supaapps-auth 2.0.0-rc.5 → 2.0.0-rc.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist/AuthManager.d.ts +9 -2
  2. package/dist/AuthManager.js +132 -15
  3. package/dist/types.d.ts +1 -0
  4. package/package.json +1 -1
  5. package/src/AuthManager.ts +169 -22
  6. package/src/types.ts +1 -0
package/dist/AuthManager.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { AuthManagerEvent } from './types';
1
+ import { AuthManagerEvent, UserTokenPayload } from './types';
2
2
  export declare class AuthManager {
3
3
  private static instance;
4
4
  private authServer;
@@ -18,9 +18,16 @@ export declare class AuthManager {
18
18
  getLoginWithGoogleUri(): string;
19
19
  isLoggedIn(): Promise<boolean>;
20
20
  getAccessToken(mustBeLoggedIn?: boolean): Promise<string>;
21
+ verifyEmail(email: string, code: string): Promise<boolean>;
22
+ doPassReset(email: string, code: string, newPassword: string): Promise<boolean>;
23
+ changeEmail(email: string): Promise<boolean>;
24
+ initPasswordReset(email: string): Promise<boolean>;
25
+ changePassword(oldPassword: string, newPassword: string, email: string): Promise<boolean>;
26
+ registerUsingEmail(firstName: string, lastName: string, email: string, password: string): Promise<void>;
21
27
  private saveTokens;
28
+ loginUsingEmail(email: string, password: string): Promise<void>;
22
29
  loginUsingPkce(code: string): Promise<void>;
23
30
  logout(): Promise<void>;
24
- static validateToken(authServer: string, bearerToken: string): Promise<boolean>;
31
+ static validateToken(authServer: string, bearerToken: string): Promise<UserTokenPayload>;
25
32
  static resetInstance(): void;
26
33
  }
package/dist/AuthManager.js CHANGED
@@ -139,6 +139,99 @@ class AuthManager {
139
139
  }
140
140
  });
141
141
  }
142
+ verifyEmail(email, code) {
143
+ return __awaiter(this, void 0, void 0, function* () {
144
+ const response = yield axios_1.default.post(`${this.authServer}auth/email/verify`, {
145
+ realm_name: this.realmName,
146
+ email,
147
+ code,
148
+ });
149
+ if (response.data.error || response.data.errors) {
150
+ throw new Error(response.data.error || response.data.message);
151
+ }
152
+ return response.status === 200;
153
+ });
154
+ }
155
+ doPassReset(email, code, newPassword) {
156
+ return __awaiter(this, void 0, void 0, function* () {
157
+ const response = yield axios_1.default.post(`${this.authServer}auth/email/do_pass_reset`, {
158
+ realm_name: this.realmName,
159
+ email,
160
+ });
161
+ if (response.data.error || response.data.errors) {
162
+ throw new Error(response.data.error || response.data.message);
163
+ }
164
+ return response.status === 200;
165
+ });
166
+ }
167
+ changeEmail(email) {
168
+ return __awaiter(this, void 0, void 0, function* () {
169
+ const accessToken = localStorage.getItem('access_token');
170
+ if (!accessToken) {
171
+ throw new Error('Access token not found');
172
+ }
173
+ const response = yield axios_1.default.post(`${this.authServer}auth/email/change_email`, {
174
+ realm_name: this.realmName,
175
+ email,
176
+ }, {
177
+ headers: { Authorization: `Bearer ${accessToken}` },
178
+ });
179
+ if (response.data.error || response.data.errors) {
180
+ throw new Error(response.data.error || response.data.message);
181
+ }
182
+ return response.status === 200;
183
+ });
184
+ }
185
+ initPasswordReset(email) {
186
+ return __awaiter(this, void 0, void 0, function* () {
187
+ const response = yield axios_1.default.post(`${this.authServer}auth/email/init_pass_reset`, {
188
+ realm_name: this.realmName,
189
+ email,
190
+ });
191
+ if (response.data.error || response.data.errors) {
192
+ throw new Error(response.data.error || response.data.message);
193
+ }
194
+ return response.status === 200 || response.status === 201;
195
+ });
196
+ }
197
+ changePassword(oldPassword, newPassword, email) {
198
+ return __awaiter(this, void 0, void 0, function* () {
199
+ const accessToken = localStorage.getItem('access_token');
200
+ if (!accessToken) {
201
+ throw new Error('Access token not found');
202
+ }
203
+ const response = yield axios_1.default.post(`${this.authServer}auth/email/change_pass`, {
204
+ realm_name: this.realmName,
205
+ email,
206
+ old_password: oldPassword,
207
+ new_password: newPassword,
208
+ }, {
209
+ headers: { Authorization: `Bearer ${accessToken}` },
210
+ });
211
+ if (response.data.error || response.data.errors) {
212
+ throw new Error(response.data.error || response.data.message);
