npm - auth-vir - Versions diffs - 2.3.9 → 2.4.1 - Mend

auth-vir 2.3.9 → 2.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/auth-client/backend-auth.client.d.ts +11 -4
package/dist/auth-client/backend-auth.client.js +7 -3
package/package.json +1 -1
package/src/auth-client/backend-auth.client.ts +21 -6

package/dist/auth-client/backend-auth.client.d.ts CHANGED Viewed

@@ -119,14 +119,16 @@ export declare class BackendAuthClient<DatabaseUser extends AnyObject, UserId ex
     protected cachedParsedJwtKeys: Record<string, Readonly<JwtKeys>>;
     constructor(config: BackendAuthClientConfig<DatabaseUser, UserId, AssumedUserParams, CsrfHeaderName>);
     /** Get all the parameters used for cookie generation. */
-    protected getCookieParams({ isSignUpCookie, }: {
+    protected getCookieParams({ isSignUpCookie, serviceOrigin, }: {
         /**
          * Set this to `true` when we are setting the initial cookie right after a user signs up.
          * This allows them to auto-authorize when they verify their email address.
          *
          * This should only be set to `true` when a new user is signing up.
          */
-        isSignUpCookie?: boolean | undefined;
+        isSignUpCookie: boolean;
+        /** Overrides the client's already established `serviceOrigin`. */
+        serviceOrigin: string | undefined;
     }): Promise<Readonly<CookieParams>>;
     /** Calls the provided `getUserFromDatabase` config. */
     protected getDatabaseUser({ isSignUpCookie, userId, assumingUser, }: {
@@ -160,17 +162,22 @@ export declare class BackendAuthClient<DatabaseUser extends AnyObject, UserId ex
      */
     getJwtParams(): Promise<Readonly<CreateJwtParams>>;
     /** Use these headers to log out the user. */
-    createLogoutHeaders(params: RequireExactlyOne<{
+    createLogoutHeaders(params: Readonly<RequireExactlyOne<{
         allCookies: true;
         isSignUpCookie: boolean;
+    }> & {
+        /** Overrides the client's already established `serviceOrigin`. */
+        serviceOrigin?: string | undefined;
     }>): Promise<Partial<Record<CsrfHeaderName, string>> & {
         'set-cookie': string[];
     }>;
     /** Use these headers to log a user in. */
-    createLoginHeaders({ userId, requestHeaders, isSignUpCookie, }: {
+    createLoginHeaders({ userId, requestHeaders, isSignUpCookie, serviceOrigin, }: {
         userId: UserId;
         requestHeaders: IncomingHttpHeaders;
         isSignUpCookie: boolean;
+        /** Overrides the client's already established `serviceOrigin`. */
+        serviceOrigin?: string | undefined;
     }): Promise<OutgoingHttpHeaders>;
     /** Combines `.getInsecureUser()` and `.getSecureUser()` into one method. */
     getInsecureOrSecureUser(params: {

package/dist/auth-client/backend-auth.client.js CHANGED Viewed

@@ -24,10 +24,10 @@ export class BackendAuthClient {
         this.config = config;
     }
     /** Get all the parameters used for cookie generation. */
-    async getCookieParams({ isSignUpCookie, }) {
+    async getCookieParams({ isSignUpCookie, serviceOrigin, }) {
         return {
             cookieDuration: this.config.userSessionIdleTimeout || defaultSessionIdleTimeout,
-            hostOrigin: this.config.serviceOrigin,
+            hostOrigin: serviceOrigin || this.config.serviceOrigin,
             jwtParams: await this.getJwtParams(),
             isDev: this.config.isDev,
             cookieName: isSignUpCookie ? AuthCookieName.SignUp : AuthCookieName.Auth,
@@ -160,11 +160,13 @@ export class BackendAuthClient {
         const signUpCookieHeaders = params.allCookies || params.isSignUpCookie
             ? generateLogoutHeaders(await this.getCookieParams({
                 isSignUpCookie: true,
+                serviceOrigin: params.serviceOrigin,
             }), this.config.overrides)
             : undefined;
         const authCookieHeaders = params.allCookies || !params.isSignUpCookie
             ? generateLogoutHeaders(await this.getCookieParams({
                 isSignUpCookie: false,
+                serviceOrigin: params.serviceOrigin,
             }), this.config.overrides)
             : undefined;
         const setCookieHeader = {
@@ -180,16 +182,18 @@ export class BackendAuthClient {
         };
     }
     /** Use these headers to log a user in. */
-    async createLoginHeaders({ userId, requestHeaders, isSignUpCookie, }) {
+    async createLoginHeaders({ userId, requestHeaders, isSignUpCookie, serviceOrigin, }) {
         const oppositeCookieName = isSignUpCookie ? AuthCookieName.Auth : AuthCookieName.SignUp;
         const hasExistingOppositeCookie = requestHeaders.cookie?.includes(`${oppositeCookieName}=`);
         const discardOppositeCookieHeaders = hasExistingOppositeCookie
             ? generateLogoutHeaders(await this.getCookieParams({
                 isSignUpCookie: !isSignUpCookie,
+                serviceOrigin,
             }), this.config.overrides)
             : undefined;
         const newCookieHeaders = await generateSuccessfulLoginHeaders(userId, await this.getCookieParams({
             isSignUpCookie,
+            serviceOrigin,
         }), this.config.overrides);
         return {
             ...newCookieHeaders,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "auth-vir",
-    "version": "2.3.9",
+    "version": "2.4.1",
     "description": "Auth made easy and secure via JWT cookies, CSRF tokens, and password hashing helpers.",
     "keywords": [
         "auth",

