@ackplus/nest-auth 0.1.51 → 1.1.0

package/src/lib/auth/guards/auth.guard.d.ts

@@ -1,28 +0,0 @@
-import { CanActivate, ExecutionContext } from '@nestjs/common';
-import { Reflector } from '@nestjs/core';
-import { JwtService } from '../../core/services/jwt.service';
-import { AuthService } from '../services/auth.service';
-import { BaseSessionService } from '../../session/services/base-session.service';
-import { CookieService } from '../services/cookie.service';
-import { AccessKeyService } from '../../user/services/access-key.service';
-export declare const OPTIONAL_AUTH_KEY = "optional_auth";
-export declare class NestAuthAuthGuard implements CanActivate {
-    private reflector;
-    private jwtService;
-    private authService;
-    private sessionService;
-    private cookieService;
-    private accessKeyService;
-    constructor(reflector: Reflector, jwtService: JwtService, authService: AuthService, sessionService: BaseSessionService, cookieService: CookieService, accessKeyService: AccessKeyService);
-    canActivate(context: ExecutionContext): Promise<boolean>;
-    private handleJwtAuth;
-    private handleApiKeyAuth;
-    private extractRefreshToken;
-    private checkMfa;
-    private checkAuthorization;
-    private getRequiredPermissions;
-    private getRequiredRoles;
-    private checkRoles;
-    private checkPermissions;
-    private getUserPermissions;
-}

package/src/lib/auth/guards/auth.guard.js

@@ -1,304 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.NestAuthAuthGuard = exports.OPTIONAL_AUTH_KEY = void 0;
-const tslib_1 = require("tslib");
-const common_1 = require("@nestjs/common");
-const auth_constants_1 = require("../../auth.constants");
-const core_1 = require("@nestjs/core");
-const jwt_service_1 = require("../../core/services/jwt.service");
-const auth_service_1 = require("../services/auth.service");
-const base_session_service_1 = require("../../session/services/base-session.service");
-const cookie_service_1 = require("../services/cookie.service");
-const access_key_service_1 = require("../../user/services/access-key.service");
-const skip_mfa_decorator_1 = require("../../core/decorators/skip-mfa.decorator");
-const permissions_decorator_1 = require("../../core/decorators/permissions.decorator");
-const role_decorator_1 = require("../../core/decorators/role.decorator");
-exports.OPTIONAL_AUTH_KEY = 'optional_auth';
-let NestAuthAuthGuard = class NestAuthAuthGuard {
-    constructor(reflector, jwtService, authService, sessionService, cookieService, accessKeyService) {
-        this.reflector = reflector;
-        this.jwtService = jwtService;
-        this.authService = authService;
-        this.sessionService = sessionService;
-        this.cookieService = cookieService;
-        this.accessKeyService = accessKeyService;
-    }
-    async canActivate(context) {
-        const request = context.switchToHttp().getRequest();
-        const response = context.switchToHttp().getResponse();
-        const isOptional = this.reflector.getAllAndOverride(exports.OPTIONAL_AUTH_KEY, [
-            context.getHandler(),
-            context.getClass(),
-        ]);
-        request['user'] = null;
-        request['session'] = null;
-        request['accessKey'] = null;
-        request['authType'] = null;
-        const authHeader = request.headers.authorization;
-        if (!authHeader) {
-            if (isOptional) {
-                return true;
-            }
-            else {
-                throw new common_1.UnauthorizedException({
-                    message: 'No authentication provided',
-                    code: 'NO_AUTH'
-                });
-            }
-        }
-        const [type, token] = authHeader.split(' ');
