@ackplus/nest-auth 0.0.23

package/src/lib/interfaces/token-payload.interface.d.ts

@@ -0,0 +1,39 @@
+import { User } from '../entities/user.entity';
+export interface JWTTokenPayload {
+    id?: string;
+    sub?: string;
+    email?: string;
+    phone?: string;
+    isVerified?: boolean;
+    roles?: string[];
+    tenantId?: string;
+    isMfaEnabled?: boolean;
+    isMfaVerified?: boolean;
+    sessionId?: string;
+    type?: 'access' | 'refresh';
+    exp?: number;
+    iat?: number;
+}
+export interface SessionPayload {
+    id?: string;
+    userId?: string;
+    refreshToken?: string;
+    userAgent?: string;
+    ipAddress?: string;
+    deviceName?: string;
+    data?: {
+        user: User;
+        isMfaVerified: boolean;
+        roles: string[];
+        permissions: string[];
+    };
+    expiresAt?: Date;
+    lastActive: Date;
+    createdAt?: Date;
+    updatedAt?: Date;
+}
+export interface TokenGenerationResponse {
+    accessToken: string;
+    refreshToken: string;
+    user?: User;
+}

package/src/lib/interfaces/token-payload.interface.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=token-payload.interface.js.map

package/src/lib/interfaces/token-payload.interface.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"token-payload.interface.js","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/interfaces/token-payload.interface.ts"],"names":[],"mappings":""}

package/src/lib/migrations/1746242659133-migration.d.ts

@@ -0,0 +1,6 @@
+import { MigrationInterface, QueryRunner } from "typeorm";
+export declare class Migration1746242659133 implements MigrationInterface {
+    name: string;
+    up(queryRunner: QueryRunner): Promise<void>;
+    down(queryRunner: QueryRunner): Promise<void>;
+}

