@veloxts/auth 0.3.5 → 0.3.6

package/README.md

@@ -9,10 +9,11 @@ Authentication and authorization system for VeloxTS Framework.
 - **Pluggable Auth Adapters** - Integrate external providers like BetterAuth, Clerk, Auth0
 - **Session Management** - Cookie-based sessions with pluggable storage backends
 - **JWT Authentication** - Stateless token-based authentication with refresh tokens
-- **Password Hashing** - Secure bcrypt hashing with configurable cost factors
-- **CSRF Protection** - Signed double-submit cookie pattern
+- **Password Hashing** - Secure bcrypt/argon2 hashing with configurable cost factors
+- **Password Policy** - Configurable strength requirements and breach detection
+- **CSRF Protection** - Signed double-submit cookie pattern with timing-safe validation
 - **Guards and Policies** - Declarative authorization for procedures
-- **Rate Limiting** - Built-in request rate limiting middleware
+- **Rate Limiting** - Auth-specific rate limiting with progressive backoff and lockout detection
 
 ## Table of Contents
 

package/dist/index.d.ts

@@ -32,4 +32,6 @@ export type { AdapterAuthContext, AdapterHttpMethod, AdapterMiddlewareOptions, A
 export { AuthAdapterError, BaseAuthAdapter, createAdapterAuthMiddleware, createAuthAdapterPlugin, defineAuthAdapter, isAuthAdapter, } from './adapter.js';
 export type { BetterAuthAdapterConfig, BetterAuthApi, BetterAuthHandler, BetterAuthInstance, BetterAuthSession, BetterAuthSessionResult, BetterAuthUser, } from './adapters/better-auth.js';
 export { BetterAuthAdapter, createBetterAuthAdapter } from './adapters/better-auth.js';
+export type { PasswordPolicyConfig, PasswordValidationResult, UserInfo, } from './password-policy.js';
+export { checkPasswordBreach, checkPasswordStrength, createPasswordPolicy, isCommonPassword, PasswordPolicy, passwordPolicy, PasswordStrength, } from './password-policy.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAMH,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAM3C,YAAY,EACV,UAAU,EACV,WAAW,EACX,qBAAqB,EACrB,eAAe,EAEf,aAAa,EACb,UAAU,EAEV,SAAS;AACT;;GAEG;AACH,mBAAmB,EAEnB,YAAY,EACZ,gBAAgB,EAChB,eAAe,EACf,SAAS,EACT,YAAY,EAEZ,IAAI,GACL,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAMvC,YAAY,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAC3C,OAAO,EACL,wBAAwB,EAExB,gBAAgB,EAChB,eAAe,EACf,eAAe,EACf,UAAU,EAEV,UAAU,EACV,kBAAkB,EAElB,uBAAuB,GACxB,MAAM,UAAU,CAAC;AAMlB,OAAO,EAEL,oBAAoB,EACpB,YAAY,EACZ,cAAc,EAEd,cAAc,EACd,cAAc,GACf,MAAM,WAAW,CAAC;AAMnB,OAAO,EAEL,KAAK,EACL,KAAK,EAEL,aAAa,EAEb,WAAW,EACX,aAAa,EAEb,YAAY,EACZ,aAAa,EACb,KAAK,EACL,gBAAgB,EAChB,aAAa,EACb,OAAO,EACP,GAAG,EACH,OAAO,GACR,MAAM,aAAa,CAAC;AAMrB,OAAO,EACL,SAAS,EAET,GAAG,EACH,MAAM,EACN,aAAa,EACb,qBAAqB,EAErB,wBAAwB,EACxB,mBAAmB,EACnB,oBAAoB,EAEpB,YAAY,EACZ,SAAS,EAET,cAAc,GACf,MAAM,eAAe,CAAC;AAMvB,OAAO,EAEL,cAAc,EACd,mBAAmB,EAEnB,oBAAoB,EACpB,yBAAyB,EACzB,mBAAmB,GACpB,MAAM,iBAAiB,CAAC;AAMzB,YAAY,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AAClF,OAAO,EAEL,eAAe,EAEf,uBAAuB,EAEvB,qBAAqB,EACrB,wBAAwB,GACzB,MAAM,iBAAiB,CAAC;AAMzB,YAAY,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAClE,OAAO,EAEL,UAAU,EAEV,gBAAgB,EAChB,iBAAiB,GAClB,MAAM,aAAa,CAAC;AAMrB,YAAY,EACV,UAAU,EACV,WAAW,EACX,gBAAgB,EAChB,aAAa,EACb,WAAW,EACX,qBAAqB,EACrB,eAAe,EACf,aAAa,EACb,eAAe,EACf,oBAAoB,GACrB,MAAM,WAAW,CAAC;AACnB,OAAO,EACL,SAAS,EACT,iBAAiB,EAEjB,oBAAoB,EAEpB,cAAc,GACf,MAAM,WAAW,CAAC;AAMnB,YAAY,EAEV,OAAO,EAEP,kBAAkB,EAElB,aAAa,EACb,cAAc,EACd,mBAAmB,EAEnB,WAAW,EACX,uBAAuB,EAEvB,cAAc,EAEd,wBAAwB,EAExB,YAAY,EACZ,aAAa,GACd,MAAM,cAAc,CAAC;AACtB,OAAO,EAEL,0BAA0B,EAE1B,oBAAoB,EAEpB,uBAAuB,EAEvB,sBAAsB,EACtB,YAAY,EACZ,aAAa,EAEb,iBAAiB,GAClB,MAAM,cAAc,CAAC;AAMtB,YAAY,EAEV,kBAAkB,EAElB,iBAAiB,EACjB,wBAAwB,EACxB,YAAY,EAEZ,cAAc,EACd,oBAAoB,EACpB,WAAW,EAEX,WAAW,EAEX,iBAAiB,EAEjB,oBAAoB,EAEpB,wBAAwB,EAExB,kBAAkB,GACnB,MAAM,cAAc,CAAC;AACtB,OAAO,EAEL,gBAAgB,EAEhB,eAAe,EAEf,2BAA2B,EAC3B,uBAAuB,EACvB,iBAAiB,EAEjB,aAAa,GACd,MAAM,cAAc,CAAC;AAMtB,YAAY,EACV,uBAAuB,EACvB,aAAa,EACb,iBAAiB,EACjB,kBAAkB,EAClB,iBAAiB,EACjB,uBAAuB,EACvB,cAAc,GACf,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,iBAAiB,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAMH,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAM3C,YAAY,EACV,UAAU,EACV,WAAW,EACX,qBAAqB,EACrB,eAAe,EAEf,aAAa,EACb,UAAU,EAEV,SAAS;AACT;;GAEG;AACH,mBAAmB,EAEnB,YAAY,EACZ,gBAAgB,EAChB,eAAe,EACf,SAAS,EACT,YAAY,EAEZ,IAAI,GACL,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAMvC,YAAY,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAC3C,OAAO,EACL,wBAAwB,EAExB,gBAAgB,EAChB,eAAe,EACf,eAAe,EACf,UAAU,EAEV,UAAU,EACV,kBAAkB,EAElB,uBAAuB,GACxB,MAAM,UAAU,CAAC;AAMlB,OAAO,EAEL,oBAAoB,EACpB,YAAY,EACZ,cAAc,EAEd,cAAc,EACd,cAAc,GACf,MAAM,WAAW,CAAC;AAMnB,OAAO,EAEL,KAAK,EACL,KAAK,EAEL,aAAa,EAEb,WAAW,EACX,aAAa,EAEb,YAAY,EACZ,aAAa,EACb,KAAK,EACL,gBAAgB,EAChB,aAAa,EACb,OAAO,EACP,GAAG,EACH,OAAO,GACR,MAAM,aAAa,CAAC;AAMrB,OAAO,EACL,SAAS,EAET,GAAG,EACH,MAAM,EACN,aAAa,EACb,qBAAqB,EAErB,wBAAwB,EACxB,mBAAmB,EACnB,oBAAoB,EAEpB,YAAY,EACZ,SAAS,EAET,cAAc,GACf,MAAM,eAAe,CAAC;AAMvB,OAAO,EAEL,cAAc,EACd,mBAAmB,EAEnB,oBAAoB,EACpB,yBAAyB,EACzB,mBAAmB,GACpB,MAAM,iBAAiB,CAAC;AAMzB,YAAY,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AAClF,OAAO,EAEL,eAAe,EAEf,uBAAuB,