npm - @tstdl/base - Versions diffs - 0.93.182 → 0.93.183 - Mend

@tstdl/base 0.93.182 → 0.93.183

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (353) hide show

package/api/server/api-request-token.provider.js +1 -1
package/api/server/gateway.js +6 -1
package/authentication/authentication.api.d.ts +13 -40
package/authentication/authentication.api.js +5 -14
package/authentication/client/authentication.service.d.ts +6 -14
package/authentication/client/authentication.service.js +22 -4
package/authentication/client/module.d.ts +1 -1
package/authentication/client/module.js +4 -4
package/authentication/models/index.d.ts +1 -0
package/authentication/models/index.js +1 -0
package/authentication/models/totp-results.model.d.ts +11 -0
package/authentication/models/totp-results.model.js +37 -0
package/authentication/server/authentication.api-controller.d.ts +3 -3
package/authentication/server/authentication.api-controller.js +31 -4
package/authentication/server/authentication.service.d.ts +5 -14
package/authentication/server/authentication.service.js +6 -4
package/core.d.ts +0 -5
package/core.js +0 -8
package/document-management/api/document-management.api.d.ts +2 -2
package/document-management/service-models/document.service-model.d.ts +1 -1
package/examples/config.d.ts +25 -0
package/examples/config.js +26 -0
package/notification/server/module.d.ts +1 -1
package/notification/server/module.js +1 -1
package/package.json +5 -5
package/signals/api.d.ts +5 -1
package/signals/api.js +3 -1
package/signals/implementation/api.d.ts +13 -5
package/signals/implementation/api.js +7 -1
package/signals/implementation/asserts.d.ts +2 -2
package/signals/implementation/asserts.js +3 -3
package/signals/implementation/computed.d.ts +7 -34
package/signals/implementation/computed.js +14 -83
package/signals/implementation/configure.js +6 -2
package/signals/implementation/effect.d.ts +65 -46
package/signals/implementation/effect.js +97 -62
package/signals/implementation/index.d.ts +2 -4
package/signals/implementation/index.js +2 -4
package/signals/implementation/linked_signal.d.ts +36 -0
package/signals/implementation/linked_signal.js +34 -0
package/signals/implementation/primitive/computed.d.ts +55 -0
package/signals/implementation/primitive/computed.js +107 -0
package/signals/implementation/primitive/effect.d.ts +26 -0
package/signals/implementation/primitive/effect.js +31 -0
package/signals/implementation/{equality.d.ts → primitive/equality.d.ts} +1 -1
package/signals/implementation/{equality.js → primitive/equality.js} +1 -1
package/signals/implementation/primitive/errors.d.ts +10 -0
package/signals/implementation/{errors.js → primitive/errors.js} +3 -4
package/signals/implementation/primitive/formatter.d.ts +19 -0
package/signals/implementation/primitive/formatter.js +136 -0
package/signals/implementation/{graph.d.ts → primitive/graph.d.ts} +68 -36
package/signals/implementation/primitive/graph.js +386 -0
package/signals/implementation/primitive/linked_signal.d.ts +46 -0
package/signals/implementation/primitive/linked_signal.js +110 -0
package/signals/implementation/primitive/signal.d.ts +31 -0
package/signals/implementation/primitive/signal.js +80 -0
package/signals/implementation/primitive/untracked.d.ts +12 -0
package/signals/implementation/primitive/untracked.js +23 -0
package/signals/implementation/{watch.d.ts → primitive/watch.d.ts} +1 -2
package/signals/implementation/{watch.js → primitive/watch.js} +22 -16
package/signals/implementation/resource/api.d.ts +275 -0
package/signals/implementation/resource/api.js +26 -0
package/signals/implementation/resource/debounce.d.ts +13 -0
package/signals/implementation/resource/debounce.js +113 -0
package/signals/implementation/resource/from_snapshots.d.ts +16 -0
package/signals/implementation/resource/from_snapshots.js +44 -0
package/signals/implementation/resource/index.d.ts +11 -0
package/signals/implementation/resource/index.js +11 -0
package/signals/implementation/resource/resource.d.ts +110 -0
package/signals/implementation/resource/resource.js +402 -0
package/signals/implementation/root_effect_scheduler.d.ts +50 -0
package/signals/implementation/root_effect_scheduler.js +66 -0
package/signals/implementation/signal.d.ts +42 -18
package/signals/implementation/signal.js +29 -49
package/signals/implementation/to-observable.d.ts +12 -5
package/signals/implementation/to-observable.js +12 -2
package/signals/implementation/to-signal.d.ts +9 -18
package/signals/implementation/to-signal.js +46 -13
package/signals/implementation/untracked.d.ts +1 -1
package/signals/implementation/untracked.js +3 -11
package/signals/operators/debounce.d.ts +8 -0
package/signals/operators/debounce.js +19 -0
package/signals/operators/derive-async.js +43 -15
package/signals/operators/index.d.ts +2 -0
package/signals/operators/index.js +2 -0
package/signals/operators/throttle.d.ts +8 -0
package/signals/operators/throttle.js +31 -0
package/ai/genkit/tests/multi-region.test.d.ts +0 -2
package/ai/genkit/tests/multi-region.test.js +0 -179
package/ai/genkit/tests/token-limit-fallback.test.d.ts +0 -2
package/ai/genkit/tests/token-limit-fallback.test.js +0 -209
package/ai/prompts/tests/prompt-builder.test.d.ts +0 -1
package/ai/prompts/tests/prompt-builder.test.js +0 -22
package/ai/tests/instructions-formatter.test.d.ts +0 -1
package/ai/tests/instructions-formatter.test.js +0 -116
package/ai/tests/steering.test.d.ts +0 -1
package/ai/tests/steering.test.js +0 -37
package/api/client/tests/api-client.test.d.ts +0 -1
package/api/client/tests/api-client.test.js +0 -194
package/api/server/tests/csrf.middleware.test.d.ts +0 -1
package/api/server/tests/csrf.middleware.test.js +0 -91
package/authentication/tests/authentication-password-requirements.validator.test.d.ts +0 -1
package/authentication/tests/authentication-password-requirements.validator.test.js +0 -29
package/authentication/tests/authentication.api-controller.test.d.ts +0 -1
package/authentication/tests/authentication.api-controller.test.js +0 -156
package/authentication/tests/authentication.api-request-token.provider.test.d.ts +0 -1
package/authentication/tests/authentication.api-request-token.provider.test.js +0 -48
package/authentication/tests/authentication.client-error-handling.test.d.ts +0 -1
package/authentication/tests/authentication.client-error-handling.test.js +0 -123
package/authentication/tests/authentication.client-middleware.test.d.ts +0 -1
package/authentication/tests/authentication.client-middleware.test.js +0 -118
package/authentication/tests/authentication.client-service-methods.test.d.ts +0 -1
package/authentication/tests/authentication.client-service-methods.test.js +0 -177
package/authentication/tests/authentication.client-service-refresh.test.d.ts +0 -1
