authhero 8.5.0 → 8.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (30) hide show
  1. package/dist/authhero.cjs +3 -3
  2. package/dist/authhero.d.ts +118 -86
  3. package/dist/authhero.mjs +41 -19
  4. package/dist/stats.html +1 -1
  5. package/dist/tsconfig.types.tsbuildinfo +1 -1
  6. package/dist/types/authentication-flows/passwordless.d.ts +1 -1
  7. package/dist/types/index.d.ts +86 -86
  8. package/dist/types/routes/auth-api/account.d.ts +2 -2
  9. package/dist/types/routes/auth-api/index.d.ts +16 -16
  10. package/dist/types/routes/auth-api/passwordless.d.ts +8 -8
  11. package/dist/types/routes/auth-api/revoke.d.ts +6 -6
  12. package/dist/types/routes/management-api/action-executions.d.ts +1 -1
  13. package/dist/types/routes/management-api/actions.d.ts +1 -1
  14. package/dist/types/routes/management-api/clients.d.ts +7 -7
  15. package/dist/types/routes/management-api/custom-domains.d.ts +8 -8
  16. package/dist/types/routes/management-api/email-templates.d.ts +18 -18
  17. package/dist/types/routes/management-api/failed-events.d.ts +1 -1
  18. package/dist/types/routes/management-api/flows.d.ts +7 -7
  19. package/dist/types/routes/management-api/guardian.d.ts +5 -5
  20. package/dist/types/routes/management-api/index.d.ts +64 -64
  21. package/dist/types/routes/management-api/logs.d.ts +3 -3
  22. package/dist/types/routes/management-api/migration-sources.d.ts +6 -6
  23. package/dist/types/routes/management-api/organizations.d.ts +1 -1
  24. package/dist/types/routes/management-api/prompts.d.ts +4 -4
  25. package/dist/types/routes/management-api/users.d.ts +2 -2
  26. package/dist/types/routes/universal-login/common.d.ts +2 -2
  27. package/dist/types/routes/universal-login/u2-index.d.ts +6 -6
  28. package/dist/types/routes/universal-login/u2-routes.d.ts +6 -6
  29. package/dist/types/types/AuthHeroConfig.d.ts +33 -1
  30. package/package.json +3 -3
package/dist/authhero.mjs CHANGED
@@ -5134,7 +5134,7 @@ var Jee = (e, t) => {
5134
5134
  }, Uo = (e, t, n, r) => {
5135
5135
  let i = Ho(t, n, r);
5136
5136
  e.header("Set-Cookie", i, { append: !0 });
5137
- }, Wo = "mqmg4m5t", Go = /* @__PURE__ */ p({
5137
+ }, Wo = "mqoyl2ij", Go = /* @__PURE__ */ p({
5138
5138
  common: () => Ko,
5139
5139
  consent: () => qo,
5140
5140
  default: () => ts,
@@ -30025,32 +30025,38 @@ async function GM(e, { user: t, client: n, loginSession: r, existingSessionId: i
30025
30025
  if (s.session_id) return s.session_id;
30026
30026
  throw new _(500, { message: "Login session is authenticated but has no session_id" });
30027
30027
  }
30028
- let l;
30028
+ let l, u;
30029
30029
  if (i) {
30030
30030
  let a = await e.env.data.sessions.get(n.tenant.id, i);
30031
- !a || a.revoked_at ? l = (await WM(e, {
30031
+ if (!a || a.revoked_at) {
30032
+ let i = await WM(e, {
30033
+ user: t,
30034
+ client: n,
30035
+ loginSession: r
30036
+ });
30037
+ l = i.id, u = i.authenticated_at;
30038
+ } else l = i, u = a.authenticated_at, a.clients.includes(n.client_id) || await e.env.data.sessions.update(n.tenant.id, i, { clients: [...a.clients, n.client_id] });
30039
+ } else {
30040
+ let i = await WM(e, {
30032
30041
  user: t,
30033
30042
  client: n,
30034
30043
  loginSession: r
30035
