stack.gallery/registry
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4d561b38748d697f61be01b36ed979d615eb122b
registry/ts/interfaces/auth.interfaces.ts

426 lines
10 KiB
TypeScript
Raw Normal View History

feat: implement account settings and API tokens management - Added SettingsComponent for user profile management, including display name and password change functionality. - Introduced TokensComponent for managing API tokens, including creation and revocation. - Created LayoutComponent for consistent application layout with navigation and user information. - Established main application structure in index.html and main.ts. - Integrated Tailwind CSS for styling and responsive design. - Configured TypeScript settings for strict type checking and module resolution.
2025-11-27 22:15:38 +00:00
/**
* Authentication and authorization interfaces
*/
// =============================================================================
// User Types
// =============================================================================
export type TUserStatus = 'active' | 'suspended' | 'pending_verification';
export interface IUser {
id: string;
email: string;
username: string;
passwordHash: string;
displayName: string;
avatarUrl?: string;
status: TUserStatus;
emailVerified: boolean;
mfaEnabled: boolean;
mfaSecret?: string;
lastLoginAt?: Date;
lastLoginIp?: string;
failedLoginAttempts: number;
lockedUntil?: Date;
isPlatformAdmin: boolean;
createdAt: Date;
updatedAt: Date;
}
// =============================================================================
// Organization Types
// =============================================================================
export type TOrganizationPlan = 'free' | 'team' | 'enterprise';
export type TOrganizationRole = 'owner' | 'admin' | 'member';
export interface IOrganizationSettings {
requireMfa: boolean;
allowPublicRepositories: boolean;
defaultRepositoryVisibility: TRepositoryVisibility;
allowedProtocols: TRegistryProtocol[];
}
export interface IOrganization {
id: string;
name: string; // URL-safe slug
displayName: string;
description?: string;
avatarUrl?: string;
Add unit tests for models and services - Implemented unit tests for the Package model, covering methods such as generateId, findById, findByName, and version management. - Created unit tests for the Repository model, including repository creation, name validation, and retrieval methods. - Added tests for the Session model, focusing on session creation, validation, and invalidation. - Developed unit tests for the User model, ensuring user creation, password hashing, and retrieval methods function correctly. - Implemented AuthService tests, validating login, token refresh, and session management. - Added TokenService tests, covering token creation, validation, and revocation processes.
2025-11-28 15:27:04 +00:00
website?: string;
isPublic: boolean;
memberCount: number;
feat: implement account settings and API tokens management - Added SettingsComponent for user profile management, including display name and password change functionality. - Introduced TokensComponent for managing API tokens, including creation and revocation. - Created LayoutComponent for consistent application layout with navigation and user information. - Established main application structure in index.html and main.ts. - Integrated Tailwind CSS for styling and responsive design. - Configured TypeScript settings for strict type checking and module resolution.
2025-11-27 22:15:38 +00:00
plan: TOrganizationPlan;
settings: IOrganizationSettings;
billingEmail?: string;
isVerified: boolean;
verifiedDomains: string[];
storageQuotaBytes: number;
usedStorageBytes: number;
createdAt: Date;
updatedAt: Date;
createdById: string;
}
export interface IOrganizationMember {
id: string;
organizationId: string;
userId: string;
role: TOrganizationRole;
invitedBy?: string;
joinedAt: Date;
createdAt: Date;
}
// =============================================================================
// Team Types
// =============================================================================
export type TTeamRole = 'maintainer' | 'member';
export interface ITeam {
id: string;
organizationId: string;
name: string;
description?: string;
isDefaultTeam: boolean;
createdAt: Date;
updatedAt: Date;
}
export interface ITeamMember {
id: string;
teamId: string;
userId: string;
role: TTeamRole;
createdAt: Date;
}
// =============================================================================
// Repository Types
// =============================================================================
export type TRepositoryVisibility = 'public' | 'private' | 'internal';
export type TRepositoryRole = 'admin' | 'maintainer' | 'developer' | 'reader';
export type TRegistryProtocol = 'oci' | 'npm' | 'maven' | 'cargo' | 'composer' | 'pypi' | 'rubygems';
export interface IRepository {
id: string;
organizationId: string;
name: string;
description?: string;
protocol: TRegistryProtocol;
visibility: TRepositoryVisibility;
storageNamespace: string;
downloadCount: number;
starCount: number;
