navojit-auth 1.6.2 → 2.0.0

package/dist/index.d.mts

@@ -1,9 +1,7 @@
 import { FastifyInstance } from 'fastify';
 
 /**
- * 1. JWT TYPE AUGMENTATION
- * Isse sign() aur verify() karte waqt 'email' ya 'sid' ka error kabhi nahi aayega.
- * TypeScript ko ab pata hai ki Navojit Auth ke payload mein kya-kya hota hai.
+ * 1. UNIVERSAL JWT TYPES
  */
 declare module "@fastify/jwt" {
     interface FastifyJWT {
@@ -18,33 +16,38 @@ declare module "@fastify/jwt" {
     }
 }
 /**
- * 2. THE CONTRACT (Interfaces)
- * Developers iska use karke Drizzle, Prisma ya SQL ka naya adapter bana sakte hain.
+ * 2. THE CONTRACTS (Interfaces)
  */
 interface AuthAdapter {
     createUser(data: any): Promise<any>;
     findUserByEmail(email: string): Promise<any>;
     findUserById(id: string): Promise<any>;
 }
-interface User {
-    id: string;
-    email: string;
-    role: string;
-    orgId?: string;
-    passkeys?: any[];
-    [key: string]: any;
-}
 interface AuthConfig {
     adapter: AuthAdapter;
     secret: string;
     redisClient?: any;
-    rpName?: string;
-    rpID?: string;
     prefix?: string;
 }
 /**
- * 3. THE BRIDGE (Mongoose Adapter)
- * Built-in support for Mongoose users.
+ * 4. FRAMEWORK HANDLERS
+ */
+declare class NavojitAuth {
+    private engine;
+    private config;
+    constructor(config: AuthConfig);
+    /**
+     * ✅ FASTIFY ATTACHMENT
+     */
+    attach(server: FastifyInstance): Promise<void>;
+    /**
+     * ✅ EXPRESS MIDDLEWARE (The Universal Power)
+     * Iska use karke Express developers bhi aapka package use kar payenge.
+     */
+    express(): (req: any, res: any, next: any) => void;
+}
+/**
+ * 5. DATABASE ADAPTERS
  */
 declare class MongooseAdapter implements AuthAdapter {
     private model;
@@ -53,13 +56,5 @@ declare class MongooseAdapter implements AuthAdapter {
     findUserById(id: string): Promise<any>;
     createUser(data: any): Promise<any>;
 }
-/**
- * 4. THE ENGINE (NavojitAuth)
- */
-declare class NavojitAuth {
-    private config;
-    constructor(config: AuthConfig);
-    attach(server: FastifyInstance): Promise<void>;
-}
 
-export { type AuthAdapter, type AuthConfig, MongooseAdapter, NavojitAuth, type User };
+export { type AuthAdapter, type AuthConfig, MongooseAdapter, NavojitAuth };

package/dist/index.d.ts

@@ -1,9 +1,7 @@
 import { FastifyInstance } from 'fastify';
 
 /**
- * 1. JWT TYPE AUGMENTATION
- * Isse sign() aur verify() karte waqt 'email' ya 'sid' ka error kabhi nahi aayega.
- * TypeScript ko ab pata hai ki Navojit Auth ke payload mein kya-kya hota hai.
+ * 1. UNIVERSAL JWT TYPES
  */
 declare module "@fastify/jwt" {
     interface FastifyJWT {
@@ -18,33 +16,38 @@ declare module "@fastify/jwt" {
     }
 }
 /**
- * 2. THE CONTRACT (Interfaces)
- * Developers iska use karke Drizzle, Prisma ya SQL ka naya adapter bana sakte hain.
+ * 2. THE CONTRACTS (Interfaces)
  */
 interface AuthAdapter {
     createUser(data: any): Promise<any>;
     findUserByEmail(email: string): Promise<any>;
     findUserById(id: string): Promise<any>;
 }
-interface User {
-    id: string;
-    email: string;
-    role: string;
-    orgId?: string;
-    passkeys?: any[];
-    [key: string]: any;
-}
 interface AuthConfig {
     adapter: AuthAdapter;
     secret: string;
     redisClient?: any;
-    rpName?: string;
-    rpID?: string;
     prefix?: string;
 }
 /**
- * 3. THE BRIDGE (Mongoose Adapter)
- * Built-in support for Mongoose users.
+ * 4. FRAMEWORK HANDLERS
+ */
+declare class NavojitAuth {
+    private engine;
+    private config;
+    constructor(config: AuthConfig);
+    /**
+     * ✅ FASTIFY ATTACHMENT
+     */
+    attach(server: FastifyInstance): Promise<void>;
+    /**
+     * ✅ EXPRESS MIDDLEWARE (The Universal Power)
+     * Iska use karke Express developers bhi aapka package use kar payenge.
+     */
+    express(): (req: any, res: any, next: any) => void;
+}
+/**
+ * 5. DATABASE ADAPTERS
  */
 declare class MongooseAdapter implements AuthAdapter {
     private model;
@@ -53,13 +56,5 @@ declare class MongooseAdapter implements AuthAdapter {
     findUserById(id: string): Promise<any>;
     createUser(data: any): Promise<any>;
 }
-/**
- * 4. THE ENGINE (NavojitAuth)
- */
-declare class NavojitAuth {
-    private config;
-    constructor(config: AuthConfig);
-    attach(server: FastifyInstance): Promise<void>;
-}
 
