@warlock.js/auth 4.0.30 → 4.0.39

package/cjs/services/auth-events.d.ts

@@ -1,84 +0,0 @@
-import { type EventSubscription } from "@mongez/events";
-import type { DeviceInfo, TokenPair } from "../contracts/types";
-import type { Auth } from "../models/auth";
-import type { RefreshToken } from "../models/refresh-token";
-/**
- * Auth event payload types
- */
-export type AuthEventPayloads = {
-    "login.success": [user: Auth, tokenPair: TokenPair, deviceInfo?: DeviceInfo];
-    "login.failed": [credentials: {
-        email?: string;
-        username?: string;
-    }, reason: string];
-    "login.attempt": [credentials: {
-        email?: string;
-        username?: string;
-    }];
-    logout: [user: Auth];
-    "logout.all": [user: Auth];
-    "token.created": [user: Auth, tokenPair: TokenPair];
-    "token.refreshed": [user: Auth, newTokenPair: TokenPair, oldRefreshToken: RefreshToken];
-    "token.revoked": [user: Auth, token: RefreshToken];
-    "token.expired": [token: RefreshToken];
-    "token.familyRevoked": [familyId: string, tokens: RefreshToken[]];
-    "password.changed": [user: Auth];
-    "password.resetRequested": [user: Auth, resetToken: string];
-    "password.reset": [user: Auth];
-    "session.created": [user: Auth, refreshToken: RefreshToken, deviceInfo?: DeviceInfo];
-    "session.destroyed": [user: Auth, refreshToken: RefreshToken];
-    "cleanup.completed": [expiredCount: number];
-};
-/**
- * Auth event names
- */
-export type AuthEventName = keyof AuthEventPayloads;
-/**
- * Callback type for a specific event
- */
-export type AuthEventCallback<T extends AuthEventName> = (...args: AuthEventPayloads[T]) => void | Promise<void>;
-/**
- * Type-safe auth events manager
- *
- * @example
- * ```typescript
- * // Subscribe to events with full autocomplete
- * authEvents.on("login.success", (user, tokenPair, deviceInfo) => {
- *   console.log(`User ${user.id} logged in`);
- * });
- *
- * authEvents.on("token.refreshed", (user, newPair, oldToken) => {
- *   console.log(`Token refreshed for user ${user.id}`);
- * });
- *
- * // Trigger events
- * authEvents.emit("login.success", user, tokenPair, deviceInfo);
- * ```
- */
-export declare const authEvents: {
-    /**
-     * Subscribe to an auth event
-     */
-    on<T extends keyof AuthEventPayloads>(event: T, callback: AuthEventCallback<T>): EventSubscription;
-    /**
-     * Subscribe to an auth event (alias for `on`)
-     */
-    subscribe<T_1 extends keyof AuthEventPayloads>(event: T_1, callback: AuthEventCallback<T_1>): EventSubscription;
-    /**
-     * Emit an auth event
-     */
-    emit<T_2 extends keyof AuthEventPayloads>(event: T_2, ...args: AuthEventPayloads[T_2]): void;
-    /**
-     * Emit an auth event (alias for `emit`)
-     */
-    trigger<T_3 extends keyof AuthEventPayloads>(event: T_3, ...args: AuthEventPayloads[T_3]): void;
-    /**
-     * Unsubscribe from all auth events
-     */
-    unsubscribeAll(): void;
-    /**
-     * Unsubscribe from a specific auth event
-     */
-    off(event?: AuthEventName): void;
-};
-//# sourceMappingURL=auth-events.d.ts.map

package/cjs/services/auth-events.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"auth-events.d.ts","sourceRoot":"","sources":["../../src/services/auth-events.ts"],"names":[],"mappings":"AAAA,OAAe,EAAE,KAAK,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AAChE,OAAO,KAAK,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAChE,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAE5D;;GAEG;AACH,MAAM,MAAM,iBAAiB,GAAG;IAE9B,eAAe,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE,UAAU,CAAC,CAAC;IAC7E,cAAc,EAAE,CAAC,WAAW,EAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;IACrF,eAAe,EAAE,CAAC,WAAW,EAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAGtE,MAAM,EAAE,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACrB,YAAY,EAAE,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAG3B,eAAe,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;IACpD,iBAAiB,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,YAAY,EAAE,SAAS,EAAE,eAAe,EAAE,YAAY,CAAC,CAAC;IACxF,eAAe,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;IACnD,eAAe,EAAE,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;IACvC,qBAAqB,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC,CAAC;IAGlE,kBAAkB,EAAE,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACjC,yBAAyB,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;IAC5D,gBAAgB,EAAE,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAG/B,iBAAiB,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,YAAY,EAAE,YAAY,EAAE,UAAU,CAAC,EAAE,UAAU,CAAC,CAAC;IACrF,mBAAmB,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,YAAY,EAAE,YAAY,CAAC,CAAC;IAG9D,mBAAmB,EAAE,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;CAC7C,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,MAAM,iBAAiB,CAAC;AAEpD;;GAEG;AACH,MAAM,MAAM,iBAAiB,CAAC,CAAC,SAAS,aAAa,IAAI,CACvD,GAAG,IAAI,EAAE,iBAAiB,CAAC,CAAC,CAAC,KAC1B,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;AAO1B;;;;;;;;;;;;;;;;;GAiBG;AACH,eAAO,MAAM,UAAU;IACrB;;OAEG;qFACoE,iBAAiB;IAIxF;;OAEG;kGAC2E,iBAAiB;IAI/F;;OAEG;4FACqE,IAAI;IAI5E;;OAEG;+FACwE,IAAI;IAI/E;;OAEG;sBACe,IAAI;IAItB;;OAEG;gBACS,aAAa,GAAG,IAAI;CAOjC,CAAC"}

