@withstudiocms/auth-kit/dist/index.js

Utilities for managing authentication

import { Effect } from "@withstudiocms/effect";
import { Scrypt as _Scrypt } from "@withstudiocms/effect/scrypt";
import { AuthKitOptions, PasswordModConfigFinal } from "./config.js";
import { _Encryption, _Password, _Session, _User } from "./modules/index.js";
import { Password } from "./modules/password.js";
const makeScrypt = Effect.fn(
  (config) => Effect.try({
    try: () => Effect.gen(function* () {
      const { run } = yield* _Scrypt;
      return { run };
    }).pipe(Effect.provide(_Scrypt.makeLive(config.scrypt))),
    catch: (error) => new Error(`Failed to create Scrypt instance: ${error.message}`)
  })
);
class AuthKit extends Effect.Service()("@withstudiocms/AuthKit", {
  effect: Effect.gen(function* () {
    const { CMS_ENCRYPTION_KEY, scrypt, session, userTools } = yield* AuthKitOptions;
    const Scrypt = yield* Effect.withSpan("@withstudiocms/AuthKit.Scrypt")(
      makeScrypt(PasswordModConfigFinal({ scrypt }))
    );
    const Encryption = Effect.withSpan("@withstudiocms/AuthKit.Encryption")(
      _Encryption(CMS_ENCRYPTION_KEY)
    );
    const Password2 = Effect.withSpan("@withstudiocms/AuthKit.Password")(_Password(Scrypt));
    const Session = Effect.withSpan("@withstudiocms/AuthKit.Session")(_Session(session));
    const User = Effect.withSpan("@withstudiocms/AuthKit.User")(
      _User({ Scrypt, session, userTools })
    );
    return {
      Encryption,
      Password: Password2,
      Session,
      User
    };
  })
}) {
  /**
   * Creates a live instance of `AuthKitOptions` using the provided raw configuration.
   *
   * @param CMS_ENCRYPTION_KEY - The encryption key used for cryptographic operations.
   * @param session - session configuration overrides.
   * @param userTools - Tools or utilities related to user management.
   * @returns A Layer that provides the configured `AuthKitOptions`.
   *
   * @remarks
   * - Scrypt parameters (`N`, `r`, `p`) are read from environment variables (`SCRYPT_N`, `SCRYPT_R`, `SCRYPT_P`),
   *   with sensible defaults and minimum values enforced for security.
   * - The session configuration merges defaults with any provided overrides.
   * - The returned Layer can be used for dependency injection in the application.
   */
  static makeConfig = (config) => AuthKitOptions.Live(config);
}
export {
  AuthKit,
  Password,
  makeScrypt
};