supaapps-auth 2.0.0-rc.6 → 2.0.0-rc.8

package/dist/AuthManager.d.ts

@@ -11,14 +11,21 @@ export declare class AuthManager {
     private tokenToPayload;
     private toBase64Url;
     private generatePKCEPair;
-    refreshAccessToken(isInitilization?: boolean): Promise<string>;
+    refreshAccessToken(isInitialization?: boolean): Promise<string>;
     checkAccessToken(isInitilization?: boolean): Promise<string>;
     private isTokenExpired;
     mustBeLoggedIn(): Promise<void>;
     getLoginWithGoogleUri(): string;
     isLoggedIn(): Promise<boolean>;
     getAccessToken(mustBeLoggedIn?: boolean): Promise<string>;
+    verifyEmail(email: string, token: string): Promise<boolean>;
+    doPassReset(email: string, token: string, newPassword: string): Promise<boolean>;
+    changeEmail(email: string): Promise<boolean>;
+    initPasswordReset(email: string): Promise<boolean>;
+    changePassword(oldPassword: string, newPassword: string, email: string): Promise<boolean>;
+    registerUsingEmail(firstName: string, lastName: string, email: string, password: string): Promise<void>;
     private saveTokens;
+    loginUsingEmail(email: string, password: string): Promise<void>;
     loginUsingPkce(code: string): Promise<void>;
     logout(): Promise<void>;
     static validateToken(authServer: string, bearerToken: string): Promise<UserTokenPayload>;

