@adonisjs/auth

import type { Secret } from '@adonisjs/core/helpers'; import type { LucidModel } from '@adonisjs/lucid/types/model'; import { AccessToken } from '../access_token.ts'; import type { AccessTokenDbColumns, AccessTokensProviderContract, DbAccessTokensProviderOptions } from '../types.ts'; /** * DbAccessTokensProvider uses lucid database service to fetch and * persist tokens for a given user. * * The user must be an instance of the associated user model. * * @template TokenableModel - The Lucid model that can have tokens * * @example * const provider = new DbAccessTokensProvider({ * tokenableModel: () => import('#models/user'), * table: 'api_tokens', * type: 'api_token', * prefix: 'api_' * }) */ export declare class DbAccessTokensProvider<TokenableModel extends LucidModel> implements AccessTokensProviderContract<TokenableModel> { #private; protected options: DbAccessTokensProviderOptions<TokenableModel>; /** * Create tokens provider instance for a given Lucid model * * @param model - The tokenable model factory function * @param options - Optional configuration options * * @example * const provider = DbAccessTokensProvider.forModel( * () => import('#models/user'), * { prefix: 'api_', type: 'api_token' } * ) */ static forModel<TokenableModel extends LucidModel>(model: DbAccessTokensProviderOptions<TokenableModel>['tokenableModel'], options?: Omit<DbAccessTokensProviderOptions<TokenableModel>, 'tokenableModel'>): DbAccessTokensProvider<TokenableModel>; /** * A unique type for the value. The type is used to identify a * bucket of tokens within the storage layer. * * Defaults to auth_token */ protected type: string; /** * A unique prefix to append to the publicly shared token value. * * Defaults to oat */ protected prefix: string; /** * Database table to use for querying access tokens */ protected table: string; /** * The length for the token secret. A secret is a cryptographically * secure random string. */ protected tokenSecretLength: number; /** * Creates a new DbAccessTokensProvider instance * * @param options - Configuration options for the provider * * @example * const provider = new DbAccessTokensProvider({ * tokenableModel: () => import('#models/user'), * table: 'auth_access_tokens', * tokenSecretLength: 40, * type: 'auth_token', * prefix: 'oat_' * }) */ constructor(options: DbAccessTokensProviderOptions<TokenableModel>); /** * Maps a database row to an AccessToken instance * * @param dbRow - The database row containing token data * * @example * const token = provider.dbRowToAccessToken({ * id: 1, * tokenable_id: 123, * type: 'auth_token', * hash: 'sha256hash', * // ... other columns * }) */ protected dbRowToAccessToken(dbRow: AccessTokenDbColumns): AccessToken; /** * Returns a query client instance from the parent model * * @example * const db = await provider.getDb() * const tokens = await db.from('auth_access_tokens').select('*') */ protected getDb(): Promise<import("@adonisjs/lucid/types/database").QueryClientContract>; /** * Create a token for a user * * @param user - The user instance to create a token for * @param abilities - Array of abilities the token should have * @param options - Optional token configuration * * @example * const token = await provider.create(user, ['read', 'write'], { * name: 'Mobile App Token', * expiresIn: '7d' * }) * console.log('Token:', token.value.release()) */ create(user: InstanceType<TokenableModel>, abilities?: string[], options?: { name?: string; expiresIn?: string | number; }): Promise<AccessToken>; /** * Find a token for a user by the token id * * @param user - The user instance that owns the token * @param identifier - The token identifier to search for * * @example * const token = await provider.find(user, 123) * if (token) { * console.log('Found token:', token.name) * } */ find(user: InstanceType<TokenableModel>, identifier: string | number | BigInt): Promise<AccessToken | null>; /** * Delete a token by its id * * @param user - The user instance that owns the token * @param identifier - The token identifier to delete * * @example * const deletedCount = await provider.delete(user, 123) * console.log('Deleted tokens:', deletedCount) */ delete(user: InstanceType<TokenableModel>, identifier: string | number | BigInt): Promise<number>; /** * Delete all tokens for a given user * * @param user - The user instance to delete tokens for * * @example * const deletedCount = await provider.deleteAll(user) * console.log('Deleted tokens:', deletedCount) */ deleteAll(user: InstanceType<TokenableModel>): Promise<number>; /** * Returns all the tokens for a given user * * @param user - The user instance to get tokens for * * @example * const tokens = await provider.all(user) * console.log('User has', tokens.length, 'tokens') * tokens.forEach(token => console.log(token.name)) */ all(user: InstanceType<TokenableModel>): Promise<AccessToken[]>; /** * Verifies a publicly shared access token and returns an * access token for it. * * Returns null when unable to verify the token or find it * inside the storage * * @param tokenValue - The token value to verify * * @example * const token = await provider.verify(new Secret('oat_abc123.def456')) * if (token && !token.isExpired()) { * console.log('Valid token for user:', token.tokenableId) * } */ verify(tokenValue: Secret<string>): Promise<AccessToken | null>; /** * Invalidates a token identified by its publicly shared token * * @param tokenValue - The token value to invalidate * * @example * const wasInvalidated = await provider.invalidate(new Secret('oat_abc123.def456')) * if (wasInvalidated) { * console.log('Token successfully invalidated') * } */ invalidate(tokenValue: Secret<string>): Promise<boolean>; }