EAEvB,qBAAqB,EACrB,wBAAwB,GACzB,MAAM,iBAAiB,CAAC;AAMzB,YAAY,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAClE,OAAO,EAEL,UAAU,EAEV,gBAAgB,EAChB,iBAAiB,GAClB,MAAM,aAAa,CAAC;AAMrB,YAAY,EACV,UAAU,EACV,WAAW,EACX,gBAAgB,EAChB,aAAa,EACb,WAAW,EACX,qBAAqB,EACrB,eAAe,EACf,aAAa,EACb,eAAe,EACf,oBAAoB,GACrB,MAAM,WAAW,CAAC;AACnB,OAAO,EACL,SAAS,EACT,iBAAiB,EAEjB,oBAAoB,EAEpB,cAAc,GACf,MAAM,WAAW,CAAC;AAMnB,YAAY,EAEV,OAAO,EAEP,kBAAkB,EAElB,aAAa,EACb,cAAc,EACd,mBAAmB,EAEnB,WAAW,EACX,uBAAuB,EAEvB,cAAc,EAEd,wBAAwB,EAExB,YAAY,EACZ,aAAa,GACd,MAAM,cAAc,CAAC;AACtB,OAAO,EAEL,0BAA0B,EAE1B,oBAAoB,EAEpB,uBAAuB,EAEvB,sBAAsB,EACtB,YAAY,EACZ,aAAa,EAEb,iBAAiB,GAClB,MAAM,cAAc,CAAC;AAMtB,YAAY,EAEV,kBAAkB,EAElB,iBAAiB,EACjB,wBAAwB,EACxB,YAAY,EAEZ,cAAc,EACd,oBAAoB,EACpB,WAAW,EAEX,WAAW,EAEX,iBAAiB,EAEjB,oBAAoB,EAEpB,wBAAwB,EAExB,kBAAkB,GACnB,MAAM,cAAc,CAAC;AACtB,OAAO,EAEL,gBAAgB,EAEhB,eAAe,EAEf,2BAA2B,EAC3B,uBAAuB,EACvB,iBAAiB,EAEjB,aAAa,GACd,MAAM,cAAc,CAAC;AAMtB,YAAY,EACV,uBAAuB,EACvB,aAAa,EACb,iBAAiB,EACjB,kBAAkB,EAClB,iBAAiB,EACjB,uBAAuB,EACvB,cAAc,GACf,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,iBAAiB,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC;AAMvF,YAAY,EACV,oBAAoB,EACpB,wBAAwB,EACxB,QAAQ,GACT,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EACL,mBAAmB,EACnB,qBAAqB,EAErB,oBAAoB,EACpB,gBAAgB,EAChB,cAAc,EAEd,cAAc,EACd,gBAAgB,GACjB,MAAM,sBAAsB,CAAC"}

package/dist/index.js

@@ -97,4 +97,9 @@ createAdapterAuthMiddleware, createAuthAdapterPlugin, defineAuthAdapter,
 // Type guard
 isAuthAdapter, } from './adapter.js';
 export { BetterAuthAdapter, createBetterAuthAdapter } from './adapters/better-auth.js';
+export { checkPasswordBreach, checkPasswordStrength, 
+// Legacy (deprecated)
+createPasswordPolicy, isCommonPassword, PasswordPolicy, 
+// Succinct API
+passwordPolicy, PasswordStrength, } from './password-policy.js';
 //# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,+EAA+E;AAC/E,iBAAiB;AACjB,+EAA+E;AAE/E,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AA6B3C,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAOvC,OAAO,EACL,wBAAwB;AACxB,sBAAsB;AACtB,gBAAgB,EAChB,eAAe,EACf,eAAe,EACf,UAAU;AACV,eAAe;AACf,UAAU,EACV,kBAAkB;AAClB,sBAAsB;AACtB,uBAAuB,GACxB,MAAM,UAAU,CAAC;AAElB,+EAA+E;AAC/E,mBAAmB;AACnB,+EAA+E;AAE/E,OAAO;AACL,sBAAsB;AACtB,oBAAoB,EACpB,YAAY,EACZ,cAAc;AACd,eAAe;AACf,cAAc,EACd,cAAc,GACf,MAAM,WAAW,CAAC;AAEnB,+EAA+E;AAC/E,SAAS;AACT,+EAA+E;AAE/E,OAAO;AACL,cAAc;AACd,KAAK,EACL,KAAK;AACL,kBAAkB;AAClB,aAAa;AACb,oBAAoB;AACpB,WAAW,EACX,aAAa;AACb,YAAY;AACZ,YAAY,EACZ,aAAa,EACb,KAAK,EACL,gBAAgB,EAChB,aAAa,EACb,OAAO,EACP,GAAG,EACH,OAAO,GACR,MAAM,aAAa,CAAC;AAErB,+EAA+E;AAC/E,WAAW;AACX,+EAA+E;AAE/E,OAAO,EACL,SAAS;AACT,uBAAuB;AACvB,GAAG,EACH,MAAM,EACN,aAAa,EACb,qBAAqB;AACrB,kBAAkB;AAClB,wBAAwB,EACxB,mBAAmB,EACnB,oBAAoB;AACpB,UAAU;AACV,YAAY,EACZ,SAAS;AACT,WAAW;AACX,cAAc,GACf,MAAM,eAAe,CAAC;AAEvB,+EAA+E;AAC/E,aAAa;AACb,+EAA+E;AAE/E,OAAO;AACL,eAAe;AACf,cAAc,EACd,mBAAmB;AACnB,sBAAsB;AACtB,oBAAoB,EACpB,yBAAyB,EACzB,mBAAmB,GACpB,MAAM,iBAAiB,CAAC;AAOzB,OAAO;AACL,0BAA0B;AAC1B,eAAe;AACf,iCAAiC;AACjC,uBAAuB;AACvB,UAAU;AACV,qBAAqB,EACrB,wBAAwB,GACzB,MAAM,iBAAiB,CAAC;AAOzB,OAAO;AACL,eAAe;AACf,UAAU;AACV,sBAAsB;AACtB,gBAAgB,EAChB,iBAAiB,GAClB,MAAM,aAAa,CAAC;AAkBrB,OAAO,EACL,SAAS,EACT,iBAAiB;AACjB,sBAAsB;AACtB,oBAAoB;AACpB,eAAe;AACf,cAAc,GACf,MAAM,WAAW,CAAC;AA0BnB,OAAO;AACL,wBAAwB;AACxB,0BAA0B;AAC1B,kBAAkB;AAClB,oBAAoB;AACpB,sBAAsB;AACtB,uBAAuB;AACvB,mBAAmB;AACnB,sBAAsB,EACtB,YAAY,EACZ,aAAa;AACb,eAAe;AACf,iBAAiB,GAClB,MAAM,cAAc,CAAC;AA4BtB,OAAO;AACL,cAAc;AACd,gBAAgB;AAChB,sBAAsB;AACtB,eAAe;AACf,oBAAoB;AACpB,2BAA2B,EAC3B,uBAAuB,EACvB,iBAAiB;AACjB,aAAa;AACb,aAAa,GACd,MAAM,cAAc,CAAC;AAetB,OAAO,EAAE,iBAAiB,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,+EAA+E;AAC/E,iBAAiB;AACjB,+EAA+E;AAE/E,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AA6B3C,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAOvC,OAAO,EACL,wBAAwB;AACxB,sBAAsB;AACtB,gBAAgB,EAChB,eAAe,EACf,eAAe,EACf,UAAU;AACV,eAAe;AACf,UAAU,EACV,kBAAkB;AAClB,sBAAsB;AACtB,uBAAuB,GACxB,MAAM,UAAU,CAAC;AAElB,+EAA+E;AAC/E,mBAAmB;AACnB,+EAA+E;AAE/E,OAAO;AACL,sBAAsB;AACtB,oBAAoB,EACpB,YAAY,EACZ,cAAc;AACd,eAAe;AACf,cAAc,EACd,cAAc,GACf,MAAM,WAAW,CAAC;AAEnB,+EAA+E;AAC/E,SAAS;AACT,+EAA+E;AAE/E,OAAO;AACL,cAAc;AACd,KAAK,EACL,KAAK;AACL,kBAAkB;AAClB,aAAa;AACb,oBAAoB;AACpB,WAAW,EACX,aAAa;AACb,YAAY;AACZ,YAAY,EACZ,aAAa,EACb,KAAK,EACL,gBAAgB,EAChB,aAAa,EACb,OAAO,EACP,GAAG,EACH,OAAO,GACR,MAAM,aAAa,CAAC;AAErB,+EAA+E;AAC/E,WAAW;AACX,+EAA+E;AAE/E,OAAO,EACL,SAAS;AACT,uBAAuB;AACvB,GAAG,EACH,MAAM,EACN,aAAa,EACb,qBAAqB;AACrB,kBAAkB;AAClB,wBAAwB,EACxB,mBAAmB,EACnB,oBAAoB;AACpB,UAAU;AACV,YAAY,EACZ,SAAS;AACT,WAAW;AACX,cAAc,GACf,MAAM,eAAe,CAAC;AAEvB,+EAA+E;AAC/E,aAAa;AACb,+EAA+E;AAE/E,OAAO;AACL,eAAe;AACf,cAAc,EACd,mBAAmB;AACnB,sBAAsB;AACtB,oBAAoB,EACpB,yBAAyB,EACzB,mBAAmB,GACpB,MAAM,iBAAiB,CAAC;AAOzB,OAAO;AACL,0BAA0B;AAC1B,eAAe;AACf,iCAAiC;AACjC,uBAAuB;AACvB,UAAU;AACV,qBAAqB,EACrB,wBAAwB,GACzB,MAAM,iBAAiB,CAAC;AAOzB,OAAO;AACL,eAAe;AACf,UAAU;AACV,sBAAsB;AACtB,gBAAgB,EAChB,iBAAiB,GAClB,MAAM,aAAa,CAAC;AAkBrB,OAAO,EACL,SAAS,EACT,iBAAiB;AACjB,sBAAsB;AACtB,oBAAoB;AACpB,eAAe;AACf,cAAc,GACf,MAAM,WAAW,CAAC;AA0BnB,OAAO;AACL,wBAAwB;AACxB,0BAA0B;AAC1B,kBAAkB;AAClB,oBAAoB;AACpB,sBAAsB;AACtB,uBAAuB;AACvB,mBAAmB;AACnB,sBAAsB,EACtB,YAAY,EACZ,aAAa;AACb,eAAe;AACf,iBAAiB,GAClB,MAAM,cAAc,CAAC;AA4BtB,OAAO;AACL,cAAc;AACd,gBAAgB;AAChB,sBAAsB;AACtB,eAAe;AACf,oBAAoB;AACpB,2BAA2B,EAC3B,uBAAuB,EACvB,iBAAiB;AACjB,aAAa;AACb,aAAa,GACd,MAAM,cAAc,CAAC;AAetB,OAAO,EAAE,iBAAiB,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC;AAWvF,OAAO,EACL,mBAAmB,EACnB,qBAAqB;AACrB,sBAAsB;AACtB,oBAAoB,EACpB,gBAAgB,EAChB,cAAc;AACd,eAAe;AACf,cAAc,EACd,gBAAgB,GACjB,MAAM,sBAAsB,CAAC"}

