@warlock.js/auth 1.0.0

package/cjs/services/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/services/index.ts"],"names":[],"mappings":"AAAA,cAAc,wBAAwB,CAAC;AACvC,cAAc,uBAAuB,CAAC;AACtC,cAAc,OAAO,CAAC"}

package/cjs/services/jwt.d.ts

@@ -0,0 +1,23 @@
+import { type SignerOptions, type VerifierOptions } from "fast-jwt";
+export declare const jwt: {
+    /**
+     * Generate a new JWT token for the user.
+     * @param payload The payload to encode in the JWT token.
+     */
+    generate(payload: any, { key, algorithm, ...options }?: any): Promise<string>;
+    /**
+     * Verify the given token.
+     * @param token The JWT token to verify.
+     * @returns The decoded token payload if verification is successful.
+     */
+    verify(token: string, { key, algorithms, ...options }?: any): Promise<any>;
+    /**
+     * Generate a new refresh token for the user.
+     */
+    generateRefreshToken(payload: any, { key, expiresIn, algorithm, ...options }?: any): Promise<string>;
+    /**
+     * Verify the given refresh token.
+     */
+    verifyRefreshToken(token: string, { key, algorithms, ...options }?: any): Promise<any>;
+};
+//# sourceMappingURL=jwt.d.ts.map

package/cjs/services/jwt.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../src/services/jwt.ts"],"names":[],"mappings":"AACA,OAAO,EAIL,KAAK,aAAa,EAClB,KAAK,eAAe,EACrB,MAAM,UAAU,CAAC;AAWlB,eAAO,MAAM,GAAG;IACd;;;OAGG;sBAEQ,GAAG,yCAMX,QAAQ,MAAM,CAAC;IAOlB;;;;OAIG;kBAEM,MAAM;IAYf;;OAEG;kCAEQ,GAAG,oDAOX,QAAQ,MAAM,CAAC;IAKlB;;OAEG;8BAEM,MAAM;CAUhB,CAAC"}

package/cjs/services/jwt.js

@@ -0,0 +1,39 @@
+'use strict';var config=require('@mongez/config'),fastJwt=require('fast-jwt');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}var config__default=/*#__PURE__*/_interopDefault(config);const getSecretKey = () => config__default.default.get("auth.jwt.secret");
+const getAlgorithm = () => config__default.default.get("auth.jwt.algorithm");
+const getRefreshSecretKey = () => config__default.default.get("auth.jwt.refresh.secret");
+// Assuming there's a separate config for refresh token validity, for example, '7d' for 7 days
+const getRefreshTokenValidity = () => config__default.default.get("auth.jwt.refresh.expiresIn");
+const jwt = {
+    /**
+     * Generate a new JWT token for the user.
+     * @param payload The payload to encode in the JWT token.
+     */
+    async generate(payload, { key = getSecretKey(), algorithm = getAlgorithm(), ...options } = {}) {
+        // Create a signer function with predefined options
+        const sign = fastJwt.createSigner({ key, ...options, algorithm });
+        return sign({ ...payload });
+    },
+    /**
+     * Verify the given token.
+     * @param token The JWT token to verify.
+     * @returns The decoded token payload if verification is successful.
+     */
+    async verify(token, { key = getSecretKey(), algorithms = getAlgorithm() ? [getAlgorithm()] : undefined, ...options } = {}) {
+        const verify = fastJwt.createVerifier({ key, ...options, algorithms });
+        return await verify(token);
+    },
+    /**
+     * Generate a new refresh token for the user.
+     */
+    async generateRefreshToken(payload, { key = getRefreshSecretKey(), expiresIn = getRefreshTokenValidity(), algorithm = getAlgorithm(), ...options } = {}) {
+        const sign = fastJwt.createSigner({ key, expiresIn, algorithm, ...options });
+        return sign({ ...payload });
+    },
+    /**
+     * Verify the given refresh token.
+     */
+    async verifyRefreshToken(token, { key = getRefreshSecretKey(), algorithms = [getAlgorithm()], ...options } = {}) {
+        const verify = fastJwt.createVerifier({ key, algorithms, ...options });
+        return await verify(token);
+    },
+};exports.jwt=jwt;//# sourceMappingURL=jwt.js.map

