@ackplus/nest-auth-contracts 1.1.68 → 1.1.69-beta.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +11 -2
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +192 -139
- package/dist/index.d.ts +192 -139
- package/dist/index.js +9 -1
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.cjs
CHANGED
|
@@ -20,7 +20,8 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
|
|
|
20
20
|
var index_exports = {};
|
|
21
21
|
__export(index_exports, {
|
|
22
22
|
NestAuthMFAMethodEnum: () => NestAuthMFAMethodEnum,
|
|
23
|
-
NestAuthOTPTypeEnum: () => NestAuthOTPTypeEnum
|
|
23
|
+
NestAuthOTPTypeEnum: () => NestAuthOTPTypeEnum,
|
|
24
|
+
TenantModeEnum: () => TenantModeEnum
|
|
24
25
|
});
|
|
25
26
|
module.exports = __toCommonJS(index_exports);
|
|
26
27
|
|
|
@@ -37,9 +38,17 @@ var NestAuthMFAMethodEnum = /* @__PURE__ */ ((NestAuthMFAMethodEnum2) => {
|
|
|
37
38
|
NestAuthMFAMethodEnum2["TOTP"] = "totp";
|
|
38
39
|
return NestAuthMFAMethodEnum2;
|
|
39
40
|
})(NestAuthMFAMethodEnum || {});
|
|
41
|
+
|
|
42
|
+
// src/config.ts
|
|
43
|
+
var TenantModeEnum = /* @__PURE__ */ ((TenantModeEnum2) => {
|
|
44
|
+
TenantModeEnum2["ISOLATED"] = "isolated";
|
|
45
|
+
TenantModeEnum2["SHARED"] = "shared";
|
|
46
|
+
return TenantModeEnum2;
|
|
47
|
+
})(TenantModeEnum || {});
|
|
40
48
|
// Annotate the CommonJS export names for ESM import in node:
|
|
41
49
|
0 && (module.exports = {
|
|
42
50
|
NestAuthMFAMethodEnum,
|
|
43
|
-
NestAuthOTPTypeEnum
|
|
51
|
+
NestAuthOTPTypeEnum,
|
|
52
|
+
TenantModeEnum
|
|
44
53
|
});
|
|
45
54
|
//# sourceMappingURL=index.cjs.map
|
package/dist/index.cjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/index.ts","../src/auth.ts"],"sourcesContent":["/**\n * @libs/auth-s - Shared authentication s\n */\n\n// Auth s (from auth.ts)\nexport {\n NestAuthMFAMethodEnum,\n NestAuthOTPTypeEnum,\n IEmailCredentials,\n IPhoneCredentials,\n ISocialCredentials,\n ILoginCredentials,\n ILoginRequest,\n ISignupRequest,\n IRefreshRequest,\n ITokenPair,\n IAuthResponse,\n IAuthUser,\n IAuthSession,\n IMessageResponse,\n IAuthCookieResponse,\n IAuthSuccessResponse,\n IUserResponse,\n ITokensResponse,\n // Entities\n INestAuthIdentity,\n INestAuthSession,\n INestAuthAccessKey,\n INestAuthOTP,\n} from './auth';\n\n// MFA (from mfa.ts)\nexport {\n IVerify2faRequest,\n IVerify2faResponse,\n ISendMfaCodeRequest,\n IToggleMfaRequest,\n IVerifyTotpSetupRequest,\n IMfaDevice,\n IMfaStatusResponse,\n IMfaCodeResponse,\n ITotpSetupResponse,\n // Entities\n INestAuthMFASecret,\n INestAuthTrustedDevice,\n} from './mfa';\n\n// Password\nexport {\n IForgotPasswordRequest,\n IResetPasswordWithTokenRequest,\n IChangePasswordRequest,\n IVerifyForgotPasswordOtpRequest,\n IVerifyOtpResponse,\n} from './password';\n\n// Verification\nexport {\n IVerifyEmailRequest,\n IResendVerificationRequest,\n ISendEmailVerificationRequest,\n ISessionVerifyResponse,\n} from './verification';\n\n// Admin\nexport {\n IInitializeAdminRequest,\n IInitializeAdminResponse,\n IAdminUser,\n} from './admin';\n\n// Config\nexport {\n IEmailAuthConfig,\n IPhoneAuthConfig,\n IProfileFieldOption,\n IProfileField,\n IRegistrationConfig,\n IMfaConfig,\n ITenantOption,\n ITenantsConfig,\n ISsoProviderConfig,\n ISsoConfig,\n IUiConfig
|
|
1
|
+
{"version":3,"sources":["../src/index.ts","../src/auth.ts","../src/config.ts"],"sourcesContent":["/**\n * @libs/auth-s - Shared authentication s\n */\n\n// Auth s (from auth.ts)\nexport {\n NestAuthMFAMethodEnum,\n NestAuthOTPTypeEnum,\n IEmailCredentials,\n IPhoneCredentials,\n ISocialCredentials,\n ILoginCredentials,\n ILoginRequest,\n ISignupRequest,\n IRefreshRequest,\n ISwitchTenantRequest,\n ITokenPair,\n IAuthResponse,\n IAuthUser,\n IAuthSession,\n IMessageResponse,\n IAuthCookieResponse,\n IAuthSuccessResponse,\n IUserResponse,\n ITokensResponse,\n // Entities\n INestAuthIdentity,\n INestAuthSession,\n INestAuthAccessKey,\n INestAuthOTP,\n} from './auth';\n\n// MFA (from mfa.ts)\nexport {\n IVerify2faRequest,\n IVerify2faResponse,\n ISendMfaCodeRequest,\n IToggleMfaRequest,\n IVerifyTotpSetupRequest,\n IMfaDevice,\n IMfaStatusResponse,\n IMfaCodeResponse,\n ITotpSetupResponse,\n // Entities\n INestAuthMFASecret,\n INestAuthTrustedDevice,\n} from './mfa';\n\n// Password\nexport {\n IForgotPasswordRequest,\n IResetPasswordWithTokenRequest,\n IChangePasswordRequest,\n IVerifyForgotPasswordOtpRequest,\n IVerifyOtpResponse,\n} from './password';\n\n// Verification\nexport {\n IVerifyEmailRequest,\n IResendVerificationRequest,\n ISendEmailVerificationRequest,\n ISessionVerifyResponse,\n} from './verification';\n\n// Admin\nexport {\n IInitializeAdminRequest,\n IInitializeAdminResponse,\n IAdminUser,\n} from './admin';\n\n// Config\nexport {\n IEmailAuthConfig,\n IPhoneAuthConfig,\n IProfileFieldOption,\n IProfileField,\n IRegistrationConfig,\n IMfaConfig,\n ITenantOption,\n ITenantsConfig,\n ISsoProviderConfig,\n ISsoConfig,\n IUiConfig,\n TenantModeEnum,\n INestAuthTenantOptions,\n} from './config';\n\n// User & Role (from user.ts)\nexport {\n INestAuthUser,\n} from './user';\n\n// Role & Permission (from role.ts)\nexport {\n INestAuthRoleTenant,\n INestAuthRole,\n INestAuthPermission,\n ICreateRoleInput,\n IUpdateRoleInput,\n IUpdatePermissionInput,\n IRoleResponse,\n} from './role';\n\n// Tenant (from tenant.ts)\nexport {\n INestAuthTenant,\n INestAuthUserAccess,\n} from './tenant';\n","/**\n * Auth Types\n * Contains: Login/Signup/Token types + Auth Entities (Session, Identity, AccessKey, OTP)\n */\n\nimport type { INestAuthTenant, INestAuthUserAccess } from './tenant';\n\n// OTP Type Enum\nexport enum NestAuthOTPTypeEnum {\n PASSWORD_RESET = 'password_reset',\n VERIFICATION = 'verification',\n MFA = 'mfa',\n}\n\n// MFA Method Enum (Needed for AuthResponse and others)\nexport enum NestAuthMFAMethodEnum {\n EMAIL = 'email',\n SMS = 'sms',\n TOTP = 'totp',\n}\n\n// --- Entity Interfaces ---\n\nexport interface INestAuthIdentity {\n id: string;\n provider: string;\n providerId: string;\n metadata?: Record<string, any>;\n userId: string;\n createdAt: Date;\n updatedAt: Date;\n}\n\nexport interface INestAuthSession {\n id: string;\n userId: string;\n data?: any;\n refreshToken?: string;\n expiresAt?: Date;\n userAgent?: string;\n deviceName?: string;\n ipAddress?: string;\n lastActive?: Date;\n createdAt?: Date;\n