vona-module-a-user 5.0.49 → 5.1.2

package/src/bean/bean.passport.ts

@@ -0,0 +1,249 @@
+import type { IJwtClientRecord, IJwtSignOptions, IJwtToken, IJwtVerifyOptions, IPayloadData } from 'vona-module-a-jwt';
+
+import { catchError, isNil } from '@cabloy/utils';
+import { BeanBase, beanFullNameFromOnionName } from 'vona';
+import { Bean } from 'vona-module-a-bean';
+
+import type { IAuth, IAuthIdRecord, ISigninOptions } from '../types/auth.ts';
+import type { IAuthTokenAdapter } from '../types/authToken.ts';
+import type { IPassport, IPassportAdapter } from '../types/passport.ts';
+import type { IRole, IRoleNameRecord } from '../types/role.ts';
+import type { IUser, IUserNameRecord } from '../types/user.ts';
+
+import { $getAuthIdSystem } from '../lib/auth.ts';
+
+@Bean()
+export class BeanPassport extends BeanBase {
+  private _authTokenAdapter: IAuthTokenAdapter;
+  private _passportAdapter: IPassportAdapter;
+  private _mockCounter: number = 0;
+
+  private get authTokenAdapter(): IAuthTokenAdapter {
+    if (!this._authTokenAdapter) {
+      const beanFullName = beanFullNameFromOnionName(this.scope.config.adapter.authToken, 'service');
+      this._authTokenAdapter = this.bean._getBean(beanFullName) as IAuthTokenAdapter;
+    }
+    return this._authTokenAdapter;
+  }
+
+  private get passportAdapter(): IPassportAdapter {
+    if (!this._passportAdapter) {
+      const beanFullName = beanFullNameFromOnionName(this.scope.config.adapter.passport, 'service');
+      this._passportAdapter = this.bean._getBean(beanFullName) as IPassportAdapter;
+    }
+    return this._passportAdapter;
+  }
+
+  public get isAuthenticated(): boolean {
+    const user = this.currentUser;
+    return !!user && !user.anonymous;
+  }
+
+  public get isActivated(): boolean {
+    const user = this.currentUser;
+    return !!user && !!user.activated;
+  }
+
+  public async isAdmin(): Promise<boolean> {
+    const passport = this.current;
+    return await this.passportAdapter.isAdmin(passport);
+  }
+
+  public async setCurrent(passport: IPassport | undefined) {
+    this.ctx.state.passport = await this.passportAdapter.setCurrent(passport);
+  }
+
+  public get current(): IPassport | undefined {
+    return this.ctx.state.passport;
+  }
+
+  public get currentUser(): IUser | undefined {
+    return this.ctx.state.passport?.user;
+  }
+
+  public get currentAuth(): IAuth | undefined {
+    return this.ctx.state.passport?.auth;
+  }
+
+  public get currentRoles(): IRole[] | undefined {
+    return this.ctx.state.passport?.roles;
+  }
+
+  public async signin(passport: IPassport, options?: ISigninOptions): Promise<IJwtToken> {
+    if (isNil(this.ctx.instanceName)) throw new Error('should specify instance');
+    // current
+    await this.setCurrent(passport);
+    // event
+    await this.scope.event.signin.emit(passport);
+    // serialize: payloadData for client certificate
+    const payloadData = await this._passportSerialize(passport, options);
+    // jwt token
+    return await this.bean.jwt.create(payloadData, { dev: passport.auth?.id.toString() === '-1' });
+  }
+
+  public async signout(): Promise<void> {
+    // current
+    const passport = this.current;
+    if (!passport) return;
+    // removeAuthToken
+    const payloadData = await this.passportAdapter.serialize(passport);
+    await this.authTokenAdapter.remove(payloadData);
+    // event
+    await this.scope.event.signout.emit(passport);
+    // ok
+    await this.setCurrent(undefined);
+  }
+
+  public async signinSystem<K extends keyof IAuthIdRecord>(
+    authName: IAuthIdRecord[K],
+    authId: K,
+    name?: string,
+    options?: ISigninOptions,
+  ): Promise<IJwtToken> {
+    if (isNil(this.ctx.instanceName)) throw new Error('should specify instance');
+    const user = await this.bean.user.findOneByName(name ?? 'admin');
+    if (!user) return this.app.throw(401);
+    const auth = { id: $getAuthIdSystem(authName, authId) };
+    const roles = await this.bean.role.findAllByUserId(user.id);
+    const passport = { user, auth, roles };
+    return await this.signin(passport, options);
+  }
+
+  public async signinMock(name?: keyof IUserNameRecord, options?: ISigninOptions): Promise<IJwtToken> {
+    return await this.signinSystem('mock', (-10000 - ++this._mockCounter) as any, name, options);
+  }
+
+  public async signinWithAnonymous(): Promise<void> {
+    const userAnonymous = await this.bean.user.createAnonymous();
+    const passport = { user: userAnonymous, auth: undefined };
+    await this.setCurrent(passport);
+  }
+
+  public async kickOut(user?: IUser) {
+    if (!user) return;
+    await this.authTokenAdapter.removeAll(user);
+  }
+
+  public async checkAuthToken(accessToken?: string, clientName?: keyof IJwtClientRecord, options?: IJwtVerifyOptions) {
