npm - @technomoron/api-server-base - Versions diffs - 1.1.13 → 2.0.0-beta.10 - Mend

@technomoron/api-server-base 1.1.13 → 2.0.0-beta.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (116) hide show

package/README.txt +25 -2
package/dist/cjs/api-server-base.cjs +448 -111
package/dist/cjs/api-server-base.d.ts +91 -34
package/dist/cjs/auth-api/auth-module.d.ts +105 -0
package/dist/cjs/auth-api/auth-module.js +1180 -0
package/dist/cjs/auth-api/compat-auth-storage.d.ts +57 -0
package/dist/cjs/auth-api/compat-auth-storage.js +128 -0
package/dist/cjs/auth-api/mem-auth-store.d.ts +68 -0
package/dist/cjs/auth-api/mem-auth-store.js +141 -0
package/dist/cjs/{auth-module.d.ts → auth-api/module.d.ts} +7 -7
package/dist/cjs/{auth-module.cjs → auth-api/module.js} +1 -1
package/dist/cjs/auth-api/sql-auth-store.d.ts +77 -0
package/dist/cjs/auth-api/sql-auth-store.js +172 -0
package/dist/cjs/auth-api/storage.d.ts +38 -0
package/dist/cjs/{auth-storage.cjs → auth-api/storage.js} +17 -7
package/dist/cjs/auth-api/types.d.ts +34 -0
package/dist/cjs/auth-api/types.js +2 -0
package/dist/cjs/index.cjs +41 -7
package/dist/cjs/index.d.ts +29 -5
package/dist/cjs/oauth/base.d.ts +10 -0
package/dist/cjs/oauth/base.js +6 -0
package/dist/cjs/oauth/memory.d.ts +16 -0
package/dist/cjs/oauth/memory.js +99 -0
package/dist/cjs/oauth/models.d.ts +45 -0
package/dist/cjs/oauth/models.js +58 -0
package/dist/cjs/oauth/sequelize.d.ts +68 -0
package/dist/cjs/oauth/sequelize.js +210 -0
package/dist/cjs/oauth/types.d.ts +50 -0
package/dist/cjs/oauth/types.js +3 -0
package/dist/cjs/passkey/base.d.ts +16 -0
package/dist/cjs/passkey/base.js +6 -0
package/dist/cjs/passkey/memory.d.ts +27 -0
package/dist/cjs/passkey/memory.js +86 -0
package/dist/cjs/passkey/models.d.ts +25 -0
package/dist/cjs/passkey/models.js +115 -0
package/dist/cjs/passkey/sequelize.d.ts +55 -0
package/dist/cjs/passkey/sequelize.js +220 -0
package/dist/cjs/passkey/service.d.ts +20 -0
package/dist/cjs/passkey/service.js +356 -0
package/dist/cjs/passkey/types.d.ts +78 -0
package/dist/cjs/passkey/types.js +2 -0
package/dist/cjs/token/base.d.ts +38 -0
package/dist/cjs/token/base.js +114 -0
package/dist/cjs/token/memory.d.ts +19 -0
package/dist/cjs/token/memory.js +149 -0
package/dist/cjs/token/sequelize.d.ts +58 -0
package/dist/cjs/token/sequelize.js +404 -0
package/dist/cjs/token/types.d.ts +27 -0
package/dist/cjs/token/types.js +2 -0
package/dist/cjs/user/base.d.ts +26 -0
package/dist/cjs/user/base.js +45 -0
package/dist/cjs/user/memory.d.ts +35 -0
package/dist/cjs/user/memory.js +173 -0
package/dist/cjs/user/sequelize.d.ts +41 -0
package/dist/cjs/user/sequelize.js +182 -0
package/dist/cjs/user/types.d.ts +11 -0
package/dist/cjs/user/types.js +2 -0
package/dist/esm/api-server-base.d.ts +91 -34
package/dist/esm/api-server-base.js +447 -110
package/dist/esm/auth-api/auth-module.d.ts +105 -0
package/dist/esm/auth-api/auth-module.js +1178 -0
package/dist/esm/auth-api/compat-auth-storage.d.ts +57 -0
package/dist/esm/auth-api/compat-auth-storage.js +124 -0
package/dist/esm/auth-api/mem-auth-store.d.ts +68 -0
package/dist/esm/auth-api/mem-auth-store.js +137 -0
package/dist/esm/{auth-module.d.ts → auth-api/module.d.ts} +7 -7
package/dist/esm/{auth-module.js → auth-api/module.js} +1 -1
package/dist/esm/auth-api/sql-auth-store.d.ts +77 -0
package/dist/esm/auth-api/sql-auth-store.js +168 -0
package/dist/esm/auth-api/storage.d.ts +38 -0
package/dist/esm/{auth-storage.js → auth-api/storage.js} +15 -5
package/dist/esm/auth-api/types.d.ts +34 -0
package/dist/esm/auth-api/types.js +1 -0
package/dist/esm/index.d.ts +29 -5
package/dist/esm/index.js +19 -2
package/dist/esm/oauth/base.d.ts +10 -0
package/dist/esm/oauth/base.js +2 -0
