@ackplus/nest-auth-contracts 1.1.68 → 1.1.69-beta.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +11 -2
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +166 -139
- package/dist/index.d.ts +166 -139
- package/dist/index.js +9 -1
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.cjs
CHANGED
|
@@ -20,7 +20,8 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
|
|
|
20
20
|
var index_exports = {};
|
|
21
21
|
__export(index_exports, {
|
|
22
22
|
NestAuthMFAMethodEnum: () => NestAuthMFAMethodEnum,
|
|
23
|
-
NestAuthOTPTypeEnum: () => NestAuthOTPTypeEnum
|
|
23
|
+
NestAuthOTPTypeEnum: () => NestAuthOTPTypeEnum,
|
|
24
|
+
TenantModeEnum: () => TenantModeEnum
|
|
24
25
|
});
|
|
25
26
|
module.exports = __toCommonJS(index_exports);
|
|
26
27
|
|
|
@@ -37,9 +38,17 @@ var NestAuthMFAMethodEnum = /* @__PURE__ */ ((NestAuthMFAMethodEnum2) => {
|
|
|
37
38
|
NestAuthMFAMethodEnum2["TOTP"] = "totp";
|
|
38
39
|
return NestAuthMFAMethodEnum2;
|
|
39
40
|
})(NestAuthMFAMethodEnum || {});
|
|
41
|
+
|
|
42
|
+
// src/config.ts
|
|
43
|
+
var TenantModeEnum = /* @__PURE__ */ ((TenantModeEnum2) => {
|
|
44
|
+
TenantModeEnum2["ISOLATED"] = "isolated";
|
|
45
|
+
TenantModeEnum2["SHARED"] = "shared";
|
|
46
|
+
return TenantModeEnum2;
|
|
47
|
+
})(TenantModeEnum || {});
|
|
40
48
|
// Annotate the CommonJS export names for ESM import in node:
|
|
41
49
|
0 && (module.exports = {
|
|
42
50
|
NestAuthMFAMethodEnum,
|
|
43
|
-
NestAuthOTPTypeEnum
|
|
51
|
+
NestAuthOTPTypeEnum,
|
|
52
|
+
TenantModeEnum
|
|
44
53
|
});
|
|
45
54
|
//# sourceMappingURL=index.cjs.map
|
package/dist/index.cjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/index.ts","../src/auth.ts"],"sourcesContent":["/**\n * @libs/auth-s - Shared authentication s\n */\n\n// Auth s (from auth.ts)\nexport {\n NestAuthMFAMethodEnum,\n NestAuthOTPTypeEnum,\n IEmailCredentials,\n IPhoneCredentials,\n ISocialCredentials,\n ILoginCredentials,\n ILoginRequest,\n ISignupRequest,\n IRefreshRequest,\n ITokenPair,\n IAuthResponse,\n IAuthUser,\n IAuthSession,\n IMessageResponse,\n IAuthCookieResponse,\n IAuthSuccessResponse,\n IUserResponse,\n ITokensResponse,\n // Entities\n INestAuthIdentity,\n INestAuthSession,\n INestAuthAccessKey,\n INestAuthOTP,\n} from './auth';\n\n// MFA (from mfa.ts)\nexport {\n IVerify2faRequest,\n IVerify2faResponse,\n ISendMfaCodeRequest,\n IToggleMfaRequest,\n IVerifyTotpSetupRequest,\n IMfaDevice,\n IMfaStatusResponse,\n IMfaCodeResponse,\n ITotpSetupResponse,\n // Entities\n INestAuthMFASecret,\n INestAuthTrustedDevice,\n} from './mfa';\n\n// Password\nexport {\n IForgotPasswordRequest,\n IResetPasswordWithTokenRequest,\n IChangePasswordRequest,\n IVerifyForgotPasswordOtpRequest,\n IVerifyOtpResponse,\n} from './password';\n\n// Verification\nexport {\n IVerifyEmailRequest,\n IResendVerificationRequest,\n ISendEmailVerificationRequest,\n ISessionVerifyResponse,\n} from './verification';\n\n// Admin\nexport {\n IInitializeAdminRequest,\n IInitializeAdminResponse,\n IAdminUser,\n} from './admin';\n\n// Config\nexport {\n IEmailAuthConfig,\n IPhoneAuthConfig,\n IProfileFieldOption,\n IProfileField,\n IRegistrationConfig,\n IMfaConfig,\n ITenantOption,\n ITenantsConfig,\n ISsoProviderConfig,\n ISsoConfig,\n IUiConfig
|
|
1
|
+
{"version":3,"sources":["../src/index.ts","../src/auth.ts","../src/config.ts"],"sourcesContent":["/**\n * @libs/auth-s - Shared authentication s\n */\n\n// Auth s (from auth.ts)\nexport {\n NestAuthMFAMethodEnum,\n NestAuthOTPTypeEnum,\n IEmailCredentials,\n IPhoneCredentials,\n ISocialCredentials,\n ILoginCredentials,\n ILoginRequest,\n ISignupRequest,\n IRefreshRequest,\n ISwitchTenantRequest,\n ITokenPair,\n IAuthResponse,\n IAuthUser,\n IAuthSession,\n IMessageResponse,\n IAuthCookieResponse,\n IAuthSuccessResponse,\n IUserResponse,\n ITokensResponse,\n // Entities\n INestAuthIdentity,\n INestAuthSession,\n INestAuthAccessKey,\n INestAuthOTP,\n} from './auth';\n\n// MFA (from mfa.ts)\nexport {\n IVerify2faRequest,\n IVerify2faResponse,\n ISendMfaCodeRequest,\n IToggleMfaRequest,\n IVerifyTotpSetupRequest,\n IMfaDevice,\n IMfaStatusResponse,\n IMfaCodeResponse,\n ITotpSetupResponse,\n // Entities\n INestAuthMFASecret,\n INestAuthTrustedDevice,\n} from './mfa';\n\n// Password\nexport {\n IForgotPasswordRequest,\n IResetPasswordWithTokenRequest,\n IChangePasswordRequest,\n IVerifyForgotPasswordOtpRequest,\n IVerifyOtpResponse,\n} from './password';\n\n// Verification\nexport {\n IVerifyEmailRequest,\n IResendVerificationRequest,\n ISendEmailVerificationRequest,\n ISessionVerifyResponse,\n} from './verification';\n\n// Admin\nexport {\n IInitializeAdminRequest,\n IInitializeAdminResponse,\n IAdminUser,\n} from './admin';\n\n// Config\nexport {\n IEmailAuthConfig,\n IPhoneAuthConfig,\n IProfileFieldOption,\n IProfileField,\n IRegistrationConfig,\n IMfaConfig,\n ITenantOption,\n ITenantsConfig,\n ISsoProviderConfig,\n ISsoConfig,\n IUiConfig,\n TenantModeEnum,\n INestAuthTenantOptions,\n} from './config';\n\n// User & Role (from user.ts)\nexport {\n INestAuthUser,\n INestAuthRole,\n INestAuthPermission,\n} from './user';\n\n// Tenant (from tenant.ts)\nexport {\n INestAuthTenant,\n INestAuthUserAccess,\n} from './tenant';\n","/**\n * Auth Types\n * Contains: Login/Signup/Token types + Auth Entities (Session, Identity, AccessKey, OTP)\n */\n\nimport type { INestAuthTenant, INestAuthUserAccess } from './tenant';\n\n// OTP Type Enum\nexport enum NestAuthOTPTypeEnum {\n PASSWORD_RESET = 'password_reset',\n VERIFICATION = 'verification',\n MFA = 'mfa',\n}\n\n// MFA Method Enum (Needed for AuthResponse and others)\nexport enum NestAuthMFAMethodEnum {\n EMAIL = 'email',\n SMS = 'sms',\n TOTP = 'totp',\n}\n\n// --- Entity Interfaces ---\n\nexport interface INestAuthIdentity {\n id: string;\n provider: string;\n providerId: string;\n metadata?: Record<string, any>;\n userId: string;\n createdAt: Date;\n updatedAt: Date;\n}\n\nexport interface INestAuthSession {\n id: string;\n userId: string;\n data?: any;\n refreshToken?: string;\n expiresAt?: Date;\n userAgent?: string;\n deviceName?: string;\n ipAddress?: string;\n lastActive?: Date;\n createdAt?: Date;\n updatedAt?: Date;\n}\n\nexport interface INestAuthAccessKey {\n id: string;\n name: string;\n publicKey: string;\n privateKey: string;\n description?: string;\n isActive: boolean;\n expiresAt?: Date;\n lastUsedAt?: Date;\n userId: string;\n createdAt: Date;\n updatedAt: Date;\n}\n\nexport interface INestAuthOTP {\n id: string;\n userId: string;\n code: string;\n type: NestAuthOTPTypeEnum;\n expiresAt: Date;\n used: boolean;\n createdAt: Date;\n updatedAt: Date;\n}\n\n// --- Request/Response Interfaces ---\n\nexport interface IEmailCredentials {\n email: string;\n password: string;\n}\n\nexport interface IPhoneCredentials {\n phone: string;\n password: string;\n}\n\nexport interface ISocialCredentials {\n token: string;\n}\n\nexport type ILoginCredentials = IEmailCredentials | IPhoneCredentials | ISocialCredentials | Record<string, any>;\n\nexport interface ILoginRequest {\n providerName?: 'email' | 'phone' | 'google' | 'facebook' | 'apple' | 'github' | string;\n credentials: ILoginCredentials;\n tenantId?: string;\n createUserIfNotExists?: boolean;\n}\n\nexport interface ISignupRequest {\n email?: string;\n phone?: string;\n password: string;\n tenantId?: string;\n [key: string]: any;\n}\n\nexport interface IRefreshRequest {\n refreshToken?: string;\n}\n\nexport interface ISwitchTenantRequest {\n tenantId: string;\n}\n\nexport interface ITokenPair {\n accessToken: string;\n refreshToken: string;\n}\n\nexport interface IAuthUser {\n id: string;\n email?: string;\n phone?: string;\n isVerified?: boolean;\n isMfaEnabled?: boolean;\n roles?: string[];\n permissions?: string[];\n metadata?: Record<string, any>;\n userAccesses?: INestAuthUserAccess[];\n}\n\nexport interface IAuthResponse extends ITokenPair {\n message?: string;\n isRequiresMfa?: boolean;\n mfaMethods?: NestAuthMFAMethodEnum[];\n defaultMfaMethod?: NestAuthMFAMethodEnum;\n user?: IAuthUser;\n}\n\nexport interface IAuthSession {\n id: string;\n userId: string;\n expiresAt: string;\n createdAt: string;\n}\n\nexport interface IMessageResponse {\n message: string;\n}\n\nexport interface IAuthCookieResponse {\n message: string;\n isRequiresMfa?: boolean;\n}\n\nexport interface IAuthSuccessResponse {\n message: string;\n isRequiresMfa?: boolean;\n}\n\nexport interface IUserResponse {\n id: string;\n email?: string;\n phone?: string;\n isVerified?: boolean;\n isMfaEnabled?: boolean;\n roles?: string[];\n permissions?: string[];\n metadata?: Record<string, any>;\n tenantId?: string;\n tenants?: INestAuthTenant[];\n}\n\nexport interface ITokensResponse {\n accessToken: string;\n refreshToken: string;\n}\n","/**\n * Config Types\n * Client configuration response types\n */\n\nimport { NestAuthMFAMethodEnum } from './auth';\n\nexport interface IEmailAuthConfig {\n enabled: boolean;\n}\n\nexport interface IPhoneAuthConfig {\n enabled: boolean;\n}\n\nexport interface IProfileFieldOption {\n label: string;\n value: string;\n}\n\nexport interface IProfileField {\n id: string;\n label: string;\n required?: boolean;\n type?: 'text' | 'email' | 'phone' | 'select' | 'checkbox' | 'password';\n placeholder?: string;\n options?: IProfileFieldOption[];\n}\n\nexport interface IRegistrationConfig {\n enabled: boolean;\n requireInvitation?: boolean;\n collectProfileFields?: IProfileField[];\n}\n\nexport interface IMfaConfig {\n enabled: boolean;\n methods?: NestAuthMFAMethodEnum[];\n allowUserToggle?: boolean;\n allowMethodSelection?: boolean;\n}\n\nexport interface ITenantOption {\n id: string;\n name: string;\n slug: string;\n isActive: boolean;\n metadata?: Record<string, any>;\n}\n\n/**\n * Tenant support configuration.\n * - enabled: false → no tenant checks; auth works without tenant (future-safe: entities remain).\n * - enabled: true → multi-tenant is on; tenant is required; mode controls behavior:\n * - ISOLATED: one tenant per user (user belongs to one tenant).\n * - SHARED: user can belong to multiple tenants; active tenant from header/subdomain/JWT/custom.\n */\nexport interface INestAuthTenantOptions {\n /** When false, tenant resolution and validation are disabled. When true, multi-tenant is enabled and tenant is required. Default: false. */\n enabled?: boolean;\n /** When enabled, use ISOLATED (one tenant per user) or SHARED (multiple tenants per user). Default: ISOLATED. */\n mode?: TenantModeEnum;\n}\n\nexport enum TenantModeEnum {\n ISOLATED = 'isolated',\n SHARED = 'shared',\n}\n\nexport interface ITenantsConfig {\n mode: TenantModeEnum;\n options?: ITenantOption[];\n}\n\nexport interface ISsoProviderConfig {\n id: string;\n name: string;\n logoUrl?: string;\n authorizationUrl?: string;\n clientId?: string;\n hint?: string;\n}\n\nexport interface ISsoConfig {\n enabled: boolean;\n providers?: ISsoProviderConfig[];\n}\n\nexport interface IUiConfig {\n brandName?: string;\n brandColor?: string;\n logoUrl?: string;\n backgroundImageUrl?: string;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACQO,IAAK,sBAAL,kBAAKA,yBAAL;AACH,EAAAA,qBAAA,oBAAiB;AACjB,EAAAA,qBAAA,kBAAe;AACf,EAAAA,qBAAA,SAAM;AAHE,SAAAA;AAAA,GAAA;AAOL,IAAK,wBAAL,kBAAKC,2BAAL;AACH,EAAAA,uBAAA,WAAQ;AACR,EAAAA,uBAAA,SAAM;AACN,EAAAA,uBAAA,UAAQ;AAHA,SAAAA;AAAA,GAAA;;;ACiDL,IAAK,iBAAL,kBAAKC,oBAAL;AACH,EAAAA,gBAAA,cAAW;AACX,EAAAA,gBAAA,YAAS;AAFD,SAAAA;AAAA,GAAA;","names":["NestAuthOTPTypeEnum","NestAuthMFAMethodEnum","TenantModeEnum"]}
|
package/dist/index.d.cts
CHANGED
|
@@ -1,3 +1,154 @@
|
|
|
1
|
+
interface INestAuthMFASecret {
|
|
2
|
+
id: string;
|
|
3
|
+
userId: string;
|
|
4
|
+
secret: string;
|
|
5
|
+
verified: boolean;
|
|
6
|
+
deviceName?: string;
|
|
7
|
+
lastUsedAt?: Date;
|
|
8
|
+
createdAt: Date;
|
|
9
|
+
updatedAt: Date;
|
|
10
|
+
}
|
|
11
|
+
interface INestAuthTrustedDevice {
|
|
12
|
+
id: string;
|
|
13
|
+
userId: string;
|
|
14
|
+
token: string;
|
|
15
|
+
userAgent?: string;
|
|
16
|
+
ipAddress?: string;
|
|
17
|
+
expiresAt: Date;
|
|
18
|
+
lastUsedAt?: Date;
|
|
19
|
+
createdAt: Date;
|
|
20
|
+
}
|
|
21
|
+
interface IVerify2faRequest {
|
|
22
|
+
otp: string;
