@ackplus/nest-auth 0.0.37 → 0.0.38

package/src/lib/auth/services/mfa.service.js

@@ -1,255 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.MfaService = void 0;
-const tslib_1 = require("tslib");
-const common_1 = require("@nestjs/common");
-const typeorm_1 = require("@nestjs/typeorm");
-const typeorm_2 = require("typeorm");
-const mfa_secret_entity_1 = require("../../auth/entities/mfa-secret.entity");
-const speakeasy_1 = tslib_1.__importDefault(require("speakeasy"));
-const qrcode_1 = tslib_1.__importDefault(require("qrcode"));
-const mfa_options_interface_1 = require("../../core/interfaces/mfa-options.interface");
-const auth_constants_1 = require("../../auth.constants");
-const user_entity_1 = require("../../user/entities/user.entity");
-const otp_entity_1 = require("../../auth/entities/otp.entity");
-const otp_interface_1 = require("../../core/interfaces/otp.interface");
-const otp_1 = require("../../utils/otp");
-const ms_1 = tslib_1.__importDefault(require("ms"));
-let MfaService = class MfaService {
-    constructor(mfaSecretRepository, userRepository, otpRepository, options) {
-        this.mfaSecretRepository = mfaSecretRepository;
-        this.userRepository = userRepository;
-        this.otpRepository = otpRepository;
-        this.options = options;
-        this.mfaConfig = this.options.mfa;
-    }
-    checkIsMfaEnabledForApp(throwError = true) {
-        if (!this.mfaConfig.enabled) {
-            if (throwError) {
-                throw new common_1.ForbiddenException('MFA is not enabled for the application');
-            }
-            return false;
-        }
-        return true;
-    }
-    async getEnabledMethods(userId) {
-        this.checkIsMfaEnabledForApp(true);
-        const isEnabled = await this.isMfaEnabled(userId);
-        if (!isEnabled) {
-            return [];
-        }
-        const enableMethod = [];
-        if (this.mfaConfig.methods?.includes(mfa_options_interface_1.MFAMethodEnum.EMAIL)) {
-            enableMethod.push(mfa_options_interface_1.MFAMethodEnum.EMAIL);
-        }
-        if (this.mfaConfig.methods?.includes(mfa_options_interface_1.MFAMethodEnum.SMS)) {
-            enableMethod.push(mfa_options_interface_1.MFAMethodEnum.SMS);
-        }
-        const totpDevice = await this.mfaSecretRepository.findOne({
-            where: {
-                userId,
-            },
-        });
-        if (totpDevice) {
-            enableMethod.push(mfa_options_interface_1.MFAMethodEnum.TOTP);
-        }
-        return enableMethod;
-    }
-    async sendMfaCode(userId, method) {
-        this.checkIsMfaEnabledForApp(true);
-        const code = (0, otp_1.generateOtp)(this.mfaConfig.otpLength);
-        const expiresAt = (0, ms_1.default)(this.mfaConfig.otpExpiresIn);
-        const otp = await this.otpRepository.create({
-            userId,
-            type: otp_interface_1.OTPTypeEnum.MFA,
-            expiresAt: new Date(Date.now() + expiresAt),
-            code,
-        });
-        await this.otpRepository.save(otp);
-        if (method === mfa_options_interface_1.MFAMethodEnum.EMAIL) {
-        }
-        else if (method === mfa_options_interface_1.MFAMethodEnum.SMS) {
-        }
-        return true;
-    }
-    async verifyMfa(userId, inputOtp, method) {
-        this.checkIsMfaEnabledForApp(true);
-        if (method === mfa_options_interface_1.MFAMethodEnum.TOTP) {
-            const devices = await this.mfaSecretRepository.find({
-                where: { userId, verified: true }
-            });
-            for (const device of devices) {
-                const isValid = speakeasy_1.default.totp.verify({
-                    secret: device.secret,
-                    encoding: 'base32',
-                    token: inputOtp,
-                    window: 1
-                });
-                if (isValid) {
-                    await this.mfaSecretRepository.update({ id: device.id }, { lastUsedAt: new Date() });
-                    return true;
-                }
-            }
-            return false;
-        }
-        if (method === mfa_options_interface_1.MFAMethodEnum.EMAIL || method === mfa_options_interface_1.MFAMethodEnum.SMS) {
-            const otp = await this.otpRepository.findOne({
-                where: {
-                    userId,
-                    type: otp_interface_1.OTPTypeEnum.MFA,
-                    used: false,
-                    expiresAt: (0, typeorm_2.MoreThan)(new Date()),
-                    code: inputOtp
-                }
-            });
-            if (!otp) {
-                return false;
-            }
-            await this.otpRepository.delete(otp.id);
-            return true;
-        }
-        return false;
-    }
-    async setupTotpDevice(userId, deviceName) {
-        this.checkIsMfaEnabledForApp(true);
-        const user = await this.userRepository.findOne({ where: { id: userId } });
-        if (!user) {
-            throw new Error('User not found');
-        }
-        const secret = speakeasy_1.default.generateSecret();
-        await this.mfaSecretRepository.save({
-            userId,
-            secret: secret.base32,
-            deviceName: deviceName || 'Authenticator',
-            verified: false
-        });
-        const qrCode = await qrcode_1.default.toDataURL(secret.otpauth_url);
-        return { secret: secret.base32, qrCode };
-    }
-    async verifyTotpSetup(userId, secret, inputOtp) {
-        this.checkIsMfaEnabledForApp(true);
-        const device = await this.mfaSecretRepository.findOne({
-            where: { userId, secret }
-        });
-        if (device) {
-            if (device.verified) {
-                return true;
-            }
-            const isValid = speakeasy_1.default.totp.verify({
-                secret: device.secret,
-                encoding: 'base32',
-                token: inputOtp,
-                window: 1
-            });
-            if (isValid) {
-                await this.mfaSecretRepository.update({ id: device.id }, { verified: true });
-                return true;
-            }
-        }
-        return false;
-    }
-    async getTotpDevices(userId) {
-        this.checkIsMfaEnabledForApp(true);
-        const devices = await this.mfaSecretRepository.find({
-            select: ['id', 'deviceName', 'lastUsedAt', 'verified'],
-            where: { userId },
-            order: { lastUsedAt: 'DESC' }
-        });
-        return devices.map(device => ({
-            id: device.id,
-            deviceName: device.deviceName,
-            lastUsedAt: device.lastUsedAt,
-            verified: device.verified,
-        }));
-    }
-    async removeDevice(deviceId) {
-        this.checkIsMfaEnabledForApp(true);
-        await this.mfaSecretRepository.delete({ id: deviceId });
-    }
-    async isRequiresMfa(userId) {
-        if (!this.mfaConfig.enabled) {
-            return false;
-        }
-        if (this.mfaConfig.required) {
-            return true;
-        }
-        const user = await this.userRepository.findOne({
-            select: ['id', 'isMfaEnabled'],
-            where: { id: userId },
-        });
-        return !!user?.isMfaEnabled;
-    }
-    async isMfaEnabled(userId) {
-        if (this.mfaConfig.enabled) {
-            const user = await this.userRepository.findOne({
-                select: ['id', 'isMfaEnabled'],
-                where: { id: userId },
-            });
-            return !!user?.isMfaEnabled;
-        }
-        return false;
-    }
-    async markAsVerified(userId, deviceId) {
-        this.checkIsMfaEnabledForApp(true);
-        await this.mfaSecretRepository.update({ id: deviceId, userId }, { verified: true });
-    }
-    async enableMFA(userId) {
-        this.checkIsMfaEnabledForApp(true);
-        if (!this.mfaConfig.allowUserToggle) {
-            throw new Error('MFA toggling is not allowed');
-        }
-        await this.userRepository.update(userId, { isMfaEnabled: true });
-    }
-    async disableMFA(userId) {
-        this.checkIsMfaEnabledForApp(true);
-        if (!this.mfaConfig.allowUserToggle) {
-            throw new Error('MFA toggling is not allowed');
-        }
-        await this.userRepository.update(userId, { isMfaEnabled: false });
-    }
-    async removeTotpDevice(deviceId) {
-        this.checkIsMfaEnabledForApp(true);
-        await this.mfaSecretRepository.delete({ id: deviceId });
-    }
-    async generateRecoveryCode(userId) {
-        this.checkIsMfaEnabledForApp(true);
-        const secret = speakeasy_1.default.generateSecret({
-            name: `NestAuth:${userId}`,
-        });
-        await this.userRepository.update(userId, { mfaRecoveryCode: secret.base32 });
-        return secret.base32;
-    }
-    async resetMfa(userId, code) {
-        this.checkIsMfaEnabledForApp(true);
-        const user = await this.userRepository.findOne({ where: { id: userId } });
-        if (!user) {
-            throw new common_1.UnauthorizedException({
-                message: 'User not found',
-                code: auth_constants_1.USER_NOT_FOUND_EXCEPTION_CODE
-            });
-        }
-        if (user.mfaRecoveryCode === code) {
-            await this.userRepository.update(userId, { mfaRecoveryCode: null });
-            await this.mfaSecretRepository.delete({ userId });
-            return {
-                message: 'Recovery code verified',
-            };
-        }
-        throw new common_1.UnauthorizedException({
-            message: 'Invalid recovery code',
-            code: auth_constants_1.INVALID_MFA_EXCEPTION_CODE
-        });
-    }
-};
-exports.MfaService = MfaService;
-exports.MfaService = MfaService = tslib_1.__decorate([
-    (0, common_1.Injectable)(),
-    tslib_1.__param(0, (0, typeorm_1.InjectRepository)(mfa_secret_entity_1.MFASecret)),
-    tslib_1.__param(1, (0, typeorm_1.InjectRepository)(user_entity_1.User)),
-    tslib_1.__param(2, (0, typeorm_1.InjectRepository)(otp_entity_1.OTP)),
-    tslib_1.__param(3, (0, common_1.Inject)(auth_constants_1.AUTH_MODULE_OPTIONS)),
-    tslib_1.__metadata("design:paramtypes", [typeorm_2.Repository,
-        typeorm_2.Repository,
-        typeorm_2.Repository, Object])
-], MfaService);
-//# sourceMappingURL=mfa.service.js.map

