@zakyyudha/node-authzkit 1.0.0

package/.eslintrc.cjs

@@ -0,0 +1,17 @@
+module.exports = {
+    parser: '@typescript-eslint/parser',
+    plugins: ['@typescript-eslint'],
+    extends: [
+        'eslint:recommended',
+        'plugin:@typescript-eslint/recommended',
+    ],
+    env: {
+        node: true,
+        es2022: true,
+    },
+    rules: {
+        '@typescript-eslint/no-explicit-any': 'off', // Common in early dev
+        '@typescript-eslint/no-unused-vars': ['warn', { argsIgnorePattern: '^_' }],
+    },
+    ignorePatterns: ['dist/', 'node_modules/', 'dashboard/web/', 'src/dashboard/web/'],
+};

package/.prettierrc.json

@@ -0,0 +1,10 @@
+{
+  "printWidth": 100,
+  "tabWidth": 2,
+  "useTabs": false,
+  "semi": true,
+  "singleQuote": true,
+  "trailingComma": "es5",
+  "bracketSpacing": true,
+  "arrowParens": "always"
+}

package/.release-it.json

@@ -0,0 +1,24 @@
+{
+    "git": {
+        "commit": true,
+        "tag": true,
+        "push": true,
+        "commitMessage": "chore: release v${version}"
+    },
+    "github": {
+        "release": true
+    },
+    "npm": {
+        "publish": true,
+        "publishArgs": [
+            "--access public"
+        ]
+    },
+    "hooks": {
+        "before:init": [
+            "npm run lint",
+            "npm test"
+        ],
+        "after:bump": "npm run build"
+    }
+}

