npm - @ackplus/nest-auth - Versions diffs - 0.1.51 → 1.1.1 - Mend

@ackplus/nest-auth 0.1.51 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (505) hide show

package/README.md +6 -513
package/eslint.config.mjs +59 -0
package/jest.config.ts +10 -0
package/package.json +14 -44
package/project.json +86 -0
package/src/index.ts +30 -0
package/src/lib/admin-console/admin-console.module.ts +62 -0
package/src/lib/admin-console/controllers/admin-auth.controller.ts +339 -0
package/src/lib/admin-console/controllers/admin-console.controller.ts +82 -0
package/src/lib/admin-console/controllers/admin-permissions.controller.ts +180 -0
package/src/lib/admin-console/controllers/admin-roles.controller.ts +89 -0
package/src/lib/admin-console/controllers/admin-tenants.controller.ts +68 -0
package/src/lib/admin-console/controllers/admin-users.controller.ts +379 -0
package/src/lib/admin-console/decorators/current-admin.decorator.ts +9 -0
package/src/lib/admin-console/dto/admin-permission.dto.ts +106 -0
package/src/lib/admin-console/dto/admin-role.dto.ts +45 -0
package/src/lib/admin-console/dto/admin-tenant.dto.ts +43 -0
package/src/lib/admin-console/dto/admin-user.dto.ts +87 -0
package/src/lib/admin-console/dto/create-dashboard-admin.dto.ts +34 -0
package/src/lib/admin-console/dto/login.dto.ts +10 -0
package/src/lib/admin-console/dto/reset-password.dto.ts +21 -0
package/src/lib/admin-console/dto/setup-admin.dto.ts +23 -0
package/src/lib/admin-console/dto/signup.dto.ts +51 -0
package/src/lib/admin-console/entities/admin-user.entity.ts +74 -0
package/src/lib/admin-console/guards/admin-session.guard.ts +47 -0
package/src/lib/admin-console/services/admin-auth.service.ts +82 -0
package/src/lib/admin-console/services/admin-console-config.service.ts +62 -0
package/src/lib/admin-console/services/admin-session.service.ts +106 -0
package/src/lib/admin-console/services/admin-user.service.ts +96 -0
package/src/lib/admin-console/static/index.html +771 -0
package/src/lib/auth/auth.module.ts +58 -0
package/src/lib/auth/controllers/auth.controller.ts +393 -0
package/src/lib/auth/controllers/mfa.controller.ts +200 -0
package/src/lib/auth/dto/credentials/email-credentials.dto.ts +24 -0
package/src/lib/auth/dto/credentials/phone-credentials.dto.ts +24 -0
package/src/lib/auth/dto/credentials/social-credentials.dto.ts +15 -0
package/src/lib/auth/dto/index.ts +1 -0
package/src/lib/auth/dto/requests/change-password.request.dto.ts +34 -0
package/src/lib/auth/dto/requests/forgot-password.request.dto.ts +30 -0
package/src/lib/auth/dto/requests/initialize-admin.request.dto.ts +51 -0
package/src/lib/auth/dto/requests/login.request.dto.ts +65 -0
package/src/lib/auth/dto/requests/refresh-token.request.dto.ts +12 -0
package/src/lib/auth/dto/requests/reset-password-with-token.request.dto.ts +22 -0
package/src/lib/auth/dto/requests/reset-password.request.dto.ts +50 -0
package/src/lib/auth/dto/requests/send-email-verification.request.dto.ts +12 -0
package/src/lib/auth/dto/requests/send-mfa-code.request.dto.ts +19 -0
package/src/lib/auth/dto/requests/signup.request.dto.ts +42 -0
package/src/lib/auth/dto/requests/toggle-mfa.request.dto.ts +12 -0
package/src/lib/auth/dto/requests/verify-2fa.request.dto.ts +24 -0
package/src/lib/auth/dto/requests/verify-email.request.dto.ts +22 -0
package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.ts +41 -0
package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.ts +22 -0
package/src/lib/auth/dto/responses/auth-cookie.response.dto.ts +58 -0
package/src/lib/auth/dto/responses/auth-success.response.dto.ts +58 -0
package/src/lib/auth/dto/responses/auth.response.dto.ts +99 -0
package/src/lib/auth/dto/responses/client-config.response.dto.ts +153 -0
package/src/lib/auth/dto/responses/initialize-admin.response.dto.ts +22 -0
package/src/lib/auth/dto/responses/mfa-code-response.dto.ts +27 -0
package/src/lib/auth/dto/responses/mfa-status.response.dto.ts +89 -0
package/src/lib/auth/dto/responses/verify-otp.response.dto.ts +9 -0
package/src/lib/auth/entities/mfa-secret.entity.ts +33 -0
package/src/lib/auth/entities/otp.entity.ts +33 -0
package/src/lib/auth/events/{logged-out-all.event.d.ts → logged-out-all.event.ts} +6 -3
package/src/lib/auth/events/{logged-out.event.d.ts → logged-out.event.ts} +5 -3
package/src/lib/auth/events/{password-reset-requested.event.d.ts → password-reset-requested.event.ts} +6 -3
package/src/lib/auth/events/{password-reset.event.d.ts → password-reset.event.ts} +6 -3
package/src/lib/auth/events/{user-2fa-verified.event.d.ts → user-2fa-verified.event.ts} +6 -3
package/src/lib/auth/events/{user-logged-in.event.d.ts → user-logged-in.event.ts} +7 -3
package/src/lib/auth/events/{user-refresh-token.event.d.ts → user-refresh-token.event.ts} +6 -3
package/src/lib/auth/events/{user-registered.event.d.ts → user-registered.event.ts} +7 -3
package/src/lib/auth/guards/auth.guard.ts +386 -0
package/src/lib/auth/{index.d.ts → index.ts} +28 -1
package/src/lib/auth/interceptors/refresh-token.interceptor.ts +117 -0
package/src/lib/auth/services/auth.service.ts +947 -0
package/src/lib/auth/services/client-config.service.ts +157 -0
package/src/lib/auth/services/cookie.service.ts +43 -0
package/src/lib/auth/services/mfa.service.ts +391 -0
package/src/lib/auth.constants.ts +63 -0
package/src/lib/core/core.module.ts +50 -0
package/src/lib/core/decorators/auth.decorator.ts +38 -0
package/src/lib/core/decorators/permissions.decorator.ts +17 -0
package/src/lib/core/decorators/public.decorator.ts +33 -0
package/src/lib/core/decorators/role.decorator.ts +12 -0
package/src/lib/core/decorators/skip-mfa.decorator.ts +4 -0
package/src/lib/core/dto/message.response.dto.ts +6 -0
package/src/lib/core/{entities.d.ts → entities.ts} +18 -1
package/src/lib/core/{index.d.ts → index.ts} +17 -0
package/src/lib/core/interfaces/auth-module-options.interface.ts +211 -0
