@ackplus/nest-auth-contracts 1.1.69-beta.8 → 2.0.0-beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +9 -1
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +33 -7
- package/dist/index.d.ts +33 -7
- package/dist/index.js +8 -1
- package/dist/index.js.map +1 -1
- package/package.json +3 -2
package/dist/index.cjs
CHANGED
|
@@ -19,6 +19,7 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
|
|
|
19
19
|
// src/index.ts
|
|
20
20
|
var index_exports = {};
|
|
21
21
|
__export(index_exports, {
|
|
22
|
+
NEST_AUTH_PASSWORDLESS_PROVIDER: () => NEST_AUTH_PASSWORDLESS_PROVIDER,
|
|
22
23
|
NestAuthMFAMethodEnum: () => NestAuthMFAMethodEnum,
|
|
23
24
|
NestAuthOTPTypeEnum: () => NestAuthOTPTypeEnum,
|
|
24
25
|
TenantModeEnum: () => TenantModeEnum
|
|
@@ -27,8 +28,11 @@ module.exports = __toCommonJS(index_exports);
|
|
|
27
28
|
|
|
28
29
|
// src/auth.ts
|
|
29
30
|
var NestAuthOTPTypeEnum = /* @__PURE__ */ ((NestAuthOTPTypeEnum2) => {
|
|
31
|
+
NestAuthOTPTypeEnum2["PASSWORDLESS_LOGIN"] = "passwordless_login";
|
|
32
|
+
NestAuthOTPTypeEnum2["MAGIC_LINK_LOGIN"] = "magic_link_login";
|
|
30
33
|
NestAuthOTPTypeEnum2["PASSWORD_RESET"] = "password_reset";
|
|
31
|
-
NestAuthOTPTypeEnum2["
|
|
34
|
+
NestAuthOTPTypeEnum2["EMAIL_VERIFICATION"] = "email_verification";
|
|
35
|
+
NestAuthOTPTypeEnum2["PHONE_VERIFICATION"] = "phone_verification";
|
|
32
36
|
NestAuthOTPTypeEnum2["MFA"] = "mfa";
|
|
33
37
|
return NestAuthOTPTypeEnum2;
|
|
34
38
|
})(NestAuthOTPTypeEnum || {});
|
|
@@ -39,6 +43,9 @@ var NestAuthMFAMethodEnum = /* @__PURE__ */ ((NestAuthMFAMethodEnum2) => {
|
|
|
39
43
|
return NestAuthMFAMethodEnum2;
|
|
40
44
|
})(NestAuthMFAMethodEnum || {});
|
|
41
45
|
|
|
46
|
+
// src/passwordless.ts
|
|
47
|
+
var NEST_AUTH_PASSWORDLESS_PROVIDER = "passwordless";
|
|
48
|
+
|
|
42
49
|
// src/config.ts
|
|
43
50
|
var TenantModeEnum = /* @__PURE__ */ ((TenantModeEnum2) => {
|
|
44
51
|
TenantModeEnum2["ISOLATED"] = "isolated";
|
|
@@ -47,6 +54,7 @@ var TenantModeEnum = /* @__PURE__ */ ((TenantModeEnum2) => {
|
|
|
47
54
|
})(TenantModeEnum || {});
|
|
48
55
|
// Annotate the CommonJS export names for ESM import in node:
|
|
49
56
|
0 && (module.exports = {
|
|
57
|
+
NEST_AUTH_PASSWORDLESS_PROVIDER,
|
|
50
58
|
NestAuthMFAMethodEnum,
|
|
51
59
|
NestAuthOTPTypeEnum,
|
|
52
60
|
TenantModeEnum
|
package/dist/index.cjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/index.ts","../src/auth.ts","../src/config.ts"],"sourcesContent":["/**\n * @libs/auth-s - Shared authentication s\n */\n\n// Auth s (from auth.ts)\nexport {\n NestAuthMFAMethodEnum,\n NestAuthOTPTypeEnum,\n IEmailCredentials,\n IPhoneCredentials,\n ISocialCredentials,\n ILoginCredentials,\n ILoginRequest,\n ISignupRequest,\n IRefreshRequest,\n ISwitchTenantRequest,\n ITokenPair,\n IAuthResponse,\n IAuthUser,\n IAuthSession,\n IMessageResponse,\n IAuthCookieResponse,\n IAuthSuccessResponse,\n IUserResponse,\n ITokensResponse,\n // Entities\n INestAuthIdentity,\n INestAuthSession,\n INestAuthAccessKey,\n INestAuthOTP,\n} from './auth';\n\n// MFA (from mfa.ts)\nexport {\n IVerify2faRequest,\n IVerify2faResponse,\n ISendMfaCodeRequest,\n IToggleMfaRequest,\n IVerifyTotpSetupRequest,\n IMfaDevice,\n IMfaStatusResponse,\n IMfaCodeResponse,\n ITotpSetupResponse,\n // Entities\n INestAuthMFASecret,\n INestAuthTrustedDevice,\n} from './mfa';\n\n// Password\nexport {\n IForgotPasswordRequest,\n IResetPasswordWithTokenRequest,\n IChangePasswordRequest,\n IVerifyForgotPasswordOtpRequest,\n IVerifyOtpResponse,\n} from './password';\n\n// Verification\nexport {\n IVerifyEmailRequest,\n IResendVerificationRequest,\n ISendEmailVerificationRequest,\n ISessionVerifyResponse,\n} from './verification';\n\n// Admin\nexport {\n IInitializeAdminRequest,\n IInitializeAdminResponse,\n IAdminUser,\n} from './admin';\n\n// Config\nexport {\n IEmailAuthConfig,\n IPhoneAuthConfig,\n IProfileFieldOption,\n IProfileField,\n IRegistrationConfig,\n IMfaConfig,\n ITenantOption,\n ITenantsConfig,\n ISsoProviderConfig,\n ISsoConfig,\n IUiConfig,\n TenantModeEnum,\n INestAuthTenantOptions,\n} from './config';\n\n// User & Role (from user.ts)\nexport {\n INestAuthUser,\n} from './user';\n\n// Role & Permission (from role.ts)\nexport {\n INestAuthRoleTenant,\n INestAuthRole,\n INestAuthPermission,\n ICreateRoleInput,\n IUpdateRoleInput,\n IUpdatePermissionInput,\n IRoleResponse,\n} from './role';\n\n// Tenant (from tenant.ts)\nexport {\n INestAuthTenant,\n INestAuthUserAccess,\n} from './tenant';\n","/**\n * Auth Types\n * Contains: Login/Signup/Token types + Auth Entities (Session, Identity, AccessKey, OTP)\n */\n\nimport type { INestAuthTenant, INestAuthUserAccess } from './tenant';\n\n// OTP Type Enum\nexport enum NestAuthOTPTypeEnum {\n PASSWORD_RESET = 'password_reset',\n VERIFICATION = 'verification',\n MFA = 'mfa',\n}\n\n// MFA Method Enum (Needed for AuthResponse and others)\nexport enum NestAuthMFAMethodEnum {\n EMAIL = 'email',\n SMS = 'sms',\n TOTP = 'totp',\n}\n\n// --- Entity Interfaces ---\n\nexport interface INestAuthIdentity {\n id: string;\n provider: string;\n providerId: string;\n metadata?: Record<string, any>;\n userId: string;\n createdAt: Date;\n updatedAt: Date;\n}\n\nexport interface INestAuthSession {\n id: string;\n userId: string;\n data?: any;\n refreshToken?: string;\n expiresAt?: Date;\n userAgent?: string;\n deviceName?: string;\n ipAddress?: string;\n lastActive?: Date;\n createdAt?: Date;\n updatedAt?: Date;\n}\n\nexport interface INestAuthAccessKey {\n id: string;\n name: string;\n publicKey: string;\n privateKey: string;\n description?: string;\n isActive: boolean;\n