@furystack/security
Advanced tools
@furystack/security - npm Package Compare versions
Comparing version 5.0.0 to 5.0.1
@@ -5,19 +5,3 @@ /** | ||
| export class PasswordCredential { | ||
| /** | ||
| * The unique name of the user | ||
| */ | ||
| userName; | ||
| /** | ||
| * The hashed password value | ||
| */ | ||
| passwordHash; | ||
| /** | ||
| * Salt value for password hashing // TODO | ||
| */ | ||
| salt; | ||
| /** | ||
| * The Creation date in ISO String format | ||
| */ | ||
| creationDate; | ||
| } | ||
| //# sourceMappingURL=password-credential.js.map |
| export class PasswordResetToken { | ||
| /** | ||
| * The related user name | ||
| */ | ||
| userName; | ||
| /** | ||
| * The Token value - should be some kind of generated UUID that can be included e.g. in URLs | ||
| */ | ||
| token; | ||
| /** | ||
| * The creation date in an ISO datetime format | ||
| */ | ||
| createdAt; | ||
| } | ||
| //# sourceMappingURL=password-reset-token.js.map |
| import { SecurityPolicyManager } from './security-policy-manager.js'; | ||
| import type { PasswordCheckResult } from './models/index.js'; | ||
| import type { PasswordHasher } from './password-hasher.js'; | ||
| export declare class PasswordAuthenticator { | ||
| private readonly getPasswordStore; | ||
| private readonly getTokenStore; | ||
| readonly getHasher: () => import("./password-hasher.js").PasswordHasher; | ||
| private readonly passwordStore; | ||
| private readonly tokenStore; | ||
| readonly hasher: PasswordHasher; | ||
| /** | ||
@@ -27,5 +28,4 @@ * @param userName The User's unique name | ||
| resetPasswordForUser(resetToken: string, plainPassword: string): Promise<void>; | ||
| private readonly injector; | ||
| policyManager: SecurityPolicyManager; | ||
| } | ||
| //# sourceMappingURL=password-authenticator.d.ts.map |
@@ -11,3 +11,3 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { | ||
| import { StoreManager } from '@furystack/core'; | ||
| import { Injectable, Injected, Injector } from '@furystack/inject'; | ||
| import { Injectable, Injected } from '@furystack/inject'; | ||
| import { SecurityPolicyManager } from './security-policy-manager.js'; | ||
@@ -18,5 +18,2 @@ import { UnauthenticatedError } from './errors/index.js'; | ||
| let PasswordAuthenticator = class PasswordAuthenticator { | ||
| getPasswordStore = () => this.injector.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName'); | ||
| getTokenStore = () => this.injector.getInstance(StoreManager).getStoreFor(PasswordResetToken, 'token'); | ||
| getHasher = () => this.injector.getInstance(this.policyManager.policy.hasher); | ||
| /** | ||
@@ -28,3 +25,3 @@ * @param userName The User's unique name | ||
| async checkPasswordForUser(userName, plainPassword) { | ||
| const entry = await this.getPasswordStore().get(userName); | ||
| const entry = await this.passwordStore.get(userName); | ||
| if (!entry) { | ||
@@ -36,3 +33,3 @@ return { | ||
| } | ||
| const result = await this.getHasher().verifyCredential(plainPassword, entry); | ||
| const result = await this.hasher.verifyCredential(plainPassword, entry); | ||
| if (result.isValid && this.policyManager.hasPasswordExpired(entry)) { | ||
@@ -62,7 +59,6 @@ return { | ||
| } | ||
| const store = this.getPasswordStore(); | ||
| const newCredential = await this.getHasher().createCredential(userName, plainPassword); | ||
| const existing = await store.get(userName); | ||
| existing && (await store.remove(existing.userName)); | ||
| await store.add(newCredential); | ||
| const newCredential = await this.hasher.createCredential(userName, plainPassword); | ||
| const existing = await this.passwordStore.get(userName); | ||
| existing && (await this.passwordStore.remove(existing.userName)); | ||
| await this.passwordStore.add(newCredential); | ||
| } | ||
@@ -75,3 +71,3 @@ /** | ||
| async resetPasswordForUser(resetToken, plainPassword) { | ||