package/authentication/tests/authentication.client-service-refresh.test.js +0 -153
package/authentication/tests/authentication.client-service.test.d.ts +0 -1
package/authentication/tests/authentication.client-service.test.js +0 -76
package/authentication/tests/authentication.refresh-busy-loop.test.d.ts +0 -1
package/authentication/tests/authentication.refresh-busy-loop.test.js +0 -84
package/authentication/tests/authentication.service.test.d.ts +0 -1
package/authentication/tests/authentication.service.test.js +0 -167
package/authentication/tests/authentication.test-ancillary-service.d.ts +0 -9
package/authentication/tests/authentication.test-ancillary-service.js +0 -27
package/authentication/tests/brute-force-protection.test.d.ts +0 -1
package/authentication/tests/brute-force-protection.test.js +0 -211
package/authentication/tests/helper.test.d.ts +0 -1
package/authentication/tests/helper.test.js +0 -122
package/authentication/tests/password-requirements.error.test.d.ts +0 -1
package/authentication/tests/password-requirements.error.test.js +0 -14
package/authentication/tests/remember.api.test.d.ts +0 -1
package/authentication/tests/remember.api.test.js +0 -117
package/authentication/tests/remember.service.test.d.ts +0 -1
package/authentication/tests/remember.service.test.js +0 -83
package/authentication/tests/subject.service.test.d.ts +0 -1
package/authentication/tests/subject.service.test.js +0 -140
package/authentication/tests/suspended-subject.test.d.ts +0 -1
package/authentication/tests/suspended-subject.test.js +0 -120
package/authentication/tests/totp.enrollment.test.d.ts +0 -1
package/authentication/tests/totp.enrollment.test.js +0 -123
package/authentication/tests/totp.login.test.d.ts +0 -1
package/authentication/tests/totp.login.test.js +0 -213
package/authentication/tests/totp.recovery-codes.test.d.ts +0 -1
package/authentication/tests/totp.recovery-codes.test.js +0 -97
package/authentication/tests/totp.status.test.d.ts +0 -1
package/authentication/tests/totp.status.test.js +0 -72
package/cancellation/tests/coverage.test.d.ts +0 -1
package/cancellation/tests/coverage.test.js +0 -49
package/cancellation/tests/leak.test.d.ts +0 -1
package/cancellation/tests/leak.test.js +0 -35
package/cancellation/tests/token.test.d.ts +0 -1
package/cancellation/tests/token.test.js +0 -136
package/circuit-breaker/tests/circuit-breaker.test.d.ts +0 -1
package/circuit-breaker/tests/circuit-breaker.test.js +0 -116
package/cryptography/tests/cryptography.test.d.ts +0 -1
package/cryptography/tests/cryptography.test.js +0 -175
package/cryptography/tests/jwt.test.d.ts +0 -1
package/cryptography/tests/jwt.test.js +0 -54
package/cryptography/tests/modern.test.d.ts +0 -1
package/cryptography/tests/modern.test.js +0 -105
package/cryptography/tests/module.test.d.ts +0 -1
package/cryptography/tests/module.test.js +0 -100
package/cryptography/tests/totp.test.d.ts +0 -1
package/cryptography/tests/totp.test.js +0 -108
package/document-management/tests/ai-config-hierarchy.test.d.ts +0 -1
package/document-management/tests/ai-config-hierarchy.test.js +0 -59
package/document-management/tests/ai-config-integration.test.d.ts +0 -1
package/document-management/tests/ai-config-integration.test.js +0 -125
package/document-management/tests/ai-config-merge.test.d.ts +0 -1
package/document-management/tests/ai-config-merge.test.js +0 -46
package/document-management/tests/document-management-ai-overrides.test.d.ts +0 -1
package/document-management/tests/document-management-ai-overrides.test.js +0 -63
package/document-management/tests/document-management-core.test.d.ts +0 -1
package/document-management/tests/document-management-core.test.js +0 -157
package/document-management/tests/document-management.api.test.d.ts +0 -1
package/document-management/tests/document-management.api.test.js +0 -101
package/document-management/tests/document-statistics.service.test.d.ts +0 -1
package/document-management/tests/document-statistics.service.test.js +0 -498
package/document-management/tests/document-validation-ai-overrides.test.d.ts +0 -1
package/document-management/tests/document-validation-ai-overrides.test.js +0 -87
package/document-management/tests/document.service.test.d.ts +0 -1
package/document-management/tests/document.service.test.js +0 -143
package/document-management/tests/enum-helpers.test.d.ts +0 -1
package/document-management/tests/enum-helpers.test.js +0 -452
package/document-management/tests/helper.d.ts +0 -24
package/document-management/tests/helper.js +0 -39
package/errors/tests/format.test.d.ts +0 -1
package/errors/tests/format.test.js +0 -84
package/http/tests/server-timing.test.d.ts +0 -1
package/http/tests/server-timing.test.js +0 -42
package/injector/tests/advanced.test.d.ts +0 -1
package/injector/tests/advanced.test.js +0 -116
package/injector/tests/async-init.test.d.ts +0 -1
package/injector/tests/async-init.test.js +0 -77
package/injector/tests/basic.test.d.ts +0 -1
package/injector/tests/basic.test.js +0 -114
package/injector/tests/hierarchical.test.d.ts +0 -1
package/injector/tests/hierarchical.test.js +0 -59
package/injector/tests/leak.test.d.ts +0 -1
package/injector/tests/leak.test.js +0 -45
package/injector/tests/lifecycles.test.d.ts +0 -1
package/injector/tests/lifecycles.test.js +0 -109
package/logger/tests/pretty-print.test.d.ts +0 -1
package/logger/tests/pretty-print.test.js +0 -60
package/notification/tests/notification-api.test.d.ts +0 -1
package/notification/tests/notification-api.test.js +0 -124
package/notification/tests/notification-client.test.d.ts +0 -1
package/notification/tests/notification-client.test.js +0 -101
package/notification/tests/notification-flow.test.d.ts +0 -1
package/notification/tests/notification-flow.test.js +0 -296
package/notification/tests/notification-sse.service.test.d.ts +0 -1
package/notification/tests/notification-sse.service.test.js +0 -43
package/notification/tests/notification-type.service.test.d.ts +0 -1
package/notification/tests/notification-type.service.test.js +0 -41
package/object-storage/s3/tests/s3.object-storage.integration.test.d.ts +0 -1
package/object-storage/s3/tests/s3.object-storage.integration.test.js +0 -303
package/orm/tests/build-jsonb.test.d.ts +0 -1
package/orm/tests/build-jsonb.test.js +0 -39
package/orm/tests/data-types.test.d.ts +0 -1
package/orm/tests/data-types.test.js +0 -39
package/orm/tests/database-extension.test.d.ts +0 -1
package/orm/tests/database-extension.test.js +0 -63
package/orm/tests/database-migration.test.d.ts +0 -1
package/orm/tests/database-migration.test.js +0 -83
package/orm/tests/decorators.test.d.ts +0 -1
package/orm/tests/decorators.test.js +0 -77
package/orm/tests/encryption.test.d.ts +0 -1
package/orm/tests/encryption.test.js +0 -31
package/orm/tests/query-complex.test.d.ts +0 -1
