npm - auth-vir - Versions diffs - 2.4.1 → 2.4.2 - Mend

auth-vir 2.4.1 → 2.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/auth-client/backend-auth.client.d.ts +12 -4
package/dist/auth-client/backend-auth.client.js +6 -3
package/package.json +1 -1
package/src/auth-client/backend-auth.client.ts +15 -1

package/dist/auth-client/backend-auth.client.d.ts CHANGED Viewed

@@ -128,7 +128,7 @@ export declare class BackendAuthClient<DatabaseUser extends AnyObject, UserId ex
          */
         isSignUpCookie: boolean;
         /** Overrides the client's already established `serviceOrigin`. */
-        serviceOrigin: string | undefined;
+        serviceOrigin?: string | undefined;
     }): Promise<Readonly<CookieParams>>;
     /** Calls the provided `getUserFromDatabase` config. */
     protected getDatabaseUser({ isSignUpCookie, userId, assumingUser, }: {
@@ -137,8 +137,10 @@ export declare class BackendAuthClient<DatabaseUser extends AnyObject, UserId ex
         isSignUpCookie: boolean;
     }): Promise<undefined | DatabaseUser>;
     /** Creates a `'cookie-set'` header to refresh the user's session cookie. */
-    protected createCookieRefreshHeaders({ userIdResult, }: {
+    protected createCookieRefreshHeaders({ userIdResult, serviceOrigin, }: {
         userIdResult: Readonly<UserIdResult<UserId>>;
+        /** Overrides the client's already established `serviceOrigin`. */
+        serviceOrigin?: string | undefined;
     }): Promise<OutgoingHttpHeaders | undefined>;
     /** Reads the user's assumed user headers and, if configured, gets the assumed user. */
     protected getAssumedUser({ headers, user, }: {
@@ -146,7 +148,7 @@ export declare class BackendAuthClient<DatabaseUser extends AnyObject, UserId ex
         headers: IncomingHttpHeaders;
     }): Promise<DatabaseUser | undefined>;
     /** Securely extract a user from their request headers. */
-    getSecureUser({ requestHeaders, isSignUpCookie, allowUserAuthRefresh, }: {
+    getSecureUser({ requestHeaders, isSignUpCookie, allowUserAuthRefresh, serviceOrigin, }: {
         requestHeaders: IncomingHttpHeaders;
         isSignUpCookie: boolean;
         /**
@@ -155,6 +157,8 @@ export declare class BackendAuthClient<DatabaseUser extends AnyObject, UserId ex
          * with the frontend auth client's `checkUser.performCheck` callback.
          */
         allowUserAuthRefresh: boolean;
+        /** Overrides the client's already established `serviceOrigin`. */
+        serviceOrigin?: string | undefined;
     }): Promise<GetUserResult<DatabaseUser> | undefined>;
     /**
      * Get all the JWT params used when creating the auth cookie, in case you need them for
@@ -189,6 +193,8 @@ export declare class BackendAuthClient<DatabaseUser extends AnyObject, UserId ex
          * with the frontend auth client's `checkUser.performCheck` callback.
          */
         allowUserAuthRefresh: boolean;
+        /** Overrides the client's already established `serviceOrigin`. */
+        serviceOrigin?: string | undefined;
     }): Promise<RequireOneOrNone<{
         secureUser: GetUserResult<DatabaseUser>;
         /**
@@ -204,7 +210,7 @@ export declare class BackendAuthClient<DatabaseUser extends AnyObject, UserId ex
      *   where JavaScript cannot be used to attach the CSRF token header to the request (like when
      *   opening a PDF file). Use `.getSecureUser()` instead, whenever possible.
      */
-    getInsecureUser({ requestHeaders, allowUserAuthRefresh, }: {
+    getInsecureUser({ requestHeaders, allowUserAuthRefresh, serviceOrigin, }: {
         requestHeaders: IncomingHttpHeaders;
         /**
          * If true, this method will generate headers to refresh the user's auth session. This
@@ -212,5 +218,7 @@ export declare class BackendAuthClient<DatabaseUser extends AnyObject, UserId ex
          * with the frontend auth client's `checkUser.performCheck` callback.
          */
         allowUserAuthRefresh: boolean;
+        /** Overrides the client's already established `serviceOrigin`. */
+        serviceOrigin?: string | undefined;
     }): Promise<GetUserResult<DatabaseUser> | undefined>;
 }