package/dist/esm/oauth/memory.d.ts +16 -0
package/dist/esm/oauth/memory.js +92 -0
package/dist/esm/oauth/models.d.ts +45 -0
package/dist/esm/oauth/models.js +51 -0
package/dist/esm/oauth/sequelize.d.ts +68 -0
package/dist/esm/oauth/sequelize.js +199 -0
package/dist/esm/oauth/types.d.ts +50 -0
package/dist/esm/oauth/types.js +2 -0
package/dist/esm/passkey/base.d.ts +16 -0
package/dist/esm/passkey/base.js +2 -0
package/dist/esm/passkey/memory.d.ts +27 -0
package/dist/esm/passkey/memory.js +82 -0
package/dist/esm/passkey/models.d.ts +25 -0
package/dist/esm/passkey/models.js +108 -0
package/dist/esm/passkey/sequelize.d.ts +55 -0
package/dist/esm/passkey/sequelize.js +216 -0
package/dist/esm/passkey/service.d.ts +20 -0
package/dist/esm/passkey/service.js +319 -0
package/dist/esm/passkey/types.d.ts +78 -0
package/dist/esm/passkey/types.js +1 -0
package/dist/esm/token/base.d.ts +38 -0
package/dist/esm/token/base.js +107 -0
package/dist/esm/token/memory.d.ts +19 -0
package/dist/esm/token/memory.js +145 -0
package/dist/esm/token/sequelize.d.ts +58 -0
package/dist/esm/token/sequelize.js +400 -0
package/dist/esm/token/types.d.ts +27 -0
package/dist/esm/token/types.js +1 -0
package/dist/esm/user/base.d.ts +26 -0
package/dist/esm/user/base.js +38 -0
package/dist/esm/user/memory.d.ts +35 -0
package/dist/esm/user/memory.js +169 -0
package/dist/esm/user/sequelize.d.ts +41 -0
package/dist/esm/user/sequelize.js +176 -0
package/dist/esm/user/types.d.ts +11 -0
package/dist/esm/user/types.js +1 -0
package/package.json +13 -3
package/dist/cjs/auth-storage.d.ts +0 -133
package/dist/esm/auth-storage.d.ts +0 -133

package/dist/cjs/token/sequelize.js ADDED Viewed

@@ -0,0 +1,404 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SequelizeTokenStore = void 0;
+const sequelize_1 = require("sequelize");
+const base_js_1 = require("./base.js");
+const DIALECTS_SUPPORTING_UNSIGNED = new Set(['mysql', 'mariadb']);
+class TokenModel extends sequelize_1.Model {
+}
+function tokenTableOptions(sequelize) {
+    const opts = {
+        sequelize,
+        tableName: 'jwttokens',
+        timestamps: false
+    };
+    if (DIALECTS_SUPPORTING_UNSIGNED.has(sequelize.getDialect())) {
+        opts.charset = 'utf8mb4';
+        opts.collate = 'utf8mb4_unicode_ci';
+    }
+    return opts;
+}
+function initTokenModel(sequelize) {
+    TokenModel.init({
+        token_id: {
+            type: DIALECTS_SUPPORTING_UNSIGNED.has(sequelize.getDialect())
+                ? sequelize_1.DataTypes.INTEGER.UNSIGNED
+                : sequelize_1.DataTypes.INTEGER,
+            autoIncrement: true,
+            allowNull: false,
+            primaryKey: true
+        },
+        user_id: {
+            type: sequelize_1.DataTypes.STRING(191),
+            allowNull: false
+        },
+        real_user_id: {
+            type: sequelize_1.DataTypes.STRING(191),
+            allowNull: true,
+            defaultValue: null
+        },
+        expires: {
+            type: sequelize_1.DataTypes.DATE,
+            allowNull: false
+        },
+        issued_at: {
+            type: sequelize_1.DataTypes.DATE,
+            allowNull: false,
+            defaultValue: sequelize_1.DataTypes.NOW
+        },
+        last_seen_at: {
+            type: sequelize_1.DataTypes.DATE,
+            allowNull: false,
+            defaultValue: sequelize_1.DataTypes.NOW
+        },
+        access: {
+            type: sequelize_1.DataTypes.STRING(512),
+            allowNull: false
+        },
+        refresh: {
+            type: sequelize_1.DataTypes.STRING(512),
+            allowNull: false
+        },
+        domain: {
+            type: sequelize_1.DataTypes.STRING(64),