+    clientName = clientName ?? 'access';
+    const [payloadData, err] = await catchError(() => {
+      return this.bean.jwt.get(clientName).verify(accessToken, options);
+    });
+    if (err) {
+      if (['access', 'refresh'].includes(clientName)) {
+        err.code = 401;
+      }
+      throw err;
+    }
+    if (!payloadData) return; // no jwt token
+    const verified = await this.authTokenAdapter.verify(payloadData);
+    if (!verified) return this.app.throw(401);
+    const passport = await this.passportAdapter.deserialize(payloadData);
+    if (!passport) return this.app.throw(401);
+    await this.setCurrent(passport);
+    return payloadData;
+  }
+
+  public async refreshAuthToken(refreshToken: string) {
+    // checkAuthToken by code
+    let payloadData = await this.checkAuthToken(refreshToken, 'refresh');
+    if (!payloadData) return this.app.throw(401);
+    // refreshAuthToken
+    const configRefreshAuthToken = this.scope.config.passport.refreshAuthToken;
+    payloadData = await this._handlePayloadData(payloadData, { authToken: configRefreshAuthToken });
+    // jwt token
+    return await this.bean.jwt.create(payloadData);
+  }
+
+  // only created by accessToken
+  public async createTempAuthToken(options?: IJwtSignOptions) {
+    // current
+    const passport = this.current;
+    if (!passport) return this.app.throw(401);
+    // payloadData
+    const payloadData = await this._passportSerialize(passport, { authToken: 'nochange' });
+    // jwt token
+    return await this.bean.jwt.createTempAuthToken(payloadData, options);
+  }
+
+  public async createOauthAuthToken(options?: IJwtSignOptions) {
+    // current
+    const passport = this.current;
+    if (!passport) return this.app.throw(401);
+    // payloadData
+    const payloadData = await this._passportSerialize(passport, { authToken: 'nochange' });
+    // jwt token
+    return await this.bean.jwt.createOauthAuthToken(payloadData, options);
+  }
+
+  public async createOauthCode(options?: IJwtSignOptions) {
+    // current
+    const passport = this.current;
+    if (!passport) return this.app.throw(401);
+    // payloadData
+    const payloadData = await this._passportSerialize(passport, { authToken: 'nochange' });
+    // code
+    return await this.bean.jwt.createOauthCode(payloadData, options);
+  }
+
+  public async createOauthCodeFromOauthAuthToken(accessToken: string, options?: IJwtSignOptions) {
+    // payloadData
+    const payloadData = await this.bean.jwt.get('access').verify(accessToken);
+    if (!payloadData) return this.app.throw(401);
+    // code
+    return await this.bean.jwt.createOauthCode(payloadData, options);
+  }
+
+  public async createAuthTokenFromOauthCode(code: string) {
+    // checkAuthToken by code
+    const payloadData = await this.checkAuthToken(code, 'code');
+    if (!payloadData) return this.app.throw(401);
+    // jwt token
+    return await this.bean.jwt.create(payloadData);
+  }
+
+  public checkRoleName(name: keyof IRoleNameRecord | (keyof IRoleNameRecord)[]) {
+    const user = this.bean.passport.currentUser;
+    if (!user || user.anonymous) return false;
+    const roles = this.bean.passport.currentRoles;
+    if (!roles) return false;
+    const roleNames = roles?.map(item => item.name as keyof IRoleNameRecord);
+    const optionsName = Array.isArray(name) ? name : [name];
+    if (!roleNames.some(roleName => optionsName.includes(roleName))) return false;
+    return true;
+  }
+
+  public checkUserName(name: keyof IUserNameRecord | (keyof IUserNameRecord)[]) {
+    const user = this.bean.passport.currentUser;
+    if (!user || user.anonymous) return false;
+    const userName = user.name as keyof IUserNameRecord;
+    const optionsName = Array.isArray(name) ? name : [name];
+    if (!optionsName.includes(userName)) return false;
+    return true;
+  }
+
+  private async _passportSerialize(passport: IPassport, options?: ISigninOptions) {
+    // serialize
+    const payloadData = await this.passportAdapter.serialize(passport);
+    return await this._handlePayloadData(payloadData, options);
+  }
+
+  private async _handlePayloadData(payloadData: IPayloadData, options?: ISigninOptions) {
+    // auth token
+    const authToken = options?.authToken ?? 'refresh';
+    if (authToken === 'recreate') {
+      return await this.authTokenAdapter.create(payloadData);
+    } else {
+      const payloadData2 = await this.authTokenAdapter.retrieve(payloadData);
+      if (!payloadData2) {
+        return await this.authTokenAdapter.create(payloadData);
+      }
+      if (authToken === 'refresh') {
+        await this.authTokenAdapter.refresh(payloadData2);
+      } else if (authToken === 'nochange') {
+        // do nothing
+      }
+      return payloadData2;
+    }
+  }
+}

