bknd
Version:
Lightweight Firebase/Supabase alternative built to run anywhere — incl. Next.js, React Router, Astro, Cloudflare, Bun, Node, AWS Lambda & more.
584 lines (583 loc) • 33.8 kB
TypeScript
import type { DB, PrimaryFieldType } from "..";
import type { AuthStrategy } from "../auth/authenticate/strategies/Strategy";
import type { Entity, EntityManager } from "../data/entities";
import { type FieldSchema } from "../data/prototype";
import { Module } from "../modules/Module";
import { AuthController } from "./api/AuthController";
import { type AppAuthSchema } from "./auth-schema";
import type { AppEntity } from "../core/config";
import { Authenticator } from "./authenticate/Authenticator";
export type UsersFields = typeof AppAuth.usersFields;
export type UserFieldSchema = FieldSchema<typeof AppAuth.usersFields>;
declare module ".." {
interface Users extends AppEntity, UserFieldSchema {
}
interface DB {
users: Users;
}
}
export type CreateUserPayload = {
email: string;
password: string;
[key: string]: any;
};
export declare class AppAuth extends Module<AppAuthSchema> {
private _authenticator?;
cache: Record<string, any>;
_controller: AuthController;
onBeforeUpdate(from: AppAuthSchema, to: AppAuthSchema): Promise<{
[x: string]: unknown;
allow_register?: boolean | undefined;
default_role_register?: string | undefined;
guard?: {
[x: string]: unknown;
enabled?: boolean | undefined;
} | undefined;
roles?: {
[x: string]: {
permissions?: string[] | {
effect?: "allow" | "deny" | undefined;
policies?: {
description?: string | undefined;
filter?: import("../core/object/query/object-query").ObjectQuery | undefined;
effect?: "filter" | "allow" | "deny" | undefined;
condition?: import("../core/object/query/object-query").ObjectQuery | undefined;
}[] | undefined;
permission: string;
}[] | undefined;
is_default?: boolean | undefined;
implicit_allow?: boolean | undefined;
};
} | undefined;
enabled: boolean;
basepath: string;
entity_name: string;
strategies: {
[x: string]: {
enabled?: boolean | undefined;
type: "password" | "oauth" | "custom_oauth";
config: {
minLength?: number | undefined;
rounds?: number | undefined;
hashing: "plain" | "sha256" | "bcrypt";
} | {
[x: string]: unknown;
name: "google" | "github";
type: "oidc" | "oauth2";
client: {
client_id: string;
client_secret: string;
};
} | {
name: string;
type: "oidc" | "oauth2";
client: {
[x: string]: unknown;
client_id: string;
client_secret: string;
token_endpoint_auth_method: "client_secret_basic";
};
as: {
code_challenge_methods_supported?: "S256" | undefined;
scopes_supported?: string[] | undefined;
scope_separator?: string | undefined;
authorization_endpoint?: string | undefined;
token_endpoint?: string | undefined;
userinfo_endpoint?: string | undefined;
issuer: string;
};
};
};
};
jwt: {
alg?: "HS256" | "HS384" | "HS512" | undefined;
expires?: number | undefined;
issuer?: string | undefined;
secret: string;
fields: string[];
};
cookie: {
path?: string | undefined;
expires?: number | undefined;
domain?: string | undefined;
sameSite?: "strict" | "lax" | "none" | undefined;
secure?: boolean | undefined;
httpOnly?: boolean | undefined;
partitioned?: boolean | undefined;
renew?: boolean | undefined;
pathSuccess?: string | undefined;
pathLoggedOut?: string | undefined;
};
}>;
get enabled(): boolean;
build(): Promise<void>;
isStrategyEnabled(strategy: AuthStrategy | string): boolean;
get controller(): AuthController;
getSchema(): import("../modules/mcp").ObjectToolSchema<{
readonly enabled: import("jsonv-ts").Schema<{
readonly default: false;
}, boolean, boolean> & {
readonly default: false;
};
readonly basepath: import("jsonv-ts").StringSchema<{
readonly default: "/api/auth";
}> & {
readonly default: "/api/auth";
};
readonly entity_name: import("jsonv-ts").StringSchema<{
readonly default: "users";
}> & {
readonly default: "users";
};
readonly allow_register: {
readonly default: true;
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
readonly default_role_register: {
default?: any;
maxLength?: number | undefined;
minLength?: number | undefined;
pattern?: (string | RegExp) | undefined;
format?: string | undefined;
enum?: (readonly any[] | any[]) | undefined;
const?: any;
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
readonly jwt: import("jsonv-ts").ObjectSchema<{
readonly secret: import("bknd/utils").SecretSchema<{
default: string;
}> & {
