npm - auth-vir - Versions diffs - 2.0.4 → 2.2.0 - Mend

auth-vir 2.0.4 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/auth-client/backend-auth.client.d.ts +7 -4
package/dist/auth-client/backend-auth.client.js +20 -9
package/dist/auth-client/frontend-auth.client.d.ts +26 -3
package/dist/auth-client/frontend-auth.client.js +20 -2
package/package.json +5 -5
package/src/auth-client/backend-auth.client.ts +43 -22
package/src/auth-client/frontend-auth.client.ts +61 -8

package/dist/auth-client/backend-auth.client.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 import { type AnyObject, type JsonCompatibleObject, type MaybePromise, type PartialWithUndefined, type RequiredAndNotNull } from '@augment-vir/common';
 import { type AnyDuration } from 'date-vir';
 import { type IncomingHttpHeaders, type OutgoingHttpHeaders } from 'node:http';
-import { type EmptyObject } from 'type-fest';
+import { type EmptyObject, type RequireExactlyOne } from 'type-fest';
 import { type UserIdResult } from '../auth.js';
 import { type CookieParams } from '../cookie.js';
 import { AuthHeaderName } from '../headers.js';
@@ -154,9 +154,12 @@ export declare class BackendAuthClient<DatabaseUser extends AnyObject, UserId ex
      */
     getJwtParams(): Promise<Readonly<CreateJwtParams>>;
     /** Use these headers to log out the user. */
-    createLogoutHeaders(): Promise<{
-        'set-cookie': string;
-    } & Record<CsrfHeaderName, string>>;
+    createLogoutHeaders(params: RequireExactlyOne<{
+        allCookies: true;
+        isSignUpCookie: boolean;
+    }>): Promise<Partial<Record<CsrfHeaderName, string>> & {
+        'set-cookie': string[];
+    }>;
     /** Use these headers to log a user in. */
     createLoginHeaders({ userId, requestHeaders, isSignUpCookie, }: {
         userId: UserId;

package/dist/auth-client/backend-auth.client.js CHANGED Viewed

@@ -155,16 +155,27 @@ export class BackendAuthClient {
         };
     }
     /** Use these headers to log out the user. */
-    async createLogoutHeaders() {
-        const signUpCookieHeaders = generateLogoutHeaders(await this.getCookieParams({
-            isSignUpCookie: true,
-        }), this.config.overrides);
-        const authCookieHeaders = generateLogoutHeaders(await this.getCookieParams({
-            isSignUpCookie: false,
-        }), this.config.overrides);
-        return {
+    async createLogoutHeaders(params) {
+        const signUpCookieHeaders = params.allCookies || params.isSignUpCookie
+            ? generateLogoutHeaders(await this.getCookieParams({
+                isSignUpCookie: true,
+            }), this.config.overrides)
+            : undefined;
+        const authCookieHeaders = params.allCookies || !params.isSignUpCookie
+            ? generateLogoutHeaders(await this.getCookieParams({
+                isSignUpCookie: false,
+            }), this.config.overrides)
+            : undefined;
+        const setCookieHeader = {
+            'set-cookie': mergeHeaderValues(signUpCookieHeaders?.['set-cookie'], authCookieHeaders?.['set-cookie']),
+        };
+        const csrfTokenHeader = {
             ...authCookieHeaders,
-            'set-cookie': mergeHeaderValues(signUpCookieHeaders['set-cookie'], authCookieHeaders['set-cookie']),
+            ...signUpCookieHeaders,
+        };
+        return {
+            ...csrfTokenHeader,
+            ...setCookieHeader,
         };
     }
     /** Use these headers to log a user in. */