package/cjs/services/auth-events.js

@@ -1,65 +0,0 @@
-'use strict';var events=require('@mongez/events');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}var events__default=/*#__PURE__*/_interopDefault(events);/**
- * Event namespace prefix for auth events
- */
-const AUTH_EVENT_PREFIX = "auth.";
-/**
- * Type-safe auth events manager
- *
- * @example
- * ```typescript
- * // Subscribe to events with full autocomplete
- * authEvents.on("login.success", (user, tokenPair, deviceInfo) => {
- *   console.log(`User ${user.id} logged in`);
- * });
- *
- * authEvents.on("token.refreshed", (user, newPair, oldToken) => {
- *   console.log(`Token refreshed for user ${user.id}`);
- * });
- *
- * // Trigger events
- * authEvents.emit("login.success", user, tokenPair, deviceInfo);
- * ```
- */
-const authEvents = {
-    /**
-     * Subscribe to an auth event
-     */
-    on(event, callback) {
-        return events__default.default.subscribe(AUTH_EVENT_PREFIX + event, callback);
-    },
-    /**
-     * Subscribe to an auth event (alias for `on`)
-     */
-    subscribe(event, callback) {
-        return this.on(event, callback);
-    },
-    /**
-     * Emit an auth event
-     */
-    emit(event, ...args) {
-        events__default.default.trigger(AUTH_EVENT_PREFIX + event, ...args);
-    },
-    /**
-     * Emit an auth event (alias for `emit`)
-     */
-    trigger(event, ...args) {
-        this.emit(event, ...args);
-    },
-    /**
-     * Unsubscribe from all auth events
-     */
-    unsubscribeAll() {
-        events__default.default.unsubscribeNamespace(AUTH_EVENT_PREFIX.slice(0, -1));
-    },
-    /**
-     * Unsubscribe from a specific auth event
-     */
-    off(event) {
-        if (event) {
-            events__default.default.unsubscribe(AUTH_EVENT_PREFIX + event);
-        }
-        else {
-            this.unsubscribeAll();
-        }
-    },
-};exports.authEvents=authEvents;//# sourceMappingURL=auth-events.js.map

package/cjs/services/auth-events.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"auth-events.js","sources":["../../src/services/auth-events.ts"],"sourcesContent":[null],"names":["events"],"mappings":"4KAkDA;;AAEG;AACH,MAAM,iBAAiB,GAAG,OAAO,CAAC;AAElC;;;;;;;;;;;;;;;;;AAiBG;AACU,MAAA,UAAU,GAAG;AACxB;;AAEG;IACH,EAAE,CAA0B,KAAQ,EAAE,QAA8B,EAAA;QAClE,OAAOA,uBAAM,CAAC,SAAS,CAAC,iBAAiB,GAAG,KAAK,EAAE,QAAoB,CAAC,CAAC;KAC1E;AAED;;AAEG;IACH,SAAS,CAA0B,KAAQ,EAAE,QAA8B,EAAA;QACzE,OAAO,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;KACjC;AAED;;AAEG;AACH,IAAA,IAAI,CAA0B,KAAQ,EAAE,GAAG,IAA0B,EAAA;QACnEA,uBAAM,CAAC,OAAO,CAAC,iBAAiB,GAAG,KAAK,EAAE,GAAG,IAAI,CAAC,CAAC;KACpD;AAED;;AAEG;AACH,IAAA,OAAO,CAA0B,KAAQ,EAAE,GAAG,IAA0B,EAAA;QACtE,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,GAAG,IAAI,CAAC,CAAC;KAC3B;AAED;;AAEG;IACH,cAAc,GAAA;AACZ,QAAAA,uBAAM,CAAC,oBAAoB,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;KAC7D;AAED;;AAEG;AACH,IAAA,GAAG,CAAC,KAAqB,EAAA;AACvB,QAAA,IAAI,KAAK,EAAE;AACT,YAAAA,uBAAM,CAAC,WAAW,CAAC,iBAAiB,GAAG,KAAK,CAAC,CAAC;AAC/C,SAAA;AAAM,aAAA;YACL,IAAI,CAAC,cAAc,EAAE,CAAC;AACvB,SAAA;KACF;"}

package/cjs/services/auth.service.d.ts

@@ -1,78 +0,0 @@
-import type { ChildModel } from "@warlock.js/cascade";
-import type { DeviceInfo, TokenPair } from "../contracts/types";
-import type { Auth } from "../models/auth";
-import { RefreshToken } from "../models/refresh-token";
-declare class AuthService {
-    /**
-     * Build access token payload from user
-     */
-    buildAccessTokenPayload(user: Auth): {
-        id: any;
-        _id: any;
-        userType: string;
-        createdAt: number;
-    };
-    /**
-     * Generate access token for user
-     */
-    generateAccessToken(user: Auth, payload?: any): Promise<string>;
-    /**
-     * Create refresh token for user
-     */
-    createRefreshToken(user: Auth, deviceInfo?: DeviceInfo): Promise<RefreshToken>;
-    /**
-     * Create both access and refresh tokens
-     */
-    createTokenPair(user: Auth, deviceInfo?: DeviceInfo): Promise<TokenPair>;
-    /**
-     * Refresh tokens using a refresh token
-     */
-    refreshTokens(refreshTokenString: string, deviceInfo?: DeviceInfo): Promise<TokenPair | null>;
-    /**
-     * Verify password
-     */
-    verifyPassword(hashedPassword: string, plainPassword: string): boolean;
-    /**
-     * Attempt to login user with given credentials
-     */
-    attemptLogin<T>(Model: ChildModel<T>, data: any): Promise<T | null>;
-    /**
-     * Full login flow: validate credentials, create tokens, emit events
-     * Returns token pair on success, null on failure
-     */
-    login<T extends Auth>(Model: ChildModel<T>, credentials: any, deviceInfo?: DeviceInfo): Promise<{
-        user: T;
-        tokens: TokenPair;
-    } | null>;
-    /**
-     * Logout user (revoke specific refresh token)
-     */
-    logout(user: Auth, refreshToken?: RefreshToken): Promise<void>;
-    /**
-     * Remove specific access token
-     */
-    removeAccessToken(user: Auth, token: string): Promise<void>;
-    /**
-     * Revoke all tokens for a user
-     */
-    revokeAllTokens(user: Auth): Promise<void>;
-    /**
-     * Revoke entire token family (for rotation breach detection)
-     */
-    revokeTokenFamily(familyId: string): Promise<void>;
-    /**
-     * Cleanup expired tokens
-     */
-    cleanupExpiredTokens(): Promise<number>;
-    /**
-     * Enforce max refresh tokens per user
-     */
-    private enforceMaxRefreshTokens;
-    /**
-     * Get active sessions for user
-     */
-    getActiveSessions(user: Auth): Promise<RefreshToken[]>;
-}
-export declare const authService: AuthService;
-export {};
-//# sourceMappingURL=auth.service.d.ts.map