default: string;
};
readonly alg: {
readonly default: "HS256";
readonly enum: ["HS256", "HS384", "HS512"];
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "HS256" | "HS384" | "HS512" | undefined, "HS256" | "HS384" | "HS512" | undefined>;
readonly expires: {
default?: any;
enum?: (readonly any[] | any[]) | undefined;
const?: any;
multipleOf?: number | undefined;
maximum?: number | undefined;
exclusiveMaximum?: number | undefined;
minimum?: number | undefined;
exclusiveMinimum?: number | undefined;
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, number | undefined, number | undefined>;
readonly issuer: {
default?: any;
maxLength?: number | undefined;
minLength?: number | undefined;
pattern?: (string | RegExp) | undefined;
format?: string | undefined;
enum?: (readonly any[] | any[]) | undefined;
const?: any;
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
readonly fields: import("jsonv-ts").ArraySchema<import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions, {
readonly default: readonly ["id", "email", "role"];
}> & {
readonly default: readonly ["id", "email", "role"];
};
}, import("jsonv-ts").Merge<{
readonly default: {};
} & {
additionalProperties: false;
}>>;
readonly cookie: import("jsonv-ts").ObjectSchema<{
readonly domain: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
readonly path: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
readonly sameSite: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "strict" | "lax" | "none" | undefined, "strict" | "lax" | "none" | undefined>;
readonly secure: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
readonly httpOnly: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
readonly expires: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, number | undefined, number | undefined>;
readonly partitioned: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
readonly renew: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
readonly pathSuccess: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
readonly pathLoggedOut: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
}, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
additionalProperties: false;
}>>;
readonly strategies: import("../modules/mcp").RecordToolSchema<import("jsonv-ts").Schema<import("jsonv-ts").IUnionOptions, {
enabled?: boolean | undefined;
type: "password" | "oauth" | "custom_oauth";
config: {
minLength?: number | undefined;
rounds?: number | undefined;
hashing: "plain" | "sha256" | "bcrypt";
} | {
[x: string]: unknown;
name: "google" | "github";
type: "oidc" | "oauth2";
client: {
client_id: string;
client_secret: string;
};
} | {
name: string;
type: "oidc" | "oauth2";
client: {
[x: string]: unknown;
client_id: string;
client_secret: string;
token_endpoint_auth_method: "client_secret_basic";
};
as: {
code_challenge_methods_supported?: "S256" | undefined;
scopes_supported?: string[] | undefined;
scope_separator?: string | undefined;
authorization_endpoint?: string | undefined;
token_endpoint?: string | undefined;
userinfo_endpoint?: string | undefined;
issuer: string;
};
};
}, never> & import("jsonv-ts").Merge<import("jsonv-ts").IUnionOptions & {
anyOf: import("jsonv-ts").ObjectSchema<{
readonly enabled: {
readonly default: true;
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
readonly type: import("jsonv-ts").Schema<import("jsonv-ts").ILiteralOptions, "password" | "oauth" | "custom_oauth", "password" | "oauth" | "custom_oauth"> & import("jsonv-ts").Merge<import("jsonv-ts").ILiteralOptions & {
const: "password" | "oauth" | "custom_oauth";
}>;
readonly config: import("jsonv-ts").ObjectSchema<{
readonly hashing: import("jsonv-ts").StringSchema<{
readonly enum: readonly ["plain", "sha256", "bcrypt"];
readonly default: "sha256";
}> & {
readonly enum: readonly ["plain", "sha256", "bcrypt"];
readonly default: "sha256";
};
readonly rounds: {
readonly maximum: 10;
readonly minimum: 1;
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, number | undefined, number | undefined>;
readonly minLength: {
readonly default: 8;
readonly minimum: 1;
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, number | undefined, number | undefined>;
}, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
additionalProperties: false;
}>> | (import("jsonv-ts").ObjectSchema<{
readonly name: import("jsonv-ts").StringSchema<{
readonly enum: ("google" | "github")[];