package/cjs/services/jwt.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.js","sources":["../../src/services/jwt.ts"],"sourcesContent":[null],"names":["config","createSigner","createVerifier"],"mappings":"wMASA,MAAM,YAAY,GAAG,MAAMA,uBAAM,CAAC,GAAG,CAAC,iBAAiB,CAAW,CAAC;AACnE,MAAM,YAAY,GAAG,MAAMA,uBAAM,CAAC,GAAG,CAAC,oBAAoB,CAAc,CAAC;AAEzE,MAAM,mBAAmB,GAAG,MAC1BA,uBAAM,CAAC,GAAG,CAAC,yBAAyB,CAAW,CAAC;AAClD;AACA,MAAM,uBAAuB,GAAG,MAC9BA,uBAAM,CAAC,GAAG,CAAC,4BAA4B,CAAoB,CAAC;AAEjD,MAAA,GAAG,GAAG;AACjB;;;AAGG;AACH,IAAA,MAAM,QAAQ,CACZ,OAAY,EACZ,EACE,GAAG,GAAG,YAAY,EAAE,EACpB,SAAS,GAAG,YAAY,EAAE,EAC1B,GAAG,OAAO,KAC0B,EAAE,EAAA;;AAGxC,QAAA,MAAM,IAAI,GAAGC,oBAAY,CAAC,EAAE,GAAG,EAAE,GAAG,OAAO,EAAE,SAAS,EAAE,CAAC,CAAC;AAE1D,QAAA,OAAO,IAAI,CAAC,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;KAC7B;AAED;;;;AAIG;AACH,IAAA,MAAM,MAAM,CACV,KAAa,EACb,EACE,GAAG,GAAG,YAAY,EAAE,EACpB,UAAU,GAAG,YAAY,EAAE,GAAG,CAAC,YAAY,EAAE,CAAC,GAAG,SAAS,EAC1D,GAAG,OAAO,KAC4B,EAAE,EAAA;AAE1C,QAAA,MAAM,MAAM,GAAGC,sBAAc,CAAC,EAAE,GAAG,EAAE,GAAG,OAAO,EAAE,UAAU,EAAE,CAAC,CAAC;AAE/D,QAAA,OAAO,MAAM,MAAM,CAAC,KAAe,CAAC,CAAC;KACtC;AAED;;AAEG;IACH,MAAM,oBAAoB,CACxB,OAAY,EACZ,EACE,GAAG,GAAG,mBAAmB,EAAE,EAC3B,SAAS,GAAG,uBAAuB,EAAE,EACrC,SAAS,GAAG,YAAY,EAAE,EAC1B,GAAG,OAAO,EAAA,GAC0B,EAAE,EAAA;AAExC,QAAA,MAAM,IAAI,GAAGD,oBAAY,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;AACrE,QAAA,OAAO,IAAI,CAAC,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;KAC7B;AAED;;AAEG;IACH,MAAM,kBAAkB,CACtB,KAAa,EACb,EACE,GAAG,GAAG,mBAAmB,EAAE,EAC3B,UAAU,GAAG,CAAC,YAAY,EAAE,CAAC,EAC7B,GAAG,OAAO,EAAA,GAC4B,EAAE,EAAA;AAE1C,QAAA,MAAM,MAAM,GAAGC,sBAAc,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;AAC/D,QAAA,OAAO,MAAM,MAAM,CAAC,KAAK,CAAC,CAAC;KAC5B;"}

package/esm/commands/index.d.ts

@@ -0,0 +1,2 @@
+export declare function registerJWTSecretGeneratorCommand(): any;
+//# sourceMappingURL=index.d.ts.map

package/esm/commands/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/commands/index.ts"],"names":[],"mappings":"AAGA,wBAAgB,iCAAiC,QAEhD"}

package/esm/commands/index.js

@@ -0,0 +1,3 @@
+import {command}from'@warlock.js/core';import {generateJWTSecret}from'../services/generate-jwt-secret.js';function registerJWTSecretGeneratorCommand() {
+    return command("jwt.generate").action(generateJWTSecret);
+}export{registerJWTSecretGeneratorCommand};//# sourceMappingURL=index.js.map

package/esm/commands/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sources":["../../src/commands/index.ts"],"sourcesContent":[null],"names":[],"mappings":"mHAGgB,iCAAiC,GAAA;IAC/C,OAAO,OAAO,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;AAC3D"}

package/esm/contracts/auth-contract.d.ts

@@ -0,0 +1,23 @@
+export interface Authenticable {
+    /**
+     * Generate access token
+     */
+    generateAccessToken(): Promise<string>;
+    /**
+     * Generate refresh token
+     */
+    generateRefreshToken(): Promise<string>;
+    /**
+     * Change password
+     */
+    changePassword(password: string): Promise<void>;
+    /**
+     * Verify Password
+     */
+    verifyPassword(password: string): Promise<boolean>;
+    /**
+     * Get user type
+     */
+    getUserType(): string;
+}
+//# sourceMappingURL=auth-contract.d.ts.map

package/esm/contracts/auth-contract.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-contract.d.ts","sourceRoot":"","sources":["../../src/contracts/auth-contract.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,mBAAmB,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;IAEvC;;OAEG;IACH,oBAAoB,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;IAExC;;OAEG;IACH,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEhD;;OAEG;IACH,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAEnD;;OAEG;IACH,WAAW,IAAI,MAAM,CAAC;CACvB"}

package/esm/contracts/index.d.ts

@@ -0,0 +1,3 @@
+export * from "./auth-contract";
+export * from "./types";
+//# sourceMappingURL=index.d.ts.map

package/esm/contracts/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/contracts/index.ts"],"names":[],"mappings":"AAAA,cAAc,iBAAiB,CAAC;AAChC,cAAc,SAAS,CAAC"}