package/README.md

@@ -0,0 +1,221 @@
+
+# node-authzkit
+
+`node-authzkit` is a TypeScript library for Node.js that provides role and permission management. It allows you to define roles and permissions, assign them to "authorizable" entities (like users), and easily check for access rights.
+
+## Features
+
+-   **Role and Permission Definition:** Programmatically define permissions and roles with associated permissions.
+-   **Assignment:** Assign roles and direct permissions to any entity that implements the `Authorizable` interface.
+-   **Revocation:** Revoke roles and direct permissions.
+-   **Access Checks:** Convenient methods to check if an entity has a specific role or permission (either directly or via an assigned role).
+-   **Multiple Backends:** Supports In-Memory, MongoDB, and PostgreSQL storages out of the box.
+-   **Dynamic Configuration:** Customize database connection details and collection/table names via configuration.
+-   **Express.js Middleware:** Includes an Express.js middleware for easy route protection based on roles and permissions.
+-   **Dashboard:** Comes with a built-in dashboard for managing roles and permissions (source code included).
+
+## Installation
+
+```bash
+pnpm install node-authzkit
+# or npm install node-authzkit
+# or yarn add node-authzkit
+```
+
+## Quick Start
+
+### 1. Initialize Authzkit
+
+First, initialize the `Authzkit` singleton. You can provide a custom store, or it will default to `InMemoryAuthzkitStore`.
+
+```typescript
+// src/main.ts
+import { Authzkit, InMemoryAuthzkitStore } from 'node-authzkit';
+
+const authzkit = Authzkit.getInstance(new InMemoryAuthzkitStore());
+
+// Or, if you don't provide a store, it defaults to InMemoryAuthzkitStore
+// const authzkit = Authzkit.getInstance();
+
+export default authzkit;
+```
+
+### 2. persistence with MongoDB or PostgreSQL
+
+You use `IAuthzkitConfig` to configure connection details and custom table/collection names.
+
+**MongoDB Example:**
+
+```typescript
+import { Authzkit, MongoConnection, MongoAuthzkitStore, IAuthzkitConfig } from 'node-authzkit';
+
+const config: IAuthzkitConfig = {
+  connection: {
+    type: 'mongodb',
+    uri: 'mongodb://localhost:27017',
+    database: 'my_app_db'
+  },
+  models: { // Optional custom collection names
+    users: 'users',
+    roles: 'app_roles',
+    permissions: 'app_permissions'
+  }
+};
+
+async function init() {
+  const mongoConnection = MongoConnection.getInstance(config);
+  await mongoConnection.connect();
+  
+  const store = new MongoAuthzkitStore(mongoConnection);
+  const authzkit = Authzkit.getInstance(store);
+}
+```
+
+**PostgreSQL Example:**
+
+```typescript
+import { Authzkit, PgConnection, PgAuthzkitStore, IAuthzkitConfig } from 'node-authzkit';
+
+const config: IAuthzkitConfig = {
+  connection: {
+    type: 'postgres',
+    uri: 'postgresql://user:pass@localhost:5432/my_app_db'
+  }
+};
+
+async function init() {
+  const pgConnection = PgConnection.getInstance(config);
+  await pgConnection.connect();
+  await pgConnection.initSchema(); // Creates tables if they don't exist
+  
+  const store = new PgAuthzkitStore(pgConnection);
+  const authzkit = Authzkit.getInstance(store);
+}
+```
+
+### 3. Usage
+
+```typescript
+// Define
+await authzkit.definePermission('edit_posts');
+await authzkit.defineRole('editor', ['edit_posts']);
+
+// Assign
+const user = { id: 123 }; // Authorizable entity
+await authzkit.assignRole(user, 'editor');
+
+// Check
+if (await authzkit.hasPermission(user, 'edit_posts')) {
+  console.log('User can edit posts');
+}
+```
+
+### 4. Express Middleware
+
+```typescript
+import { authorize } from 'node-authzkit';