}> & {
readonly enum: ("google" | "github")[];
};
readonly type: import("jsonv-ts").StringSchema<{
readonly enum: readonly ["oidc", "oauth2"];
readonly default: "oauth2";
}> & {
readonly enum: readonly ["oidc", "oauth2"];
readonly default: "oauth2";
};
readonly client: import("jsonv-ts").ObjectSchema<{
readonly client_id: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions;
readonly client_secret: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions;
}, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
additionalProperties: false;
}>>;
}, {
readonly title: "OAuth";
}> & {
readonly title: "OAuth";
}) | import("jsonv-ts").ObjectSchema<{
readonly type: import("jsonv-ts").StringSchema<{
readonly enum: readonly ["oidc", "oauth2"];
readonly default: "oidc";
}> & {
readonly enum: readonly ["oidc", "oauth2"];
readonly default: "oidc";
};
readonly name: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions;
readonly client: import("jsonv-ts").ObjectSchema<{
readonly client_id: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions;
readonly client_secret: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions;
readonly token_endpoint_auth_method: import("jsonv-ts").StringSchema<{
readonly enum: readonly ["client_secret_basic"];
}> & {
readonly enum: readonly ["client_secret_basic"];
};
}, import("jsonv-ts").IObjectOptions> & import("jsonv-ts").IObjectOptions;
readonly as: import("jsonv-ts").ObjectSchema<{
readonly issuer: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions;
readonly code_challenge_methods_supported: {
readonly enum: ["S256"];
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "S256" | undefined, "S256" | undefined>;
readonly scopes_supported: {
default?: any;
enum?: (readonly any[] | any[]) | undefined;
const?: any;
$defs?: Record<string, import("jsonv-ts").Schema> | undefined;
contains?: import("jsonv-ts").Schema | undefined;
minContains?: number | undefined;
maxContains?: number | undefined;
prefixItems?: import("jsonv-ts").Schema[] | undefined;
uniqueItems?: boolean | undefined;
maxItems?: number | undefined;
minItems?: number | undefined;
readonly items?: (import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions) | undefined;
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string[] | undefined, string[] | undefined>;
readonly scope_separator: {
readonly default: " ";
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
readonly authorization_endpoint: {
readonly pattern: "^(https?|wss?)://[^\\s/$.?#].[^\\s]*$";
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
readonly token_endpoint: {
readonly pattern: "^(https?|wss?)://[^\\s/$.?#].[^\\s]*$";
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
readonly userinfo_endpoint: {
readonly pattern: "^(https?|wss?)://[^\\s/$.?#].[^\\s]*$";
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
}, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
additionalProperties: false;
}>>;
}, import("jsonv-ts").Merge<{
readonly title: "Custom OAuth";
} & {
additionalProperties: false;
}>>;
}, import("jsonv-ts").Merge<{
readonly title: "password" | "oauth" | "custom_oauth";
} & {
additionalProperties: false;
}>>[];
}>, {
readonly title: "Strategies";
readonly default: {
readonly password: {
readonly type: "password";
readonly enabled: true;
readonly config: {
readonly hashing: "sha256";
};
};
};
}>;
readonly guard: {
default?: any;
enum?: (readonly any[] | any[]) | undefined;
const?: any;
$defs?: Record<string, import("jsonv-ts").Schema> | undefined;
patternProperties?: Record<string, import("jsonv-ts").Schema> | undefined;
additionalProperties?: (import("jsonv-ts").Schema | false) | undefined;
minProperties?: number | undefined;
maxProperties?: number | undefined;
propertyNames?: import("jsonv-ts").Schema | undefined;
properties: {
readonly enabled: {
readonly default: false;
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
};
required: string[] | undefined;
strict: () => import("jsonv-ts").ObjectSchema<{
readonly enabled: {
readonly default: false;
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
}, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
additionalProperties: false;
}>>;
partial: () => import("jsonv-ts").ObjectSchema<{
readonly enabled: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
}, import("jsonv-ts").IObjectOptions>;
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, {