+            allowNull: false,
+            defaultValue: ''
+        },
+        fingerprint: {
+            type: sequelize_1.DataTypes.STRING(64),
+            allowNull: false,
+            defaultValue: ''
+        },
+        label: {
+            type: sequelize_1.DataTypes.STRING(128),
+            allowNull: false,
+            defaultValue: ''
+        },
+        browser: {
+            type: sequelize_1.DataTypes.STRING(64),
+            allowNull: false,
+            defaultValue: ''
+        },
+        device: {
+            type: sequelize_1.DataTypes.STRING(64),
+            allowNull: false,
+            defaultValue: ''
+        },
+        ip: {
+            type: sequelize_1.DataTypes.STRING(45),
+            allowNull: false,
+            defaultValue: ''
+        },
+        os: {
+            type: sequelize_1.DataTypes.STRING(64),
+            allowNull: false,
+            defaultValue: ''
+        },
+        login_type: {
+            type: sequelize_1.DataTypes.STRING(64),
+            allowNull: false,
+            defaultValue: ''
+        },
+        refresh_ttl_seconds: {
+            type: sequelize_1.DataTypes.INTEGER,
+            allowNull: true,
+            defaultValue: null
+        },
+        session_cookie: {
+            type: sequelize_1.DataTypes.BOOLEAN,
+            allowNull: false,
+            defaultValue: false
+        },
+        client_id: {
+            type: sequelize_1.DataTypes.STRING(128),
+            allowNull: true,
+            defaultValue: null
+        },
+        scope: {
+            type: sequelize_1.DataTypes.TEXT,
+            allowNull: false,
+            defaultValue: '[]'
+        }
+    }, {
+        ...tokenTableOptions(sequelize),
+        indexes: [
+            { name: 'jwt_access_unique', unique: true, fields: ['access'] },
+            { name: 'jwt_refresh_unique', unique: true, fields: ['refresh'] }
+        ]
+    });
+    return TokenModel;
+}
+class SequelizeTokenStore extends base_js_1.TokenStore {
+    constructor(options) {
+        super();
+        if (!options?.sequelize) {
+            throw new Error('SequelizeTokenStore requires an initialised Sequelize instance');
+        }
+        this.Tokens = options.tokenModel ?? (options.tokenModelFactory ?? initTokenModel)(options.sequelize);
+    }
+    async save(record) {
+        const normalized = this.normalizeToken(record);
+        const resolvedUserId = this.normalizeUserId(normalized.userId);
+        const resolvedRealUserId = this.resolveRealUserId(normalized.ruid);
+        const domain = normalized.domain;
+        const fingerprint = normalized.fingerprint;
+        const browser = normalized.browser;
+        const device = normalized.device;
+        const ip = normalized.ip;
+        const os = normalized.os;
+        const label = normalized.label;
+        const loginType = normalized.loginType ?? '';
+        const refreshTtlSeconds = typeof normalized.refreshTtlSeconds === 'number' && normalized.refreshTtlSeconds > 0
+            ? Math.floor(normalized.refreshTtlSeconds)
+            : null;
+        const issuedAt = normalized.issuedAt ?? new Date();
+        const lastSeenAt = normalized.lastSeenAt ?? issuedAt;
+        const sessionCookie = normalized.sessionCookie ?? false;
+        const removalWhere = { user_id: resolvedUserId };
+        if (normalized.domain !== undefined && record.domain !== undefined) {
+            removalWhere.domain = domain;
+        }
+        if (normalized.fingerprint !== undefined && record.fingerprint !== undefined) {
+            removalWhere.fingerprint = fingerprint;
+        }
+        if (normalized.clientId) {