213
+ }
214
+ return response.status === 200;
215
+ });
216
+ }
217
+ registerUsingEmail(firstName, lastName, email, password) {
218
+ return __awaiter(this, void 0, void 0, function* () {
219
+ const response = yield axios_1.default.post(`${this.authServer}auth/email/register`, {
220
+ realm_name: this.realmName,
221
+ first_name: firstName,
222
+ last_name: lastName,
223
+ email,
224
+ password,
225
+ });
226
+ if (response.data.message || response.data.error) {
227
+ throw new Error(response.data.message || response.data.error);
228
+ }
229
+ if (!response.data.access_token) {
230
+ throw new Error('Something went wrong');
231
+ }
232
+ this.saveTokens(response, false);
233
+ });
234
+ }
142
235
  saveTokens(response, byRefresh) {
143
236
  localStorage.setItem('access_token', response.data.access_token);
144
237
  localStorage.setItem('refresh_token', response.data.refresh_token);
@@ -149,6 +242,19 @@ class AuthManager {
149
242
  const user = this.tokenToPayload(response.data.access_token);
150
243
  localStorage.setItem('user', JSON.stringify(user));
151
244
  }
245
+ loginUsingEmail(email, password) {
246
+ return __awaiter(this, void 0, void 0, function* () {
247
+ const response = yield axios_1.default.post(`${this.authServer}auth/email/login`, {
248
+ realm_name: this.realmName,
249
+ email,
250
+ password,
251
+ });
252
+ if (response.data.message || response.data.error) {
253
+ throw new Error(response.data.message || response.data.error);
254
+ }
255
+ this.saveTokens(response, false);
256
+ });
257
+ }
152
258
  loginUsingPkce(code) {
153
259
  return __awaiter(this, void 0, void 0, function* () {
154
260
  try {
@@ -192,23 +298,34 @@ class AuthManager {
192
298
  return __awaiter(this, void 0, void 0, function* () {
193
299
  var _a;
194
300
  // @todo tests missing for this static validation
195
- try {
196
- const decodedToken = (_a = (0, jsonwebtoken_1.decode)(bearerToken, {
197
- complete: true,
198
- })) === null || _a === void 0 ? void 0 : _a.payload;
199
- if (!decodedToken) {
200
- return false;
201
- }
202
- const { data: publicKey } = yield axios_1.default.get(`${authServer}public/public_key`);
203
- const { data: algo } = yield axios_1.default.get(`${authServer}public/algo`);
204
- (0, jsonwebtoken_1.verify)(bearerToken, publicKey, { algorithms: [algo] });
205
- const { data: revokedIds } = yield axios_1.default.get(`${authServer}public/revoked_ids`);
206
- // eslint-disable-next-line @typescript-eslint/dot-notation
207
- return !revokedIds.includes(decodedToken['id']);
301
+ // @todo add caching for public key and algo
302
+ const decodedToken = (_a = (0, jsonwebtoken_1.decode)(bearerToken, {
303
+ complete: true,
304
+ })) === null || _a === void 0 ? void 0 : _a.payload;
305
+ if (!decodedToken) {
306
+ throw new Error('Not a valid jwt token');
208
307
  }
209
- catch (error) {
210
- return false;
308
+ const userToken = {
309
+ id: decodedToken['id'],
310
+ iss: decodedToken['iss'],
311
+ sub: parseInt(decodedToken['sub']),
312
+ first_name: decodedToken['first_name'],
313
+ last_name: decodedToken['last_name'],
314
+ email: decodedToken['email'],
315
+ aud: decodedToken['aud'],
316
+ iat: decodedToken['iat'],
317
+ exp: decodedToken['exp'],
318
+ scopes: decodedToken['scopes'],
319
+ realm: decodedToken['realm'],
320
+ };
321
+ const { data: publicKey } = yield axios_1.default.get(`${authServer}public/public_key`);
322
+ const { data: algo } = yield axios_1.default.get(`${authServer}public/algo`);
323
+ (0, jsonwebtoken_1.verify)(bearerToken, publicKey, { algorithms: [algo] });
324
+ const { data: revokedIds } = yield axios_1.default.get(`${authServer}public/revoked_ids`);
325
+ if (revokedIds.includes(decodedToken['id'])) {
326
+ throw new Error('Token is revoked');
211
327
  }
328
+ return userToken;
212
329
  });
213
330
  }
214
331
  static resetInstance() {
package/dist/types.d.ts CHANGED
@@ -18,6 +18,7 @@ export interface UserTokenPayload {
18
18
  iat: number;
19
19
  exp: number;
20
20
  scopes: string;
21
+ realm: string;
21
22
  }
22
23
  export interface AuthManagerEvent {
23
24
  type: AuthEventType;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "supaapps-auth",
3
- "version": "2.0.0-rc.5",
3
+ "version": "2.0.0-rc.7",
4
4
  "description": "",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",
package/src/AuthManager.ts CHANGED
@@ -170,6 +170,125 @@ export class AuthManager {
170
170
  }
171
171
  }
172
172
 