updatedAt?: Date;\n}\n\nexport interface INestAuthAccessKey {\n id: string;\n name: string;\n publicKey: string;\n privateKey: string;\n description?: string;\n isActive: boolean;\n expiresAt?: Date;\n lastUsedAt?: Date;\n userId: string;\n createdAt: Date;\n updatedAt: Date;\n}\n\nexport interface INestAuthOTP {\n id: string;\n userId: string;\n code: string;\n type: NestAuthOTPTypeEnum;\n expiresAt: Date;\n used: boolean;\n createdAt: Date;\n updatedAt: Date;\n}\n\n// --- Request/Response Interfaces ---\n\nexport interface IEmailCredentials {\n email: string;\n password: string;\n}\n\nexport interface IPhoneCredentials {\n phone: string;\n password: string;\n}\n\nexport interface ISocialCredentials {\n token: string;\n}\n\nexport type ILoginCredentials = IEmailCredentials | IPhoneCredentials | ISocialCredentials | Record<string, any>;\n\nexport interface ILoginRequest {\n providerName?: 'email' | 'phone' | 'google' | 'facebook' | 'apple' | 'github' | string;\n credentials: ILoginCredentials;\n tenantId?: string;\n createUserIfNotExists?: boolean;\n}\n\nexport interface ISignupRequest {\n email?: string;\n phone?: string;\n password: string;\n tenantId?: string;\n [key: string]: any;\n}\n\nexport interface IRefreshRequest {\n refreshToken?: string;\n}\n\nexport interface ISwitchTenantRequest {\n tenantId: string;\n}\n\nexport interface ITokenPair {\n accessToken: string;\n refreshToken: string;\n}\n\nexport interface IAuthUser {\n id: string;\n email?: string;\n phone?: string;\n isVerified?: boolean;\n isMfaEnabled?: boolean;\n roles?: string[];\n permissions?: string[];\n metadata?: Record<string, any>;\n userAccesses?: INestAuthUserAccess[];\n}\n\nexport interface IAuthResponse extends ITokenPair {\n message?: string;\n isRequiresMfa?: boolean;\n mfaMethods?: NestAuthMFAMethodEnum[];\n defaultMfaMethod?: NestAuthMFAMethodEnum;\n user?: IAuthUser;\n}\n\nexport interface IAuthSession {\n id: string;\n userId: string;\n expiresAt: string;\n createdAt: string;\n}\n\nexport interface IMessageResponse {\n message: string;\n}\n\nexport interface IAuthCookieResponse {\n message: string;\n isRequiresMfa?: boolean;\n}\n\nexport interface IAuthSuccessResponse {\n message: string;\n isRequiresMfa?: boolean;\n}\n\nexport interface IUserResponse {\n id: string;\n email?: string;\n phone?: string;\n isVerified?: boolean;\n isMfaEnabled?: boolean;\n roles?: string[];\n permissions?: string[];\n metadata?: Record<string, any>;\n tenantId?: string;\n tenants?: INestAuthTenant[];\n}\n\nexport interface ITokensResponse {\n accessToken: string;\n refreshToken: string;\n}\n","/**\n * Config Types\n * Client configuration response types\n */\n\nimport { NestAuthMFAMethodEnum } from './auth';\n\nexport interface IEmailAuthConfig {\n enabled: boolean;\n}\n\nexport interface IPhoneAuthConfig {\n enabled: boolean;\n}\n\nexport interface IProfileFieldOption {\n label: string;\n value: string;\n}\n\nexport interface IProfileField {\n id: string;\n label: string;\n required?: boolean;\n type?: 'text' | 'email' | 'phone' | 'select' | 'checkbox' | 'password';\n placeholder?: string;\n options?: IProfileFieldOption[];\n}\n\nexport interface IRegistrationConfig {\n enabled: boolean;\n requireInvitation?: boolean;\n collectProfileFields?: IProfileField[];\n}\n\nexport interface IMfaConfig {\n enabled: boolean;\n methods?: NestAuthMFAMethodEnum[];\n allowUserToggle?: boolean;\n allowMethodSelection?: boolean;\n}\n\nexport interface ITenantOption {\n id: string;\n name: string;\n slug: string;\n isActive: boolean;\n metadata?: Record<string, any>;\n}\n\n/**\n * Tenant support configuration.\n * - enabled: false → no tenant checks; auth works without tenant (future-safe: entities remain).\n * - enabled: true → multi-tenant is on; tenant is required; mode controls behavior:\n * - ISOLATED: one tenant per user (user belongs to one tenant).\n * - SHARED: user can belong to multiple tenants; active tenant from header/subdomain/JWT/custom.\n */\nexport interface INestAuthTenantOptions {\n /** When false, tenant resolution and validation are disabled. When true, multi-tenant is enabled and tenant is required. Default: false. */\n enabled?: boolean;\n /** When enabled, use ISOLATED (one tenant per user) or SHARED (multiple tenants per user). Default: ISOLATED. */\n mode?: TenantModeEnum;\n}\n\nexport enum TenantModeEnum {\n ISOLATED = 'isolated',\n SHARED = 'shared',\n}\n\nexport interface ITenantsConfig {\n mode: TenantModeEnum;\n options?: ITenantOption[];\n}\n\nexport interface ISsoProviderConfig {\n id: string;\n name: string;\n logoUrl?: string;\n authorizationUrl?: string;\n clientId?: string;\n hint?: string;\n}\n\nexport interface ISsoConfig {\n enabled: boolean;\n providers?: ISsoProviderConfig[];\n}\n\nexport interface IUiConfig {\n brandName?: string;\n brandColor?: string;\n logoUrl?: string;\n backgroundImageUrl?: string;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACQO,IAAK,sBAAL,kBAAKA,yBAAL;AACH,EAAAA,qBAAA,oBAAiB;AACjB,EAAAA,qBAAA,kBAAe;AACf,EAAAA,qBAAA,SAAM;AAHE,SAAAA;AAAA,GAAA;AAOL,IAAK,wBAAL,kBAAKC,2BAAL;AACH,EAAAA,uBAAA,WAAQ;AACR,EAAAA,uBAAA,SAAM;AACN,EAAAA,uBAAA,UAAQ;AAHA,SAAAA;AAAA,GAAA;;;ACiDL,IAAK,iBAAL,kBAAKC,oBAAL;AACH,EAAAA,gBAAA,cAAW;AACX,EAAAA,gBAAA,YAAS;AAFD,SAAAA;AAAA,GAAA;","names":["NestAuthOTPTypeEnum","NestAuthMFAMethodEnum","TenantModeEnum"]}
|
package/dist/index.d.cts
CHANGED
|
@@ -1,3 +1,180 @@
|
|
|
1
|
+
interface INestAuthRoleTenant {
|
|
2
|
+
id: string;
|
|
3
|
+
name: string;
|
|
4
|
+
slug: string;
|
|
5
|
+
}
|
|
6
|
+
interface INestAuthRole {
|
|
7
|
+
id: string;
|
|
8
|
+
name: string;
|
|
9
|
+
guard: string;
|
|
10
|
+
tenantId?: string;
|
|
11
|
+
tenant?: INestAuthRoleTenant;
|
|
12
|
+
isSystem: boolean;
|
|
13
|
+
isActive: boolean;
|
|
14
|
+
permissions: string[];
|
|
15
|
+
createdAt: Date;
|
|
16
|
+
updatedAt: Date;
|
|
17
|
+
}
|
|
18
|
+
interface INestAuthPermission {
|
|
19
|
+
id: string;
|
|
20
|
+
name: string;
|
|
21
|
+
guard: string;
|
|
22
|
+
description?: string;
|
|
23
|
+
category?: string;
|
|
24
|
+
metadata?: Record<string, any>;
|
|
25
|
+
createdAt: Date;
|
|
26
|
+
updatedAt: Date;
|
|
27
|
+
}
|
|
28
|
+
interface ICreateRoleInput {
|
|
29
|
+
name: string;
|
|
30
|
+
guard: string;
|
|
31
|
+
tenantId?: string;
|
|
32
|
+
isSystem?: boolean;
|
|
33
|
+
isActive?: boolean;
|
|