|
|
23
|
+
method?: NestAuthMFAMethodEnum;
|
|
24
|
+
trustDevice?: boolean;
|
|
25
|
+
}
|
|
26
|
+
interface IVerify2faResponse {
|
|
27
|
+
accessToken: string;
|
|
28
|
+
refreshToken: string;
|
|
29
|
+
message?: string;
|
|
30
|
+
trustToken?: string;
|
|
31
|
+
user?: {
|
|
32
|
+
id: string;
|
|
33
|
+
email?: string;
|
|
34
|
+
phone?: string;
|
|
35
|
+
isVerified?: boolean;
|
|
36
|
+
isMfaEnabled?: boolean;
|
|
37
|
+
roles?: string[];
|
|
38
|
+
permissions?: string[];
|
|
39
|
+
metadata?: Record<string, any>;
|
|
40
|
+
tenantId?: string;
|
|
41
|
+
};
|
|
42
|
+
}
|
|
43
|
+
interface ISendMfaCodeRequest {
|
|
44
|
+
method: NestAuthMFAMethodEnum;
|
|
45
|
+
}
|
|
46
|
+
interface IToggleMfaRequest {
|
|
47
|
+
enabled: boolean;
|
|
48
|
+
}
|
|
49
|
+
interface IVerifyTotpSetupRequest {
|
|
50
|
+
otp: string;
|
|
51
|
+
secret: string;
|
|
52
|
+
}
|
|
53
|
+
interface IMfaDevice {
|
|
54
|
+
id: string;
|
|
55
|
+
deviceName: string;
|
|
56
|
+
method: NestAuthMFAMethodEnum;
|
|
57
|
+
lastUsedAt?: Date | string | null;
|
|
58
|
+
verified: boolean;
|
|
59
|
+
createdAt?: Date | string | null;
|
|
60
|
+
}
|
|
61
|
+
interface IMfaStatusResponse {
|
|
62
|
+
isEnabled: boolean;
|
|
63
|
+
verifiedMethods: NestAuthMFAMethodEnum[];
|
|
64
|
+
configuredMethods: NestAuthMFAMethodEnum[];
|
|
65
|
+
allowUserToggle: boolean;
|
|
66
|
+
allowMethodSelection: boolean;
|
|
67
|
+
totpDevices: IMfaDevice[];
|
|
68
|
+
hasRecoveryCode: boolean;
|
|
69
|
+
required?: boolean;
|
|
70
|
+
canToggle?: boolean;
|
|
71
|
+
}
|
|
72
|
+
interface IMfaCodeResponse {
|
|
73
|
+
code: string;
|
|
74
|
+
expiresAt: Date | string;
|
|
75
|
+
used: boolean;
|
|
76
|
+
warning?: string;
|
|
77
|
+
}
|
|
78
|
+
interface ITotpSetupResponse {
|
|
79
|
+
secret: string;
|
|
80
|
+
qrCode: string;
|
|
81
|
+
otpAuthUrl: string;
|
|
82
|
+
}
|
|
83
|
+
|
|
84
|
+
interface INestAuthUser {
|
|
85
|
+
id: string;
|
|
86
|
+
email?: string;
|
|
87
|
+
emailVerifiedAt?: Date;
|
|
88
|
+
phone?: string;
|
|
89
|
+
phoneVerifiedAt?: Date;
|
|
90
|
+
passwordHash?: string;
|
|
91
|
+
isVerified: boolean;
|
|
92
|
+
isActive: boolean;
|
|
93
|
+
metadata?: Record<string, any>;
|
|
94
|
+
isMfaEnabled: boolean;
|
|
95
|
+
mfaRecoveryCode?: string;
|
|
96
|
+
identities?: INestAuthIdentity[];
|
|
97
|
+
mfaSecrets?: INestAuthMFASecret[];
|
|
98
|
+
sessions?: INestAuthSession[];
|
|
99
|
+
otps?: INestAuthOTP[];
|
|
100
|
+
userAccesses?: INestAuthUserAccess[];
|
|
101
|
+
createdAt: Date;
|
|
102
|
+
updatedAt: Date;
|
|
103
|
+
}
|
|
104
|
+
interface INestAuthRole {
|
|
105
|
+
id: string;
|
|
106
|
+
name: string;
|
|
107
|
+
guard: string;
|
|
108
|
+
tenantId?: string;
|
|
109
|
+
isSystem: boolean;
|
|
110
|
+
isActive: boolean;
|
|
111
|
+
permissions: string[];
|
|
112
|
+
createdAt: Date;
|
|
113
|
+
updatedAt: Date;
|
|
114
|
+
}
|
|
115
|
+
interface INestAuthPermission {
|
|
116
|
+
id: string;
|
|
117
|
+
name: string;
|
|
118
|
+
guard: string;
|
|
119
|
+
description?: string;
|
|
120
|
+
category?: string;
|
|
121
|
+
metadata?: Record<string, any>;
|
|
122
|
+
createdAt: Date;
|
|
123
|
+
updatedAt: Date;
|
|
124
|
+
}
|
|
125
|
+
|
|
126
|
+
interface INestAuthTenant {
|
|
127
|
+
id: string;
|
|
128
|
+
name: string;
|
|
129
|
+
slug: string;
|
|
130
|
+
userAccesses?: INestAuthUserAccess[];
|
|
131
|
+
description?: string;
|
|
132
|
+
metadata?: Record<string, any>;
|
|
133
|
+
isActive: boolean;
|
|
134
|
+
createdAt: Date;
|
|
135
|
+
updatedAt: Date;
|
|
136
|
+
}
|
|
137
|
+
interface INestAuthUserAccess {
|
|
138
|
+
id: string;
|
|
139
|
+
userId: string;
|
|
140
|
+
tenantId: string;
|
|
141
|
+
user?: INestAuthUser;
|
|
142
|
+
tenant?: INestAuthTenant;
|
|
143
|
+
roles?: INestAuthRole[];
|
|
144
|
+
isActive: boolean;
|
|
145
|
+
isDefault?: boolean;
|
|
146
|
+
status?: string;
|
|
147
|
+
metadata?: Record<string, any>;
|
|
148
|
+
createdAt: Date;
|
|
149
|
+
updatedAt: Date;
|
|
150
|
+
}
|
|
151
|
+
|
|
1
152
|
declare enum NestAuthOTPTypeEnum {
|
|
2
153
|
PASSWORD_RESET = "password_reset",
|
|
3
154
|
VERIFICATION = "verification",
|
|
@@ -81,6 +232,9 @@ interface ISignupRequest {
|
|
|
81
232
|
interface IRefreshRequest {
|
|
82
233
|
refreshToken?: string;
|
|
83
234
|
}
|
|
235
|
+
interface ISwitchTenantRequest {
|
|
236
|
+
tenantId: string;
|
|
237
|
+
}
|
|
84
238
|
interface ITokenPair {
|
|
85
239
|
accessToken: string;
|
|
86
240
|
refreshToken: string;
|
|
@@ -94,7 +248,7 @@ interface IAuthUser {
|
|
|
94
248
|
roles?: string[];
|
|
95
249
|
permissions?: string[];
|
|
96
250
|
metadata?: Record<string, any>;
|
|
97
|
-
|
|
251
|
+
userAccesses?: INestAuthUserAccess[];
|
|
98
252
|
}
|
|
99
253
|
interface IAuthResponse extends ITokenPair {
|
|
100
254
|
message?: string;
|
|
@@ -130,95 +284,13 @@ interface IUserResponse {
|
|
|
130
284
|
permissions?: string[];
|
|
131
285
|
metadata?: Record<string, any>;
|
|
132
286
|
tenantId?: string;
|
|
287
|
+
tenants?: INestAuthTenant[];
|
|
133
288
|
}
|
|
134
289
|
interface ITokensResponse {
|
|
135
290
|
accessToken: string;
|
|
136
291
|
refreshToken: string;
|
|
137
292
|
}
|
|
138
293
|
|
|
139
|
-
interface INestAuthMFASecret {
|
|
140
|
-
id: string;
|
|
141
|
-
userId: string;
|
|
142
|
-
secret: string;
|
|
143
|
-
verified: boolean;
|
|
144
|
-
deviceName?: string;
|
|
145
|
-
lastUsedAt?: Date;
|
|
146
|
-
createdAt: Date;
|
|
147
|
-
updatedAt: Date;
|
|
148
|
-
}
|
|
149
|
-
interface INestAuthTrustedDevice {
|
|
150
|
-
id: string;
|
|
151
|
-
userId: string;
|
|
152
|
-
token: string;
|
|
153
|
-
userAgent?: string;
|
|
154
|
-
ipAddress?: string;
|
|
155
|
-
expiresAt: Date;
|
|
156
|
-
lastUsedAt?: Date;
|
|
157
|
-
createdAt: Date;
|
|
158
|
-
}
|
|
159
|
-
interface IVerify2faRequest {
|
|
160
|
-
otp: string;
|
|
161
|
-
method?: NestAuthMFAMethodEnum;
|
|
162
|
-
trustDevice?: boolean;
|
|
163
|
-
}
|
|
164
|
-
interface IVerify2faResponse {
|
|
165
|
-
accessToken: string;
|
|
166
|
-
refreshToken: string;
|
|
167
|
-
message?: string;
|
|
168
|
-
trustToken?: string;
|
|
169
|
-
user?: {
