@ackplus/nest-auth 0.1.51 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +6 -513
- package/eslint.config.mjs +59 -0
- package/jest.config.ts +10 -0
- package/package.json +14 -44
- package/project.json +86 -0
- package/src/index.ts +30 -0
- package/src/lib/admin-console/admin-console.module.ts +62 -0
- package/src/lib/admin-console/controllers/admin-auth.controller.ts +339 -0
- package/src/lib/admin-console/controllers/admin-console.controller.ts +82 -0
- package/src/lib/admin-console/controllers/admin-permissions.controller.ts +180 -0
- package/src/lib/admin-console/controllers/admin-roles.controller.ts +89 -0
- package/src/lib/admin-console/controllers/admin-tenants.controller.ts +68 -0
- package/src/lib/admin-console/controllers/admin-users.controller.ts +379 -0
- package/src/lib/admin-console/decorators/current-admin.decorator.ts +9 -0
- package/src/lib/admin-console/dto/admin-permission.dto.ts +106 -0
- package/src/lib/admin-console/dto/admin-role.dto.ts +45 -0
- package/src/lib/admin-console/dto/admin-tenant.dto.ts +43 -0
- package/src/lib/admin-console/dto/admin-user.dto.ts +87 -0
- package/src/lib/admin-console/dto/create-dashboard-admin.dto.ts +34 -0
- package/src/lib/admin-console/dto/login.dto.ts +10 -0
- package/src/lib/admin-console/dto/reset-password.dto.ts +21 -0
- package/src/lib/admin-console/dto/setup-admin.dto.ts +23 -0
- package/src/lib/admin-console/dto/signup.dto.ts +51 -0
- package/src/lib/admin-console/entities/admin-user.entity.ts +74 -0
- package/src/lib/admin-console/guards/admin-session.guard.ts +47 -0
- package/src/lib/admin-console/services/admin-auth.service.ts +82 -0
- package/src/lib/admin-console/services/admin-console-config.service.ts +62 -0
- package/src/lib/admin-console/services/admin-session.service.ts +106 -0
- package/src/lib/admin-console/services/admin-user.service.ts +96 -0
- package/src/lib/admin-console/static/index.html +771 -0
- package/src/lib/auth/auth.module.ts +58 -0
- package/src/lib/auth/controllers/auth.controller.ts +393 -0
- package/src/lib/auth/controllers/mfa.controller.ts +200 -0
- package/src/lib/auth/dto/credentials/email-credentials.dto.ts +24 -0
- package/src/lib/auth/dto/credentials/phone-credentials.dto.ts +24 -0
- package/src/lib/auth/dto/credentials/social-credentials.dto.ts +15 -0
- package/src/lib/auth/dto/index.ts +1 -0
- package/src/lib/auth/dto/requests/change-password.request.dto.ts +34 -0
- package/src/lib/auth/dto/requests/forgot-password.request.dto.ts +30 -0
- package/src/lib/auth/dto/requests/initialize-admin.request.dto.ts +51 -0
- package/src/lib/auth/dto/requests/login.request.dto.ts +65 -0
- package/src/lib/auth/dto/requests/refresh-token.request.dto.ts +12 -0
- package/src/lib/auth/dto/requests/reset-password-with-token.request.dto.ts +22 -0
- package/src/lib/auth/dto/requests/reset-password.request.dto.ts +50 -0
- package/src/lib/auth/dto/requests/send-email-verification.request.dto.ts +12 -0
- package/src/lib/auth/dto/requests/send-mfa-code.request.dto.ts +19 -0
- package/src/lib/auth/dto/requests/signup.request.dto.ts +42 -0
- package/src/lib/auth/dto/requests/toggle-mfa.request.dto.ts +12 -0
- package/src/lib/auth/dto/requests/verify-2fa.request.dto.ts +24 -0
- package/src/lib/auth/dto/requests/verify-email.request.dto.ts +22 -0
- package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.ts +41 -0
- package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.ts +22 -0
- package/src/lib/auth/dto/responses/auth-cookie.response.dto.ts +58 -0
- package/src/lib/auth/dto/responses/auth-success.response.dto.ts +58 -0
- package/src/lib/auth/dto/responses/auth.response.dto.ts +99 -0
- package/src/lib/auth/dto/responses/client-config.response.dto.ts +153 -0
- package/src/lib/auth/dto/responses/initialize-admin.response.dto.ts +22 -0
- package/src/lib/auth/dto/responses/mfa-code-response.dto.ts +27 -0
- package/src/lib/auth/dto/responses/mfa-status.response.dto.ts +89 -0
- package/src/lib/auth/dto/responses/verify-otp.response.dto.ts +9 -0
- package/src/lib/auth/entities/mfa-secret.entity.ts +33 -0
- package/src/lib/auth/entities/otp.entity.ts +33 -0
- package/src/lib/auth/events/{logged-out-all.event.d.ts → logged-out-all.event.ts} +6 -3
- package/src/lib/auth/events/{logged-out.event.d.ts → logged-out.event.ts} +5 -3
- package/src/lib/auth/events/{password-reset-requested.event.d.ts → password-reset-requested.event.ts} +6 -3
- package/src/lib/auth/events/{password-reset.event.d.ts → password-reset.event.ts} +6 -3
- package/src/lib/auth/events/{user-2fa-verified.event.d.ts → user-2fa-verified.event.ts} +6 -3
- package/src/lib/auth/events/{user-logged-in.event.d.ts → user-logged-in.event.ts} +7 -3
- package/src/lib/auth/events/{user-refresh-token.event.d.ts → user-refresh-token.event.ts} +6 -3
- package/src/lib/auth/events/{user-registered.event.d.ts → user-registered.event.ts} +7 -3
- package/src/lib/auth/guards/auth.guard.ts +386 -0
- package/src/lib/auth/{index.d.ts → index.ts} +28 -1
- package/src/lib/auth/interceptors/refresh-token.interceptor.ts +117 -0
- package/src/lib/auth/services/auth.service.ts +947 -0
- package/src/lib/auth/services/client-config.service.ts +157 -0
- package/src/lib/auth/services/cookie.service.ts +43 -0
- package/src/lib/auth/services/mfa.service.ts +391 -0
- package/src/lib/auth.constants.ts +63 -0
- package/src/lib/core/core.module.ts +50 -0
- package/src/lib/core/decorators/auth.decorator.ts +38 -0
- package/src/lib/core/decorators/permissions.decorator.ts +17 -0
- package/src/lib/core/decorators/public.decorator.ts +33 -0
- package/src/lib/core/decorators/role.decorator.ts +12 -0
- package/src/lib/core/decorators/skip-mfa.decorator.ts +4 -0
- package/src/lib/core/dto/message.response.dto.ts +6 -0
- package/src/lib/core/{entities.d.ts → entities.ts} +18 -1
- package/src/lib/core/{index.d.ts → index.ts} +17 -0
- package/src/lib/core/interfaces/auth-module-options.interface.ts +211 -0
- package/src/lib/core/interfaces/mfa-options.interface.ts +46 -0
- package/src/lib/core/interfaces/otp.interface.ts +6 -0
- package/src/lib/core/interfaces/session-options.interface.ts +19 -0
- package/src/lib/core/interfaces/{token-payload.interface.d.ts → token-payload.interface.ts} +4 -1
- package/src/lib/core/providers/apple-auth.provider.ts +61 -0
- package/src/lib/core/providers/base-auth.provider.ts +74 -0
- package/src/lib/core/providers/email-auth.provider.ts +71 -0
- package/src/lib/core/providers/facebook-auth.provider.ts +55 -0
