@ackplus/nest-auth 1.1.1 → 1.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +2 -2
- package/src/{index.ts → index.d.ts} +2 -18
- package/src/index.d.ts.map +1 -0
- package/src/index.js +24 -0
- package/src/lib/admin-console/admin-console.module.d.ts +3 -0
- package/src/lib/admin-console/admin-console.module.d.ts.map +1 -0
- package/src/lib/admin-console/admin-console.module.js +69 -0
- package/src/lib/admin-console/controllers/admin-auth.controller.d.ts +134 -0
- package/src/lib/admin-console/controllers/admin-auth.controller.d.ts.map +1 -0
- package/src/lib/admin-console/controllers/admin-auth.controller.js +374 -0
- package/src/lib/admin-console/controllers/admin-console.controller.d.ts +14 -0
- package/src/lib/admin-console/controllers/admin-console.controller.d.ts.map +1 -0
- package/src/lib/admin-console/controllers/admin-console.controller.js +87 -0
- package/src/lib/admin-console/controllers/admin-permissions.controller.d.ts +86 -0
- package/src/lib/admin-console/controllers/admin-permissions.controller.d.ts.map +1 -0
- package/src/lib/admin-console/controllers/admin-permissions.controller.js +195 -0
- package/src/lib/admin-console/controllers/admin-roles.controller.d.ts +47 -0
- package/src/lib/admin-console/controllers/admin-roles.controller.d.ts.map +1 -0
- package/src/lib/admin-console/controllers/admin-roles.controller.js +95 -0
- package/src/lib/admin-console/controllers/admin-tenants.controller.d.ts +44 -0
- package/src/lib/admin-console/controllers/admin-tenants.controller.d.ts.map +1 -0
- package/src/lib/admin-console/controllers/admin-tenants.controller.js +86 -0
- package/src/lib/admin-console/controllers/admin-users.controller.d.ts +146 -0
- package/src/lib/admin-console/controllers/admin-users.controller.d.ts.map +1 -0
- package/src/lib/admin-console/controllers/admin-users.controller.js +400 -0
- package/src/lib/admin-console/decorators/current-admin.decorator.d.ts +2 -0
- package/src/lib/admin-console/decorators/current-admin.decorator.d.ts.map +1 -0
- package/src/lib/admin-console/decorators/current-admin.decorator.js +8 -0
- package/src/lib/admin-console/dto/admin-permission.dto.d.ts +16 -0
- package/src/lib/admin-console/dto/admin-permission.dto.d.ts.map +1 -0
- package/src/lib/admin-console/dto/admin-permission.dto.js +123 -0
- package/src/lib/admin-console/dto/admin-role.dto.d.ts +13 -0
- package/src/lib/admin-console/dto/admin-role.dto.d.ts.map +1 -0
- package/src/lib/admin-console/dto/admin-role.dto.js +53 -0
- package/src/lib/admin-console/dto/admin-tenant.dto.d.ts +13 -0
- package/src/lib/admin-console/dto/admin-tenant.dto.d.ts.map +1 -0
- package/src/lib/admin-console/dto/admin-tenant.dto.js +57 -0
- package/src/lib/admin-console/dto/admin-user.dto.d.ts +21 -0
- package/src/lib/admin-console/dto/admin-user.dto.d.ts.map +1 -0
- package/src/lib/admin-console/dto/admin-user.dto.js +94 -0
- package/src/lib/admin-console/dto/create-dashboard-admin.dto.d.ts +10 -0
- package/src/lib/admin-console/dto/create-dashboard-admin.dto.d.ts.map +1 -0
- package/src/lib/admin-console/dto/create-dashboard-admin.dto.js +39 -0
- package/src/lib/admin-console/dto/login.dto.d.ts +5 -0
- package/src/lib/admin-console/dto/login.dto.d.ts.map +1 -0
- package/src/lib/admin-console/dto/login.dto.js +17 -0
- package/src/lib/admin-console/dto/reset-password.dto.d.ts +6 -0
- package/src/lib/admin-console/dto/reset-password.dto.d.ts.map +1 -0
- package/src/lib/admin-console/dto/reset-password.dto.js +26 -0
- package/src/lib/admin-console/dto/setup-admin.dto.d.ts +7 -0
- package/src/lib/admin-console/dto/setup-admin.dto.d.ts.map +1 -0
- package/src/lib/admin-console/dto/setup-admin.dto.js +29 -0
- package/src/lib/admin-console/dto/signup.dto.d.ts +8 -0
- package/src/lib/admin-console/dto/signup.dto.d.ts.map +1 -0
- package/src/lib/admin-console/dto/signup.dto.js +58 -0
- package/src/lib/admin-console/entities/admin-user.entity.d.ts +16 -0
- package/src/lib/admin-console/entities/admin-user.entity.d.ts.map +1 -0
- package/src/lib/admin-console/entities/admin-user.entity.js +86 -0
- package/src/lib/admin-console/guards/admin-session.guard.d.ts +17 -0
- package/src/lib/admin-console/guards/admin-session.guard.d.ts.map +1 -0
- package/src/lib/admin-console/guards/admin-session.guard.js +40 -0
- package/src/lib/admin-console/services/admin-auth.service.d.ts +22 -0
- package/src/lib/admin-console/services/admin-auth.service.d.ts.map +1 -0
- package/src/lib/admin-console/services/admin-auth.service.js +77 -0
- package/src/lib/admin-console/services/admin-console-config.service.d.ts +17 -0
- package/src/lib/admin-console/services/admin-console-config.service.d.ts.map +1 -0
- package/src/lib/admin-console/services/admin-console-config.service.js +58 -0
- package/src/lib/admin-console/services/admin-session.service.d.ts +27 -0
- package/src/lib/admin-console/services/admin-session.service.d.ts.map +1 -0
- package/src/lib/admin-console/services/admin-session.service.js +94 -0
- package/src/lib/admin-console/services/admin-user.service.d.ts +24 -0
- package/src/lib/admin-console/services/admin-user.service.d.ts.map +1 -0
- package/src/lib/admin-console/services/admin-user.service.js +87 -0
- package/src/lib/auth/auth.module.d.ts +3 -0
- package/src/lib/auth/auth.module.d.ts.map +1 -0
- package/src/lib/auth/auth.module.js +64 -0
- package/src/lib/auth/controllers/auth.controller.d.ts +67 -0
- package/src/lib/auth/controllers/auth.controller.d.ts.map +1 -0
- package/src/lib/auth/controllers/auth.controller.js +471 -0
- package/src/lib/auth/controllers/mfa.controller.d.ts +34 -0
- package/src/lib/auth/controllers/mfa.controller.d.ts.map +1 -0
- package/src/lib/auth/controllers/mfa.controller.js +230 -0
- package/src/lib/auth/dto/credentials/email-credentials.dto.d.ts +8 -0
- package/src/lib/auth/dto/credentials/email-credentials.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/credentials/email-credentials.dto.js +31 -0
- package/src/lib/auth/dto/credentials/phone-credentials.dto.d.ts +8 -0
- package/src/lib/auth/dto/credentials/phone-credentials.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/credentials/phone-credentials.dto.js +31 -0
- package/src/lib/auth/dto/credentials/social-credentials.dto.d.ts +7 -0
- package/src/lib/auth/dto/credentials/social-credentials.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/credentials/social-credentials.dto.js +21 -0
- package/src/lib/auth/dto/index.d.ts +1 -0
- package/src/lib/auth/dto/index.d.ts.map +1 -0
- package/src/lib/auth/dto/index.js +0 -0
- package/src/lib/auth/dto/requests/change-password.request.dto.d.ts +5 -0
- package/src/lib/auth/dto/requests/change-password.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/change-password.request.dto.js +42 -0
- package/src/lib/auth/dto/requests/forgot-password.request.dto.d.ts +6 -0
- package/src/lib/auth/dto/requests/forgot-password.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/forgot-password.request.dto.js +38 -0
- package/src/lib/auth/dto/requests/initialize-admin.request.dto.d.ts +8 -0
- package/src/lib/auth/dto/requests/initialize-admin.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/initialize-admin.request.dto.js +58 -0
- package/src/lib/auth/dto/requests/login.request.dto.d.ts +13 -0
- package/src/lib/auth/dto/requests/login.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/login.request.dto.js +75 -0
- package/src/lib/auth/dto/requests/refresh-token.request.dto.d.ts +4 -0
- package/src/lib/auth/dto/requests/refresh-token.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/refresh-token.request.dto.js +18 -0
- package/src/lib/auth/dto/requests/reset-password-with-token.request.dto.d.ts +5 -0
- package/src/lib/auth/dto/requests/reset-password-with-token.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/reset-password-with-token.request.dto.js +29 -0
- package/src/lib/auth/dto/requests/reset-password.request.dto.d.ts +8 -0
- package/src/lib/auth/dto/requests/reset-password.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/reset-password.request.dto.js +60 -0
- package/src/lib/auth/dto/requests/send-email-verification.request.dto.d.ts +4 -0
- package/src/lib/auth/dto/requests/send-email-verification.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/send-email-verification.request.dto.js +18 -0
- package/src/lib/auth/dto/requests/send-mfa-code.request.dto.d.ts +5 -0