package/dist/password-policy.d.ts

@@ -0,0 +1,259 @@
+/**
+ * Password policy validation and strength scoring
+ *
+ * Provides configurable password requirements, strength scoring,
+ * common password checking, and optional breach detection.
+ *
+ * @module auth/password-policy
+ */
+/**
+ * Password policy requirements configuration
+ */
+export interface PasswordPolicyConfig {
+    /**
+     * Minimum password length
+     * @default 12
+     */
+    minLength?: number;
+    /**
+     * Maximum password length (0 for no limit)
+     * @default 128
+     */
+    maxLength?: number;
+    /**
+     * Require at least one uppercase letter
+     * @default false
+     */
+    requireUppercase?: boolean;
+    /**
+     * Require at least one lowercase letter
+     * @default false
+     */
+    requireLowercase?: boolean;
+    /**
+     * Require at least one digit
+     * @default false
+     */
+    requireDigits?: boolean;
+    /**
+     * Require at least one special character
+     * @default false
+     */
+    requireSpecialChars?: boolean;
+    /**
+     * Custom special characters set
+     * @default "!@#$%^&*()_+-=[]{}|;:,.<>?"
+     */
+    specialChars?: string;
+    /**
+     * Disallow common passwords from list
+     * @default true
+     */
+    disallowCommon?: boolean;
+    /**
+     * Check password against Have I Been Pwned API
+     * @default false
+     */
+    checkBreaches?: boolean;
+    /**
+     * Maximum allowed occurrences in breaches (0 = any breach fails)
+     * @default 0
+     */
+    maxBreachOccurrences?: number;
+    /**
+     * Custom password blacklist
+     * @default []
+     */
+    blacklist?: readonly string[];
+    /**
+     * Disallow passwords containing user information
+     * (email, username, etc. - must be provided during validation)
+     * @default true
+     */
+    disallowUserInfo?: boolean;
+}
+/**
+ * Password strength levels
+ */
+export declare enum PasswordStrength {
+    VeryWeak = 0,
+    Weak = 1,
+    Fair = 2,
+    Strong = 3,
+    VeryStrong = 4
+}
+/**
+ * Password validation result
+ */
+export interface PasswordValidationResult {
+    /** Whether password passes all requirements */
+    valid: boolean;
+    /** Validation error messages */
+    errors: string[];
+    /** Password strength score (0-4) */
+    strength: PasswordStrength;
+    /** Detailed strength score (0-100) */
+    score: number;
+    /** Whether password was found in breach database */
+    breached?: boolean;
+    /** Number of times password appeared in breaches */
+    breachCount?: number;
+}
+/**
+ * User information for password validation
+ */
+export interface UserInfo {
+    /** User's email address */
+    email?: string;
+    /** Username */
+    username?: string;
+    /** First name */
+    firstName?: string;
+    /** Last name */
+    lastName?: string;
+    /** Any other identifying information to exclude */
+    [key: string]: string | undefined;
+}
+/**
+ * Password policy validator and strength scorer
+ *
+ * @example
+ * ```typescript
+ * const policy = new PasswordPolicy({
+ *   minLength: 12,
+ *   requireUppercase: true,
+ *   requireLowercase: true,
+ *   requireDigits: true,
+ *   checkBreaches: true,
+ * });
+ *
+ * // Validate password
+ * const result = await policy.validate('MyP@ssw0rd123', {
+ *   email: 'user@example.com',
+ * });
+ *
+ * if (!result.valid) {
+ *   console.log('Errors:', result.errors);
+ * }
+ *
+ * console.log('Strength:', PasswordStrength[result.strength]);
+ * console.log('Score:', result.score);
+ * ```
+ */
+export declare class PasswordPolicy {
+    private readonly config;
+    constructor(config?: PasswordPolicyConfig);
+    /**
+     * Validate a password against the policy
+     *
+     * @param password - Password to validate
+     * @param userInfo - Optional user information to check against
+     * @returns Validation result with errors and strength score
+     */
+    validate(password: string, userInfo?: UserInfo): Promise<PasswordValidationResult>;
+    /**
+     * Calculate password strength score (0-100) and level (0-4)
+     *
+     * Based on:
+     * - Length
+     * - Character variety (uppercase, lowercase, digits, special)
+     * - Entropy
+     * - Pattern detection
+     */
+    calculateStrength(password: string): {
+        score: number;
+        strength: PasswordStrength;
+    };
+    /**
+     * Calculate Shannon entropy of password
+     */
+    private calculateEntropy;
+    /**
+     * Check if character types are well-mixed (not clustered)
+     */
+    private checkMixedPositions;
+    /**
+     * Check password against Have I Been Pwned API
+     *
+     * Uses k-anonymity: only sends first 5 chars of SHA-1 hash
+     * to protect password privacy.