- package/src/lib/core/providers/github-auth.provider.ts +79 -0
- package/src/lib/core/providers/google-auth.provider.ts +61 -0
- package/src/lib/core/providers/jwt-auth.provider.ts +50 -0
- package/src/lib/core/providers/phone-auth.provider.ts +45 -0
- package/src/lib/core/services/auth-config.service.ts +184 -0
- package/src/lib/core/services/auth-provider-registry.service.ts +93 -0
- package/src/lib/core/services/{debug-logger.service.js → debug-logger.service.ts} +92 -59
- package/src/lib/core/services/initialization.service.ts +29 -0
- package/src/lib/core/services/jwt.service.ts +137 -0
- package/src/lib/nest-auth.module.ts +152 -0
- package/src/lib/permission/entities/permission.entity.ts +56 -0
- package/src/lib/permission/index.ts +4 -0
- package/src/lib/permission/permission.module.ts +14 -0
- package/src/lib/permission/services/permission.service.ts +233 -0
- package/src/lib/request-context/index.ts +2 -0
- package/src/lib/request-context/request-context.middleware.ts +13 -0
- package/src/lib/request-context/{request-context.js → request-context.ts} +51 -27
- package/src/lib/role/entities/role.entity.ts +103 -0
- package/src/lib/role/{index.d.ts → index.ts} +2 -0
- package/src/lib/role/role.module.ts +15 -0
- package/src/lib/role/services/{role.service.js → role.service.ts} +117 -52
- package/src/lib/session/entities/session.entity.ts +54 -0
- package/src/lib/session/index.ts +20 -0
- package/src/lib/session/interfaces/session-repository.interface.ts +58 -0
- package/src/lib/session/repositories/base-session.repository.ts +74 -0
- package/src/lib/session/repositories/memory-session.repository.ts +153 -0
- package/src/lib/session/repositories/redis-session.repository.ts +171 -0
- package/src/lib/session/repositories/typeorm-session.repository.ts +86 -0
- package/src/lib/session/services/session-manager.service.ts +261 -0
- package/src/lib/session/session.module.ts +102 -0
- package/src/lib/session/utils/session.util.ts +166 -0
- package/src/lib/tenant/entities/tenant.entity.ts +40 -0
- package/src/lib/tenant/events/tenant-created.event.ts +9 -0
- package/src/lib/tenant/events/tenant-deleted.event.ts +11 -0
- package/src/lib/tenant/events/{tenant-updated.event.d.ts → tenant-updated.event.ts} +6 -3
- package/src/lib/tenant/index.ts +9 -0
- package/src/lib/tenant/services/tenant.service.ts +336 -0
- package/src/lib/tenant/tenant.module.ts +19 -0
- package/src/lib/types/express.d.ts +14 -0
- package/src/lib/user/dto/requests/update-user.dto.ts +15 -0
- package/src/lib/user/entities/access-key.entity.ts +53 -0
- package/src/lib/user/entities/identity.entity.ts +31 -0
- package/src/lib/user/entities/user.entity.ts +212 -0
- package/src/lib/user/events/{user-created.event.d.ts → user-created.event.ts} +4 -3
- package/src/lib/user/events/{user-deleted.event.d.ts → user-deleted.event.ts} +6 -3
- package/src/lib/user/events/{user-updated.event.d.ts → user-updated.event.ts} +6 -3
- package/src/lib/user/index.ts +11 -0
- package/src/lib/user/services/access-key.service.ts +145 -0
- package/src/lib/user/services/{user.service.js → user.service.ts} +199 -95
- package/src/lib/user/user.module.ts +26 -0
- package/src/lib/utils/database.utils.ts +6 -0
- package/src/lib/utils/date.util.ts +106 -0
- package/src/lib/utils/device.util.ts +111 -0
- package/src/lib/utils/index.ts +6 -0
- package/src/lib/utils/otp.ts +3 -0
- package/src/lib/utils/security.util.ts +27 -0
- package/src/lib/utils/slug.util.ts +58 -0
- package/src/types/ms.d.ts +1 -0
- package/test/access-key.service.spec.ts +204 -0
- package/test/auth.service.spec.ts +541 -0
- package/test/mfa.service.spec.ts +359 -0
- package/test/role.service.spec.ts +418 -0
- package/test/tenant.service.spec.ts +218 -0
- package/test/test.setup.ts +66 -0
- package/test/user.service.spec.ts +374 -0
- package/tsconfig.json +17 -0
- package/tsconfig.lib.json +15 -0
- package/tsconfig.spec.json +15 -0
- package/tsconfig.tsbuildinfo +1 -1
- package/ui/.env +1 -0
- package/ui/.env.example +1 -0
- package/ui/.eslintignore +7 -0
- package/ui/README.md +288 -0
- package/ui/index.html +17 -0
- package/ui/package.json +34 -0
- package/ui/postcss.config.js +6 -0
- package/ui/src/App.tsx +245 -0
- package/ui/src/components/AuthGuard.tsx +59 -0
- package/ui/src/components/AuthProvider.tsx +76 -0
- package/ui/src/components/Button.tsx +37 -0
- package/ui/src/components/Card.tsx +37 -0
- package/ui/src/components/ErrorMessage.tsx +15 -0
- package/ui/src/components/FormDialog.tsx +61 -0
- package/ui/src/components/FormFooter.tsx +37 -0
- package/ui/src/components/Layout.tsx +112 -0
- package/ui/src/components/LoadingMessage.tsx +11 -0
- package/ui/src/components/Modal.tsx +97 -0
- package/ui/src/components/MultiSelect.tsx +145 -0
- package/ui/src/components/PageHeader.tsx +42 -0
- package/ui/src/components/PanelHeader.tsx +28 -0
- package/ui/src/components/PermissionInput.tsx +473 -0
- package/ui/src/components/SearchInput.tsx +69 -0
- package/ui/src/components/Select.tsx +51 -0
- package/ui/src/components/SwaggerUIWrapper.tsx +316 -0
- package/ui/src/components/Table.tsx +207 -0
- package/ui/src/components/Tag.tsx +9 -0
- package/ui/src/components/TagsInput.tsx +96 -0
- package/ui/src/components/admin/AdminForm.tsx +170 -0
- package/ui/src/components/admin/CreateAdminDialog.tsx +38 -0
- package/ui/src/components/auth/LoginFooter.tsx +17 -0
- package/ui/src/components/auth/LoginHeader.tsx +14 -0
- package/ui/src/components/auth/components/CodeBlock.tsx +43 -0
- package/ui/src/components/auth/components/CreateAccountCodeExamples.tsx +60 -0
- package/ui/src/components/auth/components/PasswordRequirements.tsx +16 -0
- package/ui/src/components/auth/components/PasswordStrengthIndicator.tsx +48 -0
- package/ui/src/components/auth/components/ResetPasswordCodeExamples.tsx +76 -0
- package/ui/src/components/auth/components/Tabs.tsx +32 -0
- package/ui/src/components/auth/dialogs/CreateAccountDialog.tsx +79 -0
- package/ui/src/components/auth/dialogs/ForgotPasswordDialog.tsx +79 -0
- package/ui/src/components/auth/forms/CreateAccountForm.tsx +226 -0
- package/ui/src/components/auth/forms/LoginForm.tsx +149 -0
- package/ui/src/components/auth/forms/ResetPasswordForm.tsx +202 -0
- package/ui/src/components/auth/types.ts +17 -0
- package/ui/src/components/auth/utils/security.ts +82 -0
- package/ui/src/components/auth/utils/utils.ts +25 -0
- package/ui/src/components/form/EmailField.tsx +25 -0
- package/ui/src/components/form/FormField.tsx +102 -0