- package/src/lib/auth/dto/requests/send-mfa-code.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/send-mfa-code.request.dto.js +25 -0
- package/src/lib/auth/dto/requests/signup.request.dto.d.ts +8 -0
- package/src/lib/auth/dto/requests/signup.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/signup.request.dto.js +49 -0
- package/src/lib/auth/dto/requests/toggle-mfa.request.dto.d.ts +4 -0
- package/src/lib/auth/dto/requests/toggle-mfa.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/toggle-mfa.request.dto.js +18 -0
- package/src/lib/auth/dto/requests/verify-2fa.request.dto.d.ts +6 -0
- package/src/lib/auth/dto/requests/verify-2fa.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/verify-2fa.request.dto.js +31 -0
- package/src/lib/auth/dto/requests/verify-email.request.dto.d.ts +5 -0
- package/src/lib/auth/dto/requests/verify-email.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/verify-email.request.dto.js +29 -0
- package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.d.ts +7 -0
- package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.js +49 -0
- package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.d.ts +5 -0
- package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.js +29 -0
- package/src/lib/auth/dto/responses/auth-cookie.response.dto.d.ts +41 -0
- package/src/lib/auth/dto/responses/auth-cookie.response.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/responses/{auth-cookie.response.dto.ts → auth-cookie.response.dto.js} +18 -11
- package/src/lib/auth/dto/responses/auth-success.response.dto.d.ts +41 -0
- package/src/lib/auth/dto/responses/auth-success.response.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/responses/{auth-success.response.dto.ts → auth-success.response.dto.js} +18 -11
- package/src/lib/auth/dto/responses/auth.response.dto.d.ts +40 -0
- package/src/lib/auth/dto/responses/auth.response.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/responses/auth.response.dto.js +112 -0
- package/src/lib/auth/dto/responses/client-config.response.dto.d.ts +58 -0
- package/src/lib/auth/dto/responses/client-config.response.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/responses/client-config.response.dto.js +202 -0
- package/src/lib/auth/dto/responses/initialize-admin.response.dto.d.ts +7 -0
- package/src/lib/auth/dto/responses/initialize-admin.response.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/responses/initialize-admin.response.dto.js +30 -0
- package/src/lib/auth/dto/responses/mfa-code-response.dto.d.ts +7 -0
- package/src/lib/auth/dto/responses/mfa-code-response.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/responses/mfa-code-response.dto.js +36 -0
- package/src/lib/auth/dto/responses/mfa-status.response.dto.d.ts +19 -0
- package/src/lib/auth/dto/responses/mfa-status.response.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/responses/mfa-status.response.dto.js +108 -0
- package/src/lib/auth/dto/responses/verify-otp.response.dto.d.ts +5 -0
- package/src/lib/auth/dto/responses/verify-otp.response.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/responses/verify-otp.response.dto.js +16 -0
- package/src/lib/auth/entities/mfa-secret.entity.d.ts +13 -0
- package/src/lib/auth/entities/mfa-secret.entity.d.ts.map +1 -0
- package/src/lib/auth/entities/mfa-secret.entity.js +49 -0
- package/src/lib/auth/entities/otp.entity.d.ts +14 -0
- package/src/lib/auth/entities/otp.entity.d.ts.map +1 -0
- package/src/lib/auth/entities/otp.entity.js +49 -0
- package/src/lib/auth/events/{logged-out-all.event.ts → logged-out-all.event.d.ts} +4 -6
- package/src/lib/auth/events/logged-out-all.event.d.ts.map +1 -0
- package/src/lib/auth/events/logged-out-all.event.js +9 -0
- package/src/lib/auth/events/{logged-out.event.ts → logged-out.event.d.ts} +4 -5
- package/src/lib/auth/events/logged-out.event.d.ts.map +1 -0
- package/src/lib/auth/events/logged-out.event.js +9 -0
- package/src/lib/auth/events/{password-reset-requested.event.ts → password-reset-requested.event.d.ts} +4 -6
- package/src/lib/auth/events/password-reset-requested.event.d.ts.map +1 -0
- package/src/lib/auth/events/password-reset-requested.event.js +9 -0
- package/src/lib/auth/events/{password-reset.event.ts → password-reset.event.d.ts} +4 -6
- package/src/lib/auth/events/password-reset.event.d.ts.map +1 -0
- package/src/lib/auth/events/password-reset.event.js +9 -0
- package/src/lib/auth/events/{user-2fa-verified.event.ts → user-2fa-verified.event.d.ts} +4 -6
- package/src/lib/auth/events/user-2fa-verified.event.d.ts.map +1 -0
- package/src/lib/auth/events/user-2fa-verified.event.js +9 -0
- package/src/lib/auth/events/{user-logged-in.event.ts → user-logged-in.event.d.ts} +4 -7
- package/src/lib/auth/events/user-logged-in.event.d.ts.map +1 -0
- package/src/lib/auth/events/user-logged-in.event.js +10 -0
- package/src/lib/auth/events/{user-refresh-token.event.ts → user-refresh-token.event.d.ts} +4 -6
- package/src/lib/auth/events/user-refresh-token.event.d.ts.map +1 -0
- package/src/lib/auth/events/user-refresh-token.event.js +9 -0
- package/src/lib/auth/events/{user-registered.event.ts → user-registered.event.d.ts} +4 -7
- package/src/lib/auth/events/user-registered.event.d.ts.map +1 -0
- package/src/lib/auth/events/user-registered.event.js +10 -0
- package/src/lib/auth/guards/auth.guard.d.ts +56 -0
- package/src/lib/auth/guards/auth.guard.d.ts.map +1 -0
- package/src/lib/auth/guards/{auth.guard.ts → auth.guard.js} +92 -135
- package/src/lib/auth/{index.ts → index.d.ts} +1 -13
- package/src/lib/auth/index.d.ts.map +1 -0
- package/src/lib/auth/index.js +51 -0
- package/src/lib/auth/interceptors/refresh-token.interceptor.d.ts +43 -0
- package/src/lib/auth/interceptors/refresh-token.interceptor.d.ts.map +1 -0
- package/src/lib/auth/interceptors/{refresh-token.interceptor.ts → refresh-token.interceptor.js} +38 -40
- package/src/lib/auth/services/auth.service.d.ts +67 -0
- package/src/lib/auth/services/auth.service.d.ts.map +1 -0
- package/src/lib/auth/services/{auth.service.ts → auth.service.js} +262 -475
- package/src/lib/auth/services/client-config.service.d.ts +12 -0
- package/src/lib/auth/services/client-config.service.d.ts.map +1 -0
- package/src/lib/auth/services/{client-config.service.ts → client-config.service.js} +28 -33
- package/src/lib/auth/services/cookie.service.d.ts +10 -0
- package/src/lib/auth/services/cookie.service.d.ts.map +1 -0
- package/src/lib/auth/services/cookie.service.js +42 -0
- package/src/lib/auth/services/mfa.service.d.ts +45 -0
- package/src/lib/auth/services/mfa.service.d.ts.map +1 -0
- package/src/lib/auth/services/{mfa.service.ts → mfa.service.js} +105 -184
- package/src/lib/auth.constants.d.ts +43 -0
- package/src/lib/auth.constants.d.ts.map +1 -0
- package/src/lib/auth.constants.js +54 -0
- package/src/lib/core/core.module.d.ts +7 -0
- package/src/lib/core/core.module.d.ts.map +1 -0
- package/src/lib/core/core.module.js +57 -0
- package/src/lib/core/decorators/{auth.decorator.ts → auth.decorator.d.ts} +2 -7
- package/src/lib/core/decorators/auth.decorator.d.ts.map +1 -0
- package/src/lib/core/decorators/auth.decorator.js +38 -0
- package/src/lib/core/decorators/permissions.decorator.d.ts +8 -0
- package/src/lib/core/decorators/permissions.decorator.d.ts.map +1 -0
- package/src/lib/core/decorators/permissions.decorator.js +18 -0
- package/src/lib/core/decorators/{public.decorator.ts → public.decorator.d.ts} +3 -5
- package/src/lib/core/decorators/public.decorator.d.ts.map +1 -0
- package/src/lib/core/decorators/public.decorator.js +35 -0
- package/src/lib/core/decorators/role.decorator.d.ts +4 -0
- package/src/lib/core/decorators/role.decorator.d.ts.map +1 -0
- package/src/lib/core/decorators/role.decorator.js +13 -0
- package/src/lib/core/decorators/skip-mfa.decorator.d.ts +3 -0
- package/src/lib/core/decorators/skip-mfa.decorator.d.ts.map +1 -0
- package/src/lib/core/decorators/skip-mfa.decorator.js +7 -0
- package/src/lib/core/dto/message.response.dto.d.ts +4 -0
- package/src/lib/core/dto/message.response.dto.d.ts.map +1 -0
- package/src/lib/core/dto/message.response.dto.js +12 -0
- package/src/lib/core/{entities.ts → entities.d.ts} +2 -14
- package/src/lib/core/entities.d.ts.map +1 -0
- package/src/lib/core/entities.js +37 -0
- package/src/lib/core/{index.ts → index.d.ts} +1 -15
- package/src/lib/core/index.d.ts.map +1 -0
- package/src/lib/core/index.js +35 -0
- package/src/lib/core/interfaces/{auth-module-options.interface.ts → auth-module-options.interface.d.ts} +13 -16