package/src/bean/bean.role.ts

@@ -0,0 +1,39 @@
+import type { TableIdentity } from 'table-identity';
+
+import { BeanBase, beanFullNameFromOnionName } from 'vona';
+import { Bean } from 'vona-module-a-bean';
+
+import type { IRole, IRoleAdapter } from '../types/role.ts';
+
+@Bean()
+export class BeanRole extends BeanBase {
+  private _roleAdapter: IRoleAdapter;
+
+  private get roleAdapter(): IRoleAdapter {
+    if (!this._roleAdapter) {
+      const beanFullName = beanFullNameFromOnionName(this.scope.config.adapter.role, 'service');
+      this._roleAdapter = this.bean._getBean(beanFullName) as IRoleAdapter;
+    }
+    return this._roleAdapter;
+  }
+
+  findOneByName(name: string): Promise<IRole | undefined> {
+    return this.roleAdapter.findOneByName(name);
+  }
+
+  findOneById(id: TableIdentity): Promise<IRole | undefined> {
+    return this.roleAdapter.findOne({ id });
+  }
+
+  findOne(role: Partial<IRole>): Promise<IRole | undefined> {
+    return this.roleAdapter.findOne(role);
+  }
+
+  findAllByUserId(userId: TableIdentity): Promise<IRole[] | undefined> {
+    return this.roleAdapter.findAllByUserId(userId);
+  }
+
+  addUserId(id: TableIdentity, userId: TableIdentity): Promise<TableIdentity> {
+    return this.roleAdapter.addUserId(id, userId);
+  }
+}

