clearauth 0.6.2 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +25 -0
- package/README.md +182 -61
- package/dist/auth/handler.js +29 -16
- package/dist/auth/handler.js.map +1 -1
- package/dist/createMechAuth.d.ts +2 -0
- package/dist/createMechAuth.js +1 -0
- package/dist/createMechAuth.js.map +1 -1
- package/dist/handler.d.ts +5 -0
- package/dist/handler.js +76 -10
- package/dist/handler.js.map +1 -1
- package/dist/jwt/handlers.d.ts +7 -0
- package/dist/jwt/handlers.js +9 -2
- package/dist/jwt/handlers.js.map +1 -1
- package/dist/jwt/issue-token-pair.d.ts +30 -0
- package/dist/jwt/issue-token-pair.js +32 -0
- package/dist/jwt/issue-token-pair.js.map +1 -0
- package/dist/jwt/refresh-tokens.d.ts +11 -0
- package/dist/jwt/refresh-tokens.js +19 -0
- package/dist/jwt/refresh-tokens.js.map +1 -1
- package/dist/jwt/signer.d.ts +1 -1
- package/dist/jwt/signer.js +10 -3
- package/dist/jwt/signer.js.map +1 -1
- package/dist/jwt/types.d.ts +7 -0
- package/dist/jwt/types.js.map +1 -1
- package/dist/mech-sql-client.js +4 -3
- package/dist/mech-sql-client.js.map +1 -1
- package/dist/oauth/callbacks.d.ts +1 -31
- package/dist/oauth/callbacks.js +2 -63
- package/dist/oauth/callbacks.js.map +1 -1
- package/dist/oauth/handler.js +23 -3
- package/dist/oauth/handler.js.map +1 -1
- package/dist/types.d.ts +8 -0
- package/dist/utils/session.d.ts +30 -0
- package/dist/utils/session.js +69 -0
- package/dist/utils/session.js.map +1 -0
- package/package.json +1 -1
package/dist/handler.js
CHANGED
|
@@ -9,8 +9,10 @@
|
|
|
9
9
|
import { handleOAuthRequest } from './oauth/handler.js';
|
|
10
10
|
import { handleAuthRequest } from './auth/handler.js';
|
|
11
11
|
import { handleDeviceAuthRequest } from './device-auth/handlers.js';
|
|
12
|
+
import { handleTokenRequest, handleRefreshRequest, handleRevokeRequest } from './jwt/handlers.js';
|
|
12
13
|
import { handleCorsPreflightRequest, addCorsHeaders } from './utils/cors.js';
|
|
13
14
|
import { normalizeAuthPath } from './utils/normalize-auth-path.js';
|
|
15
|
+
import { validateSession, parseCookies } from './utils/session.js';
|
|
14
16
|
/**
|
|
15
17
|
* Unified authentication request handler
|
|
16
18
|
*
|
|
@@ -66,9 +68,56 @@ export async function handleClearAuthRequest(request, config) {
|
|
|
66
68
|
}
|
|
67
69
|
const url = new URL(request.url);
|
|
68
70
|
const pathname = url.pathname;
|
|
71
|
+
const normalizedPath = normalizeAuthPath(pathname);
|
|
69
72
|
let response;
|
|
70
73
|
// Determine which handler to use based on path
|
|
71
|
-
if (
|
|
74
|
+
if (isJwtRoute(normalizedPath)) {
|
|
75
|
+
if (request.method !== 'POST') {
|
|
76
|
+
response = new Response(JSON.stringify({ error: 'Method Not Allowed', message: 'JWT routes only accept POST' }), { status: 405, headers: { 'Content-Type': 'application/json', 'Allow': 'POST' } });
|
|
77
|
+
}
|
|
78
|
+
else if (!config.jwt) {
|
|
79
|
+
response = new Response(JSON.stringify({ error: 'JWT not configured' }), {
|
|
80
|
+
status: 404,
|
|
81
|
+
headers: { 'Content-Type': 'application/json' },
|
|
82
|
+
});
|
|
83
|
+
}
|
|
84
|
+
else {
|
|
85
|
+
if (normalizedPath === '/auth/token') {
|
|
86
|
+
// Require a valid session cookie — tokens may not be issued for arbitrary userIds
|
|
87
|
+
const cookieHeader = request.headers.get('Cookie') || '';
|
|
88
|
+
const cookies = parseCookies(cookieHeader);
|
|
89
|
+
const cookieName = config.session?.cookie?.name ?? 'session';
|
|
90
|
+
const sessionId = cookies[cookieName];
|
|
91
|
+
if (!sessionId) {
|
|
92
|
+
response = new Response(JSON.stringify({ error: 'unauthorized', message: 'Valid session required' }), { status: 401, headers: { 'Content-Type': 'application/json' } });
|
|
93
|
+
}
|
|
94
|
+
else {
|
|
95
|
+
const sessionUser = await validateSession(config.database, sessionId, config.logger);
|
|
96
|
+
if (!sessionUser) {
|
|
97
|
+
response = new Response(JSON.stringify({ error: 'unauthorized', message: 'Invalid or expired session' }), { status: 401, headers: { 'Content-Type': 'application/json' } });
|
|
98
|
+
}
|
|
99
|
+
else {
|
|
100
|
+
// Override body with trusted session user data — ignore any userId/email in the request body
|
|
101
|
+
const tokenBody = JSON.stringify({ userId: sessionUser.id, email: sessionUser.email, email_verified: sessionUser.email_verified });
|
|
102
|
+
const authedRequest = new Request(request.url, {
|
|
103
|
+
method: 'POST',
|
|
104
|
+
headers: request.headers,
|
|
105
|
+
body: tokenBody,
|
|
106
|
+
});
|
|
107
|
+
response = await handleTokenRequest(authedRequest, config.database, config.jwt);
|
|
108
|
+
}
|
|
109
|
+
}
|
|
110
|
+
}
|
|
111
|
+
else if (normalizedPath === '/auth/refresh') {
|
|
112
|
+
response = await handleRefreshRequest(request, config.database, config.jwt);
|
|
113
|
+
}
|
|
114
|
+
else {
|
|
115
|
+
// /auth/revoke — jwtConfig not forwarded to handler, but jwt must be configured
|
|
116
|
+
response = await handleRevokeRequest(request, config.database);
|
|
117
|
+
}
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
else if (isDeviceAuthRoute(normalizedPath)) {
|
|
72
121
|
// Try device auth handler first (challenge, device registration, etc.)
|
|
73
122
|
const deviceAuthResponse = await handleDeviceAuthRequest(request, config);
|
|
74
123
|
if (deviceAuthResponse) {
|
|
@@ -85,10 +134,10 @@ export async function handleClearAuthRequest(request, config) {
|
|
|
85
134
|
});
|
|
86
135
|
}
|
|
87
136
|
}
|
|
88
|
-
else if (isOAuthRoute(
|
|
137
|
+
else if (isOAuthRoute(normalizedPath)) {
|
|
89
138
|
response = await handleOAuthRequest(request, config);
|
|
90
139
|
}
|
|
91
|
-
else if (isAuthRoute(
|
|
140
|
+
else if (isAuthRoute(normalizedPath)) {
|
|
92
141
|
response = await handleAuthRequest(request, config);
|
|
93
142
|
}
|
|
94
143
|
else {
|
|
@@ -106,6 +155,21 @@ export async function handleClearAuthRequest(request, config) {
|
|
|
106
155
|
}
|
|
107
156
|
return response;
|
|
108
157
|
}
|
|
158
|
+
/**
|
|
159
|
+
* Check if the path is a JWT token management route
|
|
160
|
+
*
|
|
161
|
+
* JWT routes include:
|
|
162
|
+
* - POST `/auth/token` - Exchange credentials for JWT token pair
|
|
163
|
+
* - POST `/auth/refresh` - Rotate refresh token and get new access token
|
|
164
|
+
* - POST `/auth/revoke` - Revoke a refresh token
|
|
165
|
+
*
|
|
166
|
+
* @param pathname - URL pathname to check
|
|
167
|
+
* @returns True if the path is a JWT route
|
|
168
|
+
*/
|
|
169
|
+
const JWT_ROUTES = new Set(['/auth/token', '/auth/refresh', '/auth/revoke']);
|
|
170
|
+
function isJwtRoute(normalizedPath) {
|
|
171
|
+
return JWT_ROUTES.has(normalizedPath);
|
|
172
|
+
}
|
|
109
173
|
/**
|
|
110
174
|
* Check if the path is an OAuth route
|
|
111
175
|
*
|
|
@@ -122,8 +186,7 @@ export async function handleClearAuthRequest(request, config) {
|
|
|
122
186
|
* @param pathname - URL pathname to check
|
|
123
187
|
* @returns True if the path is an OAuth route
|
|
124
188
|
*/
|
|
125
|
-
function isOAuthRoute(
|
|
126
|
-
const normalizedPath = normalizeAuthPath(pathname);
|
|
189
|
+
function isOAuthRoute(normalizedPath) {
|
|
127
190
|
// OAuth-specific patterns
|
|
128
191
|
const oauthPatterns = [
|
|
129
192
|
/^\/auth\/oauth\/(github|google)$/, // /auth/oauth/github, /auth/oauth/google
|
|
@@ -146,8 +209,7 @@ function isOAuthRoute(pathname) {
|
|
|
146
209
|
* @param pathname - URL pathname to check
|
|
147
210
|
* @returns True if the path is a device auth route
|
|
148
211
|
*/
|
|
149
|
-
function isDeviceAuthRoute(
|
|
150
|
-
const normalizedPath = normalizeAuthPath(pathname);
|
|
212
|
+
function isDeviceAuthRoute(normalizedPath) {
|
|
151
213
|
// Device authentication patterns
|
|
152
214
|
const deviceAuthPatterns = [
|
|
153
215
|
/^\/auth\/challenge$/,
|
|
@@ -174,8 +236,7 @@ function isDeviceAuthRoute(pathname) {
|
|
|
174
236
|
* @param pathname - URL pathname to check
|
|
175
237
|
* @returns True if the path is an auth route
|
|
176
238
|
*/
|
|
177
|
-
function isAuthRoute(
|
|
178
|
-
const normalizedPath = normalizeAuthPath(pathname);
|
|
239
|
+
function isAuthRoute(normalizedPath) {
|
|
179
240
|
// Email/password auth patterns
|
|
180
241
|
const authPatterns = [
|
|
181
242
|
/^\/auth\/session$/,
|
|
@@ -232,6 +293,11 @@ export function getSupportedRoutes() {
|
|
|
232
293
|
{ method: 'GET', path: '/auth/device/list', description: 'List user\'s registered devices (future)' },
|
|
233
294
|
{ method: 'POST', path: '/auth/device/revoke', description: 'Revoke a device (future)' },
|
|
234
295
|
],
|
|
296
|
+
jwt: [
|
|
297
|
+
{ method: 'POST', path: '/auth/token', description: 'Exchange credentials for JWT token pair (requires jwt config)' },
|
|
298
|
+
{ method: 'POST', path: '/auth/refresh', description: 'Rotate refresh token and get new access token (requires jwt config)' },
|
|
299
|
+
{ method: 'POST', path: '/auth/revoke', description: 'Revoke a refresh token (requires jwt config)' },
|
|
300
|
+
],
|
|
235
301
|
};
|
|
236
302
|
}
|
|
237
303
|
/**
|
|
@@ -253,7 +319,7 @@ export function healthCheck() {
|
|
|
253
319
|
return new Response(JSON.stringify({
|
|
254
320
|
status: 'ok',
|
|
255
321
|
service: 'clearauth',
|
|
256
|
-
version: '0.