- package/src/lib/core/interfaces/auth-module-options.interface.d.ts.map +1 -0
- package/src/lib/core/interfaces/auth-module-options.interface.js +2 -0
- package/src/lib/core/interfaces/mfa-options.interface.d.ts +26 -0
- package/src/lib/core/interfaces/mfa-options.interface.d.ts.map +1 -0
- package/src/lib/core/interfaces/mfa-options.interface.js +9 -0
- package/src/lib/core/interfaces/otp.interface.d.ts +6 -0
- package/src/lib/core/interfaces/otp.interface.d.ts.map +1 -0
- package/src/lib/core/interfaces/otp.interface.js +9 -0
- package/src/lib/core/interfaces/session-options.interface.d.ts +16 -0
- package/src/lib/core/interfaces/session-options.interface.d.ts.map +1 -0
- package/src/lib/core/interfaces/session-options.interface.js +9 -0
- package/src/lib/core/interfaces/{token-payload.interface.ts → token-payload.interface.d.ts} +2 -4
- package/src/lib/core/interfaces/token-payload.interface.d.ts.map +1 -0
- package/src/lib/core/interfaces/token-payload.interface.js +2 -0
- package/src/lib/core/providers/apple-auth.provider.d.ts +19 -0
- package/src/lib/core/providers/apple-auth.provider.d.ts.map +1 -0
- package/src/lib/core/providers/apple-auth.provider.js +56 -0
- package/src/lib/core/providers/base-auth.provider.d.ts +33 -0
- package/src/lib/core/providers/base-auth.provider.d.ts.map +1 -0
- package/src/lib/core/providers/base-auth.provider.js +48 -0
- package/src/lib/core/providers/email-auth.provider.d.ts +31 -0
- package/src/lib/core/providers/email-auth.provider.d.ts.map +1 -0
- package/src/lib/core/providers/email-auth.provider.js +66 -0
- package/src/lib/core/providers/facebook-auth.provider.d.ts +19 -0
- package/src/lib/core/providers/facebook-auth.provider.d.ts.map +1 -0
- package/src/lib/core/providers/facebook-auth.provider.js +55 -0
- package/src/lib/core/providers/github-auth.provider.d.ts +24 -0
- package/src/lib/core/providers/github-auth.provider.d.ts.map +1 -0
- package/src/lib/core/providers/{github-auth.provider.ts → github-auth.provider.js} +31 -36
- package/src/lib/core/providers/google-auth.provider.d.ts +22 -0
- package/src/lib/core/providers/google-auth.provider.d.ts.map +1 -0
- package/src/lib/core/providers/google-auth.provider.js +57 -0
- package/src/lib/core/providers/jwt-auth.provider.d.ts +34 -0
- package/src/lib/core/providers/jwt-auth.provider.d.ts.map +1 -0
- package/src/lib/core/providers/jwt-auth.provider.js +49 -0
- package/src/lib/core/providers/phone-auth.provider.d.ts +19 -0
- package/src/lib/core/providers/phone-auth.provider.d.ts.map +1 -0
- package/src/lib/core/providers/phone-auth.provider.js +42 -0
- package/src/lib/core/services/auth-config.service.d.ts +39 -0
- package/src/lib/core/services/auth-config.service.d.ts.map +1 -0
- package/src/lib/core/services/auth-config.service.js +167 -0
- package/src/lib/core/services/auth-provider-registry.service.d.ts +42 -0
- package/src/lib/core/services/auth-provider-registry.service.d.ts.map +1 -0
- package/src/lib/core/services/auth-provider-registry.service.js +91 -0
- package/src/lib/core/services/debug-logger.service.d.ts +39 -0
- package/src/lib/core/services/debug-logger.service.d.ts.map +1 -0
- package/src/lib/core/services/{debug-logger.service.ts → debug-logger.service.js} +57 -88
- package/src/lib/core/services/initialization.service.d.ts +11 -0
- package/src/lib/core/services/initialization.service.d.ts.map +1 -0
- package/src/lib/core/services/initialization.service.js +35 -0
- package/src/lib/core/services/jwt.service.d.ts +23 -0
- package/src/lib/core/services/jwt.service.d.ts.map +1 -0
- package/src/lib/core/services/jwt.service.js +119 -0
- package/src/lib/nest-auth.module.d.ts +11 -0
- package/src/lib/nest-auth.module.d.ts.map +1 -0
- package/src/lib/nest-auth.module.js +144 -0
- package/src/lib/permission/entities/permission.entity.d.ts +27 -0
- package/src/lib/permission/entities/permission.entity.d.ts.map +1 -0
- package/src/lib/permission/entities/permission.entity.js +62 -0
- package/src/lib/permission/{index.ts → index.d.ts} +1 -1
- package/src/lib/permission/index.d.ts.map +1 -0
- package/src/lib/permission/index.js +6 -0
- package/src/lib/permission/permission.module.d.ts +3 -0
- package/src/lib/permission/permission.module.d.ts.map +1 -0
- package/src/lib/permission/permission.module.js +20 -0
- package/src/lib/permission/services/permission.service.d.ts +44 -0
- package/src/lib/permission/services/permission.service.d.ts.map +1 -0
- package/src/lib/permission/services/{permission.service.ts → permission.service.js} +48 -108
- package/src/lib/request-context/{index.ts → index.d.ts} +1 -0
- package/src/lib/request-context/index.d.ts.map +1 -0
- package/src/lib/request-context/index.js +5 -0
- package/src/lib/request-context/request-context.d.ts +23 -0
- package/src/lib/request-context/request-context.d.ts.map +1 -0
- package/src/lib/request-context/{request-context.ts → request-context.js} +26 -44
- package/src/lib/request-context/request-context.middleware.d.ts +5 -0
- package/src/lib/request-context/request-context.middleware.d.ts.map +1 -0
- package/src/lib/request-context/request-context.middleware.js +15 -0
- package/src/lib/role/entities/role.entity.d.ts +21 -0
- package/src/lib/role/entities/role.entity.d.ts.map +1 -0
- package/src/lib/role/entities/role.entity.js +110 -0
- package/src/lib/role/{index.ts → index.d.ts} +1 -2
- package/src/lib/role/index.d.ts.map +1 -0
- package/src/lib/role/index.js +5 -0
- package/src/lib/role/role.module.d.ts +3 -0
- package/src/lib/role/role.module.d.ts.map +1 -0
- package/src/lib/role/role.module.js +22 -0
- package/src/lib/role/services/role.service.d.ts +21 -0
- package/src/lib/role/services/role.service.d.ts.map +1 -0
- package/src/lib/role/services/{role.service.ts → role.service.js} +51 -107
- package/src/lib/session/entities/session.entity.d.ts +17 -0
- package/src/lib/session/entities/session.entity.d.ts.map +1 -0
- package/src/lib/session/entities/session.entity.js +62 -0
- package/src/lib/session/{index.ts → index.d.ts} +1 -11
- package/src/lib/session/index.d.ts.map +1 -0
- package/src/lib/session/index.js +18 -0
- package/src/lib/session/interfaces/{session-repository.interface.ts → session-repository.interface.d.ts} +1 -10
- package/src/lib/session/interfaces/session-repository.interface.d.ts.map +1 -0
- package/src/lib/session/interfaces/session-repository.interface.js +2 -0
- package/src/lib/session/repositories/{base-session.repository.ts → base-session.repository.d.ts} +7 -41
- package/src/lib/session/repositories/base-session.repository.d.ts.map +1 -0
- package/src/lib/session/repositories/base-session.repository.js +59 -0
- package/src/lib/session/repositories/memory-session.repository.d.ts +27 -0
- package/src/lib/session/repositories/memory-session.repository.d.ts.map +1 -0
- package/src/lib/session/repositories/{memory-session.repository.ts → memory-session.repository.js} +41 -61
- package/src/lib/session/repositories/redis-session.repository.d.ts +30 -0
- package/src/lib/session/repositories/redis-session.repository.d.ts.map +1 -0
- package/src/lib/session/repositories/{redis-session.repository.ts → redis-session.repository.js} +45 -75
- package/src/lib/session/repositories/typeorm-session.repository.d.ts +23 -0
- package/src/lib/session/repositories/typeorm-session.repository.d.ts.map +1 -0
- package/src/lib/session/repositories/typeorm-session.repository.js +79 -0
- package/src/lib/session/services/session-manager.service.d.ts +100 -0
- package/src/lib/session/services/session-manager.service.d.ts.map +1 -0
- package/src/lib/session/services/{session-manager.service.ts → session-manager.service.js} +54 -94
- package/src/lib/session/session.module.d.ts +14 -0
- package/src/lib/session/session.module.d.ts.map +1 -0
- package/src/lib/session/session.module.js +96 -0
- package/src/lib/session/utils/session.util.d.ts +73 -0
- package/src/lib/session/utils/session.util.d.ts.map +1 -0
- package/src/lib/session/utils/{session.util.ts → session.util.js} +24 -63
- package/src/lib/tenant/entities/{tenant.entity.ts → tenant.entity.d.ts} +2 -21
- package/src/lib/tenant/entities/tenant.entity.d.ts.map +1 -0
- package/src/lib/tenant/entities/tenant.entity.js +47 -0
- package/src/lib/tenant/events/tenant-created.event.d.ts +9 -0
- package/src/lib/tenant/events/tenant-created.event.d.ts.map +1 -0
- package/src/lib/tenant/events/tenant-created.event.js +9 -0
