sentri 1.0.6 → 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +107 -21
- package/dist/client.d.ts +51 -14
- package/dist/client.d.ts.map +1 -1
- package/dist/client.js +3 -1
- package/dist/client.js.map +1 -1
- package/dist/errors/AuthError.d.ts +82 -21
- package/dist/errors/AuthError.d.ts.map +1 -1
- package/dist/errors/AuthError.js +87 -17
- package/dist/errors/AuthError.js.map +1 -1
- package/dist/index.d.ts +3 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -1
- package/dist/index.js.map +1 -1
- package/dist/libs/token.d.ts +5 -4
- package/dist/libs/token.d.ts.map +1 -1
- package/dist/libs/token.js +3 -2
- package/dist/libs/token.js.map +1 -1
- package/dist/middleware/errorHandler.d.ts +73 -0
- package/dist/middleware/errorHandler.d.ts.map +1 -0
- package/dist/middleware/errorHandler.js +76 -0
- package/dist/middleware/errorHandler.js.map +1 -0
- package/dist/middleware/protect.d.ts +14 -4
- package/dist/middleware/protect.d.ts.map +1 -1
- package/dist/middleware/protect.js +24 -6
- package/dist/middleware/protect.js.map +1 -1
- package/dist/middleware/router.d.ts +5 -2
- package/dist/middleware/router.d.ts.map +1 -1
- package/dist/middleware/router.js +30 -8
- package/dist/middleware/router.js.map +1 -1
- package/dist/services/auth.d.ts +3 -1
- package/dist/services/auth.d.ts.map +1 -1
- package/dist/services/auth.js +7 -3
- package/dist/services/auth.js.map +1 -1
- package/dist/types/auth.d.ts +50 -8
- package/dist/types/auth.d.ts.map +1 -1
- package/dist/types/auth.js.map +1 -1
- package/package.json +5 -2
- package/templates/drizzle/auth.ts +37 -2
- package/templates/prisma/auth.ts +37 -2
package/dist/types/auth.d.ts
CHANGED
|
@@ -7,6 +7,14 @@ export interface ApiResponse<T = null> {
|
|
|
7
7
|
message: string;
|
|
8
8
|
data: T | null;
|
|
9
9
|
}
|
|
10
|
+
/**
|
|
11
|
+
* @internal Extended JWT payload decoded from an access token.
|
|
12
|
+
* Includes `sessionId` which is not exposed on `req.user` but is used
|
|
13
|
+
* by `protect()` to validate that the session is still active.
|
|
14
|
+
*/
|
|
15
|
+
export interface AccessTokenPayload<TRole extends string = string> extends AuthUser<TRole> {
|
|
16
|
+
sessionId: string;
|
|
17
|
+
}
|
|
10
18
|
/** Maps an {@link AuthErrorCode} to its corresponding HTTP status code. */
|
|
11
19
|
export declare function authErrorStatus(code: AuthErrorCode): number;
|
|
12
20
|
/** Shape of a user row returned by the adapter — used internally by the library. */
|
|
@@ -124,22 +132,22 @@ export interface AuthAdapter {
|
|
|
124
132
|
*/
|
|
125
133
|
export interface RouterHandlers {
|
|
126
134
|
/**
|
|
127
|
-
* Replaces the default
|
|
135
|
+
* Replaces the default register service (`POST /register`).
|
|
128
136
|
*
|
|
129
137
|
* The router validates the request body (identifier, password, roles) first,
|
|
130
138
|
* then calls this function with the parsed input. Must return a `SignupResult`.
|
|
131
|
-
* If omitted, the library's built-in
|
|
139
|
+
* If omitted, the library's built-in registration logic runs instead.
|
|
132
140
|
*
|
|
133
141
|
* @example
|
|
134
|
-
*
|
|
135
|
-
* const result = await
|
|
142
|
+
* register: async (input) => {
|
|
143
|
+
* const result = await defaultRegister(input);
|
|
136
144
|
* if (result.success) {
|
|
137
145
|
* await emailService.sendWelcome(input.identifier);
|
|
138
146
|
* }
|
|
139
147
|
* return result;
|
|
140
148
|
* }
|
|
141
149
|
*/
|
|
142
|
-
|
|
150
|
+
register?: (input: SignupInput) => Promise<SignupResult>;
|
|
143
151
|
/**
|
|
144
152
|
* Replaces the default login service.