package/esm/contracts/types.d.ts

@@ -0,0 +1,23 @@
+import { type Algorithm } from "fast-jwt";
+import type { Auth } from "../models/auth";
+export type AuthConfigurations = {
+    /**
+     * Define all user types
+     * This is important to differentiate between user types when validating and generating tokens
+     */
+    userType: {
+        [userType: string]: typeof Auth;
+    };
+    /**
+     * JWT configurations
+     */
+    jwt: {
+        secret: string;
+        algorithm?: Algorithm;
+        refresh?: {
+            secret?: string;
+            expiresIn?: number | string;
+        };
+    };
+};
+//# sourceMappingURL=types.d.ts.map

package/esm/contracts/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/contracts/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,SAAS,EAAE,MAAM,UAAU,CAAC;AAC1C,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAE3C,MAAM,MAAM,kBAAkB,GAAG;IAC/B;;;OAGG;IACH,QAAQ,EAAE;QACR,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,IAAI,CAAC;KACjC,CAAC;IACF;;OAEG;IACH,GAAG,EAAE;QACH,MAAM,EAAE,MAAM,CAAC;QACf,SAAS,CAAC,EAAE,SAAS,CAAC;QACtB,OAAO,CAAC,EAAE;YACR,MAAM,CAAC,EAAE,MAAM,CAAC;YAChB,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;SAC7B,CAAC;KACH,CAAC;CACH,CAAC"}

package/esm/controllers/guest-login.d.ts

@@ -0,0 +1,3 @@
+import type { Request, Response } from "@warlock.js/core";
+export declare function guestLogin(_request: Request, response: Response): Promise<any>;
+//# sourceMappingURL=guest-login.d.ts.map

package/esm/controllers/guest-login.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guest-login.d.ts","sourceRoot":"","sources":["../../src/controllers/guest-login.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAG1D,wBAAsB,UAAU,CAAC,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,gBAIrE"}

package/esm/controllers/guest-login.js

@@ -0,0 +1,5 @@
+import {generateGuestToken}from'../services/generate-guest-token.js';async function guestLogin(_request, response) {
+    return response.send({
+        user: await generateGuestToken(),
+    });
+}export{guestLogin};//# sourceMappingURL=guest-login.js.map

package/esm/controllers/guest-login.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"guest-login.js","sources":["../../src/controllers/guest-login.ts"],"sourcesContent":[null],"names":[],"mappings":"qEAGO,eAAe,UAAU,CAAC,QAAiB,EAAE,QAAkB,EAAA;IACpE,OAAO,QAAQ,CAAC,IAAI,CAAC;QACnB,IAAI,EAAE,MAAM,kBAAkB,EAAE;AACjC,KAAA,CAAC,CAAC;AACL"}

package/esm/controllers/index.d.ts

@@ -0,0 +1,2 @@
+export * from "./guest-login";
+//# sourceMappingURL=index.d.ts.map

package/esm/controllers/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/controllers/index.ts"],"names":[],"mappings":"AAAA,cAAc,eAAe,CAAC"}

package/esm/index.d.ts

@@ -0,0 +1,7 @@
+export * from "./commands";
+export * from "./contracts";
+export * from "./controllers";
+export * from "./middleware";
+export * from "./models";
+export * from "./services";
+//# sourceMappingURL=index.d.ts.map

package/esm/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAC;AAC3B,cAAc,aAAa,CAAC;AAC5B,cAAc,eAAe,CAAC;AAC9B,cAAc,cAAc,CAAC;AAC7B,cAAc,UAAU,CAAC;AACzB,cAAc,YAAY,CAAC"}

package/esm/index.js

@@ -0,0 +1 @@
+export{registerJWTSecretGeneratorCommand}from'./commands/index.js';export{guestLogin}from'./controllers/guest-login.js';export{authMiddleware}from'./middleware/auth-middleware.js';export{AccessToken,AccessTokenBlueprint}from'./models/access-token/access-token.js';export{accessTokenMigration}from'./models/access-token/migration.js';export{Auth}from'./models/auth.js';export{castPassword}from'./models/casts/cast-password.js';export{Guest}from'./models/guest/guest.js';export{guestBlueprint,guestMigration}from'./models/guest/migration.js';export{generateGuestToken}from'./services/generate-guest-token.js';export{generateJWTSecret}from'./services/generate-jwt-secret.js';export{jwt}from'./services/jwt.js';//# sourceMappingURL=index.js.map

package/esm/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sources":[],"sourcesContent":[],"names":[],"mappings":""}

package/esm/middleware/auth-middleware.d.ts

@@ -0,0 +1,2 @@
+export declare function authMiddleware(allowedUserType?: string): Middleware;
+//# sourceMappingURL=auth-middleware.d.ts.map

package/esm/middleware/auth-middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-middleware.d.ts","sourceRoot":"","sources":["../../src/middleware/auth-middleware.ts"],"names":[],"mappings":"AAMA,wBAAgB,cAAc,CAAC,eAAe,CAAC,EAAE,MAAM,cAkGtD"}

