sentri 1.1.1 → 1.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +107 -43
- package/dist/client.d.ts +10 -10
- package/dist/client.d.ts.map +1 -1
- package/dist/errors/AuthError.d.ts +20 -22
- package/dist/errors/AuthError.d.ts.map +1 -1
- package/dist/errors/AuthError.js +17 -19
- package/dist/errors/AuthError.js.map +1 -1
- package/dist/index.d.ts +4 -3
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -1
- package/dist/index.js.map +1 -1
- package/dist/libs/config.d.ts +2 -2
- package/dist/libs/config.js +8 -8
- package/dist/libs/config.js.map +1 -1
- package/dist/libs/token.d.ts +2 -2
- package/dist/libs/token.js +10 -10
- package/dist/libs/token.js.map +1 -1
- package/dist/middleware/authorize.d.ts +1 -1
- package/dist/middleware/authorize.js +4 -4
- package/dist/middleware/authorize.js.map +1 -1
- package/dist/middleware/errorHandler.d.ts +11 -13
- package/dist/middleware/errorHandler.d.ts.map +1 -1
- package/dist/middleware/errorHandler.js +11 -13
- package/dist/middleware/errorHandler.js.map +1 -1
- package/dist/middleware/permit.d.ts +1 -1
- package/dist/middleware/permit.js +4 -4
- package/dist/middleware/permit.js.map +1 -1
- package/dist/middleware/protect.d.ts +1 -1
- package/dist/middleware/protect.js +4 -4
- package/dist/middleware/protect.js.map +1 -1
- package/dist/middleware/router.d.ts.map +1 -1
- package/dist/middleware/router.js +10 -10
- package/dist/middleware/router.js.map +1 -1
- package/dist/services/auth.d.ts +5 -5
- package/dist/services/auth.d.ts.map +1 -1
- package/dist/services/auth.js +15 -15
- package/dist/services/auth.js.map +1 -1
- package/dist/types/auth.d.ts +21 -21
- package/dist/types/auth.d.ts.map +1 -1
- package/dist/types/auth.js +1 -1
- package/dist/types/auth.js.map +1 -1
- package/package.json +1 -1
- package/templates/drizzle/auth.ts +5 -5
- package/templates/prisma/auth.ts +5 -5
package/dist/services/auth.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { SentriError } from '../errors/AuthError.js';
|
|
2
2
|
import { hashPassword, verifyPassword } from '../libs/hash.js';
|
|
3
3
|
import { signAccessToken, signRefreshToken, verifyRefreshToken } from '../libs/token.js';
|
|
4
4
|
import { resolveConfig, parseExpiry } from '../libs/config.js';
|
|
@@ -9,25 +9,25 @@ import { resolveConfig, parseExpiry } from '../libs/config.js';
|
|
|
9
9
|
* identifiers, hashes the password with bcrypt, creates the user record via
|
|
10
10
|
* the adapter, and returns the created user.
|
|
11
11
|
*
|
|
12
|
-
* No tokens are issued — the caller should invoke `login` after
|
|
13
|
-
* immediate authentication is desired.
|
|
12
|
+
* No tokens are issued — the caller should invoke `login` after registration
|
|
13
|
+
* if immediate authentication is desired.
|
|
14
14
|
*
|
|
15
|
-
* @param input -
|
|
15
|
+
* @param input - Registration data: identifier, plain-text password, and optional roles.
|
|
16
16
|
* @param config - Auth configuration containing the adapter and role definitions.
|
|
17
17
|
* @returns `{ success: true, user }` on success, or `{ success: false, error }` with
|
|
18
18
|
* code `INVALID_ROLE` or `USER_ALREADY_EXISTS` on failure.