|
|
145
153
|
*
|
|
@@ -272,6 +280,28 @@ export interface AuthConfig<TRole extends string = string> {
|
|
|
272
280
|
validRoles: readonly TRole[];
|
|
273
281
|
/** ORM adapter that connects the library to your database. */
|
|
274
282
|
adapter: AuthAdapter;
|
|
283
|
+
/**
|
|
284
|
+
* API key required to call `POST /register`.
|
|
285
|
+
*
|
|
286
|
+
* When set, the `/register` endpoint expects an `X-Api-Key` header whose
|
|
287
|
+
* value matches this string exactly. Requests without the header, or with
|
|
288
|
+
* the wrong value, are rejected with HTTP 401 (`UNAUTHORIZED`).
|
|
289
|
+
*
|
|
290
|
+
* Use this to restrict self-registration — for example, only your own
|
|
291
|
+
* back-office service or admin panel should be able to create new accounts,
|
|
292
|
+
* so you never expose user registration to arbitrary callers.
|
|
293
|
+
*
|
|
294
|
+
* @example
|
|
295
|
+
* createAuth({
|
|
296
|
+
* // ...
|
|
297
|
+
* apiKey: process.env.REGISTER_API_KEY!,
|
|
298
|
+
* });
|
|
299
|
+
*
|
|
300
|
+
* // Client must send:
|
|
301
|
+
* // POST /auth/register
|
|
302
|
+
* // X-Api-Key: <value of REGISTER_API_KEY>
|
|
303
|
+
*/
|
|
304
|
+
apiKey?: string;
|
|
275
305
|
/**
|
|
276
306
|
* Custom service functions for individual routes in the built-in auth router.
|
|
277
307
|
*
|
|
@@ -286,6 +316,12 @@ export interface AuthConfig<TRole extends string = string> {
|
|
|
286
316
|
* // verify OTP, then delegate to default or return custom result
|
|
287
317
|
* return { success: true, accessToken, refreshToken, user };
|
|
288
318
|
* },
|
|
319
|
+
* register: async (input) => {
|
|
320
|
+
* // send welcome email after successful registration
|
|
321
|
+
* const result = await defaultRegister(input);
|
|
322
|
+
* if (result.success) await emailService.sendWelcome(input.identifier);
|
|
323
|
+
* return result;
|
|
324
|
+
* },
|
|
289
325
|
* },
|
|
290
326
|
* });
|
|
291
327
|
*/
|
|
@@ -294,7 +330,7 @@ export interface AuthConfig<TRole extends string = string> {
|
|
|
294
330
|
* When set, the built-in router (`auth.router()`) stores the refresh token
|
|
295
331
|
* in an httpOnly cookie instead of returning it in the response body.
|
|
296
332
|
*
|
|
297
|
-
* The `refreshToken` field is omitted from `/login`, `/
|
|
333
|
+
* The `refreshToken` field is omitted from `/login`, `/register`, and `/refresh`
|
|
298
334
|
* responses. The `/logout` and `/logout-all` routes automatically clear the cookie.
|
|
299
335
|
*
|
|
300
336
|
* No extra middleware (e.g. `cookie-parser`) is required.
|
|
@@ -339,12 +375,18 @@ export interface CookieConfig {
|
|
|
339
375
|
*/
|
|
340
376
|
path?: string;
|
|
341
377
|
}
|
|
342
|
-
/**
|
|
378
|
+
/**
|
|
379
|
+
* The user payload injected as `req.user` after `protect()` runs.
|
|
380
|
+
*
|
|
381
|
+
* Access tokens issued by sentri >= 1.1.0 embed a `sessionId` that is
|
|
382
|
+
* validated against the database on every request. Tokens from older
|
|
383
|
+
* versions that lack this claim are accepted but bypass session validation.
|
|
384
|
+
*/
|
|
343
385
|
export interface AuthUser<TRole extends string = string> {
|
|
344
386
|
id: string;
|
|
345
387
|
/**
|
|
346
388
|
* The credential identifier for this user (email, username, phone, etc.).