34
|
+
permissions: string[];
|
|
35
|
+
}
|
|
36
|
+
interface IUpdateRoleInput {
|
|
37
|
+
name?: string;
|
|
38
|
+
isActive?: boolean;
|
|
39
|
+
permissions?: string[];
|
|
40
|
+
}
|
|
41
|
+
interface IUpdatePermissionInput {
|
|
42
|
+
name?: string;
|
|
43
|
+
category?: string;
|
|
44
|
+
description?: string;
|
|
45
|
+
}
|
|
46
|
+
type IRoleResponse = INestAuthRole;
|
|
47
|
+
|
|
48
|
+
interface INestAuthMFASecret {
|
|
49
|
+
id: string;
|
|
50
|
+
userId: string;
|
|
51
|
+
secret: string;
|
|
52
|
+
verified: boolean;
|
|
53
|
+
deviceName?: string;
|
|
54
|
+
lastUsedAt?: Date;
|
|
55
|
+
createdAt: Date;
|
|
56
|
+
updatedAt: Date;
|
|
57
|
+
}
|
|
58
|
+
interface INestAuthTrustedDevice {
|
|
59
|
+
id: string;
|
|
60
|
+
userId: string;
|
|
61
|
+
token: string;
|
|
62
|
+
userAgent?: string;
|
|
63
|
+
ipAddress?: string;
|
|
64
|
+
expiresAt: Date;
|
|
65
|
+
lastUsedAt?: Date;
|
|
66
|
+
createdAt: Date;
|
|
67
|
+
}
|
|
68
|
+
interface IVerify2faRequest {
|
|
69
|
+
otp: string;
|
|
70
|
+
method?: NestAuthMFAMethodEnum;
|
|
71
|
+
trustDevice?: boolean;
|
|
72
|
+
}
|
|
73
|
+
interface IVerify2faResponse {
|
|
74
|
+
accessToken: string;
|
|
75
|
+
refreshToken: string;
|
|
76
|
+
message?: string;
|
|
77
|
+
trustToken?: string;
|
|
78
|
+
user?: {
|
|
79
|
+
id: string;
|
|
80
|
+
email?: string;
|
|
81
|
+
phone?: string;
|
|
82
|
+
isVerified?: boolean;
|
|
83
|
+
isMfaEnabled?: boolean;
|
|
84
|
+
roles?: string[];
|
|
85
|
+
permissions?: string[];
|
|
86
|
+
metadata?: Record<string, any>;
|
|
87
|
+
tenantId?: string;
|
|
88
|
+
};
|
|
89
|
+
}
|
|
90
|
+
interface ISendMfaCodeRequest {
|
|
91
|
+
method: NestAuthMFAMethodEnum;
|
|
92
|
+
}
|
|
93
|
+
interface IToggleMfaRequest {
|
|
94
|
+
enabled: boolean;
|
|
95
|
+
}
|
|
96
|
+
interface IVerifyTotpSetupRequest {
|
|
97
|
+
otp: string;
|
|
98
|
+
secret: string;
|
|
99
|
+
}
|
|
100
|
+
interface IMfaDevice {
|
|
101
|
+
id: string;
|
|
102
|
+
deviceName: string;
|
|
103
|
+
method: NestAuthMFAMethodEnum;
|
|
104
|
+
lastUsedAt?: Date | string | null;
|
|
105
|
+
verified: boolean;
|
|
106
|
+
createdAt?: Date | string | null;
|
|
107
|
+
}
|
|
108
|
+
interface IMfaStatusResponse {
|
|
109
|
+
isEnabled: boolean;
|
|
110
|
+
verifiedMethods: NestAuthMFAMethodEnum[];
|
|
111
|
+
configuredMethods: NestAuthMFAMethodEnum[];
|
|
112
|
+
allowUserToggle: boolean;
|
|
113
|
+
allowMethodSelection: boolean;
|
|
114
|
+
totpDevices: IMfaDevice[];
|
|
115
|
+
hasRecoveryCode: boolean;
|
|
116
|
+
required?: boolean;
|
|
117
|
+
canToggle?: boolean;
|
|
118
|
+
}
|
|
119
|
+
interface IMfaCodeResponse {
|
|
120
|
+
code: string;
|
|
121
|
+
expiresAt: Date | string;
|
|
122
|
+
used: boolean;
|
|
123
|
+
warning?: string;
|
|
124
|
+
}
|
|
125
|
+
interface ITotpSetupResponse {
|
|
126
|
+
secret: string;
|
|
127
|
+
qrCode: string;
|
|
128
|
+
otpAuthUrl: string;
|
|
129
|
+
}
|
|
130
|
+
|
|
131
|
+
interface INestAuthUser {
|
|
132
|
+
id: string;
|
|
133
|
+
email?: string;
|
|
134
|
+
emailVerifiedAt?: Date;
|
|
135
|
+
phone?: string;
|
|
136
|
+
phoneVerifiedAt?: Date;
|
|
137
|
+
passwordHash?: string;
|
|
138
|
+
isVerified: boolean;
|
|
139
|
+
isActive: boolean;
|
|
140
|
+
metadata?: Record<string, any>;
|
|
141
|
+
isMfaEnabled: boolean;
|
|
142
|
+
mfaRecoveryCode?: string;
|
|
143
|
+
identities?: INestAuthIdentity[];
|
|
144
|
+
mfaSecrets?: INestAuthMFASecret[];
|
|
145
|
+
sessions?: INestAuthSession[];
|
|
146
|
+
otps?: INestAuthOTP[];
|
|
147
|
+
userAccesses?: INestAuthUserAccess[];
|
|
148
|
+
createdAt: Date;
|
|
149
|
+
updatedAt: Date;
|
|
150
|
+
}
|
|
151
|
+
|
|
152
|
+
interface INestAuthTenant {
|
|
153
|
+
id?: string;
|
|
154
|
+
name?: string;
|
|
155
|
+
slug?: string;
|
|
156
|
+
userAccesses?: INestAuthUserAccess[];
|
|
157
|
+
description?: string;
|
|
158
|
+
metadata?: Record<string, any>;
|
|
159
|
+
isActive?: boolean;
|
|
160
|
+
createdAt?: Date;
|
|
161
|
+
updatedAt?: Date;
|
|
162
|
+
}
|
|
163
|
+
interface INestAuthUserAccess {
|
|
164
|
+
id?: string;
|
|
165
|
+
userId?: string;
|
|
166
|
+
tenantId?: string;
|
|
167
|
+
user?: INestAuthUser;
|
|
168
|
+
tenant?: INestAuthTenant;
|
|
169
|
+
roles?: INestAuthRole[];
|
|
170
|
+
isActive?: boolean;
|
|
171
|
+
isDefault?: boolean;
|
|
172
|
+
status?: string;
|
|
173
|
+
metadata?: Record<string, any>;
|
|
174
|
+
createdAt?: Date;
|
|
175
|
+
updatedAt?: Date;
|
|
176
|
+
}
|
|
177
|
+
|
|
1
178
|
declare enum NestAuthOTPTypeEnum {
|
|
2
179
|
PASSWORD_RESET = "password_reset",
|
|
3
180
|
VERIFICATION = "verification",
|
|
@@ -81,6 +258,9 @@ interface ISignupRequest {
|
|
|
81
258
|
interface IRefreshRequest {
|
|
82
259
|
refreshToken?: string;
|
|
83
260
|
}
|
|
261
|
+
interface ISwitchTenantRequest {
|
|
262
|
+
tenantId: string;
|
|
263
|
+
}
|
|
84
264
|
interface ITokenPair {
|
|
85
265
|
accessToken: string;
|
|
86
266
|
refreshToken: string;
|
|
@@ -94,7 +274,7 @@ interface IAuthUser {
|
|
|
94
274
|
roles?: string[];
|
|
95
275
|
permissions?: string[];
|
|
96
276
|
metadata?: Record<string, any>;
|
|
97
|
-
|
|
277
|
+
userAccesses?: INestAuthUserAccess[];
|
|
98
278
|
}
|
|
99
279
|
interface IAuthResponse extends ITokenPair {
|
|
100
280
|
message?: string;
|
|
@@ -130,95 +310,13 @@ interface IUserResponse {
|
|
|
130
310
|
permissions?: string[];
|
|
131
311
|
metadata?: Record<string, any>;
|
|
132
312
|
tenantId?: string;
|
|
313
|
+
tenants?: INestAuthTenant[];
|
|
133
314
|
}
|
|
134
315
|
interface ITokensResponse {
|
|
135
316
|
accessToken: string;
|
|
136
317
|
refreshToken: string;
|
|
137
318
|
}
|
|
138
319
|
|
|
139
|
-
interface INestAuthMFASecret {
|
|
140
|
-
id: string;
|
|
141
|
-
userId: string;
|
|
142
|
-
secret: string;
|
|
143
|
-
verified: boolean;
|
|
144
|
-
deviceName?: string;
|
|
145
|
-
lastUsedAt?: Date;
|
|
146
|
-
createdAt: Date;
|
|
147
|
-
updatedAt: Date;
|
|
148
|
-
}
|
|
149
|
-
interface INestAuthTrustedDevice {
|
|
150
|
-
id: string;
|
|
151
|
-
userId: string;
|
|
152
|
-
token: string;
|
|
153
|
-
userAgent?: string;
|
|
154
|
-
ipAddress?: string;
|
|
155
|
-
expiresAt: Date;
|
|
156
|
-
lastUsedAt?: Date;
|
|
157
|
-
createdAt: Date;
|
|
158
|
-
}
|
|
159
|
-
interface IVerify2faRequest {
|
|
160
|
-
otp: string;
|
|
161
|
-
method?: NestAuthMFAMethodEnum;
|
|
162
|
-
trustDevice?: boolean;