package/src/lib/core/interfaces/mfa-options.interface.ts +46 -0
package/src/lib/core/interfaces/otp.interface.ts +6 -0
package/src/lib/core/interfaces/session-options.interface.ts +19 -0
package/src/lib/core/interfaces/{token-payload.interface.d.ts → token-payload.interface.ts} +4 -1
package/src/lib/core/providers/apple-auth.provider.ts +61 -0
package/src/lib/core/providers/base-auth.provider.ts +74 -0
package/src/lib/core/providers/email-auth.provider.ts +71 -0
package/src/lib/core/providers/facebook-auth.provider.ts +55 -0
package/src/lib/core/providers/github-auth.provider.ts +79 -0
package/src/lib/core/providers/google-auth.provider.ts +61 -0
package/src/lib/core/providers/jwt-auth.provider.ts +50 -0
package/src/lib/core/providers/phone-auth.provider.ts +45 -0
package/src/lib/core/services/auth-config.service.ts +184 -0
package/src/lib/core/services/auth-provider-registry.service.ts +93 -0
package/src/lib/core/services/{debug-logger.service.js → debug-logger.service.ts} +92 -59
package/src/lib/core/services/initialization.service.ts +29 -0
package/src/lib/core/services/jwt.service.ts +137 -0
package/src/lib/nest-auth.module.ts +152 -0
package/src/lib/permission/entities/permission.entity.ts +56 -0
package/src/lib/permission/index.ts +4 -0
package/src/lib/permission/permission.module.ts +14 -0
package/src/lib/permission/services/permission.service.ts +233 -0
package/src/lib/request-context/index.ts +2 -0
package/src/lib/request-context/request-context.middleware.ts +13 -0
package/src/lib/request-context/{request-context.js → request-context.ts} +51 -27
package/src/lib/role/entities/role.entity.ts +103 -0
package/src/lib/role/{index.d.ts → index.ts} +2 -0
package/src/lib/role/role.module.ts +15 -0
package/src/lib/role/services/{role.service.js → role.service.ts} +117 -52
package/src/lib/session/entities/session.entity.ts +54 -0
package/src/lib/session/index.ts +20 -0
package/src/lib/session/interfaces/session-repository.interface.ts +58 -0
package/src/lib/session/repositories/base-session.repository.ts +74 -0
package/src/lib/session/repositories/memory-session.repository.ts +153 -0
package/src/lib/session/repositories/redis-session.repository.ts +171 -0
package/src/lib/session/repositories/typeorm-session.repository.ts +86 -0
package/src/lib/session/services/session-manager.service.ts +261 -0
package/src/lib/session/session.module.ts +102 -0
package/src/lib/session/utils/session.util.ts +166 -0
package/src/lib/tenant/entities/tenant.entity.ts +40 -0
package/src/lib/tenant/events/tenant-created.event.ts +9 -0
package/src/lib/tenant/events/tenant-deleted.event.ts +11 -0
package/src/lib/tenant/events/{tenant-updated.event.d.ts → tenant-updated.event.ts} +6 -3
package/src/lib/tenant/index.ts +9 -0
package/src/lib/tenant/services/tenant.service.ts +336 -0
package/src/lib/tenant/tenant.module.ts +19 -0
package/src/lib/types/express.d.ts +14 -0
package/src/lib/user/dto/requests/update-user.dto.ts +15 -0
package/src/lib/user/entities/access-key.entity.ts +53 -0
package/src/lib/user/entities/identity.entity.ts +31 -0
package/src/lib/user/entities/user.entity.ts +212 -0
package/src/lib/user/events/{user-created.event.d.ts → user-created.event.ts} +4 -3
package/src/lib/user/events/{user-deleted.event.d.ts → user-deleted.event.ts} +6 -3
package/src/lib/user/events/{user-updated.event.d.ts → user-updated.event.ts} +6 -3
package/src/lib/user/index.ts +11 -0
package/src/lib/user/services/access-key.service.ts +145 -0
package/src/lib/user/services/{user.service.js → user.service.ts} +199 -95
package/src/lib/user/user.module.ts +26 -0
package/src/lib/utils/database.utils.ts +6 -0
package/src/lib/utils/date.util.ts +106 -0
package/src/lib/utils/device.util.ts +111 -0
package/src/lib/utils/index.ts +6 -0
package/src/lib/utils/otp.ts +3 -0
package/src/lib/utils/security.util.ts +27 -0
package/src/lib/utils/slug.util.ts +58 -0
package/src/types/ms.d.ts +1 -0
package/test/access-key.service.spec.ts +204 -0
package/test/auth.service.spec.ts +541 -0
package/test/mfa.service.spec.ts +359 -0
package/test/role.service.spec.ts +418 -0
package/test/tenant.service.spec.ts +218 -0
package/test/test.setup.ts +66 -0
package/test/user.service.spec.ts +374 -0
package/tsconfig.json +17 -0
package/tsconfig.lib.json +15 -0
package/tsconfig.spec.json +15 -0
package/tsconfig.tsbuildinfo +1 -1
package/ui/.env +1 -0
package/ui/.env.example +1 -0
package/ui/.eslintignore +7 -0
package/ui/README.md +288 -0
package/ui/index.html +17 -0
package/ui/package.json +34 -0
package/ui/postcss.config.js +6 -0
package/ui/src/App.tsx +245 -0
package/ui/src/components/AuthGuard.tsx +59 -0
package/ui/src/components/AuthProvider.tsx +76 -0
package/ui/src/components/Button.tsx +37 -0
package/ui/src/components/Card.tsx +37 -0
package/ui/src/components/ErrorMessage.tsx +15 -0
package/ui/src/components/FormDialog.tsx +61 -0
package/ui/src/components/FormFooter.tsx +37 -0
package/ui/src/components/Layout.tsx +112 -0
package/ui/src/components/LoadingMessage.tsx +11 -0
package/ui/src/components/Modal.tsx +97 -0
package/ui/src/components/MultiSelect.tsx +145 -0
package/ui/src/components/PageHeader.tsx +42 -0
package/ui/src/components/PanelHeader.tsx +28 -0
package/ui/src/components/PermissionInput.tsx +473 -0
package/ui/src/components/SearchInput.tsx +69 -0
package/ui/src/components/Select.tsx +51 -0
package/ui/src/components/SwaggerUIWrapper.tsx +316 -0
package/ui/src/components/Table.tsx +207 -0
package/ui/src/components/Tag.tsx +9 -0
package/ui/src/components/TagsInput.tsx +96 -0
package/ui/src/components/admin/AdminForm.tsx +170 -0
package/ui/src/components/admin/CreateAdminDialog.tsx +38 -0
package/ui/src/components/auth/LoginFooter.tsx +17 -0
package/ui/src/components/auth/LoginHeader.tsx +14 -0
package/ui/src/components/auth/components/CodeBlock.tsx +43 -0
