npm - @twin.org/api-auth-entity-storage-service - Versions diffs - 0.0.3-next.21 → 0.0.3-next.23 - Mend

@twin.org/api-auth-entity-storage-service 0.0.3-next.21 → 0.0.3-next.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (80) hide show

package/docs/reference/interfaces/IAuthHeaderProcessorConstructorOptions.md CHANGED Viewed

@@ -4,16 +4,36 @@ Options for the AuthHeaderProcessor constructor.
 ## Properties
-### vaultConnectorType?
+### authenticationAdminServiceType? {#authenticationadminservicetype}
-> `optional` **vaultConnectorType**: `string`
+> `optional` **authenticationAdminServiceType?**: `string`
+The admin service.
+#### Default
+```ts
+authentication-admin
+```
+***
+### vaultConnectorType? {#vaultconnectortype}
+> `optional` **vaultConnectorType?**: `string`
 The vault for the private keys.
+#### Default
+```ts
+vault
+```
 ***
-### config?
+### config? {#config}
-> `optional` **config**: [`IAuthHeaderProcessorConfig`](IAuthHeaderProcessorConfig.md)
+> `optional` **config?**: [`IAuthHeaderProcessorConfig`](IAuthHeaderProcessorConfig.md)
 The configuration for the processor.

package/docs/reference/interfaces/IEntityStorageAuthenticationAdminServiceConfig.md CHANGED Viewed

@@ -4,8 +4,14 @@ Configuration for the entity storage authentication admin service.
 ## Properties
-### minPasswordLength?
+### minPasswordLength? {#minpasswordlength}
-> `optional` **minPasswordLength**: `number`
+> `optional` **minPasswordLength?**: `number`
 The minimum password length.
+#### Default
+```ts
+8
+```

package/docs/reference/interfaces/IEntityStorageAuthenticationAdminServiceConstructorOptions.md CHANGED Viewed

@@ -4,16 +4,36 @@ Options for the EntityStorageAuthenticationAdminService constructor.
 ## Properties
-### userEntityStorageType?
+### userEntityStorageType? {#userentitystoragetype}
-> `optional` **userEntityStorageType**: `string`
+> `optional` **userEntityStorageType?**: `string`
 The entity storage for the users.
+#### Default
+```ts
+authentication-user
+```
+***
+### authenticationAuditServiceType? {#authenticationauditservicetype}
+> `optional` **authenticationAuditServiceType?**: `string`
+The audit service.
+#### Default
+```ts
+authentication-audit
+```
 ***
-### config?
+### config? {#config}
-> `optional` **config**: [`IEntityStorageAuthenticationAdminServiceConfig`](IEntityStorageAuthenticationAdminServiceConfig.md)
+> `optional` **config?**: [`IEntityStorageAuthenticationAdminServiceConfig`](IEntityStorageAuthenticationAdminServiceConfig.md)
 The configuration for the authentication.

package/docs/reference/interfaces/IEntityStorageAuthenticationAuditServiceConfig.md ADDED Viewed

@@ -0,0 +1,11 @@
+# Interface: IEntityStorageAuthenticationAuditServiceConfig
+Config for the EntityStorageAuthenticationAuditService constructor.
+## Properties
+### ipHashSalt? {#iphashsalt}
+> `optional` **ipHashSalt?**: `string`
+The server-side salt for hashing IP addresses in audit logs, if configured.

package/docs/reference/interfaces/IEntityStorageAuthenticationAuditServiceConstructorOptions.md ADDED Viewed

@@ -0,0 +1,25 @@
+# Interface: IEntityStorageAuthenticationAuditServiceConstructorOptions
+Options for the EntityStorageAuthenticationAuditService constructor.
+## Properties
+### authenticationAuditEntryStorageType? {#authenticationauditentrystoragetype}
+> `optional` **authenticationAuditEntryStorageType?**: `string`
+The entity storage for the audit entries.
+#### Default
+```ts
+authentication-audit-entry
+```
+***
+### config? {#config}
+> `optional` **config?**: [`IEntityStorageAuthenticationAuditServiceConfig`](IEntityStorageAuthenticationAuditServiceConfig.md)
+The configuration for the authentication audit service.