|
|
170
|
-
id: string;
|
|
171
|
-
email?: string;
|
|
172
|
-
phone?: string;
|
|
173
|
-
isVerified?: boolean;
|
|
174
|
-
isMfaEnabled?: boolean;
|
|
175
|
-
roles?: string[];
|
|
176
|
-
permissions?: string[];
|
|
177
|
-
metadata?: Record<string, any>;
|
|
178
|
-
tenantId?: string;
|
|
179
|
-
};
|
|
180
|
-
}
|
|
181
|
-
interface ISendMfaCodeRequest {
|
|
182
|
-
method: NestAuthMFAMethodEnum;
|
|
183
|
-
}
|
|
184
|
-
interface IToggleMfaRequest {
|
|
185
|
-
enabled: boolean;
|
|
186
|
-
}
|
|
187
|
-
interface IVerifyTotpSetupRequest {
|
|
188
|
-
otp: string;
|
|
189
|
-
secret: string;
|
|
190
|
-
}
|
|
191
|
-
interface IMfaDevice {
|
|
192
|
-
id: string;
|
|
193
|
-
deviceName: string;
|
|
194
|
-
method: NestAuthMFAMethodEnum;
|
|
195
|
-
lastUsedAt?: Date | string | null;
|
|
196
|
-
verified: boolean;
|
|
197
|
-
createdAt?: Date | string | null;
|
|
198
|
-
}
|
|
199
|
-
interface IMfaStatusResponse {
|
|
200
|
-
isEnabled: boolean;
|
|
201
|
-
verifiedMethods: NestAuthMFAMethodEnum[];
|
|
202
|
-
configuredMethods: NestAuthMFAMethodEnum[];
|
|
203
|
-
allowUserToggle: boolean;
|
|
204
|
-
allowMethodSelection: boolean;
|
|
205
|
-
totpDevices: IMfaDevice[];
|
|
206
|
-
hasRecoveryCode: boolean;
|
|
207
|
-
required?: boolean;
|
|
208
|
-
canToggle?: boolean;
|
|
209
|
-
}
|
|
210
|
-
interface IMfaCodeResponse {
|
|
211
|
-
code: string;
|
|
212
|
-
expiresAt: Date | string;
|
|
213
|
-
used: boolean;
|
|
214
|
-
warning?: string;
|
|
215
|
-
}
|
|
216
|
-
interface ITotpSetupResponse {
|
|
217
|
-
secret: string;
|
|
218
|
-
qrCode: string;
|
|
219
|
-
otpAuthUrl: string;
|
|
220
|
-
}
|
|
221
|
-
|
|
222
294
|
interface IForgotPasswordRequest {
|
|
223
295
|
email?: string;
|
|
224
296
|
phone?: string;
|
|
@@ -317,9 +389,16 @@ interface ITenantOption {
|
|
|
317
389
|
isActive: boolean;
|
|
318
390
|
metadata?: Record<string, any>;
|
|
319
391
|
}
|
|
392
|
+
interface INestAuthTenantOptions {
|
|
393
|
+
enabled?: boolean;
|
|
394
|
+
mode?: TenantModeEnum;
|
|
395
|
+
}
|
|
396
|
+
declare enum TenantModeEnum {
|
|
397
|
+
ISOLATED = "isolated",
|
|
398
|
+
SHARED = "shared"
|
|
399
|
+
}
|
|
320
400
|
interface ITenantsConfig {
|
|
321
|
-
mode:
|
|
322
|
-
defaultTenantId: string | null;
|
|
401
|
+
mode: TenantModeEnum;
|
|
323
402
|
options?: ITenantOption[];
|
|
324
403
|
}
|
|
325
404
|
interface ISsoProviderConfig {
|
|
@@ -341,56 +420,4 @@ interface IUiConfig {
|
|
|
341
420
|
backgroundImageUrl?: string;
|
|
342
421
|
}
|
|
343
422
|
|
|
344
|
-
|
|
345
|
-
id: string;
|
|
346
|
-
email?: string;
|
|
347
|
-
emailVerifiedAt?: Date;
|
|
348
|
-
phone?: string;
|
|
349
|
-
phoneVerifiedAt?: Date;
|
|
350
|
-
passwordHash?: string;
|
|
351
|
-
isVerified: boolean;
|
|
352
|
-
isActive: boolean;
|
|
353
|
-
metadata?: Record<string, any>;
|
|
354
|
-
tenantId?: string;
|
|
355
|
-
isMfaEnabled: boolean;
|
|
356
|
-
mfaRecoveryCode?: string;
|
|
357
|
-
emailTenant?: string;
|
|
358
|
-
phoneTenant?: string;
|
|
359
|
-
createdAt: Date;
|
|
360
|
-
updatedAt: Date;
|
|
361
|
-
}
|
|
362
|
-
interface INestAuthRole {
|
|
363
|
-
id: string;
|
|
364
|
-
name: string;
|
|
365
|
-
guard: string;
|
|
366
|
-
tenantId?: string;
|
|
367
|
-
isSystem: boolean;
|
|
368
|
-
isActive: boolean;
|
|
369
|
-
permissions: string[];
|
|
370
|
-
createdAt: Date;
|
|
371
|
-
updatedAt: Date;
|
|
372
|
-
}
|
|
373
|
-
interface INestAuthPermission {
|
|
374
|
-
id: string;
|
|
375
|
-
name: string;
|
|
376
|
-
guard: string;
|
|
377
|
-
description?: string;
|
|
378
|
-
category?: string;
|
|
379
|
-
metadata?: Record<string, any>;
|
|
380
|
-
createdAt: Date;
|
|
381
|
-
updatedAt: Date;
|
|
382
|
-
}
|
|
383
|
-
|
|
384
|
-
interface INestAuthTenant {
|
|
385
|
-
id: string;
|
|
386
|
-
name: string;
|
|
387
|
-
slug: string;
|
|
388
|
-
domain?: string;
|
|
389
|
-
description?: string;
|
|
390
|
-
metadata?: Record<string, any>;
|
|
391
|
-
isActive: boolean;
|
|
392
|
-
createdAt: Date;
|
|
393
|
-
updatedAt: Date;
|
|
394
|
-
}
|
|
395
|
-
|
|
396
|
-
export { type IAdminUser, type IAuthCookieResponse, type IAuthResponse, type IAuthSession, type IAuthSuccessResponse, type IAuthUser, type IChangePasswordRequest, type IEmailAuthConfig, type IEmailCredentials, type IForgotPasswordRequest, type IInitializeAdminRequest, type IInitializeAdminResponse, type ILoginCredentials, type ILoginRequest, type IMessageResponse, type IMfaCodeResponse, type IMfaConfig, type IMfaDevice, type IMfaStatusResponse, type INestAuthAccessKey, type INestAuthIdentity, type INestAuthMFASecret, type INestAuthOTP, type INestAuthPermission, type INestAuthRole, type INestAuthSession, type INestAuthTenant, type INestAuthTrustedDevice, type INestAuthUser, type IPhoneAuthConfig, type IPhoneCredentials, type IProfileField, type IProfileFieldOption, type IRefreshRequest, type IRegistrationConfig, type IResendVerificationRequest, type IResetPasswordWithTokenRequest, type ISendEmailVerificationRequest, type ISendMfaCodeRequest, type ISessionVerifyResponse, type ISignupRequest, type ISocialCredentials, type ISsoConfig, type ISsoProviderConfig, type ITenantOption, type ITenantsConfig, type IToggleMfaRequest, type ITokenPair, type ITokensResponse, type ITotpSetupResponse, type IUiConfig, type IUserResponse, type IVerify2faRequest, type IVerify2faResponse, type IVerifyEmailRequest, type IVerifyForgotPasswordOtpRequest, type IVerifyOtpResponse, type IVerifyTotpSetupRequest, NestAuthMFAMethodEnum, NestAuthOTPTypeEnum };
|
|
423
|
+