package/ui/src/components/auth/components/CreateAccountCodeExamples.tsx +60 -0
package/ui/src/components/auth/components/PasswordRequirements.tsx +16 -0
package/ui/src/components/auth/components/PasswordStrengthIndicator.tsx +48 -0
package/ui/src/components/auth/components/ResetPasswordCodeExamples.tsx +76 -0
package/ui/src/components/auth/components/Tabs.tsx +32 -0
package/ui/src/components/auth/dialogs/CreateAccountDialog.tsx +79 -0
package/ui/src/components/auth/dialogs/ForgotPasswordDialog.tsx +79 -0
package/ui/src/components/auth/forms/CreateAccountForm.tsx +226 -0
package/ui/src/components/auth/forms/LoginForm.tsx +149 -0
package/ui/src/components/auth/forms/ResetPasswordForm.tsx +202 -0
package/ui/src/components/auth/types.ts +17 -0
package/ui/src/components/auth/utils/security.ts +82 -0
package/ui/src/components/auth/utils/utils.ts +25 -0
package/ui/src/components/form/EmailField.tsx +25 -0
package/ui/src/components/form/FormField.tsx +102 -0
package/ui/src/components/form/FormMultiSelect.tsx +46 -0
package/ui/src/components/form/FormSelect.tsx +60 -0
package/ui/src/components/form/FormTagsInput.tsx +42 -0
package/ui/src/components/form/FormTextarea.tsx +42 -0
package/ui/src/components/form/PasswordField.tsx +93 -0
package/ui/src/components/form/SecretKeyField.tsx +49 -0
package/ui/src/components/permission/CreatePermissionDialog.tsx +44 -0
package/ui/src/components/permission/EditPermissionDialog.tsx +55 -0
package/ui/src/components/permission/PermissionForm.tsx +251 -0
package/ui/src/components/role/CreateRoleDialog.tsx +45 -0
package/ui/src/components/role/EditRoleDialog.tsx +55 -0
package/ui/src/components/role/RoleDialog.tsx +252 -0
package/ui/src/components/role/RoleForm.tsx +246 -0
package/ui/src/components/tenant/CreateTenantDialog.tsx +41 -0
package/ui/src/components/tenant/EditTenantDialog.tsx +52 -0
package/ui/src/components/tenant/TenantForm.tsx +160 -0
package/ui/src/components/user/CreateUserDialog.tsx +45 -0
package/ui/src/components/user/UserDetailModal.tsx +815 -0
package/ui/src/components/user/UserForm.tsx +191 -0
package/ui/src/data/nest-auth.json +1687 -0
package/ui/src/hooks/useApi.ts +69 -0
package/ui/src/hooks/useAuth.ts +100 -0
package/ui/src/hooks/useConfirm.tsx +105 -0
package/ui/src/hooks/useFormFooter.tsx +42 -0
package/ui/src/hooks/usePagination.ts +69 -0
package/ui/src/index.css +59 -0
package/ui/src/main.tsx +13 -0
package/ui/src/pages/AdminsPage.tsx +178 -0
package/ui/src/pages/ApiPage.tsx +89 -0
package/ui/src/pages/DashboardPage.tsx +281 -0
package/ui/src/pages/LoginPage.tsx +39 -0
package/ui/src/pages/PermissionsPage.tsx +376 -0
package/ui/src/pages/RolesPage.tsx +274 -0
package/ui/src/pages/TenantsPage.tsx +221 -0
package/ui/src/pages/UsersPage.tsx +387 -0
package/ui/src/services/api.ts +115 -0
package/ui/src/types/index.ts +136 -0
package/ui/src/vite-env.d.ts +9 -0
package/ui/tailwind.config.js +45 -0
package/ui/tsconfig.json +24 -0
package/ui/tsconfig.node.json +10 -0
package/ui/vite.config.ts +37 -0
package/ui/yarn.lock +3137 -0
package/src/index.d.ts +0 -11
package/src/index.js +0 -18
package/src/index.js.map +0 -1
package/src/lib/auth/auth.module.d.ts +0 -2
package/src/lib/auth/auth.module.js +0 -54
package/src/lib/auth/auth.module.js.map +0 -1
package/src/lib/auth/controllers/auth.controller.d.ts +0 -29
package/src/lib/auth/controllers/auth.controller.js +0 -206
package/src/lib/auth/controllers/auth.controller.js.map +0 -1
package/src/lib/auth/controllers/mfa.controller.d.ts +0 -23
package/src/lib/auth/controllers/mfa.controller.js +0 -131
package/src/lib/auth/controllers/mfa.controller.js.map +0 -1
package/src/lib/auth/dto/index.d.ts +0 -0
package/src/lib/auth/dto/index.js +0 -1
package/src/lib/auth/dto/index.js.map +0 -1
package/src/lib/auth/dto/requests/forgot-password.request.dto.d.ts +0 -5
package/src/lib/auth/dto/requests/forgot-password.request.dto.js +0 -30
package/src/lib/auth/dto/requests/forgot-password.request.dto.js.map +0 -1
package/src/lib/auth/dto/requests/login.request.dto.d.ts +0 -6
package/src/lib/auth/dto/requests/login.request.dto.js +0 -38
package/src/lib/auth/dto/requests/login.request.dto.js.map +0 -1
package/src/lib/auth/dto/requests/refresh-token.request.dto.d.ts +0 -3
package/src/lib/auth/dto/requests/refresh-token.request.dto.js +0 -15
package/src/lib/auth/dto/requests/refresh-token.request.dto.js.map +0 -1
package/src/lib/auth/dto/requests/reset-password.request.dto.d.ts +0 -7
package/src/lib/auth/dto/requests/reset-password.request.dto.js +0 -42
package/src/lib/auth/dto/requests/reset-password.request.dto.js.map +0 -1
package/src/lib/auth/dto/requests/send-mfa-code.request.dto.d.ts +0 -4
package/src/lib/auth/dto/requests/send-mfa-code.request.dto.js +0 -16
package/src/lib/auth/dto/requests/send-mfa-code.request.dto.js.map +0 -1
package/src/lib/auth/dto/requests/signup.request.dto.d.ts +0 -7
package/src/lib/auth/dto/requests/signup.request.dto.js +0 -37
package/src/lib/auth/dto/requests/signup.request.dto.js.map +0 -1
package/src/lib/auth/dto/requests/social-login.request.dto.d.ts +0 -3
package/src/lib/auth/dto/requests/social-login.request.dto.js +0 -16
package/src/lib/auth/dto/requests/social-login.request.dto.js.map +0 -1
package/src/lib/auth/dto/requests/verify-2fa.request.dto.d.ts +0 -5
package/src/lib/auth/dto/requests/verify-2fa.request.dto.js +0 -21
package/src/lib/auth/dto/requests/verify-2fa.request.dto.js.map +0 -1
package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.d.ts +0 -6
package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.js +0 -35
package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.js.map +0 -1
package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.d.ts +0 -4
package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.js +0 -20
package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.js.map +0 -1
