covara 0.0.1 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +839 -0
- package/dist/auth/adapter.d.ts +47 -0
- package/dist/auth/adapter.d.ts.map +1 -0
- package/dist/auth/adapter.js +144 -0
- package/dist/auth/adapter.js.map +1 -0
- package/dist/auth/adapters/authjs.d.ts +31 -0
- package/dist/auth/adapters/authjs.d.ts.map +1 -0
- package/dist/auth/adapters/authjs.js +143 -0
- package/dist/auth/adapters/authjs.js.map +1 -0
- package/dist/auth/adapters/jwt.d.ts +70 -0
- package/dist/auth/adapters/jwt.d.ts.map +1 -0
- package/dist/auth/adapters/jwt.js +368 -0
- package/dist/auth/adapters/jwt.js.map +1 -0
- package/dist/auth/adapters/oidc.d.ts +120 -0
- package/dist/auth/adapters/oidc.d.ts.map +1 -0
- package/dist/auth/adapters/oidc.js +280 -0
- package/dist/auth/adapters/oidc.js.map +1 -0
- package/dist/auth/adapters/passport.d.ts +44 -0
- package/dist/auth/adapters/passport.d.ts.map +1 -0
- package/dist/auth/adapters/passport.js +206 -0
- package/dist/auth/adapters/passport.js.map +1 -0
- package/dist/auth/api-keys.d.ts +68 -0
- package/dist/auth/api-keys.d.ts.map +1 -0
- package/dist/auth/api-keys.js +117 -0
- package/dist/auth/api-keys.js.map +1 -0
- package/dist/auth/config.d.ts +36 -0
- package/dist/auth/config.d.ts.map +1 -0
- package/dist/auth/config.js +50 -0
- package/dist/auth/config.js.map +1 -0
- package/dist/auth/csrf.d.ts +18 -0
- package/dist/auth/csrf.d.ts.map +1 -0
- package/dist/auth/csrf.js +59 -0
- package/dist/auth/csrf.js.map +1 -0
- package/dist/auth/index.d.ts +25 -0
- package/dist/auth/index.d.ts.map +1 -0
- package/dist/auth/index.js +22 -0
- package/dist/auth/index.js.map +1 -0
- package/dist/auth/login-throttle.d.ts +21 -0
- package/dist/auth/login-throttle.d.ts.map +1 -0
- package/dist/auth/login-throttle.js +50 -0
- package/dist/auth/login-throttle.js.map +1 -0
- package/dist/auth/magic-link.d.ts +13 -0
- package/dist/auth/magic-link.d.ts.map +1 -0
- package/dist/auth/magic-link.js +14 -0
- package/dist/auth/magic-link.js.map +1 -0
- package/dist/auth/middleware.d.ts +20 -0
- package/dist/auth/middleware.d.ts.map +1 -0
- package/dist/auth/middleware.js +116 -0
- package/dist/auth/middleware.js.map +1 -0
- package/dist/auth/password-policy.d.ts +18 -0
- package/dist/auth/password-policy.d.ts.map +1 -0
- package/dist/auth/password-policy.js +72 -0
- package/dist/auth/password-policy.js.map +1 -0
- package/dist/auth/password-reset.d.ts +13 -0
- package/dist/auth/password-reset.d.ts.map +1 -0
- package/dist/auth/password-reset.js +17 -0
- package/dist/auth/password-reset.js.map +1 -0
- package/dist/auth/password.d.ts +11 -0
- package/dist/auth/password.d.ts.map +1 -0
- package/dist/auth/password.js +98 -0
- package/dist/auth/password.js.map +1 -0
- package/dist/auth/routes.d.ts +111 -0
- package/dist/auth/routes.d.ts.map +1 -0
- package/dist/auth/routes.js +417 -0
- package/dist/auth/routes.js.map +1 -0
- package/dist/auth/rsql.d.ts +33 -0
- package/dist/auth/rsql.d.ts.map +1 -0
- package/dist/auth/rsql.js +102 -0
- package/dist/auth/rsql.js.map +1 -0
- package/dist/auth/scope.d.ts +26 -0
- package/dist/auth/scope.d.ts.map +1 -0
- package/dist/auth/scope.js +166 -0
- package/dist/auth/scope.js.map +1 -0
- package/dist/auth/stores/drizzle.d.ts +39 -0
- package/dist/auth/stores/drizzle.d.ts.map +1 -0
- package/dist/auth/stores/drizzle.js +183 -0
- package/dist/auth/stores/drizzle.js.map +1 -0
- package/dist/auth/stores/index.d.ts +6 -0
- package/dist/auth/stores/index.d.ts.map +1 -0
- package/dist/auth/stores/index.js +4 -0
- package/dist/auth/stores/index.js.map +1 -0
- package/dist/auth/stores/redis.d.ts +25 -0
- package/dist/auth/stores/redis.d.ts.map +1 -0
- package/dist/auth/stores/redis.js +147 -0
- package/dist/auth/stores/redis.js.map +1 -0
- package/dist/auth/totp.d.ts +32 -0
- package/dist/auth/totp.d.ts.map +1 -0
- package/dist/auth/totp.js +126 -0
- package/dist/auth/totp.js.map +1 -0
- package/dist/auth/types.d.ts +82 -0
- package/dist/auth/types.d.ts.map +1 -0
- package/dist/auth/types.js +53 -0
- package/dist/auth/types.js.map +1 -0
- package/dist/auth/verification.d.ts +32 -0
- package/dist/auth/verification.d.ts.map +1 -0
- package/dist/auth/verification.js +0 -0
- package/dist/auth/verification.js.map +1 -0
- package/dist/billing/credits.d.ts +29 -0
- package/dist/billing/credits.d.ts.map +1 -0
- package/dist/billing/credits.js +66 -0
- package/dist/billing/credits.js.map +1 -0
- package/dist/billing/index.d.ts +53 -0
- package/dist/billing/index.d.ts.map +1 -0
- package/dist/billing/index.js +139 -0
- package/dist/billing/index.js.map +1 -0
- package/dist/billing/lemonsqueezy.d.ts +29 -0
- package/dist/billing/lemonsqueezy.d.ts.map +1 -0
- package/dist/billing/lemonsqueezy.js +276 -0
- package/dist/billing/lemonsqueezy.js.map +1 -0
- package/dist/billing/paddle.d.ts +30 -0
- package/dist/billing/paddle.d.ts.map +1 -0
- package/dist/billing/paddle.js +247 -0
- package/dist/billing/paddle.js.map +1 -0
- package/dist/billing/polar.d.ts +31 -0
- package/dist/billing/polar.d.ts.map +1 -0
- package/dist/billing/polar.js +284 -0
- package/dist/billing/polar.js.map +1 -0
- package/dist/billing/router.d.ts +9 -0
- package/dist/billing/router.d.ts.map +1 -0
- package/dist/billing/router.js +75 -0
- package/dist/billing/router.js.map +1 -0
- package/dist/billing/stripe.d.ts +31 -0
- package/dist/billing/stripe.d.ts.map +1 -0
- package/dist/billing/stripe.js +319 -0
- package/dist/billing/stripe.js.map +1 -0
- package/dist/billing/types.d.ts +97 -0
- package/dist/billing/types.d.ts.map +1 -0
- package/dist/billing/types.js +9 -0
- package/dist/billing/types.js.map +1 -0
- package/dist/cli/create.d.ts +10 -0
- package/dist/cli/create.d.ts.map +1 -0
- package/dist/cli/create.js +79 -0
- package/dist/cli/create.js.map +1 -0
- package/dist/cli/generate.d.ts +16 -0
- package/dist/cli/generate.d.ts.map +1 -0
- package/dist/cli/generate.js +105 -0
- package/dist/cli/generate.js.map +1 -0
- package/dist/cli/index.d.ts +3 -0
- package/dist/cli/index.d.ts.map +1 -0
- package/dist/cli/index.js +185 -0
- package/dist/cli/index.js.map +1 -0
- package/dist/cli/options.d.ts +11 -0
- package/dist/cli/options.d.ts.map +1 -0
- package/dist/cli/options.js +14 -0
- package/dist/cli/options.js.map +1 -0
- package/dist/cli/templates/configs.d.ts +12 -0
- package/dist/cli/templates/configs.d.ts.map +1 -0
- package/dist/cli/templates/configs.js +174 -0
- package/dist/cli/templates/configs.js.map +1 -0
- package/dist/cli/templates/deploy.d.ts +6 -0
- package/dist/cli/templates/deploy.d.ts.map +1 -0
- package/dist/cli/templates/deploy.js +147 -0
- package/dist/cli/templates/deploy.js.map +1 -0
- package/dist/cli/templates/index.d.ts +8 -0
- package/dist/cli/templates/index.d.ts.map +1 -0
- package/dist/cli/templates/index.js +35 -0
- package/dist/cli/templates/index.js.map +1 -0
- package/dist/cli/templates/package-json.d.ts +3 -0
- package/dist/cli/templates/package-json.d.ts.map +1 -0
- package/dist/cli/templates/package-json.js +76 -0
- package/dist/cli/templates/package-json.js.map +1 -0
- package/dist/cli/templates/readme.d.ts +3 -0
- package/dist/cli/templates/readme.d.ts.map +1 -0
- package/dist/cli/templates/readme.js +109 -0
- package/dist/cli/templates/readme.js.map +1 -0
- package/dist/cli/templates/source.d.ts +11 -0
- package/dist/cli/templates/source.d.ts.map +1 -0
- package/dist/cli/templates/source.js +158 -0
- package/dist/cli/templates/source.js.map +1 -0
- package/dist/client/auth/auth-transport.d.ts +24 -0
- package/dist/client/auth/auth-transport.d.ts.map +1 -0
- package/dist/client/auth/auth-transport.js +78 -0
- package/dist/client/auth/auth-transport.js.map +1 -0
- package/dist/client/auth/index.d.ts +52 -0
- package/dist/client/auth/index.d.ts.map +1 -0
- package/dist/client/auth/index.js +350 -0
- package/dist/client/auth/index.js.map +1 -0
- package/dist/client/auth/oidc-client.d.ts +17 -0
- package/dist/client/auth/oidc-client.d.ts.map +1 -0
- package/dist/client/auth/oidc-client.js +159 -0
- package/dist/client/auth/oidc-client.js.map +1 -0
- package/dist/client/auth/token-manager.d.ts +51 -0
- package/dist/client/auth/token-manager.d.ts.map +1 -0
- package/dist/client/auth/token-manager.js +222 -0
- package/dist/client/auth/token-manager.js.map +1 -0
- package/dist/client/auth/types.d.ts +82 -0
- package/dist/client/auth/types.d.ts.map +1 -0
- package/dist/client/auth/types.js +2 -0
- package/dist/client/auth/types.js.map +1 -0
- package/dist/client/billing.d.ts +54 -0
- package/dist/client/billing.d.ts.map +1 -0
- package/dist/client/billing.js +58 -0
- package/dist/client/billing.js.map +1 -0
- package/dist/client/dates.d.ts +40 -0
- package/dist/client/dates.d.ts.map +1 -0
- package/dist/client/dates.js +56 -0
- package/dist/client/dates.js.map +1 -0
- package/dist/client/env.d.ts +24 -0
- package/dist/client/env.d.ts.map +1 -0
- package/dist/client/env.js +105 -0
- package/dist/client/env.js.map +1 -0
- package/dist/client/file-upload.d.ts +53 -0
- package/dist/client/file-upload.d.ts.map +1 -0
- package/dist/client/file-upload.js +162 -0
- package/dist/client/file-upload.js.map +1 -0
- package/dist/client/globals.d.ts +6 -0
- package/dist/client/globals.d.ts.map +1 -0
- package/dist/client/globals.js +23 -0
- package/dist/client/globals.js.map +1 -0
- package/dist/client/index.d.ts +60 -0
- package/dist/client/index.d.ts.map +1 -0
- package/dist/client/index.js +266 -0
- package/dist/client/index.js.map +1 -0
- package/dist/client/indexeddb-storage.d.ts +22 -0
- package/dist/client/indexeddb-storage.d.ts.map +1 -0
- package/dist/client/indexeddb-storage.js +79 -0
- package/dist/client/indexeddb-storage.js.map +1 -0
- package/dist/client/jwt.d.ts +62 -0
- package/dist/client/jwt.d.ts.map +1 -0
- package/dist/client/jwt.js +164 -0
- package/dist/client/jwt.js.map +1 -0
- package/dist/client/live-store.d.ts +49 -0
- package/dist/client/live-store.d.ts.map +1 -0
- package/dist/client/live-store.js +638 -0