package/src/lib/auth/services/mfa.service.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"mfa.service.js","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/auth/services/mfa.service.ts"],"names":[],"mappings":";;;;AAAA,2CAA+F;AAC/F,6CAAmD;AACnD,qCAA+C;AAC/C,6EAAkE;AAClE,kEAAkC;AAClC,4DAA4B;AAC5B,uFAAwF;AACxF,yDAAsH;AAEtH,iEAAuD;AACvD,+DAAqD;AACrD,uEAAkE;AAClE,yCAA8C;AAC9C,oDAAoB;AAIb,IAAM,UAAU,GAAhB,MAAM,UAAU;IAInB,YAEY,mBAA0C,EAG1C,cAAgC,EAGhC,aAA8B,EAGrB,OAA0B;QATnC,wBAAmB,GAAnB,mBAAmB,CAAuB;QAG1C,mBAAc,GAAd,cAAc,CAAkB;QAGhC,kBAAa,GAAb,aAAa,CAAiB;QAGrB,YAAO,GAAP,OAAO,CAAmB;QAI3C,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IACtC,CAAC;IAED,uBAAuB,CAAC,aAAsB,IAAI;QAC9C,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;YAC1B,IAAI,UAAU,EAAE,CAAC;gBACb,MAAM,IAAI,2BAAkB,CAAC,wCAAwC,CAAC,CAAC;YAC3E,CAAC;YACD,OAAO,KAAK,CAAC;QACjB,CAAC;QACD,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,MAAc;QAElC,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;QAElC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;QACjD,IAAI,CAAC,SAAS,EAAE,CAAC;YACb,OAAO,EAAE,CAAC;QACd,CAAC;QAED,MAAM,YAAY,GAAG,EAAE,CAAA;QAEvB,IAAI,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,QAAQ,CAAC,qCAAa,CAAC,KAAK,CAAC,EAAE,CAAC;YACxD,YAAY,CAAC,IAAI,CAAC,qCAAa,CAAC,KAAK,CAAC,CAAA;QAC1C,CAAC;QAED,IAAI,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,QAAQ,CAAC,qCAAa,CAAC,GAAG,CAAC,EAAE,CAAC;YACtD,YAAY,CAAC,IAAI,CAAC,qCAAa,CAAC,GAAG,CAAC,CAAA;QACxC,CAAC;QAED,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC;YACtD,KAAK,EAAE;gBACH,MAAM;aACT;SACJ,CAAC,CAAC;QAEH,IAAI,UAAU,EAAE,CAAC;YACb,YAAY,CAAC,IAAI,CAAC,qCAAa,CAAC,IAAI,CAAC,CAAA;QACzC,CAAC;QAED,OAAO,YAAY,CAAC;IACxB,CAAC;IAGD,KAAK,CAAC,WAAW,CAAC,MAAc,EAAE,MAAqB;QAEnD,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;QAElC,MAAM,IAAI,GAAG,IAAA,iBAAW,EAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAEnD,MAAM,SAAS,GAAG,IAAA,YAAE,EAAC,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAA;QAEjD,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC;YACxC,MAAM;YACN,IAAI,EAAE,2BAAW,CAAC,GAAG;YACrB,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YAC3C,IAAI;SACP,CAAC,CAAA;QACF,MAAM,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAEnC,IAAI,MAAM,KAAK,qCAAa,CAAC,KAAK,EAAE,CAAC;QAErC,CAAC;aAAM,IAAI,MAAM,KAAK,qCAAa,CAAC,GAAG,EAAE,CAAC;QAE1C,CAAC;QAED,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,MAAc,EAAE,QAAgB,EAAE,MAAqB;QAEnE,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;QAElC,IAAI,MAAM,KAAK,qCAAa,CAAC,IAAI,EAAE,CAAC;YAChC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC;gBAChD,KAAK,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE;aACpC,CAAC,CAAC;YAEH,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC3B,MAAM,OAAO,GAAG,mBAAS,CAAC,IAAI,CAAC,MAAM,CAAC;oBAClC,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,QAAQ,EAAE,QAAQ;oBAClB,KAAK,EAAE,QAAQ;oBACf,MAAM,EAAE,CAAC;iBACZ,CAAC,CAAC;gBAEH,IAAI,OAAO,EAAE,CAAC;oBAEV,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,CACjC,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EACjB,EAAE,UAAU,EAAE,IAAI,IAAI,EAAE,EAAE,CAC7B,CAAC;oBACF,OAAO,IAAI,CAAC;gBAChB,CAAC;YACL,CAAC;YACD,OAAO,KAAK,CAAC;QACjB,CAAC;QAED,IAAI,MAAM,KAAK,qCAAa,CAAC,KAAK,IAAI,MAAM,KAAK,qCAAa,CAAC,GAAG,EAAE,CAAC;YACjE,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC;gBACzC,KAAK,EAAE;oBACH,MAAM;oBACN,IAAI,EAAE,2BAAW,CAAC,GAAG;oBACrB,IAAI,EAAE,KAAK;oBACX,SAAS,EAAE,IAAA,kBAAQ,EAAC,IAAI,IAAI,EAAE,CAAC;oBAC/B,IAAI,EAAE,QAAQ;iBACjB;aACJ,CAAC,CAAC;YAEH,IAAI,CAAC,GAAG,EAAE,CAAC;gBACP,OAAO,KAAK,CAAC;YACjB,CAAC;YACD,MAAM,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACxC,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,OAAO,KAAK,CAAC;IACjB,CAAC;IAGD,KAAK,CAAC,eAAe,CAAC,MAAc,EAAE,UAAmB;QACrD,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;QAElC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;QAC1E,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;QACtC,CAAC;QAED,MAAM,MAAM,GAAG,mBAAS,CAAC,cAAc,EAAE,CAAC;QAE1C,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC;YAChC,MAAM;YACN,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,UAAU,EAAE,UAAU,IAAI,eAAe;YACzC,QAAQ,EAAE,KAAK;SAClB,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,MAAM,gBAAM,CAAC,SAAS,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QAC1D,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC;IAC7C,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,MAAc,EAAE,MAAc,EAAE,QAAgB;QAElE,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;QAElC