@ackplus/nest-auth 1.1.1 → 1.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +2 -2
- package/src/{index.ts → index.d.ts} +2 -18
- package/src/index.d.ts.map +1 -0
- package/src/index.js +24 -0
- package/src/lib/admin-console/admin-console.module.d.ts +3 -0
- package/src/lib/admin-console/admin-console.module.d.ts.map +1 -0
- package/src/lib/admin-console/admin-console.module.js +69 -0
- package/src/lib/admin-console/controllers/admin-auth.controller.d.ts +134 -0
- package/src/lib/admin-console/controllers/admin-auth.controller.d.ts.map +1 -0
- package/src/lib/admin-console/controllers/admin-auth.controller.js +374 -0
- package/src/lib/admin-console/controllers/admin-console.controller.d.ts +14 -0
- package/src/lib/admin-console/controllers/admin-console.controller.d.ts.map +1 -0
- package/src/lib/admin-console/controllers/admin-console.controller.js +87 -0
- package/src/lib/admin-console/controllers/admin-permissions.controller.d.ts +86 -0
- package/src/lib/admin-console/controllers/admin-permissions.controller.d.ts.map +1 -0
- package/src/lib/admin-console/controllers/admin-permissions.controller.js +195 -0
- package/src/lib/admin-console/controllers/admin-roles.controller.d.ts +47 -0
- package/src/lib/admin-console/controllers/admin-roles.controller.d.ts.map +1 -0
- package/src/lib/admin-console/controllers/admin-roles.controller.js +95 -0
- package/src/lib/admin-console/controllers/admin-tenants.controller.d.ts +44 -0
- package/src/lib/admin-console/controllers/admin-tenants.controller.d.ts.map +1 -0
- package/src/lib/admin-console/controllers/admin-tenants.controller.js +86 -0
- package/src/lib/admin-console/controllers/admin-users.controller.d.ts +146 -0
- package/src/lib/admin-console/controllers/admin-users.controller.d.ts.map +1 -0
- package/src/lib/admin-console/controllers/admin-users.controller.js +400 -0
- package/src/lib/admin-console/decorators/current-admin.decorator.d.ts +2 -0
- package/src/lib/admin-console/decorators/current-admin.decorator.d.ts.map +1 -0
- package/src/lib/admin-console/decorators/current-admin.decorator.js +8 -0
- package/src/lib/admin-console/dto/admin-permission.dto.d.ts +16 -0
- package/src/lib/admin-console/dto/admin-permission.dto.d.ts.map +1 -0
- package/src/lib/admin-console/dto/admin-permission.dto.js +123 -0
- package/src/lib/admin-console/dto/admin-role.dto.d.ts +13 -0
- package/src/lib/admin-console/dto/admin-role.dto.d.ts.map +1 -0
- package/src/lib/admin-console/dto/admin-role.dto.js +53 -0
- package/src/lib/admin-console/dto/admin-tenant.dto.d.ts +13 -0
- package/src/lib/admin-console/dto/admin-tenant.dto.d.ts.map +1 -0
- package/src/lib/admin-console/dto/admin-tenant.dto.js +57 -0
- package/src/lib/admin-console/dto/admin-user.dto.d.ts +21 -0
- package/src/lib/admin-console/dto/admin-user.dto.d.ts.map +1 -0
- package/src/lib/admin-console/dto/admin-user.dto.js +94 -0
- package/src/lib/admin-console/dto/create-dashboard-admin.dto.d.ts +10 -0
- package/src/lib/admin-console/dto/create-dashboard-admin.dto.d.ts.map +1 -0
- package/src/lib/admin-console/dto/create-dashboard-admin.dto.js +39 -0
- package/src/lib/admin-console/dto/login.dto.d.ts +5 -0
- package/src/lib/admin-console/dto/login.dto.d.ts.map +1 -0
- package/src/lib/admin-console/dto/login.dto.js +17 -0
- package/src/lib/admin-console/dto/reset-password.dto.d.ts +6 -0
- package/src/lib/admin-console/dto/reset-password.dto.d.ts.map +1 -0
- package/src/lib/admin-console/dto/reset-password.dto.js +26 -0
- package/src/lib/admin-console/dto/setup-admin.dto.d.ts +7 -0
- package/src/lib/admin-console/dto/setup-admin.dto.d.ts.map +1 -0
- package/src/lib/admin-console/dto/setup-admin.dto.js +29 -0
- package/src/lib/admin-console/dto/signup.dto.d.ts +8 -0
- package/src/lib/admin-console/dto/signup.dto.d.ts.map +1 -0
- package/src/lib/admin-console/dto/signup.dto.js +58 -0
- package/src/lib/admin-console/entities/admin-user.entity.d.ts +16 -0
- package/src/lib/admin-console/entities/admin-user.entity.d.ts.map +1 -0
- package/src/lib/admin-console/entities/admin-user.entity.js +86 -0
- package/src/lib/admin-console/guards/admin-session.guard.d.ts +17 -0
- package/src/lib/admin-console/guards/admin-session.guard.d.ts.map +1 -0
- package/src/lib/admin-console/guards/admin-session.guard.js +40 -0
- package/src/lib/admin-console/services/admin-auth.service.d.ts +22 -0