package/src/lib/migrations/1746242659133-migration.js

@@ -0,0 +1,66 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Migration1746242659133 = void 0;
+class Migration1746242659133 {
+    constructor() {
+        this.name = 'Migration1746242659133';
+    }
+    async up(queryRunner) {
+        await queryRunner.query(`CREATE TABLE "nest_auth_tenants" ("id" uuid NOT NULL DEFAULT uuid_generate_v4(), "name" character varying NOT NULL, "domain" character varying, "createdByUserId" character varying, "createdAt" TIMESTAMP NOT NULL DEFAULT now(), "updatedAt" TIMESTAMP NOT NULL DEFAULT now(), CONSTRAINT "UQ_5c7ee0a1cea7262fe4b05131e47" UNIQUE ("domain"), CONSTRAINT "PK_ba45cc5aed381c14d3005cf296c" PRIMARY KEY ("id"))`);
+        await queryRunner.query(`CREATE TABLE "nest_auth_permissions" ("id" uuid NOT NULL DEFAULT uuid_generate_v4(), "name" character varying NOT NULL, "description" character varying, "createdAt" TIMESTAMP NOT NULL DEFAULT now(), "updatedAt" TIMESTAMP NOT NULL DEFAULT now(), CONSTRAINT "PK_843fb7e1457834361ed7570d3b9" PRIMARY KEY ("id"))`);
+        await queryRunner.query(`CREATE TABLE "nest_auth_role_permissions" ("roleId" uuid NOT NULL, "permissionId" uuid NOT NULL, CONSTRAINT "PK_8067a601510dd6fd8927a40ac38" PRIMARY KEY ("roleId", "permissionId"))`);
+        await queryRunner.query(`CREATE TABLE "nest_auth_roles" ("id" uuid NOT NULL DEFAULT uuid_generate_v4(), "name" character varying NOT NULL, "description" character varying, "createdAt" TIMESTAMP NOT NULL DEFAULT now(), "updatedAt" TIMESTAMP NOT NULL DEFAULT now(), CONSTRAINT "PK_7ebd7c1e0f8faa171b69ca3e237" PRIMARY KEY ("id"))`);
+        await queryRunner.query(`CREATE TABLE "nest_auth_user_roles" ("userId" uuid NOT NULL, "roleId" uuid NOT NULL, "tenantId" uuid NOT NULL, "createdAt" TIMESTAMP NOT NULL DEFAULT now(), "updatedAt" TIMESTAMP NOT NULL DEFAULT now(), CONSTRAINT "PK_66a7e82e417c81bd8d892f5029b" PRIMARY KEY ("userId", "roleId", "tenantId"))`);
+        await queryRunner.query(`CREATE TABLE "nest_auth_mfa_secrets" ("id" uuid NOT NULL DEFAULT uuid_generate_v4(), "userId" uuid, "secret" character varying NOT NULL, "verified" boolean NOT NULL DEFAULT false, "deviceName" character varying, "lastUsedAt" TIMESTAMP, "createdAt" TIMESTAMP NOT NULL DEFAULT now(), "updatedAt" TIMESTAMP NOT NULL DEFAULT now(), CONSTRAINT "PK_effef8b53e6d1eb3bd36dd76117" PRIMARY KEY ("id"))`);
+        await queryRunner.query(`CREATE TABLE "nest_auth_sessions" ("id" uuid NOT NULL DEFAULT uuid_generate_v4(), "userId" uuid, "data" text DEFAULT '{}', "refreshToken" character varying, "expiresAt" TIMESTAMP, "userAgent" character varying, "deviceName" character varying, "ipAddress" character varying, "lastActive" TIMESTAMP, "createdAt" TIMESTAMP NOT NULL DEFAULT now(), "updatedAt" TIMESTAMP NOT NULL DEFAULT now(), CONSTRAINT "PK_b51d540fb19801e1fabfcd4cc25" PRIMARY KEY ("id"))`);
+        await queryRunner.query(`CREATE TABLE "nest_auth_otps" ("id" uuid NOT NULL DEFAULT uuid_generate_v4(), "code" character varying NOT NULL, "type" character varying NOT NULL, "expiresAt" TIMESTAMP NOT NULL, "used" boolean NOT NULL DEFAULT false, "userId" uuid, "createdAt" TIMESTAMP NOT NULL DEFAULT now(), CONSTRAINT "PK_feb667fc6a6f684329fbdb6df7b" PRIMARY KEY ("id"))`);
+        await queryRunner.query(`CREATE TABLE "nest_auth_users" ("id" uuid NOT NULL DEFAULT uuid_generate_v4(), "firstName" character varying, "lastName" character varying, "displayName" character varying, "email" character varying, "emailVerifiedAt" TIMESTAMP, "phone" character varying, "phoneVerifiedAt" TIMESTAMP, "passwordHash" character varying, "isVerified" boolean NOT NULL DEFAULT false, "isActive" boolean NOT NULL DEFAULT true, "metadata" text DEFAULT '{}', "tenantId" uuid, "isMfaEnabled" boolean NOT NULL DEFAULT false, "mfaRecoveryCode" character varying, "createdAt" TIMESTAMP NOT NULL DEFAULT now(), "updatedAt" TIMESTAMP NOT NULL DEFAULT now(), "emailTenant" character varying, "phoneTenant" character varying, CONSTRAINT "PK_f8c4a108b080822fe175136b2b4" PRIMARY KEY ("id"))`);
+        await queryRunner.query(`CREATE INDEX "IDX_f205a76fddd9b6112e8ebadceb" ON "nest_auth_users" ("email") `);
+        await queryRunner.query(`CREATE INDEX "IDX_b9394230fea3a13678fcc49c0b" ON "nest_auth_users" ("emailVerifiedAt") `);
+        await queryRunner.query(`CREATE INDEX "IDX_8969475b8054414c938bf750bf" ON "nest_auth_users" ("phone") `);
+        await queryRunner.query(`CREATE INDEX "IDX_cddb7f4f8d2445b7cae9406c5f" ON "nest_auth_users" ("phoneVerifiedAt") `);
+        await queryRunner.query(`CREATE UNIQUE INDEX "IDX_USER_EMAIL_TENANT" ON "nest_auth_users" ("emailTenant") `);
+        await queryRunner.query(`CREATE UNIQUE INDEX "IDX_USER_PHONE_TENANT" ON "nest_auth_users" ("phoneTenant") `);
+        await queryRunner.query(`CREATE TABLE "auth_identities" ("id" uuid NOT NULL DEFAULT uuid_generate_v4(), "provider" character varying NOT NULL, "providerId" character varying, "metadata" text DEFAULT '{}', "createdAt" TIMESTAMP NOT NULL DEFAULT now(), "updatedAt" TIMESTAMP NOT NULL DEFAULT now(), "userId" uuid, CONSTRAINT "PK_63a29aebcddd09448dbeee4666b" PRIMARY KEY ("id"))`);