- package/ui/src/components/form/FormMultiSelect.tsx +46 -0
- package/ui/src/components/form/FormSelect.tsx +60 -0
- package/ui/src/components/form/FormTagsInput.tsx +42 -0
- package/ui/src/components/form/FormTextarea.tsx +42 -0
- package/ui/src/components/form/PasswordField.tsx +93 -0
- package/ui/src/components/form/SecretKeyField.tsx +49 -0
- package/ui/src/components/permission/CreatePermissionDialog.tsx +44 -0
- package/ui/src/components/permission/EditPermissionDialog.tsx +55 -0
- package/ui/src/components/permission/PermissionForm.tsx +251 -0
- package/ui/src/components/role/CreateRoleDialog.tsx +45 -0
- package/ui/src/components/role/EditRoleDialog.tsx +55 -0
- package/ui/src/components/role/RoleDialog.tsx +252 -0
- package/ui/src/components/role/RoleForm.tsx +246 -0
- package/ui/src/components/tenant/CreateTenantDialog.tsx +41 -0
- package/ui/src/components/tenant/EditTenantDialog.tsx +52 -0
- package/ui/src/components/tenant/TenantForm.tsx +160 -0
- package/ui/src/components/user/CreateUserDialog.tsx +45 -0
- package/ui/src/components/user/UserDetailModal.tsx +815 -0
- package/ui/src/components/user/UserForm.tsx +191 -0
- package/ui/src/data/nest-auth.json +1687 -0
- package/ui/src/hooks/useApi.ts +69 -0
- package/ui/src/hooks/useAuth.ts +100 -0
- package/ui/src/hooks/useConfirm.tsx +105 -0
- package/ui/src/hooks/useFormFooter.tsx +42 -0
- package/ui/src/hooks/usePagination.ts +69 -0
- package/ui/src/index.css +59 -0
- package/ui/src/main.tsx +13 -0
- package/ui/src/pages/AdminsPage.tsx +178 -0
- package/ui/src/pages/ApiPage.tsx +89 -0
- package/ui/src/pages/DashboardPage.tsx +281 -0
- package/ui/src/pages/LoginPage.tsx +39 -0
- package/ui/src/pages/PermissionsPage.tsx +376 -0
- package/ui/src/pages/RolesPage.tsx +274 -0
- package/ui/src/pages/TenantsPage.tsx +221 -0
- package/ui/src/pages/UsersPage.tsx +387 -0
- package/ui/src/services/api.ts +115 -0
- package/ui/src/types/index.ts +136 -0
- package/ui/src/vite-env.d.ts +9 -0
- package/ui/tailwind.config.js +45 -0
- package/ui/tsconfig.json +24 -0
- package/ui/tsconfig.node.json +10 -0
- package/ui/vite.config.ts +37 -0
- package/ui/yarn.lock +3137 -0
- package/src/index.d.ts +0 -11
- package/src/index.js +0 -18
- package/src/index.js.map +0 -1
- package/src/lib/auth/auth.module.d.ts +0 -2
- package/src/lib/auth/auth.module.js +0 -54
- package/src/lib/auth/auth.module.js.map +0 -1
- package/src/lib/auth/controllers/auth.controller.d.ts +0 -29
- package/src/lib/auth/controllers/auth.controller.js +0 -206
- package/src/lib/auth/controllers/auth.controller.js.map +0 -1
- package/src/lib/auth/controllers/mfa.controller.d.ts +0 -23
- package/src/lib/auth/controllers/mfa.controller.js +0 -131
- package/src/lib/auth/controllers/mfa.controller.js.map +0 -1
- package/src/lib/auth/dto/index.d.ts +0 -0
- package/src/lib/auth/dto/index.js +0 -1
- package/src/lib/auth/dto/index.js.map +0 -1
- package/src/lib/auth/dto/requests/forgot-password.request.dto.d.ts +0 -5
- package/src/lib/auth/dto/requests/forgot-password.request.dto.js +0 -30
- package/src/lib/auth/dto/requests/forgot-password.request.dto.js.map +0 -1
- package/src/lib/auth/dto/requests/login.request.dto.d.ts +0 -6
- package/src/lib/auth/dto/requests/login.request.dto.js +0 -38
- package/src/lib/auth/dto/requests/login.request.dto.js.map +0 -1
- package/src/lib/auth/dto/requests/refresh-token.request.dto.d.ts +0 -3
- package/src/lib/auth/dto/requests/refresh-token.request.dto.js +0 -15
- package/src/lib/auth/dto/requests/refresh-token.request.dto.js.map +0 -1
- package/src/lib/auth/dto/requests/reset-password.request.dto.d.ts +0 -7
- package/src/lib/auth/dto/requests/reset-password.request.dto.js +0 -42
- package/src/lib/auth/dto/requests/reset-password.request.dto.js.map +0 -1
- package/src/lib/auth/dto/requests/send-mfa-code.request.dto.d.ts +0 -4
- package/src/lib/auth/dto/requests/send-mfa-code.request.dto.js +0 -16
- package/src/lib/auth/dto/requests/send-mfa-code.request.dto.js.map +0 -1
- package/src/lib/auth/dto/requests/signup.request.dto.d.ts +0 -7
- package/src/lib/auth/dto/requests/signup.request.dto.js +0 -37
- package/src/lib/auth/dto/requests/signup.request.dto.js.map +0 -1
- package/src/lib/auth/dto/requests/social-login.request.dto.d.ts +0 -3
- package/src/lib/auth/dto/requests/social-login.request.dto.js +0 -16
- package/src/lib/auth/dto/requests/social-login.request.dto.js.map +0 -1
- package/src/lib/auth/dto/requests/verify-2fa.request.dto.d.ts +0 -5
- package/src/lib/auth/dto/requests/verify-2fa.request.dto.js +0 -21
- package/src/lib/auth/dto/requests/verify-2fa.request.dto.js.map +0 -1
- package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.d.ts +0 -6
- package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.js +0 -35
- package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.js.map +0 -1
- package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.d.ts +0 -4
- package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.js +0 -20
- package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.js.map +0 -1
- package/src/lib/auth/dto/responses/auth.response.dto.d.ts +0 -16
- package/src/lib/auth/dto/responses/auth.response.dto.js +0 -50
- package/src/lib/auth/dto/responses/auth.response.dto.js.map +0 -1
- package/src/lib/auth/entities/mfa-secret.entity.d.ts +0 -12
- package/src/lib/auth/entities/mfa-secret.entity.js +0 -50
- package/src/lib/auth/entities/mfa-secret.entity.js.map +0 -1
- package/src/lib/auth/entities/otp.entity.d.ts +0 -13
- package/src/lib/auth/entities/otp.entity.js +0 -50
- package/src/lib/auth/entities/otp.entity.js.map +0 -1
- package/src/lib/auth/events/logged-out-all.event.js +0 -10
- package/src/lib/auth/events/logged-out-all.event.js.map +0 -1
- package/src/lib/auth/events/logged-out.event.js +0 -10
- package/src/lib/auth/events/logged-out.event.js.map +0 -1
- package/src/lib/auth/events/password-reset-requested.event.js +0 -10
- package/src/lib/auth/events/password-reset-requested.event.js.map +0 -1
- package/src/lib/auth/events/password-reset.event.js +0 -10
- package/src/lib/auth/events/password-reset.event.js.map +0 -1
- package/src/lib/auth/events/user-2fa-verified.event.js +0 -10
- package/src/lib/auth/events/user-2fa-verified.event.js.map +0 -1
- package/src/lib/auth/events/user-logged-in.event.js +0 -10
- package/src/lib/auth/events/user-logged-in.event.js.map +0 -1
- package/src/lib/auth/events/user-refresh-token.event.js +0 -10