- package/src/lib/tenant/events/tenant-deleted.event.d.ts +9 -0
- package/src/lib/tenant/events/tenant-deleted.event.d.ts.map +1 -0
- package/src/lib/tenant/events/tenant-deleted.event.js +9 -0
- package/src/lib/tenant/events/tenant-updated.event.d.ts +10 -0
- package/src/lib/tenant/events/tenant-updated.event.d.ts.map +1 -0
- package/src/lib/tenant/events/tenant-updated.event.js +9 -0
- package/src/lib/tenant/{index.ts → index.d.ts} +1 -2
- package/src/lib/tenant/index.d.ts.map +1 -0
- package/src/lib/tenant/index.js +14 -0
- package/src/lib/tenant/services/tenant.service.d.ts +35 -0
- package/src/lib/tenant/services/tenant.service.d.ts.map +1 -0
- package/src/lib/tenant/services/{tenant.service.ts → tenant.service.js} +83 -137
- package/src/lib/tenant/tenant.module.d.ts +3 -0
- package/src/lib/tenant/tenant.module.d.ts.map +1 -0
- package/src/lib/tenant/tenant.module.js +26 -0
- package/src/lib/user/dto/requests/update-user.dto.d.ts +6 -0
- package/src/lib/user/dto/requests/update-user.dto.d.ts.map +1 -0
- package/src/lib/user/dto/requests/update-user.dto.js +23 -0
- package/src/lib/user/entities/access-key.entity.d.ts +17 -0
- package/src/lib/user/entities/access-key.entity.d.ts.map +1 -0
- package/src/lib/user/entities/access-key.entity.js +62 -0
- package/src/lib/user/entities/identity.entity.d.ts +13 -0
- package/src/lib/user/entities/identity.entity.d.ts.map +1 -0
- package/src/lib/user/entities/identity.entity.js +46 -0
- package/src/lib/user/entities/user.entity.d.ts +40 -0
- package/src/lib/user/entities/user.entity.d.ts.map +1 -0
- package/src/lib/user/entities/user.entity.js +218 -0
- package/src/lib/user/events/user-created.event.d.ts +10 -0
- package/src/lib/user/events/user-created.event.d.ts.map +1 -0
- package/src/lib/user/events/user-created.event.js +9 -0
- package/src/lib/user/events/user-deleted.event.d.ts +10 -0
- package/src/lib/user/events/user-deleted.event.d.ts.map +1 -0
- package/src/lib/user/events/user-deleted.event.js +9 -0
- package/src/lib/user/events/user-updated.event.d.ts +11 -0
- package/src/lib/user/events/user-updated.event.d.ts.map +1 -0
- package/src/lib/user/events/user-updated.event.js +9 -0
- package/src/lib/user/{index.ts → index.d.ts} +1 -5
- package/src/lib/user/index.d.ts.map +1 -0
- package/src/lib/user/index.js +12 -0
- package/src/lib/user/services/access-key.service.d.ts +20 -0
- package/src/lib/user/services/access-key.service.d.ts.map +1 -0
- package/src/lib/user/services/access-key.service.js +121 -0
- package/src/lib/user/services/user.service.d.ts +28 -0
- package/src/lib/user/services/user.service.d.ts.map +1 -0
- package/src/lib/user/services/{user.service.ts → user.service.js} +92 -164
- package/src/lib/user/user.module.d.ts +3 -0
- package/src/lib/user/user.module.d.ts.map +1 -0
- package/src/lib/user/user.module.js +33 -0
- package/src/lib/utils/database.utils.d.ts +3 -0
- package/src/lib/utils/database.utils.d.ts.map +1 -0
- package/src/lib/utils/database.utils.js +7 -0
- package/src/lib/utils/date.util.d.ts +41 -0
- package/src/lib/utils/date.util.d.ts.map +1 -0
- package/src/lib/utils/{date.util.ts → date.util.js} +28 -35
- package/src/lib/utils/device.util.d.ts +50 -0
- package/src/lib/utils/device.util.d.ts.map +1 -0
- package/src/lib/utils/device.util.js +114 -0
- package/src/lib/utils/{index.ts → index.d.ts} +1 -0
- package/src/lib/utils/index.d.ts.map +1 -0
- package/src/lib/utils/index.js +9 -0
- package/src/lib/utils/otp.d.ts +2 -0
- package/src/lib/utils/otp.d.ts.map +1 -0
- package/src/lib/utils/otp.js +6 -0
- package/src/lib/utils/security.util.d.ts +11 -0
- package/src/lib/utils/security.util.d.ts.map +1 -0
- package/src/lib/utils/{security.util.ts → security.util.js} +10 -9
- package/src/lib/utils/slug.util.d.ts +38 -0
- package/src/lib/utils/slug.util.d.ts.map +1 -0
- package/src/lib/utils/{slug.util.ts → slug.util.js} +10 -9
- package/eslint.config.mjs +0 -59
- package/jest.config.ts +0 -10
- package/project.json +0 -86
- package/src/lib/admin-console/admin-console.module.ts +0 -62
- package/src/lib/admin-console/controllers/admin-auth.controller.ts +0 -339
- package/src/lib/admin-console/controllers/admin-console.controller.ts +0 -82
- package/src/lib/admin-console/controllers/admin-permissions.controller.ts +0 -180
- package/src/lib/admin-console/controllers/admin-roles.controller.ts +0 -89
- package/src/lib/admin-console/controllers/admin-tenants.controller.ts +0 -68
- package/src/lib/admin-console/controllers/admin-users.controller.ts +0 -379
- package/src/lib/admin-console/decorators/current-admin.decorator.ts +0 -9
- package/src/lib/admin-console/dto/admin-permission.dto.ts +0 -106
- package/src/lib/admin-console/dto/admin-role.dto.ts +0 -45
- package/src/lib/admin-console/dto/admin-tenant.dto.ts +0 -43
- package/src/lib/admin-console/dto/admin-user.dto.ts +0 -87
- package/src/lib/admin-console/dto/create-dashboard-admin.dto.ts +0 -34
- package/src/lib/admin-console/dto/login.dto.ts +0 -10
- package/src/lib/admin-console/dto/reset-password.dto.ts +0 -21
- package/src/lib/admin-console/dto/setup-admin.dto.ts +0 -23
- package/src/lib/admin-console/dto/signup.dto.ts +0 -51
- package/src/lib/admin-console/entities/admin-user.entity.ts +0 -74
- package/src/lib/admin-console/guards/admin-session.guard.ts +0 -47
- package/src/lib/admin-console/services/admin-auth.service.ts +0 -82
- package/src/lib/admin-console/services/admin-console-config.service.ts +0 -62
- package/src/lib/admin-console/services/admin-session.service.ts +0 -106
- package/src/lib/admin-console/services/admin-user.service.ts +0 -96
- package/src/lib/auth/auth.module.ts +0 -58
- package/src/lib/auth/controllers/auth.controller.ts +0 -393
- package/src/lib/auth/controllers/mfa.controller.ts +0 -200
- package/src/lib/auth/dto/credentials/email-credentials.dto.ts +0 -24
- package/src/lib/auth/dto/credentials/phone-credentials.dto.ts +0 -24
- package/src/lib/auth/dto/credentials/social-credentials.dto.ts +0 -15
- package/src/lib/auth/dto/index.ts +0 -1
- package/src/lib/auth/dto/requests/change-password.request.dto.ts +0 -34
- package/src/lib/auth/dto/requests/forgot-password.request.dto.ts +0 -30
- package/src/lib/auth/dto/requests/initialize-admin.request.dto.ts +0 -51
- package/src/lib/auth/dto/requests/login.request.dto.ts +0 -65
- package/src/lib/auth/dto/requests/refresh-token.request.dto.ts +0 -12
- package/src/lib/auth/dto/requests/reset-password-with-token.request.dto.ts +0 -22
- package/src/lib/auth/dto/requests/reset-password.request.dto.ts +0 -50
- package/src/lib/auth/dto/requests/send-email-verification.request.dto.ts +0 -12
- package/src/lib/auth/dto/requests/send-mfa-code.request.dto.ts +0 -19
- package/src/lib/auth/dto/requests/signup.request.dto.ts +0 -42
- package/src/lib/auth/dto/requests/toggle-mfa.request.dto.ts +0 -12
- package/src/lib/auth/dto/requests/verify-2fa.request.dto.ts +0 -24
- package/src/lib/auth/dto/requests/verify-email.request.dto.ts +0 -22
- package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.ts +0 -41
- package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.ts +0 -22
- package/src/lib/auth/dto/responses/auth.response.dto.ts +0 -99
- package/src/lib/auth/dto/responses/client-config.response.dto.ts +0 -153
- package/src/lib/auth/dto/responses/initialize-admin.response.dto.ts +0 -22
- package/src/lib/auth/dto/responses/mfa-code-response.dto.ts +0 -27
- package/src/lib/auth/dto/responses/mfa-status.response.dto.ts +0 -89
- package/src/lib/auth/dto/responses/verify-otp.response.dto.ts +0 -9
- package/src/lib/auth/entities/mfa-secret.entity.ts +0 -33
- package/src/lib/auth/entities/otp.entity.ts +0 -33
- package/src/lib/auth/services/cookie.service.ts +0 -43
- package/src/lib/auth.constants.ts +0 -63
- package/src/lib/core/core.module.ts +0 -50
- package/src/lib/core/decorators/permissions.decorator.ts +0 -17
- package/src/lib/core/decorators/role.decorator.ts +0 -12
- package/src/lib/core/decorators/skip-mfa.decorator.ts +0 -4
- package/src/lib/core/dto/message.response.dto.ts +0 -6
- package/src/lib/core/interfaces/mfa-options.interface.ts +0 -46
- package/src/lib/core/interfaces/otp.interface.ts +0 -6
- package/src/lib/core/interfaces/session-options.interface.ts +0 -19
- package/src/lib/core/providers/apple-auth.provider.ts +0 -61
- package/src/lib/core/providers/base-auth.provider.ts +0 -74
- package/src/lib/core/providers/email-auth.provider.ts +0 -71