-        if (!type || !token) {
-            if (isOptional) {
-                return true;
-            }
-            else {
-                throw new common_1.UnauthorizedException({
-                    message: 'Invalid authentication format',
-                    code: 'INVALID_AUTH_FORMAT'
-                });
-            }
-        }
-        let isAuthenticated = false;
-        try {
-            switch (type.toLowerCase()) {
-                case 'bearer':
-                    isAuthenticated = await this.handleJwtAuth(context, request, response, token, isOptional);
-                    break;
-                case 'apikey':
-                    isAuthenticated = await this.handleApiKeyAuth(request, token, isOptional);
-                    break;
-                default:
-                    if (isOptional) {
-                        return true;
-                    }
-                    else {
-                        throw new common_1.UnauthorizedException({
-                            message: 'Invalid authentication type',
-                            code: 'INVALID_AUTH_TYPE'
-                        });
-                    }
-            }
-        }
-        catch (error) {
-            if (isOptional) {
-                return true;
-            }
-            else {
-                throw error;
-            }
-        }
-        if (!isAuthenticated && !isOptional) {
-            return false;
-        }
-        if (isAuthenticated && request['user']) {
-            await this.checkAuthorization(context, request);
-        }
-        return true;
-    }
-    async handleJwtAuth(context, request, response, token, isOptional = false) {
-        try {
-            const payload = await this.jwtService.verifyToken(token);
-            request['user'] = payload;
-            request['authType'] = 'jwt';
-            const session = await this.sessionService.getSession(payload.sessionId);
-            if (!session) {
-                if (isOptional) {
-                    request['user'] = null;
-                    request['authType'] = null;
-                    return false;
-                }
-                else {
-                    throw new common_1.UnauthorizedException({
-                        message: 'Session not found',
-                        code: auth_constants_1.UNAUTHORIZED_EXCEPTION_CODE
-                    });
-                }
-            }
-            request['session'] = session;
-            await this.checkMfa(context, payload, isOptional);
-            return true;
-        }
-        catch (error) {
-            const refreshToken = this.extractRefreshToken(request);
-            if (!refreshToken) {
-                if (isOptional) {
-                    return false;
-                }
-                else {
-                    throw new common_1.UnauthorizedException({
-                        message: 'Invalid token',
-                        code: auth_constants_1.UNAUTHORIZED_EXCEPTION_CODE
-                    });
-                }
-            }
-            try {
-                const newSession = await this.authService.refreshToken(refreshToken);
-                this.cookieService.setTokens(response, newSession.accessToken, newSession.refreshToken);
-                const payload = await this.jwtService.verifyToken(newSession.accessToken);
-                request['user'] = payload;
-                request['session'] = newSession;
-                request['authType'] = 'jwt';
-                await this.checkMfa(context, payload, isOptional);
-                return true;
-            }
-            catch (refreshError) {
-                if (isOptional) {
