@tstdl/base 0.93.178 → 0.93.180

package/authentication/authentication.api.js

@@ -1,6 +1,7 @@
 import { defineApi } from '../api/types.js';
-import { assign, boolean, defaulted, emptyObjectSchema, explicitObject, literal, never, number, object, optional, string } from '../schema/index.js';
-import { SecretCheckResult } from './models/secret-check-result.model.js';
+import { array, assign, boolean, defaulted, emptyObjectSchema, explicitObject, literal, never, number, object, optional, pick, string, union } from '../schema/index.js';
+import { AuthenticationSession } from './models/index.js';
+import { PasswordCheckResult } from './models/password-check-result.model.js';
 import { TokenPayloadBase } from './models/token-payload-base.model.js';
 /**
  * Can be provided in {@link ApiEndpointDefinition} data property to signal that the request does not need a valid token.
@@ -13,20 +14,20 @@ export const authenticationApiDefinition = getAuthenticationApiDefinition(emptyO
  * Get authentication REST API definition
  * @param additionalTokenPayloadSchema Schema for additional token payload
  * @param authenticationDataSchema Schema for additional authentication data
- * @param initSecretResetDataSchema Schema for additional secret reset data
+ * @param initPasswordResetDataSchema Schema for additional password reset data
  * @param resource Resource name (default: 'auth')
  * @param additionalEndpoints Additional endpoints to add to the API definition
  * @returns Authentication REST API definition
  * @template AdditionalTokenPayload Type of additional token payload
  * @template AuthenticationData Type of additional authentication data
- * @template AdditionalInitSecretResetData Type of additional secret reset data
+ * @template AdditionalInitPasswordResetData Type of additional password reset data
  * @template AdditionalEndpoints Type of additional endpoints
  */
-export function getAuthenticationApiDefinition(additionalTokenPayloadSchema, authenticationDataSchema, initSecretResetDataSchema, resource, additionalEndpoints) {
+export function getAuthenticationApiDefinition(additionalTokenPayloadSchema, authenticationDataSchema, initPasswordResetDataSchema, resource, additionalEndpoints) {
     return defineApi({
         resource: resource ?? 'auth',
         endpoints: {
-            ...getAuthenticationApiEndpointsDefinition(additionalTokenPayloadSchema, authenticationDataSchema, initSecretResetDataSchema),
+            ...getAuthenticationApiEndpointsDefinition(additionalTokenPayloadSchema, authenticationDataSchema, initPasswordResetDataSchema),
             ...additionalEndpoints,
         },
     });
@@ -35,14 +36,24 @@ export function getAuthenticationApiDefinition(additionalTokenPayloadSchema, aut
  * Get authentication REST API endpoints definition
  * @param additionalTokenPayloadSchema Schema for additional token payload
  * @param authenticationDataSchema Schema for additional authentication data
- * @param additionalInitSecretResetDataSchema Schema for additional secret reset data
+ * @param additionalInitPasswordResetDataSchema Schema for additional password reset data
  * @returns Authentication REST API endpoints definition
  * @template AdditionalTokenPayload Type of additional token payload
  * @template AuthenticationData Type of additional authentication data
- * @template AdditionalInitSecretResetData Type of additional secret reset data
+ * @template AdditionalInitPasswordResetData Type of additional password reset data
  */
-export function getAuthenticationApiEndpointsDefinition(additionalTokenPayloadSchema, authenticationDataSchema, additionalInitSecretResetDataSchema) {
+export function getAuthenticationApiEndpointsDefinition(additionalTokenPayloadSchema, authenticationDataSchema, additionalInitPasswordResetDataSchema) {
     const tokenResultSchema = assign(TokenPayloadBase, additionalTokenPayloadSchema);
+    const loginSuccessResultSchema = object({
+        type: literal('success'),
+        result: tokenResultSchema,
+        lowRecoveryCodesWarning: optional(boolean()),
+    });
+    const loginTotpResultSchema = object({
+        type: literal('totp'),
+        challengeToken: string(),
+    });
+    const loginResultSchema = union(loginSuccessResultSchema, loginTotpResultSchema);
     return {
         login: {
             resource: 'token',
@@ -50,16 +61,100 @@ export function getAuthenticationApiEndpointsDefinition(additionalTokenPayloadSc
             parameters: explicitObject({
                 tenantId: optional(string()),
                 subject: string(),
-                secret: string(),
+                password: string(),
                 remember: defaulted(boolean(), false),
                 data: authenticationDataSchema,
             }),
-            result: tokenResultSchema,
