@ackplus/nest-auth 0.0.23 → 0.0.25
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/index.d.ts +1 -0
- package/src/index.js +1 -0
- package/src/index.js.map +1 -1
- package/src/lib/auth.constants.d.ts +1 -0
- package/src/lib/auth.constants.js +2 -1
- package/src/lib/auth.constants.js.map +1 -1
- package/src/lib/auth.module.d.ts +0 -0
- package/src/lib/auth.module.js +1 -0
- package/src/lib/auth.module.js.map +1 -0
- package/src/lib/decorators/nest-auth-role.decorator.d.ts +3 -0
- package/src/lib/decorators/nest-auth-role.decorator.js +14 -0
- package/src/lib/decorators/nest-auth-role.decorator.js.map +1 -0
- package/src/lib/dto/responses/auth.response.dto.d.ts +6 -6
- package/src/lib/dto/responses/auth.response.dto.js +14 -19
- package/src/lib/dto/responses/auth.response.dto.js.map +1 -1
- package/src/lib/entities/access-key.entity.d.ts +16 -0
- package/src/lib/entities/access-key.entity.js +63 -0
- package/src/lib/entities/access-key.entity.js.map +1 -0
- package/src/lib/entities/index.d.ts +3 -1
- package/src/lib/entities/index.js +2 -0
- package/src/lib/entities/index.js.map +1 -1
- package/src/lib/entities/permission.entity.d.ts +1 -0
- package/src/lib/entities/permission.entity.js +5 -0
- package/src/lib/entities/permission.entity.js.map +1 -1
- package/src/lib/entities/role-permission.entity.d.ts +2 -1
- package/src/lib/entities/role-permission.entity.js +1 -1
- package/src/lib/entities/role-permission.entity.js.map +1 -1
- package/src/lib/entities/role.entity.d.ts +12 -2
- package/src/lib/entities/role.entity.js +65 -4
- package/src/lib/entities/role.entity.js.map +1 -1
- package/src/lib/entities/tenant.entity.d.ts +3 -3
- package/src/lib/entities/tenant.entity.js +9 -6
- package/src/lib/entities/tenant.entity.js.map +1 -1
- package/src/lib/entities/user.entity.js +1 -1
- package/src/lib/entities/user.entity.js.map +1 -1
- package/src/lib/events/index.d.ts +34 -0
- package/src/lib/events/index.js +39 -0
- package/src/lib/events/index.js.map +1 -0
- package/src/lib/events/logged-out-all.event.d.ts +15 -0
- package/src/lib/events/logged-out-all.event.js +10 -0
- package/src/lib/events/logged-out-all.event.js.map +1 -0
- package/src/lib/events/logged-out.event.d.ts +13 -0
- package/src/lib/events/logged-out.event.js +10 -0
- package/src/lib/events/logged-out.event.js.map +1 -0
- package/src/lib/events/password-reset-requested.event.d.ts +15 -0
- package/src/lib/events/password-reset-requested.event.js +10 -0
- package/src/lib/events/password-reset-requested.event.js.map +1 -0
- package/src/lib/events/password-reset.event.d.ts +11 -0
- package/src/lib/events/password-reset.event.js +10 -0
- package/src/lib/events/password-reset.event.js.map +1 -0
- package/src/lib/events/tenant-created.event.d.ts +8 -0
- package/src/lib/events/tenant-created.event.js +10 -0
- package/src/lib/events/tenant-created.event.js.map +1 -0
- package/src/lib/events/tenant-deleted.event.d.ts +8 -0
- package/src/lib/events/tenant-deleted.event.js +10 -0
- package/src/lib/events/tenant-deleted.event.js.map +1 -0
- package/src/lib/events/tenant-updated.event.d.ts +9 -0
- package/src/lib/events/tenant-updated.event.js +10 -0
- package/src/lib/events/tenant-updated.event.js.map +1 -0
- package/src/lib/events/user-2fa-verified.event.d.ts +15 -0
- package/src/lib/events/user-2fa-verified.event.js +10 -0
- package/src/lib/events/user-2fa-verified.event.js.map +1 -0
- package/src/lib/events/user-created.event.d.ts +9 -0
- package/src/lib/events/user-created.event.js +10 -0
- package/src/lib/events/user-created.event.js.map +1 -0
- package/src/lib/events/user-deleted.event.d.ts +9 -0
- package/src/lib/events/user-deleted.event.js +10 -0
- package/src/lib/events/user-deleted.event.js.map +1 -0
- package/src/lib/events/user-logged-in.event.d.ts +17 -0
- package/src/lib/events/user-logged-in.event.js +10 -0
- package/src/lib/events/user-logged-in.event.js.map +1 -0
- package/src/lib/events/user-refresh-token.event.d.ts +11 -0
- package/src/lib/events/user-refresh-token.event.js +10 -0
- package/src/lib/events/user-refresh-token.event.js.map +1 -0
- package/src/lib/events/user-registered.event.d.ts +17 -0
- package/src/lib/events/user-registered.event.js +10 -0
- package/src/lib/events/user-registered.event.js.map +1 -0
- package/src/lib/events/user-updated.event.d.ts +10 -0
- package/src/lib/events/user-updated.event.js +10 -0
- package/src/lib/events/user-updated.event.js.map +1 -0
- package/src/lib/guards/auth.guard.d.ts +8 -5
- package/src/lib/guards/auth.guard.js +59 -32
- package/src/lib/guards/auth.guard.js.map +1 -1
- package/src/lib/guards/nest-auth-role.guard.d.ts +7 -0
- package/src/lib/guards/nest-auth-role.guard.js +37 -0
- package/src/lib/guards/nest-auth-role.guard.js.map +1 -0
- package/src/lib/migrations/1746682410695-migration.d.ts +6 -0
- package/src/lib/migrations/1746682410695-migration.js +40 -0
- package/src/lib/migrations/1746682410695-migration.js.map +1 -0
- package/src/lib/nest-auth.module.js +26 -13
- package/src/lib/nest-auth.module.js.map +1 -1
- package/src/lib/services/access-key.service.d.ts +19 -0
- package/src/lib/services/access-key.service.js +119 -0
- package/src/lib/services/access-key.service.js.map +1 -0
- package/src/lib/services/auth.service.d.ts +5 -3
- package/src/lib/services/auth.service.js +80 -15
- package/src/lib/services/auth.service.js.map +1 -1
- package/src/lib/services/role.service.d.ts +16 -0
- package/src/lib/services/role.service.js +194 -0
- package/src/lib/services/role.service.js.map +1 -0
- package/src/lib/services/tenant.service.d.ts +16 -0
- package/src/lib/services/tenant.service.js +134 -0
- package/src/lib/services/tenant.service.js.map +1 -0
- package/src/lib/services/user.service.d.ts +20 -0
- package/src/lib/services/user.service.js +211 -0
- package/src/lib/services/user.service.js.map +1 -0
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.guard.js","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/guards/auth.guard.ts"],"names":[],"mappings":";;;;AAAA,
|
|
1
|
+
