@take-out/better-auth-utils 0.4.3 → 0.4.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/createAuthClient.cjs +140 -89
- package/dist/cjs/createAuthClient.native.js +185 -141
- package/dist/cjs/createAuthClient.native.js.map +1 -1
- package/dist/cjs/index.cjs +7 -5
- package/dist/cjs/index.native.js +7 -5
- package/dist/cjs/index.native.js.map +1 -1
- package/dist/cjs/server.cjs +57 -42
- package/dist/cjs/server.native.js +137 -92
- package/dist/cjs/server.native.js.map +1 -1
- package/dist/esm/createAuthClient.mjs +126 -77
- package/dist/esm/createAuthClient.mjs.map +1 -1
- package/dist/esm/createAuthClient.native.js +171 -129
- package/dist/esm/createAuthClient.native.js.map +1 -1
- package/dist/esm/server.mjs +45 -32
- package/dist/esm/server.mjs.map +1 -1
- package/dist/esm/server.native.js +125 -82
- package/dist/esm/server.native.js.map +1 -1
- package/package.json +3 -3
|
@@ -2,126 +2,151 @@ import { createEmitter, createStorageValue, isEqualDeepLite, useEmitterValue } f
|
|
|
2
2
|
import { createAuthClient } from "better-auth/client";
|
|
3
3
|
function createBetterAuthClient(options) {
|
|
4
4
|
var {
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
5
|
+
onAuthStateChange,
|
|
6
|
+
onAuthError,
|
|
7
|
+
createUser,
|
|
8
|
+
storagePrefix = "auth",
|
|
9
|
+
retryDelay = 4e3,
|
|
10
|
+
useJWT = false,
|
|
11
|
+
authCookieNames = ["better-auth.jwt", "better-auth.session_token"],
|
|
12
|
+
...authClientOptions
|
|
13
|
+
} = options;
|
|
14
|
+
var empty = {
|
|
15
|
+
state: "logged-out",
|
|
16
|
+
session: null,
|
|
17
|
+
user: null,
|
|
18
|
+
token: null
|
|
19
|
+
};
|
|
20
|
+
var keysStorage = createStorageValue(`${storagePrefix}-keys`);
|
|
21
|
+
var stateStorage = createStorageValue(`${storagePrefix}-state`);
|
|
22
|
+
var createAuthClientWithSession = function (session) {
|
|
23
|
+
return createAuthClient({
|
|
24
|
+
...authClientOptions,
|
|
25
|
+
fetchOptions: {
|
|
26
|
+
credentials: "include",
|
|
27
|
+
headers: session ? {
|
|
28
|
+
Authorization: `Bearer ${session}`
|
|
29
|
+
} : void 0
|
|
30
|
+
}
|
|
31
|
+
});
|
|
32
|
+
};
|
|
33
|
+
var authClient = function () {
|
|
34
|
+
var _keysStorage_get;
|
|
35
|
+
var existingSession = (_keysStorage_get = keysStorage.get()) === null || _keysStorage_get === void 0 ? void 0 : _keysStorage_get.session;
|
|
36
|
+
return existingSession ? createAuthClientWithSession(existingSession) : createAuthClient({
|
|
37
|
+
...authClientOptions,
|
|
38
|
+
fetchOptions: {
|
|
39
|
+
credentials: "include"
|
|
40
|
+
}
|
|
41
|
+
});
|
|
42
|
+
}();
|
|
43
|
+
var authState = createEmitter("authState", stateStorage.get() || empty, {
|
|
44
|
+
comparator: isEqualDeepLite
|
|
45
|
+
});
|
|
46
|
+
var authClientVersion = createEmitter("authClientVersion", 0);
|
|
47
|
+
var setState = function (update) {
|
|
48
|
+
var current = authState.value;
|
|
49
|
+
var next = {
|
|
50
|
+
...current,
|
|
51
|
+
...update
|
|
52
|
+
};
|
|
53
|
+
stateStorage.set(next);
|
|
54
|
+
authState.emit(next);
|
|
55
|
+
if (next.token && next.session) {
|
|
56
|
+
keysStorage.set({
|
|
54
57
|
token: next.token,
|
|
55
58
|
session: next.session.token
|
|
56
|
-
})
|
|
59
|
+
});
|
|
60
|
+
} else if (next.session) {
|
|
61
|
+
keysStorage.set({
|
|
57
62
|
token: "",
|
|
58
63
|
session: next.session.token
|
|
59
|
-
})
|
|
64
|
+
});
|
|
65
|
+
} else {
|
|
66
|
+
keysStorage.set({
|
|
60
67
|
token: "",
|
|
61
68
|
session: ""
|
|
62
|
-
})
|
