@veloxts/auth 0.7.5 → 0.7.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/CHANGELOG.md +18 -0
  2. package/dist/guards-narrowing.d.ts +35 -2
  3. package/dist/guards-narrowing.js +44 -3
  4. package/dist/index.d.ts +1 -1
  5. package/dist/index.js +1 -1
  6. package/package.json +5 -5
package/CHANGELOG.md CHANGED
@@ -1,5 +1,23 @@
1
1
  # @veloxts/auth
2
2
 
3
+ ## 0.7.7
4
+
5
+ ### Patch Changes
6
+
7
+ - refactor(router): rename swaggerUIPlugin → swaggerPlugin, remove redundant exports
8
+ - Updated dependencies
9
+ - @veloxts/core@0.7.7
10
+ - @veloxts/router@0.7.7
11
+
12
+ ## 0.7.6
13
+
14
+ ### Patch Changes
15
+
16
+ - feat(router): custom access levels for the Resource API + advanced Architectural Patterns
17
+ - Updated dependencies
18
+ - @veloxts/core@0.7.6
19
+ - @veloxts/router@0.7.6
20
+
3
21
  ## 0.7.5
4
22
 
5
23
  ### Patch Changes
package/dist/guards-narrowing.d.ts CHANGED
@@ -48,7 +48,7 @@ export interface NarrowingGuard<TRequired, TGuaranteed> {
48
48
  *
49
49
  * When set, the procedure builder will automatically assign this
50
50
  * value to `ctx.__accessLevel` after the guard passes, enabling
51
- * auto-projection with `.resource()`.
51
+ * auto-projection with `.expose()`.
52
52
  */
53
53
  accessLevel?: AccessLevel;
54
54
  }
@@ -134,7 +134,7 @@ export declare const authenticatedNarrow: NarrowingGuard<{
134
134
  * .guardNarrow(adminNarrow)
135
135
  * .query(({ ctx }) => {
136
136
  * // ctx.user is typed as User with roles: string[]
137
- * // When used with resource(), returns all fields including admin-only
137
+ * // When used with expose(), returns all fields including admin-only
138
138
  * const user = await ctx.db.user.findUnique({ where: { id } });
139
139
  * return resource(user, UserSchema).forAdmin();
140
140
  * });
@@ -166,6 +166,39 @@ export declare const adminNarrow: NarrowingGuard<{
166
166
  export declare function hasRoleNarrow(roles: string | string[]): NarrowingGuard<{
167
167
  user?: User;
168
168
  }, RoleNarrowedContext>;
169
+ /**
170
+ * Creates a custom narrowing guard with a specified access level.
171
+ *
172
+ * Use this to create guards for custom access levels defined via
173
+ * `defineAccessLevels()`. The guard's `accessLevel` is used by
174
+ * `executeProcedure()` for automatic resource projection.
175
+ *
176
+ * @param level - The access level string (e.g., 'reviewer', 'moderator')
177
+ * @param check - Guard check function
178
+ * @param options - Optional guard configuration
179
+ * @returns NarrowingGuard with the specified access level
180
+ *
181
+ * @example
182
+ * ```typescript
183
+ * import { createNarrowingGuard } from '@veloxts/auth';
184
+ *
185
+ * const reviewerNarrow = createNarrowingGuard(
186
+ * 'reviewer',
187
+ * async (ctx) => ctx.user?.roles?.includes('reviewer') ?? false,
188
+ * { name: 'reviewer', message: 'Reviewer access required' }
189
+ * );
190
+ *
191
+ * procedure()
192
+ * .guardNarrow(reviewerNarrow)
193
+ * .expose(ArticleSchema)
194
+ * .query(handler);
195
+ * ```
196
+ */
197
+ export declare function createNarrowingGuard<TLevel extends string, TRequired = unknown, TGuaranteed = unknown>(level: TLevel, check: GuardFunction<TRequired>, options?: {
198
+ name?: string;
199
+ message?: string;
200
+ statusCode?: number;
201
+ }): NarrowingGuard<TRequired, TGuaranteed>;
169
202
  /**
170
203
  * Extracts the narrowed context type from a NarrowingGuard.
171
204
  *
package/dist/guards-narrowing.js CHANGED
@@ -52,7 +52,7 @@ export const authenticatedNarrow = {
52
52
  // Phantom type: value is never used at runtime, only carries type info.
53
53
  // The `undefined as unknown as T` pattern is standard for phantom types.
54
54
  _narrows: undefined,
55
- // Runtime access level for auto-projection with .resource()
55
+ // Runtime access level for auto-projection with .expose()
56
56
  accessLevel: 'authenticated',
57
57
  };
58
58
  /**
@@ -70,7 +70,7 @@ export const authenticatedNarrow = {
70
70
  * .guardNarrow(adminNarrow)
71
71
  * .query(({ ctx }) => {
72
72
  * // ctx.user is typed as User with roles: string[]
73
- * // When used with resource(), returns all fields including admin-only
73
+ * // When used with expose(), returns all fields including admin-only
74
74
  * const user = await ctx.db.user.findUnique({ where: { id } });
75
75
  * return resource(user, UserSchema).forAdmin();
76
76
  * });
@@ -80,7 +80,7 @@ export const adminNarrow = {
80
80
  ...hasRoleBase('admin'),
81
81
  // Phantom type: carries type info for guardNarrow() and Resource API
82
82
  _narrows: undefined,
83
- // Runtime access level for auto-projection with .resource()
83
+ // Runtime access level for auto-projection with .expose()
84
84
  accessLevel: 'admin',
85
85
  };
86
86
  /**
@@ -111,3 +111,44 @@ export function hasRoleNarrow(roles) {
111
111
  _narrows: undefined,
112
112
  };
113
113
  }
114
+ // ============================================================================
115
+ // Type Utilities
116
+ // ============================================================================
117
+ /**
118
+ * Creates a custom narrowing guard with a specified access level.