export { type IAdminUser, type IAuthCookieResponse, type IAuthResponse, type IAuthSession, type IAuthSuccessResponse, type IAuthUser, type IChangePasswordRequest, type IEmailAuthConfig, type IEmailCredentials, type IForgotPasswordRequest, type IInitializeAdminRequest, type IInitializeAdminResponse, type ILoginCredentials, type ILoginRequest, type IMessageResponse, type IMfaCodeResponse, type IMfaConfig, type IMfaDevice, type IMfaStatusResponse, type INestAuthAccessKey, type INestAuthIdentity, type INestAuthMFASecret, type INestAuthOTP, type INestAuthPermission, type INestAuthRole, type INestAuthSession, type INestAuthTenant, type INestAuthTenantOptions, type INestAuthTrustedDevice, type INestAuthUser, type INestAuthUserAccess, type IPhoneAuthConfig, type IPhoneCredentials, type IProfileField, type IProfileFieldOption, type IRefreshRequest, type IRegistrationConfig, type IResendVerificationRequest, type IResetPasswordWithTokenRequest, type ISendEmailVerificationRequest, type ISendMfaCodeRequest, type ISessionVerifyResponse, type ISignupRequest, type ISocialCredentials, type ISsoConfig, type ISsoProviderConfig, type ISwitchTenantRequest, type ITenantOption, type ITenantsConfig, type IToggleMfaRequest, type ITokenPair, type ITokensResponse, type ITotpSetupResponse, type IUiConfig, type IUserResponse, type IVerify2faRequest, type IVerify2faResponse, type IVerifyEmailRequest, type IVerifyForgotPasswordOtpRequest, type IVerifyOtpResponse, type IVerifyTotpSetupRequest, NestAuthMFAMethodEnum, NestAuthOTPTypeEnum, TenantModeEnum };
|
package/dist/index.d.ts
CHANGED
|
@@ -1,3 +1,154 @@
|
|
|
1
|
+
interface INestAuthMFASecret {
|
|
2
|
+
id: string;
|
|
3
|
+
userId: string;
|
|
4
|
+
secret: string;
|
|
5
|
+
verified: boolean;
|
|
6
|
+
deviceName?: string;
|
|
7
|
+
lastUsedAt?: Date;
|
|
8
|
+
createdAt: Date;
|
|
9
|
+
updatedAt: Date;
|
|
10
|
+
}
|
|
11
|
+
interface INestAuthTrustedDevice {
|
|
12
|
+
id: string;
|
|
13
|
+
userId: string;
|
|
14
|
+
token: string;
|
|
15
|
+
userAgent?: string;
|
|
16
|
+
ipAddress?: string;
|
|
17
|
+
expiresAt: Date;
|
|
18
|
+
lastUsedAt?: Date;
|
|
19
|
+
createdAt: Date;
|
|
20
|
+
}
|
|
21
|
+
interface IVerify2faRequest {
|
|
22
|
+
otp: string;
|
|
23
|
+
method?: NestAuthMFAMethodEnum;
|
|
24
|
+
trustDevice?: boolean;
|
|
25
|
+
}
|
|
26
|
+
interface IVerify2faResponse {
|
|
27
|
+
accessToken: string;
|
|
28
|
+
refreshToken: string;
|
|
29
|
+
message?: string;
|
|
30
|
+
trustToken?: string;
|
|
31
|
+
user?: {
|
|
32
|
+
id: string;
|
|
33
|
+
email?: string;
|
|
34
|
+
phone?: string;
|
|
35
|
+
isVerified?: boolean;
|
|
36
|
+
isMfaEnabled?: boolean;
|
|
37
|
+
roles?: string[];
|
|
38
|
+
permissions?: string[];
|
|
39
|
+
metadata?: Record<string, any>;
|
|
40
|
+
tenantId?: string;
|
|
41
|
+
};
|
|
42
|
+
}
|
|
43
|
+
interface ISendMfaCodeRequest {
|
|
44
|
+
method: NestAuthMFAMethodEnum;
|
|
45
|
+
}
|
|
46
|
+
interface IToggleMfaRequest {
|
|
47
|
+
enabled: boolean;
|
|
48
|
+
}
|
|
49
|
+
interface IVerifyTotpSetupRequest {
|
|
50
|
+
otp: string;
|
|
51
|
+
secret: string;
|
|
52
|
+
}
|
|
53
|
+
interface IMfaDevice {
|
|
54
|
+
id: string;
|
|
55
|
+
deviceName: string;
|
|
56
|
+
method: NestAuthMFAMethodEnum;
|
|
57
|
+
lastUsedAt?: Date | string | null;
|
|
58
|
+
verified: boolean;
|
|
59
|
+
createdAt?: Date | string | null;
|
|
60
|
+
}
|
|
61
|
+
interface IMfaStatusResponse {
|
|
62
|
+
isEnabled: boolean;
|
|
63
|
+
verifiedMethods: NestAuthMFAMethodEnum[];
|
|
64
|
+
configuredMethods: NestAuthMFAMethodEnum[];
|
|
65
|
+
allowUserToggle: boolean;
|
|
66
|
+
allowMethodSelection: boolean;
|
|
67
|
+
totpDevices: IMfaDevice[];
|
|
68
|
+
hasRecoveryCode: boolean;
|
|
69
|
+
required?: boolean;
|
|
70
|
+
canToggle?: boolean;
|
|
71
|
+
}
|
|
72
|
+
interface IMfaCodeResponse {
|
|
73
|
+
code: string;
|
|
74
|
+
expiresAt: Date | string;
|
|
75
|
+
used: boolean;
|
|
76
|
+
warning?: string;
|
|
77
|
+
}
|
|
78
|
+
interface ITotpSetupResponse {
|
|
79
|
+
secret: string;
|
|
80
|
+
qrCode: string;
|
|
81
|
+
otpAuthUrl: string;
|
|
82
|
+
}
|
|
83
|
+
|
|
84
|
+
interface INestAuthUser {
|
|
85
|
+
id: string;
|
|
86
|
+
email?: string;
|
|
87
|
+
emailVerifiedAt?: Date;
|
|
88
|
+
phone?: string;
|
|
89
|
+
phoneVerifiedAt?: Date;
|
|
90
|
+
passwordHash?: string;
|
|
91
|
+
isVerified: boolean;
|
|
92
|
+
isActive: boolean;
|
|
93
|
+
metadata?: Record<string, any>;
|
|
94
|
+
isMfaEnabled: boolean;
|
|
95
|
+
mfaRecoveryCode?: string;
|
|
96
|
+
identities?: INestAuthIdentity[];
|
|
97
|
+
mfaSecrets?: INestAuthMFASecret[];
|
|
98
|
+
sessions?: INestAuthSession[];
|
|
99
|
+
otps?: INestAuthOTP[];
|
|
100
|
+
userAccesses?: INestAuthUserAccess[];
|
|
101
|
+
createdAt: Date;
|
|
102
|
+
updatedAt: Date;
|
|
103
|
+
}
|
|
104
|
+
interface INestAuthRole {
|
|
105
|
+
id: string;
|
|
106
|
+
name: string;
|
|
107
|
+
guard: string;
|
|
108
|
+
tenantId?: string;
|
|
109
|
+
isSystem: boolean;
|
|
110
|
+
isActive: boolean;
|
|
111
|
+
permissions: string[];
|
|
112
|
+
createdAt: Date;
|
|
113
|
+
updatedAt: Date;
|
|
114
|
+
}
|
|
115
|
+
interface INestAuthPermission {
|
|
116
|
+
id: string;
|
|
117
|
+
name: string;
|
|
118
|
+
guard: string;
|
|
119
|
+
description?: string;
|
|
120
|
+
category?: string;
|
|
121
|
+
metadata?: Record<string, any>;
|
|
122
|
+
createdAt: Date;
|
|
123
|
+
updatedAt: Date;
|
|
124
|
+
}
|
|
125
|
+
|
|
126
|
+
interface INestAuthTenant {
|
|
127
|
+
id: string;
|
|
128
|
+
name: string;
|
|
129
|
+
slug: string;
|
|
130
|
+
userAccesses?: INestAuthUserAccess[];
|
|
131
|
+
description?: string;
|
|
132
|
+
metadata?: Record<string, any>;
|
|
133
|
+
isActive: boolean;
|
|
134
|
+
createdAt: Date;
|
|
135
|
+
updatedAt: Date;
|
|
136
|
+
}
|
|
137
|
+
interface INestAuthUserAccess {
|
|
138
|
+
id: string;
|
|
139
|
+
userId: string;
|
|
140
|
+
tenantId: string;
|
|
141
|
+
user?: INestAuthUser;
|
|
142
|
+
tenant?: INestAuthTenant;
|
|
143
|
+
roles?: INestAuthRole[];
|
|
144
|
+
isActive: boolean;
|
|
145
|
+
isDefault?: boolean;
|
|
146
|
+
status?: string;
|
|
147
|
+
metadata?: Record<string, any>;
|
|
148
|
+
createdAt: Date;
|
|
149
|
+
updatedAt: Date;
|
|
150
|
+
}
|
|
151
|
+
|
|
1
152
|
declare enum NestAuthOTPTypeEnum {
|
|
2
153
|
PASSWORD_RESET = "password_reset",
|
|
3
154
|
VERIFICATION = "verification",
|
|
@@ -81,6 +232,9 @@ interface ISignupRequest {
|
|
|
81
232
|
interface IRefreshRequest {
|
|
82
233
|
refreshToken?: string;
|
|
83
234
|
}
|
|
235
|
+
interface ISwitchTenantRequest {
|
|
236
|
+
tenantId: string;
|
|
237
|
+
}
|
|
84
238
|
interface ITokenPair {
|
|
85
239
|
accessToken: string;
|
|
86
240
|
refreshToken: string;