+            result: loginResultSchema,
+            credentials: true,
+            data: {
+                [dontWaitForValidToken]: true,
+            },
+        },
+        loginVerifyTotp: {
+            resource: 'token/verify-totp',
+            method: 'POST',
+            parameters: explicitObject({
+                challengeToken: string(),
+                token: string(),
+            }),
+            result: loginSuccessResultSchema,
+            credentials: true,
+            data: {
+                [dontWaitForValidToken]: true,
+            },
+        },
+        loginRecovery: {
+            resource: 'token/recovery',
+            method: 'POST',
+            parameters: object({
+                challengeToken: string(),
+                recoveryCode: string(),
+            }),
+            result: loginSuccessResultSchema,
             credentials: true,
             data: {
                 [dontWaitForValidToken]: true,
             },
         },
+        initEnrollTotp: {
+            resource: 'totp/enroll/init',
+            method: 'POST',
+            result: object({
+                secret: string(),
+                uri: string(),
+            }),
+            credentials: true,
+        },
+        completeEnrollTotp: {
+            resource: 'totp/enroll/complete',
+            method: 'POST',
+            parameters: object({
+                token: string(),
+            }),
+            result: object({
+                recoveryCodes: array(string()),
+            }),
+            credentials: true,
+        },
+        disableTotp: {
+            resource: 'totp/disable',
+            method: 'POST',
+            parameters: object({
+                token: string(),
+            }),
+            result: literal('ok'),
+            credentials: true,
+        },
+        disableTotpWithRecoveryCode: {
+            resource: 'totp/disable-with-recovery-code',
+            method: 'POST',
+            parameters: object({
+                recoveryCode: string(),
+            }),
+            result: literal('ok'),
+            credentials: true,
+        },
+        regenerateRecoveryCodes: {
+            resource: 'totp/recovery-codes',
+            method: 'POST',
+            parameters: object({
+                token: string(),
+                invalidateOtherSessions: optional(boolean()),
+            }),
+            result: object({
+                recoveryCodes: array(string()),
+            }),
+            credentials: true,
+        },
+        getTotpStatus: {
+            resource: 'totp/status',
+            method: 'GET',
+            result: object({
+                active: boolean(),
+            }),
+            credentials: true,
+        },
         refresh: {
             resource: 'refresh',
             method: 'POST',
@@ -106,44 +201,42 @@ export function getAuthenticationApiEndpointsDefinition(additionalTokenPayloadSc
                 [dontWaitForValidToken]: true,
             },
         },
-        changeSecret: {
-            resource: 'secret/change',
+        changePassword: {
+            resource: 'password/change',
             method: 'POST',
-            parameters: explicitObject({
-                tenantId: optional(string()),
-                subject: string(),
-                currentSecret: string(),
-                newSecret: string(),
+            parameters: object({
+                currentPassword: string(),
+                newPassword: string(),
             }),
             result: literal('ok'),
             credentials: true,
         },
-        initSecretReset: {
-            resource: 'secret/init-reset',
+        initPasswordReset: {
+            resource: 'password/init-reset',
             method: 'POST',
             parameters: explicitObject({
                 tenantId: optional(string()),
                 subject: string(),
-                data: additionalInitSecretResetDataSchema,
+                data: additionalInitPasswordResetDataSchema,
             }),
             result: literal('ok'),
         },
-        resetSecret: {
-            resource: 'secret/reset',
+        resetPassword: {
+            resource: 'password/reset',
             method: 'POST',
             parameters: object({
                 token: string(),
-                newSecret: string(),
+                newPassword: string(),
             }),
             result: literal('ok'),
         },
-        checkSecret: {
-            resource: 'secret/check',
+        checkPassword: {
+            resource: 'password/check',
             method: 'POST',
             parameters: object({
-                secret: string(),
+                password: string(),
             }),
-            result: SecretCheckResult,
