Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@adonisjs/auth

Package Overview
Dependencies
Maintainers
2
Versions
87
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@adonisjs/auth - npm Package Compare versions

Comparing version 4.1.5 to 4.2.0

build/src/Guards/Base/index.d.ts
build/src/Guards/Base/index.js
build/src/Guards/Oat/index.d.ts
build/src/Guards/Oat/index.js
build/src/TokenProviders/Database/index.d.ts
build/src/TokenProviders/Database/index.js
build/src/Tokens/OpaqueToken/index.d.ts
build/src/Tokens/OpaqueToken/index.js
build/src/Tokens/ProviderToken/index.d.ts
build/src/Tokens/ProviderToken/index.js
build/src/UserProviders/Database/index.d.ts
build/src/UserProviders/Database/index.js
build/src/UserProviders/Database/User.d.ts
build/src/UserProviders/Database/User.js
build/src/UserProviders/Lucid/index.d.ts
build/src/UserProviders/Lucid/index.js
build/src/UserProviders/Lucid/User.d.ts
build/src/UserProviders/Lucid/User.js
build/templates/config/partials/api-guard.txt
build/templates/contract/partials/api-guard.txt
build/templates/migrations/api_tokens.txt

182

build/adonis-typings/auth.d.ts
declare module '@ioc:Adonis/Addons/Auth' {
import { DateTime } from 'luxon';
import { IocContract } from '@adonisjs/fold';

@@ -30,3 +31,3 @@ import { HashersList } from '@ioc:Adonis/Core/Hash';

*/
export interface ProviderContract<User extends any> {
export interface UserProviderContract<User extends any> {
/**

@@ -54,2 +55,65 @@ * Return an instance of the user wrapped inside the Provider user contract

/**
* Shape of the token sent to/read from the tokens provider
*/
export interface ProviderTokenContract {
/**
* Persisted token value. It is a sha256 hash
*/
tokenHash: string;
/**
* Token name
*/
name: string;
/**
* Token type
*/
type: string;
/**
* UserId for which the token was saved
*/
userId: string | number;
/**
* Expiry date
*/
expiresAt?: DateTime;
/**
* All other token details
*/
meta?: any;
}
/**
* Token providers provides the API to create/fetch and delete tokens
* for a given user. Any token based implementation can use token
* providers, given they only store a single token.
*/
export interface TokenProviderContract {
/**
* Saves the token to some persistance storage and returns an lookup
* id. We introduced the concept of lookup ids, since lookups by
* cryptographic tokens can have performance impacts on certain
* databases.
*
* Also note that the return lookup id is also prepended to the raw
* token, so that we can later extract the id for reads. The
* real message is to keep the lookup ids small.
*/
write(token: ProviderTokenContract): Promise<string>;
/**
* Find token using the lookup id or the token value
*/
read(lookupId: string, token: string, type: string): Promise<ProviderTokenContract | null>;
/**
* Delete token using the lookup id or the token value
*/
destroy(lookupId: string, token: string, type: string): Promise<void>;
}
/**
* Config for the database token provider
*/
export type DatabaseTokenProviderConfig = {
driver: 'database';
table: string;
connection?: string;
};
/**
* The shape of the user model accepted by the Lucid provider. The model

@@ -73,3 +137,3 @@ * must have `password` and `rememberMeToken` attributes.

*/
export interface LucidProviderContract<User extends LucidProviderModel> extends ProviderContract<InstanceType<User>> {
export interface LucidProviderContract<User extends LucidProviderModel> extends UserProviderContract<InstanceType<User>> {
/**

@@ -118,3 +182,3 @@ * Define a custom connection for all the provider queries

*/
export interface DatabaseProviderContract<User extends DatabaseProviderRow> extends ProviderContract<User> {
export interface DatabaseProviderContract<User extends DatabaseProviderRow> extends UserProviderContract<User> {
/**

