs +38 -27
- package/dist/esm/createAuthClient.mjs.map +1 -1
- package/dist/esm/createAuthClient.native.js +57 -33
- package/dist/esm/createAuthClient.native.js.map +1 -1
- package/dist/esm/server.js +71 -0
- package/dist/esm/server.js.map +6 -0
- package/dist/esm/server.mjs +67 -0
- package/dist/esm/server.mjs.map +1 -0
- package/dist/esm/server.native.js +166 -0
- package/dist/esm/server.native.js.map +1 -0
- package/package.json +11 -4
- package/src/createAuthClient.ts +74 -70
- package/src/server.ts +149 -0
- package/types/createAuthClient.d.ts +13 -6
- package/types/createAuthClient.d.ts.map +2 -2
- package/types/server.d.ts +45 -0
- package/types/server.d.ts.map +19 -0
|
@@ -7,7 +7,8 @@ function createBetterAuthClient(options) {
|
|
|
7
7
|
createUser,
|
|
8
8
|
storagePrefix = "auth",
|
|
9
9
|
retryDelay = 4e3,
|
|
10
|
-
|
|
10
|
+
useJWT = !1,
|
|
11
|
+
authCookieNames = ["better-auth.jwt", "better-auth.session_token"],
|
|
11
12
|
...authClientOptions
|
|
12
13
|
} = options,
|
|
13
14
|
empty = {
|
|
@@ -16,19 +17,25 @@ function createBetterAuthClient(options) {
|
|
|
16
17
|
user: null,
|
|
17
18
|
token: null
|
|
18
19
|
},
|
|
20
|
+
keysStorage = createStorageValue(`${storagePrefix}-keys`),
|
|
21
|
+
stateStorage = createStorageValue(`${storagePrefix}-state`),
|
|
19
22
|
createAuthClientWithSession = session => createAuthClient({
|
|
20
23
|
...authClientOptions,
|
|
21
24
|
fetchOptions: {
|
|
22
|
-
|
|
25
|
+
credentials: "include",
|
|
26
|
+
headers: useJWT ? {
|
|
23
27
|
Authorization: `Bearer ${session}`
|
|
24
|
-
}
|
|
28
|
+
} : void 0
|
|
25
29
|
}
|
|
26
|
-
})
|
|
27
|
-
keysStorage = createStorageValue(`${storagePrefix}-keys`),
|
|
28
|
-
stateStorage = createStorageValue(`${storagePrefix}-state`);
|
|
30
|
+
});
|
|
29
31
|
let authClient = (() => {
|
|
30
32
|
const existingSession = keysStorage.get()?.session;
|
|
31
|
-
return existingSession ? createAuthClientWithSession(existingSession) : createAuthClient(
|
|
33
|
+
return existingSession ? createAuthClientWithSession(existingSession) : createAuthClient({
|
|
34
|
+
...authClientOptions,
|
|
35
|
+
fetchOptions: {
|
|
36
|
+
credentials: "include"
|
|
37
|
+
}
|
|
38
|
+
});
|
|
32
39
|
})();
|
|
33
40
|
const authState = createEmitter("authState", stateStorage.get() || empty, {
|
|
34
41
|
comparator: isEqualDeepLite
|
|
@@ -42,6 +49,9 @@ function createBetterAuthClient(options) {
|
|
|
42
49
|
stateStorage.set(next), authState.emit(next), next.token && next.session ? keysStorage.set({
|
|
43
50
|
token: next.token,
|
|
44
51
|
session: next.session.token
|
|
52
|
+
}) : next.session ? keysStorage.set({
|
|
53
|
+
token: "",
|
|
54
|
+
session: next.session.token
|
|
45
55
|
}) : keysStorage.set({
|
|
46
56
|
token: "",
|
|
47
57
|
session: ""
|
|
@@ -72,15 +82,19 @@ function createBetterAuthClient(options) {
|
|
|
72
82
|
sessionUpdate = nextState === "loading" ? {} : {
|
|
73
83
|
session: data?.session ?? null,
|
|
74
84
|
user: data?.user ? createUser ? createUser(data.user) : data.user : null
|
|
75
|
-
}
|
|
85
|
+
},
|
|
86
|
+
previousSession = authState.value?.session,
|
|
87
|
+
isNewSession = data?.session && (!previousSession || previousSession.id !== data.session.id || previousSession.userId !== data.session.userId);
|
|
76
88
|
setState({
|
|
77
89
|
state: nextState,
|
|
78
90
|
...sessionUpdate
|
|
79
|
-
}), data?.session && !authState.value.token &&
|
|
91
|
+
}), useJWT && data?.session && (isNewSession || !authState.value.token) && (isNewSession && authState.value.token && setState({
|
|
92
|
+
token: null
|
|
93
|
+
}), getValidToken().then(token => {
|
|
80
94
|
token && setState({
|
|
81
95
|
token
|
|
82
96
|
});
|
|
83
|
-
});
|
|
97
|
+
}));
|
|
84
98
|
});
|
|
85
99
|
}
|
|
86
100
|
function scheduleAuthRetry(delayMs) {
|
|
@@ -89,20 +103,6 @@ function createBetterAuthClient(options) {
|
|
|
89
103
|
}, delayMs);
|
|
90
104
|
}
|
|
91
105
|
async function getValidToken() {
|
|
92
|
-
const existing = keysStorage.get()?.token;
|
|
93
|
-
if (existing) try {
|
|
94
|
-
if ((await fetch(tokenValidationEndpoint, {
|
|
95
|
-
method: "POST",
|
|
96
|
-
headers: {
|
|
97
|
-
"Content-Type": "application/json"
|
|
98
|
-
},
|
|
99
|
-
body: JSON.stringify({
|
|
100
|
-
token: existing
|
|
101
|
-
})
|
|
102
|
-
}).then(res2 => res2.json()))?.valid) return existing;
|
|
103
|
-
} catch (error) {
|
|
104
|
-
console.error("Error validating token:", error);
|
|
105
|