- package/src/lib/core/providers/facebook-auth.provider.ts +0 -55
- package/src/lib/core/providers/google-auth.provider.ts +0 -61
- package/src/lib/core/providers/jwt-auth.provider.ts +0 -50
- package/src/lib/core/providers/phone-auth.provider.ts +0 -45
- package/src/lib/core/services/auth-config.service.ts +0 -184
- package/src/lib/core/services/auth-provider-registry.service.ts +0 -93
- package/src/lib/core/services/initialization.service.ts +0 -29
- package/src/lib/core/services/jwt.service.ts +0 -137
- package/src/lib/nest-auth.module.ts +0 -152
- package/src/lib/permission/entities/permission.entity.ts +0 -56
- package/src/lib/permission/permission.module.ts +0 -14
- package/src/lib/request-context/request-context.middleware.ts +0 -13
- package/src/lib/role/entities/role.entity.ts +0 -103
- package/src/lib/role/role.module.ts +0 -15
- package/src/lib/session/entities/session.entity.ts +0 -54
- package/src/lib/session/repositories/typeorm-session.repository.ts +0 -86
- package/src/lib/session/session.module.ts +0 -102
- package/src/lib/tenant/events/tenant-created.event.ts +0 -9
- package/src/lib/tenant/events/tenant-deleted.event.ts +0 -11
- package/src/lib/tenant/events/tenant-updated.event.ts +0 -12
- package/src/lib/tenant/tenant.module.ts +0 -19
- package/src/lib/types/express.d.ts +0 -14
- package/src/lib/user/dto/requests/update-user.dto.ts +0 -15
- package/src/lib/user/entities/access-key.entity.ts +0 -53
- package/src/lib/user/entities/identity.entity.ts +0 -31
- package/src/lib/user/entities/user.entity.ts +0 -212
- package/src/lib/user/events/user-created.event.ts +0 -10
- package/src/lib/user/events/user-deleted.event.ts +0 -12
- package/src/lib/user/events/user-updated.event.ts +0 -13
- package/src/lib/user/services/access-key.service.ts +0 -145
- package/src/lib/user/user.module.ts +0 -26
- package/src/lib/utils/database.utils.ts +0 -6
- package/src/lib/utils/device.util.ts +0 -111
- package/src/lib/utils/otp.ts +0 -3
- package/src/types/ms.d.ts +0 -1
- package/test/access-key.service.spec.ts +0 -204
- package/test/auth.service.spec.ts +0 -541
- package/test/mfa.service.spec.ts +0 -359
- package/test/role.service.spec.ts +0 -418
- package/test/tenant.service.spec.ts +0 -218
- package/test/test.setup.ts +0 -66
- package/test/user.service.spec.ts +0 -374
- package/tsconfig.json +0 -17
- package/tsconfig.lib.json +0 -15
- package/tsconfig.spec.json +0 -15
- package/tsconfig.tsbuildinfo +0 -1
- package/ui/.env +0 -1
- package/ui/.env.example +0 -1
- package/ui/.eslintignore +0 -7
- package/ui/README.md +0 -288
- package/ui/index.html +0 -17
- package/ui/package.json +0 -34
- package/ui/postcss.config.js +0 -6
- package/ui/src/App.tsx +0 -245
- package/ui/src/components/AuthGuard.tsx +0 -59
- package/ui/src/components/AuthProvider.tsx +0 -76
- package/ui/src/components/Button.tsx +0 -37
- package/ui/src/components/Card.tsx +0 -37
- package/ui/src/components/ErrorMessage.tsx +0 -15
- package/ui/src/components/FormDialog.tsx +0 -61
- package/ui/src/components/FormFooter.tsx +0 -37
- package/ui/src/components/Layout.tsx +0 -112
- package/ui/src/components/LoadingMessage.tsx +0 -11
- package/ui/src/components/Modal.tsx +0 -97
- package/ui/src/components/MultiSelect.tsx +0 -145
- package/ui/src/components/PageHeader.tsx +0 -42
- package/ui/src/components/PanelHeader.tsx +0 -28
- package/ui/src/components/PermissionInput.tsx +0 -473
- package/ui/src/components/SearchInput.tsx +0 -69
- package/ui/src/components/Select.tsx +0 -51
- package/ui/src/components/SwaggerUIWrapper.tsx +0 -316
- package/ui/src/components/Table.tsx +0 -207
- package/ui/src/components/Tag.tsx +0 -9
- package/ui/src/components/TagsInput.tsx +0 -96
- package/ui/src/components/admin/AdminForm.tsx +0 -170
- package/ui/src/components/admin/CreateAdminDialog.tsx +0 -38
- package/ui/src/components/auth/LoginFooter.tsx +0 -17
- package/ui/src/components/auth/LoginHeader.tsx +0 -14
- package/ui/src/components/auth/components/CodeBlock.tsx +0 -43
- package/ui/src/components/auth/components/CreateAccountCodeExamples.tsx +0 -60
- package/ui/src/components/auth/components/PasswordRequirements.tsx +0 -16
- package/ui/src/components/auth/components/PasswordStrengthIndicator.tsx +0 -48
- package/ui/src/components/auth/components/ResetPasswordCodeExamples.tsx +0 -76
- package/ui/src/components/auth/components/Tabs.tsx +0 -32
- package/ui/src/components/auth/dialogs/CreateAccountDialog.tsx +0 -79
- package/ui/src/components/auth/dialogs/ForgotPasswordDialog.tsx +0 -79
- package/ui/src/components/auth/forms/CreateAccountForm.tsx +0 -226
- package/ui/src/components/auth/forms/LoginForm.tsx +0 -149
- package/ui/src/components/auth/forms/ResetPasswordForm.tsx +0 -202
- package/ui/src/components/auth/types.ts +0 -17
- package/ui/src/components/auth/utils/security.ts +0 -82
- package/ui/src/components/auth/utils/utils.ts +0 -25
- package/ui/src/components/form/EmailField.tsx +0 -25
- package/ui/src/components/form/FormField.tsx +0 -102
- package/ui/src/components/form/FormMultiSelect.tsx +0 -46
- package/ui/src/components/form/FormSelect.tsx +0 -60
- package/ui/src/components/form/FormTagsInput.tsx +0 -42
- package/ui/src/components/form/FormTextarea.tsx +0 -42
- package/ui/src/components/form/PasswordField.tsx +0 -93
- package/ui/src/components/form/SecretKeyField.tsx +0 -49
- package/ui/src/components/permission/CreatePermissionDialog.tsx +0 -44
- package/ui/src/components/permission/EditPermissionDialog.tsx +0 -55
- package/ui/src/components/permission/PermissionForm.tsx +0 -251
- package/ui/src/components/role/CreateRoleDialog.tsx +0 -45
- package/ui/src/components/role/EditRoleDialog.tsx +0 -55
- package/ui/src/components/role/RoleDialog.tsx +0 -252
- package/ui/src/components/role/RoleForm.tsx +0 -246
- package/ui/src/components/tenant/CreateTenantDialog.tsx +0 -41
- package/ui/src/components/tenant/EditTenantDialog.tsx +0 -52
- package/ui/src/components/tenant/TenantForm.tsx +0 -160
- package/ui/src/components/user/CreateUserDialog.tsx +0 -45
- package/ui/src/components/user/UserDetailModal.tsx +0 -815
- package/ui/src/components/user/UserForm.tsx +0 -191
- package/ui/src/data/nest-auth.json +0 -1687
- package/ui/src/hooks/useApi.ts +0 -69
- package/ui/src/hooks/useAuth.ts +0 -100
- package/ui/src/hooks/useConfirm.tsx +0 -105
- package/ui/src/hooks/useFormFooter.tsx +0 -42
- package/ui/src/hooks/usePagination.ts +0 -69
- package/ui/src/index.css +0 -59
- package/ui/src/main.tsx +0 -13
- package/ui/src/pages/AdminsPage.tsx +0 -178
- package/ui/src/pages/ApiPage.tsx +0 -89
- package/ui/src/pages/DashboardPage.tsx +0 -281
- package/ui/src/pages/LoginPage.tsx +0 -39
- package/ui/src/pages/PermissionsPage.tsx +0 -376
- package/ui/src/pages/RolesPage.tsx +0 -274
- package/ui/src/pages/TenantsPage.tsx +0 -221
- package/ui/src/pages/UsersPage.tsx +0 -387
- package/ui/src/services/api.ts +0 -115
- package/ui/src/types/index.ts +0 -136
- package/ui/src/vite-env.d.ts +0 -9
- package/ui/tailwind.config.js +0 -45
- package/ui/tsconfig.json +0 -24
- package/ui/tsconfig.node.json +0 -10
- package/ui/vite.config.ts +0 -37
- package/ui/yarn.lock +0 -3137
|
@@ -1,18 +1,18 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.NestAuthAuthGuard = exports.OPTIONAL_AUTH_KEY = void 0;
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
const common_1 = require("@nestjs/common");
|
|
6
|
+
const auth_constants_1 = require("../../auth.constants");
|
|
7
|
+
const core_1 = require("@nestjs/core");
|
|
8
|
+
const jwt_service_1 = require("../../core/services/jwt.service");
|
|
9
|
+
const session_manager_service_1 = require("../../session/services/session-manager.service");
|
|
10
|
+
const access_key_service_1 = require("../../user/services/access-key.service");
|
|
11
|
+
const skip_mfa_decorator_1 = require("../../core/decorators/skip-mfa.decorator");
|
|
12
|
+
const permissions_decorator_1 = require("../../core/decorators/permissions.decorator");
|
|
13
|
+
const role_decorator_1 = require("../../core/decorators/role.decorator");
|
|
13
14
|
// Key for optional auth metadata
|
|
14
|
-
|
|
15
|
-
|
|
15
|
+
exports.OPTIONAL_AUTH_KEY = 'optional_auth';
|
|
16
16
|
/**
|
|
17
17
|
* NestAuthAuthGuard
|
|
18
18
|
*
|
|
@@ -27,59 +27,53 @@ export const OPTIONAL_AUTH_KEY = 'optional_auth';
|
|
|
27
27
|
*
|
|
28
28
|
* Note: For automatic token refresh, enable RefreshTokenInterceptor globally.