@@ -264,2 +328,110 @@ * Define a custom connection for all the provider queries

/**
* Opaque token is generated during the login call by the OpaqueTokensGuard
*/
export interface OpaqueTokenContract<User extends any> {
/**
* Always a bearer token
*/
type: 'bearer';
/**
* The user for which the token was generated
*/
user: User;
/**
* Date/time when the token will be expired
*/
expiresAt?: DateTime;
/**
* Time in seconds until the token is valid
*/
expiresIn?: number;
/**
* Any meta-data attached with the token
*/
meta: any;
/**
* Token name
*/
name: string;
/**
* Token public value
*/
token: string;
/**
* Token hash (persisted to the db as well)
*/
tokenHash: string;
/**
* Serialize token
*/
toJSON(): {
type: 'bearer';
token: string;
expires_at?: string;
expires_in?: number;
};
}
/**
* Login options
*/
export type OATLoginOptions = {
name?: string;
expiresIn?: number | string;
} & {
[key: string]: any;
};
/**
* Shape of data emitted by the login event
*/
export type OATLoginEventData<Provider extends keyof ProvidersList> = {
name: string;
user: GetProviderRealUser<Provider>;
ctx: HttpContextContract;
token: OpaqueTokenContract<GetProviderRealUser<Provider>>;
};
/**
* Shape of the data emitted by the authenticate event
*/
export type OATAuthenticateEventData<Provider extends keyof ProvidersList> = {
name: string;
user: GetProviderRealUser<Provider>;
ctx: HttpContextContract;
token: ProviderTokenContract;
};
/**
* Shape of the OAT guard
*/
export interface OATGuardContract<Provider extends keyof ProvidersList, Name extends keyof GuardsList> extends GuardContract<Provider, Name> {
token?: ProviderTokenContract;
/**
* Attempt to verify user credentials and perform login
*/
attempt(uid: string, password: string, options?: OATLoginOptions): Promise<OpaqueTokenContract<GetProviderRealUser<Provider>>>;
/**
* Login a user without any verification
*/
login(user: GetProviderRealUser<Provider>, options?: OATLoginOptions): Promise<OpaqueTokenContract<GetProviderRealUser<Provider>>>;
/**
* Login a user using their id
*/
loginViaId(id: string | number, options?: OATLoginOptions): Promise<OpaqueTokenContract<GetProviderRealUser<Provider>>>;
}
/**
* Shape of OAT guard config.
*/
export type OATGuardConfig<Provider extends keyof ProvidersList> = {
/**
* Driver name is always constant
*/
driver: 'oat';
/**
* Provider for managing tokens
*/
tokenProvider: DatabaseTokenProviderConfig;
/**
* User provider
*/
provider: ProvidersList[Provider]['config'];
};
/**
* List of providers mappings used by the app. Using declaration

@@ -324,7 +496,7 @@ * merging, one must extend this interface.

*/
export type ExtendProviderCallback = (container: IocContract, config: any) => ProviderContract<any>;
export type ExtendProviderCallback = (container: IocContract, config: any) => UserProviderContract<any>;
/**
* Shape of the callback accepted to add new guards
*/
export type ExtendGuardCallback = (container: IocContract, mapping: string, config: any, provider: ProviderContract<any>, ctx: HttpContextContract) => GuardContract<keyof ProvidersList, keyof GuardsList>;
export type ExtendGuardCallback = (container: IocContract, mapping: string, config: any, provider: UserProviderContract<any>, ctx: HttpContextContract) => GuardContract<keyof ProvidersList, keyof GuardsList>;
/**

@@ -331,0 +503,0 @@ * Shape of the auth manager to register custom drivers and providers and

121

build/instructions.js

@@ -10,2 +10,21 @@ "use strict";

*/
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
__setModuleDefault(result, mod);
return result;
};
var __importDefault = (this && this.__importDefault) || function (mod) {

@@ -18,3 +37,5 @@ return (mod && mod.__esModule) ? mod : { "default": mod };

const utils_1 = require("@poppinss/utils");
const MIGRATION_TIME_PREFIX = '1587988332388';
const sinkStatic = __importStar(require("@adonisjs/sink"));
const USER_MIGRATION_TIME_PREFIX = '1587988332388';
const TOKENS_MIGRATION_TIME_PREFIX = '1592489784670';
/**

