packages/lib/constants/auth.ts

import { IdentityProvider, UserSecurityAuditLogType } from '@documenso/prisma/client';

export const SALT_ROUNDS = 12;

export const IDENTITY_PROVIDER_NAME: { [key in IdentityProvider]: string } = {
  [IdentityProvider.DOCUMENSO]: 'Documenso',
  [IdentityProvider.GOOGLE]: 'Google',
};

export const IS_GOOGLE_SSO_ENABLED = Boolean(
  process.env.NEXT_PRIVATE_GOOGLE_CLIENT_ID && process.env.NEXT_PRIVATE_GOOGLE_CLIENT_SECRET,
);

export const USER_SECURITY_AUDIT_LOG_MAP: { [key in UserSecurityAuditLogType]: string } = {
  [UserSecurityAuditLogType.ACCOUNT_SSO_LINK]: 'Linked account to SSO',
  [UserSecurityAuditLogType.ACCOUNT_PROFILE_UPDATE]: 'Profile updated',
  [UserSecurityAuditLogType.AUTH_2FA_DISABLE]: '2FA Disabled',
  [UserSecurityAuditLogType.AUTH_2FA_ENABLE]: '2FA Enabled',
  [UserSecurityAuditLogType.PASSKEY_CREATED]: 'Passkey created',
  [UserSecurityAuditLogType.PASSKEY_DELETED]: 'Passkey deleted',
  [UserSecurityAuditLogType.PASSKEY_UPDATED]: 'Passkey updated',
  [UserSecurityAuditLogType.PASSWORD_RESET]: 'Password reset',
  [UserSecurityAuditLogType.PASSWORD_UPDATE]: 'Password updated',
  [UserSecurityAuditLogType.SIGN_OUT]: 'Signed Out',
  [UserSecurityAuditLogType.SIGN_IN]: 'Signed In',
  [UserSecurityAuditLogType.SIGN_IN_FAIL]: 'Sign in attempt failed',
  [UserSecurityAuditLogType.SIGN_IN_PASSKEY_FAIL]: 'Passkey sign in failed',
  [UserSecurityAuditLogType.SIGN_IN_2FA_FAIL]: 'Sign in 2FA attempt failed',
};

/**
 * The duration to wait for a passkey to be verified in MS.
 */
export const PASSKEY_TIMEOUT = 60000;

/**
 * The maximum number of passkeys are user can have.
 */
export const MAXIMUM_PASSKEYS = 50;
feat: add user security audit logs 2024-01-30 17:31:27 +11:00			`import { IdentityProvider, UserSecurityAuditLogType } from '@documenso/prisma/client';`
fix: visibility of security fields using identityprovider (#709) fixes #690 2024-01-24 06:04:30 +05:30
wip: refresh design 2023-06-09 18:21:18 +10:00			`export const SALT_ROUNDS = 12;`
fix: add conditional rendering of OAuth providers (#736) Now google OAuth provider is not rendered if client id is not provided 2024-01-23 11:38:48 +05:30
fix: visibility of security fields using identityprovider (#709) fixes #690 2024-01-24 06:04:30 +05:30			`export const IDENTITY_PROVIDER_NAME: { [key in IdentityProvider]: string } = {`
			`[IdentityProvider.DOCUMENSO]: 'Documenso',`
			`[IdentityProvider.GOOGLE]: 'Google',`
			`};`

