@veloxts/auth 0.3.4 → 0.3.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +425 -22
- package/dist/__integration__/fixtures.d.ts +41 -0
- package/dist/__integration__/fixtures.d.ts.map +1 -0
- package/dist/__integration__/fixtures.js +79 -0
- package/dist/__integration__/fixtures.js.map +1 -0
- package/dist/__integration__/setup.d.ts +26 -0
- package/dist/__integration__/setup.d.ts.map +1 -0
- package/dist/__integration__/setup.js +28 -0
- package/dist/__integration__/setup.js.map +1 -0
- package/dist/csrf.d.ts +9 -3
- package/dist/csrf.d.ts.map +1 -1
- package/dist/csrf.js +9 -3
- package/dist/csrf.js.map +1 -1
- package/dist/guards.d.ts +12 -9
- package/dist/guards.d.ts.map +1 -1
- package/dist/guards.js +17 -5
- package/dist/guards.js.map +1 -1
- package/dist/hash.d.ts +7 -1
- package/dist/hash.d.ts.map +1 -1
- package/dist/hash.js +20 -4
- package/dist/hash.js.map +1 -1
- package/dist/index.d.ts +10 -6
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +43 -7
- package/dist/index.js.map +1 -1
- package/dist/jwt.d.ts +34 -5
- package/dist/jwt.d.ts.map +1 -1
- package/dist/jwt.js +154 -28
- package/dist/jwt.js.map +1 -1
- package/dist/middleware.d.ts +18 -6
- package/dist/middleware.d.ts.map +1 -1
- package/dist/middleware.js +23 -11
- package/dist/middleware.js.map +1 -1
- package/dist/password-policy.d.ts +259 -0
- package/dist/password-policy.d.ts.map +1 -0
- package/dist/password-policy.js +529 -0
- package/dist/password-policy.js.map +1 -0
- package/dist/plugin.d.ts +25 -7
- package/dist/plugin.d.ts.map +1 -1
- package/dist/plugin.js +28 -9
- package/dist/plugin.js.map +1 -1
- package/dist/rate-limit.d.ts +231 -0
- package/dist/rate-limit.d.ts.map +1 -0
- package/dist/rate-limit.js +352 -0
- package/dist/rate-limit.js.map +1 -0
- package/dist/session.d.ts +9 -3
- package/dist/session.d.ts.map +1 -1
- package/dist/session.js +9 -3
- package/dist/session.js.map +1 -1
- package/dist/types.d.ts +11 -1
- package/dist/types.d.ts.map +1 -1
- package/package.json +30 -7
package/dist/middleware.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAStC,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAEvC,+EAA+E;AAC/E,0BAA0B;AAC1B,+EAA+E;AAE/E;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,MAAM,UAAU,
|
|
1
|
+
{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAStC,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAEvC,+EAA+E;AAC/E,0BAA0B;AAC1B,+EAA+E;AAE/E;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,MAAM,UAAU,cAAc,CAAC,MAAkB;IAC/C,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAEvC;;OAEG;IACH,SAAS,UAAU,CACjB,UAAiC,EAAE;QAEnC,OAAO,KAAK,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE,EAAE;YAC7B,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC;YAE5B,4BAA4B;YAC5B,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;YACjD,MAAM,KAAK,GAAG,GAAG,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;YAEhD,oBAAoB;YACpB,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;oBACrB,wCAAwC;oBACxC,MAAM,WAAW,GAAgB;wBAC/B,IAAI,EAAE,SAAS;wBACf,KAAK,EAAE,SAAS;wBAChB,eAAe,EAAE,KAAK;qBACvB,CAAC;oBAEF,OAAO,IAAI,CAAC;wBACV,GAAG,EAAE;4BACH,GAAG,GAAG;