@@ -52,2 +73,7 @@ * Base path to contract stub partials

},
{
name: 'api',
message: 'API tokens',
hint: ' (Uses database backed opaque tokens)',
},
];

@@ -78,5 +104,5 @@ /**

*/
function makeMigration(projectRoot, app, sink, state) {
function makeUsersMigration(projectRoot, app, sink, state) {
const migrationsDirectory = app.directoriesMap.get('migrations') || 'database';
const migrationPath = path_1.join(migrationsDirectory, `${MIGRATION_TIME_PREFIX}_${state.tableName}.ts`);
const migrationPath = path_1.join(migrationsDirectory, `${USER_MIGRATION_TIME_PREFIX}_${state.usersTableName}.ts`);
const template = new sink.files.MustacheFile(projectRoot, migrationPath, getStub('migrations/auth.txt'));

@@ -91,2 +117,16 @@ if (template.exists()) {

/**
* Create the migration file
*/
function makeTokensMigration(projectRoot, app, sink, state) {
const migrationsDirectory = app.directoriesMap.get('migrations') || 'database';
const migrationPath = path_1.join(migrationsDirectory, `${TOKENS_MIGRATION_TIME_PREFIX}_${state.tokensTableName}.ts`);
const template = new sink.files.MustacheFile(projectRoot, migrationPath, getStub('migrations/api_tokens.txt'));
if (template.exists()) {
sink.logger.skip(`${migrationPath} file already exists`);
return;
}
template.apply(state).commit();
sink.logger.create(migrationPath);
}
/**
* Create the middleware(s)

@@ -129,9 +169,9 @@ */

template.overwrite = true;
template
.apply(state)
.partials({
guard: getStub(CONTRACTS_PARTIALS_BASE, `${state.guard}-guard.txt`),
const partials = {
provider: getStub(CONTRACTS_PARTIALS_BASE, `user-provider-${state.provider}.txt`),
})
.commit();
};
state.guards.forEach((guard) => {
partials[`${guard}_guard`] = getStub(CONTRACTS_PARTIALS_BASE, `${guard}-guard.txt`);
});
template.apply(state).partials(partials).commit();
sink.logger.create(contractPath);

@@ -147,9 +187,9 @@ }

template.overwrite = true;
template
.apply(state)
.partials({
guard: getStub(CONFIG_PARTIALS_BASE, `${state.guard}-guard.txt`),
const partials = {
provider: getStub(CONFIG_PARTIALS_BASE, `user-provider-${state.provider}.txt`),
})
.commit();
};
state.guards.forEach((guard) => {
partials[`${guard}_guard`] = getStub(CONFIG_PARTIALS_BASE, `${guard}-guard.txt`);
});
template.apply(state).partials(partials).commit();
sink.logger.create(configPath);

@@ -171,3 +211,3 @@ }

.getPrompt()
.choice('Select authentication guard', GUARD_PROMPT_CHOICES);
.multiple('Select authentication guard', GUARD_PROMPT_CHOICES);
}

@@ -207,10 +247,20 @@ /**

const state = {
tableName: '',
schemaName: '',
usersTableName: '',
tokensTableName: 'api_tokens',
tokensSchemaName: 'ApiTokens',
usersSchemaName: '',
provider: 'lucid',
guard: 'web',
guards: [],
hasGuard: {
web: false,
api: false,
},
};
state.provider = await getProvider(sink);
state.guard = await getGuard(sink);
state.guards = await getGuard(sink);
/**
* Need booleans for mustache templates
*/
state.guards.forEach((guard) => state.hasGuard[guard] = true);
/**
* Make model when provider is lucid otherwise prompt for the database

@@ -222,3 +272,3 @@ * table name

state.modelName = modelName.replace(/(\.ts|\.js)$/, '');
state.tableName = pluralize_1.default(utils_1.lodash.snakeCase(state.modelName));
state.usersTableName = pluralize_1.default(utils_1.lodash.snakeCase(state.modelName));
state.modelReference = utils_1.lodash.camelCase(state.modelName);