-                    return false;
-                }
-                else {
-                    throw refreshError;
-                }
-            }
-        }
-    }
-    async handleApiKeyAuth(request, token, isOptional = false) {
-        const [publicKey, privateKey] = token.split('.');
-        if (!publicKey || !privateKey) {
-            if (isOptional) {
-                return false;
-            }
-            else {
-                throw new common_1.UnauthorizedException({
-                    message: 'Invalid API key format',
-                    code: 'INVALID_API_KEY_FORMAT'
-                });
-            }
-        }
-        try {
-            const isValid = await this.accessKeyService.validateAccessKey(publicKey, privateKey);
-            if (!isValid) {
-                if (isOptional) {
-                    return false;
-                }
-                else {
-                    throw new common_1.UnauthorizedException({
-                        message: 'Invalid API key',
-                        code: 'INVALID_API_KEY'
-                    });
-                }
-            }
-            const accessKey = await this.accessKeyService.getAccessKey(publicKey);
-            await this.accessKeyService.updateAccessKeyLastUsed(publicKey);
-            request['user'] = accessKey.user;
-            request['accessKey'] = accessKey;
-            request['authType'] = 'api-key';
-            return true;
-        }
-        catch (error) {
-            if (isOptional) {
-                return false;
-            }
-            else {
-                throw error;
-            }
-        }
-    }
-    extractRefreshToken(request) {
-        const tokenFromCookie = request.cookies?.[auth_constants_1.REFRESH_TOKEN_COOKIE_NAME];
-        if (tokenFromCookie) {
-            return tokenFromCookie;
-        }
-        const authHeader = request.headers['x-refresh-token'];
-        if (authHeader) {
-            return authHeader;
-        }
-        return null;
-    }
-    async checkMfa(context, payload, isOptional = false) {
-        const skipMfa = this.reflector.getAllAndOverride(skip_mfa_decorator_1.SKIP_MFA_KEY, [
-            context.getHandler(),
-            context.getClass(),
-        ]);
-        const isMfaEnabled = payload.isMfaEnabled;
-        const isMfaVerified = payload.isMfaVerified;
-        if (isMfaEnabled && !isMfaVerified && !skipMfa) {
-            if (isOptional) {
-                throw new Error('MFA verification required - cannot proceed with optional auth');
-            }
-            else {
-                throw new common_1.UnauthorizedException({
-                    message: 'Multi-factor authentication is required',
-                    code: auth_constants_1.UNAUTHORIZED_EXCEPTION_CODE
-                });
-            }
-        }
-    }
-    async checkAuthorization(context, request) {
-        const requiredPermissions = this.getRequiredPermissions(context);
-        const requiredRoles = this.getRequiredRoles(context);
-        if (!requiredPermissions.length && !requiredRoles.length) {
-            return;
-        }
-        const user = request['user'];
-        if (!user) {
-            throw new common_1.ForbiddenException('Access denied: User not authenticated');
-        }
-        if (requiredRoles.length > 0) {
-            this.checkRoles(user, requiredRoles);
-        }
-        if (requiredPermissions.length > 0) {
-            this.checkPermissions(user, requiredPermissions);
-        }
-    }
-    getRequiredPermissions(context) {
-        let permissions = this.reflector.getAllAndOverride(permissions_decorator_1.PERMISSIONS_KEY, [context.getHandler(), context.getClass()]);