173
+ public async verifyEmail(email: string, code: string): Promise<boolean> {
174
+ const response = await axios.post(
175
+ `${this.authServer}auth/email/verify`,
176
+ {
177
+ realm_name: this.realmName,
178
+ email,
179
+ code,
180
+ },
181
+ );
182
+ if (response.data.error || response.data.errors) {
183
+ throw new Error(response.data.error || response.data.message);
184
+ }
185
+
186
+ return response.status === 200;
187
+ }
188
+
189
+ public async doPassReset(email: string, code: string, newPassword: string): Promise<boolean> {
190
+ const response = await axios.post(
191
+ `${this.authServer}auth/email/do_pass_reset`,
192
+ {
193
+ realm_name: this.realmName,
194
+ email,
195
+ },
196
+ );
197
+ if (response.data.error || response.data.errors) {
198
+ throw new Error(response.data.error || response.data.message);
199
+ }
200
+
201
+ return response.status === 200;
202
+ }
203
+
204
+ public async changeEmail(email: string): Promise<boolean> {
205
+ const accessToken = localStorage.getItem('access_token');
206
+ if (!accessToken) {
207
+ throw new Error('Access token not found');
208
+ }
209
+ const response = await axios.post(
210
+ `${this.authServer}auth/email/change_email`,
211
+ {
212
+ realm_name: this.realmName,
213
+ email,
214
+ },
215
+ {
216
+ headers: { Authorization: `Bearer ${accessToken}` },
217
+ },
218
+ );
219
+ if (response.data.error || response.data.errors) {
220
+ throw new Error(response.data.error || response.data.message);
221
+ }
222
+
223
+ return response.status === 200;
224
+ }
225
+
226
+ public async initPasswordReset(email: string): Promise<boolean> {
227
+ const response = await axios.post(
228
+ `${this.authServer}auth/email/init_pass_reset`,
229
+ {
230
+ realm_name: this.realmName,
231
+ email,
232
+ },
233
+ );
234
+ if (response.data.error || response.data.errors) {
235
+ throw new Error(response.data.error || response.data.message);
236
+ }
237
+
238
+ return response.status === 200 || response.status === 201;
239
+ }
240
+
241
+ public async changePassword(oldPassword: string, newPassword: string, email: string): Promise<boolean> {
242
+ const accessToken = localStorage.getItem('access_token');
243
+ if (!accessToken) {
244
+ throw new Error('Access token not found');
245
+ }
246
+ const response = await axios.post(
247
+ `${this.authServer}auth/email/change_pass`,
248
+ {
249
+ realm_name: this.realmName,
250
+ email,
251
+ old_password: oldPassword,
252
+ new_password: newPassword,
253
+ },
254
+ {
255
+ headers: { Authorization: `Bearer ${accessToken}` },
256
+ },
257
+ );
258
+ if (response.data.error || response.data.errors) {
259
+ throw new Error(response.data.error || response.data.message);
260
+ }
261
+
262
+ return response.status === 200;
263
+ }
264
+
265
+ public async registerUsingEmail(
266
+ firstName: string,
267
+ lastName: string,
268
+ email: string,
269
+ password: string
270
+ ): Promise<void> {
271
+ const response = await axios.post(
272
+ `${this.authServer}auth/email/register`,
273
+ {
274
+ realm_name: this.realmName,
275
+ first_name: firstName,
276
+ last_name: lastName,
277
+ email,
278
+ password,
279
+ },
280
+ );
281
+ if (response.data.message || response.data.error) {
282
+ throw new Error(response.data.message || response.data.error);
283
+ }
284
+
285
+ if (!response.data.access_token) {
286
+ throw new Error('Something went wrong');
287
+ }
288
+
289
+ this.saveTokens(response, false);
290
+ }
291
+
173
292
  private saveTokens(response: AxiosResponse, byRefresh: boolean): void {
174
293
  localStorage.setItem('access_token', response.data.access_token);
175
294
  localStorage.setItem(
@@ -184,6 +303,21 @@ export class AuthManager {
184
303
  localStorage.setItem('user', JSON.stringify(user));
185
304
  }
186
305
 