|
|
@@ -94,7 +248,7 @@ interface IAuthUser {
|
|
|
94
248
|
roles?: string[];
|
|
95
249
|
permissions?: string[];
|
|
96
250
|
metadata?: Record<string, any>;
|
|
97
|
-
|
|
251
|
+
userAccesses?: INestAuthUserAccess[];
|
|
98
252
|
}
|
|
99
253
|
interface IAuthResponse extends ITokenPair {
|
|
100
254
|
message?: string;
|
|
@@ -130,95 +284,13 @@ interface IUserResponse {
|
|
|
130
284
|
permissions?: string[];
|
|
131
285
|
metadata?: Record<string, any>;
|
|
132
286
|
tenantId?: string;
|
|
287
|
+
tenants?: INestAuthTenant[];
|
|
133
288
|
}
|
|
134
289
|
interface ITokensResponse {
|
|
135
290
|
accessToken: string;
|
|
136
291
|
refreshToken: string;
|
|
137
292
|
}
|
|
138
293
|
|
|
139
|
-
interface INestAuthMFASecret {
|
|
140
|
-
id: string;
|
|
141
|
-
userId: string;
|
|
142
|
-
secret: string;
|
|
143
|
-
verified: boolean;
|
|
144
|
-
deviceName?: string;
|
|
145
|
-
lastUsedAt?: Date;
|
|
146
|
-
createdAt: Date;
|
|
147
|
-
updatedAt: Date;
|
|
148
|
-
}
|
|
149
|
-
interface INestAuthTrustedDevice {
|
|
150
|
-
id: string;
|
|
151
|
-
userId: string;
|
|
152
|
-
token: string;
|
|
153
|
-
userAgent?: string;
|
|
154
|
-
ipAddress?: string;
|
|
155
|
-
expiresAt: Date;
|
|
156
|
-
lastUsedAt?: Date;
|
|
157
|
-
createdAt: Date;
|
|
158
|
-
}
|
|
159
|
-
interface IVerify2faRequest {
|
|
160
|
-
otp: string;
|
|
161
|
-
method?: NestAuthMFAMethodEnum;
|
|
162
|
-
trustDevice?: boolean;
|
|
163
|
-
}
|
|
164
|
-
interface IVerify2faResponse {
|
|
165
|
-
accessToken: string;
|
|
166
|
-
refreshToken: string;
|
|
167
|
-
message?: string;
|
|
168
|
-
trustToken?: string;
|
|
169
|
-
user?: {
|
|
170
|
-
id: string;
|
|
171
|
-
email?: string;
|
|
172
|
-
phone?: string;
|
|
173
|
-
isVerified?: boolean;
|
|
174
|
-
isMfaEnabled?: boolean;
|
|
175
|
-
roles?: string[];
|
|
176
|
-
permissions?: string[];
|
|
177
|
-
metadata?: Record<string, any>;
|
|
178
|
-
tenantId?: string;
|
|
179
|
-
};
|
|
180
|
-
}
|
|
181
|
-
interface ISendMfaCodeRequest {
|
|
182
|
-
method: NestAuthMFAMethodEnum;
|
|
183
|
-
}
|
|
184
|
-
interface IToggleMfaRequest {
|
|
185
|
-
enabled: boolean;
|
|
186
|
-
}
|
|
187
|
-
interface IVerifyTotpSetupRequest {
|
|
188
|
-
otp: string;
|
|
189
|
-
secret: string;
|
|
190
|
-
}
|
|
191
|
-
interface IMfaDevice {
|
|
192
|
-
id: string;
|
|
193
|
-
deviceName: string;
|
|
194
|
-
method: NestAuthMFAMethodEnum;
|
|
195
|
-
lastUsedAt?: Date | string | null;
|
|
196
|
-
verified: boolean;
|
|
197
|
-
createdAt?: Date | string | null;
|
|
198
|
-
}
|
|
199
|
-
interface IMfaStatusResponse {
|
|
200
|
-
isEnabled: boolean;
|
|
201
|
-
verifiedMethods: NestAuthMFAMethodEnum[];
|
|
202
|
-
configuredMethods: NestAuthMFAMethodEnum[];
|
|
203
|
-
allowUserToggle: boolean;
|
|
204
|
-
allowMethodSelection: boolean;
|
|
205
|
-
totpDevices: IMfaDevice[];
|
|
206
|
-
hasRecoveryCode: boolean;
|
|
207
|
-
required?: boolean;
|
|
208
|
-
canToggle?: boolean;
|
|
209
|
-
}
|
|
210
|
-
interface IMfaCodeResponse {
|
|
211
|
-
code: string;
|
|
212
|
-
expiresAt: Date | string;
|
|
213
|
-
used: boolean;
|
|
214
|
-
warning?: string;
|
|
215
|
-
}
|
|
216
|
-
interface ITotpSetupResponse {
|
|
217
|
-
secret: string;
|
|
218
|
-
qrCode: string;
|
|
219
|
-
otpAuthUrl: string;
|
|
220
|
-
}
|
|
221
|
-
|
|
222
294
|
interface IForgotPasswordRequest {
|
|
223
295
|
email?: string;
|
|
224
296
|
phone?: string;
|
|
@@ -317,9 +389,16 @@ interface ITenantOption {
|
|
|
317
389
|
isActive: boolean;
|
|
318
390
|
metadata?: Record<string, any>;
|
|
319
391
|
}
|
|
392
|
+
interface INestAuthTenantOptions {
|
|
393
|
+
enabled?: boolean;
|
|
394
|
+
mode?: TenantModeEnum;
|
|
395
|
+
}
|
|
396
|
+
declare enum TenantModeEnum {
|
|
397
|
+
ISOLATED = "isolated",
|
|
398
|
+
SHARED = "shared"
|
|
399
|
+
}
|
|
320
400
|
interface ITenantsConfig {
|
|
321
|
-
mode:
|
|
322
|
-
defaultTenantId: string | null;
|
|
401
|
+
mode: TenantModeEnum;
|
|
323
402
|
options?: ITenantOption[];
|
|
324
403
|
}
|
|
325
404
|
interface ISsoProviderConfig {
|
|
@@ -341,56 +420,4 @@ interface IUiConfig {
|
|
|
341
420
|
backgroundImageUrl?: string;
|
|
342
421
|
}
|
|
343
422
|
|
|
344
|
-
|
|
345
|
-
id: string;
|
|
346
|
-
email?: string;
|
|
347
|
-
emailVerifiedAt?: Date;
|
|
348
|
-
phone?: string;
|
|
349
|
-
phoneVerifiedAt?: Date;
|
|
350
|
-
passwordHash?: string;
|
|
351
|
-
isVerified: boolean;
|
|
352
|
-
isActive: boolean;
|
|
353
|
-
metadata?: Record<string, any>;
|
|
354
|
-
tenantId?: string;
|
|
355
|
-
isMfaEnabled: boolean;
|
|
356
|
-
mfaRecoveryCode?: string;
|
|
357
|
-
emailTenant?: string;
|
|
358
|
-
phoneTenant?: string;
|
|
359
|
-
createdAt: Date;
|
|
360
|
-
updatedAt: Date;
|
|
361
|
-
}
|
|
362
|
-
interface INestAuthRole {
|
|
363
|
-
id: string;
|
|
364
|
-
name: string;
|
|
365
|
-
guard: string;
|
|
366
|
-
tenantId?: string;
|
|
367
|
-
isSystem: boolean;
|
|
368
|
-
isActive: boolean;
|
|
369
|
-
permissions: string[];
|
|
370
|
-
createdAt: Date;
|
|
371
|
-
updatedAt: Date;
|
|
372
|
-
}
|
|
373
|
-
interface INestAuthPermission {
|
|
374
|
-
id: string;
|
|
375
|
-
name: string;
|
|
376
|
-
guard: string;
|
|
377
|
-
description?: string;
|
|
378
|
-
category?: string;
|
|
379
|
-
metadata?: Record<string, any>;
|
|
380
|
-
createdAt: Date;
|
|
381
|
-
updatedAt: Date;
|
|
382
|
-
}
|
|
383
|
-
|
|
384
|
-
interface INestAuthTenant {
|
|
385
|
-
id: string;
|
|
386
|
-
name: string;
|
|
387
|
-
slug: string;
|
|
388
|
-
domain?: string;
|
|
389
|
-
description?: string;
|
|
390
|
-
metadata?: Record<string, any>;
|
|
391
|
-
isActive: boolean;
|
|
392
|
-
createdAt: Date;
|
|
393
|
-
updatedAt: Date;
|
|
394
|
-
}
|
|
395
|
-
|
|
396
|
-