package/dist/AuthManager.js

@@ -63,7 +63,7 @@ class AuthManager {
         return { verifier, challenge };
     }
     refreshAccessToken() {
-        return __awaiter(this, arguments, void 0, function* (isInitilization = false) {
+        return __awaiter(this, arguments, void 0, function* (isInitialization = false) {
             try {
                 const refreshToken = localStorage.getItem('refresh_token');
                 if (!refreshToken) {
@@ -79,7 +79,7 @@ class AuthManager {
                 console.error(`Refresh token error, logging out: ${error}`);
                 localStorage.removeItem('access_token');
                 localStorage.removeItem('refresh_token');
-                if (!isInitilization) {
+                if (!isInitialization) {
                     // throw refresh fail only if not initialization
                     this.onStateChange({ type: types_1.AuthEventType.REFRESH_FAILED });
                 }
@@ -139,6 +139,101 @@ class AuthManager {
             }
         });
     }
+    verifyEmail(email, token) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const response = yield axios_1.default.post(`${this.authServer}auth/email/verify`, {
+                realm_name: this.realmName,
+                email,
+                token,
+            });
+            if (response.data.error || response.data.errors) {
+                throw new Error(response.data.error || response.data.message);
+            }
+            return response.status === 200;
+        });
+    }
+    doPassReset(email, token, newPassword) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const response = yield axios_1.default.post(`${this.authServer}auth/email/do_pass_reset`, {
+                realm_name: this.realmName,
+                email,
+                token,
+                new_password: newPassword,
+            });
+            if (response.data.error || response.data.errors) {
+                throw new Error(response.data.error || response.data.message);
+            }
+            return response.status === 200;
+        });
+    }
+    changeEmail(email) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const accessToken = localStorage.getItem('access_token');
+            if (!accessToken) {
+                throw new Error('Access token not found');
+            }
+            const response = yield axios_1.default.post(`${this.authServer}auth/email/change_email`, {
+                realm_name: this.realmName,
+                email,
+            }, {
+                headers: { Authorization: `Bearer ${accessToken}` },
+            });
+            if (response.data.error || response.data.errors) {
+                throw new Error(response.data.error || response.data.message);
+            }
+            return response.status === 200;
+        });
+    }
+    initPasswordReset(email) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const response = yield axios_1.default.post(`${this.authServer}auth/email/init_pass_reset`, {
+                realm_name: this.realmName,
+                email,
+            });
+            if (response.data.error || response.data.errors) {
+                throw new Error(response.data.error || response.data.message);
+            }
+            return response.status === 200 || response.status === 201;
+        });
+    }
+    changePassword(oldPassword, newPassword, email) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const accessToken = localStorage.getItem('access_token');
+            if (!accessToken) {
+                throw new Error('Access token not found');
+            }
+            const response = yield axios_1.default.post(`${this.authServer}auth/email/change_pass`, {
+                realm_name: this.realmName,
+                email,
+                old_password: oldPassword,
+                new_password: newPassword,
+            }, {
+                headers: { Authorization: `Bearer ${accessToken}` },
+            });
+            if (response.data.error || response.data.errors) {
+                throw new Error(response.data.error || response.data.message);
+            }
+            return response.status === 200;
+        });
+    }
+    registerUsingEmail(firstName, lastName, email, password) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const response = yield axios_1.default.post(`${this.authServer}auth/email/register`, {
+                realm_name: this.realmName,
+                first_name: firstName,
+                last_name: lastName,
+                email,
+                password,
+            });
+            if (response.data.message || response.data.error) {
+                throw new Error(response.data.message || response.data.error);
+            }
+            if (!response.data.access_token) {
+                throw new Error('Something went wrong');
+            }
+            this.saveTokens(response, false);
+        });
+    }
     saveTokens(response, byRefresh) {
         localStorage.setItem('access_token', response.data.access_token);
         localStorage.setItem('refresh_token', response.data.refresh_token);
@@ -149,6 +244,19 @@ class AuthManager {
         const user = this.tokenToPayload(response.data.access_token);
         localStorage.setItem('user', JSON.stringify(user));
     }
+    loginUsingEmail(email, password) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const response = yield axios_1.default.post(`${this.authServer}auth/email/login`, {
+                realm_name: this.realmName,
+                email,
+                password,
+            });
+            if (response.data.message || response.data.error) {
+                throw new Error(response.data.message || response.data.error);
+            }
+            this.saveTokens(response, false);
+        });
+    }
     loginUsingPkce(code) {
         return __awaiter(this, void 0, void 0, function* () {
             try {
@@ -200,23 +308,23 @@ class AuthManager {
                 throw new Error('Not a valid jwt token');
             }
             const userToken = {
-                id: decodedToken['id'],
-                iss: decodedToken['iss'],
-                sub: parseInt(decodedToken['sub']),
-                first_name: decodedToken['first_name'],
-                last_name: decodedToken['last_name'],
-                email: decodedToken['email'],
-                aud: decodedToken['aud'],
-                iat: decodedToken['iat'],
-                exp: decodedToken['exp'],
-                scopes: decodedToken['scopes'],
-                realm: decodedToken['realm'],
+                id: decodedToken.id,
+                iss: decodedToken.iss,
+                sub: typeof decodedToken.sub === 'string' ? parseInt(decodedToken.sub) : decodedToken.sub,
+                first_name: decodedToken.first_name,
+                last_name: decodedToken.last_name,
+                email: decodedToken.email,
+                aud: decodedToken.aud,
+                iat: decodedToken.iat,
+                exp: decodedToken.exp,
+                scopes: decodedToken.scopes,
+                realm: decodedToken.realm,
             };
             const { data: publicKey } = yield axios_1.default.get(`${authServer}public/public_key`);
             const { data: algo } = yield axios_1.default.get(`${authServer}public/algo`);
             (0, jsonwebtoken_1.verify)(bearerToken, publicKey, { algorithms: [algo] });
             const { data: revokedIds } = yield axios_1.default.get(`${authServer}public/revoked_ids`);
-            if (revokedIds.includes(decodedToken['id'])) {
+            if (revokedIds.includes(decodedToken.id)) {
                 throw new Error('Token is revoked');
             }
             return userToken;

