@warlock.js/auth 4.0.162 → 4.0.164

package/esm/services/auth-events.js

@@ -0,0 +1,65 @@
+import events from'@mongez/events';/**
+ * Event namespace prefix for auth events
+ */
+const AUTH_EVENT_PREFIX = "auth.";
+/**
+ * Type-safe auth events manager
+ *
+ * @example
+ * ```typescript
+ * // Subscribe to events with full autocomplete
+ * authEvents.on("login.success", (user, tokenPair, deviceInfo) => {
+ *   console.log(`User ${user.id} logged in`);
+ * });
+ *
+ * authEvents.on("token.refreshed", (user, newPair, oldToken) => {
+ *   console.log(`Token refreshed for user ${user.id}`);
+ * });
+ *
+ * // Trigger events
+ * authEvents.emit("login.success", user, tokenPair, deviceInfo);
+ * ```
+ */
+const authEvents = {
+    /**
+     * Subscribe to an auth event
+     */
+    on(event, callback) {
+        return events.subscribe(AUTH_EVENT_PREFIX + event, callback);
+    },
+    /**
+     * Subscribe to an auth event (alias for `on`)
+     */
+    subscribe(event, callback) {
+        return this.on(event, callback);
+    },
+    /**
+     * Emit an auth event
+     */
+    emit(event, ...args) {
+        events.trigger(AUTH_EVENT_PREFIX + event, ...args);
+    },
+    /**
+     * Emit an auth event (alias for `emit`)
+     */
+    trigger(event, ...args) {
+        this.emit(event, ...args);
+    },
+    /**
+     * Unsubscribe from all auth events
+     */
+    unsubscribeAll() {
+        events.unsubscribeNamespace(AUTH_EVENT_PREFIX.slice(0, -1));
+    },
+    /**
+     * Unsubscribe from a specific auth event
+     */
+    off(event) {
+        if (event) {
+            events.unsubscribe(AUTH_EVENT_PREFIX + event);
+        }
+        else {
+            this.unsubscribeAll();
+        }
+    },
+};export{authEvents};//# sourceMappingURL=auth-events.js.map

package/esm/services/auth-events.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-events.js","sources":["../../src/services/auth-events.ts"],"sourcesContent":[null],"names":[],"mappings":"mCAmDA;;AAEG;AACH,MAAM,iBAAiB,GAAG,OAAO,CAAC;AAElC;;;;;;;;;;;;;;;;;AAiBG;AACU,MAAA,UAAU,GAAG;AACxB;;AAEG;IACH,EAAE,CAA0B,KAAQ,EAAE,QAA8B,EAAA;QAClE,OAAO,MAAM,CAAC,SAAS,CAAC,iBAAiB,GAAG,KAAK,EAAE,QAAoB,CAAC,CAAC;KAC1E;AAED;;AAEG;IACH,SAAS,CAA0B,KAAQ,EAAE,QAA8B,EAAA;QACzE,OAAO,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;KACjC;AAED;;AAEG;AACH,IAAA,IAAI,CAA0B,KAAQ,EAAE,GAAG,IAA0B,EAAA;QACnE,MAAM,CAAC,OAAO,CAAC,iBAAiB,GAAG,KAAK,EAAE,GAAG,IAAI,CAAC,CAAC;KACpD;AAED;;AAEG;AACH,IAAA,OAAO,CAA0B,KAAQ,EAAE,GAAG,IAA0B,EAAA;QACtE,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,GAAG,IAAI,CAAC,CAAC;KAC3B;AAED;;AAEG;IACH,cAAc,GAAA;AACZ,QAAA,MAAM,CAAC,oBAAoB,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;KAC7D;AAED;;AAEG;AACH,IAAA,GAAG,CAAC,KAAqB,EAAA;AACvB,QAAA,IAAI,KAAK,EAAE;AACT,YAAA,MAAM,CAAC,WAAW,CAAC,iBAAiB,GAAG,KAAK,CAAC,CAAC;AAC/C,SAAA;AAAM,aAAA;YACL,IAAI,CAAC,cAAc,EAAE,CAAC;AACvB,SAAA;KACF;"}

package/esm/services/auth.service.d.ts

@@ -0,0 +1,92 @@
+import type { ChildModel } from "@warlock.js/cascade";
+import type { AccessTokenOutput, DeviceInfo, LoginResult, TokenPair } from "../contracts/types";
+import type { Auth } from "../models/auth.model";
+import { RefreshToken } from "../models/refresh-token";
+declare class AuthService {
+    /**
+     * Build access token payload from user
+     */
+    buildAccessTokenPayload(user: Auth): {
+        id: any;
+        userType: string;
+        created_at: number;
+    };
+    /**
+     * Generate access token for user
+     */
+    generateAccessToken(user: Auth, payload?: any): Promise<AccessTokenOutput>;
+    /**
+     * Create refresh token for user
+     */
+    createRefreshToken(user: Auth, deviceInfo?: DeviceInfo): Promise<RefreshToken>;
+    /**
+     * Create both access and refresh tokens
+     */
+    createTokenPair(user: Auth, deviceInfo?: DeviceInfo): Promise<TokenPair>;
+    /**
+     * Refresh tokens using a refresh token
+     */
+    refreshTokens(refreshTokenString: string, deviceInfo?: DeviceInfo): Promise<TokenPair | null>;
+    /**
+     * Verify password
+     */
+    verifyPassword(plainPassword: string, hashedPassword: string): Promise<boolean>;
+    /**
+     * Hash password
+     */
+    hashPassword(password: string): Promise<string>;
+    /**
+     * Attempt to login user with given credentials
+     */
+    attemptLogin<T extends Auth>(Model: ChildModel<T>, data: any): Promise<T | null>;
+    /**
+     * Full login flow: validate credentials, create tokens, emit events
+     * Returns token pair on success, null on failure
+     */
+    login<T extends Auth>(Model: ChildModel<T>, credentials: any, deviceInfo?: DeviceInfo): Promise<LoginResult<T> | null>;
+    /**
+     * Logout user
+     * @param user - The authenticated user
+     * @param accessToken - Optional access token string to revoke
+     * @param refreshToken - Optional refresh token string to revoke
+     * If refresh token is not provided, behavior is determined by config:
+     * - "revoke-all" (default): Revoke ALL refresh tokens for security
+     * - "error": Throw error requiring refresh token
+     */
+    logout(user: Auth, accessToken?: string, refreshToken?: string): Promise<void>;
+    /**
+     * Remove specific access token
+     */
+    removeAccessToken(user: Auth, token: string): Promise<void>;
+    /**
+     * Remove all access tokens for a user
+     */
+    removeAllAccessTokens(user: Auth): Promise<void>;
+    /**
+     * Remove specific refresh token
+     */
+    removeRefreshToken(user: Auth, token: string): Promise<void>;
+    /**
+     * Revoke all tokens for a user
+     */
+    revokeAllTokens(user: Auth): Promise<void>;
+    /**
+     * Revoke entire token family (for rotation breach detection)
+     */
+    revokeTokenFamily(familyId: string): Promise<void>;
+    /**
+     * Cleanup expired tokens
+     */
+    cleanupExpiredTokens(): Promise<number>;
+    /**
+     * Enforce max refresh tokens per user
+     */
+    private enforceMaxRefreshTokens;
+    /**
+     * Get active sessions for user
+     */
+    getActiveSessions(user: Auth): Promise<RefreshToken[]>;
+}
+export declare const authService: AuthService;
+export {};
+//# sourceMappingURL=auth.service.d.ts.map