-
}
|
|
106
106
|
const res = await authClient.$fetch("/token");
|
|
107
107
|
if (res.error) {
|
|
108
108
|
console.error(`Error fetching token: ${res.error.statusText}`);
|
|
@@ -111,9 +111,19 @@ function createBetterAuthClient(options) {
|
|
|
111
111
|
return res.data?.token;
|
|
112
112
|
}
|
|
113
113
|
const clearAuthClientToken = () => {
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
114
|
+
keysStorage.remove();
|
|
115
|
+
};
|
|
116
|
+
function clearAuthCookies() {
|
|
117
|
+
if (!(typeof document > "u")) for (const cookieName of authCookieNames) {
|
|
118
|
+
document.cookie = `${cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/`;
|
|
119
|
+
const domain = window.location.hostname;
|
|
120
|
+
document.cookie = `${cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=${domain}`, domain.startsWith(".") && (document.cookie = `${cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=${domain.slice(1)}`);
|
|
121
|
+
}
|
|
122
|
+
}
|
|
123
|
+
function clearAllAuth() {
|
|
124
|
+
clearAuthCookies(), clearState();
|
|
125
|
+
}
|
|
126
|
+
const getAuth = () => {
|
|
117
127
|
const state = authState?.value || empty;
|
|
118
128
|
return {
|
|
119
129
|
...state,
|
|
@@ -144,6 +154,7 @@ function createBetterAuthClient(options) {
|
|
|
144
154
|
authClient: proxiedAuthClient,
|
|
145
155
|
setAuthClientToken,
|
|
146
156
|
clearAuthClientToken,
|
|
157
|
+
clearAllAuth,
|
|
147
158
|
useAuth,
|
|
148
159
|
getAuth,
|
|
149
160
|
getValidToken,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["createEmitter","createStorageValue","isEqualDeepLite","useEmitterValue","createAuthClient","createBetterAuthClient","options","onAuthStateChange","onAuthError","createUser","storagePrefix","retryDelay","
|
|
1
|
+
{"version":3,"names":["createEmitter","createStorageValue","isEqualDeepLite","useEmitterValue","createAuthClient","createBetterAuthClient","options","onAuthStateChange","onAuthError","createUser","storagePrefix","retryDelay","useJWT","authCookieNames","authClientOptions","empty","state","session","user","token","keysStorage","stateStorage","createAuthClientWithSession","fetchOptions","credentials","headers","Authorization","authClient","existingSession","get","authState","comparator","authClientVersion","setState","update","next","value","set","emit","setAuthClientToken","props","updateAuthClient","Math","random","subscribeToAuthEffect","dispose","retryTimer","useSession","subscribe","data","dataGeneric","isPending","error","scheduleAuthRetry","hasPersistedSession","nextState","sessionUpdate","previousSession","isNewSession","id","userId","getValidToken","then","delayMs","clearTimeout","setTimeout","res","$fetch","console","statusText","clearAuthClientToken","remove","clearAuthCookies","document","cookieName","cookie","domain","window","location","hostname","startsWith","slice","clearAllAuth","clearState","getAuth","loggedIn","useAuth","addEventListener","cleanup","proxiedAuthClient","Proxy","_target","key","signOut","reload","Reflect"],"sources":["../../src/createAuthClient.ts"],"sourcesContent":[null],"mappings":"AAUA,SACEA,aAAA,EACAC,kBAAA,EAEAC,eAAA,EACAC,eAAA,QACK;AACP,SAAuCC,gBAAA,QAAwB;AAmFxD,SAASC,uBACdC,OAAA,EACoF;EAEpF,MAAM;MACJC,iBAAA;MACAC,WAAA;MACAC,UAAA;MACAC,aAAA,GAAgB;MAChBC,UAAA,GAAa;MACbC,MAAA,GAAS;MACTC,eAAA,GAAkB,CAAC,mBAAmB,2BAA2B;MACjE,GAAGC;IACL,IAAIR,OAAA;IAEES,KAAA,GAA0B;MAC9BC,KAAA,EAAO;MACPC,OAAA,EAAS;MACTC,IAAA,EAAM;MACNC,KAAA,EAAO;IACT;IAEMC,WAAA,GAAcnB,kBAAA,CAAgC,GAAGS,aAAa,OAAO;IACrEW,YAAA,GAAepB,kBAAA,CAAqC,GAAGS,aAAa,QAAQ;IAE5EY,2BAAA,GAA+BL,OAAA,IAC5Bb,gBAAA,CAAiB;MACtB,GAAGU,iBAAA;MACHS,YAAA,EAAc;QACZC,WAAA,EAAa;QACbC,OAAA,EAASb,MAAA,GAAS;UAAEc,aAAA,EAAe,UAAUT,OAAO;QAAG,IAAI;MAC7D;IACF,CAAC;EAGH,IAAIU,UAAA,IAAc,MAAM;IACtB,MAAMC,eAAA,GAAkBR,WAAA,CAAYS,GAAA,CAAI,GAAGZ,OAAA;IAC3C,OAAOW,eAAA,GACHN,2BAAA,CAA4BM,eAAe,IAC3CxB,gBAAA,CAAiB;MACf,GAAGU,iBAAA;MACHS,YAAA,EAAc;QAAEC,WAAA,EAAa;MAAU;IACzC,CAAS;EACf,GAAG;EAEH,MAAMM,SAAA,GAAY9B,aAAA,CAChB,aACAqB,YAAA,CAAaQ,GAAA,CAAI,KAAKd,KAAA,EACtB;MAAEgB,UAAA,EAAY7B;IAAgB,CAChC;IAEM8B,iBAAA,GAAoBhC,aAAA,CAAsB,qBAAqB,CAAC;IAEhEiC,QAAA,GAAYC,MAAA,IAAsC;MAEtD,MAAMC,IAAA,GAAO;QAAE,GADCL,SAAA,CAAUM,KAAA;QACC,GAAGF;MAAO;MACrCb,YAAA,CAAagB,GAAA,CAAIF,IAAI,GACrBL,SAAA,CAAUQ,IAAA,CAAKH,IAAI,GAGfA,IAAA,CAAKhB,KAAA,IAASgB,IAAA,CAAKlB,OAAA,GACrBG,WAAA,CAAYiB,GAAA,CAAI;QACdlB,KAAA,EAAOgB,IAAA,CAAKhB,KAAA;QACZF,OAAA,EAASkB,IAAA,CAAKlB,OAAA,CAAQE;MACxB,CAAC,IACQgB,IAAA,CAAKlB,OAAA,GACdG,WAAA,CAAYiB,GAAA,CAAI;QACdlB,KAAA,EAAO;QACPF,OAAA,EAASkB,IAAA,CAAKlB,OAAA,CAAQE;MACxB,CAAC,IAEDC,WAAA,CAAYiB,GAAA,CAAI;QAAElB,KAAA,EAAO;QAAIF,OAAA,EAAS;MAAG,CAAC,GAG5CV,iBAAA,GAAoB4B,IAAI;IAC1B;IAEMI,kBAAA,GAAqB,MAAOC,KAAA,IAA8C;MAC9EpB,WAAA,CAAYiB,GAAA,CAAIG,KAAK,GACrBC,gBAAA,CAAiBD,KAAA,CAAMvB,OAAO;IAChC;EAEA,SAASwB,iBAAiBxB,OAAA,EAAiB;IACzCU,UAAA,GAAaL,2BAAA,CAA4BL,OAAO,GAChDe,iBAAA,CAAkBM,IAAA,CAAKI,IAAA,CAAKC,MAAA,CAAO,CAAC,GACpCC,qBAAA,CAAsB;EACxB;EAEA,IAAIC,OAAA,GAA2B;IAC3BC,UAAA,GAAmD;EAEvD,SAASF,sBAAA,EAAwB;IAC/BC,OAAA,GAAU,GAEVA,OAAA,GAAUlB,UAAA,CAAWoB,UAAA,CAAWC,SAAA,CAAU,MAAOR,KAAA,IAAU;MACzD,MAAM;QAAES,IAAA,EAAMC,WAAA;QAAaC,SAAA;QAAWC;MAAM,IAAIZ,KAAA;MAEhD,IAAIY,KAAA,EAAO;QACT5C,WAAA,GAAc4C,KAAK,GACnBC,iBAAA,CAAkB1C,UAAU;QAC5B;MACF;MAEA,MAAMsC,IAAA,GAAOC,WAAA;QAQPI,mBAAA,GAAsB,CAAC,CAAClC,WAAA,CAAYS,GAAA,CAAI,GAAGZ,OAAA;QAC3CsC,SAAA,GAAYJ,SAAA,GACd,YACAF,IAAA,EAAMhC,OAAA,GACJ,cACAqC,mBAAA,IAAuBL,IAAA,KAAS,SAC9B,YACA;QAGFO,aAAA,GACJD,SAAA,KAAc,YACV,CAAC,IACD;UACEtC,OAAA,EAASgC,IAAA,EAAMhC,OAAA,IAAW;UAC1BC,IAAA,EAAM+B,IAAA,EAAM/B,IAAA,GAAQT,UAAA,GAAaA,UAAA,CAAWwC,IAAA,CAAK/B,IAAI,IAAI+B,IAAA,CAAK/B,IAAA,GAAQ;QACxE;QAGAuC,eAAA,GAAkB3B,SAAA,CAAUM,KAAA,EAAOnB,OAAA;QACnCyC,YAAA,GACJT,IAAA,EAAMhC,OAAA,KACL,CAACwC,eAAA,IACAA,eAAA,CAAgBE,EAAA,KAAOV,IAAA,CAAKhC,OAAA,CAAQ0C,EAAA,IACpCF,eAAA,CAAgBG,MAAA,KAAWX,IAAA,CAAKhC,OAAA,CAAQ2C,MAAA;MAE5C3B,QAAA,CAAS;QACPjB,KAAA,EAAOuC,SAAA;QACP,GAAGC;MACL,CAAC,GAGG5C,MAAA,IAAUqC,IAAA,EAAMhC,OAAA,KAAYyC,YAAA,IAAgB,CAAC5B,SAAA,CAAUM,KAAA,CAAMjB,KAAA,MAC3DuC,YAAA,IAAgB5B,SAAA,CAAUM,KAAA,CAAMjB,KAAA,IAClCc,QAAA,CAAS;QAAEd,KAAA,EAAO;MAAK,CAAC,GAG1B0C,aAAA,CAAc,EAAEC,IAAA,CAAM3C,KAAA,IAAU;QAC1BA,KAAA,IACFc,QAAA,CAAS;UAAEd;QAAM,CAAC;MAEtB,CAAC;IAEL,CAAC;EACH;EAEA,SAASkC,kBAAkBU,OAAA,EAAiB;IACtCjB,UAAA,IAAYkB,YAAA,CAAalB,UAAU,GACvCA,UAAA,GAAamB,UAAA,CAAW,MAAM;MAC5BnB,UAAA,GAAa,MACbF,qBAAA,CAAsB;IACxB,GAAGmB,OAAO;EACZ;EAEA,eAAeF,cAAA,EAA6C;IAC1D,MAAMK,GAAA,GAAM,MAAMvC,UAAA,CAAWwC,MAAA,CAAO,QAAQ;IAC5C,IAAID,GAAA,CAAId,KAAA,EAAO;MACbgB,OAAA,CAAQhB,KAAA,CAAM,yBAAyBc,GAAA,CAAId,KAAA,CAAMiB,UAAU,EAAE;MAC7D;IACF;IACA,OAAQH,GAAA,CAAIjB,IAAA,EAAc9B,KAAA;EAC5B;EAEA,MAAMmD,oBAAA,GAAuBA,CAAA,KAAM;IACjClD,WAAA,CAAYmD,MAAA,CAAO;EACrB;EAEA,SAASC,iBAAA,EAAmB;IAC1B,IAAI,SAAOC,QAAA,GAAa,MAExB,WAAWC,UAAA,IAAc7D,eAAA,EAAiB;MACxC4D,QAAA,CAASE,MAAA,GAAS,GAAGD,UAAU;MAC/B,MAAME,MAAA,GAASC,MAAA,CAAOC,QAAA,CAASC,QAAA;MAC/BN,QAAA,CAASE,MAAA,GAAS,GAAGD,UAAU,4DAA4DE,MAAM,IAC7FA,MAAA,CAAOI,UAAA,CAAW,GAAG,MACvBP,QAAA,CAASE,MAAA,GAAS,GAAGD,UAAU,4DAA4DE,MAAA,CAAOK,KAAA,CAAM,CAAC,CAAC;IAE9G;EACF;EAEA,SAASC,aAAA,EAAe;IACtBV,gBAAA,CAAiB,GACjBW,UAAA,CAAW;EACb;EAEA,MAAMC,OAAA,GAAUA,CAAA,KAAM;MACpB,MAAMpE,KAAA,GAAQc,SAAA,EAAWM,KAAA,IAASrB,KAAA;MAClC,OAAO;QAAE,GAAGC,KAAA;QAAOqE,QAAA,EAAU,CAAC,CAACrE,KAAA,CAAMC;MAAQ;IAC/C;IAEMqE,OAAA,GAAUA,CAAA,KACPnF,eAAA,CAAgB2B,SAAS,KAAKf,KAAA;EAGvC,SAASoE,WAAA,EAAa;IACpB/D,WAAA,CAAYmD,MAAA,CAAO,GACnBlD,YAAA,CAAakD,MAAA,CAAO,GACpBtC,QAAA,CAASlB,KAAK;EAChB;EAIA,IAFA6B,qBAAA,CAAsB,GAElB,OAAOiC,MAAA,GAAW,OAAeA,MAAA,CAAOU,gBAAA,EAAkB;IAC5D,MAAMC,OAAA,GAAUA,CAAA,KAAM;MACpB3C,OAAA,GAAU,GACNC,UAAA,IAAYkB,YAAA,CAAalB,UAAU;IACzC;IACA+B,MAAA,CAAOU,gBAAA,CAAiB,gBAAgBC,OAAO;EACjD;EAEA,MAAMC,iBAAA,GAAoB,IAAIC,KAAA,CAAM/D,UAAA,EAAY;IAC9CE,IAAI8D,OAAA,EAASC,GAAA,EAAK;MAChB,OAAIA,GAAA,KAAQ,YACH,MAAM;QACXT,UAAA,CAAW,GAEXxD,UAAA,CAAWkE,OAAA,GAAU,GACjB,OAAOhB,MAAA,GAAW,OACpBA,MAAA,CAAOC,QAAA,EAAUgB,MAAA,GAAS;MAE9B,IAEKC,OAAA,CAAQlE,GAAA,CAAIF,UAAA,EAAYiE,GAAG;IACpC;EACF,CAAC;EAED,OAAO;IACL5D,iBAAA;IACAmD,UAAA;IACArD,SAAA;IACAH,UAAA,EAAY8D,iBAAA;IACZlD,kBAAA;IACA+B,oBAAA;IACAY,YAAA;IACAI,OAAA;IACAF,OAAA;IACAvB,aAAA;IACApB;EACF;AACF","ignoreList":[]}
|
|
@@ -7,7 +7,8 @@ function createBetterAuthClient(options) {
|
|
|
7
7
|
createUser,
|
|
8
8
|
storagePrefix = "auth",
|
|
9
9
|
retryDelay = 4e3,
|
|
10
|
-
|
|
10
|
+
useJWT = !1,
|
|
11
|
+
authCookieNames = ["better-auth.jwt", "better-auth.session_token"],
|
|
11
12
|
...authClientOptions
|
|
12
13
|
} = options,
|
|
13
14
|
empty = {
|
|
@@ -16,22 +17,28 @@ function createBetterAuthClient(options) {
|
|
|
16
17
|
user: null,
|
|
17
18
|
token: null
|
|
18
19
|
},
|
|
20
|
+
keysStorage = createStorageValue(`${storagePrefix}-keys`),
|
|
21
|
+
stateStorage = createStorageValue(`${storagePrefix}-state`),
|
|
19
22
|
createAuthClientWithSession = function (session) {
|
|
20
23
|
return createAuthClient({
|
|
21
24
|
...authClientOptions,
|
|
22
25
|
fetchOptions: {
|
|
23
|
-
|
|
26
|
+
credentials: "include",
|
|
27
|
+