|
|
163
|
-
}
|
|
164
|
-
interface IVerify2faResponse {
|
|
165
|
-
accessToken: string;
|
|
166
|
-
refreshToken: string;
|
|
167
|
-
message?: string;
|
|
168
|
-
trustToken?: string;
|
|
169
|
-
user?: {
|
|
170
|
-
id: string;
|
|
171
|
-
email?: string;
|
|
172
|
-
phone?: string;
|
|
173
|
-
isVerified?: boolean;
|
|
174
|
-
isMfaEnabled?: boolean;
|
|
175
|
-
roles?: string[];
|
|
176
|
-
permissions?: string[];
|
|
177
|
-
metadata?: Record<string, any>;
|
|
178
|
-
tenantId?: string;
|
|
179
|
-
};
|
|
180
|
-
}
|
|
181
|
-
interface ISendMfaCodeRequest {
|
|
182
|
-
method: NestAuthMFAMethodEnum;
|
|
183
|
-
}
|
|
184
|
-
interface IToggleMfaRequest {
|
|
185
|
-
enabled: boolean;
|
|
186
|
-
}
|
|
187
|
-
interface IVerifyTotpSetupRequest {
|
|
188
|
-
otp: string;
|
|
189
|
-
secret: string;
|
|
190
|
-
}
|
|
191
|
-
interface IMfaDevice {
|
|
192
|
-
id: string;
|
|
193
|
-
deviceName: string;
|
|
194
|
-
method: NestAuthMFAMethodEnum;
|
|
195
|
-
lastUsedAt?: Date | string | null;
|
|
196
|
-
verified: boolean;
|
|
197
|
-
createdAt?: Date | string | null;
|
|
198
|
-
}
|
|
199
|
-
interface IMfaStatusResponse {
|
|
200
|
-
isEnabled: boolean;
|
|
201
|
-
verifiedMethods: NestAuthMFAMethodEnum[];
|
|
202
|
-
configuredMethods: NestAuthMFAMethodEnum[];
|
|
203
|
-
allowUserToggle: boolean;
|
|
204
|
-
allowMethodSelection: boolean;
|
|
205
|
-
totpDevices: IMfaDevice[];
|
|
206
|
-
hasRecoveryCode: boolean;
|
|
207
|
-
required?: boolean;
|
|
208
|
-
canToggle?: boolean;
|
|
209
|
-
}
|
|
210
|
-
interface IMfaCodeResponse {
|
|
211
|
-
code: string;
|
|
212
|
-
expiresAt: Date | string;
|
|
213
|
-
used: boolean;
|
|
214
|
-
warning?: string;
|
|
215
|
-
}
|
|
216
|
-
interface ITotpSetupResponse {
|
|
217
|
-
secret: string;
|
|
218
|
-
qrCode: string;
|
|
219
|
-
otpAuthUrl: string;
|
|
220
|
-
}
|
|
221
|
-
|
|
222
320
|
interface IForgotPasswordRequest {
|
|
223
321
|
email?: string;
|
|
224
322
|
phone?: string;
|
|
@@ -317,9 +415,16 @@ interface ITenantOption {
|
|
|
317
415
|
isActive: boolean;
|
|
318
416
|
metadata?: Record<string, any>;
|
|
319
417
|
}
|
|
418
|
+
interface INestAuthTenantOptions {
|
|
419
|
+
enabled?: boolean;
|
|
420
|
+
mode?: TenantModeEnum;
|
|
421
|
+
}
|
|
422
|
+
declare enum TenantModeEnum {
|
|
423
|
+
ISOLATED = "isolated",
|
|
424
|
+
SHARED = "shared"
|
|
425
|
+
}
|
|
320
426
|
interface ITenantsConfig {
|
|
321
|
-
mode:
|
|
322
|
-
defaultTenantId: string | null;
|
|
427
|
+
mode: TenantModeEnum;
|
|
323
428
|
options?: ITenantOption[];
|
|
324
429
|
}
|
|
325
430
|
interface ISsoProviderConfig {
|
|
@@ -341,56 +446,4 @@ interface IUiConfig {
|
|
|
341
446
|
backgroundImageUrl?: string;
|
|
342
447
|
}
|
|
343
448
|
|
|
344
|
-
|
|
345
|
-
id: string;
|
|
346
|
-
email?: string;
|
|
347
|
-
emailVerifiedAt?: Date;
|
|
348
|
-
phone?: string;
|
|
349
|
-
phoneVerifiedAt?: Date;
|
|
350
|
-
passwordHash?: string;
|
|
351
|
-
isVerified: boolean;
|
|
352
|
-
isActive: boolean;
|
|
353
|
-
metadata?: Record<string, any>;
|
|
354
|
-
tenantId?: string;
|
|
355
|
-
isMfaEnabled: boolean;
|
|
356
|
-
mfaRecoveryCode?: string;
|
|
357
|
-
emailTenant?: string;
|
|
358
|
-
phoneTenant?: string;
|
|
359
|
-
createdAt: Date;
|
|
360
|
-
updatedAt: Date;
|
|
361
|
-
}
|
|
362
|
-
interface INestAuthRole {
|
|
363
|
-
id: string;
|
|
364
|
-
name: string;
|
|
365
|
-
guard: string;
|
|
366
|
-
tenantId?: string;
|
|
367
|
-
isSystem: boolean;
|
|
368
|
-
isActive: boolean;
|
|
369
|
-
permissions: string[];
|
|
370
|
-
createdAt: Date;
|
|
371
|
-
updatedAt: Date;
|
|
372
|
-
}
|
|
373
|
-
interface INestAuthPermission {
|
|
374
|
-
id: string;
|
|
375
|
-
name: string;
|
|
376
|
-
guard: string;
|
|
377
|
-
description?: string;
|
|
378
|
-
category?: string;
|
|
379
|
-
metadata?: Record<string, any>;
|
|
380
|
-
createdAt: Date;
|
|
381
|
-
updatedAt: Date;
|
|
382
|
-
}
|
|
383
|
-
|
|
384
|
-
interface INestAuthTenant {
|
|
385
|
-
id: string;
|
|
386
|
-
name: string;
|
|
387
|
-
slug: string;
|
|
388
|
-
domain?: string;
|
|
389
|
-
description?: string;
|
|
390
|
-
metadata?: Record<string, any>;
|
|
391
|
-
isActive: boolean;
|
|
392
|
-
createdAt: Date;
|
|
393
|
-
updatedAt: Date;
|
|
394
|
-
}
|
|
395
|
-
|
|
396
|
-
export { type IAdminUser, type IAuthCookieResponse, type IAuthResponse, type IAuthSession, type IAuthSuccessResponse, type IAuthUser, type IChangePasswordRequest, type IEmailAuthConfig, type IEmailCredentials, type IForgotPasswordRequest, type IInitializeAdminRequest, type IInitializeAdminResponse, type ILoginCredentials, type ILoginRequest, type IMessageResponse, type IMfaCodeResponse, type IMfaConfig, type IMfaDevice, type IMfaStatusResponse, type INestAuthAccessKey, type INestAuthIdentity, type INestAuthMFASecret, type INestAuthOTP, type INestAuthPermission, type INestAuthRole, type INestAuthSession, type INestAuthTenant, type INestAuthTrustedDevice, type INestAuthUser, type IPhoneAuthConfig, type IPhoneCredentials, type IProfileField, type IProfileFieldOption, type IRefreshRequest, type IRegistrationConfig, type IResendVerificationRequest, type IResetPasswordWithTokenRequest, type ISendEmailVerificationRequest, type ISendMfaCodeRequest, type ISessionVerifyResponse, type ISignupRequest, type ISocialCredentials, type ISsoConfig, type ISsoProviderConfig, type ITenantOption, type ITenantsConfig, type IToggleMfaRequest, type ITokenPair, type ITokensResponse, type ITotpSetupResponse, type IUiConfig, type IUserResponse, type IVerify2faRequest, type IVerify2faResponse, type IVerifyEmailRequest, type IVerifyForgotPasswordOtpRequest, type IVerifyOtpResponse, type IVerifyTotpSetupRequest, NestAuthMFAMethodEnum, NestAuthOTPTypeEnum };
|
|
449
|
+