-        if (!permissions) {
-            return [];
-        }
-        return typeof permissions === 'string' ? [permissions] : permissions;
-    }
-    getRequiredRoles(context) {
-        let roles = this.reflector.getAllAndOverride(role_decorator_1.ROLES_KEY, [context.getHandler(), context.getClass()]);
-        if (!roles) {
-            return [];
-        }
-        return typeof roles === 'string' ? [roles] : roles;
-    }
-    checkRoles(user, requiredRoles) {
-        if (!user.roles || !Array.isArray(user.roles)) {
-            throw new common_1.ForbiddenException('Access denied: No roles assigned');
-        }
-        const userRoleNames = user.roles
-            .filter(role => role.isActive)
-            .map(role => role.name);
-        const hasAllRoles = requiredRoles.every(role => userRoleNames.includes(role));
-        if (!hasAllRoles) {
-            const missingRoles = requiredRoles.filter(role => !userRoleNames.includes(role));
-            throw new common_1.ForbiddenException(`Access denied: Missing required roles: ${missingRoles.join(', ')}`);
-        }
-    }
-    checkPermissions(user, requiredPermissions) {
-        if (!user.roles || !Array.isArray(user.roles)) {
-            throw new common_1.ForbiddenException('Access denied: No roles assigned for permission check');
-        }
-        const userPermissions = this.getUserPermissions(user.roles);
-        const hasAllPermissions = requiredPermissions.every(permission => userPermissions.includes(permission));
-        if (!hasAllPermissions) {
-            const missingPermissions = requiredPermissions.filter(permission => !userPermissions.includes(permission));
-            throw new common_1.ForbiddenException(`Access denied: Missing required permissions: ${missingPermissions.join(', ')}`);
-        }
-    }
-    getUserPermissions(roles) {
-        const permissions = new Set();
-        roles.forEach(role => {
-            if (!role.isActive) {
-                return;
-            }
-            if (role.permissions && Array.isArray(role.permissions)) {
-                role.permissions.forEach(permission => permissions.add(permission));
-            }
-        });
-        return Array.from(permissions);
-    }
-};
-exports.NestAuthAuthGuard = NestAuthAuthGuard;
-exports.NestAuthAuthGuard = NestAuthAuthGuard = tslib_1.__decorate([
-    (0, common_1.Injectable)(),
-    tslib_1.__metadata("design:paramtypes", [core_1.Reflector,
-        jwt_service_1.JwtService,
-        auth_service_1.AuthService,
-        base_session_service_1.BaseSessionService,
-        cookie_service_1.CookieService,
-        access_key_service_1.AccessKeyService])
-], NestAuthAuthGuard);
-//# sourceMappingURL=auth.guard.js.map

package/src/lib/auth/guards/auth.guard.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"auth.guard.js","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/auth/guards/auth.guard.ts"],"names":[],"mappings":";;;;AAAA,2CAAsH;AACtH,yDAA8F;AAC9F,uCAAyC;AAEzC,iEAA6D;AAC7D,2DAAuD;AACvD,sFAAiF;AACjF,+DAA2D;AAC3D,+EAA0E;AAE1E,iFAAwE;AACxE,uFAA8E;AAC9E,yEAAiE;AAGpD,QAAA,iBAAiB,GAAG,eAAe,CAAC;AAG1C,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAC1B,YACY,SAAoB,EACpB,UAAsB,EACtB,WAAwB,EACxB,cAAkC,EAClC,aAA4B,EAC5B,gBAAkC;QALlC,cAAS,GAAT,SAAS,CAAW;QACpB,eAAU,GAAV,UAAU,CAAY;QACtB,gBAAW,GAAX,WAAW,CAAa;QACxB,mBAAc,GAAd,cAAc,CAAoB;QAClC,kBAAa,GAAb,aAAa,CAAe;QAC5B,qBAAgB,GAAhB,gBAAgB,CAAkB;IAC1C,CAAC;IAEL,KAAK,CAAC,WAAW,CAAC,OAAyB;QACvC,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAW,CAAC;QAC7D,MAAM,QAAQ,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,WAAW,EAAY,CAAC;QAGhE,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