headers: useJWT ? {
|
|
24
28
|
Authorization: `Bearer ${session}`
|
|
25
|
-
}
|
|
29
|
+
} : void 0
|
|
26
30
|
}
|
|
27
31
|
});
|
|
28
32
|
},
|
|
29
|
-
keysStorage = createStorageValue(`${storagePrefix}-keys`),
|
|
30
|
-
stateStorage = createStorageValue(`${storagePrefix}-state`),
|
|
31
33
|
authClient = function () {
|
|
32
34
|
var _keysStorage_get,
|
|
33
35
|
existingSession = (_keysStorage_get = keysStorage.get()) === null || _keysStorage_get === void 0 ? void 0 : _keysStorage_get.session;
|
|
34
|
-
return existingSession ? createAuthClientWithSession(existingSession) : createAuthClient(
|
|
36
|
+
return existingSession ? createAuthClientWithSession(existingSession) : createAuthClient({
|
|
37
|
+
...authClientOptions,
|
|
38
|
+
fetchOptions: {
|
|
39
|
+
credentials: "include"
|
|
40
|
+
}
|
|
41
|
+
});
|
|
35
42
|
}(),
|
|
36
43
|
authState = createEmitter("authState", stateStorage.get() || empty, {
|
|
37
44
|
comparator: isEqualDeepLite
|
|
@@ -46,6 +53,9 @@ function createBetterAuthClient(options) {
|
|
|
46
53
|
stateStorage.set(next), authState.emit(next), next.token && next.session ? keysStorage.set({
|
|
47
54
|
token: next.token,
|
|
48
55
|
session: next.session.token
|
|
56
|
+
}) : next.session ? keysStorage.set({
|
|
57
|
+
token: "",
|
|
58
|
+
session: next.session.token
|
|
49
59
|
}) : keysStorage.set({
|
|
50
60
|
token: "",
|
|
51
61
|
session: ""
|
|
@@ -62,6 +72,7 @@ function createBetterAuthClient(options) {
|
|
|
62
72
|
function subscribeToAuthEffect() {
|
|
63
73
|
dispose?.(), dispose = authClient.useSession.subscribe(async function (props) {
|
|
64
74
|
var _keysStorage_get,
|
|
75
|
+
_authState_value,
|
|
65
76
|
{
|
|
66
77
|
data: dataGeneric,
|
|
67
78
|
isPending,
|
|
@@ -78,15 +89,19 @@ function createBetterAuthClient(options) {
|
|
|
78
89
|
sessionUpdate = nextState === "loading" ? {} : {
|
|
79
90
|
session: (_data_session = data?.session) !== null && _data_session !== void 0 ? _data_session : null,
|
|
80
91
|
user: data?.user ? createUser ? createUser(data.user) : data.user : null
|
|
81
|
-
}
|
|
92
|
+
},
|
|
93
|
+
previousSession = (_authState_value = authState.value) === null || _authState_value === void 0 ? void 0 : _authState_value.session,
|
|
94
|
+
isNewSession = data?.session && (!previousSession || previousSession.id !== data.session.id || previousSession.userId !== data.session.userId);
|
|
82
95
|
setState({
|
|
83
96
|
state: nextState,
|
|
84
97
|
...sessionUpdate
|
|
85
|
-
}), data?.session && !authState.value.token &&
|
|
98
|
+
}), useJWT && data?.session && (isNewSession || !authState.value.token) && (isNewSession && authState.value.token && setState({
|
|
99
|
+
token: null
|
|
100
|
+
}), getValidToken().then(function (token) {
|
|
86
101
|
token && setState({
|
|
87
102
|
token
|
|
88
103
|
});
|
|
89
|
-
});
|
|
104
|
+
}));
|
|
90
105
|
});
|
|
91
106
|
}
|
|
92
107
|
function scheduleAuthRetry(delayMs) {
|
|
@@ -95,36 +110,44 @@ function createBetterAuthClient(options) {
|
|
|
95
110
|
}, delayMs);
|
|
96
111
|
}
|
|
97
112
|
async function getValidToken() {
|
|
98
|
-
var
|
|
99
|
-
|
|
100
|
-
if (existing) try {
|
|
101
|
-
var response = await fetch(tokenValidationEndpoint, {
|
|
102
|
-
method: "POST",
|
|
103
|
-
headers: {
|
|
104
|
-
"Content-Type": "application/json"
|
|
105
|
-
},
|
|
106
|
-
body: JSON.stringify({
|
|
107
|
-
token: existing
|
|
108
|
-
})
|
|
109
|
-
}).then(function (res2) {
|
|
110
|
-
return res2.json();
|
|
111
|
-
});
|
|
112
|
-
if (response?.valid) return existing;
|
|
113
|
-
} catch (error) {
|
|
114
|
-
console.error("Error validating token:", error);
|
|
115
|
-
}
|
|
116
|
-
var res = await authClient.$fetch("/token");
|
|
113
|
+
var _res_data,
|
|
114
|
+
res = await authClient.$fetch("/token");
|
|
117
115
|
if (res.error) {
|
|
118
116
|
console.error(`Error fetching token: ${res.error.statusText}`);
|
|
119
117
|
return;
|
|
120
118
|
}
|
|
121
|
-
|
|
122
|
-
return data?.token;
|
|
119
|
+
return (_res_data = res.data) === null || _res_data === void 0 ? void 0 : _res_data.token;
|
|
123
120
|
}
|
|
124
121
|
var clearAuthClientToken = function () {
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
122
|
+
keysStorage.remove();
|
|
123
|
+
};
|
|
124
|
+
function clearAuthCookies() {
|
|
125
|
+
if (!(typeof document > "u")) {
|
|
126
|
+
var _iteratorNormalCompletion = !0,
|
|
127
|
+
_didIteratorError = !1,
|
|
128
|
+
_iteratorError = void 0;