@@ -228,10 +278,17 @@ state.modelNamespace = `${app.namespacesMap.get('models') || 'App/Models'}/${state.modelName}`;

else {
state.tableName = await getTableName(sink);
state.usersTableName = await getTableName(sink);
}
const migrationConstent = await getMigrationConsent(sink, state.tableName);
const usersMigrationConsent = await getMigrationConsent(sink, state.usersTableName);
let tokensMigrationConsent = false;
/**
* Only ask for the consent when using the api guard
*/
if (state.hasGuard.api) {
tokensMigrationConsent = await getMigrationConsent(sink, state.tokensTableName);
}
/**
* Pascal case
*/
const camelCaseSchemaName = utils_1.lodash.camelCase(`${state.tableName}_schema`);
state.schemaName = `${camelCaseSchemaName.charAt(0).toUpperCase()}${camelCaseSchemaName.slice(1)}`;
const camelCaseSchemaName = utils_1.lodash.camelCase(`${state.usersTableName}_schema`);
state.usersSchemaName = `${camelCaseSchemaName.charAt(0).toUpperCase()}${camelCaseSchemaName.slice(1)}`;
/**

@@ -244,8 +301,14 @@ * Make model when prompted for it

/**
* Make migration file
* Make users migration file
*/
if (migrationConstent) {
makeMigration(projectRoot, app, sink, state);
if (usersMigrationConsent) {
makeUsersMigration(projectRoot, app, sink, state);
}
/**
* Make tokens migration file
*/
if (tokensMigrationConsent) {
makeTokensMigration(projectRoot, app, sink, state);
}
/**
* Make contract file

@@ -264,1 +327,3 @@ */

exports.default = instructions;
const standalone_1 = require("@adonisjs/application/build/standalone");
instructions(path_1.join(__dirname, 'sample'), new standalone_1.Application(path_1.join(__dirname, 'sample'), {}, {}, {}), sinkStatic).catch(console.log);

22

build/src/AuthManager/index.d.ts
import { IocContract } from '@adonisjs/fold';
import { AuthConfig, GuardsList, AuthManagerContract, ExtendGuardCallback, ExtendProviderCallback } from '@ioc:Adonis/Addons/Auth';
import { AuthConfig, GuardsList, AuthManagerContract, ExtendGuardCallback, UserProviderContract, ExtendProviderCallback } from '@ioc:Adonis/Addons/Auth';
import { HttpContextContract } from '@ioc:Adonis/Core/HttpContext';

@@ -22,3 +22,3 @@ /**

*/
defaultGuard: "session" | "sessionDb";
defaultGuard: "api" | "session" | "sessionDb";
constructor(container: IocContract, config: AuthConfig);

@@ -42,5 +42,5 @@ /**

/**
* Makes instance of a provider based upon the driver value
* Lazily makes an instance of the token database provider
*/
private makeProviderInstance;
private makeTokenDatabaseProvider;
/**

@@ -51,2 +51,6 @@ * Returns an instance of the session guard

/**
* Returns an instance of the session guard
*/
private makeOatGuard;
/**
* Returns an instance of the extended guard

@@ -56,6 +60,14 @@ */

/**
* Makes instance of a provider based upon the driver value
*/
makeUserProviderInstance(providerConfig: any): any;
/**
* Makes instance of a provider based upon the driver value
*/
makeTokenProviderInstance(providerConfig: any): any;
/**
* Makes guard instance for the defined driver inside the
* mapping config.
*/
private makeGuardInstance;
makeGuardInstance(mapping: string, mappingConfig: any, provider: UserProviderContract<any>, ctx: HttpContextContract): any;
/**

@@ -62,0 +74,0 @@ * Make an instance of a given mapping for the current HTTP request.

