auth-vir 2.7.1 → 2.7.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/auth-client/backend-auth.client.js +3 -1
  2. package/dist/auth.js +12 -6
  3. package/dist/csrf-token.js +0 -4
  4. package/package.json +5 -5
  5. package/src/auth-client/backend-auth.client.ts +3 -1
  6. package/src/auth.ts +17 -9
  7. package/src/csrf-token.ts +0 -4
package/dist/auth-client/backend-auth.client.js CHANGED
@@ -146,7 +146,9 @@ export class BackendAuthClient {
146
146
  async getSecureUser({ requestHeaders, isSignUpCookie, allowUserAuthRefresh, }) {
147
147
  const userIdResult = await extractUserIdFromRequestHeaders(requestHeaders, await this.getJwtParams(), isSignUpCookie ? AuthCookieName.SignUp : AuthCookieName.Auth, this.config.overrides);
148
148
  if (!userIdResult) {
149
- authLog('auth-vir: getSecureUser failed - could not extract user from request');
149
+ if (!isSignUpCookie) {
150
+ authLog('auth-vir: getSecureUser failed - could not extract user from request');
151
+ }
150
152
  return undefined;
151
153
  }
152
154
  const user = await this.getDatabaseUser({
package/dist/auth.js CHANGED
@@ -24,7 +24,11 @@ function readCsrfTokenHeader(headers, overrides) {
24
24
  if (!rawCsrfToken) {
25
25
  return undefined;
26
26
  }
27
- return parseCsrfToken(rawCsrfToken).csrfToken?.token || rawCsrfToken;
27
+ const token = parseCsrfToken(rawCsrfToken).csrfToken?.token || rawCsrfToken;
28
+ if (!token) {
29
+ authLog('auth-vir: CSRF token not found.');
30
+ }
31
+ return token;
28
32
  }
29
33
  /**
30
34
  * Extract the user id from a request by checking both the request cookie and CSRF token. This is
@@ -48,11 +52,13 @@ export async function extractUserIdFromRequestHeaders(headers, jwtParams, cookie
48
52
  }
49
53
  const jwt = await extractCookieJwt(cookie, jwtParams, cookieName);
50
54
  if (!jwt || jwt.data.csrfToken !== csrfToken) {
51
- authLog('auth-vir: extractUserIdFromRequestHeaders failed - JWT invalid or CSRF mismatch', {
52
- hasJwt: !!jwt,
53
- csrfMatch: jwt ? jwt.data.csrfToken === csrfToken : false,
54
- cookieName,
55
- });
55
+ if (cookieName === AuthCookieName.Auth) {
56
+ authLog('auth-vir: extractUserIdFromRequestHeaders failed - JWT invalid or CSRF mismatch', {
57
+ hasJwt: !!jwt,
58
+ csrfMatch: jwt ? jwt.data.csrfToken === csrfToken : false,
59
+ cookieName,
60
+ });
61
+ }
56
62
  return undefined;
57
63
  }
58
64
  return {
package/dist/csrf-token.js CHANGED
@@ -75,7 +75,6 @@ export function parseCsrfToken(value) {
75
75
  fallbackValue: undefined,
76
76
  });
77
77
  if (!csrfToken) {
78
- authLog('auth-vir: CSRF token parse failed - will cause logout if used');
79
78
  return {
80
79
  failure: CsrfTokenFailureReason.ParseFailed,
81
80
  };
@@ -84,9 +83,6 @@ export function parseCsrfToken(value) {
84
83
  fullDate: getNowInUtcTimezone(),
85
84
  relativeTo: csrfToken.expiration,
86
85
  })) {
87
- authLog('auth-vir: CSRF token expired - will cause logout', {
88
- expiration: csrfToken.expiration,
89
- });
90
86
  return {
91
87
  failure: CsrfTokenFailureReason.Expired,
92
88
  };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "auth-vir",
3
- "version": "2.7.1",
3
+ "version": "2.7.2",
4
4
  "description": "Auth made easy and secure via JWT cookies, CSRF tokens, and password hashing helpers.",
5
5
  "keywords": [
6
6
  "auth",
@@ -42,8 +42,8 @@
42
42
  "test:web": "virmator test web"
43
43
  },
44
44
  "dependencies": {
45
- "@augment-vir/assert": "^31.59.0",
46
- "@augment-vir/common": "^31.59.0",
45
+ "@augment-vir/assert": "^31.59.2",
46
+ "@augment-vir/common": "^31.59.2",
47
47
  "date-vir": "^8.1.0",
48
48
  "detect-activity": "^0.0.1",
49
49
  "hash-wasm": "^4.12.0",
@@ -53,8 +53,8 @@
53
53
  "url-vir": "^2.1.7"
54
54
  },
55
55
  "devDependencies": {
56
- "@augment-vir/test": "^31.59.0",
57
- "@prisma/client": "^6.18.0",
56
+ "@augment-vir/test": "^31.59.2",
57
+ "@prisma/client": "^6.19.2",
58
58
  "@types/node": "^24.9.1",
59
59
  "@web/dev-server-esbuild": "^1.0.4",
60
60
  "@web/test-runner": "^0.20.2",
package/src/auth-client/backend-auth.client.ts CHANGED
@@ -388,7 +388,9 @@ export class BackendAuthClient<
388
388
  this.config.overrides,
389
389
  );
390
390
  if (!userIdResult) {
391
- authLog('auth-vir: getSecureUser failed - could not extract user from request');
391
+ if (!isSignUpCookie) {
392
+ authLog('auth-vir: getSecureUser failed - could not extract user from request');
393
+ }
392
394
  return undefined;
393
395
  }
394
396
 