|
63
|
-
}
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
69
|
+
});
|
|
70
|
+
}
|
|
71
|
+
onAuthStateChange === null || onAuthStateChange === void 0 ? void 0 : onAuthStateChange(next);
|
|
72
|
+
};
|
|
73
|
+
var setAuthClientToken = async function (props) {
|
|
74
|
+
keysStorage.set(props);
|
|
75
|
+
updateAuthClient(props.session);
|
|
76
|
+
};
|
|
67
77
|
function updateAuthClient(session) {
|
|
68
|
-
authClient = createAuthClientWithSession(session)
|
|
78
|
+
authClient = createAuthClientWithSession(session);
|
|
79
|
+
authClientVersion.emit(Math.random());
|
|
80
|
+
subscribeToAuthEffect();
|
|
69
81
|
}
|
|
70
|
-
var dispose = null
|
|
71
|
-
|
|
82
|
+
var dispose = null;
|
|
83
|
+
var retryTimer = null;
|
|
72
84
|
function subscribeToAuthEffect() {
|
|
73
|
-
dispose
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
85
|
+
dispose === null || dispose === void 0 ? void 0 : dispose();
|
|
86
|
+
dispose = authClient.useSession.subscribe(async function (props) {
|
|
87
|
+
var _keysStorage_get, _authState_value;
|
|
88
|
+
var {
|
|
89
|
+
data: dataGeneric,
|
|
90
|
+
isPending,
|
|
91
|
+
error
|
|
92
|
+
} = props;
|
|
81
93
|
if (error) {
|
|
82
94
|
var _keysStorage_get1;
|
|
83
|
-
onAuthError
|
|
84
|
-
var hasPersistedSession = !!(
|
|
85
|
-
hasPersistedSession
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
95
|
+
onAuthError === null || onAuthError === void 0 ? void 0 : onAuthError(error);
|
|
96
|
+
var hasPersistedSession = !!((_keysStorage_get1 = keysStorage.get()) === null || _keysStorage_get1 === void 0 ? void 0 : _keysStorage_get1.session);
|
|
97
|
+
if (!hasPersistedSession) {
|
|
98
|
+
setState({
|
|
99
|
+
state: "logged-out",
|
|
100
|
+
session: null,
|
|
101
|
+
user: null
|
|
102
|
+
});
|
|
103
|
+
}
|
|
104
|
+
scheduleAuthRetry(retryDelay);
|
|
90
105
|
return;
|
|
91
106
|
}
|
|
92
|
-
var data = dataGeneric
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
107
|
+
var data = dataGeneric;
|
|
108
|
+
var hasPersistedSession1 = !!((_keysStorage_get = keysStorage.get()) === null || _keysStorage_get === void 0 ? void 0 : _keysStorage_get.session);
|
|
109
|
+
var nextState = isPending ? "loading" : (data === null || data === void 0 ? void 0 : data.session) ? "logged-in" : hasPersistedSession1 && data === void 0 ? "loading" : "logged-out";
|
|
110
|
+
var _data_session;
|
|
111
|
+
var sessionUpdate = nextState === "loading" ? {} : {
|
|
112
|
+
session: (_data_session = data === null || data === void 0 ? void 0 : data.session) !== null && _data_session !== void 0 ? _data_session : null,
|
|
113
|
+
user: (data === null || data === void 0 ? void 0 : data.user) ? createUser ? createUser(data.user) : data.user : null
|
|
114
|
+
};
|
|
115
|
+
var previousSession = (_authState_value = authState.value) === null || _authState_value === void 0 ? void 0 : _authState_value.session;
|
|
116
|
+
var isNewSession = (data === null || data === void 0 ? void 0 : data.session) && (!previousSession || previousSession.id !== data.session.id || previousSession.userId !== data.session.userId);
|
|
102
117
|
setState({
|
|
103
118
|
state: nextState,
|
|
104
119
|
...sessionUpdate
|
|
105
|
-
})
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
120
|
+
});
|
|
121
|
+
if (useJWT && (data === null || data === void 0 ? void 0 : data.session) && (isNewSession || !authState.value.token)) {
|
|
122
|
+
if (isNewSession && authState.value.token) {
|
|
123
|
+
setState({