package/cjs/services/auth.service.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEtD,OAAO,KAAK,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAEhE,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAKvD,cAAM,WAAW;IACf;;OAEG;IACI,uBAAuB,CAAC,IAAI,EAAE,IAAI;;;;;;IASzC;;OAEG;IACU,mBAAmB,CAAC,IAAI,EAAE,IAAI,EAAE,OAAO,CAAC,EAAE,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC;IAiB5E;;OAEG;IACU,kBAAkB,CAAC,IAAI,EAAE,IAAI,EAAE,UAAU,CAAC,EAAE,UAAU,GAAG,OAAO,CAAC,YAAY,CAAC;IAsC3F;;OAEG;IACU,eAAe,CAAC,IAAI,EAAE,IAAI,EAAE,UAAU,CAAC,EAAE,UAAU,GAAG,OAAO,CAAC,SAAS,CAAC;IAiBrF;;OAEG;IACU,aAAa,CACxB,kBAAkB,EAAE,MAAM,EAC1B,UAAU,CAAC,EAAE,UAAU,GACtB,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;IAoD5B;;OAEG;IACI,cAAc,CAAC,cAAc,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,GAAG,OAAO;IAI7E;;OAEG;IACU,YAAY,CAAC,CAAC,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC;IAqBhF;;;OAGG;IACU,KAAK,CAAC,CAAC,SAAS,IAAI,EAC/B,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,EACpB,WAAW,EAAE,GAAG,EAChB,UAAU,CAAC,EAAE,UAAU,GACtB,OAAO,CAAC;QAAE,IAAI,EAAE,CAAC,CAAC;QAAC,MAAM,EAAE,SAAS,CAAA;KAAE,GAAG,IAAI,CAAC;IAejD;;OAEG;IACU,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,YAAY,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC;IAU3E;;OAEG;IACU,iBAAiB,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOxE;;OAEG;IACU,eAAe,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAuBvD;;OAEG;IACU,iBAAiB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAc/D;;OAEG;IACU,oBAAoB,IAAI,OAAO,CAAC,MAAM,CAAC;IAcpD;;OAEG;YACW,uBAAuB;IAmBrC;;OAEG;IACU,iBAAiB,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC;CASpE;AAED,eAAO,MAAM,WAAW,aAAoB,CAAC"}