+            result: PasswordCheckResult,
         },
         timestamp: {
             resource: 'timestamp',
@@ -152,5 +245,17 @@ export function getAuthenticationApiEndpointsDefinition(additionalTokenPayloadSc
                 [dontWaitForValidToken]: true,
             },
         },
+        listSessions: {
+            resource: 'me/sessions',
+            method: 'GET',
+            result: array(pick(AuthenticationSession, ['id', 'begin', 'end'])),
+            credentials: true,
+        },
+        invalidateAllOtherSessions: {
+            resource: 'me/invalidate-other-sessions',
+            method: 'POST',
+            result: literal('ok'),
+            credentials: true,
+        },
     };
 }

package/authentication/client/api.client.d.ts

@@ -6,13 +6,13 @@ import { type AuthenticationApiDefinition } from '../authentication.api.js';
  * Get an authentication API client
  * @param additionalTokenPayloadSchema Schema for additional token payload
  * @param authenticationDataSchema Schema for additional authentication data
- * @param additionalInitSecretResetData Schema for additional secret reset data
+ * @param additionalInitPasswordResetData Schema for additional password reset data
  * @returns Authentication API client
  * @template AdditionalTokenPayload Type of additional token payload
  * @template AuthenticationData Type of additional authentication data
- * @template AdditionalInitSecretResetData Type of additional secret reset data
+ * @template AdditionalInitPasswordResetData Type of additional password reset data
  */
-export declare function getAuthenticationApiClient<AdditionalTokenPayload extends Record, AuthenticationData, AdditionalInitSecretResetData>(additionalTokenPayloadSchema: ObjectSchemaOrType<AdditionalTokenPayload>, authenticationDataSchema: SchemaTestable<AuthenticationData>, additionalInitSecretResetData: SchemaTestable<AdditionalInitSecretResetData>): ApiClient<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>>;
+export declare function getAuthenticationApiClient<AdditionalTokenPayload extends Record, AuthenticationData, AdditionalInitPasswordResetData>(additionalTokenPayloadSchema: ObjectSchemaOrType<AdditionalTokenPayload>, authenticationDataSchema: SchemaTestable<AuthenticationData>, additionalInitPasswordResetData: SchemaTestable<AdditionalInitPasswordResetData>): ApiClient<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>>;
 declare const defaultAuthenticationApiClient: ApiClient<AuthenticationApiDefinition<import("type-fest").EmptyObject, unknown, import("type-fest").EmptyObject>>;
 /**
  * Default authentication API client

package/authentication/client/api.client.js

@@ -12,14 +12,14 @@ import { getAuthenticationApiDefinition } from '../authentication.api.js';
  * Get an authentication API client
  * @param additionalTokenPayloadSchema Schema for additional token payload
  * @param authenticationDataSchema Schema for additional authentication data
- * @param additionalInitSecretResetData Schema for additional secret reset data
+ * @param additionalInitPasswordResetData Schema for additional password reset data
  * @returns Authentication API client
  * @template AdditionalTokenPayload Type of additional token payload
  * @template AuthenticationData Type of additional authentication data
- * @template AdditionalInitSecretResetData Type of additional secret reset data
+ * @template AdditionalInitPasswordResetData Type of additional password reset data
  */
-export function getAuthenticationApiClient(additionalTokenPayloadSchema, authenticationDataSchema, additionalInitSecretResetData) {
-    const definition = getAuthenticationApiDefinition(additionalTokenPayloadSchema, authenticationDataSchema, additionalInitSecretResetData);
+export function getAuthenticationApiClient(additionalTokenPayloadSchema, authenticationDataSchema, additionalInitPasswordResetData) {
+    const definition = getAuthenticationApiDefinition(additionalTokenPayloadSchema, authenticationDataSchema, additionalInitPasswordResetData);
     let AuthenticationApiClient = class AuthenticationApiClient extends compileClient(definition) {
     };
     AuthenticationApiClient = __decorate([

package/authentication/client/authentication.service.d.ts

@@ -1,7 +1,8 @@
 import type { AfterResolve } from '../../injector/index.js';
 import { afterResolve } from '../../injector/index.js';
 import type { Record } from '../../types/index.js';
-import type { SecretCheckResult, TokenPayload } from '../models/index.js';
+import type { AuthenticationSession, PasswordCheckResult, TokenPayload } from '../models/index.js';
+import type { LoginTotpResult } from '../server/authentication.service.js';
 import type { SubjectInput } from '../types.js';
 /**
  * Handles authentication on client side.