[x: string]: unknown;
enabled?: boolean | undefined;
} | undefined, {
[x: string]: unknown;
enabled?: boolean | undefined;
} | undefined>;
readonly roles: {
additionalProperties: import("jsonv-ts").ObjectSchema<{
readonly permissions: {
default?: any;
enum?: (readonly any[] | any[]) | undefined;
const?: any;
anyOf: [import("jsonv-ts").ArraySchema<import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions, import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>> & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>, import("jsonv-ts").ArraySchema<import("jsonv-ts").ObjectSchema<{
readonly permission: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions;
readonly effect: {
readonly default: "allow";
readonly enum: ["allow", "deny"];
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "allow" | "deny" | undefined, "allow" | "deny" | undefined>;
readonly policies: {
default?: any;
enum?: (readonly any[] | any[]) | undefined;
const?: any;
$defs?: Record<string, import("jsonv-ts").Schema> | undefined;
contains?: import("jsonv-ts").Schema | undefined;
minContains?: number | undefined;
maxContains?: number | undefined;
prefixItems?: import("jsonv-ts").Schema[] | undefined;
uniqueItems?: boolean | undefined;
maxItems?: number | undefined;
minItems?: number | undefined;
readonly items?: import("jsonv-ts").ObjectSchema<{
readonly description: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
readonly condition: import("jsonv-ts").Schema<{}, import("../core/object/query/object-query").ObjectQuery | undefined>;
readonly effect: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "filter" | "allow" | "deny" | undefined, "filter" | "allow" | "deny" | undefined>;
readonly filter: import("jsonv-ts").Schema<{}, import("../core/object/query/object-query").ObjectQuery | undefined>;
}, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
additionalProperties: false;
}>> | undefined;
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, {
description?: string | undefined;
filter?: import("../core/object/query/object-query").ObjectQuery | undefined;
effect?: "filter" | "allow" | "deny" | undefined;
condition?: import("../core/object/query/object-query").ObjectQuery | undefined;
}[] | undefined, {
description?: string | undefined;
filter?: import("../core/object/query/object-query").ObjectQuery | undefined;
effect?: "filter" | "allow" | "deny" | undefined;
condition?: import("../core/object/query/object-query").ObjectQuery | undefined;
}[] | undefined>;
}, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
additionalProperties: false;
}>>, import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>> & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>];
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string[] | {
effect?: "allow" | "deny" | undefined;
policies?: {
description?: string | undefined;
filter?: import("../core/object/query/object-query").ObjectQuery | undefined;
effect?: "filter" | "allow" | "deny" | undefined;
condition?: import("../core/object/query/object-query").ObjectQuery | undefined;
}[] | undefined;
permission: string;
}[] | undefined, any>;
readonly is_default: {
default?: any;
enum?: (readonly any[] | any[]) | undefined;
const?: any;
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
readonly implicit_allow: {
default?: any;
enum?: (readonly any[] | any[]) | undefined;
const?: any;
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
}, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
additionalProperties: false;
}>>;
readonly mcp: import("../modules/mcp").McpSchemaHelper<{
get?: boolean;
add?: boolean;
update?: boolean;
remove?: boolean;
}>;
getTools: (node: import("jsonv-ts").Node<import("../modules/mcp").RecordToolSchema<import("jsonv-ts").ObjectSchema<{
readonly permissions: {
default?: any;
enum?: (readonly any[] | any[]) | undefined;
const?: any;
anyOf: [import("jsonv-ts").ArraySchema<import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions, import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>> & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>, import("jsonv-ts").ArraySchema<import("jsonv-ts").ObjectSchema<{
readonly permission: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions;
readonly effect: {
readonly default: "allow";
readonly enum: ["allow", "deny"];