export { type IAdminUser, type IAuthCookieResponse, type IAuthResponse, type IAuthSession, type IAuthSuccessResponse, type IAuthUser, type IChangePasswordRequest, type ICreateRoleInput, type IEmailAuthConfig, type IEmailCredentials, type IForgotPasswordRequest, type IInitializeAdminRequest, type IInitializeAdminResponse, type ILoginCredentials, type ILoginRequest, type IMessageResponse, type IMfaCodeResponse, type IMfaConfig, type IMfaDevice, type IMfaStatusResponse, type INestAuthAccessKey, type INestAuthIdentity, type INestAuthMFASecret, type INestAuthOTP, type INestAuthPermission, type INestAuthRole, type INestAuthRoleTenant, type INestAuthSession, type INestAuthTenant, type INestAuthTenantOptions, type INestAuthTrustedDevice, type INestAuthUser, type INestAuthUserAccess, type IPhoneAuthConfig, type IPhoneCredentials, type IProfileField, type IProfileFieldOption, type IRefreshRequest, type IRegistrationConfig, type IResendVerificationRequest, type IResetPasswordWithTokenRequest, type IRoleResponse, type ISendEmailVerificationRequest, type ISendMfaCodeRequest, type ISessionVerifyResponse, type ISignupRequest, type ISocialCredentials, type ISsoConfig, type ISsoProviderConfig, type ISwitchTenantRequest, type ITenantOption, type ITenantsConfig, type IToggleMfaRequest, type ITokenPair, type ITokensResponse, type ITotpSetupResponse, type IUiConfig, type IUpdatePermissionInput, type IUpdateRoleInput, type IUserResponse, type IVerify2faRequest, type IVerify2faResponse, type IVerifyEmailRequest, type IVerifyForgotPasswordOtpRequest, type IVerifyOtpResponse, type IVerifyTotpSetupRequest, NestAuthMFAMethodEnum, NestAuthOTPTypeEnum, TenantModeEnum };
|
package/dist/index.d.ts
CHANGED
|
@@ -1,3 +1,180 @@
|
|
|
1
|
+
interface INestAuthRoleTenant {
|
|
2
|
+
id: string;
|
|
3
|
+
name: string;
|
|
4
|
+
slug: string;
|
|
5
|
+
}
|
|
6
|
+
interface INestAuthRole {
|
|
7
|
+
id: string;
|
|
8
|
+
name: string;
|
|
9
|
+
guard: string;
|
|
10
|
+
tenantId?: string;
|
|
11
|
+
tenant?: INestAuthRoleTenant;
|
|
12
|
+
isSystem: boolean;
|
|
13
|
+
isActive: boolean;
|
|
14
|
+
permissions: string[];
|
|
15
|
+
createdAt: Date;
|
|
16
|
+
updatedAt: Date;
|
|
17
|
+
}
|
|
18
|
+
interface INestAuthPermission {
|
|
19
|
+
id: string;
|
|
20
|
+
name: string;
|
|
21
|
+
guard: string;
|
|
22
|
+
description?: string;
|
|
23
|
+
category?: string;
|
|
24
|
+
metadata?: Record<string, any>;
|
|
25
|
+
createdAt: Date;
|
|
26
|
+
updatedAt: Date;
|
|
27
|
+
}
|
|
28
|
+
interface ICreateRoleInput {
|
|
29
|
+
name: string;
|
|
30
|
+
guard: string;
|
|
31
|
+
tenantId?: string;
|
|
32
|
+
isSystem?: boolean;
|
|
33
|
+
isActive?: boolean;
|
|
34
|
+
permissions: string[];
|
|
35
|
+
}
|
|
36
|
+
interface IUpdateRoleInput {
|
|
37
|
+
name?: string;
|
|
38
|
+
isActive?: boolean;
|
|
39
|
+
permissions?: string[];
|
|
40
|
+
}
|
|
41
|
+
interface IUpdatePermissionInput {
|
|
42
|
+
name?: string;
|
|
43
|
+
category?: string;
|
|
44
|
+
description?: string;
|
|
45
|
+
}
|
|
46
|
+
type IRoleResponse = INestAuthRole;
|
|
47
|
+
|
|
48
|
+
interface INestAuthMFASecret {
|
|
49
|
+
id: string;
|
|
50
|
+
userId: string;
|
|
51
|
+
secret: string;
|
|
52
|
+
verified: boolean;
|
|
53
|
+
deviceName?: string;
|
|
54
|
+
lastUsedAt?: Date;
|
|
55
|
+
createdAt: Date;
|
|
56
|
+
updatedAt: Date;
|
|
57
|
+
}
|
|
58
|
+
interface INestAuthTrustedDevice {
|
|
59
|
+
id: string;
|
|
60
|
+
userId: string;
|
|
61
|
+
token: string;
|
|
62
|
+
userAgent?: string;
|
|
63
|
+
ipAddress?: string;
|
|
64
|
+
expiresAt: Date;
|
|
65
|
+
lastUsedAt?: Date;
|
|
66
|
+
createdAt: Date;
|
|
67
|
+
}
|
|
68
|
+
interface IVerify2faRequest {
|
|
69
|
+
otp: string;
|
|
70
|
+
method?: NestAuthMFAMethodEnum;
|
|
71
|
+
trustDevice?: boolean;
|
|
72
|
+
}
|
|
73
|
+
interface IVerify2faResponse {
|
|
74
|
+
accessToken: string;
|
|
75
|
+
refreshToken: string;
|
|
76
|
+
message?: string;
|
|
77
|
+
trustToken?: string;
|
|
78
|
+
user?: {
|
|
79
|
+
id: string;
|
|
80
|
+
email?: string;
|
|
81
|
+
phone?: string;
|
|
82
|
+
isVerified?: boolean;
|
|
83
|
+
isMfaEnabled?: boolean;
|
|
84
|
+
roles?: string[];
|
|
85
|
+
permissions?: string[];
|
|
86
|
+
metadata?: Record<string, any>;
|
|
87
|
+
tenantId?: string;
|
|
88
|
+
};
|
|
89
|
+
}
|
|
90
|
+
interface ISendMfaCodeRequest {
|
|
91
|
+
method: NestAuthMFAMethodEnum;
|
|
92
|
+
}
|
|
93
|
+
interface IToggleMfaRequest {
|
|
94
|
+
enabled: boolean;
|
|
95
|
+
}
|
|
96
|
+
interface IVerifyTotpSetupRequest {
|
|
97
|
+
otp: string;
|
|
98
|
+
secret: string;
|
|
99
|
+
}
|
|
100
|
+
interface IMfaDevice {
|
|
101
|
+
id: string;
|
|
102
|
+
deviceName: string;
|
|
103
|
+
method: NestAuthMFAMethodEnum;
|
|
104
|
+
lastUsedAt?: Date | string | null;
|
|
105
|
+
verified: boolean;
|
|
106
|
+
createdAt?: Date | string | null;
|
|
107
|
+
}
|
|
108
|
+
interface IMfaStatusResponse {
|
|
109
|
+
isEnabled: boolean;
|
|
110
|
+
verifiedMethods: NestAuthMFAMethodEnum[];
|
|
111
|
+
configuredMethods: NestAuthMFAMethodEnum[];
|
|
112
|
+
allowUserToggle: boolean;
|
|
113
|
+
allowMethodSelection: boolean;
|
|
114
|
+
totpDevices: IMfaDevice[];
|
|
115
|
+
hasRecoveryCode: boolean;
|
|
116
|
+
required?: boolean;
|
|
117
|
+
canToggle?: boolean;
|
|
118
|
+
}
|
|
119
|
+
interface IMfaCodeResponse {
|
|
120
|
+
code: string;
|
|
121
|
+
expiresAt: Date | string;
|
|
122
|
+
used: boolean;
|
|
123
|
+
warning?: string;
|
|
124
|
+
}
|
|
125
|
+
interface ITotpSetupResponse {
|
|
126
|
+
secret: string;
|
|
127
|
+
qrCode: string;
|
|
128
|
+
otpAuthUrl: string;
|
|
129
|
+
}
|
|
130
|
+
|
|
131
|
+
interface INestAuthUser {
|
|
132
|
+
id: string;
|
|
133
|
+
email?: string;
|
|
134
|
+
emailVerifiedAt?: Date;
|
|
135
|
+
phone?: string;
|
|
136
|
+
phoneVerifiedAt?: Date;
|
|
137
|
+
passwordHash?: string;
|
|
138
|
+
isVerified: boolean;
|
|
139
|
+
isActive: boolean;
|
|
140
|
+
metadata?: Record<string, any>;
|
|
141
|
+
isMfaEnabled: boolean;
|
|
142
|
+
mfaRecoveryCode?: string;
|
|
143
|
+
identities?: INestAuthIdentity[];
|
|
144
|
+
mfaSecrets?: INestAuthMFASecret[];
|
|
145
|
+
sessions?: INestAuthSession[];
|
|
146
|
+
otps?: INestAuthOTP[];
|
|
147
|
+
userAccesses?: INestAuthUserAccess[];
|
|
148
|
+
createdAt: Date;
|
|
149
|
+
updatedAt: Date;
|
|
150
|
+
}
|
|
151
|
+
|
|
152
|
+
interface INestAuthTenant {
|
|
153
|
+
id?: string;
|
|
154
|
+
name?: string;
|
|
155
|
+
slug?: string;
|
|
156
|
+
userAccesses?: INestAuthUserAccess[];
|
|
157
|
+
description?: string;
|
|
158
|
+
metadata?: Record<string, any>;
|
|
159
|
+
isActive?: boolean;
|
|
160
|
+
createdAt?: Date;
|
|
161
|
+
updatedAt?: Date;
|
|
162
|
+
}
|
|
163
|
+
interface INestAuthUserAccess {
|
|
164
|
+
id?: string;
|
|
165
|
+
userId?: string;
|
|
166
|
+
tenantId?: string;
|
|
167
|
+
user?: INestAuthUser;
|
|
168
|
+
tenant?: INestAuthTenant;
|
|
169
|
+
roles?: INestAuthRole[];
|
|
170
|
+
isActive?: boolean;
|
|
171
|
+
isDefault?: boolean;
|
|