4BACN,IAAI,EAAE,WAAW;4BACjB,IAAI,EAAE,SAAS;yBAChB;qBACF,CAAC,CAAC;gBACL,CAAC;gBAED,yBAAyB;gBACzB,MAAM,IAAI,SAAS,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC;YAC5D,CAAC;YAED,eAAe;YACf,IAAI,OAAqB,CAAC;YAC1B,IAAI,CAAC;gBACH,OAAO,GAAG,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YACnC,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;oBACrB,2DAA2D;oBAC3D,MAAM,WAAW,GAAgB;wBAC/B,IAAI,EAAE,SAAS;wBACf,KAAK,EAAE,SAAS;wBAChB,eAAe,EAAE,KAAK;qBACvB,CAAC;oBAEF,OAAO,IAAI,CAAC;wBACV,GAAG,EAAE;4BACH,GAAG,GAAG;4BACN,IAAI,EAAE,WAAW;4BACjB,IAAI,EAAE,SAAS;yBAChB;qBACF,CAAC,CAAC;gBACL,CAAC;gBAED,MAAM,IAAI,SAAS,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,GAAG,CAAC,CAAC;YACrF,CAAC;YAED,4BAA4B;YAC5B,IAAI,MAAM,CAAC,cAAc,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;gBACzC,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;gBACzD,IAAI,OAAO,EAAE,CAAC;oBACZ,MAAM,IAAI,SAAS,CAAC,wBAAwB,EAAE,GAAG,EAAE,eAAe,CAAC,CAAC;gBACtE,CAAC;YACH,CAAC;YAED,0BAA0B;YAC1B,IAAI,IAAI,GAAgB,IAAI,CAAC;YAC7B,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;gBACtB,IAAI,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;gBAC5C,IAAI,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;oBAC/B,MAAM,IAAI,SAAS,CAAC,gBAAgB,EAAE,GAAG,EAAE,gBAAgB,CAAC,CAAC;gBAC/D,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,kDAAkD;gBAClD,IAAI,GAAG;oBACL,EAAE,EAAE,OAAO,CAAC,GAAG;oBACf,KAAK,EAAE,OAAO,CAAC,KAAK;iBACrB,CAAC;YACJ,CAAC;YAED,sBAAsB;YACtB,MAAM,WAAW,GAAgB;gBAC/B,IAAI,EAAE,IAAI,IAAI,SAAS;gBACvB,KAAK,EAAE,OAAO;gBACd,eAAe,EAAE,CAAC,CAAC,IAAI;aACxB,CAAC;YAEF,yBAAyB;YACzB,MAAM,WAAW,GAAG;gBAClB,GAAG,GAAG;gBACN,IAAI,EAAE,WAAW;gBACjB,IAAI,EAAE,IAAI,IAAI,SAAS;aACxB,CAAC;YAEF,0BAA0B;YAC1B,IAAI,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAChD,mFAAmF;gBACnF,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;oBACzC,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;wBAC1B,MAAM,IAAI,SAAS,CACjB,uFAAuF,CAAC,GAAG,EAC3F,GAAG,EACH,eAAe,CAChB,CAAC;oBACJ,CAAC;oBACD,OAAO,CAAC,CAAC;gBACX,CAAC,CAA0C,CAAC;gBAE5C,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,SAAS,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;gBAE/E,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;oBACnB,MAAM,IAAI,SAAS,CACjB,MAAM,CAAC,OAAO,IAAI,iBAAiB,MAAM,CAAC,WAAW,EAAE,EACvD,MAAM,CAAC,UAAU,IAAI,GAAG,EACxB,cAAc,CACf,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,sCAAsC;YACtC,OAAO,IAAI,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE,CAAC,CAAC;QACpC,CAAC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,SAAS,WAAW,CAClB,MAAwC;QAExC,OAAO,UAAU,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,CAK5C,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,SAAS,YAAY;QAMnB,OAAO,UAAU,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;IACxC,CAAC;IAED,OAAO;QACL,UAAU;QACV,WAAW;QACX,YAAY;QACZ,GAAG;KACJ,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,cAAc,CAAC;AAEnD,+EAA+E;AAC/E,gBAAgB;AAChB,+EAA+E;AAE/E,0CAA0C;AAE1C,+EAA+E;AAC/E,2BAA2B;AAC3B,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,cAAc,GAAG,IAAI,GAAG,EAA8C,CAAC;AAE7E;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,mBAAmB,CAAgD,