|
|
19
19
|
*/
|
|
20
|
-
export async function
|
|
20
|
+
export async function register(input, config) {
|
|
21
21
|
const resolved = resolveConfig(config);
|
|
22
22
|
const requestedRoles = input.roles ?? [];
|
|
23
23
|
const invalidRoles = requestedRoles.filter((r) => !resolved.validRoles.includes(r));
|
|
24
24
|
if (invalidRoles.length > 0) {
|
|
25
|
-
return { success: false, error: new
|
|
25
|
+
return { success: false, error: new SentriError('INVALID_ROLE', `Invalid roles: ${invalidRoles.join(', ')}`) };
|
|
26
26
|
}
|
|
27
27
|
const identifier = input.identifier.trim();
|
|
28
28
|
const existing = await resolved.adapter.user.findByIdentifier(identifier);
|
|
29
29
|
if (existing) {
|
|
30
|
-
return { success: false, error: new
|
|
30
|
+
return { success: false, error: new SentriError('USER_ALREADY_EXISTS', 'User already exists') };
|
|
31
31
|
}
|
|
32
32
|
const passwordHash = await hashPassword(input.password, resolved.saltRounds);
|
|
33
33
|
const created = await resolved.adapter.user.create({ identifier, passwordHash, roles: requestedRoles });
|
|
@@ -54,11 +54,11 @@ export async function login(input, config) {
|
|
|
54
54
|
const resolved = resolveConfig(config);
|
|
55
55
|
const found = await resolved.adapter.user.findByIdentifier(input.identifier.trim());
|
|
56
56
|
if (!found) {
|
|
57
|
-
return { success: false, error: new
|
|
57
|
+
return { success: false, error: new SentriError('INVALID_CREDENTIALS', 'Invalid credentials') };
|
|
58
58
|
}
|
|
59
59
|
const valid = await verifyPassword(input.password, found.passwordHash);
|
|
60
60
|
if (!valid) {
|
|
61
|
-
return { success: false, error: new
|
|
61
|
+
return { success: false, error: new SentriError('INVALID_CREDENTIALS', 'Invalid credentials') };
|
|
62
62
|
}
|
|
63
63
|
const expiresAt = new Date(Date.now() + parseExpiry(resolved.refreshExpiresIn));
|
|
64
64
|
const session = await resolved.adapter.session.create({ userId: found.id, expiresAt });
|
|
@@ -89,17 +89,17 @@ export async function refresh(refreshToken, config) {
|
|
|
89
89
|
({ sessionId } = verifyRefreshToken(refreshToken, config));
|
|
90
90
|
}
|
|
91
91
|
catch (err) {
|
|
92
|
-
if (err instanceof
|
|
92
|
+
if (err instanceof SentriError)
|
|
93
93
|
return { success: false, error: err };
|
|
94
|
-
return { success: false, error: new
|
|
94
|
+
return { success: false, error: new SentriError('TOKEN_INVALID', 'Invalid refresh token') };
|
|
95
95
|
}
|
|
96
96
|
const session = await resolved.adapter.session.findById(sessionId);
|
|
97
97
|
if (!session) {
|
|
98
|
-
return { success: false, error: new
|
|
98
|
+
return { success: false, error: new SentriError('UNAUTHORIZED', 'Session not found or revoked') };
|
|
99
99
|
}
|
|
100
100
|
if (session.expiresAt < new Date()) {
|
|
101
101
|
await resolved.adapter.session.delete(sessionId);
|
|
102
|
-
return { success: false, error: new
|
|
102
|
+
return { success: false, error: new SentriError('TOKEN_EXPIRED', 'Session has expired') };
|
|
103
103
|
}
|
|
104
104
|
// rotate: delete old session, create new one
|
|
105
105
|
await resolved.adapter.session.delete(sessionId);
|
|
@@ -160,11 +160,11 @@ export async function assignRoles(userId, rolesToAdd, config) {
|
|
|
160
160
|
const resolved = resolveConfig(config);
|
|
161
161
|
const invalidRoles = rolesToAdd.filter((role) => !resolved.validRoles.includes(role));
|
|
162
162
|
if (invalidRoles.length > 0) {
|
|
163
|
-
return { success: false, error: new
|
|
163
|
+
return { success: false, error: new SentriError('INVALID_ROLE', `Invalid roles: ${invalidRoles.join(', ')}`) };
|
|
164
164
|
}
|
|
165
165
|
const found = await resolved.adapter.user.findById(userId);
|
|
166
166
|
if (!found) {
|
|
167
|
-
return { success: false, error: new
|
|
167
|
+
return { success: false, error: new SentriError('USER_NOT_FOUND', 'User not found') };
|
|
168
168
|
}
|
|
169
169
|
const mergedRoles = Array.from(new Set([...found.roles, ...rolesToAdd]));
|
|
170
170
|