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC;YAClD,KAAK,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE;SAC5B,CAAC,CAAC;QAEH,IAAI,MAAM,EAAE,CAAC;YACT,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;gBAClB,OAAO,IAAI,CAAC;YAChB,CAAC;YAED,MAAM,OAAO,GAAG,mBAAS,CAAC,IAAI,CAAC,MAAM,CAAC;gBAClC,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,QAAQ,EAAE,QAAQ;gBAClB,KAAK,EAAE,QAAQ;gBACf,MAAM,EAAE,CAAC;aACZ,CAAC,CAAC;YAEH,IAAI,OAAO,EAAE,CAAC;gBACV,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;gBAC7E,OAAO,IAAI,CAAC;YAChB,CAAC;QACL,CAAC;QAED,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,MAAc;QAC/B,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;QAElC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC;YAChD,MAAM,EAAE,CAAC,IAAI,EAAE,YAAY,EAAE,YAAY,EAAE,UAAU,CAAC;YACtD,KAAK,EAAE,EAAE,MAAM,EAAE;YACjB,KAAK,EAAE,EAAE,UAAU,EAAE,MAAM,EAAE;SAChC,CAAC,CAAC;QAEH,OAAO,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;YAC1B,EAAE,EAAE,MAAM,CAAC,EAAE;YACb,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,QAAQ,EAAE,MAAM,CAAC,QAAQ;SAC5B,CAAC,CAAC,CAAC;IACR,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,QAAgB;QAC/B,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;QAElC,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;IAC5D,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,MAAc;QAC9B,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;YAC1B,OAAO,KAAK,CAAC;QACjB,CAAC;QAED,IAAI,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;YAC1B,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;YAC3C,MAAM,EAAE,CAAC,IAAI,EAAE,cAAc,CAAC;YAC9B,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE;SACxB,CAAC,CAAC;QACH,OAAO,CAAC,CAAC,IAAI,EAAE,YAAY,CAAC;IAChC,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,MAAc;QAC7B,IAAI,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;YACzB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBAC3C,MAAM,EAAE,CAAC,IAAI,EAAE,cAAc,CAAC;gBAC9B,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE;aACxB,CAAC,CAAC;YACH,OAAO,CAAC,CAAC,IAAI,EAAE,YAAY,CAAC;QAChC,CAAC;QACD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,MAAc,EAAE,QAAgB;QACjD,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;QAClC,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,CACjC,EAAE,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,EACxB,EAAE,QAAQ,EAAE,IAAI,EAAE,CACrB,CAAC;IACN,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,MAAc;QAC1B,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;QAElC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,eAAe,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACnD,CAAC;QACD,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC;IACrE,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,MAAc;QAC3B,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAC;QAEnC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,eAAe,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACnD,CAAC;QACD,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC,CAAC;IACtE,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,QAAgB;QACnC,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;QAElC,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;IAC5D,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,MAAc;QACrC,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;QAElC,MAAM,MAAM,GAAG,mBAAS,CAAC,cAAc,CAAC;YACpC,IAAI,EAAE,YAAY,MAAM,EAAE;SAC7B,CAAC,CAAC;QACH,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,eAAe,EAAE,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;QAC7E,OAAO,MAAM,CAAC,MAAM,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,MAAc,EAAE,IAAY;QAEvC,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;QAElC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;QAC1E,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,MAAM,IAAI,8BAAqB,CAAC;gBAC5B,OAAO,EAAE,gBAAgB;gBACzB,IAAI,EAAE,8CAA6B;aACtC,CAAC,CAAC;QACP,CAAC;QACD,IAAI,IAAI,CAAC,eAAe,KAAK,IAAI,EAAE,CAAC;YAEhC,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,eAAe,EAAE,IAAI,EAAE,CAAC,CAAC;YAGpE,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;YAElD,OAAO;gBACH,OAAO,EAAE,wBAAwB;aACpC,CAAC;QACN,CAAC;QAED,MAAM,IAAI,8BAAqB,CAAC;YAC5B,OAAO,EAAE,uBAAuB;YAChC,IAAI,EAAE,2CAA0B;SACnC,CAAC,CAAC;IACP,CAAC;CACJ,CAAA;AAvTY,gCAAU;qBAAV,UAAU;IADtB,IAAA,mBAAU,GAAE;IAMJ,mBAAA,IAAA,0BAAgB,EAAC,6BAAS,CAAC,CAAA;IAG3B,mBAAA,IAAA,0BAAgB,EAAC,kBAAI,CAAC,CAAA;IAGtB,mBAAA,IAAA,0BAAgB,EAAC,gBAAG,CAAC,CAAA;IAGrB,mBAAA,IAAA,eAAM,EAAC,oCAAmB,CAAC,CAAA;6CARC,oBAAU;QAGf,oBAAU;QAGX,oBAAU;GAZ5B,UAAU,CAuTtB"}