package/cjs/services/auth.service.js

@@ -1,265 +0,0 @@
-'use strict';var password=require('@mongez/password'),reinforcements=require('@mongez/reinforcements'),core=require('@warlock.js/core'),accessToken=require('../models/access-token/access-token.js');require('../models/access-token/migration.js');var refreshToken=require('../models/refresh-token/refresh-token.js'),duration=require('../utils/duration.js'),authEvents=require('./auth-events.js'),jwt=require('./jwt.js');class AuthService {
-    /**
-     * Build access token payload from user
-     */
-    buildAccessTokenPayload(user) {
-        return {
-            id: user.id,
-            _id: user._id,
-            userType: user.userType,
-            createdAt: Date.now(),
-        };
-    }
-    /**
-     * Generate access token for user
-     */
-    async generateAccessToken(user, payload) {
-        const data = payload || this.buildAccessTokenPayload(user);
-        const expiresInConfig = core.config.key("auth.jwt.expiresIn");
-        const expiresIn = duration.toJwtExpiresIn(expiresInConfig, 3600000); // default 1 hour
-        // If expiresIn is undefined, token never expires
-        const token = expiresIn ? await jwt.jwt.generate(data, { expiresIn }) : await jwt.jwt.generate(data);
-        // Store in database (fire and forget)
-        accessToken.AccessToken.create({
-            token,
-            user: data,
-        });
-        return token;
-    }
-    /**
-     * Create refresh token for user
-     */
-    async createRefreshToken(user, deviceInfo) {
-        const familyId = deviceInfo?.familyId || reinforcements.Random.string(32);
-        const expiresInConfig = core.config.key("auth.jwt.refresh.expiresIn");
-        const expiresInMs = duration.parseExpirationToMs(expiresInConfig, 7 * 24 * 60 * 60 * 1000); // default 7 days
-        const payload = {
-            userId: user.id,
-            userType: user.userType,
-            familyId,
-        };
-        const token = await jwt.jwt.generateRefreshToken(payload);
-        // Enforce max tokens per user
-        await this.enforceMaxRefreshTokens(user);
-        // Calculate expiration date (undefined means never expires, but we still set a far future date)
-        const expiresAt = expiresInMs
-            ? new Date(Date.now() + expiresInMs)
-            : new Date(Date.now() + 100 * 365 * 24 * 60 * 60 * 1000);
-        // Store in database
-        return refreshToken.RefreshToken.create({
-            token,
-            userId: user.id,
-            userType: user.userType,
-            familyId,
-            expiresAt,
-            deviceInfo: deviceInfo
-                ? {
-                    userAgent: deviceInfo.userAgent,
-                    ip: deviceInfo.ip,
-                    deviceId: deviceInfo.deviceId,
-                }
-                : undefined,
-        });
-    }
-    /**
-     * Create both access and refresh tokens
-     */
-    async createTokenPair(user, deviceInfo) {
-        const accessToken = await this.generateAccessToken(user);
-        const refreshToken = await this.createRefreshToken(user, deviceInfo);
-        const tokenPair = {
-            accessToken,
-            refreshToken: refreshToken.get("token"),
-            expiresIn: core.config.key("auth.jwt.expiresIn", "1h"),
-        };
-        // Emit events
-        authEvents.authEvents.emit("token.created", user, tokenPair);
-        authEvents.authEvents.emit("session.created", user, refreshToken, deviceInfo);
-        return tokenPair;
-    }
-    /**
-     * Refresh tokens using a refresh token
-     */
-    async refreshTokens(refreshTokenString, deviceInfo) {
-        try {
-            // 1. Verify JWT signature
-            const decoded = await jwt.jwt.verifyRefreshToken(refreshTokenString);
-            if (!decoded)
-                return null;
-            // 2. Find token in database
-            const refreshToken$1 = await refreshToken.RefreshToken.first({ token: refreshTokenString });
-            if (!refreshToken$1?.isValid) {
-                // If token was already used (rotation detection), revoke entire family
-                if (refreshToken$1) {
-                    await this.revokeTokenFamily(refreshToken$1.get("familyId"));
-                }
-                return null;
-            }
-            // 3. Get user model and find user
-            const UserModel = core.config.key(`auth.userType.${decoded.userType}`);
-            if (!UserModel)
-                return null;
-            const user = (await UserModel.find(decoded.userId));
-            if (!user)
-                return null;
-            // 4. Rotate token if enabled (revoke old token)
-            const rotationEnabled = core.config.key("auth.jwt.refresh.rotation", true);
-            if (rotationEnabled) {
-                await refreshToken$1.revoke();
-            }
-            else {
-                await refreshToken$1.markAsUsed();
-            }
-            // 5. Generate new token pair (keep same family)
-            const newTokenPair = await this.createTokenPair(user, {
-                ...deviceInfo,
-                familyId: refreshToken$1.get("familyId"),
-            });
-            // Emit token refreshed event
-            authEvents.authEvents.emit("token.refreshed", user, newTokenPair, refreshToken$1);
-            return newTokenPair;
-        }
-        catch {
-            return null;
-        }
-    }
-    /**
-     * Verify password
-     */
-    verifyPassword(hashedPassword, plainPassword) {
-        return password.verify(String(hashedPassword), String(plainPassword));
-    }
-    /**
-     * Attempt to login user with given credentials
-     */
-    async attemptLogin(Model, data) {
-        const { password, ...otherData } = data;
-        // Emit login attempt event
-        authEvents.authEvents.emit("login.attempt", otherData);
-        const user = (await Model.first(otherData));
-        if (!user) {
-            authEvents.authEvents.emit("login.failed", otherData, "User not found");
-            return null;
-        }
-        if (!this.verifyPassword(user.get("password"), password)) {
-            authEvents.authEvents.emit("login.failed", otherData, "Invalid password");
-            return null;
-        }
-        return user;
-    }
-    /**
-     * Full login flow: validate credentials, create tokens, emit events
-     * Returns token pair on success, null on failure
-     */
-    async login(Model, credentials, deviceInfo) {
-        const user = await this.attemptLogin(Model, credentials);
-        if (!user) {
-            return null;
-        }
-        const tokens = await this.createTokenPair(user, deviceInfo);
-        // Emit login success event
-        authEvents.authEvents.emit("login.success", user, tokens, deviceInfo);
-        return { user, tokens };
-    }
-    /**
-     * Logout user (revoke specific refresh token)
-     */
-    async logout(user, refreshToken) {
-        if (refreshToken) {
-            await refreshToken.revoke();
-            authEvents.authEvents.emit("session.destroyed", user, refreshToken);
-        }
-        // Emit logout event
-        authEvents.authEvents.emit("logout", user);
-    }
-    /**
-     * Remove specific access token
-     */
-    async removeAccessToken(user, token) {
-        accessToken.AccessToken.delete({
-            token,
-            "user.id": user.id,
-        });
-    }
-    /**
-     * Revoke all tokens for a user
-     */
-    async revokeAllTokens(user) {
-        // Revoke all refresh tokens
-        const refreshTokens = await refreshToken.RefreshToken.aggregate()
-            .where("userId", user.id)
-            .where("userType", user.userType)
-            .where("revokedAt", null)
-            .get();
-        for (const token of refreshTokens) {
-            await token.revoke();
-            authEvents.authEvents.emit("token.revoked", user, token);
-        }
-        // Delete all access tokens
-        await accessToken.AccessToken.delete({
-            "user.id": user.id,
-            "user.userType": user.userType,
-        });
-        // Emit logout all event
-        authEvents.authEvents.emit("logout.all", user);
-    }
-    /**
-     * Revoke entire token family (for rotation breach detection)
-     */
-    async revokeTokenFamily(familyId) {
-        const tokens = await refreshToken.RefreshToken.aggregate()
-            .where("familyId", familyId)
-            .where("revokedAt", null)
-            .get();
-        for (const token of tokens) {
-            await token.revoke();
-        }
-        // Emit family revoked event
-        authEvents.authEvents.emit("token.familyRevoked", familyId, tokens);
-    }
-    /**
-     * Cleanup expired tokens
-     */
-    async cleanupExpiredTokens() {
-        const expiredTokens = await refreshToken.RefreshToken.aggregate().where("expiresAt", "<", new Date()).get();
-        for (const token of expiredTokens) {
-            authEvents.authEvents.emit("token.expired", token);
-            await token.destroy();
-        }
-        // Emit cleanup completed event
-        authEvents.authEvents.emit("cleanup.completed", expiredTokens.length);
-        return expiredTokens.length;
-    }
-    /**
-     * Enforce max refresh tokens per user
-     */
-    async enforceMaxRefreshTokens(user) {
-        const maxPerUser = core.config.key("auth.jwt.refresh.maxPerUser", 5);
-        const activeTokens = await refreshToken.RefreshToken.aggregate()
-            .where("userId", user.id)
-            .where("userType", user.userType)
-            .where("revokedAt", null)
-            .sort("createdAt", "asc")
-            .get();
-        // Revoke oldest tokens if exceeding limit
-        if (activeTokens.length >= maxPerUser) {
-            const tokensToRevoke = activeTokens.slice(0, activeTokens.length - maxPerUser + 1);
-            for (const token of tokensToRevoke) {
-                await token.revoke();
-            }
-        }
-    }
-    /**
-     * Get active sessions for user
-     */
-    async getActiveSessions(user) {
-        return refreshToken.RefreshToken.aggregate()
-            .where("userId", user.id)
-            .where("userType", user.userType)
-            .where("revokedAt", null)
-            .where("expiresAt", ">", new Date())
-            .sort("createdAt", "desc")
-            .get();
-    }
-}
-const authService = new AuthService();exports.authService=authService;//# sourceMappingURL=auth.service.js.map