package/src/auth-client/backend-auth.client.ts CHANGED Viewed

@@ -168,6 +168,7 @@ export class BackendAuthClient<
     /** Get all the parameters used for cookie generation. */
     protected async getCookieParams({
         isSignUpCookie,
+        serviceOrigin,
     }: {
         /**
          * Set this to `true` when we are setting the initial cookie right after a user signs up.
@@ -175,11 +176,13 @@ export class BackendAuthClient<
          *
          * This should only be set to `true` when a new user is signing up.
          */
-        isSignUpCookie?: boolean | undefined;
+        isSignUpCookie: boolean;
+        /** Overrides the client's already established `serviceOrigin`. */
+        serviceOrigin: string | undefined;
     }): Promise<Readonly<CookieParams>> {
         return {
             cookieDuration: this.config.userSessionIdleTimeout || defaultSessionIdleTimeout,
-            hostOrigin: this.config.serviceOrigin,
+            hostOrigin: serviceOrigin || this.config.serviceOrigin,
             jwtParams: await this.getJwtParams(),
             isDev: this.config.isDev,
             cookieName: isSignUpCookie ? AuthCookieName.SignUp : AuthCookieName.Auth,
@@ -378,10 +381,15 @@ export class BackendAuthClient<
     /** Use these headers to log out the user. */
     public async createLogoutHeaders(
-        params: RequireExactlyOne<{
-            allCookies: true;
-            isSignUpCookie: boolean;
-        }>,
+        params: Readonly<
+            RequireExactlyOne<{
+                allCookies: true;
+                isSignUpCookie: boolean;
+            }> & {
+                /** Overrides the client's already established `serviceOrigin`. */
+                serviceOrigin?: string | undefined;
+            }
+        >,
     ): Promise<
         Partial<Record<CsrfHeaderName, string>> & {
             'set-cookie': string[];
@@ -392,6 +400,7 @@ export class BackendAuthClient<
                 ? (generateLogoutHeaders(
                       await this.getCookieParams({
                           isSignUpCookie: true,
+                          serviceOrigin: params.serviceOrigin,
                       }),
                       this.config.overrides,
                   ) satisfies Record<CsrfHeaderName, string>)
@@ -401,6 +410,7 @@ export class BackendAuthClient<
                 ? (generateLogoutHeaders(
                       await this.getCookieParams({
                           isSignUpCookie: false,
+                          serviceOrigin: params.serviceOrigin,
                       }),
                       this.config.overrides,
                   ) satisfies Record<CsrfHeaderName, string>)
@@ -430,10 +440,13 @@ export class BackendAuthClient<
         userId,
         requestHeaders,
         isSignUpCookie,
+        serviceOrigin,
     }: {
         userId: UserId;
         requestHeaders: IncomingHttpHeaders;
         isSignUpCookie: boolean;
+        /** Overrides the client's already established `serviceOrigin`. */
+        serviceOrigin?: string | undefined;
     }): Promise<OutgoingHttpHeaders> {
         const oppositeCookieName = isSignUpCookie ? AuthCookieName.Auth : AuthCookieName.SignUp;
         const hasExistingOppositeCookie = requestHeaders.cookie?.includes(`${oppositeCookieName}=`);
@@ -442,6 +455,7 @@ export class BackendAuthClient<
             ? generateLogoutHeaders(
                   await this.getCookieParams({
                       isSignUpCookie: !isSignUpCookie,
+                      serviceOrigin,
                   }),
                   this.config.overrides,
               )
@@ -451,6 +465,7 @@ export class BackendAuthClient<
             userId,
             await this.getCookieParams({
                 isSignUpCookie,
+                serviceOrigin,
             }),
             this.config.overrides,
         );