package/src/lib/auth.constants.js

@@ -1,43 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.NestAuthEvents = exports.DEFAULT_GUARD_NAME = exports.REFRESH_TOKEN_COOKIE_NAME = exports.ACCESS_TOKEN_COOKIE_NAME = exports.REFRESH_TOKEN_EXPIRED = exports.REFRESH_TOKEN_INVALID = exports.USER_NOT_ACTIVE_ERROR = exports.SESSION_NOT_FOUND_ERROR = exports.INVALID_REFRESH_TOKEN_EXCEPTION_CODE = exports.INVALID_MFA_EXCEPTION_CODE = exports.UNAUTHORIZED_EXCEPTION_CODE = exports.USER_NOT_FOUND_EXCEPTION_CODE = exports.ENABLED_AUTH_PROVIDERS = exports.PHONE_AUTH_PROVIDER = exports.EMAIL_AUTH_PROVIDER = exports.APPLE_AUTH_PROVIDER = exports.FACEBOOK_AUTH_PROVIDER = exports.GOOGLE_AUTH_PROVIDER = exports.JWT_AUTH_PROVIDER = exports.AUTH_MODULE_OPTIONS = void 0;
-exports.AUTH_MODULE_OPTIONS = 'NEST_AUTH_AUTH_MODULE_OPTIONS';
-exports.JWT_AUTH_PROVIDER = 'jwt';
-exports.GOOGLE_AUTH_PROVIDER = 'google';
-exports.FACEBOOK_AUTH_PROVIDER = 'facebook';
-exports.APPLE_AUTH_PROVIDER = 'apple';
-exports.EMAIL_AUTH_PROVIDER = 'email';
-exports.PHONE_AUTH_PROVIDER = 'phone';
-exports.ENABLED_AUTH_PROVIDERS = 'NEST_AUTH_ENABLED_AUTH_PROVIDERS';
-exports.USER_NOT_FOUND_EXCEPTION_CODE = 'USER_NOT_FOUND';
-exports.UNAUTHORIZED_EXCEPTION_CODE = 'UNAUTHORIZED';
-exports.INVALID_MFA_EXCEPTION_CODE = 'INVALID_MFA';
-exports.INVALID_REFRESH_TOKEN_EXCEPTION_CODE = 'INVALID_REFRESH_TOKEN';
-exports.SESSION_NOT_FOUND_ERROR = 'SESSION_NOT_FOUND';
-exports.USER_NOT_ACTIVE_ERROR = 'USER_NOT_ACTIVE';
-exports.REFRESH_TOKEN_INVALID = 'REFRESH_TOKEN_INVALID';
-exports.REFRESH_TOKEN_EXPIRED = 'REFRESH_TOKEN_EXPIRED';
-exports.ACCESS_TOKEN_COOKIE_NAME = 'accessToken';
-exports.REFRESH_TOKEN_COOKIE_NAME = 'refreshToken';
-exports.DEFAULT_GUARD_NAME = 'web';
-exports.NestAuthEvents = {
-    LOGGED_IN: 'nest_auth.logged_in',
-    REGISTERED: 'nest_auth.registered',
-    TWO_FACTOR_VERIFIED: 'nest_auth.two_factor_verified',
-    REFRESH_TOKEN: 'nest_auth.refresh_token',
-    PASSWORD_RESET_REQUESTED: 'nest_auth.password_reset_requested',
-    PASSWORD_RESET: 'nest_auth.password_reset',
-    LOGGED_OUT: 'nest_auth.logged_out',
-    LOGGED_OUT_ALL: 'nest_auth.logged_out_all',
-    USER_CREATED: 'nest_auth.user.created',
-    USER_UPDATED: 'nest_auth.user.updated',
-    USER_DELETED: 'nest_auth.user.deleted',
-    TENANT_CREATED: 'nest_auth.tenant.created',
-    TENANT_UPDATED: 'nest_auth.tenant.updated',
-    TENANT_DELETED: 'nest_auth.tenant.deleted',
-    ACCESS_KEY_CREATED: 'nest_auth.access_key.created',
-    ACCESS_KEY_DELETED: 'nest_auth.access_key.deleted',
-    ACCESS_KEY_UPDATED: 'nest_auth.access_key.updated',
-    ACCESS_KEY_DEACTIVATED: 'nest_auth.access_key.deactivated',
-};
-//# sourceMappingURL=auth.constants.js.map