@@ -15,9 +16,9 @@ import type { SubjectInput } from '../types.js';
  *
  * @template AdditionalTokenPayload Type of additional token payload
  * @template AuthenticationData Type of additional authentication data
- * @template AdditionalInitSecretResetData Type of additional secret reset data
+ * @template AdditionalInitPasswordResetData Type of additional password reset data
  */
-export declare class AuthenticationClientService<AdditionalTokenPayload extends Record = Record, AuthenticationData = any, AdditionalInitSecretResetData = void> implements AfterResolve, AsyncDisposable {
+export declare class AuthenticationClientService<AdditionalTokenPayload extends Record = Record, AuthenticationData = any, AdditionalInitPasswordResetData = void> implements AfterResolve, AsyncDisposable {
     private readonly client;
     private readonly errorSubject;
     private readonly tokenUpdateBus;
@@ -44,6 +45,8 @@ export declare class AuthenticationClientService<AdditionalTokenPayload extends
     readonly rawRefreshToken: import("../../signals/api.js").WritableSignal<string | undefined>;
     /** Current raw impersonator refresh token */
     readonly rawImpersonatorRefreshToken: import("../../signals/api.js").WritableSignal<string | undefined>;
+    /** Whether the remaining recovery codes are low */
+    readonly lowRecoveryCodesWarning: import("../../signals/api.js").WritableSignal<boolean | undefined>;
     /** Whether the user is logged in */
     readonly isLoggedIn: import("../../signals/api.js").Signal<boolean>;
     /** Current session id */
@@ -123,16 +126,31 @@ export declare class AuthenticationClientService<AdditionalTokenPayload extends
      */
     setAdditionalData(data: AuthenticationData): void;
     /**
-     * Login with subject and secret
+     * Login with subject and password
      * @param subjectInput The subject to login with
-     * @param secret The secret to login with
+     * @param password The password to login with
      * @param data Additional authentication data
      * @param remember Whether to remember the session
+     * @returns The login result, if it requires TOTP.
      */
-    login(subjectInput: SubjectInput, secret: string, data?: AuthenticationData, remember?: boolean): Promise<void>;
+    login(subjectInput: SubjectInput, password: string, data?: AuthenticationData, remember?: boolean): Promise<{
+        type: 'success';
+    } | LoginTotpResult>;
+    /**
+     * Verify a TOTP login challenge.
+     * @param challengeToken The challenge token.
+     * @param token The TOTP token.
+     */
+    verifyTotpLogin(challengeToken: string, token: string): Promise<void>;
+    /**
+     * Verify a recovery code login challenge.
+     * @param challengeToken The challenge token.
+     * @param recoveryCode The recovery code.
+     */
+    loginRecovery(challengeToken: string, recoveryCode: string): Promise<void>;
     /**
      * Logout from the current session.