+
+app.post('/posts', authorize('edit_posts'), (req, res) => {
+  // ...
+});
+```
+
+## Dashboard
+
+This project includes a built-in dashboard to manage Roles, Permissions, and User Assignments visually.
+
+### Integration in Express
+
+You can easily mount the dashboard into your existing Express application.
+
+1.  **Install dependencies:**
+    The dashboard requires `express` and `basic-auth`.
+    ```bash
+    pnpm install express basic-auth
+    ```
+
+2.  **Mount the Router:**
+    ```typescript
+    import express from 'express';
+    import { Authzkit, InMemoryAuthzkitStore, createDashboardRouter } from 'node-authzkit';
+    
+    const app = express();
+    const authzkit = Authzkit.getInstance(new InMemoryAuthzkitStore());
+
+    // Mount the dashboard at /authzkit
+    app.use('/authzkit', createDashboardRouter({
+        authzkit, // Optional, defaults to singleton
+        secret: 'supersecret', // Password for Basic Auth (User: admin)
+        username: 'admin' // Optional, defaults to 'admin'
+    }));
+    
+    app.listen(3000);
+    ```
+
+3.  **Access:**
+    Go to `http://localhost:3000/authzkit/` and log in with the credentials you configured.
+
+### Using Environment Variables
+
+You can configure `node-authzkit` stores using environment variables.
+
+1.  **Set Environment Variables:**
+    ```bash
+    # For MongoDB
+    AUTHZKIT_CONNECTION_TYPE=mongodb
+    AUTHZKIT_CONNECTION_URI=mongodb://localhost:27017/mydb
+    AUTHZKIT_DB_NAME=mydb
+
+    # For PostgreSQL
+    AUTHZKIT_CONNECTION_TYPE=postgres
+    AUTHZKIT_CONNECTION_URI=postgresql://user:pass@localhost:5432/mydb
+
+    # For Dashboard Auth (Optional override)
+    AUTHZKIT_DASHBOARD_USERNAME=adminuser
+    AUTHZKIT_DASHBOARD_SECRET=mysecretpassword
+    ```
+
+2.  **Load Configuration:**
+    ```typescript
+    import { loadConfigFromEnv, MongoConnection, PgConnection, Authzkit, MongoAuthzkitStore, PgAuthzkitStore } from 'node-authzkit';
+
+    const config = loadConfigFromEnv();
+
+    if (config) {
+        if (config.connection.type === 'mongodb') {
+             const conn = MongoConnection.getInstance(config);
+             await conn.connect();
+             Authzkit.getInstance(new MongoAuthzkitStore(conn));
+        } else if (config.connection.type === 'postgres') {
+             const conn = PgConnection.getInstance(config);
+             await conn.connect();
+             Authzkit.getInstance(new PgAuthzkitStore(conn));
+        }
+    }
+    ```
+
+## API Documentation
+
+### `Authzkit` Class
+
+The main singleton class.
+
+-   `static getInstance(store?: IAuthzkitStore): Authzkit`
+-   `definePermission(name: string, guard_name?: string): Promise<Permission>`
+-   `defineRole(name: string, permissions: string[], guard_name?: string): Promise<Role>`
+-   `deletePermission(name: string): Promise<void>`
+-   `deleteRole(name: string): Promise<void>`
+-   `assignRole(authorizable: Authorizable, roleName: string): Promise<void>`
+-   `assignPermission(authorizable: Authorizable, permissionName: string): Promise<void>`
+-   `revokeRole(authorizable: Authorizable, roleName: string): Promise<void>`
+-   `revokePermission(authorizable: Authorizable, permissionName: string): Promise<void>`
+-   `hasRole(authorizable: Authorizable, roleName: string): Promise<boolean>`
+-   `hasPermission(authorizable: Authorizable, permissionName: string): Promise<boolean>`
+-   `getRoles(): Promise<Role[]>`
+-   `getPermissions(): Promise<Permission[]>`
+-   `getUserRoles(authorizable: Authorizable): Promise<Set<string>>`
+-   `getUserPermissions(authorizable: Authorizable): Promise<Set<string>>`
+
+## License
+
+ISC