package/src/lib/auth/dto/responses/auth.response.dto.d.ts +0 -16
package/src/lib/auth/dto/responses/auth.response.dto.js +0 -50
package/src/lib/auth/dto/responses/auth.response.dto.js.map +0 -1
package/src/lib/auth/entities/mfa-secret.entity.d.ts +0 -12
package/src/lib/auth/entities/mfa-secret.entity.js +0 -50
package/src/lib/auth/entities/mfa-secret.entity.js.map +0 -1
package/src/lib/auth/entities/otp.entity.d.ts +0 -13
package/src/lib/auth/entities/otp.entity.js +0 -50
package/src/lib/auth/entities/otp.entity.js.map +0 -1
package/src/lib/auth/events/logged-out-all.event.js +0 -10
package/src/lib/auth/events/logged-out-all.event.js.map +0 -1
package/src/lib/auth/events/logged-out.event.js +0 -10
package/src/lib/auth/events/logged-out.event.js.map +0 -1
package/src/lib/auth/events/password-reset-requested.event.js +0 -10
package/src/lib/auth/events/password-reset-requested.event.js.map +0 -1
package/src/lib/auth/events/password-reset.event.js +0 -10
package/src/lib/auth/events/password-reset.event.js.map +0 -1
package/src/lib/auth/events/user-2fa-verified.event.js +0 -10
package/src/lib/auth/events/user-2fa-verified.event.js.map +0 -1
package/src/lib/auth/events/user-logged-in.event.js +0 -10
package/src/lib/auth/events/user-logged-in.event.js.map +0 -1
package/src/lib/auth/events/user-refresh-token.event.js +0 -10
package/src/lib/auth/events/user-refresh-token.event.js.map +0 -1
package/src/lib/auth/events/user-registered.event.js +0 -10
package/src/lib/auth/events/user-registered.event.js.map +0 -1
package/src/lib/auth/guards/auth.guard.d.ts +0 -28
package/src/lib/auth/guards/auth.guard.js +0 -304
package/src/lib/auth/guards/auth.guard.js.map +0 -1
package/src/lib/auth/index.js +0 -31
package/src/lib/auth/index.js.map +0 -1
package/src/lib/auth/services/auth.service.d.ts +0 -53
package/src/lib/auth/services/auth.service.js +0 -522
package/src/lib/auth/services/auth.service.js.map +0 -1
package/src/lib/auth/services/cookie.service.d.ts +0 -9
package/src/lib/auth/services/cookie.service.js +0 -43
package/src/lib/auth/services/cookie.service.js.map +0 -1
package/src/lib/auth/services/mfa.service.d.ts +0 -38
package/src/lib/auth/services/mfa.service.js +0 -254
package/src/lib/auth/services/mfa.service.js.map +0 -1
package/src/lib/auth.constants.d.ts +0 -39
package/src/lib/auth.constants.js +0 -43
package/src/lib/auth.constants.js.map +0 -1
package/src/lib/core/core.module.d.ts +0 -2
package/src/lib/core/core.module.js +0 -53
package/src/lib/core/core.module.js.map +0 -1
package/src/lib/core/decorators/auth.decorator.d.ts +0 -1
package/src/lib/core/decorators/auth.decorator.js +0 -8
package/src/lib/core/decorators/auth.decorator.js.map +0 -1
package/src/lib/core/decorators/permissions.decorator.d.ts +0 -2
package/src/lib/core/decorators/permissions.decorator.js +0 -14
package/src/lib/core/decorators/permissions.decorator.js.map +0 -1
package/src/lib/core/decorators/role.decorator.d.ts +0 -3
package/src/lib/core/decorators/role.decorator.js +0 -14
package/src/lib/core/decorators/role.decorator.js.map +0 -1
package/src/lib/core/decorators/skip-mfa.decorator.d.ts +0 -2
package/src/lib/core/decorators/skip-mfa.decorator.js +0 -8
package/src/lib/core/decorators/skip-mfa.decorator.js.map +0 -1
package/src/lib/core/dto/message.response.dto.d.ts +0 -3
package/src/lib/core/dto/message.response.dto.js +0 -13
package/src/lib/core/dto/message.response.dto.js.map +0 -1
package/src/lib/core/entities.js +0 -31
package/src/lib/core/entities.js.map +0 -1
package/src/lib/core/index.js +0 -27
package/src/lib/core/index.js.map +0 -1
package/src/lib/core/interfaces/auth-module-options.interface.d.ts +0 -62
package/src/lib/core/interfaces/auth-module-options.interface.js +0 -3
package/src/lib/core/interfaces/auth-module-options.interface.js.map +0 -1
package/src/lib/core/interfaces/mfa-options.interface.d.ts +0 -25
package/src/lib/core/interfaces/mfa-options.interface.js +0 -10
package/src/lib/core/interfaces/mfa-options.interface.js.map +0 -1
package/src/lib/core/interfaces/otp.interface.d.ts +0 -5
package/src/lib/core/interfaces/otp.interface.js +0 -10
package/src/lib/core/interfaces/otp.interface.js.map +0 -1
package/src/lib/core/interfaces/session-options.interface.d.ts +0 -12
package/src/lib/core/interfaces/session-options.interface.js +0 -9
package/src/lib/core/interfaces/session-options.interface.js.map +0 -1
package/src/lib/core/interfaces/token-payload.interface.js +0 -3
package/src/lib/core/interfaces/token-payload.interface.js.map +0 -1
package/src/lib/core/providers/apple-auth.provider.d.ts +0 -18
package/src/lib/core/providers/apple-auth.provider.js +0 -57
package/src/lib/core/providers/apple-auth.provider.js.map +0 -1
package/src/lib/core/providers/base-auth.provider.d.ts +0 -26
package/src/lib/core/providers/base-auth.provider.js +0 -43
package/src/lib/core/providers/base-auth.provider.js.map +0 -1
package/src/lib/core/providers/email-auth.provider.d.ts +0 -17
package/src/lib/core/providers/email-auth.provider.js +0 -40
package/src/lib/core/providers/email-auth.provider.js.map +0 -1
package/src/lib/core/providers/facebook-auth.provider.d.ts +0 -18
package/src/lib/core/providers/facebook-auth.provider.js +0 -56
package/src/lib/core/providers/facebook-auth.provider.js.map +0 -1
package/src/lib/core/providers/google-auth.provider.d.ts +0 -21
package/src/lib/core/providers/google-auth.provider.js +0 -58
package/src/lib/core/providers/google-auth.provider.js.map +0 -1
package/src/lib/core/providers/jwt-auth.provider.d.ts +0 -33
package/src/lib/core/providers/jwt-auth.provider.js +0 -50
package/src/lib/core/providers/jwt-auth.provider.js.map +0 -1
package/src/lib/core/providers/phone-auth.provider.d.ts +0 -18
package/src/lib/core/providers/phone-auth.provider.js +0 -43
package/src/lib/core/providers/phone-auth.provider.js.map +0 -1