|
|
347
|
-
* Reflects whatever value was passed as `identifier` at
|
|
389
|
+
* Reflects whatever value was passed as `identifier` at registration or login.
|
|
348
390
|
*/
|
|
349
391
|
identifier: string;
|
|
350
392
|
roles: TRole[];
|
package/dist/types/auth.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/types/auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAEvE,YAAY,EAAE,SAAS,EAAE,CAAC;AAE1B,gFAAgF;AAChF,MAAM,WAAW,WAAW,CAAC,CAAC,GAAG,IAAI;IACnC,KAAK,EAAE,OAAO,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,CAAC,GAAG,IAAI,CAAC;CAChB;AAED,2EAA2E;AAC3E,wBAAgB,eAAe,CAAC,IAAI,EAAE,aAAa,GAAG,MAAM,CAkB3D;AAID,oFAAoF;AACpF,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX;;;OAGG;IACH,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,iDAAiD;IACjD,KAAK,EAAE,MAAM,EAAE,CAAC;CACjB;AAED,sDAAsD;AACtD,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,uEAAuE;AACvE,MAAM,WAAW,cAAc;IAC7B;;;OAGG;IACH,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,kDAAkD;IAClD,KAAK,EAAE,MAAM,EAAE,CAAC;CACjB;AAID;;;;;;;;GAQG;AACH,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE;QACJ;;;;;;WAMG;QACH,gBAAgB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;QACjE,qEAAqE;QACrE,QAAQ,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;QACjD;;;WAGG;QACH,MAAM,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC;YAAE,EAAE,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QACtD;;;WAGG;QACH,WAAW,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;KAC7D,CAAC;IACF,OAAO,EAAE;QACP;;;WAGG;QACH,MAAM,CAAC,IAAI,EAAE;YAAE,MAAM,EAAE,MAAM,CAAC;YAAC,SAAS,EAAE,IAAI,CAAA;SAAE,GAAG,OAAO,CAAC;YAAE,EAAE,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAC3E;;;WAGG;QACH,QAAQ,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,aAAa,GAAG;YAAE,IAAI,EAAE,UAAU,CAAA;SAAE,CAAC,GAAG,IAAI,CAAC,CAAC;QACpF,sEAAsE;QACtE,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QACzC,mFAAmF;QACnF,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;KACjD,CAAC;CACH;AAID;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,WAAW,cAAc;IAC7B;;;;;;;;;;;;;;;OAeG;IACH,
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/types/auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAEvE,YAAY,EAAE,SAAS,EAAE,CAAC;AAE1B,gFAAgF;AAChF,MAAM,WAAW,WAAW,CAAC,CAAC,GAAG,IAAI;IACnC,KAAK,EAAE,OAAO,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,CAAC,GAAG,IAAI,CAAC;CAChB;AAED;;;;GAIG;AACH,MAAM,WAAW,kBAAkB,CAAC,KAAK,SAAS,MAAM,GAAG,MAAM,CAAE,SAAQ,QAAQ,CAAC,KAAK,CAAC;IACxF,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,2EAA2E;AAC3E,wBAAgB,eAAe,CAAC,IAAI,EAAE,aAAa,GAAG,MAAM,CAkB3D;AAID,oFAAoF;AACpF,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX;;;OAGG;IACH,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,iDAAiD;IACjD,KAAK,EAAE,MAAM,EAAE,CAAC;CACjB;AAED,sDAAsD;AACtD,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,uEAAuE;AACvE,MAAM,WAAW,cAAc;IAC7B;;;OAGG;IACH,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,kDAAkD;IAClD,KAAK,EAAE,MAAM,EAAE,CAAC;CACjB;AAID;;;;;;;;GAQG;AACH,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE;QACJ;;;;;;WAMG;QACH,gBAAgB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;QACjE,qEAAqE;QACrE,QAAQ,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;