172
|
+
status?: string;
|
|
173
|
+
metadata?: Record<string, any>;
|
|
174
|
+
createdAt?: Date;
|
|
175
|
+
updatedAt?: Date;
|
|
176
|
+
}
|
|
177
|
+
|
|
1
178
|
declare enum NestAuthOTPTypeEnum {
|
|
2
179
|
PASSWORD_RESET = "password_reset",
|
|
3
180
|
VERIFICATION = "verification",
|
|
@@ -81,6 +258,9 @@ interface ISignupRequest {
|
|
|
81
258
|
interface IRefreshRequest {
|
|
82
259
|
refreshToken?: string;
|
|
83
260
|
}
|
|
261
|
+
interface ISwitchTenantRequest {
|
|
262
|
+
tenantId: string;
|
|
263
|
+
}
|
|
84
264
|
interface ITokenPair {
|
|
85
265
|
accessToken: string;
|
|
86
266
|
refreshToken: string;
|
|
@@ -94,7 +274,7 @@ interface IAuthUser {
|
|
|
94
274
|
roles?: string[];
|
|
95
275
|
permissions?: string[];
|
|
96
276
|
metadata?: Record<string, any>;
|
|
97
|
-
|
|
277
|
+
userAccesses?: INestAuthUserAccess[];
|
|
98
278
|
}
|
|
99
279
|
interface IAuthResponse extends ITokenPair {
|
|
100
280
|
message?: string;
|
|
@@ -130,95 +310,13 @@ interface IUserResponse {
|
|
|
130
310
|
permissions?: string[];
|
|
131
311
|
metadata?: Record<string, any>;
|
|
132
312
|
tenantId?: string;
|
|
313
|
+
tenants?: INestAuthTenant[];
|
|
133
314
|
}
|
|
134
315
|
interface ITokensResponse {
|
|
135
316
|
accessToken: string;
|
|
136
317
|
refreshToken: string;
|
|
137
318
|
}
|
|
138
319
|
|
|
139
|
-
interface INestAuthMFASecret {
|
|
140
|
-
id: string;
|
|
141
|
-
userId: string;
|
|
142
|
-
secret: string;
|
|
143
|
-
verified: boolean;
|
|
144
|
-
deviceName?: string;
|
|
145
|
-
lastUsedAt?: Date;
|
|
146
|
-
createdAt: Date;
|
|
147
|
-
updatedAt: Date;
|
|
148
|
-
}
|
|
149
|
-
interface INestAuthTrustedDevice {
|
|
150
|
-
id: string;
|
|
151
|
-
userId: string;
|
|
152
|
-
token: string;
|
|
153
|
-
userAgent?: string;
|
|
154
|
-
ipAddress?: string;
|
|
155
|
-
expiresAt: Date;
|
|
156
|
-
lastUsedAt?: Date;
|
|
157
|
-
createdAt: Date;
|
|
158
|
-
}
|
|
159
|
-
interface IVerify2faRequest {
|
|
160
|
-
otp: string;
|
|
161
|
-
method?: NestAuthMFAMethodEnum;
|
|
162
|
-
trustDevice?: boolean;
|
|
163
|
-
}
|
|
164
|
-
interface IVerify2faResponse {
|
|
165
|
-
accessToken: string;
|
|
166
|
-
refreshToken: string;
|
|
167
|
-
message?: string;
|
|
168
|
-
trustToken?: string;
|
|
169
|
-
user?: {
|
|
170
|
-
id: string;
|
|
171
|
-
email?: string;
|
|
172
|
-
phone?: string;
|
|
173
|
-
isVerified?: boolean;
|
|
174
|
-
isMfaEnabled?: boolean;
|
|
175
|
-
roles?: string[];
|
|
176
|
-
permissions?: string[];
|
|
177
|
-
metadata?: Record<string, any>;
|
|
178
|
-
tenantId?: string;
|
|
179
|
-
};
|
|
180
|
-
}
|
|
181
|
-
interface ISendMfaCodeRequest {
|
|
182
|
-
method: NestAuthMFAMethodEnum;
|
|
183
|
-
}
|
|
184
|
-
interface IToggleMfaRequest {
|
|
185
|
-
enabled: boolean;
|
|
186
|
-
}
|
|
187
|
-
interface IVerifyTotpSetupRequest {
|
|
188
|
-
otp: string;
|
|
189
|
-
secret: string;
|
|
190
|
-
}
|
|
191
|
-
interface IMfaDevice {
|
|
192
|
-
id: string;
|
|
193
|
-
deviceName: string;
|
|
194
|
-
method: NestAuthMFAMethodEnum;
|
|
195
|
-
lastUsedAt?: Date | string | null;
|
|
196
|
-
verified: boolean;
|
|
197
|
-
createdAt?: Date | string | null;
|
|
198
|
-
}
|
|
199
|
-
interface IMfaStatusResponse {
|
|
200
|
-
isEnabled: boolean;
|
|
201
|
-
verifiedMethods: NestAuthMFAMethodEnum[];
|
|
202
|
-
configuredMethods: NestAuthMFAMethodEnum[];
|
|
203
|
-
allowUserToggle: boolean;
|
|
204
|
-
allowMethodSelection: boolean;
|
|
205
|
-
totpDevices: IMfaDevice[];
|
|
206
|
-
hasRecoveryCode: boolean;
|
|
207
|
-
required?: boolean;
|
|
208
|
-
canToggle?: boolean;
|
|
209
|
-
}
|
|
210
|
-
interface IMfaCodeResponse {
|
|
211
|
-
code: string;
|
|
212
|
-
expiresAt: Date | string;
|
|
213
|
-
used: boolean;
|
|
214
|
-
warning?: string;
|
|
215
|
-
}
|
|
216
|
-
interface ITotpSetupResponse {
|
|
217
|
-
secret: string;
|
|
218
|
-
qrCode: string;
|
|
219
|
-
otpAuthUrl: string;
|
|
220
|
-
}
|
|
221
|
-
|
|
222
320
|
interface IForgotPasswordRequest {
|
|
223
321
|
email?: string;
|
|
224
322
|
phone?: string;
|
|
@@ -317,9 +415,16 @@ interface ITenantOption {
|
|
|
317
415
|
isActive: boolean;
|
|
318
416
|
metadata?: Record<string, any>;
|
|
319
417
|
}
|
|
418
|
+
interface INestAuthTenantOptions {
|
|
419
|
+
enabled?: boolean;
|
|
420
|
+
mode?: TenantModeEnum;
|
|
421
|
+
}
|
|
422
|
+
declare enum TenantModeEnum {
|
|
423
|
+
ISOLATED = "isolated",
|
|
424
|
+
SHARED = "shared"
|
|
425
|
+
}
|
|
320
426
|
interface ITenantsConfig {
|
|
321
|
-
mode:
|
|
322
|
-
defaultTenantId: string | null;
|
|
427
|
+
mode: TenantModeEnum;
|
|
323
428
|
options?: ITenantOption[];
|
|
324
429
|
}
|
|
325
430
|
interface ISsoProviderConfig {
|
|
@@ -341,56 +446,4 @@ interface IUiConfig {
|
|
|
341
446
|
backgroundImageUrl?: string;
|
|
342
447
|
}
|
|
343
448
|
|
|
344
|
-
|
|
345
|
-
id: string;
|
|
346
|
-
email?: string;
|
|
347
|
-
emailVerifiedAt?: Date;
|
|
348
|
-
phone?: string;
|
|
349
|
-
phoneVerifiedAt?: Date;
|
|
350
|
-
passwordHash?: string;
|
|
351
|
-
isVerified: boolean;
|
|
352
|
-
isActive: boolean;
|
|
353
|
-
metadata?: Record<string, any>;
|
|
354
|
-
tenantId?: string;
|
|
355
|
-
isMfaEnabled: boolean;
|
|
356
|
-
mfaRecoveryCode?: string;
|
|
357
|
-
emailTenant?: string;
|
|
358
|
-
phoneTenant?: string;
|
|
359
|
-
createdAt: Date;
|
|
360
|
-
updatedAt: Date;
|
|
361
|
-
}
|
|
362
|
-
interface INestAuthRole {
|
|
363
|
-
id: string;
|
|
364
|
-
name: string;
|
|
365
|
-
guard: string;
|
|
366
|
-
tenantId?: string;
|
|
367
|
-
isSystem: boolean;
|
|
368
|
-
isActive: boolean;
|
|
369
|
-
permissions: string[];
|
|
370
|
-
createdAt: Date;
|
|
371
|
-
updatedAt: Date;
|
|
372
|
-
}
|
|
373
|
-
interface INestAuthPermission {
|
|
374
|
-
id: string;
|
|
375
|
-
name: string;
|
|
376
|
-
guard: string;
|
|
377
|
-
description?: string;
|
|
378
|
-
category?: string;
|
|
379
|
-
metadata?: Record<string, any>;
|
|
380
|
-
createdAt: Date;
|
|
381
|
-
updatedAt: Date;
|
|
382
|
-
}
|
|
383
|
-
|
|
384
|
-
interface INestAuthTenant {
|
|
385
|
-
id: string;
|
|
386
|
-
name: string;
|
|
387
|
-
slug: string;
|
|
388
|
-
domain?: string;
|
|
389
|
-
description?: string;
|
|
390
|
-
metadata?: Record<string, any>;
|
|
391
|
-
isActive: boolean;
|
|
392
|
-
createdAt: Date;
|
|
393
|
-
updatedAt: Date;
|
|
394
|
-
}
|
|
395
|
-
|
|
396
|
-