package/cjs/services/auth.service.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"auth.service.js","sources":["../../src/services/auth.service.ts"],"sourcesContent":[null],"names":["config","toJwtExpiresIn","jwt","AccessToken","Random","parseExpirationToMs","RefreshToken","authEvents","refreshToken","verify"],"mappings":"kaAYA,MAAM,WAAW,CAAA;AACf;;AAEG;AACI,IAAA,uBAAuB,CAAC,IAAU,EAAA;QACvC,OAAO;YACL,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,QAAQ,EAAE,IAAI,CAAC,QAAQ;AACvB,YAAA,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;SACtB,CAAC;KACH;AAED;;AAEG;AACI,IAAA,MAAM,mBAAmB,CAAC,IAAU,EAAE,OAAa,EAAA;QACxD,MAAM,IAAI,GAAG,OAAO,IAAI,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAC;QAC3D,MAAM,eAAe,GAAGA,WAAM,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QACzD,MAAM,SAAS,GAAGC,uBAAc,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;;QAG3D,MAAM,KAAK,GAAG,SAAS,GAAG,MAAMC,OAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,CAAC,GAAG,MAAMA,OAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;;QAG7FC,uBAAW,CAAC,MAAM,CAAC;YACjB,KAAK;AACL,YAAA,IAAI,EAAE,IAAI;AACX,SAAA,CAAC,CAAC;AAEH,QAAA,OAAO,KAAK,CAAC;KACd;AAED;;AAEG;AACI,IAAA,MAAM,kBAAkB,CAAC,IAAU,EAAE,UAAuB,EAAA;AACjE,QAAA,MAAM,QAAQ,GAAG,UAAU,EAAE,QAAQ,IAAIC,qBAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAC3D,MAAM,eAAe,GAAGJ,WAAM,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC;AACjE,QAAA,MAAM,WAAW,GAAGK,4BAAmB,CAAC,eAAe,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;AAElF,QAAA,MAAM,OAAO,GAAG;YACd,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,QAAQ;SACT,CAAC;QAEF,MAAM,KAAK,GAAG,MAAMH,OAAG,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;;AAGtD,QAAA,MAAM,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAC;;QAGzC,MAAM,SAAS,GAAG,WAAW;cACzB,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC;cAClC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;;QAG3D,OAAOI,yBAAY,CAAC,MAAM,CAAC;YACzB,KAAK;YACL,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,QAAQ;YACR,SAAS;AACT,YAAA,UAAU,EAAE,UAAU;AACpB,kBAAE;oBACE,SAAS,EAAE,UAAU,CAAC,SAAS;oBAC/B,EAAE,EAAE,UAAU,CAAC,EAAE;oBACjB,QAAQ,EAAE,UAAU,CAAC,QAAQ;AAC9B,iBAAA;AACH,kBAAE,SAAS;AACd,SAAA,CAAC,CAAC;KACJ;AAED;;AAEG;AACI,IAAA,MAAM,eAAe,CAAC,IAAU,EAAE,UAAuB,EAAA;QAC9D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC;QACzD,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;AAErE,QAAA,MAAM,SAAS,GAAc;YAC3B,WAAW;AACX,YAAA,YAAY,EAAE,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC;YACvC,SAAS,EAAEN,WAAM,CAAC,GAAG,CAAC,oBAAoB,EAAE,IAAI,CAAC;SAClD,CAAC;;QAGFO,qBAAU,CAAC,IAAI,CAAC,eAAe,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QAClDA,qBAAU,CAAC,IAAI,CAAC,iBAAiB,EAAE,IAAI,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;AAEnE,QAAA,OAAO,SAAS,CAAC;KAClB;AAED;;AAEG;AACI,IAAA,MAAM,aAAa,CACxB,kBAA0B,EAC1B,UAAuB,EAAA;QAEvB,IAAI;;YAEF,MAAM,OAAO,GAAG,MAAML,OAAG,CAAC,kBAAkB,CAIzC,kBAAkB,CAAC,CAAC;AAEvB,YAAA,IAAI,CAAC,OAAO;AAAE,gBAAA,OAAO,IAAI,CAAC;;AAG1B,YAAA,MAAMM,cAAY,GAAG,MAAMF,yBAAY,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,kBAAkB,EAAE,CAAC,CAAC;AAE7E,YAAA,IAAI,CAACE,cAAY,EAAE,OAAO,EAAE;;AAE1B,gBAAA,IAAIA,cAAY,EAAE;oBAChB,MAAM,IAAI,CAAC,iBAAiB,CAACA,cAAY,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC;AAC5D,iBAAA;AACD,gBAAA,OAAO,IAAI,CAAC;AACb,aAAA;;AAGD,YAAA,MAAM,SAAS,GAAGR,WAAM,CAAC,GAAG,CAAC,CAAiB,cAAA,EAAA,OAAO,CAAC,QAAQ,CAAE,CAAA,CAAC,CAAC;AAClE,YAAA,IAAI,CAAC,SAAS;AAAE,gBAAA,OAAO,IAAI,CAAC;AAE5B,YAAA,MAAM,IAAI,IAAI,MAAM,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAgB,CAAC;AACnE,YAAA,IAAI,CAAC,IAAI;AAAE,gBAAA,OAAO,IAAI,CAAC;;YAGvB,MAAM,eAAe,GAAGA,WAAM,CAAC,GAAG,CAAC,2BAA2B,EAAE,IAAI,CAAC,CAAC;AACtE,YAAA,IAAI,eAAe,EAAE;AACnB,gBAAA,MAAMQ,cAAY,CAAC,MAAM,EAAE,CAAC;AAC7B,aAAA;AAAM,iBAAA;AACL,gBAAA,MAAMA,cAAY,CAAC,UAAU,EAAE,CAAC;AACjC,aAAA;;YAGD,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE;AACpD,gBAAA,GAAG,UAAU;AACb,gBAAA,QAAQ,EAAEA,cAAY,CAAC,GAAG,CAAC,UAAU,CAAC;AACvC,aAAA,CAAC,CAAC;;YAGHD,qBAAU,CAAC,IAAI,CAAC,iBAAiB,EAAE,IAAI,EAAE,YAAY,EAAEC,cAAY,CAAC,CAAC;AAErE,YAAA,OAAO,YAAY,CAAC;AACrB,SAAA;QAAC,MAAM;AACN,YAAA,OAAO,IAAI,CAAC;AACb,SAAA;KACF;AAED;;AAEG;IACI,cAAc,CAAC,cAAsB,EAAE,