package/esm/services/auth.service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEtD,OAAO,KAAK,EAAE,iBAAiB,EAAE,UAAU,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAEhG,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAKvD,cAAM,WAAW;IACf;;OAEG;IACI,uBAAuB,CAAC,IAAI,EAAE,IAAI;;;;;IAQzC;;OAEG;IACU,mBAAmB,CAAC,IAAI,EAAE,IAAI,EAAE,OAAO,CAAC,EAAE,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAoBvF;;OAEG;IACU,kBAAkB,CAAC,IAAI,EAAE,IAAI,EAAE,UAAU,CAAC,EAAE,UAAU,GAAG,OAAO,CAAC,YAAY,CAAC;IAoC3F;;OAEG;IACU,eAAe,CAAC,IAAI,EAAE,IAAI,EAAE,UAAU,CAAC,EAAE,UAAU,GAAG,OAAO,CAAC,SAAS,CAAC;IAmBrF;;OAEG;IACU,aAAa,CACxB,kBAAkB,EAAE,MAAM,EAC1B,UAAU,CAAC,EAAE,UAAU,GACtB,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;IAoD5B;;OAEG;IACU,cAAc,CAAC,aAAa,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAI5F;;OAEG;IACU,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAI5D;;OAEG;IACU,YAAY,CAAC,CAAC,SAAS,IAAI,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC;IAqB7F;;;OAGG;IACU,KAAK,CAAC,CAAC,SAAS,IAAI,EAC/B,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,EACpB,WAAW,EAAE,GAAG,EAChB,UAAU,CAAC,EAAE,UAAU,GACtB,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;IAqBjC;;;;;;;;OAQG;IACU,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,WAAW,CAAC,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAoC3F;;OAEG;IACU,iBAAiB,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOxE;;OAEG;IACU,qBAAqB,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAO7D;;OAEG;IACU,kBAAkB,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOzE;;OAEG;IACU,eAAe,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAoBvD;;OAEG;IACU,iBAAiB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAc/D;;OAEG;IACU,oBAAoB,IAAI,OAAO,CAAC,MAAM,CAAC;IAcpD;;OAEG;YACW,uBAAuB;IAqBrC;;OAEG;IACU,iBAAiB,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC;CAWpE;AAED,eAAO,MAAM,WAAW,aAAoB,CAAC"}