expiresAt?: Date;\n lastUsedAt?: Date;\n userId: string;\n createdAt: Date;\n updatedAt: Date;\n}\n\nexport interface INestAuthOTP {\n id: string;\n userId: string;\n code: string;\n type: NestAuthOTPTypeEnum;\n expiresAt: Date;\n used: boolean;\n createdAt: Date;\n updatedAt: Date;\n}\n\n// --- Request/Response Interfaces ---\n\nexport interface IEmailCredentials {\n email: string;\n password: string;\n}\n\nexport interface IPhoneCredentials {\n phone: string;\n password: string;\n}\n\nexport interface ISocialCredentials {\n token: string;\n}\n\nexport type ILoginCredentials = IEmailCredentials | IPhoneCredentials | ISocialCredentials | Record<string, any>;\n\nexport interface ILoginRequest {\n providerName?: 'email' | 'phone' | 'google' | 'facebook' | 'apple' | 'github' | string;\n credentials: ILoginCredentials;\n tenantId?: string;\n createUserIfNotExists?: boolean;\n}\n\nexport interface ISignupRequest {\n email?: string;\n phone?: string;\n password: string;\n tenantId?: string;\n [key: string]: any;\n}\n\nexport interface IRefreshRequest {\n refreshToken?: string;\n}\n\nexport interface ISwitchTenantRequest {\n tenantId: string;\n}\n\nexport interface ITokenPair {\n accessToken: string;\n refreshToken: string;\n}\n\nexport interface IAuthUser {\n id: string;\n email?: string;\n phone?: string;\n isVerified?: boolean;\n isMfaEnabled?: boolean;\n roles?: string[];\n permissions?: string[];\n metadata?: Record<string, any>;\n userAccesses?: INestAuthUserAccess[];\n}\n\nexport interface IAuthResponse extends ITokenPair {\n message?: string;\n isRequiresMfa?: boolean;\n mfaMethods?: NestAuthMFAMethodEnum[];\n defaultMfaMethod?: NestAuthMFAMethodEnum;\n user?: IAuthUser;\n}\n\nexport interface IAuthSession {\n id: string;\n userId: string;\n expiresAt: string;\n createdAt: string;\n}\n\nexport interface IMessageResponse {\n message: string;\n}\n\nexport interface IAuthCookieResponse {\n message: string;\n isRequiresMfa?: boolean;\n}\n\nexport interface IAuthSuccessResponse {\n message: string;\n isRequiresMfa?: boolean;\n}\n\nexport interface IUserResponse {\n id: string;\n email?: string;\n phone?: string;\n isVerified?: boolean;\n isMfaEnabled?: boolean;\n roles?: string[];\n permissions?: string[];\n metadata?: Record<string, any>;\n tenantId?: string;\n tenants?: INestAuthTenant[];\n}\n\nexport interface ITokensResponse {\n accessToken: string;\n refreshToken: string;\n}\n","/**\n * Config Types\n * Client configuration response types\n */\n\nimport { NestAuthMFAMethodEnum } from './auth';\n\nexport interface IEmailAuthConfig {\n enabled: boolean;\n}\n\nexport interface IPhoneAuthConfig {\n enabled: boolean;\n}\n\nexport interface IProfileFieldOption {\n label: string;\n value: string;\n}\n\nexport interface IProfileField {\n id: string;\n label: string;\n required?: boolean;\n type?: 'text' | 'email' | 'phone' | 'select' | 'checkbox' | 'password';\n placeholder?: string;\n options?: IProfileFieldOption[];\n}\n\nexport interface IRegistrationConfig {\n enabled: boolean;\n requireInvitation?: boolean;\n collectProfileFields?: IProfileField[];\n}\n\nexport interface IMfaConfig {\n enabled: boolean;\n methods?: NestAuthMFAMethodEnum[];\n allowUserToggle?: boolean;\n allowMethodSelection?: boolean;\n}\n\nexport interface ITenantOption {\n id: string;\n name: string;\n slug: string;\n isActive: boolean;\n metadata?: Record<string, any>;\n}\n\n/**\n * Tenant support configuration.\n * - enabled: false → no tenant checks; auth works without tenant (future-safe: entities remain).\n * - enabled: true → multi-tenant is on; tenant is required; mode controls behavior:\n * - ISOLATED: one tenant per user (user belongs to one tenant).\n * - SHARED: user can belong to multiple tenants; active tenant from header/subdomain/JWT/custom.\n */\nexport interface INestAuthTenantOptions {\n /** When false, tenant resolution and validation are disabled. When true, multi-tenant is enabled and tenant is required. Default: false. */\n enabled?: boolean;\n /** When enabled, use ISOLATED (one tenant per user) or SHARED (multiple tenants per user). Default: ISOLATED. */\n mode?: TenantModeEnum;\n}\n\nexport enum TenantModeEnum {\n ISOLATED = 'isolated',\n SHARED = 'shared',\n}\n\nexport interface ITenantsConfig {\n mode: TenantModeEnum;\n options?: ITenantOption[];\n}\n\nexport interface ISsoProviderConfig {\n id: string;\n name: string;\n logoUrl?: string;\n authorizationUrl?: string;\n clientId?: string;\n hint?: string;\n}\n\nexport interface ISsoConfig {\n enabled: boolean;\n providers?: ISsoProviderConfig[];\n}\n\nexport interface IUiConfig {\n brandName?: string;\n brandColor?: string;\n logoUrl?: string;\n backgroundImageUrl?: string;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACQO,IAAK,sBAAL,kBAAKA,yBAAL;AACH,EAAAA,qBAAA,oBAAiB;AACjB,EAAAA,qBAAA,kBAAe;AACf,EAAAA,qBAAA,SAAM;AAHE,SAAAA;AAAA,GAAA;AAOL,IAAK,wBAAL,kBAAKC,2BAAL;AACH,EAAAA,uBAAA,WAAQ;AACR,EAAAA,uBAAA,SAAM;AACN,EAAAA,uBAAA,UAAQ;AAHA,SAAAA;AAAA,GAAA;;;ACiDL,IAAK,iBAAL,kBAAKC,oBAAL;AACH,EAAAA,gBAAA,cAAW;AACX,EAAAA,gBAAA,YAAS;AAFD,SAAAA;AAAA,GAAA;","names":["NestAuthOTPTypeEnum","NestAuthMFAMethodEnum","TenantModeEnum"]}
|
|
1
|
+