|
|
129
|
+
try {
|
|
130
|
+
for (var _iterator = authCookieNames[Symbol.iterator](), _step; !(_iteratorNormalCompletion = (_step = _iterator.next()).done); _iteratorNormalCompletion = !0) {
|
|
131
|
+
var cookieName = _step.value;
|
|
132
|
+
document.cookie = `${cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/`;
|
|
133
|
+
var domain = window.location.hostname;
|
|
134
|
+
document.cookie = `${cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=${domain}`, domain.startsWith(".") && (document.cookie = `${cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=${domain.slice(1)}`);
|
|
135
|
+
}
|
|
136
|
+
} catch (err) {
|
|
137
|
+
_didIteratorError = !0, _iteratorError = err;
|
|
138
|
+
} finally {
|
|
139
|
+
try {
|
|
140
|
+
!_iteratorNormalCompletion && _iterator.return != null && _iterator.return();
|
|
141
|
+
} finally {
|
|
142
|
+
if (_didIteratorError) throw _iteratorError;
|
|
143
|
+
}
|
|
144
|
+
}
|
|
145
|
+
}
|
|
146
|
+
}
|
|
147
|
+
function clearAllAuth() {
|
|
148
|
+
clearAuthCookies(), clearState();
|
|
149
|
+
}
|
|
150
|
+
var getAuth = function () {
|
|
128
151
|
var state = authState?.value || empty;
|
|
129
152
|
return {
|
|
130
153
|
...state,
|
|
@@ -161,6 +184,7 @@ function createBetterAuthClient(options) {
|
|
|
161
184
|
authClient: proxiedAuthClient,
|
|
162
185
|
setAuthClientToken,
|
|
163
186
|
clearAuthClientToken,
|
|
187
|
+
clearAllAuth,
|
|
164
188
|
useAuth,
|
|
165
189
|
getAuth,
|
|
166
190
|
getValidToken,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["createEmitter","createStorageValue","isEqualDeepLite","useEmitterValue","createAuthClient","createBetterAuthClient","options","onAuthStateChange","onAuthError","createUser","storagePrefix","retryDelay","
|
|
1
|
+
{"version":3,"names":["createEmitter","createStorageValue","isEqualDeepLite","useEmitterValue","createAuthClient","createBetterAuthClient","options","onAuthStateChange","onAuthError","createUser","storagePrefix","retryDelay","useJWT","authCookieNames","authClientOptions","empty","state","session","user","token","keysStorage","stateStorage","createAuthClientWithSession","fetchOptions","credentials","headers","Authorization","authClient","_keysStorage_get","existingSession","get","authState","comparator","authClientVersion","setState","update","current","value","next","set","emit","setAuthClientToken","props","updateAuthClient","Math","random","subscribeToAuthEffect","dispose","retryTimer","useSession","subscribe","_authState_value","data","dataGeneric","isPending","error","scheduleAuthRetry","hasPersistedSession","nextState","_data_session","sessionUpdate","previousSession","isNewSession","id","userId","getValidToken","then","delayMs","clearTimeout","setTimeout","_res_data","res","$fetch","console","statusText","clearAuthClientToken","remove","clearAuthCookies","document","_iteratorNormalCompletion","_didIteratorError","_iteratorError","_iterator","Symbol","iterator","_step","done","cookieName","cookie","domain","window","location","hostname","startsWith","slice","err","return","clearAllAuth","clearState","getAuth","loggedIn","useAuth","addEventListener","cleanup","proxiedAuthClient","Proxy"],"sources":["../../src/createAuthClient.ts"],"sourcesContent":[null],"mappings":"AAUA,SAAAA,aAAA,EAAAC,kBAAA,EAAAC,eAAA,EAAAC,eAAA;AAAA,SACEC,gBAAA;AAAA,SACAC,uBAAAC,OAAA;EAEA;MAAAC,iBAAA;MAAAC,WAAA;MAAAC,UAAA;MAAAC,aAAA;MAAAC,UAAA;MAAAC,MAAA;MAAAC,eAAA,IACA,8CACK,CACP;MAAA,GAAAC;IAAuC,IAAAR,OAAwB;IAAAS,KAAA;MAmFxDC,KAAS;MAIdC,OAAM;MACJC,IAAA;MACAC,KAAA;IAAA;IACAC,WAAA,GAAAnB,kBAAA,IAAAS,aAAA;IAAAW,YAAA,GAAApB,kBAAA,IAAAS,aAAA;IAAAY,2BAAA,YAAAA,CAAAL,OAAA;MACA,OAAAb,gBAAgB;QAChB,GAAAU,iBAAa;QACbS,YAAS;UACTC,WAAA,WAAmB;UAChBC,OAAA,EAAAb,MAAA;YACDc,aAE4B,YAAAT,OAAA;UAC9B,IAAO;QACP;MACA;IAAM;IACNU,UAAO;MACT,IAEMC,gBAAc;QAAAC,eAAmC,IAAAD,gBAAoB,GACrER,WAAA,CAAAU,GAAe,gBAAAF,gBAAwC,KAAa,MAAQ,GAE5E,SAAAA,gBAAA,CAAAX,OAA+B;MAEjC,OAAGY,eAAA,GAAAP,2BAAA,CAAAO,eAAA,IAAAzB,gBAAA;QACH,GAAAU,iBAAc;QACZS,YAAA,EAAa;UACbC,WAAS;QACX;MACD;IAGH,GAAI;IAAAO,SAAA,GAAc/B,aAAM,cAAAqB,YAAA,CAAAS,GAAA,MAAAf,KAAA;MACtBiB,UAAM,EAAA9B;IACN;IAAA+B,iBAAO,GAAAjC,aACH,oBAA4B;IAAAkC,QAAe,GAC3C,SAAAA,CAAAC,MAAA,EAAiB;MAAA,IACfC,OAAG,GAAAL,SAAA,CAAAM,KAAA;QAAAC,IAAA;UACH,GAAAF,OAAA;UACO,GAAAD;QACf,CAAG;MAEHd,YAAM,CAAAkB,GAAY,CAAAD,IAAA,GAAAP,SAAA,CAAAS,IAAA,CAAAF,IAAA,GAAAA,IAAA,CAAAnB,KAAA,IAAAmB,IAAA,CAAArB,OAAA,GAAAG,WAAA,CAAAmB,GAAA;QAChBpB,KAAA,EAAAmB,IAAA,CAAAnB,KAAA;QACAF,OAAA,EAAAqB,IAAa