@sentclose/sentc-nodejs

/** * @author Jörn Heinemann <joernheinemann@gmx.de> * @since 2022/07/16 */ import { LoginUser, UserId, UserPublicKeyData } from "./Enities"; import { StorageInterface, UserMfaLogin, StorageOptions } from "@sentclose/sentc-common"; import { User } from "./User"; export declare const enum REFRESH_ENDPOINT { cookie = 0, cookie_fn = 1, api = 2 } export interface RefreshOptions { endpoint_url?: string; endpoint_fn?: (old_jwt: string) => Promise<string>; endpoint: REFRESH_ENDPOINT; } export interface SentcOptions { base_url?: string; app_token: string; file_part_url?: string; refresh?: RefreshOptions; storage?: StorageOptions; } export declare class Sentc { private static init_client; private static init_storage; private static storage; static options: SentcOptions; static getStore(): Promise<StorageInterface>; /** * Initialize the client. * * This only works in a browser environment. * If using ssr, exe init only in the client, not on the server * * load the wasm file (from the app options url or the cdn url) */ static init(options: SentcOptions): Promise<User | undefined>; /** * Do a request to the sentc api to check if the user identifier is still available. * * true => user identifier is free * * @param userIdentifier */ static checkUserIdentifierAvailable(userIdentifier: string): Promise<boolean>; /** * Prepare the server input for the sentc api to check if an identifier is available * * This function won't do a request * * @param userIdentifier */ static prepareCheckUserIdentifierAvailable(userIdentifier: string): string | false; /** * Checks the server output after the request. * * This is only needed when not using @see checkUserIdentifierAvailable * * @param serverOutput */ static doneCheckUserIdentifierAvailable(serverOutput: string): boolean; static generateRegisterData(): string[]; /** * Generates the register input for the api. * * It can be used in an external backend * * @param userIdentifier * @param password */ static prepareRegister(userIdentifier: string, password: string): string; /** * Validates the register output from the api when using prepare register function * * @param serverOutput */ static doneRegister(serverOutput: string): string; /** * Register a new user. * * @param userIdentifier * @param password * @throws Error * - if username exists * - request error */ static register(userIdentifier: string, password: string): Promise<UserId> | false; static prepareRegisterDeviceStart(device_identifier: string, password: string): string; static doneRegisterDeviceStart(server_output: string): void; static registerDeviceStart(device_identifier: string, password: string): false | Promise<string>; /** * Log the user in * * Store all user data in the storage (e.g., Indexeddb) * * For a refresh token flow -> send the refresh token to your server and save it in an http only strict cookie * Then the user is safe for xss and csrf attacks * * when Either UserMfaLogin is returned, then the user must enter the mfa token. * Use the function Sentc.mfaLogin() to do the totp login or Sentc.mfaRecoveryLogin() to log in with a recover key */ static login(deviceIdentifier: string, password: string): Promise<LoginUser>; /** * Log in the user. * * The same as the other login function but already given the user class back instead of an Either type. * This is helpful if you disabled mfa for every user and just want to get the user without an extra check. * * This function will throw an exception if the user enables mfa. */ static login(deviceIdentifier: string, password: string, force: true): Promise<User>; static mfaLogin(token: string, login_data: UserMfaLogin): Promise<User>; static mfaRecoveryLogin(recovery_token: string, login_data: UserMfaLogin): Promise<User>; /** * get a new jwt when the old one is expired * * The check is done automatically when making a sentc api request * * It can be refreshed directly with the sdk, a request to another backend with a cookie or with an own function * * @param old_jwt * @param refresh_token */ static refreshJwt(old_jwt: string, refresh_token: string): Promise<string>; static getUserPublicKey(user_id: string): Promise<UserPublicKeyData>; static getUserVerifyKey(user_id: string, key_id: string): Promise<string>; static getGroupPublicKey(group_id: string): Promise<{ key: string; id: string; }>; static verifyUserPublicKey(user_id: string, public_key: UserPublicKeyData, force?: boolean): Promise<boolean>; /** * Get the actual used user data * * @throws Error * when the user is not set */ static getActualUser(): Promise<User>; /** * Get the actual user but with a valid jwt * @param jwt * @throws Error * when the user is not set or the jwt refresh failed */ static getActualUser(jwt: true): Promise<User>; /** * Get the actual used user and the username * * @param jwt * @param username * @throws Error * when a user doesn't exist in the client */ static getActualUser(jwt: false, username: true): Promise<[User, string]>; /** * Get any user matched by the user identifier. * * The user data is stored in the indexeddb (standard) or in memory * * @param userIdentifier */ static getUser(userIdentifier: string): Promise<User | false>; /** * The same as getUserPublicData but only fetched the public key * * @param base_url * @param app_token * @param user_id */ static getUserPublicKeyData(base_url: string, app_token: string, user_id: string): Promise<UserPublicKeyData>; /** * The same as getUserPublicData but only fetched the verify-key * * @param base_url * @param app_token * @param user_id * @param verify_key_id */ static getUserVerifyKeyData(base_url: string, app_token: string, user_id: string, verify_key_id: string): Promise<string>; static getGroupPublicKeyData(base_url: string, app_token: string, group_id: string): Promise<{ key: string; id: string; }>; static verifyUsersPublicKey(user_id: string, public_key: UserPublicKeyData, force?: boolean): Promise<boolean>; }