|
|
29
29
|
*/
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
) {
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
const request = context.switchToHttp().getRequest<Request>() as any;
|
|
41
|
-
const response = context.switchToHttp().getResponse<Response>();
|
|
42
|
-
|
|
30
|
+
let NestAuthAuthGuard = class NestAuthAuthGuard {
|
|
31
|
+
constructor(reflector, jwtService, sessionManager, accessKeyService) {
|
|
32
|
+
this.reflector = reflector;
|
|
33
|
+
this.jwtService = jwtService;
|
|
34
|
+
this.sessionManager = sessionManager;
|
|
35
|
+
this.accessKeyService = accessKeyService;
|
|
36
|
+
}
|
|
37
|
+
async canActivate(context) {
|
|
38
|
+
const request = context.switchToHttp().getRequest();
|
|
39
|
+
const response = context.switchToHttp().getResponse();
|
|
43
40
|
// Check if authentication is optional
|
|
44
|
-
const isOptional = this.reflector.getAllAndOverride
|
|
41
|
+
const isOptional = this.reflector.getAllAndOverride(exports.OPTIONAL_AUTH_KEY, [
|
|
45
42
|
context.getHandler(),
|
|
46
43
|
context.getClass(),
|
|
47
44
|
]);
|
|
48
|
-
|
|
49
45
|
// Initialize request properties
|
|
50
46
|
request.user = null;
|
|
51
47
|
request.session = null;
|
|
52
48
|
request.accessKey = null;
|
|
53
49
|
request.authType = null;
|
|
54
|
-
|
|
55
50
|
const authHeader = request.headers.authorization;
|
|
56
|
-
|
|
57
51
|
// If no auth header
|
|
58
52
|
if (!authHeader) {
|
|
59
53
|
if (isOptional) {
|
|
60
54
|
// Optional auth: allow request to proceed without user data
|
|
61
55
|
return true;
|
|
62
|
-
}
|
|
56
|
+
}
|
|
57
|
+
else {
|
|
63
58
|
// Required auth: throw error
|
|
64
|
-
throw new UnauthorizedException({
|
|
59
|
+
throw new common_1.UnauthorizedException({
|
|
65
60
|
message: 'No authentication provided',
|
|
66
61
|
code: 'NO_AUTH'
|
|
67
62
|
});
|
|
68
63
|
}
|
|
69
64
|
}
|
|
70
|
-
|
|
71
65
|
const [type, token] = authHeader.split(' ');
|
|
72
66
|
if (!type || !token) {
|
|
73
67
|
if (isOptional) {
|
|
74
68
|
return true;
|
|
75
|
-
}
|
|
76
|
-
|
|
69
|
+
}
|
|
70
|
+
else {
|
|
71
|
+
throw new common_1.UnauthorizedException({
|
|
77
72
|
message: 'Invalid authentication format',
|
|
78
73
|
code: 'INVALID_AUTH_FORMAT'
|
|
79
74
|
});
|
|
80
75
|
}
|
|
81
76
|
}
|
|
82
|
-
|
|
83
77
|
// Handle authentication
|
|
84
78
|
let isAuthenticated = false;
|
|
85
79
|
try {
|
|
@@ -94,95 +88,93 @@ export class NestAuthAuthGuard implements CanActivate {
|
|
|
94
88
|
if (isOptional) {
|
|
95
89
|
// Invalid auth type, but optional - proceed without user data
|
|
96
90
|
return true;
|
|
97
|
-
}
|
|
98
|
-
|
|
91
|
+
}
|
|
92
|
+
else {
|
|
93
|
+
throw new common_1.UnauthorizedException({
|
|
99
94
|
message: 'Invalid authentication type',
|
|
100
95
|
code: 'INVALID_AUTH_TYPE'
|
|
101
96
|
});
|
|
102
97
|
}
|
|
103
98
|
}
|
|
104
|
-
}
|
|
99
|
+
}
|
|
100
|
+
catch (error) {
|
|
105
101
|
if (isOptional) {
|
|
106
102
|
// If optional auth fails, silently proceed without user data
|
|
107
103
|
return true;
|
|
108
|
-
}
|
|
104
|
+
}
|
|
105
|
+
else {
|
|
109
106
|
// If required auth fails, re-throw the error
|
|
110
107
|
throw error;
|
|
111
108
|
}
|
|
112
109
|
}
|
|
113
|
-
|
|
114
110
|
// If authentication failed and it's required, stop here
|
|
115
111
|
if (!isAuthenticated && !isOptional) {
|
|
116
112
|
return false;
|
|
117
113
|
}
|
|
118
|
-
|
|
119
114
|
// After successful authentication, check authorization (roles, permissions)
|
|
120
115
|
// Only check authorization if user is authenticated
|
|
121
116
|
if (isAuthenticated && request.user) {
|
|
122
117
|
await this.checkAuthorization(context, request);
|
|
123
118
|
}
|
|
124
|
-
|
|
125
119
|
return true;
|
|
126
120
|
}
|
|
127
|
-
|
|
128
|
-
private async handleJwtAuth(context: ExecutionContext, request: any, response: Response, token: string, isOptional: boolean = false): Promise<boolean> {
|
|
121
|
+
async handleJwtAuth(context, request, response, token, isOptional = false) {
|
|
129
122
|
try {
|
|
130
123
|
// Verify the JWT token
|
|
131
124
|
const payload = await this.jwtService.verifyToken(token);
|
|
132
125
|
request.user = payload;
|
|
133
126
|
request.authType = 'jwt';
|
|
134
|
-
|
|
135
127
|
// Verify session exists
|
|
136
|
-
const session = await this.sessionManager.getSession(payload.sessionId
|
|
128
|
+
const session = await this.sessionManager.getSession(payload.sessionId);
|
|
137
129
|
if (!session) {
|
|
138
130
|
if (isOptional) {
|
|
139
131
|
// Session not found but auth is optional - reset user data and continue
|
|
140
132
|
request.user = null;
|
|
141
133
|
request.authType = null;
|
|
142
134
|
return false;
|
|
143
|
-
}
|
|
144
|
-
|
|
135
|
+
}
|
|
136
|
+
else {
|
|
137
|
+
throw new common_1.UnauthorizedException({
|
|
145
138
|
message: 'Session not found',
|
|
146
|
-
code: UNAUTHORIZED_EXCEPTION_CODE
|
|
139
|
+
code: auth_constants_1.UNAUTHORIZED_EXCEPTION_CODE
|
|
147
140
|
});
|
|
148
141
|
}
|
|
149
142
|
}
|
|
150
|
-
|
|
151
143
|
request.session = session;
|
|
152
|
-
|
|
153
144
|
// Check MFA requirements
|
|
154
145
|
await this.checkMfa(context, payload, isOptional);
|
|
155
146
|
return true;
|
|
156
|
-
}
|
|
147
|
+
}
|
|
148
|
+
catch (error) {
|
|
157
149
|
// Token verification failed
|
|
158
150
|
// Note: Token refresh is handled by RefreshTokenInterceptor
|
|
159
151
|
if (isOptional) {
|
|
160
152
|
// Auth is optional - continue without user data
|
|
161
153
|
return false;
|
|
162
|
-
}
|
|
163
|
-
|
|
154
|
+
}
|
|
155
|
+
else {
|
|
156
|
+
throw new common_1.UnauthorizedException({
|
|
164
157
|
message: 'Invalid or expired token',
|
|
165
|
-
code: UNAUTHORIZED_EXCEPTION_CODE
|
|
158
|
+
code: auth_constants_1.UNAUTHORIZED_EXCEPTION_CODE
|
|
166
159
|
});
|
|
167
160
|
}
|
|
168
161
|
}
|
|
169
162
|
}
|
|
170
|
-
|
|
171
|
-
private async handleApiKeyAuth(request: any, token: string, isOptional: boolean = false): Promise<boolean> {
|
|
163
|
+
async handleApiKeyAuth(request, token, isOptional = false) {
|
|
172
164
|
// Split the token into public and private parts
|
|
173
165
|
const [publicKey, privateKey] = token.split('.');
|
|
174
166
|
if (!publicKey || !privateKey) {
|
|
175
167
|
if (isOptional) {
|
|
176
168
|
// Invalid format but auth is optional - continue without user data
|
|
177
169
|
return false;
|
|
178
|
-
}
|
|
179
|
-
|
|
170
|
+
}
|
|
171
|
+
else {
|
|
172
|
+
throw new common_1.UnauthorizedException({
|
|
180
173
|
message: 'Invalid API key format',
|
|
181
174
|
code: 'INVALID_API_KEY_FORMAT'
|
|
182
175
|
});
|
|
183
176
|
}
|
|
184
177
|
}
|
|
185
|
-
|
|
186
178
|
try {
|
|
187
179
|
// Validate API key pair
|
|
188
180
|
const isValid = await this.accessKeyService.validateAccessKey(publicKey, privateKey);
|
|
@@ -190,197 +182,162 @@ export class NestAuthAuthGuard implements CanActivate {
|
|
|
190
182
|
if (isOptional) {
|
|
191
183
|
// Invalid API key but auth is optional - continue without user data
|
|
192
184
|
return false;
|
|
193
|
-
}
|
|
194
|
-
|
|
185
|
+
}
|
|
186
|
+
else {
|
|
187
|
+
throw new common_1.UnauthorizedException({
|
|
195
188
|
message: 'Invalid API key',
|
|
196
189
|
code: 'INVALID_API_KEY'
|
|
197
190
|
});
|
|
198
191
|
}
|
|
199
192
|
}
|
|
200
|
-
|
|
201
193
|
// Get access key details
|
|
202
194
|
const accessKey = await this.accessKeyService.getAccessKey(publicKey);
|
|
203
|
-
|
|
204
195
|
// Update last used timestamp
|
|
205
196
|
await this.accessKeyService.updateAccessKeyLastUsed(publicKey);
|
|
206
|
-
|
|
207
197
|
// Attach user and access key to request
|
|
208
198
|
request.user = accessKey.user;
|
|
209
199
|
request.accessKey = accessKey;
|
|
210
200
|
request.authType = 'api-key';
|
|
211
|
-
|
|
212
201
|
return true;
|
|
213
|
-
}
|
|
202
|
+
}
|
|
203
|
+
catch (error) {
|
|
214
204
|
if (isOptional) {
|
|
215
205
|
// API key validation failed but auth is optional - continue without user data
|
|
216
206
|
return false;
|
|
217
|
-
}
|
|
207
|
+
}
|
|
208
|
+
else {
|
|
218
209
|
throw error;
|
|
219
210
|
}
|
|
220
211
|
}
|
|
221
212
|
}
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
private async checkMfa(context: ExecutionContext, payload: JWTTokenPayload, isOptional: boolean = false): Promise<void> {
|
|
213
|
+
async checkMfa(context, payload, isOptional = false) {
|
|
225
214
|
// Check if MFA should be skipped
|
|
226
|
-
const skipMfa = this.reflector.getAllAndOverride
|
|
215
|
+
const skipMfa = this.reflector.getAllAndOverride(skip_mfa_decorator_1.SKIP_MFA_KEY, [
|
|
227
216
|
context.getHandler(),
|
|
228
217
|
context.getClass(),
|
|
229
218
|
]);
|
|
230