{"version":3,"sources":["../src/index.ts","../src/auth.ts","../src/passwordless.ts","../src/config.ts"],"sourcesContent":["/**\n * @libs/auth-s - Shared authentication s\n */\n\n// Auth s (from auth.ts)\nexport {\n NestAuthMFAMethodEnum,\n NestAuthOTPTypeEnum,\n IEmailCredentials,\n IPhoneCredentials,\n ISocialCredentials,\n IPasswordlessOtpLoginCredentials,\n ILoginCredentials,\n ILoginRequest,\n ISignupRequest,\n IRefreshRequest,\n ISwitchTenantRequest,\n ITokenPair,\n IAuthResponse,\n IAuthUser,\n IAuthSession,\n IMessageResponse,\n IAuthCookieResponse,\n IAuthSuccessResponse,\n IUserResponse,\n ITokensResponse,\n // Entities\n INestAuthIdentity,\n INestAuthSession,\n INestAuthAccessKey,\n INestAuthOTP,\n} from './auth';\n\n// MFA (from mfa.ts)\nexport {\n IVerify2faRequest,\n IVerify2faResponse,\n ISendMfaCodeRequest,\n IToggleMfaRequest,\n IVerifyTotpSetupRequest,\n IMfaDevice,\n IMfaStatusResponse,\n IMfaCodeResponse,\n ITotpSetupResponse,\n // Entities\n INestAuthMFASecret,\n INestAuthTrustedDevice,\n} from './mfa';\n\n// Password\nexport {\n IForgotPasswordRequest,\n IResetPasswordWithTokenRequest,\n IChangePasswordRequest,\n IVerifyForgotPasswordOtpRequest,\n IVerifyOtpResponse,\n} from './password';\n\n// Verification\nexport {\n IVerifyEmailRequest,\n IVerifyPhoneRequest,\n IResendVerificationRequest,\n ISendEmailVerificationRequest,\n ISendPhoneVerificationRequest,\n ISessionVerifyResponse,\n} from './verification';\n// Passwordless login\nexport {\n NEST_AUTH_PASSWORDLESS_PROVIDER,\n} from './passwordless';\nexport type {\n PasswordlessChannel,\n IPasswordlessSendRequest,\n} from './passwordless';\n\n// Admin\nexport {\n IInitializeAdminRequest,\n IInitializeAdminResponse,\n IAdminUser,\n} from './admin';\n\n// Config\nexport {\n IEmailAuthConfig,\n IPhoneAuthConfig,\n IProfileFieldOption,\n IProfileField,\n IRegistrationConfig,\n IMfaConfig,\n ITenantOption,\n ITenantsConfig,\n ISsoProviderConfig,\n ISsoConfig,\n IUiConfig,\n TenantModeEnum,\n INestAuthTenantOptions,\n} from './config';\n\n// User & Role (from user.ts)\nexport {\n INestAuthUser,\n} from './user';\n\n// Role & Permission (from role.ts)\nexport {\n INestAuthRoleTenant,\n INestAuthRole,\n INestAuthPermission,\n ICreateRoleInput,\n IUpdateRoleInput,\n IUpdatePermissionInput,\n IRoleResponse,\n} from './role';\n\n// Tenant (from tenant.ts)\nexport {\n INestAuthTenant,\n INestAuthUserAccess,\n} from './tenant';\n","/**\n * Auth Types\n * Contains: Login/Signup/Token types + Auth Entities (Session, Identity, AccessKey, OTP)\n */\n\nimport type { INestAuthTenant, INestAuthUserAccess } from './tenant';\n\n// OTP Type Enum\nexport enum NestAuthOTPTypeEnum {\n PASSWORDLESS_LOGIN = 'passwordless_login',\n MAGIC_LINK_LOGIN = 'magic_link_login',\n PASSWORD_RESET = 'password_reset',\n EMAIL_VERIFICATION = 'email_verification',\n PHONE_VERIFICATION = 'phone_verification',\n MFA = 'mfa',\n}\n\n// MFA Method Enum (Needed for AuthResponse and others)\nexport enum NestAuthMFAMethodEnum {\n EMAIL = 'email',\n SMS = 'sms',\n TOTP = 'totp',\n}\n\n// --- Entity Interfaces ---\n\nexport interface INestAuthIdentity {\n id: string;\n provider: string;\n providerId: string;\n metadata?: Record<string, any>;\n userId: string;\n createdAt: Date;\n updatedAt: Date;\n}\n\nexport interface INestAuthSession {\n id: string;\n userId: string;\n data?: any;\n refreshToken?: string;\n expiresAt?: Date;\n userAgent?: string;\n deviceName?: string;\n ipAddress?: string;\n lastActive?: Date;\n createdAt?: Date;\n updatedAt?: Date;\n}\n\nexport interface INestAuthAccessKey {\n id: string;\n name: string;\n publicKey: string;\n privateKey: string;\n description?: string;\n isActive: boolean;\n expiresAt?: Date;\n lastUsedAt?: Date;\n userId: string;\n createdAt: Date;\n updatedAt: Date;\n}\n\nexport interface INestAuthOTP {\n id: string;\n userId: string;\n code: string;\n type: NestAuthOTPTypeEnum;\n expiresAt: Date;\n used: boolean;\n createdAt: Date;\n updatedAt: Date;\n}\n\n// --- Request/Response Interfaces ---\n\nexport interface IEmailCredentials {\n email: string;\n password: string;\n}\n\nexport interface IPhoneCredentials {\n phone: string;\n password: string;\n}\n\nexport interface ISocialCredentials {\n token: string;\n}\n\nexport interface IPasswordlessOtpLoginCredentials {\n identifier: string;\n channels?: Array<'email' | 'sms'>;\n code: string;\n}\n\nexport type ILoginCredentials =\n | IEmailCredentials\n | IPhoneCredentials\n | ISocialCredentials\n | IPasswordlessOtpLoginCredentials\n | Record<string, any>;\n\nexport interface ILoginRequest {\n providerName?: 'email' | 'phone' | 'passwordless' | 'google' | 'facebook' | 'apple' | 'github' | string;\n credentials: ILoginCredentials;\n tenantId?: string;\n createUserIfNotExists?: boolean;\n guard?: string;\n}\n\nexport interface ISignupRequest {\n email?: string;\n phone?: string;\n password: string;\n tenantId?: string;\n [key: string]: any;\n}\n\nexport interface IRefreshRequest {\n refreshToken?: string;\n}\n\nexport interface ISwitchTenantRequest {\n tenantId: string;\n}\n\nexport interface ITokenPair {\n accessToken: string;\n refreshToken: string;\n}\n\nexport interface IAuthUser {\n id: string;\n email?: string;\n phone?: string;\n isVerified?: boolean;\n isMfaEnabled?: boolean;\n roles?: string[];\n permissions?: string[];\n metadata?: Record<string, any>;\n userAccesses?: INestAuthUserAccess[];\n}\n\nexport interface IAuthResponse extends ITokenPair {\n message?: string;\n isRequiresMfa?: boolean;\n mfaMethods?: NestAuthMFAMethodEnum[];\n defaultMfaMethod?: NestAuthMFAMethodEnum;\n user?: IAuthUser;\n}\n\nexport interface IAuthSession {\n id: string;\n userId: string;\n expiresAt: string;\n createdAt: string;\n}\n\nexport interface IMessageResponse {\n message: string;\n}\n\nexport interface IAuthCookieResponse {\n message: string;\n isRequiresMfa?: boolean;\n}\n\nexport interface IAuthSuccessResponse {\n message: string;\n isRequiresMfa?: boolean;\n}\n\nexport interface IUserResponse {\n id: string;\n email?: string;\n phone?: string;\n isVerified?: boolean;\n isMfaEnabled?: boolean;\n roles?: string[];\n permissions?: string[];\n metadata?: Record<string, any>;\n tenantId?: string;\n tenants?: INestAuthTenant[];\n}\n\nexport interface ITokensResponse {\n accessToken: string;\n refreshToken: string;\n}\n","/**\n * Passwordless login — OTP (email/SMS) and magic link.