- package/dist/client/live-store.js.map +1 -0
- package/dist/client/mutation.d.ts +73 -0
- package/dist/client/mutation.d.ts.map +1 -0
- package/dist/client/mutation.js +72 -0
- package/dist/client/mutation.js.map +1 -0
- package/dist/client/offline.d.ts +110 -0
- package/dist/client/offline.d.ts.map +1 -0
- package/dist/client/offline.js +551 -0
- package/dist/client/offline.js.map +1 -0
- package/dist/client/query-builder.d.ts +130 -0
- package/dist/client/query-builder.d.ts.map +1 -0
- package/dist/client/query-builder.js +300 -0
- package/dist/client/query-builder.js.map +1 -0
- package/dist/client/query-cache.d.ts +64 -0
- package/dist/client/query-cache.d.ts.map +1 -0
- package/dist/client/query-cache.js +112 -0
- package/dist/client/query-cache.js.map +1 -0
- package/dist/client/query-types.d.ts +61 -0
- package/dist/client/query-types.d.ts.map +1 -0
- package/dist/client/query-types.js +2 -0
- package/dist/client/query-types.js.map +1 -0
- package/dist/client/react-billing.d.ts +24 -0
- package/dist/client/react-billing.d.ts.map +1 -0
- package/dist/client/react-billing.js +101 -0
- package/dist/client/react-billing.js.map +1 -0
- package/dist/client/react-files.d.ts +46 -0
- package/dist/client/react-files.d.ts.map +1 -0
- package/dist/client/react-files.js +174 -0
- package/dist/client/react-files.js.map +1 -0
- package/dist/client/react-jwt.d.ts +17 -0
- package/dist/client/react-jwt.d.ts.map +1 -0
- package/dist/client/react-jwt.js +73 -0
- package/dist/client/react-jwt.js.map +1 -0
- package/dist/client/react.d.ts +210 -0
- package/dist/client/react.d.ts.map +1 -0
- package/dist/client/react.js +599 -0
- package/dist/client/react.js.map +1 -0
- package/dist/client/repository.d.ts +49 -0
- package/dist/client/repository.d.ts.map +1 -0
- package/dist/client/repository.js +269 -0
- package/dist/client/repository.js.map +1 -0
- package/dist/client/resource-query-builder.d.ts +35 -0
- package/dist/client/resource-query-builder.d.ts.map +1 -0
- package/dist/client/resource-query-builder.js +177 -0
- package/dist/client/resource-query-builder.js.map +1 -0
- package/dist/client/subscription-manager.d.ts +37 -0
- package/dist/client/subscription-manager.d.ts.map +1 -0
- package/dist/client/subscription-manager.js +164 -0
- package/dist/client/subscription-manager.js.map +1 -0
- package/dist/client/tab-sync.d.ts +35 -0
- package/dist/client/tab-sync.d.ts.map +1 -0
- package/dist/client/tab-sync.js +129 -0
- package/dist/client/tab-sync.js.map +1 -0
- package/dist/client/transport.d.ts +50 -0
- package/dist/client/transport.d.ts.map +1 -0
- package/dist/client/transport.js +205 -0
- package/dist/client/transport.js.map +1 -0
- package/dist/client/typegen.d.ts +20 -0
- package/dist/client/typegen.d.ts.map +1 -0
- package/dist/client/typegen.js +578 -0
- package/dist/client/typegen.js.map +1 -0
- package/dist/client/types.d.ts +472 -0
- package/dist/client/types.d.ts.map +1 -0
- package/dist/client/types.js +2 -0
- package/dist/client/types.js.map +1 -0
- package/dist/db/index.d.ts +9 -0
- package/dist/db/index.d.ts.map +1 -0
- package/dist/db/index.js +5 -0
- package/dist/db/index.js.map +1 -0
- package/dist/db/internal-schema.d.ts +3831 -0
- package/dist/db/internal-schema.d.ts.map +1 -0
- package/dist/db/internal-schema.js +130 -0
- package/dist/db/internal-schema.js.map +1 -0
- package/dist/db/migrate.d.ts +15 -0
- package/dist/db/migrate.d.ts.map +1 -0
- package/dist/db/migrate.js +127 -0
- package/dist/db/migrate.js.map +1 -0
- package/dist/db/pooling.d.ts +9 -0
- package/dist/db/pooling.d.ts.map +1 -0
- package/dist/db/pooling.js +42 -0
- package/dist/db/pooling.js.map +1 -0
- package/dist/db/seed.d.ts +24 -0
- package/dist/db/seed.d.ts.map +1 -0
- package/dist/db/seed.js +34 -0
- package/dist/db/seed.js.map +1 -0
- package/dist/email/builder.d.ts +38 -0
- package/dist/email/builder.d.ts.map +1 -0
- package/dist/email/builder.js +153 -0
- package/dist/email/builder.js.map +1 -0
- package/dist/email/cloudflare.d.ts +24 -0
- package/dist/email/cloudflare.d.ts.map +1 -0
- package/dist/email/cloudflare.js +146 -0
- package/dist/email/cloudflare.js.map +1 -0
- package/dist/email/index.d.ts +12 -0
- package/dist/email/index.d.ts.map +1 -0
- package/dist/email/index.js +27 -0
- package/dist/email/index.js.map +1 -0
- package/dist/email/resend.d.ts +15 -0
- package/dist/email/resend.d.ts.map +1 -0
- package/dist/email/resend.js +114 -0
- package/dist/email/resend.js.map +1 -0
- package/dist/email/types.d.ts +36 -0
- package/dist/email/types.d.ts.map +1 -0
- package/dist/email/types.js +12 -0
- package/dist/email/types.js.map +1 -0
- package/dist/env/index.d.ts +52 -0
- package/dist/env/index.d.ts.map +1 -0
- package/dist/env/index.js +153 -0
- package/dist/env/index.js.map +1 -0
- package/dist/health/checks.d.ts +40 -0
- package/dist/health/checks.d.ts.map +1 -0
- package/dist/health/checks.js +166 -0
- package/dist/health/checks.js.map +1 -0
- package/dist/health/index.d.ts +26 -0
- package/dist/health/index.d.ts.map +1 -0
- package/dist/health/index.js +104 -0
- package/dist/health/index.js.map +1 -0
- package/dist/index.d.ts +78 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +72 -0
- package/dist/index.js.map +1 -0
- package/dist/kv/durable-object.d.ts +192 -0
- package/dist/kv/durable-object.d.ts.map +1 -0
- package/dist/kv/durable-object.js +1059 -0
- package/dist/kv/durable-object.js.map +1 -0
- package/dist/kv/index.d.ts +56 -0
- package/dist/kv/index.d.ts.map +1 -0
- package/dist/kv/index.js +96 -0
- package/dist/kv/index.js.map +1 -0
- package/dist/kv/memory.d.ts +78 -0
- package/dist/kv/memory.d.ts.map +1 -0
- package/dist/kv/memory.js +599 -0
- package/dist/kv/memory.js.map +1 -0
- package/dist/kv/redis.d.ts +148 -0
- package/dist/kv/redis.d.ts.map +1 -0
- package/dist/kv/redis.js +405 -0
- package/dist/kv/redis.js.map +1 -0
- package/dist/kv/types.d.ts +132 -0
- package/dist/kv/types.d.ts.map +1 -0
- package/dist/kv/types.js +24 -0
- package/dist/kv/types.js.map +1 -0
- package/dist/middleware/error.d.ts +4 -0
- package/dist/middleware/error.d.ts.map +1 -0
- package/dist/middleware/error.js +63 -0
- package/dist/middleware/error.js.map +1 -0
- package/dist/middleware/idempotency.d.ts +21 -0
- package/dist/middleware/idempotency.d.ts.map +1 -0
- package/dist/middleware/idempotency.js +144 -0
- package/dist/middleware/idempotency.js.map +1 -0
- package/dist/middleware/logging.d.ts +3 -0
- package/dist/middleware/logging.d.ts.map +1 -0
- package/dist/middleware/logging.js +6 -0
- package/dist/middleware/logging.js.map +1 -0
- package/dist/middleware/observability.d.ts +104 -0
- package/dist/middleware/observability.d.ts.map +1 -0
- package/dist/middleware/observability.js +231 -0
- package/dist/middleware/observability.js.map +1 -0
- package/dist/middleware/rateLimit.d.ts +83 -0
- package/dist/middleware/rateLimit.d.ts.map +1 -0
- package/dist/middleware/rateLimit.js +255 -0
- package/dist/middleware/rateLimit.js.map +1 -0
- package/dist/middleware/securityHeaders.d.ts +18 -0
- package/dist/middleware/securityHeaders.d.ts.map +1 -0
- package/dist/middleware/securityHeaders.js +58 -0
- package/dist/middleware/securityHeaders.js.map +1 -0
- package/dist/middleware/versioning.d.ts +62 -0
- package/dist/middleware/versioning.d.ts.map +1 -0
- package/dist/middleware/versioning.js +178 -0
- package/dist/middleware/versioning.js.map +1 -0
- package/dist/oidc/backends/email-password.d.ts +3 -0
- package/dist/oidc/backends/email-password.d.ts.map +1 -0
- package/dist/oidc/backends/email-password.js +37 -0
- package/dist/oidc/backends/email-password.js.map +1 -0
- package/dist/oidc/backends/federated.d.ts +13 -0
- package/dist/oidc/backends/federated.d.ts.map +1 -0
- package/dist/oidc/backends/federated.js +225 -0
- package/dist/oidc/backends/federated.js.map +1 -0
- package/dist/oidc/backends/index.d.ts +3 -0
- package/dist/oidc/backends/index.d.ts.map +1 -0
- package/dist/oidc/backends/index.js +3 -0
- package/dist/oidc/backends/index.js.map +1 -0
- package/dist/oidc/body.d.ts +3 -0
- package/dist/oidc/body.d.ts.map +1 -0
- package/dist/oidc/body.js +23 -0
- package/dist/oidc/body.js.map +1 -0
- package/dist/oidc/discovery.d.ts +3 -0
- package/dist/oidc/discovery.d.ts.map +1 -0
- package/dist/oidc/discovery.js +66 -0
- package/dist/oidc/discovery.js.map +1 -0
- package/dist/oidc/endpoints/authorize.d.ts +12 -0
- package/dist/oidc/endpoints/authorize.d.ts.map +1 -0
- package/dist/oidc/endpoints/authorize.js +148 -0
- package/dist/oidc/endpoints/authorize.js.map +1 -0
- package/dist/oidc/endpoints/client-auth.d.ts +9 -0
- package/dist/oidc/endpoints/client-auth.d.ts.map +1 -0
- package/dist/oidc/endpoints/client-auth.js +52 -0
- package/dist/oidc/endpoints/client-auth.js.map +1 -0
- package/dist/oidc/endpoints/index.d.ts +9 -0
- package/dist/oidc/endpoints/index.d.ts.map +1 -0
- package/dist/oidc/endpoints/index.js +9 -0
- package/dist/oidc/endpoints/index.js.map +1 -0
- package/dist/oidc/endpoints/introspection.d.ts +9 -0
- package/dist/oidc/endpoints/introspection.d.ts.map +1 -0
- package/dist/oidc/endpoints/introspection.js +57 -0
- package/dist/oidc/endpoints/introspection.js.map +1 -0
- package/dist/oidc/endpoints/jwks.d.ts +4 -0
- package/dist/oidc/endpoints/jwks.d.ts.map +1 -0
- package/dist/oidc/endpoints/jwks.js +11 -0
- package/dist/oidc/endpoints/jwks.js.map +1 -0
- package/dist/oidc/endpoints/logout.d.ts +12 -0
- package/dist/oidc/endpoints/logout.d.ts.map +1 -0
- package/dist/oidc/endpoints/logout.js +92 -0
- package/dist/oidc/endpoints/logout.js.map +1 -0
- package/dist/oidc/endpoints/register.d.ts +9 -0
- package/dist/oidc/endpoints/register.d.ts.map +1 -0
- package/dist/oidc/endpoints/register.js +104 -0
- package/dist/oidc/endpoints/register.js.map +1 -0
- package/dist/oidc/endpoints/revocation.d.ts +9 -0
- package/dist/oidc/endpoints/revocation.d.ts.map +1 -0
- package/dist/oidc/endpoints/revocation.js +31 -0