package/src/bean/bean.user.ts

@@ -0,0 +1,88 @@
+import type { TableIdentity } from 'table-identity';
+
+import { BeanBase, beanFullNameFromOnionName } from 'vona';
+import { Bean } from 'vona-module-a-bean';
+
+import type { IAuthUserProfile } from '../types/authProfile.ts';
+import type { IUser, IUserAdapter } from '../types/user.ts';
+
+@Bean()
+export class BeanUser extends BeanBase {
+  private _userAdapter: IUserAdapter;
+
+  private get userAdapter(): IUserAdapter {
+    if (!this._userAdapter) {
+      const beanFullName = beanFullNameFromOnionName(this.scope.config.adapter.user, 'service');
+      this._userAdapter = this.bean._getBean(beanFullName) as IUserAdapter;
+    }
+    return this._userAdapter;
+  }
+
+  async activate(user: IUser) {
+    await this.scope.event.activate.emit(user, async user => {
+      await this.userAdapter.setActivated(user.id, true);
+    });
+  }
+
+  async register(user: Partial<IUser>, confirmed?: boolean, randomUsername?: boolean): Promise<IUser> {
+    // config.user.autoActivate > confirmed
+    const autoActivate = this.scope.config.user.autoActivate ? true : confirmed;
+    const data = { user, confirmed, autoActivate };
+    return (await this.scope.event.register.emit(data, async data => {
+      let name = data.user.name;
+      if (!name) this.app.throw(403);
+      // check if exists
+      const userCheck = await this.userAdapter.findOneByName(name);
+      if (userCheck) {
+        if (!randomUsername) this.scope.error.UserExists.throw();
+        name = `${name}_${userCheck.id}${Date.now().toString().substring(8)}`;
+      }
+      // user
+      const userData = { ...data.user, name };
+      const userNew = await this.userAdapter.create(userData);
+      if (data.autoActivate) {
+        await this.activate(userNew);
+      }
+      return userNew;
+    })) as IUser;
+  }
+
+  async registerByProfile(profile: IAuthUserProfile, randomUsername?: boolean): Promise<IUser> {
+    const user = await this.userAdapter.userOfProfile(profile);
+    return await this.register(user, profile.confirmed, randomUsername);
+  }
+
+  async createAnonymous(): Promise<IUser> {
+    return (await this.scope.event.createAnonymous.emit(undefined, async () => {
+      return await this.userAdapter.createAnonymous();
+    })) as Promise<IUser>;
+  }
+
+  async findOneByName(name: string): Promise<IUser | undefined> {
+    return this.userAdapter.findOneByName(name);
+  }
+
+  async findOneById(id: TableIdentity): Promise<IUser | undefined> {
+    return this.userAdapter.findOne({ id });
+  }
+
+  async findOne(user: Partial<IUser>): Promise<IUser | undefined> {
+    return this.userAdapter.findOne(user);
+  }
+
+  async updateById(id: TableIdentity, user: Partial<IUser>): Promise<void> {
+    return this.userAdapter.update({ ...user, id });
+  }
+
+  async update(user: Partial<IUser>): Promise<void> {
+    return this.userAdapter.update(user);
+  }
+
+  async removeById(id: TableIdentity): Promise<void> {
+    return this.userAdapter.remove({ id });
+  }
+
+  async remove(user: Partial<IUser>): Promise<void> {
+    return this.userAdapter.remove(user);
+  }
+}

package/src/bean/cacheRedis.authToken.ts

@@ -0,0 +1,10 @@
+import { BeanCacheRedisBase, CacheRedis } from 'vona-module-a-cache';
+
+export type TCacheRedisAuthTokenKey = string;
+export type TCacheRedisAuthTokenData = string;
+
+@CacheRedis({
+  ttl: 30 * 24 * 60 * 60 * 1000,
+  disableTransactionCompensate: true,
+})
+export class CacheRedisAuthToken extends BeanCacheRedisBase<TCacheRedisAuthTokenKey, TCacheRedisAuthTokenData> {}

package/src/bean/event.activate.ts

@@ -0,0 +1,10 @@
+import { BeanEventBase, Event } from 'vona-module-a-event';
+
+import type { IUser } from '../types/user.ts';
+
+export type TypeEventActivateData = IUser;
+
+export type TypeEventActivateResult = void;
+
+@Event()
+export class EventActivate extends BeanEventBase<TypeEventActivateData, TypeEventActivateResult> {}

package/src/bean/event.createAnonymous.ts

@@ -0,0 +1,10 @@
+import { BeanEventBase, Event } from 'vona-module-a-event';
+
+import type { IUser } from '../types/user.ts';
+
+export type TypeEventCreateAnonymousData = undefined;
+
+export type TypeEventCreateAnonymousResult = Partial<IUser>;
+
+@Event()
+export class EventCreateAnonymous extends BeanEventBase<TypeEventCreateAnonymousData, TypeEventCreateAnonymousResult> {}

package/src/bean/event.register.ts

@@ -0,0 +1,14 @@
+import { BeanEventBase, Event } from 'vona-module-a-event';
+
+import type { IUser } from '../types/user.ts';
+
+export interface TypeEventRegisterData {
+  user: Partial<IUser>;
+  confirmed?: boolean;
+  autoActivate?: boolean;
+}
+
+export type TypeEventRegisterResult = Partial<IUser>;
+
+@Event()
+export class EventRegister extends BeanEventBase<TypeEventRegisterData, TypeEventRegisterResult> {}

package/src/bean/event.signin.ts

@@ -0,0 +1,10 @@
+import { BeanEventBase, Event } from 'vona-module-a-event';
+
+import type { IPassport } from '../types/passport.ts';
+
+export type TypeEventSigninData = IPassport;
+
+export type TypeEventSigninResult = void;
+
+@Event()
+export class EventSignin extends BeanEventBase<TypeEventSigninData, TypeEventSigninResult> {}