package/src/lib/auth.constants.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"auth.constants.js","sourceRoot":"","sources":["../../../../../packages/nest-auth/src/lib/auth.constants.ts"],"names":[],"mappings":";;;AAAa,QAAA,mBAAmB,GAAG,+BAA+B,CAAC;AAItD,QAAA,iBAAiB,GAAG,KAAK,CAAC;AAC1B,QAAA,oBAAoB,GAAG,QAAQ,CAAC;AAChC,QAAA,sBAAsB,GAAG,UAAU,CAAC;AACpC,QAAA,mBAAmB,GAAG,OAAO,CAAC;AAC9B,QAAA,mBAAmB,GAAG,OAAO,CAAC;AAC9B,QAAA,mBAAmB,GAAG,OAAO,CAAC;AAG9B,QAAA,sBAAsB,GAAG,kCAAkC,CAAC;AAI5D,QAAA,6BAA6B,GAAG,gBAAgB,CAAC;AACjD,QAAA,2BAA2B,GAAG,cAAc,CAAC;AAC7C,QAAA,0BAA0B,GAAG,aAAa,CAAC;AAC3C,QAAA,oCAAoC,GAAG,uBAAuB,CAAC;AAC/D,QAAA,uBAAuB,GAAG,mBAAmB,CAAC;AAC9C,QAAA,qBAAqB,GAAG,iBAAiB,CAAC;AAE1C,QAAA,qBAAqB,GAAG,uBAAuB,CAAC;AAChD,QAAA,qBAAqB,GAAG,uBAAuB,CAAC;AAIhD,QAAA,wBAAwB,GAAG,aAAa,CAAC;AACzC,QAAA,yBAAyB,GAAG,cAAc,CAAC;AAG3C,QAAA,kBAAkB,GAAG,KAAK,CAAC;AAG3B,QAAA,cAAc,GAAG;IAE1B,SAAS,EAAE,qBAAqB;IAChC,UAAU,EAAE,sBAAsB;IAClC,mBAAmB,EAAE,+BAA+B;IACpD,aAAa,EAAE,yBAAyB;IACxC,wBAAwB,EAAE,oCAAoC;IAC9D,cAAc,EAAE,0BAA0B;IAC1C,UAAU,EAAE,sBAAsB;IAClC,cAAc,EAAE,0BAA0B;IAG1C,YAAY,EAAE,wBAAwB;IACtC,YAAY,EAAE,wBAAwB;IACtC,YAAY,EAAE,wBAAwB;IAGtC,cAAc,EAAE,0BAA0B;IAC1C,cAAc,EAAE,0BAA0B;IAC1C,cAAc,EAAE,0BAA0B;IAG1C,kBAAkB,EAAE,8BAA8B;IAClD,kBAAkB,EAAE,8BAA8B;IAClD,kBAAkB,EAAE,8BAA8B;IAClD,sBAAsB,EAAE,kCAAkC;CACpD,CAAC"}

package/src/lib/core/core.module.js

@@ -1,67 +0,0 @@
-"use strict";
-var CoreModule_1;
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.CoreModule = void 0;
-const tslib_1 = require("tslib");
-const common_1 = require("@nestjs/common");
-const auth_constants_1 = require("../auth.constants");
-const auth_provider_registry_service_1 = require("./services/auth-provider-registry.service");
-const apple_auth_provider_1 = require("./providers/apple-auth.provider");
-const jwt_auth_provider_1 = require("./providers/jwt-auth.provider");
-const email_auth_provider_1 = require("./providers/email-auth.provider");
-const facebook_auth_provider_1 = require("./providers/facebook-auth.provider");
-const google_auth_provider_1 = require("./providers/google-auth.provider");
-const phone_auth_provider_1 = require("./providers/phone-auth.provider");
-const typeorm_1 = require("@nestjs/typeorm");
-const auth_identity_entity_1 = require("../user/entities/auth-identity.entity");
-const user_entity_1 = require("../user/entities/user.entity");
-const jwt_service_1 = require("./services/jwt.service");
-let CoreModule = CoreModule_1 = class CoreModule {
-    static forRoot(options) {
-        return {
-            imports: [],
-            module: CoreModule_1,
-            providers: [
-                {
-                    provide: auth_constants_1.AUTH_MODULE_OPTIONS,
-                    useValue: options,
-                },
-                {
-                    provide: auth_constants_1.ENABLED_AUTH_PROVIDERS,
-                    useFactory: (registry) => {
-                        return registry.getAllProviders();
-                    },
-                    inject: [auth_provider_registry_service_1.AuthProviderRegistryService],
-                },
-            ],
-            exports: [
-                auth_constants_1.AUTH_MODULE_OPTIONS,
-                auth_constants_1.ENABLED_AUTH_PROVIDERS,
-            ],
-        };
-    }
-};
-exports.CoreModule = CoreModule;
-exports.CoreModule = CoreModule = CoreModule_1 = tslib_1.__decorate([
-    (0, common_1.Global)(),
-    (0, common_1.Module)({
-        imports: [
-            typeorm_1.TypeOrmModule.forFeature([user_entity_1.User, auth_identity_entity_1.AuthIdentity])
-        ],
-        providers: [
-            jwt_service_1.JwtService,
-            auth_provider_registry_service_1.AuthProviderRegistryService,
-            email_auth_provider_1.EmailAuthProvider,
-            phone_auth_provider_1.PhoneAuthProvider,
-            jwt_auth_provider_1.JwtAuthProvider,
-            google_auth_provider_1.GoogleAuthProvider,
-            facebook_auth_provider_1.FacebookAuthProvider,
-            apple_auth_provider_1.AppleAuthProvider,
-        ],
-        exports: [
-            jwt_service_1.JwtService,
-            auth_provider_registry_service_1.AuthProviderRegistryService,
-        ],
-    })
-], CoreModule);
-//# sourceMappingURL=core.module.js.map

package/src/lib/core/core.module.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"core.module.js","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/core/core.module.ts"],"names":[],"mappings":";;;;;AAAA,2CAA+D;AAE/D,sDAAgF;AAChF,8FAAwF;AACxF,yEAAoE;AACpE,qEAAgE;AAChE,yEAAoE;AACpE,+EAA0E;AAC1E,2EAAsE;AACtE,yEAAoE;AACpE,6CAAgD;AAChD,gFAAqE;AACrE,8DAAoD;AACpD,wDAAoD;AAsB7C,IAAM,UAAU,kBAAhB,MAAM,UAAU;IACnB,MAAM,CAAC,OAAO,CAAC,OAA0B;QAErC,OAAO;YACH,OAAO,EAAE,EAER;YACD,MAAM,EAAE,YAAU;YAClB,SAAS,EAAE;gBACP;oBACI,OAAO,EAAE,oCAAmB;oBAC5B,QAAQ,EAAE,OAAO;iBACpB;gBACD;oBACI,OAAO,EAAE,uCAAsB;oBAC/B,UAAU,EAAE,CAAC,QAAqC,EAAE,EAAE;wBAClD,OAAO,QAAQ,CAAC,eAAe,EAAE,CAAC;oBACtC,CAAC;oBACD,MAAM,EAAE,CAAC,4DAA2B,CAAC;iBACxC;aACJ;YACD,OAAO,EAAE;gBACL,oCAAmB;gBACnB,uCAAsB;aACzB;SACJ,CAAC;IACN,CAAC;CACJ,CAAA;AA3BY,gCAAU;qBAAV,UAAU;IApBtB,IAAA,eAAM,GAAE;IACR,IAAA,eAAM,EAAC;QACJ,OAAO,EAAE;YACL,uBAAa,CAAC,UAAU,CAAC,CAAC,kBAAI,EAAE,mCAAY,CAAC,CAAC;SACjD;QACD,SAAS,EAAE;YACP,wBAAU;YACV,4DAA2B;YAC3B,uCAAiB;YACjB,uCAAiB;YACjB,mCAAe;YACf,yCAAkB;YAClB,6CAAoB;YACpB,uCAAiB;SACpB;QACD,OAAO,EAAE;YACL,wBAAU;YACV,4DAA2B;SAC9B;KACJ,CAAC;GACW,UAAU,CA2BtB"}