package/esm/services/auth.service.js

@@ -0,0 +1,322 @@
+import {Random}from'@mongez/reinforcements';import {config,verifyPassword,hashPassword}from'@warlock.js/core';import {AccessToken}from'../models/access-token/access-token.model.js';import {RefreshToken}from'../models/refresh-token/refresh-token.model.js';import {toJwtExpiresIn}from'../utils/duration.js';import {authEvents}from'./auth-events.js';import {jwt}from'./jwt.js';class AuthService {
+    /**
+     * Build access token payload from user
+     */
+    buildAccessTokenPayload(user) {
+        return {
+            id: user.id,
+            userType: user.userType,
+            created_at: Date.now(),
+        };
+    }
+    /**
+     * Generate access token for user
+     */
+    async generateAccessToken(user, payload) {
+        const data = payload || this.buildAccessTokenPayload(user);
+        const expiresInConfig = config.key("auth.jwt.expiresIn");
+        const expiresIn = toJwtExpiresIn(expiresInConfig, 3_600); // default 1 hour
+        // If expiresIn is undefined, token never expires
+        const token = await jwt.generate(data, { expiresIn });
+        const decoed = await jwt.verify(token);
+        // Store in database
+        await AccessToken.create({
+            token,
+            user_id: user.id,
+            user_type: user.userType,
+        });
+        return { token, expiresAt: new Date(decoed.exp * 1_000).toISOString() };
+    }
+    /**
+     * Create refresh token for user
+     */
+    async createRefreshToken(user, deviceInfo) {
+        const familyId = deviceInfo?.familyId || Random.string(32);
+        const payload = {
+            userId: user.id,
+            userType: user.userType,
+            familyId,
+        };
+        const token = await jwt.generateRefreshToken(payload);
+        const decoed = await jwt.verifyRefreshToken(token);
+        // Calculate expiration date (undefined means never expires, but we still set a far future date)
+        const expiresAt = new Date(decoed.exp * 1_000).toISOString();
+        // Enforce max tokens per user
+        await this.enforceMaxRefreshTokens(user);
+        // Store in database
+        return RefreshToken.create({
+            token,
+            user_id: user.id,
+            user_type: user.userType,
+            family_id: familyId,
+            expires_at: expiresAt,
+            device_info: deviceInfo
+                ? {
+                    userAgent: deviceInfo.userAgent,
+                    ip: deviceInfo.ip,
+                    deviceId: deviceInfo.deviceId,
+                }
+                : undefined,
+        });
+    }
+    /**
+     * Create both access and refresh tokens
+     */
+    async createTokenPair(user, deviceInfo) {
+        const accessToken = await this.generateAccessToken(user, deviceInfo?.payload);
+        const refreshToken = await this.createRefreshToken(user, deviceInfo);
+        const tokenPair = {
+            accessToken,
+            refreshToken: {
+                token: refreshToken.get("token"),
+                expiresAt: refreshToken.get("expires_at"),
+            },
+        };
+        // Emit events
+        authEvents.emit("token.created", user, tokenPair);
+        authEvents.emit("session.created", user, refreshToken, deviceInfo);
+        return tokenPair;
+    }
+    /**
+     * Refresh tokens using a refresh token
+     */
+    async refreshTokens(refreshTokenString, deviceInfo) {
+        try {
+            // 1. Verify JWT signature
+            const decoded = await jwt.verifyRefreshToken(refreshTokenString);
+            if (!decoded)
+                return null;
+            // 2. Find token in database
+            const refreshToken = await RefreshToken.first({ token: refreshTokenString });
+            if (!refreshToken?.isValid) {
+                // If token was already used (rotation detection), revoke entire family
+                if (refreshToken) {
+                    await this.revokeTokenFamily(refreshToken.get("family_id"));
+                }
+                return null;
+            }
+            // 3. Get user model and find user
+            const UserModel = config.key(`auth.userType.${decoded.userType}`);
+            if (!UserModel)
+                return null;
+            const user = (await UserModel.find(decoded.userId));
+            if (!user)
+                return null;
+            // 4. Rotate token if enabled (revoke old token)
+            const rotationEnabled = config.key("auth.jwt.refresh.rotation", true);
+            if (rotationEnabled) {
+                await refreshToken.revoke();
+            }
+            else {
+                await refreshToken.markAsUsed();
+            }
+            // 5. Generate new token pair (keep same family)
+            const newTokenPair = await this.createTokenPair(user, {
+                ...deviceInfo,
+                familyId: refreshToken.get("family_id"),
+            });
+            // Emit token refreshed event
+            authEvents.emit("token.refreshed", user, newTokenPair, refreshToken);
+            return newTokenPair;
+        }
+        catch {
+            return null;
+        }
+    }
+    /**
+     * Verify password
+     */
+    async verifyPassword(plainPassword, hashedPassword) {
+        return verifyPassword(plainPassword, hashedPassword);
+    }
+    /**
+     * Hash password
+     */
+    async hashPassword(password) {
+        return hashPassword(password);
+    }
+    /**
+     * Attempt to login user with given credentials
+     */
+    async attemptLogin(Model, data) {
+        const { password, ...otherData } = data;
+        // Emit login attempt event
+        authEvents.emit("login.attempt", otherData);
+        const user = (await Model.first(otherData));
+        if (!user) {
+            authEvents.emit("login.failed", otherData, "User not found");
+            return null;
+        }
+        if (!(await this.verifyPassword(password, user.string("password")))) {