package/dist/src/classes/Authzkit.d.ts

@@ -0,0 +1,110 @@
+import { Authorizable } from '../interfaces/Authorizable';
+import { Permission } from '../interfaces/Permission';
+import { Role } from '../interfaces/Role';
+import { IAuthzkitStore } from '../stores/IAuthzkitStore';
+export declare class Authzkit {
+    private static instance;
+    private store;
+    private constructor();
+    /**
+     * Returns the singleton instance of Authzkit.
+     * Optionally accepts a store implementation to use. If no store is provided,
+     * an `InMemoryAuthzkitStore` will be used by default.
+     */
+    static getInstance(store?: IAuthzkitStore): Authzkit;
+    /**
+     * Defines a new permission.
+     * @param name The name of the permission.
+     * @param guard_name Optional guard name.
+     */
+    definePermission(name: string, guard_name?: string): Promise<Permission>;
+    /**
+     * Retrieves all defined permissions.
+     * @returns An array of Permission objects.
+     */
+    getPermissions(): Promise<Permission[]>;
+    /**
+     * Retrieves all defined roles.
+     * @returns An array of Role objects.
+     */
+    getRoles(): Promise<Role[]>;
+    /**
+     * Defines a new role with associated permissions.
+     * @param name The name of the role.
+     * @param permissions An array of permission names.
+     * @param guard_name Optional guard name.
+     */
+    defineRole(name: string, permissions?: string[], guard_name?: string): Promise<Role>;
+    /**
+     * Deletes a permission.
+     * @param name The name of the permission to delete.
+     */
+    deletePermission(name: string): Promise<void>;
+    /**
+     * Deletes a role.
+     * @param name The name of the role to delete.
+     */
+    deleteRole(name: string): Promise<void>;
+    /**
+     * Retrieves roles assigned to a user.
+     * @param authorizable The user for whom to retrieve roles.
+     * @returns A Promise resolving to a Set of role names.
+     */
+    getUserRoles(authorizable: Authorizable): Promise<Set<string>>;
+    /**
+     * Retrieves permissions assigned directly to a user.
+     * @param authorizable The user for whom to retrieve permissions.
+     * @returns A Promise resolving to a Set of permission names.
+     */
+    getUserPermissions(authorizable: Authorizable): Promise<Set<string>>;
+    /**
+     * Assigns a role to an authorizable entity.
+     * @param authorizable The entity to assign the role to.
+     * @param roleName The name of the role to assign.
+     */
+    assignRole(authorizable: Authorizable, roleName: string): Promise<void>;
+    /**
+     * Assigns a direct permission to an authorizable entity.
+     * @param authorizable The entity to assign the permission to.
+     * @param permissionName The name of the permission to assign.
+     */
+    assignPermission(authorizable: Authorizable, permissionName: string): Promise<void>;
+    /**
+     * Revokes a role from an authorizable entity.
+     * @param authorizable The entity to revoke the role from.
+     * @param roleName The name of the role to revoke.
+     */
+    revokeRole(authorizable: Authorizable, roleName: string): Promise<void>;
+    /**
+     * Revokes a direct permission from an authorizable entity.
+     * @param authorizable The entity to revoke the permission from.
+     * @param permissionName The name of the permission to revoke.
+     */
+    revokePermission(authorizable: Authorizable, permissionName: string): Promise<void>;
+    /**
+     * Checks if an authorizable entity has a given role.
+     * @param authorizable The entity to check.
+     * @param roleName The name of the role to check for.
+     * @returns True if the entity has the role, false otherwise.
+     */
+    hasRole(authorizable: Authorizable, roleName: string): Promise<boolean>;
+    /**
+     * Checks if an authorizable entity has a given permission, either directly or through a role.
+     * @param authorizable The entity to check.
+     * @param permissionName The name of the permission to check for.
+     * @returns True if the entity has the permission, false otherwise.
+     */
+    hasPermission(authorizable: Authorizable, permissionName: string): Promise<boolean>;
+    /**
+     * Checks if a role has a specific permission.
+     * @param roleName The name of the role.
+     * @param permissionName The name of the permission.
+     * @returns True if the role has the permission, false otherwise.
+     */
+    roleHasPermission(roleName: string, permissionName: string): Promise<boolean>;
+    /**
+     * Resets all defined permissions, roles, and assigned user roles/permissions.
+     * Useful for testing.
+     */
+    reset(): Promise<void>;
+}