QACjD;;;WAGG;QACH,MAAM,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC;YAAE,EAAE,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QACtD;;;WAGG;QACH,WAAW,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;KAC7D,CAAC;IACF,OAAO,EAAE;QACP;;;WAGG;QACH,MAAM,CAAC,IAAI,EAAE;YAAE,MAAM,EAAE,MAAM,CAAC;YAAC,SAAS,EAAE,IAAI,CAAA;SAAE,GAAG,OAAO,CAAC;YAAE,EAAE,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAC3E;;;WAGG;QACH,QAAQ,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,aAAa,GAAG;YAAE,IAAI,EAAE,UAAU,CAAA;SAAE,CAAC,GAAG,IAAI,CAAC,CAAC;QACpF,sEAAsE;QACtE,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QACzC,mFAAmF;QACnF,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;KACjD,CAAC;CACH;AAID;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,WAAW,cAAc;IAC7B;;;;;;;;;;;;;;;OAeG;IACH,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,OAAO,CAAC,YAAY,CAAC,CAAC;IAEzD;;;;;;;;;;;;;;;;OAgBG;IACH,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,OAAO,CAAC,UAAU,CAAC,CAAC;IAEnD;;;;;;;;;;;;;;;OAeG;IACH,OAAO,CAAC,EAAE,CAAC,YAAY,EAAE,MAAM,KAAK,OAAO,CAAC,aAAa,CAAC,CAAC;IAE3D;;;;;;;;;;;;;;OAcG;IACH,MAAM,CAAC,EAAE,CAAC,YAAY,EAAE,MAAM,GAAG,SAAS,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAE7D;;;;;;;;;;;OAWG;IACH,SAAS,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAE9C;;;;;;;;;;;;;;;;OAgBG;IACH,WAAW,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,OAAO,CAAC,iBAAiB,CAAC,CAAC;CAC/E;AAID;;;;;;;;;;;;GAYG;AACH,MAAM,WAAW,UAAU,CAAC,KAAK,SAAS,MAAM,GAAG,MAAM;IACvD,uFAAuF;IACvF,MAAM,EAAE,MAAM,CAAC;IACf;;;;OAIG;IACH,eAAe,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAClC;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IACnC;;;OAGG;IACH,SAAS,CAAC,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;IACxC;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB;;;;;;;OAOG;IACH,UAAU,EAAE,SAAS,KAAK,EAAE,CAAC;IAC7B,8DAA8D;IAC9D,OAAO,EAAE,WAAW,CAAC;IACrB;;;;;;;;;;;;;;;;;;;;OAoBG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,MAAM,CAAC,EAAE,cAAc,CAAC;IACxB;;;;;;;;;;;;;;OAcG;IACH,MAAM,CAAC,EAAE,YAAY,CAAC;CACvB;AAED;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B;;;OAGG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;IACd;;;OAGG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB;;;;OAIG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB;;;OAGG;IACH,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IACrC;;;OAGG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAID;;;;;;GAMG;AACH,MAAM,WAAW,QAAQ,CAAC,KAAK,SAAS,MAAM,GAAG,MAAM;IACrD,EAAE,EAAE,MAAM,CAAC;IACX;;;OAGG;IACH,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,KAAK,EAAE,CAAC;CAChB;AAED,+BAA+B;AAC/B,MAAM,MAAM,YAAY,CAAC,KAAK,SAAS,MAAM,GAAG,MAAM,IAClD;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,IAAI,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAA;CAAE,GACxC;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,SAAS,CAAA;CAAE,CAAC;AAEzC,8BAA8B;AAC9B,MAAM,MAAM,UAAU,CAAC,KAAK,SAAS,MAAM,GAAG,MAAM,IAChD;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,WAAW,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAA;CAAE,GACnF;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,SAAS,CAAA;CAAE,CAAC;AAEzC,oCAAoC;AACpC,MAAM,MAAM,iBAAiB,CAAC,KAAK,SAAS,MAAM,GAAG,