{"version":3,"file":"auth.guard.js","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/guards/auth.guard.ts"],"names":[],"mappings":";;;;AAAA,2CAAkG;AAClG,sDAAqH;AACrH,yEAAgE;AAChE,uCAAyC;AAEzC,yDAAqD;AAErD,2DAAuD;AACvD,mFAA8E;AAC9E,+DAA2D;AAC3D,uEAAkE;AAG3D,IAAM,SAAS,GAAf,MAAM,SAAS;IAClB,YACY,SAAoB,EACpB,UAAsB,EACtB,WAAwB,EACxB,cAAkC,EAClC,aAA4B,EAC5B,gBAAkC;QALlC,cAAS,GAAT,SAAS,CAAW;QACpB,eAAU,GAAV,UAAU,CAAY;QACtB,gBAAW,GAAX,WAAW,CAAa;QACxB,mBAAc,GAAd,cAAc,CAAoB;QAClC,kBAAa,GAAb,aAAa,CAAe;QAC5B,qBAAgB,GAAhB,gBAAgB,CAAkB;IAC1C,CAAC;IAEL,KAAK,CAAC,WAAW,CAAC,OAAyB;QACvC,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAW,CAAC;QAC7D,MAAM,QAAQ,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,WAAW,EAAY,CAAC;QAEhE,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QACjD,IAAI,CAAC,UAAU,EAAE,CAAC;YACd,MAAM,IAAI,8BAAqB,CAAC;gBAC5B,OAAO,EAAE,4BAA4B;gBACrC,IAAI,EAAE,SAAS;aAClB,CAAC,CAAC;QACP,CAAC;QAED,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAG5C,QAAQ,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;YACzB,KAAK,QAAQ;gBACT,OAAO,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;YACvE,KAAK,QAAQ;gBACT,OAAO,MAAM,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YACvD;gBACI,MAAM,IAAI,8BAAqB,CAAC;oBAC5B,OAAO,EAAE,6BAA6B;oBACtC,IAAI,EAAE,mBAAmB;iBAC5B,CAAC,CAAC;QACX,CAAC;IAEL,CAAC;IAEO,KAAK,CAAC,aAAa,CAAC,OAAyB,EAAE,OAAgB,EAAE,QAAkB,EAAE,KAAa;QACtG,IAAI,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YACzD,OAAO,CAAC,MAAM,CAAC,GAAG,OAAO,CAAC;YAC1B,OAAO,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC;YAE5B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YACxE,IAAI,CAAC,OAAO,EAAE,CAAC;gBACX,MAAM,IAAI,8BAAqB,CAAC;oBAC5B,OAAO,EAAE,mBAAmB;oBAC5B,IAAI,EAAE,4CAA2B;iBACpC,CAAC,CAAC;YACP,CAAC;YAED,OAAO,CAAC,SAAS,CAAC,GAAG,OAAO,CAAC;YAC7B,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YACtC,OAAO,IAAI,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YAEb,MAAM,YAAY,GAAG,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC;YACvD,IAAI,CAAC,YAAY,EAAE,CAAC;gBAChB,MAAM,IAAI,8BAAqB,CAAC;oBAC5B,OAAO,EAAE,eAAe;oBACxB,IAAI,EAAE,4CAA2B;iBACpC,CAAC,CAAC;YACP,CAAC;YAED,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;YACrE,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,QAAQ,EAAE,UAAU,CAAC,WAAW,EAAE,UAAU,CAAC,YAAY,CAAC,CAAC;YACxF,OAAO,IAAI,CAAC;QAChB,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAAC,OAAgB,EAAE,KAAa;QAE1D,MAAM,CAAC,SAAS,EAAE,UAAU,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACjD,IAAI,CAAC,SAAS,IAAI,CAAC,UAAU,EAAE,CAAC;YAC5B,MAAM,IAAI,8BAAqB,CAAC;gBAC5B,OAAO,EAAE,wBAAwB;gBACjC,IAAI,EAAE,wBAAwB;aACjC,CAAC,CAAC;QACP,CAAC;QAGD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;QACrF,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,8BAAqB,CAAC;gBAC5B,OAAO,EAAE,iBAAiB;gBAC1B,IAAI,EAAE,iBAAiB;aAC1B,CAAC,CAAC;QACP,CAAC;QAGD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QAGtE,MAAM,IAAI,CAAC,gBAAgB,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAC;QAG/D,OAAO,CAAC,MAAM,CAAC,GAAG,SAAS,CAAC,IAAI,CAAC;QACjC,OAAO,CAAC,WAAW,CAAC,GAAG,SAAS,CAAC;QACjC,OAAO,CAAC,UAAU,CAAC,GAAG,SAAS,CAAC;QAEhC,OAAO,IAAI,CAAC;IAChB,CAAC;IAEO,mBAAmB,CAAC,OAAgB;QAExC,MAAM,eAAe,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,0CAAyB,CAAC,CAAC;QACrE,IAAI,eAAe,EAAE,CAAC;YAClB,OAAO,eAAe,CAAC;QAC3B,CAAC;QAGD,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;QACtD,IAAI,UAAU,EAAE,CAAC;YACb,OAAO,UAAoB,CAAC;QAChC,CAAC;QAED,OAAO,IAAI,CAAC;IAChB,CAAC;IAEO,KAAK,CAAC,QAAQ,CAAC,OAAyB,EAAE,OAAwB;QAEtE,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,iCAAY,EAAE;YACpE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACrB,CAAC,CAAC;QAGH,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC;QAC1C,MAAM,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC;QAG5C,IAAI,YAAY,IAAI,CAAC,aAAa,IAAI,CAAC,OAAO,EAAE,CAAC;YAC7C,MAAM,IAAI,8BAAqB,CAAC;gBAC5B,OAAO,EAAE,yCAAyC;gBAClD,IAAI,EAAE,4CAA2B;aACpC,CAAC,CAAC;QACP,CAAC;IACL,CAAC;CACJ,CAAA;AA5IY,8BAAS;oBAAT,SAAS;IADrB,IAAA,mBAAU,GAAE;6CAGc,gBAAS;QACR,wBAAU;QACT,0BAAW;QACR,yCAAkB;QACnB,8BAAa;QACV,qCAAgB;GAPrC,SAAS,CA4IrB"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
2
|
+
import { Reflector } from '@nestjs/core';
|
|
3
|
+
export declare class NestAuthRoleGuard implements CanActivate {
|
|
4
|
+
private reflector;
|
|
5
|
+
constructor(reflector: Reflector);
|
|
6
|
+
canActivate(context: ExecutionContext): boolean;
|
|
7
|
+
}
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.NestAuthRoleGuard = void 0;
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
const common_1 = require("@nestjs/common");
|
|
6
|
+
const core_1 = require("@nestjs/core");
|
|
7
|
+
const nest_auth_role_decorator_1 = require("../decorators/nest-auth-role.decorator");
|
|
8
|
+
const nest_auth_role_decorator_2 = require("../decorators/nest-auth-role.decorator");
|
|
9
|
+
let NestAuthRoleGuard = class NestAuthRoleGuard {
|
|
10
|
+
constructor(reflector) {
|
|
11
|
+
this.reflector = reflector;
|
|
12
|
+
}
|
|
13
|
+
canActivate(context) {
|
|
14
|
+
const requiredRoles = this.reflector.getAllAndOverride(nest_auth_role_decorator_2.ROLES_KEY, [context.getHandler(), context.getClass()]);
|
|
15
|
+
const requiredGuard = this.reflector.getAllAndOverride(nest_auth_role_decorator_1.GUARD_KEY, [context.getHandler(), context.getClass()]);
|
|
16
|
+
if (!requiredRoles || !requiredGuard) {
|
|
17
|
+
return true;
|
|
18
|
+
}
|
|
19
|
+
const request = context.switchToHttp().getRequest();
|
|
20
|
+
const user = request.user;
|
|
21
|
+
if (!user || !user.roles) {
|
|
22
|
+
return false;
|
|
23
|
+
}
|
|
24
|
+
return user.roles.some((role) => {
|
|
25
|
+
if (role.guard !== requiredGuard) {
|
|
26
|
+
return false;
|
|
27
|
+
}
|
|
28
|
+
return requiredRoles.includes(role.name);
|
|
29
|
+
});
|
|
30
|
+
}
|
|
31
|
+
};
|
|
32
|
+
exports.NestAuthRoleGuard = NestAuthRoleGuard;
|
|
33
|
+
exports.NestAuthRoleGuard = NestAuthRoleGuard = tslib_1.__decorate([
|
|
34
|
+
(0, common_1.Injectable)(),
|
|
35
|
+
tslib_1.__metadata("design:paramtypes", [core_1.Reflector])
|
|
36
|
+
], NestAuthRoleGuard);
|
|
37
|
+
//# sourceMappingURL=nest-auth-role.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"nest-auth-role.guard.js","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/guards/nest-auth-role.guard.ts"],"names":[],"mappings":";;;;AAAA,2CAA2E;AAC3E,uCAAyC;AACzC,qFAAmE;AACnE,qFAAmE;AAI5D,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAC1B,YAAoB,SAAoB;QAApB,cAAS,GAAT,SAAS,CAAW;IAAI,CAAC;IAE7C,WAAW,CAAC,OAAyB;QACjC,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAClD,oCAAS,EACT,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAC7C,CAAC;QAEF,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAClD,oCAAS,EACT,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAC7C,CAAC;QAEF,IAAI,CAAC,aAAa,IAAI,CAAC,aAAa,EAAE,CAAC;YACnC,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QACpD,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;QAE1B,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;YACvB,OAAO,KAAK,CAAC;QACjB,CAAC;QAED,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAS,EAAE,EAAE;YACjC,IAAI,IAAI,CAAC,KAAK,KAAK,aAAa,EAAE,CAAC;gBAC/B,OAAO,KAAK,CAAC;YACjB,CAAC;YAED,OAAO,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7C,CAAC,CAAC,CAAC;IACP,CAAC;CACJ,CAAA;AAjCY,8CAAiB;4BAAjB,iBAAiB;IAD7B,IAAA,mBAAU,GAAE;6CAEsB,gBAAS;GAD/B,iBAAiB,CAiC7B"}