export { type IAdminUser, type IAuthCookieResponse, type IAuthResponse, type IAuthSession, type IAuthSuccessResponse, type IAuthUser, type IChangePasswordRequest, type IEmailAuthConfig, type IEmailCredentials, type IForgotPasswordRequest, type IInitializeAdminRequest, type IInitializeAdminResponse, type ILoginCredentials, type ILoginRequest, type IMessageResponse, type IMfaCodeResponse, type IMfaConfig, type IMfaDevice, type IMfaStatusResponse, type INestAuthAccessKey, type INestAuthIdentity, type INestAuthMFASecret, type INestAuthOTP, type INestAuthPermission, type INestAuthRole, type INestAuthSession, type INestAuthTenant, type INestAuthTrustedDevice, type INestAuthUser, type IPhoneAuthConfig, type IPhoneCredentials, type IProfileField, type IProfileFieldOption, type IRefreshRequest, type IRegistrationConfig, type IResendVerificationRequest, type IResetPasswordWithTokenRequest, type ISendEmailVerificationRequest, type ISendMfaCodeRequest, type ISessionVerifyResponse, type ISignupRequest, type ISocialCredentials, type ISsoConfig, type ISsoProviderConfig, type ITenantOption, type ITenantsConfig, type IToggleMfaRequest, type ITokenPair, type ITokensResponse, type ITotpSetupResponse, type IUiConfig, type IUserResponse, type IVerify2faRequest, type IVerify2faResponse, type IVerifyEmailRequest, type IVerifyForgotPasswordOtpRequest, type IVerifyOtpResponse, type IVerifyTotpSetupRequest, NestAuthMFAMethodEnum, NestAuthOTPTypeEnum };
|
|
423
|
+
export { type IAdminUser, type IAuthCookieResponse, type IAuthResponse, type IAuthSession, type IAuthSuccessResponse, type IAuthUser, type IChangePasswordRequest, type IEmailAuthConfig, type IEmailCredentials, type IForgotPasswordRequest, type IInitializeAdminRequest, type IInitializeAdminResponse, type ILoginCredentials, type ILoginRequest, type IMessageResponse, type IMfaCodeResponse, type IMfaConfig, type IMfaDevice, type IMfaStatusResponse, type INestAuthAccessKey, type INestAuthIdentity, type INestAuthMFASecret, type INestAuthOTP, type INestAuthPermission, type INestAuthRole, type INestAuthSession, type INestAuthTenant, type INestAuthTenantOptions, type INestAuthTrustedDevice, type INestAuthUser, type INestAuthUserAccess, type IPhoneAuthConfig, type IPhoneCredentials, type IProfileField, type IProfileFieldOption, type IRefreshRequest, type IRegistrationConfig, type IResendVerificationRequest, type IResetPasswordWithTokenRequest, type ISendEmailVerificationRequest, type ISendMfaCodeRequest, type ISessionVerifyResponse, type ISignupRequest, type ISocialCredentials, type ISsoConfig, type ISsoProviderConfig, type ISwitchTenantRequest, type ITenantOption, type ITenantsConfig, type IToggleMfaRequest, type ITokenPair, type ITokensResponse, type ITotpSetupResponse, type IUiConfig, type IUserResponse, type IVerify2faRequest, type IVerify2faResponse, type IVerifyEmailRequest, type IVerifyForgotPasswordOtpRequest, type IVerifyOtpResponse, type IVerifyTotpSetupRequest, NestAuthMFAMethodEnum, NestAuthOTPTypeEnum, TenantModeEnum };
|
package/dist/index.js
CHANGED
|
@@ -11,8 +11,16 @@ var NestAuthMFAMethodEnum = /* @__PURE__ */ ((NestAuthMFAMethodEnum2) => {
|
|
|
11
11
|
NestAuthMFAMethodEnum2["TOTP"] = "totp";
|
|
12
12
|
return NestAuthMFAMethodEnum2;
|
|
13
13
|
})(NestAuthMFAMethodEnum || {});
|
|
14
|
+
|
|
15
|
+
// src/config.ts
|
|
16
|
+
var TenantModeEnum = /* @__PURE__ */ ((TenantModeEnum2) => {
|
|
17
|
+
TenantModeEnum2["ISOLATED"] = "isolated";
|
|
18
|
+
TenantModeEnum2["SHARED"] = "shared";
|
|
19
|
+
return TenantModeEnum2;
|
|
20
|
+
})(TenantModeEnum || {});
|
|
14
21
|
export {
|
|
15
22
|
NestAuthMFAMethodEnum,
|
|
16
|
-
NestAuthOTPTypeEnum
|
|
23
|
+
NestAuthOTPTypeEnum,
|
|
24
|
+
TenantModeEnum
|
|
17
25
|
};
|
|
18
26
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/auth.ts"],"sourcesContent":["/**\n * Auth Types\n * Contains: Login/Signup/Token types + Auth Entities (Session, Identity, AccessKey, OTP)\n */\n\n// OTP Type Enum\nexport enum NestAuthOTPTypeEnum {\n PASSWORD_RESET = 'password_reset',\n VERIFICATION = 'verification',\n MFA = 'mfa',\n}\n\n// MFA Method Enum (Needed for AuthResponse and others)\nexport enum NestAuthMFAMethodEnum {\n EMAIL = 'email',\n SMS = 'sms',\n TOTP = 'totp',\n}\n\n// --- Entity Interfaces ---\n\nexport interface INestAuthIdentity {\n id: string;\n provider: string;\n providerId: string;\n metadata?: Record<string, any>;\n userId: string;\n createdAt: Date;\n updatedAt: Date;\n}\n\nexport interface INestAuthSession {\n id: string;\n userId: string;\n data?: any;\n refreshToken?: string;\n expiresAt?: Date;\n userAgent?: string;\n deviceName?: string;\n ipAddress?: string;\n lastActive?: Date;\n createdAt?: Date;\n updatedAt?: Date;\n}\n\nexport interface INestAuthAccessKey {\n id: string;\n name: string;\n publicKey: string;\n privateKey: string;\n description?: string;\n isActive: boolean;\n expiresAt?: Date;\n lastUsedAt?: Date;\n userId: string;\n createdAt: Date;\n updatedAt: Date;\n}\n\nexport interface INestAuthOTP {\n id: string;\n userId: string;\n code: string;\n type: NestAuthOTPTypeEnum;\n expiresAt: Date;\n used: boolean;\n createdAt: Date;\n updatedAt: Date;\n}\n\n// --- Request/Response Interfaces ---\n\nexport interface IEmailCredentials {\n email: string;\n password: string;\n}\n\nexport interface IPhoneCredentials {\n phone: string;\n password: string;\n}\n\nexport interface ISocialCredentials {\n token: string;\n}\n\nexport type ILoginCredentials = IEmailCredentials | IPhoneCredentials | ISocialCredentials | Record<string, any>;\n\nexport interface ILoginRequest {\n providerName?: 'email' | 'phone' | 'google' | 'facebook' | 'apple' | 'github' | string;\n credentials: ILoginCredentials;\n tenantId?: string;\n createUserIfNotExists?: boolean;\n}\n\nexport interface ISignupRequest {\n email?: string;\n phone?: string;\n password: string;\n tenantId?: string;\n [key: string]: any;\n}\n\nexport interface IRefreshRequest {\n refreshToken?: string;\n}\n\nexport interface ITokenPair {\n accessToken: string;\n refreshToken: string;\n}\n\nexport interface IAuthUser {\n id: string;\n email?: string;\n phone?: string;\n isVerified?: boolean;\n isMfaEnabled?: boolean;\n roles?: string[];\n permissions?: string[];\n metadata?: Record<string, any>;\n
|
|
1
|
+