|
|
322
|
+
version: '0.7.0',
|
|
257
323
|
timestamp: new Date().toISOString(),
|
|
258
324
|
}), {
|
|
259
325
|
status: 200,
|
package/dist/handler.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"handler.js","sourceRoot":"","sources":["../src/handler.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAA;AACvD,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAA;AACrD,OAAO,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAA;
|
|
1
|
+
{"version":3,"file":"handler.js","sourceRoot":"","sources":["../src/handler.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAA;AACvD,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAA;AACrD,OAAO,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAA;AACnE,OAAO,EAAE,kBAAkB,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAA;AAEjG,OAAO,EAAE,0BAA0B,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAA;AAC5E,OAAO,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAA;AAClE,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAElE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+CG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,OAAgB,EAChB,MAAuB;IAEvB,iCAAiC;IACjC,IAAI,OAAO,CAAC,MAAM,KAAK,SAAS,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;QAChD,OAAO,0BAA0B,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,CAAA;IACzD,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;IAChC,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAA;IAC7B,MAAM,cAAc,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAA;IAElD,IAAI,QAAkB,CAAA;IAEtB,+CAA+C;IAC/C,IAAI,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;QAC/B,IAAI,OAAO,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YAC9B,QAAQ,GAAG,IAAI,QAAQ,CACrB,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,OAAO,EAAE,6BAA6B,EAAE,CAAC,EACvF,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE,CAClF,CAAA;QACH,CAAC;aAAM,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;YACvB,QAAQ,GAAG,IAAI,QAAQ,CACrB,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,CAAC,EAC/C;gBACE,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;aAChD,CACF,CAAA;QACH,CAAC;aAAM,CAAC;YACN,IAAI,cAAc,KAAK,aAAa,EAAE,CAAC;gBACrC,kFAAkF;gBAClF,MAAM,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAA;gBACxD,MAAM,OAAO,GAAG,YAAY,CAAC,YAAY,CAAC,CAAA;gBAC1C,MAAM,UAAU,GAAG,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,IAAI,SAAS,CAAA;gBAC5D,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAA;gBACrC,IAAI,CAAC,SAAS,EAAE,CAAC;oBACf,QAAQ,GAAG,IAAI,QAAQ,CACrB,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC,EAC5E,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,EAAE,CACjE,CAAA;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,WAAW,GAAG,MAAM,eAAe,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC,CAAA;oBACpF,IAAI,CAAC,WAAW,EAAE,CAAC;wBACjB,QAAQ,GAAG,IAAI,QAAQ,CACrB,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE,4BAA4B,EAAE,CAAC,EAChF,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,EAAE,CACjE,CAAA;oBACH,CAAC;yBAAM,CAAC;wBACN,6FAA6F;wBAC7F,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,WAAW,CAAC,EAAE,EAAE,KAAK,EAAE,WAAW,CAAC,KAAK,EAAE,cAAc,EAAE,WAAW,CAAC,cAAc,EAAE,CAAC,CAAA;wBAClI,MAAM,aAAa,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE;4BAC7C,MAAM,EAAE,MAAM;4BACd,OAAO,EAAE,OAAO,CAAC,OAAO;4BACxB,IAAI,EAAE,SAAS;yBAChB,CAAC,CAAA;wBACF,QAAQ,GAAG,MAAM,kBAAkB,CAAC,aAAa,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,CAAA;oBACjF,CAAC;gBACH,CAAC;YACH,CAAC;iBAAM,IAAI,cAAc,KAAK,eAAe,EAAE,CAAC;gBAC9C,QAAQ,GAAG,MAAM,oBAAoB,CAAC,OAAO,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,CAAA;YAC7E,CAAC;iBAAM,CAAC;gBACN,gFAAgF;gBAChF,QAAQ,GAAG,MAAM,mBAAmB,CAAC,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAA;YAChE,CAAC;QACH,CAAC;IACH,CAAC;SAAM,IAAI,iBAAiB,CAAC,cAAc,CAAC,EAAE,CAAC;QAC7C,uEAAuE;QACvE,MAAM,kBAAkB,GAAG,MAAM,uBAAuB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QACzE,IAAI,kBAAkB,EAAE,CAAC;YACvB,QAAQ,GAAG,kBAAkB,CAAA;QAC/B,CAAC;aAAM,CAAC;YACN,8EAA8E;YAC9E,QAAQ,GAAG,IAAI,QAAQ,CACrB,IAAI,CAAC,SAAS,CAAC;gBACb,KAAK,EAAE,WAAW;gBAClB,OAAO,EAAE,0CAA0C,QAAQ,EAAE;aAC9D,CAAC,EACF;gBACE,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;aAChD,CACF,CAAA;QACH,CAAC;IACH,CAAC;SAAM,IAAI,YAAY,CAAC,cAAc,CAAC,EAAE,CAAC;QACxC,QAAQ,GAAG,MAAM,kBAAkB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;IACtD,CAAC;SAAM,IAAI,WAAW,CAAC,cAAc,CAAC,EAAE,CAAC;QACvC,QAAQ,GAAG,MAAM,iBAAiB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;IACrD,CAAC;SAAM,CAAC;QACN,QAAQ,GAAG,IAAI,QAAQ,CACrB,IAAI,CAAC,SAAS,CAAC;YACb,KAAK,EAAE,WAAW;YAClB,OAAO,EAAE,mCAAmC,QAAQ,EAAE;SACvD,CAAC,EACF;YACE,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;SAChD,CACF,CAAA;IACH,CAAC;IAED,6CAA6C;IAC7C,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;QAChB,QAAQ,GAAG,cAAc,CAAC,QAAQ,EAAE,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,CAAA;IAC3D,CAAC;IAED,OAAO,QAAQ,CAAA;AACjB,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,CAAC,aAAa,EAAE,eAAe,EAAE,cAAc,CAAC,CAAC,CAAA;AAE5E,SAAS,UAAU,CAAC,cAAsB;IACxC,OAAO,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,CAAA;AACvC,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,SAAS,YAAY,CAAC,cAAsB;IAC1C,0BAA0B;IAC1B,MAAM,aAAa,GAAG;QACpB,kCAAkC,EAAY,yCAAyC;QACvF,kCAAkC,EAAY,yCAAyC;QACvF,qCAAqC,EAAS,+CAA+C;QAC7F,qCAAqC,EAAS,+CAA+C;KAC9F,CAAA;IAED,OAAO,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAA;AACpE,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,SAAS,iBAAiB,CAAC,cAAsB;IAC/C,iCAAiC;IACjC,MAAM,kBAAkB,GAAG;QACzB,qBAAqB;QACrB,4BAA4B;QAC5B,gCAAgC;QAChC,wBAAwB;QACxB,0BAA0B;KAC3B,CAAA;IAED,OAAO,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAA;AACzE,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,SAAS,WAAW,CAAC,cAAsB;IACzC,+BAA+B;IAC/B,MAAM,YAAY,GAAG;QACnB,mBAAmB;QACnB,oBAAoB;QACpB,wBAAwB;QACxB,+BAA+B;QAC/B,iBAAiB;QACjB,kBAAkB;QAClB,yBAAyB;QACzB,0BAA0B;KAC3B,CAAA;IAED,OAAO,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAA;AACnE,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,kBAAkB;IAChC,OAAO;QACL,KAAK,EAAE;YACL,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,oBAAoB,EAAE,WAAW,EAAE,4BAA4B,EAAE;YACxF,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,oBAAoB,EAAE,WAAW,EAAE,0CAA0C,EAAE;YACtG,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,uBAAuB,EAAE,WAAW,EAAE,uBAAuB,EAAE;YACtF,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,uBAAuB,EAAE,WAAW,EAAE,qCAAqC,EAAE;YACpG,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,oBAAoB,EAAE,WAAW,EAAE,4BAA4B,EAAE;YACxF,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,oBAAoB,EAAE,WAAW,EAAE,0CAA0C,EAAE;YACtG,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,uBAAuB,EAAE,WAAW,EAAE,uBAAuB,EAAE;YACtF,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,uBAAuB,EAAE,WAAW,EAAE,qCAAqC,EAAE;SACrG;QACD,IAAI,EAAE;YACJ,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,eAAe,EAAE,WAAW,EAAE,wCAAwC,EAAE;YAC/F,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,gBAAgB,EAAE,WAAW,EAAE,2CAA2C,EAAE;YACpG,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,oBAAoB,EAAE,WAAW,EAAE,yBAAyB,EAAE;YACtF,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,2BAA2B,EAAE,WAAW,EAAE,iCAAiC,EAAE;YACrG,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,oCAAoC,EAAE;YAC1F,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,cAAc,EAAE,WAAW,EAAE,8BAA8B,EAAE;YACrF,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,qBAAqB,EAAE,WAAW,EAAE,8BAA8B,EAAE;YAC5F,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,sBAAsB,EAAE,WAAW,EAAE,2BAA2B,EAAE;SAC3F;QACD,UAAU,EAAE;YACV,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,iBAAiB,EAAE,WAAW,EAAE,8CAA8C,EAAE;YACxG,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,uBAAuB,EAAE,WAAW,EAAE,uEAAuE,EAAE;YACvI,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,2BAA2B,EAAE,WAAW,EAAE,gDAAgD,EAAE;YACpH,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,mBAAmB,EAAE,WAAW,EAAE,0CAA0C,EAAE;YACrG,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,qBAAqB,EAAE,WAAW,EAAE,0BAA0B,EAAE;SACzF;QACD,GAAG,EAAE;YACH,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,+DAA+D,EAAE;YACrH,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,eAAe,EAAE,WAAW,EAAE,qEAAqE,EAAE;YAC7H,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,cAAc,EAAE,WAAW,EAAE,8CAA8C,EAAE;SACtG;KACF,CAAA;AACH,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,WAAW;IACzB,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;QACb,MAAM,EAAE,IAAI;QACZ,OAAO,EAAE,WAAW;QACpB,OAAO,EAAE,OAAO;QAChB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC,EACF;QACE,MAAM,EAAE,GAAG;QACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;KAChD,CACF,CAAA;AACH,CAAC"}
|
package/dist/jwt/handlers.d.ts
CHANGED
|
@@ -18,6 +18,12 @@ import type { JwtConfig } from './types.js';
|
|
|
18
18
|
* The access token is stateless and expires quickly (default 15 min).