package/dist/src/classes/Authzkit.js

@@ -0,0 +1,189 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Authzkit = void 0;
+const InMemoryAuthzkitStore_1 = require("../stores/InMemoryAuthzkitStore");
+class Authzkit {
+    static instance;
+    store;
+    constructor(store) {
+        this.store = store || new InMemoryAuthzkitStore_1.InMemoryAuthzkitStore();
+    }
+    /**
+     * Returns the singleton instance of Authzkit.
+     * Optionally accepts a store implementation to use. If no store is provided,
+     * an `InMemoryAuthzkitStore` will be used by default.
+     */
+    static getInstance(store) {
+        if (!Authzkit.instance) {
+            Authzkit.instance = new Authzkit(store);
+        }
+        return Authzkit.instance;
+    }
+    /**
+     * Defines a new permission.
+     * @param name The name of the permission.
+     * @param guard_name Optional guard name.
+     */
+    async definePermission(name, guard_name) {
+        if (await this.store.hasPermission(name)) {
+            throw new Error(`Permission '${name}' already exists.`);
+        }
+        const permission = { name, guard_name };
+        await this.store.setPermission(permission);
+        return permission;
+    }
+    /**
+     * Retrieves all defined permissions.
+     * @returns An array of Permission objects.
+     */
+    async getPermissions() {
+        return await this.store.getPermissions();
+    }
+    /**
+     * Retrieves all defined roles.
+     * @returns An array of Role objects.
+     */
+    async getRoles() {
+        return await this.store.getRoles();
+    }
+    /**
+     * Defines a new role with associated permissions.
+     * @param name The name of the role.
+     * @param permissions An array of permission names.
+     * @param guard_name Optional guard name.
+     */
+    async defineRole(name, permissions = [], guard_name) {
+        if (await this.store.hasRole(name)) {
+            throw new Error(`Role '${name}' already exists.`);
+        }
+        // Ensure all provided permissions exist
+        for (const pName of permissions) {
+            if (!(await this.store.hasPermission(pName))) {
+                throw new Error(`Permission '${pName}' not found when defining role '${name}'.`);
+            }
+        }
+        const role = { name, permissions, guard_name }; // Store permission names
+        await this.store.setRole(role);
+        return role;
+    }
+    /**
+     * Deletes a permission.
+     * @param name The name of the permission to delete.
+     */
+    async deletePermission(name) {
+        await this.store.deletePermission(name);
+    }
+    /**
+     * Deletes a role.
+     * @param name The name of the role to delete.
+     */
+    async deleteRole(name) {
+        await this.store.deleteRole(name);
+    }
+    /**
+     * Retrieves roles assigned to a user.
+     * @param authorizable The user for whom to retrieve roles.
+     * @returns A Promise resolving to a Set of role names.
+     */
+    async getUserRoles(authorizable) {
+        return await this.store.getUserRoles(authorizable.id);
+    }
+    /**
+     * Retrieves permissions assigned directly to a user.
+     * @param authorizable The user for whom to retrieve permissions.
+     * @returns A Promise resolving to a Set of permission names.
+     */
+    async getUserPermissions(authorizable) {
+        return await this.store.getUserPermissions(authorizable.id);
+    }
+    /**
+     * Assigns a role to an authorizable entity.
+     * @param authorizable The entity to assign the role to.
+     * @param roleName The name of the role to assign.
+     */
+    async assignRole(authorizable, roleName) {
+        if (!(await this.store.hasRole(roleName))) {
+            throw new Error(`Role '${roleName}' not found.`);
+        }
+        await this.store.addUserRole(authorizable.id, roleName);
+    }
+    /**
+     * Assigns a direct permission to an authorizable entity.
+     * @param authorizable The entity to assign the permission to.
+     * @param permissionName The name of the permission to assign.
+     */
+    async assignPermission(authorizable, permissionName) {
+        if (!(await this.store.hasPermission(permissionName))) {
+            throw new Error(`Permission '${permissionName}' not found.`);
+        }
+        await this.store.addUserPermission(authorizable.id, permissionName);
+    }
+    /**
+     * Revokes a role from an authorizable entity.
+     * @param authorizable The entity to revoke the role from.
+     * @param roleName The name of the role to revoke.
+     */
+    async revokeRole(authorizable, roleName) {
+        await this.store.removeUserRole(authorizable.id, roleName);
+    }
+    /**
+     * Revokes a direct permission from an authorizable entity.
+     * @param authorizable The entity to revoke the permission from.
+     * @param permissionName The name of the permission to revoke.
+     */
+    async revokePermission(authorizable, permissionName) {
+        await this.store.removeUserPermission(authorizable.id, permissionName);
+    }
+    /**
+     * Checks if an authorizable entity has a given role.
+     * @param authorizable The entity to check.
+     * @param roleName The name of the role to check for.
+     * @returns True if the entity has the role, false otherwise.
+     */
+    async hasRole(authorizable, roleName) {
+        return await this.store.hasUserRole(authorizable.id, roleName);
+    }
+    /**
+     * Checks if an authorizable entity has a given permission, either directly or through a role.
+     * @param authorizable The entity to check.
+     * @param permissionName The name of the permission to check for.
+     * @returns True if the entity has the permission, false otherwise.
+     */
+    async hasPermission(authorizable, permissionName) {
+        // Check direct permissions from store
+        if (await this.store.hasUserPermission(authorizable.id, permissionName)) {
+            return true;
+        }
+        // Check permissions via roles
+        const roles = await this.store.getUserRoles(authorizable.id);
+        if (roles) {
+            for (const roleName of roles) {
+                const role = await this.store.getRole(roleName);
+                // Check if the role has the permission
+                if (role && role.permissions.includes(permissionName)) {
+                    return true;
+                }
+            }
+        }
+        return false;
+    }
+    /**
+     * Checks if a role has a specific permission.
+     * @param roleName The name of the role.
+     * @param permissionName The name of the permission.
+     * @returns True if the role has the permission, false otherwise.
+     */
+    async roleHasPermission(roleName, permissionName) {
+        const role = await this.store.getRole(roleName);
+        return role ? role.permissions.includes(permissionName) : false;
+    }
+    /**
+     * Resets all defined permissions, roles, and assigned user roles/permissions.
+     * Useful for testing.
+     */
+    async reset() {
+        await this.store.reset();
+    }
+}
+exports.Authzkit = Authzkit;
+//# sourceMappingURL=Authzkit.js.map

package/dist/src/classes/Authzkit.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"Authzkit.js","sourceRoot":"","sources":["../../../src/classes/Authzkit.ts"],"names":[],"mappings":";;;AAIA,2EAAwE;AAExE,MAAa,QAAQ;IACX,MAAM,CAAC,QAAQ,CAAW;IAC1B,KAAK,CAAiB;IAE9B,YAAoB,KAAsB;QACxC,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,IAAI,6CAAqB,EAAE,CAAC;IACpD,CAAC;IAED;;;;OAIG;IACI,MAAM,CAAC,WAAW,CAAC,KAAsB;QAC9C,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;YACvB,QAAQ,CAAC,QAAQ,GAAG,IAAI,QAAQ,CAAC,KAAK,CAAC,CAAC;QAC1C,CAAC;QACD,OAAO,QAAQ,CAAC,QAAQ,CAAC;IAC3B,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,gBAAgB,CAAC,IAAY,EAAE,UAAmB;QAC7D,IAAI,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC;YACzC,MAAM,IAAI,KAAK,CAAC,eAAe,IAAI,mBAAmB,CAAC,CAAC;QAC1D,CAAC;QACD,MAAM,UAAU,GAAe,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;QACpD,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;QAC3C,OAAO,UAAU,CAAC;IACpB,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,cAAc;QACzB,OAAO,MAAM,IAAI,CAAC,KAAK,CAAC,cAAc,EAAE,CAAC;IAC3C,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,QAAQ;QACnB,OAAO,MAAM,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;IACrC,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,UAAU,CACrB,IAAY,EACZ,cAAwB,EAAE,EAC1B,UAAmB;QAEnB,IAAI,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,SAAS,IAAI,mBAAmB,CAAC,CAAC;QACpD,CAAC;QACD,wCAAwC;QACxC,KAAK,MAAM,KAAK,IAAI,WAAW,EAAE,CAAC;YAChC,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;gBAC7C,MAAM,IAAI,KAAK,CAAC,eAAe,KAAK,mCAAmC,IAAI,IAAI,CAAC,CAAC;YACnF,CAAC;QACH,CAAC;QAED,MAAM,IAAI,GAAS,EAAE,IAAI,EAAE,WAAW,EAAE,UAAU,EAAE,CAAC,CAAC,yBAAyB;QAC/E,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAC/B,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,gBAAgB,CAAC,IAAY;QACxC,MAAM,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;IAC1C,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,UAAU,CAAC,IAAY;QAClC,MAAM,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IACpC,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,YAAY,CAAC,YAA0B;QAClD,OAAO,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;IACxD,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,kBAAkB,CAAC,YAA0B;QACxD,OAAO,MAAM,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;IAC9D,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,UAAU,CAAC,YAA0B,EAAE,QAAgB;QAClE,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YAC1C,MAAM,IAAI,KAAK,CAAC,SAAS,QAAQ,cAAc,CAAC,CAAC;QACnD,CAAC;QACD,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,YAAY,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IAC1D,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,gBAAgB,CAAC,YAA0B,EAAE,cAAsB;QAC9E,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC,EAAE,CAAC;YACtD,MAAM,IAAI,KAAK,CAAC,eAAe,cAAc,cAAc,CAAC,CAAC;QAC/D,CAAC;QACD,MAAM,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,YAAY,CAAC,EAAE,EAAE,cAAc,CAAC,CAAC;IACtE,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,UAAU,CAAC,YAA0B,EAAE,QAAgB;QAClE,MAAM,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,YAAY,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IAC7D,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,gBAAgB,CAAC,YAA0B,EAAE,cAAsB;QAC9E,MAAM,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,YAAY,CAAC,EAAE,EAAE,cAAc,CAAC,CAAC;IACzE,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,OAAO,CAAC,YAA0B,EAAE,QAAgB;QAC/D,OAAO,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,YAAY,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IACjE,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,aAAa,CAAC,YAA0B,EAAE,cAAsB;QAC3E,sCAAsC;QACtC,IAAI,MAAM,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,YAAY,CAAC,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;YACxE,OAAO,IAAI,CAAC;QACd,CAAC;QAED,8BAA8B;QAC9B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;QAC7D,IAAI,KAAK,EAAE,CAAC;YACV,KAAK,MAAM,QAAQ,IAAI,KAAK,EAAE,CAAC;gBAC7B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;gBAChD,uCAAuC;gBACvC,IAAI,IAAI,IAAI,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;oBACtD,OAAO,IAAI,CAAC;gBACd,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,iBAAiB,CAAC,QAAgB,EAAE,cAAsB;QACrE,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAChD,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;IAClE,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,KAAK;QAChB,MAAM,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IAC3B,CAAC;CACF;AA/MD,4BA+MC"}

package/dist/src/dashboard/router.d.ts

@@ -0,0 +1,19 @@
+import { Router } from 'express';
+import { Authzkit } from '../classes/Authzkit';
+export interface DashboardOptions {
+    /**
+     * Authzkit instance to use. If not provided, uses the singleton.
+     */
+    authzkit?: Authzkit;
+    /**
+     * Secret password for Basic Auth.
+     * If not provided, checks AUTHZKIT_DASHBOARD_SECRET env var.
+     * If neither is present, dashboard will not be accessible (returns 500 configuration error or 401).
+     */
+    secret?: string;
+    /**
+     * Usersname for Basic Auth. Defaults to 'admin'.
+     */
+    username?: string;
+}
+export declare function createDashboardRouter(options?: DashboardOptions): Router;