package/src/bean/event.signout.ts

@@ -0,0 +1,10 @@
+import { BeanEventBase, Event } from 'vona-module-a-event';
+
+import type { IPassport } from '../types/passport.ts';
+
+export type TypeEventSignoutData = IPassport;
+
+export type TypeEventSignoutResult = void;
+
+@Event()
+export class EventSignout extends BeanEventBase<TypeEventSignoutData, TypeEventSignoutResult> {}

package/src/bean/guard.passport.ts

@@ -0,0 +1,53 @@
+import type { Next } from 'vona';
+import type { IDecoratorGuardOptionsGlobal, IGuardExecute } from 'vona-module-a-aspect';
+
+import { catchError } from '@cabloy/utils';
+import { BeanBase, Global } from 'vona';
+import { Guard } from 'vona-module-a-aspect';
+import { checkErrorJwtExpired } from 'vona-module-a-jwt';
+
+export interface IGuardOptionsPassport extends IDecoratorGuardOptionsGlobal {
+  public: boolean;
+  activated?: boolean;
+  checkAuthToken: boolean; // default is true
+}
+
+@Guard<IGuardOptionsPassport>({ public: false, activated: true, checkAuthToken: true })
+@Global()
+export class GuardPassport extends BeanBase implements IGuardExecute {
+  async execute(options: IGuardOptionsPassport, next: Next): Promise<boolean> {
+    // auth token
+    if (!this.bean.passport.current) {
+      if (options.checkAuthToken) {
+        // will return undefined if no accessToken, so not check options.public
+        const [_, err] = await catchError(() => {
+          return this.bean.passport.checkAuthToken();
+        });
+        if (err && !options.public) throw err;
+        // throw error only when ErrorMessageJwtExpired
+        checkErrorJwtExpired(err, this.ctx.headers);
+      }
+    }
+    // check current
+    if (!this.bean.passport.current) {
+      await this.bean.passport.signinWithAnonymous();
+    }
+    if (!options.public && !this.bean.passport.isAuthenticated) {
+      // return false;
+      // 401 for this guard, 403 for the next guards
+      return this.app.throw(401);
+    }
+    if (this.bean.passport.isAuthenticated) {
+      if (options.activated === true && !this.bean.passport.isActivated) {
+        return this.app.throw(403);
+      }
+      if (options.activated === false && this.bean.passport.isActivated) {
+        return this.app.throw(403);
+      }
+    }
+    // check innerAccess
+    if (this.ctx.innerAccess) return true;
+    // next
+    return next();
+  }
+}

package/src/bean/guard.roleName.ts

@@ -0,0 +1,35 @@
+import type { Next } from 'vona';
+import type { IDecoratorGuardOptions, IGuardExecute } from 'vona-module-a-aspect';
+
+import { BeanBase } from 'vona';
+import { Guard } from 'vona-module-a-aspect';
+
+import type { IRoleNameRecord } from '../types/role.ts';
+
+export interface IGuardOptionsRoleName extends IDecoratorGuardOptions {
+  name?: keyof IRoleNameRecord | (keyof IRoleNameRecord)[];
+  passWhenMatched: boolean;
+  rejectWhenDismatched: boolean;
+}
+
+@Guard<IGuardOptionsRoleName>({
+  passWhenMatched: true,
+  rejectWhenDismatched: true,
+})
+export class GuardRoleName extends BeanBase implements IGuardExecute {
+  async execute(options: IGuardOptionsRoleName, next: Next): Promise<boolean> {
+    const result = await this._check(options);
+    if (!result) {
+      if (options.rejectWhenDismatched) return this.app.throw(403);
+    } else {
+      if (options.passWhenMatched) return true;
+    }
+    // next
+    return next();
+  }
+
+  private async _check(options: IGuardOptionsRoleName) {
+    if (!options.name) return false;
+    return this.bean.passport.checkRoleName(options.name);
+  }
+}

