npm - @ackplus/nest-auth - Versions diffs - 1.1.0 → 1.1.2 - Mend

@ackplus/nest-auth 1.1.0 → 1.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (645) hide show

package/src/lib/core/services/{debug-logger.service.ts → debug-logger.service.js} RENAMED Viewed

@@ -1,38 +1,31 @@
-import { Injectable, Logger } from '@nestjs/common';
-import { AuthConfigService } from './auth-config.service';
-export enum DebugLogLevel {
-    ERROR = 'error',
-    WARN = 'warn',
-    INFO = 'info',
-    DEBUG = 'debug',
-    VERBOSE = 'verbose'
-}
-export interface DebugLogOptions {
-    enabled?: boolean;
-    level?: DebugLogLevel;
-    prefix?: string;
-    includeTimestamp?: boolean;
-    includeContext?: boolean;
-}
-@Injectable()
-export class DebugLoggerService {
-    private readonly logger = new Logger('NestAuth');
-    private config: DebugLogOptions = {
-        enabled: false,
-        level: DebugLogLevel.VERBOSE,
-        prefix: '[NestAuth]',
-        includeTimestamp: true,
-        includeContext: true
-    };
-    constructor(private readonly authConfig: AuthConfigService) {
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DebugLoggerService = exports.DebugLogLevel = void 0;
+const tslib_1 = require("tslib");
+const common_1 = require("@nestjs/common");
+const auth_config_service_1 = require("./auth-config.service");
+var DebugLogLevel;
+(function (DebugLogLevel) {
+    DebugLogLevel["ERROR"] = "error";
+    DebugLogLevel["WARN"] = "warn";
+    DebugLogLevel["INFO"] = "info";
+    DebugLogLevel["DEBUG"] = "debug";
+    DebugLogLevel["VERBOSE"] = "verbose";
+})(DebugLogLevel || (exports.DebugLogLevel = DebugLogLevel = {}));
+let DebugLoggerService = class DebugLoggerService {
+    constructor(authConfig) {
+        this.authConfig = authConfig;
+        this.logger = new common_1.Logger('NestAuth');
+        this.config = {
+            enabled: false,
+            level: DebugLogLevel.VERBOSE,
+            prefix: '[NestAuth]',
+            includeTimestamp: true,
+            includeContext: true
+        };
         this.updateConfig();
     }
-    private updateConfig(): void {
+    updateConfig() {
         const authOptions = this.authConfig.getConfig();
         if (authOptions.debug) {
             this.config = {
@@ -41,10 +34,9 @@ export class DebugLoggerService {
             };
         }
     }
-    private shouldLog(level: DebugLogLevel): boolean {
-        if (!this.config.enabled) return false;
+    shouldLog(level) {
+        if (!this.config.enabled)
+            return false;
         const levels = [
             DebugLogLevel.ERROR,
             DebugLogLevel.WARN,
@@ -52,77 +44,61 @@ export class DebugLoggerService {
             DebugLogLevel.DEBUG,
             DebugLogLevel.VERBOSE
         ];
         const currentLevelIndex = levels.indexOf(this.config.level);
         const requestedLevelIndex = levels.indexOf(level);
         return requestedLevelIndex <= currentLevelIndex;
     }
-    private formatMessage(message: string, context?: string, data?: any): string {
+    formatMessage(message, context, data) {
         let formattedMessage = '';
         if (this.config.prefix) {
             formattedMessage += `${this.config.prefix} `;
         }
         if (this.config.includeTimestamp) {
             formattedMessage += `[${new Date().toISOString()}] `;
         }
         if (this.config.includeContext && context) {
             formattedMessage += `[${context}] `;
         }
         formattedMessage += message;
         if (data) {
             formattedMessage += ` | Data: ${JSON.stringify(data, null, 2)}`;
         }
         return formattedMessage;
     }
-    error(message: string, context?: string, data?: any, trace?: string): void {
+    error(message, context, data, trace) {
         if (this.shouldLog(DebugLogLevel.ERROR)) {
             this.logger.error(this.formatMessage(message, context, data), trace);
         }
     }
-    warn(message: string, context?: string, data?: any): void {
+    warn(message, context, data) {
         if (this.shouldLog(DebugLogLevel.WARN)) {
             this.logger.warn(this.formatMessage(message, context, data));
         }
     }