|
|
19
19
|
* The refresh token is stored in the database and can be used to get new access tokens.
|
|
20
20
|
*
|
|
21
|
+
* **Auth gate**: This function has NO built-in authentication check. It issues a
|
|
22
|
+
* signed JWT for whatever `userId`/`email` is in the request body. Authentication
|
|
23
|
+
* is enforced at the routing layer by `handleClearAuthRequest` (session cookie
|
|
24
|
+
* validation). If you call this function directly — bypassing the unified handler —
|
|
25
|
+
* you MUST verify the caller's identity yourself before invoking it.
|
|
26
|
+
*
|
|
21
27
|
* @param request - HTTP request
|
|
22
28
|
* @param db - Kysely database instance
|
|
23
29
|
* @param jwtConfig - JWT configuration
|
|
@@ -145,6 +151,7 @@ export declare function parseBearerToken(request: Request): string | null;
|
|
|
145
151
|
export declare function validateBearerToken(request: Request, jwtConfig: JwtConfig): Promise<{
|
|
146
152
|
sub: string;
|
|
147
153
|
email: string;
|
|
154
|
+
email_verified?: boolean;
|
|
148
155
|
iat: number;
|
|
149
156
|
exp: number;
|
|
150
157
|
deviceId?: string;
|
package/dist/jwt/handlers.js
CHANGED
|
@@ -40,6 +40,12 @@ async function parseJsonBody(request) {
|
|
|
40
40
|
* The access token is stateless and expires quickly (default 15 min).
|
|
41
41
|
* The refresh token is stored in the database and can be used to get new access tokens.
|
|
42
42
|
*
|
|
43
|
+
* **Auth gate**: This function has NO built-in authentication check. It issues a
|
|
44
|
+
* signed JWT for whatever `userId`/`email` is in the request body. Authentication
|
|
45
|
+
* is enforced at the routing layer by `handleClearAuthRequest` (session cookie
|
|
46
|
+
* validation). If you call this function directly — bypassing the unified handler —
|
|
47
|
+
* you MUST verify the caller's identity yourself before invoking it.
|
|
48
|
+
*
|
|
43
49
|
* @param request - HTTP request
|
|
44
50
|
* @param db - Kysely database instance
|
|
45
51
|
* @param jwtConfig - JWT configuration
|
|
@@ -80,7 +86,7 @@ export async function handleTokenRequest(request, db, jwtConfig) {
|
|
|
80
86
|
});
|
|
81
87
|
}
|
|
82
88
|
// Create access token (JWT)
|
|
83
|
-
const accessToken = await createAccessToken({ sub: body.userId, email: body.email, deviceId: body.deviceId }, jwtConfig);
|
|
89
|
+
const accessToken = await createAccessToken({ sub: body.userId, email: body.email, email_verified: body.email_verified, deviceId: body.deviceId }, jwtConfig);
|
|
84
90
|
// Create refresh token
|
|
85
91
|
const refreshTokenTTL = jwtConfig.refreshTokenTTL ?? DEFAULT_REFRESH_TOKEN_TTL;
|
|
86
92
|
const refreshTokenExpiresAt = new Date(Date.now() + refreshTokenTTL * 1000);
|
|
@@ -189,7 +195,7 @@ export async function handleRefreshRequest(request, db, jwtConfig) {
|
|
|
189
195
|
});
|
|
190
196
|
}
|
|
191
197
|
// Create new access token
|
|
192
|
-
const accessToken = await createAccessToken({ sub: user.id, email: user.email }, jwtConfig);
|
|
198
|
+
const accessToken = await createAccessToken({ sub: user.id, email: user.email, email_verified: user.email_verified }, jwtConfig);
|
|
193
199
|
// Rotate refresh token (create new, revoke old)
|
|
194
200
|
const refreshTokenTTL = jwtConfig.refreshTokenTTL ?? DEFAULT_REFRESH_TOKEN_TTL;
|
|
195
201
|
const newRefreshTokenExpiresAt = new Date(Date.now() + refreshTokenTTL * 1000);
|
|
@@ -354,6 +360,7 @@ export async function validateBearerToken(request, jwtConfig) {
|
|
|
354
360
|
return {
|
|
355
361
|
sub: payload.sub,
|
|
356
362
|
email: payload.email,
|
|
363
|
+
email_verified: payload.email_verified,
|
|
357
364
|
iat: payload.iat,
|
|
358
365
|
exp: payload.exp,
|
|
359
366
|
deviceId: payload.deviceId,
|
package/dist/jwt/handlers.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"handlers.js","sourceRoot":"","sources":["../../src/jwt/handlers.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAKH,OAAO,EAAE,yBAAyB,EAAE,MAAM,YAAY,CAAA;AACtD,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAClE,OAAO,EACL,kBAAkB,EAClB,eAAe,EACf,kBAAkB,EAClB,kBAAkB,GAEnB,MAAM,qBAAqB,CAAA;AAE5B;;;;;;GAMG;AACH,KAAK,UAAU,aAAa,CAAU,OAAgB;IACpD,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAA;IAC3D,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,CAAA;IAEjC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAA;IAC1C,CAAC;IAED,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACzB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAA;IACjD,CAAC;AACH,CAAC;
|
|
1
|
+
{"version":3,"file":"handlers.js","sourceRoot":"","sources":["../../src/jwt/handlers.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAKH,OAAO,EAAE,yBAAyB,EAAE,MAAM,YAAY,CAAA;AACtD,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAClE,OAAO,EACL,kBAAkB,EAClB,eAAe,EACf,kBAAkB,EAClB,kBAAkB,GAEnB,MAAM,qBAAqB,CAAA;AAE5B;;;;;;GAMG;AACH,KAAK,UAAU,aAAa,CAAU,OAAgB;IACpD,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAA;IAC3D,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,CAAA;IAEjC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAA;IAC1C,CAAC;IAED,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACzB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAA;IACjD,CAAC;AACH,CAAC;AA0FD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,OAAgB,EAChB,EAAoB,EACpB,SAAoB;IAEpB,IAAI,CAAC;QACH,qBAAqB;QACrB,MAAM,IAAI,GAAG,MAAM,aAAa,CAAe,OAAO,CAAC,CAAA;QAEvD,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;YAChC,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;gBACb,KAAK,EAAE,iBAAiB;gBACxB,OAAO,EAAE,wCAAwC;aAC1B,CAAC,EAC1B;gBACE,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;aAChD,CACF,CAAA;QACH,CAAC;QAED,4BAA4B;QAC5B,MAAM,WAAW,GAAG,MAAM,iBAAiB,CACzC,EAAE,GAAG,EAAE,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,cAAc,EAAE,IAAI,CAAC,cAAc,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,EACrG,SAAS,CACV,CAAA;QAED,uBAAuB;QACvB,MAAM,eAAe,GAAG,SAAS,CAAC,eAAe,IAAI,yBAAyB,CAAA;QAC9E,MAAM,qBAAqB,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,eAAe,GAAG,IAAI,CAAC,CAAA;QAC3E,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,kBAAkB,EAAE,GAAG,MAAM,kBAAkB,CAClF,EAAE,EACF,IAAI,CAAC,MAAM,EACX,qBAAqB,EACrB,IAAI,CAAC,UAAU,IAAI,IAAI,CACxB,CAAA;QAED,MAAM,QAAQ,GAAkB;YAC9B,WAAW;YACX,YAAY;YACZ,SAAS,EAAE,QAAQ;YACnB,SAAS,EAAE,SAAS,CAAC,cAAc,IAAI,GAAG;YAC1C,cAAc,EAAE,kBAAkB,CAAC,EAAE;SACtC,CAAA;QAED,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE;YAC5C,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;SAChD,CAAC,CAAA;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;YACb,KAAK,EAAE,cAAc;YACrB,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;SAC1C,CAAC,EAC1B;YACE,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;SAChD,CACF,CAAA;IACH,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,OAAgB,EAChB,EAAoB,EACpB,SAAoB;IAEpB,IAAI,CAAC;QACH,qBAAqB;QACrB,MAAM,IAAI,GAAG,MAAM,aAAa,CAAiB,OAAO,CAAC,CAAA;QAEzD,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;gBACb,KAAK,EAAE,iBAAiB;gBACxB,OAAO,EAAE,sCAAsC;aACxB,CAAC,EAC1B;gBACE,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;aAChD,CACF,CAAA;QACH,CAAC;QAED,kCAAkC;QAClC,MAAM,kBAAkB,GAAG,MAAM,eAAe,CAAC,EAAE,EAAE,IAAI,CAAC,YAAY,CAAC,CAAA;QAEvE,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACxB,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;gBACb,KAAK,EAAE,eAAe;gBACtB,OAAO,EAAE,kCAAkC;aACpB,CAAC,EAC1B;gBACE,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;aAChD,CACF,CAAA;QACH,CAAC;QAED,uCAAuC;QACvC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;QACtB,IAAI,kBAAkB,CAAC,UAAU,IAAI,GAAG,IAAI,kBAAkB,CAAC,UAAU,KAAK,IAAI,EAAE,CAAC;YACnF,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;gBACb,KAAK,EAAE,eAAe;gBACtB,OAAO,EAAE,2CAA2C;aAC7B,CAAC,EAC1B;gBACE,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;aAChD,CACF,CAAA;QACH,CAAC;QAED,6DAA6D;QAC7D,MAAM,IAAI,GAAG,MAAM,EAAE;aAClB,UAAU,CAAC,OAAO,CAAC;aACnB,SAAS,EAAE;aACX,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,kBAAkB,CAAC,OAAO,CAAC;aAC5C,gBAAgB,EAAE,CAAA;QAErB,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