npm - strapi-identity - Versions diffs - 0.4.2 → 0.5.1 - Mend

strapi-identity 0.4.2 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (60) hide show

package/dist/server/src/services/index.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import { Plugin } from '@strapi/types';
+declare const services: Plugin.LoadedPlugin['services'];
+export default services;

package/dist/server/src/services/mfa.d.ts ADDED Viewed

@@ -0,0 +1,82 @@
+import { Secret } from 'otpauth';
+/**
+ * Validates a TOTP token against the temporary secret for a given user
+ * @param userId id of the user to validate against
+ * @param token TOTP token to validate
+ * @returns {Promise<boolean>} is the token valid
+ */
+export declare const validateTempToken: (userId: string, token: string) => Promise<boolean>;
+/**
+ * Validates a code against both the user's active TOTP secret and their recovery codes
+ * @param userId id of the user to validate against
+ * @param code code to validate (either TOTP token or recovery code)
+ * @returns {Promise<boolean>} is the code valid
+ */
+export declare const validateTokenOrRecoveryCode: (userId: string, code: string) => Promise<boolean>;
+/**
+ * Sets up a temporary secret for a user during MFA setup
+ * @param userId id of the user to set up MFA for
+ * @return {Promise<Secret>} the generated temporary secret
+ */
+export declare const setupTemporarySecret: (userId: string) => Promise<Secret>;
+/**
+ * Finalizes MFA setup by moving the temporary secret to the main token document and generating recovery codes
+ * @param userId id of the user to finalize MFA setup for
+ * @returns {Promise<string[]>} the generated recovery codes
+ */
+export declare const setupFullSecret: (userId: string) => Promise<string[]>;
+/**
+ * Generates a 6-digit email OTP for a user, stores it hashed with expiry, and returns the plaintext code
+ * @param userId id of the user to generate an OTP for
+ * @param purpose the purpose of the OTP: 'login', 'setup', or 'disable'
+ * @returns {Promise<string>} the plaintext OTP
+ */
+export declare const generateEmailOTP: (userId: string, purpose?: "login" | "setup" | "disable") => Promise<string>;
+/**
+ * Validates an email OTP for a given user and purpose.
+ * Increments attempt count, rejects on expiry or too many attempts, removes the record on success.
+ * @param userId id of the user to validate against
+ * @param code plaintext OTP to validate
+ * @param purpose the purpose of the OTP
+ * @returns {Promise<boolean>} whether the code is valid
+ */
+export declare const validateEmailOTP: (userId: string, code: string, purpose?: "login" | "setup" | "disable") => Promise<boolean>;
+/**
+ * Enables email OTP MFA for a user, creating or updating their mfa-token record
+ * @param userId id of the user to enable email MFA for
+ */
+export declare const enableEmailMFA: (userId: string) => Promise<void>;
+/**
+ * Returns the MFA status and method type for a given user
+ * @param userId id of the user to check
+ * @returns the status and type of MFA, or null if not enabled
+ */
+export declare const getMFAInfo: (userId: string) => Promise<{
+    status: "full";
+    type: "totp" | "email";
+} | null>;
+/**
+ * Disables MFA for a user after validating the provided code.
+ * For TOTP, validates against TOTP token or recovery code.
+ * For email OTP, validates against a previously generated disable OTP.
+ * @param userId id of the user to disable MFA for
+ * @param code a valid TOTP token, recovery code, or email OTP
+ */
+export declare const disableSecret: (userId: string, code: string) => Promise<void>;
+/**
+ * Disables the temporary secret for a user, effectively canceling the MFA setup process
+ * @param userId id of the user to disable the temporary secret for
+ */
+export declare const disableTempSecret: (userId: string) => Promise<void>;
+/**
+ * Checks if MFA is currently enabled for a given user
+ * @param userId id of the user to check
+ * @returns {Promise<'full' | null>} is MFA enabled for the user
+ */
+export declare const isMFAEnabled: (userId: string) => Promise<"full" | null>;
+/**
+ * Generates a secure random recovery code of the specified length
+ * @param length length of the recovery code to generate (default: 8)
+ * @returns {string} the generated recovery code
+ */
+export declare const generateRecoveryCode: (length?: number) => string;

package/package.json CHANGED Viewed

@@ -1,5 +1,5 @@
 {
-  "version": "0.4.2",
+  "version": "0.5.1",
   "keywords": [
     "strapi",
     "plugin",
@@ -43,16 +43,17 @@
     "strapi-admin-portal": "^0.3.0"
   },
   "devDependencies": {
-    "@strapi/sdk-plugin": "^6.0.1",
-    "@strapi/typescript-utils": "^5.40.0",
+    "@strapi/sdk-plugin": "^6.1.0",
+    "@strapi/typescript-utils": "^5.43.0",
     "@types/bcryptjs": "^2.4.6",
-    "@types/react": "^18.3.27",
+    "@types/react": "^18.3.28",
     "@types/react-dom": "^18.3.7",
-    "prettier": "^3.8.1",
+    "prettier": "^3.8.3",
     "typescript": "^5.9.3"
   },
   "peerDependencies": {
     "@strapi/design-system": "^2.1.2",
+    "koa2-ratelimit": "^1.1.3",
     "@strapi/email": "^5.39.0",
     "@strapi/icons": "^2.1.2",
     "@strapi/sdk-plugin": "^5.4.0",