await resolved.adapter.user.updateRoles(userId, mergedRoles);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/services/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/services/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAC/D,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AACzF,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAG/D;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,QAAQ,CAC5B,KAAoB,EACpB,MAAkB;IAElB,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IAEvC,MAAM,cAAc,GAAG,KAAK,CAAC,KAAK,IAAI,EAAE,CAAC;IACzC,MAAM,YAAY,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACpF,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,WAAW,CAAC,cAAc,EAAE,kBAAkB,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;IACjH,CAAC;IAED,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;IAC3C,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC;IAC1E,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,WAAW,CAAC,qBAAqB,EAAE,qBAAqB,CAAC,EAAE,CAAC;IAClG,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,QAAQ,CAAC,UAAU,CAAC,CAAC;IAC7E,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,UAAU,EAAE,YAAY,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC;IAExG,MAAM,IAAI,GAAG,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE,UAAU,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC;IACnE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AACjC,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,KAAK,UAAU,KAAK,CACzB,KAAiB,EACjB,MAAkB;IAElB,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IAEvC,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC,CAAC;IACpF,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,WAAW,CAAC,qBAAqB,EAAE,qBAAqB,CAAC,EAAE,CAAC;IAClG,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,cAAc,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC;IACvE,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,WAAW,CAAC,qBAAqB,EAAE,qBAAqB,CAAC,EAAE,CAAC;IAClG,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC,CAAC;IAChF,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC;IAEvF,MAAM,IAAI,GAAG,EAAE,EAAE,EAAE,KAAK,CAAC,EAAE,EAAE,UAAU,EAAE,KAAK,CAAC,UAAU,EAAE,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,CAAC;IAChF,gFAAgF;IAChF,MAAM,WAAW,GAAG,eAAe,CAAC,EAAE,GAAG,IAAI,EAAE,SAAS,EAAE,OAAO,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;IAChF,MAAM,YAAY,GAAG,gBAAgB,CAAC,OAAO,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;IAC1D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC;AAC5D,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAC3B,YAAoB,EACpB,MAAkB;IAElB,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IAEvC,IAAI,SAAiB,CAAC;IACtB,IAAI,CAAC;QACH,CAAC,EAAE,SAAS,EAAE,GAAG,kBAAkB,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC;IAC7D,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,WAAW;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;QACtE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,WAAW,CAAC,eAAe,EAAE,uBAAuB,CAAC,EAAE,CAAC;IAC9F,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IACnE,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,WAAW,CAAC,cAAc,EAAE,8BAA8B,CAAC,EAAE,CAAC;IACpG,CAAC;IAED,IAAI,OAAO,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;QACnC,MAAM,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACjD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,WAAW,CAAC,eAAe,EAAE,qBAAqB,CAAC,EAAE,CAAC;IAC5F,CAAC;IAED,6CAA6C;IAC7C,MAAM,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACjD,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC,CAAC;IAChF,MAAM,UAAU,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,SAAS,EAAE,CAAC,CAAC;IAEhG,MAAM,IAAI,GAAG,EAAE,EAAE,EAAE,OAAO,CAAC,IAAI,CAAC,EAAE,EAAE,UAAU,EAAE,OAAO,CAAC,IAAI,CAAC,UAAU,EAAE,KAAK,EAAE,OAAO,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;IACrG,mDAAmD;IACnD,MAAM,cAAc,GAAG,eAAe,CAAC,EAAE,GAAG,IAAI,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;IACtF,MAAM,eAAe,GAAG,gBAAgB,CAAC,UAAU,