+        await queryRunner.query(`ALTER TABLE "nest_auth_role_permissions" ADD CONSTRAINT "FK_e890e94238c68a858bce449faa4" FOREIGN KEY ("roleId") REFERENCES "nest_auth_roles"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
+        await queryRunner.query(`ALTER TABLE "nest_auth_role_permissions" ADD CONSTRAINT "FK_f4db4c9f909314ea01e3924f1a6" FOREIGN KEY ("permissionId") REFERENCES "nest_auth_permissions"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
+        await queryRunner.query(`ALTER TABLE "nest_auth_user_roles" ADD CONSTRAINT "FK_ef42754933234ac1092319fde39" FOREIGN KEY ("userId") REFERENCES "nest_auth_users"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
+        await queryRunner.query(`ALTER TABLE "nest_auth_user_roles" ADD CONSTRAINT "FK_e960d551ae46638da46ae26bb7c" FOREIGN KEY ("roleId") REFERENCES "nest_auth_roles"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
+        await queryRunner.query(`ALTER TABLE "nest_auth_user_roles" ADD CONSTRAINT "FK_3059f244088592434e620429f9e" FOREIGN KEY ("tenantId") REFERENCES "nest_auth_tenants"("id") ON DELETE NO ACTION ON UPDATE NO ACTION`);
+        await queryRunner.query(`ALTER TABLE "nest_auth_mfa_secrets" ADD CONSTRAINT "FK_0a98696968066c0dbe3ab9e5c2f" FOREIGN KEY ("userId") REFERENCES "nest_auth_users"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
+        await queryRunner.query(`ALTER TABLE "nest_auth_sessions" ADD CONSTRAINT "FK_f63d081d00c171b7f5da6585e55" FOREIGN KEY ("userId") REFERENCES "nest_auth_users"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
+        await queryRunner.query(`ALTER TABLE "nest_auth_otps" ADD CONSTRAINT "FK_e442622c3ec0c9832b666653c62" FOREIGN KEY ("userId") REFERENCES "nest_auth_users"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
+        await queryRunner.query(`ALTER TABLE "nest_auth_users" ADD CONSTRAINT "FK_148a7bcc4883ec21e3d993998ef" FOREIGN KEY ("tenantId") REFERENCES "nest_auth_tenants"("id") ON DELETE NO ACTION ON UPDATE NO ACTION`);
+        await queryRunner.query(`ALTER TABLE "auth_identities" ADD CONSTRAINT "FK_6ed26ac7e2276ae145ca68c23af" FOREIGN KEY ("userId") REFERENCES "nest_auth_users"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
+    }
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "auth_identities" DROP CONSTRAINT "FK_6ed26ac7e2276ae145ca68c23af"`);
+        await queryRunner.query(`ALTER TABLE "nest_auth_users" DROP CONSTRAINT "FK_148a7bcc4883ec21e3d993998ef"`);
+        await queryRunner.query(`ALTER TABLE "nest_auth_otps" DROP CONSTRAINT "FK_e442622c3ec0c9832b666653c62"`);
+        await queryRunner.query(`ALTER TABLE "nest_auth_sessions" DROP CONSTRAINT "FK_f63d081d00c171b7f5da6585e55"`);
+        await queryRunner.query(`ALTER TABLE "nest_auth_mfa_secrets" DROP CONSTRAINT "FK_0a98696968066c0dbe3ab9e5c2f"`);
+        await queryRunner.query(`ALTER TABLE "nest_auth_user_roles" DROP CONSTRAINT "FK_3059f244088592434e620429f9e"`);
+        await queryRunner.query(`ALTER TABLE "nest_auth_user_roles" DROP CONSTRAINT "FK_e960d551ae46638da46ae26bb7c"`);
+        await queryRunner.query(`ALTER TABLE "nest_auth_user_roles" DROP CONSTRAINT "FK_ef42754933234ac1092319fde39"`);
+        await queryRunner.query(`ALTER TABLE "nest_auth_role_permissions" DROP CONSTRAINT "FK_f4db4c9f909314ea01e3924f1a6"`);
+        await queryRunner.query(`ALTER TABLE "nest_auth_role_permissions" DROP CONSTRAINT "FK_e890e94238c68a858bce449faa4"`);
+        await queryRunner.query(`DROP TABLE "auth_identities"`);
+        await queryRunner.query(`DROP INDEX "public"."IDX_USER_PHONE_TENANT"`);
+        await queryRunner.query(`DROP INDEX "public"."IDX_USER_EMAIL_TENANT"`);
+        await queryRunner.query(`DROP INDEX "public"."IDX_cddb7f4f8d2445b7cae9406c5f"`);
+        await queryRunner.query(`DROP INDEX "public"."IDX_8969475b8054414c938bf750bf"`);
+        await queryRunner.query(`DROP INDEX "public"."IDX_b9394230fea3a13678fcc49c0b"`);
+        await queryRunner.query(`DROP INDEX "public"."IDX_f205a76fddd9b6112e8ebadceb"`);
+        await queryRunner.query(`DROP TABLE "nest_auth_users"`);
+        await queryRunner.query(`DROP TABLE "nest_auth_otps"`);
+        await queryRunner.query(`DROP TABLE "nest_auth_sessions"`);
+        await queryRunner.query(`DROP TABLE "nest_auth_mfa_secrets"`);
+        await queryRunner.query(`DROP TABLE "nest_auth_user_roles"`);
+        await queryRunner.query(`DROP TABLE "nest_auth_roles"`);
+        await queryRunner.query(`DROP TABLE "nest_auth_role_permissions"`);
+        await queryRunner.query(`DROP TABLE "nest_auth_permissions"`);
+        await queryRunner.query(`DROP TABLE "nest_auth_tenants"`);
+    }
+}
+exports.Migration1746242659133 = Migration1746242659133;
+//# sourceMappingURL=1746242659133-migration.js.map