+            removalWhere.client_id = normalized.clientId;
+        }
+        await this.Tokens.destroy({ where: removalWhere });
+        await this.Tokens.create({
+            user_id: resolvedUserId,
+            real_user_id: resolvedRealUserId,
+            access: normalized.accessToken ?? '',
+            refresh: normalized.refreshToken,
+            expires: normalized.expires,
+            issued_at: issuedAt,
+            last_seen_at: lastSeenAt,
+            domain,
+            fingerprint,
+            label,
+            browser,
+            device,
+            ip,
+            os,
+            client_id: normalized.clientId ?? null,
+            scope: this.encodeScope(normalized.scope),
+            login_type: loginType,
+            refresh_ttl_seconds: refreshTtlSeconds,
+            session_cookie: sessionCookie
+        });
+    }
+    async get(query, opts) {
+        if (!query.refreshToken && !query.accessToken && query.userId === undefined) {
+            throw new Error('At least one token lookup field must be provided');
+        }
+        const where = {};
+        if (query.refreshToken) {
+            where.refresh = query.refreshToken;
+        }
+        if (query.accessToken) {
+            where.access = query.accessToken;
+        }
+        if (query.userId !== undefined) {
+            where.user_id = this.normalizeUserId(query.userId);
+        }
+        if (query.clientId) {
+            where.client_id = query.clientId;
+        }
+        if (query.domain !== undefined && query.domain !== null) {
+            where.domain = query.domain;
+        }
+        if (query.fingerprint !== undefined && query.fingerprint !== null) {
+            where.fingerprint = query.fingerprint;
+        }
+        if (query.label) {
+            where.label = query.label;
+        }
+        if (!(opts?.includeExpired ?? false)) {
+            where.expires = { [sequelize_1.Op.gt]: new Date() };
+        }
+        const model = await this.Tokens.findOne({ where });
+        return model ? this.toTokenRecord(model) : null;
+    }
+    async delete(query) {
+        if (!query.refreshToken && !query.accessToken && query.userId === undefined && !query.clientId) {
+            return 0;
+        }
+        const where = {};
+        if (query.refreshToken) {
+            where.refresh = query.refreshToken;
+        }
+        if (query.accessToken) {
+            where.access = query.accessToken;
+        }
+        if (query.userId !== undefined) {
+            where.user_id = this.normalizeUserId(query.userId);
+        }
+        if (query.clientId) {
+            where.client_id = query.clientId;
+        }
+        if (query.domain !== undefined && query.domain !== null) {
+            where.domain = query.domain;
+        }
+        if (query.fingerprint !== undefined && query.fingerprint !== null) {
+            where.fingerprint = query.fingerprint;
+        }
+        if (query.label) {
+            where.label = query.label;
+        }
+        return this.Tokens.destroy({ where });
+    }
+    async update(params) {
+        const where = { refresh: params.refreshToken };
+        if (params.clientId) {
+            where.client_id = params.clientId;
+        }
+        const updates = {};
+        if (params.accessToken !== undefined) {
+            updates.access = params.accessToken ?? null;
+        }
+        if (params.expires !== undefined) {
+            updates.expires = params.expires ?? null;
+        }
+        if (params.scope !== undefined) {
+            updates.scope = this.encodeScope(params.scope);
+        }
+        if (params.label !== undefined) {
+            updates.label = params.label ?? '';