-    info(message: string, context?: string, data?: any): void {
+    info(message, context, data) {
         if (this.shouldLog(DebugLogLevel.INFO)) {
             this.logger.log(this.formatMessage(message, context, data));
         }
     }
-    debug(message: string, context?: string, data?: any): void {
+    debug(message, context, data) {
         if (this.shouldLog(DebugLogLevel.DEBUG)) {
             this.logger.debug(this.formatMessage(message, context, data));
         }
     }
-    verbose(message: string, context?: string, data?: any): void {
+    verbose(message, context, data) {
         if (this.shouldLog(DebugLogLevel.VERBOSE)) {
             this.logger.verbose(this.formatMessage(message, context, data));
         }
     }
     // Convenience methods for specific operations
-    logUserOperation(operation: string, userId?: string, data?: any): void {
+    logUserOperation(operation, userId, data) {
         this.debug(`User Operation: ${operation}`, 'UserService', {
             userId,
             operation,
             ...data
         });
     }
-    logAuthOperation(operation: string, providerName?: string, userId?: string, data?: any): void {
+    logAuthOperation(operation, providerName, userId, data) {
         this.debug(`Auth Operation: ${operation}`, 'AuthService', {
             operation,
             providerName,
@@ -130,60 +106,53 @@ export class DebugLoggerService {
             ...data
         });
     }
-    logRoleOperation(operation: string, roleId?: string, data?: any): void {
+    logRoleOperation(operation, roleId, data) {
         this.debug(`Role Operation: ${operation}`, 'RoleService', {
             operation,
             roleId,
             ...data
         });
     }
-    logTenantOperation(operation: string, tenantId?: string, data?: any): void {
+    logTenantOperation(operation, tenantId, data) {
         this.debug(`Tenant Operation: ${operation}`, 'TenantService', {
             operation,
             tenantId,
             ...data
         });
     }
-    logSessionOperation(operation: string, sessionId?: string, data?: any): void {
+    logSessionOperation(operation, sessionId, data) {
         this.debug(`Session Operation: ${operation}`, 'SessionService', {
             operation,
             sessionId,
             ...data
         });
     }
-    logPermissionOperation(operation: string, permissionId?: string, data?: any): void {
+    logPermissionOperation(operation, permissionId, data) {
         this.debug(`Permission Operation: ${operation}`, 'PermissionService', {
             operation,
             permissionId,
             ...data
         });
     }
     // Method to log errors with full context
-    logError(error: Error, context: string, additionalData?: any): void {
-        this.error(
-            `Error in ${context}: ${error.message}`,
-            context,
-            {
-                error: error.name,
-                message: error.message,
-                stack: error.stack,
-                ...additionalData
-            },
-            error.stack
-        );
-    }
+    logError(error, context, additionalData) {
+        this.error(`Error in ${context}: ${error.message}`, context, {
+            error: error.name,
+            message: error.message,
+            stack: error.stack,
+            ...additionalData
+        }, error.stack);
+    }
     // Method to log function entry/exit for detailed debugging
-    logFunctionEntry(functionName: string, context: string, params?: any): void {
+    logFunctionEntry(functionName, context, params) {
         this.verbose(`Entering function: ${functionName}`, context, { params });
     }
-    logFunctionExit(functionName: string, context: string, result?: any): void {
+    logFunctionExit(functionName, context, result) {
         this.verbose(`Exiting function: ${functionName}`, context, { result });
     }
-}
+};
+exports.DebugLoggerService = DebugLoggerService;
+exports.DebugLoggerService = DebugLoggerService = tslib_1.__decorate([
+    (0, common_1.Injectable)(),
+    tslib_1.__metadata("design:paramtypes", [auth_config_service_1.AuthConfigService])
+], DebugLoggerService);