- package/src/lib/admin-console/services/admin-auth.service.d.ts.map +1 -0
- package/src/lib/admin-console/services/admin-auth.service.js +77 -0
- package/src/lib/admin-console/services/admin-console-config.service.d.ts +17 -0
- package/src/lib/admin-console/services/admin-console-config.service.d.ts.map +1 -0
- package/src/lib/admin-console/services/admin-console-config.service.js +58 -0
- package/src/lib/admin-console/services/admin-session.service.d.ts +27 -0
- package/src/lib/admin-console/services/admin-session.service.d.ts.map +1 -0
- package/src/lib/admin-console/services/admin-session.service.js +94 -0
- package/src/lib/admin-console/services/admin-user.service.d.ts +24 -0
- package/src/lib/admin-console/services/admin-user.service.d.ts.map +1 -0
- package/src/lib/admin-console/services/admin-user.service.js +87 -0
- package/src/lib/auth/auth.module.d.ts +3 -0
- package/src/lib/auth/auth.module.d.ts.map +1 -0
- package/src/lib/auth/auth.module.js +64 -0
- package/src/lib/auth/controllers/auth.controller.d.ts +67 -0
- package/src/lib/auth/controllers/auth.controller.d.ts.map +1 -0
- package/src/lib/auth/controllers/auth.controller.js +471 -0
- package/src/lib/auth/controllers/mfa.controller.d.ts +34 -0
- package/src/lib/auth/controllers/mfa.controller.d.ts.map +1 -0
- package/src/lib/auth/controllers/mfa.controller.js +230 -0
- package/src/lib/auth/dto/credentials/email-credentials.dto.d.ts +8 -0
- package/src/lib/auth/dto/credentials/email-credentials.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/credentials/email-credentials.dto.js +31 -0
- package/src/lib/auth/dto/credentials/phone-credentials.dto.d.ts +8 -0
- package/src/lib/auth/dto/credentials/phone-credentials.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/credentials/phone-credentials.dto.js +31 -0
- package/src/lib/auth/dto/credentials/social-credentials.dto.d.ts +7 -0
- package/src/lib/auth/dto/credentials/social-credentials.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/credentials/social-credentials.dto.js +21 -0
- package/src/lib/auth/dto/index.d.ts +1 -0
- package/src/lib/auth/dto/index.d.ts.map +1 -0
- package/src/lib/auth/dto/index.js +0 -0
- package/src/lib/auth/dto/requests/change-password.request.dto.d.ts +5 -0
- package/src/lib/auth/dto/requests/change-password.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/change-password.request.dto.js +42 -0
- package/src/lib/auth/dto/requests/forgot-password.request.dto.d.ts +6 -0
- package/src/lib/auth/dto/requests/forgot-password.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/forgot-password.request.dto.js +38 -0
- package/src/lib/auth/dto/requests/initialize-admin.request.dto.d.ts +8 -0
- package/src/lib/auth/dto/requests/initialize-admin.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/initialize-admin.request.dto.js +58 -0
- package/src/lib/auth/dto/requests/login.request.dto.d.ts +13 -0
- package/src/lib/auth/dto/requests/login.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/login.request.dto.js +75 -0
- package/src/lib/auth/dto/requests/refresh-token.request.dto.d.ts +4 -0
- package/src/lib/auth/dto/requests/refresh-token.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/refresh-token.request.dto.js +18 -0
- package/src/lib/auth/dto/requests/reset-password-with-token.request.dto.d.ts +5 -0
- package/src/lib/auth/dto/requests/reset-password-with-token.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/reset-password-with-token.request.dto.js +29 -0
- package/src/lib/auth/dto/requests/reset-password.request.dto.d.ts +8 -0
- package/src/lib/auth/dto/requests/reset-password.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/reset-password.request.dto.js +60 -0
- package/src/lib/auth/dto/requests/send-email-verification.request.dto.d.ts +4 -0
- package/src/lib/auth/dto/requests/send-email-verification.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/send-email-verification.request.dto.js +18 -0
- package/src/lib/auth/dto/requests/send-mfa-code.request.dto.d.ts +5 -0
- package/src/lib/auth/dto/requests/send-mfa-code.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/send-mfa-code.request.dto.js +25 -0
- package/src/lib/auth/dto/requests/signup.request.dto.d.ts +8 -0
- package/src/lib/auth/dto/requests/signup.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/signup.request.dto.js +49 -0