package/src/bean/guard.userName.ts

@@ -0,0 +1,35 @@
+import type { Next } from 'vona';
+import type { IDecoratorGuardOptions, IGuardExecute } from 'vona-module-a-aspect';
+
+import { BeanBase } from 'vona';
+import { Guard } from 'vona-module-a-aspect';
+
+import type { IUserNameRecord } from '../types/user.ts';
+
+export interface IGuardOptionsUserName extends IDecoratorGuardOptions {
+  name?: keyof IUserNameRecord | (keyof IUserNameRecord)[];
+  passWhenMatched: boolean;
+  rejectWhenDismatched: boolean;
+}
+
+@Guard<IGuardOptionsUserName>({
+  passWhenMatched: true,
+  rejectWhenDismatched: true,
+})
+export class GuardUserName extends BeanBase implements IGuardExecute {
+  async execute(options: IGuardOptionsUserName, next: Next): Promise<boolean> {
+    const result = await this._check(options);
+    if (!result) {
+      if (options.rejectWhenDismatched) return this.app.throw(403);
+    } else {
+      if (options.passWhenMatched) return true;
+    }
+    // next
+    return next();
+  }
+
+  private async _check(options: IGuardOptionsUserName) {
+    if (!options.name) return false;
+    return this.bean.passport.checkUserName(options.name);
+  }
+}

package/src/bean/meta.printTip.ts

@@ -0,0 +1,18 @@
+import type { IMetaPrintTipExecute, TypeMetaPrintTipResult } from 'vona-module-a-printtip';
+
+import { BeanBase } from 'vona';
+import { Meta } from 'vona-module-a-meta';
+
+@Meta()
+export class MetaPrintTip extends BeanBase implements IMetaPrintTipExecute {
+  async execute(): Promise<TypeMetaPrintTipResult> {
+    if (!this.app.meta.isDev) return;
+    // signin
+    const jwt = await this.bean.passport.signinSystem('dev', '-1');
+    const accessToken = jwt.accessToken;
+    return {
+      title: 'access token [admin] [dev]',
+      message: `Bearer ${accessToken}`,
+    };
+  }
+}

package/src/bean/meta.runtime.ts

@@ -0,0 +1,19 @@
+import type { IMetaRuntimeExecute } from 'vona-module-a-runtime';
+
+import { BeanBase } from 'vona';
+import { Meta } from 'vona-module-a-meta';
+
+export type TypeMetaRuntimeResult = { accessToken?: string } | undefined;
+
+@Meta()
+export class MetaRuntime extends BeanBase implements IMetaRuntimeExecute {
+  async execute(): Promise<TypeMetaRuntimeResult> {
+    if (this.app.meta.isProd) return;
+    // signin
+    const jwt = await this.bean.passport.signinSystem('dev', '-1');
+    const accessToken = jwt.accessToken;
+    return {
+      accessToken,
+    };
+  }
+}

package/src/config/config.ts

@@ -0,0 +1,28 @@
+import type { VonaApplication } from 'vona';
+import type { IServiceRecord } from 'vona-module-a-bean';
+
+import type { TypeAuthToken } from '../types/auth.ts';
+
+export function config(_app: VonaApplication) {
+  return {
+    user: {
+      autoActivate: false,
+    },
+    passport: {
+      refreshAuthToken: 'recreate' as TypeAuthToken,
+    },
+    adapter: {
+      authToken: 'a-user:authTokenAdapter' as keyof IServiceRecord,
+      passport: 'home-user:passportAdapter' as keyof IServiceRecord,
+      user: 'home-user:userAdapter' as keyof IServiceRecord,
+      role: 'home-user:roleAdapter' as keyof IServiceRecord,
+    },
+    payloadData: {
+      fields: {
+        authId: 'authId',
+        userId: 'userId',
+        token: 'token',
+      },
+    },
+  };
+}

package/src/config/errors.ts

@@ -0,0 +1,3 @@
+export const errors = {
+  UserExists: 1001,
+} as const;

package/src/config/locale/en-us.ts

@@ -0,0 +1,3 @@
+export default {
+  UserExists: 'User Exists',
+};

package/src/config/locale/zh-cn.ts

@@ -0,0 +1,3 @@
+export default {
+  UserExists: '用户已存在',
+};

package/src/index.ts

@@ -0,0 +1,4 @@
+export * from './.metadata/index.ts';
+export * from './.metadata/locales.ts';
+export * from './lib/index.ts';
+export * from './types/index.ts';

package/src/lib/auth.ts

@@ -0,0 +1,7 @@
+import type { TableIdentity } from 'table-identity';
+
+import type { IAuthIdRecord } from '../types/auth.ts';
+
+export function $getAuthIdSystem<K extends keyof IAuthIdRecord>(_authName: IAuthIdRecord[K], authId: K): TableIdentity {
+  return authId;
+}

package/src/lib/index.ts

@@ -0,0 +1,3 @@
+export * from './auth.ts';
+export * from './passport.ts';
+export * from './user.ts';