- })).id : (l = i, a.clients.includes(n.client_id) || await e.env.data.sessions.update(n.tenant.id, i, { clients: [...a.clients, n.client_id] }));
30036
- } else l = (await WM(e, {
30037
- user: t,
30038
- client: n,
30039
- loginSession: r
30040
- })).id;
30041
- let { state: u } = IM(c === N.EXPIRED ? N.PENDING : c, {
30044
+ });
30045
+ l = i.id, u = i.authenticated_at;
30046
+ }
30047
+ let { state: d } = IM(c === N.EXPIRED ? N.PENDING : c, {
30042
30048
  type: PM.AUTHENTICATE,
30043
30049
  userId: t.user_id
30044
- }), d = vA({
30050
+ }), f = vA({
30045
30051
  authConnection: a,
30046
30052
  ctxConnection: e.var.connection
30047
30053
  });
30048
30054
  return await e.env.data.loginSessions.update(n.tenant.id, r.id, {
30049
30055
  session_id: l,
30050
- state: u,
30056
+ state: d,
30051
30057
  user_id: t.user_id,
30052
- authenticated_at: (/* @__PURE__ */ new Date()).toISOString(),
30053
- ...d ? { auth_connection: d } : {},
30058
+ authenticated_at: u,
30059
+ ...f ? { auth_connection: f } : {},
30054
30060
  ...o ? { auth_strategy: o } : {},
30055
30061
  ...c === N.EXPIRED ? { expires_at: new Date(Date.now() + SD * 1e3).toISOString() } : {}
30056
30062
  }), l;
@@ -50739,7 +50745,7 @@ function uY(t) {
50739
50745
  let n = e.var.tenant_id || e.req.header("tenant-id");
50740
50746
  n && (await r.clients.list(n, {})).clients.flatMap((e) => e.web_origins || []).includes(a) && o(a);
50741
50747
  }
50742
- }), n.onError((e, t) => {
50748
+ }), t.tenantDispatch && n.use(t.tenantDispatch), n.onError((e, t) => {
50743
50749
  if (!(e instanceof _)) throw e;
50744
50750
  let n = e.status;
50745
50751
  if (n < 400 || n >= 500) throw e;
@@ -54059,14 +54065,30 @@ function a$(e, t = [], n = {}) {
54059
54065
  }
54060
54066
  function o$(e, t, n = {}) {
54061
54067
  if (e.protocol !== t.protocol) return !1;
54062
- if (n.allowPathWildcards && t.pathname.includes("*")) {
54068
+ let r = !!n.allowPathWildcards && t.pathname.includes("*");
54069
+ if (r) {
54063
54070
  let n = t.pathname.replace(/\*/g, ".*").replace(/\//g, "\\/");
54064
54071
  if (!RegExp(`^${n}$`).test(e.pathname)) return !1;
54065
54072
  } else if (e.pathname !== t.pathname) return !1;
54066
- if (t.search) {
54067
- for (let [n, r] of t.searchParams) if (e.searchParams.get(n) !== r) return !1;
54073
+ let i = !!n.allowSubDomainWildcards && t.hostname.startsWith("*.") && t.hostname.split(".").length > 2 && ["http:", "https:"].includes(t.protocol), a = !r && !i;
54074
+ for (let n of new Set(t.searchParams.keys())) {
54075
+ let r = t.searchParams.getAll(n).sort(), i = e.searchParams.getAll(n);
54076
+ if (a) {
54077
+ let e = i.slice().sort();
54078
+ if (r.length !== e.length || !r.every((t, n) => t === e[n])) return !1;
54079
+ } else {
54080
+ let e = i.slice();
54081
+ for (let t of r) {
54082
+ let n = e.indexOf(t);
54083
+ if (n === -1) return !1;
54084
+ e.splice(n, 1);
54085
+ }
54086
+ }
54087
+ }
54088
+ if (a) {
54089
+ for (let n of e.searchParams.keys()) if (!t.searchParams.has(n)) return !1;
54068
54090
  }
54069
- if (n.allowSubDomainWildcards && t.hostname.startsWith("*.") && t.hostname.split(".").length > 2 && ["http:", "https:"].includes(t.protocol)) {
54091
+ if (i) {
54070
54092
  let n = t.hostname.split(".").slice(1).join(".");
54071
54093
  return e.hostname === n || e.hostname.endsWith("." + n);
54072
54094
  }