package/orm/tests/query-complex.test.js +0 -172
package/orm/tests/query-converter-complex.test.d.ts +0 -1
package/orm/tests/query-converter-complex.test.js +0 -131
package/orm/tests/query-converter.test.d.ts +0 -1
package/orm/tests/query-converter.test.js +0 -123
package/orm/tests/repository-advanced.test.d.ts +0 -1
package/orm/tests/repository-advanced.test.js +0 -189
package/orm/tests/repository-attributes.test.d.ts +0 -1
package/orm/tests/repository-attributes.test.js +0 -83
package/orm/tests/repository-compound-primary-key.test.d.ts +0 -2
package/orm/tests/repository-compound-primary-key.test.js +0 -226
package/orm/tests/repository-comprehensive.test.d.ts +0 -1
package/orm/tests/repository-comprehensive.test.js +0 -162
package/orm/tests/repository-coverage.test.d.ts +0 -2
package/orm/tests/repository-coverage.test.js +0 -242
package/orm/tests/repository-cti-complex.test.d.ts +0 -1
package/orm/tests/repository-cti-complex.test.js +0 -151
package/orm/tests/repository-cti-embedded.test.d.ts +0 -1
package/orm/tests/repository-cti-embedded.test.js +0 -178
package/orm/tests/repository-cti-extensive.test.d.ts +0 -2
package/orm/tests/repository-cti-extensive.test.js +0 -279
package/orm/tests/repository-cti-mapping.test.d.ts +0 -2
package/orm/tests/repository-cti-mapping.test.js +0 -108
package/orm/tests/repository-cti-search.test.d.ts +0 -1
package/orm/tests/repository-cti-search.test.js +0 -141
package/orm/tests/repository-cti-soft-delete.test.d.ts +0 -2
package/orm/tests/repository-cti-soft-delete.test.js +0 -103
package/orm/tests/repository-cti-transactions.test.d.ts +0 -1
package/orm/tests/repository-cti-transactions.test.js +0 -112
package/orm/tests/repository-cti-upsert-many.test.d.ts +0 -2
package/orm/tests/repository-cti-upsert-many.test.js +0 -115
package/orm/tests/repository-cti.test.d.ts +0 -2
package/orm/tests/repository-cti.test.js +0 -390
package/orm/tests/repository-edge-cases.test.d.ts +0 -1
package/orm/tests/repository-edge-cases.test.js +0 -178
package/orm/tests/repository-expiration.test.d.ts +0 -2
package/orm/tests/repository-expiration.test.js +0 -140
package/orm/tests/repository-extra-coverage.test.d.ts +0 -2
package/orm/tests/repository-extra-coverage.test.js +0 -402
package/orm/tests/repository-mapping.test.d.ts +0 -2
package/orm/tests/repository-mapping.test.js +0 -65
package/orm/tests/repository-regression.test.d.ts +0 -1
package/orm/tests/repository-regression.test.js +0 -288
package/orm/tests/repository-search-coverage.test.d.ts +0 -1
package/orm/tests/repository-search-coverage.test.js +0 -107
package/orm/tests/repository-search.test.d.ts +0 -1
package/orm/tests/repository-search.test.js +0 -105
package/orm/tests/repository-soft-delete.test.d.ts +0 -1
package/orm/tests/repository-soft-delete.test.js +0 -118
package/orm/tests/repository-transactions-nested.test.d.ts +0 -1
package/orm/tests/repository-transactions-nested.test.js +0 -178
package/orm/tests/repository-types.test.d.ts +0 -1
package/orm/tests/repository-types.test.js +0 -184
package/orm/tests/repository-undelete.test.d.ts +0 -2
package/orm/tests/repository-undelete.test.js +0 -201
package/orm/tests/schema-converter.test.d.ts +0 -1
package/orm/tests/schema-converter.test.js +0 -82
package/orm/tests/schema-generation.test.d.ts +0 -2
package/orm/tests/schema-generation.test.js +0 -174
package/orm/tests/sql-helpers.test.d.ts +0 -1
package/orm/tests/sql-helpers.test.js +0 -67
package/orm/tests/transaction-safety.test.d.ts +0 -1
package/orm/tests/transaction-safety.test.js +0 -81
package/orm/tests/transactional.test.d.ts +0 -1
package/orm/tests/transactional.test.js +0 -215
package/orm/tests/utils.test.d.ts +0 -1
package/orm/tests/utils.test.js +0 -70
package/pdf/tests/utils.test.d.ts +0 -1
package/pdf/tests/utils.test.js +0 -187
package/process/tests/spawn.test.d.ts +0 -1
package/process/tests/spawn.test.js +0 -182
package/rate-limit/tests/postgres-rate-limiter.test.d.ts +0 -1
package/rate-limit/tests/postgres-rate-limiter.test.js +0 -84
package/renderer/tests/renderer.test.d.ts +0 -1
package/renderer/tests/renderer.test.js +0 -88
package/rpc/tests/rpc.integration.test.d.ts +0 -1
package/rpc/tests/rpc.integration.test.js +0 -615
package/signals/implementation/errors.d.ts +0 -2
package/signals/implementation/graph.js +0 -312
package/signals/implementation/writable-signal.d.ts +0 -48
package/signals/implementation/writable-signal.js +0 -32
package/task-queue/tests/coverage-branch.test.d.ts +0 -1
package/task-queue/tests/coverage-branch.test.js +0 -395
package/task-queue/tests/coverage-enhancement.test.d.ts +0 -1
package/task-queue/tests/coverage-enhancement.test.js +0 -150
package/task-queue/tests/dag.test.d.ts +0 -1
package/task-queue/tests/dag.test.js +0 -188
package/task-queue/tests/dependencies.test.d.ts +0 -1
package/task-queue/tests/dependencies.test.js +0 -296
package/task-queue/tests/enqueue-batch.test.d.ts +0 -1
package/task-queue/tests/enqueue-batch.test.js +0 -125
package/task-queue/tests/enqueue-item.test.d.ts +0 -1
package/task-queue/tests/enqueue-item.test.js +0 -12
package/task-queue/tests/fan-out-spawning.test.d.ts +0 -1
package/task-queue/tests/fan-out-spawning.test.js +0 -94
package/task-queue/tests/idempotent-replacement.test.d.ts +0 -1
package/task-queue/tests/idempotent-replacement.test.js +0 -114
package/task-queue/tests/missing-idempotent-tasks.test.d.ts +0 -1
package/task-queue/tests/missing-idempotent-tasks.test.js +0 -39
package/task-queue/tests/optimization-edge-cases.test.d.ts +0 -1
package/task-queue/tests/optimization-edge-cases.test.js +0 -124
package/task-queue/tests/queue-generic.test.d.ts +0 -1
package/task-queue/tests/queue-generic.test.js +0 -8
package/task-queue/tests/queue.test.d.ts +0 -1
package/task-queue/tests/queue.test.js +0 -756
package/task-queue/tests/shutdown.test.d.ts +0 -1
package/task-queue/tests/shutdown.test.js +0 -41
package/task-queue/tests/task-context.test.d.ts +0 -1
package/task-queue/tests/task-context.test.js +0 -7
package/task-queue/tests/task-union.test.d.ts +0 -1
package/task-queue/tests/task-union.test.js +0 -18
package/task-queue/tests/transactions.test.d.ts +0 -1
package/task-queue/tests/transactions.test.js +0 -47
package/task-queue/tests/typing.test.d.ts +0 -1
package/task-queue/tests/typing.test.js +0 -9
package/task-queue/tests/worker.test.d.ts +0 -1
package/task-queue/tests/worker.test.js +0 -258
package/task-queue/tests/zombie-parent.test.d.ts +0 -1
package/task-queue/tests/zombie-parent.test.js +0 -45
package/task-queue/tests/zombie-recovery.test.d.ts +0 -1
package/task-queue/tests/zombie-recovery.test.js +0 -51
package/utils/tests/backoff.test.d.ts +0 -1
package/utils/tests/backoff.test.js +0 -41
package/utils/tests/retry-with-backoff.test.d.ts +0 -1
package/utils/tests/retry-with-backoff.test.js +0 -49