- package/dist/oidc/endpoints/revocation.js.map +1 -0
- package/dist/oidc/endpoints/token.d.ts +11 -0
- package/dist/oidc/endpoints/token.d.ts.map +1 -0
- package/dist/oidc/endpoints/token.js +167 -0
- package/dist/oidc/endpoints/token.js.map +1 -0
- package/dist/oidc/endpoints/userinfo.d.ts +10 -0
- package/dist/oidc/endpoints/userinfo.d.ts.map +1 -0
- package/dist/oidc/endpoints/userinfo.js +58 -0
- package/dist/oidc/endpoints/userinfo.js.map +1 -0
- package/dist/oidc/index.d.ts +79 -0
- package/dist/oidc/index.d.ts.map +1 -0
- package/dist/oidc/index.js +44 -0
- package/dist/oidc/index.js.map +1 -0
- package/dist/oidc/keys/index.d.ts +2 -0
- package/dist/oidc/keys/index.d.ts.map +1 -0
- package/dist/oidc/keys/index.js +2 -0
- package/dist/oidc/keys/index.js.map +1 -0
- package/dist/oidc/keys/jwk.d.ts +3 -0
- package/dist/oidc/keys/jwk.d.ts.map +1 -0
- package/dist/oidc/keys/jwk.js +171 -0
- package/dist/oidc/keys/jwk.js.map +1 -0
- package/dist/oidc/provider.d.ts +10 -0
- package/dist/oidc/provider.d.ts.map +1 -0
- package/dist/oidc/provider.js +152 -0
- package/dist/oidc/provider.js.map +1 -0
- package/dist/oidc/rate-limit.d.ts +9 -0
- package/dist/oidc/rate-limit.d.ts.map +1 -0
- package/dist/oidc/rate-limit.js +61 -0
- package/dist/oidc/rate-limit.js.map +1 -0
- package/dist/oidc/stores/index.d.ts +124 -0
- package/dist/oidc/stores/index.d.ts.map +1 -0
- package/dist/oidc/stores/index.js +337 -0
- package/dist/oidc/stores/index.js.map +1 -0
- package/dist/oidc/tokens/index.d.ts +4 -0
- package/dist/oidc/tokens/index.d.ts.map +1 -0
- package/dist/oidc/tokens/index.js +158 -0
- package/dist/oidc/tokens/index.js.map +1 -0
- package/dist/oidc/types.d.ts +442 -0
- package/dist/oidc/types.d.ts.map +1 -0
- package/dist/oidc/types.js +2 -0
- package/dist/oidc/types.js.map +1 -0
- package/dist/oidc/ui/consent.d.ts +12 -0
- package/dist/oidc/ui/consent.d.ts.map +1 -0
- package/dist/oidc/ui/consent.js +180 -0
- package/dist/oidc/ui/consent.js.map +1 -0
- package/dist/oidc/ui/index.d.ts +3 -0
- package/dist/oidc/ui/index.d.ts.map +1 -0
- package/dist/oidc/ui/index.js +3 -0
- package/dist/oidc/ui/index.js.map +1 -0
- package/dist/oidc/ui/login.d.ts +12 -0
- package/dist/oidc/ui/login.d.ts.map +1 -0
- package/dist/oidc/ui/login.js +159 -0
- package/dist/oidc/ui/login.js.map +1 -0
- package/dist/oidc/util.d.ts +5 -0
- package/dist/oidc/util.d.ts.map +1 -0
- package/dist/oidc/util.js +67 -0
- package/dist/oidc/util.js.map +1 -0
- package/dist/openapi/generator.d.ts +131 -0
- package/dist/openapi/generator.d.ts.map +1 -0
- package/dist/openapi/generator.js +609 -0
- package/dist/openapi/generator.js.map +1 -0
- package/dist/openapi/index.d.ts +5 -0
- package/dist/openapi/index.d.ts.map +1 -0
- package/dist/openapi/index.js +3 -0
- package/dist/openapi/index.js.map +1 -0
- package/dist/openapi/schema.d.ts +51 -0
- package/dist/openapi/schema.d.ts.map +1 -0
- package/dist/openapi/schema.js +296 -0
- package/dist/openapi/schema.js.map +1 -0
- package/dist/resource/batch.d.ts +40 -0
- package/dist/resource/batch.d.ts.map +1 -0
- package/dist/resource/batch.js +144 -0
- package/dist/resource/batch.js.map +1 -0
- package/dist/resource/capabilities.d.ts +29 -0
- package/dist/resource/capabilities.d.ts.map +1 -0
- package/dist/resource/capabilities.js +224 -0
- package/dist/resource/capabilities.js.map +1 -0
- package/dist/resource/changelog.d.ts +41 -0
- package/dist/resource/changelog.d.ts.map +1 -0
- package/dist/resource/changelog.js +275 -0
- package/dist/resource/changelog.js.map +1 -0
- package/dist/resource/error.d.ts +110 -0
- package/dist/resource/error.d.ts.map +1 -0
- package/dist/resource/error.js +276 -0
- package/dist/resource/error.js.map +1 -0
- package/dist/resource/etag.d.ts +30 -0
- package/dist/resource/etag.d.ts.map +1 -0
- package/dist/resource/etag.js +148 -0
- package/dist/resource/etag.js.map +1 -0
- package/dist/resource/filter.d.ts +36 -0
- package/dist/resource/filter.d.ts.map +1 -0
- package/dist/resource/filter.js +1136 -0
- package/dist/resource/filter.js.map +1 -0
- package/dist/resource/hook.d.ts +13 -0
- package/dist/resource/hook.d.ts.map +1 -0
- package/dist/resource/hook.js +976 -0
- package/dist/resource/hook.js.map +1 -0
- package/dist/resource/mutate.d.ts +49 -0
- package/dist/resource/mutate.d.ts.map +1 -0
- package/dist/resource/mutate.js +247 -0
- package/dist/resource/mutate.js.map +1 -0
- package/dist/resource/operator-equivalence.d.ts +54 -0
- package/dist/resource/operator-equivalence.d.ts.map +1 -0
- package/dist/resource/operator-equivalence.js +342 -0
- package/dist/resource/operator-equivalence.js.map +1 -0
- package/dist/resource/pagination.d.ts +63 -0
- package/dist/resource/pagination.d.ts.map +1 -0
- package/dist/resource/pagination.js +266 -0
- package/dist/resource/pagination.js.map +1 -0
- package/dist/resource/procedures.d.ts +28 -0
- package/dist/resource/procedures.d.ts.map +1 -0
- package/dist/resource/procedures.js +197 -0
- package/dist/resource/procedures.js.map +1 -0
- package/dist/resource/query.d.ts +37 -0
- package/dist/resource/query.d.ts.map +1 -0
- package/dist/resource/query.js +246 -0
- package/dist/resource/query.js.map +1 -0
- package/dist/resource/relations.d.ts +70 -0
- package/dist/resource/relations.d.ts.map +1 -0
- package/dist/resource/relations.js +395 -0
- package/dist/resource/relations.js.map +1 -0
- package/dist/resource/search-outbox.d.ts +38 -0
- package/dist/resource/search-outbox.d.ts.map +1 -0
- package/dist/resource/search-outbox.js +121 -0
- package/dist/resource/search-outbox.js.map +1 -0
- package/dist/resource/search.d.ts +14 -0
- package/dist/resource/search.d.ts.map +1 -0
- package/dist/resource/search.js +267 -0
- package/dist/resource/search.js.map +1 -0
- package/dist/resource/secure-query.d.ts +55 -0
- package/dist/resource/secure-query.d.ts.map +1 -0
- package/dist/resource/secure-query.js +175 -0
- package/dist/resource/secure-query.js.map +1 -0
- package/dist/resource/subscription.d.ts +46 -0
- package/dist/resource/subscription.d.ts.map +1 -0
- package/dist/resource/subscription.js +684 -0
- package/dist/resource/subscription.js.map +1 -0
- package/dist/resource/track-mutations.d.ts +58 -0
- package/dist/resource/track-mutations.d.ts.map +1 -0
- package/dist/resource/track-mutations.js +721 -0
- package/dist/resource/track-mutations.js.map +1 -0
- package/dist/resource/types.d.ts +298 -0
- package/dist/resource/types.d.ts.map +1 -0
- package/dist/resource/types.js +2 -0
- package/dist/resource/types.js.map +1 -0
- package/dist/search/index.d.ts +11 -0
- package/dist/search/index.d.ts.map +1 -0
- package/dist/search/index.js +22 -0
- package/dist/search/index.js.map +1 -0
- package/dist/search/memory.d.ts +6 -0
- package/dist/search/memory.d.ts.map +1 -0
- package/dist/search/memory.js +70 -0
- package/dist/search/memory.js.map +1 -0
- package/dist/search/opensearch.d.ts +47 -0
- package/dist/search/opensearch.d.ts.map +1 -0
- package/dist/search/opensearch.js +126 -0
- package/dist/search/opensearch.js.map +1 -0
- package/dist/search/postgres-fts.d.ts +16 -0
- package/dist/search/postgres-fts.d.ts.map +1 -0
- package/dist/search/postgres-fts.js +171 -0
- package/dist/search/postgres-fts.js.map +1 -0
- package/dist/search/sqlite-fts.d.ts +14 -0
- package/dist/search/sqlite-fts.d.ts.map +1 -0
- package/dist/search/sqlite-fts.js +185 -0
- package/dist/search/sqlite-fts.js.map +1 -0
- package/dist/search/types.d.ts +49 -0
- package/dist/search/types.d.ts.map +1 -0
- package/dist/search/types.js +2 -0
- package/dist/search/types.js.map +1 -0
- package/dist/server/app.d.ts +33 -0
- package/dist/server/app.d.ts.map +1 -0
- package/dist/server/app.js +82 -0
- package/dist/server/app.js.map +1 -0
- package/dist/server/context.d.ts +16 -0
- package/dist/server/context.d.ts.map +1 -0
- package/dist/server/context.js +12 -0
- package/dist/server/context.js.map +1 -0
- package/dist/server/env.d.ts +4 -0
- package/dist/server/env.d.ts.map +1 -0
- package/dist/server/env.js +7 -0
- package/dist/server/env.js.map +1 -0
- package/dist/server/lifecycle.d.ts +6 -0
- package/dist/server/lifecycle.d.ts.map +1 -0
- package/dist/server/lifecycle.js +28 -0
- package/dist/server/lifecycle.js.map +1 -0
- package/dist/server/logger.d.ts +28 -0
- package/dist/server/logger.d.ts.map +1 -0
- package/dist/server/logger.js +58 -0
- package/dist/server/logger.js.map +1 -0
- package/dist/server/node.d.ts +18 -0
- package/dist/server/node.d.ts.map +1 -0
- package/dist/server/node.js +47 -0
- package/dist/server/node.js.map +1 -0
- package/dist/server/request.d.ts +4 -0
- package/dist/server/request.d.ts.map +1 -0
- package/dist/server/request.js +29 -0
- package/dist/server/request.js.map +1 -0
- package/dist/server/sse.d.ts +26 -0
- package/dist/server/sse.d.ts.map +1 -0
- package/dist/server/sse.js +115 -0
- package/dist/server/sse.js.map +1 -0
- package/dist/storage/index.d.ts +15 -0
- package/dist/storage/index.d.ts.map +1 -0
- package/dist/storage/index.js +41 -0
- package/dist/storage/index.js.map +1 -0
- package/dist/storage/local.d.ts +25 -0
- package/dist/storage/local.d.ts.map +1 -0
- package/dist/storage/local.js +172 -0
- package/dist/storage/local.js.map +1 -0
- package/dist/storage/memory.d.ts +20 -0
- package/dist/storage/memory.d.ts.map +1 -0
- package/dist/storage/memory.js +82 -0
- package/dist/storage/memory.js.map +1 -0
- package/dist/storage/r2.d.ts +62 -0
- package/dist/storage/r2.d.ts.map +1 -0
- package/dist/storage/r2.js +124 -0
- package/dist/storage/r2.js.map +1 -0
- package/dist/storage/resource.d.ts +50 -0
- package/dist/storage/resource.d.ts.map +1 -0
- package/dist/storage/resource.js +346 -0
- package/dist/storage/resource.js.map +1 -0
- package/dist/storage/s3.d.ts +29 -0
- package/dist/storage/s3.d.ts.map +1 -0
- package/dist/storage/s3.js +202 -0
- package/dist/storage/s3.js.map +1 -0
- package/dist/storage/types.d.ts +75 -0