OAKlF;IACC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC;IAC/B,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,KAAK,CAAC;IAC3C,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,IAAI,SAAS,CAAC,CAAC;IACpF,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,2CAA2C,CAAC;IAE/E,OAAO,KAAK,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE,EAAE;QAC7B,MAAM,GAAG,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;QAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,IAAI,MAAM,GAAG,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAErC,0BAA0B;QAC1B,IAAI,MAAM,IAAI,MAAM,CAAC,OAAO,IAAI,GAAG,EAAE,CAAC;YACpC,cAAc,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC3B,MAAM,GAAG,SAAS,CAAC;QACrB,CAAC;QAED,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,0BAA0B;YAC1B,MAAM,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,OAAO,EAAE,GAAG,GAAG,QAAQ,EAAE,CAAC;YAC/C,cAAc,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAClC,CAAC;aAAM,CAAC;YACN,kBAAkB;YAClB,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,CAAC;QAED,yDAAyD;QACzD,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,mBAAmB,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;QACnD,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,uBAAuB,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACnF,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,mBAAmB,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QAEhF,0EAA0E;QAC1E,IAAI,MAAM,CAAC,KAAK,GAAG,GAAG,EAAE,CAAC;YACvB,MAAM,IAAI,SAAS,CAAC,OAAO,EAAE,GAAG,EAAE,qBAAqB,CAAC,CAAC;QAC3D,CAAC;QAED,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG,mBAAmB,CAAC;AAE7D;;GAEG;AACH,MAAM,UAAU,mBAAmB;IACjC,cAAc,CAAC,KAAK,EAAE,CAAC;AACzB,CAAC"}
|
|
@@ -0,0 +1,259 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Password policy validation and strength scoring
|
|
3
|
+
*
|
|
4
|
+
* Provides configurable password requirements, strength scoring,
|
|
5
|
+
* common password checking, and optional breach detection.
|
|
6
|
+
*
|
|
7
|
+
* @module auth/password-policy
|
|
8
|
+
*/
|
|
9
|
+
/**
|
|
10
|
+
* Password policy requirements configuration
|
|
11
|
+
*/
|
|
12
|
+
export interface PasswordPolicyConfig {
|
|
13
|
+
/**
|
|
14
|
+
* Minimum password length
|
|
15
|
+
* @default 12
|
|
16
|
+
*/
|
|
17
|
+
minLength?: number;
|
|
18
|
+
/**
|
|
19
|
+
* Maximum password length (0 for no limit)
|
|
20
|
+
* @default 128
|
|
21
|
+
*/
|
|
22
|
+
maxLength?: number;
|
|
23
|
+
/**
|
|
24
|
+
* Require at least one uppercase letter
|
|
25
|
+
* @default false
|
|
26
|
+
*/
|
|
27
|
+
requireUppercase?: boolean;
|
|
28
|
+
/**
|
|
29
|
+
* Require at least one lowercase letter
|
|
30
|
+
* @default false
|
|
31
|
+
*/
|
|
32
|
+
requireLowercase?: boolean;
|
|
33
|
+
/**
|
|
34
|
+
* Require at least one digit
|
|
35
|
+
* @default false
|
|
36
|
+
*/
|
|
37
|
+
requireDigits?: boolean;
|
|
38
|
+
/**
|
|
39
|
+
* Require at least one special character
|
|
40
|
+
* @default false
|
|
41
|
+
*/
|
|
42
|
+
requireSpecialChars?: boolean;
|
|
43
|
+
/**
|
|
44
|
+
* Custom special characters set
|
|
45
|
+
* @default "!@#$%^&*()_+-=[]{}|;:,.<>?"