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "allow" | "deny" | undefined, "allow" | "deny" | undefined>;
readonly policies: {
default?: any;
enum?: (readonly any[] | any[]) | undefined;
const?: any;
$defs?: Record<string, import("jsonv-ts").Schema> | undefined;
contains?: import("jsonv-ts").Schema | undefined;
minContains?: number | undefined;
maxContains?: number | undefined;
prefixItems?: import("jsonv-ts").Schema[] | undefined;
uniqueItems?: boolean | undefined;
maxItems?: number | undefined;
minItems?: number | undefined;
readonly items?: import("jsonv-ts").ObjectSchema<{
readonly description: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
readonly condition: import("jsonv-ts").Schema<{}, import("../core/object/query/object-query").ObjectQuery | undefined>;
readonly effect: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "filter" | "allow" | "deny" | undefined, "filter" | "allow" | "deny" | undefined>;
readonly filter: import("jsonv-ts").Schema<{}, import("../core/object/query/object-query").ObjectQuery | undefined>;
}, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
additionalProperties: false;
}>> | undefined;
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, {
description?: string | undefined;
filter?: import("../core/object/query/object-query").ObjectQuery | undefined;
effect?: "filter" | "allow" | "deny" | undefined;
condition?: import("../core/object/query/object-query").ObjectQuery | undefined;
}[] | undefined, {
description?: string | undefined;
filter?: import("../core/object/query/object-query").ObjectQuery | undefined;
effect?: "filter" | "allow" | "deny" | undefined;
condition?: import("../core/object/query/object-query").ObjectQuery | undefined;
}[] | undefined>;
}, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
additionalProperties: false;
}>>, import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>> & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>];
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string[] | {
effect?: "allow" | "deny" | undefined;
policies?: {
description?: string | undefined;
filter?: import("../core/object/query/object-query").ObjectQuery | undefined;
effect?: "filter" | "allow" | "deny" | undefined;
condition?: import("../core/object/query/object-query").ObjectQuery | undefined;
}[] | undefined;
permission: string;
}[] | undefined, any>;
readonly is_default: {
default?: any;
enum?: (readonly any[] | any[]) | undefined;
const?: any;
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
readonly implicit_allow: {
default?: any;
enum?: (readonly any[] | any[]) | undefined;
const?: any;
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
}, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
additionalProperties: false;
}>>, {
readonly default: {};
}>>) => import("jsonv-ts/mcp").Tool<any, any, any>[];
} & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, {
[x: string]: {
permissions?: string[] | {
effect?: "allow" | "deny" | undefined;
policies?: {
description?: string | undefined;
filter?: import("../core/object/query/object-query").ObjectQuery | undefined;
effect?: "filter" | "allow" | "deny" | undefined;
condition?: import("../core/object/query/object-query").ObjectQuery | undefined;
}[] | undefined;
permission: string;
}[] | undefined;
is_default?: boolean | undefined;
implicit_allow?: boolean | undefined;
};
} | undefined, {
[x: string]: {
permissions?: any;
is_default?: boolean | undefined;
implicit_allow?: boolean | undefined;
};
} | undefined>;
}, {
readonly title: "Authentication";
}> & {
readonly title: "Authentication";
};
getGuardContextSchema(): {
type: string;
properties: {
user: {
type: string;
properties: Pick<any, string | number | symbol>;
};
};
};
get authenticator(): Authenticator;
get em(): EntityManager;
getUsersEntity(forceCreate?: boolean): Entity<"users", typeof AppAuth.usersFields>;
static usersFields: {
email: import("../data/fields").TextField<true>;
strategy: import("../data/fields").TextField<true>;
strategy_value: import("../data/fields").TextField<true>;
role: import("../data/fields").TextField<false> & {
required: () => import("../data/fields").TextField<true>;
};
};
registerEntities(): void;
createUser({ email, password, role, ...additional }: CreateUserPayload): Promise<DB["users"]>;
changePassword(userId: PrimaryFieldType, newPassword: string): Promise<boolean>;
toJSON(secrets?: boolean): AppAuthSchema;
}