- package/dist/storage/types.d.ts.map +1 -0
- package/dist/storage/types.js +17 -0
- package/dist/storage/types.js.map +1 -0
- package/dist/storage/validation.d.ts +11 -0
- package/dist/storage/validation.d.ts.map +1 -0
- package/dist/storage/validation.js +38 -0
- package/dist/storage/validation.js.map +1 -0
- package/dist/tasks/cloudflare-queues.d.ts +63 -0
- package/dist/tasks/cloudflare-queues.d.ts.map +1 -0
- package/dist/tasks/cloudflare-queues.js +172 -0
- package/dist/tasks/cloudflare-queues.js.map +1 -0
- package/dist/tasks/concurrency.d.ts +8 -0
- package/dist/tasks/concurrency.d.ts.map +1 -0
- package/dist/tasks/concurrency.js +27 -0
- package/dist/tasks/concurrency.js.map +1 -0
- package/dist/tasks/define.d.ts +25 -0
- package/dist/tasks/define.d.ts.map +1 -0
- package/dist/tasks/define.js +17 -0
- package/dist/tasks/define.js.map +1 -0
- package/dist/tasks/dlq.d.ts +29 -0
- package/dist/tasks/dlq.d.ts.map +1 -0
- package/dist/tasks/dlq.js +185 -0
- package/dist/tasks/dlq.js.map +1 -0
- package/dist/tasks/idempotency.d.ts +13 -0
- package/dist/tasks/idempotency.d.ts.map +1 -0
- package/dist/tasks/idempotency.js +21 -0
- package/dist/tasks/idempotency.js.map +1 -0
- package/dist/tasks/index.d.ts +27 -0
- package/dist/tasks/index.d.ts.map +1 -0
- package/dist/tasks/index.js +15 -0
- package/dist/tasks/index.js.map +1 -0
- package/dist/tasks/integration.d.ts +18 -0
- package/dist/tasks/integration.d.ts.map +1 -0
- package/dist/tasks/integration.js +86 -0
- package/dist/tasks/integration.js.map +1 -0
- package/dist/tasks/lock.d.ts +9 -0
- package/dist/tasks/lock.d.ts.map +1 -0
- package/dist/tasks/lock.js +31 -0
- package/dist/tasks/lock.js.map +1 -0
- package/dist/tasks/queue.d.ts +11 -0
- package/dist/tasks/queue.d.ts.map +1 -0
- package/dist/tasks/queue.js +75 -0
- package/dist/tasks/queue.js.map +1 -0
- package/dist/tasks/recurring.d.ts +16 -0
- package/dist/tasks/recurring.d.ts.map +1 -0
- package/dist/tasks/recurring.js +173 -0
- package/dist/tasks/recurring.js.map +1 -0
- package/dist/tasks/retry.d.ts +4 -0
- package/dist/tasks/retry.d.ts.map +1 -0
- package/dist/tasks/retry.js +29 -0
- package/dist/tasks/retry.js.map +1 -0
- package/dist/tasks/scheduler.d.ts +22 -0
- package/dist/tasks/scheduler.d.ts.map +1 -0
- package/dist/tasks/scheduler.js +125 -0
- package/dist/tasks/scheduler.js.map +1 -0
- package/dist/tasks/storage.d.ts +17 -0
- package/dist/tasks/storage.d.ts.map +1 -0
- package/dist/tasks/storage.js +231 -0
- package/dist/tasks/storage.js.map +1 -0
- package/dist/tasks/types.d.ts +144 -0
- package/dist/tasks/types.d.ts.map +1 -0
- package/dist/tasks/types.js +2 -0
- package/dist/tasks/types.js.map +1 -0
- package/dist/tasks/worker.d.ts +21 -0
- package/dist/tasks/worker.d.ts.map +1 -0
- package/dist/tasks/worker.js +267 -0
- package/dist/tasks/worker.js.map +1 -0
- package/dist/ui/admin-auth.d.ts +65 -0
- package/dist/ui/admin-auth.d.ts.map +1 -0
- package/dist/ui/admin-auth.js +248 -0
- package/dist/ui/admin-auth.js.map +1 -0
- package/dist/ui/data-explorer.d.ts +11 -0
- package/dist/ui/data-explorer.d.ts.map +1 -0
- package/dist/ui/data-explorer.js +414 -0
- package/dist/ui/data-explorer.js.map +1 -0
- package/dist/ui/html/components/index.d.ts +75 -0
- package/dist/ui/html/components/index.d.ts.map +1 -0
- package/dist/ui/html/components/index.js +154 -0
- package/dist/ui/html/components/index.js.map +1 -0
- package/dist/ui/html/index.d.ts +6 -0
- package/dist/ui/html/index.d.ts.map +1 -0
- package/dist/ui/html/index.js +6 -0
- package/dist/ui/html/index.js.map +1 -0
- package/dist/ui/html/layout.d.ts +19 -0
- package/dist/ui/html/layout.d.ts.map +1 -0
- package/dist/ui/html/layout.js +162 -0
- package/dist/ui/html/layout.js.map +1 -0
- package/dist/ui/html/pages/admin-audit.d.ts +21 -0
- package/dist/ui/html/pages/admin-audit.d.ts.map +1 -0
- package/dist/ui/html/pages/admin-audit.js +130 -0
- package/dist/ui/html/pages/admin-audit.js.map +1 -0
- package/dist/ui/html/pages/api-explorer.d.ts +40 -0
- package/dist/ui/html/pages/api-explorer.d.ts.map +1 -0
- package/dist/ui/html/pages/api-explorer.js +153 -0
- package/dist/ui/html/pages/api-explorer.js.map +1 -0
- package/dist/ui/html/pages/changelog.d.ts +27 -0
- package/dist/ui/html/pages/changelog.d.ts.map +1 -0
- package/dist/ui/html/pages/changelog.js +129 -0
- package/dist/ui/html/pages/changelog.js.map +1 -0
- package/dist/ui/html/pages/dashboard.d.ts +20 -0
- package/dist/ui/html/pages/dashboard.d.ts.map +1 -0
- package/dist/ui/html/pages/dashboard.js +49 -0
- package/dist/ui/html/pages/dashboard.js.map +1 -0
- package/dist/ui/html/pages/data-explorer.d.ts +48 -0
- package/dist/ui/html/pages/data-explorer.d.ts.map +1 -0
- package/dist/ui/html/pages/data-explorer.js +251 -0
- package/dist/ui/html/pages/data-explorer.js.map +1 -0
- package/dist/ui/html/pages/errors.d.ts +13 -0
- package/dist/ui/html/pages/errors.d.ts.map +1 -0
- package/dist/ui/html/pages/errors.js +38 -0
- package/dist/ui/html/pages/errors.js.map +1 -0
- package/dist/ui/html/pages/filter-tester.d.ts +21 -0
- package/dist/ui/html/pages/filter-tester.d.ts.map +1 -0
- package/dist/ui/html/pages/filter-tester.js +161 -0
- package/dist/ui/html/pages/filter-tester.js.map +1 -0
- package/dist/ui/html/pages/index.d.ts +15 -0
- package/dist/ui/html/pages/index.d.ts.map +1 -0
- package/dist/ui/html/pages/index.js +15 -0
- package/dist/ui/html/pages/index.js.map +1 -0
- package/dist/ui/html/pages/kv-inspector.d.ts +20 -0
- package/dist/ui/html/pages/kv-inspector.d.ts.map +1 -0
- package/dist/ui/html/pages/kv-inspector.js +130 -0
- package/dist/ui/html/pages/kv-inspector.js.map +1 -0
- package/dist/ui/html/pages/requests.d.ts +23 -0
- package/dist/ui/html/pages/requests.d.ts.map +1 -0
- package/dist/ui/html/pages/requests.js +127 -0
- package/dist/ui/html/pages/requests.js.map +1 -0
- package/dist/ui/html/pages/resources.d.ts +27 -0
- package/dist/ui/html/pages/resources.d.ts.map +1 -0
- package/dist/ui/html/pages/resources.js +85 -0
- package/dist/ui/html/pages/resources.js.map +1 -0
- package/dist/ui/html/pages/sessions.d.ts +24 -0
- package/dist/ui/html/pages/sessions.d.ts.map +1 -0
- package/dist/ui/html/pages/sessions.js +157 -0
- package/dist/ui/html/pages/sessions.js.map +1 -0
- package/dist/ui/html/pages/subscriptions.d.ts +32 -0
- package/dist/ui/html/pages/subscriptions.d.ts.map +1 -0
- package/dist/ui/html/pages/subscriptions.js +138 -0
- package/dist/ui/html/pages/subscriptions.js.map +1 -0
- package/dist/ui/html/pages/tasks.d.ts +42 -0
- package/dist/ui/html/pages/tasks.d.ts.map +1 -0
- package/dist/ui/html/pages/tasks.js +225 -0
- package/dist/ui/html/pages/tasks.js.map +1 -0
- package/dist/ui/html/pages/users.d.ts +29 -0
- package/dist/ui/html/pages/users.d.ts.map +1 -0
- package/dist/ui/html/pages/users.js +192 -0
- package/dist/ui/html/pages/users.js.map +1 -0
- package/dist/ui/html/styles.d.ts +2 -0
- package/dist/ui/html/styles.d.ts.map +1 -0
- package/dist/ui/html/styles.js +675 -0
- package/dist/ui/html/styles.js.map +1 -0
- package/dist/ui/html/utils.d.ts +14 -0
- package/dist/ui/html/utils.d.ts.map +1 -0
- package/dist/ui/html/utils.js +76 -0
- package/dist/ui/html/utils.js.map +1 -0
- package/dist/ui/index.d.ts +13 -0
- package/dist/ui/index.d.ts.map +1 -0
- package/dist/ui/index.js +7 -0
- package/dist/ui/index.js.map +1 -0
- package/dist/ui/kv-inspector.d.ts +11 -0
- package/dist/ui/kv-inspector.d.ts.map +1 -0
- package/dist/ui/kv-inspector.js +332 -0
- package/dist/ui/kv-inspector.js.map +1 -0
- package/dist/ui/middleware.d.ts +76 -0
- package/dist/ui/middleware.d.ts.map +1 -0
- package/dist/ui/middleware.js +1175 -0
- package/dist/ui/middleware.js.map +1 -0
- package/dist/ui/schema-registry.d.ts +82 -0
- package/dist/ui/schema-registry.d.ts.map +1 -0
- package/dist/ui/schema-registry.js +165 -0
- package/dist/ui/schema-registry.js.map +1 -0
- package/dist/ui/task-monitor.d.ts +12 -0
- package/dist/ui/task-monitor.d.ts.map +1 -0
- package/dist/ui/task-monitor.js +264 -0
- package/dist/ui/task-monitor.js.map +1 -0
- package/package.json +201 -7
|
@@ -0,0 +1,117 @@
|
|
|
1
|
+
import { randomBytes } from "node:crypto";
|
|
2
|
+
import { hashPassword, verifyPassword } from "./password.js";
|
|
3
|
+
export class InMemoryApiKeyStore {
|
|
4
|
+
constructor() {
|
|
5
|
+
this.keys = new Map();
|
|
6
|
+
}
|
|
7
|
+
async create(record) {
|
|
8
|
+
this.keys.set(record.id, record);
|
|
9
|
+
}
|
|
10
|
+
async list(filter) {
|
|
11
|
+
const all = Array.from(this.keys.values());
|
|
12
|
+
if (filter?.userId !== undefined) {
|
|
13
|
+
return all.filter((k) => k.userId === filter.userId);
|
|
14
|
+
}
|
|
15
|
+
return all;
|
|
16
|
+
}
|
|
17
|
+
async findById(id) {
|
|
18
|
+
return this.keys.get(id) ?? null;
|
|
19
|
+
}
|
|
20
|
+
async delete(id) {
|
|
21
|
+
this.keys.delete(id);
|
|
22
|
+
}
|
|
23
|
+
async touch(id, lastUsedAt) {
|
|
24
|
+
const key = this.keys.get(id);
|
|
25
|
+
if (key) {
|
|
26
|
+
key.lastUsedAt = lastUsedAt;
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
const generateRawKey = (prefix, byteLength) => {
|
|
31
|
+
const id = randomBytes(8).toString("hex");
|
|
32
|
+
const secret = randomBytes(byteLength).toString("base64url");
|
|
33
|
+
const key = prefix ? `${prefix}_${id}.${secret}` : `${id}.${secret}`;
|
|
34
|
+
return { key, id };
|
|
35
|
+
};
|
|
36
|
+
const toMetadata = (stored) => ({
|
|
37
|
+
id: stored.id,
|
|
38
|
+
label: stored.label,
|
|
39
|
+
userId: stored.userId,
|
|
40
|
+
createdAt: stored.createdAt,
|
|
41
|
+
lastUsedAt: stored.lastUsedAt ?? null,
|
|
42
|
+
expiresAt: stored.expiresAt ?? null,
|
|
43
|
+
scopes: stored.scopes,
|
|
44
|
+
});
|
|
45
|
+
export const createApiKey = async (options) => {
|
|
46
|
+
const { key, id } = generateRawKey(options.prefix, options.byteLength ?? 24);
|
|
47
|
+
const hash = await hashPassword(key);
|
|
48
|
+
const createdAt = new Date();
|
|
49
|
+
const expiresAt = options.expiresAt ??