package/src/lib/migrations/1746242659133-migration.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"1746242659133-migration.js","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/migrations/1746242659133-migration.ts"],"names":[],"mappings":";;;AAEA,MAAa,sBAAsB;IAAnC;QACI,SAAI,GAAG,wBAAwB,CAAA;IA4DnC,CAAC;IA1DU,KAAK,CAAC,EAAE,CAAC,WAAwB;QACpC,MAAM,WAAW,CAAC,KAAK,CAAC,iZAAiZ,CAAC,CAAC;QAC3a,MAAM,WAAW,CAAC,KAAK,CAAC,sTAAsT,CAAC,CAAC;QAChV,MAAM,WAAW,CAAC,KAAK,CAAC,sLAAsL,CAAC,CAAC;QAChN,MAAM,WAAW,CAAC,KAAK,CAAC,gTAAgT,CAAC,CAAC;QAC1U,MAAM,WAAW,CAAC,KAAK,CAAC,sSAAsS,CAAC,CAAC;QAChU,MAAM,WAAW,CAAC,KAAK,CAAC,yYAAyY,CAAC,CAAC;QACna,MAAM,WAAW,CAAC,KAAK,CAAC,ucAAuc,CAAC,CAAC;QACje,MAAM,WAAW,CAAC,KAAK,CAAC,yVAAyV,CAAC,CAAC;QACnX,MAAM,WAAW,CAAC,KAAK,CAAC,wvBAAwvB,CAAC,CAAC;QAClxB,MAAM,WAAW,CAAC,KAAK,CAAC,+EAA+E,CAAC,CAAC;QACzG,MAAM,WAAW,CAAC,KAAK,CAAC,yFAAyF,CAAC,CAAC;QACnH,MAAM,WAAW,CAAC,KAAK,CAAC,+EAA+E,CAAC,CAAC;QACzG,MAAM,WAAW,CAAC,KAAK,CAAC,yFAAyF,CAAC,CAAC;QACnH,MAAM,WAAW,CAAC,KAAK,CAAC,mFAAmF,CAAC,CAAC;QAC7G,MAAM,WAAW,CAAC,KAAK,CAAC,mFAAmF,CAAC,CAAC;QAC7G,MAAM,WAAW,CAAC,KAAK,CAAC,gWAAgW,CAAC,CAAC;QAC1X,MAAM,WAAW,CAAC,KAAK,CAAC,0LAA0L,CAAC,CAAC;QACpN,MAAM,WAAW,CAAC,KAAK,CAAC,sMAAsM,CAAC,CAAC;QAChO,MAAM,WAAW,CAAC,KAAK,CAAC,oLAAoL,CAAC,CAAC;QAC9M,MAAM,WAAW,CAAC,KAAK,CAAC,oLAAoL,CAAC,CAAC;QAC9M,MAAM,WAAW,CAAC,KAAK,CAAC,0LAA0L,CAAC,CAAC;QACpN,MAAM,WAAW,CAAC,KAAK,CAAC,qLAAqL,CAAC,CAAC;QAC/M,MAAM,WAAW,CAAC,KAAK,CAAC,kLAAkL,CAAC,CAAC;QAC5M,MAAM,WAAW,CAAC,KAAK,CAAC,8KAA8K,CAAC,CAAC;QACxM,MAAM,WAAW,CAAC,KAAK,CAAC,qLAAqL,CAAC,CAAC;QAC/M,MAAM,WAAW,CAAC,KAAK,CAAC,+KAA+K,CAAC,CAAC;IAC7M,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,WAAwB;QACtC,MAAM,WAAW,CAAC,KAAK,CAAC,gFAAgF,CAAC,CAAC;QAC1G,MAAM,WAAW,CAAC,KAAK,CAAC,gFAAgF,CAAC,CAAC;QAC1G,MAAM,WAAW,CAAC,KAAK,CAAC,+EAA+E,CAAC,CAAC;QACzG,MAAM,WAAW,CAAC,KAAK,CAAC,mFAAmF,CAAC,CAAC;QAC7G,MAAM,WAAW,CAAC,KAAK,CAAC,sFAAsF,CAAC,CAAC;QAChH,MAAM,WAAW,CAAC,KAAK,CAAC,qFAAqF,CAAC,CAAC;QAC/G,MAAM,WAAW,CAAC,KAAK,CAAC,qFAAqF,CAAC,CAAC;QAC/G,MAAM,WAAW,CAAC,KAAK,CAAC,qFAAqF,CAAC,CAAC;QAC/G,MAAM,WAAW,CAAC,KAAK,CAAC,2FAA2F,CAAC,CAAC;QACrH,MAAM,WAAW,CAAC,KAAK,CAAC,2FAA2F,CAAC,CAAC;QACrH,MAAM,WAAW,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QACxD,MAAM,WAAW,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;QACvE,MAAM,WAAW,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;QACvE,MAAM,WAAW,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC;QAChF,MAAM,WAAW,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC;QAChF,MAAM,WAAW,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC;QAChF,MAAM,WAAW,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC;QAChF,MAAM,WAAW,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QACxD,MAAM,WAAW,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACvD,MAAM,WAAW,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;QAC3D,MAAM,WAAW,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;QAC9D,MAAM,WAAW,CAAC,KAAK,CAAC,mCAAmC,CAAC,CAAC;QAC7D,MAAM,WAAW,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QACxD,MAAM,WAAW,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACnE,MAAM,WAAW,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;QAC9D,MAAM,WAAW,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;IAC9D,CAAC;CAEJ;AA7DD,wDA6DC"}

package/src/lib/migrations/1746244352713-migration.d.ts

@@ -0,0 +1,6 @@
+import { MigrationInterface, QueryRunner } from "typeorm";
+export declare class Migration1746244352713 implements MigrationInterface {
+    name: string;
+    up(queryRunner: QueryRunner): Promise<void>;
+    down(queryRunner: QueryRunner): Promise<void>;
+}

package/src/lib/migrations/1746244352713-migration.js

@@ -0,0 +1,16 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Migration1746244352713 = void 0;
+class Migration1746244352713 {
+    constructor() {
+        this.name = 'Migration1746244352713';
+    }
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "nest_auth_users" DROP COLUMN "displayName"`);
+    }
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "nest_auth_users" ADD "displayName" character varying`);
+    }
+}
+exports.Migration1746244352713 = Migration1746244352713;
+//# sourceMappingURL=1746244352713-migration.js.map

package/src/lib/migrations/1746244352713-migration.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"1746244352713-migration.js","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/migrations/1746244352713-migration.ts"],"names":[],"mappings":";;;AAEA,MAAa,sBAAsB;IAAnC;QACI,SAAI,GAAG,wBAAwB,CAAA;IAUnC,CAAC;IARU,KAAK,CAAC,EAAE,CAAC,WAAwB;QACpC,MAAM,WAAW,CAAC,KAAK,CAAC,yDAAyD,CAAC,CAAC;IACvF,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,WAAwB;QACtC,MAAM,WAAW,CAAC,KAAK,CAAC,mEAAmE,CAAC,CAAC;IACjG,CAAC;CAEJ;AAXD,wDAWC"}