aAAqB,EAAA;AACjE,QAAA,OAAOC,eAAM,CAAC,MAAM,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC;KAC9D;AAED;;AAEG;AACI,IAAA,MAAM,YAAY,CAAI,KAAoB,EAAE,IAAS,EAAA;QAC1D,MAAM,EAAE,QAAQ,EAAE,GAAG,SAAS,EAAE,GAAG,IAAI,CAAC;;AAGxC,QAAAF,qBAAU,CAAC,IAAI,CAAC,eAAe,EAAE,SAAS,CAAC,CAAC;QAE5C,MAAM,IAAI,IAAI,MAAM,KAAK,CAAC,KAAK,CAAI,SAAS,CAAC,CAAgB,CAAC;QAE9D,IAAI,CAAC,IAAI,EAAE;YACTA,qBAAU,CAAC,IAAI,CAAC,cAAc,EAAE,SAAS,EAAE,gBAAgB,CAAC,CAAC;AAC7D,YAAA,OAAO,IAAI,CAAC;AACb,SAAA;AAED,QAAA,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,QAAQ,CAAC,EAAE;YACxDA,qBAAU,CAAC,IAAI,CAAC,cAAc,EAAE,SAAS,EAAE,kBAAkB,CAAC,CAAC;AAC/D,YAAA,OAAO,IAAI,CAAC;AACb,SAAA;AAED,QAAA,OAAO,IAAS,CAAC;KAClB;AAED;;;AAGG;AACI,IAAA,MAAM,KAAK,CAChB,KAAoB,EACpB,WAAgB,EAChB,UAAuB,EAAA;QAEvB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAI,KAAK,EAAE,WAAW,CAAC,CAAC;QAE5D,IAAI,CAAC,IAAI,EAAE;AACT,YAAA,OAAO,IAAI,CAAC;AACb,SAAA;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;;QAG5DA,qBAAU,CAAC,IAAI,CAAC,eAAe,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;AAE3D,QAAA,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;KACzB;AAED;;AAEG;AACI,IAAA,MAAM,MAAM,CAAC,IAAU,EAAE,YAA2B,EAAA;AACzD,QAAA,IAAI,YAAY,EAAE;AAChB,YAAA,MAAM,YAAY,CAAC,MAAM,EAAE,CAAC;YAC5BA,qBAAU,CAAC,IAAI,CAAC,mBAAmB,EAAE,IAAI,EAAE,YAAY,CAAC,CAAC;AAC1D,SAAA;;AAGD,QAAAA,qBAAU,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;KACjC;AAED;;AAEG;AACI,IAAA,MAAM,iBAAiB,CAAC,IAAU,EAAE,KAAa,EAAA;QACtDJ,uBAAW,CAAC,MAAM,CAAC;YACjB,KAAK;YACL,SAAS,EAAE,IAAI,CAAC,EAAE;AACnB,SAAA,CAAC,CAAC;KACJ;AAED;;AAEG;IACI,MAAM,eAAe,CAAC,IAAU,EAAA;;AAErC,QAAA,MAAM,aAAa,GAAG,MAAMG,yBAAY,CAAC,SAAS,EAAE;AACjD,aAAA,KAAK,CAAC,QAAQ,EAAE,IAAI,CAAC,EAAE,CAAC;AACxB,aAAA,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC;AAChC,aAAA,KAAK,CAAC,WAAW,EAAE,IAAI,CAAC;AACxB,aAAA,GAAG,EAAE,CAAC;AAET,QAAA,KAAK,MAAM,KAAK,IAAI,aAAa,EAAE;AACjC,YAAA,MAAM,KAAK,CAAC,MAAM,EAAE,CAAC;YACrBC,qBAAU,CAAC,IAAI,CAAC,eAAe,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;AAC/C,SAAA;;QAGD,MAAMJ,uBAAW,CAAC,MAAM,CAAC;YACvB,SAAS,EAAE,IAAI,CAAC,EAAE;YAClB,eAAe,EAAE,IAAI,CAAC,QAAQ;AAC/B,SAAA,CAAC,CAAC;;AAGH,QAAAI,qBAAU,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;KACrC;AAED;;AAEG;IACI,MAAM,iBAAiB,CAAC,QAAgB,EAAA;AAC7C,QAAA,MAAM,MAAM,GAAG,MAAMD,yBAAY,CAAC,SAAS,EAAE;AAC1C,aAAA,KAAK,CAAC,UAAU,EAAE,QAAQ,CAAC;AAC3B,aAAA,KAAK,CAAC,WAAW,EAAE,IAAI,CAAC;AACxB,aAAA,GAAG,EAAE,CAAC;AAET,QAAA,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE;AAC1B,YAAA,MAAM,KAAK,CAAC,MAAM,EAAE,CAAC;AACtB,SAAA;;QAGDC,qBAAU,CAAC,IAAI,CAAC,qBAAqB,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;KAC1D;AAED;;AAEG;AACI,IAAA,MAAM,oBAAoB,GAAA;QAC/B,MAAM,aAAa,GAAG,MAAMD,yBAAY,CAAC,SAAS,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,GAAG,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC;AAE/F,QAAA,KAAK,MAAM,KAAK,IAAI,aAAa,EAAE;AACjC,YAAAC,qBAAU,CAAC,IAAI,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;AACxC,YAAA,MAAM,KAAK,CAAC,OAAO,EAAE,CAAC;AACvB,SAAA;;QAGDA,qBAAU,CAAC,IAAI,CAAC,mBAAmB,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;QAE3D,OAAO,aAAa,CAAC,MAAM,CAAC;KAC7B;AAED;;AAEG;IACK,MAAM,uBAAuB,CAAC,IAAU,EAAA;QAC9C,MAAM,UAAU,GAAGP,WAAM,CAAC,GAAG,CAAC,6BAA6B,EAAE,CAAC,CAAC,CAAC;AAEhE,QAAA,MAAM,YAAY,GAAG,MAAMM,yBAAY,CAAC,SAAS,EAAE;AAChD,aAAA,KAAK,CAAC,QAAQ,EAAE,IAAI,CAAC,EAAE,CAAC;AACxB,aAAA,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC;AAChC,aAAA,KAAK,CAAC,WAAW,EAAE,IAAI,CAAC;AACxB,aAAA,IAAI,CAAC,WAAW,EAAE,KAAK,CAAC;AACxB,aAAA,GAAG,EAAE,CAAC;;AAGT,QAAA,IAAI,YAAY,CAAC,MAAM,IAAI,UAAU,EAAE;AACrC,YAAA,MAAM,cAAc,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,MAAM,GAAG,UAAU,GAAG,CAAC,CAAC,CAAC;AACnF,YAAA,KAAK,MAAM,KAAK,IAAI,cAAc,EAAE;AAClC,gBAAA,MAAM,KAAK,CAAC,MAAM,EAAE,CAAC;AACtB,aAAA;AACF,SAAA;KACF;AAED;;AAEG;IACI,MAAM,iBAAiB,CAAC,IAAU,EAAA;QACvC,OAAOA,yBAAY,CAAC,SAAS,EAAE;AAC5B,aAAA,KAAK,CAAC,QAAQ,EAAE,IAAI,CAAC,EAAE,CAAC;AACxB,aAAA,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC;AAChC,aAAA,KAAK,CAAC,WAAW,EAAE,IAAI,CAAC;aACxB,KAAK,CAAC,WAAW,EAAE,GAAG,EAAE,IAAI,IAAI,EAAE,CAAC;AACnC,aAAA,IAAI,CAAC,WAAW,EAAE,MAAM,CAAC;AACzB,aAAA,GAAG,EAAE,CAAC;KACV;AACF,CAAA;AAEY,MAAA,WAAW,GAAG,IAAI,WAAW"}