createdAt: Date;
updatedAt: Date;
createdById: string;
}
export interface IRepositoryPermission {
id: string;
repositoryId: string;
teamId?: string;
userId?: string;
role: TRepositoryRole;
createdAt: Date;
grantedById: string;
}
// =============================================================================
// Token Types
// =============================================================================
export interface ITokenScope {
protocol: TRegistryProtocol | '*';
organizationId?: string;
repositoryId?: string;
actions: TTokenAction[];
}
export type TTokenAction = 'read' | 'write' | 'delete' | '*';
export interface IApiToken {
id: string;
userId: string;
feat(tokens): Add support for organization-owned API tokens and org-level token management
2025-11-28 12:57:17 +00:00
organizationId?: string; // For org-owned tokens
createdById?: string; // Who created the token (for audit)
feat: implement account settings and API tokens management - Added SettingsComponent for user profile management, including display name and password change functionality. - Introduced TokensComponent for managing API tokens, including creation and revocation. - Created LayoutComponent for consistent application layout with navigation and user information. - Established main application structure in index.html and main.ts. - Integrated Tailwind CSS for styling and responsive design. - Configured TypeScript settings for strict type checking and module resolution.
2025-11-27 22:15:38 +00:00
name: string;
tokenHash: string;
tokenPrefix: string;
protocols: TRegistryProtocol[];
scopes: ITokenScope[];
expiresAt?: Date;
lastUsedAt?: Date;
lastUsedIp?: string;
usageCount: number;
isRevoked: boolean;
revokedAt?: Date;
revokedReason?: string;
createdAt: Date;
createdIp?: string;
}
// =============================================================================
// Session Types
// =============================================================================
export interface ISession {
id: string;
userId: string;
userAgent: string;
ipAddress: string;
isValid: boolean;
invalidatedAt?: Date;
invalidatedReason?: string;
lastActivityAt: Date;
createdAt: Date;
}
// =============================================================================
// JWT Types
// =============================================================================
export interface IJwtPayload {
sub: string; // User ID
iss: string; // Issuer
aud: string; // Audience
exp: number; // Expiration
iat: number; // Issued at
nbf: number; // Not before
type: 'access' | 'refresh';
email: string;
username: string;
orgs: Array<{
id: string;
name: string;
role: TOrganizationRole;
}>;
sessionId: string;
}
// =============================================================================
// Auth Results
// =============================================================================
export interface IAuthResult {
accessToken: string;
refreshToken: string;
expiresIn: number;
user: IUser;
}
export interface IValidatedToken {
tokenId: string;
userId: string;
username: string;
protocols: TRegistryProtocol[];
scopes: ITokenScope[];
}
export interface IAuthorizationResult {
authorized: boolean;
reason?: string;
userId?: string;
}
// =============================================================================
// Permission Types
// =============================================================================
export type TPermissionAction =
| 'repo:read'
| 'repo:write'
| 'repo:delete'
| 'repo:admin'
| 'team:read'
| 'team:write'
| 'team:admin'
| 'org:read'
| 'org:write'
| 'org:admin'
| 'token:create'
| 'token:revoke';
export interface IResource {
type: 'repository' | 'organization' | 'team' | 'user';
id: string;
}
// =============================================================================
// Create/Update DTOs
// =============================================================================
export interface ICreateUserDto {
email: string;
username: string;
password: string;
displayName?: string;
}
export interface ICreateOrganizationDto {
name: string;
displayName: string;
description?: string;
}
export interface ICreateTeamDto {
name: string;
description?: string;
}
export interface ICreateRepositoryDto {
name: string;
description?: string;
protocol: TRegistryProtocol;
visibility?: TRepositoryVisibility;
}
export interface ICreateTokenDto {
name: string;
feat(tokens): Add support for organization-owned API tokens and org-level token management
2025-11-28 12:57:17 +00:00
organizationId?: string; // For org-owned tokens
feat: implement account settings and API tokens management - Added SettingsComponent for user profile management, including display name and password change functionality. - Introduced TokensComponent for managing API tokens, including creation and revocation. - Created LayoutComponent for consistent application layout with navigation and user information. - Established main application structure in index.html and main.ts. - Integrated Tailwind CSS for styling and responsive design. - Configured TypeScript settings for strict type checking and module resolution.