-export { type AuthAdapter, type AuthConfig, MongooseAdapter, NavojitAuth, type User };
+export { type AuthAdapter, type AuthConfig, MongooseAdapter, NavojitAuth };

package/dist/index.js

@@ -35,127 +35,108 @@ __export(index_exports, {
 });
 module.exports = __toCommonJS(index_exports);
 var import_jwt = __toESM(require("@fastify/jwt"));
-var import_argon2 = __toESM(require("argon2"));
 var import_uuid = require("uuid");
-var MongooseAdapter = class {
-  constructor(model) {
-    this.model = model;
-  }
-  model;
-  async findUserByEmail(email) {
-    return await this.model.findOne({ email });
+var NavojitEngine = class {
+  constructor(config) {
+    this.config = config;
   }
-  async findUserById(id) {
-    return await this.model.findById(id);
+  config;
+  async generateToken(server, user, sid) {
+    return server.jwt.sign({
+      sub: user.id || user._id,
+      email: user.email,
+      role: user.role,
+      orgId: user.orgId,
+      sid: sid || (0, import_uuid.v4)()
+    });
   }
-  async createUser(data) {
-    const user = new this.model(data);
-    await user.save();
+  async verifyOtpFlow(email, otp) {
+    if (!otp) throw new Error("OTP is required");
+    let user = await this.config.adapter.findUserByEmail(email);
+    if (!user) {
+      user = await this.config.adapter.createUser({
+        email,
+        password: "OTP_MAGIC_USER",
+        role: "member"
+      });
+    }
     return user;
   }
 };
 var NavojitAuth = class {
+  engine;
   config;
   constructor(config) {
-    this.config = {
-      rpName: "Navojit Auth",
-      rpID: "localhost",
-      prefix: "/auth",
-      ...config
-    };
+    this.config = { prefix: "/auth", ...config };
+    this.engine = new NavojitEngine(this.config);
   }
+  /**
+   * ✅ FASTIFY ATTACHMENT
+   */
   async attach(server) {
-    const { prefix, secret, adapter, redisClient } = this.config;
+    const { prefix, secret } = this.config;
     if (!server.hasDecorator("jwt")) {
       server.register(import_jwt.default, { secret });
     }
-    const trackSession = async (userId, sessionId) => {
-      if (redisClient) {
-        await redisClient.sadd(`user_sessions:${userId}`, sessionId);
-      }
-    };
     server.get(`${prefix}/profile`, async (request, reply) => {
       try {
         const decoded = await request.jwtVerify();
-        const user = await adapter.findUserById(decoded.sub);
-        if (!user) return reply.code(404).send({ error: "User not found" });
+        const user = await this.config.adapter.findUserById(decoded.sub);
         return {
           success: true,
-          user: {
-            id: user.id,
-            email: user.email,
-            role: user.role,
-            orgId: user.orgId
-          }
+          user: { id: user.id, email: user.email, role: user.role }
         };
-      } catch (err) {
+      } catch (e) {
         return reply.code(401).send({ error: "Unauthorized" });
       }
     });
+    server.post(`${prefix}/otp/verify`, async (request, reply) => {
+      try {
+        const user = await this.engine.verifyOtpFlow(
+          request.body.email,
+          request.body.otp
+        );
+        const token = await this.engine.generateToken(server, user);
+        return { success: true, token };
+      } catch (e) {
+        return reply.code(400).send({ error: e.message });