package/src/auth.ts CHANGED
@@ -70,7 +70,13 @@ function readCsrfTokenHeader(
70
70
  return undefined;
71
71
  }
72
72
 
73
- return parseCsrfToken(rawCsrfToken).csrfToken?.token || rawCsrfToken;
73
+ const token = parseCsrfToken(rawCsrfToken).csrfToken?.token || rawCsrfToken;
74
+
75
+ if (!token) {
76
+ authLog('auth-vir: CSRF token not found.');
77
+ }
78
+
79
+ return token;
74
80
  }
75
81
 
76
82
  /**
@@ -108,14 +114,16 @@ export async function extractUserIdFromRequestHeaders<UserId extends string | nu
108
114
  const jwt = await extractCookieJwt(cookie, jwtParams, cookieName);
109
115
 
110
116
  if (!jwt || jwt.data.csrfToken !== csrfToken) {
111
- authLog(
112
- 'auth-vir: extractUserIdFromRequestHeaders failed - JWT invalid or CSRF mismatch',
113
- {
114
- hasJwt: !!jwt,
115
- csrfMatch: jwt ? jwt.data.csrfToken === csrfToken : false,
116
- cookieName,
117
- },
118
- );
117
+ if (cookieName === AuthCookieName.Auth) {
118
+ authLog(
119
+ 'auth-vir: extractUserIdFromRequestHeaders failed - JWT invalid or CSRF mismatch',
120
+ {
121
+ hasJwt: !!jwt,
122
+ csrfMatch: jwt ? jwt.data.csrfToken === csrfToken : false,
123
+ cookieName,
124
+ },
125
+ );
126
+ }
119
127
  return undefined;
120
128
  }
121
129
 
package/src/csrf-token.ts CHANGED
@@ -138,7 +138,6 @@ export function parseCsrfToken(value: string | undefined | null): Readonly<GetCs
138
138
  );
139
139
 
140
140
  if (!csrfToken) {
141
- authLog('auth-vir: CSRF token parse failed - will cause logout if used');
142
141
  return {
143
142
  failure: CsrfTokenFailureReason.ParseFailed,
144
143
  };
@@ -150,9 +149,6 @@ export function parseCsrfToken(value: string | undefined | null): Readonly<GetCs
150
149
  relativeTo: csrfToken.expiration,
151
150
  })
152
151
  ) {
153
- authLog('auth-vir: CSRF token expired - will cause logout', {
154
- expiration: csrfToken.expiration,
155
- });
156
152
  return {
157
153
  failure: CsrfTokenFailureReason.Expired,
158
154
  };