package/src/lib/core/services/initialization.service.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { OnModuleInit } from '@nestjs/common';
+import { TenantService } from '../../tenant/services/tenant.service';
+import { AuthConfigService } from './auth-config.service';
+export declare class InitializationService implements OnModuleInit {
+    private readonly tenantService;
+    private readonly authConfig;
+    constructor(tenantService: TenantService, authConfig: AuthConfigService);
+    onModuleInit(): Promise<void>;
+    private initializeDefaultTenant;
+}
+//# sourceMappingURL=initialization.service.d.ts.map

package/src/lib/core/services/initialization.service.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"initialization.service.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/core/services/initialization.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,sCAAsC,CAAC;AACrE,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAE1D,qBACa,qBAAsB,YAAW,YAAY;IAElD,OAAO,CAAC,QAAQ,CAAC,aAAa;IAC9B,OAAO,CAAC,QAAQ,CAAC,UAAU;gBADV,aAAa,EAAE,aAAa,EAC5B,UAAU,EAAE,iBAAiB;IAG5C,YAAY;YAKJ,uBAAuB;CAYxC"}

package/src/lib/core/services/initialization.service.js ADDED Viewed

@@ -0,0 +1,35 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.InitializationService = void 0;
+const tslib_1 = require("tslib");
+const common_1 = require("@nestjs/common");
+const tenant_service_1 = require("../../tenant/services/tenant.service");
+const auth_config_service_1 = require("./auth-config.service");
+let InitializationService = class InitializationService {
+    constructor(tenantService, authConfig) {
+        this.tenantService = tenantService;
+        this.authConfig = authConfig;
+    }
+    async onModuleInit() {
+        // Initialize default tenant if configured
+        await this.initializeDefaultTenant();
+    }
+    async initializeDefaultTenant() {
+        try {
+            const config = this.authConfig.getConfig();
+            if (config.defaultTenant) {
+                await this.tenantService.initializeDefaultTenant();
+            }
+        }
+        catch (error) {
+            // Log the error but don't fail module initialization
+            console.error('Failed to initialize default tenant:', error);
+        }
+    }
+};
+exports.InitializationService = InitializationService;
+exports.InitializationService = InitializationService = tslib_1.__decorate([
+    (0, common_1.Injectable)(),
+    tslib_1.__metadata("design:paramtypes", [tenant_service_1.TenantService,
+        auth_config_service_1.AuthConfigService])
+], InitializationService);

package/src/lib/core/services/jwt.service.d.ts ADDED Viewed

@@ -0,0 +1,23 @@
+import { AuthModuleOptions } from '../../core/interfaces/auth-module-options.interface';
+import { JWTTokenPayload } from '../../core/interfaces/token-payload.interface';
+export declare class JwtService {
+    private options;
+    constructor();
+    generateAccessToken(payload: Partial<JWTTokenPayload>): Promise<string>;
+    generateRefreshToken(payload: Partial<JWTTokenPayload>): Promise<string>;
+    verifyToken(token: string): Promise<JWTTokenPayload>;
+    generateTokens(payload: Partial<JWTTokenPayload>): Promise<{
+        accessToken: string;
+        refreshToken: string;
+    }>;
+    updateToken(token: string, payload: Partial<JWTTokenPayload>): Promise<string>;
+    decodeToken(token: string): JWTTokenPayload | null;
+    getConfig(): AuthModuleOptions;
+    generatePasswordResetToken(payload: {
+        userId: string;
+        passwordHashPrefix: string;
+        type: string;
+    }): Promise<string>;
+    verifyPasswordResetToken(token: string): Promise<any>;
+}
+//# sourceMappingURL=jwt.service.d.ts.map

package/src/lib/core/services/jwt.service.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"jwt.service.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/core/services/jwt.service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,iBAAiB,EAAE,MAAM,qDAAqD,CAAC;AACxF,OAAO,EAAE,eAAe,EAAE,MAAM,+CAA+C,CAAC;AAKhF,qBACa,UAAU;IAEnB,OAAO,CAAC,OAAO,CAAoB;;IAM7B,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,eAAe,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC;IAkBvE,oBAAoB,CAAC,OAAO,EAAE,OAAO,CAAC,eAAe,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC;IAkBxE,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC;IAapD,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC,eAAe,CAAC,GAAG,OAAO,CAAC;QAC7D,WAAW,EAAE,MAAM,CAAC;QACpB,YAAY,EAAE,MAAM,CAAC;KACxB,CAAC;IAYF,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,eAAe,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC;IAa9E,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,eAAe,GAAG,IAAI;IAQlD,SAAS,IAAI,iBAAiB;IAIxB,0BAA0B,CAAC,OAAO,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,kBAAkB,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IAkBlH,wBAAwB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;CAY9D"}