|
|
46
|
+
*/
|
|
47
|
+
specialChars?: string;
|
|
48
|
+
/**
|
|
49
|
+
* Disallow common passwords from list
|
|
50
|
+
* @default true
|
|
51
|
+
*/
|
|
52
|
+
disallowCommon?: boolean;
|
|
53
|
+
/**
|
|
54
|
+
* Check password against Have I Been Pwned API
|
|
55
|
+
* @default false
|
|
56
|
+
*/
|
|
57
|
+
checkBreaches?: boolean;
|
|
58
|
+
/**
|
|
59
|
+
* Maximum allowed occurrences in breaches (0 = any breach fails)
|
|
60
|
+
* @default 0
|
|
61
|
+
*/
|
|
62
|
+
maxBreachOccurrences?: number;
|
|
63
|
+
/**
|
|
64
|
+
* Custom password blacklist
|
|
65
|
+
* @default []
|
|
66
|
+
*/
|
|
67
|
+
blacklist?: readonly string[];
|
|
68
|
+
/**
|
|
69
|
+
* Disallow passwords containing user information
|
|
70
|
+
* (email, username, etc. - must be provided during validation)
|
|
71
|
+
* @default true
|
|
72
|
+
*/
|
|
73
|
+
disallowUserInfo?: boolean;
|
|
74
|
+
}
|
|
75
|
+
/**
|
|
76
|
+
* Password strength levels
|
|
77
|
+
*/
|
|
78
|
+
export declare enum PasswordStrength {
|
|
79
|
+
VeryWeak = 0,
|
|
80
|
+
Weak = 1,
|
|
81
|
+
Fair = 2,
|
|
82
|
+
Strong = 3,
|
|
83
|
+
VeryStrong = 4
|
|
84
|
+
}
|
|
85
|
+
/**
|
|
86
|
+
* Password validation result
|
|
87
|
+
*/
|
|
88
|
+
export interface PasswordValidationResult {
|
|
89
|
+
/** Whether password passes all requirements */
|
|
90
|
+
valid: boolean;
|
|
91
|
+
/** Validation error messages */
|
|
92
|
+
errors: string[];
|
|
93
|
+
/** Password strength score (0-4) */
|
|
94
|
+
strength: PasswordStrength;
|
|
95
|
+
/** Detailed strength score (0-100) */
|
|
96
|
+
score: number;
|
|
97
|
+
/** Whether password was found in breach database */
|
|
98
|
+
breached?: boolean;
|
|
99
|
+
/** Number of times password appeared in breaches */
|
|
100
|
+
breachCount?: number;
|
|
101
|
+
}
|
|
102
|
+
/**
|
|
103
|
+
* User information for password validation
|
|
104
|
+
*/
|
|
105
|
+
export interface UserInfo {
|
|
106
|
+
/** User's email address */
|
|
107
|
+
email?: string;
|
|
108
|
+
/** Username */
|
|
109
|
+
username?: string;
|
|
110
|
+
/** First name */
|
|
111
|
+
firstName?: string;
|
|
112
|
+
/** Last name */
|
|
113
|
+
lastName?: string;
|
|
114
|
+
/** Any other identifying information to exclude */
|
|
115
|
+
[key: string]: string | undefined;
|
|
116
|
+
}
|
|
117
|
+
/**
|
|
118
|
+
* Password policy validator and strength scorer
|
|
119
|
+
*
|
|
120
|
+
* @example
|
|
121
|
+
* ```typescript
|
|
122
|
+
* const policy = new PasswordPolicy({
|
|
123
|
+
* minLength: 12,
|
|
124
|
+
* requireUppercase: true,
|
|
125
|
+
* requireLowercase: true,
|
|
126
|
+
* requireDigits: true,
|
|
127
|
+
* checkBreaches: true,
|
|
128
|
+
* });
|
|
129
|
+
*
|
|
130
|
+
* // Validate password
|
|
131
|
+
* const result = await policy.validate('MyP@ssw0rd123', {
|
|
132
|
+
* email: 'user@example.com',
|
|
133
|
+
* });
|
|
134
|
+
*
|
|
135
|
+
* if (!result.valid) {
|
|
136