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;IAChE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,cAAc,EAAE,YAAY,EAAE,eAAe,EAAE,IAAI,EAAE,CAAC;AAC7F,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,MAAM,CAC1B,YAAoB,EACpB,MAAkB;IAElB,IAAI,SAAiB,CAAC;IACtB,IAAI,CAAC;QACH,CAAC,EAAE,SAAS,EAAE,GAAG,kBAAkB,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC;IAC7D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,qCAAqC;IAC/C,CAAC;IACD,MAAM,aAAa,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;AAChE,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,MAAc,EACd,MAAkB;IAElB,MAAM,aAAa,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;AACvE,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,MAAc,EACd,UAAoB,EACpB,MAAkB;IAElB,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IAEvC,MAAM,YAAY,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IACtF,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,WAAW,CAAC,cAAc,EAAE,kBAAkB,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;IACjH,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC3D,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,WAAW,CAAC,gBAAgB,EAAE,gBAAgB,CAAC,EAAE,CAAC;IACxF,CAAC;IAED,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,KAAK,EAAE,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;IACzE,MAAM,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IAE7D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,EAAE,EAAE,UAAU,EAAE,KAAK,CAAC,UAAU,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE,CAAC;AACrG,CAAC"}
|
package/dist/types/auth.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import type {
|
|
2
|
-
export type {
|
|
1
|
+
import type { SentriError, SentriErrorCode } from '../errors/AuthError.js';
|
|
2
|
+
export type { SentriError };
|
|
3
3
|
/** Standard API response envelope returned by all built-in router endpoints. */
|
|
4
4
|
export interface ApiResponse<T = null> {
|
|
5
5
|
error: boolean;
|
|
@@ -15,8 +15,8 @@ export interface ApiResponse<T = null> {
|
|
|
15
15
|
export interface AccessTokenPayload<TRole extends string = string> extends AuthUser<TRole> {
|
|
16
16
|
sessionId: string;
|
|
17
17
|
}
|
|
18
|
-
/** Maps
|
|
19
|
-
export declare function authErrorStatus(code:
|
|
18
|
+
/** Maps a {@link SentriErrorCode} to its corresponding HTTP status code. */
|
|
19
|
+
export declare function authErrorStatus(code: SentriErrorCode): number;
|
|
20
20
|
/** Shape of a user row returned by the adapter — used internally by the library. */
|
|
21
21
|
export interface UserRecord {
|
|
22
22
|
id: string;
|
|
@@ -39,7 +39,7 @@ export interface SessionRecord {
|
|
|
39
39
|
/** Data the library passes to the adapter when creating a new user. */
|
|
40
40
|
export interface CreateUserData {
|
|
41
41
|
/**
|
|
42
|
-
* The credential identifier supplied at
|
|
42
|
+
* The credential identifier supplied at registration (email, username, phone, etc.).
|
|
43
43
|
* Store this in whichever column(s) your schema uses for login lookup.
|
|
44
44
|
*/
|
|
45
45
|
identifier: string;
|
|
@@ -123,9 +123,9 @@ export interface AuthAdapter {
|
|
|
123
123
|
* // add OTP check, custom user lookup, etc.
|
|
124
124
|
* // must return AuthResult
|
|
125
125
|
* },
|
|
126
|
-
*
|
|
126
|
+
* register: async (input) => {
|
|
127
127
|
* // send welcome email, set default profile, etc.
|
|
128
|
-
* // must return
|
|
128
|
+
* // must return RegisterResult
|
|
129
129
|
* },
|
|
130
130
|
* },
|
|
131
131
|
* });
|
|
@@ -135,7 +135,7 @@ export interface RouterHandlers {
|
|
|
135
135
|
* Replaces the default register service (`POST /register`).
|
|
136
136
|
*
|
|
137
137
|
* The router validates the request body (identifier, password, roles) first,
|
|
138
|
-
* then calls this function with the parsed input. Must return a `
|
|
138
|
+
* then calls this function with the parsed input. Must return a `RegisterResult`.
|
|
139
139
|
* If omitted, the library's built-in registration logic runs instead.