+        }
+        if (params.domain !== undefined) {
+            updates.domain = params.domain ?? '';
+        }
+        if (params.fingerprint !== undefined) {
+            updates.fingerprint = params.fingerprint ?? '';
+        }
+        if (params.browser !== undefined) {
+            updates.browser = params.browser ?? '';
+        }
+        if (params.device !== undefined) {
+            updates.device = params.device ?? '';
+        }
+        if (params.ip !== undefined) {
+            updates.ip = params.ip ?? '';
+        }
+        if (params.os !== undefined) {
+            updates.os = params.os ?? '';
+        }
+        if (params.refreshTtlSeconds !== undefined) {
+            updates.refresh_ttl_seconds =
+                typeof params.refreshTtlSeconds === 'number' && params.refreshTtlSeconds > 0
+                    ? Math.floor(params.refreshTtlSeconds)
+                    : null;
+        }
+        if (params.loginType !== undefined) {
+            updates.login_type = params.loginType ?? '';
+        }
+        if (params.sessionCookie !== undefined) {
+            updates.session_cookie = params.sessionCookie;
+        }
+        if (params.issuedAt !== undefined) {
+            updates.issued_at = params.issuedAt ?? null;
+        }
+        if (params.lastSeenAt !== undefined) {
+            updates.last_seen_at = params.lastSeenAt ?? null;
+        }
+        if (Object.keys(updates).length === 0) {
+            return false;
+        }
+        const [updated] = await this.Tokens.update(updates, { where });
+        return updated > 0;
+    }
+    async list(userId, opts = {}) {
+        const where = { user_id: this.normalizeUserId(userId) };
+        if (!(opts.includeExpired ?? false)) {
+            where.expires = { [sequelize_1.Op.gt]: new Date() };
+        }
+        const models = await this.Tokens.findAll({
+            where,
+            order: [['issued_at', 'DESC']],
+            limit: opts.limit,
+            offset: opts.offset
+        });
+        return models.map((model) => this.toTokenRecord(model));
+    }
+    async close() {
+        return;
+    }
+    normalizeUserId(identifier) {
+        if (identifier === undefined || identifier === null) {
+            throw new Error(`Unable to normalise user identifier: ${identifier}`);
+        }
+        return String(identifier);
+    }
+    resolveRealUserId(ruid) {
+        if (ruid === undefined || ruid === null) {
+            return null;
+        }
+        const value = String(ruid);
+        if (value.length === 0 || value === '0') {
+            return null;
+        }
+        return value;
+    }
+    encodeStringArray(values) {
+        return JSON.stringify(values ?? []);
+    }
+    decodeStringArray(raw) {
+        if (!raw) {
+            return [];
+        }
+        try {
+            const parsed = JSON.parse(raw);
+            if (Array.isArray(parsed)) {
+                return parsed.filter((entry) => typeof entry === 'string' && entry.length > 0);
+            }
+        }
+        catch {
+            // ignore malformed values
+        }
+        return raw
+            .split(/\s+/)
+            .map((entry) => entry.trim())
+            .filter((entry) => entry.length > 0);
+    }
+    encodeScope(scope) {
+        if (!scope || (Array.isArray(scope) && scope.length === 0)) {
+            return '[]';
+        }
+        if (Array.isArray(scope)) {
+            return this.encodeStringArray(scope);
+        }
+        return this.encodeStringArray(scope.split(/\s+/).filter((entry) => entry.length > 0));
+    }
+    decodeScope(raw) {
+        return this.decodeStringArray(raw);
+    }