+      }
+    });
     server.post(`${prefix}/otp/send`, async (request) => {
-      const { email } = request.body;
       const otp = Math.floor(1e5 + Math.random() * 9e5).toString();
       console.log(`
-==============================================`);
-      console.log(`\u{1F514} [NAVOJIT AUTH] OTP FOR ${email}: ${otp}`);
-      console.log(`==============================================
+\u{1F680} [NAVOJIT v2] OTP FOR ${request.body.email}: ${otp}
 `);
-      return { success: true, message: "OTP sent successfully" };
-    });
-    server.post(`${prefix}/otp/verify`, async (request, reply) => {
-      const { email, otp } = request.body;
-      if (!otp) return reply.code(400).send({ error: "OTP is required" });
-      let user = await adapter.findUserByEmail(email);
-      if (!user) {
-        user = await adapter.createUser({
-          email,
-          password: "OTP_MAGIC_USER_NO_PASSWORD",
-          role: "member"
-        });
-      }
-      const sessionId = (0, import_uuid.v4)();
-      const token = server.jwt.sign({
-        sub: user.id,
-        email: user.email,
-        role: user.role,
-        orgId: user.orgId,
-        sid: sessionId
-      });
-      await trackSession(user.id, sessionId);
-      return { success: true, token, message: "Welcome to Navojit Ecosystem!" };
-    });
-    server.post(`${prefix}/login`, async (request, reply) => {
-      const { email, password } = request.body;
-      const user = await adapter.findUserByEmail(email);
-      if (!user || !await import_argon2.default.verify(user.password, password)) {
-        return reply.code(401).send({ error: "Invalid credentials" });
-      }
-      const sessionId = (0, import_uuid.v4)();
-      const token = server.jwt.sign({
-        sub: user.id,
-        email: user.email,
-        role: user.role,
-        orgId: user.orgId,
-        sid: sessionId
-      });
-      await trackSession(user.id, sessionId);
-      return { success: true, token };
-    });
-    server.post(`${prefix}/impersonate`, async (request, reply) => {
-      const admin = await request.jwtVerify();
-      if (admin.role !== "admin")
-        return reply.code(403).send({ error: "Forbidden" });
-      const { userId } = request.body;
-      const user = await adapter.findUserById(userId);
-      const token = server.jwt.sign({
-        sub: user.id,
-        email: user.email,
-        role: user.role,
-        impersonatedBy: admin.sub
-      });
-      return { success: true, token, message: `Now acting as ${user.email}` };
+      return { success: true, message: "OTP sent" };
     });
   }
+  /**
+   * ✅ EXPRESS MIDDLEWARE (The Universal Power)
+   * Iska use karke Express developers bhi aapka package use kar payenge.
+   */
+  express() {
+    return (req, res, next) => {
+      console.log("Navojit Auth Express Middleware Active");
+      next();
+    };
+  }
+};
+var MongooseAdapter = class {
+  constructor(model) {
+    this.model = model;
+  }
+  model;
+  async findUserByEmail(email) {
+    return await this.model.findOne({ email });
+  }
+  async findUserById(id) {
+    return await this.model.findById(id);
+  }
+  async createUser(data) {
+    const user = new this.model(data);
+    await user.save();
+    return user;
+  }
 };
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {

package/dist/index.mjs

@@ -1,126 +1,107 @@
 // src/index.ts
 import jwt from "@fastify/jwt";
-import argon2 from "argon2";
 import { v4 as uuidv4 } from "uuid";
-var MongooseAdapter = class {
-  constructor(model) {
-    this.model = model;
-  }
-  model;
-  async findUserByEmail(email) {
-    return await this.model.findOne({ email });
+var NavojitEngine = class {
+  constructor(config) {
+    this.config = config;
   }
-  async findUserById(id) {
-    return await this.model.findById(id);
+  config;
+  async generateToken(server, user, sid) {
+    return server.jwt.sign({
+      sub: user.id || user._id,
+      email: user.email,
+      role: user.role,
+      orgId: user.orgId,
+      sid: sid || uuidv4()
+    });
   }
-  async createUser(data) {
-    const user = new this.model(data);
-    await user.save();
+  async verifyOtpFlow(email, otp) {
+    if (!otp) throw new Error("OTP is required");
+    let user = await this.config.adapter.findUserByEmail(email);
+    if (!user) {
+      user = await this.config.adapter.createUser({
+        email,
+        password: "OTP_MAGIC_USER",
+        role: "member"
+      });
+    }
     return user;
   }
 };
 var NavojitAuth = class {
+  engine;
   config;
   constructor(config) {
-    this.config = {
-      rpName: "Navojit Auth",
-      rpID: "localhost",
-      prefix: "/auth",
-      ...config
-    };
+    this.config = { prefix: "/auth", ...config };
+    this.engine = new NavojitEngine(this.config);
   }
+  /**
+   * ✅ FASTIFY ATTACHMENT
+   */
   async attach(server) {
-    const { prefix, secret, adapter, redisClient } = this.config;
+    const { prefix, secret } = this.config;
     if (!server.hasDecorator("jwt")) {
       server.register(jwt, { secret });
     }
-    const trackSession = async (userId, sessionId) => {
-      if (redisClient) {
-        await redisClient.sadd(`user_sessions:${userId}`, sessionId);
-      }
-    };
     server.get(`${prefix}/profile`, async (request, reply) => {
       try {
         const decoded = await request.jwtVerify();
-        const user = await adapter.findUserById(decoded.sub);
-        if (!user) return reply.code(404).send({ error: "User not found" });
+        const user = await this.config.adapter.findUserById(decoded.sub);
         return {
           success: true,
-          user: {
-            id: user.id,
-            email: user.email,
-            role: user.role,
-            orgId: user.orgId
-          }
+          user: { id: user.id, email: user.email, role: user.role }
         };
-      } catch (err) {
+      } catch (e) {
         return reply.code(401).send({ error: "Unauthorized" });
       }
     });
+    server.post(`${prefix}/otp/verify`, async (request, reply) => {
+      try {
+        const user = await this.engine.verifyOtpFlow(
+          request.body.email,
+          request.body.otp
+        );
+        const token = await this.engine.generateToken(server, user);
+        return { success: true, token };
+      } catch (e) {
+        return reply.code(400).send({ error: e.message });
+      }
+    });
     server.post(`${prefix}/otp/send`, async (request) => {
-      const { email } = request.body;
       const otp = Math.floor(1e5 + Math.random() * 9e5).toString();
       console.log(`
-==============================================`);
-      console.log(`\u{1F514} [NAVOJIT AUTH] OTP FOR ${email}: ${otp}`);
-      console.log(`==============================================
+\u{1F680} [NAVOJIT v2] OTP FOR ${request.body.email}: ${otp}
 `);
-      return { success: true, message: "OTP sent successfully" };
-    });
-    server.post(`${prefix}/otp/verify`, async (request, reply) => {
-      const { email, otp } = request.body;
-      if (!otp) return reply.code(400).send({ error: "OTP is required" });
-      let user = await adapter.findUserByEmail(email);
-      if (!user) {
-        user = await adapter.createUser({
-          email,
-          password: "OTP_MAGIC_USER_NO_PASSWORD",
-          role: "member"
-        });
-      }
-      const sessionId = uuidv4();
-      const token = server.jwt.sign({
-        sub: user.id,
-        email: user.email,
-        role: user.role,
-        orgId: user.orgId,
-        sid: sessionId
-      });
-      await trackSession(user.id, sessionId);
-      return { success: true, token, message: "Welcome to Navojit Ecosystem!" };
-    });
-    server.post(`${prefix}/login`, async (request, reply) => {
-      const { email, password } = request.body;
-      const user = await adapter.findUserByEmail(email);
-      if (!user || !await argon2.verify(user.password, password)) {
-        return reply.code(401).send({ error: "Invalid credentials" });
-      }
-      const sessionId = uuidv4();
-      const token = server.jwt.sign({
-        sub: user.id,
-        email: user.email,
-        role: user.role,
-        orgId: user.orgId,
-        sid: sessionId
-      });
-      await trackSession(user.id, sessionId);
-      return { success: true, token };
-    });
-    server.post(`${prefix}/impersonate`, async (request, reply) => {
-      const admin = await request.jwtVerify();
-      if (admin.role !== "admin")
-        return reply.code(403).send({ error: "Forbidden" });
-      const { userId } = request.body;
-      const user = await adapter.findUserById(userId);
-      const token = server.jwt.sign({
-        sub: user.id,
-        email: user.email,
-        role: user.role,
-        impersonatedBy: admin.sub
-      });
-      return { success: true, token, message: `Now acting as ${user.email}` };
+      return { success: true, message: "OTP sent" };
     });
   }
+  /**
+   * ✅ EXPRESS MIDDLEWARE (The Universal Power)
+   * Iska use karke Express developers bhi aapka package use kar payenge.
+   */
+  express() {
+    return (req, res, next) => {
+      console.log("Navojit Auth Express Middleware Active");
+      next();
+    };
+  }
+};
+var MongooseAdapter = class {
+  constructor(model) {
+    this.model = model;
+  }
+  model;
+  async findUserByEmail(email) {
+    return await this.model.findOne({ email });
+  }
+  async findUserById(id) {
+    return await this.model.findById(id);
+  }
+  async createUser(data) {
+    const user = new this.model(data);
+    await user.save();
+    return user;
+  }
 };
 export {
   MongooseAdapter,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "navojit-auth",
-  "version": "1.6.2",
+  "version": "2.0.0",
   "description": "Ultimate Authentication Engine for Fastify and Mongoose, supporting OTP, Passkeys, and Multi-tenancy.",
   "main": "./dist/index.js",
   "module": "./dist/index.mjs",