export { type IAdminUser, type IAuthCookieResponse, type IAuthResponse, type IAuthSession, type IAuthSuccessResponse, type IAuthUser, type IChangePasswordRequest, type IEmailAuthConfig, type IEmailCredentials, type IForgotPasswordRequest, type IInitializeAdminRequest, type IInitializeAdminResponse, type ILoginCredentials, type ILoginRequest, type IMessageResponse, type IMfaCodeResponse, type IMfaConfig, type IMfaDevice, type IMfaStatusResponse, type INestAuthAccessKey, type INestAuthIdentity, type INestAuthMFASecret, type INestAuthOTP, type INestAuthPermission, type INestAuthRole, type INestAuthSession, type INestAuthTenant, type INestAuthTrustedDevice, type INestAuthUser, type IPhoneAuthConfig, type IPhoneCredentials, type IProfileField, type IProfileFieldOption, type IRefreshRequest, type IRegistrationConfig, type IResendVerificationRequest, type IResetPasswordWithTokenRequest, type ISendEmailVerificationRequest, type ISendMfaCodeRequest, type ISessionVerifyResponse, type ISignupRequest, type ISocialCredentials, type ISsoConfig, type ISsoProviderConfig, type ITenantOption, type ITenantsConfig, type IToggleMfaRequest, type ITokenPair, type ITokensResponse, type ITotpSetupResponse, type IUiConfig, type IUserResponse, type IVerify2faRequest, type IVerify2faResponse, type IVerifyEmailRequest, type IVerifyForgotPasswordOtpRequest, type IVerifyOtpResponse, type IVerifyTotpSetupRequest, NestAuthMFAMethodEnum, NestAuthOTPTypeEnum };
|
|
449
|
+
export { type IAdminUser, type IAuthCookieResponse, type IAuthResponse, type IAuthSession, type IAuthSuccessResponse, type IAuthUser, type IChangePasswordRequest, type ICreateRoleInput, type IEmailAuthConfig, type IEmailCredentials, type IForgotPasswordRequest, type IInitializeAdminRequest, type IInitializeAdminResponse, type ILoginCredentials, type ILoginRequest, type IMessageResponse, type IMfaCodeResponse, type IMfaConfig, type IMfaDevice, type IMfaStatusResponse, type INestAuthAccessKey, type INestAuthIdentity, type INestAuthMFASecret, type INestAuthOTP, type INestAuthPermission, type INestAuthRole, type INestAuthRoleTenant, type INestAuthSession, type INestAuthTenant, type INestAuthTenantOptions, type INestAuthTrustedDevice, type INestAuthUser, type INestAuthUserAccess, type IPhoneAuthConfig, type IPhoneCredentials, type IProfileField, type IProfileFieldOption, type IRefreshRequest, type IRegistrationConfig, type IResendVerificationRequest, type IResetPasswordWithTokenRequest, type IRoleResponse, type ISendEmailVerificationRequest, type ISendMfaCodeRequest, type ISessionVerifyResponse, type ISignupRequest, type ISocialCredentials, type ISsoConfig, type ISsoProviderConfig, type ISwitchTenantRequest, type ITenantOption, type ITenantsConfig, type IToggleMfaRequest, type ITokenPair, type ITokensResponse, type ITotpSetupResponse, type IUiConfig, type IUpdatePermissionInput, type IUpdateRoleInput, type IUserResponse, type IVerify2faRequest, type IVerify2faResponse, type IVerifyEmailRequest, type IVerifyForgotPasswordOtpRequest, type IVerifyOtpResponse, type IVerifyTotpSetupRequest, NestAuthMFAMethodEnum, NestAuthOTPTypeEnum, TenantModeEnum };
|
package/dist/index.js
CHANGED
|
@@ -11,8 +11,16 @@ var NestAuthMFAMethodEnum = /* @__PURE__ */ ((NestAuthMFAMethodEnum2) => {
|
|
|
11
11
|
NestAuthMFAMethodEnum2["TOTP"] = "totp";
|
|
12
12
|
return NestAuthMFAMethodEnum2;
|
|
13
13
|
})(NestAuthMFAMethodEnum || {});
|
|
14
|
+
|
|
15
|
+
// src/config.ts
|
|
16
|
+
var TenantModeEnum = /* @__PURE__ */ ((TenantModeEnum2) => {
|
|
17
|
+
TenantModeEnum2["ISOLATED"] = "isolated";
|
|
18
|
+
TenantModeEnum2["SHARED"] = "shared";
|
|
19
|
+
return TenantModeEnum2;
|
|
20
|
+
})(TenantModeEnum || {});
|
|
14
21
|
export {
|
|
15
22
|
NestAuthMFAMethodEnum,
|
|
16
|
-
NestAuthOTPTypeEnum
|
|
23
|
+
NestAuthOTPTypeEnum,
|
|
24
|
+
TenantModeEnum
|
|
17
25
|
};
|
|
18
26
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/auth.ts"],"sourcesContent":["/**\n * Auth Types\n * Contains: Login/Signup/Token types + Auth Entities (Session, Identity, AccessKey, OTP)\n */\n\n// OTP Type Enum\nexport enum NestAuthOTPTypeEnum {\n PASSWORD_RESET = 'password_reset',\n VERIFICATION = 'verification',\n MFA = 'mfa',\n}\n\n// MFA Method Enum (Needed for AuthResponse and others)\nexport enum NestAuthMFAMethodEnum {\n EMAIL = 'email',\n SMS = 'sms',\n TOTP = 'totp',\n}\n\n// --- Entity Interfaces ---\n\nexport interface INestAuthIdentity {\n id: string;\n provider: string;\n providerId: string;\n metadata?: Record<string, any>;\n userId: string;\n createdAt: Date;\n updatedAt: Date;\n}\n\nexport interface INestAuthSession {\n id: string;\n userId: string;\n data?: any;\n refreshToken?: string;\n expiresAt?: Date;\n userAgent?: string;\n deviceName?: string;\n ipAddress?: string;\n lastActive?: Date;\n createdAt?: Date;\n updatedAt?: Date;\n}\n\nexport interface INestAuthAccessKey {\n id: string;\n name: string;\n publicKey: string;\n privateKey: string;\n description?: string;\n isActive: boolean;\n expiresAt?: Date;\n lastUsedAt?: Date;\n userId: string;\n createdAt: Date;\n updatedAt: Date;\n}\n\nexport interface INestAuthOTP {\n id: string;\n userId: string;\n code: string;\n type: NestAuthOTPTypeEnum;\n expiresAt: Date;\n used: boolean;\n createdAt: Date;\n updatedAt: Date;\n}\n\n// --- Request/Response Interfaces ---\n\nexport interface IEmailCredentials {\n email: string;\n password: string;\n}\n\nexport interface IPhoneCredentials {\n phone: string;\n password: string;\n}\n\nexport interface ISocialCredentials {\n token: string;\n}\n\nexport type ILoginCredentials = IEmailCredentials | IPhoneCredentials | ISocialCredentials | Record<string, any>;\n\nexport interface ILoginRequest {\n providerName?: 'email' | 'phone' | 'google' | 'facebook' | 'apple' | 'github' | string;\n credentials: ILoginCredentials;\n tenantId?: string;\n createUserIfNotExists?: boolean;\n}\n\nexport interface ISignupRequest {\n email?: string;\n phone?: string;\n password: string;\n tenantId?: string;\n [key: string]: any;\n}\n\nexport interface IRefreshRequest {\n refreshToken?: string;\n}\n\nexport interface ITokenPair {\n accessToken: string;\n refreshToken: string;\n}\n\nexport interface IAuthUser {\n id: string;\n email?: string;\n phone?: string;\n isVerified?: boolean;\n isMfaEnabled?: boolean;\n roles?: string[];\n permissions?: string[];\n metadata?: Record<string, any>;\n
|