306
+ public async loginUsingEmail(email: string, password: string): Promise<void> {
307
+ const response = await axios.post(
308
+ `${this.authServer}auth/email/login`,
309
+ {
310
+ realm_name: this.realmName,
311
+ email,
312
+ password,
313
+ },
314
+ );
315
+ if (response.data.message || response.data.error) {
316
+ throw new Error(response.data.message || response.data.error);
317
+ }
318
+ this.saveTokens(response, false);
319
+ }
320
+
187
321
  public async loginUsingPkce(code: string): Promise<void> {
188
322
  try {
189
323
  const codeVerifier = localStorage.getItem('codeVerifier');
@@ -230,34 +364,47 @@ export class AuthManager {
230
364
  public static async validateToken(
231
365
  authServer: string,
232
366
  bearerToken: string,
233
- ): Promise<boolean> {
367
+ ): Promise<UserTokenPayload> {
234
368
  // @todo tests missing for this static validation
235
- try {
236
- const decodedToken = jwtDecode(bearerToken, {
237
- complete: true,
238
- })?.payload;
369
+ // @todo add caching for public key and algo
370
+ const decodedToken = jwtDecode(bearerToken, {
371
+ complete: true,
372
+ })?.payload;
239
373
 
240
- if (!decodedToken) {
241
- return false;
242
- }
374
+ if (!decodedToken) {
375
+ throw new Error('Not a valid jwt token');
376
+ }
243
377
 
244
- const { data: publicKey } = await axios.get(
245
- `${authServer}public/public_key`,
246
- );
247
- const { data: algo } = await axios.get(
248
- `${authServer}public/algo`,
249
- );
378
+ const userToken: UserTokenPayload = {
379
+ id: decodedToken['id'],
380
+ iss: decodedToken['iss'],
381
+ sub: parseInt(decodedToken['sub'] as string),
382
+ first_name: decodedToken['first_name'],
383
+ last_name: decodedToken['last_name'],
384
+ email: decodedToken['email'],
385
+ aud: decodedToken['aud'],
386
+ iat: decodedToken['iat'],
387
+ exp: decodedToken['exp'],
388
+ scopes: decodedToken['scopes'],
389
+ realm: decodedToken['realm'],
390
+ }
250
391
 
251
- jwtVerify(bearerToken, publicKey, { algorithms: [algo] });
392
+ const { data: publicKey } = await axios.get(
393
+ `${authServer}public/public_key`,
394
+ );
395
+ const { data: algo } = await axios.get(
396
+ `${authServer}public/algo`,
397
+ );
252
398
 
253
- const { data: revokedIds } = await axios.get(
254
- `${authServer}public/revoked_ids`,
255
- );
256
- // eslint-disable-next-line @typescript-eslint/dot-notation
257
- return !revokedIds.includes(decodedToken['id']);
258
- } catch (error) {
259
- return false;
399
+ jwtVerify(bearerToken, publicKey, { algorithms: [algo] });
400
+
401
+ const { data: revokedIds } = await axios.get(
402
+ `${authServer}public/revoked_ids`,
403
+ );
404
+ if(revokedIds.includes(decodedToken['id'])){
405
+ throw new Error('Token is revoked');
260
406
  }
407
+ return userToken;
261
408
  }
262
409
 
263
410
  public static resetInstance(): void {
package/src/types.ts CHANGED
@@ -20,6 +20,7 @@ export interface UserTokenPayload {
20
20
  iat: number;
21
21
  exp: number;
22
22
  scopes: string;
23
+ realm: string;
23
24
  }
24
25
 
25
26
  export interface AuthManagerEvent {