|
|
140
140
|
*
|
|
141
141
|
* @example
|
|
@@ -147,7 +147,7 @@ export interface RouterHandlers {
|
|
|
147
147
|
* return result;
|
|
148
148
|
* }
|
|
149
149
|
*/
|
|
150
|
-
register?: (input:
|
|
150
|
+
register?: (input: RegisterInput) => Promise<RegisterResult>;
|
|
151
151
|
/**
|
|
152
152
|
* Replaces the default login service.
|
|
153
153
|
*
|
|
@@ -160,7 +160,7 @@ export interface RouterHandlers {
|
|
|
160
160
|
* // verify OTP before issuing tokens
|
|
161
161
|
* const otpValid = await redis.get(`otp:${input.identifier}`);
|
|
162
162
|
* if (!otpValid) {
|
|
163
|
-
* return { success: false, error: new
|
|
163
|
+
* return { success: false, error: new SentriError('INVALID_CREDENTIALS', 'OTP required') };
|
|
164
164
|
* }
|
|
165
165
|
* return defaultLogin(input);
|
|
166
166
|
* }
|
|
@@ -271,7 +271,7 @@ export interface AuthConfig<TRole extends string = string> {
|
|
|
271
271
|
saltRounds?: number;
|
|
272
272
|
/**
|
|
273
273
|
* Exhaustive list of role names your application uses.
|
|
274
|
-
*
|
|
274
|
+
* Registration will be rejected with `INVALID_ROLE` if a role outside this list is requested.
|
|
275
275
|
* Use `as const` to get TypeScript union-type safety on `authorize()`.
|
|
276
276
|
*
|
|
277
277
|
* @example
|
|
@@ -330,8 +330,8 @@ export interface AuthConfig<TRole extends string = string> {
|
|
|
330
330
|
* When set, the built-in router (`auth.router()`) stores the refresh token
|
|
331
331
|
* in an httpOnly cookie instead of returning it in the response body.
|
|
332
332
|
*
|
|
333
|
-
* The `refreshToken` field is omitted from `/login
|
|
334
|
-
*
|
|
333
|
+
* The `refreshToken` field is omitted from `/login` and `/refresh` responses.
|
|
334
|
+
* The `/logout` and `/logout-all` routes automatically clear the cookie.
|
|
335
335
|
*
|
|
336
336
|
* No extra middleware (e.g. `cookie-parser`) is required.
|
|
337
337
|
*
|
|
@@ -391,13 +391,13 @@ export interface AuthUser<TRole extends string = string> {
|
|
|
391
391
|
identifier: string;
|
|
392
392
|
roles: TRole[];
|
|
393
393
|
}
|
|
394
|
-
/** Return type of `
|
|
395
|
-
export type
|
|
394
|
+
/** Return type of `register`. */
|
|
395
|
+
export type RegisterResult<TRole extends string = string> = {
|
|
396
396
|
success: true;
|
|
397
397
|
user: AuthUser<TRole>;
|
|
398
398
|
} | {
|
|
399
399
|
success: false;
|
|
400
|
-
error:
|
|
400
|
+
error: SentriError;
|
|
401
401
|
};
|
|
402
402
|
/** Return type of `login`. */
|
|
403
403
|
export type AuthResult<TRole extends string = string> = {
|
|
@@ -407,7 +407,7 @@ export type AuthResult<TRole extends string = string> = {
|
|
|
407
407
|
user: AuthUser<TRole>;
|
|
408
408
|
} | {
|
|
409
409
|
success: false;
|
|
410
|
-
error:
|
|
410
|
+
error: SentriError;
|
|
411
411
|
};
|
|
412
412
|
/** Return type of `assignRoles`. */
|
|
413
413
|
export type AssignRolesResult<TRole extends string = string> = {
|
|
@@ -415,7 +415,7 @@ export type AssignRolesResult<TRole extends string = string> = {
|
|
|
415
415
|
user: AuthUser<TRole>;
|
|
416
416
|
} | {
|
|
417
417
|
success: false;
|
|
418
|
-
error:
|
|
418
|
+
error: SentriError;
|
|
419
419
|
};
|
|
420
420
|
/** Return type of `refresh`. */
|
|
421
421
|
export type RefreshResult<TRole extends string = string> = {
|
|
@@ -425,10 +425,10 @@ export type RefreshResult<TRole extends string = string> = {
|
|
|
425
425
|
user: AuthUser<TRole>;
|
|
426
426
|
} | {
|
|
427
427
|
success: false;
|
|
428
|
-
error:
|
|
428
|
+
error: SentriError;
|
|
429
429
|
};
|
|
430
|
-
/** Input for `
|
|
431
|
-
export interface
|
|
430
|
+
/** Input for `register`. */
|
|
431
|
+
export interface RegisterInput<TRole extends string = string> {
|
|
432
432
|
/**
|
|
433
433
|
* The user's login credential — email, username, phone number, or any unique string.