package/esm/middleware/auth-middleware.js

@@ -0,0 +1,79 @@
+import config from'@mongez/config';import {log}from'@warlock.js/logger';import {AccessToken}from'../models/access-token/access-token.js';import'../models/access-token/migration.js';import {jwt}from'../services/jwt.js';function authMiddleware(allowedUserType) {
+    const auth = async (request, response) => {
+        try {
+            const authorizationValue = request.authorizationValue;
+            if (!authorizationValue) {
+                return response.unauthorized({
+                    error: "Unauthorized: Access Token is missing",
+                });
+            }
+            // get current user jwt
+            const user = await jwt.verify(authorizationValue);
+            // use our own jwt verify to verify the token
+            const accessToken = await AccessToken.first({
+                token: authorizationValue,
+            });
+            if (!accessToken) {
+                return response.unauthorized({
+                    error: "Unauthorized: Invalid Access Token",
+                });
+            }
+            // now, we need to get an instance of user using its corresponding model
+            const userType = user.userType || accessToken.get("userType");
+            // check if the user type is allowed
+            if (allowedUserType && userType !== allowedUserType) {
+                return response.unauthorized({
+                    error: "You are not allowed to access this resource",
+                });
+            }
+            // get user model class
+            const UserModel = config.get(`auth.userType.${userType}`);
+            if (!UserModel) {
+                throw new Error(`User type ${userType} is unknown type.`);
+            }
+            // get user model instance
+            const currentUser = await UserModel.find(user.id);
+            if (!currentUser) {
+                accessToken.destroy();
+                return response.unauthorized({
+                    error: "Unauthorized: Invalid Access Token",
+                });
+            }
+            // set current user
+            request.user = currentUser;
+        }
+        catch (err) {
+            log.error("http", "auth", err);
+            // unset current user
+            request.clearCurrentUser();
+            return response.unauthorized({
+                error: "Unauthorized: Invalid Access Token",
+            });
+        }
+    };
+    if (allowedUserType) {
+        const userAccessTokenKey = `${allowedUserType}AccessToken`;
+        const userAccessTokenKeyNameHeader = `${allowedUserType}AccessTokenHeader`;
+        auth.postman = {
+            onCollectingVariables(variables) {
+                if (variables.find((variable) => variable.key === userAccessTokenKeyNameHeader))
+                    return;
+                variables.push({
+                    key: userAccessTokenKey,
+                    value: "YOUR_TOKEN_HERE",
+                });
+                variables.push({
+                    key: userAccessTokenKeyNameHeader,
+                    value: `Bearer {{${userAccessTokenKey}}}`,
+                });
+            },
+            onAddingRequest({ request }) {
+                request.header.push({
+                    key: "Authorization",
+                    value: `{{${userAccessTokenKeyNameHeader}}}`,
+                });
+            },
+        };
+    }
+    return auth;
+}export{authMiddleware};//# sourceMappingURL=auth-middleware.js.map