|
-
|
|
231
219
|
// Get MFA status from token
|
|
232
220
|
const isMfaEnabled = payload.isMfaEnabled;
|
|
233
221
|
const isMfaVerified = payload.isMfaVerified;
|
|
234
|
-
|
|
235
222
|
// If MFA is enabled and not verified, and route is not marked to skip MFA, require MFA verification
|
|
236
223
|
if (isMfaEnabled && !isMfaVerified && !skipMfa) {
|
|
237
224
|
if (isOptional) {
|
|
238
225
|
// MFA required but auth is optional - this creates a conflict
|
|
239
226
|
// In this case, we should not set user data since MFA is not verified
|
|
240
227
|
throw new Error('MFA verification required - cannot proceed with optional auth');
|
|
241
|
-
}
|
|
242
|
-
|
|
228
|
+
}
|
|
229
|
+
else {
|
|
230
|
+
throw new common_1.UnauthorizedException({
|
|
243
231
|
message: 'Multi-factor authentication is required',
|
|
244
|
-
code: UNAUTHORIZED_EXCEPTION_CODE
|
|
232
|
+
code: auth_constants_1.UNAUTHORIZED_EXCEPTION_CODE
|
|
245
233
|
});
|
|
246
234
|
}
|
|
247
235
|
}
|
|
248
236
|
}
|
|
249
|
-
|
|
250
237
|
/**
|
|
251
238
|
* Check authorization (roles, permissions) after successful authentication
|
|
252
239
|
*/
|
|
253
|
-
|
|
240
|
+
async checkAuthorization(context, request) {
|
|
254
241
|
// Get required permissions and roles from decorators
|
|
255
242
|
const requiredPermissions = this.getRequiredPermissions(context);
|
|
256
243
|
const requiredRoles = this.getRequiredRoles(context);
|
|
257
|
-
|
|
258
244
|
// If no authorization requirements, allow access
|
|
259
245
|
if (!requiredPermissions.length && !requiredRoles.length) {
|
|
260
246
|
return;
|
|
261
247
|
}
|
|
262
|
-
|
|
263
248
|
const user = request.user;
|
|
264
|
-
|
|
265
249
|
// Check if user exists
|
|
266
250
|
if (!user) {
|
|
267
|
-
throw new ForbiddenException('Access denied: User not authenticated');
|
|
251
|
+
throw new common_1.ForbiddenException('Access denied: User not authenticated');
|
|
268
252
|
}
|
|
269
|
-
|
|
270
253
|
// Check roles if required
|
|
271
254
|
if (requiredRoles.length > 0) {
|
|
272
255
|
this.checkRoles(user, requiredRoles);
|
|
273
256
|
}
|
|
274
|
-
|
|
275
257
|
// Check permissions if required
|
|
276
258
|
if (requiredPermissions.length > 0) {
|
|
277
259
|
this.checkPermissions(user, requiredPermissions);
|
|
278
260
|
}
|
|
279
261
|
}
|
|
280
|
-
|
|
281
262
|
/**
|
|
282
263
|
* Get required permissions from decorator
|
|
283
264
|
*/
|
|
284
|
-
|
|
285
|
-
let permissions = this.reflector.getAllAndOverride
|
|
286
|
-
PERMISSIONS_KEY,
|
|
287
|
-
[context.getHandler(), context.getClass()],
|
|
288
|
-
);
|
|
289
|
-
|
|
265
|
+
getRequiredPermissions(context) {
|
|
266
|
+
let permissions = this.reflector.getAllAndOverride(permissions_decorator_1.PERMISSIONS_KEY, [context.getHandler(), context.getClass()]);
|
|
290
267
|
if (!permissions) {
|
|
291
268
|
return [];
|
|
292
269
|
}
|
|
293
|
-
|
|
294
270
|
// Normalize to array
|
|
295
271
|
return typeof permissions === 'string' ? [permissions] : permissions;
|
|
296
272
|
}
|
|
297
|
-
|
|
298
273
|
/**
|
|
299
274
|
* Get required roles from decorator
|
|
300
275
|
*/
|
|
301
|
-
|
|
302
|
-
let roles = this.reflector.getAllAndOverride
|
|
303
|
-
ROLES_KEY,
|
|
304
|
-
[context.getHandler(), context.getClass()],
|
|
305
|
-
);
|
|
306
|
-
|
|
276
|
+
getRequiredRoles(context) {
|
|
277
|
+
let roles = this.reflector.getAllAndOverride(role_decorator_1.ROLES_KEY, [context.getHandler(), context.getClass()]);
|
|
307
278
|
if (!roles) {
|
|
308
279
|
return [];
|
|
309
280
|
}
|
|
310
|
-
|
|
311
281
|
// Normalize to array
|
|
312
282
|
return typeof roles === 'string' ? [roles] : roles;
|
|
313
283
|
}
|
|
314
|
-
|
|
315
284
|
/**
|
|
316
285
|
* Check if user has required roles
|
|
317
286
|
*/
|
|
318
|
-
|
|
287
|
+
checkRoles(user, requiredRoles) {
|
|
319
288
|
if (!user.roles || !Array.isArray(user.roles)) {
|
|
320
|
-
throw new ForbiddenException('Access denied: No roles assigned');
|
|
289
|
+
throw new common_1.ForbiddenException('Access denied: No roles assigned');
|
|
321
290
|
}
|
|
322
|
-
|
|
323
291
|
// Get active role names
|
|
324
292
|
const userRoleNames = user.roles
|
|
325
293
|
.filter(role => role.isActive)
|
|
326
294
|
.map(role => role.name);
|
|
327
|
-
|
|
328
295
|
// Check if user has all required roles
|
|
329
296
|
const hasAllRoles = requiredRoles.every(role => userRoleNames.includes(role));
|
|
330
|
-
|
|
331
297
|
if (!hasAllRoles) {
|
|
332
298
|
const missingRoles = requiredRoles.filter(role => !userRoleNames.includes(role));
|
|
333
|
-
throw new ForbiddenException(
|
|
334
|
-
`Access denied: Missing required roles: ${missingRoles.join(', ')}`
|
|
335
|
-
);
|
|
299
|
+
throw new common_1.ForbiddenException(`Access denied: Missing required roles: ${missingRoles.join(', ')}`);
|
|
336
300
|
}
|
|
337
301
|
}
|
|
338
|
-
|
|
339
302
|
/**
|
|
340
303
|
* Check if user has required permissions
|
|
341
304
|
*/
|
|
342
|
-
|
|
305
|
+
checkPermissions(user, requiredPermissions) {
|
|
343
306
|
if (!user.roles || !Array.isArray(user.roles)) {
|
|
344
|
-
throw new ForbiddenException('Access denied: No roles assigned for permission check');
|
|
307
|
+
throw new common_1.ForbiddenException('Access denied: No roles assigned for permission check');
|
|
345
308
|
}
|
|
346
|
-
|
|
347
309
|
// Get all permissions from user's roles
|
|
348
310
|
const userPermissions = this.getUserPermissions(user.roles);
|
|
349
|
-
|
|
350
311
|
// Check if user has all required permissions
|
|
351
|
-
const hasAllPermissions = requiredPermissions.every(permission =>
|
|
352
|
-
userPermissions.includes(permission)
|
|
353
|
-
);
|
|
354
|
-
|
|
312
|
+
const hasAllPermissions = requiredPermissions.every(permission => userPermissions.includes(permission));
|
|
355
313
|
if (!hasAllPermissions) {
|
|
356
|
-
const missingPermissions = requiredPermissions.filter(permission =>
|
|
357
|
-
|
|
358
|
-
);
|
|
359
|
-
|
|
360
|
-
throw new ForbiddenException(
|
|
361
|
-
`Access denied: Missing required permissions: ${missingPermissions.join(', ')}`
|
|
362
|
-
);
|
|
314
|
+
const missingPermissions = requiredPermissions.filter(permission => !userPermissions.includes(permission));
|
|
315
|
+
throw new common_1.ForbiddenException(`Access denied: Missing required permissions: ${missingPermissions.join(', ')}`);
|
|
363
316
|
}
|
|
364
317
|
}
|
|
365
|
-
|
|
366
318
|
/**
|
|
367
319
|
* Extract all permissions from user's roles
|
|
368
320
|
*/
|
|
369
|
-
|
|
370
|
-
const permissions = new Set
|
|
371
|
-
|
|
321
|
+
getUserPermissions(roles) {
|
|
322
|
+
const permissions = new Set();
|
|
372
323
|
roles.forEach(role => {
|
|
373
324
|
// Skip inactive roles
|
|
374
325
|
if (!role.isActive) {
|
|
375
326
|
return;
|
|
376
327
|
}
|
|
377
|
-
|
|
378
328
|
// Add permissions from this role
|
|
379
329
|
if (role.permissions && Array.isArray(role.permissions)) {
|
|
380
330
|
role.permissions.forEach(permission => permissions.add(permission));
|
|
381
331
|
}
|
|
382
332
|
});
|
|
383
|
-
|
|
384
333
|
return Array.from(permissions);
|
|
385
334
|
}
|
|
386
|
-
}
|
|
335
|
+
};
|
|
336
|
+
exports.NestAuthAuthGuard = NestAuthAuthGuard;
|
|
337
|
+
exports.NestAuthAuthGuard = NestAuthAuthGuard = tslib_1.__decorate([
|
|
338
|
+
(0, common_1.Injectable)(),
|
|
339
|
+
tslib_1.__metadata("design:paramtypes", [core_1.Reflector,
|
|
340
|
+
jwt_service_1.JwtService,
|
|
341
|
+
session_manager_service_1.SessionManagerService,
|
|
342
|
+
access_key_service_1.AccessKeyService])
|
|
343
|
+
], NestAuthAuthGuard);
|
|
@@ -1,11 +1,6 @@
|
|
|
1
|
-
// Guards
|
|
2
1
|
export * from './guards/auth.guard';
|
|
3
2
|
export { OPTIONAL_AUTH_KEY } from './guards/auth.guard';
|
|
4
|
-
|
|
5
|
-
// Interceptors
|
|
6
3
|
export * from './interceptors/refresh-token.interceptor';
|
|
7
|
-
|
|
8
|
-
// Events
|
|
9
4
|
export * from './events/logged-out-all.event';
|
|
10
5
|
export * from './events/logged-out.event';
|
|
11
6
|
export * from './events/password-reset-requested.event';
|
|
@@ -14,18 +9,12 @@ export * from './events/user-2fa-verified.event';
|
|
|
14
9
|
export * from './events/user-logged-in.event';
|
|
15
10
|
export * from './events/user-refresh-token.event';
|
|
16
11
|
export * from './events/user-registered.event';
|
|
17
|
-
|
|
18
|
-
// Services
|
|
19
12
|
export * from './services/auth.service';
|
|
20
13
|
export * from './services/cookie.service';
|
|
21
14
|
export * from './services/mfa.service';
|
|
22
15
|
export * from './services/client-config.service';
|
|
23
|
-
|
|
24
|
-
// Controllers
|
|
25
16
|
export * from './controllers/auth.controller';
|
|
26