package/src/lib/nest-auth.module.d.ts

@@ -0,0 +1,13 @@
+import { DynamicModule, Provider, MiddlewareConsumer } from '@nestjs/common';
+import { AuthModuleAsyncOptions, AuthModuleOptions } from './interfaces/auth-module-options.interface';
+export declare class NestAuthModule {
+    static moduleDefaultOptions: Partial<AuthModuleOptions>;
+    private static createDynamicModule;
+    static forRoot(options: AuthModuleOptions): DynamicModule;
+    static forRootAsync(options: AuthModuleAsyncOptions): DynamicModule;
+    static createSessionBaseServiceProvider(): Provider[];
+    private static registerCustomProviders;
+    private static createAsyncProviders;
+    static getOptions(options: AuthModuleOptions): AuthModuleOptions;
+    configure(consumer: MiddlewareConsumer): void;
+}

package/src/lib/nest-auth.module.js

@@ -0,0 +1,247 @@
+"use strict";
+var NestAuthModule_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NestAuthModule = void 0;
+const tslib_1 = require("tslib");
+const common_1 = require("@nestjs/common");
+const typeorm_1 = require("@nestjs/typeorm");
+const entities_1 = require("./entities");
+const auth_constants_1 = require("./auth.constants");
+const auth_service_1 = require("./services/auth.service");
+const auth_guard_1 = require("./guards/auth.guard");
+const email_auth_provider_1 = require("./providers/email-auth.provider");
+const apple_auth_provider_1 = require("./providers/apple-auth.provider");
+const facebook_auth_provider_1 = require("./providers/facebook-auth.provider");
+const google_auth_provider_1 = require("./providers/google-auth.provider");
+const jwt_auth_provider_1 = require("./providers/jwt-auth.provider");
+const phone_auth_provider_1 = require("./providers/phone-auth.provider");
+const auth_provider_registry_service_1 = require("./services/auth-provider-registry.service");
+const request_context_middleware_1 = require("./request-context/request-context.middleware");
+const auth_migration_service_1 = require("./services/auth-migration-service");
+const mfa_service_1 = require("./services/mfa.service");
+const database_session_service_1 = require("./services/session/database-session.service");
+const redis_session_service_1 = require("./services/session/redis-session.service");
+const session_options_interface_1 = require("./interfaces/session-options.interface");
+const base_session_service_1 = require("./services/session/base-session.service");
+const ioredis_1 = require("@nestjs-modules/ioredis");
+const deepmerge_1 = tslib_1.__importDefault(require("deepmerge"));
+const mfa_options_interface_1 = require("./interfaces/mfa-options.interface");
+const jwt_service_1 = require("./services/jwt.service");
+const cookie_service_1 = require("./services/cookie.service");
+const mfa_controller_1 = require("./controllers/mfa.controller");
+const auth_controller_1 = require("./controllers/auth.controller");
+let NestAuthModule = NestAuthModule_1 = class NestAuthModule {
+    static createDynamicModule(providers, imports = []) {
+        const commonProviders = [
+            auth_migration_service_1.AuthMigrationService,
+            auth_service_1.AuthService,
+            auth_guard_1.AuthGuard,
+            email_auth_provider_1.EmailAuthProvider,
+            phone_auth_provider_1.PhoneAuthProvider,
+            jwt_auth_provider_1.JwtAuthProvider,
+            google_auth_provider_1.GoogleAuthProvider,
+            facebook_auth_provider_1.FacebookAuthProvider,
+            apple_auth_provider_1.AppleAuthProvider,
+            auth_provider_registry_service_1.AuthProviderRegistryService,
+            mfa_service_1.MfaService,
+            jwt_service_1.JwtService,
+            cookie_service_1.CookieService,
+            ...this.createSessionBaseServiceProvider(),
+            {
+                provide: auth_constants_1.ENABLED_AUTH_PROVIDERS,
+                useFactory: (registry, options) => {
+                    if (options.customAuthProviders) {
+                        options.customAuthProviders.forEach(provider => {
+                            registry.registerProvider(provider);
+                        });
+                    }
+                    return registry.getAllProviders();
+                },
+                inject: [auth_provider_registry_service_1.AuthProviderRegistryService, auth_constants_1.AUTH_MODULE_OPTIONS],
+            },
+        ];
+        return {
+            module: NestAuthModule_1,
+            controllers: [
+                auth_controller_1.AuthController,
+                mfa_controller_1.MfaController,
+            ],
+            imports: [
+                typeorm_1.TypeOrmModule.forFeature(entities_1.AllAuthEntities),
+                ioredis_1.RedisModule.forRoot({
+                    url: 'redis://localhost:6379',
+                    type: 'single',
+                }),
+                ...imports,
+            ],
+            providers: [...providers, ...commonProviders],
+            exports: [
+                auth_constants_1.AUTH_MODULE_OPTIONS,
+                auth_migration_service_1.AuthMigrationService,
+                auth_service_1.AuthService,
+                auth_guard_1.AuthGuard,
+                email_auth_provider_1.EmailAuthProvider,
+                phone_auth_provider_1.PhoneAuthProvider,
+                jwt_auth_provider_1.JwtAuthProvider,
+                google_auth_provider_1.GoogleAuthProvider,
+                facebook_auth_provider_1.FacebookAuthProvider,
+                apple_auth_provider_1.AppleAuthProvider,
+                auth_provider_registry_service_1.AuthProviderRegistryService,
+                mfa_service_1.MfaService,
+                base_session_service_1.BaseSessionService,
+                jwt_service_1.JwtService,
+                cookie_service_1.CookieService,
+                auth_constants_1.ENABLED_AUTH_PROVIDERS,
+            ],
+        };
+    }
+    static forRoot(options) {
+        const mergedOptions = this.getOptions(options);
+        const providers = [
+            {
+                provide: auth_constants_1.AUTH_MODULE_OPTIONS,
+                useValue: mergedOptions,
+            },
+        ];
+        return this.createDynamicModule(providers, []);
+    }
+    static forRootAsync(options) {
+        const asyncProviders = [...this.createAsyncProviders(options)];
+        return this.createDynamicModule(asyncProviders, options.imports);
+    }
+    static createSessionBaseServiceProvider() {
+        return [
+            redis_session_service_1.RedisSessionService,
+            database_session_service_1.DatabaseSessionService,
+            {
+                provide: base_session_service_1.BaseSessionService,
+                useFactory: (options, redisSessionService, databaseSessionService) => {
+                    const sessionOptions = {
+                        storageType: options.session?.storageType || session_options_interface_1.SessionStorageType.DATABASE,
+                        redisUrl: options.session?.redisUrl,
+                        sessionExpiry: options.session?.sessionExpiry,
+                        refreshTokenExpiry: options.session?.refreshTokenExpiry,
+                    };
+                    if (sessionOptions.storageType === session_options_interface_1.SessionStorageType.REDIS) {
+                        return redisSessionService;
+                    }
+                    else if (sessionOptions.storageType === session_options_interface_1.SessionStorageType.DATABASE) {
+                        return databaseSessionService;
+                    }
+                    else {
+                        throw new Error('Invalid session storage type');
+                    }
+                },
+                inject: [auth_constants_1.AUTH_MODULE_OPTIONS, redis_session_service_1.RedisSessionService, database_session_service_1.DatabaseSessionService],
+            }
+        ];
+    }
+    static registerCustomProviders(options) {
+        const providers = [];
+        if (options?.customAuthProviders) {
+            options.customAuthProviders.forEach((provider) => {
+                providers.push({
+                    provide: provider.providerId,
+                    useValue: provider,
+                });
+            });
+        }
+        return providers;
+    }
+    static createAsyncProviders(options) {
+        if (options.useFactory) {
+            return [
+                {
+                    provide: auth_constants_1.AUTH_MODULE_OPTIONS,
+                    useFactory: async (...args) => {
+                        const config = await options.useFactory(...args);
+                        const mergedOptions = this.getOptions(config);
+                        return {
+                            ...mergedOptions,
+                            ...this.registerCustomProviders(mergedOptions),
+                        };
+                    },
+                    inject: options.inject || [],
+                },
+            ];
+        }
+        let useClassProvider;
+        if (options.useClass) {
+            useClassProvider = {
+                provide: options.useClass,
+                useClass: options.useClass,
+            };
+        }
+        return [
+            {
+                provide: auth_constants_1.AUTH_MODULE_OPTIONS,
+                useFactory: async (optionsFactory) => {
+                    const options = await optionsFactory.createAuthModuleOptions();
+                    return {
+                        ...options,
+                        ...this.registerCustomProviders(options),
+                    };
+                },
+                inject: [options.useExisting || options.useClass],
+            },
+            ...(useClassProvider ? [useClassProvider] : []),
+        ];
+    }
+    static getOptions(options) {
+        return (0, deepmerge_1.default)(this.moduleDefaultOptions, options);
+    }
+    configure(consumer) {
+        consumer.apply(request_context_middleware_1.RequestContextMiddleware).forRoutes('auth/*');
+    }
+};
+exports.NestAuthModule = NestAuthModule;
+NestAuthModule.moduleDefaultOptions = {
+    passwordResetOtpExpiresIn: '15m',
+    session: {
+        storageType: session_options_interface_1.SessionStorageType.DATABASE,
+        sessionExpiry: '1h',
+        refreshTokenExpiry: '30d',
+    },
+    jwt: {
+        secret: 'secret',
+    },
+    accessTokenType: 'header',
+    cookieOptions: {
+        httpOnly: true,
+        secure: false,
+    },
+    emailAuth: {
+        enabled: true,
+    },
+    mfa: {
+        enabled: false,
+        methods: [mfa_options_interface_1.MFAMethodEnum.EMAIL, mfa_options_interface_1.MFAMethodEnum.TOTP],
+        allowUserToggle: true,
+        allowMethodSelection: true,
+        otpLength: 6,
+        otpExpiresIn: '15m',
+    },
+};
+exports.NestAuthModule = NestAuthModule = NestAuthModule_1 = tslib_1.__decorate([
+    (0, common_1.Module)({
+        imports: [
+            typeorm_1.TypeOrmModule.forFeature(entities_1.AllAuthEntities),
+        ],
+        providers: [
+            auth_migration_service_1.AuthMigrationService,
+            auth_service_1.AuthService,
+            auth_guard_1.AuthGuard,
+            auth_provider_registry_service_1.AuthProviderRegistryService,
+            mfa_service_1.MfaService,
+            jwt_service_1.JwtService,
+        ],
+        exports: [
+            auth_migration_service_1.AuthMigrationService,
+            auth_service_1.AuthService,
+            auth_guard_1.AuthGuard,
+            auth_provider_registry_service_1.AuthProviderRegistryService,
+            mfa_service_1.MfaService,
+        ],
+    })
+], NestAuthModule);
+//# sourceMappingURL=nest-auth.module.js.map

