Nodarx/server
1
0
Fork 0
Code Issues 1 Pull Requests 2 Actions Projects Releases Activity
Files
67f261e9ab2a5405146136465c9c7bbb520d190d
server/core/src/services/authenticationService.ts
Sebastian Krupinski 99fa707eb3
All checks were successful
Build Test / build (pull_request) Successful in 43s
Details
JS Unit Tests / test (pull_request) Successful in 41s
Details
PHP Unit Tests / test (pull_request) Successful in 49s
Details
feat: improve authentication 
Signed-off-by: Sebastian Krupinski <krupinski01@gmail.com>
2026-02-19 23:03:09 -05:00

101 lines
2.6 KiB
TypeScript
Raw Blame History

import type { ChallengeResponse, IdentifyResponse, RedirectResponse, SessionStatus, StartResponse, VerifyResponse } from '@KTXC/types/authenticationTypes';
import { fetchWrapper } from '@KTXC/utils/helpers/fetch-wrapper';
export const authenticationService = {
/**
* Initialize authentication - get session and available methods
*/
async start(): Promise<StartResponse> {
return fetchWrapper.get('/auth/start');
},
/**
* Identify user - stores identity in session for identity-first flow
* Returns tenant-wide methods (no user-specific filtering to prevent enumeration)
*
* @param session - Session ID from start
* @param identity - User identity (email/username)
*/
async identify(session: string, identity: string): Promise<IdentifyResponse> {
return fetchWrapper.post('/auth/identify', {
session,
identity,
});
},
/**
* Verify a factor (primary or secondary)
*
* @param session - Session ID from init
* @param method - Provider/method ID (e.g., 'default', 'totp')
* @param response - User's response (password, code, etc.)
* @param identity - User identity for credential-based auth (email/username)
*/
async verify(
session: string,
method: string,
response: string,
identity?: string
): Promise<VerifyResponse> {
return fetchWrapper.post('/auth/verify', {
session,
method,
response,
...(identity && { identity }),
});
},
/**
* Begin redirect-based authentication (OIDC/SAML)
*/
async beginRedirect(
session: string,
method: string,
returnUrl: string = '/'
): Promise<RedirectResponse> {
return fetchWrapper.post('/auth/redirect', {
session,
method,
return_url: returnUrl,
});
},
/**
* Start a challenge for methods that require it (SMS, email, TOTP)
*/
async beginChallenge(session: string, method: string): Promise<ChallengeResponse> {
return fetchWrapper.post('/auth/challenge', {
session,
method,
});
},
/**
* Get current session status
*/
async getStatus(session: string): Promise<SessionStatus> {
return fetchWrapper.get(`/auth/status?session=${encodeURIComponent(session)}`);
},
/**
* Cancel authentication session
*/
async cancelSession(session: string): Promise<void> {
await fetchWrapper.delete(`/auth/session?session=${encodeURIComponent(session)}`);
},
/**
* Refresh access token
*/
async refresh(): Promise<void> {
await fetchWrapper.post('/auth/refresh', {});
},
/**
* Logout
*/
async logout(): Promise<void> {
await fetchWrapper.post('/auth/logout', {});
},
};
Reference in New Issue View Git Blame Copy Permalink