package/src/lib/core/services/auth-config.service.d.ts +0 -12
package/src/lib/core/services/auth-config.service.js +0 -79
package/src/lib/core/services/auth-config.service.js.map +0 -1
package/src/lib/core/services/auth-provider-registry.service.d.ts +0 -24
package/src/lib/core/services/auth-provider-registry.service.js +0 -71
package/src/lib/core/services/auth-provider-registry.service.js.map +0 -1
package/src/lib/core/services/debug-logger.service.d.ts +0 -38
package/src/lib/core/services/debug-logger.service.js.map +0 -1
package/src/lib/core/services/initialization.service.d.ts +0 -10
package/src/lib/core/services/initialization.service.js +0 -34
package/src/lib/core/services/initialization.service.js.map +0 -1
package/src/lib/core/services/jwt.service.d.ts +0 -14
package/src/lib/core/services/jwt.service.js +0 -92
package/src/lib/core/services/jwt.service.js.map +0 -1
package/src/lib/nest-auth.module.d.ts +0 -11
package/src/lib/nest-auth.module.js +0 -177
package/src/lib/nest-auth.module.js.map +0 -1
package/src/lib/request-context/request-context.d.ts +0 -22
package/src/lib/request-context/request-context.js.map +0 -1
package/src/lib/request-context/request-context.middleware.d.ts +0 -4
package/src/lib/request-context/request-context.middleware.js +0 -16
package/src/lib/request-context/request-context.middleware.js.map +0 -1
package/src/lib/role/entities/role.entity.d.ts +0 -20
package/src/lib/role/entities/role.entity.js +0 -110
package/src/lib/role/entities/role.entity.js.map +0 -1
package/src/lib/role/index.js +0 -5
package/src/lib/role/index.js.map +0 -1
package/src/lib/role/role.module.d.ts +0 -2
package/src/lib/role/role.module.js +0 -23
package/src/lib/role/role.module.js.map +0 -1
package/src/lib/role/services/role.service.d.ts +0 -20
package/src/lib/role/services/role.service.js.map +0 -1
package/src/lib/session/entities/session.entity.d.ts +0 -16
package/src/lib/session/entities/session.entity.js +0 -63
package/src/lib/session/entities/session.entity.js.map +0 -1
package/src/lib/session/index.d.ts +0 -3
package/src/lib/session/index.js +0 -7
package/src/lib/session/index.js.map +0 -1
package/src/lib/session/services/base-session.service.d.ts +0 -23
package/src/lib/session/services/base-session.service.js +0 -64
package/src/lib/session/services/base-session.service.js.map +0 -1
package/src/lib/session/services/database-session.service.d.ts +0 -17
package/src/lib/session/services/database-session.service.js +0 -51
package/src/lib/session/services/database-session.service.js.map +0 -1
package/src/lib/session/services/redis-session.service.d.ts +0 -20
package/src/lib/session/services/redis-session.service.js +0 -117
package/src/lib/session/services/redis-session.service.js.map +0 -1
package/src/lib/session/session.module.d.ts +0 -2
package/src/lib/session/session.module.js +0 -33
package/src/lib/session/session.module.js.map +0 -1
package/src/lib/tenant/entities/tenant.entity.d.ts +0 -10
package/src/lib/tenant/entities/tenant.entity.js +0 -44
package/src/lib/tenant/entities/tenant.entity.js.map +0 -1
package/src/lib/tenant/events/tenant-created.event.d.ts +0 -8
package/src/lib/tenant/events/tenant-created.event.js +0 -10
package/src/lib/tenant/events/tenant-created.event.js.map +0 -1
package/src/lib/tenant/events/tenant-deleted.event.d.ts +0 -8
package/src/lib/tenant/events/tenant-deleted.event.js +0 -10
package/src/lib/tenant/events/tenant-deleted.event.js.map +0 -1
package/src/lib/tenant/events/tenant-updated.event.js +0 -10
package/src/lib/tenant/events/tenant-updated.event.js.map +0 -1
package/src/lib/tenant/index.d.ts +0 -1
package/src/lib/tenant/index.js +0 -5
package/src/lib/tenant/index.js.map +0 -1
package/src/lib/tenant/services/tenant.service.d.ts +0 -26
package/src/lib/tenant/services/tenant.service.js +0 -200
package/src/lib/tenant/services/tenant.service.js.map +0 -1
package/src/lib/tenant/tenant.module.d.ts +0 -2
package/src/lib/tenant/tenant.module.js +0 -27
package/src/lib/tenant/tenant.module.js.map +0 -1
package/src/lib/user/dto/requests/update-user.dto.d.ts +0 -5
package/src/lib/user/dto/requests/update-user.dto.js +0 -24
package/src/lib/user/dto/requests/update-user.dto.js.map +0 -1
package/src/lib/user/entities/access-key.entity.d.ts +0 -16
package/src/lib/user/entities/access-key.entity.js +0 -63
package/src/lib/user/entities/access-key.entity.js.map +0 -1
package/src/lib/user/entities/identity.entity.d.ts +0 -12
package/src/lib/user/entities/identity.entity.js +0 -47
package/src/lib/user/entities/identity.entity.js.map +0 -1
package/src/lib/user/entities/user.entity.d.ts +0 -39
package/src/lib/user/entities/user.entity.js +0 -201
package/src/lib/user/entities/user.entity.js.map +0 -1
package/src/lib/user/events/user-created.event.js +0 -10
package/src/lib/user/events/user-created.event.js.map +0 -1
package/src/lib/user/events/user-deleted.event.js +0 -10
package/src/lib/user/events/user-deleted.event.js.map +0 -1
package/src/lib/user/events/user-updated.event.js +0 -10
package/src/lib/user/events/user-updated.event.js.map +0 -1
package/src/lib/user/index.d.ts +0 -3
package/src/lib/user/index.js +0 -7
package/src/lib/user/index.js.map +0 -1
package/src/lib/user/services/access-key.service.d.ts +0 -19
package/src/lib/user/services/access-key.service.js +0 -119
package/src/lib/user/services/access-key.service.js.map +0 -1
package/src/lib/user/services/user.service.d.ts +0 -24
package/src/lib/user/services/user.service.js.map +0 -1
package/src/lib/user/user.module.d.ts +0 -2
package/src/lib/user/user.module.js +0 -34
package/src/lib/user/user.module.js.map +0 -1
package/src/lib/utils/database.utils.d.ts +0 -2
package/src/lib/utils/database.utils.js +0 -8
package/src/lib/utils/database.utils.js.map +0 -1
package/src/lib/utils/otp.d.ts +0 -1
package/src/lib/utils/otp.js +0 -7
package/src/lib/utils/otp.js.map +0 -1