|
+
* console.log('Errors:', result.errors);
|
|
137
|
+
* }
|
|
138
|
+
*
|
|
139
|
+
* console.log('Strength:', PasswordStrength[result.strength]);
|
|
140
|
+
* console.log('Score:', result.score);
|
|
141
|
+
* ```
|
|
142
|
+
*/
|
|
143
|
+
export declare class PasswordPolicy {
|
|
144
|
+
private readonly config;
|
|
145
|
+
constructor(config?: PasswordPolicyConfig);
|
|
146
|
+
/**
|
|
147
|
+
* Validate a password against the policy
|
|
148
|
+
*
|
|
149
|
+
* @param password - Password to validate
|
|
150
|
+
* @param userInfo - Optional user information to check against
|
|
151
|
+
* @returns Validation result with errors and strength score
|
|
152
|
+
*/
|
|
153
|
+
validate(password: string, userInfo?: UserInfo): Promise<PasswordValidationResult>;
|
|
154
|
+
/**
|
|
155
|
+
* Calculate password strength score (0-100) and level (0-4)
|
|
156
|
+
*
|
|
157
|
+
* Based on:
|
|
158
|
+
* - Length
|
|
159
|
+
* - Character variety (uppercase, lowercase, digits, special)
|
|
160
|
+
* - Entropy
|
|
161
|
+
* - Pattern detection
|
|
162
|
+
*/
|
|
163
|
+
calculateStrength(password: string): {
|
|
164
|
+
score: number;
|
|
165
|
+
strength: PasswordStrength;
|
|
166
|
+
};
|
|
167
|
+
/**
|
|
168
|
+
* Calculate Shannon entropy of password
|
|
169
|
+
*/
|
|
170
|
+
private calculateEntropy;
|
|
171
|
+
/**
|
|
172
|
+
* Check if character types are well-mixed (not clustered)
|
|
173
|
+
*/
|
|
174
|
+
private checkMixedPositions;
|
|
175
|
+
/**
|
|
176
|
+
* Check password against Have I Been Pwned API
|
|
177
|
+
*
|
|
178
|
+
* Uses k-anonymity: only sends first 5 chars of SHA-1 hash
|
|
179
|
+
* to protect password privacy.
|
|
180
|
+
*
|
|
181
|
+
* @returns Number of times password appears in breaches (0 = not found)
|
|
182
|
+
*/
|
|
183
|
+
private checkBreaches;
|
|
184
|
+
/**
|
|
185
|
+
* Get password strength as human-readable string
|
|
186
|
+
*/
|
|
187
|
+
getStrengthLabel(strength: PasswordStrength): string;
|
|
188
|
+
/**
|
|
189
|
+
* Get password strength color (for UI display)
|
|
190
|
+
*/
|
|
191
|
+
getStrengthColor(strength: PasswordStrength): string;
|
|
192
|
+
}
|
|
193
|
+
/**
|
|
194
|
+
* Create a password policy validator (succinct API)
|
|
195
|
+
*
|
|
196
|
+
* @example
|
|
197
|
+
* ```typescript
|
|
198
|
+
* import { passwordPolicy } from '@veloxts/auth';
|
|
199
|
+
*
|
|
200
|
+
* const policy = passwordPolicy({
|
|
201
|
+
* minLength: 12,
|
|
202
|
+
* requireUppercase: true,
|
|
203
|
+
* requireDigits: true,
|
|
204
|
+
* });
|
|
205
|
+
*
|
|
206
|
+
* const result = await policy.validate('MyPassword123');
|
|
207
|
+
* ```
|
|
208
|
+
*/
|
|
209
|
+
export declare function passwordPolicy(config?: PasswordPolicyConfig): PasswordPolicy;
|
|
210
|
+
/**
|
|
211
|
+
* Creates a password policy validator
|
|
212
|
+
*
|
|
213
|
+
* @deprecated Use `passwordPolicy()` instead. Will be removed in v0.9.