+     *
+     * @returns Number of times password appears in breaches (0 = not found)
+     */
+    private checkBreaches;
+    /**
+     * Get password strength as human-readable string
+     */
+    getStrengthLabel(strength: PasswordStrength): string;
+    /**
+     * Get password strength color (for UI display)
+     */
+    getStrengthColor(strength: PasswordStrength): string;
+}
+/**
+ * Create a password policy validator (succinct API)
+ *
+ * @example
+ * ```typescript
+ * import { passwordPolicy } from '@veloxts/auth';
+ *
+ * const policy = passwordPolicy({
+ *   minLength: 12,
+ *   requireUppercase: true,
+ *   requireDigits: true,
+ * });
+ *
+ * const result = await policy.validate('MyPassword123');
+ * ```
+ */
+export declare function passwordPolicy(config?: PasswordPolicyConfig): PasswordPolicy;
+/**
+ * Creates a password policy validator
+ *
+ * @deprecated Use `passwordPolicy()` instead. Will be removed in v0.9.
+ */
+export declare const createPasswordPolicy: typeof passwordPolicy;
+/**
+ * Quick password strength check (no policy validation)
+ *
+ * @example
+ * ```typescript
+ * import { checkPasswordStrength } from '@veloxts/auth';
+ *
+ * const { strength, score } = checkPasswordStrength('MyP@ssw0rd123');
+ * console.log(PasswordStrength[strength]); // "Strong"
+ * console.log(score); // 75
+ * ```
+ */
+export declare function checkPasswordStrength(password: string): {
+    score: number;
+    strength: PasswordStrength;
+};
+/**
+ * Quick common password check
+ *
+ * @example
+ * ```typescript
+ * import { isCommonPassword } from '@veloxts/auth';
+ *
+ * if (isCommonPassword('password123')) {
+ *   console.log('Please choose a more secure password');
+ * }
+ * ```
+ */
+export declare function isCommonPassword(password: string): boolean;
+/**
+ * Check password against Have I Been Pwned
+ *
+ * @example
+ * ```typescript
+ * import { checkPasswordBreach } from '@veloxts/auth';
+ *
+ * const count = await checkPasswordBreach('password123');
+ * if (count > 0) {
+ *   console.log(`Found in ${count} breaches!`);
+ * }
+ * ```
+ */
+export declare function checkPasswordBreach(password: string): Promise<number>;
+//# sourceMappingURL=password-policy.d.ts.map

package/dist/password-policy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"password-policy.d.ts","sourceRoot":"","sources":["../src/password-policy.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAQH;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAE3B;;;OAGG;IACH,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAE3B;;;OAGG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IAExB;;;OAGG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAE9B;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB;;;OAGG;IACH,cAAc,CAAC,EAAE,OAAO,CAAC;IAEzB;;;OAGG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IAExB;;;OAGG;IACH,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAE9B;;;OAGG;IACH,SAAS,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAE9B;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,OAAO,CAAC;CAC5B;AAED;;GAEG;AACH,oBAAY,gBAAgB;IAC1B,QAAQ,IAAI;IACZ,IAAI,IAAI;IACR,IAAI,IAAI;IACR,MAAM,IAAI;IACV,UAAU,IAAI;CACf;AAED;;GAEG;AACH,MAAM,WAAW,wBAAwB;IACvC,+CAA+C;IAC/C,KAAK,EAAE,OAAO,CAAC;IAEf,gCAAgC;IAChC,MAAM,EAAE,MAAM,EAAE,CAAC;IAEjB,oCAAoC;IACpC,QAAQ,EAAE,gBAAgB,CAAC;IAE3B,sCAAsC;IACtC,KAAK,EAAE,MAAM,CAAC;IAEd,oDAAoD;IACpD,QAAQ,CAAC,EAAE,OAAO,CAAC;IAEnB,oDAAoD;IACpD,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,2BAA2B;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,eAAe;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,iBAAiB;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,gBAAgB;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,mDAAmD;IACnD,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;CACnC;AA+GD;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAiC;gBAE5C,MAAM,GAAE,oBAAyB;IAiB7C;;;;;;OAMG;IACG,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,QAAQ,GAAG,OAAO,CAAC,wBAAwB,CAAC;IA+GxF;;;;;;;;OAQG;IACH,iBAAiB,CAAC,QAAQ,EAAE,MAAM,GAAG;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,gBAAgB,CAAA;KAAE;IAkDlF;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAkBxB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAyB3B;;;;;;;OAOG;YACW,aAAa;IA+B3B;;OAEG;IACH,gBAAgB,CAAC,QAAQ,EAAE,gBAAgB,GAAG,MAAM;IAepD;;OAEG;IACH,gBAAgB,CAAC,QAAQ,EAAE,gBAAgB,GAAG,MAAM;CAcrD;AAiBD;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,cAAc,CAAC,MAAM,CAAC,EAAE,oBAAoB,GAAG,cAAc,CAE5E;AAED;;;;GAIG;AACH,eAAO,MAAM,oBAAoB,uBAAiB,CAAC;AAEnD;;;;;;;;;;;GAWG;AACH,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,MAAM,GACf;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,gBAAgB,CAAA;CAAE,CAG/C;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAE1D;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAG3E"}

package/dist/password-policy.js

@@ -0,0 +1,529 @@
+/**
+ * Password policy validation and strength scoring
+ *
+ * Provides configurable password requirements, strength scoring,
+ * common password checking, and optional breach detection.