package/src/lib/admin-console/controllers/admin-users.controller.ts ADDED Viewed

@@ -0,0 +1,379 @@
+import {
+  Body,
+  Controller,
+  Delete,
+  Get,
+  Param,
+  Patch,
+  Post,
+  Query,
+  UseGuards,
+} from '@nestjs/common';
+import { NotFoundException } from '@nestjs/common';
+import { InjectRepository } from '@nestjs/typeorm';
+import { Repository } from 'typeorm';
+import { AdminSessionGuard } from '../guards/admin-session.guard';
+import { AdminCreateUserDto, AdminUpdateUserDto } from '../dto/admin-user.dto';
+import { UserService } from '../../user/services/user.service';
+import { TenantService } from '../../tenant/services/tenant.service';
+import { NestAuthUser } from '../../user/entities/user.entity';
+import { NestAuthMFASecret } from '../../auth/entities/mfa-secret.entity';
+import { DEFAULT_GUARD_NAME, EMAIL_AUTH_PROVIDER, PHONE_AUTH_PROVIDER } from '../../auth.constants';
+import { FindOptionsWhere, Like } from 'typeorm';
+import { MfaService } from '../../auth/services/mfa.service';
+import { SessionManagerService } from '../../session/services/session-manager.service';
+import { NestAuthSession } from '../../session/entities/session.entity';
+@Controller('auth/admin/api/users')
+@UseGuards(AdminSessionGuard)
+export class AdminUsersController {
+  constructor(
+    private readonly users: UserService,
+    private readonly tenantService: TenantService,
+    private readonly mfaService: MfaService,
+    private readonly sessionManager: SessionManagerService,
+    @InjectRepository(NestAuthMFASecret)
+    private readonly mfaSecretRepository: Repository<NestAuthMFASecret>,
+  ) { }
+  private async ensureUserExists(id: string): Promise<NestAuthUser> {
+    const user = await this.users.getUserById(id);
+    if (!user) {
+      throw new NotFoundException('User not found');
+    }
+    return user;
+  }
+  private toSessionResponse(session: NestAuthSession) {
+    return {
+      id: session.id,
+      deviceName: session.deviceName || 'Unknown device',
+      userAgent: session.userAgent,
+      ipAddress: session.ipAddress,
+      lastActive: session.lastActive,
+      createdAt: session.createdAt,
+      expiresAt: session.expiresAt,
+    };
+  }
+  private buildStatusFilter(status?: string): Partial<FindOptionsWhere<NestAuthUser>> {
+    if (!status) return {};
+    switch (status) {
+      case 'active':
+        return { isActive: true };
+      case 'inactive':
+        return { isActive: false };
+      case 'verified':
+        return { isVerified: true };
+      case 'unverified':
+        return { isVerified: false };
+      default:
+        return {};
+    }
+  }
+  private escapeLikePattern(value: string): string {
+    return value.replace(/[%_\\]/g, '\\$&');
+  }
+  @Get()
+  async listUsers(
+    @Query('page') page?: string,
+    @Query('limit') limit?: string,
+    @Query('search') search?: string,
+    @Query('status') status?: string,
+  ) {
+    // Validate and sanitize pagination parameters
+    let pageNum = parseInt(page || '1', 10);
+    let limitNum = parseInt(limit || '10', 10);
+    // Ensure page is at least 1
+    if (isNaN(pageNum) || pageNum < 1) {
+      pageNum = 1;
+    }
+    // Ensure limit is positive and capped at 100
+    if (isNaN(limitNum) || limitNum <= 0) {
+      limitNum = 10;
+    }
+    if (limitNum > 100) {
+      limitNum = 100;
+    }
+    const skip = (pageNum - 1) * limitNum;
+    // Build where clause with proper TypeORM typing
+    let where: FindOptionsWhere<NestAuthUser>[] | FindOptionsWhere<NestAuthUser> = {};
+    // Apply search filter with proper OR conditions using array syntax
+    if (search && search.trim()) {
+      const escapedSearch = this.escapeLikePattern(search.trim());
+      const searchPattern = `%${escapedSearch}%`;
+      // Base status filter if present
+      const baseFilter: FindOptionsWhere<NestAuthUser> = {
+        ...this.buildStatusFilter(status),
+      };
+      // Create OR conditions for search
+      where = [
+        { ...baseFilter, email: Like(searchPattern) },
+        { ...baseFilter, phone: Like(searchPattern) },
+        { ...baseFilter, tenantId: Like(searchPattern) },
+      ];
+    } else {
+      // Apply status filter without search
+      Object.assign(where as FindOptionsWhere<NestAuthUser>, this.buildStatusFilter(status));
+    }
+    // Get users and total count in a single query
+    const [users, total] = await this.users.getUsersAndCount({
+      where,
+      relations: ['roles'],
+      order: { createdAt: 'DESC' },
+      skip,
+      take: limitNum,
+    });
+    return {
+      data: users.map((user) => this.toSafeUser(user)),
+      meta: {
+        page: pageNum,
+        limit: limitNum,
+        total,
+        totalPages: Math.ceil(total / limitNum),
+      },
+    };
+  }
+  @Post()
+  async createUser(@Body() dto: AdminCreateUserDto) {
+    const tenantId = await this.tenantService.resolveTenantId(dto.tenantId);
+    const user = await this.users.createUser({
+      email: dto.email,
+      phone: dto.phone,
+      tenantId,
+      metadata: dto.metadata ?? {},
+      isActive: dto.isActive ?? true,
+      isVerified: dto.isVerified ?? false,
+    });
+    if (dto.password) {
+      await user.setPassword(dto.password);
+      await user.save();
+    }
+    if (dto.roles?.length) {
+      await user.assignRoles(dto.roles, DEFAULT_GUARD_NAME);
+      await user.save();
+    }
+    return { user: this.toSafeUser(user) };
+  }
+  @Get(':id')
+  async getUser(@Param('id') id: string) {
+    const user = await this.users.getUserById(id, {
+      relations: ['roles', 'mfaSecrets', 'identities']
+    });
+    if (!user) {
+      throw new NotFoundException('User not found');
+    }
+    const availableMethods = this.mfaService.getAvailableMethods();
+    const [enabledMethods, sessions] = await Promise.all([
+      this.mfaService.getEnabledMethods(user.id),
+      this.sessionManager.getUserSessions(user.id),
+    ]);
+    const sortedSessions = sessions
+      .sort((a, b) => {
+        const aTime = a.lastActive?.getTime() ?? a.updatedAt?.getTime() ?? 0;
+        const bTime = b.lastActive?.getTime() ?? b.updatedAt?.getTime() ?? 0;
+        return bTime - aTime;
+      })