package/src/lib/core/services/jwt.service.js ADDED Viewed

@@ -0,0 +1,119 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.JwtService = void 0;
+const tslib_1 = require("tslib");
+const common_1 = require("@nestjs/common");
+const jsonwebtoken_1 = tslib_1.__importDefault(require("jsonwebtoken"));
+const ms_1 = tslib_1.__importDefault(require("ms"));
+const auth_config_service_1 = require("./auth-config.service");
+let JwtService = class JwtService {
+    constructor() {
+        this.options = auth_config_service_1.AuthConfigService.getOptions();
+    }
+    async generateAccessToken(payload) {
+        return new Promise((resolve, reject) => {
+            jsonwebtoken_1.default.sign({
+                ...payload,
+                type: 'access',
+                exp: Math.floor(Date.now() / 1000) + (0, ms_1.default)(this.options.session.sessionExpiry),
+                iat: Math.floor(Date.now() / 1000),
+            }, this.options.jwt.secret, (err, token) => {
+                if (err)
+                    reject(err);
+                else
+                    resolve(token);
+            });
+        });
+    }
+    async generateRefreshToken(payload) {
+        return new Promise((resolve, reject) => {
+            jsonwebtoken_1.default.sign({
+                ...payload,
+                type: 'refresh',
+                exp: Math.floor(Date.now() / 1000) + (0, ms_1.default)(this.options.session.refreshTokenExpiry),
+                iat: Math.floor(Date.now() / 1000),
+            }, this.options.jwt.secret, (err, token) => {
+                if (err)
+                    reject(err);
+                else
+                    resolve(token);
+            });
+        });
+    }
+    async verifyToken(token) {
+        return new Promise((resolve, reject) => {
+            jsonwebtoken_1.default.verify(token, this.options.jwt.secret, (err, decoded) => {
+                if (err)
+                    reject(err);
+                else
+                    resolve(decoded);
+            });
+        });
+    }
+    async generateTokens(payload) {
+        const [accessToken, refreshToken] = await Promise.all([
+            this.generateAccessToken(payload),
+            this.generateRefreshToken(payload),
+        ]);
+        return {
+            accessToken,
+            refreshToken,
+        };
+    }
+    updateToken(token, payload) {
+        return new Promise((resolve, reject) => {
+            const decoded = this.decodeToken(token);
+            if (!decoded)
+                reject(new Error('Invalid token'));
+            else {
+                jsonwebtoken_1.default.sign({ ...decoded, ...payload }, this.options.jwt.secret, { expiresIn: this.options.session.sessionExpiry }, (err, token) => {
+                    if (err)
+                        reject(err);
+                    else
+                        resolve(token);
+                });
+            }
+        });
+    }
+    decodeToken(token) {
+        try {
+            return jsonwebtoken_1.default.decode(token);
+        }
+        catch (error) {
+            return null;
+        }
+    }
+    getConfig() {
+        return this.options;
+    }
+    async generatePasswordResetToken(payload) {
+        return new Promise((resolve, reject) => {
+            const expiresIn = this.options.passwordResetTokenExpiresIn || '1h';
+            jsonwebtoken_1.default.sign({
+                ...payload,
+                exp: Math.floor(Date.now() / 1000) + (0, ms_1.default)(expiresIn),
+                iat: Math.floor(Date.now() / 1000),
+            }, this.options.jwt.secret, (err, token) => {
+                if (err)
+                    reject(err);
+                else
+                    resolve(token);
+            });
+        });
+    }
+    async verifyPasswordResetToken(token) {
+        return new Promise((resolve, reject) => {
+            jsonwebtoken_1.default.verify(token, this.options.jwt.secret, (err, decoded) => {
+                if (err)
+                    reject(err);
+                else
+                    resolve(decoded);
+            });
+        });
+    }
+};
+exports.JwtService = JwtService;
+exports.JwtService = JwtService = tslib_1.__decorate([
+    (0, common_1.Injectable)(),
+    tslib_1.__metadata("design:paramtypes", [])
+], JwtService);

package/src/lib/nest-auth.module.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { DynamicModule, MiddlewareConsumer } from '@nestjs/common';
+import { AuthModuleAsyncOptions, AuthModuleOptions } from './core/interfaces/auth-module-options.interface';
+export declare class NestAuthModule {
+    static forRoot(options: AuthModuleOptions): DynamicModule;
+    static forRootAsync(options: AuthModuleAsyncOptions): DynamicModule;
+    private static createAsyncProviders;
+    private static createAsyncOptionsProvider;
+    private static getOptions;
+    configure(consumer: MiddlewareConsumer): void;
+}
+//# sourceMappingURL=nest-auth.module.d.ts.map

