@velajs/better-auth 0.5.0 → 0.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +6 -1
- package/dist/better-auth.service-BMkyFX-w.js +63 -0
- package/dist/better-auth.service-BMkyFX-w.js.map +1 -0
- package/dist/index.d.ts +270 -12
- package/dist/index.js +364 -15
- package/dist/index.js.map +1 -0
- package/dist/testing/index.d.ts +50 -0
- package/dist/testing/index.js +60 -0
- package/dist/testing/index.js.map +1 -0
- package/package.json +60 -39
- package/dist/better-auth.controller.d.ts +0 -21
- package/dist/better-auth.controller.js +0 -68
- package/dist/better-auth.module.d.ts +0 -52
- package/dist/better-auth.module.js +0 -138
- package/dist/better-auth.service.d.ts +0 -42
- package/dist/better-auth.service.js +0 -51
- package/dist/better-auth.tokens.d.ts +0 -5
- package/dist/better-auth.tokens.js +0 -4
- package/dist/better-auth.types.d.ts +0 -11
- package/dist/better-auth.types.js +0 -1
- package/dist/decorators/current-session.decorator.d.ts +0 -1
- package/dist/decorators/current-session.decorator.js +0 -7
- package/dist/decorators/current-user.decorator.d.ts +0 -1
- package/dist/decorators/current-user.decorator.js +0 -7
- package/dist/decorators/optional-auth.decorator.d.ts +0 -2
- package/dist/decorators/optional-auth.decorator.js +0 -5
- package/dist/decorators/public.decorator.d.ts +0 -2
- package/dist/decorators/public.decorator.js +0 -5
- package/dist/decorators/roles.decorator.d.ts +0 -2
- package/dist/decorators/roles.decorator.js +0 -5
- package/dist/guards/auth.guard.d.ts +0 -10
- package/dist/guards/auth.guard.js +0 -68
- package/dist/guards/roles.guard.d.ts +0 -5
- package/dist/guards/roles.guard.js +0 -36
|
@@ -1,68 +0,0 @@
|
|
|
1
|
-
function _ts_decorate(decorators, target, key, desc) {
|
|
2
|
-
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
3
|
-
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
4
|
-
else for(var i = decorators.length - 1; i >= 0; i--)if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
5
|
-
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
6
|
-
}
|
|
7
|
-
function _ts_metadata(k, v) {
|
|
8
|
-
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
9
|
-
}
|
|
10
|
-
function _ts_param(paramIndex, decorator) {
|
|
11
|
-
return function(target, key) {
|
|
12
|
-
decorator(target, key, paramIndex);
|
|
13
|
-
};
|
|
14
|
-
}
|
|
15
|
-
import { Inject, Injectable, REQUEST_CONTEXT, Reflector, UnauthorizedException } from "@velajs/vela";
|
|
16
|
-
import { AUTH_SESSION_KEY, AUTH_USER_KEY, BETTER_AUTH_OPTIONS } from "../better-auth.tokens.js";
|
|
17
|
-
import { BetterAuthService } from "../better-auth.service.js";
|
|
18
|
-
import { OptionalAuth } from "../decorators/optional-auth.decorator.js";
|
|
19
|
-
import { Public } from "../decorators/public.decorator.js";
|
|
20
|
-
export class AuthGuard {
|
|
21
|
-
auth;
|
|
22
|
-
opts;
|
|
23
|
-
reflector = new Reflector();
|
|
24
|
-
constructor(// Inject BetterAuthService rather than the raw better-auth instance.
|
|
25
|
-
// The service's lazy `.auth` getter defers construction to first use, so
|
|
26
|
-
// forRootAsync factories that depend on values only available at
|
|
27
|
-
// request time (Cloudflare D1/KV bindings, etc.) build safely on the
|
|
28
|
-
// first canActivate — not at module-load bootstrap.