package/esm/middleware/auth-middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-middleware.js","sources":["../../src/middleware/auth-middleware.ts"],"sourcesContent":[null],"names":[],"mappings":"0NAMM,SAAU,cAAc,CAAC,eAAwB,EAAA;IACrD,MAAM,IAAI,GAAe,OAAO,OAAgB,EAAE,QAAkB,KAAI;QACtE,IAAI;AACF,YAAA,MAAM,kBAAkB,GAAG,OAAO,CAAC,kBAAkB,CAAC;YAEtD,IAAI,CAAC,kBAAkB,EAAE;gBACvB,OAAO,QAAQ,CAAC,YAAY,CAAC;AAC3B,oBAAA,KAAK,EAAE,uCAAuC;AAC/C,iBAAA,CAAC,CAAC;AACJ,aAAA;;YAGD,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;;AAGlD,YAAA,MAAM,WAAW,GAAG,MAAM,WAAW,CAAC,KAAK,CAAC;AAC1C,gBAAA,KAAK,EAAE,kBAAkB;AAC1B,aAAA,CAAC,CAAC;YAEH,IAAI,CAAC,WAAW,EAAE;gBAChB,OAAO,QAAQ,CAAC,YAAY,CAAC;AAC3B,oBAAA,KAAK,EAAE,oCAAoC;AAC5C,iBAAA,CAAC,CAAC;AACJ,aAAA;;AAGD,YAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,IAAI,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;;AAG9D,YAAA,IAAI,eAAe,IAAI,QAAQ,KAAK,eAAe,EAAE;gBACnD,OAAO,QAAQ,CAAC,YAAY,CAAC;AAC3B,oBAAA,KAAK,EAAE,6CAA6C;AACrD,iBAAA,CAAC,CAAC;AACJ,aAAA;;YAGD,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,CAAiB,cAAA,EAAA,QAAQ,CAAE,CAAA,CAAC,CAAC;YAE1D,IAAI,CAAC,SAAS,EAAE;AACd,gBAAA,MAAM,IAAI,KAAK,CAAC,aAAa,QAAQ,CAAA,iBAAA,CAAmB,CAAC,CAAC;AAC3D,aAAA;;YAGD,MAAM,WAAW,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAElD,IAAI,CAAC,WAAW,EAAE;gBAChB,WAAW,CAAC,OAAO,EAAE,CAAC;gBACtB,OAAO,QAAQ,CAAC,YAAY,CAAC;AAC3B,oBAAA,KAAK,EAAE,oCAAoC;AAC5C,iBAAA,CAAC,CAAC;AACJ,aAAA;;AAGD,YAAA,OAAO,CAAC,IAAI,GAAG,WAAW,CAAC;AAC5B,SAAA;AAAC,QAAA,OAAO,GAAQ,EAAE;YACjB,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC;;YAG/B,OAAO,CAAC,gBAAgB,EAAE,CAAC;YAE3B,OAAO,QAAQ,CAAC,YAAY,CAAC;AAC3B,gBAAA,KAAK,EAAE,oCAAoC;AAC5C,aAAA,CAAC,CAAC;AACJ,SAAA;AACH,KAAC,CAAC;AAEF,IAAA,IAAI,eAAe,EAAE;AACnB,QAAA,MAAM,kBAAkB,GAAG,CAAG,EAAA,eAAe,aAAa,CAAC;AAC3D,QAAA,MAAM,4BAA4B,GAAG,CAAG,EAAA,eAAe,mBAAmB,CAAC;QAC1E,IAAY,CAAC,OAAO,GAAG;AACtB,YAAA,qBAAqB,CAAC,SAAc,EAAA;AAClC,gBAAA,IACE,SAAS,CAAC,IAAI,CACZ,CAAC,QAAa,KAAK,QAAQ,CAAC,GAAG,KAAK,4BAA4B,CACjE;oBAED,OAAO;gBAET,SAAS,CAAC,IAAI,CAAC;AACb,oBAAA,GAAG,EAAE,kBAAkB;AACvB,oBAAA,KAAK,EAAE,iBAAiB;AACzB,iBAAA,CAAC,CAAC;gBAEH,SAAS,CAAC,IAAI,CAAC;AACb,oBAAA,GAAG,EAAE,4BAA4B;oBACjC,KAAK,EAAE,CAAY,SAAA,EAAA,kBAAkB,CAAI,EAAA,CAAA;AAC1C,iBAAA,CAAC,CAAC;aACJ;YACD,eAAe,CAAC,EAAE,OAAO,EAAO,EAAA;AAC9B,gBAAA,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC;AAClB,oBAAA,GAAG,EAAE,eAAe;oBACpB,KAAK,EAAE,CAAK,EAAA,EAAA,4BAA4B,CAAI,EAAA,CAAA;AAC7C,iBAAA,CAAC,CAAC;aACJ;SACF,CAAC;AACH,KAAA;AAED,IAAA,OAAO,IAAI,CAAC;AACd"}

package/esm/middleware/index.d.ts

@@ -0,0 +1,2 @@
+export * from "./auth-middleware";
+//# sourceMappingURL=index.d.ts.map

package/esm/middleware/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":"AAAA,cAAc,mBAAmB,CAAC"}

package/esm/models/access-token/access-token.d.ts

@@ -0,0 +1,9 @@
+import { Model } from "@warlock.js/cascade";
+export declare class AccessToken extends Model {
+    /**
+     * {@inheritDoc}
+     */
+    static collection: string;
+}
+export declare const AccessTokenBlueprint: any;
+//# sourceMappingURL=access-token.d.ts.map

package/esm/models/access-token/access-token.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"access-token.d.ts","sourceRoot":"","sources":["../../../src/models/access-token/access-token.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAC;AAE5C,qBAAa,WAAY,SAAQ,KAAK;IACpC;;OAEG;IACH,OAAc,UAAU,SAAkB;CAC3C;AAED,eAAO,MAAM,oBAAoB,KAA0B,CAAC"}

package/esm/models/access-token/access-token.js

@@ -0,0 +1,7 @@
+import {Model}from'@warlock.js/cascade';class AccessToken extends Model {
+    /**
+     * {@inheritDoc}
+     */
+    static collection = "accessTokens";
+}
+const AccessTokenBlueprint = AccessToken.blueprint();export{AccessToken,AccessTokenBlueprint};//# sourceMappingURL=access-token.js.map

package/esm/models/access-token/access-token.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"access-token.js","sources":["../../../src/models/access-token/access-token.ts"],"sourcesContent":[null],"names":[],"mappings":"wCAEM,MAAO,WAAY,SAAQ,KAAK,CAAA;AACpC;;AAEG;AACI,IAAA,OAAO,UAAU,GAAG,cAAc,CAAC;;MAG/B,oBAAoB,GAAG,WAAW,CAAC,SAAS"}

package/esm/models/access-token/index.d.ts

@@ -0,0 +1,3 @@
+export * from "./access-token";
+export * from "./migration";
+//# sourceMappingURL=index.d.ts.map

package/esm/models/access-token/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/models/access-token/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAC;AAC/B,cAAc,aAAa,CAAC"}

