@furystack/security
Advanced tools
@furystack/security - npm Package Compare versions
Comparing version 3.0.9 to 3.0.10
@@ -9,7 +9,5 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { | ||
| import { randomBytes, pbkdf2 } from 'crypto'; | ||
| export let CryptoPasswordHasher = class CryptoPasswordHasher { | ||
| constructor() { | ||
| this.iterations = 1000; | ||
| this.keylen = 64; | ||
| } | ||
| let CryptoPasswordHasher = class CryptoPasswordHasher { | ||
| iterations = 1000; | ||
| keylen = 64; | ||
| async verifyCredential(password, { passwordHash, salt }) { | ||
@@ -41,2 +39,3 @@ const newHash = await new Promise((resolve, reject) => pbkdf2(password, salt, this.iterations, this.keylen, 'sha512', (err, key) => err ? reject(err) : resolve(key.toString('hex')))); | ||
| ], CryptoPasswordHasher); | ||
| export { CryptoPasswordHasher }; | ||
| //# sourceMappingURL=crypto-password-hasher.js.map |
| export class PasswordComplexityError extends Error { | ||
| result; | ||
| /** | ||
@@ -3,0 +4,0 @@ * @param result A detailed error result array |
@@ -5,3 +5,19 @@ /** | ||
| export class PasswordCredential { | ||
| /** | ||
| * The unique name of the user | ||
| */ | ||
| userName; | ||
| /** | ||
| * The hashed password value | ||
| */ | ||
| passwordHash; | ||
| /** | ||
| * Salt value for password hashing // TODO | ||
| */ | ||
| salt; | ||
| /** | ||
| * The Creation date in ISO String format | ||
| */ | ||
| creationDate; | ||
| } | ||
| //# sourceMappingURL=password-credential.js.map |
| export class PasswordResetToken { | ||
| /** | ||
| * The related user name | ||
| */ | ||
| userName; | ||
| /** | ||
| * The Token value - should be some kind of generated UUID that can be included e.g. in URLs | ||
| */ | ||
| token; | ||
| /** | ||
| * The creation date in an ISO datetime format | ||
| */ | ||
| createdAt; | ||
| } | ||
| //# sourceMappingURL=password-reset-token.js.map |
@@ -16,8 +16,6 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { | ||
| import { PasswordComplexityError } from './errors/password-complexity-error.js'; | ||
| export let PasswordAuthenticator = class PasswordAuthenticator { | ||
| constructor() { | ||
| this.getPasswordStore = () => this.injector.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName'); | ||
| this.getTokenStore = () => this.injector.getInstance(StoreManager).getStoreFor(PasswordResetToken, 'token'); | ||
| this.getHasher = () => this.injector.getInstance(this.policyManager.policy.hasher); | ||
| } | ||
| let PasswordAuthenticator = class PasswordAuthenticator { | ||
| getPasswordStore = () => this.injector.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName'); | ||
| getTokenStore = () => this.injector.getInstance(StoreManager).getStoreFor(PasswordResetToken, 'token'); | ||
| getHasher = () => this.injector.getInstance(this.policyManager.policy.hasher); | ||
| /** | ||
@@ -91,2 +89,4 @@ * @param userName The User's unique name | ||
| } | ||
| injector; | ||
| policyManager; | ||
| }; | ||
@@ -104,2 +104,3 @@ __decorate([ | ||
| ], PasswordAuthenticator); | ||
| export { PasswordAuthenticator }; | ||
| //# sourceMappingURL=password-authenticator.js.map |
@@ -8,3 +8,3 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { | ||
| import { Injectable } from '@furystack/inject'; | ||
| export let PasswordHasher = class PasswordHasher { | ||
| let PasswordHasher = class PasswordHasher { | ||
| createCredential(_userName, _password) { | ||
