bknd
Version:
Lightweight Firebase/Supabase alternative built to run anywhere — incl. Next.js, React Router, Astro, Cloudflare, Bun, Node, AWS Lambda & more.
175 lines (174 loc) • 9.33 kB
TypeScript
import { Authenticator, type Strategy } from "../auth";
import { type DB } from "../core";
import type { Entity, EntityManager } from "../data";
import { type FieldSchema } from "../data/prototype";
import { Module } from "../modules/Module";
import { AuthController } from "./api/AuthController";
import { type AppAuthSchema, authConfigSchema } from "./auth-schema";
import type { AppEntity } from "../core/config";
export type UserFieldSchema = FieldSchema<typeof AppAuth.usersFields>;
declare module "../core" {
interface Users extends AppEntity, UserFieldSchema {
}
interface DB {
users: Users;
}
}
export type CreateUserPayload = {
email: string;
password: string;
[key: string]: any;
};
export declare class AppAuth extends Module<typeof authConfigSchema> {
private _authenticator?;
cache: Record<string, any>;
_controller: AuthController;
onBeforeUpdate(from: AppAuthSchema, to: AppAuthSchema): Promise<{
allow_register?: boolean | undefined;
strategies?: {
[x: string]: {
enabled?: boolean | undefined;
type: "password" | "oauth" | "custom_oauth";
config: {
type: "oidc" | "oauth2";
name: "google" | "github";
client: {
client_id: string;
client_secret: string;
};
} | {
type: "oidc" | "oauth2";
name: string;
client: {
client_id: string;
client_secret: string;
token_endpoint_auth_method: "client_secret_basic";
};
as: {
code_challenge_methods_supported?: "S256" | undefined;
scopes_supported?: string[] | undefined;
scope_separator?: string | undefined;
authorization_endpoint?: string | undefined;
token_endpoint?: string | undefined;
userinfo_endpoint?: string | undefined;
issuer: string;
};
} | {
rounds?: number | undefined;
hashing: "plain" | "sha256" | "bcrypt";
};
};
} | undefined;
guard?: {
enabled?: boolean | undefined;
} | undefined;
roles?: {
[x: string]: {
permissions?: string[] | undefined;
is_default?: boolean | undefined;
implicit_allow?: boolean | undefined;
};
} | undefined;
cookie: {
path?: string | undefined;
expires?: number | undefined;
sameSite?: "strict" | "lax" | "none" | undefined;
secure?: boolean | undefined;
httpOnly?: boolean | undefined;
renew?: boolean | undefined;
pathSuccess?: string | undefined;
pathLoggedOut?: string | undefined;
};
enabled: boolean;
basepath: string;
entity_name: string;
jwt: {
alg?: "HS256" | "HS384" | "HS512" | undefined;
expires?: number | undefined;
issuer?: string | undefined;
secret: string;
fields: string[];
};
}>;
get enabled(): boolean;
build(): Promise<void>;
isStrategyEnabled(strategy: Strategy | string): boolean;
get controller(): AuthController;
getSchema(): import("@sinclair/typebox").TObject<{
enabled: import("@sinclair/typebox").TBoolean;
basepath: import("@sinclair/typebox").TString;
entity_name: import("@sinclair/typebox").TString;
allow_register: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TBoolean>;
jwt: import("@sinclair/typebox").TObject<{
secret: import("@sinclair/typebox").TString;
alg: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TUnsafe<"HS256" | "HS384" | "HS512">>;
expires: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TNumber>;
issuer: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TString>;
fields: import("@sinclair/typebox").TArray<import("@sinclair/typebox").TString>;
}>;
cookie: import("@sinclair/typebox").TObject<{
path: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TString>;
sameSite: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TUnsafe<"strict" | "lax" | "none">>;
secure: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TBoolean>;
httpOnly: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TBoolean>;
expires: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TNumber>;
renew: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TBoolean>;
pathSuccess: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TString>;
pathLoggedOut: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TString>;
}>;
strategies: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TRecord<import("@sinclair/typebox").TString, import("@sinclair/typebox").TUnion<import("@sinclair/typebox").TObject<{
enabled: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TBoolean>;
type: import("@sinclair/typebox").TLiteral<"password"> | import("@sinclair/typebox").TLiteral<"oauth"> | import("@sinclair/typebox").TLiteral<"custom_oauth">;
config: import("@sinclair/typebox").TObject<{
hashing: import("@sinclair/typebox").TUnsafe<"plain" | "sha256" | "bcrypt">;
rounds: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TNumber>;
}> | import("@sinclair/typebox").TObject<{
name: import("@sinclair/typebox").TUnsafe<"google" | "github">;
type: import("@sinclair/typebox").TUnsafe<"oidc" | "oauth2">;
client: import("@sinclair/typebox").TObject<{
client_id: import("@sinclair/typebox").TString;
client_secret: import("@sinclair/typebox").TString;
}>;
}> | import("@sinclair/typebox").TObject<{
type: import("@sinclair/typebox").TUnsafe<"oidc" | "oauth2">;
name: import("@sinclair/typebox").TString;
client: import("@sinclair/typebox").TObject<{
client_id: import("@sinclair/typebox").TString;
client_secret: import("@sinclair/typebox").TString;
token_endpoint_auth_method: import("@sinclair/typebox").TUnsafe<"client_secret_basic">;
}>;
as: import("@sinclair/typebox").TObject<{
issuer: import("@sinclair/typebox").TString;
code_challenge_methods_supported: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TUnsafe<"S256">>;
scopes_supported: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TArray<import("@sinclair/typebox").TString>>;
scope_separator: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TString>;
authorization_endpoint: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TString>;
token_endpoint: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TString>;
userinfo_endpoint: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TString>;
}>;
}>;
}>[]>>>;
guard: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TObject<{
enabled: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TBoolean>;
}>>;
roles: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TRecord<import("@sinclair/typebox").TString, import("@sinclair/typebox").TObject<{
permissions: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TArray<import("@sinclair/typebox").TString>>;
is_default: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TBoolean>;
implicit_allow: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TBoolean>;
}>>>;
}>;
get authenticator(): Authenticator;
get em(): EntityManager;
getUsersEntity(forceCreate?: boolean): Entity<"users", typeof AppAuth.usersFields>;
static usersFields: {
email: import("../data").TextField<true>;
strategy: import("../data").TextField<true>;
strategy_value: import("../data").TextField<true>;
role: import("../data").TextField<false> & {
required: () => import("../data").TextField<true>;
};
};
registerEntities(): void;
createUser({ email, password, ...additional }: CreateUserPayload): Promise<DB["users"]>;
toJSON(secrets?: boolean): AppAuthSchema;
}