|
|
29
|
-
auth, opts){
|
|
30
|
-
this.auth = auth;
|
|
31
|
-
this.opts = opts;
|
|
32
|
-
}
|
|
33
|
-
async canActivate(context) {
|
|
34
|
-
if (this.reflector.getAllAndOverride(Public, context)) return true;
|
|
35
|
-
const request = context.getRequest();
|
|
36
|
-
const path = new URL(request.url).pathname;
|
|
37
|
-
const basePath = this.opts.basePath ?? '/api/auth';
|
|
38
|
-
if (path === basePath || path.startsWith(`${basePath}/`)) return true;
|
|
39
|
-
const data = await this.auth.api.getSession({
|
|
40
|
-
headers: request.headers
|
|
41
|
-
});
|
|
42
|
-
if (data) {
|
|
43
|
-
const reqCtx = resolveRequestContext(context);
|
|
44
|
-
reqCtx.set(AUTH_USER_KEY, data.user);
|
|
45
|
-
reqCtx.set(AUTH_SESSION_KEY, data.session);
|
|
46
|
-
return true;
|
|
47
|
-
}
|
|
48
|
-
if (this.opts.defaultPolicy === 'allow' || this.reflector.getAllAndOverride(OptionalAuth, context)) {
|
|
49
|
-
return true;
|
|
50
|
-
}
|
|
51
|
-
throw new UnauthorizedException('Authentication required');
|
|
52
|
-
}
|
|
53
|
-
}
|
|
54
|
-
AuthGuard = _ts_decorate([
|
|
55
|
-
Injectable(),
|
|
56
|
-
_ts_param(0, Inject(BetterAuthService)),
|
|
57
|
-
_ts_param(1, Inject(BETTER_AUTH_OPTIONS)),
|
|
58
|
-
_ts_metadata("design:type", Function),
|
|
59
|
-
_ts_metadata("design:paramtypes", [
|
|
60
|
-
typeof BetterAuthService === "undefined" ? Object : BetterAuthService,
|
|
61
|
-
typeof BetterAuthModuleOptions === "undefined" ? Object : BetterAuthModuleOptions
|
|
62
|
-
])
|
|
63
|
-
], AuthGuard);
|
|
64
|
-
function resolveRequestContext(context) {
|
|
65
|
-
const honoCtx = context.getContext();
|
|
66
|
-
const container = honoCtx.get('container');
|
|
67
|
-
return container.resolve(REQUEST_CONTEXT);
|
|
68
|
-
}
|
|
@@ -1,36 +0,0 @@
|
|
|
1
|
-
function _ts_decorate(decorators, target, key, desc) {
|
|
2
|
-
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
3
|
-
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
4
|
-
else for(var i = decorators.length - 1; i >= 0; i--)if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
5
|
-
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
6
|
-
}
|
|
7
|
-
import { ForbiddenException, Injectable, REQUEST_CONTEXT, Reflector } from "@velajs/vela";
|
|
8
|
-
import { AUTH_USER_KEY } from "../better-auth.tokens.js";
|
|
9
|
-
import { Roles } from "../decorators/roles.decorator.js";
|
|
10
|
-
export class RolesGuard {
|
|
11
|
-
reflector = new Reflector();
|
|
12
|
-
canActivate(context) {
|
|
13
|
-
const required = this.reflector.getAllAndOverride(Roles, context);
|
|
14
|
-
if (!required || required.length === 0) return true;
|
|
15
|
-
const honoCtx = context.getContext();
|
|
16
|
-
const reqCtx = honoCtx.get('container').resolve(REQUEST_CONTEXT);
|
|
17
|
-
const user = reqCtx.get(AUTH_USER_KEY);
|
|
18
|
-
if (!user) {
|
|
19
|
-
throw new ForbiddenException('Role check requires authentication');
|
|
20
|
-
}
|
|
21
|
-
const userRoles = normalizeRoles(user.role);
|
|
22
|
-
const ok = required.some((r)=>userRoles.includes(r));
|
|
23
|
-
if (!ok) {
|
|
24
|
-
throw new ForbiddenException(`Insufficient role; one of [${required.join(', ')}] required`);
|
|
25
|
-
}
|
|
26
|
-
return true;
|
|
27
|
-
}
|
|
28
|
-
}
|
|
29
|
-
RolesGuard = _ts_decorate([
|
|
30
|
-
Injectable()
|
|
31
|
-
], RolesGuard);
|
|
32
|
-
function normalizeRoles(role) {
|
|
33
|
-
if (!role) return [];
|
|
34
|
-
if (Array.isArray(role)) return role;
|
|
35
|
-
return role.split(',').map((r)=>r.trim()).filter(Boolean);
|
|
36
|
-
}
|