-     * This will attempt to end the session on the server and then clear local credentials.
+     * This will attempt to end the session on the server and then clear local session state.
      */
     logout(): Promise<void>;
     /**
@@ -157,30 +175,82 @@ export declare class AuthenticationClientService<AdditionalTokenPayload extends
      */
     unimpersonate(data?: AuthenticationData): Promise<void>;
     /**
-     * Change the secret for a subject.
-     * @param subjectInput The subject to change the secret for
-     * @param currentSecret The current secret
-     * @param newSecret The new secret
+     * Change the password for the current subject.
+     * @param currentPassword The current password
+     * @param newPassword The new password
+     */
+    changePassword(currentPassword: string, newPassword: string): Promise<void>;
+    /**
+     * Initialize a password reset.
+     * @param subjectInput The subject to reset the password for
+     * @param data Additional data for password reset
+     */
+    initPasswordReset(subjectInput: SubjectInput, data: AdditionalInitPasswordResetData): Promise<void>;
+    /**
+     * Reset a password using a reset token.
+     * @param token The password reset token
+     * @param newPassword The new password
+     */
+    resetPassword(token: string, newPassword: string): Promise<void>;
+    /**
+     * Initiate TOTP enrollment.
+     * @returns The secret and URI for enrollment.
      */
-    changeSecret(subjectInput: SubjectInput, currentSecret: string, newSecret: string): Promise<void>;
+    initEnrollTotp(): Promise<{
+        secret: string;
+        uri: string;
+    }>;
     /**
-     * Initialize a secret reset.
-     * @param subjectInput The subject to reset the secret for
-     * @param data Additional data for secret reset
+     * Complete TOTP enrollment.
+     * @param token The TOTP token to verify.
+     * @returns The recovery codes.
      */
-    initResetSecret(subjectInput: SubjectInput, data: AdditionalInitSecretResetData): Promise<void>;
+    completeEnrollTotp(token: string): Promise<{
+        recoveryCodes: string[];
+    }>;
     /**
-     * Reset a secret using a reset token.
-     * @param token The secret reset token
-     * @param newSecret The new secret
+     * Disable TOTP.
+     * @param token The TOTP token.
      */
-    resetSecret(token: string, newSecret: string): Promise<void>;
+    disableTotp(token: string): Promise<void>;
     /**
-     * Check a secret for requirements.
-     * @param secret The secret to check
+     * Disable TOTP using a recovery code.
+     * @param recoveryCode The recovery code.
+     */
+    disableTotpWithRecoveryCode(recoveryCode: string): Promise<void>;
+    /**
+     * Regenerate recovery codes.
+     * @param token The TOTP token.
+     * @param options Options for regeneration.
+     * @returns The new recovery codes.
+     */
+    regenerateRecoveryCodes(token: string, options?: {
+        invalidateOtherSessions?: boolean;
+    }): Promise<{
+        recoveryCodes: string[];
+    }>;
+    /**
+     * Get TOTP activation status.
+     * @returns Whether TOTP is active.
+     */
+    getTotpStatus(): Promise<{
+        active: boolean;
+    }>;
+    /**
+     * Check a password for requirements.
+     * @param password The password to check
      * @returns The result of the check
      */
-    checkSecret(secret: string): Promise<SecretCheckResult>;
+    checkPassword(password: string): Promise<PasswordCheckResult>;
+    /**
+     * List all active sessions for the current user.
+     * @returns List of sessions.
+     */
+    listSessions(): Promise<Pick<AuthenticationSession, 'id' | 'begin' | 'end'>[]>;
+    /**
+     * Invalidate all active sessions for the current user except the current one.
+     */
+    invalidateAllOtherSessions(): Promise<void>;
     /**
      * Update raw tokens.
