New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

lucia

Package Overview
Dependencies
Maintainers
1
Versions
109
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

lucia - npm Package Compare versions

Comparing version

3.1.1
to
3.2.0

12

CHANGELOG.md
# lucia
## 3.2.0
### Minor changes
- [#1548](https://github.com/lucia-auth/lucia/pull/1548) by [@pilcrowOnPaper](https://github.com/pilcrowOnPaper) : Add `generateIdFromEntropySize()`
### Patch changes
- [#1546](https://github.com/lucia-auth/lucia/pull/1546) by [@pilcrowOnPaper](https://github.com/pilcrowOnPaper) : Fix `options.sessionCookie` parameter type in `Lucia`
- [#1548](https://github.com/lucia-auth/lucia/pull/1548) by [@pilcrowOnPaper](https://github.com/pilcrowOnPaper) : Optimize session ID generation
## 3.1.1

@@ -4,0 +16,0 @@

2

dist/core.d.ts

@@ -54,3 +54,3 @@ import { TimeSpan } from "oslo";

export interface SessionCookieAttributesOptions {
sameSite?: "lax" | "strict";
sameSite?: "lax" | "strict" | "none";
domain?: string;

@@ -57,0 +57,0 @@ path?: string;

4

dist/core.js
import { TimeSpan, createDate, isWithinExpirationDate } from "oslo";
import { generateId } from "./crypto.js";
import { CookieController } from "oslo/cookie";
import { generateIdFromEntropySize } from "./crypto.js";
export class Lucia {

@@ -93,3 +93,3 @@ adapter;

async createSession(userId, attributes, options) {
const sessionId = options?.sessionId ?? generateId(40);
const sessionId = options?.sessionId ?? generateIdFromEntropySize(25);
const sessionExpiresAt = createDate(this.sessionExpiresIn);

@@ -96,0 +96,0 @@ await this.adapter.setSession({

1

dist/crypto.d.ts
import type { PasswordHashingAlgorithm } from "oslo/password";
export type { PasswordHashingAlgorithm } from "oslo/password";
export declare function generateId(length: number): string;
export declare function generateIdFromEntropySize(size: number): string;
export declare class Scrypt implements PasswordHashingAlgorithm {

@@ -5,0 +6,0 @@ hash(password: string): Promise<string>;

10

dist/crypto.js

@@ -1,2 +0,2 @@

import { encodeHex, decodeHex } from "oslo/encoding";
import { encodeHex, decodeHex, base32 } from "oslo/encoding";
import { constantTimeEqual, generateRandomString, alphabet } from "oslo/crypto";

@@ -18,2 +18,10 @@ import { scrypt } from "./scrypt/index.js";

}
export function generateIdFromEntropySize(size) {
const buffer = crypto.getRandomValues(new Uint8Array(size));
return base32
.encode(buffer, {
includePadding: false
})
.toLowerCase();
}
export class Scrypt {

@@ -20,0 +28,0 @@ async hash(password) {

2

dist/index.d.ts
export { Lucia } from "./core.js";
export { Scrypt, LegacyScrypt, generateId } from "./crypto.js";
export { Scrypt, LegacyScrypt, generateId, generateIdFromEntropySize } from "./crypto.js";
export { TimeSpan } from "oslo";

@@ -4,0 +4,0 @@ export { Cookie } from "oslo/cookie";

2

dist/index.js
export { Lucia } from "./core.js";
export { Scrypt, LegacyScrypt, generateId } from "./crypto.js";
export { Scrypt, LegacyScrypt, generateId, generateIdFromEntropySize } from "./crypto.js";
export { TimeSpan } from "oslo";
export { Cookie } from "oslo/cookie";
export { verifyRequestOrigin } from "oslo/request";

4

package.json
{
"name": "lucia",
"version": "3.1.1",
"version": "3.2.0",
"description": "A simple and flexible authentication library",

@@ -32,3 +32,3 @@ "main": "dist/index.js",

"dependencies": {
"oslo": "1.0.1"
"oslo": "1.2.0"
},

@@ -35,0 +35,0 @@ "scripts": {