MAAM,IACvD;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,IAAI,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAA;CAAE,GACxC;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,SAAS,CAAA;CAAE,CAAC;AAEzC,gCAAgC;AAChC,MAAM,MAAM,aAAa,CAAC,KAAK,SAAS,MAAM,GAAG,MAAM,IACnD;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,WAAW,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAA;CAAE,GACnF;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,SAAS,CAAA;CAAE,CAAC;AAEzC,0BAA0B;AAC1B,MAAM,WAAW,WAAW,CAAC,KAAK,SAAS,MAAM,GAAG,MAAM;IACxD;;;OAGG;IACH,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,qEAAqE;IACrE,KAAK,CAAC,EAAE,KAAK,EAAE,CAAC;CACjB;AAED,yBAAyB;AACzB,MAAM,WAAW,UAAU;IACzB;;;OAGG;IACH,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;CAClB"}
|
package/dist/types/auth.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/types/auth.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/types/auth.ts"],"names":[],"mappings":"AAqBA,2EAA2E;AAC3E,MAAM,UAAU,eAAe,CAAC,IAAmB;IACjD,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,cAAc,CAAC;QACpB,KAAK,qBAAqB,CAAC;QAC3B,KAAK,eAAe,CAAC;QACrB,KAAK,eAAe;YAClB,OAAO,GAAG,CAAC;QACb,KAAK,WAAW;YACd,OAAO,GAAG,CAAC;QACb,KAAK,gBAAgB;YACnB,OAAO,GAAG,CAAC;QACb,KAAK,qBAAqB;YACxB,OAAO,GAAG,CAAC;QACb,KAAK,qBAAqB;YACxB,OAAO,GAAG,CAAC;QACb;YACE,OAAO,GAAG,CAAC;IACf,CAAC;AACH,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "sentri",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.1.1",
|
|
4
4
|
"description": "Personal auth/authorization library for Express + Postgres",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -49,8 +49,11 @@
|
|
|
49
49
|
"vitest": "^4.1.9"
|
|
50
50
|
},
|
|
51
51
|
"dependencies": {
|
|
52
|
+
"@prisma/adapter-pg": "^7.8.0",
|
|
53
|
+
"@prisma/client": "^7.8.0",
|
|
52
54
|
"bcrypt": "^6.0.0",
|
|
53
|
-
"jsonwebtoken": "^9.0.3"
|
|
55
|
+
"jsonwebtoken": "^9.0.3",
|
|
56
|
+
"sentri": "^1.0.6"
|
|
54
57
|
},
|
|
55
58
|
"peerDependencies": {
|
|
56
59
|
"express": ">=4.0.0"
|
|
@@ -17,6 +17,7 @@ export const auth = createAuth({
|
|
|
17
17
|
// refreshExpiresIn: '7d',
|
|
18
18
|
// algorithm: 'HS256',
|
|
19
19
|
// saltRounds: 12,
|
|
20
|
+
// apiKey: process.env.REGISTER_API_KEY, // when set, POST /register requires X-Api-Key header
|
|
20
21
|
cookie: {
|
|
21
22
|
secure: process.env.NODE_ENV === 'production',
|
|
22
23
|
// name: 'refresh_token',
|
|
@@ -25,8 +26,8 @@ export const auth = createAuth({
|
|
|
25
26
|
// path: '/',
|
|
26
27
|
},
|
|
27
28
|
// router: {
|
|
28
|
-
//
|
|
29
|
-
// // custom
|
|
29
|
+
// register: async (input) => {
|
|
30
|
+
// // custom register logic — must return SignupResult
|
|
30
31
|
// },
|
|
31
32
|
// login: async (input) => {
|
|
32
33
|
// // custom login logic — must return AuthResult
|
|
@@ -45,3 +46,37 @@ export const auth = createAuth({
|
|
|
45
46
|
// },
|
|
46
47
|
// },
|
|
47
48
|
});
|
|
49
|
+
|
|
50
|
+
// --- Express app setup ---
|
|
51
|
+
//
|
|
52
|
+
// import express from 'express';
|
|
53
|
+
// import { AuthError } from 'sentri';
|
|
54
|
+
//
|
|
55
|
+
// const app = express();
|
|
56
|
+
// app.use(express.json());
|
|
57
|
+
//
|
|
58
|
+
// // Mount the auth router (POST /auth/register, /auth/login, etc.)