package/dist/auth-client/frontend-auth.client.d.ts CHANGED Viewed

@@ -1,4 +1,5 @@
-import { type JsonCompatibleObject, type MaybePromise, type PartialWithUndefined, type SelectFrom } from '@augment-vir/common';
+import { createBlockingInterval, type JsonCompatibleObject, type MaybePromise, type PartialWithUndefined, type SelectFrom, type SetOptionalWithUndefined } from '@augment-vir/common';
+import { type AnyDuration } from 'date-vir';
 import { type EmptyObject } from 'type-fest';
 /**
  * Config for {@link FrontendAuthClient}.
@@ -13,6 +14,22 @@ export type FrontendAuthClientConfig = PartialWithUndefined<{
     canAssumeUser: () => MaybePromise<boolean>;
     /** Called whenever the current user becomes unauthorized and their CSRF token is wiped. */
     authClearedCallback: () => MaybePromise<void>;
+    /**
+     * Performs automatic checks on an interval to see if the user is still authenticated. Omit this
+     * to turn off automatic checks.
+     */
+    checkUser: {
+        /**
+         * Get a response from the backend to see if the user is still authenticated. If the
+         * response returns a non-authorized status, the user is wiped. Any other status is
+         * ignored.
+         */
+        performCheck: () => MaybePromise<SelectFrom<Response, {
+            status: true;
+        }>>;
+        /** @default {minutes: 1} */
+        interval?: AnyDuration | undefined;
+    };
     overrides: PartialWithUndefined<{
         localStorage: Pick<Storage, 'setItem' | 'removeItem' | 'getItem'>;
         csrfHeaderName: string;
@@ -28,7 +45,13 @@ export type FrontendAuthClientConfig = PartialWithUndefined<{
  */
 export declare class FrontendAuthClient<AssumedUserParams extends JsonCompatibleObject = EmptyObject> {
     protected readonly config: FrontendAuthClientConfig;
+    protected userCheckInterval: undefined | ReturnType<typeof createBlockingInterval>;
     constructor(config?: FrontendAuthClientConfig);
+    /**
+     * Destroys the client and performs all necessary cleanup (like clearing the user check
+     * interval).
+     */
+    destroy(): void;
     /** Wraps {@link getCurrentCsrfToken} to automatically handle wiping an invalid CSRF token. */
     getCurrentCsrfToken(): Promise<string | undefined>;
     /**
@@ -62,8 +85,8 @@ export declare class FrontendAuthClient<AssumedUserParams extends JsonCompatible
      * Use to verify _all_ responses received from the backend. Immediately logs the user out once
      * an unauthorized response is detected.
      */
-    verifyResponseAuth(response: Readonly<SelectFrom<Response, {
+    verifyResponseAuth(response: Readonly<SetOptionalWithUndefined<SelectFrom<Response, {
         status: true;
         headers: true;
-    }>>): Promise<void>;
+    }>, 'headers'>>): Promise<void>;
 }