+            authEvents.emit("login.failed", otherData, "Invalid password");
+            return null;
+        }
+        return user;
+    }
+    /**
+     * Full login flow: validate credentials, create tokens, emit events
+     * Returns token pair on success, null on failure
+     */
+    async login(Model, credentials, deviceInfo) {
+        const user = await this.attemptLogin(Model, credentials);
+        if (!user) {
+            return null;
+        }
+        // if no refresh token in config, then return user and access token only
+        if (!config.key("auth.jwt.refresh.enabled", true)) {
+            const accessToken = await this.generateAccessToken(user, deviceInfo?.payload);
+            return { user, tokens: { accessToken } };
+        }
+        const tokens = await this.createTokenPair(user, deviceInfo);
+        // Emit login success event
+        authEvents.emit("login.success", user, tokens, deviceInfo);
+        return { user, tokens };
+    }
+    /**
+     * Logout user
+     * @param user - The authenticated user
+     * @param accessToken - Optional access token string to revoke
+     * @param refreshToken - Optional refresh token string to revoke
+     * If refresh token is not provided, behavior is determined by config:
+     * - "revoke-all" (default): Revoke ALL refresh tokens for security
+     * - "error": Throw error requiring refresh token
+     */
+    async logout(user, accessToken, refreshToken) {
+        // Remove access token if provided
+        if (accessToken) {
+            await this.removeAccessToken(user, accessToken);
+        }
+        if (refreshToken) {
+            // Revoke specific refresh token
+            const token = await RefreshToken.first({
+                token: refreshToken,
+                userId: user.id, // Security: ensure token belongs to this user
+            });
+            if (token) {
+                await token.revoke();
+                authEvents.emit("session.destroyed", user, token);
+            }
+        }
+        else {
+            // No refresh token provided - check configured behavior
+            const behavior = config.key("auth.jwt.refresh.logoutWithoutToken", "revoke-all");
+            if (behavior === "error") {
+                throw new Error("Refresh token required for logout");
+            }
+            // Default: revoke-all (fail-safe)
+            await this.revokeAllTokens(user);
+            authEvents.emit("logout.failsafe", user);
+        }
+        // Emit logout event
+        authEvents.emit("logout", user);
+    }
+    /**
+     * Remove specific access token
+     */
+    async removeAccessToken(user, token) {
+        AccessToken.delete({
+            token,
+            userId: user.id,
+        });
+    }
+    /**
+     * Remove all access tokens for a user
+     */
+    async removeAllAccessTokens(user) {
+        // Delete access token
+        AccessToken.delete({
+            user_id: user.id,
+        });
+    }
+    /**
+     * Remove specific refresh token
+     */
+    async removeRefreshToken(user, token) {
+        RefreshToken.delete({
+            token,
+            userId: user.id,
+        });
+    }
+    /**
+     * Revoke all tokens for a user
+     */
+    async revokeAllTokens(user) {
+        // Revoke all refresh tokens
+        const refreshTokens = await RefreshToken.query()
+            .where("user_id", user.id)
+            .where("user_type", user.userType)
+            .where("revoked_at", null)
+            .get();
+        for (const token of refreshTokens) {
+            await token.revoke();
+            authEvents.emit("token.revoked", user, token);
+        }
+        // Delete all access tokens
+        await this.removeAllAccessTokens(user);
+        // Emit logout all event
+        authEvents.emit("logout.all", user);
+    }
+    /**
+     * Revoke entire token family (for rotation breach detection)
+     */
+    async revokeTokenFamily(familyId) {
+        const tokens = await RefreshToken.query()
+            .where("family_id", familyId)
+            .where("revoked_at", null)
+            .get();
+        for (const token of tokens) {
+            await token.revoke();
+        }
+        // Emit family revoked event
+        authEvents.emit("token.familyRevoked", familyId, tokens);
+    }
+    /**
+     * Cleanup expired tokens
+     */
+    async cleanupExpiredTokens() {
+        const expiredTokens = await RefreshToken.query().where("expires_at", "<", new Date()).get();
+        for (const token of expiredTokens) {
+            authEvents.emit("token.expired", token);
+            await token.destroy();
+        }
+        // Emit cleanup completed event
+        authEvents.emit("cleanup.completed", expiredTokens.length);
+        return expiredTokens.length;
+    }
+    /**
+     * Enforce max refresh tokens per user
+     */
+    async enforceMaxRefreshTokens(user) {
+        const maxPerUser = config.key("auth.jwt.refresh.maxPerUser", 5);
+        const activeTokens = await RefreshToken.query()
+            .where({
+            user_id: user.id,
+            user_type: user.userType,
+            revoked_at: null,
+        })
+            .orderBy("created_at", "asc")
+            .get();
+        // Revoke oldest tokens if exceeding limit
+        if (activeTokens.length >= maxPerUser) {
+            const tokensToRevoke = activeTokens.slice(0, activeTokens.length - maxPerUser + 1);
+            for (const token of tokensToRevoke) {
+                await token.revoke();
+            }
+        }
+    }
+    /**
+     * Get active sessions for user
+     */
+    async getActiveSessions(user) {
+        return RefreshToken.query()
+            .where({
+            user_id: user.id,
+            user_type: user.userType,
+            revoked_at: null,
+        })
+            .where("expires_at", ">", new Date())
+            .orderBy("created_at", "desc")
+            .get();
+    }
+}
+const authService = new AuthService();export{authService};//# sourceMappingURL=auth.service.js.map