|
|
434
434
|
* The adapter maps this to the appropriate column in your database.
|
package/dist/types/auth.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/types/auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/types/auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAE3E,YAAY,EAAE,WAAW,EAAE,CAAC;AAE5B,gFAAgF;AAChF,MAAM,WAAW,WAAW,CAAC,CAAC,GAAG,IAAI;IACnC,KAAK,EAAE,OAAO,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,CAAC,GAAG,IAAI,CAAC;CAChB;AAED;;;;GAIG;AACH,MAAM,WAAW,kBAAkB,CAAC,KAAK,SAAS,MAAM,GAAG,MAAM,CAAE,SAAQ,QAAQ,CAAC,KAAK,CAAC;IACxF,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,4EAA4E;AAC5E,wBAAgB,eAAe,CAAC,IAAI,EAAE,eAAe,GAAG,MAAM,CAkB7D;AAID,oFAAoF;AACpF,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX;;;OAGG;IACH,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,iDAAiD;IACjD,KAAK,EAAE,MAAM,EAAE,CAAC;CACjB;AAED,sDAAsD;AACtD,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,uEAAuE;AACvE,MAAM,WAAW,cAAc;IAC7B;;;OAGG;IACH,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,kDAAkD;IAClD,KAAK,EAAE,MAAM,EAAE,CAAC;CACjB;AAID;;;;;;;;GAQG;AACH,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE;QACJ;;;;;;WAMG;QACH,gBAAgB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;QACjE,qEAAqE;QACrE,QAAQ,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;QACjD;;;WAGG;QACH,MAAM,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC;YAAE,EAAE,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QACtD;;;WAGG;QACH,WAAW,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;KAC7D,CAAC;IACF,OAAO,EAAE;QACP;;;WAGG;QACH,MAAM,CAAC,IAAI,EAAE;YAAE,MAAM,EAAE,MAAM,CAAC;YAAC,SAAS,EAAE,IAAI,CAAA;SAAE,GAAG,OAAO,CAAC;YAAE,EAAE,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAC3E;;;WAGG;QACH,QAAQ,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,aAAa,GAAG;YAAE,IAAI,EAAE,UAAU,CAAA;SAAE,CAAC,GAAG,IAAI,CAAC,CAAC;QACpF,sEAAsE;QACtE,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QACzC,mFAAmF;QACnF,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;KACjD,CAAC;CACH;AAID;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,WAAW,cAAc;IAC7B;;;;;;;;;;;;;;;OAeG;IACH,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,aAAa,KAAK,OAAO,CAAC,cAAc,CAAC,CAAC;IAE7D;;;;;;;;;;;;;;;;OAgBG;IACH,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,OAAO,CAAC,UAAU,CAAC,CAAC;IAEnD;;;;;;;;;;;;;;;OAeG;IACH,OAAO,CAAC,EAAE,CAAC,YAAY,EAAE,MAAM,KAAK,OAAO,CAAC,aAAa,CAAC,CAAC;IAE3D;;;;;;;;;;;;;;OAcG;IACH,MAAM,CAAC,EAAE,CAAC,YAAY,EAAE,MAAM,GAAG,SAAS,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAE7D;;;;;;;;;;;OAWG;IACH,SAAS,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAE9C;;;;;;;;;;;;;;;;OAgBG;IACH,WAAW,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,OAAO,CAAC,iBAAiB,CAAC,CAAC;CAC/E;AAID;;;;;;;;;;;;GAYG;AACH,MAAM,WAAW,UAAU,CAAC,KAAK,SAAS,MAAM,GAAG,MAAM;IACvD,uFAAuF;IACvF,MAAM,EAAE,MAAM,CAAC;IACf;;;;OAIG;IACH,eAAe,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAClC;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IACnC;;;OAGG;IACH,SAAS,CAAC,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;IACxC;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB;;;;;;;OAOG;IACH,UAAU,EAAE,SAAS,KAAK,EAAE,CAAC;IAC7B,8DAA8D;IAC9D,OAAO,EAAE,WAAW,CAAC;IACrB;;