119
+ *
120
+ * Use this to create guards for custom access levels defined via
121
+ * `defineAccessLevels()`. The guard's `accessLevel` is used by
122
+ * `executeProcedure()` for automatic resource projection.
123
+ *
124
+ * @param level - The access level string (e.g., 'reviewer', 'moderator')
125
+ * @param check - Guard check function
126
+ * @param options - Optional guard configuration
127
+ * @returns NarrowingGuard with the specified access level
128
+ *
129
+ * @example
130
+ * ```typescript
131
+ * import { createNarrowingGuard } from '@veloxts/auth';
132
+ *
133
+ * const reviewerNarrow = createNarrowingGuard(
134
+ * 'reviewer',
135
+ * async (ctx) => ctx.user?.roles?.includes('reviewer') ?? false,
136
+ * { name: 'reviewer', message: 'Reviewer access required' }
137
+ * );
138
+ *
139
+ * procedure()
140
+ * .guardNarrow(reviewerNarrow)
141
+ * .expose(ArticleSchema)
142
+ * .query(handler);
143
+ * ```
144
+ */
145
+ export function createNarrowingGuard(level, check, options) {
146
+ return {
147
+ name: options?.name ?? level,
148
+ check,
149
+ message: options?.message,
150
+ statusCode: options?.statusCode,
151
+ _narrows: undefined,
152
+ accessLevel: level,
153
+ };
154
+ }
package/dist/index.d.ts CHANGED
@@ -16,7 +16,7 @@ export { createInMemoryTokenStore, generateTokenId, isValidTimespan, JwtManager,
16
16
  export type { EnhancedTokenStore, EnhancedTokenStoreOptions } from './token-store.js';
17
17
  export { createEnhancedTokenStore, DEFAULT_ALLOWED_ROLES, parseUserRoles, } from './token-store.js';
18
18
  export type { ADMIN, AdminContext, AUTHENTICATED, AuthenticatedContext, InferNarrowedContext, NarrowingGuard, RoleNarrowedContext, TaggedContext, } from './guards-narrowing.js';
19
- export { adminNarrow, authenticatedNarrow, hasRoleNarrow, } from './guards-narrowing.js';
19
+ export { adminNarrow, authenticatedNarrow, createNarrowingGuard, hasRoleNarrow, } from './guards-narrowing.js';
20
20
  export { DEFAULT_HASH_CONFIG, hashPassword, PasswordHasher, passwordHasher, verifyPassword, } from './hash.js';
21
21
  export type { GuardBuilder } from './guards.js';
22
22
  export { allOf, anyOf, authenticated, defineGuard, emailVerified, executeGuard, executeGuards, guard, hasAnyPermission, hasPermission, hasRole, not, userCan, } from './guards.js';
package/dist/index.js CHANGED
@@ -18,7 +18,7 @@ export { AuthError } from './types.js';
18
18
  export { AUTH_REGISTERED, checkDoubleRegistration, decorateAuth, getRequestAuth, getRequestUser, setRequestAuth, } from './decoration.js';
19
19
  export { createInMemoryTokenStore, generateTokenId, isValidTimespan, JwtManager, jwtManager, parseTimeToSeconds, validateTokenExpiration, } from './jwt.js';
20
20
  export { createEnhancedTokenStore, DEFAULT_ALLOWED_ROLES, parseUserRoles, } from './token-store.js';
21
- export { adminNarrow, authenticatedNarrow, hasRoleNarrow, } from './guards-narrowing.js';
21
+ export { adminNarrow, authenticatedNarrow, createNarrowingGuard, hasRoleNarrow, } from './guards-narrowing.js';
22
22
  // ============================================================================
23
23
  // Password Hashing
24
24
  // ============================================================================
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@veloxts/auth",
3
- "version": "0.7.5",
3
+ "version": "0.7.7",
4
4
  "description": "Authentication and authorization system for VeloxTS framework",
5
5
  "type": "module",
6
6
  "main": "dist/index.js",
@@ -61,8 +61,8 @@
61
61
  "dependencies": {
62
62
  "@fastify/cookie": "11.0.2",
63
63
  "fastify": "5.7.4",
64
- "@veloxts/core": "0.7.5",
65
- "@veloxts/router": "0.7.5"
64
+ "@veloxts/core": "0.7.7",
65
+ "@veloxts/router": "0.7.7"
66
66
  },
67
67
  "peerDependencies": {
68
68
  "argon2": ">=0.30.0",
@@ -85,8 +85,8 @@
85
85
  "@vitest/coverage-v8": "4.0.18",
86
86
  "typescript": "5.9.3",
87
87
  "vitest": "4.0.18",
88
- "@veloxts/validation": "0.7.5",
89
- "@veloxts/testing": "0.7.5"
88
+ "@veloxts/validation": "0.7.7",
89
+ "@veloxts/testing": "0.7.7"
90
90
  },
91
91
  "keywords": [
92
92
  "velox",