@tekcify/auth-backend 2.2.9 → 2.2.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/security.d.ts +27 -3
- package/dist/security.d.ts.map +1 -1
- package/dist/security.js +56 -2
- package/package.json +1 -1
package/dist/security.d.ts
CHANGED
|
@@ -11,7 +11,8 @@ export interface AuthMethodsResponse {
|
|
|
11
11
|
oauthProviders: string[];
|
|
12
12
|
}
|
|
13
13
|
export interface SetupMfaDto {
|
|
14
|
-
password
|
|
14
|
+
password?: string;
|
|
15
|
+
sensitiveActionToken?: string;
|
|
15
16
|
}
|
|
16
17
|
export interface SetupMfaResponse {
|
|
17
18
|
secret: string;
|
|
@@ -22,11 +23,13 @@ export interface VerifyMfaSetupDto {
|
|
|
22
23
|
code: string;
|
|
23
24
|
}
|
|
24
25
|
export interface DisableMfaDto {
|
|
25
|
-
password
|
|
26
|
+
password?: string;
|
|
27
|
+
sensitiveActionToken?: string;
|
|
26
28
|
mfaCode: string;
|
|
27
29
|
}
|
|
28
30
|
export interface RegenerateBackupCodesDto {
|
|
29
|
-
password
|
|
31
|
+
password?: string;
|
|
32
|
+
sensitiveActionToken?: string;
|
|
30
33
|
mfaCode: string;
|
|
31
34
|
}
|
|
32
35
|
export interface BackupCodesResponse {
|
|
@@ -149,4 +152,25 @@ export interface SecurityActivitiesQuery {
|
|
|
149
152
|
}
|
|
150
153
|
export declare function getSecurityActivities(accessToken: string, query?: SecurityActivitiesQuery): Promise<SecurityActivitiesResponse>;
|
|
151
154
|
export declare function disconnectSocialProvider(accessToken: string, provider: string): Promise<void>;
|
|
155
|
+
export interface VerificationMethods {
|
|
156
|
+
password?: boolean;
|
|
157
|
+
oauthProviders?: Array<{
|
|
158
|
+
provider: string;
|
|
159
|
+
reauthUrl: string;
|
|
160
|
+
}>;
|
|
161
|
+
email?: {
|
|
162
|
+
available: boolean;
|
|
163
|
+
};
|
|
164
|
+
}
|
|
165
|
+
export interface InitiateSensitiveActionResponse {
|
|
166
|
+
verificationMethods: VerificationMethods;
|
|
167
|
+
requiresVerification: boolean;
|
|
168
|
+
}
|
|
169
|
+
export declare function initiateSensitiveAction(accessToken: string, action: string): Promise<InitiateSensitiveActionResponse>;
|
|
170
|
+
export declare function sendSensitiveActionCode(accessToken: string, action: string): Promise<{
|
|
171
|
+
message: string;
|
|
172
|
+
}>;
|
|
173
|
+
export declare function verifySensitiveActionCode(accessToken: string, action: string, code: string): Promise<{
|
|
174
|
+
token: string;
|
|
175
|
+
}>;
|
|
152
176
|
//# sourceMappingURL=security.d.ts.map
|
package/dist/security.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../src/security.ts"],"names":[],"mappings":"AAmBA,MAAM,WAAW,iBAAiB;IAChC,eAAe,EAAE,MAAM,CAAC;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,cAAc;IAC7B,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,mBAAmB;IAClC,WAAW,EAAE,OAAO,CAAC;IACrB,cAAc,EAAE,MAAM,EAAE,CAAC;CAC1B;AAED,MAAM,WAAW,WAAW;IAC1B,QAAQ,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../src/security.ts"],"names":[],"mappings":"AAmBA,MAAM,WAAW,iBAAiB;IAChC,eAAe,EAAE,MAAM,CAAC;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,cAAc;IAC7B,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