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.Migration1746682410695 = void 0;
|
|
4
|
+
class Migration1746682410695 {
|
|
5
|
+
constructor() {
|
|
6
|
+
this.name = 'Migration1746682410695';
|
|
7
|
+
}
|
|
8
|
+
async up(queryRunner) {
|
|
9
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_role_permissions" DROP CONSTRAINT "FK_e890e94238c68a858bce449faa4"`);
|
|
10
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_user_roles" DROP CONSTRAINT "FK_e960d551ae46638da46ae26bb7c"`);
|
|
11
|
+
await queryRunner.query(`CREATE TABLE "roles" ("id" uuid NOT NULL DEFAULT uuid_generate_v4(), "name" character varying NOT NULL, "guard" character varying DEFAULT 'web', "tenantId" uuid, "isSystem" boolean NOT NULL DEFAULT false, "isActive" boolean NOT NULL DEFAULT true, "createdAt" TIMESTAMP NOT NULL DEFAULT now(), "updatedAt" TIMESTAMP NOT NULL DEFAULT now(), CONSTRAINT "UQ_450582f5fcc2c778827ec2e3219" UNIQUE ("name", "guard", "tenantId"), CONSTRAINT "PK_c1433d71a4838793a49dcad46ab" PRIMARY KEY ("id"))`);
|
|
12
|
+
await queryRunner.query(`CREATE TABLE "nest_auth_access_keys" ("id" uuid NOT NULL DEFAULT uuid_generate_v4(), "name" character varying NOT NULL, "publicKey" character varying NOT NULL, "privateKey" character varying NOT NULL, "description" character varying, "isActive" boolean NOT NULL DEFAULT true, "expiresAt" TIMESTAMP, "lastUsedAt" TIMESTAMP, "userId" uuid NOT NULL, "createdAt" TIMESTAMP NOT NULL DEFAULT now(), "updatedAt" TIMESTAMP NOT NULL DEFAULT now(), CONSTRAINT "UQ_f5eaeb4329047e54a8d0398878a" UNIQUE ("publicKey"), CONSTRAINT "PK_c0c250ec2ad74c1957588fb2ef6" PRIMARY KEY ("id"))`);
|
|
13
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_tenants" DROP COLUMN "createdByUserId"`);
|
|
14
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_tenants" ADD "description" character varying`);
|
|
15
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_tenants" ADD "metadata" text DEFAULT '{}'`);
|
|
16
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_tenants" ADD "isActive" boolean NOT NULL DEFAULT true`);
|
|
17
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_permissions" ADD "guard" character varying DEFAULT 'web'`);
|
|
18
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_role_permissions" ADD CONSTRAINT "FK_e890e94238c68a858bce449faa4" FOREIGN KEY ("roleId") REFERENCES "roles"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
|
|
19
|
+
await queryRunner.query(`ALTER TABLE "roles" ADD CONSTRAINT "FK_c954ae3b1156e075ccd4e9ce3e6" FOREIGN KEY ("tenantId") REFERENCES "nest_auth_tenants"("id") ON DELETE NO ACTION ON UPDATE NO ACTION`);
|
|
20
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_user_roles" ADD CONSTRAINT "FK_e960d551ae46638da46ae26bb7c" FOREIGN KEY ("roleId") REFERENCES "roles"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
|
|
21
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_access_keys" ADD CONSTRAINT "FK_5a586a6bddf6d5652be9469cb7d" FOREIGN KEY ("userId") REFERENCES "nest_auth_users"("id") ON DELETE NO ACTION ON UPDATE NO ACTION`);
|
|
22
|
+
}
|
|
23
|
+
async down(queryRunner) {
|
|
24
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_access_keys" DROP CONSTRAINT "FK_5a586a6bddf6d5652be9469cb7d"`);
|
|
25
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_user_roles" DROP CONSTRAINT "FK_e960d551ae46638da46ae26bb7c"`);
|
|
26
|
+
await queryRunner.query(`ALTER TABLE "roles" DROP CONSTRAINT "FK_c954ae3b1156e075ccd4e9ce3e6"`);
|
|
27
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_role_permissions" DROP CONSTRAINT "FK_e890e94238c68a858bce449faa4"`);
|
|
28
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_permissions" DROP COLUMN "guard"`);
|
|
29
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_tenants" DROP COLUMN "isActive"`);
|
|
30
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_tenants" DROP COLUMN "metadata"`);
|
|
31
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_tenants" DROP COLUMN "description"`);
|
|
32
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_tenants" ADD "createdByUserId" character varying`);
|
|
33
|
+
await queryRunner.query(`DROP TABLE "nest_auth_access_keys"`);
|
|
34
|
+
await queryRunner.query(`DROP TABLE "roles"`);
|
|
35
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_user_roles" ADD CONSTRAINT "FK_e960d551ae46638da46ae26bb7c" FOREIGN KEY ("roleId") REFERENCES "nest_auth_roles"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
|
|
36
|
+
await queryRunner.query(`ALTER TABLE "nest_auth_role_permissions" ADD CONSTRAINT "FK_e890e94238c68a858bce449faa4" FOREIGN KEY ("roleId") REFERENCES "nest_auth_roles"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
|
|
37
|
+
}
|
|
38
|
+
}
|
|
39
|
+
exports.Migration1746682410695 = Migration1746682410695;
|
|
40
|
+
//# sourceMappingURL=1746682410695-migration.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"1746682410695-migration.js","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/migrations/1746682410695-migration.ts"],"names":[],"mappings":";;;AAEA,MAAa,sBAAsB;IAAnC;QACI,SAAI,GAAG,wBAAwB,CAAA;IAkCnC,CAAC;IAhCU,KAAK,CAAC,EAAE,CAAC,WAAwB;QACpC,MAAM,WAAW,CAAC,KAAK,CAAC,2FAA2F,CAAC,CAAC;QACrH,MAAM,WAAW,CAAC,KAAK,CAAC,qFAAqF,CAAC,CAAC;QAC/G,MAAM,WAAW,CAAC,KAAK,CAAC,seAAse,CAAC,CAAC;QAChgB,MAAM,WAAW,CAAC,KAAK,CAAC,0jBAA0jB,CAAC,CAAC;QACplB,MAAM,WAAW,CAAC,KAAK,CAAC,+DAA+D,CAAC,CAAC;QACzF,MAAM,WAAW,CAAC,KAAK,CAAC,qEAAqE,CAAC,CAAC;QAC/F,MAAM,WAAW,CAAC,KAAK,CAAC,kEAAkE,CAAC,CAAC;QAC5F,MAAM,WAAW,CAAC,KAAK,CAAC,8EAA8E,CAAC,CAAC;QACxG,MAAM,WAAW,CAAC,KAAK,CAAC,iFAAiF,CAAC,CAAC;QAC3G,MAAM,WAAW,CAAC,KAAK,CAAC,gLAAgL,CAAC,CAAC;QAC1M,MAAM,WAAW,CAAC,KAAK,CAAC,2KAA2K,CAAC,CAAC;QACrM,MAAM,WAAW,CAAC,KAAK,CAAC,0KAA0K,CAAC,CAAC;QACpM,MAAM,WAAW,CAAC,KAAK,CAAC,uLAAuL,CAAC,CAAC;IACrN,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,WAAwB;QACtC,MAAM,WAAW,CAAC,KAAK,CAAC,sFAAsF,CAAC,CAAC;QAChH,MAAM,WAAW,CAAC,KAAK,CAAC,qFAAqF,CAAC,CAAC;QAC/G,MAAM,WAAW,CAAC,KAAK,CAAC,sEAAsE,CAAC,CAAC;QAChG,MAAM,WAAW,CAAC,KAAK,CAAC,2FAA2F,CAAC,CAAC;QACrH,MAAM,WAAW,CAAC,KAAK,CAAC,yDAAyD,CAAC,CAAC;QACnF,MAAM,WAAW,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QAClF,MAAM,WAAW,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QAClF,MAAM,WAAW,CAAC,KAAK,CAAC,2DAA2D,CAAC,CAAC;QACrF,MAAM,WAAW,CAAC,KAAK,CAAC,yEAAyE,CAAC,CAAC;QACnG,MAAM,WAAW,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;QAC9D,MAAM,WAAW,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;QAC9C,MAAM,WAAW,CAAC,KAAK,CAAC,oLAAoL,CAAC,CAAC;QAC9M,MAAM,WAAW,CAAC,KAAK,CAAC,0LAA0L,CAAC,CAAC;IACxN,CAAC;CAEJ;AAnCD,wDAmCC"}
|
|
@@ -20,22 +20,29 @@ const request_context_middleware_1 = require("./request-context/request-context.