|
|
124
|
+
token: null
|
|
125
|
+
});
|
|
126
|
+
}
|
|
127
|
+
getValidToken().then(function (token) {
|
|
128
|
+
if (token) {
|
|
129
|
+
setState({
|
|
130
|
+
token
|
|
131
|
+
});
|
|
132
|
+
}
|
|
110
133
|
});
|
|
111
|
-
}
|
|
134
|
+
}
|
|
112
135
|
});
|
|
113
136
|
}
|
|
114
137
|
function scheduleAuthRetry(delayMs) {
|
|
115
|
-
|
|
116
|
-
|
|
138
|
+
if (retryTimer) clearTimeout(retryTimer);
|
|
139
|
+
retryTimer = setTimeout(function () {
|
|
140
|
+
retryTimer = null;
|
|
141
|
+
subscribeToAuthEffect();
|
|
117
142
|
}, delayMs);
|
|
118
143
|
}
|
|
119
144
|
async function getValidToken() {
|
|
120
|
-
var _res_data
|
|
121
|
-
|
|
145
|
+
var _res_data;
|
|
146
|
+
var res = await authClient.$fetch("/token");
|
|
122
147
|
if (res.error) {
|
|
123
148
|
console.error(`Error fetching token: ${res.error.statusText}`);
|
|
124
|
-
return;
|
|
149
|
+
return void 0;
|
|
125
150
|
}
|
|
126
151
|
return (_res_data = res.data) === null || _res_data === void 0 ? void 0 : _res_data.token;
|
|
127
152
|
}
|
|
@@ -129,59 +154,76 @@ function createBetterAuthClient(options) {
|
|
|
129
154
|
keysStorage.remove();
|
|
130
155
|
};
|
|
131
156
|
function clearAuthCookies() {
|
|
132
|
-
if (
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
157
|
+
if (typeof document === "undefined") return;
|
|
158
|
+
var _iteratorNormalCompletion = true,
|
|
159
|
+
_didIteratorError = false,
|
|
160
|
+
_iteratorError = void 0;
|
|
161
|
+
try {
|
|
162
|
+
for (var _iterator = authCookieNames[Symbol.iterator](), _step; !(_iteratorNormalCompletion = (_step = _iterator.next()).done); _iteratorNormalCompletion = true) {
|
|
163
|
+
var cookieName = _step.value;
|
|
164
|
+
document.cookie = `${cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/`;
|
|
165
|
+
var domain = window.location.hostname;
|
|
166
|
+
document.cookie = `${cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=${domain}`;
|
|
167
|
+
if (domain.startsWith(".")) {
|
|
168
|
+
document.cookie = `${cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=${domain.slice(1)}`;
|
|
169
|
+
}
|
|
170
|
+
}
|
|
171
|
+
} catch (err) {
|
|
172
|
+
_didIteratorError = true;
|
|
173
|
+
_iteratorError = err;
|
|
174
|
+
} finally {
|
|
136
175
|
try {
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
document.cookie = `${cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/`;
|
|
140
|
-
var domain = window.location.hostname;
|
|
141
|
-
document.cookie = `${cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=${domain}`, domain.startsWith(".") && (document.cookie = `${cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=${domain.slice(1)}`);
|
|
176
|
+
if (!_iteratorNormalCompletion && _iterator.return != null) {
|
|
177
|
+
_iterator.return();
|
|
142
178
|
}
|
|
143
|
-
} catch (err) {
|
|
144
|
-
_didIteratorError = !0, _iteratorError = err;
|
|
145
179
|
} finally {
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
} finally {
|
|
149
|
-
if (_didIteratorError) throw _iteratorError;
|
|
180
|
+
if (_didIteratorError) {
|
|
181
|
+
throw _iteratorError;
|
|
150
182
|
}
|
|
151
183
|
}
|
|
152
184
|
}
|
|
153
185
|
}
|
|
154
186
|
function clearAllAuth() {
|
|
155
|
-
clearAuthCookies()
|
|
187
|
+
clearAuthCookies();
|
|
188
|
+
clearState();
|
|
156
189
|
}
|
|
157
190
|
var getAuth = function () {
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
};
|
|
163
|
-
},
|
|
164
|
-
useAuth = function () {
|
|
165
|
-