|
|
214
|
+
*/
|
|
215
|
+
export declare const createPasswordPolicy: typeof passwordPolicy;
|
|
216
|
+
/**
|
|
217
|
+
* Quick password strength check (no policy validation)
|
|
218
|
+
*
|
|
219
|
+
* @example
|
|
220
|
+
* ```typescript
|
|
221
|
+
* import { checkPasswordStrength } from '@veloxts/auth';
|
|
222
|
+
*
|
|
223
|
+
* const { strength, score } = checkPasswordStrength('MyP@ssw0rd123');
|
|
224
|
+
* console.log(PasswordStrength[strength]); // "Strong"
|
|
225
|
+
* console.log(score); // 75
|
|
226
|
+
* ```
|
|
227
|
+
*/
|
|
228
|
+
export declare function checkPasswordStrength(password: string): {
|
|
229
|
+
score: number;
|
|
230
|
+
strength: PasswordStrength;
|
|
231
|
+
};
|
|
232
|
+
/**
|
|
233
|
+
* Quick common password check
|
|
234
|
+
*
|
|
235
|
+
* @example
|
|
236
|
+
* ```typescript
|
|
237
|
+
* import { isCommonPassword } from '@veloxts/auth';
|
|
238
|
+
*
|
|
239
|
+
* if (isCommonPassword('password123')) {
|
|
240
|
+
* console.log('Please choose a more secure password');
|
|
241
|
+
* }
|
|
242
|
+
* ```
|
|
243
|
+
*/
|
|
244
|
+
export declare function isCommonPassword(password: string): boolean;
|
|
245
|
+
/**
|
|
246
|
+
* Check password against Have I Been Pwned
|
|
247
|
+
*
|
|
248
|
+
* @example
|
|
249
|
+
* ```typescript
|
|
250
|
+
* import { checkPasswordBreach } from '@veloxts/auth';
|
|
251
|
+
*
|
|
252
|
+
* const count = await checkPasswordBreach('password123');
|
|
253
|
+
* if (count > 0) {
|
|
254
|
+
* console.log(`Found in ${count} breaches!`);
|
|
255
|
+
* }
|
|
256
|
+
* ```
|
|
257
|
+
*/
|
|
258
|
+
export declare function checkPasswordBreach(password: string): Promise<number>;
|
|
259
|
+
//# sourceMappingURL=password-policy.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"password-policy.d.ts","sourceRoot":"","sources":["../src/password-policy.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAQH;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAE3B;;;OAGG;IACH,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAE3B;;;OAGG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IAExB;;;OAGG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAE9B;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB;;;OAGG;IACH,cAAc,CAAC,EAAE,OAAO,CAAC;IAEzB;;;OAGG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IAExB;;;OAGG;IACH,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAE9B;;;OAGG;IACH,SAAS,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAE9B;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,OAAO,CAAC;CAC5B;AAED;;GAEG;AACH,oBAAY,gBAAgB;IAC1B,QAAQ,IAAI;IACZ,IAAI,IAAI;IACR,IAAI,IAAI;IACR,MAAM,IAAI;IACV,UAAU,IAAI;CACf;AAED;;GAEG;AACH,MAAM,WAAW,wBAAwB;IACvC,+CAA+C;IAC/C,KAAK,EAAE,OAAO,CAAC;IAEf,gCAAgC;IAChC,MAAM,EAAE,MAAM,EAAE,CAAC;IAEjB,oCAAoC;IACpC,QAAQ,EAAE,gBAAgB,CAAC;IAE3B,sCAAsC;IACtC,KAAK,EAAE,MAAM,CAAC;IAEd,oDAAoD;IACpD,QAAQ,CAAC,EAAE,OAAO,CAAC;IAEnB,oDAAoD;IACpD,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,2BAA2B;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,eAAe;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,iBAAiB;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,gBAAgB;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,mDAAmD;IACnD,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;CACnC;AA+GD;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAiC;gBAE5C,MAAM,GAAE,oBAAyB;IAiB7C;;;;;;OAMG;IACG,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,QAAQ,GAAG,OAAO,CAAC,wBAAwB,CAAC;IA+GxF;;;;;;;;OAQG;IACH,iBAAiB,CAAC,QAAQ,EAAE,MAAM,GAAG;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,gBAAgB,CAAA;KAAE;IAkDlF;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAkBxB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAyB3B;;;;;;;OAOG;YACW,aAAa;IA+B3B;;OAEG;IACH,gBAAgB,CAAC,QAAQ,EAAE,gBAAgB,GAAG,MAAM;IAepD;;OAEG;IACH,gBAAgB,CAAC,QAAQ,EAAE,gBAAgB,GAAG,MAAM;CAcrD;AAiBD;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,cAAc,CAAC,MAAM,CAAC,EAAE,oBAAoB,GAAG,cAAc,CAE5E;AAED;;;;GAIG;AACH,eAAO,MAAM,oBAAoB,uBAAiB,CAAC;AAEnD;;;;;;;;;;;GAWG;AACH,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,MAAM,GACf;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,gBAAgB,CAAA;CAAE,CAG/C;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAE1D;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAG3E"}
|