package/dist/types.d.ts

@@ -10,7 +10,7 @@ export declare enum AuthEventType {
 export interface UserTokenPayload {
     id: number;
     iss: string;
-    sub: number;
+    sub: number | string;
     first_name: string;
     last_name: string;
     email: string;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "supaapps-auth",
-  "version": "2.0.0-rc.6",
+  "version": "2.0.0-rc.8",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -25,7 +25,7 @@
     "@typescript-eslint/eslint-plugin": "^6.21.0",
     "@typescript-eslint/parser": "^6.21.0",
     "axios-mock-adapter": "^1.22.0",
-    "eslint": "^8.57.0",
+    "eslint": "^8.57.1",
     "eslint-config-airbnb-base": "^15.0.0",
     "eslint-config-airbnb-typescript": "^17.1.0",
     "eslint-config-next": "^13.5.6",

package/src/AuthManager.ts

@@ -95,7 +95,7 @@ export class AuthManager {
     return { verifier, challenge };
   }
 
-  public async refreshAccessToken(isInitilization: boolean = false): Promise<string> {
+  public async refreshAccessToken(isInitialization: boolean = false): Promise<string> {
     try {
       const refreshToken = localStorage.getItem('refresh_token');
       if (!refreshToken) {
@@ -114,7 +114,7 @@ export class AuthManager {
       console.error(`Refresh token error, logging out: ${error}`);
       localStorage.removeItem('access_token');
       localStorage.removeItem('refresh_token');
-      if (!isInitilization) {
+      if (!isInitialization) {
         // throw refresh fail only if not initialization
         this.onStateChange({ type: AuthEventType.REFRESH_FAILED });
       }
@@ -170,6 +170,127 @@ export class AuthManager {
     }
   }
 
+  public async verifyEmail(email: string, token: string): Promise<boolean> {
+    const response = await axios.post(
+      `${this.authServer}auth/email/verify`,
+      {
+        realm_name: this.realmName,
+        email,
+        token,
+      },
+    );
+    if (response.data.error || response.data.errors) {
+      throw new Error(response.data.error || response.data.message);
+    }
+
+    return response.status === 200;
+  }
+
+  public async doPassReset(email: string, token: string, newPassword: string): Promise<boolean> {
+    const response = await axios.post(
+        `${this.authServer}auth/email/do_pass_reset`,
+        {
+          realm_name: this.realmName,
+          email,
+          token,
+          new_password: newPassword,
+        },
+    );
+    if (response.data.error || response.data.errors) {
+      throw new Error(response.data.error || response.data.message);
+    }
+
+    return response.status === 200;
+  }
+
+  public async changeEmail(email: string): Promise<boolean> {
+    const accessToken = localStorage.getItem('access_token');
+    if (!accessToken) {
+      throw new Error('Access token not found');
+    }
+    const response = await axios.post(
+      `${this.authServer}auth/email/change_email`,
+      {
+        realm_name: this.realmName,
+        email,
+      },
+      {
+        headers: { Authorization: `Bearer ${accessToken}` },
+      },
+    );
+    if (response.data.error || response.data.errors) {
+      throw new Error(response.data.error || response.data.message);
+    }
+
+    return response.status === 200;
+  }
+
+  public async initPasswordReset(email: string): Promise<boolean> {
+    const response = await axios.post(
+      `${this.authServer}auth/email/init_pass_reset`,
+      {
+        realm_name: this.realmName,
+        email,
+      },
+    );
+    if (response.data.error || response.data.errors) {
+      throw new Error(response.data.error || response.data.message);
+    }
+
+    return response.status === 200 || response.status === 201;
+  }
+
+  public async changePassword(oldPassword: string, newPassword: string, email: string): Promise<boolean> {
+    const accessToken = localStorage.getItem('access_token');
+    if (!accessToken) {
+      throw new Error('Access token not found');
+    }
+    const response = await axios.post(
+      `${this.authServer}auth/email/change_pass`,
+      {
+        realm_name: this.realmName,
+        email,
+        old_password: oldPassword,
+        new_password: newPassword,
+      },
+      {
+        headers: { Authorization: `Bearer ${accessToken}` },
+      },
+    );
+    if (response.data.error || response.data.errors) {
+      throw new Error(response.data.error || response.data.message);
+    }
+
+    return response.status === 200;
+  }
+
+  public async registerUsingEmail(
+      firstName: string,
+      lastName: string,
+      email: string,
+      password: string
+  ): Promise<void> {
+    const response = await axios.post(
+      `${this.authServer}auth/email/register`,
+      {
+        realm_name: this.realmName,
+        first_name: firstName,
+        last_name: lastName,
+        email,
+        password,
+      },
+    );
+    if (response.data.message || response.data.error) {
+      throw new Error(response.data.message || response.data.error);
+    }
+
+    if (!response.data.access_token) {
+        throw new Error('Something went wrong');
+    }
+
+    this.saveTokens(response, false);
+  }
+
   private saveTokens(response: AxiosResponse, byRefresh: boolean): void {
     localStorage.setItem('access_token', response.data.access_token);
     localStorage.setItem(
@@ -184,6 +305,21 @@ export class AuthManager {
     localStorage.setItem('user', JSON.stringify(user));
   }
 