- package/src/lib/auth/events/user-refresh-token.event.js.map +0 -1
- package/src/lib/auth/events/user-registered.event.js +0 -10
- package/src/lib/auth/events/user-registered.event.js.map +0 -1
- package/src/lib/auth/guards/auth.guard.d.ts +0 -28
- package/src/lib/auth/guards/auth.guard.js +0 -304
- package/src/lib/auth/guards/auth.guard.js.map +0 -1
- package/src/lib/auth/index.js +0 -31
- package/src/lib/auth/index.js.map +0 -1
- package/src/lib/auth/services/auth.service.d.ts +0 -53
- package/src/lib/auth/services/auth.service.js +0 -522
- package/src/lib/auth/services/auth.service.js.map +0 -1
- package/src/lib/auth/services/cookie.service.d.ts +0 -9
- package/src/lib/auth/services/cookie.service.js +0 -43
- package/src/lib/auth/services/cookie.service.js.map +0 -1
- package/src/lib/auth/services/mfa.service.d.ts +0 -38
- package/src/lib/auth/services/mfa.service.js +0 -254
- package/src/lib/auth/services/mfa.service.js.map +0 -1
- package/src/lib/auth.constants.d.ts +0 -39
- package/src/lib/auth.constants.js +0 -43
- package/src/lib/auth.constants.js.map +0 -1
- package/src/lib/core/core.module.d.ts +0 -2
- package/src/lib/core/core.module.js +0 -53
- package/src/lib/core/core.module.js.map +0 -1
- package/src/lib/core/decorators/auth.decorator.d.ts +0 -1
- package/src/lib/core/decorators/auth.decorator.js +0 -8
- package/src/lib/core/decorators/auth.decorator.js.map +0 -1
- package/src/lib/core/decorators/permissions.decorator.d.ts +0 -2
- package/src/lib/core/decorators/permissions.decorator.js +0 -14
- package/src/lib/core/decorators/permissions.decorator.js.map +0 -1
- package/src/lib/core/decorators/role.decorator.d.ts +0 -3
- package/src/lib/core/decorators/role.decorator.js +0 -14
- package/src/lib/core/decorators/role.decorator.js.map +0 -1
- package/src/lib/core/decorators/skip-mfa.decorator.d.ts +0 -2
- package/src/lib/core/decorators/skip-mfa.decorator.js +0 -8
- package/src/lib/core/decorators/skip-mfa.decorator.js.map +0 -1
- package/src/lib/core/dto/message.response.dto.d.ts +0 -3
- package/src/lib/core/dto/message.response.dto.js +0 -13
- package/src/lib/core/dto/message.response.dto.js.map +0 -1
- package/src/lib/core/entities.js +0 -31
- package/src/lib/core/entities.js.map +0 -1
- package/src/lib/core/index.js +0 -27
- package/src/lib/core/index.js.map +0 -1
- package/src/lib/core/interfaces/auth-module-options.interface.d.ts +0 -62
- package/src/lib/core/interfaces/auth-module-options.interface.js +0 -3
- package/src/lib/core/interfaces/auth-module-options.interface.js.map +0 -1
- package/src/lib/core/interfaces/mfa-options.interface.d.ts +0 -25
- package/src/lib/core/interfaces/mfa-options.interface.js +0 -10
- package/src/lib/core/interfaces/mfa-options.interface.js.map +0 -1
- package/src/lib/core/interfaces/otp.interface.d.ts +0 -5
- package/src/lib/core/interfaces/otp.interface.js +0 -10
- package/src/lib/core/interfaces/otp.interface.js.map +0 -1
- package/src/lib/core/interfaces/session-options.interface.d.ts +0 -12
- package/src/lib/core/interfaces/session-options.interface.js +0 -9
- package/src/lib/core/interfaces/session-options.interface.js.map +0 -1
- package/src/lib/core/interfaces/token-payload.interface.js +0 -3
- package/src/lib/core/interfaces/token-payload.interface.js.map +0 -1
- package/src/lib/core/providers/apple-auth.provider.d.ts +0 -18
- package/src/lib/core/providers/apple-auth.provider.js +0 -57
- package/src/lib/core/providers/apple-auth.provider.js.map +0 -1
- package/src/lib/core/providers/base-auth.provider.d.ts +0 -26
- package/src/lib/core/providers/base-auth.provider.js +0 -43
- package/src/lib/core/providers/base-auth.provider.js.map +0 -1
- package/src/lib/core/providers/email-auth.provider.d.ts +0 -17
- package/src/lib/core/providers/email-auth.provider.js +0 -40
- package/src/lib/core/providers/email-auth.provider.js.map +0 -1
- package/src/lib/core/providers/facebook-auth.provider.d.ts +0 -18
- package/src/lib/core/providers/facebook-auth.provider.js +0 -56
- package/src/lib/core/providers/facebook-auth.provider.js.map +0 -1
- package/src/lib/core/providers/google-auth.provider.d.ts +0 -21
- package/src/lib/core/providers/google-auth.provider.js +0 -58
- package/src/lib/core/providers/google-auth.provider.js.map +0 -1
- package/src/lib/core/providers/jwt-auth.provider.d.ts +0 -33
- package/src/lib/core/providers/jwt-auth.provider.js +0 -50
- package/src/lib/core/providers/jwt-auth.provider.js.map +0 -1
- package/src/lib/core/providers/phone-auth.provider.d.ts +0 -18
- package/src/lib/core/providers/phone-auth.provider.js +0 -43
- package/src/lib/core/providers/phone-auth.provider.js.map +0 -1
- package/src/lib/core/services/auth-config.service.d.ts +0 -12
- package/src/lib/core/services/auth-config.service.js +0 -79
- package/src/lib/core/services/auth-config.service.js.map +0 -1
- package/src/lib/core/services/auth-provider-registry.service.d.ts +0 -24
- package/src/lib/core/services/auth-provider-registry.service.js +0 -71
- package/src/lib/core/services/auth-provider-registry.service.js.map +0 -1
- package/src/lib/core/services/debug-logger.service.d.ts +0 -38
- package/src/lib/core/services/debug-logger.service.js.map +0 -1
- package/src/lib/core/services/initialization.service.d.ts +0 -10
- package/src/lib/core/services/initialization.service.js +0 -34
- package/src/lib/core/services/initialization.service.js.map +0 -1
- package/src/lib/core/services/jwt.service.d.ts +0 -14
- package/src/lib/core/services/jwt.service.js +0 -92
- package/src/lib/core/services/jwt.service.js.map +0 -1
- package/src/lib/nest-auth.module.d.ts +0 -11
- package/src/lib/nest-auth.module.js +0 -177
- package/src/lib/nest-auth.module.js.map +0 -1
- package/src/lib/request-context/request-context.d.ts +0 -22
- package/src/lib/request-context/request-context.js.map +0 -1
- package/src/lib/request-context/request-context.middleware.d.ts +0 -4
- package/src/lib/request-context/request-context.middleware.js +0 -16
- package/src/lib/request-context/request-context.middleware.js.map +0 -1
- package/src/lib/role/entities/role.entity.d.ts +0 -20
- package/src/lib/role/entities/role.entity.js +0 -110
- package/src/lib/role/entities/role.entity.js.map +0 -1
- package/src/lib/role/index.js +0 -5
- package/src/lib/role/index.js.map +0 -1
- package/src/lib/role/role.module.d.ts +0 -2
- package/src/lib/role/role.module.js +0 -23
- package/src/lib/role/role.module.js.map +0 -1