package/api/server/api-request-token.provider.js CHANGED Viewed

@@ -19,7 +19,7 @@ export class ApiRequestTokenProvider {
 }
 let NoopApiRequestTokenProvider = class NoopApiRequestTokenProvider extends ApiRequestTokenProvider {
     tryGetToken(_requestData) {
-        throw new Error('No RequestInfoProvider registered');
+        throw new Error('No ApiRequestTokenProvider registered');
     }
 };
 NoopApiRequestTokenProvider = __decorate([

package/api/server/gateway.js CHANGED Viewed

@@ -246,7 +246,12 @@ let ApiGateway = ApiGateway_1 = class ApiGateway {
         else {
             const endpointDefinitionResult = context.endpoint.definition.result;
             if (isDevMode() && isDefined(endpointDefinitionResult) && (endpointDefinitionResult != DataStream) && (endpointDefinitionResult != ServerSentEvents)) {
-                Schema.assert(endpointDefinitionResult, result);
+                try {
+                    Schema.assert(endpointDefinitionResult, result);
+                }
+                catch (error) {
+                    throw new Error(`Result of endpoint ${context.request.method} ${context.api.resource} (${context.endpoint.implementation.name}) did not match schema.`, { cause: error });
+                }
             }
             context.response.body = match(result)
                 .when(isUint8Array, (buffer) => ({ buffer }))

package/authentication/authentication.api.d.ts CHANGED Viewed

@@ -2,7 +2,7 @@ import { type ApiDefinition, type ApiEndpointsDefinition } from '../api/types.js
 import { type ObjectSchema, type ObjectSchemaOrType } from '../schema/index.js';
 import type { SchemaTestable } from '../schema/schema.js';
 import type { Record } from '../types/index.js';
-import { type TokenPayload } from './models/index.js';
+import { TotpEnrollmentInitResult, TotpRecoveryCodesResult, TotpStatusResult, type TokenPayload } from './models/index.js';
 import { PasswordCheckResult } from './models/password-check-result.model.js';
 /**
  * Can be provided in {@link ApiEndpointDefinition} data property to signal that the request does not need a valid token.
@@ -83,10 +83,7 @@ export declare const authenticationApiDefinition: {
         initEnrollTotp: {
             resource: string;
             method: "POST";
-            result: ObjectSchema<{
-                secret: string;
-                uri: string;
-            }>;
+            result: typeof TotpEnrollmentInitResult;
             credentials: true;
         };
         completeEnrollTotp: {
@@ -95,9 +92,7 @@ export declare const authenticationApiDefinition: {
             parameters: ObjectSchema<{
                 token: string;
             }>;
-            result: ObjectSchema<{
-                recoveryCodes: string[];
-            }>;
+            result: typeof TotpRecoveryCodesResult;
             credentials: true;
         };
         disableTotp: {
@@ -125,17 +120,13 @@ export declare const authenticationApiDefinition: {
                 token: string;
                 invalidateOtherSessions?: boolean | undefined;
             }>;
-            result: ObjectSchema<{
-                recoveryCodes: string[];
-            }>;
+            result: typeof TotpRecoveryCodesResult;
             credentials: true;
         };
         getTotpStatus: {
             resource: string;
             method: "GET";
-            result: ObjectSchema<{
-                active: boolean;
-            }>;
+            result: typeof TotpStatusResult;
             credentials: true;
         };
         refresh: {
@@ -322,10 +313,7 @@ export declare function getAuthenticationApiDefinition<AdditionalTokenPayload ex
         initEnrollTotp: {
             resource: string;
             method: "POST";
-            result: ObjectSchema<{
-                secret: string;
-                uri: string;
-            }>;
+            result: typeof TotpEnrollmentInitResult;
             credentials: true;
         };
         completeEnrollTotp: {
@@ -334,9 +322,7 @@ export declare function getAuthenticationApiDefinition<AdditionalTokenPayload ex
             parameters: ObjectSchema<{
                 token: string;
             }>;
-            result: ObjectSchema<{
-                recoveryCodes: string[];
-            }>;
+            result: typeof TotpRecoveryCodesResult;
             credentials: true;
         };
         disableTotp: {
@@ -364,17 +350,13 @@ export declare function getAuthenticationApiDefinition<AdditionalTokenPayload ex
                 token: string;
                 invalidateOtherSessions?: boolean | undefined;
             }>;
-            result: ObjectSchema<{
-                recoveryCodes: string[];
-            }>;
+            result: typeof TotpRecoveryCodesResult;
             credentials: true;
         };
         getTotpStatus: {
             resource: string;
             method: "GET";
-            result: ObjectSchema<{
-                active: boolean;
-            }>;
+            result: typeof TotpStatusResult;
             credentials: true;
         };
         refresh: {
@@ -556,10 +538,7 @@ export declare function getAuthenticationApiEndpointsDefinition<AdditionalTokenP
     initEnrollTotp: {
         resource: string;
         method: "POST";
-        result: ObjectSchema<{
-            secret: string;
-            uri: string;
-        }>;
+        result: typeof TotpEnrollmentInitResult;
         credentials: true;
     };
     completeEnrollTotp: {
@@ -568,9 +547,7 @@ export declare function getAuthenticationApiEndpointsDefinition<AdditionalTokenP
         parameters: ObjectSchema<{
             token: string;
         }>;
-        result: ObjectSchema<{
-            recoveryCodes: string[];
-        }>;
+        result: typeof TotpRecoveryCodesResult;
         credentials: true;
     };
     disableTotp: {
@@ -598,17 +575,13 @@ export declare function getAuthenticationApiEndpointsDefinition<AdditionalTokenP
             token: string;
             invalidateOtherSessions?: boolean | undefined;
         }>;
-        result: ObjectSchema<{
-            recoveryCodes: string[];
-        }>;
+        result: typeof TotpRecoveryCodesResult;
         credentials: true;
     };
     getTotpStatus: {
         resource: string;
         method: "GET";
-        result: ObjectSchema<{
-            active: boolean;
-        }>;
+        result: typeof TotpStatusResult;
         credentials: true;
     };
     refresh: {