package/esm/services/auth.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.service.js","sources":["../../src/services/auth.service.ts"],"sourcesContent":[null],"names":[],"mappings":"sXAWA,MAAM,WAAW,CAAA;AACf;;AAEG;AACI,IAAA,uBAAuB,CAAC,IAAU,EAAA;QACvC,OAAO;YACL,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,QAAQ,EAAE,IAAI,CAAC,QAAQ;AACvB,YAAA,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE;SACvB,CAAC;KACH;AAED;;AAEG;AACI,IAAA,MAAM,mBAAmB,CAAC,IAAU,EAAE,OAAa,EAAA;QACxD,MAAM,IAAI,GAAG,OAAO,IAAI,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAC;QAC3D,MAAM,eAAe,GAAG,MAAM,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QACzD,MAAM,SAAS,GAAG,cAAc,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;;AAGzD,QAAA,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC;QAEtD,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;;QAGvC,MAAM,WAAW,CAAC,MAAM,CAAC;YACvB,KAAK;YACL,OAAO,EAAE,IAAI,CAAC,EAAE;YAChB,SAAS,EAAE,IAAI,CAAC,QAAQ;AACzB,SAAA,CAAC,CAAC;AAEH,QAAA,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,IAAI,CAAC,MAAM,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;KACzE;AAED;;AAEG;AACI,IAAA,MAAM,kBAAkB,CAAC,IAAU,EAAE,UAAuB,EAAA;AACjE,QAAA,MAAM,QAAQ,GAAG,UAAU,EAAE,QAAQ,IAAI,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;AAE3D,QAAA,MAAM,OAAO,GAAG;YACd,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,QAAQ;SACT,CAAC;QAEF,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;QAEtD,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC;;AAGnD,QAAA,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;;AAG7D,QAAA,MAAM,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAC;;QAGzC,OAAO,YAAY,CAAC,MAAM,CAAC;YACzB,KAAK;YACL,OAAO,EAAE,IAAI,CAAC,EAAE;YAChB,SAAS,EAAE,IAAI,CAAC,QAAQ;AACxB,YAAA,SAAS,EAAE,QAAQ;AACnB,YAAA,UAAU,EAAE,SAAS;AACrB,YAAA,WAAW,EAAE,UAAU;AACrB,kBAAE;oBACE,SAAS,EAAE,UAAU,CAAC,SAAS;oBAC/B,EAAE,EAAE,UAAU,CAAC,EAAE;oBACjB,QAAQ,EAAE,UAAU,CAAC,QAAQ;AAC9B,iBAAA;AACH,kBAAE,SAAS;AACd,SAAA,CAAC,CAAC;KACJ;AAED;;AAEG;AACI,IAAA,MAAM,eAAe,CAAC,IAAU,EAAE,UAAuB,EAAA;AAC9D,QAAA,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;QAC9E,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;AAErE,QAAA,MAAM,SAAS,GAAc;YAC3B,WAAW;AACX,YAAA,YAAY,EAAE;AACZ,gBAAA,KAAK,EAAE,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC;AAChC,gBAAA,SAAS,EAAE,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC;AAC1C,aAAA;SACF,CAAC;;QAGF,UAAU,CAAC,IAAI,CAAC,eAAe,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QAClD,UAAU,CAAC,IAAI,CAAC,iBAAiB,EAAE,IAAI,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;AAEnE,QAAA,OAAO,SAAS,CAAC;KAClB;AAED;;AAEG;AACI,IAAA,MAAM,aAAa,CACxB,kBAA0B,EAC1B,UAAuB,EAAA;QAEvB,IAAI;;YAEF,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,kBAAkB,CAIzC,kBAAkB,CAAC,CAAC;AAEvB,YAAA,IAAI,CAAC,OAAO;AAAE,gBAAA,OAAO,IAAI,CAAC;;AAG1B,YAAA,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,kBAAkB,EAAE,CAAC,CAAC;AAE7E,YAAA,IAAI,CAAC,YAAY,EAAE,OAAO,EAAE;;AAE1B,gBAAA,IAAI,YAAY,EAAE;oBAChB,MAAM,IAAI,CAAC,iBAAiB,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC;AAC7D,iBAAA;AACD,gBAAA,OAAO,IAAI,CAAC;AACb,aAAA;;AAGD,YAAA,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,CAAiB,cAAA,EAAA,OAAO,CAAC,QAAQ,CAAE,CAAA,CAAC,CAAC;AAClE,YAAA,IAAI,CAAC,SAAS;AAAE,gBAAA,OAAO,IAAI,CAAC;AAE5B,YAAA,MAAM,IAAI,IAAI,MAAM,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAgB,CAAC;AACnE,YAAA,IAAI,CAAC,IAAI;AAAE,gBAAA,OAAO,IAAI,CAAC;;YAGvB,MAAM,eAAe,GAAG,MAAM,CAAC,GAAG,CAAC,2BAA2B,EAAE,IAAI,CAAC,CAAC;AACtE,YAAA,IAAI,eAAe,EAAE;AACnB,gBAAA,MAAM,YAAY,CAAC,MAAM,EAAE,CAAC;AAC7B,aAAA;AAAM,iBAAA;AACL,gBAAA,MAAM,YAAY,CAAC,UAAU,EAAE,CAAC;AACjC,aAAA;;YAGD,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE;AACpD,gBAAA,GAAG,UAAU;AACb,gBAAA,QAAQ,EAAE,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC;AACxC,aAAA,CAAC,CAAC;;YAGH,UAAU,CAAC,IAAI,CAAC,iBAAiB,EAAE,IAAI,EAAE,YAAY,EAAE,YAAY,CAAC,CAAC;AAErE,YAAA,OAAO,YAAY,CAAC;AACrB,SAAA;QAAC,MAAM;AACN,YAAA,OAAO,IAAI,CAAC;AACb,SAAA;KACF;AAED;;AAEG;AACI,IAAA,MAAM,cAAc,CAAC,aAAqB,EAAE,cAAsB,EAAA;AACvE,QAAA,OAAO,cAAc,CAAC,aAAa,EAAE,cAAc,CAAC,CAAC;KACtD;AAED;;AAEG;IACI,MAAM,YAAY,CAAC,QAAgB,EAAA;AACxC,QAAA,OAAO,YAAY,CAAC,QAAQ,CAAC,CAAC;KAC/B;AAED;;AAEG;AACI,IAAA,MAAM,YAAY,CAAiB,KAAoB,EAAE,IAAS,EAAA;QACvE,MAAM,EAAE,QAAQ,EAAE,GAAG,SAAS,EAAE,GAAG,IAAI,CAAC;;AAGxC,QAAA,UAAU,CAAC,IAAI,CAAC,eAAe,EAAE,SAAS,CAAC,CAAC;QAE5C,MAAM,IAAI,IAAI,MAAM,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC,CAAa,CAAC;QAExD,IAAI,CAAC,IAAI,EAAE;YACT,UAAU,CAAC,IAAI,CAAC,cAAc,EAAE,SAAS,EAAE,gBAAgB,CAAC,CAAC;AAC7D,YAAA,OAAO,IAAI,CAAC;AACb,SAAA;AAED,QAAA,IAAI,EAAE,MAAM,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU,CAAE,CAAC,CAAC,EAAE;YACpE,UAAU,CAAC,IAAI,CAAC,cAAc,EAAE,SAAS,EAAE,kBAAkB,CAAC,CAAC;AAC/D,YAAA,OAAO,IAAI,CAAC;AACb,SAAA;AAED,QAAA,OAAO,IAAI,CAAC;KACb;AAED;;;AAGG;AACI,IAAA,MAAM,KAAK,CAChB,KAAoB,EACpB,WAAgB,EAChB,UAAuB,EAAA;QAEvB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;QAEzD,IAAI,CAAC,IAAI,EAAE;AACT,YAAA,OAAO,IAAI,CAAC;AACb,SAAA;;QAGD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,0BAA0B,EAAE,IAAI,CAAC,EAAE;AACjD,YAAA,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;YAC9E,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,WAAW,EAAE,EAAE,CAAC;AAC1C,SAAA;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;;QAG5D,UAAU,CAAC,IAAI,CAAC,eAAe,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;AAE3D,QAAA,OAAO,EAAE,IAAI,EAAE,MAAM,EAAoB,CAAC;KAC3C;AAED;;;;;;;;AAQG;AACI,IAAA,MAAM,MAAM,CAAC,IAAU,EAAE,WAAoB,EAAE,YAAqB,EAAA;;AAEzE,QAAA,IAAI,WAAW,EAAE;YACf,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;AACjD,SAAA;AAED,QAAA,IAAI,YAAY,EAAE;;AAEhB,YAAA,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC;AACrC,gBAAA,KAAK,EAAE,YAAY;AACnB,gBAAA,MAAM,EAAE,IAAI,CAAC,EAAE;AAChB,aAAA,CAAC,CAAC;AAEH,YAAA,IAAI,KAAK,EAAE;AACT,gBAAA,MAAM,KAAK,CAAC,MAAM,EAAE,CAAC;gBACrB,UAAU,CAAC,IAAI,CAAC,mBAAmB,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;AACnD,aAAA;AACF,SAAA;AAAM,aAAA;;YAEL,MAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,qCAAqC,EAAE,YAAY,CAEpE,CAAC;YAEZ,IAAI,QAAQ,KAAK,OAAO,EAAE;AACxB,gBAAA,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;AACtD,aAAA;;AAGD,YAAA,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;AACjC,YAAA,UAAU,CAAC,IAAI,CAAC,iBAAiB,EAAE,IAAI,CAAC,CAAC;AAC1C,SAAA;;AAGD,QAAA,UAAU,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;KACjC;AAED;;AAEG;AACI,IAAA,MAAM,iBAAiB,CAAC,IAAU,EAAE,KAAa,EAAA;QACtD,WAAW,CAAC,MAAM,CAAC;YACjB,KAAK;YACL,MAAM,EAAE,IAAI,CAAC,EAAE;AAChB,SAAA,CAAC,CAAC;KACJ;AAED;;AAEG;IACI,MAAM,qBAAqB,CAAC,IAAU,EAAA;;QAE3C,WAAW,CAAC,MAAM,CAAC;YACjB,OAAO,EAAE,IAAI,CAAC,EAAE;AACjB,SAAA,CAAC,CAAC;KACJ;AAED;;AAEG;AACI,IAAA,MAAM,kBAAkB,CAAC,IAAU,EAAE,KAAa,EAAA;QACvD,YAAY,CAAC,MAAM,CAAC;YAClB,KAAK;YACL,MAAM,EAAE,IAAI,CAAC,EAAE;AAChB,SAAA,CAAC,CAAC;KACJ;AAED;;AAEG;IACI,MAAM,eAAe,CAAC,IAAU,EAAA;;AAErC,QAAA,MAAM,aAAa,GAAG,MAAM,YAAY,CAAC,KAAK,EAAE;AAC7C,aAAA,KAAK,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC;AACzB,aAAA,KAAK,CAAC,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC;AACjC,aAAA,KAAK,CAAC,YAAY,EAAE,IAAI,CAAC;AACzB,aAAA,GAAG,EAAE,CAAC;AAET,QAAA,KAAK,MAAM,KAAK,IAAI,aAAa,EAAE;AACjC,YAAA,MAAM,KAAK,CAAC,MAAM,EAAE,CAAC;YACrB,UAAU,CAAC,IAAI,CAAC,eAAe,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;AAC/C,SAAA;;AAGD,QAAA,MAAM,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;;AAGvC,QAAA,UAAU,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;KACrC;AAED;;AAEG;IACI,MAAM,iBAAiB,CAAC,QAAgB,EAAA;AAC7C,QAAA,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,EAAE;AACtC,aAAA,KAAK,CAAC,WAAW,EAAE,QAAQ,CAAC;AAC5B,aAAA,KAAK,CAAC,YAAY,EAAE,IAAI,CAAC;AACzB,aAAA,GAAG,EAAE,CAAC;AAET,QAAA,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE;AAC1B,YAAA,MAAM,KAAK,CAAC,MAAM,EAAE,CAAC;AACtB,SAAA;;QAGD,UAAU,CAAC,IAAI,CAAC,qBAAqB,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;KAC1D;AAED;;AAEG;AACI,IAAA,MAAM,oBAAoB,GAAA;QAC/B,MAAM,aAAa,GAAG,MAAM,YAAY,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,YAAY,EAAE,GAAG,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC;AAE5F,QAAA,KAAK,MAAM,KAAK,IAAI,aAAa,EAAE;AACjC,YAAA,UAAU,CAAC,IAAI,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;AACxC,YAAA,MAAM,KAAK,CAAC,OAAO,EAAE,CAAC;AACvB,SAAA;;QAGD,UAAU,CAAC,IAAI,CAAC,mBAAmB,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;QAE3D,OAAO,aAAa,CAAC,MAAM,CAAC;KAC7B;AAED;;AAEG;IACK,MAAM,uBAAuB,CAAC,IAAU,EAAA;QAC9C,MAAM,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,6BAA6B,EAAE,CAAC,CAAC,CAAC;AAEhE,QAAA,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,KAAK,EAAE;AAC5C,aAAA,KAAK,CAAC;YACL,OAAO,EAAE,IAAI,CAAC,EAAE;YAChB,SAAS,EAAE,IAAI,CAAC,QAAQ;AACxB,YAAA,UAAU,EAAE,IAAI;SACjB,CAAC;AACD,aAAA,OAAO,CAAC,YAAY,EAAE,KAAK,CAAC;AAC5B,aAAA,GAAG,EAAE,CAAC;;AAGT,QAAA,IAAI,YAAY,CAAC,MAAM,IAAI,UAAU,EAAE;AACrC,YAAA,MAAM,cAAc,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,MAAM,GAAG,UAAU,GAAG,CAAC,CAAC,CAAC;AACnF,YAAA,KAAK,MAAM,KAAK,IAAI,cAAc,EAAE;AAClC,gBAAA,MAAM,KAAK,CAAC,MAAM,EAAE,CAAC;AACtB,aAAA;AACF,SAAA;KACF;AAED;;AAEG;IACI,MAAM,iBAAiB,CAAC,IAAU,EAAA;QACvC,OAAO,YAAY,CAAC,KAAK,EAAE;AACxB,aAAA,KAAK,CAAC;YACL,OAAO,EAAE,IAAI,CAAC,EAAE;YAChB,SAAS,EAAE,IAAI,CAAC,QAAQ;AACxB,YAAA,UAAU,EAAE,IAAI;SACjB,CAAC;aACD,KAAK,CAAC,YAAY,EAAE,GAAG,EAAE,IAAI,IAAI,EAAE,CAAC;AACpC,aAAA,OAAO,CAAC,YAAY,EAAE,MAAM,CAAC;AAC7B,aAAA,GAAG,EAAE,CAAC;KACV;AACF,CAAA;AAEY,MAAA,WAAW,GAAG,IAAI,WAAW"}