63

build/src/AuthManager/index.js

@@ -52,3 +52,3 @@ "use strict";

makeLucidProvider(config) {
return new (require('../Providers/Lucid').LucidProvider)(this.container, config);
return new (require('../UserProviders/Lucid').LucidProvider)(this.container, config);
}

@@ -60,3 +60,3 @@ /**

const Database = this.container.use('Adonis/Lucid/Database');
return new (require('../Providers/Database').DatabaseProvider)(this.container, config, Database);
return new (require('../UserProviders/Database').DatabaseProvider)(this.container, config, Database);
}

@@ -74,16 +74,7 @@ /**

/**
* Makes instance of a provider based upon the driver value
* Lazily makes an instance of the token database provider
*/
makeProviderInstance(providerConfig) {
if (!providerConfig || !providerConfig.driver) {
throw new utils_1.Exception('Invalid auth config, missing "provider" or "provider.driver" property');
}
switch (providerConfig.driver) {
case 'lucid':
return this.makeLucidProvider(providerConfig);
case 'database':
return this.makeDatabaseProvider(providerConfig);
default:
return this.makeExtendedProvider(providerConfig);
}
makeTokenDatabaseProvider(config) {
const Database = this.container.use('Adonis/Lucid/Database');
return new (require('../TokenProviders/Database').TokenDatabaseProvider)(config, Database);
}

@@ -98,2 +89,10 @@ /**

/**
* Returns an instance of the session guard
*/
makeOatGuard(mapping, config, provider, ctx) {
const { OATGuard } = require('../Guards/Oat');
const tokenProvider = this.makeTokenProviderInstance(config.tokenProvider);
return new OATGuard(mapping, config, this.getEmitter(), provider, ctx, tokenProvider);
}
/**
* Returns an instance of the extended guard

@@ -109,2 +108,32 @@ */

/**
* Makes instance of a provider based upon the driver value
*/
makeUserProviderInstance(providerConfig) {
if (!providerConfig || !providerConfig.driver) {
throw new utils_1.Exception('Invalid auth config, missing "provider" or "provider.driver" property');
}
switch (providerConfig.driver) {
case 'lucid':
return this.makeLucidProvider(providerConfig);
case 'database':
return this.makeDatabaseProvider(providerConfig);
default:
return this.makeExtendedProvider(providerConfig);
}
}
/**
* Makes instance of a provider based upon the driver value
*/
makeTokenProviderInstance(providerConfig) {
if (!providerConfig || !providerConfig.driver) {
throw new utils_1.Exception('Invalid auth config, missing "tokenProvider" or "tokenProvider.driver" property');
}
switch (providerConfig.driver) {
case 'database':
return this.makeTokenDatabaseProvider(providerConfig);
default:
throw new utils_1.Exception(`Invalid token provider "${providerConfig.driver}"`);
}
}
/**
* Makes guard instance for the defined driver inside the

@@ -120,2 +149,4 @@ * mapping config.

return this.makeSessionGuard(mapping, mappingConfig, provider, ctx);
case 'oat':
return this.makeOatGuard(mapping, mappingConfig, provider, ctx);
default:

@@ -130,3 +161,3 @@ return this.makeExtendedGuard(mapping, mappingConfig, provider, ctx);

const mappingConfig = this.config.list[mapping];
const provider = this.makeProviderInstance(mappingConfig.provider);
const provider = this.makeUserProviderInstance(mappingConfig.provider);
return this.makeGuardInstance(mapping, mappingConfig, provider, ctx);

@@ -133,0 +164,0 @@ }

12

build/src/Exceptions/AuthenticationException.d.ts

@@ -14,6 +14,2 @@ import { Exception } from '@poppinss/utils';

/**
* Missing session or unable to lookup user from session
*/
static invalidSession(guard: string): AuthenticationException;
/**
* Send response as an array of errors

@@ -31,2 +27,10 @@ */

/**
* Missing session or unable to lookup user from session
*/
static invalidSession(guard: string): AuthenticationException;
/**
* Missing/Invalid token or unable to lookup user from the token
*/
static invalidToken(guard: string): AuthenticationException;
/**
* Self handle exception and attempt to make the best response based

@@ -33,0 +37,0 @@ * upon the type of request

24

build/src/Exceptions/AuthenticationException.js

@@ -28,10 +28,2 @@ "use strict";

/**
* Missing session or unable to lookup user from session
*/
static invalidSession(guard) {
const error = new this('Invalid session', 'E_INVALID_AUTH_SESSION');
error.guard = guard;
return error;
}
/**
* Send response as an array of errors