|
|
|
20
20
|
const auth_migration_service_1 = require("./services/auth-migration-service");
|
|
21
21
|
const mfa_service_1 = require("./services/mfa.service");
|
|
22
22
|
const database_session_service_1 = require("./services/session/database-session.service");
|
|
23
|
-
const redis_session_service_1 = require("./services/session/redis-session.service");
|
|
24
23
|
const session_options_interface_1 = require("./interfaces/session-options.interface");
|
|
25
24
|
const base_session_service_1 = require("./services/session/base-session.service");
|
|
26
|
-
const ioredis_1 = require("@nestjs-modules/ioredis");
|
|
27
25
|
const deepmerge_1 = tslib_1.__importDefault(require("deepmerge"));
|
|
28
26
|
const mfa_options_interface_1 = require("./interfaces/mfa-options.interface");
|
|
29
27
|
const jwt_service_1 = require("./services/jwt.service");
|
|
30
28
|
const cookie_service_1 = require("./services/cookie.service");
|
|
31
29
|
const mfa_controller_1 = require("./controllers/mfa.controller");
|
|
32
30
|
const auth_controller_1 = require("./controllers/auth.controller");
|
|
31
|
+
const role_service_1 = require("./services/role.service");
|
|
32
|
+
const event_emitter_1 = require("@nestjs/event-emitter");
|
|
33
|
+
const user_service_1 = require("./services/user.service");
|
|
34
|
+
const tenant_service_1 = require("./services/tenant.service");
|
|
35
|
+
const access_key_service_1 = require("./services/access-key.service");
|
|
33
36
|
let NestAuthModule = NestAuthModule_1 = class NestAuthModule {
|
|
34
37
|
static createDynamicModule(providers, imports = []) {
|
|
35
38
|
const commonProviders = [
|
|
36
39
|
auth_migration_service_1.AuthMigrationService,
|
|
37
40
|
auth_service_1.AuthService,
|
|
38
41
|
auth_guard_1.AuthGuard,
|
|
42
|
+
role_service_1.RoleService,
|
|
43
|
+
user_service_1.UserService,
|
|
44
|
+
tenant_service_1.TenantService,
|
|
45
|
+
access_key_service_1.AccessKeyService,
|
|
39
46
|
email_auth_provider_1.EmailAuthProvider,
|
|
40
47
|
phone_auth_provider_1.PhoneAuthProvider,
|
|
41
48
|
jwt_auth_provider_1.JwtAuthProvider,
|
|
@@ -68,10 +75,7 @@ let NestAuthModule = NestAuthModule_1 = class NestAuthModule {
|
|
|
68
75
|
],
|
|
69
76
|
imports: [
|
|
70
77
|
typeorm_1.TypeOrmModule.forFeature(entities_1.AllAuthEntities),
|
|
71
|
-
|
|
72
|
-
url: 'redis://localhost:6379',
|
|
73
|
-
type: 'single',
|
|
74
|
-
}),
|
|
78
|
+
event_emitter_1.EventEmitterModule.forRoot(),
|
|
75
79
|
...imports,
|
|
76
80
|
],
|
|
77
81
|
providers: [...providers, ...commonProviders],
|
|
@@ -79,6 +83,10 @@ let NestAuthModule = NestAuthModule_1 = class NestAuthModule {
|
|
|
79
83
|
auth_constants_1.AUTH_MODULE_OPTIONS,
|
|
80
84
|
auth_migration_service_1.AuthMigrationService,
|
|
81
85
|
auth_service_1.AuthService,
|
|
86
|
+
role_service_1.RoleService,
|
|
87
|
+
user_service_1.UserService,
|
|
88
|
+
tenant_service_1.TenantService,
|
|
89
|
+
access_key_service_1.AccessKeyService,
|
|
82
90
|
auth_guard_1.AuthGuard,
|
|
83
91
|
email_auth_provider_1.EmailAuthProvider,
|
|
84
92
|
phone_auth_provider_1.PhoneAuthProvider,
|
|
@@ -111,28 +119,24 @@ let NestAuthModule = NestAuthModule_1 = class NestAuthModule {
|
|
|
111
119
|
}
|
|
112
120
|
static createSessionBaseServiceProvider() {
|
|
113
121
|
return [
|
|
114
|
-
redis_session_service_1.RedisSessionService,
|
|
115
122
|
database_session_service_1.DatabaseSessionService,
|
|
116
123
|
{
|
|
117
124
|
provide: base_session_service_1.BaseSessionService,
|
|
118
|
-
useFactory: (options,
|
|
125
|
+
useFactory: (options, databaseSessionService) => {
|
|
119
126
|
const sessionOptions = {
|
|
120
127
|
storageType: options.session?.storageType || session_options_interface_1.SessionStorageType.DATABASE,
|
|
121
128
|
redisUrl: options.session?.redisUrl,
|
|
122
129
|
sessionExpiry: options.session?.sessionExpiry,
|
|
123
130
|
refreshTokenExpiry: options.session?.refreshTokenExpiry,
|
|
124
131
|
};
|
|
125
|
-
if (sessionOptions.storageType === session_options_interface_1.SessionStorageType.
|
|
126
|
-
return redisSessionService;
|
|
127
|
-
}
|
|
128
|
-
else if (sessionOptions.storageType === session_options_interface_1.SessionStorageType.DATABASE) {
|
|
132
|
+
if (sessionOptions.storageType === session_options_interface_1.SessionStorageType.DATABASE) {
|
|
129
133
|
return databaseSessionService;
|
|
130
134
|
}
|
|
131
135
|
else {
|
|
132
136
|
throw new Error('Invalid session storage type');
|
|
133
137
|
}
|
|
134
138
|
},
|
|
135
|
-
inject: [auth_constants_1.AUTH_MODULE_OPTIONS,
|
|
139
|
+
inject: [auth_constants_1.AUTH_MODULE_OPTIONS, database_session_service_1.DatabaseSessionService],
|
|
136
140
|
}
|
|
137
141
|
];
|
|
138
142
|
}
|
|
@@ -226,10 +230,15 @@ exports.NestAuthModule = NestAuthModule = NestAuthModule_1 = tslib_1.__decorate(
|
|
|
226
230
|
(0, common_1.Module)({
|
|
227
231
|
imports: [
|
|
228
232
|
typeorm_1.TypeOrmModule.forFeature(entities_1.AllAuthEntities),
|
|
233
|
+
event_emitter_1.EventEmitterModule,
|
|
229
234
|
],
|
|
230
235
|
providers: [
|
|
231
236
|
auth_migration_service_1.AuthMigrationService,
|
|
232
237
|
auth_service_1.AuthService,
|
|
238
|
+
role_service_1.RoleService,
|
|
239
|
+
user_service_1.UserService,
|
|
240
|
+
tenant_service_1.TenantService,
|
|
241
|
+
access_key_service_1.AccessKeyService,
|
|
233
242
|
auth_guard_1.AuthGuard,
|
|
234
243
|
auth_provider_registry_service_1.AuthProviderRegistryService,
|
|
235
244
|
mfa_service_1.MfaService,
|
|
@@ -238,6 +247,10 @@ exports.NestAuthModule = NestAuthModule = NestAuthModule_1 = tslib_1.__decorate(
|
|
|
238
247
|
exports: [
|
|
239
248
|
auth_migration_service_1.AuthMigrationService,
|
|
240
249
|
auth_service_1.AuthService,
|
|
250
|
+
role_service_1.RoleService,
|
|
251
|
+
user_service_1.UserService,
|
|
252
|
+
tenant_service_1.TenantService,
|
|
253
|
+
access_key_service_1.AccessKeyService,
|
|
241
254
|
auth_guard_1.AuthGuard,
|
|
242
255
|
auth_provider_registry_service_1.AuthProviderRegistryService,
|
|
243
256
|
mfa_service_1.MfaService,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"nest-auth.module.js","sourceRoot":"","sources":["../../../../../packages/nest-auth/src/lib/nest-auth.module.ts"],"names":[],"mappings":";;;;;AAAA,2CAAqF;AACrF,6CAAgD;AAChD,yCAA6C;AAC7C,qDAA+E;AAE/E,0DAAsD;AACtD,oDAAgD;AAChD,yEAAoE;AACpE,yEAAoE;AACpE,+EAA0E;AAC1E,2EAAsE;AACtE,qEAAgE;AAChE,yEAAoE;AACpE,8FAAwF;AACxF,6FAAwF;AACxF,8EAAyE;AACzE,wDAAoD;AAEpD,0FAAqF;AACrF,
|
|
1
|
+
