UNPKG

bknd

Version:

Lightweight Firebase/Supabase alternative built to run anywhere — incl. Next.js, React Router, Astro, Cloudflare, Bun, Node, AWS Lambda & more.

584 lines (583 loc) 33.8 kB
import type { DB, PrimaryFieldType } from ".."; import type { AuthStrategy } from "../auth/authenticate/strategies/Strategy"; import type { Entity, EntityManager } from "../data/entities"; import { type FieldSchema } from "../data/prototype"; import { Module } from "../modules/Module"; import { AuthController } from "./api/AuthController"; import { type AppAuthSchema } from "./auth-schema"; import type { AppEntity } from "../core/config"; import { Authenticator } from "./authenticate/Authenticator"; export type UsersFields = typeof AppAuth.usersFields; export type UserFieldSchema = FieldSchema<typeof AppAuth.usersFields>; declare module ".." { interface Users extends AppEntity, UserFieldSchema { } interface DB { users: Users; } } export type CreateUserPayload = { email: string; password: string; [key: string]: any; }; export declare class AppAuth extends Module<AppAuthSchema> { private _authenticator?; cache: Record<string, any>; _controller: AuthController; onBeforeUpdate(from: AppAuthSchema, to: AppAuthSchema): Promise<{ [x: string]: unknown; allow_register?: boolean | undefined; default_role_register?: string | undefined; guard?: { [x: string]: unknown; enabled?: boolean | undefined; } | undefined; roles?: { [x: string]: { permissions?: string[] | { effect?: "allow" | "deny" | undefined; policies?: { description?: string | undefined; filter?: import("../core/object/query/object-query").ObjectQuery | undefined; effect?: "filter" | "allow" | "deny" | undefined; condition?: import("../core/object/query/object-query").ObjectQuery | undefined; }[] | undefined; permission: string; }[] | undefined; is_default?: boolean | undefined; implicit_allow?: boolean | undefined; }; } | undefined; enabled: boolean; basepath: string; entity_name: string; strategies: { [x: string]: { enabled?: boolean | undefined; type: "password" | "oauth" | "custom_oauth"; config: { minLength?: number | undefined; rounds?: number | undefined; hashing: "plain" | "sha256" | "bcrypt"; } | { [x: string]: unknown; name: "google" | "github"; type: "oidc" | "oauth2"; client: { client_id: string; client_secret: string; }; } | { name: string; type: "oidc" | "oauth2"; client: { [x: string]: unknown; client_id: string; client_secret: string; token_endpoint_auth_method: "client_secret_basic"; }; as: { code_challenge_methods_supported?: "S256" | undefined; scopes_supported?: string[] | undefined; scope_separator?: string | undefined; authorization_endpoint?: string | undefined; token_endpoint?: string | undefined; userinfo_endpoint?: string | undefined; issuer: string; }; }; }; }; jwt: { alg?: "HS256" | "HS384" | "HS512" | undefined; expires?: number | undefined; issuer?: string | undefined; secret: string; fields: string[]; }; cookie: { path?: string | undefined; expires?: number | undefined; domain?: string | undefined; sameSite?: "strict" | "lax" | "none" | undefined; secure?: boolean | undefined; httpOnly?: boolean | undefined; partitioned?: boolean | undefined; renew?: boolean | undefined; pathSuccess?: string | undefined; pathLoggedOut?: string | undefined; }; }>; get enabled(): boolean; build(): Promise<void>; isStrategyEnabled(strategy: AuthStrategy | string): boolean; get controller(): AuthController; getSchema(): import("../modules/mcp").ObjectToolSchema<{ readonly enabled: import("jsonv-ts").Schema<{ readonly default: false; }, boolean, boolean> & { readonly default: false; }; readonly basepath: import("jsonv-ts").StringSchema<{ readonly default: "/api/auth"; }> & { readonly default: "/api/auth"; }; readonly entity_name: import("jsonv-ts").StringSchema<{ readonly default: "users"; }> & { readonly default: "users"; }; readonly allow_register: { readonly default: true; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>; readonly default_role_register: { default?: any; maxLength?: number | undefined; minLength?: number | undefined; pattern?: (string | RegExp) | undefined; format?: string | undefined; enum?: (readonly any[] | any[]) | undefined; const?: any; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>; readonly jwt: import("jsonv-ts").ObjectSchema<{ readonly secret: import("bknd/utils").SecretSchema<{ default: string; }> & { default: string; }; readonly alg: { readonly default: "HS256"; readonly enum: ["HS256", "HS384", "HS512"]; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "HS256" | "HS384" | "HS512" | undefined, "HS256" | "HS384" | "HS512" | undefined>; readonly expires: { default?: any; enum?: (readonly any[] | any[]) | undefined; const?: any; multipleOf?: number | undefined; maximum?: number | undefined; exclusiveMaximum?: number | undefined; minimum?: number | undefined; exclusiveMinimum?: number | undefined; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, number | undefined, number | undefined>; readonly issuer: { default?: any; maxLength?: number | undefined; minLength?: number | undefined; pattern?: (string | RegExp) | undefined; format?: string | undefined; enum?: (readonly any[] | any[]) | undefined; const?: any; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>; readonly fields: import("jsonv-ts").ArraySchema<import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions, { readonly default: readonly ["id", "email", "role"]; }> & { readonly default: readonly ["id", "email", "role"]; }; }, import("jsonv-ts").Merge<{ readonly default: {}; } & { additionalProperties: false; }>>; readonly cookie: import("jsonv-ts").ObjectSchema<{ readonly domain: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>; readonly path: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>; readonly sameSite: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "strict" | "lax" | "none" | undefined, "strict" | "lax" | "none" | undefined>; readonly secure: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>; readonly httpOnly: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>; readonly expires: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, number | undefined, number | undefined>; readonly partitioned: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>; readonly renew: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>; readonly pathSuccess: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>; readonly pathLoggedOut: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>; }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & { additionalProperties: false; }>>; readonly strategies: import("../modules/mcp").RecordToolSchema<import("jsonv-ts").Schema<import("jsonv-ts").IUnionOptions, { enabled?: boolean | undefined; type: "password" | "oauth" | "custom_oauth"; config: { minLength?: number | undefined; rounds?: number | undefined; hashing: "plain" | "sha256" | "bcrypt"; } | { [x: string]: unknown; name: "google" | "github"; type: "oidc" | "oauth2"; client: { client_id: string; client_secret: string; }; } | { name: string; type: "oidc" | "oauth2"; client: { [x: string]: unknown; client_id: string; client_secret: string; token_endpoint_auth_method: "client_secret_basic"; }; as: { code_challenge_methods_supported?: "S256" | undefined; scopes_supported?: string[] | undefined; scope_separator?: string | undefined; authorization_endpoint?: string | undefined; token_endpoint?: string | undefined; userinfo_endpoint?: string | undefined; issuer: string; }; }; }, never> & import("jsonv-ts").Merge<import("jsonv-ts").IUnionOptions & { anyOf: import("jsonv-ts").ObjectSchema<{ readonly enabled: { readonly default: true; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>; readonly type: import("jsonv-ts").Schema<import("jsonv-ts").ILiteralOptions, "password" | "oauth" | "custom_oauth", "password" | "oauth" | "custom_oauth"> & import("jsonv-ts").Merge<import("jsonv-ts").ILiteralOptions & { const: "password" | "oauth" | "custom_oauth"; }>; readonly config: import("jsonv-ts").ObjectSchema<{ readonly hashing: import("jsonv-ts").StringSchema<{ readonly enum: readonly ["plain", "sha256", "bcrypt"]; readonly default: "sha256"; }> & { readonly enum: readonly ["plain", "sha256", "bcrypt"]; readonly default: "sha256"; }; readonly rounds: { readonly maximum: 10; readonly minimum: 1; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, number | undefined, number | undefined>; readonly minLength: { readonly default: 8; readonly minimum: 1; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, number | undefined, number | undefined>; }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & { additionalProperties: false; }>> | (import("jsonv-ts").ObjectSchema<{ readonly name: import("jsonv-ts").StringSchema<{ readonly enum: ("google" | "github")[]; }> & { readonly enum: ("google" | "github")[]; }; readonly type: import("jsonv-ts").StringSchema<{ readonly enum: readonly ["oidc", "oauth2"]; readonly default: "oauth2"; }> & { readonly enum: readonly ["oidc", "oauth2"]; readonly default: "oauth2"; }; readonly client: import("jsonv-ts").ObjectSchema<{ readonly client_id: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions; readonly client_secret: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions; }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & { additionalProperties: false; }>>; }, { readonly title: "OAuth"; }> & { readonly title: "OAuth"; }) | import("jsonv-ts").ObjectSchema<{ readonly type: import("jsonv-ts").StringSchema<{ readonly enum: readonly ["oidc", "oauth2"]; readonly default: "oidc"; }> & { readonly enum: readonly ["oidc", "oauth2"]; readonly default: "oidc"; }; readonly name: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions; readonly client: import("jsonv-ts").ObjectSchema<{ readonly client_id: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions; readonly client_secret: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions; readonly token_endpoint_auth_method: import("jsonv-ts").StringSchema<{ readonly enum: readonly ["client_secret_basic"]; }> & { readonly enum: readonly ["client_secret_basic"]; }; }, import("jsonv-ts").IObjectOptions> & import("jsonv-ts").IObjectOptions; readonly as: import("jsonv-ts").ObjectSchema<{ readonly issuer: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions; readonly code_challenge_methods_supported: { readonly enum: ["S256"]; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "S256" | undefined, "S256" | undefined>; readonly scopes_supported: { default?: any; enum?: (readonly any[] | any[]) | undefined; const?: any; $defs?: Record<string, import("jsonv-ts").Schema> | undefined; contains?: import("jsonv-ts").Schema | undefined; minContains?: number | undefined; maxContains?: number | undefined; prefixItems?: import("jsonv-ts").Schema[] | undefined; uniqueItems?: boolean | undefined; maxItems?: number | undefined; minItems?: number | undefined; readonly items?: (import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions) | undefined; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string[] | undefined, string[] | undefined>; readonly scope_separator: { readonly default: " "; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>; readonly authorization_endpoint: { readonly pattern: "^(https?|wss?)://[^\\s/$.?#].[^\\s]*$"; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>; readonly token_endpoint: { readonly pattern: "^(https?|wss?)://[^\\s/$.?#].[^\\s]*$"; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>; readonly userinfo_endpoint: { readonly pattern: "^(https?|wss?)://[^\\s/$.?#].[^\\s]*$"; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>; }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & { additionalProperties: false; }>>; }, import("jsonv-ts").Merge<{ readonly title: "Custom OAuth"; } & { additionalProperties: false; }>>; }, import("jsonv-ts").Merge<{ readonly title: "password" | "oauth" | "custom_oauth"; } & { additionalProperties: false; }>>[]; }>, { readonly title: "Strategies"; readonly default: { readonly password: { readonly type: "password"; readonly enabled: true; readonly config: { readonly hashing: "sha256"; }; }; }; }>; readonly guard: { default?: any; enum?: (readonly any[] | any[]) | undefined; const?: any; $defs?: Record<string, import("jsonv-ts").Schema> | undefined; patternProperties?: Record<string, import("jsonv-ts").Schema> | undefined; additionalProperties?: (import("jsonv-ts").Schema | false) | undefined; minProperties?: number | undefined; maxProperties?: number | undefined; propertyNames?: import("jsonv-ts").Schema | undefined; properties: { readonly enabled: { readonly default: false; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>; }; required: string[] | undefined; strict: () => import("jsonv-ts").ObjectSchema<{ readonly enabled: { readonly default: false; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>; }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & { additionalProperties: false; }>>; partial: () => import("jsonv-ts").ObjectSchema<{ readonly enabled: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>; }, import("jsonv-ts").IObjectOptions>; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, { [x: string]: unknown; enabled?: boolean | undefined; } | undefined, { [x: string]: unknown; enabled?: boolean | undefined; } | undefined>; readonly roles: { additionalProperties: import("jsonv-ts").ObjectSchema<{ readonly permissions: { default?: any; enum?: (readonly any[] | any[]) | undefined; const?: any; anyOf: [import("jsonv-ts").ArraySchema<import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions, import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>> & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>, import("jsonv-ts").ArraySchema<import("jsonv-ts").ObjectSchema<{ readonly permission: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions; readonly effect: { readonly default: "allow"; readonly enum: ["allow", "deny"]; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "allow" | "deny" | undefined, "allow" | "deny" | undefined>; readonly policies: { default?: any; enum?: (readonly any[] | any[]) | undefined; const?: any; $defs?: Record<string, import("jsonv-ts").Schema> | undefined; contains?: import("jsonv-ts").Schema | undefined; minContains?: number | undefined; maxContains?: number | undefined; prefixItems?: import("jsonv-ts").Schema[] | undefined; uniqueItems?: boolean | undefined; maxItems?: number | undefined; minItems?: number | undefined; readonly items?: import("jsonv-ts").ObjectSchema<{ readonly description: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>; readonly condition: import("jsonv-ts").Schema<{}, import("../core/object/query/object-query").ObjectQuery | undefined>; readonly effect: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "filter" | "allow" | "deny" | undefined, "filter" | "allow" | "deny" | undefined>; readonly filter: import("jsonv-ts").Schema<{}, import("../core/object/query/object-query").ObjectQuery | undefined>; }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & { additionalProperties: false; }>> | undefined; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, { description?: string | undefined; filter?: import("../core/object/query/object-query").ObjectQuery | undefined; effect?: "filter" | "allow" | "deny" | undefined; condition?: import("../core/object/query/object-query").ObjectQuery | undefined; }[] | undefined, { description?: string | undefined; filter?: import("../core/object/query/object-query").ObjectQuery | undefined; effect?: "filter" | "allow" | "deny" | undefined; condition?: import("../core/object/query/object-query").ObjectQuery | undefined; }[] | undefined>; }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & { additionalProperties: false; }>>, import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>> & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>]; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string[] | { effect?: "allow" | "deny" | undefined; policies?: { description?: string | undefined; filter?: import("../core/object/query/object-query").ObjectQuery | undefined; effect?: "filter" | "allow" | "deny" | undefined; condition?: import("../core/object/query/object-query").ObjectQuery | undefined; }[] | undefined; permission: string; }[] | undefined, any>; readonly is_default: { default?: any; enum?: (readonly any[] | any[]) | undefined; const?: any; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>; readonly implicit_allow: { default?: any; enum?: (readonly any[] | any[]) | undefined; const?: any; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>; }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & { additionalProperties: false; }>>; readonly mcp: import("../modules/mcp").McpSchemaHelper<{ get?: boolean; add?: boolean; update?: boolean; remove?: boolean; }>; getTools: (node: import("jsonv-ts").Node<import("../modules/mcp").RecordToolSchema<import("jsonv-ts").ObjectSchema<{ readonly permissions: { default?: any; enum?: (readonly any[] | any[]) | undefined; const?: any; anyOf: [import("jsonv-ts").ArraySchema<import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions, import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>> & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>, import("jsonv-ts").ArraySchema<import("jsonv-ts").ObjectSchema<{ readonly permission: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions; readonly effect: { readonly default: "allow"; readonly enum: ["allow", "deny"]; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "allow" | "deny" | undefined, "allow" | "deny" | undefined>; readonly policies: { default?: any; enum?: (readonly any[] | any[]) | undefined; const?: any; $defs?: Record<string, import("jsonv-ts").Schema> | undefined; contains?: import("jsonv-ts").Schema | undefined; minContains?: number | undefined; maxContains?: number | undefined; prefixItems?: import("jsonv-ts").Schema[] | undefined; uniqueItems?: boolean | undefined; maxItems?: number | undefined; minItems?: number | undefined; readonly items?: import("jsonv-ts").ObjectSchema<{ readonly description: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>; readonly condition: import("jsonv-ts").Schema<{}, import("../core/object/query/object-query").ObjectQuery | undefined>; readonly effect: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "filter" | "allow" | "deny" | undefined, "filter" | "allow" | "deny" | undefined>; readonly filter: import("jsonv-ts").Schema<{}, import("../core/object/query/object-query").ObjectQuery | undefined>; }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & { additionalProperties: false; }>> | undefined; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, { description?: string | undefined; filter?: import("../core/object/query/object-query").ObjectQuery | undefined; effect?: "filter" | "allow" | "deny" | undefined; condition?: import("../core/object/query/object-query").ObjectQuery | undefined; }[] | undefined, { description?: string | undefined; filter?: import("../core/object/query/object-query").ObjectQuery | undefined; effect?: "filter" | "allow" | "deny" | undefined; condition?: import("../core/object/query/object-query").ObjectQuery | undefined; }[] | undefined>; }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & { additionalProperties: false; }>>, import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>> & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>]; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string[] | { effect?: "allow" | "deny" | undefined; policies?: { description?: string | undefined; filter?: import("../core/object/query/object-query").ObjectQuery | undefined; effect?: "filter" | "allow" | "deny" | undefined; condition?: import("../core/object/query/object-query").ObjectQuery | undefined; }[] | undefined; permission: string; }[] | undefined, any>; readonly is_default: { default?: any; enum?: (readonly any[] | any[]) | undefined; const?: any; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>; readonly implicit_allow: { default?: any; enum?: (readonly any[] | any[]) | undefined; const?: any; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>; }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & { additionalProperties: false; }>>, { readonly default: {}; }>>) => import("jsonv-ts/mcp").Tool<any, any, any>[]; } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, { [x: string]: { permissions?: string[] | { effect?: "allow" | "deny" | undefined; policies?: { description?: string | undefined; filter?: import("../core/object/query/object-query").ObjectQuery | undefined; effect?: "filter" | "allow" | "deny" | undefined; condition?: import("../core/object/query/object-query").ObjectQuery | undefined; }[] | undefined; permission: string; }[] | undefined; is_default?: boolean | undefined; implicit_allow?: boolean | undefined; }; } | undefined, { [x: string]: { permissions?: any; is_default?: boolean | undefined; implicit_allow?: boolean | undefined; }; } | undefined>; }, { readonly title: "Authentication"; }> & { readonly title: "Authentication"; }; getGuardContextSchema(): { type: string; properties: { user: { type: string; properties: Pick<any, string | number | symbol>; }; }; }; get authenticator(): Authenticator; get em(): EntityManager; getUsersEntity(forceCreate?: boolean): Entity<"users", typeof AppAuth.usersFields>; static usersFields: { email: import("../data/fields").TextField<true>; strategy: import("../data/fields").TextField<true>; strategy_value: import("../data/fields").TextField<true>; role: import("../data/fields").TextField<false> & { required: () => import("../data/fields").TextField<true>; }; }; registerEntities(): void; createUser({ email, password, role, ...additional }: CreateUserPayload): Promise<DB["users"]>; changePassword(userId: PrimaryFieldType, newPassword: string): Promise<boolean>; toJSON(secrets?: boolean): AppAuthSchema; }