,yBAAiB,EAAE;YAC5E,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACrB,CAAC,CAAC;QAGH,OAAO,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC;QACvB,OAAO,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC;QAC1B,OAAO,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC;QAC5B,OAAO,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC;QAE3B,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QAGjD,IAAI,CAAC,UAAU,EAAE,CAAC;YACd,IAAI,UAAU,EAAE,CAAC;gBAEb,OAAO,IAAI,CAAC;YAChB,CAAC;iBAAM,CAAC;gBAEJ,MAAM,IAAI,8BAAqB,CAAC;oBAC5B,OAAO,EAAE,4BAA4B;oBACrC,IAAI,EAAE,SAAS;iBAClB,CAAC,CAAC;YACP,CAAC;QACL,CAAC;QAED,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC5C,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAClB,IAAI,UAAU,EAAE,CAAC;gBACb,OAAO,IAAI,CAAC;YAChB,CAAC;iBAAM,CAAC;gBACJ,MAAM,IAAI,8BAAqB,CAAC;oBAC5B,OAAO,EAAE,+BAA+B;oBACxC,IAAI,EAAE,qBAAqB;iBAC9B,CAAC,CAAC;YACP,CAAC;QACL,CAAC;QAGD,IAAI,eAAe,GAAG,KAAK,CAAC;QAC5B,IAAI,CAAC;YACD,QAAQ,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;gBACzB,KAAK,QAAQ;oBACT,eAAe,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC;oBAC1F,MAAM;gBACV,KAAK,QAAQ;oBACT,eAAe,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC;oBAC1E,MAAM;gBACV;oBACI,IAAI,UAAU,EAAE,CAAC;wBAEb,OAAO,IAAI,CAAC;oBAChB,CAAC;yBAAM,CAAC;wBACJ,MAAM,IAAI,8BAAqB,CAAC;4BAC5B,OAAO,EAAE,6BAA6B;4BACtC,IAAI,EAAE,mBAAmB;yBAC5B,CAAC,CAAC;oBACP,CAAC;YACT,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,IAAI,UAAU,EAAE,CAAC;gBAEb,OAAO,IAAI,CAAC;YAChB,CAAC;iBAAM,CAAC;gBAEJ,MAAM,KAAK,CAAC;YAChB,CAAC;QACL,CAAC;QAGD,IAAI,CAAC,eAAe,IAAI,CAAC,UAAU,EAAE,CAAC;YAClC,OAAO,KAAK,CAAC;QACjB,CAAC;QAID,IAAI,eAAe,IAAI,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YACrC,MAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACpD,CAAC;QAED,OAAO,IAAI,CAAC;IAChB,CAAC;IAEO,KAAK,CAAC,aAAa,CAAC,OAAyB,EAAE,OAAgB,EAAE,QAAkB,EAAE,KAAa,EAAE,aAAsB,KAAK;QACnI,IAAI,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YACzD,OAAO,CAAC,MAAM,CAAC,GAAG,OAAO,CAAC;YAC1B,OAAO,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC;YAE5B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YACxE,IAAI,CAAC,OAAO,EAAE,CAAC;gBACX,IAAI,UAAU,EAAE,CAAC;oBAEb,OAAO,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC;oBACvB,OAAO,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC;oBAC3B,OAAO,KAAK,CAAC;gBACjB,CAAC;qBAAM,CAAC;oBACJ,MAAM,IAAI,8BAAqB,CAAC;wBAC5B,OAAO,EAAE,mBAAmB;wBAC5B,IAAI,EAAE,4CAA2B;qBACpC,CAAC,CAAC;gBACP,CAAC;YACL,CAAC;YAED,OAAO,CAAC,SAAS,CAAC,GAAG,OAAO,CAAC;YAC7B,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC;YAClD,OAAO,IAAI,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YAEb,MAAM,YAAY,GAAG,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC;YACvD,IAAI,CAAC,YAAY,EAAE,CAAC;gBAChB,IAAI,UAAU,EAAE,CAAC;oBAEb,OAAO,KAAK,CAAC;gBACjB,CAAC;qBAAM,CAAC;oBACJ,MAAM,IAAI,8BAAqB,CAAC;wBAC5B,OAAO,EAAE,eAAe;wBACxB,IAAI,EAAE,4CAA2B;qBACpC,CAAC,CAAC;gBACP,CAAC;YACL,CAAC;YAED,IAAI,CAAC;gBACD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;gBACrE,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,QAAQ,EAAE,UAAU,CAAC,WAAW,EAAE,UAAU,CAAC,YAAY,CAAC,CAAC;gBAExF,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;gBAC1E,OAAO,CAAC,MAAM,CAAC,GAAG,OAAO,CAAC;gBAC1B,OAAO,CAAC,SAAS,CAAC,GAAG,UAAU,CAAC;gBAChC,OAAO,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC;gBAC5B,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC;gBAClD,OAAO,IAAI,CAAC;YAChB,CAAC;YAAC,OAAO,YAAY,EAAE,CAAC;gBACpB,IAAI,UAAU,EAAE,CAAC;oBAEb,OAAO,KAAK,CAAC;gBACjB,CAAC;qBAAM,CAAC;oBACJ,MAAM,YAAY,CAAC;gBACvB,CAAC;YACL,CAAC;QACL,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAAC,OAAgB,EAAE,KAAa,EAAE,aAAsB,KAAK;QAEvF,MAAM,CAAC,SAAS,EAAE,UAAU,