{"version":3,"sources":["../src/auth.ts","../src/config.ts"],"sourcesContent":["/**\n * Auth Types\n * Contains: Login/Signup/Token types + Auth Entities (Session, Identity, AccessKey, OTP)\n */\n\nimport type { INestAuthTenant, INestAuthUserAccess } from './tenant';\n\n// OTP Type Enum\nexport enum NestAuthOTPTypeEnum {\n PASSWORD_RESET = 'password_reset',\n VERIFICATION = 'verification',\n MFA = 'mfa',\n}\n\n// MFA Method Enum (Needed for AuthResponse and others)\nexport enum NestAuthMFAMethodEnum {\n EMAIL = 'email',\n SMS = 'sms',\n TOTP = 'totp',\n}\n\n// --- Entity Interfaces ---\n\nexport interface INestAuthIdentity {\n id: string;\n provider: string;\n providerId: string;\n metadata?: Record<string, any>;\n userId: string;\n createdAt: Date;\n updatedAt: Date;\n}\n\nexport interface INestAuthSession {\n id: string;\n userId: string;\n data?: any;\n refreshToken?: string;\n expiresAt?: Date;\n userAgent?: string;\n deviceName?: string;\n ipAddress?: string;\n lastActive?: Date;\n createdAt?: Date;\n updatedAt?: Date;\n}\n\nexport interface INestAuthAccessKey {\n id: string;\n name: string;\n publicKey: string;\n privateKey: string;\n description?: string;\n isActive: boolean;\n expiresAt?: Date;\n lastUsedAt?: Date;\n userId: string;\n createdAt: Date;\n updatedAt: Date;\n}\n\nexport interface INestAuthOTP {\n id: string;\n userId: string;\n code: string;\n type: NestAuthOTPTypeEnum;\n expiresAt: Date;\n used: boolean;\n createdAt: Date;\n updatedAt: Date;\n}\n\n// --- Request/Response Interfaces ---\n\nexport interface IEmailCredentials {\n email: string;\n password: string;\n}\n\nexport interface IPhoneCredentials {\n phone: string;\n password: string;\n}\n\nexport interface ISocialCredentials {\n token: string;\n}\n\nexport type ILoginCredentials = IEmailCredentials | IPhoneCredentials | ISocialCredentials | Record<string, any>;\n\nexport interface ILoginRequest {\n providerName?: 'email' | 'phone' | 'google' | 'facebook' | 'apple' | 'github' | string;\n credentials: ILoginCredentials;\n tenantId?: string;\n createUserIfNotExists?: boolean;\n}\n\nexport interface ISignupRequest {\n email?: string;\n phone?: string;\n password: string;\n tenantId?: string;\n [key: string]: any;\n}\n\nexport interface IRefreshRequest {\n refreshToken?: string;\n}\n\nexport interface ISwitchTenantRequest {\n tenantId: string;\n}\n\nexport interface ITokenPair {\n accessToken: string;\n refreshToken: string;\n}\n\nexport interface IAuthUser {\n id: string;\n email?: string;\n phone?: string;\n isVerified?: boolean;\n isMfaEnabled?: boolean;\n roles?: string[];\n permissions?: string[];\n metadata?: Record<string, any>;\n userAccesses?: INestAuthUserAccess[];\n}\n\nexport interface IAuthResponse extends ITokenPair {\n message?: string;\n isRequiresMfa?: boolean;\n mfaMethods?: NestAuthMFAMethodEnum[];\n defaultMfaMethod?: NestAuthMFAMethodEnum;\n user?: IAuthUser;\n}\n\nexport interface IAuthSession {\n id: string;\n userId: string;\n expiresAt: string;\n createdAt: string;\n}\n\nexport interface IMessageResponse {\n message: string;\n}\n\nexport interface IAuthCookieResponse {\n message: string;\n isRequiresMfa?: boolean;\n}\n\nexport interface IAuthSuccessResponse {\n message: string;\n isRequiresMfa?: boolean;\n}\n\nexport interface IUserResponse {\n id: string;\n email?: string;\n phone?: string;\n isVerified?: boolean;\n isMfaEnabled?: boolean;\n roles?: string[];\n permissions?: string[];\n metadata?: Record<string, any>;\n tenantId?: string;\n tenants?: INestAuthTenant[];\n}\n\nexport interface ITokensResponse {\n accessToken: string;\n refreshToken: string;\n}\n","/**\n * Config Types\n * Client configuration response types\n */\n\nimport { NestAuthMFAMethodEnum } from './auth';\n\nexport interface IEmailAuthConfig {\n enabled: boolean;\n}\n\nexport interface IPhoneAuthConfig {\n enabled: boolean;\n}\n\nexport interface IProfileFieldOption {\n label: string;\n value: string;\n}\n\nexport interface IProfileField {\n id: string;\n label: string;\n required?: boolean;\n type?: 'text' | 'email' | 'phone' | 'select' | 'checkbox' | 'password';\n placeholder?: string;\n options?: IProfileFieldOption[];\n}\n\nexport interface IRegistrationConfig {\n enabled: boolean;\n requireInvitation?: boolean;\n collectProfileFields?: IProfileField[];\n}\n\nexport interface IMfaConfig {\n enabled: boolean;\n methods?: NestAuthMFAMethodEnum[];\n allowUserToggle?: boolean;\n allowMethodSelection?: boolean;\n}\n\nexport interface ITenantOption {\n id: string;\n name: string;\n slug: string;\n isActive: boolean;\n metadata?: Record<string, any>;\n}\n\n/**\n * Tenant support configuration.\n * - enabled: false → no tenant checks; auth works without tenant (future-safe: entities remain).\n * - enabled: true → multi-tenant is on; tenant is required; mode controls behavior:\n * - ISOLATED: one tenant per user (user belongs to one tenant).\n * - SHARED: user can belong to multiple tenants; active tenant from header/subdomain/JWT/custom.\n */\nexport interface INestAuthTenantOptions {\n /** When false, tenant resolution and validation are disabled. When true, multi-tenant is enabled and tenant is required. Default: false. */\n enabled?: boolean;\n /** When enabled, use ISOLATED (one tenant per user) or SHARED (multiple tenants per user). Default: ISOLATED. */\n mode?: TenantModeEnum;\n}\n\nexport enum TenantModeEnum {\n ISOLATED = 'isolated',\n SHARED = 'shared',\n}\n\nexport interface ITenantsConfig {\n mode: TenantModeEnum;\n options?: ITenantOption[];\n}\n\nexport interface ISsoProviderConfig {\n id: string;\n name: string;\n logoUrl?: string;\n authorizationUrl?: string;\n clientId?: string;\n hint?: string;\n}\n\nexport interface ISsoConfig {\n enabled: boolean;\n providers?: ISsoProviderConfig[];\n}\n\nexport interface IUiConfig {\n brandName?: string;\n brandColor?: string;\n logoUrl?: string;\n backgroundImageUrl?: string;\n}\n"],"mappings":";AAQO,IAAK,sBAAL,kBAAKA,yBAAL;AACH,EAAAA,qBAAA,oBAAiB;AACjB,EAAAA,qBAAA,kBAAe;AACf,EAAAA,qBAAA,SAAM;AAHE,SAAAA;AAAA,GAAA;AAOL,IAAK,wBAAL,kBAAKC,2BAAL;AACH,EAAAA,uBAAA,WAAQ;AACR,EAAAA,uBAAA,SAAM;AACN,EAAAA,uBAAA,UAAQ;AAHA,SAAAA;AAAA,GAAA;;;ACiDL,IAAK,iBAAL,kBAAKC,oBAAL;AACH,EAAAA,gBAAA,cAAW;AACX,EAAAA,gBAAA,YAAS;AAFD,SAAAA;AAAA,GAAA;","names":["NestAuthOTPTypeEnum","NestAuthMFAMethodEnum","TenantModeEnum"]}
|