return useEmitterValue(authState) || empty;
|
|
191
|
+
var state = (authState === null || authState === void 0 ? void 0 : authState.value) || empty;
|
|
192
|
+
return {
|
|
193
|
+
...state,
|
|
194
|
+
loggedIn: !!state.session
|
|
166
195
|
};
|
|
196
|
+
};
|
|
197
|
+
var useAuth = function () {
|
|
198
|
+
return useEmitterValue(authState) || empty;
|
|
199
|
+
};
|
|
167
200
|
function clearState() {
|
|
168
|
-
keysStorage.remove()
|
|
201
|
+
keysStorage.remove();
|
|
202
|
+
stateStorage.remove();
|
|
203
|
+
setState(empty);
|
|
169
204
|
}
|
|
170
|
-
|
|
205
|
+
subscribeToAuthEffect();
|
|
206
|
+
if (typeof window !== "undefined" && window.addEventListener) {
|
|
171
207
|
var cleanup = function () {
|
|
172
|
-
dispose
|
|
208
|
+
dispose === null || dispose === void 0 ? void 0 : dispose();
|
|
209
|
+
if (retryTimer) clearTimeout(retryTimer);
|
|
173
210
|
};
|
|
174
211
|
window.addEventListener("beforeunload", cleanup);
|
|
175
212
|
}
|
|
176
213
|
var proxiedAuthClient = new Proxy(authClient, {
|
|
177
214
|
get(_target, key) {
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
(
|
|
183
|
-
|
|
184
|
-
|
|
215
|
+
if (key === "signOut") {
|
|
216
|
+
return function () {
|
|
217
|
+
var _authClient_signOut;
|
|
218
|
+
clearState();
|
|
219
|
+
(_authClient_signOut = authClient.signOut) === null || _authClient_signOut === void 0 ? void 0 : _authClient_signOut.call(authClient);
|
|
220
|
+
if (typeof window !== "undefined") {
|
|
221
|
+
var _window_location_reload, _window_location;
|
|
222
|
+
(_window_location = window.location) === null || _window_location === void 0 ? void 0 : (_window_location_reload = _window_location.reload) === null || _window_location_reload === void 0 ? void 0 : _window_location_reload.call(_window_location);
|
|
223
|
+
}
|
|
224
|
+
};
|
|
225
|
+
}
|
|
226
|
+
return Reflect.get(authClient, key);
|
|
185
227
|
}
|
|
186
228
|
});
|
|
187
229
|
return {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["createEmitter","createStorageValue","isEqualDeepLite","useEmitterValue","createAuthClient","createBetterAuthClient","options","onAuthStateChange","onAuthError","createUser","storagePrefix","retryDelay","useJWT","authCookieNames","authClientOptions","empty","state","session","user","token","keysStorage","stateStorage","createAuthClientWithSession","fetchOptions","credentials","headers","Authorization","authClient","_keysStorage_get","existingSession","get","authState","comparator","authClientVersion","setState","update","current","value","next","set","emit","setAuthClientToken","props","updateAuthClient","Math","random","subscribeToAuthEffect","dispose","retryTimer","useSession","subscribe","_authState_value","data","dataGeneric","isPending","error","_keysStorage_get1","hasPersistedSession","scheduleAuthRetry","hasPersistedSession1","nextState","_data_session","sessionUpdate","previousSession","isNewSession","id","userId","getValidToken","then","delayMs","clearTimeout","setTimeout","_res_data","res","$fetch","console","statusText","clearAuthClientToken","remove","clearAuthCookies","document","_iteratorNormalCompletion","_didIteratorError","_iteratorError","_iterator","Symbol","iterator","_step","done","cookieName","cookie","domain","window","location","hostname","startsWith","slice","err","return","clearAllAuth","clearState","getAuth","loggedIn","useAuth"],"sources":["../../src/createAuthClient.ts"],"sourcesContent":[null],"mappings":"AAUA,SAAAA,aAAA,EAAAC,kBAAA,EAAAC,eAAA,EAAAC,eAAA;AAAA,SACEC,gBAAA;AAAA,SACAC,uBAAAC,OAAA;EAEA;