2025-11-27 22:15:38 +00:00
protocols: TRegistryProtocol[];
scopes: ITokenScope[];
expiresAt?: Date;
}
feat(auth): Add external authentication (OAuth/OIDC & LDAP) with admin management, UI, and encryption support
2025-12-03 22:09:35 +00:00
// =============================================================================
// External Authentication Types
// =============================================================================
export type TAuthProviderType = 'oidc' | 'ldap';
export type TAuthProviderStatus = 'active' | 'disabled' | 'testing';
export interface IOAuthConfig {
clientId: string;
clientSecretEncrypted: string; // AES-256-GCM encrypted
issuer: string; // OIDC issuer URL (used for discovery)
authorizationUrl?: string; // Override discovery
tokenUrl?: string; // Override discovery
userInfoUrl?: string; // Override discovery
scopes: string[];
callbackUrl: string;
}
export interface ILdapConfig {
serverUrl: string; // ldap:// or ldaps://
bindDn: string;
bindPasswordEncrypted: string; // AES-256-GCM encrypted
baseDn: string;
userSearchFilter: string; // e.g., "(uid={{username}})" or "(sAMAccountName={{username}})"
tlsEnabled: boolean;
tlsCaCert?: string;
}
export interface IAttributeMapping {
email: string;
username: string;
displayName: string;
avatarUrl?: string;
groups?: string;
}
export interface IProvisioningSettings {
jitEnabled: boolean; // Create user on first login
autoLinkByEmail: boolean; // Link to existing user by email match
allowedEmailDomains?: string[]; // Restrict to specific domains
}
export interface IAuthProvider {
id: string;
name: string;
displayName: string;
type: TAuthProviderType;
status: TAuthProviderStatus;
priority: number;
oauthConfig?: IOAuthConfig;
ldapConfig?: ILdapConfig;
attributeMapping: IAttributeMapping;
provisioning: IProvisioningSettings;
createdAt: Date;
updatedAt: Date;
createdById: string;
lastTestedAt?: Date;
lastTestResult?: 'success' | 'failure';
lastTestError?: string;
}
export interface IExternalIdentity {
id: string;
userId: string;
providerId: string;
externalId: string;
externalEmail?: string;
externalUsername?: string;
rawAttributes?: Record<string, unknown>;
lastLoginAt?: Date;
createdAt: Date;
}
export interface IPlatformAuthSettings {
localAuthEnabled: boolean;
allowUserRegistration: boolean;
sessionDurationMinutes: number;
defaultProviderId?: string;
}
export interface IPlatformSettings {
id: string;
auth: IPlatformAuthSettings;
updatedAt: Date;
updatedById?: string;
}
// External auth flow types
export interface IExternalUserInfo {
externalId: string;
email: string;
username?: string;
displayName?: string;
avatarUrl?: string;
groups?: string[];
rawAttributes: Record<string, unknown>;
}
export interface IConnectionTestResult {
success: boolean;
latencyMs: number;
serverInfo?: Record<string, unknown>;
error?: string;
}
export interface IExternalAuthResult {
success: boolean;
user?: IUser;
accessToken?: string;
refreshToken?: string;
sessionId?: string;
isNewUser?: boolean;
errorCode?: string;
errorMessage?: string;
}
// Admin DTOs
export interface ICreateAuthProviderDto {
name: string;
displayName: string;
type: TAuthProviderType;
oauthConfig?: IOAuthConfig;
ldapConfig?: ILdapConfig;
attributeMapping?: IAttributeMapping;
provisioning?: IProvisioningSettings;
}
export interface IUpdateAuthProviderDto {
displayName?: string;
status?: TAuthProviderStatus;
priority?: number;
oauthConfig?: Partial<IOAuthConfig>;
ldapConfig?: Partial<ILdapConfig>;
attributeMapping?: Partial<IAttributeMapping>;
provisioning?: Partial<IProvisioningSettings>;
}
Reference in New Issue Copy Permalink