package/esm/models/access-token/migration.d.ts

@@ -0,0 +1,6 @@
+export declare function accessTokenMigration(): Promise<void>;
+export declare namespace accessTokenMigration {
+    var down: () => Promise<void>;
+    var blueprint: any;
+}
+//# sourceMappingURL=migration.d.ts.map

package/esm/models/access-token/migration.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"migration.d.ts","sourceRoot":"","sources":["../../../src/models/access-token/migration.ts"],"names":[],"mappings":"AAEA,wBAAsB,oBAAoB,kBAEzC;yBAFqB,oBAAoB"}

package/esm/models/access-token/migration.js

@@ -0,0 +1,7 @@
+import {AccessTokenBlueprint}from'./access-token.js';async function accessTokenMigration() {
+    AccessTokenBlueprint.unique("token");
+}
+accessTokenMigration.down = async () => {
+    AccessTokenBlueprint.dropUniqueIndex("token");
+};
+accessTokenMigration.blueprint = AccessTokenBlueprint;export{accessTokenMigration};//# sourceMappingURL=migration.js.map

package/esm/models/access-token/migration.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"migration.js","sources":["../../../src/models/access-token/migration.ts"],"sourcesContent":[null],"names":[],"mappings":"qDAEO,eAAe,oBAAoB,GAAA;AACxC,IAAA,oBAAoB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AACvC,CAAC;AAED,oBAAoB,CAAC,IAAI,GAAG,YAAW;AACrC,IAAA,oBAAoB,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;AAChD,CAAC,CAAC;AAEF,oBAAoB,CAAC,SAAS,GAAG,oBAAoB"}

package/esm/models/auth.d.ts

@@ -0,0 +1,25 @@
+import type { ChildModel } from "@warlock.js/cascade";
+import { Model } from "@warlock.js/cascade";
+export declare abstract class Auth extends Model {
+    /**
+     * Get user type
+     */
+    abstract get userType(): string;
+    /**
+     * Generate jwt token
+     */
+    generateAccessToken(): Promise<string>;
+    /**
+     * Remove current access token
+     */
+    removeAccessToken(token: string): Promise<void>;
+    /**
+     * Attempt to login the user
+     */
+    static attempt<T>(this: ChildModel<T>, data: any): Promise<T | null>;
+    /**
+     * Confirm password
+     */
+    confirmPassword(password: string): any;
+}
+//# sourceMappingURL=auth.d.ts.map

package/esm/models/auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/models/auth.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAC;AAI5C,8BAAsB,IAAK,SAAQ,KAAK;IACtC;;OAEG;IACH,aAAoB,QAAQ,IAAI,MAAM,CAAC;IAEvC;;OAEG;IACU,mBAAmB,IAAI,OAAO,CAAC,MAAM,CAAC;IAyBnD;;OAEG;IACU,iBAAiB,CAAC,KAAK,EAAE,MAAM;IAO5C;;OAEG;WACiB,OAAO,CAAC,CAAC,EAC3B,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,EACnB,IAAI,EAAE,GAAG,GACR,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC;IAkBpB;;OAEG;IACI,eAAe,CAAC,QAAQ,EAAE,MAAM;CAGxC"}

package/esm/models/auth.js

@@ -0,0 +1,57 @@
+import {verify}from'@mongez/password';import {Model}from'@warlock.js/cascade';import {jwt}from'../services/jwt.js';import {AccessToken}from'./access-token/access-token.js';import'./access-token/migration.js';class Auth extends Model {
+    /**
+     * Generate jwt token
+     */
+    async generateAccessToken() {
+        // store the main data in the data object
+        // we need to store the user data in an object
+        // that we'll sue to generate the token
+        // and also it will be saved in the Access Token model under `user` column
+        const data = {
+            ...this.only(["id", "_id"]),
+            userType: this.userType,
+            createdAt: Date.now(),
+        };
+        // use our own jwt generator to generate a token for the guest
+        const token = await jwt.generate(data);
+        // store token and the auth model data in the access token model
+        // note that we didn't make it sync because we don't want to wait for the token to be stored in the database
+        // as nothing depends on it
+        AccessToken.create({
+            token,
+            user: data,
+        });
+        return token;
+    }
+    /**
+     * Remove current access token
+     */
+    async removeAccessToken(token) {
+        AccessToken.delete({
+            token: token,
+            "user.id": this.id,
+        });
+    }
+    /**
+     * Attempt to login the user
+     */
+    static async attempt(data) {
+        // find first user with the given data, but exclude from it the password
+        const { password, ...otherData } = data;
+        const user = (await this.first(otherData));
+        if (!user) {
+            return null;
+        }
+        // now verify the password
+        if (!user.confirmPassword(password)) {
+            return null;
+        }
+        return user;
+    }
+    /**
+     * Confirm password
+     */
+    confirmPassword(password) {
+        return verify(String(this.get("password")), String(password));
+    }
+}export{Auth};//# sourceMappingURL=auth.js.map

