naystack 1.1.11 → 1.1.12-beta.1

package/dist/auth/email/routes/post.cjs.js

@@ -0,0 +1,149 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/auth/email/routes/post.ts
+var post_exports = {};
+__export(post_exports, {
+  getPostRoute: () => getPostRoute
+});
+module.exports = __toCommonJS(post_exports);
+var import_bcryptjs2 = require("bcryptjs");
+
+// src/auth/utils/errors.ts
+var import_server = require("next/server");
+function handleError(status, message, onError) {
+  const res = onError?.({ status, message });
+  if (res) return res;
+  return new import_server.NextResponse(message, { status });
+}
+
+// src/auth/email/token.ts
+var import_bcryptjs = require("bcryptjs");
+var import_jsonwebtoken = require("jsonwebtoken");
+var import_server2 = require("next/server");
+function generateAccessToken(id, signingKey) {
+  return (0, import_jsonwebtoken.sign)({ id }, signingKey, {
+    expiresIn: "2h"
+  });
+}
+function generateRefreshToken(id, refreshKey) {
+  return (0, import_jsonwebtoken.sign)({ id }, refreshKey);
+}
+function getTokenizedResponse(accessToken, refreshToken) {
+  const body = { accessToken, refreshToken };
+  const response = import_server2.NextResponse.json(body, {
+    status: 200
+  });
+  if (!accessToken) {
+    response.cookies.set("refresh", "", {
+      secure: false,
+      httpOnly: true,
+      expires: 0
+    });
+  }
+  if (refreshToken !== void 0) {
+    response.cookies.set("refresh", refreshToken, {
+      secure: false,
+      httpOnly: true,
+      expires: refreshToken === "" ? 0 : new Date(Date.now() + 60 * 60 * 24 * 365 * 1e3)
+    });
+  }
+  return response;
+}
+function verifyUser(user, password) {
+  if (!user.password) return false;
+  return (0, import_bcryptjs.compare)(password, user.password);
+}
+
+// src/auth/email/utils.ts
+async function massageRequest(req, options) {
+  const data = await req.json();
+  if (!data.email || !data.password)
+    return {
+      error: handleError(400, "Missing email or password", options.onError)
+    };
+  if (options.turnstileKey) {
+    if (!data.captchaToken)
+      return { error: handleError(400, "Missing captcha", options.onError) };
+    if (!await verifyCaptcha(data.captchaToken, options.turnstileKey))
+      return {
+        error: handleError(400, "Invalid captcha", options.onError)
+      };
+  }
+  return {
+    data: {
+      email: data.email,
+      password: data.password,
+      ...data
+    }
+  };
+}
+async function verifyCaptcha(token, secret) {
+  const res = await fetch(
+    "https://challenges.cloudflare.com/turnstile/v0/siteverify",
+    {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify({
+        secret,
+        response: token
+      })
+    }
+  );
+  if (res.ok) {
+    const data = await res.json();
+    return data.success;
+  }
+  return false;
+}
+
+// src/auth/email/routes/post.ts
+var getPostRoute = (options) => async (req) => {
+  const { data, error } = await massageRequest(req, options);
+  if (error || !data) return error;
+  const existingUser = await options.getUser(data.email);
+  if (existingUser) {
+    if (await verifyUser(existingUser, data.password)) {
+      return getTokenizedResponse(
+        generateAccessToken(existingUser.id, options.signingKey),
+        generateRefreshToken(existingUser.id, options.refreshKey)
+      );
+    }
+    return handleError(400, "A user already exists", options.onError);
+  }
+  const encryptedPassword = await (0, import_bcryptjs2.hash)(data.password, 10);
+  const newUser = await options.createUser({
+    ...data,
+    password: encryptedPassword
+  });
+  if (newUser) {
+    options.onSignUp?.(newUser);
+    return getTokenizedResponse(
+      generateAccessToken(newUser.id, options.signingKey),
+      generateRefreshToken(newUser.id, options.refreshKey)
+    );
+  }
+  return getTokenizedResponse();
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  getPostRoute
+});