+ *
+ * @module auth/password-policy
+ */
+import { createHash } from 'node:crypto';
+/**
+ * Password strength levels
+ */
+export var PasswordStrength;
+(function (PasswordStrength) {
+    PasswordStrength[PasswordStrength["VeryWeak"] = 0] = "VeryWeak";
+    PasswordStrength[PasswordStrength["Weak"] = 1] = "Weak";
+    PasswordStrength[PasswordStrength["Fair"] = 2] = "Fair";
+    PasswordStrength[PasswordStrength["Strong"] = 3] = "Strong";
+    PasswordStrength[PasswordStrength["VeryStrong"] = 4] = "VeryStrong";
+})(PasswordStrength || (PasswordStrength = {}));
+// ============================================================================
+// Common Passwords List (Top 100)
+// ============================================================================
+/**
+ * Most common passwords to block (from NCSC/HaveIBeenPwned research)
+ */
+const COMMON_PASSWORDS = new Set([
+    '123456',
+    'password',
+    '12345678',
+    'qwerty',
+    '123456789',
+    '12345',
+    '1234',
+    '111111',
+    '1234567',
+    'dragon',
+    '123123',
+    'baseball',
+    'iloveyou',
+    '2000',
+    '2001',
+    '2002',
+    '2003',
+    '2004',
+    '2005',
+    'trustno1',
+    'monkey',
+    '1234567890',
+    'master',
+    'superman',
+    'qwertyuiop',
+    '654321',
+    'letmein',
+    'football',
+    'shadow',
+    'michael',
+    'jennifer',
+    '1111',
+    '2222',
+    '3333',
+    '4444',
+    '5555',
+    '6666',
+    '7777',
+    '8888',
+    '9999',
+    '0000',
+    'abc123',
+    'batman',
+    'welcome',
+    'sunshine',
+    'princess',
+    'password1',
+    'password123',
+    'admin',
+    'login',
+    'passw0rd',
+    'qwerty123',
+    'solo',
+    'starwars',
+    'whatever',
+    'charlie',
+    'donald',
+    'freedom',
+    'ginger',
+    'jordan',
+    'killer',
+    'liverpool',
+    'london',
+    'michelle',
+    'thomas',
+    'trustno',
+    'cheese',
+    'coffee',
+    'cookie',
+    'pepper',
+    'summer',
+    'winter',
+    'welcome1',
+    'access',
+    'lovely',
+    'bailey',
+    'orange',
+    'ashley',
+    'daniel',
+    'monkey1',
+    'purple',
+    'rangers',
+    'secret',
+    'secret1',
+    'test',
+    'test123',
+    'computer',
+    'internet',
+    'maverick',
+    'matrix',
+    'phoenix',
+    'thunder',
+    'zxcvbnm',
+    'hello',
+    'hello123',
+]);
+// ============================================================================
+// Password Policy Class
+// ============================================================================
+/**
+ * Password policy validator and strength scorer
+ *
+ * @example
+ * ```typescript
+ * const policy = new PasswordPolicy({
+ *   minLength: 12,
+ *   requireUppercase: true,
+ *   requireLowercase: true,
+ *   requireDigits: true,
+ *   checkBreaches: true,
+ * });
+ *
+ * // Validate password
+ * const result = await policy.validate('MyP@ssw0rd123', {
+ *   email: 'user@example.com',
+ * });
+ *
+ * if (!result.valid) {
+ *   console.log('Errors:', result.errors);
+ * }
+ *
+ * console.log('Strength:', PasswordStrength[result.strength]);
+ * console.log('Score:', result.score);
+ * ```
+ */
+export class PasswordPolicy {
+    config;
+    constructor(config = {}) {
+        this.config = {
+            minLength: config.minLength ?? 12,
+            maxLength: config.maxLength ?? 128,
+            requireUppercase: config.requireUppercase ?? false,
+            requireLowercase: config.requireLowercase ?? false,
+            requireDigits: config.requireDigits ?? false,
+            requireSpecialChars: config.requireSpecialChars ?? false,
+            specialChars: config.specialChars ?? "!@#$%^&*()_+-=[]{}|;:,.<>?",
+            disallowCommon: config.disallowCommon ?? true,
+            checkBreaches: config.checkBreaches ?? false,
+            maxBreachOccurrences: config.maxBreachOccurrences ?? 0,
+            blacklist: config.blacklist ?? [],
+            disallowUserInfo: config.disallowUserInfo ?? true,
+        };
+    }
+    /**
+     * Validate a password against the policy
+     *
+     * @param password - Password to validate
+     * @param userInfo - Optional user information to check against
+     * @returns Validation result with errors and strength score
+     */
+    async validate(password, userInfo) {
+        const errors = [];
+        // Length requirements
+        if (password.length < this.config.minLength) {
+            errors.push(`Password must be at least ${this.config.minLength} characters long`);
+        }
+        if (this.config.maxLength > 0 && password.length > this.config.maxLength) {
+            errors.push(`Password must not exceed ${this.config.maxLength} characters`);
+        }
+        // Character requirements
+        if (this.config.requireUppercase && !/[A-Z]/.test(password)) {
+            errors.push('Password must contain at least one uppercase letter');
+        }
+        if (this.config.requireLowercase && !/[a-z]/.test(password)) {
+            errors.push('Password must contain at least one lowercase letter');
+        }
+        if (this.config.requireDigits && !/\d/.test(password)) {
+            errors.push('Password must contain at least one digit');
+        }
+        if (this.config.requireSpecialChars) {
+            const specialCharsRegex = new RegExp(`[${escapeRegex(this.config.specialChars)}]`);
+            if (!specialCharsRegex.test(password)) {
+                errors.push('Password must contain at least one special character');
+            }
+        }
+        // Common password check
+        if (this.config.disallowCommon) {
+            const lowerPassword = password.toLowerCase();
+            if (COMMON_PASSWORDS.has(lowerPassword)) {
+                errors.push('Password is too common and easily guessable');
+            }
+        }
+        // Custom blacklist check
+        if (this.config.blacklist.length > 0) {
+            const lowerPassword = password.toLowerCase();
+            for (const banned of this.config.blacklist) {
+                if (lowerPassword === banned.toLowerCase()) {
+                    errors.push('Password is not allowed');
+                    break;
+                }
+            }
+        }
+        // User information check
+        if (this.config.disallowUserInfo && userInfo) {
+            const lowerPassword = password.toLowerCase();
+            const infoValues = Object.values(userInfo).filter((v) => typeof v === 'string' && v.length > 0);
+            for (const value of infoValues) {
+                const lowerValue = value.toLowerCase();
+                // Check if password contains user info
+                if (lowerPassword.includes(lowerValue)) {
+                    errors.push('Password must not contain personal information');
+                    break;
+                }
+                // Check if password is similar to email username
+                if (value.includes('@')) {
+                    const username = value.split('@')[0].toLowerCase();
+                    if (username.length >= 3 && lowerPassword.includes(username)) {
+                        errors.push('Password must not contain personal information');
+                        break;
+                    }
+                }
+            }
+        }
+        // Strength score
+        const { score, strength } = this.calculateStrength(password);
+        // Breach check (async)
+        let breached;
+        let breachCount;
+        if (this.config.checkBreaches) {
+            try {
+                breachCount = await this.checkBreaches(password);
+                breached = breachCount > this.config.maxBreachOccurrences;
+                if (breached) {
+                    errors.push(`Password has been found in ${breachCount} data breaches and is not secure`);
+                }
+            }
+            catch (error) {
+                // Breach check failed - log but don't fail validation