package/cjs/services/generate-jwt-secret.d.ts

@@ -1,2 +0,0 @@
-export declare function generateJWTSecret(): Promise<void>;
-//# sourceMappingURL=generate-jwt-secret.d.ts.map

package/cjs/services/generate-jwt-secret.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"generate-jwt-secret.d.ts","sourceRoot":"","sources":["../../src/services/generate-jwt-secret.ts"],"names":[],"mappings":"AAKA,wBAAsB,iBAAiB,kBAmCtC"}

package/cjs/services/generate-jwt-secret.js

@@ -1,26 +0,0 @@
-'use strict';var fs=require('@mongez/fs'),reinforcements=require('@mongez/reinforcements'),core=require('@warlock.js/core'),logger=require('@warlock.js/logger');async function generateJWTSecret() {
-    let envFile = core.rootPath(".env");
-    logger.log.info("jwt", "generating", "Generating jwt secret");
-    const environmentMode = core.environment();
-    if (!(await fs.fileExistsAsync(envFile))) {
-        const envFileType = environmentMode === "production" ? ".env.production" : ".env.development";
-        envFile = core.rootPath(envFileType);
-    }
-    if (!(await fs.fileExistsAsync(envFile))) {
-        logger.log.error("jwt", "error", ".env file not found");
-        return;
-    }
-    let contents = await fs.getFileAsync(envFile);
-    if (contents.includes("JWT_SECRET")) {
-        logger.log.warn("jwt", "exists", "JWT secret already exists in the .env file.");
-        return;
-    }
-    const key = reinforcements.Random.string(32);
-    contents += `
-
-# JWT Secret
-JWT_SECRET=${key}
-`;
-    await fs.putFileAsync(envFile, contents);
-    logger.log.success("jwt", "generated", `JWT secret key generated and added to the .env file.`);
-}exports.generateJWTSecret=generateJWTSecret;//# sourceMappingURL=generate-jwt-secret.js.map

package/cjs/services/generate-jwt-secret.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"generate-jwt-secret.js","sources":["../../src/services/generate-jwt-secret.ts"],"sourcesContent":[null],"names":["rootPath","log","environment","fileExistsAsync","getFileAsync","Random","putFileAsync"],"mappings":"iKAKO,eAAe,iBAAiB,GAAA;AACrC,IAAA,IAAI,OAAO,GAAGA,aAAQ,CAAC,MAAM,CAAC,CAAC;IAE/BC,UAAG,CAAC,IAAI,CAAC,KAAK,EAAE,YAAY,EAAE,uBAAuB,CAAC,CAAC;AAEvD,IAAA,MAAM,eAAe,GAAGC,gBAAW,EAAE,CAAC;IAEtC,IAAI,EAAE,MAAMC,kBAAe,CAAC,OAAO,CAAC,CAAC,EAAE;AACrC,QAAA,MAAM,WAAW,GAAG,eAAe,KAAK,YAAY,GAAG,iBAAiB,GAAG,kBAAkB,CAAC;AAC9F,QAAA,OAAO,GAAGH,aAAQ,CAAC,WAAW,CAAC,CAAC;AACjC,KAAA;IAED,IAAI,EAAE,MAAMG,kBAAe,CAAC,OAAO,CAAC,CAAC,EAAE;QACrCF,UAAG,CAAC,KAAK,CAAC,KAAK,EAAE,OAAO,EAAE,qBAAqB,CAAC,CAAC;QACjD,OAAO;AACR,KAAA;AAED,IAAA,IAAI,QAAQ,GAAG,MAAMG,eAAY,CAAC,OAAO,CAAC,CAAC;AAE3C,IAAA,IAAI,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE;QACnCH,UAAG,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,EAAE,6CAA6C,CAAC,CAAC;QACzE,OAAO;AACR,KAAA;IAED,MAAM,GAAG,GAAGI,qBAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;AAE9B,IAAA,QAAQ,IAAI,CAAA;;;aAGD,GAAG,CAAA;CACf,CAAC;AAEA,IAAA,MAAMC,eAAY,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IAEtCL,UAAG,CAAC,OAAO,CAAC,KAAK,EAAE,WAAW,EAAE,CAAsD,oDAAA,CAAA,CAAC,CAAC;AAC1F"}

package/cjs/services/index.d.ts

@@ -1,5 +0,0 @@
-export * from "./auth-events";
-export * from "./auth.service";
-export * from "./generate-jwt-secret";
-export * from "./jwt";
-//# sourceMappingURL=index.d.ts.map

package/cjs/services/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/services/index.ts"],"names":[],"mappings":"AAAA,cAAc,eAAe,CAAC;AAC9B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,uBAAuB,CAAC;AACtC,cAAc,OAAO,CAAC"}

package/cjs/services/jwt.d.ts

@@ -1,23 +0,0 @@
-import { type SignerOptions, type VerifierOptions } from "fast-jwt";
-export declare const jwt: {
-    /**
-     * Generate a new JWT token for the user.
-     * @param payload The payload to encode in the JWT token.
-     */
-    generate(payload: any, { key, algorithm, ...options }?: any): Promise<string>;
-    /**
-     * Verify the given token.
-     * @param token The JWT token to verify.
-     * @returns The decoded token payload if verification is successful.
-     */
-    verify<T = any>(token: string, { key, algorithms, ...options }?: any): Promise<T>;
-    /**
-     * Generate a new refresh token for the user.
-     */
-    generateRefreshToken(payload: any, { key, expiresIn, algorithm, ...options }?: any): Promise<string>;
-    /**
-     * Verify the given refresh token.
-     */
-    verifyRefreshToken<T_1 = any>(token: string, { key, algorithms, ...options }?: any): Promise<T_1>;
-};
-//# sourceMappingURL=jwt.d.ts.map