{"version":3,"file":"nest-auth.module.js","sourceRoot":"","sources":["../../../../../packages/nest-auth/src/lib/nest-auth.module.ts"],"names":[],"mappings":";;;;;AAAA,2CAAqF;AACrF,6CAAgD;AAChD,yCAA6C;AAC7C,qDAA+E;AAE/E,0DAAsD;AACtD,oDAAgD;AAChD,yEAAoE;AACpE,yEAAoE;AACpE,+EAA0E;AAC1E,2EAAsE;AACtE,qEAAgE;AAChE,yEAAoE;AACpE,8FAAwF;AACxF,6FAAwF;AACxF,8EAAyE;AACzE,wDAAoD;AAEpD,0FAAqF;AACrF,sFAA4E;AAC5E,kFAA6E;AAE7E,kEAAkC;AAClC,8EAAmE;AACnE,wDAAoD;AACpD,8DAA0D;AAC1D,iEAA6D;AAC7D,mEAA+D;AAC/D,0DAAsD;AACtD,yDAA2D;AAC3D,0DAAsD;AACtD,8DAA0D;AAC1D,sEAAiE;AAgC1D,IAAM,cAAc,sBAApB,MAAM,cAAc;IAiCjB,MAAM,CAAC,mBAAmB,CAAC,SAAqB,EAAE,UAAiB,EAAE;QAE3E,MAAM,eAAe,GAAe;YAClC,6CAAoB;YACpB,0BAAW;YACX,sBAAS;YACT,0BAAW;YACX,0BAAW;YACX,8BAAa;YACb,qCAAgB;YAChB,uCAAiB;YACjB,uCAAiB;YACjB,mCAAe;YACf,yCAAkB;YAClB,6CAAoB;YACpB,uCAAiB;YACjB,4DAA2B;YAC3B,wBAAU;YACV,wBAAU;YACV,8BAAa;YACb,GAAG,IAAI,CAAC,gCAAgC,EAAE;YAC1C;gBACE,OAAO,EAAE,uCAAsB;gBAC/B,UAAU,EAAE,CAAC,QAAqC,EAAE,OAA0B,EAAE,EAAE;oBAEhF,IAAI,OAAO,CAAC,mBAAmB,EAAE,CAAC;wBAChC,OAAO,CAAC,mBAAmB,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;4BAC7C,QAAQ,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;wBACtC,CAAC,CAAC,CAAC;oBACL,CAAC;oBACD,OAAO,QAAQ,CAAC,eAAe,EAAE,CAAC;gBACpC,CAAC;gBACD,MAAM,EAAE,CAAC,4DAA2B,EAAE,oCAAmB,CAAC;aAC3D;SACF,CAAC;QAEF,OAAO;YACL,MAAM,EAAE,gBAAc;YACtB,WAAW,EAAE;gBACX,gCAAc;gBACd,8BAAa;aACd;YACD,OAAO,EAAE;gBACP,uBAAa,CAAC,UAAU,CAAC,0BAAe,CAAC;gBACzC,kCAAkB,CAAC,OAAO,EAAE;gBAK5B,GAAG,OAAO;aACX;YACD,SAAS,EAAE,CAAC,GAAG,SAAS,EAAE,GAAG,eAAe,CAAC;YAC7C,OAAO,EAAE;gBACP,oCAAmB;gBACnB,6CAAoB;gBACpB,0BAAW;gBACX,0BAAW;gBACX,0BAAW;gBACX,8BAAa;gBACb,qCAAgB;gBAChB,sBAAS;gBACT,uCAAiB;gBACjB,uCAAiB;gBACjB,mCAAe;gBACf,yCAAkB;gBAClB,6CAAoB;gBACpB,uCAAiB;gBACjB,4DAA2B;gBAC3B,wBAAU;gBACV,yCAAkB;gBAClB,wBAAU;gBACV,8BAAa;gBACb,uCAAsB;aACvB;SACF,CAAC;IACJ,CAAC;IAMD,MAAM,CAAC,OAAO,CAAC,OAA0B;QACvC,MAAM,aAAa,GAAG,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAC/C,MAAM,SAAS,GAAe;YAC5B;gBACE,OAAO,EAAE,oCAAmB;gBAC5B,QAAQ,EAAE,aAAa;aACxB;SACF,CAAC;QAEF,OAAO,IAAI,CAAC,mBAAmB,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;IACjD,CAAC;IAKD,MAAM,CAAC,YAAY,CAAC,OAA+B;QACjD,MAAM,cAAc,GAAe,CAAC,GAAG,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC,CAAC;QAC3E,OAAO,IAAI,CAAC,mBAAmB,CAAC,cAAc,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IACnE,CAAC;IAED,MAAM,CAAC,gCAAgC;QACrC,OAAO;YAEL,iDAAsB;YACtB;gBACE,OAAO,EAAE,yCAAkB;gBAC3B,UAAU,EAAE,CACV,OAA0B,EAC1B,sBAA8C,EAE9C,EAAE;oBACF,MAAM,cAAc,GAAmB;wBACrC,WAAW,EAAE,OAAO,CAAC,OAAO,EAAE,WAAW,IAAI,8CAAkB,CAAC,QAAQ;wBACxE,QAAQ,EAAE,OAAO,CAAC,OAAO,EAAE,QAAQ;wBACnC,aAAa,EAAE,OAAO,CAAC,OAAO,EAAE,aAAa;wBAC7C,kBAAkB,EAAE,OAAO,CAAC,OAAO,EAAE,kBAAkB;qBACxD,CAAC;oBAKF,IAAI,cAAc,CAAC,WAAW,KAAK,8CAAkB,CAAC,QAAQ,EAAE,CAAC;wBAC/D,OAAO,sBAAsB,CAAC;oBAChC,CAAC;yBAAM,CAAC;wBACN,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;oBAClD,CAAC;gBACH,CAAC;gBACD,MAAM,EAAE,CAAC,oCAAmB,EAAE,iDAAsB,CAAC;aACtD;SACF,CAAA;IACH,CAAC;IAKO,MAAM,CAAC,uBAAuB,CAAC,OAA2B;QAChE,MAAM,SAAS,GAAe,EAAE,CAAC;QACjC,IAAI,OAAO,EAAE,mBAAmB,EAAE,CAAC;YACjC,OAAO,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE;gBAC/C,SAAS,CAAC,IAAI,CAAC;oBACb,OAAO,EAAE,QAAQ,CAAC,UAAU;oBAC5B,QAAQ,EAAE,QAAQ;iBACnB,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;QACL,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAKO,MAAM,CAAC,oBAAoB,CAAC,OAA+B;QACjE,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;YACvB,OAAO;gBACL;oBACE,OAAO,EAAE,oCAAmB;oBAC5B,UAAU,EAAE,KAAK,EAAE,GAAG,IAAW,EAAE,EAAE;wBACnC,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC;wBACjD,MAAM,aAAa,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;wBAC9C,OAAO;4BACL,GAAG,aAAa;4BAChB,GAAG,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC;yBAC/C,CAAC;oBACJ,CAAC;oBACD,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE;iBAC7B;aACF,CAAC;QACJ,CAAC;QAED,IAAI,gBAAgB,CAAC;QACrB,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACrB,gBAAgB,GAAG;gBACjB,OAAO,EAAE,OAAO,CAAC,QAAQ;gBACzB,QAAQ,EAAE,OAAO,CAAC,QAAQ;aAC3B,CAAC;QACJ,CAAC;QAED,OAAO;YACL;gBACE,OAAO,EAAE,oCAAmB;gBAC5B,UAAU,EAAE,KAAK,EAAE,cAAwC,EAAE,EAAE;oBAC7D,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,uBAAuB,EAAE,CAAC;oBAC/D,OAAO;wBACL,GAAG,OAAO;wBACV,GAAG,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC;qBACzC,CAAC;gBACJ,CAAC;gBACD,MAAM,EAAE,CAAC,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,QAAQ,CAAC;aAClD;YACD,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;SAChD,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,UAAU,CAAC,OAA0B;QAC1C,OAAO,IAAA,mBAAS,EAAC,IAAI,CAAC,oBAAoB,EAAE,OAAO,CAAC,CAAC;IACvD,CAAC;IAED,SAAS,CAAC,QAA4B;QACpC,QAAQ,CAAC,KAAK,CAAC,qDAAwB,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;IAC/D,CAAC;;AAzOU,wCAAc;AAElB,mCAAoB,GAA+B;IACxD,yBAAyB,EAAE,KAAK;IAChC,OAAO,EAAE;QACP,WAAW,EAAE,8CAAkB,CAAC,QAAQ;QACxC,aAAa,EAAE,IAAI;QACnB,kBAAkB,EAAE,KAAK;KAC1B;IACD,GAAG,EAAE;QACH,MAAM,EAAE,QAAQ;KACjB;IACD,eAAe,EAAE,QAAQ;IACzB,aAAa,EAAE;QACb,QAAQ,EAAE,IAAI;QACd,MAAM,EAAE,KAAK;KACd;IACD,SAAS,EAAE;QACT,OAAO,EAAE,IAAI;KACd;IACD,GAAG,EAAE;QACH,OAAO,EAAE,KAAK;QACd,OAAO,EAAE,CAAC,qCAAa,CAAC,KAAK,EAAE,qCAAa,CAAC,IAAI,CAAC;QAClD,eAAe,EAAE,IAAI;QACrB,oBAAoB,EAAE,IAAI;QAC1B,SAAS,EAAE,CAAC;QACZ,YAAY,EAAE,KAAK;KACpB;CACF,AA1B0B,CA0BzB;yBA5BS,cAAc;IA7B1B,IAAA,eAAM,EAAC;QACN,OAAO,EAAE;YACP,uBAAa,CAAC,UAAU,CAAC,0BAAe,CAAC;YACzC,kCAAkB;SACnB;QACD,SAAS,EAAE;YACT,6CAAoB;YACpB,0BAAW;YACX,0BAAW;YACX,0BAAW;YACX,8BAAa;YACb,qCAAgB;YAChB,sBAAS;YACT,4DAA2B;YAC3B,wBAAU;YACV,wBAAU;SACX;QACD,OAAO,EAAE;YACP,6CAAoB;YACpB,0BAAW;YACX,0BAAW;YACX,0BAAW;YACX,8BAAa;YACb,qCAAgB;YAChB,sBAAS;YACT,4DAA2B;YAC3B,wBAAU;SACX;KACF,CAAC;GACW,cAAc,CA4O1B"}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import { Repository } from 'typeorm';
|
|
2
|
+
import { AccessKey } from '../entities/access-key.entity';
|
|
3
|
+
import { User } from '../entities/user.entity';
|
|
4
|
+
import { EventEmitter2 } from '@nestjs/event-emitter';
|
|
5
|
+
export declare class AccessKeyService {
|
|
6
|
+
private accessKeyRepository;
|
|
7
|
+
private userRepository;
|
|
8
|
+
private eventEmitter;
|
|
9
|
+
constructor(accessKeyRepository: Repository<AccessKey>, userRepository: Repository<User>, eventEmitter: EventEmitter2);
|
|
10
|
+
private generateKeyPair;
|
|
11
|
+
createAccessKey(userId: string, name: string, metadata?: Record<string, any>): Promise<AccessKey>;
|
|
12
|
+
getAccessKey(publicKey: string): Promise<AccessKey>;
|
|
13
|
+
validateAccessKey(publicKey: string, privateKey: string): Promise<boolean>;