\n * Uses `code` in verify requests (same as other verification flows; MFA still uses `otp`).\n */\n\n/**\n * `ILoginRequest.providerName` value for passwordless login (OTP / magic link).\n * Matches the server constant `PASSWORDLESS_AUTH_PROVIDER` in `@ackplus/nest-auth`.\n */\nexport const NEST_AUTH_PASSWORDLESS_PROVIDER = 'passwordless' as const;\n\nexport type PasswordlessChannel = 'email' | 'sms';\n\n/** Request a one-time code for passwordless login (email or SMS). */\nexport interface IPasswordlessSendRequest {\n /** Email address or phone number, depending on `channel`. */\n identifier: string;\n channel: PasswordlessChannel;\n tenantId?: string;\n}\n","/**\n * Config Types\n * Client configuration response types\n */\n\nimport { NestAuthMFAMethodEnum } from './auth';\n\nexport interface IEmailAuthConfig {\n enabled: boolean;\n}\n\nexport interface IPhoneAuthConfig {\n enabled: boolean;\n}\n\nexport interface IProfileFieldOption {\n label: string;\n value: string;\n}\n\nexport interface IProfileField {\n id: string;\n label: string;\n required?: boolean;\n type?: 'text' | 'email' | 'phone' | 'select' | 'checkbox' | 'password';\n placeholder?: string;\n options?: IProfileFieldOption[];\n}\n\nexport interface IRegistrationConfig {\n enabled: boolean;\n requireInvitation?: boolean;\n collectProfileFields?: IProfileField[];\n}\n\nexport interface IMfaConfig {\n enabled: boolean;\n methods?: NestAuthMFAMethodEnum[];\n allowUserToggle?: boolean;\n allowMethodSelection?: boolean;\n}\n\nexport interface ITenantOption {\n id: string;\n name: string;\n slug: string;\n isActive: boolean;\n metadata?: Record<string, any>;\n}\n\n/**\n * Tenant support configuration.\n * - enabled: false → no tenant checks; auth works without tenant (future-safe: entities remain).\n * - enabled: true → multi-tenant is on; tenant is required; mode controls behavior:\n * - ISOLATED: one tenant per user (user belongs to one tenant).\n * - SHARED: user can belong to multiple tenants; active tenant from header/subdomain/JWT/custom.\n */\nexport interface INestAuthTenantOptions {\n /** When false, tenant resolution and validation are disabled. When true, multi-tenant is enabled and tenant is required. Default: false. */\n enabled?: boolean;\n /** When enabled, use ISOLATED (one tenant per user) or SHARED (multiple tenants per user). Default: ISOLATED. */\n mode?: TenantModeEnum;\n}\n\nexport enum TenantModeEnum {\n ISOLATED = 'isolated',\n SHARED = 'shared',\n}\n\nexport interface ITenantsConfig {\n mode: TenantModeEnum;\n options?: ITenantOption[];\n}\n\nexport interface ISsoProviderConfig {\n id: string;\n name: string;\n logoUrl?: string;\n authorizationUrl?: string;\n clientId?: string;\n hint?: string;\n}\n\nexport interface ISsoConfig {\n enabled: boolean;\n providers?: ISsoProviderConfig[];\n}\n\nexport interface IUiConfig {\n brandName?: string;\n brandColor?: string;\n logoUrl?: string;\n backgroundImageUrl?: string;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACQO,IAAK,sBAAL,kBAAKA,yBAAL;AACH,EAAAA,qBAAA,wBAAqB;AACrB,EAAAA,qBAAA,sBAAmB;AACnB,EAAAA,qBAAA,oBAAiB;AACjB,EAAAA,qBAAA,wBAAqB;AACrB,EAAAA,qBAAA,wBAAqB;AACrB,EAAAA,qBAAA,SAAM;AANE,SAAAA;AAAA,GAAA;AAUL,IAAK,wBAAL,kBAAKC,2BAAL;AACH,EAAAA,uBAAA,WAAQ;AACR,EAAAA,uBAAA,SAAM;AACN,EAAAA,uBAAA,UAAQ;AAHA,SAAAA;AAAA,GAAA;;;ACTL,IAAM,kCAAkC;;;ACuDxC,IAAK,iBAAL,kBAAKC,oBAAL;AACH,EAAAA,gBAAA,cAAW;AACX,EAAAA,gBAAA,YAAS;AAFD,SAAAA;AAAA,GAAA;","names":["NestAuthOTPTypeEnum","NestAuthMFAMethodEnum","TenantModeEnum"]}
|
package/dist/index.d.cts
CHANGED
|
@@ -58,10 +58,11 @@ interface INestAuthMFASecret {
|
|
|
58
58
|
interface INestAuthTrustedDevice {
|
|
59
59
|
id: string;
|
|
60
60
|
userId: string;
|
|
61
|
-
|
|
61
|
+
tokenHash: string;
|
|
62
62
|
userAgent?: string;
|
|
63
63
|
ipAddress?: string;
|
|
64
64
|
expiresAt: Date;
|
|
65
|
+
revokedAt?: Date | null;
|
|
65
66
|
lastUsedAt?: Date;
|
|
66
67
|
createdAt: Date;
|
|
67
68
|
}
|
|
@@ -176,8 +177,11 @@ interface INestAuthUserAccess {
|
|
|
176
177
|
}
|
|
177
178
|
|
|
178
179
|
declare enum NestAuthOTPTypeEnum {
|
|
180
|
+
PASSWORDLESS_LOGIN = "passwordless_login",
|
|
181
|
+
MAGIC_LINK_LOGIN = "magic_link_login",
|
|
179
182
|
PASSWORD_RESET = "password_reset",
|
|
180
|
-
|
|
183
|
+
EMAIL_VERIFICATION = "email_verification",
|
|
184
|
+
PHONE_VERIFICATION = "phone_verification",
|
|
181
185
|
MFA = "mfa"
|
|
182
186
|
}
|
|
183
187
|
declare enum NestAuthMFAMethodEnum {
|
|
@@ -241,12 +245,18 @@ interface IPhoneCredentials {
|
|
|
241
245
|
interface ISocialCredentials {
|
|
242
246
|
token: string;
|
|
243
247
|
}
|
|
244
|
-
|
|
248
|
+
interface IPasswordlessOtpLoginCredentials {
|
|
249
|
+
identifier: string;
|
|
250
|
+
channels?: Array<'email' | 'sms'>;
|
|
251
|
+
code: string;
|
|
252
|
+
}
|
|
253
|
+
type ILoginCredentials = IEmailCredentials | IPhoneCredentials | ISocialCredentials | IPasswordlessOtpLoginCredentials | Record<string, any>;
|
|
245
254
|
interface ILoginRequest {
|
|
246
|
-
providerName?: 'email' | 'phone' | 'google' | 'facebook' | 'apple' | 'github' | string;
|
|
255
|
+
providerName?: 'email' | 'phone' | 'passwordless' | 'google' | 'facebook' | 'apple' | 'github' | string;
|
|
247
256
|
credentials: ILoginCredentials;
|
|
248
257
|
tenantId?: string;
|
|
249
258
|
createUserIfNotExists?: boolean;
|
|
259