|
|
50
|
+
(options.ttlMs !== undefined ? new Date(createdAt.getTime() + options.ttlMs) : null);
|
|
51
|
+
const stored = {
|
|
52
|
+
id,
|
|
53
|
+
label: options.label,
|
|
54
|
+
userId: options.userId,
|
|
55
|
+
scopes: options.scopes,
|
|
56
|
+
createdAt,
|
|
57
|
+
lastUsedAt: null,
|
|
58
|
+
expiresAt,
|
|
59
|
+
hash,
|
|
60
|
+
};
|
|
61
|
+
await options.store.create(stored);
|
|
62
|
+
return { key, metadata: toMetadata(stored) };
|
|
63
|
+
};
|
|
64
|
+
const parseKeyId = (key) => {
|
|
65
|
+
// Format is `[prefix_]id.secret`. Split on the FIRST "." so the base64url
|
|
66
|
+
// secret (which may itself contain "_" or "-") can't corrupt id extraction,
|
|
67
|
+
// then strip an optional `prefix_` segment (the id is hex, no underscores).
|
|
68
|
+
const dot = key.indexOf(".");
|
|
69
|
+
if (dot <= 0)
|
|
70
|
+
return null;
|
|
71
|
+
const idPart = key.slice(0, dot);
|
|
72
|
+
const underscore = idPart.lastIndexOf("_");
|
|
73
|
+
const id = underscore >= 0 ? idPart.slice(underscore + 1) : idPart;
|
|
74
|
+
return id.length > 0 ? id : null;
|
|
75
|
+
};
|
|
76
|
+
export const verifyApiKey = async (key, options) => {
|
|
77
|
+
const id = parseKeyId(key);
|
|
78
|
+
if (!id)
|
|
79
|
+
return { valid: false, reason: "not_found" };
|
|
80
|
+
const stored = await options.store.findById(id);
|
|
81
|
+
if (!stored)
|
|
82
|
+
return { valid: false, reason: "not_found" };
|
|
83
|
+
const now = options.now ?? new Date();
|
|
84
|
+
if (stored.expiresAt && stored.expiresAt.getTime() <= now.getTime()) {
|
|
85
|
+
return { valid: false, reason: "expired" };
|
|
86
|
+
}
|
|
87
|
+
const matches = await verifyPassword(key, stored.hash);
|
|
88
|
+
if (!matches)
|
|
89
|
+
return { valid: false, reason: "mismatch" };
|
|
90
|
+
if (options.updateLastUsed !== false) {
|
|
91
|
+
await options.store.touch(stored.id, now);
|
|
92
|
+
stored.lastUsedAt = now;
|
|
93
|
+
}
|
|
94
|
+
return { valid: true, metadata: toMetadata(stored) };
|
|
95
|
+
};
|
|
96
|
+
export const listApiKeys = async (options) => {
|
|
97
|
+
const stored = await options.store.list(options.userId !== undefined ? { userId: options.userId } : undefined);
|
|
98
|
+
return stored.map(toMetadata);
|
|
99
|
+
};
|
|
100
|
+
export const revokeApiKey = async (id, options) => {
|
|
101
|
+
await options.store.delete(id);
|
|
102
|
+
};
|
|
103
|
+
export const rotateApiKey = async (options) => {
|
|
104
|
+
const existing = await options.store.findById(options.id);
|
|
105
|
+
await options.store.delete(options.id);
|
|
106
|
+
return createApiKey({
|
|
107
|
+
store: options.store,
|
|
108
|
+
label: options.label ?? existing?.label,
|
|
109
|
+
userId: options.userId ?? existing?.userId,
|
|
110
|
+
scopes: options.scopes ?? existing?.scopes,
|
|
111
|
+
expiresAt: options.expiresAt ?? existing?.expiresAt ?? null,
|
|
112
|
+
ttlMs: options.ttlMs,
|
|
113
|
+
prefix: options.prefix,
|
|
114
|
+
byteLength: options.byteLength,
|
|
115
|
+
});
|
|
116
|
+
};
|
|
117
|
+
//# sourceMappingURL=api-keys.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"api-keys.js","sourceRoot":"","sources":["../../src/auth/api-keys.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAwB1D,MAAM,OAAO,mBAAmB;IAAhC;QACU,SAAI,GAAG,IAAI,GAAG,EAAwB,CAAC;IA4BjD,CAAC;IA1BC,KAAK,CAAC,MAAM,CAAC,MAAoB;QAC/B,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;IACnC,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,MAA4B;QACrC,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QAC3C,IAAI,MAAM,EAAE,MAAM,KAAK,SAAS,EAAE,CAAC;YACjC,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,MAAM,CAAC,CAAC;QACvD,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,EAAU;QACvB,OAAO,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC;IACnC,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,EAAU;QACrB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACvB,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,EAAU,EAAE,UAAgB;QACtC,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,GAAG,EAAE,CAAC;YACR,GAAG,CAAC,UAAU,GAAG,UAAU,CAAC;QAC9B,CAAC;IACH,CAAC;CACF;AAkBD,MAAM,cAAc,GAAG,CAAC,MAA0B,EAAE,UAAkB,EAA+B,EAAE;IACrG,MAAM,EAAE,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAC7D,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,IAAI,EAAE,IAAI,MAAM,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,IAAI,MAAM,EAAE,CAAC;IACrE,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC;AACrB,CAAC,CAAC;AAEF,MAAM,UAAU,GAAG,CAAC,MAAoB,EAAkB,EAAE,CAAC,CAAC;IAC5D,EAAE,EAAE,MAAM,CAAC,EAAE;IACb,KAAK,EAAE,MAAM,CAAC,KAAK;IACnB,MAAM,EAAE,MAAM,CAAC,MAAM;IACrB,SAAS,EAAE,MAAM,CAAC,SAAS;IAC3B,UAAU,EAAE,MAAM,CAAC,UAAU,IAAI,IAAI;IACrC,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,IAAI;IACnC,MAAM,EAAE,MAAM,CAAC,MAAM;CACtB,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,YAAY,GAAG,KAAK,EAAE,OAA4B,EAA0B,EAAE;IACzF,MAAM,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,cAAc,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC;IAC7E,MAAM,IAAI,GAAG,MAAM,YAAY,CAAC,GAAG,CAAC,CAAC;IACrC,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,SAAS,GACb,OAAO,CAAC,SAAS;QACjB,CAAC,OAAO,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAEvF,MAAM,MAAM,GAAiB;QAC3B,EAAE;QACF,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,SAAS;QACT,UAAU,EAAE,IAAI;QAChB,SAAS;QACT,IAAI;KACL,CAAC;IAEF,MAAM,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACnC,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;AAC/C,CAAC,CAAC;AAEF,MAAM,UAAU,GAAG,CAAC,GAAW,EAAiB,EAAE;IAChD,0EAA0E;IAC1E,4EAA4E;IAC5E,4EAA4E;IAC5E,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,GAAG,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IAC1B,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACjC,MAAM,UAAU,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,EAAE,GAAG,UAAU,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACnE,OAAO,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;AACnC,CAAC,CAAC;AAQF,MAAM,CAAC,MAAM,YAAY,GAAG,KAAK,EAC/B,GAAW,EACX,OAAqE,EACxC,EAAE;IAC/B,MAAM,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAC3B,IAAI,CAAC,EAAE;QAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;IAEtD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAChD,IAAI,CAAC,MAAM;QAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;IAE1D,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,IAAI,IAAI,IAAI,EAAE,CAAC;IACtC,IAAI,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC;QACpE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;IAC7C,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;IACvD,IAAI,CAAC,OAAO;QAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;IAE1D,IAAI,OAAO,CAAC,cAAc,KAAK,KAAK,EAAE,CAAC;QACrC,MAAM,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QAC1C,MAAM,CAAC,UAAU,GAAG,GAAG,CAAC;IAC1B,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;AACvD,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,WAAW,GAAG,KAAK,EAC9B,OAAgD,EACrB,EAAE;IAC7B,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,IAAI,CACrC,OAAO,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,SAAS,CACtE,CAAC;IACF,OAAO,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;AAChC,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,YAAY,GAAG,KAAK,EAC/B,EAAU,EACV,OAA+B,EAChB,EAAE;IACjB,MAAM,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;AACjC,CAAC,CAAC;AAMF,MAAM,CAAC,MAAM,YAAY,GAAG,KAAK,EAAE,OAA4B,EAA0B,EAAE;IACzF,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC1D,MAAM,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IACvC,OAAO,YAAY,CAAC;QAClB,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,QAAQ,EAAE,KAAK;QACvC,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,QAAQ,EAAE,MAAM;QAC1C,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,QAAQ,EAAE,MAAM;QAC1C,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,QAAQ,EAAE,SAAS,IAAI,IAAI;QAC3D,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,UAAU,EAAE,OAAO,CAAC,UAAU;KAC/B,CAAC,CAAC;AACL,CAAC,CAAC"}
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
import { AuthAdapter, SessionStore } from "./types.js";
|
|
2
|
+
import { JWTConfig } from "./adapters/jwt.js";
|
|
3
|
+
import { RedisSessionStoreOptions } from "./stores/redis.js";
|
|
4
|
+
import { DrizzleSessionStoreOptions } from "./stores/drizzle.js";
|
|
5
|
+
import { KVAdapter } from "../kv/types.js";
|
|
6
|
+
export type AuthMode = "session" | "jwt";
|
|
7
|
+
export interface SessionStoreConfig {
|
|
8
|
+
type: "memory" | "redis" | "drizzle";
|
|
9
|
+
redis?: Omit<RedisSessionStoreOptions, "kv"> & {
|
|
10
|
+
kv: KVAdapter;
|
|
11
|
+
};
|
|
12
|
+
drizzle?: DrizzleSessionStoreOptions;
|
|
13
|
+
}
|
|
14
|
+
export interface AuthConfigUser {
|
|
15
|
+
id: string;
|
|
16
|
+
email?: string | null;
|
|
17
|
+
name?: string | null;
|
|
18
|
+
image?: string | null;
|
|
19
|
+
emailVerified?: Date | null;
|
|
20
|
+
metadata?: Record<string, unknown>;
|
|
21
|
+
}
|
|
22
|
+
export interface AuthConfig {
|
|
23
|
+
mode: AuthMode;
|
|
24
|
+
jwt?: JWTConfig;
|
|
25
|
+
sessionStore?: SessionStoreConfig;
|
|
26
|
+
sessionTtlMs?: number;
|
|
27
|
+
getUserById: (id: string) => Promise<AuthConfigUser | null>;
|
|
28
|
+
validatePassword?: (email: string, password: string) => Promise<AuthConfigUser | null>;
|
|
29
|
+
validateApiKey?: (apiKey: string) => Promise<{
|
|
30
|
+
userId: string;
|
|
31
|
+
scopes?: string[];
|
|
32
|
+
} | null>;
|
|
33
|
+
}
|
|
34
|
+
export declare const createSessionStore: (config?: SessionStoreConfig) => SessionStore;
|
|
35
|
+
export declare const createAuthAdapter: (config: AuthConfig) => AuthAdapter;
|
|
36
|
+
//# sourceMappingURL=config.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/auth/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAwB,MAAM,SAAS,CAAC;AAE1E,OAAO,EAAc,SAAS,EAAE,MAAM,gBAAgB,CAAC;AACvD,OAAO,EAAqB,wBAAwB,EAAE,MAAM,gBAAgB,CAAC;AAC7E,OAAO,EAEL,0BAA0B,EAC3B,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAEvC,MAAM,MAAM,QAAQ,GAAG,SAAS,GAAG,KAAK,CAAC;AAEzC,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,QAAQ,GAAG,OAAO,GAAG,SAAS,CAAC;IACrC,KAAK,CAAC,EAAE,IAAI,CAAC,wBAAwB,EAAE,IAAI,CAAC,GAAG;QAAE,EAAE,EAAE,SAAS,CAAA;KAAE,CAAC;IACjE,OAAO,CAAC,EAAE,0BAA0B,CAAC;CACtC;AAED,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,aAAa,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,QAAQ,CAAC;IACf,GAAG,CAAC,EAAE,SAAS,CAAC;IAChB,YAAY,CAAC,EAAE,kBAAkB,CAAC;IAClC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CAAC;IAC5D,gBAAgB,CAAC,EAAE,CACjB,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,KACb,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CAAC;IACpC,cAAc,CAAC,EAAE,CACf,MAAM,EAAE,MAAM,KACX,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,GAAG,IAAI,CAAC,CAAC;CAC5D;AAED,eAAO,MAAM,kBAAkB,GAAI,SAAS,kBAAkB,KAAG,YAsBhE,CAAC;AAEF,eAAO,MAAM,iBAAiB,GAAI,QAAQ,UAAU,KAAG,WAyBtD,CAAC"}