package/dist/auth-client/backend-auth.client.js CHANGED Viewed

@@ -49,7 +49,7 @@ export class BackendAuthClient {
         return authenticatedUser;
     }
     /** Creates a `'cookie-set'` header to refresh the user's session cookie. */
-    async createCookieRefreshHeaders({ userIdResult, }) {
+    async createCookieRefreshHeaders({ userIdResult, serviceOrigin, }) {
         const now = getNowInUtcTimezone();
         /** Double check that the JWT hasn't already expired. */
         const isExpiredAlready = isDateAfter({
@@ -83,6 +83,7 @@ export class BackendAuthClient {
                 requestHeaders: {},
                 userId: userIdResult.userId,
                 isSignUpCookie: userIdResult.cookieName === AuthCookieName.SignUp,
+                serviceOrigin,
             });
         }
         else {
@@ -110,7 +111,7 @@ export class BackendAuthClient {
         return assumedUser;
     }
     /** Securely extract a user from their request headers. */
-    async getSecureUser({ requestHeaders, isSignUpCookie, allowUserAuthRefresh, }) {
+    async getSecureUser({ requestHeaders, isSignUpCookie, allowUserAuthRefresh, serviceOrigin, }) {
         const userIdResult = await extractUserIdFromRequestHeaders(requestHeaders, await this.getJwtParams(), isSignUpCookie ? AuthCookieName.SignUp : AuthCookieName.Auth, this.config.overrides);
         if (!userIdResult) {
             return undefined;
@@ -129,6 +130,7 @@ export class BackendAuthClient {
         });
         const cookieRefreshHeaders = (await this.createCookieRefreshHeaders({
             userIdResult,
+            serviceOrigin,
         })) || {};
         return {
             user: assumedUser || user,
@@ -220,7 +222,7 @@ export class BackendAuthClient {
      *   where JavaScript cannot be used to attach the CSRF token header to the request (like when
      *   opening a PDF file). Use `.getSecureUser()` instead, whenever possible.
      */
-    async getInsecureUser({ requestHeaders, allowUserAuthRefresh, }) {
+    async getInsecureUser({ requestHeaders, allowUserAuthRefresh, serviceOrigin, }) {
         // eslint-disable-next-line @typescript-eslint/no-deprecated
         const userIdResult = await insecureExtractUserIdFromCookieAlone(requestHeaders, await this.getJwtParams(), AuthCookieName.Auth);
         if (!userIdResult) {
@@ -237,6 +239,7 @@ export class BackendAuthClient {
         const refreshHeaders = allowUserAuthRefresh &&
             (await this.createCookieRefreshHeaders({
                 userIdResult,
+                serviceOrigin,
             }));
         return {
             user,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "auth-vir",
-    "version": "2.4.1",
+    "version": "2.4.2",
     "description": "Auth made easy and secure via JWT cookies, CSRF tokens, and password hashing helpers.",
     "keywords": [
         "auth",

package/src/auth-client/backend-auth.client.ts CHANGED Viewed

@@ -178,7 +178,7 @@ export class BackendAuthClient<
          */
         isSignUpCookie: boolean;
         /** Overrides the client's already established `serviceOrigin`. */
-        serviceOrigin: string | undefined;
+        serviceOrigin?: string | undefined;
     }): Promise<Readonly<CookieParams>> {
         return {
             cookieDuration: this.config.userSessionIdleTimeout || defaultSessionIdleTimeout,
@@ -219,8 +219,11 @@ export class BackendAuthClient<
     /** Creates a `'cookie-set'` header to refresh the user's session cookie. */
     protected async createCookieRefreshHeaders({
         userIdResult,
+        serviceOrigin,
     }: {
         userIdResult: Readonly<UserIdResult<UserId>>;
+        /** Overrides the client's already established `serviceOrigin`. */
+        serviceOrigin?: string | undefined;
     }): Promise<OutgoingHttpHeaders | undefined> {
         const now = getNowInUtcTimezone();
@@ -262,6 +265,7 @@ export class BackendAuthClient<
                 requestHeaders: {},
                 userId: userIdResult.userId,
                 isSignUpCookie: userIdResult.cookieName === AuthCookieName.SignUp,
+                serviceOrigin,
             });
         } else {
             return undefined;
@@ -309,6 +313,7 @@ export class BackendAuthClient<
         requestHeaders,
         isSignUpCookie,
         allowUserAuthRefresh,
+        serviceOrigin,
     }: {
         requestHeaders: IncomingHttpHeaders;
         isSignUpCookie: boolean;
@@ -318,6 +323,8 @@ export class BackendAuthClient<
          * with the frontend auth client's `checkUser.performCheck` callback.
          */
         allowUserAuthRefresh: boolean;
+        /** Overrides the client's already established `serviceOrigin`. */
+        serviceOrigin?: string | undefined;
     }): Promise<GetUserResult<DatabaseUser> | undefined> {
         const userIdResult = await extractUserIdFromRequestHeaders<UserId>(
             requestHeaders,
@@ -347,6 +354,7 @@ export class BackendAuthClient<
         const cookieRefreshHeaders =
             (await this.createCookieRefreshHeaders({
                 userIdResult,
+                serviceOrigin,
             })) || {};
         return {
@@ -494,6 +502,8 @@ export class BackendAuthClient<
          * with the frontend auth client's `checkUser.performCheck` callback.
          */
         allowUserAuthRefresh: boolean;
+        /** Overrides the client's already established `serviceOrigin`. */
+        serviceOrigin?: string | undefined;
     }): Promise<
         RequireOneOrNone<{
             secureUser: GetUserResult<DatabaseUser>;
@@ -526,6 +536,7 @@ export class BackendAuthClient<
     public async getInsecureUser({
         requestHeaders,
         allowUserAuthRefresh,
+        serviceOrigin,
     }: {
         requestHeaders: IncomingHttpHeaders;
         /**
@@ -534,6 +545,8 @@ export class BackendAuthClient<
          * with the frontend auth client's `checkUser.performCheck` callback.
          */
         allowUserAuthRefresh: boolean;
+        /** Overrides the client's already established `serviceOrigin`. */
+        serviceOrigin?: string | undefined;
     }): Promise<GetUserResult<DatabaseUser> | undefined> {
         // eslint-disable-next-line @typescript-eslint/no-deprecated
         const userIdResult = await insecureExtractUserIdFromCookieAlone<UserId>(
@@ -560,6 +573,7 @@ export class BackendAuthClient<
             allowUserAuthRefresh &&
             (await this.createCookieRefreshHeaders({
                 userIdResult,
+                serviceOrigin,
             }));
         return {