| const token = await this.getTokenStore().get(resetToken); | ||
| const token = await this.tokenStore.get(resetToken); | ||
| if (!token) { | ||
@@ -81,3 +77,3 @@ throw new UnauthenticatedError(); | ||
| if (this.policyManager.hasTokenExpired(token)) { | ||
| await this.getTokenStore().remove(resetToken); // clean up token | ||
| await this.tokenStore.remove(resetToken); // clean up token | ||
| throw new UnauthenticatedError(); | ||
@@ -89,16 +85,23 @@ } | ||
| } | ||
| const newCredential = await this.getHasher().createCredential(token.userName, plainPassword); | ||
| const store = this.getPasswordStore(); | ||
| const existing = await store.get(token.userName); | ||
| existing && (await store.remove(existing.userName)); | ||
| await store.add(newCredential); | ||
| const newCredential = await this.hasher.createCredential(token.userName, plainPassword); | ||
| const existing = await this.passwordStore.get(token.userName); | ||
| existing && (await this.passwordStore.remove(existing.userName)); | ||
| await this.passwordStore.add(newCredential); | ||
| } | ||
| injector; | ||
| policyManager; | ||
| }; | ||
| __decorate([ | ||
| Injected(Injector), | ||
| __metadata("design:type", Injector) | ||
| ], PasswordAuthenticator.prototype, "injector", void 0); | ||
| Injected((injector) => injector.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName')), | ||
| __metadata("design:type", Object) | ||
| ], PasswordAuthenticator.prototype, "passwordStore", void 0); | ||
| __decorate([ | ||
| Injected((injector) => injector.getInstance(StoreManager).getStoreFor(PasswordResetToken, 'token')), | ||
| __metadata("design:type", Object) | ||
| ], PasswordAuthenticator.prototype, "tokenStore", void 0); | ||
| __decorate([ | ||
| Injected(function (injector) { | ||
| return injector.getInstance(this.policyManager.policy.hasher); | ||
| }), | ||
| __metadata("design:type", Function) | ||
| ], PasswordAuthenticator.prototype, "hasher", void 0); | ||
| __decorate([ | ||
| Injected(SecurityPolicyManager), | ||
@@ -105,0 +108,0 @@ __metadata("design:type", SecurityPolicyManager) |
@@ -40,3 +40,3 @@ import { addStore, InMemoryStore, StoreManager, User } from '@furystack/core'; | ||
| const authenticator = i.getInstance(PasswordAuthenticator); | ||
| const hasher = authenticator.getHasher(); | ||
| const { hasher } = authenticator; | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName'); | ||
@@ -56,3 +56,3 @@ const entry = await hasher.createCredential(userName, password); | ||
| const authenticator = i.getInstance(PasswordAuthenticator); | ||
| const hasher = authenticator.getHasher(); | ||
| const { hasher } = authenticator; | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName'); | ||
@@ -73,3 +73,3 @@ const entry = await hasher.createCredential(userName, password); | ||
| const authenticator = i.getInstance(PasswordAuthenticator); | ||
| const hasher = authenticator.getHasher(); | ||
| const { hasher } = authenticator; | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName'); | ||
@@ -90,3 +90,3 @@ const entry = await hasher.createCredential(userName, password); | ||
| const authenticator = i.getInstance(PasswordAuthenticator); | ||
| const hasher = authenticator.getHasher(); | ||
| const { hasher } = authenticator; | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName'); | ||
@@ -113,3 +113,3 @@ const entry = await hasher.createCredential(userName, password); | ||
| const authenticator = i.getInstance(PasswordAuthenticator); | ||
| const hasher = authenticator.getHasher(); | ||
| const { hasher } = authenticator; | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName'); | ||
@@ -140,3 +140,3 @@ const policyManager = i.getInstance(SecurityPolicyManager); | ||
| const authenticator = i.getInstance(PasswordAuthenticator); | ||
| const hasher = authenticator.getHasher(); | ||