@@ -72,2 +64,18 @@ */

/**
* Missing session or unable to lookup user from session
*/
static invalidSession(guard) {
const error = new this('Invalid session', 'E_INVALID_AUTH_SESSION');
error.guard = guard;
return error;
}
/**
* Missing/Invalid token or unable to lookup user from the token
*/
static invalidToken(guard) {
const error = new this('Invalid API Token', 'E_INVALID_API_TOKEN');
error.guard = guard;
return error;
}
/**
* Self handle exception and attempt to make the best response based

@@ -74,0 +82,0 @@ * upon the type of request

61

build/src/Guards/Session/index.d.ts
/// <reference types="@adonisjs/events/build/adonis-typings/events" />
import { EmitterContract } from '@ioc:Adonis/Core/Event';
import { HttpContextContract } from '@ioc:Adonis/Core/HttpContext';
import { ProviderContract, SessionGuardConfig, SessionGuardContract } from '@ioc:Adonis/Addons/Auth';
import { UserProviderContract, SessionGuardConfig, SessionGuardContract } from '@ioc:Adonis/Addons/Auth';
import { BaseGuard } from '../Base';
/**

@@ -9,9 +10,9 @@ * Session guard enables user login using sessions. Also it allows for

*/
export declare class SessionGuard implements SessionGuardContract<any, any> {
export declare class SessionGuard extends BaseGuard implements SessionGuardContract<any, any> {
name: string;
private config;
private emitter;
provider: ProviderContract<any>;
provider: UserProviderContract<any>;
private ctx;
constructor(name: string, config: SessionGuardConfig<any>, emitter: EmitterContract, provider: ProviderContract<any>, ctx: HttpContextContract);
constructor(name: string, config: SessionGuardConfig<any>, emitter: EmitterContract, provider: UserProviderContract<any>, ctx: HttpContextContract);
/**

@@ -22,25 +23,2 @@ * Number of years for the remember me token expiry

/**
* Whether or not the authentication has been attempted
* for the current request
*/
authenticationAttempted: boolean;
/**
* Find if the user has been logged out in the current request
*/
isLoggedOut: boolean;
/**
* A boolean to know if user is retrieved by authenticating
* the current request or not
*/
isAuthenticated: boolean;
/**
* A boolean to know if user is loggedin via remember me token
* or not.
*/
viaRemember: boolean;
/**
* Logged in or authenticated user
*/
user?: any;
/**
* The name of the session key name

@@ -54,11 +32,2 @@ */

/**
* Accessor to know if user is logged in
*/
get isLoggedIn(): boolean;
/**
* Accessor to know if user is a guest. It is always opposite
* of [[isLoggedIn]]
*/
get isGuest(): boolean;
/**
* Set the user id inside the session. Also forces the session module

@@ -81,10 +50,2 @@ * to re-generate the session id

/**
* Marks the user as logged out
*/
private markUserAsLoggedOut;
/**
* Marks user as logged-in
*/
private markUserAsLoggedIn;
/**
* Clears user session and remember me cookie

@@ -112,10 +73,2 @@ */

/**
* Lookup user using UID
*/
private lookupUsingUid;
/**
* Verify user password
*/
private verifyPassword;
/**
* Returns the user id for the current HTTP request

@@ -143,6 +96,2 @@ */

/**
* Verifies user credentials
*/
verifyCredentials(uid: string, password: string): Promise<any>;
/**
* Verify user credentials and perform login

@@ -149,0 +98,0 @@ */

101

build/src/Guards/Session/index.js

@@ -13,4 +13,4 @@ "use strict";

const utils_1 = require("@poppinss/utils");
const Base_1 = require("../Base");
const AuthenticationException_1 = require("../../Exceptions/AuthenticationException");
const InvalidCredentialsException_1 = require("../../Exceptions/InvalidCredentialsException");
/**

@@ -20,4 +20,5 @@ * Session guard enables user login using sessions. Also it allows for

*/
class SessionGuard {
class SessionGuard extends Base_1.BaseGuard {
constructor(name, config, emitter, provider, ctx) {
super(name, provider);
this.name = name;