package/src/lib/nest-auth.module.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"nest-auth.module.js","sourceRoot":"","sources":["../../../../../packages/nest-auth/src/lib/nest-auth.module.ts"],"names":[],"mappings":";;;;;AAAA,2CAAqF;AACrF,6CAAgD;AAChD,yCAA6C;AAC7C,qDAA+E;AAE/E,0DAAsD;AACtD,oDAAgD;AAChD,yEAAoE;AACpE,yEAAoE;AACpE,+EAA0E;AAC1E,2EAAsE;AACtE,qEAAgE;AAChE,yEAAoE;AACpE,8FAAwF;AACxF,6FAAwF;AACxF,8EAAyE;AACzE,wDAAoD;AAEpD,0FAAqF;AACrF,oFAA+E;AAC/E,sFAA4E;AAC5E,kFAA6E;AAC7E,qDAAsD;AACtD,kEAAkC;AAClC,8EAAmE;AACnE,wDAAoD;AACpD,8DAA0D;AAC1D,iEAA6D;AAC7D,mEAA+D;AAsBxD,IAAM,cAAc,sBAApB,MAAM,cAAc;IAiCjB,MAAM,CAAC,mBAAmB,CAAC,SAAqB,EAAE,UAAiB,EAAE;QAE3E,MAAM,eAAe,GAAe;YAClC,6CAAoB;YACpB,0BAAW;YACX,sBAAS;YACT,uCAAiB;YACjB,uCAAiB;YACjB,mCAAe;YACf,yCAAkB;YAClB,6CAAoB;YACpB,uCAAiB;YACjB,4DAA2B;YAC3B,wBAAU;YACV,wBAAU;YACV,8BAAa;YACb,GAAG,IAAI,CAAC,gCAAgC,EAAE;YAC1C;gBACE,OAAO,EAAE,uCAAsB;gBAC/B,UAAU,EAAE,CAAC,QAAqC,EAAE,OAA0B,EAAE,EAAE;oBAEhF,IAAI,OAAO,CAAC,mBAAmB,EAAE,CAAC;wBAChC,OAAO,CAAC,mBAAmB,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;4BAC7C,QAAQ,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;wBACtC,CAAC,CAAC,CAAC;oBACL,CAAC;oBACD,OAAO,QAAQ,CAAC,eAAe,EAAE,CAAC;gBACpC,CAAC;gBACD,MAAM,EAAE,CAAC,4DAA2B,EAAE,oCAAmB,CAAC;aAC3D;SACF,CAAC;QAEF,OAAO;YACL,MAAM,EAAE,gBAAc;YACtB,WAAW,EAAE;gBACX,gCAAc;gBACd,8BAAa;aACd;YACD,OAAO,EAAE;gBACP,uBAAa,CAAC,UAAU,CAAC,0BAAe,CAAC;gBACzC,qBAAW,CAAC,OAAO,CAAC;oBAClB,GAAG,EAAE,wBAAwB;oBAC7B,IAAI,EAAE,QAAQ;iBACf,CAAC;gBACF,GAAG,OAAO;aACX;YACD,SAAS,EAAE,CAAC,GAAG,SAAS,EAAE,GAAG,eAAe,CAAC;YAC7C,OAAO,EAAE;gBACP,oCAAmB;gBACnB,6CAAoB;gBACpB,0BAAW;gBACX,sBAAS;gBACT,uCAAiB;gBACjB,uCAAiB;gBACjB,mCAAe;gBACf,yCAAkB;gBAClB,6CAAoB;gBACpB,uCAAiB;gBACjB,4DAA2B;gBAC3B,wBAAU;gBACV,yCAAkB;gBAClB,wBAAU;gBACV,8BAAa;gBACb,uCAAsB;aACvB;SACF,CAAC;IACJ,CAAC;IAMD,MAAM,CAAC,OAAO,CAAC,OAA0B;QACvC,MAAM,aAAa,GAAG,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAC/C,MAAM,SAAS,GAAe;YAC5B;gBACE,OAAO,EAAE,oCAAmB;gBAC5B,QAAQ,EAAE,aAAa;aACxB;SACF,CAAC;QAEF,OAAO,IAAI,CAAC,mBAAmB,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;IACjD,CAAC;IAKD,MAAM,CAAC,YAAY,CAAC,OAA+B;QACjD,MAAM,cAAc,GAAe,CAAC,GAAG,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC,CAAC;QAC3E,OAAO,IAAI,CAAC,mBAAmB,CAAC,cAAc,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IACnE,CAAC;IAED,MAAM,CAAC,gCAAgC;QACrC,OAAO;YACL,2CAAmB;YACnB,iDAAsB;YACtB;gBACE,OAAO,EAAE,yCAAkB;gBAC3B,UAAU,EAAE,CACV,OAA0B,EAC1B,mBAAwC,EACxC,sBAA8C,EAC9C,EAAE;oBACF,MAAM,cAAc,GAAmB;wBACrC,WAAW,EAAE,OAAO,CAAC,OAAO,EAAE,WAAW,IAAI,8CAAkB,CAAC,QAAQ;wBACxE,QAAQ,EAAE,OAAO,CAAC,OAAO,EAAE,QAAQ;wBACnC,aAAa,EAAE,OAAO,CAAC,OAAO,EAAE,aAAa;wBAC7C,kBAAkB,EAAE,OAAO,CAAC,OAAO,EAAE,kBAAkB;qBACxD,CAAC;oBAEF,IAAI,cAAc,CAAC,WAAW,KAAK,8CAAkB,CAAC,KAAK,EAAE,CAAC;wBAC5D,OAAO,mBAAmB,CAAC;oBAC7B,CAAC;yBAAM,IAAI,cAAc,CAAC,WAAW,KAAK,8CAAkB,CAAC,QAAQ,EAAE,CAAC;wBACtE,OAAO,sBAAsB,CAAC;oBAChC,CAAC;yBAAM,CAAC;wBACN,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;oBAClD,CAAC;gBACH,CAAC;gBACD,MAAM,EAAE,CAAC,oCAAmB,EAAE,2CAAmB,EAAE,iDAAsB,CAAC;aAC3E;SACF,CAAA;IACH,CAAC;IAKO,MAAM,CAAC,uBAAuB,CAAC,OAA2B;QAChE,MAAM,SAAS,GAAe,EAAE,CAAC;QACjC,IAAI,OAAO,EAAE,mBAAmB,EAAE,CAAC;YACjC,OAAO,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE;gBAC/C,SAAS,CAAC,IAAI,CAAC;oBACb,OAAO,EAAE,QAAQ,CAAC,UAAU;oBAC5B,QAAQ,EAAE,QAAQ;iBACnB,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;QACL,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAKO,MAAM,CAAC,oBAAoB,CAAC,OAA+B;QACjE,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;YACvB,OAAO;gBACL;oBACE,OAAO,EAAE,oCAAmB;oBAC5B,UAAU,EAAE,KAAK,EAAE,GAAG,IAAW,EAAE,EAAE;wBACnC,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC;wBACjD,MAAM,aAAa,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;wBAC9C,OAAO;4BACL,GAAG,aAAa;4BAChB,GAAG,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC;yBAC/C,CAAC;oBACJ,CAAC;oBACD,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE;iBAC7B;aACF,CAAC;QACJ,CAAC;QAED,IAAI,gBAAgB,CAAC;QACrB,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACrB,gBAAgB,GAAG;gBACjB,OAAO,EAAE,OAAO,CAAC,QAAQ;gBACzB,QAAQ,EAAE,OAAO,CAAC,QAAQ;aAC3B,CAAC;QACJ,CAAC;QAED,OAAO;YACL;gBACE,OAAO,EAAE,oCAAmB;gBAC5B,UAAU,EAAE,KAAK,EAAE,cAAwC,EAAE,EAAE;oBAC7D,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,uBAAuB,EAAE,CAAC;oBAC/D,OAAO;wBACL,GAAG,OAAO;wBACV,GAAG,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC;qBACzC,CAAC;gBACJ,CAAC;gBACD,MAAM,EAAE,CAAC,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,QAAQ,CAAC;aAClD;YACD,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;SAChD,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,UAAU,CAAC,OAA0B;QAC1C,OAAO,IAAA,mBAAS,EAAC,IAAI,CAAC,oBAAoB,EAAE,OAAO,CAAC,CAAC;IACvD,CAAC;IAED,SAAS,CAAC,QAA4B;QACpC,QAAQ,CAAC,KAAK,CAAC,qDAAwB,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;IAC/D,CAAC;;AA/NU,wCAAc;AAElB,mCAAoB,GAA+B;IACxD,yBAAyB,EAAE,KAAK;IAChC,OAAO,EAAE;QACP,WAAW,EAAE,8CAAkB,CAAC,QAAQ;QACxC,aAAa,EAAE,IAAI;QACnB,kBAAkB,EAAE,KAAK;KAC1B;IACD,GAAG,EAAE;QACH,MAAM,EAAE,QAAQ;KACjB;IACD,eAAe,EAAE,QAAQ;IACzB,aAAa,EAAE;QACb,QAAQ,EAAE,IAAI;QACd,MAAM,EAAE,KAAK;KACd;IACD,SAAS,EAAE;QACT,OAAO,EAAE,IAAI;KACd;IACD,GAAG,EAAE;QACH,OAAO,EAAE,KAAK;QACd,OAAO,EAAE,CAAC,qCAAa,CAAC,KAAK,EAAE,qCAAa,CAAC,IAAI,CAAC;QAClD,eAAe,EAAE,IAAI;QACrB,oBAAoB,EAAE,IAAI;QAC1B,SAAS,EAAE,CAAC;QACZ,YAAY,EAAE,KAAK;KACpB;CACF,AA1B0B,CA0BzB;yBA5BS,cAAc;IApB1B,IAAA,eAAM,EAAC;QACN,OAAO,EAAE;YACP,uBAAa,CAAC,UAAU,CAAC,0BAAe,CAAC;SAC1C;QACD,SAAS,EAAE;YACT,6CAAoB;YACpB,0BAAW;YACX,sBAAS;YACT,4DAA2B;YAC3B,wBAAU;YACV,wBAAU;SACX;QACD,OAAO,EAAE;YACP,6CAAoB;YACpB,0BAAW;YACX,sBAAS;YACT,4DAA2B;YAC3B,wBAAU;SACX;KACF,CAAC;GACW,cAAc,CAkO1B"}