package/esm/models/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.js","sources":["../../src/models/auth.ts"],"sourcesContent":[null],"names":[],"mappings":"gNAMM,MAAgB,IAAK,SAAQ,KAAK,CAAA;AAMtC;;AAEG;AACI,IAAA,MAAM,mBAAmB,GAAA;;;;;AAK9B,QAAA,MAAM,IAAI,GAAG;YACX,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ;AACvB,YAAA,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;SACtB,CAAC;;QAGF,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;;;;QAKvC,WAAW,CAAC,MAAM,CAAC;YACjB,KAAK;AACL,YAAA,IAAI,EAAE,IAAI;AACX,SAAA,CAAC,CAAC;AAEH,QAAA,OAAO,KAAK,CAAC;KACd;AAED;;AAEG;IACI,MAAM,iBAAiB,CAAC,KAAa,EAAA;QAC1C,WAAW,CAAC,MAAM,CAAC;AACjB,YAAA,KAAK,EAAE,KAAK;YACZ,SAAS,EAAE,IAAI,CAAC,EAAE;AACnB,SAAA,CAAC,CAAC;KACJ;AAED;;AAEG;AACI,IAAA,aAAa,OAAO,CAEzB,IAAS,EAAA;;QAGT,MAAM,EAAE,QAAQ,EAAE,GAAG,SAAS,EAAE,GAAG,IAAI,CAAC;QAExC,MAAM,IAAI,IAAI,MAAM,IAAI,CAAC,KAAK,CAAI,SAAS,CAAC,CAAgB,CAAC;QAE7D,IAAI,CAAC,IAAI,EAAE;AACT,YAAA,OAAO,IAAI,CAAC;AACb,SAAA;;AAGD,QAAA,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,EAAE;AACnC,YAAA,OAAO,IAAI,CAAC;AACb,SAAA;AAED,QAAA,OAAO,IAAS,CAAC;KAClB;AAED;;AAEG;AACI,IAAA,eAAe,CAAC,QAAgB,EAAA;AACrC,QAAA,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC;KAC/D;AACF"}

package/esm/models/casts/cast-password.d.ts

@@ -0,0 +1,7 @@
+import type { Model } from "@warlock.js/cascade";
+/**
+ * Cast password on model save
+ * If the password is not changed, keep it as is
+ */
+export declare function castPassword(value: any, column: string, model: Model): any;
+//# sourceMappingURL=cast-password.d.ts.map

package/esm/models/casts/cast-password.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cast-password.d.ts","sourceRoot":"","sources":["../../../src/models/casts/cast-password.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAC;AAEjD;;;GAGG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,OAIpE"}

package/esm/models/casts/cast-password.js

@@ -0,0 +1,9 @@
+import Password from'@mongez/password';/**
+ * Cast password on model save
+ * If the password is not changed, keep it as is
+ */
+function castPassword(value, column, model) {
+    return value
+        ? Password.generate(String(value), 12)
+        : model.getInitial(column);
+}export{castPassword};//# sourceMappingURL=cast-password.js.map

package/esm/models/casts/cast-password.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cast-password.js","sources":["../../../src/models/casts/cast-password.ts"],"sourcesContent":[null],"names":[],"mappings":"uCAGA;;;AAGG;SACa,YAAY,CAAC,KAAU,EAAE,MAAc,EAAE,KAAY,EAAA;AACnE,IAAA,OAAO,KAAK;UACR,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;AACtC,UAAE,KAAK,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;AAC/B"}

package/esm/models/casts/index.d.ts

@@ -0,0 +1,2 @@
+export * from "./cast-password";
+//# sourceMappingURL=index.d.ts.map

package/esm/models/casts/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/models/casts/index.ts"],"names":[],"mappings":"AAAA,cAAc,iBAAiB,CAAC"}

package/esm/models/guest/guest.d.ts

@@ -0,0 +1,26 @@
+import type { Document } from "@warlock.js/cascade";
+import { Auth } from "../auth";
+export declare class Guest extends Auth {
+    /**
+     * {@inheritDoc}
+     */
+    static collection: string;
+    /**
+     * Set the user type key
+     * If set to empty string, then it will ignored
+     */
+    userTypeKey: string;
+    /**
+     * Get user type
+     */
+    get userType(): string;
+    /**
+     * {@inheritDoc}
+     */
+    get embeddedData(): Document;
+    /**
+     * {@inheritDoc}
+     */
+    toJSON(): Promise<any>;
+}
+//# sourceMappingURL=guest.d.ts.map

package/esm/models/guest/guest.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guest.d.ts","sourceRoot":"","sources":["../../../src/models/guest/guest.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,IAAI,EAAE,MAAM,SAAS,CAAC;AAE/B,qBAAa,KAAM,SAAQ,IAAI;IAC7B;;OAEG;IACH,OAAc,UAAU,SAAY;IAEpC;;;OAGG;IACI,WAAW,SAAc;IAEhC;;OAEG;IACH,IAAW,QAAQ,IAAI,MAAM,CAE5B;IAED;;OAEG;IACH,IAAW,YAAY,IAAI,QAAQ,CAMlC;IAED;;OAEG;IACU,MAAM;CAQpB"}