|
+
guard?: string;
|
|
250
260
|
}
|
|
251
261
|
interface ISignupRequest {
|
|
252
262
|
email?: string;
|
|
@@ -332,7 +342,7 @@ interface IChangePasswordRequest {
|
|
|
332
342
|
interface IVerifyForgotPasswordOtpRequest {
|
|
333
343
|
email?: string;
|
|
334
344
|
phone?: string;
|
|
335
|
-
|
|
345
|
+
code: string;
|
|
336
346
|
tenantId?: string;
|
|
337
347
|
}
|
|
338
348
|
interface IVerifyOtpResponse {
|
|
@@ -342,7 +352,8 @@ interface IVerifyOtpResponse {
|
|
|
342
352
|
}
|
|
343
353
|
|
|
344
354
|
interface IVerifyEmailRequest {
|
|
345
|
-
|
|
355
|
+
code: string;
|
|
356
|
+
tenantId?: string;
|
|
346
357
|
}
|
|
347
358
|
interface IResendVerificationRequest {
|
|
348
359
|
email?: string;
|
|
@@ -350,12 +361,27 @@ interface IResendVerificationRequest {
|
|
|
350
361
|
interface ISendEmailVerificationRequest {
|
|
351
362
|
tenantId?: string;
|
|
352
363
|
}
|
|
364
|
+
interface IVerifyPhoneRequest {
|
|
365
|
+
code: string;
|
|
366
|
+
tenantId?: string;
|
|
367
|
+
}
|
|
368
|
+
interface ISendPhoneVerificationRequest {
|
|
369
|
+
tenantId?: string;
|
|
370
|
+
}
|
|
353
371
|
interface ISessionVerifyResponse {
|
|
354
372
|
valid: boolean;
|
|
355
373
|
userId?: string;
|
|
356
374
|
expiresAt?: string;
|
|
357
375
|
}
|
|
358
376
|
|
|
377
|
+
declare const NEST_AUTH_PASSWORDLESS_PROVIDER: "passwordless";
|
|
378
|
+
type PasswordlessChannel = 'email' | 'sms';
|
|
379
|
+
interface IPasswordlessSendRequest {
|
|
380
|
+
identifier: string;
|
|
381
|
+
channel: PasswordlessChannel;
|
|
382
|
+
tenantId?: string;
|
|
383
|
+
}
|
|
384
|
+
|
|
359
385
|
interface IInitializeAdminRequest {
|
|
360
386
|
email: string;
|
|
361
387
|
password: string;
|
|
@@ -446,4 +472,4 @@ interface IUiConfig {
|
|
|
446
472
|
backgroundImageUrl?: string;
|
|
447
473
|
}
|
|
448
474
|
|
|
449
|
-
export { type IAdminUser, type IAuthCookieResponse, type IAuthResponse, type IAuthSession, type IAuthSuccessResponse, type IAuthUser, type IChangePasswordRequest, type ICreateRoleInput, type IEmailAuthConfig, type IEmailCredentials, type IForgotPasswordRequest, type IInitializeAdminRequest, type IInitializeAdminResponse, type ILoginCredentials, type ILoginRequest, type IMessageResponse, type IMfaCodeResponse, type IMfaConfig, type IMfaDevice, type IMfaStatusResponse, type INestAuthAccessKey, type INestAuthIdentity, type INestAuthMFASecret, type INestAuthOTP, type INestAuthPermission, type INestAuthRole, type INestAuthRoleTenant, type INestAuthSession, type INestAuthTenant, type INestAuthTenantOptions, type INestAuthTrustedDevice, type INestAuthUser, type INestAuthUserAccess, type IPhoneAuthConfig, type IPhoneCredentials, type IProfileField, type IProfileFieldOption, type IRefreshRequest, type IRegistrationConfig, type IResendVerificationRequest, type IResetPasswordWithTokenRequest, type IRoleResponse, type ISendEmailVerificationRequest, type ISendMfaCodeRequest, type ISessionVerifyResponse, type ISignupRequest, type ISocialCredentials, type ISsoConfig, type ISsoProviderConfig, type ISwitchTenantRequest, type ITenantOption, type ITenantsConfig, type IToggleMfaRequest, type ITokenPair, type ITokensResponse, type ITotpSetupResponse, type IUiConfig, type IUpdatePermissionInput, type IUpdateRoleInput, type IUserResponse, type IVerify2faRequest, type IVerify2faResponse, type IVerifyEmailRequest, type IVerifyForgotPasswordOtpRequest, type IVerifyOtpResponse, type IVerifyTotpSetupRequest, NestAuthMFAMethodEnum, NestAuthOTPTypeEnum, TenantModeEnum };
|
|
475
|
+
export { type IAdminUser, type IAuthCookieResponse, type IAuthResponse, type IAuthSession, type IAuthSuccessResponse, type IAuthUser, type IChangePasswordRequest, type ICreateRoleInput, type IEmailAuthConfig, type IEmailCredentials, type IForgotPasswordRequest, type IInitializeAdminRequest, type IInitializeAdminResponse, type ILoginCredentials, type ILoginRequest, type IMessageResponse, type IMfaCodeResponse, type IMfaConfig, type IMfaDevice, type IMfaStatusResponse, type INestAuthAccessKey, type INestAuthIdentity, type INestAuthMFASecret, type INestAuthOTP, type INestAuthPermission, type INestAuthRole, type INestAuthRoleTenant, type INestAuthSession, type INestAuthTenant, type INestAuthTenantOptions, type INestAuthTrustedDevice, type INestAuthUser, type INestAuthUserAccess, type IPasswordlessOtpLoginCredentials, type IPasswordlessSendRequest, type IPhoneAuthConfig, type IPhoneCredentials, type IProfileField, type IProfileFieldOption, type IRefreshRequest, type IRegistrationConfig, type IResendVerificationRequest, type IResetPasswordWithTokenRequest, type IRoleResponse, type ISendEmailVerificationRequest, type ISendMfaCodeRequest, type ISendPhoneVerificationRequest, type ISessionVerifyResponse, type ISignupRequest, type ISocialCredentials, type ISsoConfig, type ISsoProviderConfig, type ISwitchTenantRequest, type ITenantOption, type ITenantsConfig, type IToggleMfaRequest, type ITokenPair, type ITokensResponse, type ITotpSetupResponse, type IUiConfig, type IUpdatePermissionInput, type IUpdateRoleInput, type IUserResponse, type IVerify2faRequest, type IVerify2faResponse, type IVerifyEmailRequest, type IVerifyForgotPasswordOtpRequest, type IVerifyOtpResponse, type IVerifyPhoneRequest, type IVerifyTotpSetupRequest, NEST_AUTH_PASSWORDLESS_PROVIDER, NestAuthMFAMethodEnum, NestAuthOTPTypeEnum, type PasswordlessChannel, TenantModeEnum };
|
package/dist/index.d.ts
CHANGED
|
@@ -58,10 +58,11 @@ interface INestAuthMFASecret {
|
|
|
58
58
|
interface INestAuthTrustedDevice {
|
|
59
59
|
id: string;
|
|
60
60
|
userId: string;
|
|
61
|
-
|
|
61
|
+
tokenHash: string;
|
|
62
62
|
userAgent?: string;