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACjD,IAAI,CAAC,SAAS,IAAI,CAAC,UAAU,EAAE,CAAC;YAC5B,IAAI,UAAU,EAAE,CAAC;gBAEb,OAAO,KAAK,CAAC;YACjB,CAAC;iBAAM,CAAC;gBACJ,MAAM,IAAI,8BAAqB,CAAC;oBAC5B,OAAO,EAAE,wBAAwB;oBACjC,IAAI,EAAE,wBAAwB;iBACjC,CAAC,CAAC;YACP,CAAC;QACL,CAAC;QAED,IAAI,CAAC;YAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;YACrF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACX,IAAI,UAAU,EAAE,CAAC;oBAEb,OAAO,KAAK,CAAC;gBACjB,CAAC;qBAAM,CAAC;oBACJ,MAAM,IAAI,8BAAqB,CAAC;wBAC5B,OAAO,EAAE,iBAAiB;wBAC1B,IAAI,EAAE,iBAAiB;qBAC1B,CAAC,CAAC;gBACP,CAAC;YACL,CAAC;YAGD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;YAGtE,MAAM,IAAI,CAAC,gBAAgB,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAC;YAG/D,OAAO,CAAC,MAAM,CAAC,GAAG,SAAS,CAAC,IAAI,CAAC;YACjC,OAAO,CAAC,WAAW,CAAC,GAAG,SAAS,CAAC;YACjC,OAAO,CAAC,UAAU,CAAC,GAAG,SAAS,CAAC;YAEhC,OAAO,IAAI,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,IAAI,UAAU,EAAE,CAAC;gBAEb,OAAO,KAAK,CAAC;YACjB,CAAC;iBAAM,CAAC;gBACJ,MAAM,KAAK,CAAC;YAChB,CAAC;QACL,CAAC;IACL,CAAC;IAEO,mBAAmB,CAAC,OAAgB;QAExC,MAAM,eAAe,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,0CAAyB,CAAC,CAAC;QACrE,IAAI,eAAe,EAAE,CAAC;YAClB,OAAO,eAAe,CAAC;QAC3B,CAAC;QAGD,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;QACtD,IAAI,UAAU,EAAE,CAAC;YACb,OAAO,UAAoB,CAAC;QAChC,CAAC;QAED,OAAO,IAAI,CAAC;IAChB,CAAC;IAEO,KAAK,CAAC,QAAQ,CAAC,OAAyB,EAAE,OAAwB,EAAE,aAAsB,KAAK;QAEnG,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,iCAAY,EAAE;YACpE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACrB,CAAC,CAAC;QAGH,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC;QAC1C,MAAM,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC;QAG5C,IAAI,YAAY,IAAI,CAAC,aAAa,IAAI,CAAC,OAAO,EAAE,CAAC;YAC7C,IAAI,UAAU,EAAE,CAAC;gBAGb,MAAM,IAAI,KAAK,CAAC,+DAA+D,CAAC,CAAC;YACrF,CAAC;iBAAM,CAAC;gBACJ,MAAM,IAAI,8BAAqB,CAAC;oBAC5B,OAAO,EAAE,yCAAyC;oBAClD,IAAI,EAAE,4CAA2B;iBACpC,CAAC,CAAC;YACP,CAAC;QACL,CAAC;IACL,CAAC;IAKO,KAAK,CAAC,kBAAkB,CAAC,OAAyB,EAAE,OAAgB;QAExE,MAAM,mBAAmB,GAAG,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC;QACjE,MAAM,aAAa,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QAGrD,IAAI,CAAC,mBAAmB,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC;YACvD,OAAO;QACX,CAAC;QAED,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;QAG7B,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,MAAM,IAAI,2BAAkB,CAAC,uCAAuC,CAAC,CAAC;QAC1E,CAAC;QAGD,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3B,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;QACzC,CAAC;QAGD,IAAI,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjC,IAAI,CAAC,gBAAgB,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC;QACrD,CAAC;IACL,CAAC;IAKO,sBAAsB,CAAC,OAAyB;QACpD,IAAI,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAC9C,uCAAe,EACf,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAC7C,CAAC;QAEF,IAAI,CAAC,WAAW,EAAE,CAAC;YACf,OAAO,EAAE,CAAC;QACd,CAAC;QAGD,OAAO,OAAO,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC;IACzE,CAAC;IAKO,gBAAgB,CAAC,OAAyB;QAC9C,IAAI,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CACxC,0BAAS,EACT,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAC7C,CAAC;QAEF,IAAI,CAAC,KAAK,EAAE,CAAC;YACT,OAAO,EAAE,CAAC;QACd,CAAC;QAGD,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;IACvD,CAAC;IAKO,UAAU,CAAC,IAAS,EAAE,aAAuB;QACjD,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YAC5C,MAAM,IAAI,2BAAkB,CAAC,kCAAkC,CAAC,CAAC;QACrE,CAAC;QAGD,MAAM,aAAa,GAAG,IAAI,CAAC,KAAK;aAC3B,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC;aAC7B,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAG5B,MAAM,WAAW,GAAG,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;QAE9E,IAAI,CAAC,WAAW,EAAE,CAAC;YACf,