,mBAAmB;IAClC,WAAW,EAAE,OAAO,CAAC;IACrB,cAAc,EAAE,MAAM,EAAE,CAAC;CAC1B;AAED,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,oBAAoB,CAAC,EAAE,MAAM,CAAC;CAC/B;AAED,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB;AAED,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,mBAAmB;IAClC,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB;AAED,MAAM,WAAW,0BAA0B;IACzC,OAAO,EAAE;QACP,SAAS,EAAE,MAAM,CAAC;QAClB,EAAE,EAAE;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,EAAE,EAAE,MAAM,CAAA;SAAE,CAAC;QACjC,IAAI,EAAE;YAAE,EAAE,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAC;YAAC,WAAW,EAAE,MAAM,CAAA;SAAE,CAAC;QACxD,gBAAgB,EAAE,KAAK,CAAC;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QACvD,OAAO,EAAE,MAAM,CAAC;QAChB,WAAW,EAAE,MAAM,CAAC;QACpB,sBAAsB,EAAE;YACtB,uBAAuB,EAAE,MAAM,CAAC;YAChC,gBAAgB,EAAE,MAAM,CAAC;YACzB,kBAAkB,EAAE,OAAO,CAAC;SAC7B,CAAC;QACF,kBAAkB,EAAE,KAAK,CAAC;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,EAAE,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;KACzD,CAAC;IACF,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,kBAAkB;IACjC,UAAU,EAAE;QACV,EAAE,EAAE,MAAM,CAAC;QACX,KAAK,EAAE,MAAM,CAAC;QACd,QAAQ,EAAE;YACR,cAAc,EAAE,MAAM,CAAC;YACvB,iBAAiB,EAAE,MAAM,CAAC;SAC3B,CAAC;QACF,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IACF,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,YAAY,EAAE,MAAM,CAAC;IACrB,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;CAC3B;AAED,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,eAAe,EAAE,MAAM,CAAC;IACxB,eAAe,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,OAAO,EAAE,CAAC;CACrB;AAED,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,wBAAsB,cAAc,CAClC,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,mBAAmB,CAAC,CAsB9B;AAED,wBAAsB,mBAAmB,CACvC,WAAW,EAAE,MAAM,EACnB,GAAG,EAAE,iBAAiB,GAAG,cAAc,GACtC,OAAO,CAAC;IAAE,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,CAuB9B;AAED,wBAAsB,cAAc,CAClC,WAAW,EAAE,MAAM,EACnB,GAAG,EAAE,iBAAiB,GACrB,OAAO,CAAC,IAAI,CAAC,CAqBf;AAED,wBAAsB,QAAQ,CAC5B,WAAW,EAAE,MAAM,EACnB,GAAG,EAAE,WAAW,GACf,OAAO,CAAC,gBAAgB,CAAC,CAuB3B;AAED,wBAAsB,cAAc,CAClC,WAAW,EAAE,MAAM,EACnB,GAAG,EAAE,iBAAiB,GACrB,OAAO,CAAC,IAAI,CAAC,CAqBf;AAED,wBAAsB,UAAU,CAC9B,WAAW,EAAE,MAAM,EACnB,GAAG,EAAE,aAAa,GACjB,OAAO,CAAC,IAAI,CAAC,CAqBf;AAED,wBAAsB,qBAAqB,CACzC,WAAW,EAAE,MAAM,EACnB,GAAG,EAAE,wBAAwB,GAC5B,OAAO,CAAC,mBAAmB,CAAC,CA0B9B;AAED,wBAAsB,6BAA6B,CACjD,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,0BAA0B,CAAC,CA0BrC;AAED,wBAAsB,eAAe,CACnC,WAAW,EAAE,MAAM,EACnB,GAAG,EAAE,kBAAkB,GACtB,OAAO,CAAC,OAAO,CAAC,CAuBlB;AAED,wBAAsB,YAAY,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,CAsB1E;AAED,wBAAsB,aAAa,CACjC,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,IAAI,CAAC,CAuBf;AAED,wBAAsB,aAAa,CACjC,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,MAAM,EACpB,GAAG,EAAE,gBAAgB,GACpB,OAAO,CAAC,OAAO,CAAC,CA0BlB;AAED,wBAAsB,YAAY,CAChC,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,gBAAgB,CAAC,CAsB3B;AAED,wBAAsB,aAAa,CACjC,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,IAAI,CAAC,CAuBf;AAED,wBAAsB