package/dist/auth/email/routes/post.d.mts

@@ -0,0 +1,8 @@
+import * as next_server from 'next/server';
+import { NextRequest } from 'next/server';
+import { InitRoutesOptions } from '../types.mjs';
+import '../../types.mjs';
+
+declare const getPostRoute: (options: InitRoutesOptions) => (req: NextRequest) => Promise<next_server.NextResponse<unknown> | undefined>;
+
+export { getPostRoute };

package/dist/auth/email/routes/post.d.ts

@@ -0,0 +1,8 @@
+import * as next_server from 'next/server';
+import { NextRequest } from 'next/server';
+import { InitRoutesOptions } from '../types.js';
+import '../../types.js';
+
+declare const getPostRoute: (options: InitRoutesOptions) => (req: NextRequest) => Promise<next_server.NextResponse<unknown> | undefined>;
+
+export { getPostRoute };

package/dist/auth/email/routes/post.esm.js

@@ -0,0 +1,124 @@
+// src/auth/email/routes/post.ts
+import { hash } from "bcryptjs";
+
+// src/auth/utils/errors.ts
+import { NextResponse } from "next/server";
+function handleError(status, message, onError) {
+  const res = onError?.({ status, message });
+  if (res) return res;
+  return new NextResponse(message, { status });
+}
+
+// src/auth/email/token.ts
+import { compare } from "bcryptjs";
+import { JsonWebTokenError, sign, verify } from "jsonwebtoken";
+import { NextResponse as NextResponse2 } from "next/server";
+function generateAccessToken(id, signingKey) {
+  return sign({ id }, signingKey, {
+    expiresIn: "2h"
+  });
+}
+function generateRefreshToken(id, refreshKey) {
+  return sign({ id }, refreshKey);
+}
+function getTokenizedResponse(accessToken, refreshToken) {
+  const body = { accessToken, refreshToken };
+  const response = NextResponse2.json(body, {
+    status: 200
+  });
+  if (!accessToken) {
+    response.cookies.set("refresh", "", {
+      secure: false,
+      httpOnly: true,
+      expires: 0
+    });
+  }
+  if (refreshToken !== void 0) {
+    response.cookies.set("refresh", refreshToken, {
+      secure: false,
+      httpOnly: true,
+      expires: refreshToken === "" ? 0 : new Date(Date.now() + 60 * 60 * 24 * 365 * 1e3)
+    });
+  }
+  return response;
+}
+function verifyUser(user, password) {
+  if (!user.password) return false;
+  return compare(password, user.password);
+}
+
+// src/auth/email/utils.ts
+async function massageRequest(req, options) {
+  const data = await req.json();
+  if (!data.email || !data.password)
+    return {
+      error: handleError(400, "Missing email or password", options.onError)
+    };
+  if (options.turnstileKey) {
+    if (!data.captchaToken)
+      return { error: handleError(400, "Missing captcha", options.onError) };
+    if (!await verifyCaptcha(data.captchaToken, options.turnstileKey))
+      return {
+        error: handleError(400, "Invalid captcha", options.onError)
+      };
+  }
+  return {
+    data: {
+      email: data.email,
+      password: data.password,
+      ...data
+    }
+  };
+}
+async function verifyCaptcha(token, secret) {
+  const res = await fetch(
+    "https://challenges.cloudflare.com/turnstile/v0/siteverify",
+    {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify({
+        secret,
+        response: token
+      })
+    }
+  );
+  if (res.ok) {
+    const data = await res.json();
+    return data.success;
+  }
+  return false;
+}
+
+// src/auth/email/routes/post.ts
+var getPostRoute = (options) => async (req) => {
+  const { data, error } = await massageRequest(req, options);
+  if (error || !data) return error;
+  const existingUser = await options.getUser(data.email);
+  if (existingUser) {
+    if (await verifyUser(existingUser, data.password)) {
+      return getTokenizedResponse(
+        generateAccessToken(existingUser.id, options.signingKey),
+        generateRefreshToken(existingUser.id, options.refreshKey)
+      );
+    }
+    return handleError(400, "A user already exists", options.onError);
+  }
+  const encryptedPassword = await hash(data.password, 10);
+  const newUser = await options.createUser({
+    ...data,
+    password: encryptedPassword
+  });
+  if (newUser) {
+    options.onSignUp?.(newUser);
+    return getTokenizedResponse(
+      generateAccessToken(newUser.id, options.signingKey),
+      generateRefreshToken(newUser.id, options.refreshKey)
+    );
+  }
+  return getTokenizedResponse();
+};
+export {
+  getPostRoute
+};