fix: add conditional rendering of OAuth providers (#736) Now google OAuth provider is not rendered if client id is not provided 2024-01-23 11:38:48 +05:30			`export const IS_GOOGLE_SSO_ENABLED = Boolean(`
			`process.env.NEXT_PRIVATE_GOOGLE_CLIENT_ID && process.env.NEXT_PRIVATE_GOOGLE_CLIENT_SECRET,`
			`);`
feat: add user security audit logs 2024-01-30 17:31:27 +11:00
			`export const USER_SECURITY_AUDIT_LOG_MAP: { [key in UserSecurityAuditLogType]: string } = {`
			`[UserSecurityAuditLogType.ACCOUNT_SSO_LINK]: 'Linked account to SSO',`
			`[UserSecurityAuditLogType.ACCOUNT_PROFILE_UPDATE]: 'Profile updated',`
			`[UserSecurityAuditLogType.AUTH_2FA_DISABLE]: '2FA Disabled',`
			`[UserSecurityAuditLogType.AUTH_2FA_ENABLE]: '2FA Enabled',`
feat: add passkeys (#989) ## Description Add support to login with passkeys. Passkeys can be added via the user security settings page. Note: Currently left out adding the type of authentication method for the 'user security audit logs' because we're using the `signIn` next-auth event which doesn't appear to provide the context. Will look into it at another time. ## Changes Made - Add passkeys to login - Add passkeys feature flag - Add page to manage passkeys - Add audit logs relating to passkeys - Updated prisma schema to support passkeys & anonymous verification tokens ## Testing Performed To be done. MacOS: - Safari ✅ - Chrome ✅ - Firefox ✅ Windows: - Chrome [Untested] - Firefox [Untested] Linux: - Chrome [Untested] - Firefox [Untested] iOS: - Safari ✅ ## Checklist <!--- Please check the boxes that apply to this pull request. --> <!--- You can add or remove items as needed. --> - [X] I have tested these changes locally and they work as expected. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Introduced Passkey authentication, including creation, sign-in, and management of passkeys. - Added a Passkeys section in Security Settings for managing user passkeys. - Implemented UI updates for Passkey authentication, including a new dialog for creating passkeys and a data table for managing them. - Enhanced security settings with server-side feature flags to conditionally display new security features. - Bug Fixes - Improved UI consistency in the Settings Security Activity Page. - Updated button styling in the 2FA Recovery Codes component for better visibility. - Refactor - Streamlined authentication options to include WebAuthn credentials provider. - Chores - Updated database schema to support passkeys and related functionality. - Added new audit log types for passkey-related activities. - Enhanced server-only authentication utilities for passkey registration and management. <!-- end of auto-generated comment: release notes by coderabbit.ai --> 2024-03-26 21:11:59 +08:00			`[UserSecurityAuditLogType.PASSKEY_CREATED]: 'Passkey created',`
			`[UserSecurityAuditLogType.PASSKEY_DELETED]: 'Passkey deleted',`
			`[UserSecurityAuditLogType.PASSKEY_UPDATED]: 'Passkey updated',`
feat: add user security audit logs 2024-01-30 17:31:27 +11:00			`[UserSecurityAuditLogType.PASSWORD_RESET]: 'Password reset',`
			`[UserSecurityAuditLogType.PASSWORD_UPDATE]: 'Password updated',`
			`[UserSecurityAuditLogType.SIGN_OUT]: 'Signed Out',`
feat: add auth fail logs 2024-01-31 12:27:40 +11:00			`[UserSecurityAuditLogType.SIGN_IN]: 'Signed In',`
			`[UserSecurityAuditLogType.SIGN_IN_FAIL]: 'Sign in attempt failed',`
feat: add passkeys (#989) ## Description Add support to login with passkeys. Passkeys can be added via the user security settings page. Note: Currently left out adding the type of authentication method for the 'user security audit logs' because we're using the `signIn` next-auth event which doesn't appear to provide the context. Will look into it at another time. ## Changes Made - Add passkeys to login - Add passkeys feature flag - Add page to manage passkeys - Add audit logs relating to passkeys - Updated prisma schema to support passkeys & anonymous verification tokens ## Testing Performed To be done. MacOS: - Safari ✅ - Chrome ✅ - Firefox ✅ Windows: - Chrome [Untested] - Firefox [Untested] Linux: - Chrome [Untested] - Firefox [Untested] iOS: - Safari ✅ ## Checklist <!--- Please check the boxes that apply to this pull request. --> <!--- You can add or remove items as needed. --> - [X] I have tested these changes locally and they work as expected. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Introduced Passkey authentication, including creation, sign-in, and management of passkeys. - Added a Passkeys section in Security Settings for managing user passkeys. - Implemented UI updates for Passkey authentication, including a new dialog for creating passkeys and a data table for managing them. - Enhanced security settings with server-side feature flags to conditionally display new security features. - Bug Fixes - Improved UI consistency in the Settings Security Activity Page. - Updated button styling in the 2FA Recovery Codes component for better visibility. - Refactor - Streamlined authentication options to include WebAuthn credentials provider. - Chores - Updated database schema to support passkeys and related functionality. - Added new audit log types for passkey-related activities. - Enhanced server-only authentication utilities for passkey registration and management. <!-- end of auto-generated comment: release notes by coderabbit.ai --> 2024-03-26 21:11:59 +08:00			`[UserSecurityAuditLogType.SIGN_IN_PASSKEY_FAIL]: 'Passkey sign in failed',`
feat: add auth fail logs 2024-01-31 12:27:40 +11:00			`[UserSecurityAuditLogType.SIGN_IN_2FA_FAIL]: 'Sign in 2FA attempt failed',`
feat: add user security audit logs 2024-01-30 17:31:27 +11:00			`};`
feat: add passkeys (#989) ## Description Add support to login with passkeys. Passkeys can be added via the user security settings page. Note: Currently left out adding the type of authentication method for the 'user security audit logs' because we're using the `signIn` next-auth event which doesn't appear to provide the context. Will look into it at another time. ## Changes Made - Add passkeys to login - Add passkeys feature flag - Add page to manage passkeys - Add audit logs relating to passkeys - Updated prisma schema to support passkeys & anonymous verification tokens ## Testing Performed To be done. MacOS: - Safari ✅ - Chrome ✅ - Firefox ✅ Windows: - Chrome [Untested] - Firefox [Untested] Linux: - Chrome [Untested] - Firefox [Untested] iOS: - Safari ✅ ## Checklist <!--- Please check the boxes that apply to this pull request. --> <!--- You can add or remove items as needed. --> - [X] I have tested these changes locally and they work as expected. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Introduced Passkey authentication, including creation, sign-in, and management of passkeys. - Added a Passkeys section in Security Settings for managing user passkeys. - Implemented UI updates for Passkey authentication, including a new dialog for creating passkeys and a data table for managing them. - Enhanced security settings with server-side feature flags to conditionally display new security features. - Bug Fixes - Improved UI consistency in the Settings Security Activity Page. - Updated button styling in the 2FA Recovery Codes component for better visibility. - Refactor - Streamlined authentication options to include WebAuthn credentials provider. - Chores - Updated database schema to support passkeys and related functionality. - Added new audit log types for passkey-related activities. - Enhanced server-only authentication utilities for passkey registration and management. <!-- end of auto-generated comment: release notes by coderabbit.ai --> 2024-03-26 21:11:59 +08:00
			`/**`
			`* The duration to wait for a passkey to be verified in MS.`
			`*/`
			`export const PASSKEY_TIMEOUT = 60000;`

			`/**`
			`* The maximum number of passkeys are user can have.`
			`*/`
			`export const MAXIMUM_PASSKEYS = 50;`