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
import { InMemorySessionStore } from "./types.js";
|
|
2
|
+
import { PassportAdapter } from "./adapters/passport.js";
|
|
3
|
+
import { JWTAdapter } from "./adapters/jwt.js";
|
|
4
|
+
import { RedisSessionStore } from "./stores/redis.js";
|
|
5
|
+
import { DrizzleSessionStore, } from "./stores/drizzle.js";
|
|
6
|
+
export const createSessionStore = (config) => {
|
|
7
|
+
if (!config) {
|
|
8
|
+
return new InMemorySessionStore();
|
|
9
|
+
}
|
|
10
|
+
switch (config.type) {
|
|
11
|
+
case "redis":
|
|
12
|
+
if (!config.redis?.kv) {
|
|
13
|
+
throw new Error("Redis KV adapter required for redis session store");
|
|
14
|
+
}
|
|
15
|
+
return new RedisSessionStore(config.redis);
|
|
16
|
+
case "drizzle":
|
|
17
|
+
if (!config.drizzle) {
|
|
18
|
+
throw new Error("Drizzle config required for drizzle session store");
|
|
19
|
+
}
|
|
20
|
+
return new DrizzleSessionStore(config.drizzle);
|
|
21
|
+
case "memory":
|
|
22
|
+
default:
|
|
23
|
+
return new InMemorySessionStore();
|
|
24
|
+
}
|
|
25
|
+
};
|
|
26
|
+
export const createAuthAdapter = (config) => {
|
|
27
|
+
const sessionStore = createSessionStore(config.sessionStore);
|
|
28
|
+
switch (config.mode) {
|
|
29
|
+
case "jwt":
|
|
30
|
+
if (!config.jwt) {
|
|
31
|
+
throw new Error("JWT config required for jwt mode");
|
|
32
|
+
}
|
|
33
|
+
return new JWTAdapter({
|
|
34
|
+
jwt: config.jwt,
|
|
35
|
+
getUserById: config.getUserById,
|
|
36
|
+
validatePassword: config.validatePassword,
|
|
37
|
+
refreshTokenStore: sessionStore,
|
|
38
|
+
});
|
|
39
|
+
case "session":
|
|
40
|
+
default:
|
|
41
|
+
return new PassportAdapter({
|
|
42
|
+
getUserById: config.getUserById,
|
|
43
|
+
validatePassword: config.validatePassword,
|
|
44
|
+
validateApiKey: config.validateApiKey,
|
|
45
|
+
sessionStore,
|
|
46
|
+
sessionTtlMs: config.sessionTtlMs,
|
|
47
|
+
});
|
|
48
|
+
}
|
|
49
|
+
};
|
|
50
|
+
//# sourceMappingURL=config.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/auth/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAA6B,oBAAoB,EAAE,MAAM,SAAS,CAAC;AAC1E,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,UAAU,EAAa,MAAM,gBAAgB,CAAC;AACvD,OAAO,EAAE,iBAAiB,EAA4B,MAAM,gBAAgB,CAAC;AAC7E,OAAO,EACL,mBAAmB,GAEpB,MAAM,kBAAkB,CAAC;AAmC1B,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,MAA2B,EAAgB,EAAE;IAC9E,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,IAAI,oBAAoB,EAAE,CAAC;IACpC,CAAC;IAED,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;QACpB,KAAK,OAAO;YACV,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,EAAE,CAAC;gBACtB,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;YACvE,CAAC;YACD,OAAO,IAAI,iBAAiB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAE7C,KAAK,SAAS;YACZ,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;YACvE,CAAC;YACD,OAAO,IAAI,mBAAmB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAEjD,KAAK,QAAQ,CAAC;QACd;YACE,OAAO,IAAI,oBAAoB,EAAE,CAAC;IACtC,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,MAAkB,EAAe,EAAE;IACnE,MAAM,YAAY,GAAG,kBAAkB,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAE7D,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;QACpB,KAAK,KAAK;YACR,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;gBAChB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;YACtD,CAAC;YACD,OAAO,IAAI,UAAU,CAAC;gBACpB,GAAG,EAAE,MAAM,CAAC,GAAG;gBACf,WAAW,EAAE,MAAM,CAAC,WAAW;gBAC/B,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;gBACzC,iBAAiB,EAAE,YAAY;aAChC,CAAC,CAAC;QAEL,KAAK,SAAS,CAAC;QACf;YACE,OAAO,IAAI,eAAe,CAAC;gBACzB,WAAW,EAAE,MAAM,CAAC,WAAW;gBAC/B,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;gBACzC,cAAc,EAAE,MAAM,CAAC,cAAc;gBACrC,YAAY;gBACZ,YAAY,EAAE,MAAM,CAAC,YAAY;aAClC,CAAC,CAAC;IACP,CAAC;AACH,CAAC,CAAC"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import type { Context, MiddlewareHandler } from "hono";
|
|
2
|
+
export interface CsrfOptions {
|
|
3
|
+
cookieName?: string;
|
|
4
|
+
headerName?: string;
|
|
5
|
+
tokenLength?: number;
|
|
6
|
+
cookieOptions?: {
|
|
7
|
+
secure?: boolean;
|
|
8
|
+
sameSite?: "strict" | "lax" | "none";
|
|
9
|
+
path?: string;
|
|
10
|
+
maxAge?: number;
|
|
11
|
+
};
|
|
12
|
+
skip?: (c: Context) => boolean;
|
|
13
|
+
message?: string;
|
|
14
|
+
}
|
|
15
|
+
export declare const generateCsrfToken: (length?: number) => string;
|
|
16
|
+
export declare const issueCsrfToken: (c: Context, options?: CsrfOptions) => string;
|
|
17
|
+
export declare const createCsrfMiddleware: (options?: CsrfOptions) => MiddlewareHandler;
|
|
18
|
+
//# sourceMappingURL=csrf.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"csrf.d.ts","sourceRoot":"","sources":["../../src/auth/csrf.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,iBAAiB,EAAE,MAAM,MAAM,CAAC;AAWvD,MAAM,WAAW,WAAW;IAC1B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE;QACd,MAAM,CAAC,EAAE,OAAO,CAAC;QACjB,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;QACrC,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,MAAM,CAAC,EAAE,MAAM,CAAC;KACjB,CAAC;IACF,IAAI,CAAC,EAAE,CAAC,CAAC,EAAE,OAAO,KAAK,OAAO,CAAC;IAC/B,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,eAAO,MAAM,iBAAiB,GAAI,eAAW,KAAG,MACL,CAAC;AAc5C,eAAO,MAAM,cAAc,GAAI,GAAG,OAAO,EAAE,UAAS,WAAgB,KAAG,MAYtE,CAAC;AAEF,eAAO,MAAM,oBAAoB,GAAI,UAAS,WAAgB,KAAG,iBAgChE,CAAC"}
|
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
import { getCookie, setCookie } from "hono/cookie";
|
|
2
|
+
import { randomBytes, timingSafeEqual } from "node:crypto";
|
|
3
|
+
import { ForbiddenError } from "../resource/error.js";
|
|
4
|
+
import { isProduction } from "../server/env.js";
|
|
5
|
+
const UNSAFE_METHODS = new Set(["POST", "PUT", "PATCH", "DELETE"]);
|
|
6
|
+
const DEFAULT_COOKIE_NAME = "csrf_token";
|
|
7
|
+
const DEFAULT_HEADER_NAME = "X-CSRF-Token";
|
|
8
|
+
export const generateCsrfToken = (length = 32) => randomBytes(length).toString("base64url");
|
|
9
|
+
const isBearerRequest = (c) => {
|
|
10
|
+
const authHeader = c.req.header("authorization");
|
|
11
|
+
return typeof authHeader === "string" && authHeader.length > 0;
|
|
12
|
+
};
|
|
13
|
+
const constantTimeEquals = (a, b) => {
|
|
14
|
+
const aBuf = Buffer.from(a);
|
|
15
|
+
const bBuf = Buffer.from(b);
|
|
16
|
+
if (aBuf.length !== bBuf.length)
|
|
17
|
+
return false;
|
|
18
|
+
return timingSafeEqual(aBuf, bBuf);
|
|
19
|
+
};
|
|
20
|
+
export const issueCsrfToken = (c, options = {}) => {
|
|
21
|
+
const cookieName = options.cookieName ?? DEFAULT_COOKIE_NAME;
|
|
22
|
+
const token = generateCsrfToken(options.tokenLength ?? 32);
|
|
23
|
+
const cookieOptions = {
|
|
24
|
+
httpOnly: false,
|
|
25
|
+
secure: options.cookieOptions?.secure ?? isProduction(),
|
|
26
|
+
sameSite: options.cookieOptions?.sameSite ?? "lax",
|
|
27
|
+
path: options.cookieOptions?.path ?? "/",
|
|
28
|
+
maxAge: options.cookieOptions?.maxAge,
|
|
29
|
+
};
|
|
30
|
+
setCookie(c, cookieName, token, cookieOptions);
|
|
31
|
+
return token;
|
|
32
|
+
};
|
|
33
|
+
export const createCsrfMiddleware = (options = {}) => {
|
|
34
|
+
const cookieName = options.cookieName ?? DEFAULT_COOKIE_NAME;
|
|
35
|
+
const headerName = options.headerName ?? DEFAULT_HEADER_NAME;
|
|
36
|
+
const message = options.message ?? "CSRF token validation failed";
|
|
37
|
+
return async (c, next) => {
|
|
38
|
+
if (options.skip?.(c)) {
|
|
39
|
+
return next();
|
|
40
|
+
}
|
|
41
|
+
const method = c.req.method.toUpperCase();
|
|
42
|
+
if (!UNSAFE_METHODS.has(method)) {
|
|
43
|
+
if (!getCookie(c, cookieName)) {
|
|
44
|
+
issueCsrfToken(c, options);
|
|
45
|
+
}
|
|
46
|
+
return next();
|
|
47
|
+
}
|
|
48
|
+
if (isBearerRequest(c)) {
|
|
49
|
+
return next();
|
|
50
|
+
}
|
|
51
|
+
const cookieToken = getCookie(c, cookieName);
|
|
52
|
+
const headerToken = c.req.header(headerName.toLowerCase());
|
|
53
|
+
if (!cookieToken || !headerToken || !constantTimeEquals(cookieToken, headerToken)) {
|
|
54
|
+
throw new ForbiddenError(message);
|
|
55
|
+
}
|
|
56
|
+
return next();
|
|
57
|
+
};
|
|
58
|
+
};
|
|
59
|
+
//# sourceMappingURL=csrf.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"csrf.js","sourceRoot":"","sources":["../../src/auth/csrf.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAEnD,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC3D,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAE5C,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC;AACnE,MAAM,mBAAmB,GAAG,YAAY,CAAC;AACzC,MAAM,mBAAmB,GAAG,cAAc,CAAC;AAgB3C,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,MAAM,GAAG,EAAE,EAAU,EAAE,CACvD,WAAW,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AAE5C,MAAM,eAAe,GAAG,CAAC,CAAU,EAAW,EAAE;IAC9C,MAAM,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;IACjD,OAAO,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC;AACjE,CAAC,CAAC;AAEF,MAAM,kBAAkB,GAAG,CAAC,CAAS,EAAE,CAAS,EAAW,EAAE;IAC3D,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC5B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC5B,IAAI,IAAI,CAAC,MAAM,KAAK,IAAI,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAC9C,OAAO,eAAe,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;AACrC,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,CAAU,EAAE,UAAuB,EAAE,EAAU,EAAE;IAC9E,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,mBAAmB,CAAC;IAC7D,MAAM,KAAK,GAAG,iBAAiB,CAAC,OAAO,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;IAC3D,MAAM,aAAa,GAAkB;QACnC,QAAQ,EAAE,KAAK;QACf,MAAM,EAAE,OAAO,CAAC,aAAa,EAAE,MAAM,IAAI,YAAY,EAAE;QACvD,QAAQ,EAAE,OAAO,CAAC,aAAa,EAAE,QAAQ,IAAI,KAAK;QAClD,IAAI,EAAE,OAAO,CAAC,aAAa,EAAE,IAAI,IAAI,GAAG;QACxC,MAAM,EAAE,OAAO,CAAC,aAAa,EAAE,MAAM;KACtC,CAAC;IACF,SAAS,CAAC,CAAC,EAAE,UAAU,EAAE,KAAK,EAAE,aAAa,CAAC,CAAC;IAC/C,OAAO,KAAK,CAAC;AACf,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,UAAuB,EAAE,EAAqB,EAAE;IACnF,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,mBAAmB,CAAC;IAC7D,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,mBAAmB,CAAC;IAC7D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,8BAA8B,CAAC;IAElE,OAAO,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QACvB,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACtB,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAED,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;QAE1C,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YAChC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,UAAU,CAAC,EAAE,CAAC;gBAC9B,cAAc,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;YAC7B,CAAC;YACD,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAED,IAAI,eAAe,CAAC,CAAC,CAAC,EAAE,CAAC;YACvB,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAED,MAAM,WAAW,GAAG,SAAS,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;QAC7C,MAAM,WAAW,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC,CAAC;QAE3D,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,IAAI,CAAC,kBAAkB,CAAC,WAAW,EAAE,WAAW,CAAC,EAAE,CAAC;YAClF,MAAM,IAAI,cAAc,CAAC,OAAO,CAAC,CAAC;QACpC,CAAC;QAED,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC,CAAC;AACJ,CAAC,CAAC"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