;;;;;;;;;;;;;;;;;;OAoBG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,MAAM,CAAC,EAAE,cAAc,CAAC;IACxB;;;;;;;;;;;;;;OAcG;IACH,MAAM,CAAC,EAAE,YAAY,CAAC;CACvB;AAED;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B;;;OAGG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;IACd;;;OAGG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB;;;;OAIG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB;;;OAGG;IACH,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IACrC;;;OAGG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAID;;;;;;GAMG;AACH,MAAM,WAAW,QAAQ,CAAC,KAAK,SAAS,MAAM,GAAG,MAAM;IACrD,EAAE,EAAE,MAAM,CAAC;IACX;;;OAGG;IACH,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,KAAK,EAAE,CAAC;CAChB;AAED,iCAAiC;AACjC,MAAM,MAAM,cAAc,CAAC,KAAK,SAAS,MAAM,GAAG,MAAM,IACpD;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,IAAI,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAA;CAAE,GACxC;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,WAAW,CAAA;CAAE,CAAC;AAE3C,8BAA8B;AAC9B,MAAM,MAAM,UAAU,CAAC,KAAK,SAAS,MAAM,GAAG,MAAM,IAChD;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,WAAW,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAA;CAAE,GACnF;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,WAAW,CAAA;CAAE,CAAC;AAE3C,oCAAoC;AACpC,MAAM,MAAM,iBAAiB,CAAC,KAAK,SAAS,MAAM,GAAG,MAAM,IACvD;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,IAAI,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAA;CAAE,GACxC;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,WAAW,CAAA;CAAE,CAAC;AAE3C,gCAAgC;AAChC,MAAM,MAAM,aAAa,CAAC,KAAK,SAAS,MAAM,GAAG,MAAM,IACnD;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,WAAW,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAA;CAAE,GACnF;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,WAAW,CAAA;CAAE,CAAC;AAE3C,4BAA4B;AAC5B,MAAM,WAAW,aAAa,CAAC,KAAK,SAAS,MAAM,GAAG,MAAM;IAC1D;;;OAGG;IACH,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,qEAAqE;IACrE,KAAK,CAAC,EAAE,KAAK,EAAE,CAAC;CACjB;AAED,yBAAyB;AACzB,MAAM,WAAW,UAAU;IACzB;;;OAGG;IACH,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;CAClB"}
|
package/dist/types/auth.js
CHANGED
package/dist/types/auth.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/types/auth.ts"],"names":[],"mappings":"AAqBA,
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/types/auth.ts"],"names":[],"mappings":"AAqBA,4EAA4E;AAC5E,MAAM,UAAU,eAAe,CAAC,IAAqB;IACnD,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,cAAc,CAAC;QACpB,KAAK,qBAAqB,CAAC;QAC3B,KAAK,eAAe,CAAC;QACrB,KAAK,eAAe;YAClB,OAAO,GAAG,CAAC;QACb,KAAK,WAAW;YACd,OAAO,GAAG,CAAC;QACb,KAAK,gBAAgB;YACnB,OAAO,GAAG,CAAC;QACb,KAAK,qBAAqB;YACxB,OAAO,GAAG,CAAC;QACb,KAAK,qBAAqB;YACxB,OAAO,GAAG,CAAC;QACb;YACE,OAAO,GAAG,CAAC;IACf,CAAC;AACH,CAAC"}
|
package/package.json
CHANGED
|
@@ -50,7 +50,7 @@ export const auth = createAuth({
|
|
|
50
50
|
// --- Express app setup ---
|
|
51
51
|
//
|
|
52
52
|
// import express from 'express';
|
|
53
|
-
// import {
|
|
53
|
+
// import { SentriError } from 'sentri';
|
|
54
54
|
//
|
|
55
55
|
// const app = express();
|
|
56
56
|
// app.use(express.json());
|
|
@@ -58,13 +58,13 @@ export const auth = createAuth({
|
|
|
58
58
|
// // Mount the auth router (POST /auth/register, /auth/login, etc.)