package/authentication/authentication.api.js CHANGED Viewed

@@ -1,6 +1,6 @@
 import { defineApi } from '../api/types.js';
 import { array, assign, boolean, defaulted, emptyObjectSchema, explicitObject, literal, never, number, object, optional, pick, string, union } from '../schema/index.js';
-import { AuthenticationSession } from './models/index.js';
+import { AuthenticationSession, TotpEnrollmentInitResult, TotpRecoveryCodesResult, TotpStatusResult } from './models/index.js';
 import { PasswordCheckResult } from './models/password-check-result.model.js';
 import { TokenPayloadBase } from './models/token-payload-base.model.js';
 /**
@@ -100,10 +100,7 @@ export function getAuthenticationApiEndpointsDefinition(additionalTokenPayloadSc
         initEnrollTotp: {
             resource: 'totp/enroll/init',
             method: 'POST',
-            result: object({
-                secret: string(),
-                uri: string(),
-            }),
+            result: TotpEnrollmentInitResult,
             credentials: true,
         },
         completeEnrollTotp: {
@@ -112,9 +109,7 @@ export function getAuthenticationApiEndpointsDefinition(additionalTokenPayloadSc
             parameters: object({
                 token: string(),
             }),
-            result: object({
-                recoveryCodes: array(string()),
-            }),
+            result: TotpRecoveryCodesResult,
             credentials: true,
         },
         disableTotp: {
@@ -142,17 +137,13 @@ export function getAuthenticationApiEndpointsDefinition(additionalTokenPayloadSc
                 token: string(),
                 invalidateOtherSessions: optional(boolean()),
             }),
-            result: object({
-                recoveryCodes: array(string()),
-            }),
+            result: TotpRecoveryCodesResult,
             credentials: true,
         },
         getTotpStatus: {
             resource: 'totp/status',
             method: 'GET',
-            result: object({
-                active: boolean(),
-            }),
+            result: TotpStatusResult,
             credentials: true,
         },
         refresh: {

package/authentication/client/authentication.service.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 import type { AfterResolve } from '../../injector/index.js';
 import { afterResolve } from '../../injector/index.js';
 import type { Record } from '../../types/index.js';
-import type { AuthenticationSession, PasswordCheckResult, TokenPayload } from '../models/index.js';
+import type { AuthenticationSession, PasswordCheckResult, TokenPayload, TotpEnrollmentInitResult, TotpRecoveryCodesResult, TotpStatusResult } from '../models/index.js';
 import type { LoginTotpResult } from '../server/authentication.service.js';
 import type { SubjectInput } from '../types.js';
 /**
@@ -59,6 +59,7 @@ export declare class AuthenticationClientService<AdditionalTokenPayload extends
     readonly impersonator: import("../../signals/api.js").Signal<string | undefined>;
     /** Whether the user is impersonated */
     readonly impersonated: import("../../signals/api.js").Signal<boolean>;
+    readonly totpStatus: import("../../signals/api.js").Signal<TotpStatusResult | undefined>;
     /** Current token */
     readonly token$: import("rxjs").Observable<TokenPayload<AdditionalTokenPayload> | undefined>;
     /** Emits when token is available (not undefined) */
@@ -196,18 +197,13 @@ export declare class AuthenticationClientService<AdditionalTokenPayload extends
      * Initiate TOTP enrollment.
      * @returns The secret and URI for enrollment.
      */
-    initEnrollTotp(): Promise<{
-        secret: string;
-        uri: string;
-    }>;
+    initEnrollTotp(): Promise<TotpEnrollmentInitResult>;
     /**
      * Complete TOTP enrollment.
      * @param token The TOTP token to verify.
      * @returns The recovery codes.
      */
-    completeEnrollTotp(token: string): Promise<{
-        recoveryCodes: string[];
-    }>;
+    completeEnrollTotp(token: string): Promise<TotpRecoveryCodesResult>;
     /**
      * Disable TOTP.
      * @param token The TOTP token.
@@ -226,16 +222,12 @@ export declare class AuthenticationClientService<AdditionalTokenPayload extends
      */
     regenerateRecoveryCodes(token: string, options?: {
         invalidateOtherSessions?: boolean;
-    }): Promise<{
-        recoveryCodes: string[];
-    }>;
+    }): Promise<TotpRecoveryCodesResult>;
     /**
      * Get TOTP activation status.
      * @returns Whether TOTP is active.
      */
-    getTotpStatus(): Promise<{
-        active: boolean;
-    }>;
+    getTotpStatus(): Promise<TotpStatusResult>;
     /**
      * Check a password for requirements.
      * @param password The password to check