+      .map((session) => this.toSessionResponse(session));
+    return {
+      user: this.toSafeUser(user),
+      loginMethods: {
+        emailEnabled: !!user.email && !!user.emailVerifiedAt,
+        phoneEnabled: !!user.phone && !!user.phoneVerifiedAt,
+        hasPassword: !!user.passwordHash,
+      },
+      mfa: {
+        isEnabled: user.isMfaEnabled,
+        allowUserToggle: this.mfaService.mfaConfig?.allowUserToggle ?? false,
+        availableMethods,
+        enabledMethods,
+        hasRecoveryCode: !!user.mfaRecoveryCode,
+        totpDevices: user.mfaSecrets?.map((device) => ({
+          id: device.id,
+          deviceName: device.deviceName || 'Authenticator',
+          verified: device.verified,
+          lastUsedAt: device.lastUsedAt,
+          createdAt: device.createdAt,
+        })) || [],
+      },
+      sessions: sortedSessions,
+    };
+  }
+  @Patch(':id')
+  async updateUser(@Param('id') id: string, @Body() dto: AdminUpdateUserDto) {
+    let user = await this.users.getUserById(id, { relations: ['roles', 'identities'] });
+    if (!user) {
+      throw new NotFoundException('User not found');
+    }
+    // Apply basic field updates if provided
+    if (dto.isActive !== undefined || dto.isVerified !== undefined || dto.metadata !== undefined ||
+      dto.isMfaEnabled !== undefined) {
+      const updates: Partial<NestAuthUser> = {};
+      if (dto.isActive !== undefined) updates.isActive = dto.isActive;
+      if (dto.isVerified !== undefined) updates.isVerified = dto.isVerified;
+      if (dto.metadata !== undefined) updates.metadata = dto.metadata;
+      if (dto.isMfaEnabled !== undefined) updates.isMfaEnabled = dto.isMfaEnabled;
+      user = await this.users.updateUser(id, updates);
+    }
+    // Enable/disable email login
+    if (dto.emailLoginEnabled !== undefined) {
+      if (dto.emailLoginEnabled) {
+        if (!user.email) {
+          throw new NotFoundException('User has no email address');
+        }
+        user.emailVerifiedAt = user.emailVerifiedAt || new Date();
+        // Ensure identity exists
+        await user.findOrCreateIdentity(EMAIL_AUTH_PROVIDER, user.email);
+      } else {
+        user.emailVerifiedAt = null;
+        // Remove email identity if exists
+        const emailIdentity = user.identities?.find(i => i.provider === EMAIL_AUTH_PROVIDER);
+        if (emailIdentity) {
+          await emailIdentity.remove();
+        }
+      }
+    }
+    // Enable/disable phone login
+    if (dto.phoneLoginEnabled !== undefined) {
+      if (dto.phoneLoginEnabled) {
+        if (!user.phone) {
+          throw new NotFoundException('User has no phone number');
+        }
+        user.phoneVerifiedAt = user.phoneVerifiedAt || new Date();
+        // Ensure identity exists
+        await user.findOrCreateIdentity(PHONE_AUTH_PROVIDER, user.phone);
+      } else {
+        user.phoneVerifiedAt = null;
+        // Remove phone identity if exists
+        const phoneIdentity = user.identities?.find(i => i.provider === PHONE_AUTH_PROVIDER);
+        if (phoneIdentity) {
+          await phoneIdentity.remove();
+        }
+      }
+    }
+    // Apply password change in-memory
+    if (dto.password) {
+      await user.setPassword(dto.password);
+    }
+    // Apply role changes in-memory
+    if (dto.roles) {
+      await user.assignRoles(dto.roles, DEFAULT_GUARD_NAME);
+    }
+    // Save all changes
+    await user.save();
+    return { user: this.toSafeUser(user) };
+  }
+  @Delete(':id/totp-devices/:deviceId')
+  async deleteTotpDevice(@Param('id') id: string, @Param('deviceId') deviceId: string) {
+    const user = await this.users.getUserById(id);
+    if (!user) {
+      throw new NotFoundException('User not found');
+    }
+    const device = await this.mfaSecretRepository.findOne({
+      where: { id: deviceId, userId: user.id },
+    });
+    if (!device) {
+      throw new NotFoundException('TOTP device not found');
+    }
+    await this.mfaSecretRepository.remove(device);
+    return { message: 'TOTP device deleted successfully' };
+  }
+  @Get(':id/sessions')
+  async listSessions(@Param('id') id: string) {
+    const user = await this.ensureUserExists(id);
+    const sessions = await this.sessionManager.getUserSessions(user.id);
+    return {
+      data: sessions
+        .sort((a, b) => {
+          const aTime = a.lastActive?.getTime() ?? a.updatedAt?.getTime() ?? 0;
+          const bTime = b.lastActive?.getTime() ?? b.updatedAt?.getTime() ?? 0;
+          return bTime - aTime;
+        })
+        .map((session) => this.toSessionResponse(session)),
+    };
+  }
+  @Delete(':id/sessions/:sessionId')
+  async revokeSession(@Param('id') id: string, @Param('sessionId') sessionId: string) {
+    const user = await this.ensureUserExists(id);
+    try {
+      const session = await this.sessionManager.getSession(sessionId, false);
+      if (session.userId !== user.id) {
+        throw new NotFoundException('Session not found for this user');
+      }
+    } catch {
+      throw new NotFoundException('Session not found for this user');
+    }
+    await this.sessionManager.revokeSession(sessionId);
+    return { message: 'Session revoked successfully' };
+  }
+  @Delete(':id/sessions')
+  async revokeAllSessions(@Param('id') id: string) {
+    const user = await this.ensureUserExists(id);
+    await this.sessionManager.revokeAllUserSessions(user.id);
+    return { message: 'All sessions revoked successfully' };
+  }
+  @Delete(':id')
+  async deleteUser(@Param('id') id: string) {
+    await this.users.deleteUser(id);
+    return { message: 'User removed' };
+  }
+  private toSafeUser(user: NestAuthUser | null) {
+    if (!user) {
+      return null;
+    }
+    return {
+      id: user.id,
+      email: user.email,
+      phone: user.phone,
+      tenantId: user.tenantId,
+      isActive: user.isActive,
+      isVerified: user.isVerified,
+      metadata: user.metadata ?? {},
+      roles: user.roles?.map((role) => role.name) ?? [],
+      createdAt: user.createdAt,
+      updatedAt: user.updatedAt,
+      emailVerifiedAt: user.emailVerifiedAt,
+      phoneVerifiedAt: user.phoneVerifiedAt,
+      isMfaEnabled: user.isMfaEnabled,
+    };
+  }
+}