|
|
63
63
|
ipAddress?: string;
|
|
64
64
|
expiresAt: Date;
|
|
65
|
+
revokedAt?: Date | null;
|
|
65
66
|
lastUsedAt?: Date;
|
|
66
67
|
createdAt: Date;
|
|
67
68
|
}
|
|
@@ -176,8 +177,11 @@ interface INestAuthUserAccess {
|
|
|
176
177
|
}
|
|
177
178
|
|
|
178
179
|
declare enum NestAuthOTPTypeEnum {
|
|
180
|
+
PASSWORDLESS_LOGIN = "passwordless_login",
|
|
181
|
+
MAGIC_LINK_LOGIN = "magic_link_login",
|
|
179
182
|
PASSWORD_RESET = "password_reset",
|
|
180
|
-
|
|
183
|
+
EMAIL_VERIFICATION = "email_verification",
|
|
184
|
+
PHONE_VERIFICATION = "phone_verification",
|
|
181
185
|
MFA = "mfa"
|
|
182
186
|
}
|
|
183
187
|
declare enum NestAuthMFAMethodEnum {
|
|
@@ -241,12 +245,18 @@ interface IPhoneCredentials {
|
|
|
241
245
|
interface ISocialCredentials {
|
|
242
246
|
token: string;
|
|
243
247
|
}
|
|
244
|
-
|
|
248
|
+
interface IPasswordlessOtpLoginCredentials {
|
|
249
|
+
identifier: string;
|
|
250
|
+
channels?: Array<'email' | 'sms'>;
|
|
251
|
+
code: string;
|
|
252
|
+
}
|
|
253
|
+
type ILoginCredentials = IEmailCredentials | IPhoneCredentials | ISocialCredentials | IPasswordlessOtpLoginCredentials | Record<string, any>;
|
|
245
254
|
interface ILoginRequest {
|
|
246
|
-
providerName?: 'email' | 'phone' | 'google' | 'facebook' | 'apple' | 'github' | string;
|
|
255
|
+
providerName?: 'email' | 'phone' | 'passwordless' | 'google' | 'facebook' | 'apple' | 'github' | string;
|
|
247
256
|
credentials: ILoginCredentials;
|
|
248
257
|
tenantId?: string;
|
|
249
258
|
createUserIfNotExists?: boolean;
|
|
259
|
+
guard?: string;
|
|
250
260
|
}
|
|
251
261
|
interface ISignupRequest {
|
|
252
262
|
email?: string;
|
|
@@ -332,7 +342,7 @@ interface IChangePasswordRequest {
|
|
|
332
342
|
interface IVerifyForgotPasswordOtpRequest {
|
|
333
343
|
email?: string;
|
|
334
344
|
phone?: string;
|
|
335
|
-
|
|
345
|
+
code: string;
|
|
336
346
|
tenantId?: string;
|
|
337
347
|
}
|
|
338
348
|
interface IVerifyOtpResponse {
|
|
@@ -342,7 +352,8 @@ interface IVerifyOtpResponse {
|
|
|
342
352
|
}
|
|
343
353
|
|
|
344
354
|
interface IVerifyEmailRequest {
|
|
345
|
-
|
|
355
|
+
code: string;
|
|
356
|
+
tenantId?: string;
|
|
346
357
|
}
|
|
347
358
|
interface IResendVerificationRequest {
|
|
348
359
|
email?: string;
|
|
@@ -350,12 +361,27 @@ interface IResendVerificationRequest {
|
|
|
350
361
|
interface ISendEmailVerificationRequest {
|
|
351
362
|
tenantId?: string;
|
|
352
363
|
}
|
|
364
|
+
interface IVerifyPhoneRequest {
|
|
365
|
+
code: string;
|
|
366
|
+
tenantId?: string;
|
|
367
|
+
}
|
|
368
|
+
interface ISendPhoneVerificationRequest {
|
|
369
|
+
tenantId?: string;
|
|
370
|
+
}
|
|
353
371
|
interface ISessionVerifyResponse {
|
|
354
372
|
valid: boolean;
|
|
355
373
|
userId?: string;
|
|
356
374
|
expiresAt?: string;
|
|
357
375
|
}
|
|
358
376
|
|
|
377
|
+
declare const NEST_AUTH_PASSWORDLESS_PROVIDER: "passwordless";
|
|
378
|
+
type PasswordlessChannel = 'email' | 'sms';
|
|
379
|
+
interface IPasswordlessSendRequest {
|
|
380
|
+
identifier: string;
|
|
381
|
+
channel: PasswordlessChannel;
|
|
382
|
+
tenantId?: string;
|
|
383
|
+
}
|
|
384
|
+
|
|
359
385
|
interface IInitializeAdminRequest {
|
|
360
386
|
email: string;
|
|
361
387
|
password: string;
|
|
@@ -446,4 +472,4 @@ interface IUiConfig {
|
|
|
446
472
|
backgroundImageUrl?: string;
|
|
447
473
|
}
|
|
448
474
|
|
|
449
|
-
export { type IAdminUser, type IAuthCookieResponse, type IAuthResponse, type IAuthSession, type IAuthSuccessResponse, type IAuthUser, type IChangePasswordRequest, type ICreateRoleInput, type IEmailAuthConfig, type IEmailCredentials, type IForgotPasswordRequest, type IInitializeAdminRequest, type IInitializeAdminResponse, type ILoginCredentials, type ILoginRequest, type IMessageResponse, type IMfaCodeResponse, type IMfaConfig, type IMfaDevice, type IMfaStatusResponse, type INestAuthAccessKey, type INestAuthIdentity, type INestAuthMFASecret, type INestAuthOTP, type INestAuthPermission, type INestAuthRole, type INestAuthRoleTenant, type INestAuthSession, type INestAuthTenant, type INestAuthTenantOptions, type INestAuthTrustedDevice, type INestAuthUser, type INestAuthUserAccess, type IPhoneAuthConfig, type IPhoneCredentials, type IProfileField, type IProfileFieldOption, type IRefreshRequest, type IRegistrationConfig, type IResendVerificationRequest, type IResetPasswordWithTokenRequest, type IRoleResponse, type ISendEmailVerificationRequest, type ISendMfaCodeRequest, type ISessionVerifyResponse, type ISignupRequest, type ISocialCredentials, type ISsoConfig, type ISsoProviderConfig, type ISwitchTenantRequest, type ITenantOption, type ITenantsConfig, type IToggleMfaRequest, type ITokenPair, type ITokensResponse, type ITotpSetupResponse, type IUiConfig, type IUpdatePermissionInput, type IUpdateRoleInput, type IUserResponse, type IVerify2faRequest, type IVerify2faResponse, type IVerifyEmailRequest, type IVerifyForgotPasswordOtpRequest, type IVerifyOtpResponse, type IVerifyTotpSetupRequest, NestAuthMFAMethodEnum, NestAuthOTPTypeEnum, TenantModeEnum };
|
|
475
|
+