| const { hasher } = authenticator; | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName'); | ||
@@ -168,3 +168,3 @@ const policyManager = i.getInstance(SecurityPolicyManager); | ||
| const authenticator = i.getInstance(PasswordAuthenticator); | ||
| const hasher = authenticator.getHasher(); | ||
| const { hasher } = authenticator; | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName'); | ||
@@ -201,3 +201,3 @@ const policyManager = i.getInstance(SecurityPolicyManager); | ||
| const authenticator = i.getInstance(PasswordAuthenticator); | ||
| const hasher = authenticator.getHasher(); | ||
| const { hasher } = authenticator; | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName'); | ||
@@ -228,3 +228,3 @@ const resetTokenStore = i.getInstance(StoreManager).getStoreFor(PasswordResetToken, 'token'); | ||
| const authenticator = i.getInstance(PasswordAuthenticator); | ||
| const hasher = authenticator.getHasher(); | ||
| const { hasher } = authenticator; | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName'); | ||
@@ -255,3 +255,3 @@ const resetTokenStore = i.getInstance(StoreManager).getStoreFor(PasswordResetToken, 'token'); | ||
| const authenticator = i.getInstance(PasswordAuthenticator); | ||
| const hasher = authenticator.getHasher(); | ||
| const { hasher } = authenticator; | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName'); | ||
@@ -282,3 +282,3 @@ const resetTokenStore = i.getInstance(StoreManager).getStoreFor(PasswordResetToken, 'token'); | ||
| const authenticator = i.getInstance(PasswordAuthenticator); | ||
| const hasher = authenticator.getHasher(); | ||
| const { hasher } = authenticator; | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName'); | ||
@@ -285,0 +285,0 @@ const resetTokenStore = i.getInstance(StoreManager).getStoreFor(PasswordResetToken, 'token'); |
@@ -48,3 +48,2 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { | ||
| } | ||
| policy; | ||
| }; | ||
@@ -51,0 +50,0 @@ __decorate([ |
| { | ||
| "name": "@furystack/security", | ||
| "version": "5.0.0", | ||
| "version": "5.0.1", | ||
| "description": "Security, password management and authorization related stuff for FuryStack", | ||
@@ -38,12 +38,12 @@ "type": "module", | ||
| "dependencies": { | ||
| "@furystack/core": "^14.0.0", | ||
| "@furystack/inject": "^10.0.0", | ||
| "@furystack/utils": "^6.0.0" | ||
| "@furystack/core": "^14.0.1", | ||
| "@furystack/inject": "^11.0.0", | ||
| "@furystack/utils": "^6.0.1" | ||
| }, | ||
| "homepage": "https://github.com/furystack/furystack", | ||
| "devDependencies": { | ||
| "@types/node": "^20.11.29", | ||
| "typescript": "^5.4.2", | ||
| "@types/node": "^20.11.30", | ||
| "typescript": "^5.4.3", | ||
| "vitest": "^1.4.0" | ||
| } | ||
| } |
@@ -8,7 +8,7 @@ /** | ||
| */ | ||
| userName!: string | ||
| declare userName: string | ||
| /** | ||
| * The hashed password value | ||
| */ | ||
| passwordHash!: string | ||
| declare passwordHash: string | ||
@@ -18,3 +18,3 @@ /** | ||
| */ | ||
| salt!: string | ||
| declare salt: string | ||
@@ -24,3 +24,3 @@ /** | ||
| */ | ||
| creationDate!: string | ||
| declare creationDate: string | ||
| } |
@@ -5,11 +5,11 @@ export class PasswordResetToken { | ||
| */ | ||
| userName!: string | ||
| declare userName: string | ||
| /** | ||
| * The Token value - should be some kind of generated UUID that can be included e.g. in URLs | ||
| */ | ||
| token!: string | ||
| declare token: string | ||
| /** | ||
| * The creation date in an ISO datetime format | ||
| */ | ||
| createdAt!: string | ||
| declare createdAt: string | ||
| } |
@@ -48,3 +48,3 @@ import { addStore, InMemoryStore, StoreManager, User } from '@furystack/core' | ||
| const authenticator = i.getInstance(PasswordAuthenticator) | ||
| const hasher = authenticator.getHasher() | ||