;gBACb,KAAK,EAAE,eAAe;gBACtB,OAAO,EAAE,gBAAgB;aACF,CAAC,EAC1B;gBACE,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;aAChD,CACF,CAAA;QACH,CAAC;QAED,0BAA0B;QAC1B,MAAM,WAAW,GAAG,MAAM,iBAAiB,CACzC,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,cAAc,EAAE,IAAI,CAAC,cAAc,EAAE,EACxE,SAAS,CACV,CAAA;QAED,gDAAgD;QAChD,MAAM,eAAe,GAAG,SAAS,CAAC,eAAe,IAAI,yBAAyB,CAAA;QAC9E,MAAM,wBAAwB,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,eAAe,GAAG,IAAI,CAAC,CAAA;QAC9E,MAAM,YAAY,GAAG,MAAM,kBAAkB,CAC3C,EAAE,EACF,IAAI,CAAC,YAAY,EACjB,wBAAwB,CACzB,CAAA;QAED,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;gBACb,KAAK,EAAE,eAAe;gBACtB,OAAO,EAAE,gCAAgC;aAClB,CAAC,EAC1B;gBACE,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;aAChD,CACF,CAAA;QACH,CAAC;QAED,MAAM,QAAQ,GAAkB;YAC9B,WAAW;YACX,YAAY,EAAE,YAAY,CAAC,KAAK;YAChC,SAAS,EAAE,QAAQ;YACnB,SAAS,EAAE,SAAS,CAAC,cAAc,IAAI,GAAG;YAC1C,cAAc,EAAE,YAAY,CAAC,MAAM,CAAC,EAAE;SACvC,CAAA;QAED,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE;YAC5C,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;SAChD,CAAC,CAAA;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;YACb,KAAK,EAAE,cAAc;YACrB,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;SAC1C,CAAC,EAC1B;YACE,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;SAChD,CACF,CAAA;IACH,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,OAAgB,EAChB,EAAoB;IAEpB,IAAI,CAAC;QACH,qBAAqB;QACrB,MAAM,IAAI,GAAG,MAAM,aAAa,CAAgB,OAAO,CAAC,CAAA;QAExD,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;gBACb,KAAK,EAAE,iBAAiB;gBACxB,OAAO,EAAE,sCAAsC;aACxB,CAAC,EAC1B;gBACE,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;aAChD,CACF,CAAA;QACH,CAAC;QAED,kCAAkC;QAClC,MAAM,kBAAkB,GAAG,MAAM,eAAe,CAAC,EAAE,EAAE,IAAI,CAAC,YAAY,CAAC,CAAA;QAEvE,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACxB,0DAA0D;YAC1D,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;gBACb,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,oCAAoC;aAC9C,CAAC,EACF;gBACE,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;aAChD,CACF,CAAA;QACH,CAAC;QAED,mBAAmB;QACnB,MAAM,kBAAkB,CAAC,EAAE,EAAE,kBAAkB,CAAC,EAAE,CAAC,CAAA;QAEnD,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;YACb,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,oCAAoC;SAC9C,CAAC,EACF;YACE,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;SAChD,CACF,CAAA;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;YACb,KAAK,EAAE,cAAc;YACrB,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;SAC1C,CAAC,EAC1B;YACE,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;SAChD,CACF,CAAA;IACH,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAAgB;IAC/C,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAA;IACvD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,IAAI,CAAA;IACb,CAAC;IAED,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACnC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;QAChD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,OAAO,KAAK,CAAC,CAAC,CAAC,CAAA;AACjB,CAAC;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,OAAgB,EAChB,SAAoB;IAEpB,MAAM,KAAK,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAA;IACvC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,IAAI,CAAA;IACb,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,iBAAiB,CAAC,KAAK,EAAE,SAAS,CAAC,CAAA;QACzD,OAAO;YACL,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,cAAc,EAAE,OAAO,CAAC,cAAc;YACtC,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,QAAQ,EAAE,OAAO,CAAC,QAAQ;SAC3B,CAAA;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,+DAA+D;QAC/D,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Shared JWT token pair issuance helper
|
|
3
|
+
*
|
|
4
|
+
* Used by both the email/password handler and the OAuth handler to issue a
|
|
5
|
+
* JWT access + refresh token pair after successful authentication.
|
|
6
|
+
*/
|
|
7
|
+
import type { Kysely } from 'kysely';
|
|
8
|
+
import type { Database } from '../database/schema.js';
|
|
9
|
+
import type { JwtConfig } from './types.js';
|
|
10
|
+
export interface TokenPairResult {
|
|
11
|
+
accessToken: string;
|
|
12
|
+
refreshToken: string;
|
|
13
|
+
tokenType: 'Bearer';
|
|
14
|
+
expiresIn: number;
|
|
15
|
+
refreshTokenExpiresIn: number;
|
|
16
|
+
refreshTokenId: string;
|
|
17
|
+
}
|
|
18
|
+
/**
|
|
19
|
+
* Issue a JWT access + refresh token pair for an authenticated user.
|
|
20
|
+
*
|
|
21
|
+
* @param db - Kysely database instance
|
|
22
|
+
* @param user - Authenticated user (id, email, email_verified)
|
|
23
|
+
* @param jwtConfig - JWT configuration
|
|
24
|
+
* @returns Token pair ready to include in a response
|
|
25
|
+
*/
|
|
26
|
+
export declare function issueTokenPair(db: Kysely<Database>, user: {
|
|
27
|
+
id: string;
|
|
28
|
+
email: string;
|
|
29
|
+
email_verified: boolean;
|
|
30
|
+
}, jwtConfig: JwtConfig): Promise<TokenPairResult>;
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Shared JWT token pair issuance helper
|
|
3
|
+
*
|
|
4
|
+
* Used by both the email/password handler and the OAuth handler to issue a
|
|
5
|
+
* JWT access + refresh token pair after successful authentication.
|
|
6
|
+
*/
|
|
7
|
+
import { DEFAULT_REFRESH_TOKEN_TTL } from './types.js';
|
|
8
|
+
import { createAccessToken } from './signer.js';
|
|
9
|
+
import { createRefreshToken } from './refresh-tokens.js';
|
|
10
|
+
/**
|
|
11
|
+
* Issue a JWT access + refresh token pair for an authenticated user.
|
|
12
|
+
*
|
|
13
|
+
* @param db - Kysely database instance
|
|
14
|
+
* @param user - Authenticated user (id, email, email_verified)
|
|
15
|
+
* @param jwtConfig - JWT configuration
|
|
16
|
+
* @returns Token pair ready to include in a response
|
|
17
|
+
*/
|
|
18
|
+
export async function issueTokenPair(db, user, jwtConfig) {
|
|
19
|
+
const accessToken = await createAccessToken({ sub: user.id, email: user.email, email_verified: user.email_verified }, jwtConfig);
|
|
20
|
+
const refreshTokenTTL = jwtConfig.refreshTokenTTL ?? DEFAULT_REFRESH_TOKEN_TTL;
|
|
21
|
+
const refreshTokenExpiresAt = new Date(Date.now() + refreshTokenTTL * 1000);
|
|
22
|
+
const { token: refreshToken, record } = await createRefreshToken(db, user.id, refreshTokenExpiresAt, null);
|
|
23
|
+
return {
|
|
24
|
+
accessToken,
|
|
25
|
+
refreshToken,
|
|
26
|
+
tokenType: 'Bearer',
|
|
27
|
+
expiresIn: jwtConfig.accessTokenTTL ?? 900,
|
|
28
|
+
refreshTokenExpiresIn: refreshTokenTTL,
|
|
29
|
+
refreshTokenId: record.id,
|
|
30
|
+
};
|
|
31
|
+
}
|
|
32
|
+
//# sourceMappingURL=issue-token-pair.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"issue-token-pair.js","sourceRoot":"","sources":["../../src/jwt/issue-token-pair.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAKH,OAAO,EAAE,yBAAyB,EAAE,MAAM,YAAY,CAAA;AACtD,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAC/C,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAA;AAWxD;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,EAAoB,EACpB,IAA4D,EAC5D,SAAoB;IAEpB,MAAM,WAAW,GAAG,MAAM,iBAAiB,CACzC,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,cAAc,EAAE,IAAI,CAAC,cAAc,EAAE,EACxE,SAAS,CACV,CAAA;IACD,MAAM,eAAe,GAAG,SAAS,CAAC,eAAe,IAAI,yBAAyB,CAAA;IAC9E,MAAM,qBAAqB,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,eAAe,GAAG,IAAI,CAAC,CAAA;IAC3E,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,GAAG,MAAM,kBAAkB,CAC9D,EAAE,EACF,IAAI,CAAC,EAAE,EACP,qBAAqB,EACrB,IAAI,CACL,CAAA;IACD,OAAO;QACL,WAAW;QACX,YAAY;QACZ,SAAS,EAAE,QAAQ;QACnB,SAAS,EAAE,SAAS,CAAC,cAAc,IAAI,GAAG;QAC1C,qBAAqB,EAAE,eAAe;QACtC,cAAc,EAAE,MAAM,CAAC,EAAE;KAC1B,CAAA;AACH,CAAC"}
|
|
@@ -171,6 +171,17 @@ export declare function rotateRefreshToken(db: Kysely<Database>, oldToken: strin
|
|
|
171
171
|
* ```
|
|
172
172
|
*/
|
|
173
173
|
export declare function revokeRefreshToken(db: Kysely<Database>, tokenId: string): Promise<RefreshToken>;
|
|
174
|
+
/**
|
|
175
|
+
* Revoke a refresh token by its raw value (idempotent logout helper)
|
|
176
|
+
*
|
|
177
|
+
* Hashes the token and issues a single UPDATE WHERE token_hash = ? AND revoked_at IS NULL.