package/esm/services/generate-jwt-secret.d.ts

@@ -0,0 +1,2 @@
+export declare function generateJWTSecret(): Promise<void>;
+//# sourceMappingURL=generate-jwt-secret.d.ts.map

package/esm/services/generate-jwt-secret.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"generate-jwt-secret.d.ts","sourceRoot":"","sources":["../../src/services/generate-jwt-secret.ts"],"names":[],"mappings":"AAKA,wBAAsB,iBAAiB,kBAuDtC"}

package/esm/services/generate-jwt-secret.js

@@ -0,0 +1,47 @@
+import {fileExistsAsync,getFileAsync,putFileAsync}from'@mongez/fs';import {Random}from'@mongez/reinforcements';import {rootPath,environment}from'@warlock.js/core';import {log}from'@warlock.js/logger';async function generateJWTSecret() {
+    let envFile = rootPath(".env");
+    log.info("jwt", "generating", "Generating JWT secrets");
+    const environmentMode = environment();
+    if (!(await fileExistsAsync(envFile))) {
+        const envFileType = environmentMode === "production" ? ".env.production" : ".env.development";
+        envFile = rootPath(envFileType);
+    }
+    if (!(await fileExistsAsync(envFile))) {
+        log.error("jwt", "error", ".env file not found");
+        return;
+    }
+    let contents = await getFileAsync(envFile);
+    const hasJwtSecret = contents.includes("JWT_SECRET");
+    const hasJwtRefreshSecret = contents.includes("JWT_REFRESH_SECRET");
+    if (hasJwtSecret && hasJwtRefreshSecret) {
+        log.warn("jwt", "exists", "JWT secrets already exist in the .env file.");
+        return;
+    }
+    let secretsToAdd = "";
+    if (!hasJwtSecret) {
+        const jwtSecret = Random.string(32);
+        secretsToAdd += `
+# JWT Secret
+JWT_SECRET=${jwtSecret}
+`;
+        log.success("jwt", "generated", "JWT_SECRET generated and added to the .env file.");
+    }
+    else {
+        log.info("jwt", "exists", "JWT_SECRET already exists in the .env file.");
+    }
+    if (!hasJwtRefreshSecret) {
+        const jwtRefreshSecret = Random.string(32);
+        secretsToAdd += `
+# JWT Refresh Secret
+JWT_REFRESH_SECRET=${jwtRefreshSecret}
+`;
+        log.success("jwt", "generated", "JWT_REFRESH_SECRET generated and added to the .env file.");
+    }
+    else {
+        log.info("jwt", "exists", "JWT_REFRESH_SECRET already exists in the .env file.");
+    }
+    if (secretsToAdd) {
+        contents += secretsToAdd;
+        await putFileAsync(envFile, contents);
+    }
+}export{generateJWTSecret};//# sourceMappingURL=generate-jwt-secret.js.map

package/esm/services/generate-jwt-secret.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"generate-jwt-secret.js","sources":["../../src/services/generate-jwt-secret.ts"],"sourcesContent":[null],"names":[],"mappings":"wMAKO,eAAe,iBAAiB,GAAA;AACrC,IAAA,IAAI,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;IAE/B,GAAG,CAAC,IAAI,CAAC,KAAK,EAAE,YAAY,EAAE,wBAAwB,CAAC,CAAC;AAExD,IAAA,MAAM,eAAe,GAAG,WAAW,EAAE,CAAC;IAEtC,IAAI,EAAE,MAAM,eAAe,CAAC,OAAO,CAAC,CAAC,EAAE;AACrC,QAAA,MAAM,WAAW,GAAG,eAAe,KAAK,YAAY,GAAG,iBAAiB,GAAG,kBAAkB,CAAC;AAC9F,QAAA,OAAO,GAAG,QAAQ,CAAC,WAAW,CAAC,CAAC;AACjC,KAAA;IAED,IAAI,EAAE,MAAM,eAAe,CAAC,OAAO,CAAC,CAAC,EAAE;QACrC,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,OAAO,EAAE,qBAAqB,CAAC,CAAC;QACjD,OAAO;AACR,KAAA;AAED,IAAA,IAAI,QAAQ,GAAG,MAAM,YAAY,CAAC,OAAO,CAAC,CAAC;IAE3C,MAAM,YAAY,GAAG,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;IACrD,MAAM,mBAAmB,GAAG,QAAQ,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC;IAEpE,IAAI,YAAY,IAAI,mBAAmB,EAAE;QACvC,GAAG,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,EAAE,6CAA6C,CAAC,CAAC;QACzE,OAAO;AACR,KAAA;IAED,IAAI,YAAY,GAAG,EAAE,CAAC;IAEtB,IAAI,CAAC,YAAY,EAAE;QACjB,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;AACpC,QAAA,YAAY,IAAI,CAAA;;aAEP,SAAS,CAAA;CACrB,CAAC;QACE,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,WAAW,EAAE,kDAAkD,CAAC,CAAC;AACrF,KAAA;AAAM,SAAA;QACL,GAAG,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,EAAE,6CAA6C,CAAC,CAAC;AAC1E,KAAA;IAED,IAAI,CAAC,mBAAmB,EAAE;QACxB,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;AAC3C,QAAA,YAAY,IAAI,CAAA;;qBAEC,gBAAgB,CAAA;CACpC,CAAC;QACE,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,WAAW,EAAE,0DAA0D,CAAC,CAAC;AAC7F,KAAA;AAAM,SAAA;QACL,GAAG,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,EAAE,qDAAqD,CAAC,CAAC;AAClF,KAAA;AAED,IAAA,IAAI,YAAY,EAAE;QAChB,QAAQ,IAAI,YAAY,CAAC;AACzB,QAAA,MAAM,YAAY,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;AACvC,KAAA;AACH"}

package/esm/services/index.d.ts

@@ -0,0 +1,5 @@
+export * from "./auth-events";
+export * from "./auth.service";
+export * from "./generate-jwt-secret";
+export * from "./jwt";
+//# sourceMappingURL=index.d.ts.map

package/esm/services/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/services/index.ts"],"names":[],"mappings":"AAAA,cAAc,eAAe,CAAC;AAC9B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,uBAAuB,CAAC;AACtC,cAAc,OAAO,CAAC"}

package/esm/services/jwt.d.ts

@@ -0,0 +1,23 @@
+import { type SignerOptions, type VerifierOptions } from "fast-jwt";
+export declare const jwt: {
+    /**
+     * Generate a new JWT token for the user.
+     * @param payload The payload to encode in the JWT token.
+     */
+    generate(payload: any, { key, algorithm, ...options }?: any): Promise<string>;
+    /**
+     * Verify the given token.
+     * @param token The JWT token to verify.
+     * @returns The decoded token payload if verification is successful.
+     */
+    verify<T = any>(token: string, { key, algorithms, ...options }?: any): Promise<T>;
+    /**
+     * Generate a new refresh token for the user.
+     */
+    generateRefreshToken(payload: any, { key, expiresIn, algorithm, ...options }?: any): Promise<string>;
+    /**
+     * Verify the given refresh token.
+     */
+    verifyRefreshToken<T_1 = any>(token: string, { key, algorithms, ...options }?: any): Promise<T_1>;
+};
+//# sourceMappingURL=jwt.d.ts.map