| const { hasher } = authenticator | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName') | ||
@@ -70,3 +70,3 @@ | ||
| const authenticator = i.getInstance(PasswordAuthenticator) | ||
| const hasher = authenticator.getHasher() | ||
| const { hasher } = authenticator | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName') | ||
@@ -92,3 +92,3 @@ | ||
| const authenticator = i.getInstance(PasswordAuthenticator) | ||
| const hasher = authenticator.getHasher() | ||
| const { hasher } = authenticator | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName') | ||
@@ -115,3 +115,3 @@ | ||
| const authenticator = i.getInstance(PasswordAuthenticator) | ||
| const hasher = authenticator.getHasher() | ||
| const { hasher } = authenticator | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName') | ||
@@ -145,3 +145,3 @@ | ||
| const authenticator = i.getInstance(PasswordAuthenticator) | ||
| const hasher = authenticator.getHasher() | ||
| const { hasher } = authenticator | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName') | ||
@@ -182,3 +182,3 @@ const policyManager = i.getInstance(SecurityPolicyManager) | ||
| const authenticator = i.getInstance(PasswordAuthenticator) | ||
| const hasher = authenticator.getHasher() | ||
| const { hasher } = authenticator | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName') | ||
@@ -223,3 +223,3 @@ const policyManager = i.getInstance(SecurityPolicyManager) | ||
| const authenticator = i.getInstance(PasswordAuthenticator) | ||
| const hasher = authenticator.getHasher() | ||
| const { hasher } = authenticator | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName') | ||
@@ -267,3 +267,3 @@ const policyManager = i.getInstance(SecurityPolicyManager) | ||
| const authenticator = i.getInstance(PasswordAuthenticator) | ||
| const hasher = authenticator.getHasher() | ||
| const { hasher } = authenticator | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName') | ||
@@ -298,3 +298,3 @@ const resetTokenStore = i.getInstance(StoreManager).getStoreFor(PasswordResetToken, 'token') | ||
| const authenticator = i.getInstance(PasswordAuthenticator) | ||
| const hasher = authenticator.getHasher() | ||
| const { hasher } = authenticator | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName') | ||
@@ -328,3 +328,3 @@ const resetTokenStore = i.getInstance(StoreManager).getStoreFor(PasswordResetToken, 'token') | ||
| const authenticator = i.getInstance(PasswordAuthenticator) | ||
| const hasher = authenticator.getHasher() | ||
| const { hasher } = authenticator | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName') | ||
@@ -360,3 +360,3 @@ const resetTokenStore = i.getInstance(StoreManager).getStoreFor(PasswordResetToken, 'token') | ||
| const authenticator = i.getInstance(PasswordAuthenticator) | ||
| const hasher = authenticator.getHasher() | ||
| const { hasher } = authenticator | ||
| const passwordStore = i.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName') | ||
@@ -363,0 +363,0 @@ const resetTokenStore = i.getInstance(StoreManager).getStoreFor(PasswordResetToken, 'token') |
@@ -0,3 +1,4 @@ | ||
| import type { PhysicalStore } from '@furystack/core' | ||
| import { StoreManager } from '@furystack/core' | ||
| import { Injectable, Injected, Injector } from '@furystack/inject' | ||
| import { Injectable, Injected } from '@furystack/inject' | ||
| import { SecurityPolicyManager } from './security-policy-manager.js' | ||
@@ -8,12 +9,16 @@ import { UnauthenticatedError } from './errors/index.js' | ||
| import { PasswordComplexityError } from './errors/password-complexity-error.js' | ||
| import type { PasswordHasher } from './password-hasher.js' | ||
| @Injectable({ lifetime: 'singleton' }) | ||
| export class PasswordAuthenticator { | ||
| private readonly getPasswordStore = () => | ||
| this.injector.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName') | ||