package/authentication/client/authentication.service.js CHANGED Viewed

@@ -22,6 +22,7 @@ import { Lock } from '../../lock/index.js';
 import { Logger } from '../../logger/index.js';
 import { MessageBus } from '../../message-bus/index.js';
 import { computed, signal, toObservable } from '../../signals/api.js';
+import { deriveAsync } from '../../signals/index.js';
 import { currentTimestampSeconds } from '../../utils/date-time.js';
 import { clamp } from '../../utils/math.js';
 import { timeout } from '../../utils/timing.js';
@@ -38,6 +39,7 @@ const tokenUpdateBusName = 'AuthenticationService:tokenUpdate';
 const loggedOutBusName = 'AuthenticationService:loggedOut';
 const refreshLockResource = 'AuthenticationService:refresh';
 const minRefreshDelay = millisecondsPerMinute;
+const refreshLoopTightLoopDelay = 5 * millisecondsPerSecond;
 const maxRefreshDelay = 15 * millisecondsPerMinute;
 const lockTimeout = 10_000;
 const logoutTimeout = 150;
@@ -104,6 +106,19 @@ let AuthenticationClientService = class AuthenticationClientService {
     impersonator = computed(() => this.token()?.impersonator);
     /** Whether the user is impersonated */
     impersonated = computed(() => isDefined(this.impersonator()));
+    totpStatus = deriveAsync(async () => {
+        const token = this.token();
+        if (isUndefined(token)) {
+            return undefined;
+        }
+        try {
+            return await this.getTotpStatus();
+        }
+        catch (error) {
+            this.logger.error(error);
+            return undefined;
+        }
+    });
     /** Current token */
     token$ = toObservable(this.token);
     /** Emits when token is available (not undefined) */
@@ -269,6 +284,9 @@ let AuthenticationClientService = class AuthenticationClientService {
             await this.loggingOut;
             return;
         }
+        if (!this.isLoggedIn()) {
+            return;
+        }
         this.loggingOut = (async () => {
             try {
                 await Promise.race([
@@ -535,8 +553,8 @@ let AuthenticationClientService = class AuthenticationClientService {
                         const newBuffer = calculateRefreshBufferSeconds(newToken);
                         const stillNeedsRefresh = this.forceRefreshRequested() || (newNow >= newToken.exp - newBuffer);
                         if (stillNeedsRefresh) {
-                            this.logger.warn('Token still needs refresh after attempt. Waiting for minRefreshDelay to avoid tight loop.');
-                            await waitForNextAction(minRefreshDelay, newToken.exp);
+                            this.logger.warn('Token still needs refresh after attempt. Waiting briefly to avoid tight loop.');
+                            await waitForNextAction(refreshLoopTightLoopDelay, newToken.exp);
                         }
                     }
                     await waitForNextAction(100, newToken?.exp);
@@ -552,7 +570,7 @@ let AuthenticationClientService = class AuthenticationClientService {
             }
             catch (error) {
                 this.logger.error(error);
-                await waitForNextAction(2500, token.exp);
+                await waitForNextAction(refreshLoopTightLoopDelay, token.exp);
             }
         }
     }
@@ -560,7 +578,7 @@ let AuthenticationClientService = class AuthenticationClientService {
         this.logger.error(error);
         this.errorSubject.next(error);
         const isUnrecoverable = unrecoverableErrors.some((errorType) => isInstanceOf(error, errorType))
-            || (error instanceof HttpError && ((error.response?.statusCode == 401) || (error.response?.statusCode == 404)));
+            || (isInstanceOf(error, HttpError) && ((error.response?.statusCode == 400) || (error.response?.statusCode == 401) || (error.response?.statusCode == 404)));
         if (isUnrecoverable) {
             await this.logout();
         }

package/authentication/client/module.d.ts CHANGED Viewed

@@ -26,4 +26,4 @@ export type AuthenticationClientModuleConfig = {
  * @param config Configuration
  * @param injector The injector to use. If not provided, the current injector is used.
  */
-export declare function configureAuthenticationClient(config: AuthenticationClientModuleConfig, injector?: Injector | null): void;
+export declare function configureAuthenticationClient(config?: AuthenticationClientModuleConfig | undefined, injector?: Injector | null): void;

package/authentication/client/module.js CHANGED Viewed

@@ -9,14 +9,14 @@ import { AUTHENTICATION_API_CLIENT, INITIAL_AUTHENTICATION_DATA } from './tokens
  * @param config Configuration
  * @param injector The injector to use. If not provided, the current injector is used.
  */
-export function configureAuthenticationClient(config, injector = getCurrentInjector()) {
-    if (isDefined(config.authenticationApiClient)) {
+export function configureAuthenticationClient(config = undefined, injector = getCurrentInjector()) {
+    if (isDefined(config?.authenticationApiClient)) {
         (injector ?? Injector).registerSingleton(AUTHENTICATION_API_CLIENT, { useToken: config.authenticationApiClient });
     }
-    if (isDefined(config.initialAuthenticationData)) {
+    if (isDefined(config?.initialAuthenticationData)) {
         (injector ?? Injector).register(INITIAL_AUTHENTICATION_DATA, { useValue: config.initialAuthenticationData });
     }
-    if (config.registerMiddleware == true) {
+    if (config?.registerMiddleware == true) {
         (injector ?? Injector).register(HTTP_CLIENT_MIDDLEWARE, {
             useFactory(_, context) {
                 const authenticationService = context.resolve(forwardRef(() => AuthenticationClientService, 'object'));

package/authentication/models/index.d.ts CHANGED Viewed

@@ -10,4 +10,5 @@ export * from './subject.model.js';
 export * from './system-account.model.js';
 export * from './token-payload-base.model.js';
 export * from './token.model.js';
+export * from './totp-results.model.js';
 export * from './user.model.js';

package/authentication/models/index.js CHANGED Viewed

@@ -10,4 +10,5 @@ export * from './subject.model.js';
 export * from './system-account.model.js';
 export * from './token-payload-base.model.js';
 export * from './token.model.js';
+export * from './totp-results.model.js';
 export * from './user.model.js';

package/authentication/models/totp-results.model.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+/** biome-ignore-all lint/nursery/noExcessiveClassesPerFile: <explanation> */
+export declare class TotpEnrollmentInitResult {
+    secret: string;
+    uri: string;
+}
+export declare class TotpRecoveryCodesResult {
+    recoveryCodes: string[];
+}
+export declare class TotpStatusResult {
+    active: boolean;
+}