|
|
1
|
+
{"version":3,"names":["createEmitter","createStorageValue","isEqualDeepLite","useEmitterValue","createAuthClient","createBetterAuthClient","options","onAuthStateChange","onAuthError","createUser","storagePrefix","retryDelay","useJWT","authCookieNames","authClientOptions","empty","state","session","user","token","keysStorage","stateStorage","createAuthClientWithSession","fetchOptions","credentials","headers","Authorization","authClient","_keysStorage_get","existingSession","get","authState","comparator","authClientVersion","setState","update","current","value","next","set","emit","setAuthClientToken","props","updateAuthClient","Math","random","subscribeToAuthEffect","dispose","retryTimer","useSession","subscribe","_authState_value","data","dataGeneric","isPending","error","_keysStorage_get1","hasPersistedSession","scheduleAuthRetry","hasPersistedSession1","nextState","_data_session","sessionUpdate","previousSession","isNewSession","id","userId","getValidToken","then","delayMs","clearTimeout","setTimeout","_res_data","res","$fetch","console","statusText","clearAuthClientToken","remove","clearAuthCookies","document","_iteratorNormalCompletion","_didIteratorError","_iteratorError","_iterator","Symbol","iterator","_step","done","cookieName","cookie","domain","window","location","hostname","startsWith","slice","err","return","clearAllAuth","clearState","getAuth","loggedIn","useAuth","addEventListener","cleanup"],"sources":["../../src/createAuthClient.ts"],"sourcesContent":[null],"mappings":"AAUA,SAAAA,aAAA,EAAAC,kBAAA,EAAAC,eAAA,EAAAC,eAAA;AAAA,SACEC,gBAAA;AAAA,SACAC,uBAAAC,OAAA;EAEA;IAAAC,iBAAA;IAAAC,WAAA;IAAAC,UAAA;IAAAC,aAAA;IAAAC,UAAA;IAAAC,MAAA;IAAAC,eAAA,IACA,8CACK,CACP;IAAA,GAAAC;EAAuC,IAAAR,OAAwB;EAmFxD,IAAAS,KAAS;IAIdC,KAAM;IACJC,OAAA;IACAC,IAAA;IACAC,KAAA;EAAA;EACgB,IAChBC,WAAa,GAAAnB,kBAAA,IAAAS,aAAA;EAAA,IACbW,YAAS,GAAApB,kBAAA,IAAAS,aAAA;EAAA,IACTY,2BAAmB,YAAAA,CAAmBL,OAAA;IACtC,OAAGb,gBAAA;MACD,GAAAU,iBAAA;MAEJS,YAAgC;QAC9BC,WAAO;QACPC,OAAS,EAAAR,OAAA;UACHS,aAAA,YAAAT,OAAA;QACN,IAAO;MACT;IAEA;EACA;EAEA,IAAAU,UAAM;IACJ,IAAAC,gBAAO;IAAiB,IACtBC,eAAG,IAAAD,gBAAA,GAAAR,WAAA,CAAAU,GAAA,gBAAAF,gBAAA,uBAAAA,gBAAA,CAAAX,OAAA;IAAA,OACHY,eAAc,GAAAP,2BAAA,CAAAO,eAAA,IAAAzB,gBAAA;MAAA,GACZU,iBAAa;MAAAS,YACJ;QACXC,WAAA;MACD;IACH;EAEA,GAAI;EACF,IAAAO,SAAM,GAAA/B,aAAkB,YAAY,EAAIqB,YAAG,CAAAS,GAAA,MAAAf,KAAA;IAC3CiB,UAAO,EAAA9B;EAEc;EACZ,IACH+B,iBAAgB,GAAAjC,aAAa,oBAAU;EAAA,IAChCkC,QAAA,YAAAA,CAAAC,MAAA;IACf,IAAGC,OAAA,GAAAL,SAAA,CAAAM,KAAA;IAEH,IAAMC,IAAA;MACJ,GAAAF,OAAA;MACA,GAAAD;IACA;IACFd,YAAA,CAAAkB,GAAA,CAAAD,IAAA;IAEAP,SAAM,CAAAS,IAAA,CAAAF,IAAA;IAEN,IAAMA,IAAA,CAAAnB,KAAA,IAAYmB,IAAA,CAAArB,OAAsC;MACtDG,WAAM,CAAAmB,GAAU;QAChBpB,KAAM,EAAAmB,IAAS,CAAAnB,KAAG;QAClBF,OAAA,EAAaqB,IAAI,CAAArB,OAAI,CAAAE;MACrB;IAGA,OAAI,IAAKmB,IAAA,CAAArB,OAAc;MACrBG,WAAA,CAAYmB,GAAA,CAAI;QACdpB,KAAA,EAAO;QACPF,OAAA,EAASqB,IAAA,CAAKrB,OAAA,CAAQE;MACxB,CAAC;IACH;MACEC,WAAA,CAAYmB,GAAA,CAAI;QACdpB,KAAA,EAAO;QACPF,OAAA,EAAS;MACX,CAAC;IACH;IACEV,iBAAY,KAAM,QAAOA,iBAAiB,uBAAAA,iBAAA,CAAA+B,IAAA;EAAA;EAG5C,IAAAG,kBAAoB,kBAAAA,CAAIC,KAAA;IAC1BtB,WAAA,CAAAmB,GAAA,CAAAG,KAAA;IAEAC,gBAAM,CAAAD,KAAA,CAAAzB,OAAqB;EACzB;EACA,SAAA0B,gBAAuBA,CAAA1B,OAAO;IAChCU,UAAA,GAAAL,2BAAA,CAAAL,OAAA;IAEAgB,iBAAS,CAAAO,IAAA,CAAAI,IAAiB,CAAAC,MAAiB;IACzCC,qBAAa;EACb;EACA,IAAAC,OAAA;EACF,IAAAC,UAAA;EAEA,SAAIF,qBAA2BA,CAAA;IAC/BC,OAAI,SAAmD,IAAAA,OAAA,uBAAAA,OAAA;IAEvDA,OAAS,GAAApB,UAAA,CAAAsB,UAAwB,CAAAC,SAAA,iBAAAR,KAAA;MAC/B,IAAAd,gBAAU,EAAAuB,gBAAA;MAEV;QAAAC,IAAU,EAAAC,WAAW;QAAAC,SAAW;QAAAC;MAAU,IAAAb,KAAO;MAC/C,IAAAa,KAAQ;QAER,IAAIC,iBAAO;QACThD,WAAA,KAAc,IAAK,IAAAA,WAAA,uBAAAA,WAAA,CAAA+C,KAAA;QAEnB,IAAAE,mBAAM,MAAsB,CAACD,iBAAiB,GAAGpC,WAAA,CAAAU,GAAA,gBAAA0B,iBAAA,uBAAAA,iBAAA,CAAAvC,OAAA;QACjD,IAAI,CAACwC,mBAAA;UACHvB,QAAA,CAAS;YACXlB,KAAA;YACAC,OAAA;YACAC,IAAA;UACF;QAEA;QAQAwC,iBAAM,CAAA/C,UAAwB;QAC9B;MASA;MAGM,IACEyC,IAAA,GAASC,WAAM;MAAW,IAC1BM,oBAAoB,OAAA/B,gBAAwB,GAAKR,WAAQ,CAAAU,GAAK,QAAQ,QAAAF,gBAAA,uBAAAA,gBAAA,CAAAX,OAAA;MACxE,IAAA2C,SAAA,GAAAN,SAAA,gBAAAF,IAAA,aAAAA,IAAA,uBAAAA,IAAA,CAAAnC,OAAA,kBAAA0C,oBAAA,IAAAP,IAAA;MAGN,IAAAS,aAAM;MACN,IAAAC,aAAM,GAAAF,SACE,cACJ;QAIJ3C,OAAS,GAAA4C,aAAA,GAAAT,IAAA,aAAAA,IAAA,uBAAAA,IAAA,CAAAnC,OAAA,cAAA4C,aAAA,cAAAA,aAAA;QACP3C,IAAA,GAAOkC,IAAA,aAAAA,IAAA,uBAAAA,IAAA,CAAAlC,IAAA,IAAAT,UAAA,GAAAA,UAAA,CAAA2C,IAAA,CAAAlC,IAAA,IAAAkC,IAAA,CAAAlC,IAAA;MAAA;MAET,IAAC6C,eAAA,IAAAZ,gBAAA,GAAApB,SAAA,CAAAM,KAAA,cAAAc,gBAAA,uBAAAA,gBAAA,CAAAlC,OAAA;MAGD,IAAI+C,YAAU,IAAMZ,IAAA,SAAY,IAAAA,IAAA,UAAiB,SAAU,IAAAA,IAAM,CAAAnC,OAAQ,OAAA8C,eAAA,IAAAA,eAAA,CAAAE,EAAA,KAAAb,IAAA,CAAAnC,OAAA,CAAAgD,EAAA,IAAAF,eAAA,CAAAG,MAAA,KAAAd,IAAA,CAAAnC,OAAA,CAAAiD,MAAA;MACvEhC,QAAI;QACFlB,KAAA,EAAA4C,SAAW;QACb,GAAAE;MAEA;MACE,IAAAlD,MAAI,KAAOwC,IAAA,aAAAA,IAAA,uBAAAA,IAAA,CAAAnC,OAAA,MAAA+C,YAAA,KAAAjC,SAAA,CAAAM,KAAA,CAAAlB,KAAA;QACT,IAAA6C,YAAW,IAAAjC,SAAO,CAAAM,KAAA,CAAAlB,KAAA;UACpBe,QAAA;YACDf,KAAA;UACH;QACD;QACHgD,aAAA,GAAAC,IAAA,WAAAjD,KAAA;UAEA,IAASA,KAAA;YACHe,QAAY;cAChBf;YACE;UACA;QACC;MACL;IAEA;EACE;EACA,SAAIuC,iBAAWA,CAAAW,OAAA;IACb,IAAArB,UAAQ,EAAMsB,YAAA,CAAAtB,UAAA;IACdA,UAAO,GAAAuB,UAAA;MACTvB,UAAA;MACAF,qBAA0B;IAC5B,GAAAuB,OAAA;EAEA;EACE,eAAYF,aAAOA,CAAA;IACrB,IAAAK,SAAA;IAEA,IAAAC,GAAS,SAAA9C,UAAmB,CAAA+C,MAAA;IAC1B,IAAID,GAAA,CAAAlB,KAAO;MAEXoB,OAAA,CAAApB,KAAW,0BAAckB,GAAiB,CAAAlB,KAAA,CAAAqB,UAAA;MACxC,YAAS;IACT;IACA,QAAAJ,SAAS,GAASC,GAAG,CAAArB,IAAA,MAAU,QAAAoB,SAAA,uBAAAA,SAAA,CAAArD,KAAA;EAC/B;EACE,IAAA0D,oBAAkB,GAAG,SAAAA,CAAA,EAAU;IAA2EzD,WAC5G,CAAA0D,MAAA;EAAA;EAEJ,SAAAC,iBAAA;IAEA,WAASC,QAAA,KAAe;IACtB,IAAAC,yBAAiB;MAAAC,iBAAA;MAAAC,cAAA;IACjB;MACF,SAAAC,SAAA,GAAAvE,eAAA,CAAAwE,MAAA,CAAAC,QAAA,KAAAC,KAAA,IAAAN,yBAAA,IAAAM,KAAA,GAAAH,SAAA,CAAA9C,IAAA,IAAAkD,IAAA,GAAAP,yBAAA;QAEM,IAAAQ,UAAU,GAAMF,KAAA,CAAAlD,KAAA;QACpB2C,QAAM,CAAAU,MAAQ,MAAWD,UAAS;QAClC,IAAOE,MAAK,GAAAC,MAAO,CAAAC,QAAY,CAAAC,QAAM;QACvCd,QAAA,CAAAU,MAAA,MAAAD,UAAA,4DAAAE,MAAA;QAEM,IAAAA,MAAU,CAAAI,UAAM;UACpBf,QAAO,CAAAU,MAAA,GAAgB,GAAAD,UAAc,4DAAAE,MAAA,CAAAK,KAAA;QACvC;MAEA;IACE,SAAAC,GAAY;MACZf,iBAAa,GAAO;MACpBC,cAAc,GAAAc,GAAA;IAChB;MAEA;QAEI,KAAOhB,yBAAW,IAAeG,SAAO,CAAAc,MAAA,QAAkB;UACtDd,SAAA,CAAUc,MAAM;QACpB;MACA,UAAI;QACN,IAAAhB,iBAAA;UACA,MAAOC,cAAiB;QAC1B;MAEA;IACE;EACE;EACE,SAAAgB,YAAaA,CAAA;IACXpB,gBAAA,CAAW;IAEXqB,UAAA;EACA;EACE,IAAAC,OAAA,YAAAA,CAAA,EAAO;IAAmB,IAAArF,KAC5B,IAAAe,SAAA,aAAAA,SAAA,uBAAAA,SAAA,CAAAM,KAAA,KAAAtB,KAAA;IAAA,OACF;MACF,GAAAC,KAAA;MACAsF,QAAO,IAAAtF,KAAQ,CAAAC;IACjB;EACF,CAAC;EAED,IAAAsF,OAAO,YAAAA,CAAA;IACL,OAAApG,eAAA,CAAA4B,SAAA,KAAAhB,KAAA;EAAA;EACA,SACAqF,WAAA;IACAhF,WAAA,CAAY0D,MAAA;IACZzD,YAAA,CAAAyD,MAAA;IACA5C,QAAA,CAAAnB,KAAA;EAAA;EACA+B,qBACA;EAAA,IACA,OAAA8C,MAAA,oBAAAA,MAAA,CAAAY,gBAAA;IACA,IAAAC,OAAA,YAAAA,CAAA;MACA1D,OAAA,aAAAA,OAAA,uBAAAA,OAAA;MACF,IAAAC,UAAA,EAAAsB,YAAA,CAAAtB,UAAA;IACF","ignoreList":[]}
|
package/dist/esm/server.mjs
CHANGED
|
@@ -2,33 +2,43 @@ import { createRemoteJWKSet, jwtVerify } from "jose";
|
|
|
2
2
|