,iBAAiB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAoB1E;AAED,wBAAsB,MAAM,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAoB/D;AAED,wBAAsB,mBAAmB,CACvC,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,cAAc,EAAE,CAAC,CAsB3B;AAED,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,OAAO,EAAE,OAAO,GAAG,IAAI,CAAC;IACxB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IACzC,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,0BAA0B;IACzC,UAAU,EAAE,oBAAoB,EAAE,CAAC;IACnC,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,uBAAuB;IACtC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,wBAAsB,qBAAqB,CACzC,WAAW,EAAE,MAAM,EACnB,KAAK,GAAE,uBAA4B,GAClC,OAAO,CAAC,0BAA0B,CAAC,CA4BrC;AAED,wBAAsB,wBAAwB,CAC5C,WAAW,EAAE,MAAM,EACnB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,IAAI,CAAC,CAuBf;AAED,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,cAAc,CAAC,EAAE,KAAK,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAChE,KAAK,CAAC,EAAE;QAAE,SAAS,EAAE,OAAO,CAAA;KAAE,CAAC;CAChC;AAED,MAAM,WAAW,+BAA+B;IAC9C,mBAAmB,EAAE,mBAAmB,CAAC;IACzC,oBAAoB,EAAE,OAAO,CAAC;CAC/B;AAED,wBAAsB,uBAAuB,CAC3C,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,+BAA+B,CAAC,CA0B1C;AAED,wBAAsB,uBAAuB,CAC3C,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC;IAAE,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,CA0B9B;AAED,wBAAsB,yBAAyB,CAC7C,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,GACX,OAAO,CAAC;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC,CA0B5B"}
|
package/dist/security.js
CHANGED
|
@@ -19,6 +19,9 @@ exports.logout = logout;
|
|
|
19
19
|
exports.listSocialProviders = listSocialProviders;
|
|
20
20
|
exports.getSecurityActivities = getSecurityActivities;
|
|
21
21
|
exports.disconnectSocialProvider = disconnectSocialProvider;
|
|
22
|
+
exports.initiateSensitiveAction = initiateSensitiveAction;
|
|
23
|
+
exports.sendSensitiveActionCode = sendSensitiveActionCode;
|
|
24
|
+
exports.verifySensitiveActionCode = verifySensitiveActionCode;
|
|
22
25
|
const AUTH_SERVER_URL = 'https://auth-api.tekcify.com';
|
|
23
26
|
function extractErrorMessage(error, fallback) {
|
|
24
27
|
if (error &&
|
|
@@ -31,7 +34,7 @@ function extractErrorMessage(error, fallback) {
|
|
|
31
34
|
return fallback;
|
|
32
35
|
}
|
|
33
36
|
async function getAuthMethods(accessToken) {
|
|
34
|
-
const response = await fetch(`${AUTH_SERVER_URL}/api/auth/password/auth-methods`, {
|
|
37
|
+
const response = await fetch(`${AUTH_SERVER_URL}/api/auth/account/password/auth-methods`, {
|
|
35
38
|
method: 'GET',
|
|
36
39
|
headers: {
|
|
37
40
|
Authorization: `Bearer ${accessToken}`,
|
|
@@ -47,7 +50,7 @@ async function getAuthMethods(accessToken) {
|
|
|
47
50
|
return response.json();
|
|
48
51
|
}
|
|
49
52
|
async function setOrChangePassword(accessToken, dto) {
|
|
50
|
-
const response = await fetch(`${AUTH_SERVER_URL}/api/auth/password/set-or-change`, {
|
|
53
|
+
const response = await fetch(`${AUTH_SERVER_URL}/api/auth/account/password/set-or-change`, {
|
|
51
54
|
method: 'POST',
|
|
52
55
|
headers: {
|
|
53
56
|
