UNPKG

svelte-guardian

Version:

Batteries included authentication for SvelteKit applications.

github.com/mudiageo/svelte-guardian

mudiageo/svelte-guardian

101 lines (100 loc) 3.06 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
import type { User } from './user'; import type { LoggerConfig } from '../core/logger'; import type { DatabaseConfig } from './database'; import type { RateLimitingConfig } from '../features/rate-limiting'; import type { EmailProviderConfig } from '../email/types'; export interface ProviderConfig { enabled?: boolean; clientId?: string; clientSecret?: string; } export interface EmailVerificationOptions { method: 'otp' | 'link'; otpLength?: number; otpExpiration?: number; tokenExpiration?: number; enabled?: boolean; } export interface PasswordResetOptions { tokenExpiration?: number; } export interface TwoFactorAuthOptions { method: 'totp' | 'sms' | 'email'; allowBackupCodes?: boolean; backupCodeCount?: number; } export interface SecurityConfig { level?: 'strict' | 'moderate' | 'relaxed'; maxLoginAttempts?: number; lockoutDuration?: number; emailVerification?: EmailVerificationOptions; passwordReset?: PasswordResetOptions; twoFactorAuth?: TwoFactorAuthOptions; emailProvider?: EmailProviderConfig; rateLimiting: RateLimitingConfig; routeProtection?: { protectedRoutes?: { [route: string]: { allowedRoles?: string[]; authenticated?: boolean; redirectPath?: string; }; }; publicRoutes?: { [route: string]: { redirectPath?: string; }; }; redirectPath?: string; authenticatedRedirect?: string; roleKey?: string; }; passwordPolicy?: { minLength?: number; maxLength?: number; requireUppercase?: boolean | number; requireLowercase?: boolean | number; requireNumbers?: boolean | number; requireSpecialChars?: boolean | number; specialChars?: string; }; } export interface EventHandlers { onSignIn?: (user: User) => Promise<void>; onRegistration?: (user: User) => Promise<void>; onPasswordReset?: (user: User) => Promise<void>; onEmailVerification?: (user: User) => void; onTwoFactorSetup?: (user: User) => void; } export interface GuardianAuthConfig { database?: DatabaseConfig; providers: { google?: ProviderConfig; github?: ProviderConfig; credentials?: ProviderConfig & { passwordless?: boolean; additionalUserFields?: string[]; allowRegistration?: boolean; requireEmailVerification?: boolean; }; }; security: SecurityConfig; events?: EventHandlers; logging?: LoggerConfig; pages?: { signIn?: string; signOut?: string; error?: string; verifyRequest?: string; newUser?: string; }; advanced?: { sessionStrategy?: 'jwt' | 'database'; tokenEncryption?: boolean; rateLimiting?: { enabled: boolean; requestsPerMinute?: number; }; }; } export declare const DefaultGuardianAuthConfig: GuardianAuthConfig;