export * from "./types.js";
|
|
2
|
+
export * from "./adapter.js";
|
|
3
|
+
export * from "./password.js";
|
|
4
|
+
export * from "./rsql.js";
|
|
5
|
+
export * from "./scope.js";
|
|
6
|
+
export * from "./middleware.js";
|
|
7
|
+
export * from "./routes.js";
|
|
8
|
+
export { createCsrfMiddleware, issueCsrfToken, generateCsrfToken, type CsrfOptions, } from "./csrf.js";
|
|
9
|
+
export { LoginThrottle, type LoginThrottleOptions, type ThrottleCheck, } from "./login-throttle.js";
|
|
10
|
+
export { InMemoryVerificationTokenStore, issueToken, verifyToken, hashToken, generateToken, type VerificationTokenStore, type VerificationTokenRecord, } from "./verification.js";
|
|
11
|
+
export { issuePasswordResetToken, verifyPasswordResetToken, hashNewPassword, type PasswordResetOptions, } from "./password-reset.js";
|
|
12
|
+
export { base32Encode, base32Decode, generateTotpSecret, generateTotp, verifyTotp, getTotpUri, generateBackupCodes, verifyBackupCode, type TotpOptions, type TotpUriParams, type BackupCodesResult, } from "./totp.js";
|
|
13
|
+
export { issueMagicLinkToken, consumeMagicLinkToken, type MagicLinkOptions, } from "./magic-link.js";
|
|
14
|
+
export { createApiKey, verifyApiKey, rotateApiKey, revokeApiKey, listApiKeys, InMemoryApiKeyStore, type ApiKeyStore, type StoredApiKey, type ApiKeyMetadata, type CreatedApiKey, type CreateApiKeyOptions, type RotateApiKeyOptions, type VerifyApiKeyResult, } from "./api-keys.js";
|
|
15
|
+
export { validatePasswordStrength, enforcePasswordStrength, builtInPasswordDenylist, type PasswordPolicyOptions, type PasswordStrengthResult, } from "./password-policy.js";
|
|
16
|
+
export { createAuthAdapter, createSessionStore, type AuthMode, type AuthConfig, type AuthConfigUser, type SessionStoreConfig, } from "./config.js";
|
|
17
|
+
export { AuthJsAdapter, createAuthJsAdapter } from "./adapters/authjs.js";
|
|
18
|
+
export { PassportAdapter, createPassportAdapter, fromPassportUser } from "./adapters/passport.js";
|
|
19
|
+
export { JWTAdapter, createJWTAdapter } from "./adapters/jwt.js";
|
|
20
|
+
export type { JWTConfig, JWTAdapterOptions, JWTPayload, JWTUser } from "./adapters/jwt.js";
|
|
21
|
+
export { OIDCAdapter, createOIDCAdapter, oidcProviders } from "./adapters/oidc.js";
|
|
22
|
+
export type { OIDCProviderConfig, OIDCAdapterOptions, OIDCUserInfo, OIDCAccount, OIDCUser, } from "./adapters/oidc.js";
|
|
23
|
+
export { RedisSessionStore, createRedisSessionStore, DrizzleSessionStore, createDrizzleSessionStore, } from "./stores/index.js";
|
|
24
|
+
export type { RedisSessionStoreOptions, DrizzleSessionStoreOptions, SessionsTableColumns, } from "./stores/index.js";
|
|
25
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA,cAAc,SAAS,CAAC;AACxB,cAAc,WAAW,CAAC;AAC1B,cAAc,YAAY,CAAC;AAC3B,cAAc,QAAQ,CAAC;AACvB,cAAc,SAAS,CAAC;AACxB,cAAc,cAAc,CAAC;AAC7B,cAAc,UAAU,CAAC;AACzB,OAAO,EACL,oBAAoB,EACpB,cAAc,EACd,iBAAiB,EACjB,KAAK,WAAW,GACjB,MAAM,QAAQ,CAAC;AAChB,OAAO,EACL,aAAa,EACb,KAAK,oBAAoB,EACzB,KAAK,aAAa,GACnB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EACL,8BAA8B,EAC9B,UAAU,EACV,WAAW,EACX,SAAS,EACT,aAAa,EACb,KAAK,sBAAsB,EAC3B,KAAK,uBAAuB,GAC7B,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,uBAAuB,EACvB,wBAAwB,EACxB,eAAe,EACf,KAAK,oBAAoB,GAC1B,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EACL,YAAY,EACZ,YAAY,EACZ,kBAAkB,EAClB,YAAY,EACZ,UAAU,EACV,UAAU,EACV,mBAAmB,EACnB,gBAAgB,EAChB,KAAK,WAAW,EAChB,KAAK,aAAa,EAClB,KAAK,iBAAiB,GACvB,MAAM,QAAQ,CAAC;AAChB,OAAO,EACL,mBAAmB,EACnB,qBAAqB,EACrB,KAAK,gBAAgB,GACtB,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,WAAW,EACX,mBAAmB,EACnB,KAAK,WAAW,EAChB,KAAK,YAAY,EACjB,KAAK,cAAc,EACnB,KAAK,aAAa,EAClB,KAAK,mBAAmB,EACxB,KAAK,mBAAmB,EACxB,KAAK,kBAAkB,GACxB,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,wBAAwB,EACxB,uBAAuB,EACvB,uBAAuB,EACvB,KAAK,qBAAqB,EAC1B,KAAK,sBAAsB,GAC5B,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,iBAAiB,EACjB,kBAAkB,EAClB,KAAK,QAAQ,EACb,KAAK,UAAU,EACf,KAAK,cAAc,EACnB,KAAK,kBAAkB,GACxB,MAAM,UAAU,CAAC;AAElB,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACvE,OAAO,EAAE,eAAe,EAAE,qBAAqB,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAC/F,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAC9D,YAAY,EAAE,SAAS,EAAE,iBAAiB,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AACxF,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChF,YAAY,EACV,kBAAkB,EAClB,kBAAkB,EAClB,YAAY,EACZ,WAAW,EACX,QAAQ,GACT,MAAM,iBAAiB,CAAC;AAEzB,OAAO,EACL,iBAAiB,EACjB,uBAAuB,EACvB,mBAAmB,EACnB,yBAAyB,GAC1B,MAAM,UAAU,CAAC;AAClB,YAAY,EACV,wBAAwB,EACxB,0BAA0B,EAC1B,oBAAoB,GACrB,MAAM,UAAU,CAAC"}
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
export * from "./types.js";
|
|
2
|
+
export * from "./adapter.js";
|
|
3
|
+
export * from "./password.js";
|
|
4
|
+
export * from "./rsql.js";
|
|
5
|
+
export * from "./scope.js";
|
|
6
|
+
export * from "./middleware.js";
|
|
7
|
+
export * from "./routes.js";
|
|
8
|
+
export { createCsrfMiddleware, issueCsrfToken, generateCsrfToken, } from "./csrf.js";
|
|
9
|
+
export { LoginThrottle, } from "./login-throttle.js";
|
|
10
|
+
export { InMemoryVerificationTokenStore, issueToken, verifyToken, hashToken, generateToken, } from "./verification.js";
|
|
11
|
+
export { issuePasswordResetToken, verifyPasswordResetToken, hashNewPassword, } from "./password-reset.js";
|
|
12
|
+
export { base32Encode, base32Decode, generateTotpSecret, generateTotp, verifyTotp, getTotpUri, generateBackupCodes, verifyBackupCode, } from "./totp.js";
|
|
13
|
+
export { issueMagicLinkToken, consumeMagicLinkToken, } from "./magic-link.js";
|
|
14
|
+
export { createApiKey, verifyApiKey, rotateApiKey, revokeApiKey, listApiKeys, InMemoryApiKeyStore, } from "./api-keys.js";
|
|
15
|
+
export { validatePasswordStrength, enforcePasswordStrength, builtInPasswordDenylist, } from "./password-policy.js";
|
|
16
|
+
export { createAuthAdapter, createSessionStore, } from "./config.js";
|
|
17
|
+
export { AuthJsAdapter, createAuthJsAdapter } from "./adapters/authjs.js";
|
|
18
|
+
export { PassportAdapter, createPassportAdapter, fromPassportUser } from "./adapters/passport.js";
|
|
19
|
+
export { JWTAdapter, createJWTAdapter } from "./adapters/jwt.js";
|
|
20
|
+
export { OIDCAdapter, createOIDCAdapter, oidcProviders } from "./adapters/oidc.js";
|
|
21
|
+
export { RedisSessionStore, createRedisSessionStore, DrizzleSessionStore, createDrizzleSessionStore, } from "./stores/index.js";
|
|
22
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA,cAAc,SAAS,CAAC;AACxB,cAAc,WAAW,CAAC;AAC1B,cAAc,YAAY,CAAC;AAC3B,cAAc,QAAQ,CAAC;AACvB,cAAc,SAAS,CAAC;AACxB,cAAc,cAAc,CAAC;AAC7B,cAAc,UAAU,CAAC;AACzB,OAAO,EACL,oBAAoB,EACpB,cAAc,EACd,iBAAiB,GAElB,MAAM,QAAQ,CAAC;AAChB,OAAO,EACL,aAAa,GAGd,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EACL,8BAA8B,EAC9B,UAAU,EACV,WAAW,EACX,SAAS,EACT,aAAa,GAGd,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,uBAAuB,EACvB,wBAAwB,EACxB,eAAe,GAEhB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EACL,YAAY,EACZ,YAAY,EACZ,kBAAkB,EAClB,YAAY,EACZ,UAAU,EACV,UAAU,EACV,mBAAmB,EACnB,gBAAgB,GAIjB,MAAM,QAAQ,CAAC;AAChB,OAAO,EACL,mBAAmB,EACnB,qBAAqB,GAEtB,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,WAAW,EACX,mBAAmB,GAQpB,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,wBAAwB,EACxB,uBAAuB,EACvB,uBAAuB,GAGxB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,iBAAiB,EACjB,kBAAkB,GAKnB,MAAM,UAAU,CAAC;AAElB,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACvE,OAAO,EAAE,eAAe,EAAE,qBAAqB,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAC/F,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAE9D,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAShF,OAAO,EACL,iBAAiB,EACjB,uBAAuB,EACvB,mBAAmB,EACnB,yBAAyB,GAC1B,MAAM,UAAU,CAAC"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import type { RateLimitStore } from "../middleware/rateLimit.js";
|
|
2
|
+
export interface LoginThrottleOptions {
|
|
3
|
+
maxAttempts?: number;
|
|
4
|
+
windowMs?: number;
|
|
5
|
+
store?: RateLimitStore;
|
|
6
|
+
}
|
|
7
|
+
export interface ThrottleCheck {
|
|
8
|
+
locked: boolean;
|
|
9
|
+
retryAfterSeconds: number;
|
|
10
|
+
}
|
|
11
|
+
export declare class LoginThrottle {
|
|
12
|
+
private store;
|
|
13
|
+
private maxAttempts;
|
|
14
|
+
private windowMs;
|
|
15
|
+
constructor(options?: LoginThrottleOptions);
|
|
16
|
+
private keys;
|
|
17
|
+
recordFailure(identifier: string, ip: string): Promise<ThrottleCheck>;
|
|
18
|
+
check(identifier: string, ip: string): Promise<ThrottleCheck>;
|
|
19
|
+
reset(identifier: string, ip: string): Promise<void>;
|
|
20
|
+
}
|
|
21
|
+