|
1
|
+
{"version":3,"sources":["../src/auth.ts","../src/config.ts"],"sourcesContent":["/**\n * Auth Types\n * Contains: Login/Signup/Token types + Auth Entities (Session, Identity, AccessKey, OTP)\n */\n\nimport type { INestAuthTenant, INestAuthUserAccess } from './tenant';\n\n// OTP Type Enum\nexport enum NestAuthOTPTypeEnum {\n PASSWORD_RESET = 'password_reset',\n VERIFICATION = 'verification',\n MFA = 'mfa',\n}\n\n// MFA Method Enum (Needed for AuthResponse and others)\nexport enum NestAuthMFAMethodEnum {\n EMAIL = 'email',\n SMS = 'sms',\n TOTP = 'totp',\n}\n\n// --- Entity Interfaces ---\n\nexport interface INestAuthIdentity {\n id: string;\n provider: string;\n providerId: string;\n metadata?: Record<string, any>;\n userId: string;\n createdAt: Date;\n updatedAt: Date;\n}\n\nexport interface INestAuthSession {\n id: string;\n userId: string;\n data?: any;\n refreshToken?: string;\n expiresAt?: Date;\n userAgent?: string;\n deviceName?: string;\n ipAddress?: string;\n lastActive?: Date;\n createdAt?: Date;\n updatedAt?: Date;\n}\n\nexport interface INestAuthAccessKey {\n id: string;\n name: string;\n publicKey: string;\n privateKey: string;\n description?: string;\n isActive: boolean;\n expiresAt?: Date;\n lastUsedAt?: Date;\n userId: string;\n createdAt: Date;\n updatedAt: Date;\n}\n\nexport interface INestAuthOTP {\n id: string;\n userId: string;\n code: string;\n type: NestAuthOTPTypeEnum;\n expiresAt: Date;\n used: boolean;\n createdAt: Date;\n updatedAt: Date;\n}\n\n// --- Request/Response Interfaces ---\n\nexport interface IEmailCredentials {\n email: string;\n password: string;\n}\n\nexport interface IPhoneCredentials {\n phone: string;\n password: string;\n}\n\nexport interface ISocialCredentials {\n token: string;\n}\n\nexport type ILoginCredentials = IEmailCredentials | IPhoneCredentials | ISocialCredentials | Record<string, any>;\n\nexport interface ILoginRequest {\n providerName?: 'email' | 'phone' | 'google' | 'facebook' | 'apple' | 'github' | string;\n credentials: ILoginCredentials;\n tenantId?: string;\n createUserIfNotExists?: boolean;\n}\n\nexport interface ISignupRequest {\n email?: string;\n phone?: string;\n password: string;\n tenantId?: string;\n [key: string]: any;\n}\n\nexport interface IRefreshRequest {\n refreshToken?: string;\n}\n\nexport interface ISwitchTenantRequest {\n tenantId: string;\n}\n\nexport interface ITokenPair {\n accessToken: string;\n refreshToken: string;\n}\n\nexport interface IAuthUser {\n id: string;\n email?: string;\n phone?: string;\n isVerified?: boolean;\n isMfaEnabled?: boolean;\n roles?: string[];\n permissions?: string[];\n metadata?: Record<string, any>;\n userAccesses?: INestAuthUserAccess[];\n}\n\nexport interface IAuthResponse extends ITokenPair {\n message?: string;\n isRequiresMfa?: boolean;\n mfaMethods?: NestAuthMFAMethodEnum[];\n defaultMfaMethod?: NestAuthMFAMethodEnum;\n user?: IAuthUser;\n}\n\nexport interface IAuthSession {\n id: string;\n userId: string;\n expiresAt: string;\n createdAt: string;\n}\n\nexport interface IMessageResponse {\n message: string;\n}\n\nexport interface IAuthCookieResponse {\n message: string;\n isRequiresMfa?: boolean;\n}\n\nexport interface IAuthSuccessResponse {\n message: string;\n isRequiresMfa?: boolean;\n}\n\nexport interface IUserResponse {\n id: string;\n email?: string;\n phone?: string;\n isVerified?: boolean;\n isMfaEnabled?: boolean;\n roles?: string[];\n permissions?: string[];\n metadata?: Record<string, any>;\n tenantId?: string;\n tenants?: INestAuthTenant[];\n}\n\nexport interface ITokensResponse {\n accessToken: string;\n refreshToken: string;\n}\n","/**\n * Config Types\n * Client configuration response types\n */\n\nimport { NestAuthMFAMethodEnum } from './auth';\n\nexport interface IEmailAuthConfig {\n enabled: boolean;\n}\n\nexport interface IPhoneAuthConfig {\n enabled: boolean;\n}\n\nexport interface IProfileFieldOption {\n label: string;\n value: string;\n}\n\nexport interface IProfileField {\n id: string;\n label: string;\n required?: boolean;\n type?: 'text' | 'email' | 'phone' | 'select' | 'checkbox' | 'password';\n placeholder?: string;\n options?: IProfileFieldOption[];\n}\n\nexport interface IRegistrationConfig {\n enabled: boolean;\n requireInvitation?: boolean;\n collectProfileFields?: IProfileField[];\n}\n\nexport interface IMfaConfig {\n enabled: boolean;\n methods?: NestAuthMFAMethodEnum[];\n allowUserToggle?: boolean;\n allowMethodSelection?: boolean;\n}\n\nexport interface ITenantOption {\n id: string;\n name: string;\n slug: string;\n isActive: boolean;\n metadata?: Record<string, any>;\n}\n\n/**\n * Tenant support configuration.\n * - enabled: false → no tenant checks; auth works without tenant (future-safe: entities remain).\n * - enabled: true → multi-tenant is on; tenant is required; mode controls behavior:\n * - ISOLATED: one tenant per user (user belongs to one tenant).\n * - SHARED: user can belong to multiple tenants; active tenant from header/subdomain/JWT/custom.\n */\nexport interface INestAuthTenantOptions {\n /** When false, tenant resolution and validation are disabled. When true, multi-tenant is enabled and tenant is required. Default: false. */\n enabled?: boolean;\n /** When enabled, use ISOLATED (one tenant per user) or SHARED (multiple tenants per user). Default: ISOLATED. */\n mode?: TenantModeEnum;\n}\n\nexport enum TenantModeEnum {\n ISOLATED = 'isolated',\n SHARED = 'shared',\n}\n\nexport interface ITenantsConfig {\n mode: TenantModeEnum;\n options?: ITenantOption[];\n}\n\nexport interface ISsoProviderConfig {\n id: string;\n name: string;\n logoUrl?: string;\n authorizationUrl?: string;\n clientId?: string;\n hint?: string;\n}\n\nexport interface ISsoConfig {\n enabled: boolean;\n providers?: ISsoProviderConfig[];\n}\n\nexport interface IUiConfig {\n brandName?: string;\n brandColor?: string;\n logoUrl?: string;\n backgroundImageUrl?: string;\n}\n"],"mappings":";AAQO,IAAK,sBAAL,kBAAKA,yBAAL;AACH,EAAAA,qBAAA,oBAAiB;AACjB,EAAAA,qBAAA,kBAAe;AACf,EAAAA,qBAAA,SAAM;AAHE,SAAAA;AAAA,GAAA;AAOL,IAAK,wBAAL,kBAAKC,2BAAL;AACH,EAAAA,uBAAA,WAAQ;AACR,EAAAA,uBAAA,SAAM;AACN,EAAAA,uBAAA,UAAQ;AAHA,SAAAA;AAAA,GAAA;;;ACiDL,IAAK,iBAAL,kBAAKC,oBAAL;AACH,EAAAA,gBAAA,cAAW;AACX,EAAAA,gBAAA,YAAS;AAFD,SAAAA;AAAA,GAAA;","names":["NestAuthOTPTypeEnum","NestAuthMFAMethodEnum","TenantModeEnum"]}
|