|
|
178
|
+
* No-ops if the token is already revoked or does not exist — safe for logout paths
|
|
179
|
+
* where the caller does not need to know whether revocation actually occurred.
|
|
180
|
+
*
|
|
181
|
+
* @param db - Kysely database instance
|
|
182
|
+
* @param tokenValue - Raw (unhashed) refresh token value
|
|
183
|
+
*/
|
|
184
|
+
export declare function revokeRefreshTokenByValue(db: Kysely<Database>, tokenValue: string): Promise<void>;
|
|
174
185
|
/**
|
|
175
186
|
* Revoke all refresh tokens for a user
|
|
176
187
|
*
|
|
@@ -252,6 +252,25 @@ export async function revokeRefreshToken(db, tokenId) {
|
|
|
252
252
|
.executeTakeFirstOrThrow();
|
|
253
253
|
return record;
|
|
254
254
|
}
|
|
255
|
+
/**
|
|
256
|
+
* Revoke a refresh token by its raw value (idempotent logout helper)
|
|
257
|
+
*
|
|
258
|
+
* Hashes the token and issues a single UPDATE WHERE token_hash = ? AND revoked_at IS NULL.
|
|
259
|
+
* No-ops if the token is already revoked or does not exist — safe for logout paths
|
|
260
|
+
* where the caller does not need to know whether revocation actually occurred.
|
|
261
|
+
*
|
|
262
|
+
* @param db - Kysely database instance
|
|
263
|
+
* @param tokenValue - Raw (unhashed) refresh token value
|
|
264
|
+
*/
|
|
265
|
+
export async function revokeRefreshTokenByValue(db, tokenValue) {
|
|
266
|
+
const hash = await hashRefreshToken(tokenValue);
|
|
267
|
+
await db
|
|
268
|
+
.updateTable('refresh_tokens')
|
|
269
|
+
.set({ revoked_at: new Date() })
|
|
270
|
+
.where('token_hash', '=', hash)
|
|
271
|
+
.where('revoked_at', 'is', null)
|
|
272
|
+
.execute();
|
|
273
|
+
}
|
|
255
274
|
/**
|
|
256
275
|
* Revoke all refresh tokens for a user
|
|
257
276
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"refresh-tokens.js","sourceRoot":"","sources":["../../src/jwt/refresh-tokens.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAKH;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,KAAa;IAClD,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAA;IACjC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IAClC,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAA;IAC9D,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC,CAAA;IACxD,MAAM,OAAO,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IAC9E,OAAO,OAAO,CAAA;AAChB,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,oBAAoB;IAClC,iCAAiC;IACjC,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAA;IACjC,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,CAAA;IAE9B,8CAA8C;IAC9C,IAAI,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC,CAAC,CAAA;IACjD,OAAO,MAAM;SACV,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;AACtB,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,EAAoB,EACpB,MAAc,EACd,SAAe,EACf,OAAsB,IAAI;IAE1B,MAAM,KAAK,GAAG,oBAAoB,EAAE,CAAA;IACpC,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,KAAK,CAAC,CAAA;IAE/C,MAAM,MAAM,GAAG,MAAM,EAAE;SACpB,UAAU,CAAC,gBAAgB,CAAC;SAC5B,MAAM,CAAC;QACN,OAAO,EAAE,MAAM;QACf,UAAU,EAAE,SAAS;QACrB,IAAI;QACJ,UAAU,EAAE,SAAS;QACrB,UAAU,EAAE,IAAI;QAChB,YAAY,EAAE,IAAI;KACnB,CAAC;SACD,YAAY,EAAE;SACd,uBAAuB,EAAE,CAAA;IAE5B,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,CAAA;AAC1B,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,EAAoB,EACpB,KAAa;IAEb,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,KAAK,CAAC,CAAA;IAE/C,MAAM,MAAM,GAAG,MAAM,EAAE;SACpB,UAAU,CAAC,gBAAgB,CAAC;SAC5B,SAAS,EAAE;SACX,KAAK,CAAC,YAAY,EAAE,GAAG,EAAE,SAAS,CAAC;SACnC,gBAAgB,EAAE,CAAA;IAErB,OAAO,MAAM,IAAI,IAAI,CAAA;AACvB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,EAAoB,EACpB,EAAU;IAEV,MAAM,MAAM,GAAG,MAAM,EAAE;SACpB,UAAU,CAAC,gBAAgB,CAAC;SAC5B,SAAS,EAAE;SACX,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC;SACpB,gBAAgB,EAAE,CAAA;IAErB,OAAO,MAAM,IAAI,IAAI,CAAA;AACvB,CAAC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,EAAoB,EACpB,MAAc,EACd,iBAA0B,KAAK;IAE/B,IAAI,KAAK,GAAG,EAAE;SACX,UAAU,CAAC,gBAAgB,CAAC;SAC5B,SAAS,EAAE;SACX,KAAK,CAAC,SAAS,EAAE,GAAG,EAAE,MAAM,CAAC,CAAA;IAEhC,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,IAAI,EAAE,IAAI,CAAC,CAAA;IAC/C,CAAC;IAED,OAAO,MAAM,KAAK,CAAC,OAAO,EAAE,CAAA;AAC9B,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,EAAoB,EACpB,OAAe;IAEf,MAAM,MAAM,GAAG,MAAM,EAAE;SACpB,WAAW,CAAC,gBAAgB,CAAC;SAC7B,GAAG,CAAC,EAAE,YAAY,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC;SACjC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,OAAO,CAAC;SACzB,YAAY,EAAE;SACd,uBAAuB,EAAE,CAAA;IAE5B,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,EAAoB,EACpB,QAAgB,EAChB,SAAe;IAEf,uBAAuB;IACvB,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;IACrD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,IAAI,CAAA;IACb,CAAC;IAED,2DAA2D;IAC3D,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;IACtB,IAAI,SAAS,CAAC,UAAU,IAAI,GAAG,IAAI,SAAS,CAAC,UAAU,KAAK,IAAI,EAAE,CAAC;QACjE,OAAO,IAAI,CAAA;IACb,CAAC;IAED,2CAA2C;IAC3C,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,MAAM,kBAAkB,CAChD,EAAE,EACF,SAAS,CAAC,OAAO,EACjB,SAAS,EACT,SAAS,CAAC,IAAI,CACf,CAAA;IAED,mBAAmB;IACnB,MAAM,kBAAkB,CAAC,EAAE,EAAE,SAAS,CAAC,EAAE,CAAC,CAAA;IAE1C,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,CAAA;AAC1B,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,EAAoB,EACpB,OAAe;IAEf,MAAM,MAAM,GAAG,MAAM,EAAE;SACpB,WAAW,CAAC,gBAAgB,CAAC;SAC7B,GAAG,CAAC,EAAE,UAAU,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC;SAC/B,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,OAAO,CAAC;SACzB,YAAY,EAAE;SACd,uBAAuB,EAAE,CAAA;IAE5B,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,EAAoB,EACpB,MAAc;IAEd,MAAM,MAAM,GAAG,MAAM,EAAE;SACpB,WAAW,CAAC,gBAAgB,CAAC;SAC7B,GAAG,CAAC,EAAE,UAAU,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC;SAC/B,KAAK,CAAC,SAAS,EAAE,GAAG,EAAE,MAAM,CAAC;SAC7B,KAAK,CAAC,YAAY,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,4BAA4B;SAC5D,gBAAgB,EAAE,CAAA;IAErB,OAAO,MAAM,CAAC,MAAM,CAAC,cAAc,IAAI,CAAC,CAAC,CAAA;AAC3C,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,EAAoB,EACpB,OAAe;IAEf,MAAM,EAAE,CAAC,UAAU,CAAC,gBAAgB,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC,OAAO,EAAE,CAAA;AAC3E,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,EAAoB,EACpB,UAAkB,EAAE;IAEpB,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAA;IAEvE,MAAM,MAAM,GAAG,MAAM,EAAE;SACpB,UAAU,CAAC,gBAAgB,CAAC;SAC5B,KAAK,CAAC,YAAY,EAAE,GAAG,EAAE,UAAU,CAAC;SACpC,gBAAgB,EAAE,CAAA;IAErB,OAAO,MAAM,CAAC,MAAM,CAAC,cAAc,IAAI,CAAC,CAAC,CAAA;AAC3C,CAAC"}
|
|
1
|
+
{"version":3,"file":"refresh-tokens.js","sourceRoot":"","sources":["../../src/jwt/refresh-tokens.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAKH;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,KAAa;IAClD,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAA;IACjC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IAClC,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAA;IAC9D,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC,CAAA;IACxD,MAAM,OAAO,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IAC9E,OAAO,OAAO,CAAA;AAChB,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,oBAAoB;IAClC,iCAAiC;IACjC,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAA;IACjC,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,CAAA;IAE9B,8CAA8C;IAC9C,IAAI,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC,CAAC,CAAA;IACjD,OAAO,MAAM;SACV,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;AACtB,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,EAAoB,EACpB,MAAc,EACd,SAAe,EACf,OAAsB,IAAI;IAE1B,MAAM,KAAK,GAAG,oBAAoB,EAAE,CAAA;IACpC,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,KAAK,CAAC,CAAA;IAE/C,MAAM,MAAM,GAAG,MAAM,EAAE;SACpB,UAAU,CAAC,gBAAgB,CAAC;SAC5B,MAAM,CAAC;QACN,OAAO,EAAE,MAAM;QACf,UAAU,EAAE,SAAS;QACrB,IAAI;QACJ,UAAU,EAAE,SAAS;QACrB,UAAU,EAAE,IAAI;QAChB,YAAY,EAAE,IAAI;KACnB,CAAC;SACD,YAAY,EAAE;SACd,uBAAuB,EAAE,CAAA;IAE5B,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,CAAA;AAC1B,