|
|
59
59
|
// app.use('/auth', auth.router());
|
|
60
60
|
//
|
|
61
|
-
// // Your own routes — throw
|
|
61
|
+
// // Your own routes — throw SentriError (or any subclass) and errorHandler catches them
|
|
62
62
|
// app.get('/protected', auth.protect(), (req, res) => {
|
|
63
63
|
// res.json(req.user);
|
|
64
64
|
// });
|
|
65
65
|
//
|
|
66
|
-
// // Domain-specific error by extending
|
|
67
|
-
// class NotFoundError extends
|
|
66
|
+
// // Domain-specific error by extending SentriError
|
|
67
|
+
// class NotFoundError extends SentriError {
|
|
68
68
|
// constructor(resource: string) {
|
|
69
69
|
// super('NOT_FOUND', `${resource} not found`, 404);
|
|
70
70
|
// }
|
|
@@ -76,7 +76,7 @@ export const auth = createAuth({
|
|
|
76
76
|
// res.json(item);
|
|
77
77
|
// });
|
|
78
78
|
//
|
|
79
|
-
// // Mount AFTER all routes — catches
|
|
79
|
+
// // Mount AFTER all routes — catches SentriError from sentri AND your subclasses
|
|
80
80
|
// app.use(auth.errorHandler());
|
|
81
81
|
//
|
|
82
82
|
// app.listen(3000);
|
package/templates/prisma/auth.ts
CHANGED
|
@@ -53,7 +53,7 @@ export const auth = createAuth({
|
|
|
53
53
|
// --- Express app setup ---
|
|
54
54
|
//
|
|
55
55
|
// import express from 'express';
|
|
56
|
-
// import {
|
|
56
|
+
// import { SentriError } from 'sentri';
|
|
57
57
|
//
|
|
58
58
|
// const app = express();
|
|
59
59
|
// app.use(express.json());
|
|
@@ -61,13 +61,13 @@ export const auth = createAuth({
|
|
|
61
61
|
// // Mount the auth router (POST /auth/register, /auth/login, etc.)
|
|
62
62
|
// app.use('/auth', auth.router());
|
|
63
63
|
//
|
|
64
|
-
// // Your own routes — throw
|
|
64
|
+
// // Your own routes — throw SentriError (or any subclass) and errorHandler catches them
|
|
65
65
|
// app.get('/protected', auth.protect(), (req, res) => {
|
|
66
66
|
// res.json(req.user);
|
|
67
67
|
// });
|
|
68
68
|
//
|
|
69
|
-
// // Domain-specific error by extending
|
|
70
|
-
// class NotFoundError extends
|
|
69
|
+
// // Domain-specific error by extending SentriError
|
|
70
|
+
// class NotFoundError extends SentriError {
|
|
71
71
|
// constructor(resource: string) {
|
|
72
72
|
// super('NOT_FOUND', `${resource} not found`, 404);
|
|
73
73
|
// }
|
|
@@ -79,7 +79,7 @@ export const auth = createAuth({
|
|
|
79
79
|
// res.json(item);
|
|
80
80
|
// });
|
|
81
81
|
//
|
|
82
|
-
// // Mount AFTER all routes — catches
|
|
82
|
+
// // Mount AFTER all routes — catches SentriError from sentri AND your subclasses
|
|
83
83
|
// app.use(auth.errorHandler());
|
|
84
84
|
//
|
|
85
85
|
// app.listen(3000);
|