- package/src/lib/role/services/role.service.d.ts +0 -20
- package/src/lib/role/services/role.service.js.map +0 -1
- package/src/lib/session/entities/session.entity.d.ts +0 -16
- package/src/lib/session/entities/session.entity.js +0 -63
- package/src/lib/session/entities/session.entity.js.map +0 -1
- package/src/lib/session/index.d.ts +0 -3
- package/src/lib/session/index.js +0 -7
- package/src/lib/session/index.js.map +0 -1
- package/src/lib/session/services/base-session.service.d.ts +0 -23
- package/src/lib/session/services/base-session.service.js +0 -64
- package/src/lib/session/services/base-session.service.js.map +0 -1
- package/src/lib/session/services/database-session.service.d.ts +0 -17
- package/src/lib/session/services/database-session.service.js +0 -51
- package/src/lib/session/services/database-session.service.js.map +0 -1
- package/src/lib/session/services/redis-session.service.d.ts +0 -20
- package/src/lib/session/services/redis-session.service.js +0 -117
- package/src/lib/session/services/redis-session.service.js.map +0 -1
- package/src/lib/session/session.module.d.ts +0 -2
- package/src/lib/session/session.module.js +0 -33
- package/src/lib/session/session.module.js.map +0 -1
- package/src/lib/tenant/entities/tenant.entity.d.ts +0 -10
- package/src/lib/tenant/entities/tenant.entity.js +0 -44
- package/src/lib/tenant/entities/tenant.entity.js.map +0 -1
- package/src/lib/tenant/events/tenant-created.event.d.ts +0 -8
- package/src/lib/tenant/events/tenant-created.event.js +0 -10
- package/src/lib/tenant/events/tenant-created.event.js.map +0 -1
- package/src/lib/tenant/events/tenant-deleted.event.d.ts +0 -8
- package/src/lib/tenant/events/tenant-deleted.event.js +0 -10
- package/src/lib/tenant/events/tenant-deleted.event.js.map +0 -1
- package/src/lib/tenant/events/tenant-updated.event.js +0 -10
- package/src/lib/tenant/events/tenant-updated.event.js.map +0 -1
- package/src/lib/tenant/index.d.ts +0 -1
- package/src/lib/tenant/index.js +0 -5
- package/src/lib/tenant/index.js.map +0 -1
- package/src/lib/tenant/services/tenant.service.d.ts +0 -26
- package/src/lib/tenant/services/tenant.service.js +0 -200
- package/src/lib/tenant/services/tenant.service.js.map +0 -1
- package/src/lib/tenant/tenant.module.d.ts +0 -2
- package/src/lib/tenant/tenant.module.js +0 -27
- package/src/lib/tenant/tenant.module.js.map +0 -1
- package/src/lib/user/dto/requests/update-user.dto.d.ts +0 -5
- package/src/lib/user/dto/requests/update-user.dto.js +0 -24
- package/src/lib/user/dto/requests/update-user.dto.js.map +0 -1
- package/src/lib/user/entities/access-key.entity.d.ts +0 -16
- package/src/lib/user/entities/access-key.entity.js +0 -63
- package/src/lib/user/entities/access-key.entity.js.map +0 -1
- package/src/lib/user/entities/identity.entity.d.ts +0 -12
- package/src/lib/user/entities/identity.entity.js +0 -47
- package/src/lib/user/entities/identity.entity.js.map +0 -1
- package/src/lib/user/entities/user.entity.d.ts +0 -39
- package/src/lib/user/entities/user.entity.js +0 -201
- package/src/lib/user/entities/user.entity.js.map +0 -1
- package/src/lib/user/events/user-created.event.js +0 -10
- package/src/lib/user/events/user-created.event.js.map +0 -1
- package/src/lib/user/events/user-deleted.event.js +0 -10
- package/src/lib/user/events/user-deleted.event.js.map +0 -1
- package/src/lib/user/events/user-updated.event.js +0 -10
- package/src/lib/user/events/user-updated.event.js.map +0 -1
- package/src/lib/user/index.d.ts +0 -3
- package/src/lib/user/index.js +0 -7
- package/src/lib/user/index.js.map +0 -1
- package/src/lib/user/services/access-key.service.d.ts +0 -19
- package/src/lib/user/services/access-key.service.js +0 -119
- package/src/lib/user/services/access-key.service.js.map +0 -1
- package/src/lib/user/services/user.service.d.ts +0 -24
- package/src/lib/user/services/user.service.js.map +0 -1
- package/src/lib/user/user.module.d.ts +0 -2
- package/src/lib/user/user.module.js +0 -34
- package/src/lib/user/user.module.js.map +0 -1
- package/src/lib/utils/database.utils.d.ts +0 -2
- package/src/lib/utils/database.utils.js +0 -8
- package/src/lib/utils/database.utils.js.map +0 -1
- package/src/lib/utils/otp.d.ts +0 -1
- package/src/lib/utils/otp.js +0 -7
- package/src/lib/utils/otp.js.map +0 -1
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
import {
|
|
2
|
+
Entity,
|
|
3
|
+
PrimaryGeneratedColumn,
|
|
4
|
+
Column,
|
|
5
|
+
CreateDateColumn,
|
|
6
|
+
UpdateDateColumn,
|
|
7
|
+
BaseEntity,
|
|
8
|
+
Index,
|
|
9
|
+
Unique,
|
|
10
|
+
} from 'typeorm';
|
|
11
|
+
import { DEFAULT_GUARD_NAME } from '../../auth.constants';
|
|
12
|
+
|
|
13
|
+
/**
|
|
14
|
+
* Permission Registry Entity
|
|
15
|
+
*
|
|
16
|
+
* This table acts as a registry/suggestions list for permissions.
|
|
17
|
+
* Roles store permission names as JSON strings (not foreign keys),
|
|
18
|
+
* so deleting a permission from this table won't break existing roles.
|
|
19
|
+
*
|
|
20
|
+
* Purpose:
|
|
21
|
+
* - Provides autocomplete/suggestions when adding permissions to roles
|
|
22
|
+
* - Prevents typos and ensures consistency
|
|
23
|
+
* - Allows tracking permission descriptions and metadata
|
|
24
|
+
* - Can be used for permission documentation/management
|
|
25
|
+
*
|
|
26
|
+
* Note: Permissions are unique per (name, guard) combination
|
|
27
|
+
*/
|
|
28
|
+
@Entity('nest_auth_permissions')
|
|
29
|
+
@Unique(['name', 'guard'])
|
|
30
|
+
export class NestAuthPermission extends BaseEntity {
|
|
31
|
+
@PrimaryGeneratedColumn('uuid')
|
|
32
|
+
id: string;
|
|
33
|
+
|
|
34
|
+
@Column()
|
|
35
|
+
@Index()
|
|
36
|
+
name: string;
|
|
37
|
+
|
|
38
|
+
@Column({ nullable: true, default: DEFAULT_GUARD_NAME })
|
|
39
|
+
@Index()
|
|
40
|
+
guard: string;
|
|
41
|
+
|
|
42
|
+
@Column({ nullable: true, type: 'text' })
|
|
43
|
+
description?: string;
|
|
44
|
+
|
|
45
|
+
@Column({ nullable: true })
|
|
46
|
+
category?: string; // e.g., 'users', 'posts', 'admin', etc.
|
|
47
|
+
|
|
48
|
+
@Column({ type: 'simple-json', nullable: true, default: '{}' })
|
|
49
|
+
metadata?: Record<string, any>;
|
|
50
|
+
|
|
51
|
+
@CreateDateColumn()
|
|
52
|
+
createdAt: Date;
|
|
53
|
+
|
|
54
|
+
@UpdateDateColumn()
|
|
55
|
+
updatedAt: Date;
|
|
56
|
+
}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import { Module } from '@nestjs/common';
|
|
2
|
+
import { TypeOrmModule } from '@nestjs/typeorm';
|
|
3
|
+
import { NestAuthPermission } from './entities/permission.entity';