package/src/lib/nest-auth.module.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"nest-auth.module.d.ts","sourceRoot":"","sources":["../../../../../packages/nest-auth/src/lib/nest-auth.module.ts"],"names":[],"mappings":"AAAA,OAAO,EAAU,aAAa,EAAE,kBAAkB,EAAY,MAAM,gBAAgB,CAAC;AAErF,OAAO,EAAE,sBAAsB,EAAE,iBAAiB,EAA4B,MAAM,iDAAiD,CAAC;AAetI,qBACa,cAAc;IACzB,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,iBAAiB,GAAG,aAAa;IAyCzD,MAAM,CAAC,YAAY,CAAC,OAAO,EAAE,sBAAsB,GAAG,aAAa;IAqCnE,OAAO,CAAC,MAAM,CAAC,oBAAoB;IAkBnC,OAAO,CAAC,MAAM,CAAC,0BAA0B;IA0BzC,OAAO,CAAC,MAAM,CAAC,UAAU;IAOzB,SAAS,CAAC,QAAQ,EAAE,kBAAkB;CAGvC"}

package/src/lib/nest-auth.module.js ADDED Viewed

@@ -0,0 +1,144 @@
+"use strict";
+var NestAuthModule_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NestAuthModule = void 0;
+const tslib_1 = require("tslib");
+const common_1 = require("@nestjs/common");
+const core_1 = require("@nestjs/core");
+const event_emitter_1 = require("@nestjs/event-emitter");
+const request_context_middleware_1 = require("./request-context/request-context.middleware");
+const auth_module_1 = require("./auth/auth.module");
+const user_module_1 = require("./user/user.module");
+const role_module_1 = require("./role/role.module");
+const session_module_1 = require("./session/session.module");
+const tenant_module_1 = require("./tenant/tenant.module");
+const core_module_1 = require("./core/core.module");
+const auth_config_service_1 = require("./core/services/auth-config.service");
+const refresh_token_interceptor_1 = require("./auth/interceptors/refresh-token.interceptor");
+const auth_constants_1 = require("./auth.constants");
+const admin_console_module_1 = require("./admin-console/admin-console.module");
+let NestAuthModule = NestAuthModule_1 = class NestAuthModule {
+    static forRoot(options) {
+        const mergedOptions = this.getOptions(options);
+        // Set options in static service
+        auth_config_service_1.AuthConfigService.setOptions(mergedOptions);
+        // Conditionally add refresh token interceptor (enabled by default)
+        const providers = [];
+        if (mergedOptions.enableAutoRefresh !== false) {
+            providers.push({
+                provide: core_1.APP_INTERCEPTOR,
+                useClass: refresh_token_interceptor_1.RefreshTokenInterceptor,
+            });
+        }
+        return {
+            module: NestAuthModule_1,
+            global: mergedOptions.isGlobal,
+            imports: [
+                event_emitter_1.EventEmitterModule,
+                core_module_1.CoreModule,
+                auth_module_1.AuthModule,
+                tenant_module_1.TenantModule,
+                user_module_1.UserModule,
+                role_module_1.RoleModule,
+                session_module_1.SessionModule,
+                admin_console_module_1.AdminConsoleModule,
+            ],
+            providers,
+            exports: [
+                core_module_1.CoreModule,
+                auth_module_1.AuthModule,
+                tenant_module_1.TenantModule,
+                user_module_1.UserModule,
+                role_module_1.RoleModule,
+                session_module_1.SessionModule,
+                admin_console_module_1.AdminConsoleModule,
+            ],
+        };
+    }
+    static forRootAsync(options) {
+        const asyncProviders = this.createAsyncProviders(options);
+        // Add refresh token interceptor provider (enabled by default)
+        const providers = [...asyncProviders];
+        if (options.enableAutoRefresh !== false) {
+            providers.push({
+                provide: core_1.APP_INTERCEPTOR,
+                useClass: refresh_token_interceptor_1.RefreshTokenInterceptor,
+            });
+        }
+        return {
+            module: NestAuthModule_1,
+            global: options.isGlobal,
+            imports: [
+                event_emitter_1.EventEmitterModule,
+                core_module_1.CoreModule,
+                auth_module_1.AuthModule,
+                tenant_module_1.TenantModule,
+                user_module_1.UserModule,
+                role_module_1.RoleModule,
+                session_module_1.SessionModule,
+                ...(options.imports || []),
+            ],
+            providers,
+            exports: [
+                core_module_1.CoreModule,
+                auth_module_1.AuthModule,
+                tenant_module_1.TenantModule,
+                user_module_1.UserModule,
+                role_module_1.RoleModule,
+                session_module_1.SessionModule,
+            ],
+        };
+    }
+    static createAsyncProviders(options) {
+        if (options.useExisting || options.useFactory) {
+            return [this.createAsyncOptionsProvider(options)];
+        }
+        if (options.useClass) {
+            return [
+                this.createAsyncOptionsProvider(options),
+                {
+                    provide: options.useClass,
+                    useClass: options.useClass,
+                },
+            ];
+        }
+        return [];
+    }
+    static createAsyncOptionsProvider(options) {
+        if (options.useFactory) {
+            return {
+                provide: auth_constants_1.NEST_AUTH_ASYNC_OPTIONS_PROVIDER,
+                useFactory: async (...args) => {
+                    const userOptions = await options.useFactory(...args);
+                    const mergedOptions = this.getOptions(userOptions);
+                    auth_config_service_1.AuthConfigService.setOptions(mergedOptions);
+                    return mergedOptions;
+                },
+                inject: options.inject || [],
+            };
+        }
+        return {
+            provide: auth_constants_1.NEST_AUTH_ASYNC_OPTIONS_PROVIDER,
+            useFactory: async (optionsFactory) => {
+                const userOptions = await optionsFactory.createAuthModuleOptions();
+                const mergedOptions = this.getOptions(userOptions);
+                auth_config_service_1.AuthConfigService.setOptions(mergedOptions);
+                return mergedOptions;
+            },
+            inject: [options.useExisting || options.useClass],
+        };
+    }
+    static getOptions(options) {
+        const deepmerge = require('deepmerge');
+        // Use default options from AuthConfigService - single source of truth
+        const defaultOptions = auth_config_service_1.AuthConfigService.getDefaultOptions();
+        return deepmerge(defaultOptions, options);
+    }
+    configure(consumer) {
+        consumer.apply(request_context_middleware_1.RequestContextMiddleware).forRoutes('auth/*');
+    }
+};
+exports.NestAuthModule = NestAuthModule;
+exports.NestAuthModule = NestAuthModule = NestAuthModule_1 = tslib_1.__decorate([
+    (0, common_1.Module)({})
+], NestAuthModule);