|
|
59
|
+
// app.use('/auth', auth.router());
|
|
60
|
+
//
|
|
61
|
+
// // Your own routes — throw AuthError (or any subclass) and errorHandler catches them
|
|
62
|
+
// app.get('/protected', auth.protect(), (req, res) => {
|
|
63
|
+
// res.json(req.user);
|
|
64
|
+
// });
|
|
65
|
+
//
|
|
66
|
+
// // Domain-specific error by extending AuthError
|
|
67
|
+
// class NotFoundError extends AuthError {
|
|
68
|
+
// constructor(resource: string) {
|
|
69
|
+
// super('NOT_FOUND', `${resource} not found`, 404);
|
|
70
|
+
// }
|
|
71
|
+
// }
|
|
72
|
+
//
|
|
73
|
+
// app.get('/items/:id', auth.protect(), async (req, res) => {
|
|
74
|
+
// const item = await db.query.items.findFirst({ where: (t, { eq }) => eq(t.id, req.params['id']) });
|
|
75
|
+
// if (!item) throw new NotFoundError('Item');
|
|
76
|
+
// res.json(item);
|
|
77
|
+
// });
|
|
78
|
+
//
|
|
79
|
+
// // Mount AFTER all routes — catches AuthError from sentri AND your subclasses
|
|
80
|
+
// app.use(auth.errorHandler());
|
|
81
|
+
//
|
|
82
|
+
// app.listen(3000);
|
package/templates/prisma/auth.ts
CHANGED
|
@@ -20,6 +20,7 @@ export const auth = createAuth({
|
|
|
20
20
|
// refreshExpiresIn: '7d',
|
|
21
21
|
// algorithm: 'HS256',
|
|
22
22
|
// saltRounds: 12,
|
|
23
|
+
// apiKey: process.env.REGISTER_API_KEY, // when set, POST /register requires X-Api-Key header
|
|
23
24
|
cookie: {
|
|
24
25
|
secure: process.env.NODE_ENV === 'production',
|
|
25
26
|
// name: 'refresh_token',
|
|
@@ -28,8 +29,8 @@ export const auth = createAuth({
|
|
|
28
29
|
// path: '/',
|
|
29
30
|
},
|
|
30
31
|
// router: {
|
|
31
|
-
//
|
|
32
|
-
// // custom
|
|
32
|
+
// register: async (input) => {
|
|
33
|
+
// // custom register logic — must return SignupResult
|
|
33
34
|
// },
|
|
34
35
|
// login: async (input) => {
|
|
35
36
|
// // custom login logic — must return AuthResult
|
|
@@ -48,3 +49,37 @@ export const auth = createAuth({
|
|
|
48
49
|
// },
|
|
49
50
|
// },
|
|
50
51
|
});
|
|
52
|
+
|
|
53
|
+
// --- Express app setup ---
|
|
54
|
+
//
|
|
55
|
+
// import express from 'express';
|
|
56
|
+
// import { AuthError } from 'sentri';
|
|
57
|
+
//
|
|
58
|
+
// const app = express();
|
|
59
|
+
// app.use(express.json());
|
|
60
|
+
//
|
|
61
|
+
// // Mount the auth router (POST /auth/register, /auth/login, etc.)
|
|
62
|
+
// app.use('/auth', auth.router());
|
|
63
|
+
//
|
|
64
|
+
// // Your own routes — throw AuthError (or any subclass) and errorHandler catches them
|
|
65
|
+
// app.get('/protected', auth.protect(), (req, res) => {
|
|
66
|
+
// res.json(req.user);
|
|
67
|
+
// });
|
|
68
|
+
//
|
|
69
|
+
// // Domain-specific error by extending AuthError
|
|
70
|
+
// class NotFoundError extends AuthError {
|
|
71
|
+
// constructor(resource: string) {
|
|
72
|
+
// super('NOT_FOUND', `${resource} not found`, 404);
|
|
73
|
+
// }
|
|
74
|
+
// }
|
|
75
|
+
//
|
|
76
|
+
// app.get('/items/:id', auth.protect(), async (req, res) => {
|
|
77
|
+
// const item = await prisma.item.findUnique({ where: { id: req.params['id'] } });
|
|
78
|
+
// if (!item) throw new NotFoundError('Item');
|
|
79
|
+
// res.json(item);
|
|
80
|
+
// });
|
|
81
|
+
//
|
|
82
|
+
// // Mount AFTER all routes — catches AuthError from sentri AND your subclasses
|
|
83
|
+
// app.use(auth.errorHandler());
|
|
84
|
+
//
|
|
85
|
+
// app.listen(3000);
|