@@ -20,2 +20,3 @@ throw Error('Set up hasher - TODO'); | ||
| ], PasswordHasher); | ||
| export { PasswordHasher }; | ||
| //# sourceMappingURL=password-hasher.js.map |
@@ -12,3 +12,3 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { | ||
| import { SecurityPolicy } from './security-policy.js'; | ||
| export let SecurityPolicyManager = class SecurityPolicyManager { | ||
| let SecurityPolicyManager = class SecurityPolicyManager { | ||
| /** | ||
@@ -49,2 +49,3 @@ * @param password The Plain password string | ||
| } | ||
| policy; | ||
| }; | ||
@@ -58,2 +59,3 @@ __decorate([ | ||
| ], SecurityPolicyManager); | ||
| export { SecurityPolicyManager }; | ||
| //# sourceMappingURL=security-policy-manager.js.map |
@@ -9,25 +9,23 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { | ||
| import { CryptoPasswordHasher } from './crypto-password-hasher.js'; | ||
| export let SecurityPolicy = class SecurityPolicy { | ||
| constructor() { | ||
| /** | ||
| * A Hasher instance for password hash generation | ||
| */ | ||
| this.hasher = CryptoPasswordHasher; | ||
| /** | ||
| * Array of password complexity rules to apply | ||
| */ | ||
| this.passwordComplexityRules = []; | ||
| /** | ||
| * The password expiration in days | ||
| */ | ||
| this.passwordExpirationDays = 0; | ||
| /** | ||
| * Defines if the login needs a second factor authentication | ||
| */ | ||
| this.requireSecondFactor = 'never'; // TODO - Challenge based on trusted devices | ||
| /** | ||
| * The Password Reset Token expiration in seconds | ||
| */ | ||
| this.resetTokenExpirationSeconds = 15; | ||
| } | ||
| let SecurityPolicy = class SecurityPolicy { | ||
| /** | ||
| * A Hasher instance for password hash generation | ||
| */ | ||
| hasher = CryptoPasswordHasher; | ||
| /** | ||
| * Array of password complexity rules to apply | ||
| */ | ||
| passwordComplexityRules = []; | ||
| /** | ||
| * The password expiration in days | ||
| */ | ||
| passwordExpirationDays = 0; | ||
| /** | ||
| * Defines if the login needs a second factor authentication | ||
| */ | ||
| requireSecondFactor = 'never'; // TODO - Challenge based on trusted devices | ||
| /** | ||
| * The Password Reset Token expiration in seconds | ||
| */ | ||
| resetTokenExpirationSeconds = 15; | ||
| }; | ||
@@ -37,2 +35,3 @@ SecurityPolicy = __decorate([ | ||
| ], SecurityPolicy); | ||
| export { SecurityPolicy }; | ||
| //# sourceMappingURL=security-policy.js.map |
| { | ||
| "name": "@furystack/security", | ||
| "version": "3.0.9", | ||
| "version": "3.0.10", | ||
| "description": "Security, password management and authorization related stuff for FuryStack", | ||
@@ -38,12 +38,12 @@ "type": "module", | ||
| "dependencies": { | ||
| "@furystack/core": "^12.0.9", | ||
| "@furystack/inject": "^8.0.8", | ||
| "@furystack/utils": "^4.0.8" | ||
| "@furystack/core": "^12.0.10", | ||
| "@furystack/inject": "^8.1.0", | ||
| "@furystack/utils": "^4.0.9" | ||
| }, | ||
| "homepage": "https://github.com/furystack/furystack", | ||
| "devDependencies": { | ||
| "@types/node": "^20.5.3", | ||
| "typescript": "^5.1.6", | ||
| "vitest": "^0.34.2" | ||
| "@types/node": "^20.5.6", | ||
| "typescript": "^5.2.2", | ||
| "vitest": "^0.34.3" | ||
| } | ||
| } |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.67%
103641
- Lines of code
- increased by2.18%
1453
Dependency changes
Updated@furystack/core@^12.0.10
Updated@furystack/inject@^8.1.0
Updated@furystack/utils@^4.0.9