npm - authfyio-astro - Versions diffs - 0.2.1 - Mend

authfyio-astro 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,21 @@
+# authfyio-astro
+Astro integration for Authfyio — middleware, `Astro.locals.auth`, and JWKS verification.
+> Part of [Authfyio](https://authfyio.com) — a self-hostable authentication platform.
+## Install
+```bash
+npm install authfyio-astro
+```
+## Usage
+See the full guide at **https://authfyio.com/docs**.
+Point the SDK at your Authfyio instance via the same-origin proxy (`/api/af`) or set `AF_API_BASE_URL` for server-side calls.
+## License
+MIT

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,33 @@
+import { type AuthfyioBackendClientOptions, type SessionClaims } from 'authfyio-backend';
+export type { SessionClaims };
+export type AstroAuthObject = {
+    userId: string;
+    sessionId: string;
+    environmentId: string;
+    orgId: string | null;
+    orgRole: string | null;
+    claims: SessionClaims;
+};
+export type AuthfyioAstroOptions = AuthfyioBackendClientOptions & {
+    /** Glob-like patterns that require auth. Unmatched routes stay public. */
+    protectedPaths?: string[];
+    /** Where to redirect unauthed users on protected routes. Default '/sign-in'. */
+    signInUrl?: string;
+};
+/**
+ * Astro integration middleware. Attaches `locals.auth` (null when signed out)
+ * and optionally 302s unauthenticated requests on protected routes to your
+ * sign-in page. Use inside `src/middleware.ts`:
+ *
+ *     import { onRequest } from 'authfyio-astro';
+ *     export { onRequest };
+ *     // or compose:
+ *     import { createAuthfyioMiddleware, sequence } from 'authfyio-astro';
+ *     export const onRequest = sequence(createAuthfyioMiddleware({ baseUrl }), myOther);
+ */
+export declare function createAuthfyioMiddleware(opts: AuthfyioAstroOptions): (ctx: any, next: any) => Promise<Response>;
+/** Default export helper — picks config from env vars at request time. */
+export declare const onRequest: (ctx: any, next: any) => Promise<Response>;
+/** Minimal sequence helper for composing Astro middlewares. */
+export declare function sequence(...fns: Array<(ctx: any, next: any) => Promise<Response>>): (ctx: any, next: any) => Promise<Response>;
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,KAAK,4BAA4B,EACjC,KAAK,aAAa,EACnB,MAAM,kBAAkB,CAAC;AAE1B,YAAY,EAAE,aAAa,EAAE,CAAC;AAE9B,MAAM,MAAM,eAAe,GAAG;IAC5B,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,MAAM,EAAE,aAAa,CAAC;CACvB,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG,4BAA4B,GAAG;IAChE,0EAA0E;IAC1E,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,gFAAgF;IAChF,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF;;;;;;;;;;GAUG;AACH,wBAAgB,wBAAwB,CAAC,IAAI,EAAE,oBAAoB,IAKjC,KAAK,GAAG,EAAE,MAAM,GAAG,KAAG,OAAO,CAAC,QAAQ,CAAC,CA6BxE;AAED,0EAA0E;AAC1E,eAAO,MAAM,SAAS,QAhCiB,GAAG,QAAQ,GAAG,KAAG,OAAO,CAAC,QAAQ,CAkCtE,CAAC;AAiBH,+DAA+D;AAC/D,wBAAgB,QAAQ,CAAC,GAAG,GAAG,EAAE,KAAK,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC,IAClE,KAAK,GAAG,EAAE,MAAM,GAAG,KAAG,OAAO,CAAC,QAAQ,CAAC,CAWtD"}

package/dist/index.js ADDED Viewed

@@ -0,0 +1,79 @@
+import { AuthfyioBackendClient, } from 'authfyio-backend';
+/**
+ * Astro integration middleware. Attaches `locals.auth` (null when signed out)
+ * and optionally 302s unauthenticated requests on protected routes to your
+ * sign-in page. Use inside `src/middleware.ts`:
+ *
+ *     import { onRequest } from 'authfyio-astro';
+ *     export { onRequest };
+ *     // or compose:
+ *     import { createAuthfyioMiddleware, sequence } from 'authfyio-astro';
+ *     export const onRequest = sequence(createAuthfyioMiddleware({ baseUrl }), myOther);
+ */
+export function createAuthfyioMiddleware(opts) {
+    const client = new AuthfyioBackendClient(opts);
+    const protectedRe = (opts.protectedPaths ?? []).map((p) => globToRegex(p));
+    const signInUrl = opts.signInUrl ?? '/sign-in';
+    return async function onRequest(ctx, next) {
+        const req = ctx.request;
+        const cookie = req.headers.get('cookie') ?? '';
+        const claims = await client
+            .getSessionFromRequest({ headers: { cookie } })
+            .catch(() => null);
+        const auth = claims
+            ? {
+                userId: claims.sub,
+                sessionId: claims.sid,
+                environmentId: claims.env,
+                orgId: claims.org ?? null,
+                orgRole: claims.org_role ?? null,
+                claims,
+            }
+            : null;
+        ctx.locals = { ...(ctx.locals ?? {}), auth };
+        const pathname = new URL(req.url).pathname;
+        const isProtected = protectedRe.some((re) => re.test(pathname));
+        if (isProtected && !auth) {
+            return new Response(null, {
+                status: 302,
+                headers: { Location: `${signInUrl}?redirect_url=${encodeURIComponent(pathname)}` },
+            });
+        }
+        return next();
+    };
+}
+/** Default export helper — picks config from env vars at request time. */
+export const onRequest = createAuthfyioMiddleware({
+    baseUrl: (typeof process !== 'undefined' ? process.env?.AF_API_BASE_URL : undefined) ?? '',
+});
+/** Tiny glob→regex — supports `*` and `(.*)`. */
+function globToRegex(pattern) {
+    const src = pattern
+        .split(/(\(\.\*\))/g)
+        .map((seg) => {
+        if (seg === '(.*)')
+            return '.*';
+        return seg
+            .replace(/[\\^$+?.()|[\]{}]/g, '\\$&')
+            .replace(/\*/g, '[^/]*')
+            .replace(/:([A-Za-z0-9_]+)/g, '[^/]+');
+    })
+        .join('');
+    return new RegExp(`^${src}\\/?$`);
+}
+/** Minimal sequence helper for composing Astro middlewares. */
+export function sequence(...fns) {
+    return async (ctx, next) => {
+        let i = -1;
+        async function runner(j) {
+            if (j <= i)
+                throw new Error('next() called twice');
+            i = j;
+            const fn = fns[j] ?? null;
+            if (!fn)
+                return next();
+            return fn(ctx, () => runner(j + 1));
+        }
+        return runner(0);
+    };
+}

package/package.json ADDED Viewed

@@ -0,0 +1,42 @@
+{
+  "name": "authfyio-astro",
+  "version": "0.2.1",
+  "description": "Astro integration for Authfyio — middleware, `Astro.locals.auth`, and JWKS verification.",
+  "license": "MIT",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "default": "./dist/index.js"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "scripts": {
+    "build": "tsc -p tsconfig.build.json",
+    "typecheck": "tsc -p tsconfig.build.json --noEmit",
+    "prepublishOnly": "npm run build"
+  },
+  "peerDependencies": {
+    "authfyio-backend": "^0.2.0",
+    "astro": ">=4"
+  },
+  "keywords": [
+    "authfyio",
+    "auth",
+    "astro",
+    "middleware"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "homepage": "https://authfyio.com/docs",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/authfyio/authfyio.git"
+  }
+}