class NotAuthenticatedError extends Error {}
|
|
3
3
|
class InvalidTokenError extends Error {}
|
|
4
4
|
async function getAuthDataFromRequest(authServer, req, tokenOptions) {
|
|
5
|
-
const authHeader = req.headers.get("authorization")
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
5
|
+
const authHeader = req.headers.get("authorization");
|
|
6
|
+
const cookie = authHeader?.split("Bearer ")[1];
|
|
7
|
+
const newHeaders = new Headers(req.headers);
|
|
8
|
+
if (cookie) {
|
|
9
|
+
newHeaders.set("Cookie", cookie);
|
|
10
|
+
}
|
|
9
11
|
try {
|
|
10
12
|
const session = await authServer.api.getSession({
|
|
11
13
|
headers: newHeaders
|
|
12
14
|
});
|
|
13
|
-
if (session?.user)
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
15
|
+
if (session?.user) {
|
|
16
|
+
return {
|
|
17
|
+
id: session.user.id,
|
|
18
|
+
email: session.user.email || void 0,
|
|
19
|
+
role: session.user.role === "admin" ? "admin" : void 0
|
|
20
|
+
};
|
|
21
|
+
}
|
|
18
22
|
} catch (err) {
|
|
19
|
-
console.warn(
|
|
23
|
+
console.warn(`Error validating session`, err);
|
|
20
24
|
}
|
|
21
25
|
const jwtToken = authHeader?.replace("Bearer ", "");
|
|
22
|
-
if (jwtToken)
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
26
|
+
if (jwtToken) {
|
|
27
|
+
try {
|
|
28
|
+
const payload = await validateToken(jwtToken, tokenOptions);
|
|
29
|
+
const userId = payload?.id || payload?.sub;
|
|
30
|
+
if (userId) {
|
|
31
|
+
return {
|
|
32
|
+
id: userId,
|
|
33
|
+
email: payload.email,
|
|
34
|
+
role: payload.role === "admin" ? "admin" : void 0
|
|
35
|
+
};
|
|
36
|
+
}
|
|
37
|
+
} catch (err) {
|
|
38
|
+
if (!(err instanceof InvalidTokenError)) {
|
|
39
|
+
throw err;
|
|
40
|
+
}
|
|
41
|
+
}
|
|
32
42
|
}
|
|
33
43
|
return null;
|
|
34
44
|
}
|
|
@@ -38,18 +48,20 @@ async function validateToken(token, options) {
|
|
|
38
48
|
forceIssuer = process.env.FORCE_ISSUER || "",
|
|
39
49
|
jwksPath = "/api/auth/jwks"
|
|
40
50
|
} = options || {};
|
|
41
|
-
if (!baseUrl)
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
51
|
+
if (!baseUrl) {
|
|
52
|
+
throw new Error(`No baseURL!`);
|
|
53
|
+
}
|
|
54
|
+
const normalizedBaseUrl = removeTrailingSlash(baseUrl);
|
|
55
|
+
const url = `${forceIssuer || normalizedBaseUrl}${jwksPath}`;
|
|
56
|
+
const JWKS = createRemoteJWKSet(new URL(url));
|
|
45
57
|
try {
|
|
46
58
|
const verifyOptions = forceIssuer ? {} : {
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
59
|
+
issuer: normalizedBaseUrl,
|
|
60
|
+
audience: normalizedBaseUrl
|
|
61
|
+
};
|
|
62
|
+
const {
|
|
63
|
+
payload
|
|
64
|
+
} = await jwtVerify(token, JWKS, verifyOptions);
|
|
53
65
|
return payload;
|
|
54
66
|
} catch (error) {
|
|
55
67
|
throw new InvalidTokenError(`${error}`);
|
|
@@ -57,9 +69,10 @@ async function validateToken(token, options) {
|
|
|
57
69
|
}
|
|
58
70
|
async function isValidJWT(token, options) {
|
|
59
71
|
try {
|
|
60
|
-
|
|
72
|
+
await validateToken(token, options);
|
|
73
|
+
return true;
|
|
61
74
|
} catch {
|
|
62
|
-
return
|
|
75
|
+
return false;
|
|
63
76
|
}
|
|
64
77
|
}
|
|
65
78
|
function removeTrailingSlash(str) {
|