+    toTokenRecord(model) {
+        const scope = this.decodeScope(model.scope);
+        const normalized = this.normalizeToken({
+            userId: model.user_id,
+            refreshToken: model.refresh,
+            accessToken: model.access,
+            expires: model.expires,
+            issuedAt: model.issued_at,
+            lastSeenAt: model.last_seen_at,
+            domain: model.domain,
+            fingerprint: model.fingerprint,
+            label: model.label,
+            browser: model.browser,
+            device: model.device,
+            ip: model.ip,
+            os: model.os,
+            clientId: model.client_id ?? undefined,
+            scope,
+            loginType: model.login_type || undefined,
+            refreshTtlSeconds: model.refresh_ttl_seconds ?? undefined,
+            ruid: model.real_user_id ?? undefined,
+            sessionCookie: model.session_cookie
+        });
+        return {
+            ...normalized,
+            scope: normalized.scope ? [...normalized.scope] : undefined
+        };
+    }
+}
+exports.SequelizeTokenStore = SequelizeTokenStore;

package/dist/cjs/token/types.d.ts ADDED Viewed

@@ -0,0 +1,27 @@
+export type TokenStatus = 'active' | 'expired' | 'revoked';
+export interface Token {
+    accessToken: string;
+    refreshToken: string;
+    userId: string;
+    expires?: Date;
+    issuedAt?: Date;
+    lastSeenAt?: Date;
+    status?: TokenStatus;
+    ruid?: string;
+    clientId?: string;
+    domain?: string;
+    fingerprint?: string;
+    label?: string;
+    browser?: string;
+    device?: string;
+    ip?: string;
+    os?: string;
+    scope?: string | string[];
+    loginType?: string;
+    refreshTtlSeconds?: number;
+    sessionCookie?: boolean;
+}
+export interface TokenPair {
+    accessToken: string;
+    refreshToken: string;
+}

package/dist/cjs/token/types.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/dist/cjs/user/base.d.ts ADDED Viewed

@@ -0,0 +1,26 @@
+import type { CreateUserInput, PublicUserMapper, UpdateUserInput } from './types.js';
+import type { AuthIdentifier } from '../auth-api/types.js';
+export declare abstract class UserStore<User, PublicUser> {
+    protected readonly toPublicUser: PublicUserMapper<User, PublicUser>;
+    private readonly bcryptRounds;
+    private readonly bcryptPepper?;
+    constructor(opts?: {
+        toPublic?: PublicUserMapper<User, PublicUser>;
+        bcryptRounds?: number;
+        bcryptPepper?: string;
+    });
+    protected hashPassword(plain: string): Promise<string>;
+    verifyPassword(plain: string, hashed: string): Promise<boolean>;
+    protected normalizeUserInput(input: Partial<CreateUserInput>): CreateUserInput;
+    abstract findUser(identifier: AuthIdentifier | string): Promise<User | null>;
+    abstract findById(id: AuthIdentifier): Promise<User | null>;
+    abstract findByLoginOrEmail(loginOrEmail: string): Promise<User | null>;
+    abstract createUser(input: CreateUserInput): Promise<User>;
+    abstract upsertUser(input: CreateUserInput): Promise<User>;
+    abstract updateUser(id: AuthIdentifier, patch: UpdateUserInput): Promise<User>;
+    abstract setPasswordHash(id: AuthIdentifier, hash: string): Promise<void>;
+    abstract getPasswordHash(user: User): string | null;
+    abstract getUserId(user: User): AuthIdentifier;
+    toPublic(user: User): PublicUser;
+}
+export type { CreateUserInput, UpdateUserInput, PublicUserMapper } from './types.js';

package/dist/cjs/user/base.js ADDED Viewed

@@ -0,0 +1,45 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.UserStore = void 0;
+const bcryptjs_1 = __importDefault(require("bcryptjs"));
+class UserStore {
+    constructor(opts = {}) {