package/dist/auth-client/frontend-auth.client.js CHANGED Viewed

@@ -1,4 +1,4 @@
-import { HttpStatus, } from '@augment-vir/common';
+import { createBlockingInterval, HttpStatus, } from '@augment-vir/common';
 import { CsrfTokenFailureReason, extractCsrfTokenHeader, getCurrentCsrfToken, storeCsrfToken, wipeCurrentCsrfToken, } from '../csrf-token.js';
 import { AuthHeaderName } from '../headers.js';
 /**
@@ -10,8 +10,26 @@ import { AuthHeaderName } from '../headers.js';
  */
 export class FrontendAuthClient {
     config;
+    userCheckInterval;
     constructor(config = {}) {
         this.config = config;
+        if (config.checkUser) {
+            this.userCheckInterval = createBlockingInterval(async () => {
+                const response = await config.checkUser?.performCheck();
+                if (response) {
+                    await this.verifyResponseAuth({
+                        status: response.status,
+                    });
+                }
+            }, config.checkUser.interval || { minutes: 1 });
+        }
+    }
+    /**
+     * Destroys the client and performs all necessary cleanup (like clearing the user check
+     * interval).
+     */
+    destroy() {
+        this.userCheckInterval?.clearInterval();
     }
     /** Wraps {@link getCurrentCsrfToken} to automatically handle wiping an invalid CSRF token. */
     async getCurrentCsrfToken() {
@@ -111,7 +129,7 @@ export class FrontendAuthClient {
      */
     async verifyResponseAuth(response) {
         if (response.status === HttpStatus.Unauthorized &&
-            !response.headers.get(AuthHeaderName.IsSignUpAuth)) {
+            !response.headers?.get(AuthHeaderName.IsSignUpAuth)) {
             await this.logout();
         }
     }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "auth-vir",
-    "version": "2.0.4",
+    "version": "2.2.0",
     "description": "Auth made easy and secure via JWT cookies, CSRF tokens, and password hashing helpers.",
     "keywords": [
         "auth",
@@ -42,8 +42,8 @@
         "test:web": "virmator test web"
     },
     "dependencies": {
-        "@augment-vir/assert": "^31.41.0",
-        "@augment-vir/common": "^31.41.0",
+        "@augment-vir/assert": "^31.42.0",
+        "@augment-vir/common": "^31.42.0",
         "date-vir": "^8.0.0",
         "hash-wasm": "^4.12.0",
         "jose": "^6.1.0",
@@ -52,9 +52,9 @@
         "url-vir": "^2.1.6"
     },
     "devDependencies": {
-        "@augment-vir/test": "^31.41.0",
+        "@augment-vir/test": "^31.42.0",
         "@prisma/client": "^6.17.1",
-        "@types/node": "^24.8.1",
+        "@types/node": "^24.9.1",
         "@web/dev-server-esbuild": "^1.0.4",
         "@web/test-runner": "^0.20.2",
         "@web/test-runner-commands": "^0.9.0",

package/src/auth-client/backend-auth.client.ts CHANGED Viewed

@@ -8,7 +8,7 @@ import {
 } from '@augment-vir/common';
 import {calculateRelativeDate, getNowInUtcTimezone, isDateAfter, type AnyDuration} from 'date-vir';
 import {type IncomingHttpHeaders, type OutgoingHttpHeaders} from 'node:http';
-import {type EmptyObject} from 'type-fest';
+import {type EmptyObject, type RequireExactlyOne} from 'type-fest';
 import {
     extractUserIdFromRequestHeaders,
     generateLogoutHeaders,
@@ -369,31 +369,52 @@ export class BackendAuthClient<
     }
     /** Use these headers to log out the user. */
-    public async createLogoutHeaders(): Promise<
-        {
-            'set-cookie': string;
-        } & Record<CsrfHeaderName, string>
+    public async createLogoutHeaders(
+        params: RequireExactlyOne<{
+            allCookies: true;
+            isSignUpCookie: boolean;
+        }>,
+    ): Promise<
+        Partial<Record<CsrfHeaderName, string>> & {
+            'set-cookie': string[];
+        }
     > {
-        const signUpCookieHeaders = generateLogoutHeaders(
-            await this.getCookieParams({
-                isSignUpCookie: true,
-            }),
-            this.config.overrides,
-        );
-        const authCookieHeaders = generateLogoutHeaders(
-            await this.getCookieParams({
-                isSignUpCookie: false,
-            }),
-            this.config.overrides,
-        );
-        return {
-            ...authCookieHeaders,
+        const signUpCookieHeaders =
+            params.allCookies || params.isSignUpCookie
+                ? (generateLogoutHeaders(
+                      await this.getCookieParams({
+                          isSignUpCookie: true,
+                      }),
+                      this.config.overrides,
+                  ) satisfies Record<CsrfHeaderName, string>)
+                : undefined;
+        const authCookieHeaders =
+            params.allCookies || !params.isSignUpCookie
+                ? (generateLogoutHeaders(
+                      await this.getCookieParams({
+                          isSignUpCookie: false,
+                      }),
+                      this.config.overrides,
+                  ) satisfies Record<CsrfHeaderName, string>)
+                : undefined;
+        const setCookieHeader: {
+            'set-cookie': string[];
+        } = {
             'set-cookie': mergeHeaderValues(
-                signUpCookieHeaders['set-cookie'],
-                authCookieHeaders['set-cookie'],
+                signUpCookieHeaders?.['set-cookie'],
+                authCookieHeaders?.['set-cookie'],
             ),
         };
+        const csrfTokenHeader = {
+            ...authCookieHeaders,
+            ...signUpCookieHeaders,
+        } as Record<CsrfHeaderName, string>;
+        return {
+            ...csrfTokenHeader,
+            ...setCookieHeader,
+        };
     }
     /** Use these headers to log a user in. */

