UNPKG

@analog-tools/auth

Version:

Authentication module for AnalogJS applications

github.com/MrBacony/analog-tools

MrBacony/analog-tools

107 lines (98 loc) 3.67 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
import * as _angular_core from '@angular/core'; import { EnvironmentProviders, OnDestroy, WritableSignal } from '@angular/core'; import * as _angular_common_http from '@angular/common/http'; import { HttpInterceptorFn } from '@angular/common/http'; import { CanActivateFn } from '@angular/router'; import { ServerRequest } from '@analogjs/router/tokens'; import { HTTPHeaders } from '@trpc/client'; declare function provideAuthClient(): EnvironmentProviders; interface AuthUser { username: string; fullName: string; givenName: string; familyName: string; picture?: string; email?: string; emailVerified?: boolean; locale?: string; lastLogin?: string; updatedAt?: string; createdAt?: string; auth_id?: string; roles?: string[]; } /** * Auth service for BFF (Backend for Frontend) authentication pattern * Uses server-side sessions with Auth0 instead of client-side tokens */ declare class AuthService implements OnDestroy { private router; private platformId; private document; private httpRequest; private checkAuthInterval; readonly isAuthenticatedResource: _angular_common_http.HttpResourceRef<boolean>; readonly isAuthenticated: _angular_core.Signal<boolean>; readonly userResource: _angular_common_http.HttpResourceRef<AuthUser | null>; readonly user: _angular_core.Signal<AuthUser | null>; constructor(); ngOnDestroy(): void; /** * Login the user by redirecting to the login endpoint * @param targetUrl Optional URL to redirect to after login */ login(targetUrl?: string): void; /** * Logout the user by redirecting to the logout endpoint */ logout(): void; /** * Check if user has the required roles * @param roles Array of roles to check */ hasRoles(roles: string[]): boolean; static ɵfac: _angular_core.ɵɵFactoryDeclaration<AuthService, never>; static ɵprov: _angular_core.ɵɵInjectableDeclaration<AuthService>; } /** * Auth guard that checks if the user is authenticated */ declare const authGuard: CanActivateFn; /** * Role-based guard that checks if the user has the required roles */ declare const roleGuard: CanActivateFn; /** * HTTP interceptor that: * 1. Adds a fetch=true header to indicate fresh data requests * 2. Redirects to login page when an API returns a 401 Unauthorized response * * This handles cases where a session has expired on the server-side. */ declare const authInterceptor: HttpInterceptorFn; /** * Provider for the auth interceptor */ declare const provideAuthInterceptor: () => { provide: string; useValue: HttpInterceptorFn; multi: boolean; }; type TRPCErrorData = { code: string; httpStatus?: number; path?: string; errorCode?: string; [key: string]: unknown; }; type ProcedureMethod = (...args: unknown[]) => unknown; /** * Wraps a TRPC client with error handling for auth errors * @param client The original TRPC client * @param errorHandler A function to handle errors. if returns true, the error is handled and catched * @returns A wrapped TRPC client with error handling */ declare function wrapTrpcClientWithErrorHandling<T>(client: Record<string, unknown>, errorHandler?: (errorData: TRPCErrorData | undefined) => boolean): T; declare function createTrpcClientWithAuth<T>(trpcClient: T, request: ServerRequest | null, TrpcHeaders: WritableSignal<HTTPHeaders>): T; export { AuthService, authGuard, authInterceptor, createTrpcClientWithAuth, provideAuthClient, provideAuthInterceptor, roleGuard, wrapTrpcClientWithErrorHandling }; export type { AuthUser, ProcedureMethod, TRPCErrorData };