Authorization: `Bearer ${accessToken}`,
|
|
@@ -343,3 +346,54 @@ async function disconnectSocialProvider(accessToken, provider) {
|
|
|
343
346
|
throw new Error(extractErrorMessage(error, `Failed to disconnect social provider: ${response.statusText} (Status: ${response.status})`));
|
|
344
347
|
}
|
|
345
348
|
}
|
|
349
|
+
async function initiateSensitiveAction(accessToken, action) {
|
|
350
|
+
const response = await fetch(`${AUTH_SERVER_URL}/api/auth/account/sensitive-action/initiate`, {
|
|
351
|
+
method: 'POST',
|
|
352
|
+
headers: {
|
|
353
|
+
Authorization: `Bearer ${accessToken}`,
|
|
354
|
+
'Content-Type': 'application/json',
|
|
355
|
+
},
|
|
356
|
+
body: JSON.stringify({ action }),
|
|
357
|
+
});
|
|
358
|
+
if (!response.ok) {
|
|
359
|
+
const error = (await response
|
|
360
|
+
.json()
|
|
361
|
+
.catch(() => ({ message: response.statusText })));
|
|
362
|
+
throw new Error(extractErrorMessage(error, `Failed to initiate sensitive action: ${response.statusText} (Status: ${response.status})`));
|
|
363
|
+
}
|
|
364
|
+
return response.json();
|
|
365
|
+
}
|
|
366
|
+
async function sendSensitiveActionCode(accessToken, action) {
|
|
367
|
+
const response = await fetch(`${AUTH_SERVER_URL}/api/auth/account/sensitive-action/send-code`, {
|
|
368
|
+
method: 'POST',
|
|
369
|
+
headers: {
|
|
370
|
+
Authorization: `Bearer ${accessToken}`,
|
|
371
|
+
'Content-Type': 'application/json',
|
|
372
|
+
},
|
|
373
|
+
body: JSON.stringify({ action }),
|
|
374
|
+
});
|
|
375
|
+
if (!response.ok) {
|
|
376
|
+
const error = (await response
|
|
377
|
+
.json()
|
|
378
|
+
.catch(() => ({ message: response.statusText })));
|
|
379
|
+
throw new Error(extractErrorMessage(error, `Failed to send sensitive action code: ${response.statusText} (Status: ${response.status})`));
|
|
380
|
+
}
|
|
381
|
+
return response.json();
|
|
382
|
+
}
|
|
383
|
+
async function verifySensitiveActionCode(accessToken, action, code) {
|
|
384
|
+
const response = await fetch(`${AUTH_SERVER_URL}/api/auth/account/sensitive-action/verify-code`, {
|
|
385
|
+
method: 'POST',
|
|
386
|
+
headers: {
|
|
387
|
+
Authorization: `Bearer ${accessToken}`,
|
|
388
|
+
'Content-Type': 'application/json',
|
|
389
|
+
},
|
|
390
|
+
body: JSON.stringify({ action, code }),
|
|
391
|
+
});
|
|
392
|
+
if (!response.ok) {
|
|
393
|
+
const error = (await response
|
|
394
|
+
.json()
|
|
395
|
+
.catch(() => ({ message: response.statusText })));
|
|
396
|
+
throw new Error(extractErrorMessage(error, `Failed to verify sensitive action code: ${response.statusText} (Status: ${response.status})`));
|
|
397
|
+
}
|
|
398
|
+
return response.json();
|
|
399
|
+
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@tekcify/auth-backend",
|
|
3
|
-
"version": "2.2.
|
|
3
|
+
"version": "2.2.10",
|
|
4
4
|
"description": "Backend authentication helpers for Tekcify Auth. Provides middleware, guards, and utilities for validating JWT tokens and protecting API routes in NestJS and Express applications.",
|
|
5
5
|
"author": "Tekcify",
|
|
6
6
|
"main": "./dist/index.js",
|