package/dist/auth/email/routes/put.cjs.js

@@ -0,0 +1,135 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/auth/email/routes/put.ts
+var put_exports = {};
+__export(put_exports, {
+  getPutRoute: () => getPutRoute
+});
+module.exports = __toCommonJS(put_exports);
+
+// src/auth/utils/errors.ts
+var import_server = require("next/server");
+function handleError(status, message, onError) {
+  const res = onError?.({ status, message });
+  if (res) return res;
+  return new import_server.NextResponse(message, { status });
+}
+
+// src/auth/email/token.ts
+var import_bcryptjs = require("bcryptjs");
+var import_jsonwebtoken = require("jsonwebtoken");
+var import_server2 = require("next/server");
+function generateAccessToken(id, signingKey) {
+  return (0, import_jsonwebtoken.sign)({ id }, signingKey, {
+    expiresIn: "2h"
+  });
+}
+function generateRefreshToken(id, refreshKey) {
+  return (0, import_jsonwebtoken.sign)({ id }, refreshKey);
+}
+function getTokenizedResponse(accessToken, refreshToken) {
+  const body = { accessToken, refreshToken };
+  const response = import_server2.NextResponse.json(body, {
+    status: 200
+  });
+  if (!accessToken) {
+    response.cookies.set("refresh", "", {
+      secure: false,
+      httpOnly: true,
+      expires: 0
+    });
+  }
+  if (refreshToken !== void 0) {
+    response.cookies.set("refresh", refreshToken, {
+      secure: false,
+      httpOnly: true,
+      expires: refreshToken === "" ? 0 : new Date(Date.now() + 60 * 60 * 24 * 365 * 1e3)
+    });
+  }
+  return response;
+}
+function verifyUser(user, password) {
+  if (!user.password) return false;
+  return (0, import_bcryptjs.compare)(password, user.password);
+}
+
+// src/auth/email/utils.ts
+async function massageRequest(req, options) {
+  const data = await req.json();
+  if (!data.email || !data.password)
+    return {
+      error: handleError(400, "Missing email or password", options.onError)
+    };
+  if (options.turnstileKey) {
+    if (!data.captchaToken)
+      return { error: handleError(400, "Missing captcha", options.onError) };
+    if (!await verifyCaptcha(data.captchaToken, options.turnstileKey))
+      return {
+        error: handleError(400, "Invalid captcha", options.onError)
+      };
+  }
+  return {
+    data: {
+      email: data.email,
+      password: data.password,
+      ...data
+    }
+  };
+}
+async function verifyCaptcha(token, secret) {
+  const res = await fetch(
+    "https://challenges.cloudflare.com/turnstile/v0/siteverify",
+    {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify({
+        secret,
+        response: token
+      })
+    }
+  );
+  if (res.ok) {
+    const data = await res.json();
+    return data.success;
+  }
+  return false;
+}
+
+// src/auth/email/routes/put.ts
+var getPutRoute = (options) => async (req) => {
+  const { data, error } = await massageRequest(req, options);
+  if (error || !data) return error;
+  const user = await options.getUser(data.email);
+  if (!user)
+    return handleError(400, "A user does not exist", options.onError);
+  if (await verifyUser(user, data.password)) {
+    return getTokenizedResponse(
+      generateAccessToken(user.id, options.signingKey),
+      generateRefreshToken(user.id, options.refreshKey)
+    );
+  }
+  return handleError(403, "Invalid password", options.onError);
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  getPutRoute
+});