|
|
4
|
+
import { PermissionService } from './services/permission.service';
|
|
5
|
+
|
|
6
|
+
@Module({
|
|
7
|
+
imports: [
|
|
8
|
+
TypeOrmModule.forFeature([NestAuthPermission]),
|
|
9
|
+
],
|
|
10
|
+
providers: [PermissionService],
|
|
11
|
+
exports: [PermissionService, TypeOrmModule],
|
|
12
|
+
})
|
|
13
|
+
export class PermissionModule { }
|
|
14
|
+
|
|
@@ -0,0 +1,233 @@
|
|
|
1
|
+
import { Injectable, ConflictException, NotFoundException } from '@nestjs/common';
|
|
2
|
+
import { InjectRepository } from '@nestjs/typeorm';
|
|
3
|
+
import { Repository, Like } from 'typeorm';
|
|
4
|
+
import { NestAuthPermission } from '../entities/permission.entity';
|
|
5
|
+
import { DEFAULT_GUARD_NAME } from '../../auth.constants';
|
|
6
|
+
|
|
7
|
+
@Injectable()
|
|
8
|
+
export class PermissionService {
|
|
9
|
+
constructor(
|
|
10
|
+
@InjectRepository(NestAuthPermission)
|
|
11
|
+
private permissionRepository: Repository<NestAuthPermission>,
|
|
12
|
+
) { }
|
|
13
|
+
|
|
14
|
+
async createPermission(data: {
|
|
15
|
+
name: string;
|
|
16
|
+
guard?: string;
|
|
17
|
+
description?: string;
|
|
18
|
+
category?: string;
|
|
19
|
+
metadata?: Record<string, any>;
|
|
20
|
+
}): Promise<NestAuthPermission> {
|
|
21
|
+
const guard = data.guard || DEFAULT_GUARD_NAME;
|
|
22
|
+
const existing = await this.permissionRepository.findOne({
|
|
23
|
+
where: { name: data.name.trim(), guard },
|
|
24
|
+
});
|
|
25
|
+
|
|
26
|
+
if (existing) {
|
|
27
|
+
throw new ConflictException(`Permission '${data.name}' with guard '${guard}' already exists`);
|
|
28
|
+
}
|
|
29
|
+
|
|
30
|
+
const permission = this.permissionRepository.create({
|
|
31
|
+
name: data.name.trim(),
|
|
32
|
+
guard,
|
|
33
|
+
description: data.description?.trim(),
|
|
34
|
+
category: data.category?.trim(),
|
|
35
|
+
metadata: data.metadata || {},
|
|
36
|
+
});
|
|
37
|
+
|
|
38
|
+
return this.permissionRepository.save(permission);
|
|
39
|
+
}
|
|
40
|
+
|
|
41
|
+
async getPermissions(options?: {
|
|
42
|
+
search?: string;
|
|
43
|
+
category?: string;
|
|
44
|
+
guard?: string;
|
|
45
|
+
limit?: number;
|
|
46
|
+
}): Promise<NestAuthPermission[]> {
|
|
47
|
+
const query = this.permissionRepository.createQueryBuilder('permission');
|
|
48
|
+
|
|
49
|
+
if (options?.search) {
|
|
50
|
+
query.where(
|
|
51
|
+
'(permission.name LIKE :search OR permission.description LIKE :search)',
|
|
52
|
+
{ search: `%${options.search}%` }
|
|
53
|
+
);
|
|
54
|
+
}
|
|
55
|
+
|
|
56
|
+
if (options?.category) {
|
|
57
|
+
query.andWhere('permission.category = :category', { category: options.category });
|
|
58
|
+
}
|
|
59
|
+
|
|
60
|
+
if (options?.guard) {
|
|
61
|
+
query.andWhere('permission.guard = :guard', { guard: options.guard });
|
|
62
|
+
}
|
|
63
|
+
|
|
64
|
+
query.orderBy('permission.name', 'ASC');
|
|
65
|
+
|
|
66
|
+
if (options?.limit) {
|
|
67
|
+
query.limit(options.limit);
|
|
68
|
+
}
|
|
69
|
+
|
|
70
|
+
return query.getMany();
|
|
71
|
+
}
|
|
72
|
+
|
|
73
|
+
async getPermissionByName(name: string, guard?: string): Promise<NestAuthPermission | null> {
|
|
74
|
+
return this.permissionRepository.findOne({
|
|
75
|
+
where: { name, guard: guard || DEFAULT_GUARD_NAME },
|
|
76
|
+
});
|
|
77
|
+
}
|
|
78
|
+
|
|
79
|
+
async getPermissionsByGuard(guard: string): Promise<NestAuthPermission[]> {
|
|
80
|
+
return this.permissionRepository.find({
|
|
81
|
+
where: { guard },
|
|
82
|
+
order: { name: 'ASC' },
|
|
83
|
+
});
|
|
84
|
+
}
|
|
85
|
+
|
|
86
|
+
async getGuards(): Promise<string[]> {
|
|
87
|
+
const result = await this.permissionRepository
|
|
88
|
+
.createQueryBuilder('permission')
|
|
89
|
+
.select('DISTINCT permission.guard', 'guard')
|
|
90
|
+
.getRawMany();
|
|
91
|
+
|
|
92
|
+
return result.map(r => r.guard).filter(Boolean).sort();
|
|
93
|
+
}
|
|
94
|
+
|
|
95
|
+
async getPermissionById(id: string): Promise<NestAuthPermission> {
|
|
96
|
+
const permission = await this.permissionRepository.findOne({
|
|
97
|
+
where: { id },
|
|
98
|
+
});
|
|
99
|
+
|
|
100
|
+
if (!permission) {
|
|
101
|
+
throw new NotFoundException(`Permission with id ${id} not found`);
|
|
102
|
+
}
|
|
103
|
+
|
|
104
|
+
return permission;
|
|
105
|
+
}
|
|
106
|
+
|
|
107
|
+
async updatePermission(
|
|
108
|
+
id: string,
|
|
109
|
+
data: {
|
|
110
|
+
name?: string;
|
|
111
|
+
guard?: string;
|
|
112
|
+
description?: string;
|
|
113
|
+
category?: string;
|
|
114
|
+
metadata?: Record<string, any>;
|
|
115
|
+
}
|
|
116
|
+
): Promise<NestAuthPermission> {
|
|
117
|
+
const permission = await this.getPermissionById(id);
|
|
118
|
+
const guard = data.guard || permission.guard;
|
|
119
|
+
|
|
120
|
+
if (data.name && data.name !== permission.name) {
|
|
121
|
+
// Check if new name already exists for this guard
|
|
122
|
+
const existing = await this.permissionRepository.findOne({
|
|
123
|
+
where: { name: data.name.trim(), guard },
|
|
124
|
+
});
|
|
125
|
+
if (existing) {
|
|
126
|
+
throw new ConflictException(`Permission '${data.name}' with guard '${guard}' already exists`);
|
|
127
|
+
}
|
|
128
|
+
permission.name = data.name.trim();
|
|
129
|
+
}
|
|
130
|
+
|
|
131
|
+
if (data.guard && data.guard !== permission.guard) {
|
|
132
|
+
// Check if permission with new guard already exists
|
|
133
|
+
const existing = await this.permissionRepository.findOne({
|
|
134
|
+
where: { name: permission.name, guard: data.guard },
|
|
135
|
+
});
|
|
136
|
+
if (existing) {
|
|
137
|
+
throw new ConflictException(`Permission '${permission.name}' with guard '${data.guard}' already exists`);
|
|
138
|
+
}
|
|
139
|
+
permission.guard = data.guard;
|
|
140
|
+
}
|
|
141
|
+
|
|
142
|
+
if (data.description !== undefined) {
|
|
143
|
+
permission.description = data.description?.trim() || null;
|
|
144
|
+
}
|
|
145
|
+
|
|
146
|
+
if (data.category !== undefined) {
|
|
147
|
+
permission.category = data.category?.trim() || null;
|
|
148
|
+
}
|
|
149
|
+
|
|
150
|
+
if (data.metadata !== undefined) {
|
|
151
|
+
permission.metadata = data.metadata || {};
|
|
152
|
+
}
|
|
153
|
+
|
|
154
|
+
return this.permissionRepository.save(permission);
|
|
155
|
+
}
|
|
156
|
+
|
|
157
|
+
async deletePermission(id: string): Promise<void> {
|
|
158
|
+
const permission = await this.getPermissionById(id);
|
|
159
|
+
await this.permissionRepository.remove(permission);
|
|
160
|
+
}
|
|
161
|
+
|
|
162
|
+