//# sourceMappingURL=login-throttle.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"login-throttle.d.ts","sourceRoot":"","sources":["../../src/auth/login-throttle.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAG7D,MAAM,WAAW,oBAAoB;IACnC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,cAAc,CAAC;CACxB;AAED,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,OAAO,CAAC;IAChB,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAOD,qBAAa,aAAa;IACxB,OAAO,CAAC,KAAK,CAAiB;IAC9B,OAAO,CAAC,WAAW,CAAS;IAC5B,OAAO,CAAC,QAAQ,CAAS;gBAEb,OAAO,GAAE,oBAAyB;IAM9C,OAAO,CAAC,IAAI;IAIN,aAAa,CAAC,UAAU,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAgBrE,KAAK,CAAC,UAAU,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAmB7D,KAAK,CAAC,UAAU,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAK3D"}
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
import { InMemoryRateLimitStore } from "../middleware/rateLimit.js";
|
|
2
|
+
const DEFAULTS = {
|
|
3
|
+
maxAttempts: 5,
|
|
4
|
+
windowMs: 15 * 60 * 1000,
|
|
5
|
+
};
|
|
6
|
+
export class LoginThrottle {
|
|
7
|
+
constructor(options = {}) {
|
|
8
|
+
this.store = options.store ?? new InMemoryRateLimitStore();
|
|
9
|
+
this.maxAttempts = options.maxAttempts ?? DEFAULTS.maxAttempts;
|
|
10
|
+
this.windowMs = options.windowMs ?? DEFAULTS.windowMs;
|
|
11
|
+
}
|
|
12
|
+
keys(identifier, ip) {
|
|
13
|
+
return [`login:id:${identifier.toLowerCase()}`, `login:ip:${ip}`];
|
|
14
|
+
}
|
|
15
|
+
async recordFailure(identifier, ip) {
|
|
16
|
+
let locked = false;
|
|
17
|
+
let retryAfterSeconds = 0;
|
|
18
|
+
for (const key of this.keys(identifier, ip)) {
|
|
19
|
+
const info = await this.store.increment(key, this.windowMs);
|
|
20
|
+
if (info.count >= this.maxAttempts) {
|
|
21
|
+
locked = true;
|
|
22
|
+
const remaining = Math.ceil((info.resetAt - Date.now()) / 1000);
|
|
23
|
+
retryAfterSeconds = Math.max(retryAfterSeconds, remaining, 1);
|
|
24
|
+
}
|
|
25
|
+
}
|
|
26
|
+
return { locked, retryAfterSeconds };
|
|
27
|
+
}
|
|
28
|
+
async check(identifier, ip) {
|
|
29
|
+
let locked = false;
|
|
30
|
+
let retryAfterSeconds = 0;
|
|
31
|
+
for (const key of this.keys(identifier, ip)) {
|
|
32
|
+
const info = await this.store.increment(key, this.windowMs);
|
|
33
|
+
const count = info.count;
|
|
34
|
+
const resetAt = info.resetAt;
|
|
35
|
+
await this.store.decrement(key);
|
|
36
|
+
if (count > this.maxAttempts) {
|
|
37
|
+
locked = true;
|
|
38
|
+
const remaining = Math.ceil((resetAt - Date.now()) / 1000);
|
|
39
|
+
retryAfterSeconds = Math.max(retryAfterSeconds, remaining, 1);
|
|
40
|
+
}
|
|
41
|
+
}
|
|
42
|
+
return { locked, retryAfterSeconds };
|
|
43
|
+
}
|
|
44
|
+
async reset(identifier, ip) {
|
|
45
|
+
for (const key of this.keys(identifier, ip)) {
|
|
46
|
+
await this.store.reset(key);
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
//# sourceMappingURL=login-throttle.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"login-throttle.js","sourceRoot":"","sources":["../../src/auth/login-throttle.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,sBAAsB,EAAE,MAAM,wBAAwB,CAAC;AAahE,MAAM,QAAQ,GAAG;IACf,WAAW,EAAE,CAAC;IACd,QAAQ,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI;CACzB,CAAC;AAEF,MAAM,OAAO,aAAa;IAKxB,YAAY,UAAgC,EAAE;QAC5C,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,IAAI,sBAAsB,EAAE,CAAC;QAC3D,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,QAAQ,CAAC,WAAW,CAAC;QAC/D,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,QAAQ,CAAC,QAAQ,CAAC;IACxD,CAAC;IAEO,IAAI,CAAC,UAAkB,EAAE,EAAU;QACzC,OAAO,CAAC,YAAY,UAAU,CAAC,WAAW,EAAE,EAAE,EAAE,YAAY,EAAE,EAAE,CAAC,CAAC;IACpE,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,UAAkB,EAAE,EAAU;QAChD,IAAI,MAAM,GAAG,KAAK,CAAC;QACnB,IAAI,iBAAiB,GAAG,CAAC,CAAC;QAE1B,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,EAAE,CAAC,EAAE,CAAC;YAC5C,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC5D,IAAI,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;gBACnC,MAAM,GAAG,IAAI,CAAC;gBACd,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;gBAChE,iBAAiB,GAAG,IAAI,CAAC,GAAG,CAAC,iBAAiB,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;YAChE,CAAC;QACH,CAAC;QAED,OAAO,EAAE,MAAM,EAAE,iBAAiB,EAAE,CAAC;IACvC,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,UAAkB,EAAE,EAAU;QACxC,IAAI,MAAM,GAAG,KAAK,CAAC;QACnB,IAAI,iBAAiB,GAAG,CAAC,CAAC;QAE1B,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,EAAE,CAAC,EAAE,CAAC;YAC5C,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC5D,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;YACzB,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC;YAC7B,MAAM,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YAChC,IAAI,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;gBAC7B,MAAM,GAAG,IAAI,CAAC;gBACd,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;gBAC3D,iBAAiB,GAAG,IAAI,CAAC,GAAG,CAAC,iBAAiB,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;YAChE,CAAC;QACH,CAAC;QAED,OAAO,EAAE,MAAM,EAAE,iBAAiB,EAAE,CAAC;IACvC,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,UAAkB,EAAE,EAAU;QACxC,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,EAAE,CAAC,EAAE,CAAC;YAC5C,MAAM,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC;CACF"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import { VerificationTokenStore } from "./verification.js";
|
|
2
|
+
export interface MagicLinkOptions {
|
|
3
|
+
store: VerificationTokenStore;
|
|
4
|
+
ttlMs?: number;
|
|
5
|
+
hashTokens?: boolean;
|
|
6
|
+
tokenLength?: number;
|
|
7
|
+
}
|
|
8
|
+
export declare const issueMagicLinkToken: (identifier: string, options: MagicLinkOptions) => Promise<{
|
|
9
|
+
token: string;
|
|
10
|
+
expiresAt: Date;
|
|
11
|
+
}>;
|
|
12
|
+
export declare const consumeMagicLinkToken: (identifier: string, token: string, options: MagicLinkOptions) => Promise<boolean>;
|
|
13
|
+
//# sourceMappingURL=magic-link.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"magic-link.d.ts","sourceRoot":"","sources":["../../src/auth/magic-link.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,sBAAsB,EAGvB,MAAM,gBAAgB,CAAC;AAExB,MAAM,WAAW,gBAAgB;IAC/B,KAAK,EAAE,sBAAsB,CAAC;IAC9B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAID,eAAO,MAAM,mBAAmB,GAC9B,YAAY,MAAM,EAClB,SAAS,gBAAgB,KACxB,OAAO,CAAC;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,IAAI,CAAA;CAAE,CAK5C,CAAC;AAEF,eAAO,MAAM,qBAAqB,GAChC,YAAY,MAAM,EAClB,OAAO,MAAM,EACb,SAAS,gBAAgB,KACxB,OAAO,CAAC,OAAO,CAIjB,CAAC"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import { issueToken, verifyToken, } from "./verification.js";
|
|
2
|
+
const DEFAULT_TTL_MS = 15 * 60 * 1000;
|
|
3
|
+
export const issueMagicLinkToken = async (identifier, options) => {
|
|
4
|
+
return issueToken(options.store, identifier, options.ttlMs ?? DEFAULT_TTL_MS, {
|
|
5
|
+
hash: options.hashTokens,
|
|
6
|
+
tokenLength: options.tokenLength,
|
|
7
|
+
});
|
|
8
|
+
};
|
|
9
|
+
export const consumeMagicLinkToken = async (identifier, token, options) => {
|
|
10
|
+
return verifyToken(options.store, identifier, token, {
|
|
11
|
+
hash: options.hashTokens,
|
|
12
|
+
});
|
|
13
|
+
};
|
|
14
|
+
//# sourceMappingURL=magic-link.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"magic-link.js","sourceRoot":"","sources":["../../src/auth/magic-link.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,UAAU,EACV,WAAW,GACZ,MAAM,gBAAgB,CAAC;AASxB,MAAM,cAAc,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AAEtC,MAAM,CAAC,MAAM,mBAAmB,GAAG,KAAK,EACtC,UAAkB,EAClB,OAAyB,EACoB,EAAE;IAC/C,OAAO,UAAU,CAAC,OAAO,CAAC,KAAK,EAAE,UAAU,EAAE,OAAO,CAAC,KAAK,IAAI,cAAc,EAAE;QAC5E,IAAI,EAAE,OAAO,CAAC,UAAU;QACxB,WAAW,EAAE,OAAO,CAAC,WAAW;KACjC,CAAC,CAAC;AACL,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,qBAAqB,GAAG,KAAK,EACxC,UAAkB,EAClB,KAAa,EACb,OAAyB,EACP,EAAE;IACpB,OAAO,WAAW,CAAC,OAAO,CAAC,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE;QACnD,IAAI,EAAE,OAAO,CAAC,UAAU;KACzB,CAAC,CAAC;AACL,CAAC,CAAC"}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import type { Context, MiddlewareHandler } from "hono";
|
|
2
|
+
import { AuthAdapter, AuthMiddlewareOptions } from "./types.js";
|
|
3
|
+
import { UserContext } from "../resource/types.js";
|
|
4
|
+
export declare const createAuthMiddleware: (adapter: AuthAdapter, options?: AuthMiddlewareOptions) => MiddlewareHandler;
|
|
5
|
+
export declare const requireAuth: (options?: {
|
|
6
|
+
message?: string;
|
|
7
|
+
}) => MiddlewareHandler;
|
|
8
|
+
export declare const optionalAuth: () => MiddlewareHandler;
|
|
9
|
+
export declare const requirePermission: (permission: string) => MiddlewareHandler;
|
|
10
|
+
export declare const requireRole: (...roles: string[]) => MiddlewareHandler;
|
|
11
|
+
export declare const requireOwnership: (getResourceOwnerId: (c: Context) => string | Promise<string>, options?: {
|
|
12
|
+
allowAdmin?: boolean;
|
|
13
|
+
adminCheck?: (c: Context) => boolean;
|
|
14
|
+
}) => MiddlewareHandler;
|
|
15
|
+
export declare const refreshSession: (adapter: AuthAdapter) => MiddlewareHandler;
|
|
16
|
+
export declare const createLogoutHandler: (adapter: AuthAdapter) => (c: Context) => Promise<Response>;
|
|
17
|
+
export declare const getUser: (c: Context) => UserContext | undefined;
|
|
18
|
+
export declare const getSession: (c: Context) => import("./types.js").SessionData | undefined;
|
|
19
|
+
export declare const rateByUser: (c: Context) => string;
|
|
20
|
+
//# sourceMappingURL=middleware.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/auth/middleware.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,iBAAiB,EAAE,MAAM,MAAM,CAAC;AAEvD,OAAO,EACL,WAAW,EACX,qBAAqB,EACtB,MAAM,SAAS,CAAC;AAEjB,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAG/C,eAAO,MAAM,oBAAoB,GAC/B,SAAS,WAAW,EACpB,UAAS,qBAA0B,KAClC,iBAmCF,CAAC;AAEF,eAAO,MAAM,WAAW,GACtB,UAAS;IAAE,OAAO,CAAC,EAAE,MAAM,CAAA;CAAO,KACjC,iBAOF,CAAC;AAEF,eAAO,MAAM,YAAY,QAAO,iBAE/B,CAAC;AAEF,eAAO,MAAM,iBAAiB,GAAI,YAAY,MAAM,KAAG,iBActD,CAAC;AAEF,eAAO,MAAM,WAAW,GAAI,GAAG,OAAO,MAAM,EAAE,KAAG,iBAchD,CAAC;AAEF,eAAO,MAAM,gBAAgB,GAC3B,oBAAoB,CAAC,CAAC,EAAE,OAAO,KAAK,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,EAC5D,UAAS;IAAE,UAAU,CAAC,EAAE,OAAO,CAAC;IAAC,UAAU,CAAC,EAAE,CAAC,CAAC,EAAE,OAAO,KAAK,OAAO,CAAA;CAAO,KAC3E,iBAkBF,CAAC;AAEF,eAAO,MAAM,cAAc,GAAI,SAAS,WAAW,KAAG,iBAWrD,CAAC;AAEF,eAAO,MAAM,mBAAmB,GAAI,SAAS,WAAW,MACxC,GAAG,OAAO,KAAG,OAAO,CAAC,QAAQ,CAU5C,CAAC;AAEF,eAAO,MAAM,OAAO,GAAI,GAAG,OAAO,KAAG,WAAW,GAAG,SAElD,CAAC;AAEF,eAAO,MAAM,UAAU,GAAI,GAAG,OAAO,8CAEpC,CAAC;AAEF,eAAO,MAAM,UAAU,GAAI,GAAG,OAAO,KAAG,MAEvC,CAAC"}
|