package/dist/esm/server.mjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["createRemoteJWKSet","jwtVerify","NotAuthenticatedError","Error","InvalidTokenError","getAuthDataFromRequest","authServer","req","tokenOptions","authHeader","headers","get","cookie","split","newHeaders","Headers","set","session","api","getSession","user","id","email","role","err","console","warn","jwtToken","replace","payload","validateToken","userId","sub","token","options","baseUrl","process","env","ONE_SERVER_URL","forceIssuer","FORCE_ISSUER","jwksPath","normalizedBaseUrl","removeTrailingSlash","url","JWKS","URL","verifyOptions","issuer","audience","error","isValidJWT","str"],"sources":["../../src/server.ts"],"sourcesContent":[null],"mappings":"AAMA,SAASA,kBAAA,EAAoBC,SAAA,QAAkC;AAiBxD,MAAMC,qBAAA,SAA8BC,KAAA,CAAM;AAC1C,MAAMC,iBAAA,SAA0BD,KAAA,CAAM;AAiB7C,eAAsBE,uBACpBC,UAAA,EACAC,GAAA,EACAC,YAAA,EAC0B;EAI1B,MAAMC,UAAA,GAAaF,GAAA,CAAIG,OAAA,CAAQC,GAAA,CAAI,eAAe;
|
|
1
|
+
{"version":3,"names":["createRemoteJWKSet","jwtVerify","NotAuthenticatedError","Error","InvalidTokenError","getAuthDataFromRequest","authServer","req","tokenOptions","authHeader","headers","get","cookie","split","newHeaders","Headers","set","session","api","getSession","user","id","email","role","err","console","warn","jwtToken","replace","payload","validateToken","userId","sub","token","options","baseUrl","process","env","ONE_SERVER_URL","forceIssuer","FORCE_ISSUER","jwksPath","normalizedBaseUrl","removeTrailingSlash","url","JWKS","URL","verifyOptions","issuer","audience","error","isValidJWT","str"],"sources":["../../src/server.ts"],"sourcesContent":[null],"mappings":"AAMA,SAASA,kBAAA,EAAoBC,SAAA,QAAkC;AAiBxD,MAAMC,qBAAA,SAA8BC,KAAA,CAAM;AAC1C,MAAMC,iBAAA,SAA0BD,KAAA,CAAM;AAiB7C,eAAsBE,uBACpBC,UAAA,EACAC,GAAA,EACAC,YAAA,EAC0B;EAI1B,MAAMC,UAAA,GAAaF,GAAA,CAAIG,OAAA,CAAQC,GAAA,CAAI,eAAe;EAClD,MAAMC,MAAA,GAASH,UAAA,EAAYI,KAAA,CAAM,SAAS,EAAE,CAAC;EAE7C,MAAMC,UAAA,GAAa,IAAIC,OAAA,CAAQR,GAAA,CAAIG,OAAO;EAC1C,IAAIE,MAAA,EAAQ;IACVE,UAAA,CAAWE,GAAA,CAAI,UAAUJ,MAAM;EACjC;EAGA,IAAI;IACF,MAAMK,OAAA,GAAU,MAAMX,UAAA,CAAWY,GAAA,CAAIC,UAAA,CAAW;MAAET,OAAA,EAASI;IAAW,CAAC;IACvE,IAAIG,OAAA,EAASG,IAAA,EAAM;MACjB,OAAO;QACLC,EAAA,EAAIJ,OAAA,CAAQG,IAAA,CAAKC,EAAA;QACjBC,KAAA,EAAOL,OAAA,CAAQG,IAAA,CAAKE,KAAA,IAAS;QAC7BC,IAAA,EAAMN,OAAA,CAAQG,IAAA,CAAKG,IAAA,KAAS,UAAU,UAAU;MAClD;IACF;EACF,SAASC,GAAA,EAAK;IACZC,OAAA,CAAQC,IAAA,CAAK,4BAA4BF,GAAG;EAE9C;EAIA,MAAMG,QAAA,GAAWlB,UAAA,EAAYmB,OAAA,CAAQ,WAAW,EAAE;EAElD,IAAID,QAAA,EAAU;IACZ,IAAI;MACF,MAAME,OAAA,GAAU,MAAMC,aAAA,CAAcH,QAAA,EAAUnB,YAAY;MAC1D,MAAMuB,MAAA,GAAUF,OAAA,EAAiBR,EAAA,IAAMQ,OAAA,EAASG,GAAA;MAChD,IAAID,MAAA,EAAQ;QACV,OAAO;UACLV,EAAA,EAAIU,MAAA;UACJT,KAAA,EAAQO,OAAA,CAAgBP,KAAA;UACxBC,IAAA,EAAOM,OAAA,CAAgBN,IAAA,KAAS,UAAU,UAAU;QACtD;MACF;IACF,SAASC,GAAA,EAAK;MACZ,IAAI,EAAEA,GAAA,YAAepB,iBAAA,GAAoB;QACvC,MAAMoB,GAAA;MACR;IACF;EACF;EAEA,OAAO;AACT;AAIA,eAAsBM,cACpBG,KAAA,EACAC,OAAA,EACqB;EACrB,MAAM;IACJC,OAAA,GAAUC,OAAA,CAAQC,GAAA,CAAIC,cAAA;IACtBC,WAAA,GAAcH,OAAA,CAAQC,GAAA,CAAIG,YAAA,IAAgB;IAC1CC,QAAA,GAAW;EACb,IAAIP,OAAA,IAAW,CAAC;EAEhB,IAAI,CAACC,OAAA,EAAS;IACZ,MAAM,IAAIhC,KAAA,CAAM,aAAa;EAC/B;EAEA,MAAMuC,iBAAA,GAAoBC,mBAAA,CAAoBR,OAAO;EACrD,MAAMS,GAAA,GAAM,GAAGL,WAAA,IAAeG,iBAAiB,GAAGD,QAAQ;EAG1D,MAAMI,IAAA,GAAO7C,kBAAA,CAAmB,IAAI8C,GAAA,CAAIF,GAAG,CAAC;EAE5C,IAAI;IACF,MAAMG,aAAA,GAAgBR,WAAA,GAClB,CAAC,IACD;MACES,MAAA,EAAQN,iBAAA;MACRO,QAAA,EAAUP;IACZ;IAEJ,MAAM;MAAEb;IAAQ,IAAI,MAAM5B,SAAA,CAAUgC,KAAA,EAAOY,IAAA,EAAME,aAAa;IAE9D,OAAOlB,OAAA;EACT,SAASqB,KAAA,EAAO;IACd,MAAM,IAAI9C,iBAAA,CAAkB,GAAG8C,KAAK,EAAE;EACxC;AACF;AAEA,eAAsBC,WACpBlB,KAAA,EACAC,OAAA,EACkB;EAClB,IAAI;IACF,MAAMJ,aAAA,CAAcG,KAAA,EAAOC,OAAO;IAClC,OAAO;EACT,QAAQ;IACN,OAAO;EACT;AACF;AAEA,SAASS,oBAAoBS,GAAA,EAAa;EACxC,OAAOA,GAAA,CAAIxB,OAAA,CAAQ,OAAO,EAAE;AAC9B","ignoreList":[]}
|