+                console.warn('Password breach check failed:', error);
+            }
+        }
+        return {
+            valid: errors.length === 0,
+            errors,
+            strength,
+            score,
+            breached,
+            breachCount,
+        };
+    }
+    /**
+     * Calculate password strength score (0-100) and level (0-4)
+     *
+     * Based on:
+     * - Length
+     * - Character variety (uppercase, lowercase, digits, special)
+     * - Entropy
+     * - Pattern detection
+     */
+    calculateStrength(password) {
+        let score = 0;
+        // Length scoring (up to 30 points)
+        if (password.length >= 8)
+            score += 10;
+        if (password.length >= 12)
+            score += 10;
+        if (password.length >= 16)
+            score += 5;
+        if (password.length >= 20)
+            score += 5;
+        // Character variety (up to 40 points)
+        const hasLower = /[a-z]/.test(password);
+        const hasUpper = /[A-Z]/.test(password);
+        const hasDigit = /\d/.test(password);
+        const hasSpecial = /[^a-zA-Z0-9]/.test(password);
+        const varietyCount = [hasLower, hasUpper, hasDigit, hasSpecial].filter(Boolean).length;
+        score += varietyCount * 10;
+        // Entropy bonus (up to 20 points)
+        const entropy = this.calculateEntropy(password);
+        if (entropy >= 30)
+            score += 5;
+        if (entropy >= 40)
+            score += 5;
+        if (entropy >= 50)
+            score += 5;
+        if (entropy >= 60)
+            score += 5;
+        // Pattern penalties (up to -20 points)
+        if (/(.)\1{2,}/.test(password))
+            score -= 5; // Repeated characters (aaa, 111)
+        if (/^[a-z]+$/.test(password))
+            score -= 5; // Only lowercase
+        if (/^[A-Z]+$/.test(password))
+            score -= 5; // Only uppercase
+        if (/^\d+$/.test(password))
+            score -= 10; // Only digits
+        if (/^(012|123|234|345|456|567|678|789|890)/.test(password))
+            score -= 5; // Sequential
+        // Bonus for mixing character positions (up to 10 points)
+        const mixedPositions = this.checkMixedPositions(password);
+        if (mixedPositions)
+            score += 10;
+        // Ensure score is within bounds
+        score = Math.max(0, Math.min(100, score));
+        // Convert score to strength level
+        let strength;
+        if (score < 20)
+            strength = PasswordStrength.VeryWeak;
+        else if (score < 40)
+            strength = PasswordStrength.Weak;
+        else if (score < 60)
+            strength = PasswordStrength.Fair;
+        else if (score < 80)
+            strength = PasswordStrength.Strong;
+        else
+            strength = PasswordStrength.VeryStrong;
+        return { score, strength };
+    }
+    /**
+     * Calculate Shannon entropy of password
+     */
+    calculateEntropy(password) {
+        const charCounts = new Map();
+        for (const char of password) {
+            charCounts.set(char, (charCounts.get(char) ?? 0) + 1);
+        }
+        let entropy = 0;
+        const length = password.length;
+        for (const count of charCounts.values()) {
+            const probability = count / length;
+            entropy -= probability * Math.log2(probability);
+        }
+        return entropy * length;
+    }
+    /**
+     * Check if character types are well-mixed (not clustered)
+     */
+    checkMixedPositions(password) {
+        if (password.length < 4)
+            return false;
+        const quarters = [
+            password.slice(0, Math.floor(password.length / 4)),
+            password.slice(Math.floor(password.length / 4), Math.floor(password.length / 2)),
+            password.slice(Math.floor(password.length / 2), Math.floor((3 * password.length) / 4)),
+            password.slice(Math.floor((3 * password.length) / 4)),
+        ];
+        // Check that each quarter has some variety
+        let varietyQuarters = 0;
+        for (const quarter of quarters) {
+            const hasAlpha = /[a-zA-Z]/.test(quarter);
+            const hasDigit = /\d/.test(quarter);
+            const hasSpecial = /[^a-zA-Z0-9]/.test(quarter);
+            if ([hasAlpha, hasDigit, hasSpecial].filter(Boolean).length >= 2) {
+                varietyQuarters++;
+            }
+        }
+        return varietyQuarters >= 3;
+    }
+    /**
+     * Check password against Have I Been Pwned API
+     *
+     * Uses k-anonymity: only sends first 5 chars of SHA-1 hash
+     * to protect password privacy.
+     *
+     * @returns Number of times password appears in breaches (0 = not found)
+     */
+    async checkBreaches(password) {
+        // Hash password with SHA-1
+        const hash = createHash('sha1').update(password).digest('hex').toUpperCase();
+        const prefix = hash.slice(0, 5);
+        const suffix = hash.slice(5);
+        // Query API with hash prefix
+        const response = await fetch(`https://api.pwnedpasswords.com/range/${prefix}`, {
+            headers: {
+                'User-Agent': 'VeloxTS-Auth-Password-Policy',
+            },
+        });
+        if (!response.ok) {
+            throw new Error(`HaveIBeenPwned API error: ${response.status}`);
+        }
+        const text = await response.text();
+        const lines = text.split('\n');
+        // Search for our suffix in results
+        for (const line of lines) {
+            const [hashSuffix, countStr] = line.split(':');
+            if (hashSuffix === suffix) {
+                return parseInt(countStr.trim(), 10);
+            }
+        }
+        return 0; // Not found in breaches
+    }
+    /**
+     * Get password strength as human-readable string
+     */
+    getStrengthLabel(strength) {
+        switch (strength) {
+            case PasswordStrength.VeryWeak:
+                return 'Very Weak';
+            case PasswordStrength.Weak:
+                return 'Weak';
+            case PasswordStrength.Fair:
+                return 'Fair';
+            case PasswordStrength.Strong:
+                return 'Strong';
+            case PasswordStrength.VeryStrong:
+                return 'Very Strong';
+        }
+    }
+    /**
+     * Get password strength color (for UI display)
+     */
+    getStrengthColor(strength) {
+        switch (strength) {
+            case PasswordStrength.VeryWeak:
+                return '#d73a49'; // Red
+            case PasswordStrength.Weak:
+                return '#e36209'; // Orange
+            case PasswordStrength.Fair:
+                return '#ffd33d'; // Yellow
+            case PasswordStrength.Strong:
+                return '#28a745'; // Green
+            case PasswordStrength.VeryStrong:
+                return '#0366d6'; // Blue
+        }
+    }
+}
+// ============================================================================
+// Helper Functions
+// ============================================================================
+/**
+ * Escape special characters for regex
+ */
+function escapeRegex(str) {
+    return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}
+// ============================================================================
+// Convenience Exports
+// ============================================================================
+/**
+ * Create a password policy validator (succinct API)
+ *
+ * @example
+ * ```typescript
+ * import { passwordPolicy } from '@veloxts/auth';
+ *
+ * const policy = passwordPolicy({
+ *   minLength: 12,
+ *   requireUppercase: true,
+ *   requireDigits: true,
+ * });
+ *
+ * const result = await policy.validate('MyPassword123');
+ * ```
+ */
+export function passwordPolicy(config) {
+    return new PasswordPolicy(config);
+}
+/**
+ * Creates a password policy validator
+ *
+ * @deprecated Use `passwordPolicy()` instead. Will be removed in v0.9.