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,EAAoB,EACpB,KAAa;IAEb,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,KAAK,CAAC,CAAA;IAE/C,MAAM,MAAM,GAAG,MAAM,EAAE;SACpB,UAAU,CAAC,gBAAgB,CAAC;SAC5B,SAAS,EAAE;SACX,KAAK,CAAC,YAAY,EAAE,GAAG,EAAE,SAAS,CAAC;SACnC,gBAAgB,EAAE,CAAA;IAErB,OAAO,MAAM,IAAI,IAAI,CAAA;AACvB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,EAAoB,EACpB,EAAU;IAEV,MAAM,MAAM,GAAG,MAAM,EAAE;SACpB,UAAU,CAAC,gBAAgB,CAAC;SAC5B,SAAS,EAAE;SACX,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC;SACpB,gBAAgB,EAAE,CAAA;IAErB,OAAO,MAAM,IAAI,IAAI,CAAA;AACvB,CAAC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,EAAoB,EACpB,MAAc,EACd,iBAA0B,KAAK;IAE/B,IAAI,KAAK,GAAG,EAAE;SACX,UAAU,CAAC,gBAAgB,CAAC;SAC5B,SAAS,EAAE;SACX,KAAK,CAAC,SAAS,EAAE,GAAG,EAAE,MAAM,CAAC,CAAA;IAEhC,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,IAAI,EAAE,IAAI,CAAC,CAAA;IAC/C,CAAC;IAED,OAAO,MAAM,KAAK,CAAC,OAAO,EAAE,CAAA;AAC9B,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,EAAoB,EACpB,OAAe;IAEf,MAAM,MAAM,GAAG,MAAM,EAAE;SACpB,WAAW,CAAC,gBAAgB,CAAC;SAC7B,GAAG,CAAC,EAAE,YAAY,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC;SACjC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,OAAO,CAAC;SACzB,YAAY,EAAE;SACd,uBAAuB,EAAE,CAAA;IAE5B,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,EAAoB,EACpB,QAAgB,EAChB,SAAe;IAEf,uBAAuB;IACvB,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;IACrD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,IAAI,CAAA;IACb,CAAC;IAED,2DAA2D;IAC3D,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;IACtB,IAAI,SAAS,CAAC,UAAU,IAAI,GAAG,IAAI,SAAS,CAAC,UAAU,KAAK,IAAI,EAAE,CAAC;QACjE,OAAO,IAAI,CAAA;IACb,CAAC;IAED,2CAA2C;IAC3C,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,MAAM,kBAAkB,CAChD,EAAE,EACF,SAAS,CAAC,OAAO,EACjB,SAAS,EACT,SAAS,CAAC,IAAI,CACf,CAAA;IAED,mBAAmB;IACnB,MAAM,kBAAkB,CAAC,EAAE,EAAE,SAAS,CAAC,EAAE,CAAC,CAAA;IAE1C,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,CAAA;AAC1B,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,EAAoB,EACpB,OAAe;IAEf,MAAM,MAAM,GAAG,MAAM,EAAE;SACpB,WAAW,CAAC,gBAAgB,CAAC;SAC7B,GAAG,CAAC,EAAE,UAAU,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC;SAC/B,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,OAAO,CAAC;SACzB,YAAY,EAAE;SACd,uBAAuB,EAAE,CAAA;IAE5B,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,EAAoB,EACpB,UAAkB;IAElB,MAAM,IAAI,GAAG,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAA;IAC/C,MAAM,EAAE;SACL,WAAW,CAAC,gBAAgB,CAAC;SAC7B,GAAG,CAAC,EAAE,UAAU,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC;SAC/B,KAAK,CAAC,YAAY,EAAE,GAAG,EAAE,IAAI,CAAC;SAC9B,KAAK,CAAC,YAAY,EAAE,IAAI,EAAE,IAAI,CAAC;SAC/B,OAAO,EAAE,CAAA;AACd,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,EAAoB,EACpB,MAAc;IAEd,MAAM,MAAM,GAAG,MAAM,EAAE;SACpB,WAAW,CAAC,gBAAgB,CAAC;SAC7B,GAAG,CAAC,EAAE,UAAU,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC;SAC/B,KAAK,CAAC,SAAS,EAAE,GAAG,EAAE,MAAM,CAAC;SAC7B,KAAK,CAAC,YAAY,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,4BAA4B;SAC5D,gBAAgB,EAAE,CAAA;IAErB,OAAO,MAAM,CAAC,MAAM,CAAC,cAAc,IAAI,CAAC,CAAC,CAAA;AAC3C,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,EAAoB,EACpB,OAAe;IAEf,MAAM,EAAE,CAAC,UAAU,CAAC,gBAAgB,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC,OAAO,EAAE,CAAA;AAC3E,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,EAAoB,EACpB,UAAkB,EAAE;IAEpB,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAA;IAEvE,MAAM,MAAM,GAAG,MAAM,EAAE;SACpB,UAAU,CAAC,gBAAgB,CAAC;SAC5B,KAAK,CAAC,YAAY,EAAE,GAAG,EAAE,UAAU,CAAC;SACpC,gBAAgB,EAAE,CAAA;IAErB,OAAO,MAAM,CAAC,MAAM,CAAC,cAAc,IAAI,CAAC,CAAC,CAAA;AAC3C,CAAC"}
|
package/dist/jwt/signer.d.ts
CHANGED
|
@@ -57,7 +57,7 @@ export declare function validateAlgorithm(algorithm?: string): void;
|
|
|
57
57
|
* )
|
|
58
58
|
* ```
|
|
59
59
|
*/
|
|
60
|
-
export declare function createAccessToken(payload: Pick<AccessTokenPayload, 'sub' | 'email' | 'deviceId'>, config: JwtConfig): Promise<string>;
|
|
60
|
+
export declare function createAccessToken(payload: Pick<AccessTokenPayload, 'sub' | 'email' | 'deviceId' | 'email_verified'>, config: JwtConfig): Promise<string>;
|
|
61
61
|
/**
|
|
62
62
|
* Verify and decode a JWT access token
|
|
63
63
|
*
|
package/dist/jwt/signer.js
CHANGED
|
@@ -98,11 +98,17 @@ export async function createAccessToken(payload, config) {
|
|
|
98
98
|
const privateKey = await importPrivateKey(config.privateKey);
|
|
99
99
|
// Build JWT with standard claims
|
|
100
100
|
const ttl = config.accessTokenTTL ?? DEFAULT_ACCESS_TOKEN_TTL;
|
|
101
|
-
const
|
|
101
|
+
const jwtClaims = {
|
|
102
102
|
sub: payload.sub,
|
|
103
103
|
email: payload.email,
|
|
104
|
-
|
|
105
|
-
|
|
104
|
+
};
|
|
105
|
+
if (payload.email_verified !== undefined) {
|
|
106
|
+
jwtClaims.email_verified = payload.email_verified;
|
|
107
|
+
}
|
|
108
|
+
if (payload.deviceId !== undefined) {
|
|
109
|
+
jwtClaims.deviceId = payload.deviceId;
|
|
110
|
+
}
|
|
111
|
+
const jwt = new SignJWT(jwtClaims)
|
|
106
112
|
.setProtectedHeader({ alg: 'ES256' })
|
|
107
113
|
.setIssuedAt()
|
|
108
114
|
.setExpirationTime(`${ttl}s`);
|
|
@@ -155,6 +161,7 @@ export async function verifyAccessToken(token, config) {
|
|
|
155
161
|
return {
|
|
156
162
|
sub: payload.sub,
|
|
157
163
|
email: payload.email,
|
|
164
|
+
email_verified: payload.email_verified,
|
|
158
165
|
deviceId: payload.deviceId,
|
|
159
166
|
iat: payload.iat,
|
|
160
167
|
exp: payload.exp,
|
package/dist/jwt/signer.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"signer.js","sourceRoot":"","sources":["../../src/jwt/signer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,UAAU,EAAmB,MAAM,MAAM,CAAA;AAEnF,OAAO,EAAE,wBAAwB,EAAE,MAAM,YAAY,CAAA;AAOrD;;GAEG;AACH,SAAS,eAAe,CAAC,GAAW;IAClC,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/B,OAAO,KAAK,CAAA;IACd,CAAC;IACD,IAAI,GAAG,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;QAC/B,OAAO,KAAK,CAAA;IACd,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAA;AAC3D,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,UAAkB;IACvD,MAAM,MAAM,GAAG,eAAe,CAAC,UAAU,CAAC,CAAA;IAE1C,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;QAClC,OAAO,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAClC,KAAK,EACL,GAAG,EACH,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,EACtC,KAAK,EACL,CAAC,MAAM,CAAC,CACT,CAAA;IACH,CAAC;IAED,aAAa;IACb,OAAO,MAAM,WAAW,CAAC,UAAU,EAAE,OAAO,CAAC,CAAA;AAC/C,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,SAAiB;IACrD,MAAM,MAAM,GAAG,eAAe,CAAC,SAAS,CAAC,CAAA;IAEzC,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACjC,OAAO,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAClC,KAAK,EACL,GAAG,EACH,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,EACtC,KAAK,EACL,CAAC,QAAQ,CAAC,CACX,CAAA;IACH,CAAC;IAED,aAAa;IACb,OAAO,MAAM,UAAU,CAAC,SAAS,EAAE,OAAO,CAAC,CAAA;AAC7C,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,SAAkB;IAClD,IAAI,SAAS,IAAI,SAAS,KAAK,OAAO,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CACb,sBAAsB,SAAS,4CAA4C;YAC3E,oEAAoE,CACrE,CAAA;IACH,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,
|
|
1
|
+