,CAAArB,OAAS,CAAAE;MACtB,EAAE,GAAAmB,IAAA,CAAArB,OAAY,GAAAG,WAAgB,CAAAmB,GAAA;QAG1BpB,KAAA;QAIJF,OAAM,EAAAqB,IAAS,CAAArB,OADC,CAAAE;MAEhB,KAAAC,WAAa,CAAImB,GAAA,CAAI;QAMjBpB,KAAA,EAAO;QACPF,OAAA,EAAS;MACX,CAAC,GAAAV,iBAED,GAAA+B,IAAA;IAAgB;IAAAG,kBACP,kBAAAA,CAAAC,KAAA;MAAAtB,WACE,CAAAmB,GAAA,CAAKG,KAAA,GAAQC,gBAAA,CAAAD,KAAA,CAAAzB,OAAA;IAAA;EAO5B,SAEM0B,gBAAqBA,CAAA1B,OAAO;IAChCU,UAAA,GAAYL,2BACZ,CAAiBL,OAAM,GAAAgB,iBAAO,CAAAO,IAAA,CAAAI,IAAA,CAAAC,MAAA,KAAAC,qBAAA;EAChC;EAEA,IAAAC,OAAS;IAAAC,UAAiB,OAAiB;EACzC,SAAAF,qBAAaA,CAAA;IAGfC,OAAA,MAAAA,OAAA,GAAApB,UAAA,CAAAsB,UAAA,CAAAC,SAAA,iBAAAR,KAAA;MAEI,IAAAd,gBACA;QAAAuB,gBAAmD;QAAA;UAAAC,IAAA,EAAAC,WAAA;UAAAC,SAAA;UAAAC;QAAA,IAAAb,KAAA;MAEvD,IAAAa,KAAS;QACP/C,WAEA,GAAA+C,KAAU,GAAAC,iBAAW,CAAA7C,UAAW,CAAU;QACxC;MAEA;MACE,IAAAyC,IAAA,GAAAC,WAAmB;QACnBI,mBAAkB,SAAU7B,gBAAA,GAAAR,WAAA,CAAAU,GAAA,gBAAAF,gBAAA,gBAAAA,gBAAA,CAAAX,OAAA;QAAAyC,SAAA,GAAAJ,SAAA,eAAAF,IAAA,EAAAnC,OAAA,iBAAAwC,mBAAA,IAAAL,IAAA;QAAAO,aAAA;QAAAC,aAAA,GAAAF,SAAA;UAC5BzC,OAAA,GAAA0C,aAAA,GAAAP,IAAA,EAAAnC,OAAA,cAAA0C,aAAA,cAAAA,aAAA;UACFzC,IAAA,EAAAkC,IAAA,EAAAlC,IAAA,GAAAT,UAAA,GAAAA,UAAA,CAAA2C,IAAA,CAAAlC,IAAA,IAAAkC,IAAA,CAAAlC,IAAA;QAEA;QAAA2C,eAAa,IAAAV,gBAQP,GAAApB,SAAwB,CAAAM,KAAA,MAAY,IAAI,IAAGc,gBAC3C,KAAY,cACd,IAAAA,gBACM,CAAAlC,OACJ;QAAA6C,YACA,GAAAV,IAAA,EAAAnC,OAAA,KAAuB,CAAA4C,eAAS,IAC9BA,eACA,CAAAE,EAAA,KAGFX,IAAA,CAAAnC,OAAA,CAAA8C,EAAA,IACJF,eAAc,CAAAG,MAAA,KACTZ,IACD,CAAAnC,OAAA,CAAA+C,MAAA;MAAA9B,QACE;QACAlB,KAAA,EAAM0C,SAAM;QACd,GAGAE;MAON,IAAAhD,MAAS,IAAAwC,IAAA,EAAAnC,OAAA,KAAA6C,YAAA,KAAA/B,SAAA,CAAAM,KAAA,CAAAlB,KAAA,MAAA2C,YAAA,IAAA/B,SAAA,CAAAM,KAAA,CAAAlB,KAAA,IAAAe,QAAA;QACPf,KAAA,EAAO;MAAA,EACP,EAAA8C,aAAG,GAAAC,IAAA,WAAA/C,KAAA;QACJA,KAGG,IAAAe,QAAU,CAAM;UAMZf;QAGL;MAEJ;IACH;EAEA;EACE,SAAIqC,iBAAYA,CAAAW,OAAa;IAE3BnB,UAAA,IAAAoB,YACA,CAAApB,UAAA,GAAAA,UAAsB,GAAAqB,UAAA;MACxBrB,UAAU,SAAAF,qBAAA;IACZ,GAAAqB,OAAA;EAEA;EACE,eAAYF,aAAMA,CAAA,EAAW;IAC7B,IAAIK,SAAI;MAAOC,GAAA,SAAA5C,UAAA,CAAA6C,MAAA;IACb,IAAAD,GAAA,CAAAhB,KAAQ;MACRkB,OAAA,CAAAlB,KAAA,0BAAAgB,GAAA,CAAAhB,KAAA,CAAAmB,UAAA;MACF;IACA;IACF,QAAAJ,SAAA,GAAAC,GAAA,CAAAnB,IAAA,cAAAkB,SAAA,uBAAAA,SAAA,CAAAnD,KAAA;EAEA;EACE,IAAAwD,oBAAmB,YAAAA,CAAA;IACrBvD,WAAA,CAAAwD,MAAA;EAEA;EACE,SAAIC,gBAAOA,CAAA,EAAa;IAExB,aAAWC,QAAA,MAAc;MACvB,IAAAC,yBAAqB,IAAU;QAAAC,iBAAA;QAAAC,cAAA;MAC/B;QACA,SAASC,SAAS,GAAGrE,eAAU,CAAAsE,MAAA,CAAAC,QAAA,KAAAC,KAAA,IAAAN,yBAA4D,IAAAM,KAAM,GAC7FH,SAAO,CAAA5C,IAAA,EAAW,EAAAgD,IAAG,GACvBP,yBAAqB,OAAU;UAEnC,IAAAQ,UAAA,GAAAF,KAAA,CAAAhD,KAAA;UACFyC,QAAA,CAAAU,MAAA,MAAAD,UAAA;UAEA,IAASE,MAAA,GAAAC,MAAe,CAAAC,QAAA,CAAAC,QAAA;UACtBd,QAAA,CAAAU,MACA,MAAAD,UAAW,4DAAAE,MAAA,IAAAA,MAAA,CAAAI,UAAA,UAAAf,QAAA,CAAAU,MAAA,MAAAD,UAAA,4DAAAE,MAAA,CAAAK,KAAA;QACb;MAEA,EAAM,OAAAC,GAAU;QACdf,iBAAc,IAAW,GAAAC,cAAS,GAAAc,GAAA;MAClC,UAAY;QAGR;UAIN,CAAShB,yBAAa,IAAAG,SAAA,CAAAc,MAAA,YAAAd,SAAA,CAAAc,MAAA;QACpB,UAAY;UAGd,IAAAhB,iBAAA,EAEA,MAAAC,cAEI;QACF;MACE;IAEF;EACA;EACF,SAAAgB,aAAA;IAEApB,gBAAM,IAAAqB,UAAwB;EAAkB;EAE5C,IAAAC,OAAI,YAAAA,CAAA,EAAQ;MAER,IAAAnF,KAAA,GAAAe,SAEA,EAAAM,KAAA,IAAWtB,KAAA;MAEiB,OAIzB;QACT,GAAAC,KAAA;QACDoF,QAAA,IAAApF,KAAA,CAAAC;MAED;IAAO;IACLoF,OAAA,YAAAA,CAAA;MACA,OAAAlG,eAAA,CAAA4B,SAAA,KAAAhB,KAAA;IAAA;EACA,SACAmF,UAAYA,CAAA;IACZ9E,WAAA,CAAAwD,MAAA,IAAAvD,YAAA,CAAAuD,MAAA,IAAA1C,QAAA,CAAAnB,KAAA;EAAA;EACA,IACA+B,qBAAA,WAAA4C,MAAA,UAAAA,MAAA,CAAAY,gBAAA;IACA,IAAAC,OAAA,YAAAA,CAAA;MACAxD,OAAA,MAAAC,UAAA,IAAAoB,YAAA,CAAApB,UAAA;IACA;IACA0C,MAAA,CAAAY,gBAAA,iBAAAC,OAAA;EACF;EACF,IAAAC,iBAAA,OAAAC,KAAA,CAAA9E,UAAA","ignoreList":[]}
|
|
@@ -0,0 +1,71 @@
|
|
|
1
|
+
import { createRemoteJWKSet, jwtVerify } from "jose";
|
|
2
|
+
class NotAuthenticatedError extends Error {
|
|
3
|
+
}
|
|
4
|
+
class InvalidTokenError extends Error {
|
|
5
|
+
}
|
|
6
|
+
async function getAuthDataFromRequest(authServer, req, tokenOptions) {
|
|
7
|
+
const authHeader = req.headers.get("authorization"), cookie = authHeader?.split("Bearer ")[1], newHeaders = new Headers(req.headers);
|
|
8
|
+
cookie && newHeaders.set("Cookie", cookie);
|
|
9
|
+
try {
|
|
10
|
+
const session = await authServer.api.getSession({ headers: newHeaders });
|
|
11
|
+
if (session?.user)
|
|
12
|
+
return {
|
|
13
|
+
id: session.user.id,
|
|
14
|
+
email: session.user.email || void 0,
|
|
15
|
+
role: session.user.role === "admin" ? "admin" : void 0
|
|
16
|
+
};
|
|
17
|
+
} catch {
|
|
18
|
+
}
|
|
19
|
+
const jwtToken = authHeader?.replace("Bearer ", "");
|
|
20
|
+
if (jwtToken)
|
|
21
|
+