package/src/lib/permission/entities/permission.entity.d.ts ADDED Viewed

@@ -0,0 +1,27 @@
+import { BaseEntity } from 'typeorm';
+/**
+ * Permission Registry Entity
+ *
+ * This table acts as a registry/suggestions list for permissions.
+ * Roles store permission names as JSON strings (not foreign keys),
+ * so deleting a permission from this table won't break existing roles.
+ *
+ * Purpose:
+ * - Provides autocomplete/suggestions when adding permissions to roles
+ * - Prevents typos and ensures consistency
+ * - Allows tracking permission descriptions and metadata
+ * - Can be used for permission documentation/management
+ *
+ * Note: Permissions are unique per (name, guard) combination
+ */
+export declare class NestAuthPermission extends BaseEntity {
+    id: string;
+    name: string;
+    guard: string;
+    description?: string;
+    category?: string;
+    metadata?: Record<string, any>;
+    createdAt: Date;
+    updatedAt: Date;
+}
+//# sourceMappingURL=permission.entity.d.ts.map

package/src/lib/permission/entities/permission.entity.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"permission.entity.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/permission/entities/permission.entity.ts"],"names":[],"mappings":"AAAA,OAAO,EAMH,UAAU,EAGb,MAAM,SAAS,CAAC;AAGjB;;;;;;;;;;;;;;GAcG;AACH,qBAEa,kBAAmB,SAAQ,UAAU;IAE9C,EAAE,EAAE,MAAM,CAAC;IAIX,IAAI,EAAE,MAAM,CAAC;IAIb,KAAK,EAAE,MAAM,CAAC;IAGd,WAAW,CAAC,EAAE,MAAM,CAAC;IAGrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAGlB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAG/B,SAAS,EAAE,IAAI,CAAC;IAGhB,SAAS,EAAE,IAAI,CAAC;CACnB"}