+ */
+export const createPasswordPolicy = passwordPolicy;
+/**
+ * Quick password strength check (no policy validation)
+ *
+ * @example
+ * ```typescript
+ * import { checkPasswordStrength } from '@veloxts/auth';
+ *
+ * const { strength, score } = checkPasswordStrength('MyP@ssw0rd123');
+ * console.log(PasswordStrength[strength]); // "Strong"
+ * console.log(score); // 75
+ * ```
+ */
+export function checkPasswordStrength(password) {
+    const policy = new PasswordPolicy();
+    return policy.calculateStrength(password);
+}
+/**
+ * Quick common password check
+ *
+ * @example
+ * ```typescript
+ * import { isCommonPassword } from '@veloxts/auth';
+ *
+ * if (isCommonPassword('password123')) {
+ *   console.log('Please choose a more secure password');
+ * }
+ * ```
+ */
+export function isCommonPassword(password) {
+    return COMMON_PASSWORDS.has(password.toLowerCase());
+}
+/**
+ * Check password against Have I Been Pwned
+ *
+ * @example
+ * ```typescript
+ * import { checkPasswordBreach } from '@veloxts/auth';
+ *
+ * const count = await checkPasswordBreach('password123');
+ * if (count > 0) {
+ *   console.log(`Found in ${count} breaches!`);
+ * }
+ * ```
+ */
+export async function checkPasswordBreach(password) {
+    const policy = new PasswordPolicy();
+    return policy['checkBreaches'](password);
+}
+//# sourceMappingURL=password-policy.js.map

package/dist/password-policy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"password-policy.js","sourceRoot":"","sources":["../src/password-policy.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAoFzC;;GAEG;AACH,MAAM,CAAN,IAAY,gBAMX;AAND,WAAY,gBAAgB;IAC1B,+DAAY,CAAA;IACZ,uDAAQ,CAAA;IACR,uDAAQ,CAAA;IACR,2DAAU,CAAA;IACV,mEAAc,CAAA;AAChB,CAAC,EANW,gBAAgB,KAAhB,gBAAgB,QAM3B;AA6CD,+EAA+E;AAC/E,kCAAkC;AAClC,+EAA+E;AAE/E;;GAEG;AACH,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC;IAC/B,QAAQ;IACR,UAAU;IACV,UAAU;IACV,QAAQ;IACR,WAAW;IACX,OAAO;IACP,MAAM;IACN,QAAQ;IACR,SAAS;IACT,QAAQ;IACR,QAAQ;IACR,UAAU;IACV,UAAU;IACV,MAAM;IACN,MAAM;IACN,MAAM;IACN,MAAM;IACN,MAAM;IACN,MAAM;IACN,UAAU;IACV,QAAQ;IACR,YAAY;IACZ,QAAQ;IACR,UAAU;IACV,YAAY;IACZ,QAAQ;IACR,SAAS;IACT,UAAU;IACV,QAAQ;IACR,SAAS;IACT,UAAU;IACV,MAAM;IACN,MAAM;IACN,MAAM;IACN,MAAM;IACN,MAAM;IACN,MAAM;IACN,MAAM;IACN,MAAM;IACN,MAAM;IACN,MAAM;IACN,QAAQ;IACR,QAAQ;IACR,SAAS;IACT,UAAU;IACV,UAAU;IACV,WAAW;IACX,aAAa;IACb,OAAO;IACP,OAAO;IACP,UAAU;IACV,WAAW;IACX,MAAM;IACN,UAAU;IACV,UAAU;IACV,SAAS;IACT,QAAQ;IACR,SAAS;IACT,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,WAAW;IACX,QAAQ;IACR,UAAU;IACV,QAAQ;IACR,SAAS;IACT,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,UAAU;IACV,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,SAAS;IACT,QAAQ;IACR,SAAS;IACT,QAAQ;IACR,SAAS;IACT,MAAM;IACN,SAAS;IACT,UAAU;IACV,UAAU;IACV,UAAU;IACV,QAAQ;IACR,SAAS;IACT,SAAS;IACT,SAAS;IACT,OAAO;IACP,UAAU;CACX,CAAC,CAAC;AAEH,+EAA+E;AAC/E,wBAAwB;AACxB,+EAA+E;AAE/E;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,MAAM,OAAO,cAAc;IACR,MAAM,CAAiC;IAExD,YAAY,SAA+B,EAAE;QAC3C,IAAI,CAAC,MAAM,GAAG;YACZ,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,EAAE;YACjC,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,GAAG;YAClC,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,IAAI,KAAK;YAClD,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,IAAI,KAAK;YAClD,aAAa,EAAE,MAAM,CAAC,aAAa,IAAI,KAAK;YAC5C,mBAAmB,EAAE,MAAM,CAAC,mBAAmB,IAAI,KAAK;YACxD,YAAY,EAAE,MAAM,CAAC,YAAY,IAAI,4BAA4B;YACjE,cAAc,EAAE,MAAM,CAAC,cAAc,IAAI,IAAI;YAC7C,aAAa,EAAE,MAAM,CAAC,aAAa,IAAI,KAAK;YAC5C,oBAAoB,EAAE,MAAM,CAAC,oBAAoB,IAAI,CAAC;YACtD,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,EAAE;YACjC,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,IAAI,IAAI;SAClD,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,QAAQ,CAAC,QAAgB,EAAE,QAAmB;QAClD,MAAM,MAAM,GAAa,EAAE,CAAC;QAE5B,sBAAsB;QACtB,IAAI,QAAQ,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YAC5C,MAAM,CAAC,IAAI,CAAC,6BAA6B,IAAI,CAAC,MAAM,CAAC,SAAS,kBAAkB,CAAC,CAAC;QACpF,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,GAAG,CAAC,IAAI,QAAQ,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YACzE,MAAM,CAAC,IAAI,CAAC,4BAA4B,IAAI,CAAC,MAAM,CAAC,SAAS,aAAa,CAAC,CAAC;QAC9E,CAAC;QAED,yBAAyB;QACzB,IAAI,IAAI,CAAC,MAAM,CAAC,gBAAgB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5D,MAAM,CAAC,IAAI,CAAC,qDAAqD,CAAC,CAAC;QACrE,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,gBAAgB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5D,MAAM,CAAC,IAAI,CAAC,qDAAqD,CAAC,CAAC;QACrE,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,aAAa,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACtD,MAAM,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;QAC1D,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE,CAAC;YACpC,MAAM,iBAAiB,GAAG,IAAI,MAAM,CAAC,IAAI,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;YACnF,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACtC,MAAM,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC;YACtE,CAAC;QACH,CAAC;QAED,wBAAwB;QACxB,IAAI,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;YAC/B,MAAM,aAAa,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;YAC7C,IAAI,gBAAgB,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;gBACxC,MAAM,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC;QAED,yBAAyB;QACzB,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrC,MAAM,aAAa,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;YAC7C,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;gBAC3C,IAAI,aAAa,KAAK,MAAM,CAAC,WAAW,EAAE,EAAE,CAAC;oBAC3C,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;oBACvC,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;QAED,yBAAyB;QACzB,IAAI,IAAI,CAAC,MAAM,CAAC,gBAAgB,IAAI,QAAQ,EAAE,CAAC;YAC7C,MAAM,aAAa,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;YAC7C,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAC/C,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAC1D,CAAC;YAEF,KAAK,MAAM,KAAK,IAAI,UAAU,EAAE,CAAC;gBAC/B,MAAM,UAAU,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;gBAEvC,uCAAuC;gBACvC,IAAI,aAAa,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;oBACvC,MAAM,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAC;oBAC9D,MAAM;gBACR,CAAC;gBAED,iDAAiD;gBACjD,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;oBACxB,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;oBACnD,IAAI,QAAQ,CAAC,MAAM,IAAI,CAAC,IAAI,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;wBAC7D,MAAM,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAC;wBAC9D,MAAM;oBACR,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,iBAAiB;QACjB,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QAE7D,uBAAuB;QACvB,IAAI,QAA6B,CAAC;QAClC,IAAI,WAA+B,CAAC;QAEpC,IAAI,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;YAC9B,IAAI,CAAC;gBACH,WAAW,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;gBACjD,QAAQ,GAAG,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,oBAAoB,CAAC;gBAE1D,IAAI