UNPKG

@accounter/server

Version:
38 lines (37 loc) 1.51 kB
import type { RawAuth } from '../../../plugins/auth-plugin.js'; import type { AuthContext } from '../../../shared/types/auth.js'; import type { Environment } from '../../../shared/types/index.js'; import { DBProvider } from '../../app-providers/db.provider.js'; type QueryableDB = Pick<DBProvider, 'query'>; export declare function handleDevBypassAuth(db: QueryableDB, userId: string): Promise<AuthContext | null>; export declare class AuthContextProvider { private env; private rawAuth; private db; private cachedContext; private handlingAuth; constructor(env: Environment, rawAuth: RawAuth, db: DBProvider); getJwtIdentity(): Promise<{ auth0UserId: string; email: string | null; emailVerified: boolean; } | null>; getAuthContext(): Promise<AuthContext | null>; /** * Resolve the request's read scope and attach it to the context. * * - Defaults to every business the user belongs to. * - When a valid `X-Business-Scope` header is present, narrows to that subset; * rejects (returns null) if it requests a business outside the memberships * or if the header was malformed. * - API keys are pinned to their single business and ignore the header. */ private applyRequestedReadScope; private handleDevBypassAuth; private handleApiKeyAuth; private resolveApiKeyContext; private handleGatewayControlPlaneAuth; private handleJwtAuth; private mapAuth0UserToLocal; } export {};