MAAM,YAAY,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;YACjF,MAAM,IAAI,2BAAkB,CACxB,0CAA0C,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACtE,CAAC;QACN,CAAC;IACL,CAAC;IAKO,gBAAgB,CAAC,IAAS,EAAE,mBAA6B;QAC7D,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YAC5C,MAAM,IAAI,2BAAkB,CAAC,uDAAuD,CAAC,CAAC;QAC1F,CAAC;QAGD,MAAM,eAAe,GAAG,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAG5D,MAAM,iBAAiB,GAAG,mBAAmB,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAC7D,eAAe,CAAC,QAAQ,CAAC,UAAU,CAAC,CACvC,CAAC;QAEF,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACrB,MAAM,kBAAkB,GAAG,mBAAmB,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAC/D,CAAC,eAAe,CAAC,QAAQ,CAAC,UAAU,CAAC,CACxC,CAAC;YAEF,MAAM,IAAI,2BAAkB,CACxB,gDAAgD,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAClF,CAAC;QACN,CAAC;IACL,CAAC;IAKO,kBAAkB,CAAC,KAAY;QACnC,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAC;QAEtC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE;YAEjB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACjB,OAAO;YACX,CAAC;YAGD,IAAI,IAAI,CAAC,WAAW,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;gBACtD,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC;YACxE,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,OAAO,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACnC,CAAC;CACJ,CAAA;AArYY,8CAAiB;4BAAjB,iBAAiB;IAD7B,IAAA,mBAAU,GAAE;6CAGc,gBAAS;QACR,wBAAU;QACT,0BAAW;QACR,yCAAkB;QACnB,8BAAa;QACV,qCAAgB;GAPrC,iBAAiB,CAqY7B"}

package/src/lib/auth/index.js

@@ -1,31 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.OPTIONAL_AUTH_KEY = void 0;
-const tslib_1 = require("tslib");
-tslib_1.__exportStar(require("./guards/auth.guard"), exports);
-var auth_guard_1 = require("./guards/auth.guard");
-Object.defineProperty(exports, "OPTIONAL_AUTH_KEY", { enumerable: true, get: function () { return auth_guard_1.OPTIONAL_AUTH_KEY; } });
-tslib_1.__exportStar(require("./events/logged-out-all.event"), exports);
-tslib_1.__exportStar(require("./events/logged-out.event"), exports);
-tslib_1.__exportStar(require("./events/password-reset-requested.event"), exports);
-tslib_1.__exportStar(require("./events/password-reset.event"), exports);
-tslib_1.__exportStar(require("./events/user-2fa-verified.event"), exports);
-tslib_1.__exportStar(require("./events/user-logged-in.event"), exports);
-tslib_1.__exportStar(require("./events/user-refresh-token.event"), exports);
-tslib_1.__exportStar(require("./events/user-registered.event"), exports);
-tslib_1.__exportStar(require("./services/auth.service"), exports);
-tslib_1.__exportStar(require("./services/cookie.service"), exports);
-tslib_1.__exportStar(require("./services/mfa.service"), exports);
-tslib_1.__exportStar(require("./controllers/auth.controller"), exports);
-tslib_1.__exportStar(require("./controllers/mfa.controller"), exports);
-tslib_1.__exportStar(require("./dto/requests/login.request.dto"), exports);
-tslib_1.__exportStar(require("./dto/requests/signup.request.dto"), exports);
-tslib_1.__exportStar(require("./dto/requests/social-login.request.dto"), exports);
-tslib_1.__exportStar(require("./dto/requests/forgot-password.request.dto"), exports);
-tslib_1.__exportStar(require("./dto/requests/reset-password.request.dto"), exports);
-tslib_1.__exportStar(require("./dto/requests/send-mfa-code.request.dto"), exports);
-tslib_1.__exportStar(require("./dto/requests/refresh-token.request.dto"), exports);
-tslib_1.__exportStar(require("./dto/requests/verify-2fa.request.dto"), exports);
-tslib_1.__exportStar(require("./dto/requests/verify-totp-setup.request.dto"), exports);
-tslib_1.__exportStar(require("./dto/responses/auth.response.dto"), exports);
-//# sourceMappingURL=index.js.map