|
|
14
|
+
getUserAccessKeys(userId: string): Promise<AccessKey[]>;
|
|
15
|
+
deactivateAccessKey(publicKey: string): Promise<AccessKey>;
|
|
16
|
+
updateAccessKeyLastUsed(publicKey: string): Promise<void>;
|
|
17
|
+
setAccessKeyExpiry(publicKey: string, expiresAt: Date): Promise<AccessKey>;
|
|
18
|
+
deleteAccessKey(publicKey: string): Promise<void>;
|
|
19
|
+
}
|
|
@@ -0,0 +1,119 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.AccessKeyService = void 0;
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
const common_1 = require("@nestjs/common");
|
|
6
|
+
const typeorm_1 = require("@nestjs/typeorm");
|
|
7
|
+
const typeorm_2 = require("typeorm");
|
|
8
|
+
const access_key_entity_1 = require("../entities/access-key.entity");
|
|
9
|
+
const user_entity_1 = require("../entities/user.entity");
|
|
10
|
+
const event_emitter_1 = require("@nestjs/event-emitter");
|
|
11
|
+
const events_1 = require("../events");
|
|
12
|
+
const crypto_1 = require("crypto");
|
|
13
|
+
let AccessKeyService = class AccessKeyService {
|
|
14
|
+
constructor(accessKeyRepository, userRepository, eventEmitter) {
|
|
15
|
+
this.accessKeyRepository = accessKeyRepository;
|
|
16
|
+
this.userRepository = userRepository;
|
|
17
|
+
this.eventEmitter = eventEmitter;
|
|
18
|
+
}
|
|
19
|
+
generateKeyPair() {
|
|
20
|
+
const privateKey = (0, crypto_1.randomBytes)(32).toString('hex');
|
|
21
|
+
const publicKey = (0, crypto_1.createHash)('sha256').update(privateKey).digest('hex');
|
|
22
|
+
return { publicKey, privateKey };
|
|
23
|
+
}
|
|
24
|
+
async createAccessKey(userId, name, metadata) {
|
|
25
|
+
const user = await this.userRepository.findOne({ where: { id: userId } });
|
|
26
|
+
if (!user) {
|
|
27
|
+
throw new common_1.NotFoundException({
|
|
28
|
+
message: `User with ID ${userId} not found`,
|
|
29
|
+
code: 'USER_NOT_FOUND'
|
|
30
|
+
});
|
|
31
|
+
}
|
|
32
|
+
const { publicKey, privateKey } = this.generateKeyPair();
|
|
33
|
+
const accessKey = this.accessKeyRepository.create({
|
|
34
|
+
name,
|
|
35
|
+
publicKey,
|
|
36
|
+
privateKey,
|
|
37
|
+
userId,
|
|
38
|
+
});
|
|
39
|
+
const savedKey = await this.accessKeyRepository.save(accessKey);
|
|
40
|
+
await this.eventEmitter.emitAsync(events_1.NestAuthEvents.ACCESS_KEY_CREATED, {
|
|
41
|
+
accessKey: savedKey,
|
|
42
|
+
userId
|
|
43
|
+
});
|
|
44
|
+
return savedKey;
|
|
45
|
+
}
|
|
46
|
+
async getAccessKey(publicKey) {
|
|
47
|
+
const accessKey = await this.accessKeyRepository.findOne({
|
|
48
|
+
where: { publicKey },
|
|
49
|
+
relations: ['user']
|
|
50
|
+
});
|
|
51
|
+
if (!accessKey) {
|
|
52
|
+
throw new common_1.NotFoundException({
|
|
53
|
+
message: 'Invalid access key',
|
|
54
|
+
code: 'INVALID_ACCESS_KEY'
|
|
55
|
+
});
|
|
56
|
+
}
|
|
57
|
+
if (!accessKey.isActive) {
|
|
58
|
+
throw new common_1.BadRequestException({
|
|
59
|
+
message: 'Access key is inactive',
|
|
60
|
+
code: 'INACTIVE_ACCESS_KEY'
|
|
61
|
+
});
|
|
62
|
+
}
|
|
63
|
+
if (accessKey.expiresAt && accessKey.expiresAt < new Date()) {
|
|
64
|
+
throw new common_1.BadRequestException({
|
|
65
|
+
message: 'Access key has expired',
|
|
66
|
+
code: 'EXPIRED_ACCESS_KEY'
|
|
67
|
+
});
|
|
68
|
+
}
|
|
69
|
+
return accessKey;
|
|
70
|
+
}
|
|
71
|
+
async validateAccessKey(publicKey, privateKey) {
|
|
72
|
+
const accessKey = await this.getAccessKey(publicKey);
|
|
73
|
+
return accessKey.privateKey === privateKey;
|
|
74
|
+
}
|
|
75
|
+
async getUserAccessKeys(userId) {
|
|
76
|
+
return this.accessKeyRepository.find({
|
|
77
|
+
where: { userId },
|
|
78
|
+
order: { createdAt: 'DESC' }
|
|
79
|
+
});
|
|
80
|
+
}
|
|
81
|
+
async deactivateAccessKey(publicKey) {
|
|
82
|
+
const accessKey = await this.getAccessKey(publicKey);
|
|
83
|
+
accessKey.isActive = false;
|
|
84
|
+
const updatedKey = await this.accessKeyRepository.save(accessKey);
|
|
85
|
+
await this.eventEmitter.emitAsync(events_1.NestAuthEvents.ACCESS_KEY_DEACTIVATED, {
|
|
86
|
+
accessKey: updatedKey,
|
|
87
|
+
userId: updatedKey.userId
|
|
88
|
+
});
|
|
89
|
+
return updatedKey;
|
|
90
|
+
}
|
|
91
|
+
async updateAccessKeyLastUsed(publicKey) {
|
|
92
|
+
const accessKey = await this.getAccessKey(publicKey);
|
|
93
|
+
accessKey.lastUsedAt = new Date();
|
|
94
|
+
await this.accessKeyRepository.save(accessKey);
|
|
95
|
+
}
|
|
96
|
+
async setAccessKeyExpiry(publicKey, expiresAt) {
|
|
97
|
+
const accessKey = await this.getAccessKey(publicKey);
|
|
98
|
+
accessKey.expiresAt = expiresAt;
|
|
99
|
+
return this.accessKeyRepository.save(accessKey);
|
|
100
|
+
}
|
|
101
|
+
async deleteAccessKey(publicKey) {
|
|
102
|
+
const accessKey = await this.getAccessKey(publicKey);
|
|
103
|
+
await this.eventEmitter.emitAsync(events_1.NestAuthEvents.ACCESS_KEY_DELETED, {
|
|
104
|
+
accessKey,
|
|
105
|
+
userId: accessKey.userId
|
|
106
|
+
});
|
|
107
|
+
await this.accessKeyRepository.remove(accessKey);
|
|
108
|
+
}
|
|
109
|
+
};
|
|
110
|
+
exports.AccessKeyService = AccessKeyService;
|
|
111
|
+
exports.AccessKeyService = AccessKeyService = tslib_1.__decorate([
|
|
112
|
+
(0, common_1.Injectable)(),
|
|
113
|
+
tslib_1.__param(0, (0, typeorm_1.InjectRepository)(access_key_entity_1.AccessKey)),
|
|
114
|
+
tslib_1.__param(1, (0, typeorm_1.InjectRepository)(user_entity_1.User)),
|
|
115
|
+
tslib_1.__metadata("design:paramtypes", [typeorm_2.Repository,
|
|
116
|
+
typeorm_2.Repository,
|
|
117
|
+
event_emitter_1.EventEmitter2])
|
|
118
|
+
], AccessKeyService);
|
|
119
|
+