package/esm/services/jwt.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../src/services/jwt.ts"],"names":[],"mappings":"AACA,OAAO,EAIL,KAAK,aAAa,EAClB,KAAK,eAAe,EACrB,MAAM,UAAU,CAAC;AASlB,eAAO,MAAM,GAAG;IACd;;;OAGG;sBAEQ,GAAG,yCAMX,QAAQ,MAAM,CAAC;IAQlB;;;;OAIG;2BAEM,MAAM;IAYf;;OAEG;kCAEQ,GAAG,oDAOX,QAAQ,MAAM,CAAC;IAKlB;;OAEG;yCAEM,MAAM;CAUhB,CAAC"}

package/esm/services/jwt.js

@@ -0,0 +1,40 @@
+import {config}from'@warlock.js/core';import {createSigner,createVerifier}from'fast-jwt';const getSecretKey = () => config.key("auth.jwt.secret");
+const getAlgorithm = () => config.key("auth.jwt.algorithm", "HS256");
+const getRefreshSecretKey = () => config.key("auth.jwt.refresh.secret");
+// Assuming there's a separate config for refresh token validity, for example, '7d' for 7 days
+const getRefreshTokenValidity = () => config.key("auth.jwt.refresh.expiresIn");
+const jwt = {
+    /**
+     * Generate a new JWT token for the user.
+     * @param payload The payload to encode in the JWT token.
+     */
+    async generate(payload, { key = getSecretKey(), algorithm = getAlgorithm(), ...options } = {}) {
+        // Create a signer function with predefined options
+        const sign = createSigner({ key, ...options, algorithm });
+        const token = await sign({ ...payload });
+        return token;
+    },
+    /**
+     * Verify the given token.
+     * @param token The JWT token to verify.
+     * @returns The decoded token payload if verification is successful.
+     */
+    async verify(token, { key = getSecretKey(), algorithms = getAlgorithm() ? [getAlgorithm()] : undefined, ...options } = {}) {
+        const verify = createVerifier({ key, ...options, algorithms });
+        return await verify(token);
+    },
+    /**
+     * Generate a new refresh token for the user.
+     */
+    async generateRefreshToken(payload, { key = getRefreshSecretKey(), expiresIn = getRefreshTokenValidity(), algorithm = getAlgorithm(), ...options } = {}) {
+        const sign = createSigner({ key, expiresIn, algorithm, ...options });
+        return sign({ ...payload });
+    },
+    /**
+     * Verify the given refresh token.
+     */
+    async verifyRefreshToken(token, { key = getRefreshSecretKey(), algorithms = [getAlgorithm()], ...options } = {}) {
+        const verify = createVerifier({ key, algorithms, ...options });
+        return await verify(token);
+    },
+};export{jwt};//# sourceMappingURL=jwt.js.map

package/esm/services/jwt.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.js","sources":["../../src/services/jwt.ts"],"sourcesContent":[null],"names":[],"mappings":"yFASA,MAAM,YAAY,GAAG,MAAM,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAW,CAAC;AACnE,MAAM,YAAY,GAAG,MAAM,MAAM,CAAC,GAAG,CAAC,oBAAoB,EAAE,OAAO,CAAc,CAAC;AAElF,MAAM,mBAAmB,GAAG,MAAM,MAAM,CAAC,GAAG,CAAC,yBAAyB,CAAW,CAAC;AAClF;AACA,MAAM,uBAAuB,GAAG,MAAM,MAAM,CAAC,GAAG,CAAC,4BAA4B,CAAoB,CAAC;AAErF,MAAA,GAAG,GAAG;AACjB;;;AAGG;AACH,IAAA,MAAM,QAAQ,CACZ,OAAY,EACZ,EACE,GAAG,GAAG,YAAY,EAAE,EACpB,SAAS,GAAG,YAAY,EAAE,EAC1B,GAAG,OAAO,KAC0B,EAAE,EAAA;;AAGxC,QAAA,MAAM,IAAI,GAAG,YAAY,CAAC,EAAE,GAAG,EAAE,GAAG,OAAO,EAAE,SAAS,EAAE,CAAC,CAAC;QAE1D,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;AACzC,QAAA,OAAO,KAAK,CAAC;KACd;AAED;;;;AAIG;AACH,IAAA,MAAM,MAAM,CACV,KAAa,EACb,EACE,GAAG,GAAG,YAAY,EAAE,EACpB,UAAU,GAAG,YAAY,EAAE,GAAG,CAAC,YAAY,EAAE,CAAC,GAAG,SAAS,EAC1D,GAAG,OAAO,KAC4B,EAAE,EAAA;AAE1C,QAAA,MAAM,MAAM,GAAG,cAAc,CAAC,EAAE,GAAG,EAAE,GAAG,OAAO,EAAE,UAAU,EAAE,CAAC,CAAC;AAE/D,QAAA,OAAO,MAAM,MAAM,CAAC,KAAe,CAAC,CAAC;KACtC;AAED;;AAEG;IACH,MAAM,oBAAoB,CACxB,OAAY,EACZ,EACE,GAAG,GAAG,mBAAmB,EAAE,EAC3B,SAAS,GAAG,uBAAuB,EAAE,EACrC,SAAS,GAAG,YAAY,EAAE,EAC1B,GAAG,OAAO,EAAA,GAC0B,EAAE,EAAA;AAExC,QAAA,MAAM,IAAI,GAAG,YAAY,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;AACrE,QAAA,OAAO,IAAI,CAAC,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;KAC7B;AAED;;AAEG;IACH,MAAM,kBAAkB,CACtB,KAAa,EACb,EACE,GAAG,GAAG,mBAAmB,EAAE,EAC3B,UAAU,GAAG,CAAC,YAAY,EAAE,CAAC,EAC7B,GAAG,OAAO,EAAA,GAC4B,EAAE,EAAA;AAE1C,QAAA,MAAM,MAAM,GAAG,cAAc,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;AAC/D,QAAA,OAAO,MAAM,MAAM,CAAC,KAAK,CAAC,CAAC;KAC5B;"}