package/src/lib/providers/apple-auth.provider.d.ts

@@ -0,0 +1,23 @@
+import { AuthIdentity } from '../entities/auth-identity.entity';
+import { Repository } from 'typeorm';
+import { BaseAuthProvider } from './base-auth.provider';
+import { User } from '../entities/user.entity';
+import { AuthModuleOptions } from '../interfaces/auth-module-options.interface';
+import { JwtService } from '../services/jwt.service';
+export declare class AppleAuthProvider extends BaseAuthProvider {
+    readonly userRepository: Repository<User>;
+    readonly authIdentityRepository: Repository<AuthIdentity>;
+    private options;
+    private readonly jwtService;
+    providerId: string;
+    private appleAuth;
+    constructor(userRepository: Repository<User>, authIdentityRepository: Repository<AuthIdentity>, options: AuthModuleOptions, jwtService: JwtService);
+    validate(credentials: {
+        accessToken: string;
+    }): Promise<{
+        userId: string;
+        email: string;
+        metadata: import("../interfaces/token-payload.interface").JWTTokenPayload;
+    }>;
+    getRequiredFields(): string[];
+}

package/src/lib/providers/apple-auth.provider.js

@@ -0,0 +1,61 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AppleAuthProvider = void 0;
+const tslib_1 = require("tslib");
+const apple_auth_1 = tslib_1.__importDefault(require("apple-auth"));
+const common_1 = require("@nestjs/common");
+const auth_identity_entity_1 = require("../entities/auth-identity.entity");
+const typeorm_1 = require("typeorm");
+const base_auth_provider_1 = require("./base-auth.provider");
+const user_entity_1 = require("../entities/user.entity");
+const typeorm_2 = require("@nestjs/typeorm");
+const auth_constants_1 = require("../auth.constants");
+const jwt_service_1 = require("../services/jwt.service");
+let AppleAuthProvider = class AppleAuthProvider extends base_auth_provider_1.BaseAuthProvider {
+    constructor(userRepository, authIdentityRepository, options, jwtService) {
+        super(userRepository, authIdentityRepository);
+        this.userRepository = userRepository;
+        this.authIdentityRepository = authIdentityRepository;
+        this.options = options;
+        this.jwtService = jwtService;
+        this.providerId = auth_constants_1.APPLE_AUTH_PROVIDER;
+        const appleConfig = this.options.apple;
+        this.enabled = Boolean(this.options.apple);
+        if (this.enabled) {
+            this.appleAuth = new apple_auth_1.default({
+                scope: 'email name',
+                redirect_uri: appleConfig.redirectUri,
+                team_id: appleConfig.teamId,
+                key_id: appleConfig.keyId,
+                client_id: appleConfig.clientId,
+            }, appleConfig.privateKey, appleConfig.privateKeyMethod || 'text');
+        }
+    }
+    async validate(credentials) {
+        try {
+            const response = await this.appleAuth.accessToken(credentials.accessToken);
+            const user = this.jwtService.decodeToken(response.id_token);
+            return {
+                userId: user.id,
+                email: user.email || '',
+                metadata: user,
+            };
+        }
+        catch (error) {
+            throw new common_1.UnauthorizedException('Invalid Apple token');
+        }
+    }
+    getRequiredFields() {
+        return ['accessToken'];
+    }
+};
+exports.AppleAuthProvider = AppleAuthProvider;
+exports.AppleAuthProvider = AppleAuthProvider = tslib_1.__decorate([
+    (0, common_1.Injectable)(),
+    tslib_1.__param(0, (0, typeorm_2.InjectRepository)(user_entity_1.User)),
+    tslib_1.__param(1, (0, typeorm_2.InjectRepository)(auth_identity_entity_1.AuthIdentity)),
+    tslib_1.__param(2, (0, common_1.Inject)(auth_constants_1.AUTH_MODULE_OPTIONS)),
+    tslib_1.__metadata("design:paramtypes", [typeorm_1.Repository,
+        typeorm_1.Repository, Object, jwt_service_1.JwtService])
+], AppleAuthProvider);
+//# sourceMappingURL=apple-auth.provider.js.map

package/src/lib/providers/apple-auth.provider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"apple-auth.provider.js","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/providers/apple-auth.provider.ts"],"names":[],"mappings":";;;;AAAA,oEAAmC;AACnC,2CAA2E;AAC3E,2EAAgE;AAChE,qCAAqC;AACrC,6DAAwD;AACxD,yDAA+C;AAC/C,6CAAmD;AAEnD,sDAA6E;AAC7E,yDAAqD;AAI9C,IAAM,iBAAiB,GAAvB,MAAM,iBAAkB,SAAQ,qCAAgB;IAKnD,YAEI,cAAkD,EAGlD,sBAAkE,EAGlE,OAAkC,EAEjB,UAAsB;QAEvC,KAAK,CAAC,cAAc,EAAE,sBAAsB,CAAC,CAAC;QAV5B,mBAAc,GAAd,cAAc,CAAkB;QAGhC,2BAAsB,GAAtB,sBAAsB,CAA0B;QAG1D,YAAO,GAAP,OAAO,CAAmB;QAEjB,eAAU,GAAV,UAAU,CAAY;QAd3C,eAAU,GAAG,oCAAmB,CAAC;QAkB7B,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC;QAEvC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QAE3C,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACf,IAAI,CAAC,SAAS,GAAG,IAAI,oBAAS,CAC1B;gBACI,KAAK,EAAE,YAAY;gBACnB,YAAY,EAAE,WAAW,CAAC,WAAW;gBACrC,OAAO,EAAE,WAAW,CAAC,MAAM;gBAC3B,MAAM,EAAE,WAAW,CAAC,KAAK;gBACzB,SAAS,EAAE,WAAW,CAAC,QAAQ;aAClC,EACD,WAAW,CAAC,UAAU,EACtB,WAAW,CAAC,gBAAgB,IAAI,MAAM,CACzC,CAAC;QACN,CAAC;IACL,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,WAAoC;QAC/C,IAAI,CAAC;YACD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;YAC3E,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAC5D,OAAO;gBACH,MAAM,EAAE,IAAI,CAAC,EAAE;gBACf,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,EAAE;gBACvB,QAAQ,EAAE,IAAI;aACjB,CAAC;QACN,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,MAAM,IAAI,8BAAqB,CAAC,qBAAqB,CAAC,CAAC;QAC3D,CAAC;IACL,CAAC;IAED,iBAAiB;QACb,OAAO,CAAC,aAAa,CAAC,CAAC;IAC3B,CAAC;CACJ,CAAA;AAvDY,8CAAiB;4BAAjB,iBAAiB;IAD7B,IAAA,mBAAU,GAAE;IAOJ,mBAAA,IAAA,0BAAgB,EAAC,kBAAI,CAAC,CAAA;IAGtB,mBAAA,IAAA,0BAAgB,EAAC,mCAAY,CAAC,CAAA;IAG9B,mBAAA,IAAA,eAAM,EAAC,oCAAmB,CAAC,CAAA;6CALM,oBAAU;QAGF,oBAAU,UAKvB,wBAAU;GAflC,iBAAiB,CAuD7B"}