| @Injected((injector) => injector.getInstance(StoreManager).getStoreFor(PasswordCredential, 'userName')) | ||
| private declare readonly passwordStore: PhysicalStore<PasswordCredential, 'userName'> | ||
| private readonly getTokenStore = () => | ||
| this.injector.getInstance(StoreManager).getStoreFor(PasswordResetToken, 'token') | ||
| @Injected((injector) => injector.getInstance(StoreManager).getStoreFor(PasswordResetToken, 'token')) | ||
| private declare readonly tokenStore | ||
| public readonly getHasher = () => this.injector.getInstance(this.policyManager.policy.hasher) | ||
| @Injected(function (this: PasswordAuthenticator, injector) { | ||
| return injector.getInstance(this.policyManager.policy.hasher) | ||
| }) | ||
| public declare readonly hasher: PasswordHasher | ||
@@ -26,3 +31,3 @@ /** | ||
| public async checkPasswordForUser(userName: string, plainPassword: string): Promise<PasswordCheckResult> { | ||
| const entry = await this.getPasswordStore().get(userName) | ||
| const entry = await this.passwordStore.get(userName) | ||
| if (!entry) { | ||
@@ -34,3 +39,3 @@ return { | ||
| } | ||
| const result = await this.getHasher().verifyCredential(plainPassword, entry) | ||
| const result = await this.hasher.verifyCredential(plainPassword, entry) | ||
| if (result.isValid && this.policyManager.hasPasswordExpired(entry)) { | ||
@@ -62,7 +67,6 @@ return { | ||
| } | ||
| const store = this.getPasswordStore() | ||
| const newCredential = await this.getHasher().createCredential(userName, plainPassword) | ||
| const existing = await store.get(userName) | ||
| existing && (await store.remove(existing.userName)) | ||
| await store.add(newCredential) | ||
| const newCredential = await this.hasher.createCredential(userName, plainPassword) | ||
| const existing = await this.passwordStore.get(userName) | ||
| existing && (await this.passwordStore.remove(existing.userName)) | ||
| await this.passwordStore.add(newCredential) | ||
| } | ||
@@ -76,3 +80,3 @@ | ||
| public async resetPasswordForUser(resetToken: string, plainPassword: string): Promise<void> { | ||
| const token = await this.getTokenStore().get(resetToken) | ||
| const token = await this.tokenStore.get(resetToken) | ||
@@ -84,3 +88,3 @@ if (!token) { | ||
| if (this.policyManager.hasTokenExpired(token)) { | ||
| await this.getTokenStore().remove(resetToken) // clean up token | ||
| await this.tokenStore.remove(resetToken) // clean up token | ||
| throw new UnauthenticatedError() | ||
@@ -94,14 +98,10 @@ } | ||
| const newCredential = await this.getHasher().createCredential(token.userName, plainPassword) | ||
| const store = this.getPasswordStore() | ||
| const existing = await store.get(token.userName) | ||
| existing && (await store.remove(existing.userName)) | ||
| await store.add(newCredential) | ||
| const newCredential = await this.hasher.createCredential(token.userName, plainPassword) | ||
| const existing = await this.passwordStore.get(token.userName) | ||
| existing && (await this.passwordStore.remove(existing.userName)) | ||
| await this.passwordStore.add(newCredential) | ||
| } | ||
| @Injected(Injector) | ||
| private readonly injector!: Injector | ||
| @Injected(SecurityPolicyManager) | ||
| public policyManager!: SecurityPolicyManager | ||
| public declare policyManager: SecurityPolicyManager | ||
| } |
@@ -50,3 +50,3 @@ import { Injectable, Injected } from '@furystack/inject' | ||
| @Injected(SecurityPolicy) | ||
| public readonly policy!: SecurityPolicy | ||
| public declare readonly policy: SecurityPolicy | ||
| } |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Worsened metrics
- Total package byte prevSize
- decreased by-0.5%
152596
- Lines of code
- decreased by-1.35%
1826
Dependency changes
- Removed@furystack/inject@10.0.0(transitive)
Updated@furystack/core@^14.0.1
Updated@furystack/inject@^11.0.0
Updated@furystack/utils@^6.0.1