try {
|
|
22
|
+
const payload = await validateToken(jwtToken, tokenOptions), userId = payload?.id || payload?.sub;
|
|
23
|
+
if (userId)
|
|
24
|
+
return {
|
|
25
|
+
id: userId,
|
|
26
|
+
email: payload.email,
|
|
27
|
+
role: payload.role === "admin" ? "admin" : void 0
|
|
28
|
+
};
|
|
29
|
+
} catch (err) {
|
|
30
|
+
if (!(err instanceof InvalidTokenError))
|
|
31
|
+
throw err;
|
|
32
|
+
}
|
|
33
|
+
return null;
|
|
34
|
+
}
|
|
35
|
+
async function validateToken(token, options) {
|
|
36
|
+
const {
|
|
37
|
+
baseUrl = process.env.ONE_SERVER_URL,
|
|
38
|
+
forceIssuer = process.env.FORCE_ISSUER || "",
|
|
39
|
+
jwksPath = "/api/auth/jwks"
|
|
40
|
+
} = options || {};
|
|
41
|
+
if (!baseUrl)
|
|
42
|
+
throw new Error("No baseURL!");
|
|
43
|
+
const normalizedBaseUrl = removeTrailingSlash(baseUrl), url = `${forceIssuer || normalizedBaseUrl}${jwksPath}`, JWKS = createRemoteJWKSet(new URL(url));
|
|
44
|
+
try {
|
|
45
|
+
const verifyOptions = forceIssuer ? {} : {
|
|
46
|
+
issuer: normalizedBaseUrl,
|
|
47
|
+
audience: normalizedBaseUrl
|
|
48
|
+
}, { payload } = await jwtVerify(token, JWKS, verifyOptions);
|
|
49
|
+
return payload;
|
|
50
|
+
} catch (error) {
|
|
51
|
+
throw new InvalidTokenError(`${error}`);
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
async function isValidJWT(token, options) {
|
|
55
|
+
try {
|
|
56
|
+
return await validateToken(token, options), !0;
|
|
57
|
+
} catch {
|
|
58
|
+
return !1;
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
function removeTrailingSlash(str) {
|
|
62
|
+
return str.replace(/\/$/, "");
|
|
63
|
+
}
|
|
64
|
+
export {
|
|
65
|
+
InvalidTokenError,
|
|
66
|
+
NotAuthenticatedError,
|
|
67
|
+
getAuthDataFromRequest,
|
|
68
|
+
isValidJWT,
|
|
69
|
+
validateToken
|
|
70
|
+
};
|
|
71
|
+
//# sourceMappingURL=server.js.map
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
{
|
|
2
|
+
"version": 3,
|
|
3
|
+
"sources": ["../../src/server.ts"],
|
|
4
|
+
"mappings": "AAMA,SAAS,oBAAoB,iBAAkC;AAiBxD,MAAM,8BAA8B,MAAM;AAAC;AAC3C,MAAM,0BAA0B,MAAM;AAAC;AAiB9C,eAAsB,uBACpB,YACA,KACA,cAC0B;AAI1B,QAAM,aAAa,IAAI,QAAQ,IAAI,eAAe,GAC5C,SAAS,YAAY,MAAM,SAAS,EAAE,CAAC,GAEvC,aAAa,IAAI,QAAQ,IAAI,OAAO;AAC1C,EAAI,UACF,WAAW,IAAI,UAAU,MAAM;AAIjC,MAAI;AACF,UAAM,UAAU,MAAM,WAAW,IAAI,WAAW,EAAE,SAAS,WAAW,CAAC;AACvE,QAAI,SAAS;AACX,aAAO;AAAA,QACL,IAAI,QAAQ,KAAK;AAAA,QACjB,OAAO,QAAQ,KAAK,SAAS;AAAA,QAC7B,MAAM,QAAQ,KAAK,SAAS,UAAU,UAAU;AAAA,MAClD;AAAA,EAEJ,QAAQ;AAAA,EAER;AAIA,QAAM,WAAW,YAAY,QAAQ,WAAW,EAAE;AAElD,MAAI;AACF,QAAI;AACF,YAAM,UAAU,MAAM,cAAc,UAAU,YAAY,GACpD,SAAU,SAAiB,MAAM,SAAS;AAChD,UAAI;AACF,eAAO;AAAA,UACL,IAAI;AAAA,UACJ,OAAQ,QAAgB;AAAA,UACxB,MAAO,QAAgB,SAAS,UAAU,UAAU;AAAA,QACtD;AAAA,IAEJ,SAAS,KAAK;AACZ,UAAI,EAAE,eAAe;AACnB,cAAM;AAAA,IAEV;AAGF,SAAO;AACT;AAIA,eAAsB,cACpB,OACA,SACqB;AACrB,QAAM;AAAA,IACJ,UAAU,QAAQ,IAAI;AAAA,IACtB,cAAc,QAAQ,IAAI,gBAAgB;AAAA,IAC1C,WAAW;AAAA,EACb,IAAI,WAAW,CAAC;AAEhB,MAAI,CAAC;AACH,UAAM,IAAI,MAAM,aAAa;AAG/B,QAAM,oBAAoB,oBAAoB,OAAO,GAC/C,MAAM,GAAG,eAAe,iBAAiB,GAAG,QAAQ,IAGpD,OAAO,mBAAmB,IAAI,IAAI,GAAG,CAAC;AAE5C,MAAI;AACF,UAAM,gBAAgB,cAClB,CAAC,IACD;AAAA,MACE,QAAQ;AAAA,MACR,UAAU;AAAA,IACZ,GAEE,EAAE,QAAQ,IAAI,MAAM,UAAU,OAAO,MAAM,aAAa;AAE9D,WAAO;AAAA,EACT,SAAS,OAAO;AACd,UAAM,IAAI,kBAAkB,GAAG,KAAK,EAAE;AAAA,EACxC;AACF;AAEA,eAAsB,WACpB,OACA,SACkB;AAClB,MAAI;AACF,iBAAM,cAAc,OAAO,OAAO,GAC3B;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEA,SAAS,oBAAoB,KAAa;AACxC,SAAO,IAAI,QAAQ,OAAO,EAAE;AAC9B;",
|
|
5
|
+
"names": []
|
|
6
|
+
}
|
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
import { createRemoteJWKSet, jwtVerify } from "jose";
|
|
2
|
+
class NotAuthenticatedError extends Error {}
|
|
3
|
+
class InvalidTokenError extends Error {}
|
|
4
|
+
async function getAuthDataFromRequest(authServer, req, tokenOptions) {
|
|
5
|
+
const authHeader = req.headers.get("authorization"),
|
|
6
|
+
cookie = authHeader?.split("Bearer ")[1],
|
|
7
|
+
newHeaders = new Headers(req.headers);
|
|
8
|
+
cookie && newHeaders.set("Cookie", cookie);
|
|
9
|
+
try {
|
|
10
|
+
const session = await authServer.api.getSession({
|
|
11
|
+
headers: newHeaders
|
|
12
|
+
});
|
|
13
|
+
if (session?.user) return {
|
|
14
|
+
id: session.user.id,
|
|
15
|
+
email: session.user.email || void 0,
|
|
16
|
+
role: session.user.role === "admin" ? "admin" : void 0
|
|
17
|
+
};
|
|
18
|
+
} catch {}
|
|
19
|
+
const jwtToken = authHeader?.replace("Bearer ", "");
|
|
20
|
+
if (jwtToken) try {
|
|
21
|
+