package/src/lib/core/decorators/role.decorator.js

@@ -1,14 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.GUARD_KEY = exports.ROLES_KEY = void 0;
-exports.NestAuthRoles = NestAuthRoles;
-exports.ROLES_KEY = 'nest_auth_roles';
-exports.GUARD_KEY = 'nest_auth_guard';
-function NestAuthRoles(roles, guard) {
-    return (target, key, descriptor) => {
-        Reflect.defineMetadata(exports.ROLES_KEY, roles, descriptor.value);
-        Reflect.defineMetadata(exports.GUARD_KEY, guard, descriptor.value);
-        return descriptor;
-    };
-}
-//# sourceMappingURL=role.decorator.js.map

package/src/lib/core/decorators/role.decorator.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"role.decorator.js","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/core/decorators/role.decorator.ts"],"names":[],"mappings":";;;AAKA,sCAMC;AAVY,QAAA,SAAS,GAAG,iBAAiB,CAAC;AAC9B,QAAA,SAAS,GAAG,iBAAiB,CAAC;AAG3C,SAAgB,aAAa,CAAC,KAAwB,EAAE,KAAc;IAClE,OAAO,CAAC,MAAW,EAAE,GAAW,EAAE,UAA8B,EAAE,EAAE;QAChE,OAAO,CAAC,cAAc,CAAC,iBAAS,EAAE,KAAK,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC;QAC3D,OAAO,CAAC,cAAc,CAAC,iBAAS,EAAE,KAAK,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC;QAC3D,OAAO,UAAU,CAAC;IACtB,CAAC,CAAC;AACN,CAAC"}

package/src/lib/core/decorators/skip-mfa.decorator.js

@@ -1,8 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.SkipMfa = exports.SKIP_MFA_KEY = void 0;
-const common_1 = require("@nestjs/common");
-exports.SKIP_MFA_KEY = 'skipMfa';
-const SkipMfa = () => (0, common_1.SetMetadata)(exports.SKIP_MFA_KEY, true);
-exports.SkipMfa = SkipMfa;
-//# sourceMappingURL=skip-mfa.decorator.js.map

package/src/lib/core/decorators/skip-mfa.decorator.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"skip-mfa.decorator.js","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/core/decorators/skip-mfa.decorator.ts"],"names":[],"mappings":";;;AAAA,2CAA6C;AAEhC,QAAA,YAAY,GAAG,SAAS,CAAC;AAC/B,MAAM,OAAO,GAAG,GAAG,EAAE,CAAC,IAAA,oBAAW,EAAC,oBAAY,EAAE,IAAI,CAAC,CAAC;AAAhD,QAAA,OAAO,WAAyC"}

package/src/lib/core/dto/message.response.dto.js

@@ -1,13 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.MessageResponseDto = void 0;
-const tslib_1 = require("tslib");
-const swagger_1 = require("@nestjs/swagger");
-class MessageResponseDto {
-}
-exports.MessageResponseDto = MessageResponseDto;
-tslib_1.__decorate([
-    (0, swagger_1.ApiProperty)({ description: 'Response message' }),
-    tslib_1.__metadata("design:type", String)
-], MessageResponseDto.prototype, "message", void 0);
-//# sourceMappingURL=message.response.dto.js.map

package/src/lib/core/dto/message.response.dto.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"message.response.dto.js","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/core/dto/message.response.dto.ts"],"names":[],"mappings":";;;;AAAA,6CAA8C;AAE9C,MAAa,kBAAkB;CAG9B;AAHD,gDAGC;AADG;IADC,IAAA,qBAAW,EAAC,EAAE,WAAW,EAAE,kBAAkB,EAAE,CAAC;;mDACjC"}

package/src/lib/core/entities.js

@@ -1,34 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.NestAuthEntities = void 0;
-const tslib_1 = require("tslib");
-const user_entity_1 = require("../user/entities/user.entity");
-const auth_identity_entity_1 = require("../user/entities/auth-identity.entity");
-const access_key_entity_1 = require("../user/entities/access-key.entity");
-const tenant_entity_1 = require("../tenant/entities/tenant.entity");
-const role_entity_1 = require("../role/entities/role.entity");
-const permission_entity_1 = require("../role/entities/permission.entity");
-const mfa_secret_entity_1 = require("../auth/entities/mfa-secret.entity");
-const otp_entity_1 = require("../auth/entities/otp.entity");
-const session_entity_1 = require("../session/entities/session.entity");
-tslib_1.__exportStar(require("../user/entities/user.entity"), exports);
-tslib_1.__exportStar(require("../user/entities/auth-identity.entity"), exports);
-tslib_1.__exportStar(require("../user/entities/access-key.entity"), exports);
-tslib_1.__exportStar(require("../tenant/entities/tenant.entity"), exports);
-tslib_1.__exportStar(require("../role/entities/role.entity"), exports);
-tslib_1.__exportStar(require("../role/entities/permission.entity"), exports);
-tslib_1.__exportStar(require("../auth/entities/mfa-secret.entity"), exports);
-tslib_1.__exportStar(require("../auth/entities/otp.entity"), exports);
-tslib_1.__exportStar(require("../session/entities/session.entity"), exports);
-exports.NestAuthEntities = [
-    user_entity_1.User,
-    auth_identity_entity_1.AuthIdentity,
-    role_entity_1.Role,
-    permission_entity_1.Permission,
-    tenant_entity_1.Tenant,
-    mfa_secret_entity_1.MFASecret,
-    session_entity_1.Session,
-    otp_entity_1.OTP,
-    access_key_entity_1.AccessKey,
-];
-//# sourceMappingURL=entities.js.map