package/src/lib/providers/base-auth.provider.d.ts

@@ -0,0 +1,24 @@
+import { Repository } from 'typeorm';
+import { User } from '../entities/user.entity';
+import { AuthIdentity } from '../entities/auth-identity.entity';
+export interface AuthProviderUser {
+    userId: string;
+    email?: string;
+    phone?: string;
+    username?: string;
+    metadata?: Record<string, any>;
+}
+export type LinkUserWith = 'email' | 'phone';
+export declare abstract class BaseAuthProvider {
+    protected readonly userRepository: Repository<User>;
+    protected readonly authIdentityRepository: Repository<AuthIdentity>;
+    abstract providerId: string;
+    enabled: boolean;
+    constructor(userRepository: Repository<User>, authIdentityRepository: Repository<AuthIdentity>);
+    linkToUser(userId: string, providerUserId: string, metadata?: Record<string, any>): Promise<void>;
+    findIdentityByUserId(userId: string): Promise<AuthIdentity | null>;
+    findIdentity(providerUserId: string): Promise<AuthIdentity | null>;
+    abstract validate(credentials: any): Promise<AuthProviderUser | null>;
+    abstract getRequiredFields(): string[];
+    linkUserWith(): LinkUserWith;
+}

package/src/lib/providers/base-auth.provider.js

@@ -0,0 +1,54 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BaseAuthProvider = void 0;
+const tslib_1 = require("tslib");
+const common_1 = require("@nestjs/common");
+const typeorm_1 = require("@nestjs/typeorm");
+const typeorm_2 = require("typeorm");
+const user_entity_1 = require("../entities/user.entity");
+const auth_identity_entity_1 = require("../entities/auth-identity.entity");
+let BaseAuthProvider = class BaseAuthProvider {
+    constructor(userRepository, authIdentityRepository) {
+        this.userRepository = userRepository;
+        this.authIdentityRepository = authIdentityRepository;
+    }
+    async linkToUser(userId, providerUserId, metadata) {
+        const identity = this.authIdentityRepository.create({
+            userId,
+            provider: this.providerId,
+            providerId: providerUserId,
+            metadata: metadata || {},
+        });
+        await this.authIdentityRepository.save(identity);
+    }
+    async findIdentityByUserId(userId) {
+        return this.authIdentityRepository.findOne({
+            where: {
+                userId,
+                provider: this.providerId,
+            },
+            relations: ['user'],
+        });
+    }
+    async findIdentity(providerUserId) {
+        return this.authIdentityRepository.findOne({
+            where: {
+                provider: this.providerId,
+                providerId: providerUserId,
+            },
+            relations: ['user'],
+        });
+    }
+    linkUserWith() {
+        return 'email';
+    }
+};
+exports.BaseAuthProvider = BaseAuthProvider;
+exports.BaseAuthProvider = BaseAuthProvider = tslib_1.__decorate([
+    (0, common_1.Injectable)(),
+    tslib_1.__param(0, (0, typeorm_1.InjectRepository)(user_entity_1.User)),
+    tslib_1.__param(1, (0, typeorm_1.InjectRepository)(auth_identity_entity_1.AuthIdentity)),
+    tslib_1.__metadata("design:paramtypes", [typeorm_2.Repository,
+        typeorm_2.Repository])
+], BaseAuthProvider);
+//# sourceMappingURL=base-auth.provider.js.map

package/src/lib/providers/base-auth.provider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"base-auth.provider.js","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/providers/base-auth.provider.ts"],"names":[],"mappings":";;;;AAAA,2CAA4C;AAC5C,6CAAmD;AACnD,qCAAqC;AACrC,yDAA+C;AAC/C,2EAAgE;AAazD,IAAe,gBAAgB,GAA/B,MAAe,gBAAgB;IAIlC,YAEuB,cAAgC,EAEhC,sBAAgD;QAFhD,mBAAc,GAAd,cAAc,CAAkB;QAEhC,2BAAsB,GAAtB,sBAAsB,CAA0B;IACnE,CAAC;IAKL,KAAK,CAAC,UAAU,CAAC,MAAc,EAAE,cAAsB,EAAE,QAA8B;QACnF,MAAM,QAAQ,GAAG,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC;YAChD,MAAM;YACN,QAAQ,EAAE,IAAI,CAAC,UAAU;YACzB,UAAU,EAAE,cAAc;YAC1B,QAAQ,EAAE,QAAQ,IAAI,EAAE;SAC3B,CAAC,CAAC;QACH,MAAM,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACrD,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,MAAc;QACrC,OAAO,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC;YACvC,KAAK,EAAE;gBACH,MAAM;gBACN,QAAQ,EAAE,IAAI,CAAC,UAAU;aAC5B;YACD,SAAS,EAAE,CAAC,MAAM,CAAC;SACtB,CAAC,CAAC;IACP,CAAC;IAKD,KAAK,CAAC,YAAY,CAAC,cAAsB;QACrC,OAAO,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC;YACvC,KAAK,EAAE;gBACH,QAAQ,EAAE,IAAI,CAAC,UAAU;gBACzB,UAAU,EAAE,cAAc;aAC7B;YACD,SAAS,EAAE,CAAC,MAAM,CAAC;SACtB,CAAC,CAAC;IACP,CAAC;IAOD,YAAY;QACR,OAAO,OAAO,CAAC;IACnB,CAAC;CACJ,CAAA;AAvDqB,4CAAgB;2BAAhB,gBAAgB;IADrC,IAAA,mBAAU,GAAE;IAMJ,mBAAA,IAAA,0BAAgB,EAAC,kBAAI,CAAC,CAAA;IAEtB,mBAAA,IAAA,0BAAgB,EAAC,mCAAY,CAAC,CAAA;6CADI,oBAAU;QAEF,oBAAU;GARvC,gBAAgB,CAuDrC"}

package/src/lib/providers/email-auth.provider.d.ts

@@ -0,0 +1,21 @@
+import { Repository } from 'typeorm';
+import { User } from '../entities/user.entity';
+import { BaseAuthProvider } from './base-auth.provider';
+import { AuthIdentity } from '../entities/auth-identity.entity';
+import { AuthModuleOptions } from '../interfaces/auth-module-options.interface';
+export declare class EmailAuthProvider extends BaseAuthProvider {
+    readonly userRepository: Repository<User>;
+    readonly authIdentityRepository: Repository<AuthIdentity>;
+    private options;
+    providerId: string;
+    constructor(userRepository: Repository<User>, authIdentityRepository: Repository<AuthIdentity>, options: AuthModuleOptions);
+    validate(credentials: {
+        email?: string;
+        password?: string;
+    }): Promise<{
+        userId: string;
+        email: string;
+        metadata: User;
+    }>;
+    getRequiredFields(): string[];
+}