package/src/lib/auth/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/auth/index.ts"],"names":[],"mappings":";;;;AACA,8DAAoC;AACpC,kDAAwD;AAA/C,+GAAA,iBAAiB,OAAA;AAG1B,wEAA8C;AAC9C,oEAA0C;AAC1C,kFAAwD;AACxD,wEAA8C;AAC9C,2EAAiD;AACjD,wEAA8C;AAC9C,4EAAkD;AAClD,yEAA+C;AAG/C,kEAAwC;AACxC,oEAA0C;AAC1C,iEAAuC;AAGvC,wEAA8C;AAC9C,uEAA6C;AAG7C,2EAAiD;AACjD,4EAAkD;AAClD,kFAAwD;AACxD,qFAA2D;AAC3D,oFAA0D;AAC1D,mFAAyD;AACzD,mFAAyD;AACzD,gFAAsD;AACtD,uFAA6D;AAC7D,4EAAkD"}

package/src/lib/auth/services/auth.service.d.ts

@@ -1,53 +0,0 @@
-import { Repository } from 'typeorm';
-import { NestAuthUser } from '../../user/entities/user.entity';
-import { NestAuthOTP } from '../../auth/entities/otp.entity';
-import { MfaService } from './mfa.service';
-import { JwtService } from '../../core/services/jwt.service';
-import { EventEmitter2 } from '@nestjs/event-emitter';
-import { BaseSessionService } from '../../session/services/base-session.service';
-import { SignupRequestDto } from '../dto/requests/signup.request.dto';
-import { AuthResponseDto } from '../dto/responses/auth.response.dto';
-import { LoginRequestDto } from '../dto/requests/login.request.dto';
-import { Verify2faRequestDto } from '../dto/requests/verify-2fa.request.dto';
-import { MFAMethodEnum } from '../../core/interfaces/mfa-options.interface';
-import { ForgotPasswordRequestDto } from '../dto/requests/forgot-password.request.dto';
-import { ResetPasswordRequestDto } from '../dto/requests/reset-password.request.dto';
-import { AuthProviderRegistryService } from '../../core/services/auth-provider-registry.service';
-import { TenantService } from '../../tenant/services/tenant.service';
-import { DebugLoggerService } from '../../core/services/debug-logger.service';
-import { VerifyForgotPasswordOtpRequestDto } from '../dto/requests/verify-forgot-password-otp-request-dto';
-export declare class AuthService {
-    private readonly userRepository;
-    private otpRepository;
-    private readonly authProviderRegistry;
-    private readonly mfaService;
-    private readonly sessionService;
-    private readonly jwtService;
-    private readonly eventEmitter;
-    private readonly tenantService;
-    private readonly debugLogger;
-    constructor(userRepository: Repository<NestAuthUser>, otpRepository: Repository<NestAuthOTP>, authProviderRegistry: AuthProviderRegistryService, mfaService: MfaService, sessionService: BaseSessionService, jwtService: JwtService, eventEmitter: EventEmitter2, tenantService: TenantService, debugLogger: DebugLoggerService);
-    getUserWithRolesAndPermissions(userId: string, relations?: string[]): Promise<NestAuthUser>;
-    getUser(): Promise<NestAuthUser>;
-    signup(input: SignupRequestDto): Promise<AuthResponseDto>;
-    login(input: LoginRequestDto): Promise<AuthResponseDto>;
-    verify2fa(input: Verify2faRequestDto): Promise<{
-        accessToken: string;
-        refreshToken: string;
-    }>;
-    send2faCode(userId: string, method: MFAMethodEnum): Promise<boolean>;
-    private handleSocialLogin;
-    refreshToken(refreshToken: string): Promise<{
-        accessToken: string;
-        refreshToken: string;
-    }>;
-    forgotPassword(input: ForgotPasswordRequestDto): Promise<true | {
-        message: string;
-    }>;
-    verifyForgotPasswordOtp(input: VerifyForgotPasswordOtpRequestDto): Promise<boolean>;
-    resetPassword(input: ResetPasswordRequestDto): Promise<boolean>;
-    logout(logoutType?: 'user' | 'admin' | 'system', reason?: string): Promise<boolean>;
-    logoutAll(userId: string, logoutType?: 'user' | 'admin' | 'system', reason?: string): Promise<boolean>;
-    private generateTokensPayload;
-    private generateTokensFromSession;
-}