{"version":3,"file":"signer.js","sourceRoot":"","sources":["../../src/jwt/signer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,UAAU,EAAmB,MAAM,MAAM,CAAA;AAEnF,OAAO,EAAE,wBAAwB,EAAE,MAAM,YAAY,CAAA;AAOrD;;GAEG;AACH,SAAS,eAAe,CAAC,GAAW;IAClC,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/B,OAAO,KAAK,CAAA;IACd,CAAC;IACD,IAAI,GAAG,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;QAC/B,OAAO,KAAK,CAAA;IACd,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAA;AAC3D,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,UAAkB;IACvD,MAAM,MAAM,GAAG,eAAe,CAAC,UAAU,CAAC,CAAA;IAE1C,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;QAClC,OAAO,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAClC,KAAK,EACL,GAAG,EACH,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,EACtC,KAAK,EACL,CAAC,MAAM,CAAC,CACT,CAAA;IACH,CAAC;IAED,aAAa;IACb,OAAO,MAAM,WAAW,CAAC,UAAU,EAAE,OAAO,CAAC,CAAA;AAC/C,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,SAAiB;IACrD,MAAM,MAAM,GAAG,eAAe,CAAC,SAAS,CAAC,CAAA;IAEzC,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACjC,OAAO,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAClC,KAAK,EACL,GAAG,EACH,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,EACtC,KAAK,EACL,CAAC,QAAQ,CAAC,CACX,CAAA;IACH,CAAC;IAED,aAAa;IACb,OAAO,MAAM,UAAU,CAAC,SAAS,EAAE,OAAO,CAAC,CAAA;AAC7C,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,SAAkB;IAClD,IAAI,SAAS,IAAI,SAAS,KAAK,OAAO,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CACb,sBAAsB,SAAS,4CAA4C;YAC3E,oEAAoE,CACrE,CAAA;IACH,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,OAAkF,EAClF,MAAiB;IAEjB,yCAAyC;IACzC,iBAAiB,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;IAEnC,qBAAqB;IACrB,MAAM,UAAU,GAAG,MAAM,gBAAgB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAA;IAE5D,iCAAiC;IACjC,MAAM,GAAG,GAAG,MAAM,CAAC,cAAc,IAAI,wBAAwB,CAAA;IAC7D,MAAM,SAAS,GAA4B;QACzC,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,KAAK,EAAE,OAAO,CAAC,KAAK;KACrB,CAAA;IACD,IAAI,OAAO,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;QACzC,SAAS,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,CAAA;IACnD,CAAC;IACD,IAAI,OAAO,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QACnC,SAAS,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAA;IACvC,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,OAAO,CAAC,SAAS,CAAC;SAC/B,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;SACpC,WAAW,EAAE;SACb,iBAAiB,CAAC,GAAG,GAAG,GAAG,CAAC,CAAA;IAE/B,sBAAsB;IACtB,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QAClB,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;IAC9B,CAAC;IACD,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACpB,GAAG,CAAC,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAA;IAClC,CAAC;IAED,sBAAsB;IACtB,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;AACnC,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,KAAa,EACb,MAAiB;IAEjB,yCAAyC;IACzC,iBAAiB,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;IAEnC,oBAAoB;IACpB,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;IAEzD,+CAA+C;IAC/C,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,SAAS,EAAE;QACpD,UAAU,EAAE,CAAC,OAAO,CAAC,EAAE,oCAAoC;QAC3D,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ;KAC1B,CAAC,CAAA;IAEF,+BAA+B;IAC/B,OAAO;QACL,GAAG,EAAE,OAAO,CAAC,GAAa;QAC1B,KAAK,EAAE,OAAO,CAAC,KAAe;QAC9B,cAAc,EAAE,OAAO,CAAC,cAAqC;QAC7D,QAAQ,EAAE,OAAO,CAAC,QAA8B;QAChD,GAAG,EAAE,OAAO,CAAC,GAAa;QAC1B,GAAG,EAAE,OAAO,CAAC,GAAa;QAC1B,GAAG,EAAE,OAAO,CAAC,GAAyB;QACtC,GAAG,EAAE,OAAO,CAAC,GAAoC;KAClD,CAAA;AACH,CAAC"}
|
package/dist/jwt/types.d.ts
CHANGED
|
@@ -104,6 +104,13 @@ export interface AccessTokenPayload {
|
|
|
104
104
|
* Can be a single string or array of strings per JWT spec
|
|
105
105
|
*/
|
|
106
106
|
aud?: string | string[];
|
|
107
|
+
/**
|
|
108
|
+
* Whether the user's email address has been verified
|
|
109
|
+
*
|
|
110
|
+
* Included so consumers (e.g. CF Pages Functions) can gate access on email
|
|
111
|
+
* verification without a round-trip to the database.
|
|
112
|
+
*/
|
|
113
|
+
email_verified?: boolean;
|
|
107
114
|
/**
|
|
108
115
|
* Optional bound device identifier (if the app uses device-bound JWTs)
|
|
109
116
|
*/
|
package/dist/jwt/types.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/jwt/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/jwt/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAkIH;;GAEG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,GAAG,CAAA;AAE3C;;GAEG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG,OAAO,CAAA"}
|
package/dist/mech-sql-client.js
CHANGED
|
@@ -84,7 +84,9 @@ export class MechSqlClient {
|
|
|
84
84
|
}
|
|
85
85
|
}
|
|
86
86
|
async executeOnce(sql, params) {
|
|
87
|
-
|
|
87
|
+
// Strip "app_" prefix if present — URL path wants the raw UUID only
|
|
88
|
+
const pathAppId = this.appId.replace(/^app_/, "");
|
|
89
|
+
const url = `${this.baseUrl.replace(/\/$/, "")}/api/apps/${pathAppId}/postgresql/query`;
|
|
88
90
|
this.logger.debug("Executing SQL query", {
|
|
89
91
|
url,
|
|
90
92
|
paramCount: params.length,
|
|
@@ -97,8 +99,7 @@ export class MechSqlClient {
|
|
|
97
99
|
method: "POST",
|
|
98
100
|
headers: {
|
|
99
101
|
"Content-Type": "application/json",
|
|
100
|
-
"X-API-Key": this.apiKey
|
|
101
|
-
"X-App-ID": this.appId
|
|
102
|
+
"X-API-Key": this.apiKey
|
|
102
103
|
},
|
|
103
104
|
body: JSON.stringify({ sql, params }),
|
|
104
105
|
signal: controller.signal
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mech-sql-client.js","sourceRoot":"","sources":["../src/mech-sql-client.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EACrB,qBAAqB,EACrB,uBAAuB,GACxB,MAAM,aAAa,CAAA;AACpB,OAAO,EAAU,gBAAgB,EAAE,MAAM,aAAa,CAAA;AACtD,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AA+C9G;;;;;;;;GAQG;AACH,MAAM,OAAO,aAAa;IASxB,YAAY,MAA2B;QACrC,qCAAqC;QACrC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,6BAA6B,CAAA;QAC9D,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAA;QACzB,8EAA8E;QAC9E,mGAAmG;QACnG,4FAA4F;QAC5F,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,IAAI,CAAC,KAAK,CAAA;QACpD,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;QAEjD,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAA;QAC3B,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,KAAK,CAAA;QACtC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,gBAAgB,EAAE,CAAA;QACjD,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,CAAC,CAAA;QAExC,IAAI,WAAW,KAAK,IAAI,CAAC,WAAW,EAAE,CAAC;YACrC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sDAAsD,EAAE;gBACxE,QAAQ,EAAE,WAAW;gBACrB,SAAS,EAAE,IAAI,CAAC,WAAW;aAC5B,CAAC,CAAA;QACJ,CAAC;QAED,yBAAyB;QACzB,WAAW,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,CAAA;QACpC,gBAAgB,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;QACrC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;QACjC,gBAAgB,CAAC,IAAI,CAAC,WAAW,EAAE,aAAa,CAAC,CAAA;QACjD,YAAY,CAAC,IAAI,CAAC,WAAW,EAAE,aAAa,CAAC,CAAA;QAC7C,gBAAgB,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAA;QACvC,gBAAgB,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,CAAA;QACzC,aAAa,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,EAAE,CAAC,EAAE,YAAY,CAAC,CAAA;QAElD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,2BAA2B,EAAE;YAC7C,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,UAAU,EAAE,IAAI,CAAC,UAAU;SAC5B,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACH,KAAK,CAAC,OAAO,CAAc,GAAW,EAAE,SAA6B,EAAE;QACrE,OAAO,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,CAAC,CAAC,CAAA;IAC9C,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAC5B,GAAW,EACX,MAA0B,EAC1B,OAAe;QAEf,IAAI,CAAC;YACH,OAAO,MAAM,IAAI,CAAC,WAAW,CAAI,GAAG,EAAE,MAAM,CAAC,CAAA;QAC/C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,OAAO,GAAG,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC;gBACvD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,GAAG,GAAG,CAAA,CAAC,sBAAsB;gBAC/D,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,KAAK,eAAe,OAAO,GAAG,CAAC,IAAI,IAAI,CAAC,UAAU,GAAG,EAAE;oBACnG,KAAK,EAAG,GAAa,CAAC,OAAO;oBAC7B,OAAO;iBACR,CAAC,CAAA;gBACF,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAA;gBAC1D,OAAO,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,GAAG,CAAC,CAAC,CAAA;YACxD,CAAC;YACD,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,WAAW,CAAc,GAAW,EAAE,MAA0B;QAC5E,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,aAAa,
|
|
1
|
+