export { type IAdminUser, type IAuthCookieResponse, type IAuthResponse, type IAuthSession, type IAuthSuccessResponse, type IAuthUser, type IChangePasswordRequest, type ICreateRoleInput, type IEmailAuthConfig, type IEmailCredentials, type IForgotPasswordRequest, type IInitializeAdminRequest, type IInitializeAdminResponse, type ILoginCredentials, type ILoginRequest, type IMessageResponse, type IMfaCodeResponse, type IMfaConfig, type IMfaDevice, type IMfaStatusResponse, type INestAuthAccessKey, type INestAuthIdentity, type INestAuthMFASecret, type INestAuthOTP, type INestAuthPermission, type INestAuthRole, type INestAuthRoleTenant, type INestAuthSession, type INestAuthTenant, type INestAuthTenantOptions, type INestAuthTrustedDevice, type INestAuthUser, type INestAuthUserAccess, type IPasswordlessOtpLoginCredentials, type IPasswordlessSendRequest, type IPhoneAuthConfig, type IPhoneCredentials, type IProfileField, type IProfileFieldOption, type IRefreshRequest, type IRegistrationConfig, type IResendVerificationRequest, type IResetPasswordWithTokenRequest, type IRoleResponse, type ISendEmailVerificationRequest, type ISendMfaCodeRequest, type ISendPhoneVerificationRequest, type ISessionVerifyResponse, type ISignupRequest, type ISocialCredentials, type ISsoConfig, type ISsoProviderConfig, type ISwitchTenantRequest, type ITenantOption, type ITenantsConfig, type IToggleMfaRequest, type ITokenPair, type ITokensResponse, type ITotpSetupResponse, type IUiConfig, type IUpdatePermissionInput, type IUpdateRoleInput, type IUserResponse, type IVerify2faRequest, type IVerify2faResponse, type IVerifyEmailRequest, type IVerifyForgotPasswordOtpRequest, type IVerifyOtpResponse, type IVerifyPhoneRequest, type IVerifyTotpSetupRequest, NEST_AUTH_PASSWORDLESS_PROVIDER, NestAuthMFAMethodEnum, NestAuthOTPTypeEnum, type PasswordlessChannel, TenantModeEnum };
|
package/dist/index.js
CHANGED
|
@@ -1,7 +1,10 @@
|
|
|
1
1
|
// src/auth.ts
|
|
2
2
|
var NestAuthOTPTypeEnum = /* @__PURE__ */ ((NestAuthOTPTypeEnum2) => {
|
|
3
|
+
NestAuthOTPTypeEnum2["PASSWORDLESS_LOGIN"] = "passwordless_login";
|
|
4
|
+
NestAuthOTPTypeEnum2["MAGIC_LINK_LOGIN"] = "magic_link_login";
|
|
3
5
|
NestAuthOTPTypeEnum2["PASSWORD_RESET"] = "password_reset";
|
|
4
|
-
NestAuthOTPTypeEnum2["
|
|
6
|
+
NestAuthOTPTypeEnum2["EMAIL_VERIFICATION"] = "email_verification";
|
|
7
|
+
NestAuthOTPTypeEnum2["PHONE_VERIFICATION"] = "phone_verification";
|
|
5
8
|
NestAuthOTPTypeEnum2["MFA"] = "mfa";
|
|
6
9
|
return NestAuthOTPTypeEnum2;
|
|
7
10
|
})(NestAuthOTPTypeEnum || {});
|
|
@@ -12,6 +15,9 @@ var NestAuthMFAMethodEnum = /* @__PURE__ */ ((NestAuthMFAMethodEnum2) => {
|
|
|
12
15
|
return NestAuthMFAMethodEnum2;
|
|
13
16
|
})(NestAuthMFAMethodEnum || {});
|
|
14
17
|
|
|
18
|
+
// src/passwordless.ts
|
|
19
|
+
var NEST_AUTH_PASSWORDLESS_PROVIDER = "passwordless";
|
|
20
|
+
|
|
15
21
|
// src/config.ts
|
|
16
22
|
var TenantModeEnum = /* @__PURE__ */ ((TenantModeEnum2) => {
|
|
17
23
|
TenantModeEnum2["ISOLATED"] = "isolated";
|
|
@@ -19,6 +25,7 @@ var TenantModeEnum = /* @__PURE__ */ ((TenantModeEnum2) => {
|
|
|
19
25
|
return TenantModeEnum2;
|
|
20
26
|
})(TenantModeEnum || {});
|
|
21
27
|
export {
|
|
28
|
+
NEST_AUTH_PASSWORDLESS_PROVIDER,
|
|
22
29
|
NestAuthMFAMethodEnum,
|
|
23
30
|
NestAuthOTPTypeEnum,
|
|
24
31
|
TenantModeEnum
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/auth.ts","../src/config.ts"],"sourcesContent":["/**\n * Auth Types\n * Contains: Login/Signup/Token types + Auth Entities (Session, Identity, AccessKey, OTP)\n */\n\nimport type { INestAuthTenant, INestAuthUserAccess } from './tenant';\n\n// OTP Type Enum\nexport enum NestAuthOTPTypeEnum {\n PASSWORD_RESET = 'password_reset',\n
|
|
1
|
+
{"version":3,"sources":["../src/auth.ts","../src/passwordless.ts","../src/config.ts"],"sourcesContent":["/**\n * Auth Types\n * Contains: Login/Signup/Token types + Auth Entities (Session, Identity, AccessKey, OTP)\n */\n\nimport type { INestAuthTenant, INestAuthUserAccess } from './tenant';\n\n// OTP Type Enum\nexport enum NestAuthOTPTypeEnum {\n PASSWORDLESS_LOGIN = 'passwordless_login',\n MAGIC_LINK_LOGIN = 'magic_link_login',\n PASSWORD_RESET = 'password_reset',\n EMAIL_VERIFICATION = 'email_verification',\n PHONE_VERIFICATION = 'phone_verification',\n MFA = 'mfa',\n}\n\n// MFA Method Enum (Needed for AuthResponse and others)\nexport enum NestAuthMFAMethodEnum {\n EMAIL = 'email',\n SMS = 'sms',\n TOTP = 'totp',\n}\n\n// --- Entity Interfaces ---\n\nexport interface INestAuthIdentity {\n id: string;\n provider: string;\n providerId: string;\n metadata?: Record<string, any>;\n userId: string;\n createdAt: Date;\n updatedAt: Date;\n}\n\nexport interface INestAuthSession {\n id: string;\n userId: string;\n data?: any;\n refreshToken?: string;\n expiresAt?: Date;\n userAgent?: string;\n deviceName?: string;\n ipAddress?: string;\n lastActive?: Date;\n createdAt?: Date;\n updatedAt?: Date;\n}\n\nexport interface INestAuthAccessKey {\n id: string;\n name: string;\n publicKey: string;\n privateKey: string;\n description?: string;\n isActive: boolean;\n expiresAt?: Date;\n lastUsedAt?: Date;\n userId: string;\n createdAt: Date;\n updatedAt: Date;\n}\n\nexport interface INestAuthOTP {\n id: string;\n userId: string;\n code: string;\n type: NestAuthOTPTypeEnum;\n expiresAt: Date;\n used: boolean;\n createdAt: Date;\n updatedAt: Date;\n}\n\n// --- Request/Response Interfaces ---\n\nexport interface IEmailCredentials {\n email: string;\n password: string;\n}\n\nexport interface IPhoneCredentials {\n phone: string;\n password: string;\n}\n\nexport interface ISocialCredentials {\n token: string;\n}\n\nexport interface IPasswordlessOtpLoginCredentials {\n identifier: string;\n channels?: Array<'email' | 'sms'>;\n code: string;\n}\n\nexport type ILoginCredentials =\n | IEmailCredentials\n | IPhoneCredentials\n | ISocialCredentials\n | IPasswordlessOtpLoginCredentials\n | Record<string, any>;\n\nexport interface ILoginRequest {\n providerName?: 'email' | 'phone' | 'passwordless' | 'google' | 'facebook' | 'apple' | 'github' | string;\n credentials: ILoginCredentials;\n tenantId?: string;\n createUserIfNotExists?: boolean;\n guard?: string;\n}\n\nexport interface ISignupRequest {\n email?: string;\n phone?: string;\n password: string;\n tenantId?: string;\n [key: string]: any;\n}\n\nexport interface IRefreshRequest {\n refreshToken?: string;\n}\n\nexport interface ISwitchTenantRequest {\n tenantId: string;\n}\n\nexport interface ITokenPair {\n accessToken: string;\n refreshToken: string;\n}\n\nexport interface IAuthUser {\n id: string;\n email?: string;\n phone?: string;\n isVerified?: boolean;\n isMfaEnabled?: boolean;\n roles?: string[];\n permissions?: string[];\n metadata?: Record<string, any>;\n userAccesses?: INestAuthUserAccess[];\n}\n\nexport interface IAuthResponse extends ITokenPair {\n message?: string;\n isRequiresMfa?: boolean;\n mfaMethods?: NestAuthMFAMethodEnum[];\n defaultMfaMethod?: NestAuthMFAMethodEnum;\n user?: IAuthUser;\n}\n\nexport interface IAuthSession {\n id: string;\n userId: string;\n expiresAt: string;\n createdAt: string;\n}\n\nexport interface IMessageResponse {\n message: string;\n}\n\nexport interface IAuthCookieResponse {\n message: string;\n isRequiresMfa?: boolean;\n}\n\nexport interface IAuthSuccessResponse {\n message: string;\n isRequiresMfa?: boolean;\n}\n\nexport interface IUserResponse {\n id: string;\n email?: string;\n phone?: string;\n isVerified?: boolean;\n isMfaEnabled?: boolean;\n roles?: string[];\n permissions?: string[];\n metadata?: Record<string, any>;\n tenantId?: string;\n tenants?: INestAuthTenant[];\n}\n\nexport interface ITokensResponse {\n accessToken: string;\n refreshToken: string;\n}\n","/**\n * Passwordless login — OTP (email/SMS) and magic link.\n * Uses `code` in verify requests (same as other verification flows; MFA still uses `otp`).\n */\n\n/**\n * `ILoginRequest.providerName` value for passwordless login (OTP / magic link).\n * Matches the server constant `PASSWORDLESS_AUTH_PROVIDER` in `@ackplus/nest-auth`.\n */\nexport const NEST_AUTH_PASSWORDLESS_PROVIDER = 'passwordless' as const;\n\nexport type PasswordlessChannel = 'email' | 'sms';\n\n/** Request a one-time code for passwordless login (email or SMS). */\nexport interface IPasswordlessSendRequest {\n /** Email address or phone number, depending on `channel`. */\n identifier: string;\n channel: PasswordlessChannel;\n tenantId?: string;\n}\n","/**\n * Config Types\n * Client configuration response types\n */\n\nimport { NestAuthMFAMethodEnum } from './auth';\n\nexport interface IEmailAuthConfig {\n enabled: boolean;\n}\n\nexport interface IPhoneAuthConfig {\n enabled: boolean;\n}\n\nexport interface IProfileFieldOption {\n label: string;\n value: string;\n}\n\nexport interface IProfileField {\n id: string;\n label: string;\n required?: boolean;\n type?: 'text' | 'email' | 'phone' | 'select' | 'checkbox' | 'password';\n placeholder?: string;\n options?: IProfileFieldOption[];\n}\n\nexport interface IRegistrationConfig {\n enabled: boolean;\n requireInvitation?: boolean;\n collectProfileFields?: IProfileField[];\n}\n\nexport interface IMfaConfig {\n enabled: boolean;\n methods?: NestAuthMFAMethodEnum[];\n allowUserToggle?: boolean;\n allowMethodSelection?: boolean;\n}\n\nexport interface ITenantOption {\n id: string;\n name: string;\n slug: string;\n isActive: boolean;\n metadata?: Record<string, any>;\n}\n\n/**\n * Tenant support configuration.\n * - enabled: false → no tenant checks; auth works without tenant (future-safe: entities remain).\n * - enabled: true → multi-tenant is on; tenant is required; mode controls behavior:\n * - ISOLATED: one tenant per user (user belongs to one tenant).\n * - SHARED: user can belong to multiple tenants; active tenant from header/subdomain/JWT/custom.\n */\nexport interface INestAuthTenantOptions {\n /** When false, tenant resolution and validation are disabled. When true, multi-tenant is enabled and tenant is required. Default: false. */\n enabled?: boolean;\n /** When enabled, use ISOLATED (one tenant per user) or SHARED (multiple tenants per user). Default: ISOLATED. */\n mode?: TenantModeEnum;\n}\n\nexport enum TenantModeEnum {\n ISOLATED = 'isolated',\n SHARED = 'shared',\n}\n\nexport interface ITenantsConfig {\n mode: TenantModeEnum;\n options?: ITenantOption[];\n}\n\nexport interface ISsoProviderConfig {\n id: string;\n name: string;\n logoUrl?: string;\n authorizationUrl?: string;\n clientId?: string;\n hint?: string;\n}\n\nexport interface ISsoConfig {\n enabled: boolean;\n providers?: ISsoProviderConfig[];\n}\n\nexport interface IUiConfig {\n brandName?: string;\n brandColor?: string;\n logoUrl?: string;\n backgroundImageUrl?: string;\n}\n"],"mappings":";AAQO,IAAK,sBAAL,kBAAKA,yBAAL;AACH,EAAAA,qBAAA,wBAAqB;AACrB,EAAAA,qBAAA,sBAAmB;AACnB,EAAAA,qBAAA,oBAAiB;AACjB,EAAAA,qBAAA,wBAAqB;AACrB,EAAAA,qBAAA,wBAAqB;AACrB,EAAAA,qBAAA,SAAM;AANE,SAAAA;AAAA,GAAA;AAUL,IAAK,wBAAL,kBAAKC,2BAAL;AACH,EAAAA,uBAAA,WAAQ;AACR,EAAAA,uBAAA,SAAM;AACN,EAAAA,uBAAA,UAAQ;AAHA,SAAAA;AAAA,GAAA;;;ACTL,IAAM,kCAAkC;;;ACuDxC,IAAK,iBAAL,kBAAKC,oBAAL;AACH,EAAAA,gBAAA,cAAW;AACX,EAAAA,gBAAA,YAAS;AAFD,SAAAA;AAAA,GAAA;","names":["NestAuthOTPTypeEnum","NestAuthMFAMethodEnum","TenantModeEnum"]}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@ackplus/nest-auth-contracts",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "2.0.0-beta.1",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"main": "./dist/index.cjs",
|
|
6
6
|
"module": "./dist/index.js",
|
|
@@ -23,6 +23,7 @@
|
|
|
23
23
|
"tsup": "^8.3.5"
|
|
24
24
|
},
|
|
25
25
|
"scripts": {
|
|
26
|
-
"build": "tsup"
|
|
26
|
+
"build": "tsup",
|
|
27
|
+
"watch": "pnpm -C ../.. exec tsc -p packages/nest-auth-contracts/tsconfig.build.json -w"
|
|
27
28
|
}
|
|
28
29
|
}
|