//# sourceMappingURL=access-key.service.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"access-key.service.js","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/services/access-key.service.ts"],"names":[],"mappings":";;;;AAAA,2CAAoF;AACpF,6CAAmD;AACnD,qCAAqC;AACrC,qEAA0D;AAC1D,yDAA+C;AAC/C,yDAAsD;AACtD,sCAA2C;AAC3C,mCAAiD;AAG1C,IAAM,gBAAgB,GAAtB,MAAM,gBAAgB;IACzB,YAEY,mBAA0C,EAE1C,cAAgC,EAChC,YAA2B;QAH3B,wBAAmB,GAAnB,mBAAmB,CAAuB;QAE1C,mBAAc,GAAd,cAAc,CAAkB;QAChC,iBAAY,GAAZ,YAAY,CAAe;IACnC,CAAC;IAEG,eAAe;QACnB,MAAM,UAAU,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACnD,MAAM,SAAS,GAAG,IAAA,mBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACxE,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,MAAc,EAAE,IAAY,EAAE,QAA8B;QAC9E,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;QAC1E,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,MAAM,IAAI,0BAAiB,CAAC;gBACxB,OAAO,EAAE,gBAAgB,MAAM,YAAY;gBAC3C,IAAI,EAAE,gBAAgB;aACzB,CAAC,CAAC;QACP,CAAC;QAED,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC;QAEzD,MAAM,SAAS,GAAG,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC;YAC9C,IAAI;YACJ,SAAS;YACT,UAAU;YACV,MAAM;SACT,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAGhE,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAC7B,uBAAc,CAAC,kBAAkB,EACjC;YACI,SAAS,EAAE,QAAQ;YACnB,MAAM;SACT,CACJ,CAAC;QAEF,OAAO,QAAQ,CAAC;IACpB,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,SAAiB;QAChC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC;YACrD,KAAK,EAAE,EAAE,SAAS,EAAE;YACpB,SAAS,EAAE,CAAC,MAAM,CAAC;SACtB,CAAC,CAAC;QAEH,IAAI,CAAC,SAAS,EAAE,CAAC;YACb,MAAM,IAAI,0BAAiB,CAAC;gBACxB,OAAO,EAAE,oBAAoB;gBAC7B,IAAI,EAAE,oBAAoB;aAC7B,CAAC,CAAC;QACP,CAAC;QAED,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;YACtB,MAAM,IAAI,4BAAmB,CAAC;gBAC1B,OAAO,EAAE,wBAAwB;gBACjC,IAAI,EAAE,qBAAqB;aAC9B,CAAC,CAAC;QACP,CAAC;QAED,IAAI,SAAS,CAAC,SAAS,IAAI,SAAS,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;YAC1D,MAAM,IAAI,4BAAmB,CAAC;gBAC1B,OAAO,EAAE,wBAAwB;gBACjC,IAAI,EAAE,oBAAoB;aAC7B,CAAC,CAAC;QACP,CAAC;QAED,OAAO,SAAS,CAAC;IACrB,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,SAAiB,EAAE,UAAkB;QACzD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QACrD,OAAO,SAAS,CAAC,UAAU,KAAK,UAAU,CAAC;IAC/C,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,MAAc;QAClC,OAAO,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC;YACjC,KAAK,EAAE,EAAE,MAAM,EAAE;YACjB,KAAK,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE;SAC/B,CAAC,CAAC;IACP,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,SAAiB;QACvC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QACrD,SAAS,CAAC,QAAQ,GAAG,KAAK,CAAC;QAE3B,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAGlE,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAC7B,uBAAc,CAAC,sBAAsB,EACrC;YACI,SAAS,EAAE,UAAU;YACrB,MAAM,EAAE,UAAU,CAAC,MAAM;SAC5B,CACJ,CAAC;QAEF,OAAO,UAAU,CAAC;IACtB,CAAC;IAED,KAAK,CAAC,uBAAuB,CAAC,SAAiB;QAC3C,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QACrD,SAAS,CAAC,UAAU,GAAG,IAAI,IAAI,EAAE,CAAC;QAClC,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACnD,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,SAAiB,EAAE,SAAe;QACvD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QACrD,SAAS,CAAC,SAAS,GAAG,SAAS,CAAC;QAChC,OAAO,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACpD,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,SAAiB;QACnC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QAGrD,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAC7B,uBAAc,CAAC,kBAAkB,EACjC;YACI,SAAS;YACT,MAAM,EAAE,SAAS,CAAC,MAAM;SAC3B,CACJ,CAAC;QAEF,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACrD,CAAC;CACJ,CAAA;AArIY,4CAAgB;2BAAhB,gBAAgB;IAD5B,IAAA,mBAAU,GAAE;IAGJ,mBAAA,IAAA,0BAAgB,EAAC,6BAAS,CAAC,CAAA;IAE3B,mBAAA,IAAA,0BAAgB,EAAC,kBAAI,CAAC,CAAA;6CADM,oBAAU;QAEf,oBAAU;QACZ,6BAAa;GAN9B,gBAAgB,CAqI5B"}
|
|
@@ -9,6 +9,7 @@ import { MFAMethodEnum } from '../interfaces/mfa-options.interface';
|
|
|
9
9
|
import { Verify2faRequestDto } from '../dto/requests/verify-2fa.request.dto';
|
|
10
10
|
import { BaseSessionService } from './session/base-session.service';
|
|
11
11
|
import { JwtService } from './jwt.service';
|
|
12
|
+
import { EventEmitter2 } from '@nestjs/event-emitter';
|
|
12
13
|
export declare class AuthService {
|
|
13
14
|
private readonly userRepository;
|
|
14
15
|
private readonly sessionRepository;
|
|
@@ -17,7 +18,8 @@ export declare class AuthService {
|
|
|
17
18
|
private readonly mfaService;
|
|
18
19
|
private readonly sessionService;
|
|
19
20
|
private readonly jwtService;
|
|
20
|
-
|
|
21
|
+
private readonly eventEmitter;
|
|
22
|
+
constructor(userRepository: Repository<User>, sessionRepository: Repository<Session>, otpRepository: Repository<OTP>, authProviders: BaseAuthProvider[], mfaService: MfaService, sessionService: BaseSessionService, jwtService: JwtService, eventEmitter: EventEmitter2);
|
|
21
23
|
getUserWithRolesAndPermissions(userId: string, relations?: string[]): Promise<User>;
|
|
22
24
|
getUser(): Promise<User>;
|
|
23
25
|
signup(input: SignupRequestDto): Promise<AuthResponseDto>;
|
|
@@ -36,8 +38,8 @@ export declare class AuthService {
|
|
|
36
38
|
message: string;
|
|
37
39
|
}>;
|
|
38
40
|
resetPassword(input: ResetPasswordRequestDto): Promise<boolean>;
|
|
39
|
-
logout(): Promise<boolean>;
|
|
40
|
-
logoutAll(userId: string): Promise<boolean>;
|
|
41
|
+
logout(logoutType?: 'user' | 'admin' | 'system', reason?: string): Promise<boolean>;
|
|
42
|
+
logoutAll(userId: string, logoutType?: 'user' | 'admin' | 'system', reason?: string): Promise<boolean>;
|
|
41
43
|
listDevices(userId: string): Promise<DeviceInfoDto[]>;
|
|
42
44
|
deleteDevice(userId: string, deviceId: string): Promise<MessageResponseDto>;
|
|
43
45
|
private generateTokensPayload;
|
|
@@ -15,8 +15,15 @@ const mfa_service_1 = require("./mfa.service");
|
|
|
15
15
|
const base_session_service_1 = require("./session/base-session.service");
|
|
16
16
|
const otp_1 = require("../utils/otp");
|
|
17
17
|
const jwt_service_1 = require("./jwt.service");
|
|
18
|
+
const event_emitter_1 = require("@nestjs/event-emitter");
|
|
19
|
+
const events_1 = require("../events");
|
|
20
|
+
const user_registered_event_1 = require("../events/user-registered.event");
|
|
21
|
+
const user_logged_in_event_1 = require("../events/user-logged-in.event");
|
|
22
|
+
const user_2fa_verified_event_1 = require("../events/user-2fa-verified.event");
|
|
23
|
+
const user_refresh_token_event_1 = require("../events/user-refresh-token.event");
|
|
24
|
+
const events_2 = require("../events");
|
|
18
25
|
let AuthService = class AuthService {
|
|
19
|
-
constructor(userRepository, sessionRepository, otpRepository, authProviders, mfaService, sessionService, jwtService) {
|
|
26
|
+
constructor(userRepository, sessionRepository, otpRepository, authProviders, mfaService, sessionService, jwtService, eventEmitter) {
|
|
20
27
|
this.userRepository = userRepository;
|
|
21
28
|
this.sessionRepository = sessionRepository;
|
|
22
29
|
this.otpRepository = otpRepository;
|
|
@@ -24,6 +31,7 @@ let AuthService = class AuthService {
|
|
|
24
31
|
this.mfaService = mfaService;
|
|
25
32
|
this.sessionService = sessionService;
|
|
26
33
|
this.jwtService = jwtService;
|
|
34
|
+
this.eventEmitter = eventEmitter;
|
|
27
35
|
}
|
|
28
36
|
getUserWithRolesAndPermissions(userId, relations = []) {
|
|
29
37
|
return this.userRepository.findOne({