package/docs/reference/interfaces/IEntityStorageAuthenticationRateServiceConfig.md ADDED Viewed

@@ -0,0 +1,17 @@
+# Interface: IEntityStorageAuthenticationRateServiceConfig
+Configuration for the entity storage authentication rate service.
+## Properties
+### cleanupIntervalMinutes? {#cleanupintervalminutes}
+> `optional` **cleanupIntervalMinutes?**: `number`
+Interval between cleanup runs in minutes.
+#### Default
+```ts
+5
+```

package/docs/reference/interfaces/IEntityStorageAuthenticationRateServiceConstructorOptions.md ADDED Viewed

@@ -0,0 +1,39 @@
+# Interface: IEntityStorageAuthenticationRateServiceConstructorOptions
+Options for the EntityStorageAuthenticationRateService constructor.
+## Properties
+### authenticationRateEntryStorageType? {#authenticationrateentrystoragetype}
+> `optional` **authenticationRateEntryStorageType?**: `string`
+The entity storage for authentication rate entries.
+#### Default
+```ts
+authentication-rate-entry
+```
+***
+### taskSchedulerComponentType? {#taskschedulercomponenttype}
+> `optional` **taskSchedulerComponentType?**: `string`
+The task scheduler component type.
+#### Default
+```ts
+task-scheduler
+```
+***
+### config? {#config}
+> `optional` **config?**: [`IEntityStorageAuthenticationRateServiceConfig`](IEntityStorageAuthenticationRateServiceConfig.md)
+The configuration for the authentication rate service.

package/docs/reference/interfaces/IEntityStorageAuthenticationServiceConfig.md CHANGED Viewed

@@ -4,16 +4,70 @@ Configuration for the entity storage authentication service.
 ## Properties
-### signingKeyName?
+### signingKeyName? {#signingkeyname}
-> `optional` **signingKeyName**: `string`
+> `optional` **signingKeyName?**: `string`
 The name of the key to retrieve from the vault for signing JWT.
+#### Default
+```ts
+auth-signing
+```
 ***
-### defaultTtlMinutes?
+### defaultTtlMinutes? {#defaultttlminutes}
-> `optional` **defaultTtlMinutes**: `number`
+> `optional` **defaultTtlMinutes?**: `number`
 The default time to live for the JWT.
+#### Default
+```ts
+60
+```
+***
+### loginRateLimit? {#loginratelimit}
+> `optional` **loginRateLimit?**: `IAuthenticationRateActionConfig`
+Optional override for login failure rate limit.
+#### Default
+```ts
+{ maxAttempts: 5, windowMinutes: 15 }
+```
+***
+### passwordChangeRateLimit? {#passwordchangeratelimit}
+> `optional` **passwordChangeRateLimit?**: `IAuthenticationRateActionConfig`
+Optional override for password change rate limit.
+#### Default
+```ts
+{ maxAttempts: 5, windowMinutes: 15 }
+```
+***
+### tokenRefreshRateLimit? {#tokenrefreshratelimit}
+> `optional` **tokenRefreshRateLimit?**: `IAuthenticationRateActionConfig`
+Optional override for token refresh rate limit.
+#### Default
+```ts
+{ maxAttempts: 30, windowMinutes: 60 }
+```

package/docs/reference/interfaces/IEntityStorageAuthenticationServiceConstructorOptions.md CHANGED Viewed