      * @param token Raw token

package/authentication/client/authentication.service.js

@@ -61,7 +61,7 @@ const unrecoverableErrors = [
  *
  * @template AdditionalTokenPayload Type of additional token payload
  * @template AuthenticationData Type of additional authentication data
- * @template AdditionalInitSecretResetData Type of additional secret reset data
+ * @template AdditionalInitPasswordResetData Type of additional password reset data
  */
 let AuthenticationClientService = class AuthenticationClientService {
     client = inject(AUTHENTICATION_API_CLIENT);
@@ -90,6 +90,8 @@ let AuthenticationClientService = class AuthenticationClientService {
     rawRefreshToken = signal(undefined);
     /** Current raw impersonator refresh token */
     rawImpersonatorRefreshToken = signal(undefined);
+    /** Whether the remaining recovery codes are low */
+    lowRecoveryCodesWarning = signal(undefined);
     /** Whether the user is logged in */
     isLoggedIn = computed(() => isDefined(this.token()));
     /** Current session id */
@@ -216,25 +218,51 @@ let AuthenticationClientService = class AuthenticationClientService {
         this.authenticationData = data;
     }
     /**
-     * Login with subject and secret
+     * Login with subject and password
      * @param subjectInput The subject to login with
-     * @param secret The secret to login with
+     * @param password The password to login with
      * @param data Additional authentication data
      * @param remember Whether to remember the session
+     * @returns The login result, if it requires TOTP.
      */
-    async login(subjectInput, secret, data, remember = false) {
+    async login(subjectInput, password, data, remember = false) {
         if (isDefined(data)) {
             this.setAdditionalData(data);
         }
-        const [token] = await Promise.all([
-            this.client.login({ tenantId: subjectInput.tenantId, subject: subjectInput.subject, secret, remember, data: this.authenticationData }),
+        const [result] = await Promise.all([
+            this.client.login({ tenantId: subjectInput.tenantId, subject: subjectInput.subject, password, remember, data: this.authenticationData }),
             this.syncClock(),
         ]);
-        this.setNewToken(token);
+        if (result.type == 'totp') {
+            return result;
+        }
+        this.lowRecoveryCodesWarning.set(result.lowRecoveryCodesWarning);
+        this.setNewToken(result.result);
+        return { type: 'success' };
+    }
+    /**
+     * Verify a TOTP login challenge.
+     * @param challengeToken The challenge token.
+     * @param token The TOTP token.
+     */
+    async verifyTotpLogin(challengeToken, token) {
+        const result = await this.client.loginVerifyTotp({ challengeToken, token });
+        this.lowRecoveryCodesWarning.set(result.lowRecoveryCodesWarning);
+        this.setNewToken(result.result);
+    }
+    /**
+     * Verify a recovery code login challenge.
+     * @param challengeToken The challenge token.
+     * @param recoveryCode The recovery code.
+     */
+    async loginRecovery(challengeToken, recoveryCode) {
+        const result = await this.client.loginRecovery({ challengeToken, recoveryCode });
+        this.lowRecoveryCodesWarning.set(result.lowRecoveryCodesWarning);
+        this.setNewToken(result.result);
     }
     /**
      * Logout from the current session.
-     * This will attempt to end the session on the server and then clear local credentials.
+     * This will attempt to end the session on the server and then clear local session state.
      */
     async logout() {
         if (isDefined(this.loggingOut)) {
@@ -334,37 +362,94 @@ let AuthenticationClientService = class AuthenticationClientService {
         });
     }
     /**
-     * Change the secret for a subject.
-     * @param subjectInput The subject to change the secret for
-     * @param currentSecret The current secret
-     * @param newSecret The new secret
+     * Change the password for the current subject.
+     * @param currentPassword The current password
+     * @param newPassword The new password
+     */
+    async changePassword(currentPassword, newPassword) {
+        await this.client.changePassword({ currentPassword, newPassword });
+    }
+    /**
+     * Initialize a password reset.
+     * @param subjectInput The subject to reset the password for
+     * @param data Additional data for password reset
+     */
+    async initPasswordReset(subjectInput, data) {
+        await this.client.initPasswordReset({ tenantId: subjectInput.tenantId, subject: subjectInput.subject, data });
+    }
+    /**
+     * Reset a password using a reset token.