package/authentication/models/totp-results.model.js ADDED Viewed

@@ -0,0 +1,37 @@
+/** biome-ignore-all lint/nursery/noExcessiveClassesPerFile: <explanation> */
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+import { Array, BooleanProperty, StringProperty } from '../../schema/index.js';
+export class TotpEnrollmentInitResult {
+    secret;
+    uri;
+}
+__decorate([
+    StringProperty(),
+    __metadata("design:type", String)
+], TotpEnrollmentInitResult.prototype, "secret", void 0);
+__decorate([
+    StringProperty(),
+    __metadata("design:type", String)
+], TotpEnrollmentInitResult.prototype, "uri", void 0);
+export class TotpRecoveryCodesResult {
+    recoveryCodes;
+}
+__decorate([
+    Array(String),
+    __metadata("design:type", Array)
+], TotpRecoveryCodesResult.prototype, "recoveryCodes", void 0);
+export class TotpStatusResult {
+    active;
+}
+__decorate([
+    BooleanProperty(),
+    __metadata("design:type", Boolean)
+], TotpStatusResult.prototype, "active", void 0);

package/authentication/server/authentication.api-controller.d.ts CHANGED Viewed

@@ -26,9 +26,9 @@ export declare class AuthenticationApiController<AdditionalTokenPayload extends
      * @param parameters The parameters for the request.
      * @returns The token result.
      */
-    login({ request, parameters, getAuditor }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>, 'login'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>, 'login'>>;
-    loginVerifyTotp({ request, parameters, getAuditor }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>, 'loginVerifyTotp'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>, 'loginVerifyTotp'>>;
-    loginRecovery({ request, parameters, getAuditor }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>, 'loginRecovery'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>, 'loginRecovery'>>;
+    login({ request, parameters, tryGetToken, getAuditor }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>, 'login'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>, 'login'>>;
+    loginVerifyTotp({ request, parameters, tryGetToken, getAuditor }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>, 'loginVerifyTotp'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>, 'loginVerifyTotp'>>;
+    loginRecovery({ request, parameters, tryGetToken, getAuditor }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>, 'loginRecovery'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>, 'loginRecovery'>>;
     initEnrollTotp({ getToken, getAuditor }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>, 'initEnrollTotp'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>, 'initEnrollTotp'>>;
     completeEnrollTotp({ request, getToken, parameters, getAuditor }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>, 'completeEnrollTotp'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>, 'completeEnrollTotp'>>;
     disableTotp({ request, getToken, parameters, getAuditor }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>, 'disableTotp'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitPasswordResetData>, 'disableTotp'>>;

package/authentication/server/authentication.api-controller.js CHANGED Viewed

@@ -16,7 +16,7 @@ import { inject } from '../../injector/index.js';
 import { Logger } from '../../logger/logger.js';
 import { RateLimiter } from '../../rate-limit/index.js';
 import { currentTimestampSeconds } from '../../utils/date-time.js';
-import { isDefined } from '../../utils/type-guards.js';
+import { isDefined, isNotNull } from '../../utils/type-guards.js';
 import { millisecondsPerMinute } from '../../utils/units.js';
 import { authenticationApiDefinition, getAuthenticationApiDefinition } from '../authentication.api.js';
 import { AuthenticationService, AuthenticationServiceOptions } from './authentication.service.js';
@@ -49,24 +49,51 @@ let AuthenticationApiController = AuthenticationApiController_1 = class Authenti
      * @param parameters The parameters for the request.
      * @returns The token result.
      */
-    async login({ request, parameters, getAuditor }) {
+    async login({ request, parameters, tryGetToken, getAuditor }) {
         const auditor = await getAuditor();
+        try {
+            const token = await tryGetToken();
+            if (isNotNull(token)) {
+                await this.authenticationService.endSession(token.payload.session, auditor);
+            }
+        }
+        catch (error) {
+            this.#logger.error('Error validating existing token during login:', error);
+        }
         const subjectResource = `${parameters.tenantId ?? NIL_UUID}:${parameters.subject}`;
         const actualSubject = await this.authenticationService.tryResolveSubject({ tenantId: parameters.tenantId, subject: parameters.subject });
         await this.enforceRateLimit(request.ip, subjectResource, auditor, actualSubject?.id ?? NIL_UUID, 'login');
         const result = await this.authenticationService.login({ tenantId: parameters.tenantId, subject: parameters.subject }, parameters.password, parameters.data, auditor, parameters.remember);
         return this.getLoginResponse(result);
     }
-    async loginVerifyTotp({ request, parameters, getAuditor }) {
+    async loginVerifyTotp({ request, parameters, tryGetToken, getAuditor }) {
         const auditor = await getAuditor();
+        try {
+            const token = await tryGetToken();
+            if (isNotNull(token)) {
+                await this.authenticationService.endSession(token.payload.session, auditor);
+            }
+        }
+        catch (error) {
+            this.#logger.error('Error validating existing token during login:', error);
+        }
         const validatedChallengeToken = await this.authenticationService.validateTotpChallengeToken(parameters.challengeToken);
         const subjectResource = `${validatedChallengeToken.payload.tenant}:${validatedChallengeToken.payload.subject}`;
         await this.enforceRateLimit(request.ip, subjectResource, auditor, validatedChallengeToken.payload.subject, 'login-verify-totp');
         const result = await this.authenticationService.loginVerifyTotp(parameters.challengeToken, parameters.token, auditor);
         return this.getLoginResponse(result);
     }
-    async loginRecovery({ request, parameters, getAuditor }) {
+    async loginRecovery({ request, parameters, tryGetToken, getAuditor }) {
         const auditor = await getAuditor();
+        try {
+            const token = await tryGetToken();
+            if (isNotNull(token)) {
+                await this.authenticationService.endSession(token.payload.session, auditor);
+            }
+        }
+        catch (error) {
+            this.#logger.error('Error validating existing token during login:', error);
+        }
         const validatedChallengeToken = await this.authenticationService.validateTotpChallengeToken(parameters.challengeToken);
         const subjectResource = `${validatedChallengeToken.payload.tenant}:${validatedChallengeToken.payload.subject}`;
         await this.enforceRateLimit(request.ip, subjectResource, auditor, validatedChallengeToken.payload.subject, 'login-recovery');