+        this.toPublicUser = opts.toPublic ?? ((u) => u);
+        const rounds = typeof opts.bcryptRounds === 'number' && Number.isFinite(opts.bcryptRounds)
+            ? Math.max(4, Math.floor(opts.bcryptRounds))
+            : 12;
+        this.bcryptRounds = rounds;
+        this.bcryptPepper =
+            typeof opts.bcryptPepper === 'string' && opts.bcryptPepper.length > 0 ? opts.bcryptPepper : undefined;
+    }
+    async hashPassword(plain) {
+        const candidate = this.bcryptPepper ? `${plain}${this.bcryptPepper}` : plain;
+        return bcryptjs_1.default.hash(candidate, this.bcryptRounds);
+    }
+    async verifyPassword(plain, hashed) {
+        const candidate = this.bcryptPepper ? `${plain}${this.bcryptPepper}` : plain;
+        return bcryptjs_1.default.compare(candidate, hashed);
+    }
+    normalizeUserInput(input) {
+        const login = typeof input.login === 'string' ? input.login.trim() : '';
+        const email = typeof input.email === 'string' ? input.email.trim() : '';
+        if (!login || !email) {
+            throw new Error('login and email are required');
+        }
+        const password = typeof input.password === 'string' ? input.password : undefined;
+        return { ...input, login, email, password };
+    }
+    toPublic(user) {
+        const mapped = this.toPublicUser(user);
+        if (mapped && typeof mapped === 'object') {
+            const { password: _password, ...rest } = mapped;
+            void _password;
+            return rest;
+        }
+        return mapped;
+    }
+}
+exports.UserStore = UserStore;

package/dist/cjs/user/memory.d.ts ADDED Viewed

@@ -0,0 +1,35 @@
+import { UserStore } from './base.js';
+import type { CreateUserInput, PublicUserMapper, UpdateUserInput } from './types.js';
+import type { AuthIdentifier } from '../auth-api/types.js';
+export interface MemoryUserAttributes extends Record<string, unknown> {
+    user_id: number;
+    login: string;
+    email: string;
+    password: string;
+}
+export type MemoryPublicUser<UserAttributes extends MemoryUserAttributes = MemoryUserAttributes> = Omit<UserAttributes, 'password'>;
+export interface MemoryUserStoreOptions<UserAttributes extends MemoryUserAttributes = MemoryUserAttributes, PublicUserShape extends Omit<UserAttributes, 'password'> = Omit<UserAttributes, 'password'>> {
+    bcryptRounds?: number;
+    bcryptPepper?: string;
+    toPublic?: PublicUserMapper<UserAttributes, PublicUserShape>;
+    userIdFactory?: () => number;
+    startingUserId?: number;
+}
+export declare class MemoryUserStore<UserAttributes extends MemoryUserAttributes = MemoryUserAttributes, PublicUserShape extends Omit<UserAttributes, 'password'> = Omit<UserAttributes, 'password'>> extends UserStore<UserAttributes, PublicUserShape> {
+    private readonly usersById;
+    private readonly loginToId;
+    private readonly emailToId;
+    private readonly userIdFactory;
+    private nextUserId;
+    constructor(options?: MemoryUserStoreOptions<UserAttributes, PublicUserShape>);
+    findUser(identifier: AuthIdentifier | string): Promise<UserAttributes | null>;
+    findById(id: AuthIdentifier): Promise<UserAttributes | null>;
+    findByLoginOrEmail(loginOrEmail: string): Promise<UserAttributes | null>;
+    createUser(input: CreateUserInput): Promise<UserAttributes>;
+    upsertUser(input: CreateUserInput): Promise<UserAttributes>;
+    updateUser(id: AuthIdentifier, patch: UpdateUserInput): Promise<UserAttributes>;
+    setPasswordHash(id: AuthIdentifier, hash: string): Promise<void>;
+    getPasswordHash(user: UserAttributes): string | null;
+    getUserId(user: UserAttributes): AuthIdentifier;
+    private persistUser;
+}