17
|
export * from './controllers/mfa.controller';
|
|
27
|
-
|
|
28
|
-
// DTOs
|
|
29
18
|
export * from './dto/requests/login.request.dto';
|
|
30
19
|
export * from './dto/requests/signup.request.dto';
|
|
31
20
|
export * from './dto/credentials/social-credentials.dto';
|
|
@@ -46,7 +35,6 @@ export * from './dto/responses/auth-cookie.response.dto';
|
|
|
46
35
|
export * from './dto/responses/verify-otp.response.dto';
|
|
47
36
|
export * from './dto/responses/mfa-status.response.dto';
|
|
48
37
|
export * from './dto/responses/client-config.response.dto';
|
|
49
|
-
|
|
50
|
-
// Entities
|
|
51
38
|
export * from './entities/otp.entity';
|
|
52
39
|
export * from './entities/mfa-secret.entity';
|
|
40
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/auth/index.ts"],"names":[],"mappings":"AACA,cAAc,qBAAqB,CAAC;AACpC,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAGxD,cAAc,0CAA0C,CAAC;AAGzD,cAAc,+BAA+B,CAAC;AAC9C,cAAc,2BAA2B,CAAC;AAC1C,cAAc,yCAAyC,CAAC;AACxD,cAAc,+BAA+B,CAAC;AAC9C,cAAc,kCAAkC,CAAC;AACjD,cAAc,+BAA+B,CAAC;AAC9C,cAAc,mCAAmC,CAAC;AAClD,cAAc,gCAAgC,CAAC;AAG/C,cAAc,yBAAyB,CAAC;AACxC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,wBAAwB,CAAC;AACvC,cAAc,kCAAkC,CAAC;AAGjD,cAAc,+BAA+B,CAAC;AAC9C,cAAc,8BAA8B,CAAC;AAG7C,cAAc,kCAAkC,CAAC;AACjD,cAAc,mCAAmC,CAAC;AAClD,cAAc,0CAA0C,CAAC;AACzD,cAAc,yCAAyC,CAAC;AACxD,cAAc,yCAAyC,CAAC;AACxD,cAAc,4CAA4C,CAAC;AAC3D,cAAc,2CAA2C,CAAC;AAC1D,cAAc,sDAAsD,CAAC;AACrE,cAAc,uDAAuD,CAAC;AACtE,cAAc,0CAA0C,CAAC;AACzD,cAAc,4CAA4C,CAAC;AAC3D,cAAc,uCAAuC,CAAC;AACtD,cAAc,0CAA0C,CAAC;AACzD,cAAc,uCAAuC,CAAC;AACtD,cAAc,8CAA8C,CAAC;AAC7D,cAAc,mCAAmC,CAAC;AAClD,cAAc,0CAA0C,CAAC;AACzD,cAAc,yCAAyC,CAAC;AACxD,cAAc,yCAAyC,CAAC;AACxD,cAAc,4CAA4C,CAAC;AAG3D,cAAc,uBAAuB,CAAC;AACtC,cAAc,8BAA8B,CAAC"}
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.OPTIONAL_AUTH_KEY = void 0;
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
// Guards
|
|
6
|
+
tslib_1.__exportStar(require("./guards/auth.guard"), exports);
|
|
7
|
+
var auth_guard_1 = require("./guards/auth.guard");
|
|
8
|
+
Object.defineProperty(exports, "OPTIONAL_AUTH_KEY", { enumerable: true, get: function () { return auth_guard_1.OPTIONAL_AUTH_KEY; } });
|
|
9
|
+
// Interceptors
|
|
10
|
+
tslib_1.__exportStar(require("./interceptors/refresh-token.interceptor"), exports);
|
|
11
|
+
// Events
|
|
12
|
+
tslib_1.__exportStar(require("./events/logged-out-all.event"), exports);
|
|
13
|
+
tslib_1.__exportStar(require("./events/logged-out.event"), exports);
|
|
14
|
+
tslib_1.__exportStar(require("./events/password-reset-requested.event"), exports);
|
|
15
|
+
tslib_1.__exportStar(require("./events/password-reset.event"), exports);
|
|
16
|
+
tslib_1.__exportStar(require("./events/user-2fa-verified.event"), exports);
|
|
17
|
+
tslib_1.__exportStar(require("./events/user-logged-in.event"), exports);
|
|
18
|
+
tslib_1.__exportStar(require("./events/user-refresh-token.event"), exports);
|
|
19
|
+
tslib_1.__exportStar(require("./events/user-registered.event"), exports);
|
|
20
|
+
// Services
|
|
21
|
+
tslib_1.__exportStar(require("./services/auth.service"), exports);
|
|
22
|
+
tslib_1.__exportStar(require("./services/cookie.service"), exports);
|
|
23
|
+
tslib_1.__exportStar(require("./services/mfa.service"), exports);
|
|
24
|
+
tslib_1.__exportStar(require("./services/client-config.service"), exports);
|
|
25
|
+
// Controllers
|
|
26
|
+
tslib_1.__exportStar(require("./controllers/auth.controller"), exports);
|
|
27
|
+
tslib_1.__exportStar(require("./controllers/mfa.controller"), exports);
|
|
28
|
+
// DTOs
|
|
29
|
+
tslib_1.__exportStar(require("./dto/requests/login.request.dto"), exports);
|
|
30
|
+
tslib_1.__exportStar(require("./dto/requests/signup.request.dto"), exports);
|
|
31
|
+
tslib_1.__exportStar(require("./dto/credentials/social-credentials.dto"), exports);
|
|
32
|
+
tslib_1.__exportStar(require("./dto/credentials/email-credentials.dto"), exports);
|
|
33
|
+
tslib_1.__exportStar(require("./dto/credentials/phone-credentials.dto"), exports);
|
|
34
|
+
tslib_1.__exportStar(require("./dto/requests/forgot-password.request.dto"), exports);
|
|
35
|
+
tslib_1.__exportStar(require("./dto/requests/reset-password.request.dto"), exports);
|
|
36
|
+
tslib_1.__exportStar(require("./dto/requests/reset-password-with-token.request.dto"), exports);
|
|
37
|
+
tslib_1.__exportStar(require("./dto/requests/verify-forgot-password-otp-request-dto"), exports);
|
|
38
|
+
tslib_1.__exportStar(require("./dto/requests/send-mfa-code.request.dto"), exports);
|
|
39
|
+
tslib_1.__exportStar(require("./dto/requests/change-password.request.dto"), exports);
|
|
40
|
+
tslib_1.__exportStar(require("./dto/requests/toggle-mfa.request.dto"), exports);
|
|
41
|
+
tslib_1.__exportStar(require("./dto/requests/refresh-token.request.dto"), exports);
|
|
42
|
+
tslib_1.__exportStar(require("./dto/requests/verify-2fa.request.dto"), exports);
|
|
43
|
+
tslib_1.__exportStar(require("./dto/requests/verify-totp-setup.request.dto"), exports);
|
|
44
|
+
tslib_1.__exportStar(require("./dto/responses/auth.response.dto"), exports);
|
|
45
|
+
tslib_1.__exportStar(require("./dto/responses/auth-cookie.response.dto"), exports);
|
|
46
|
+
tslib_1.__exportStar(require("./dto/responses/verify-otp.response.dto"), exports);
|
|
47
|
+
tslib_1.__exportStar(require("./dto/responses/mfa-status.response.dto"), exports);
|
|
48
|
+
tslib_1.__exportStar(require("./dto/responses/client-config.response.dto"), exports);
|
|
49
|
+
// Entities
|
|
50
|
+
tslib_1.__exportStar(require("./entities/otp.entity"), exports);
|
|
51
|
+
tslib_1.__exportStar(require("./entities/mfa-secret.entity"), exports);
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
import { NestInterceptor, ExecutionContext, CallHandler } from '@nestjs/common';
|
|
2
|
+
import { Observable } from 'rxjs';
|
|
3
|
+
import { AuthService } from '../services/auth.service';
|
|
4
|
+
import { CookieService } from '../services/cookie.service';
|
|
5
|
+
import { JwtService } from '../../core/services/jwt.service';
|
|
6
|
+
import { AuthConfigService } from '../../core/services/auth-config.service';
|
|
7
|
+
/**
|
|
8
|
+
* RefreshTokenInterceptor
|
|
9
|
+
*
|
|
10
|
+
* Automatically handles token refresh when access token is expired.
|
|
11
|
+
* This interceptor runs before guards and catches token expiration errors,
|
|
12
|
+
* attempting to refresh the token transparently.
|
|
13
|
+
*
|
|
14
|
+
* Token delivery method (header vs cookie) respects the `accessTokenType` configuration:
|
|
15
|
+
* - If `accessTokenType: 'header'` (default): Updates Authorization header only
|
|
16
|
+
* - If `accessTokenType: 'cookie'`: Sets tokens in cookies
|
|
17
|
+
*
|
|
18
|
+
* Apply this globally to handle token refresh across your entire application.
|
|
19
|
+
*
|
|
20
|
+
* @example
|
|
21
|
+
* ```typescript
|
|
22
|
+
* // In AppModule or NestAuthModule configuration
|
|
23
|
+
* providers: [
|
|
24
|
+
* {
|
|
25
|
+
* provide: APP_INTERCEPTOR,
|
|
26
|
+
* useClass: RefreshTokenInterceptor,
|
|
27
|
+
* },
|
|
28
|
+
* ]
|
|
29
|
+
* ```
|
|
30
|
+
*/
|
|
31
|
+
export declare class RefreshTokenInterceptor implements NestInterceptor {
|
|
32
|
+
private readonly authService;
|
|
33
|
+
private readonly cookieService;
|
|
34
|
+
private readonly jwtService;
|
|
35
|
+
private readonly authConfig;
|
|
36
|
+
constructor(authService: AuthService, cookieService: CookieService, jwtService: JwtService, authConfig: AuthConfigService);
|
|
37
|
+
intercept(context: ExecutionContext, next: CallHandler): Promise<Observable<any>>;
|
|
38
|
+
/**
|
|
39
|
+
* Extract refresh token from cookies or headers
|
|
40
|
+
*/
|
|
41
|
+
private extractRefreshToken;
|
|
42
|
+
}
|
|
43
|
+
//# sourceMappingURL=refresh-token.interceptor.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"refresh-token.interceptor.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/auth/interceptors/refresh-token.interceptor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,eAAe,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC5F,OAAO,EAAE,UAAU,EAAc,MAAM,MAAM,CAAC;AAG9C,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAC7D,OAAO,EAAE,iBAAiB,EAAE,MAAM,yCAAyC,CAAC;AAG5E;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,qBACa,uBAAwB,YAAW,eAAe;IAEvD,OAAO,CAAC,QAAQ,CAAC,WAAW;IAC5B,OAAO,CAAC,QAAQ,CAAC,aAAa;IAC9B,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,UAAU;gBAHV,WAAW,EAAE,WAAW,EACxB,aAAa,EAAE,aAAa,EAC5B,UAAU,EAAE,UAAU,EACtB,UAAU,EAAE,iBAAiB;IAG5C,SAAS,CAAC,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IAuDvF;;OAEG;IACH,OAAO,CAAC,mBAAmB;CAe9B"}
|