,QAAQ,EAAE,CAAC;oBACb,MAAM,CAAC,IAAI,CACT,8BAA8B,WAAW,kCAAkC,CAC5E,CAAC;gBACJ,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,sDAAsD;gBACtD,OAAO,CAAC,IAAI,CAAC,+BAA+B,EAAE,KAAK,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;QAED,OAAO;YACL,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;YAC1B,MAAM;YACN,QAAQ;YACR,KAAK;YACL,QAAQ;YACR,WAAW;SACZ,CAAC;IACJ,CAAC;IAED;;;;;;;;OAQG;IACH,iBAAiB,CAAC,QAAgB;QAChC,IAAI,KAAK,GAAG,CAAC,CAAC;QAEd,mCAAmC;QACnC,IAAI,QAAQ,CAAC,MAAM,IAAI,CAAC;YAAE,KAAK,IAAI,EAAE,CAAC;QACtC,IAAI,QAAQ,CAAC,MAAM,IAAI,EAAE;YAAE,KAAK,IAAI,EAAE,CAAC;QACvC,IAAI,QAAQ,CAAC,MAAM,IAAI,EAAE;YAAE,KAAK,IAAI,CAAC,CAAC;QACtC,IAAI,QAAQ,CAAC,MAAM,IAAI,EAAE;YAAE,KAAK,IAAI,CAAC,CAAC;QAEtC,sCAAsC;QACtC,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACxC,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACxC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACrC,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAEjD,MAAM,YAAY,GAAG,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;QACvF,KAAK,IAAI,YAAY,GAAG,EAAE,CAAC;QAE3B,kCAAkC;QAClC,MAAM,OAAO,GAAG,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QAChD,IAAI,OAAO,IAAI,EAAE;YAAE,KAAK,IAAI,CAAC,CAAC;QAC9B,IAAI,OAAO,IAAI,EAAE;YAAE,KAAK,IAAI,CAAC,CAAC;QAC9B,IAAI,OAAO,IAAI,EAAE;YAAE,KAAK,IAAI,CAAC,CAAC;QAC9B,IAAI,OAAO,IAAI,EAAE;YAAE,KAAK,IAAI,CAAC,CAAC;QAE9B,uCAAuC;QACvC,IAAI,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC;YAAE,KAAK,IAAI,CAAC,CAAC,CAAC,iCAAiC;QAC7E,IAAI,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC;YAAE,KAAK,IAAI,CAAC,CAAC,CAAC,iBAAiB;QAC5D,IAAI,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC;YAAE,KAAK,IAAI,CAAC,CAAC,CAAC,iBAAiB;QAC5D,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC;YAAE,KAAK,IAAI,EAAE,CAAC,CAAC,cAAc;QACvD,IAAI,wCAAwC,CAAC,IAAI,CAAC,QAAQ,CAAC;YAAE,KAAK,IAAI,CAAC,CAAC,CAAC,aAAa;QAEtF,yDAAyD;QACzD,MAAM,cAAc,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;QAC1D,IAAI,cAAc;YAAE,KAAK,IAAI,EAAE,CAAC;QAEhC,gCAAgC;QAChC,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC;QAE1C,kCAAkC;QAClC,IAAI,QAA0B,CAAC;QAC/B,IAAI,KAAK,GAAG,EAAE;YAAE,QAAQ,GAAG,gBAAgB,CAAC,QAAQ,CAAC;aAChD,IAAI,KAAK,GAAG,EAAE;YAAE,QAAQ,GAAG,gBAAgB,CAAC,IAAI,CAAC;aACjD,IAAI,KAAK,GAAG,EAAE;YAAE,QAAQ,GAAG,gBAAgB,CAAC,IAAI,CAAC;aACjD,IAAI,KAAK,GAAG,EAAE;YAAE,QAAQ,GAAG,gBAAgB,CAAC,MAAM,CAAC;;YACnD,QAAQ,GAAG,gBAAgB,CAAC,UAAU,CAAC;QAE5C,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;IAC7B,CAAC;IAED;;OAEG;IACK,gBAAgB,CAAC,QAAgB;QACvC,MAAM,UAAU,GAAG,IAAI,GAAG,EAAkB,CAAC;QAE7C,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;YAC5B,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACxD,CAAC;QAED,IAAI,OAAO,GAAG,CAAC,CAAC;QAChB,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;QAE/B,KAAK,MAAM,KAAK,IAAI,UAAU,CAAC,MAAM,EAAE,EAAE,CAAC;YACxC,MAAM,WAAW,GAAG,KAAK,GAAG,MAAM,CAAC;YACnC,OAAO,IAAI,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAClD,CAAC;QAED,OAAO,OAAO,GAAG,MAAM,CAAC;IAC1B,CAAC;IAED;;OAEG;IACK,mBAAmB,CAAC,QAAgB;QAC1C,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QAEtC,MAAM,QAAQ,GAAG;YACf,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAClD,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAChF,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;YACtF,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;SACtD,CAAC;QAEF,2CAA2C;QAC3C,IAAI,eAAe,GAAG,CAAC,CAAC;QACxB,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC1C,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACpC,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAEhD,IAAI,CAAC,QAAQ,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;gBACjE,eAAe,EAAE,CAAC;YACpB,CAAC;QACH,CAAC;QAED,OAAO,eAAe,IAAI,CAAC,CAAC;IAC9B,CAAC;IAED;;;;;;;OAOG;IACK,KAAK,CAAC,aAAa,CAAC,QAAgB;QAC1C,2BAA2B;QAC3B,MAAM,IAAI,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;QAC7E,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAChC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAE7B,6BAA6B;QAC7B,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,wCAAwC,MAAM,EAAE,EAAE;YAC7E,OAAO,EAAE;gBACP,YAAY,EAAE,8BAA8B;aAC7C;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,6BAA6B,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAE/B,mCAAmC;QACnC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,CAAC,UAAU,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC/C,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;gBAC1B,OAAO,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;QAED,OAAO,CAAC,CAAC,CAAC,wBAAwB;IACpC,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,QAA0B;QACzC,QAAQ,QAAQ,EAAE,CAAC;YACjB,KAAK,gBAAgB,CAAC,QAAQ;gBAC5B,OAAO,WAAW,CAAC;YACrB,KAAK,gBAAgB,CAAC,IAAI;gBACxB,OAAO,MAAM,CAAC;YAChB,KAAK,gBAAgB,CAAC,IAAI;gBACxB,OAAO,MAAM,CAAC;YAChB,KAAK,gBAAgB,CAAC,MAAM;gBAC1B,OAAO,QAAQ,CAAC;YAClB,KAAK,gBAAgB,CAAC,UAAU;gBAC9B,OAAO,aAAa,CAAC;QACzB,CAAC;IACH,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,QAA0B;QACzC,QAAQ,QAAQ,EAAE,CAAC;YACjB,KAAK,gBAAgB,CAAC,QAAQ;gBAC5B,OAAO,SAAS,CAAC,CAAC,MAAM;YAC1B,KAAK,gBAAgB,CAAC,IAAI;gBACxB,OAAO,SAAS,CAAC,CAAC,SAAS;YAC7B,KAAK,gBAAgB,CAAC,IAAI;gBACxB,OAAO,SAAS,CAAC,CAAC,SAAS;YAC7B,KAAK,gBAAgB,CAAC,MAAM;gBAC1B,OAAO,SAAS,CAAC,CAAC,QAAQ;YAC5B,KAAK,gBAAgB,CAAC,UAAU;gBAC9B,OAAO,SAAS,CAAC,CAAC,OAAO;QAC7B,CAAC;IACH,CAAC;CACF;AAED,+EAA+E;AAC/E,mBAAmB;AACnB,+EAA+E;AAE/E;;GAEG;AACH,SAAS,WAAW,CAAC,GAAW;IAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;AACpD,CAAC;AAED,+EAA+E;AAC/E,sBAAsB;AACtB,+EAA+E;AAE/E;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,cAAc,CAAC,MAA6B;IAC1D,OAAO,IAAI,cAAc,CAAC,MAAM,CAAC,CAAC;AACpC,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,cAAc,CAAC;AAEnD;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,qBAAqB,CACnC,QAAgB;IAEhB,MAAM,MAAM,GAAG,IAAI,cAAc,EAAE,CAAC;IACpC,OAAO,MAAM,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;AAC5C,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,gBAAgB,CAAC,QAAgB;IAC/C,OAAO,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;AACtD,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,QAAgB;IACxD,MAAM,MAAM,GAAG,IAAI,cAAc,EAAE,CAAC;IACpC,OAAO,MAAM,CAAC,eAAe,CAAC,CAAC,QAAQ,CAAC,CAAC;AAC3C,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@veloxts/auth",
-  "version": "0.3.5",
+  "version": "0.3.6",
   "description": "Authentication and authorization system for VeloxTS framework",
   "type": "module",
   "main": "dist/index.js",
@@ -42,8 +42,8 @@
   "dependencies": {
     "@fastify/cookie": "11.0.2",
     "fastify": "5.6.2",
-    "@veloxts/core": "0.3.5",
-    "@veloxts/router": "0.3.5"
+    "@veloxts/core": "0.3.6",
+    "@veloxts/router": "0.3.6"
   },
   "peerDependencies": {
     "argon2": ">=0.30.0",
@@ -67,8 +67,8 @@
     "fastify-plugin": "5.1.0",
     "typescript": "5.9.3",
     "vitest": "4.0.15",
-    "@veloxts/testing": "0.0.1",
-    "@veloxts/validation": "0.3.5"
+    "@veloxts/testing": "0.0.2",
+    "@veloxts/validation": "0.3.6"
   },
   "keywords": [
     "velox",