package/src/lib/core/entities.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"entities.js","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/core/entities.ts"],"names":[],"mappings":";;;;AAAA,8DAAoD;AACpD,gFAAqE;AACrE,0EAA+D;AAC/D,oEAA0D;AAC1D,8DAAoD;AACpD,0EAAgE;AAChE,0EAA+D;AAC/D,4DAAkD;AAClD,uEAA6D;AAE7D,uEAA6C;AAC7C,gFAAsD;AACtD,6EAAmD;AACnD,2EAAiD;AACjD,uEAA6C;AAC7C,6EAAmD;AACnD,6EAAmD;AACnD,sEAA4C;AAC5C,6EAAmD;AAEtC,QAAA,gBAAgB,GAAG;IAC5B,kBAAI;IACJ,mCAAY;IACZ,kBAAI;IACJ,8BAAU;IACV,sBAAM;IACN,6BAAS;IACT,wBAAO;IACP,gBAAG;IACH,6BAAS;CACZ,CAAC"}

package/src/lib/core/guards/auth.guard.js

@@ -1,135 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.NestAuthAuthGuard = void 0;
-const tslib_1 = require("tslib");
-const common_1 = require("@nestjs/common");
-const auth_constants_1 = require("../../auth.constants");
-const core_1 = require("@nestjs/core");
-const jwt_service_1 = require("../../core/services/jwt.service");
-const auth_service_1 = require("../../auth/services/auth.service");
-const base_session_service_1 = require("../../session/services/base-session.service");
-const cookie_service_1 = require("../../auth/services/cookie.service");
-const access_key_service_1 = require("../../user/services/access-key.service");
-const skip_mfa_decorator_1 = require("../decorators/skip-mfa.decorator");
-let NestAuthAuthGuard = class NestAuthAuthGuard {
-    constructor(reflector, jwtService, authService, sessionService, cookieService, accessKeyService) {
-        this.reflector = reflector;
-        this.jwtService = jwtService;
-        this.authService = authService;
-        this.sessionService = sessionService;
-        this.cookieService = cookieService;
-        this.accessKeyService = accessKeyService;
-    }
-    async canActivate(context) {
-        const request = context.switchToHttp().getRequest();
-        const response = context.switchToHttp().getResponse();
-        const authHeader = request.headers.authorization;
-        if (!authHeader) {
-            throw new common_1.UnauthorizedException({
-                message: 'No authentication provided',
-                code: 'NO_AUTH'
-            });
-        }
-        const [type, token] = authHeader.split(' ');
-        switch (type.toLowerCase()) {
-            case 'bearer':
-                return await this.handleJwtAuth(context, request, response, token);
-            case 'apikey':
-                return await this.handleApiKeyAuth(request, token);
-            default:
-                throw new common_1.UnauthorizedException({
-                    message: 'Invalid authentication type',
-                    code: 'INVALID_AUTH_TYPE'
-                });
-        }
-    }
-    async handleJwtAuth(context, request, response, token) {
-        try {
-            const payload = await this.jwtService.verifyToken(token);
-            request['user'] = payload;
-            request['authType'] = 'jwt';
-            const session = await this.sessionService.getSession(payload.sessionId);
-            if (!session) {
-                throw new common_1.UnauthorizedException({
-                    message: 'Session not found',
-                    code: auth_constants_1.UNAUTHORIZED_EXCEPTION_CODE
-                });
-            }
-            request['session'] = session;
-            await this.checkMfa(context, payload);
-            return true;
-        }
-        catch (error) {
-            const refreshToken = this.extractRefreshToken(request);
-            if (!refreshToken) {
-                throw new common_1.UnauthorizedException({
-                    message: 'Invalid token',
-                    code: auth_constants_1.UNAUTHORIZED_EXCEPTION_CODE
-                });
-            }
-            const newSession = await this.authService.refreshToken(refreshToken);
-            this.cookieService.setTokens(response, newSession.accessToken, newSession.refreshToken);
-            const payload = await this.jwtService.verifyToken(newSession.accessToken);
-            await this.checkMfa(context, payload);
-            return true;
-        }
-    }
-    async handleApiKeyAuth(request, token) {
-        const [publicKey, privateKey] = token.split('.');
-        if (!publicKey || !privateKey) {
-            throw new common_1.UnauthorizedException({
-                message: 'Invalid API key format',
-                code: 'INVALID_API_KEY_FORMAT'
-            });
-        }
-        const isValid = await this.accessKeyService.validateAccessKey(publicKey, privateKey);
-        if (!isValid) {
-            throw new common_1.UnauthorizedException({
-                message: 'Invalid API key',
-                code: 'INVALID_API_KEY'
-            });
-        }
-        const accessKey = await this.accessKeyService.getAccessKey(publicKey);
-        await this.accessKeyService.updateAccessKeyLastUsed(publicKey);
-        request['user'] = accessKey.user;
-        request['accessKey'] = accessKey;
-        request['authType'] = 'api-key';
-        return true;
-    }
-    extractRefreshToken(request) {
-        const tokenFromCookie = request.cookies?.[auth_constants_1.REFRESH_TOKEN_COOKIE_NAME];
-        if (tokenFromCookie) {
-            return tokenFromCookie;
-        }
-        const authHeader = request.headers['x-refresh-token'];
-        if (authHeader) {
-            return authHeader;
-        }
-        return null;
-    }
-    async checkMfa(context, payload) {
-        const skipMfa = this.reflector.getAllAndOverride(skip_mfa_decorator_1.SKIP_MFA_KEY, [
-            context.getHandler(),
-            context.getClass(),
-        ]);
-        const isMfaEnabled = payload.isMfaEnabled;
-        const isMfaVerified = payload.isMfaVerified;
-        if (isMfaEnabled && !isMfaVerified && !skipMfa) {
-            throw new common_1.UnauthorizedException({
-                message: 'Multi-factor authentication is required',
-                code: auth_constants_1.UNAUTHORIZED_EXCEPTION_CODE
-            });
-        }
-    }
-};
-exports.NestAuthAuthGuard = NestAuthAuthGuard;
-exports.NestAuthAuthGuard = NestAuthAuthGuard = tslib_1.__decorate([
-    (0, common_1.Injectable)(),
-    tslib_1.__metadata("design:paramtypes", [core_1.Reflector,
-        jwt_service_1.JwtService,
-        auth_service_1.AuthService,
-        base_session_service_1.BaseSessionService,
-        cookie_service_1.CookieService,
-        access_key_service_1.AccessKeyService])
-], NestAuthAuthGuard);
-//# sourceMappingURL=auth.guard.js.map