package/dist/auth/email/routes/put.d.mts

@@ -0,0 +1,8 @@
+import * as next_server from 'next/server';
+import { NextRequest } from 'next/server';
+import { InitRoutesOptions } from '../types.mjs';
+import '../../types.mjs';
+
+declare const getPutRoute: (options: InitRoutesOptions) => (req: NextRequest) => Promise<next_server.NextResponse<unknown> | undefined>;
+
+export { getPutRoute };

package/dist/auth/email/routes/put.d.ts

@@ -0,0 +1,8 @@
+import * as next_server from 'next/server';
+import { NextRequest } from 'next/server';
+import { InitRoutesOptions } from '../types.js';
+import '../../types.js';
+
+declare const getPutRoute: (options: InitRoutesOptions) => (req: NextRequest) => Promise<next_server.NextResponse<unknown> | undefined>;
+
+export { getPutRoute };

package/dist/auth/email/routes/put.esm.js

@@ -0,0 +1,108 @@
+// src/auth/utils/errors.ts
+import { NextResponse } from "next/server";
+function handleError(status, message, onError) {
+  const res = onError?.({ status, message });
+  if (res) return res;
+  return new NextResponse(message, { status });
+}
+
+// src/auth/email/token.ts
+import { compare } from "bcryptjs";
+import { JsonWebTokenError, sign, verify } from "jsonwebtoken";
+import { NextResponse as NextResponse2 } from "next/server";
+function generateAccessToken(id, signingKey) {
+  return sign({ id }, signingKey, {
+    expiresIn: "2h"
+  });
+}
+function generateRefreshToken(id, refreshKey) {
+  return sign({ id }, refreshKey);
+}
+function getTokenizedResponse(accessToken, refreshToken) {
+  const body = { accessToken, refreshToken };
+  const response = NextResponse2.json(body, {
+    status: 200
+  });
+  if (!accessToken) {
+    response.cookies.set("refresh", "", {
+      secure: false,
+      httpOnly: true,
+      expires: 0
+    });
+  }
+  if (refreshToken !== void 0) {
+    response.cookies.set("refresh", refreshToken, {
+      secure: false,
+      httpOnly: true,
+      expires: refreshToken === "" ? 0 : new Date(Date.now() + 60 * 60 * 24 * 365 * 1e3)
+    });
+  }
+  return response;
+}
+function verifyUser(user, password) {
+  if (!user.password) return false;
+  return compare(password, user.password);
+}
+
+// src/auth/email/utils.ts
+async function massageRequest(req, options) {
+  const data = await req.json();
+  if (!data.email || !data.password)
+    return {
+      error: handleError(400, "Missing email or password", options.onError)
+    };
+  if (options.turnstileKey) {
+    if (!data.captchaToken)
+      return { error: handleError(400, "Missing captcha", options.onError) };
+    if (!await verifyCaptcha(data.captchaToken, options.turnstileKey))
+      return {
+        error: handleError(400, "Invalid captcha", options.onError)
+      };
+  }
+  return {
+    data: {
+      email: data.email,
+      password: data.password,
+      ...data
+    }
+  };
+}
+async function verifyCaptcha(token, secret) {
+  const res = await fetch(
+    "https://challenges.cloudflare.com/turnstile/v0/siteverify",
+    {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify({
+        secret,
+        response: token
+      })
+    }
+  );
+  if (res.ok) {
+    const data = await res.json();
+    return data.success;
+  }
+  return false;
+}
+
+// src/auth/email/routes/put.ts
+var getPutRoute = (options) => async (req) => {
+  const { data, error } = await massageRequest(req, options);
+  if (error || !data) return error;
+  const user = await options.getUser(data.email);
+  if (!user)
+    return handleError(400, "A user does not exist", options.onError);
+  if (await verifyUser(user, data.password)) {
+    return getTokenizedResponse(
+      generateAccessToken(user.id, options.signingKey),
+      generateRefreshToken(user.id, options.refreshKey)
+    );
+  }
+  return handleError(403, "Invalid password", options.onError);
+};
+export {
+  getPutRoute
+};