+     * @param token The password reset token
+     * @param newPassword The new password
+     */
+    async resetPassword(token, newPassword) {
+        await this.client.resetPassword({ token, newPassword });
+    }
+    /**
+     * Initiate TOTP enrollment.
+     * @returns The secret and URI for enrollment.
      */
-    async changeSecret(subjectInput, currentSecret, newSecret) {
-        await this.client.changeSecret({ tenantId: subjectInput.tenantId, subject: subjectInput.subject, currentSecret, newSecret });
+    async initEnrollTotp() {
+        return await this.client.initEnrollTotp();
     }
     /**
-     * Initialize a secret reset.
-     * @param subjectInput The subject to reset the secret for
-     * @param data Additional data for secret reset
+     * Complete TOTP enrollment.
+     * @param token The TOTP token to verify.
+     * @returns The recovery codes.
      */
-    async initResetSecret(subjectInput, data) {
-        await this.client.initSecretReset({ tenantId: subjectInput.tenantId, subject: subjectInput.subject, data });
+    async completeEnrollTotp(token) {
+        return await this.client.completeEnrollTotp({ token });
     }
     /**
-     * Reset a secret using a reset token.
-     * @param token The secret reset token
-     * @param newSecret The new secret
+     * Disable TOTP.
+     * @param token The TOTP token.
      */
-    async resetSecret(token, newSecret) {
-        await this.client.resetSecret({ token, newSecret });
+    async disableTotp(token) {
+        await this.client.disableTotp({ token });
     }
     /**
-     * Check a secret for requirements.
-     * @param secret The secret to check
+     * Disable TOTP using a recovery code.
+     * @param recoveryCode The recovery code.
+     */
+    async disableTotpWithRecoveryCode(recoveryCode) {
+        await this.client.disableTotpWithRecoveryCode({ recoveryCode });
+    }
+    /**
+     * Regenerate recovery codes.
+     * @param token The TOTP token.
+     * @param options Options for regeneration.
+     * @returns The new recovery codes.
+     */
+    async regenerateRecoveryCodes(token, options) {
+        return await this.client.regenerateRecoveryCodes({ token, ...options });
+    }
+    /**
+     * Get TOTP activation status.
+     * @returns Whether TOTP is active.
+     */
+    async getTotpStatus() {
+        return await this.client.getTotpStatus();
+    }
+    /**
+     * Check a password for requirements.
+     * @param password The password to check
      * @returns The result of the check
      */
-    async checkSecret(secret) {
-        return await this.client.checkSecret({ secret });
+    async checkPassword(password) {
+        return await this.client.checkPassword({ password });
+    }
+    /**
+     * List all active sessions for the current user.
+     * @returns List of sessions.
+     */
+    async listSessions() {
+        return await this.client.listSessions();
+    }
+    /**
+     * Invalidate all active sessions for the current user except the current one.
+     */
+    async invalidateAllOtherSessions() {
+        await this.client.invalidateAllOtherSessions();
     }
     /**
      * Update raw tokens.

package/authentication/client/http-client.middleware.d.ts

@@ -6,7 +6,7 @@ import type { AuthenticationClientService } from './authentication.service.js';
  * @param authenticationServiceOrProvider The authentication service or a provider for it.
  * @returns A http client middleware.
  */
-export declare function waitForAuthenticationCredentialsMiddleware(authenticationServiceOrProvider: ValueOrAsyncProvider<AuthenticationClientService>): HttpClientMiddleware;
+export declare function waitForAuthenticationMiddleware(authenticationServiceOrProvider: ValueOrAsyncProvider<AuthenticationClientService>): HttpClientMiddleware;
 /**
  * A http client middleware that logs out the user if a request fails with a 401 Unauthorized error.
  * @param authenticationServiceOrProvider The authentication service or a provider for it.