async getPermissionsByNames(names: string[]): Promise<NestAuthPermission[]> {
|
|
163
|
+
if (names.length === 0) {
|
|
164
|
+
return [];
|
|
165
|
+
}
|
|
166
|
+
return this.permissionRepository.find({
|
|
167
|
+
where: names.map(name => ({ name })),
|
|
168
|
+
});
|
|
169
|
+
}
|
|
170
|
+
|
|
171
|
+
async searchPermissions(query: string, guard?: string, limit: number = 20): Promise<NestAuthPermission[]> {
|
|
172
|
+
const whereConditions: any[] = [
|
|
173
|
+
{ name: Like(`%${query}%`) },
|
|
174
|
+
{ description: Like(`%${query}%`) },
|
|
175
|
+
];
|
|
176
|
+
|
|
177
|
+
if (guard) {
|
|
178
|
+
// Apply guard filter to all conditions
|
|
179
|
+
whereConditions.forEach(condition => {
|
|
180
|
+
condition.guard = guard;
|
|
181
|
+
});
|
|
182
|
+
}
|
|
183
|
+
|
|
184
|
+
return this.permissionRepository.find({
|
|
185
|
+
where: whereConditions,
|
|
186
|
+
take: limit,
|
|
187
|
+
order: { name: 'ASC' },
|
|
188
|
+
});
|
|
189
|
+
}
|
|
190
|
+
|
|
191
|
+
async getCategories(): Promise<string[]> {
|
|
192
|
+
const result = await this.permissionRepository
|
|
193
|
+
.createQueryBuilder('permission')
|
|
194
|
+
.select('DISTINCT permission.category', 'category')
|
|
195
|
+
.where('permission.category IS NOT NULL')
|
|
196
|
+
.getRawMany();
|
|
197
|
+
|
|
198
|
+
return result.map(r => r.category).filter(Boolean).sort();
|
|
199
|
+
}
|
|
200
|
+
|
|
201
|
+
/**
|
|
202
|
+
* Batch create permissions - useful for seeding
|
|
203
|
+
*/
|
|
204
|
+
async createPermissions(permissions: Array<{
|
|
205
|
+
name: string;
|
|
206
|
+
description?: string;
|
|
207
|
+
category?: string;
|
|
208
|
+
metadata?: Record<string, any>;
|
|
209
|
+
}>): Promise<NestAuthPermission[]> {
|
|
210
|
+
const existing = await this.permissionRepository.find({
|
|
211
|
+
where: permissions.map(p => ({ name: p.name })),
|
|
212
|
+
});
|
|
213
|
+
|
|
214
|
+
const existingNames = new Set(existing.map(p => p.name));
|
|
215
|
+
const toCreate = permissions.filter(p => !existingNames.has(p.name));
|
|
216
|
+
|
|
217
|
+
if (toCreate.length === 0) {
|
|
218
|
+
return existing;
|
|
219
|
+
}
|
|
220
|
+
|
|
221
|
+
const newPermissions = this.permissionRepository.create(
|
|
222
|
+
toCreate.map(p => ({
|
|
223
|
+
name: p.name.trim(),
|
|
224
|
+
description: p.description?.trim(),
|
|
225
|
+
category: p.category?.trim(),
|
|
226
|
+
metadata: p.metadata || {},
|
|
227
|
+
}))
|
|
228
|
+
);
|
|
229
|
+
|
|
230
|
+
const saved = await this.permissionRepository.save(newPermissions);
|
|
231
|
+
return [...existing, ...saved];
|
|
232
|
+
}
|
|
233
|
+
}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import { Injectable, NestMiddleware } from '@nestjs/common';
|
|
2
|
+
|
|
3
|
+
import { RequestContext } from './request-context';
|
|
4
|
+
|
|
5
|
+
|
|
6
|
+
@Injectable()
|
|
7
|
+
export class RequestContextMiddleware implements NestMiddleware {
|
|
8
|
+
|
|
9
|
+
use(req, res, next) {
|
|
10
|
+
RequestContext.create(req, res, next);
|
|
11
|
+
}
|
|
12
|
+
|
|
13
|
+
}
|
|
@@ -1,25 +1,42 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
class RequestContext {
|
|
6
|
-
|
|
1
|
+
import { AsyncLocalStorage } from 'async_hooks';
|
|
2
|
+
import { Request, Response } from 'express';
|
|
3
|
+
import { JWTTokenPayload, SessionPayload } from '../core/interfaces/token-payload.interface';
|
|
4
|
+
|
|
5
|
+
export class RequestContext {
|
|
6
|
+
|
|
7
|
+
private static storage = new AsyncLocalStorage<RequestContext>();
|
|
8
|
+
|
|
9
|
+
readonly id: number;
|
|
10
|
+
|
|
11
|
+
request: Request;
|
|
12
|
+
|
|
13
|
+
response: Response;
|
|
14
|
+
|
|
15
|
+
private constructor(request: Request, response: Response) {
|
|
7
16
|
this.id = Math.random();
|
|
8
17
|
this.request = request;
|
|
9
18
|
this.response = response;
|
|
10
19
|
}
|
|
11
|
-
|
|
20
|
+
|
|
21
|
+
public static create(
|
|
22
|
+
request: Request,
|
|
23
|
+
response: Response,
|
|
24
|
+
next: () => void,
|
|
25
|
+
) {
|
|
12
26
|
const context = new RequestContext(request, response);
|
|
13
27
|
RequestContext.storage.run(context, () => next());
|
|
14
28
|
}
|
|
15
|
-
|
|
29
|
+
|
|
30
|
+
public static current(): RequestContext | undefined {
|
|
16
31
|
return RequestContext.storage.getStore();
|
|
17
32
|
}
|
|
18
|
-
|
|
33
|
+
|
|
34
|
+
public static currentRequest(): Request | null {
|
|
19
35
|
const requestContext = RequestContext.current();
|
|
20
36
|
return requestContext ? requestContext.request : null;
|
|
21
37
|
}
|
|
22
|
-
|
|
38
|
+
|
|
39
|
+
public static currentUser(): JWTTokenPayload | null {
|
|
23
40
|
const request = RequestContext.currentRequest();
|
|
24
41
|
if (!request['user']) {
|
|
25
42
|
return null;
|
|
@@ -27,20 +44,23 @@ class RequestContext {
|
|
|
27
44
|
return {
|
|
28
45
|
id: request['user'].sub,
|
|
29
46
|
...request['user']
|
|
30
|
-
};
|
|
47
|
+
} as JWTTokenPayload;
|
|
31
48
|
}
|
|
32
|
-
|
|
49
|
+
|
|
50
|
+
public static currentSession(): SessionPayload | null {
|
|
33
51
|
const request = RequestContext.currentRequest();
|
|
34
52
|
return request ? request['session'] : null;
|
|
35
53
|
}
|
|
36
|
-
|
|
54
|
+
|
|
55
|
+
public static getDeviceInfo(): { deviceName: string; ipAddress: string; browser: string } {
|
|
37
56
|
return {
|
|
38
57
|
deviceName: this.getDeviceName(),
|
|
39
58
|
ipAddress: this.getIpAddress(),
|
|
40
59
|
browser: this.getBrowser(),
|
|
41
60
|
};
|
|
42
61
|
}
|
|
43
|
-
|
|
62
|
+
|
|
63
|
+
private static getDeviceName(): string {
|
|
44
64
|
const request = this.currentRequest();
|
|
45
65
|
if (!request) {
|
|
46
66
|
return 'Unknown Device';
|
|
@@ -48,51 +68,58 @@ class RequestContext {
|
|
|
48
68
|
const userAgent = request.headers['user-agent'] || 'unknown';
|
|
49
69
|
if (userAgent.includes('Windows')) {
|
|
50
70
|
return 'Windows';
|
|
51
|
-
}
|
|
52
|
-
else if (userAgent.includes('Macintosh')) {
|
|
71
|
+
} else if (userAgent.includes('Macintosh')) {
|
|
53
72
|
return 'Mac';
|
|
54
|
-
}
|
|
55
|
-
else if (userAgent.includes('Linux')) {
|
|
73
|
+
} else if (userAgent.includes('Linux')) {
|
|
56
74
|
return 'Linux';
|
|
57
|
-
}
|
|
58
|
-
else if (userAgent.includes('Android')) {
|
|
75
|
+
} else if (userAgent.includes('Android')) {
|
|
59
76
|
return 'Android';
|
|
60
|
-
}
|
|
61
|
-
else if (userAgent.includes('iPhone') || userAgent.includes('iPad')) {
|
|
77
|
+
} else if (userAgent.includes('iPhone') || userAgent.includes('iPad')) {
|
|
62
78
|
return 'iOS';
|
|
63
79