{"version":3,"file":"mech-sql-client.js","sourceRoot":"","sources":["../src/mech-sql-client.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EACrB,qBAAqB,EACrB,uBAAuB,GACxB,MAAM,aAAa,CAAA;AACpB,OAAO,EAAU,gBAAgB,EAAE,MAAM,aAAa,CAAA;AACtD,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AA+C9G;;;;;;;;GAQG;AACH,MAAM,OAAO,aAAa;IASxB,YAAY,MAA2B;QACrC,qCAAqC;QACrC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,6BAA6B,CAAA;QAC9D,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAA;QACzB,8EAA8E;QAC9E,mGAAmG;QACnG,4FAA4F;QAC5F,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,IAAI,CAAC,KAAK,CAAA;QACpD,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;QAEjD,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAA;QAC3B,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,KAAK,CAAA;QACtC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,gBAAgB,EAAE,CAAA;QACjD,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,CAAC,CAAA;QAExC,IAAI,WAAW,KAAK,IAAI,CAAC,WAAW,EAAE,CAAC;YACrC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sDAAsD,EAAE;gBACxE,QAAQ,EAAE,WAAW;gBACrB,SAAS,EAAE,IAAI,CAAC,WAAW;aAC5B,CAAC,CAAA;QACJ,CAAC;QAED,yBAAyB;QACzB,WAAW,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,CAAA;QACpC,gBAAgB,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;QACrC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;QACjC,gBAAgB,CAAC,IAAI,CAAC,WAAW,EAAE,aAAa,CAAC,CAAA;QACjD,YAAY,CAAC,IAAI,CAAC,WAAW,EAAE,aAAa,CAAC,CAAA;QAC7C,gBAAgB,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAA;QACvC,gBAAgB,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,CAAA;QACzC,aAAa,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,EAAE,CAAC,EAAE,YAAY,CAAC,CAAA;QAElD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,2BAA2B,EAAE;YAC7C,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,UAAU,EAAE,IAAI,CAAC,UAAU;SAC5B,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACH,KAAK,CAAC,OAAO,CAAc,GAAW,EAAE,SAA6B,EAAE;QACrE,OAAO,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,CAAC,CAAC,CAAA;IAC9C,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAC5B,GAAW,EACX,MAA0B,EAC1B,OAAe;QAEf,IAAI,CAAC;YACH,OAAO,MAAM,IAAI,CAAC,WAAW,CAAI,GAAG,EAAE,MAAM,CAAC,CAAA;QAC/C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,OAAO,GAAG,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC;gBACvD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,GAAG,GAAG,CAAA,CAAC,sBAAsB;gBAC/D,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,KAAK,eAAe,OAAO,GAAG,CAAC,IAAI,IAAI,CAAC,UAAU,GAAG,EAAE;oBACnG,KAAK,EAAG,GAAa,CAAC,OAAO;oBAC7B,OAAO;iBACR,CAAC,CAAA;gBACF,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAA;gBAC1D,OAAO,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,GAAG,CAAC,CAAC,CAAA;YACxD,CAAC;YACD,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,WAAW,CAAc,GAAW,EAAE,MAA0B;QAC5E,oEAAoE;QACpE,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAA;QACjD,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,aAAa,SAAS,mBAAmB,CAAA;QAEvF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE;YACvC,GAAG;YACH,UAAU,EAAE,MAAM,CAAC,MAAM;YACzB,SAAS,EAAE,GAAG,CAAC,MAAM;SACtB,CAAC,CAAA;QAEF,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAA;QACxC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,CAAA;QAEpE,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;gBAC3B,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,WAAW,EAAE,IAAI,CAAC,MAAM;iBACzB;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC;gBACrC,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAA;YAEF,uBAAuB;YACvB,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBACvB,MAAM,UAAU,GAAG,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,IAAI,EAAE,EAAE,CAAC,GAAG,IAAI,CAAA;gBAC9E,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8BAA8B,EAAE,EAAE,UAAU,EAAE,CAAC,CAAA;gBAChE,MAAM,IAAI,uBAAuB,CAAC,UAAU,EAAE,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC,CAAA;YACpE,CAAC;YAED,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAA;gBAC7B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE;oBAChD,MAAM,EAAE,GAAG,CAAC,MAAM;oBAClB,UAAU,EAAE,GAAG,CAAC,UAAU;oBAC1B,cAAc,EAAE,IAAI,CAAC,MAAM;iBAC5B,CAAC,CAAA;gBACF,MAAM,IAAI,qBAAqB,CAAC,QAAQ,GAAG,CAAC,MAAM,KAAK,GAAG,CAAC,UAAU,EAAE,EAAE,GAAG,CAAC,MAAM,EAAE;oBACnF,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,uBAAuB;iBAC7D,CAAC,CAAA;YACJ,CAAC;YAED,MAAM,IAAI,GAAoB,MAAM,GAAG,CAAC,IAAI,EAAE,CAAA;YAE9C,IAAI,IAAI,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;gBAC3B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,6BAA6B,EAAE;oBAC/C,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI;oBACtB,OAAO,EAAE,IAAI,CAAC,KAAK,EAAE,OAAO;iBAC7B,CAAC,CAAA;gBACF,MAAM,IAAI,iBAAiB,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,IAAI,eAAe,EAAE;oBAClE,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI;oBACtB,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,KAAK;iBACzB,CAAC,CAAA;YACJ,CAAC;YAED,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAAQ,CAAA;YACrC,MAAM,QAAQ,GAAW,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,MAAM,CAAA;YAErD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,6BAA6B,EAAE;gBAC/C,QAAQ;gBACR,YAAY,EAAE,IAAI,CAAC,MAAM;aAC1B,CAAC,CAAA;YAEF,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAA;QAC3B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,YAAY,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC7D,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,eAAe,EAAE,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAA;gBAC7D,MAAM,IAAI,qBAAqB,CAAC,yBAAyB,IAAI,CAAC,OAAO,IAAI,EAAE;oBACzE,OAAO,EAAE,IAAI,CAAC,OAAO;iBACtB,CAAC,CAAA;YACJ,CAAC;YACD,MAAM,GAAG,CAAA;QACX,CAAC;gBAAS,CAAC;YACT,YAAY,CAAC,SAAS,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAEO,WAAW,CAAC,GAAY;QAC9B,IAAI,GAAG,YAAY,uBAAuB;YAAE,OAAO,IAAI,CAAA;QACvD,IAAI,GAAG,YAAY,qBAAqB;YAAE,OAAO,IAAI,CAAA;QACrD,IAAI,GAAG,YAAY,qBAAqB,IAAI,GAAG,CAAC,UAAU,IAAI,GAAG,CAAC,UAAU,IAAI,GAAG;YAAE,OAAO,IAAI,CAAA;QAChG,OAAO,KAAK,CAAA;IACd,CAAC;CACF"}
|
|
@@ -10,7 +10,7 @@
|
|
|
10
10
|
import type { Kysely } from 'kysely';
|
|
11
11
|
import type { Database, User } from '../database/schema.js';
|
|
12
12
|
import type { OAuthUserProfile, RequestContext, OAuthProvider } from '../types.js';
|
|
13
|
-
|
|
13
|
+
export { validateSession, parseCookies } from '../utils/session.js';
|
|
14
14
|
/**
|
|
15
15
|
* Upsert user from OAuth profile
|
|
16
16
|
*
|
|
@@ -47,25 +47,6 @@ export declare function upsertOAuthUser(db: Kysely<Database>, provider: OAuthPro
|
|
|
47
47
|
*/
|
|
48
48
|
export declare function createSession(db: Kysely<Database>, userId: string, expiresInSeconds?: number, // 30 days
|
|
49
49
|
context?: RequestContext): Promise<string>;
|
|
50
|
-
/**
|
|
51
|
-
* Validate session
|
|
52
|
-
*
|
|
53
|
-
* Checks if a session exists and is not expired.
|
|
54
|
-
*
|
|
55
|
-
* @param db - Kysely database instance
|
|
56
|
-
* @param sessionId - Session ID to validate
|
|
57
|
-
* @param logger - Optional logger for error reporting
|
|
58
|
-
* @returns User if session is valid, null otherwise
|
|
59
|
-
*
|
|
60
|
-
* @example
|
|
61
|
-
* ```ts
|
|
62
|
-
* const user = await validateSession(db, sessionId)
|
|
63
|
-
* if (!user) {
|
|
64
|
-
* return new Response('Unauthorized', { status: 401 })
|
|
65
|
-
* }
|
|
66
|
-
* ```
|
|
67
|
-
*/
|
|
68
|
-
export declare function validateSession(db: Kysely<Database>, sessionId: string, logger?: Logger): Promise<User | null>;
|
|
69
50
|
/**
|
|
70
51
|
* Delete session (logout)
|
|
71
52
|
*
|
|
@@ -110,17 +91,6 @@ export declare function deleteAllUserSessions(db: Kysely<Database>, userId: stri
|
|
|
110
91
|
* ```
|
|
111
92
|
*/
|
|
112
93
|
export declare function cleanupExpiredSessions(db: Kysely<Database>): Promise<number>;
|
|
113
|
-
/**
|
|
114
|
-
* Parse cookie header
|
|
115
|
-
*
|
|
116
|
-
* Parses the Cookie header and returns a map of cookie names to values.
|
|
117
|
-
*
|
|
118
|
-
* @param cookieHeader - Cookie header string
|
|
119
|
-
* @returns Map of cookie names to values
|
|
120
|
-
*
|
|
121
|
-
* @internal
|
|
122
|
-
*/
|
|
123
|
-
export declare function parseCookies(cookieHeader: string): Record<string, string>;
|
|
124
94
|
/**
|
|
125
95
|
* Create cookie header
|
|
126
96
|
*
|