|
|
@@ -40,7 +48,7 @@ let AuthService = class AuthService {
|
|
|
40
48
|
async getUser() {
|
|
41
49
|
const user = request_context_1.RequestContext.currentUser();
|
|
42
50
|
if (!user) {
|
|
43
|
-
|
|
51
|
+
return null;
|
|
44
52
|
}
|
|
45
53
|
return this.getUserWithRolesAndPermissions(user.id);
|
|
46
54
|
}
|
|
@@ -84,6 +92,15 @@ let AuthService = class AuthService {
|
|
|
84
92
|
const session = await this.sessionService.createSessionFromUser(user);
|
|
85
93
|
const tokens = await this.generateTokensFromSession(session);
|
|
86
94
|
const isRequiresMfa = await this.mfaService.isRequiresMfa(user.id);
|
|
95
|
+
await this.eventEmitter.emitAsync(events_1.NestAuthEvents.REGISTERED, new user_registered_event_1.UserRegisteredEvent({
|
|
96
|
+
user,
|
|
97
|
+
tenantId: user.tenantId,
|
|
98
|
+
input,
|
|
99
|
+
provider,
|
|
100
|
+
session,
|
|
101
|
+
tokens,
|
|
102
|
+
isRequiresMfa
|
|
103
|
+
}));
|
|
87
104
|
return {
|
|
88
105
|
accessToken: tokens.accessToken,
|
|
89
106
|
refreshToken: tokens.refreshToken,
|
|
@@ -113,6 +130,15 @@ let AuthService = class AuthService {
|
|
|
113
130
|
const session = await this.sessionService.createSessionFromUser(user);
|
|
114
131
|
const tokens = await this.generateTokensFromSession(session);
|
|
115
132
|
const isRequiresMfa = await this.mfaService.isRequiresMfa(user.id);
|
|
133
|
+
await this.eventEmitter.emitAsync(events_1.NestAuthEvents.LOGGED_IN, new user_logged_in_event_1.UserLoggedInEvent({
|
|
134
|
+
user,
|
|
135
|
+
tenantId: user.tenantId,
|
|
136
|
+
input,
|
|
137
|
+
provider,
|
|
138
|
+
session,
|
|
139
|
+
tokens,
|
|
140
|
+
isRequiresMfa
|
|
141
|
+
}));
|
|
116
142
|
return {
|
|
117
143
|
accessToken: tokens.accessToken,
|
|
118
144
|
refreshToken: tokens.refreshToken,
|
|
@@ -141,6 +167,14 @@ let AuthService = class AuthService {
|
|
|
141
167
|
}
|
|
142
168
|
});
|
|
143
169
|
const tokens = await this.generateTokensFromSession(payload);
|
|
170
|
+
const user = await this.getUser();
|
|
171
|
+
await this.eventEmitter.emitAsync(events_1.NestAuthEvents.TWO_FACTOR_VERIFIED, new user_2fa_verified_event_1.User2faVerifiedEvent({
|
|
172
|
+
user,
|
|
173
|
+
tenantId: user.tenantId,
|
|
174
|
+
input,
|
|
175
|
+
session,
|
|
176
|
+
tokens
|
|
177
|
+
}));
|
|
144
178
|
return {
|
|
145
179
|
accessToken: tokens.accessToken,
|
|
146
180
|
refreshToken: tokens.refreshToken,
|
|
@@ -199,6 +233,11 @@ let AuthService = class AuthService {
|
|
|
199
233
|
const newSession = await this.sessionService.createSessionFromSession(session);
|
|
200
234
|
await this.sessionService.revokeSession(session.id);
|
|
201
235
|
const tokens = await this.generateTokensFromSession(newSession);
|
|
236
|
+
await this.eventEmitter.emitAsync(events_1.NestAuthEvents.REFRESH_TOKEN, new user_refresh_token_event_1.UserRefreshTokenEvent({
|
|
237
|
+
oldRefreshToken: refreshToken,
|
|
238
|
+
session: newSession,
|
|
239
|
+
tokens,
|
|
240
|
+
}));
|
|
202
241
|
return tokens;
|
|
203
242
|
}
|
|
204
243
|
async forgotPassword(input) {
|
|
@@ -231,18 +270,19 @@ let AuthService = class AuthService {
|
|
|
231
270
|
const otp = (0, otp_1.generateOtp)();
|
|
232
271
|
const expiresAt = new Date();
|
|
233
272
|
expiresAt.setMinutes(expiresAt.getMinutes() + 15);
|
|
234
|
-
await this.otpRepository.save({
|
|
273
|
+
const otpEntity = await this.otpRepository.save({
|
|
235
274
|
userId: identity.user?.id,
|
|
236
275
|
code: otp,
|
|
237
276
|
expiresAt,
|
|
238
277
|
type: otp_entity_1.OTPTypeEnum.PASSWORD_RESET
|
|
239
278
|
});
|
|
240
|
-
|
|
241
|
-
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
245
|
-
|
|
279
|
+
await this.eventEmitter.emitAsync(events_1.NestAuthEvents.PASSWORD_RESET_REQUESTED, new events_2.PasswordResetRequestedEvent({
|
|
280
|
+
user: identity.user,
|
|
281
|
+
tenantId: identity.user?.tenantId,
|
|
282
|
+
input,
|
|
283
|
+
otp: otpEntity,
|
|
284
|
+
provider,
|
|
285
|
+
}));
|
|
246
286
|
return true;
|
|
247
287
|
}
|
|
248
288
|
async resetPassword(input) {
|
|
@@ -275,20 +315,44 @@ let AuthService = class AuthService {
|
|
|
275
315
|
await this.userRepository.save(user);
|
|
276
316
|
validOtp.used = true;
|
|
277
317
|
await this.otpRepository.save(validOtp);
|
|
318
|
+
await this.eventEmitter.emitAsync(events_1.NestAuthEvents.PASSWORD_RESET, new events_2.PasswordResetEvent({
|
|
319
|
+
user,
|
|
320
|
+
tenantId: user.tenantId,
|
|
321
|
+
input,
|
|
322
|
+
}));
|
|
278
323
|
return true;
|
|
279
324
|
}
|
|
280
|
-
async logout() {
|
|
325
|
+
async logout(logoutType = 'user', reason) {
|
|
281
326
|
const session = request_context_1.RequestContext.currentSession();
|
|
282
|
-
|
|
283
|
-
|
|
284
|
-
|
|
327
|
+
const user = await this.getUser();
|
|
328
|
+
await this.eventEmitter.emitAsync(events_1.NestAuthEvents.LOGGED_OUT, new events_1.LoggedOutEvent({
|
|
329
|
+
user,
|
|
330
|
+
tenantId: user?.tenantId,
|
|
331
|
+
session,
|
|
332
|
+
logoutType,
|
|
333
|
+
reason,
|
|
334
|
+
}));
|
|
285
335
|
if (session) {
|
|
286
336
|
await this.sessionService.revokeSession(session.id);
|
|
287
337
|
}
|
|
288
338
|
return true;
|
|
289
339
|
}
|
|
290
|
-
async logoutAll(userId) {
|
|
340
|
+
async logoutAll(userId, logoutType = 'user', reason) {
|
|
341
|
+
const session = request_context_1.RequestContext.currentSession();
|
|
342
|
+
if (!session) {
|
|
343
|
+
throw new common_1.UnauthorizedException('Session not found');
|
|
344
|
+
}
|
|
345
|
+
const sessions = await this.sessionService.getUserSessions(userId);
|
|
291
346
|
await this.sessionService.revokeUserSessions(userId);
|
|
347
|
+
const user = await this.getUser();
|
|
348
|
+
await this.eventEmitter.emitAsync(events_1.NestAuthEvents.LOGGED_OUT_ALL, new events_1.LoggedOutAllEvent({
|
|
349
|
+
user,
|
|
350
|
+
tenantId: user?.tenantId,
|
|
351
|
+
logoutType,
|
|
352
|
+
reason,
|
|
353
|
+
currentSessionId: session.id,
|
|
354
|
+
sessions,
|
|
355
|
+
}));
|
|
292
356
|
return true;
|
|
293
357
|
}
|
|
294
358
|
async listDevices(userId) {
|
|
@@ -339,6 +403,7 @@ exports.AuthService = AuthService = tslib_1.__decorate([
|
|
|
339
403
|
typeorm_2.Repository,
|
|
340
404
|
typeorm_2.Repository, Array, mfa_service_1.MfaService,
|
|
341
405
|
base_session_service_1.BaseSessionService,
|
|
342
|
-
jwt_service_1.JwtService
|
|
406
|
+
jwt_service_1.JwtService,
|
|
407
|
+
event_emitter_1.EventEmitter2])
|
|
343
408
|
], AuthService);
|
|
344
409
|
//# sourceMappingURL=auth.service.js.map
|