@@ -4,32 +4,78 @@ Options for the EntityStorageAuthenticationService constructor.
 ## Properties
-### userEntityStorageType?
+### userEntityStorageType? {#userentitystoragetype}
-> `optional` **userEntityStorageType**: `string`
+> `optional` **userEntityStorageType?**: `string`
 The entity storage for the users.
+#### Default
+```ts
+authentication-user
+```
 ***
-### vaultConnectorType?
+### vaultConnectorType? {#vaultconnectortype}
-> `optional` **vaultConnectorType**: `string`
+> `optional` **vaultConnectorType?**: `string`
 The vault for the private keys.
+#### Default
+```ts
+vault
+```
 ***
-### authenticationAdminServiceType?
+### authenticationAdminServiceType? {#authenticationadminservicetype}
-> `optional` **authenticationAdminServiceType**: `string`
+> `optional` **authenticationAdminServiceType?**: `string`
 The admin service.
+#### Default
+```ts
+authentication-admin
+```
+***
+### authenticationAuditServiceType? {#authenticationauditservicetype}
+> `optional` **authenticationAuditServiceType?**: `string`
+The audit service.
+#### Default
+```ts
+authentication-audit
+```
+***
+### authenticationRateServiceType? {#authenticationrateservicetype}
+> `optional` **authenticationRateServiceType?**: `string`
+The rate service.
+#### Default
+```ts
+authentication-rate
+```
 ***
-### config?
+### config? {#config}
-> `optional` **config**: [`IEntityStorageAuthenticationServiceConfig`](IEntityStorageAuthenticationServiceConfig.md)
+> `optional` **config?**: [`IEntityStorageAuthenticationServiceConfig`](IEntityStorageAuthenticationServiceConfig.md)
 The configuration for the authentication.

package/docs/reference/variables/tagsAuthenticationAudit.md ADDED Viewed

@@ -0,0 +1,5 @@
+# Variable: tagsAuthenticationAudit
+> `const` **tagsAuthenticationAudit**: `ITag`[]
+The tag to associate with the routes.

package/locales/en.json CHANGED Viewed

@@ -15,15 +15,24 @@
 			"userNotFound": "The user with the specified e-mail could not be found \"{notFoundId}\"",
 			"currentPasswordMismatch": "The current password is incorrect"
 		},
+		"entityStorageAuthenticationRateService": {
+			"actionConfigMissing": "No rate-limit configuration exists for action \"{action}\".",
+			"rateLimitExceeded": "The rate limit for action \"{action}\" has been exceeded. Retry after {retryAfterSeconds} seconds."
+		},
 		"tokenHelper": {
 			"missing": "The JSON Web token could not be found in the authorization header",
 			"payloadMissingSubject": "The JSON Web token payload does not contain a subject",
 			"payloadMissingOrganization": "The JSON Web token payload does not contain an organization",
 			"expired": "The JSON Web token has expired",
-			"insufficientScopes": "The JSON Web token does not have the required scopes to access this resource"
+			"insufficientScopes": "The JSON Web token does not have the required scopes to access this resource",
+			"userNotVerified": "The user associated with the JSON Web token could not be verified",
+			"organizationNotVerified": "The organization associated with the JSON Web token could not be verified"
 		},
 		"authHeaderProcessor": {
 			"tenantIdMismatch": "The tenant ID in the token does not match the tenant ID in the context"
+		},
+		"validation": {
+			"saltEntropyTooLow": "Salt must have at least 8 unique characters for sufficient entropy."
 		}
 	}
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "@twin.org/api-auth-entity-storage-service",
-	"version": "0.0.3-next.21",
+	"version": "0.0.3-next.23",
 	"description": "Authentication service implementation and REST routes backed by entity storage.",
 	"repository": {
 		"type": "git",
@@ -14,9 +14,10 @@
 		"node": ">=20.0.0"
 	},
 	"dependencies": {
-		"@twin.org/api-auth-entity-storage-models": "0.0.3-next.21",
-		"@twin.org/api-core": "0.0.3-next.21",
-		"@twin.org/api-models": "0.0.3-next.21",
+		"@twin.org/api-auth-entity-storage-models": "0.0.3-next.23",
+		"@twin.org/api-core": "0.0.3-next.23",
+		"@twin.org/api-models": "0.0.3-next.23",
+		"@twin.org/background-task-models": "next",
 		"@twin.org/context": "next",
 		"@twin.org/core": "next",
 		"@twin.org/crypto": "next",