@@ -32,21 +33,2 @@ this.config = config;

this.rememberMeTokenExpiry = '5y';
/**
* Whether or not the authentication has been attempted
* for the current request
*/
this.authenticationAttempted = false;
/**
* Find if the user has been logged out in the current request
*/
this.isLoggedOut = false;
/**
* A boolean to know if user is retrieved by authenticating
* the current request or not
*/
this.isAuthenticated = false;
/**
* A boolean to know if user is loggedin via remember me token
* or not.
*/
this.viaRemember = false;
}

@@ -66,15 +48,2 @@ /**

/**
* Accessor to know if user is logged in
*/
get isLoggedIn() {
return !!this.user;
}
/**
* Accessor to know if user is a guest. It is always opposite
* of [[isLoggedIn]]
*/
get isGuest() {
return !this.isLoggedIn;
}
/**
* Set the user id inside the session. Also forces the session module

@@ -113,20 +82,2 @@ * to re-generate the session id

/**
* Marks the user as logged out
*/
markUserAsLoggedOut() {
this.isLoggedOut = true;
this.isAuthenticated = false;
this.viaRemember = false;
this.user = null;
}
/**
* Marks user as logged-in
*/
markUserAsLoggedIn(user, authenticated, viaRemember) {
this.user = user;
this.isLoggedOut = false;
authenticated && (this.isAuthenticated = true);
viaRemember && (this.viaRemember = true);
}
/**
* Clears user session and remember me cookie

@@ -171,24 +122,2 @@ */

/**
* Lookup user using UID
*/
async lookupUsingUid(uid) {
const providerUser = await this.provider.findByUid(uid);
if (!providerUser.user) {
throw InvalidCredentialsException_1.InvalidCredentialsException.invalidUid(this.name);
}
return providerUser;
}
/**
* Verify user password
*/
async verifyPassword(providerUser, password) {
/**
* Verify password or raise exception
*/
const verified = await providerUser.verifyPassword(password);
if (!verified) {
throw InvalidCredentialsException_1.InvalidCredentialsException.invalidPassword(this.name);
}
}
/**
* Returns the user id for the current HTTP request

@@ -244,13 +173,2 @@ */

/**
* Verifies user credentials
*/
async verifyCredentials(uid, password) {
if (!uid || !password) {
throw InvalidCredentialsException_1.InvalidCredentialsException.invalidUid(this.name);
}
const providerUser = await this.lookupUsingUid(uid);
await this.verifyPassword(providerUser, password);
return providerUser.user;
}
/**
* Verify user credentials and perform login

@@ -267,6 +185,3 @@ */

async loginViaId(id, remember) {
const providerUser = await this.provider.findById(id);
if (!providerUser.user) {
throw InvalidCredentialsException_1.InvalidCredentialsException.invalidUid(this.name);
}
const providerUser = await this.findById(id);
await this.login(providerUser.user, remember);

@@ -284,10 +199,8 @@ return providerUser.user;

*/
const providerUser = this.provider.getUserFor(user);
const providerUser = this.getUserForLogin(user, this.config.provider.identifierKey);
/**
* Ensure id exists on the user
* getUserForLogin raises exception when id is missing, so we can
* safely assume it is defined
*/
const id = providerUser.getId();
if (!id) {
throw new utils_1.Exception(`Cannot login user. Value of "${this.config.provider.identifierKey}" is not defined`);
}
/**

@@ -294,0 +207,0 @@ * Set session

19

build/templates/config/auth.txt
/**
* Config source: https://git.io/JvyKy
*
* Feel free to let us know via PR, if you find something broken in this config
* file.
*/
* Config source: https://git.io/JvyKy
*
* Feel free to let us know via PR, if you find something broken in this config
* file.
*/

@@ -23,5 +23,10 @@ {{#modelNamespace}}

const authConfig: AuthConfig = {
guard: 'web',
guard: '{{ guards.0 }}',
list: {
{{> guard}}
{{#hasGuard.web}}
{{> web_guard}}
{{/hasGuard.web}}
{{#hasGuard.api}}
{{> api_guard}}
{{/hasGuard.api}}
},

@@ -28,0 +33,0 @@ }

9

build/templates/contract/auth.txt

@@ -40,3 +40,3 @@ /**

| - JwtGuardContract
| - ApiTokensGuardContract
| - OATGuardContract ( Opaque access token )
|