package/src/auth-client/frontend-auth.client.ts CHANGED Viewed

@@ -1,10 +1,13 @@
 import {
+    createBlockingInterval,
     HttpStatus,
     type JsonCompatibleObject,
     type MaybePromise,
     type PartialWithUndefined,
     type SelectFrom,
+    type SetOptionalWithUndefined,
 } from '@augment-vir/common';
+import {type AnyDuration} from 'date-vir';
 import {type EmptyObject} from 'type-fest';
 import {
     CsrfTokenFailureReason,
@@ -28,6 +31,29 @@ export type FrontendAuthClientConfig = PartialWithUndefined<{
     canAssumeUser: () => MaybePromise<boolean>;
     /** Called whenever the current user becomes unauthorized and their CSRF token is wiped. */
     authClearedCallback: () => MaybePromise<void>;
+    /**
+     * Performs automatic checks on an interval to see if the user is still authenticated. Omit this
+     * to turn off automatic checks.
+     */
+    checkUser: {
+        /**
+         * Get a response from the backend to see if the user is still authenticated. If the
+         * response returns a non-authorized status, the user is wiped. Any other status is
+         * ignored.
+         */
+        performCheck: () => MaybePromise<
+            SelectFrom<
+                Response,
+                {
+                    status: true;
+                }
+            >
+        >;
+        /** @default {minutes: 1} */
+        interval?: AnyDuration | undefined;
+    };
     overrides: PartialWithUndefined<{
         localStorage: Pick<Storage, 'setItem' | 'removeItem' | 'getItem'>;
         csrfHeaderName: string;
@@ -43,7 +69,31 @@ export type FrontendAuthClientConfig = PartialWithUndefined<{
  * @category Client
  */
 export class FrontendAuthClient<AssumedUserParams extends JsonCompatibleObject = EmptyObject> {
-    constructor(protected readonly config: FrontendAuthClientConfig = {}) {}
+    protected userCheckInterval: undefined | ReturnType<typeof createBlockingInterval>;
+    constructor(protected readonly config: FrontendAuthClientConfig = {}) {
+        if (config.checkUser) {
+            this.userCheckInterval = createBlockingInterval(
+                async () => {
+                    const response = await config.checkUser?.performCheck();
+                    if (response) {
+                        await this.verifyResponseAuth({
+                            status: response.status,
+                        });
+                    }
+                },
+                config.checkUser.interval || {minutes: 1},
+            );
+        }
+    }
+    /**
+     * Destroys the client and performs all necessary cleanup (like clearing the user check
+     * interval).
+     */
+    public destroy() {
+        this.userCheckInterval?.clearInterval();
+    }
     /** Wraps {@link getCurrentCsrfToken} to automatically handle wiping an invalid CSRF token. */
     public async getCurrentCsrfToken(): Promise<string | undefined> {
@@ -176,18 +226,21 @@ export class FrontendAuthClient<AssumedUserParams extends JsonCompatibleObject =
      */
     public async verifyResponseAuth(
         response: Readonly<
-            SelectFrom<
-                Response,
-                {
-                    status: true;
-                    headers: true;
-                }
+            SetOptionalWithUndefined<
+                SelectFrom<
+                    Response,
+                    {
+                        status: true;
+                        headers: true;
+                    }
+                >,
+                'headers'
             >
         >,
     ): Promise<void> {
         if (
             response.status === HttpStatus.Unauthorized &&
-            !response.headers.get(AuthHeaderName.IsSignUpAuth)
+            !response.headers?.get(AuthHeaderName.IsSignUpAuth)
         ) {
             await this.logout();
         }