package/esm/models/guest/guest.js

@@ -0,0 +1,39 @@
+import {Auth}from'../auth.js';class Guest extends Auth {
+    /**
+     * {@inheritDoc}
+     */
+    static collection = "guests";
+    /**
+     * Set the user type key
+     * If set to empty string, then it will ignored
+     */
+    userTypeKey = "userType";
+    /**
+     * Get user type
+     */
+    get userType() {
+        return "guest";
+    }
+    /**
+     * {@inheritDoc}
+     */
+    get embeddedData() {
+        if (!this.userTypeKey)
+            return super.embeddedData;
+        return {
+            ...this.onlyId,
+            [this.userTypeKey]: this.userType,
+        };
+    }
+    /**
+     * {@inheritDoc}
+     */
+    async toJSON() {
+        if (!this.userTypeKey)
+            return this.onlyId;
+        return {
+            ...this.onlyId,
+            [this.userTypeKey]: this.userType,
+        };
+    }
+}export{Guest};//# sourceMappingURL=guest.js.map

package/esm/models/guest/guest.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"guest.js","sources":["../../../src/models/guest/guest.ts"],"sourcesContent":[null],"names":[],"mappings":"8BAGM,MAAO,KAAM,SAAQ,IAAI,CAAA;AAC7B;;AAEG;AACI,IAAA,OAAO,UAAU,GAAG,QAAQ,CAAC;AAEpC;;;AAGG;IACI,WAAW,GAAG,UAAU,CAAC;AAEhC;;AAEG;AACH,IAAA,IAAW,QAAQ,GAAA;AACjB,QAAA,OAAO,OAAO,CAAC;KAChB;AAED;;AAEG;AACH,IAAA,IAAW,YAAY,GAAA;QACrB,IAAI,CAAC,IAAI,CAAC,WAAW;YAAE,OAAO,KAAK,CAAC,YAAY,CAAC;QACjD,OAAO;YACL,GAAG,IAAI,CAAC,MAAM;AACd,YAAA,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,QAAQ;SAClC,CAAC;KACH;AAED;;AAEG;AACI,IAAA,MAAM,MAAM,GAAA;QACjB,IAAI,CAAC,IAAI,CAAC,WAAW;YAAE,OAAO,IAAI,CAAC,MAAM,CAAC;QAE1C,OAAO;YACL,GAAG,IAAI,CAAC,MAAM;AACd,YAAA,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,QAAQ;SAClC,CAAC;KACH;"}

package/esm/models/guest/index.d.ts

@@ -0,0 +1,3 @@
+export * from "./guest";
+export * from "./migration";
+//# sourceMappingURL=index.d.ts.map

package/esm/models/guest/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/models/guest/index.ts"],"names":[],"mappings":"AAAA,cAAc,SAAS,CAAC;AACxB,cAAc,aAAa,CAAC"}

package/esm/models/guest/migration.d.ts

@@ -0,0 +1,7 @@
+export declare const guestBlueprint: any;
+export declare function guestMigration(): Promise<void>;
+export declare namespace guestMigration {
+    var down: () => Promise<void>;
+    var blueprint: any;
+}
+//# sourceMappingURL=migration.d.ts.map

package/esm/models/guest/migration.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"migration.d.ts","sourceRoot":"","sources":["../../../src/models/guest/migration.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,cAAc,KAAoB,CAAC;AAEhD,wBAAsB,cAAc,kBAEnC;yBAFqB,cAAc"}

package/esm/models/guest/migration.js

@@ -0,0 +1,8 @@
+import {Guest}from'./guest.js';const guestBlueprint = Guest.blueprint();
+async function guestMigration() {
+    await guestBlueprint.unique("id");
+}
+guestMigration.down = async () => {
+    await guestBlueprint.dropUniqueIndex("id");
+};
+guestMigration.blueprint = guestBlueprint;export{guestBlueprint,guestMigration};//# sourceMappingURL=migration.js.map

package/esm/models/guest/migration.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"migration.js","sources":["../../../src/models/guest/migration.ts"],"sourcesContent":[null],"names":[],"mappings":"qCAEa,cAAc,GAAG,KAAK,CAAC,SAAS,GAAG;AAEzC,eAAe,cAAc,GAAA;AAClC,IAAA,MAAM,cAAc,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AACpC,CAAC;AAED,cAAc,CAAC,IAAI,GAAG,YAAW;AAC/B,IAAA,MAAM,cAAc,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;AAC7C,CAAC,CAAC;AAEF,cAAc,CAAC,SAAS,GAAG,cAAc"}

package/esm/models/index.d.ts

@@ -0,0 +1,5 @@
+export * from "./access-token";
+export * from "./auth";
+export * from "./casts";
+export * from "./guest";
+//# sourceMappingURL=index.d.ts.map

package/esm/models/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/models/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAC;AAC/B,cAAc,QAAQ,CAAC;AACvB,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC"}