package/cjs/services/jwt.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../src/services/jwt.ts"],"names":[],"mappings":"AACA,OAAO,EAIL,KAAK,aAAa,EAClB,KAAK,eAAe,EACrB,MAAM,UAAU,CAAC;AASlB,eAAO,MAAM,GAAG;IACd;;;OAGG;sBAEQ,GAAG,yCAMX,QAAQ,MAAM,CAAC;IAOlB;;;;OAIG;2BAEM,MAAM;IAYf;;OAEG;kCAEQ,GAAG,oDAOX,QAAQ,MAAM,CAAC;IAKlB;;OAEG;yCAEM,MAAM;CAUhB,CAAC"}

package/cjs/services/jwt.js

@@ -1,39 +0,0 @@
-'use strict';var core=require('@warlock.js/core'),fastJwt=require('fast-jwt');const getSecretKey = () => core.config.key("auth.jwt.secret");
-const getAlgorithm = () => core.config.key("auth.jwt.algorithm");
-const getRefreshSecretKey = () => core.config.key("auth.jwt.refresh.secret");
-// Assuming there's a separate config for refresh token validity, for example, '7d' for 7 days
-const getRefreshTokenValidity = () => core.config.key("auth.jwt.refresh.expiresIn");
-const jwt = {
-    /**
-     * Generate a new JWT token for the user.
-     * @param payload The payload to encode in the JWT token.
-     */
-    async generate(payload, { key = getSecretKey(), algorithm = getAlgorithm(), ...options } = {}) {
-        // Create a signer function with predefined options
-        const sign = fastJwt.createSigner({ key, ...options, algorithm });
-        return sign({ ...payload });
-    },
-    /**
-     * Verify the given token.
-     * @param token The JWT token to verify.
-     * @returns The decoded token payload if verification is successful.
-     */
-    async verify(token, { key = getSecretKey(), algorithms = getAlgorithm() ? [getAlgorithm()] : undefined, ...options } = {}) {
-        const verify = fastJwt.createVerifier({ key, ...options, algorithms });
-        return await verify(token);
-    },
-    /**
-     * Generate a new refresh token for the user.
-     */
-    async generateRefreshToken(payload, { key = getRefreshSecretKey(), expiresIn = getRefreshTokenValidity(), algorithm = getAlgorithm(), ...options } = {}) {
-        const sign = fastJwt.createSigner({ key, expiresIn, algorithm, ...options });
-        return sign({ ...payload });
-    },
-    /**
-     * Verify the given refresh token.
-     */
-    async verifyRefreshToken(token, { key = getRefreshSecretKey(), algorithms = [getAlgorithm()], ...options } = {}) {
-        const verify = fastJwt.createVerifier({ key, algorithms, ...options });
-        return await verify(token);
-    },
-};exports.jwt=jwt;//# sourceMappingURL=jwt.js.map

package/cjs/services/jwt.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"jwt.js","sources":["../../src/services/jwt.ts"],"sourcesContent":[null],"names":["config","createSigner","createVerifier"],"mappings":"8EASA,MAAM,YAAY,GAAG,MAAMA,WAAM,CAAC,GAAG,CAAC,iBAAiB,CAAW,CAAC;AACnE,MAAM,YAAY,GAAG,MAAMA,WAAM,CAAC,GAAG,CAAC,oBAAoB,CAAc,CAAC;AAEzE,MAAM,mBAAmB,GAAG,MAAMA,WAAM,CAAC,GAAG,CAAC,yBAAyB,CAAW,CAAC;AAClF;AACA,MAAM,uBAAuB,GAAG,MAAMA,WAAM,CAAC,GAAG,CAAC,4BAA4B,CAAoB,CAAC;AAErF,MAAA,GAAG,GAAG;AACjB;;;AAGG;AACH,IAAA,MAAM,QAAQ,CACZ,OAAY,EACZ,EACE,GAAG,GAAG,YAAY,EAAE,EACpB,SAAS,GAAG,YAAY,EAAE,EAC1B,GAAG,OAAO,KAC0B,EAAE,EAAA;;AAGxC,QAAA,MAAM,IAAI,GAAGC,oBAAY,CAAC,EAAE,GAAG,EAAE,GAAG,OAAO,EAAE,SAAS,EAAE,CAAC,CAAC;AAE1D,QAAA,OAAO,IAAI,CAAC,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;KAC7B;AAED;;;;AAIG;AACH,IAAA,MAAM,MAAM,CACV,KAAa,EACb,EACE,GAAG,GAAG,YAAY,EAAE,EACpB,UAAU,GAAG,YAAY,EAAE,GAAG,CAAC,YAAY,EAAE,CAAC,GAAG,SAAS,EAC1D,GAAG,OAAO,KAC4B,EAAE,EAAA;AAE1C,QAAA,MAAM,MAAM,GAAGC,sBAAc,CAAC,EAAE,GAAG,EAAE,GAAG,OAAO,EAAE,UAAU,EAAE,CAAC,CAAC;AAE/D,QAAA,OAAO,MAAM,MAAM,CAAC,KAAe,CAAC,CAAC;KACtC;AAED;;AAEG;IACH,MAAM,oBAAoB,CACxB,OAAY,EACZ,EACE,GAAG,GAAG,mBAAmB,EAAE,EAC3B,SAAS,GAAG,uBAAuB,EAAE,EACrC,SAAS,GAAG,YAAY,EAAE,EAC1B,GAAG,OAAO,EAAA,GAC0B,EAAE,EAAA;AAExC,QAAA,MAAM,IAAI,GAAGD,oBAAY,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;AACrE,QAAA,OAAO,IAAI,CAAC,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;KAC7B;AAED;;AAEG;IACH,MAAM,kBAAkB,CACtB,KAAa,EACb,EACE,GAAG,GAAG,mBAAmB,EAAE,EAC3B,UAAU,GAAG,CAAC,YAAY,EAAE,CAAC,EAC7B,GAAG,OAAO,EAAA,GAC4B,EAAE,EAAA;AAE1C,QAAA,MAAM,MAAM,GAAGC,sBAAc,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;AAC/D,QAAA,OAAO,MAAM,MAAM,CAAC,KAAK,CAAC,CAAC;KAC5B;"}