package/dist/auth/email/token.cjs.js

@@ -0,0 +1,85 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/auth/email/token.ts
+var token_exports = {};
+__export(token_exports, {
+  generateAccessToken: () => generateAccessToken,
+  generateRefreshToken: () => generateRefreshToken,
+  getTokenizedResponse: () => getTokenizedResponse,
+  getUserIdFromRefreshToken: () => getUserIdFromRefreshToken,
+  verifyUser: () => verifyUser
+});
+module.exports = __toCommonJS(token_exports);
+var import_bcryptjs = require("bcryptjs");
+var import_jsonwebtoken = require("jsonwebtoken");
+var import_server = require("next/server");
+function generateAccessToken(id, signingKey) {
+  return (0, import_jsonwebtoken.sign)({ id }, signingKey, {
+    expiresIn: "2h"
+  });
+}
+function generateRefreshToken(id, refreshKey) {
+  return (0, import_jsonwebtoken.sign)({ id }, refreshKey);
+}
+function getTokenizedResponse(accessToken, refreshToken) {
+  const body = { accessToken, refreshToken };
+  const response = import_server.NextResponse.json(body, {
+    status: 200
+  });
+  if (!accessToken) {
+    response.cookies.set("refresh", "", {
+      secure: false,
+      httpOnly: true,
+      expires: 0
+    });
+  }
+  if (refreshToken !== void 0) {
+    response.cookies.set("refresh", refreshToken, {
+      secure: false,
+      httpOnly: true,
+      expires: refreshToken === "" ? 0 : new Date(Date.now() + 60 * 60 * 24 * 365 * 1e3)
+    });
+  }
+  return response;
+}
+function getUserIdFromRefreshToken(refreshKey, refreshToken) {
+  if (refreshToken)
+    try {
+      const decoded = (0, import_jsonwebtoken.verify)(refreshToken, refreshKey);
+      if (typeof decoded !== "string" && typeof decoded.id === "number")
+        return decoded.id;
+    } catch (e) {
+      if (!(e instanceof import_jsonwebtoken.JsonWebTokenError)) console.error(e, "errors");
+      return null;
+    }
+  return null;
+}
+function verifyUser(user, password) {
+  if (!user.password) return false;
+  return (0, import_bcryptjs.compare)(password, user.password);
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  generateAccessToken,
+  generateRefreshToken,
+  getTokenizedResponse,
+  getUserIdFromRefreshToken,
+  verifyUser
+});

package/dist/auth/email/token.d.mts

@@ -0,0 +1,13 @@
+import { NextResponse } from 'next/server';
+import { UserOutput } from '../types.mjs';
+
+declare function generateAccessToken(id: number, signingKey: string): string;
+declare function generateRefreshToken(id: number, refreshKey: string): string;
+declare function getTokenizedResponse(accessToken?: string, refreshToken?: string): NextResponse<{
+    accessToken: string | undefined;
+    refreshToken: string | undefined;
+}>;
+declare function getUserIdFromRefreshToken(refreshKey: string, refreshToken?: string): number | null;
+declare function verifyUser(user: UserOutput, password: string): false | Promise<boolean>;
+
+export { generateAccessToken, generateRefreshToken, getTokenizedResponse, getUserIdFromRefreshToken, verifyUser };

package/dist/auth/email/token.d.ts

@@ -0,0 +1,13 @@
+import { NextResponse } from 'next/server';
+import { UserOutput } from '../types.js';
+
+declare function generateAccessToken(id: number, signingKey: string): string;
+declare function generateRefreshToken(id: number, refreshKey: string): string;
+declare function getTokenizedResponse(accessToken?: string, refreshToken?: string): NextResponse<{
+    accessToken: string | undefined;
+    refreshToken: string | undefined;
+}>;
+declare function getUserIdFromRefreshToken(refreshKey: string, refreshToken?: string): number | null;
+declare function verifyUser(user: UserOutput, password: string): false | Promise<boolean>;
+
+export { generateAccessToken, generateRefreshToken, getTokenizedResponse, getUserIdFromRefreshToken, verifyUser };