const payload = await validateToken(jwtToken, tokenOptions),
|
|
22
|
+
userId = payload?.id || payload?.sub;
|
|
23
|
+
if (userId) return {
|
|
24
|
+
id: userId,
|
|
25
|
+
email: payload.email,
|
|
26
|
+
role: payload.role === "admin" ? "admin" : void 0
|
|
27
|
+
};
|
|
28
|
+
} catch (err) {
|
|
29
|
+
if (!(err instanceof InvalidTokenError)) throw err;
|
|
30
|
+
}
|
|
31
|
+
return null;
|
|
32
|
+
}
|
|
33
|
+
async function validateToken(token, options) {
|
|
34
|
+
const {
|
|
35
|
+
baseUrl = process.env.ONE_SERVER_URL,
|
|
36
|
+
forceIssuer = process.env.FORCE_ISSUER || "",
|
|
37
|
+
jwksPath = "/api/auth/jwks"
|
|
38
|
+
} = options || {};
|
|
39
|
+
if (!baseUrl) throw new Error("No baseURL!");
|
|
40
|
+
const normalizedBaseUrl = removeTrailingSlash(baseUrl),
|
|
41
|
+
url = `${forceIssuer || normalizedBaseUrl}${jwksPath}`,
|
|
42
|
+
JWKS = createRemoteJWKSet(new URL(url));
|
|
43
|
+
try {
|
|
44
|
+
const verifyOptions = forceIssuer ? {} : {
|
|
45
|
+
issuer: normalizedBaseUrl,
|
|
46
|
+
audience: normalizedBaseUrl
|
|
47
|
+
},
|
|
48
|
+
{
|
|
49
|
+
payload
|
|
50
|
+
} = await jwtVerify(token, JWKS, verifyOptions);
|
|
51
|
+
return payload;
|
|
52
|
+
} catch (error) {
|
|
53
|
+
throw new InvalidTokenError(`${error}`);
|
|
54
|
+
}
|
|
55
|
+
}
|
|
56
|
+
async function isValidJWT(token, options) {
|
|
57
|
+
try {
|
|
58
|
+
return await validateToken(token, options), !0;
|
|
59
|
+
} catch {
|
|
60
|
+
return !1;
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
function removeTrailingSlash(str) {
|
|
64
|
+
return str.replace(/\/$/, "");
|
|
65
|
+
}
|
|
66
|
+
export { InvalidTokenError, NotAuthenticatedError, getAuthDataFromRequest, isValidJWT, validateToken };
|
|
67
|
+
//# sourceMappingURL=server.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["createRemoteJWKSet","jwtVerify","NotAuthenticatedError","Error","InvalidTokenError","getAuthDataFromRequest","authServer","req","tokenOptions","authHeader","headers","get","cookie","split","newHeaders","Headers","set","session","api","getSession","user","id","email","role","jwtToken","replace","payload","validateToken","userId","sub","err","token","options","baseUrl","process","env","ONE_SERVER_URL","forceIssuer","FORCE_ISSUER","jwksPath","normalizedBaseUrl","removeTrailingSlash","url","JWKS","URL","verifyOptions","issuer","audience","error","isValidJWT","str"],"sources":["../../src/server.ts"],"sourcesContent":[null],"mappings":"AAMA,SAASA,kBAAA,EAAoBC,SAAA,QAAkC;AAiBxD,MAAMC,qBAAA,SAA8BC,KAAA,CAAM;AAC1C,MAAMC,iBAAA,SAA0BD,KAAA,CAAM;AAiB7C,eAAsBE,uBACpBC,UAAA,EACAC,GAAA,EACAC,YAAA,EAC0B;EAI1B,MAAMC,UAAA,GAAaF,GAAA,CAAIG,OAAA,CAAQC,GAAA,CAAI,eAAe;IAC5CC,MAAA,GAASH,UAAA,EAAYI,KAAA,CAAM,SAAS,EAAE,CAAC;IAEvCC,UAAA,GAAa,IAAIC,OAAA,CAAQR,GAAA,CAAIG,OAAO;EACtCE,MAAA,IACFE,UAAA,CAAWE,GAAA,CAAI,UAAUJ,MAAM;EAIjC,IAAI;IACF,MAAMK,OAAA,GAAU,MAAMX,UAAA,CAAWY,GAAA,CAAIC,UAAA,CAAW;MAAET,OAAA,EAASI;IAAW,CAAC;IACvE,IAAIG,OAAA,EAASG,IAAA,EACX,OAAO;MACLC,EAAA,EAAIJ,OAAA,CAAQG,IAAA,CAAKC,EAAA;MACjBC,KAAA,EAAOL,OAAA,CAAQG,IAAA,CAAKE,KAAA,IAAS;MAC7BC,IAAA,EAAMN,OAAA,CAAQG,IAAA,CAAKG,IAAA,KAAS,UAAU,UAAU;IAClD;EAEJ,QAAQ,CAER;EAIA,MAAMC,QAAA,GAAWf,UAAA,EAAYgB,OAAA,CAAQ,WAAW,EAAE;EAElD,IAAID,QAAA,EACF,IAAI;IACF,MAAME,OAAA,GAAU,MAAMC,aAAA,CAAcH,QAAA,EAAUhB,YAAY;MACpDoB,MAAA,GAAUF,OAAA,EAAiBL,EAAA,IAAMK,OAAA,EAASG,GAAA;IAChD,IAAID,MAAA,EACF,OAAO;MACLP,EAAA,EAAIO,MAAA;MACJN,KAAA,EAAQI,OAAA,CAAgBJ,KAAA;MACxBC,IAAA,EAAOG,OAAA,CAAgBH,IAAA,KAAS,UAAU,UAAU;IACtD;EAEJ,SAASO,GAAA,EAAK;IACZ,IAAI,EAAEA,GAAA,YAAe1B,iBAAA,GACnB,MAAM0B,GAAA;EAEV;EAGF,OAAO;AACT;AAIA,eAAsBH,cACpBI,KAAA,EACAC,OAAA,EACqB;EACrB,MAAM;IACJC,OAAA,GAAUC,OAAA,CAAQC,GAAA,CAAIC,cAAA;IACtBC,WAAA,GAAcH,OAAA,CAAQC,GAAA,CAAIG,YAAA,IAAgB;IAC1CC,QAAA,GAAW;EACb,IAAIP,OAAA,IAAW,CAAC;EAEhB,IAAI,CAACC,OAAA,EACH,MAAM,IAAI9B,KAAA,CAAM,aAAa;EAG/B,MAAMqC,iBAAA,GAAoBC,mBAAA,CAAoBR,OAAO;IAC/CS,GAAA,GAAM,GAAGL,WAAA,IAAeG,iBAAiB,GAAGD,QAAQ;IAGpDI,IAAA,GAAO3C,kBAAA,CAAmB,IAAI4C,GAAA,CAAIF,GAAG,CAAC;EAE5C,IAAI;IACF,MAAMG,aAAA,GAAgBR,WAAA,GAClB,CAAC,IACD;QACES,MAAA,EAAQN,iBAAA;QACRO,QAAA,EAAUP;MACZ;MAEE;QAAEd;MAAQ,IAAI,MAAMzB,SAAA,CAAU8B,KAAA,EAAOY,IAAA,EAAME,aAAa;IAE9D,OAAOnB,OAAA;EACT,SAASsB,KAAA,EAAO;IACd,MAAM,IAAI5C,iBAAA,CAAkB,GAAG4C,KAAK,EAAE;EACxC;AACF;AAEA,eAAsBC,WACpBlB,KAAA,EACAC,OAAA,EACkB;EAClB,IAAI;IACF,aAAML,aAAA,CAAcI,KAAA,EAAOC,OAAO,GAC3B;EACT,QAAQ;IACN,OAAO;EACT;AACF;AAEA,SAASS,oBAAoBS,GAAA,EAAa;EACxC,OAAOA,GAAA,CAAIzB,OAAA,CAAQ,OAAO,EAAE;AAC9B","ignoreList":[]}
|