package/src/lib/admin-console/decorators/current-admin.decorator.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import { createParamDecorator, ExecutionContext } from '@nestjs/common';
+import { AdminUser } from '../entities/admin-user.entity';
+export const CurrentAdmin = createParamDecorator(
+  (data: unknown, context: ExecutionContext): AdminUser | undefined => {
+    const request = context.switchToHttp().getRequest();
+    return request.adminUser as AdminUser | undefined;
+  },
+);

package/src/lib/admin-console/dto/admin-permission.dto.ts ADDED Viewed

@@ -0,0 +1,106 @@
+import { IsString, IsNotEmpty, IsOptional, IsObject, MaxLength, MinLength } from 'class-validator';
+import { ApiProperty } from '@nestjs/swagger';
+export class AdminCreatePermissionDto {
+    @ApiProperty({
+        description: 'Permission name (must be unique per guard)',
+        example: 'users.create',
+        minLength: 1,
+        maxLength: 255,
+    })
+    @IsString()
+    @IsNotEmpty()
+    @MinLength(1)
+    @MaxLength(255)
+    name: string;
+    @ApiProperty({
+        description: 'Guard name (defaults to "web" if not provided)',
+        required: false,
+        example: 'web',
+    })
+    @IsOptional()
+    @IsString()
+    guard?: string;
+    @ApiProperty({
+        description: 'Optional description of what this permission allows',
+        required: false,
+        example: 'Allows creating new user accounts',
+    })
+    @IsOptional()
+    @IsString()
+    description?: string;
+    @ApiProperty({
+        description: 'Optional category to group permissions (e.g., "users", "posts", "admin")',
+        required: false,
+        example: 'users',
+    })
+    @IsOptional()
+    @IsString()
+    category?: string;
+    @ApiProperty({
+        description: 'Optional metadata for additional permission information',
+        required: false,
+        example: { level: 'write', resource: 'users' },
+    })
+    @IsOptional()
+    @IsObject()
+    metadata?: Record<string, any>;
+}
+export class AdminUpdatePermissionDto {
+    @ApiProperty({
+        description: 'Permission name (must be unique per guard if changed). If changed, can optionally update in all roles.',
+        required: false,
+        example: 'users.create',
+    })
+    @IsOptional()
+    @IsString()
+    @MinLength(1)
+    @MaxLength(255)
+    name?: string;
+    @ApiProperty({
+        description: 'Guard name',
+        required: false,
+        example: 'web',
+    })
+    @IsOptional()
+    @IsString()
+    guard?: string;
+    @ApiProperty({
+        description: 'Whether to update permission name in all roles that use it (only if name is being changed)',
+        required: false,
+        default: false,
+    })
+    @IsOptional()
+    updateInRoles?: boolean;
+    @ApiProperty({
+        description: 'Optional description of what this permission allows',
+        required: false,
+    })
+    @IsOptional()
+    @IsString()
+    description?: string;
+    @ApiProperty({
+        description: 'Optional category to group permissions',
+        required: false,
+    })
+    @IsOptional()
+    @IsString()
+    category?: string;
+    @ApiProperty({
+        description: 'Optional metadata',
+        required: false,
+    })
+    @IsOptional()
+    @IsObject()
+    metadata?: Record<string, any>;
+}

package/src/lib/admin-console/dto/admin-role.dto.ts ADDED Viewed

@@ -0,0 +1,45 @@
+import {
+  IsArray,
+  IsBoolean,
+  IsNotEmpty,
+  IsOptional,
+  IsString,
+} from 'class-validator';
+export class AdminCreateRoleDto {
+  @IsString()
+  @IsNotEmpty()
+  name: string;
+  @IsString()
+  @IsNotEmpty()
+  guard: string;
+  @IsOptional()
+  @IsString()
+  tenantId?: string;
+  @IsOptional()
+  @IsBoolean()
+  isSystem?: boolean;
+  @IsOptional()
+  @IsArray()
+  @IsString({ each: true })
+  permissions?: string[];
+}
+export class AdminUpdateRoleDto {
+  @IsOptional()
+  @IsString()
+  name?: string;
+  @IsOptional()
+  @IsString()
+  guard?: string;
+  @IsOptional()
+  @IsArray()
+  @IsString({ each: true })
+  permissions?: string[];
+}

package/src/lib/admin-console/dto/admin-tenant.dto.ts ADDED Viewed

@@ -0,0 +1,43 @@
+import { IsNotEmpty, IsObject, IsOptional, IsString, Matches } from 'class-validator';
+export class AdminCreateTenantDto {
+  @IsString()
+  @IsNotEmpty()
+  name: string;
+  @IsString()
+  @IsNotEmpty()
+  @Matches(/^[a-z0-9]+(?:-[a-z0-9]+)*$/, {
+    message: 'Slug must be lowercase alphanumeric with hyphens, no leading/trailing or consecutive hyphens'
+  })
+  slug: string;
+  @IsOptional()
+  @IsString()
+  description?: string;
+  @IsOptional()
+  @IsObject()
+  metadata?: Record<string, any>;
+}
+export class AdminUpdateTenantDto {
+  @IsOptional()
+  @IsString()
+  name?: string;
+  @IsOptional()
+  @IsString()
+  @Matches(/^[a-z0-9]+(?:-[a-z0-9]+)*$/, {
+    message: 'Slug must be lowercase alphanumeric with hyphens, no leading/trailing or consecutive hyphens'
+  })
+  slug?: string;
+  @IsOptional()
+  @IsString()
+  description?: string;
+  @IsOptional()
+  @IsObject()
+  metadata?: Record<string, any>;
+}

package/src/lib/admin-console/dto/admin-user.dto.ts ADDED Viewed

@@ -0,0 +1,87 @@
+import {
+  IsArray,
+  IsBoolean,
+  IsEmail,
+  IsNotEmpty,
+  IsOptional,
+  IsString,
+  Matches,
+  MinLength,
+} from 'class-validator';
+export class AdminCreateUserDto {
+  @IsEmail()
+  email: string;
+  @IsOptional()
+  @IsString()
+  phone?: string;
+  @IsOptional()
+  @IsString()
+  @MinLength(8)
+  @Matches(
+    /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]+$/,
+    { message: 'Password must contain uppercase, lowercase, number, and special character' }
+  )
+  password?: string;
+  @IsString()
+  @IsNotEmpty()
+  tenantId: string;
+  @IsOptional()
+  @IsBoolean()
+  isActive?: boolean;
+  @IsOptional()
+  @IsBoolean()
+  isVerified?: boolean;
+  @IsOptional()
+  @IsArray()
+  @IsString({ each: true })
+  roles?: string[];
+  @IsOptional()
+  metadata?: Record<string, any>;
+}
+export class AdminUpdateUserDto {
+  @IsOptional()
+  @IsBoolean()
+  isActive?: boolean;
+  @IsOptional()
+  @IsBoolean()
+  isVerified?: boolean;
+  @IsOptional()
+  @IsString()
+  @MinLength(8)
+  @Matches(
+    /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]+$/,
+    { message: 'Password must contain uppercase, lowercase, number, and special character' }
+  )
+  password?: string;
+  @IsOptional()
+  @IsArray()
+  @IsString({ each: true })
+  roles?: string[];
+  @IsOptional()
+  metadata?: Record<string, any>;
+  @IsOptional()
+  @IsBoolean()
+  isMfaEnabled?: boolean;
+  @IsOptional()
+  @IsBoolean()
+  emailLoginEnabled?: boolean;
+  @IsOptional()
+  @IsBoolean()
+  phoneLoginEnabled?: boolean;
+}

package/src/lib/admin-console/dto/create-dashboard-admin.dto.ts ADDED Viewed

@@ -0,0 +1,34 @@
+import { IsEmail, IsNotEmpty, IsOptional, IsString, Matches, MinLength } from 'class-validator';
+export class CreateDashboardAdminDto {
+  @IsEmail()
+  email: string;
+  @IsString()
+  @IsNotEmpty()
+  @MinLength(8)
+  @Matches(
+    /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]+$/,
+    { message: 'Password must contain uppercase, lowercase, number, and special character' }
+  )
+  password: string;
+  @IsOptional()
+  @IsString()
+  name?: string;
+}
+export class UpdateDashboardAdminDto {
+  @IsOptional()
+  @IsString()
+  name?: string;
+  @IsOptional()
+  @IsString()
+  @MinLength(8)
+  @Matches(
+    /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]+$/,
+    { message: 'Password must contain uppercase, lowercase, number, and special character' }
+  )
+  password?: string;
+}