+  public async loginUsingEmail(email: string, password: string): Promise<void> {
+    const response = await axios.post(
+      `${this.authServer}auth/email/login`,
+      {
+        realm_name: this.realmName,
+        email,
+        password,
+      },
+    );
+    if (response.data.message || response.data.error) {
+      throw new Error(response.data.message || response.data.error);
+    }
+    this.saveTokens(response, false);
+  }
+
   public async loginUsingPkce(code: string): Promise<void> {
     try {
       const codeVerifier = localStorage.getItem('codeVerifier');
@@ -235,24 +371,24 @@ export class AuthManager {
     // @todo add caching for public key and algo
     const decodedToken = jwtDecode(bearerToken, {
       complete: true,
-    })?.payload;
+    })?.payload as unknown as UserTokenPayload;
 
     if (!decodedToken) {
       throw new Error('Not a valid jwt token');
     }
 
     const userToken: UserTokenPayload = {
-        id: decodedToken['id'],
-        iss: decodedToken['iss'],
-        sub: parseInt(decodedToken['sub'] as string),
-        first_name: decodedToken['first_name'],
-        last_name: decodedToken['last_name'],
-        email: decodedToken['email'],
-        aud: decodedToken['aud'],
-        iat: decodedToken['iat'],
-        exp: decodedToken['exp'],
-        scopes: decodedToken['scopes'],
-        realm: decodedToken['realm'],
+        id: decodedToken.id,
+        iss: decodedToken.iss,
+        sub: typeof decodedToken.sub === 'string' ? parseInt(decodedToken.sub) : decodedToken.sub,
+        first_name: decodedToken.first_name,
+        last_name: decodedToken.last_name,
+        email: decodedToken.email,
+        aud: decodedToken.aud,
+        iat: decodedToken.iat,
+        exp: decodedToken.exp,
+        scopes: decodedToken.scopes,
+        realm: decodedToken.realm,
     }
 
     const { data: publicKey } = await axios.get(
@@ -267,7 +403,7 @@ export class AuthManager {
     const { data: revokedIds } = await axios.get(
       `${authServer}public/revoked_ids`,
     );
-    if(revokedIds.includes(decodedToken['id'])){
+    if(revokedIds.includes(decodedToken.id)){
       throw new Error('Token is revoked');
     }
     return userToken;

package/src/types.ts

@@ -12,7 +12,7 @@ export enum AuthEventType {
 export interface UserTokenPayload {
     id: number;
     iss: string;
-    sub: number;
+    sub: number | string;
     first_name: string;
     last_name: string;
     email: string;