|
}
|
|
64
80
|
return 'Unknown Device';
|
|
65
81
|
}
|
|
66
|
-
|
|
82
|
+
|
|
83
|
+
private static getBrowser(): string {
|
|
67
84
|
const request = this.currentRequest();
|
|
68
85
|
if (!request) {
|
|
69
86
|
return 'unknown';
|
|
70
87
|
}
|
|
71
88
|
const userAgent = request.headers['user-agent'] || 'unknown';
|
|
89
|
+
|
|
90
|
+
// Chrome
|
|
72
91
|
if (userAgent.includes('Chrome') && !userAgent.includes('Chromium')) {
|
|
73
92
|
return 'Chrome';
|
|
74
93
|
}
|
|
94
|
+
// Firefox
|
|
75
95
|
if (userAgent.includes('Firefox')) {
|
|
76
96
|
return 'Firefox';
|
|
77
97
|
}
|
|
98
|
+
// Safari
|
|
78
99
|
if (userAgent.includes('Safari') && !userAgent.includes('Chrome')) {
|
|
79
100
|
return 'Safari';
|
|
80
101
|
}
|
|
102
|
+
// Edge
|
|
81
103
|
if (userAgent.includes('Edg')) {
|
|
82
104
|
return 'Edge';
|
|
83
105
|
}
|
|
106
|
+
// Opera
|
|
84
107
|
if (userAgent.includes('Opera') || userAgent.includes('OPR')) {
|
|
85
108
|
return 'Opera';
|
|
86
109
|
}
|
|
110
|
+
// Internet Explorer
|
|
87
111
|
if (userAgent.includes('MSIE') || userAgent.includes('Trident/')) {
|
|
88
112
|
return 'Internet Explorer';
|
|
89
113
|
}
|
|
114
|
+
// Brave
|
|
90
115
|
if (userAgent.includes('Brave')) {
|
|
91
116
|
return 'Brave';
|
|
92
117
|
}
|
|
118
|
+
|
|
93
119
|
return 'Unknown Browser';
|
|
94
120
|
}
|
|
95
|
-
|
|
121
|
+
|
|
122
|
+
private static getIpAddress(): string {
|
|
96
123
|
const request = this.currentRequest();
|
|
97
124
|
if (request) {
|
|
98
125
|
return request.ip ||
|
|
@@ -103,6 +130,3 @@ class RequestContext {
|
|
|
103
130
|
return 'unknown';
|
|
104
131
|
}
|
|
105
132
|
}
|
|
106
|
-
exports.RequestContext = RequestContext;
|
|
107
|
-
RequestContext.storage = new async_hooks_1.AsyncLocalStorage();
|
|
108
|
-
//# sourceMappingURL=request-context.js.map
|
|
@@ -0,0 +1,103 @@
|
|
|
1
|
+
import { Entity, PrimaryGeneratedColumn, Column, CreateDateColumn, UpdateDateColumn, BaseEntity, Unique, ManyToOne, RelationId, ManyToMany, JoinTable } from "typeorm";
|
|
2
|
+
import { uniq } from "lodash";
|
|
3
|
+
import { DEFAULT_GUARD_NAME } from "../../auth.constants";
|
|
4
|
+
import { NestAuthTenant } from "../../tenant/entities/tenant.entity";
|
|
5
|
+
import { BadRequestException, ConflictException } from "@nestjs/common";
|
|
6
|
+
import { NestAuthUser } from "../../user/entities/user.entity";
|
|
7
|
+
|
|
8
|
+
@Entity('nest_auth_roles')
|
|
9
|
+
@Unique(['name', 'guard', 'tenantId'])
|
|
10
|
+
export class NestAuthRole extends BaseEntity {
|
|
11
|
+
@PrimaryGeneratedColumn('uuid')
|
|
12
|
+
id: string;
|
|
13
|
+
|
|
14
|
+
@Column()
|
|
15
|
+
name: string;
|
|
16
|
+
|
|
17
|
+
@Column({ nullable: true, default: DEFAULT_GUARD_NAME })
|
|
18
|
+
guard: string;
|
|
19
|
+
|
|
20
|
+
@Column({ nullable: true })
|
|
21
|
+
@RelationId((role: NestAuthRole) => role.tenant)
|
|
22
|
+
tenantId: string;
|
|
23
|
+
|
|
24
|
+
@ManyToOne(() => NestAuthTenant, { onDelete: 'CASCADE' })
|
|
25
|
+
tenant: NestAuthTenant;
|
|
26
|
+
|
|
27
|
+
@Column({ default: false })
|
|
28
|
+
isSystem: boolean;
|
|
29
|
+
|
|
30
|
+
@Column({ default: true })
|
|
31
|
+
isActive: boolean;
|
|
32
|
+
|
|
33
|
+
@Column({
|
|
34
|
+
type: 'simple-json',
|
|
35
|
+
nullable: true,
|
|
36
|
+
default: '{}'
|
|
37
|
+
})
|
|
38
|
+
permissions: string[];
|
|
39
|
+
|
|
40
|
+
@CreateDateColumn()
|
|
41
|
+
createdAt: Date;
|
|
42
|
+
|
|
43
|
+
@UpdateDateColumn()
|
|
44
|
+
updatedAt: Date;
|
|
45
|
+
|
|
46
|
+
@ManyToMany(() => NestAuthUser, user => user.roles, { onDelete: 'CASCADE' })
|
|
47
|
+
@JoinTable({
|
|
48
|
+
name: 'nest_auth_role_nest_auth_users',
|
|
49
|
+
joinColumn: {
|
|
50
|
+
name: 'nestAuthRolesId',
|
|
51
|
+
referencedColumnName: 'id',
|
|
52
|
+
},
|
|
53
|
+
inverseJoinColumn: {
|
|
54
|
+
name: 'nestAuthUsersId',
|
|
55
|
+
referencedColumnName: 'id',
|
|
56
|
+
},
|
|
57
|
+
})
|
|
58
|
+
users: NestAuthUser[];
|
|
59
|
+
|
|
60
|
+
static async createRole(
|
|
61
|
+
name: string,
|
|
62
|
+
guard: string = DEFAULT_GUARD_NAME,
|
|
63
|
+
isSystem: boolean = false,
|
|
64
|
+
tenantId: string
|
|
65
|
+
): Promise<NestAuthRole> {
|
|
66
|
+
|
|
67
|
+
// Check if system role with same name exists
|
|
68
|
+
const existingSystemRole = await NestAuthRole.findOne({
|
|
69
|
+
where: { name, isSystem: true }
|
|
70
|
+
});
|
|
71
|
+
if (existingSystemRole) {
|
|
72
|
+
throw new ConflictException(`Cannot create role with name '${name}' as it conflicts with a system role`);
|
|
73
|
+
}
|
|
74
|
+
|
|
75
|
+
if (!isSystem && !tenantId) {
|
|
76
|
+
throw new BadRequestException('Tenant ID is required');
|
|
77
|
+
}
|
|
78
|
+
|
|
79
|
+
const role = new NestAuthRole();
|
|
80
|
+
role.name = name;
|
|
81
|
+
role.guard = guard;
|
|
82
|
+
role.isSystem = isSystem;
|
|
83
|
+
role.tenantId = isSystem ? null : tenantId;
|
|
84
|
+
await role.save();
|
|
85
|
+
return role;
|
|
86
|
+
}
|
|
87
|
+
|
|
88
|
+
async syncPermissions(permissions: string | string[]): Promise<void> {
|
|
89
|
+
const newPermissions = Array.isArray(permissions) ? permissions : [permissions];
|
|
90
|
+
this.permissions = newPermissions;
|
|
91
|
+
}
|
|
92
|
+
|
|
93
|
+
async removePermissions(permissions: string | string[]): Promise<void> {
|
|
94
|
+
const removingPermissions = Array.isArray(permissions) ? permissions : [permissions];
|
|
95
|
+
this.permissions = this.permissions.filter(permission => !removingPermissions.includes(permission));
|
|
96
|
+
}
|
|
97
|
+
|
|
98
|
+
async attachPermissions(permissions: string | string[]): Promise<void> {
|
|
99
|
+
const existingPermissions = this.permissions;
|
|
100
|
+
const newPermissions = Array.isArray(permissions) ? permissions : [permissions];
|
|
101
|
+
this.permissions = uniq([...existingPermissions, ...newPermissions]);
|
|
102
|
+
}
|
|
103
|
+
}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
import { Module } from '@nestjs/common';
|
|
2
|
+
import { TypeOrmModule } from '@nestjs/typeorm';
|
|
3
|
+
import { NestAuthRole } from './entities/role.entity';
|
|
4
|
+
import { RoleService } from './services/role.service';
|
|
5
|
+
import { TenantModule } from '../tenant/tenant.module';
|
|
6
|
+
|
|
7
|
+
@Module({
|
|
8
|
+
imports: [
|
|
9
|
+
TypeOrmModule.forFeature([NestAuthRole]),
|
|
10
|
+
TenantModule,
|
|
11
|
+
],
|
|
12
|
+
providers: [RoleService],
|
|
13
|
+
exports: [RoleService],
|
|
14
|
+
})
|
|
15
|
+
export class RoleModule { }
|