package/src/lib/core/guards/auth.guard.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"auth.guard.js","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/core/guards/auth.guard.ts"],"names":[],"mappings":";;;;AAAA,2CAAkG;AAClG,yDAA8F;AAC9F,uCAAyC;AAEzC,iEAA6D;AAC7D,mEAA+D;AAC/D,sFAAiF;AACjF,uEAAmE;AACnE,+EAA0E;AAE1E,yEAAgE;AAGzD,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAC1B,YACY,SAAoB,EACpB,UAAsB,EACtB,WAAwB,EACxB,cAAkC,EAClC,aAA4B,EAC5B,gBAAkC;QALlC,cAAS,GAAT,SAAS,CAAW;QACpB,eAAU,GAAV,UAAU,CAAY;QACtB,gBAAW,GAAX,WAAW,CAAa;QACxB,mBAAc,GAAd,cAAc,CAAoB;QAClC,kBAAa,GAAb,aAAa,CAAe;QAC5B,qBAAgB,GAAhB,gBAAgB,CAAkB;IAC1C,CAAC;IAEL,KAAK,CAAC,WAAW,CAAC,OAAyB;QACvC,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAW,CAAC;QAC7D,MAAM,QAAQ,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,WAAW,EAAY,CAAC;QAEhE,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QACjD,IAAI,CAAC,UAAU,EAAE,CAAC;YACd,MAAM,IAAI,8BAAqB,CAAC;gBAC5B,OAAO,EAAE,4BAA4B;gBACrC,IAAI,EAAE,SAAS;aAClB,CAAC,CAAC;QACP,CAAC;QAED,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAG5C,QAAQ,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;YACzB,KAAK,QAAQ;gBACT,OAAO,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;YACvE,KAAK,QAAQ;gBACT,OAAO,MAAM,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YACvD;gBACI,MAAM,IAAI,8BAAqB,CAAC;oBAC5B,OAAO,EAAE,6BAA6B;oBACtC,IAAI,EAAE,mBAAmB;iBAC5B,CAAC,CAAC;QACX,CAAC;IAEL,CAAC;IAEO,KAAK,CAAC,aAAa,CAAC,OAAyB,EAAE,OAAgB,EAAE,QAAkB,EAAE,KAAa;QACtG,IAAI,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YACzD,OAAO,CAAC,MAAM,CAAC,GAAG,OAAO,CAAC;YAC1B,OAAO,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC;YAE5B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YACxE,IAAI,CAAC,OAAO,EAAE,CAAC;gBACX,MAAM,IAAI,8BAAqB,CAAC;oBAC5B,OAAO,EAAE,mBAAmB;oBAC5B,IAAI,EAAE,4CAA2B;iBACpC,CAAC,CAAC;YACP,CAAC;YAED,OAAO,CAAC,SAAS,CAAC,GAAG,OAAO,CAAC;YAC7B,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YACtC,OAAO,IAAI,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YAEb,MAAM,YAAY,GAAG,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC;YACvD,IAAI,CAAC,YAAY,EAAE,CAAC;gBAChB,MAAM,IAAI,8BAAqB,CAAC;oBAC5B,OAAO,EAAE,eAAe;oBACxB,IAAI,EAAE,4CAA2B;iBACpC,CAAC,CAAC;YACP,CAAC;YAED,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;YACrE,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,QAAQ,EAAE,UAAU,CAAC,WAAW,EAAE,UAAU,CAAC,YAAY,CAAC,CAAC;YAExF,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;YAC1E,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YACtC,OAAO,IAAI,CAAC;QAChB,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAAC,OAAgB,EAAE,KAAa;QAE1D,MAAM,CAAC,SAAS,EAAE,UAAU,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACjD,IAAI,CAAC,SAAS,IAAI,CAAC,UAAU,EAAE,CAAC;YAC5B,MAAM,IAAI,8BAAqB,CAAC;gBAC5B,OAAO,EAAE,wBAAwB;gBACjC,IAAI,EAAE,wBAAwB;aACjC,CAAC,CAAC;QACP,CAAC;QAGD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;QACrF,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,8BAAqB,CAAC;gBAC5B,OAAO,EAAE,iBAAiB;gBAC1B,IAAI,EAAE,iBAAiB;aAC1B,CAAC,CAAC;QACP,CAAC;QAGD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QAGtE,MAAM,IAAI,CAAC,gBAAgB,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAC;QAG/D,OAAO,CAAC,MAAM,CAAC,GAAG,SAAS,CAAC,IAAI,CAAC;QACjC,OAAO,CAAC,WAAW,CAAC,GAAG,SAAS,CAAC;QACjC,OAAO,CAAC,UAAU,CAAC,GAAG,SAAS,CAAC;QAEhC,OAAO,IAAI,CAAC;IAChB,CAAC;IAEO,mBAAmB,CAAC,OAAgB;QAExC,MAAM,eAAe,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,0CAAyB,CAAC,CAAC;QACrE,IAAI,eAAe,EAAE,CAAC;YAClB,OAAO,eAAe,CAAC;QAC3B,CAAC;QAGD,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;QACtD,IAAI,UAAU,EAAE,CAAC;YACb,OAAO,UAAoB,CAAC;QAChC,CAAC;QAED,OAAO,IAAI,CAAC;IAChB,CAAC;IAEO,KAAK,CAAC,QAAQ,CAAC,OAAyB,EAAE,OAAwB;QAEtE,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,iCAAY,EAAE;YACpE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACrB,CAAC,CAAC;QAGH,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC;QAC1C,MAAM,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC;QAG5C,IAAI,YAAY,IAAI,CAAC,aAAa,IAAI,CAAC,OAAO,EAAE,CAAC;YAC7C,MAAM,IAAI,8BAAqB,CAAC;gBAC5B,OAAO,EAAE,yCAAyC;gBAClD,IAAI,EAAE,4CAA2B;aACpC,CAAC,CAAC;QACP,CAAC;IACL,CAAC;CACJ,CAAA;AA/IY,8CAAiB;4BAAjB,iBAAiB;IAD7B,IAAA,mBAAU,GAAE;6CAGc,gBAAS;QACR,wBAAU;QACT,0BAAW;QACR,yCAAkB;QACnB,8BAAa;QACV,qCAAgB;GAPrC,iBAAiB,CA+I7B"}