UNPKG

@withstudiocms/auth-kit

Version:

Utilities for managing authentication

studiocms.dev

withstudiocms/studiocms

64 lines (63 loc) 2.68 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
import { Effect, Platform } from '@withstudiocms/effect'; import { PasswordError } from '../errors.js'; /** * Compares two strings in constant time to prevent timing attacks. * * This function ensures that the comparison time is independent of the * input strings' content, making it resistant to timing attacks that * could reveal information about the strings. * * @param a - The first string to compare. * @param b - The second string to compare. * @returns `true` if the strings are equal, `false` otherwise. * @private */ export declare const constantTimeEqual: (a: string, b: string) => boolean; /** * The generation prefix for the secure password format. * This is used to identify the version of the password hashing scheme. */ export declare const PASS_GEN1_0_PREFIX = "gen1.0"; /** * Builds a secure password hash from the generation, salt, and hash. * * The format of the secure password is: `gen1.0:salt:hash`. * If any of the components are invalid, a PasswordError is thrown. * * @param generation - The generation identifier (e.g., 'gen1.0'). * @param salt - The salt used in the hashing process. * @param hash - The hashed password. * @returns A string representing the secure password. */ export declare const buildSecurePassword: (args_0: { generation: string; salt: string; hash: string; }) => Effect.Effect.AsEffect<Effect.Effect<string, never, never>>; /** * Breaks down a secure password hash into its components. * * The hash is expected to be in the format: `gen1.0:salt:hash`. * If the hash does not match this format, or if it uses an unsupported generation, * a PasswordError is thrown. * * @param hash - The secure password hash to break down. * @returns An object containing the generation, salt, and hash value. */ export declare const breakSecurePassword: (hash: string) => Effect.Effect.AsEffect<Effect.Effect<{ generation: string; salt: string; hash: string; }, PasswordError, never>>; /** * @private Internal function for the `verifyPasswordStrength` function */ export declare const verifyPasswordLength: (pass: string) => Effect.Effect.AsEffect<Effect.Effect<"Password must be between 6 and 255 characters long." | undefined, PasswordError, never>>; /** * @private Internal function for the `verifyPasswordStrength` function */ export declare const verifySafe: (pass: string) => Effect.Effect<string | undefined, import("../errors.js").CheckIfUnsafeError, never>; /** * @private Internal function for the `verifyPasswordStrength` function */ export declare const checkPwnedDB: (pass: string) => Effect.Effect<string | undefined, Platform.HttpClientError.ResponseError, never>;