package/authentication/server/authentication.service.d.ts CHANGED Viewed

@@ -2,7 +2,7 @@
 import { Auditor } from '../../audit/index.js';
 import { type Argon2Params, type TotpHashAlgorithm } from '../../cryptography/index.js';
 import type { Record, TypedOmit } from '../../types/index.js';
-import { AuthenticationSession, AuthenticationTotp, Subject, type PasswordCheckResult, type PasswordResetToken, type RefreshToken, type Token, type TotpChallengeToken } from '../models/index.js';
+import { AuthenticationSession, AuthenticationTotp, Subject, TotpEnrollmentInitResult, TotpRecoveryCodesResult, TotpStatusResult, type PasswordCheckResult, type PasswordResetToken, type RefreshToken, type Token, type TotpChallengeToken } from '../models/index.js';
 import type { SubjectInput } from '../types.js';
 import { type PasswordTestResult } from './authentication-password-requirements.validator.js';
 /**
@@ -456,23 +456,14 @@ export declare class AuthenticationService<AdditionalTokenPayload extends Record
     private createPasswordResetToken;
     private getHash;
     tryGetTotp(tenantId: string, subjectId: string): Promise<AuthenticationTotp | undefined>;
-    getTotpStatus(tenantId: string, subjectId: string): Promise<{
-        active: boolean;
-    }>;
-    initEnrollTotp(tenantId: string, subjectId: string, auditor: Auditor): Promise<{
-        secret: string;
-        uri: string;
-    }>;
-    completeEnrollTotp(tenantId: string, subjectId: string, token: string, auditor: Auditor): Promise<{
-        recoveryCodes: string[];
-    }>;
+    getTotpStatus(tenantId: string, subjectId: string): Promise<TotpStatusResult>;
+    initEnrollTotp(tenantId: string, subjectId: string, auditor: Auditor): Promise<TotpEnrollmentInitResult>;
+    completeEnrollTotp(tenantId: string, subjectId: string, token: string, auditor: Auditor): Promise<TotpRecoveryCodesResult>;
     disableTotp(tenantId: string, subjectId: string, token: string, auditor: Auditor): Promise<void>;
     disableTotpWithRecoveryCode(tenantId: string, subjectId: string, recoveryCode: string, auditor: Auditor): Promise<void>;
     regenerateRecoveryCodes(tenantId: string, subjectId: string, token: string, auditor: Auditor, options?: {
         invalidateOtherSessions?: boolean;
-    }): Promise<{
-        recoveryCodes: string[];
-    }>;
+    }): Promise<TotpRecoveryCodesResult>;
     loginVerifyTotp(challengeTokenString: string, token: string, auditor: Auditor): Promise<LoginSuccessResult<AdditionalTokenPayload>>;
     loginRecovery(challengeTokenString: string, recoveryCode: string, auditor: Auditor): Promise<LoginSuccessResult<AdditionalTokenPayload>>;
     validateTotpChallengeToken(tokenString: string): Promise<TotpChallengeToken<AuthenticationData>>;

package/authentication/server/authentication.service.js CHANGED Viewed

@@ -23,7 +23,7 @@ import { isUuid } from '../../utils/patterns.js';
 import { getRandomBytes, getRandomString } from '../../utils/random.js';
 import { isDefined, isString, isUndefined } from '../../utils/type-guards.js';
 import { millisecondsPerDay, millisecondsPerHour, millisecondsPerMinute } from '../../utils/units.js';
-import { AuthenticationPassword, AuthenticationSession, AuthenticationTotp, AuthenticationTotpRecoveryCode, AuthenticationUsedTotpToken, Subject, SubjectStatus, TotpStatus, User } from '../models/index.js';
+import { AuthenticationPassword, AuthenticationSession, AuthenticationTotp, AuthenticationTotpRecoveryCode, AuthenticationUsedTotpToken, Subject, SubjectStatus, TotpEnrollmentInitResult, TotpRecoveryCodesResult, TotpStatus, TotpStatusResult, User } from '../models/index.js';
 import { AuthenticationAncillaryService, GetTokenPayloadContextAction } from './authentication-ancillary.service.js';
 import { AuthenticationPasswordRequirementsValidator } from './authentication-password-requirements.validator.js';
 import { getPasswordResetTokenFromString, getRefreshTokenFromString, getTokenFromString } from './helper.js';
@@ -88,11 +88,11 @@ const JWT_ID_LENGTH = 24;
 const REFRESH_TOKEN_SECRET_LENGTH = 64;
 const SALT_LENGTH = 32;
 export const DEFAULT_TOTP_OPTIONS = {
-    codeHashAlgorithm: 'SHA-512',
+    codeHashAlgorithm: 'SHA-1',
     recoveryCodeHashOptions: {
         algorithm: {
             name: 'Argon2id',
-            memory: 128 * 1024, // 128 MiB
+            memory: 256 * 1024, // 256 MiB
             parallelism: 4,
             passes: 3,
         },
@@ -861,7 +861,9 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
     }
     async getTotpStatus(tenantId, subjectId) {
         const totp = await this.tryGetTotp(tenantId, subjectId);
-        return { active: totp?.status == TotpStatus.Active };
+        return {
+            active: totp?.status == TotpStatus.Active,
+        };
     }
     async initEnrollTotp(tenantId, subjectId, auditor) {
         const authAuditor = auditor.fork(AuthenticationService_1.name);

package/core.d.ts CHANGED Viewed

@@ -1,11 +1,6 @@
-import { Injector } from './injector/index.js';
 declare global {
     var tstdlLoaded: boolean | undefined;
 }
-/**
- * @deprecated Usage of `getGlobalInjector` should be avoided. Use `Application` scoped injector instead.
- */
-export declare function getGlobalInjector(): Injector;
 export declare function isDevMode(): boolean;
 export declare function isProdMode(): boolean;
 export declare function enableProdMode(): void;

package/core.js CHANGED Viewed

@@ -1,16 +1,8 @@
-import { Injector } from './injector/index.js';
 if (globalThis.tstdlLoaded == true) {
     console.error(new Error('tstdl seems to be loaded multiple times. This is likely an error as some modules won\'t work as intended this way.'));
 }
 globalThis.tstdlLoaded = true;
-let globalInjector;
 let _isDevMode = true;
-/**
- * @deprecated Usage of `getGlobalInjector` should be avoided. Use `Application` scoped injector instead.
- */
-export function getGlobalInjector() {
-    return globalInjector ??= new Injector('GlobalInjector');
-}
 export function isDevMode() {
     return _isDevMode;
 }

package/document-management/api/document-management.api.d.ts CHANGED Viewed

@@ -362,8 +362,8 @@ export declare const documentManagementApiDefinition: {
             resource: string;
             method: "POST";
             parameters: import("../../schema/index.js").ObjectSchema<{
-                id: string;
                 state: "error" | "pending" | "running" | "completed" | "review" | "failed";
+                id: string;
             }>;
             result: import("../../schema/index.js").LiteralSchema<"ok">;
             credentials: true;
@@ -772,8 +772,8 @@ declare const _DocumentManagementApi: import("../../api/client/index.js").ApiCli
             resource: string;
             method: "POST";
             parameters: import("../../schema/index.js").ObjectSchema<{
-                id: string;
                 state: "error" | "pending" | "running" | "completed" | "review" | "failed";
+                id: string;
             }>;
             result: import("../../schema/index.js").LiteralSchema<"ok">;
             credentials: true;