@@ -47,4 +47,9 @@ | Every guard needs a provider for looking up users from the database.

interface GuardsList {
{{> guard}}
{{#hasGuard.web}}
{{> web_guard}}
{{/hasGuard.web}}
{{#hasGuard.api}}
{{> api_guard}}
{{/hasGuard.api}}
}
}

4

build/templates/migrations/auth.txt
import BaseSchema from '@ioc:Adonis/Lucid/Schema'
export default class {{ schemaName }} extends BaseSchema {
protected tableName = '{{ tableName }}'
export default class {{ usersSchemaName }} extends BaseSchema {
protected tableName = '{{ usersTableName }}'

@@ -6,0 +6,0 @@ public async up () {

44

package.json
{
"name": "@adonisjs/auth",
"version": "4.1.5",
"version": "4.2.0",
"description": "Offical authentication provider for Adonis framework",

@@ -46,34 +46,36 @@ "types": "build/adonis-typings/index.d.ts",

"devDependencies": {
"@adonisjs/core": "^5.0.0-preview-rc-1.6",
"@adonisjs/encryption": "^2.0.3",
"@adonisjs/events": "^2.0.2",
"@adonisjs/core": "^5.0.0-preview-rc-1.7",
"@adonisjs/encryption": "^2.0.4",
"@adonisjs/events": "^2.0.3",
"@adonisjs/fold": "^6.3.5",
"@adonisjs/hash": "^3.1.0",
"@adonisjs/hash": "^3.1.1",
"@adonisjs/lucid": "^8.1.1",
"@adonisjs/mrm-preset": "^2.3.0",
"@adonisjs/profiler": "^3.0.3",
"@adonisjs/session": "^3.0.3",
"@adonisjs/profiler": "^3.0.4",
"@adonisjs/session": "^3.0.4",
"@adonisjs/sink": "^3.0.2",
"@phc/bcrypt": "^1.0.2",
"@poppinss/dev-utils": "^1.0.6",
"@types/node": "^14.0.1",
"commitizen": "^4.0.4",
"copyfiles": "^2.2.0",
"@types/ms": "^0.7.31",
"@types/node": "^14.0.13",
"@types/supertest": "^2.0.9",
"commitizen": "^4.1.2",
"copyfiles": "^2.3.0",
"cz-conventional-changelog": "^3.2.0",
"del-cli": "^3.0.0",
"del-cli": "^3.0.1",
"doctoc": "^1.4.0",
"eslint": "^7.0.0",
"eslint": "^7.3.0",
"eslint-plugin-adonis": "^1.0.10",
"husky": "^4.2.5",
"japa": "^3.0.1",
"mrm": "^2.3.0",
"np": "^5.2.1",
"japa": "^3.1.1",
"mrm": "^2.3.3",
"np": "^6.2.4",
"pino-pretty": "^4.0.0",
"reflect-metadata": "^0.1.13",
"set-cookie-parser": "^2.4.5",
"set-cookie-parser": "^2.4.6",
"sqlite3": "^4.2.0",
"supertest": "^4.0.2",
"ts-essentials": "^6.0.5",
"ts-node": "^8.10.1",
"typescript": "^3.9.2"
"ts-essentials": "^7.0.0",
"ts-node": "^8.10.2",
"typescript": "^3.9.5"
},

@@ -105,4 +107,6 @@ "nyc": {

"@poppinss/hooks": "^1.0.5",
"@poppinss/utils": "^2.2.6",
"@poppinss/utils": "^2.2.7",
"array-to-sentence": "^2.0.0",
"hashids": "^2.2.1",
"luxon": "^1.24.1",
"pluralize": "^8.0.0"

@@ -109,0 +113,0 @@ },

build/src/Providers/Database/index.d.ts
build/src/Providers/Database/index.js
build/src/Providers/Database/User.d.ts
build/src/Providers/Database/User.js
build/src/Providers/Lucid/index.d.ts
build/src/Providers/Lucid/index.js
build/src/Providers/Lucid/User.d.ts
build/src/Providers/Lucid/User.js
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc