@wrelik/auth 0.2.1 → 0.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.turbo/turbo-build.log +7 -7
- package/CHANGELOG.md +15 -0
- package/dist/{chunk-5WLTDLEP.mjs → chunk-TF32HGN2.mjs} +1 -0
- package/dist/index.js +1 -0
- package/dist/index.mjs +1 -1
- package/dist/next.mjs +1 -1
- package/dist/react-native.js +1 -0
- package/dist/react-native.mjs +1 -1
- package/package.json +2 -2
- package/src/shared.test.ts +13 -0
- package/src/shared.ts +1 -0
package/.turbo/turbo-build.log
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
|
|
2
|
-
> @wrelik/auth@0.2.
|
|
2
|
+
> @wrelik/auth@0.2.2 build /home/runner/work/wrelik-kit/wrelik-kit/packages/auth
|
|
3
3
|
> tsup src/index.ts src/next.ts src/react-native.ts --format cjs,esm --dts --clean
|
|
4
4
|
|
|
5
5
|
[34mCLI[39m Building entry: src/index.ts, src/next.ts, src/react-native.ts
|
|
@@ -9,18 +9,18 @@
|
|
|
9
9
|
[34mCLI[39m Cleaning output folder
|
|
10
10
|
[34mCJS[39m Build start
|
|
11
11
|
[34mESM[39m Build start
|
|
12
|
-
[32mCJS[39m [1mdist/index.js [22m[32m2.
|
|
13
|
-
[32mCJS[39m [1mdist/react-native.js [22m[32m2.31 KB[39m
|
|
12
|
+
[32mCJS[39m [1mdist/index.js [22m[32m2.28 KB[39m
|
|
14
13
|
[32mCJS[39m [1mdist/next.js [22m[32m1.61 KB[39m
|
|
15
|
-
[32mCJS[39m
|
|
14
|
+
[32mCJS[39m [1mdist/react-native.js [22m[32m2.36 KB[39m
|
|
15
|
+
[32mCJS[39m ⚡️ Build success in 60ms
|
|
16
16
|
[32mESM[39m [1mdist/index.mjs [22m[32m239.00 B[39m
|
|
17
17
|
[32mESM[39m [1mdist/next.mjs [22m[32m255.00 B[39m
|
|
18
18
|
[32mESM[39m [1mdist/chunk-HWIZ2Q5U.mjs [22m[32m391.00 B[39m
|
|
19
19
|
[32mESM[39m [1mdist/react-native.mjs [22m[32m593.00 B[39m
|
|
20
|
-
[32mESM[39m [1mdist/chunk-
|
|
21
|
-
[32mESM[39m ⚡️ Build success in
|
|
20
|
+
[32mESM[39m [1mdist/chunk-TF32HGN2.mjs [22m[32m799.00 B[39m
|
|
21
|
+
[32mESM[39m ⚡️ Build success in 60ms
|
|
22
22
|
[34mDTS[39m Build start
|
|
23
|
-
[32mDTS[39m ⚡️ Build success in
|
|
23
|
+
[32mDTS[39m ⚡️ Build success in 4598ms
|
|
24
24
|
[32mDTS[39m [1mdist/index.d.ts [22m[32m393.00 B[39m
|
|
25
25
|
[32mDTS[39m [1mdist/next.d.ts [22m[32m134.00 B[39m
|
|
26
26
|
[32mDTS[39m [1mdist/react-native.d.ts [22m[32m430.00 B[39m
|
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,20 @@
|
|
|
1
1
|
# @wrelik/auth
|
|
2
2
|
|
|
3
|
+
## 0.2.2
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- 2b9cbf7: Fix auth role checks to reject malformed runtime role payloads and remove a duplicate TypeScript compiler option in errors to eliminate build warnings.
|
|
8
|
+
- Updated dependencies [2b9cbf7]
|
|
9
|
+
- @wrelik/errors@0.2.1
|
|
10
|
+
|
|
11
|
+
## Unreleased
|
|
12
|
+
|
|
13
|
+
### Patch Changes
|
|
14
|
+
|
|
15
|
+
- Fix role authorization checks to deny malformed runtime `roles` payloads.
|
|
16
|
+
- Add regression coverage to ensure malformed `roles` values cannot grant access.
|
|
17
|
+
|
|
3
18
|
## 0.2.1
|
|
4
19
|
|
|
5
20
|
### Patch Changes
|
|
@@ -15,6 +15,7 @@ function requireTenant(session) {
|
|
|
15
15
|
}
|
|
16
16
|
function hasRole(session, role) {
|
|
17
17
|
if (!session || !session.userId) return false;
|
|
18
|
+
if (!Array.isArray(session.roles)) return false;
|
|
18
19
|
return session.roles.includes(role);
|
|
19
20
|
}
|
|
20
21
|
function requireRole(session, role) {
|
package/dist/index.js
CHANGED
|
@@ -45,6 +45,7 @@ function requireTenant(session) {
|
|
|
45
45
|
}
|
|
46
46
|
function hasRole(session, role) {
|
|
47
47
|
if (!session || !session.userId) return false;
|
|
48
|
+
if (!Array.isArray(session.roles)) return false;
|
|
48
49
|
return session.roles.includes(role);
|
|
49
50
|
}
|
|
50
51
|
function requireRole(session, role) {
|
package/dist/index.mjs
CHANGED
package/dist/next.mjs
CHANGED
package/dist/react-native.js
CHANGED
|
@@ -45,6 +45,7 @@ function requireTenant(session) {
|
|
|
45
45
|
}
|
|
46
46
|
function hasRole(session, role) {
|
|
47
47
|
if (!session || !session.userId) return false;
|
|
48
|
+
if (!Array.isArray(session.roles)) return false;
|
|
48
49
|
return session.roles.includes(role);
|
|
49
50
|
}
|
|
50
51
|
function requireRole(session, role) {
|
package/dist/react-native.mjs
CHANGED
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@wrelik/auth",
|
|
3
|
-
"version": "0.2.
|
|
3
|
+
"version": "0.2.2",
|
|
4
4
|
"publishConfig": {
|
|
5
5
|
"access": "public"
|
|
6
6
|
},
|
|
@@ -18,7 +18,7 @@
|
|
|
18
18
|
},
|
|
19
19
|
"dependencies": {
|
|
20
20
|
"@clerk/backend": "^0.38.0",
|
|
21
|
-
"@wrelik/errors": "0.2.
|
|
21
|
+
"@wrelik/errors": "0.2.1"
|
|
22
22
|
},
|
|
23
23
|
"peerDependencies": {
|
|
24
24
|
"@clerk/nextjs": "^4.29.0"
|
package/src/shared.test.ts
CHANGED
|
@@ -24,4 +24,17 @@ describe('Auth Shared', () => {
|
|
|
24
24
|
expect(hasRole(session, 'admin')).toBe(true);
|
|
25
25
|
expect(hasRole(session, 'user')).toBe(false);
|
|
26
26
|
});
|
|
27
|
+
|
|
28
|
+
it('does not grant role access when roles has invalid runtime shape', () => {
|
|
29
|
+
const malformedSession = {
|
|
30
|
+
userId: 'u1',
|
|
31
|
+
tenantId: 't1',
|
|
32
|
+
// Simulates untrusted runtime payload, despite the TypeScript type.
|
|
33
|
+
roles: 'admin',
|
|
34
|
+
// eslint-disable-next-line @typescript-eslint/no-explicit-any
|
|
35
|
+
} as any;
|
|
36
|
+
|
|
37
|
+
expect(hasRole(malformedSession, 'admin')).toBe(false);
|
|
38
|
+
expect(hasRole(malformedSession, 'min')).toBe(false);
|
|
39
|
+
});
|
|
27
40
|
});
|
package/src/shared.ts
CHANGED
|
@@ -23,6 +23,7 @@ export function requireTenant(session: WorkflowSession | null): string {
|
|
|
23
23
|
|
|
24
24
|
export function hasRole(session: WorkflowSession | null, role: string): boolean {
|
|
25
25
|
if (!session || !session.userId) return false;
|
|
26
|
+
if (!Array.isArray(session.roles)) return false;
|
|
26
27
|
return session.roles.includes(role);
|
|
27
28
|
}
|
|
28
29
|
|