feat: make withAuthFinder mixin accept hash manager and make options optional

Author: thetutlage

package.json

@@ -51,8 +51,8 @@
     "quick:test": "cross-env NODE_DEBUG=\"adonisjs:auth:*\" node --enable-source-maps --import=@poppinss/ts-exec ./bin/test.js"
   },
   "devDependencies": {
-    "@adonisjs/assembler": "^8.0.0-next.9",
-    "@adonisjs/core": "^7.0.0-next.7",
+    "@adonisjs/assembler": "^8.0.0-next.14",
+    "@adonisjs/core": "^7.0.0-next.8",
     "@adonisjs/eslint-config": "^3.0.0-next.1",
     "@adonisjs/i18n": "^3.0.0-next.1",
     "@adonisjs/lucid": "^22.0.0-next.1",
@@ -71,7 +71,7 @@
     "@release-it/conventional-changelog": "^10.0.1",
     "@types/basic-auth": "^1.1.8",
     "@types/luxon": "^3.7.1",
-    "@types/node": "^24.8.1",
+    "@types/node": "^24.9.1",
     "@types/set-cookie-parser": "^2.4.10",
     "@types/sinon": "^17.0.4",
     "c8": "^10.1.3",
@@ -82,7 +82,7 @@
     "dotenv": "^17.2.3",
     "eslint": "^9.38.0",
     "luxon": "^3.7.2",
-    "mysql2": "^3.15.2",
+    "mysql2": "^3.15.3",
     "nock": "^14.0.10",
     "pg": "^8.16.3",
     "playwright": "^1.56.1",

src/mixins/lucid.ts

@@ -7,7 +7,7 @@
  * file that was distributed with this source code.
  */
 
-import type { Hash } from '@adonisjs/core/hash'
+import type { Hash, HashManager } from '@adonisjs/core/hash'
 import { RuntimeException } from '@adonisjs/core/exceptions'
 import { beforeSave, type BaseModel } from '@adonisjs/lucid/orm'
 import type { NormalizeConstructor } from '@adonisjs/core/types/helpers'
@@ -59,12 +59,15 @@ type UserWithUserFinderClass<
  * }
  */
 export function withAuthFinder(
-  hash: () => Hash,
-  options: {
-    uids: string[]
-    passwordColumnName: string
+  hash: (() => Hash) | HashManager<any>,
+  options?: {
+    uids?: string[]
+    passwordColumnName?: string
   }
 ) {
+  let normalizedOptions = { uids: ['email'], passwordColumnName: 'password', ...options }
+  let hashFactory = typeof hash === 'function' ? hash : () => hash.use()
+
   return function <Model extends NormalizeConstructor<typeof BaseModel>>(
     superclass: Model
   ): UserWithUserFinderClass<Model> {
@@ -83,9 +86,9 @@ export function withAuthFinder(
        */
       @beforeSave()
       static async hashPassword<T extends UserWithUserFinderClass>(this: T, user: InstanceType<T>) {
-        if (user.$dirty[options.passwordColumnName]) {
-          ;(user as any)[options.passwordColumnName] = await hash().make(
-            (user as any)[options.passwordColumnName]
+        if (user.$dirty[normalizedOptions.passwordColumnName]) {
+          ;(user as any)[normalizedOptions.passwordColumnName] = await hashFactory().make(
+            (user as any)[normalizedOptions.passwordColumnName]
           )
         }
       }
@@ -136,9 +139,9 @@ export function withAuthFinder(
           throw new E_INVALID_CREDENTIALS('Invalid user credentials')
         }
 
-        const user = await this.findForAuth(options.uids, uid)
+        const user = await this.findForAuth(normalizedOptions.uids, uid)
         if (!user) {
-          await hash().make(password)
+          await hashFactory().make(password)
           throw new E_INVALID_CREDENTIALS('Invalid user credentials')
         }
 
@@ -164,13 +167,13 @@ export function withAuthFinder(
        * }
        */
       verifyPassword(plainPassword: string): Promise<boolean> {
-        const passwordHash = (this as any)[options.passwordColumnName]
+        const passwordHash = (this as any)[normalizedOptions.passwordColumnName]
         if (!passwordHash) {
           throw new RuntimeException(
-            `Cannot verify password. The value for "${options.passwordColumnName}" column is undefined or null`
+            `Cannot verify password. The value for "${normalizedOptions.passwordColumnName}" column is undefined or null`
           )
         }
-        return hash().verify(passwordHash, plainPassword)
+        return hashFactory().verify(passwordHash, plainPassword)
       }
     }
 

tests/auth/mixins/with_auth_finder.spec.ts

@@ -12,8 +12,8 @@ import convertHrtime from 'convert-hrtime'
 import { compose } from '@adonisjs/core/helpers'
 import { BaseModel, column } from '@adonisjs/lucid/orm'
 
-import { createDatabase, createTables, getHasher } from '../../helpers.ts'
 import { withAuthFinder } from '../../../src/mixins/lucid.ts'
+import { createDatabase, createTables, getHasher, getHasherManager } from '../../helpers.ts'
 
 test.group('withAuthFinder | findForAuth', () => {
   test('find user for authentication using the mixin', async ({ assert, expectTypeOf }) => {
@@ -24,10 +24,7 @@ test.group('withAuthFinder | findForAuth', () => {
 
     class User extends compose(
       BaseModel,
-      withAuthFinder(() => hash, {
-        uids: ['email', 'username'],
-        passwordColumnName: 'password',
-      })
+      withAuthFinder(() => hash)
     ) {
       @column({ isPrimary: true })
       declare id: number
@@ -62,15 +59,9 @@ test.group('withAuthFinder | findForAuth', () => {
     const db = await createDatabase()
     await createTables(db)
 
-    const hash = getHasher()
+    const hash = getHasherManager()
 
-    class User extends compose(
-      BaseModel,
-      withAuthFinder(() => hash, {
-        uids: ['email', 'username'],
-        passwordColumnName: 'password',
-      })
-    ) {
+    class User extends compose(BaseModel, withAuthFinder(hash)) {
       @column({ isPrimary: true })
       declare id: number
 

tests/helpers.ts

@@ -10,7 +10,7 @@
 import { join } from 'node:path'
 import timekeeper from 'timekeeper'
 import { configDotenv } from 'dotenv'
-import { Hash } from '@adonisjs/core/hash'
+import { Hash, HashManager } from '@adonisjs/core/hash'
 import { mkdir, rm } from 'node:fs/promises'
 import { getActiveTest } from '@japa/runner'
 import { Emitter } from '@adonisjs/core/events'
@@ -35,6 +35,15 @@ export function getHasher() {
   return new Hash(new Scrypt({}))
 }
 
+export function getHasherManager() {
+  return new HashManager({
+    default: 'scrypt',
+    list: {
+      scrypt: () => getHasher(),
+    },
+  })
+}
+
 /**
  * Creates an instance of the database class for making queries
  */