- package/src/lib/auth/dto/requests/toggle-mfa.request.dto.d.ts +4 -0
- package/src/lib/auth/dto/requests/toggle-mfa.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/toggle-mfa.request.dto.js +18 -0
- package/src/lib/auth/dto/requests/verify-2fa.request.dto.d.ts +6 -0
- package/src/lib/auth/dto/requests/verify-2fa.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/verify-2fa.request.dto.js +31 -0
- package/src/lib/auth/dto/requests/verify-email.request.dto.d.ts +5 -0
- package/src/lib/auth/dto/requests/verify-email.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/verify-email.request.dto.js +29 -0
- package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.d.ts +7 -0
- package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.js +49 -0
- package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.d.ts +5 -0
- package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.js +29 -0
- package/src/lib/auth/dto/responses/auth-cookie.response.dto.d.ts +41 -0
- package/src/lib/auth/dto/responses/auth-cookie.response.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/responses/{auth-cookie.response.dto.ts → auth-cookie.response.dto.js} +18 -11
- package/src/lib/auth/dto/responses/auth-success.response.dto.d.ts +41 -0
- package/src/lib/auth/dto/responses/auth-success.response.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/responses/{auth-success.response.dto.ts → auth-success.response.dto.js} +18 -11
- package/src/lib/auth/dto/responses/auth.response.dto.d.ts +40 -0
- package/src/lib/auth/dto/responses/auth.response.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/responses/auth.response.dto.js +112 -0
- package/src/lib/auth/dto/responses/client-config.response.dto.d.ts +58 -0
- package/src/lib/auth/dto/responses/client-config.response.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/responses/client-config.response.dto.js +202 -0
- package/src/lib/auth/dto/responses/initialize-admin.response.dto.d.ts +7 -0
- package/src/lib/auth/dto/responses/initialize-admin.response.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/responses/initialize-admin.response.dto.js +30 -0
- package/src/lib/auth/dto/responses/mfa-code-response.dto.d.ts +7 -0
- package/src/lib/auth/dto/responses/mfa-code-response.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/responses/mfa-code-response.dto.js +36 -0
- package/src/lib/auth/dto/responses/mfa-status.response.dto.d.ts +19 -0
- package/src/lib/auth/dto/responses/mfa-status.response.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/responses/mfa-status.response.dto.js +108 -0
- package/src/lib/auth/dto/responses/verify-otp.response.dto.d.ts +5 -0
- package/src/lib/auth/dto/responses/verify-otp.response.dto.d.ts.map +1 -0
- package/src/lib/auth/dto/responses/verify-otp.response.dto.js +16 -0
- package/src/lib/auth/entities/mfa-secret.entity.d.ts +13 -0
- package/src/lib/auth/entities/mfa-secret.entity.d.ts.map +1 -0
- package/src/lib/auth/entities/mfa-secret.entity.js +49 -0
- package/src/lib/auth/entities/otp.entity.d.ts +14 -0
- package/src/lib/auth/entities/otp.entity.d.ts.map +1 -0
- package/src/lib/auth/entities/otp.entity.js +49 -0
- package/src/lib/auth/events/{logged-out-all.event.ts → logged-out-all.event.d.ts} +4 -6
- package/src/lib/auth/events/logged-out-all.event.d.ts.map +1 -0
- package/src/lib/auth/events/logged-out-all.event.js +9 -0
- package/src/lib/auth/events/{logged-out.event.ts → logged-out.event.d.ts} +4 -5
- package/src/lib/auth/events/logged-out.event.d.ts.map +1 -0
- package/src/lib/auth/events/logged-out.event.js +9 -0
- package/src/lib/auth/events/{password-reset-requested.event.ts → password-reset-requested.event.d.ts} +4 -6
- package/src/lib/auth/events/password-reset-requested.event.d.ts.map +1 -0
- package/src/lib/auth/events/password-reset-requested.event.js +9 -0
- package/src/lib/auth/events/{password-reset.event.ts → password-reset.event.d.ts} +4 -6
- package/src/lib/auth/events/password-reset.event.d.ts.map +1 -0
- package/src/lib/auth/events/password-reset.event.js +9 -0
- package/src/lib/auth/events/{user-2fa-verified.event.ts → user-2fa-verified.event.d.ts} +4 -6
- package/src/lib/auth/events/user-2fa-verified.event.d.ts.map +1 -0
- package/src/lib/auth/events/user-2fa-verified.event.js +9 -0
- package/src/lib/auth/events/{user-logged-in.event.ts → user-logged-in.event.d.ts} +4 -7
- package/src/lib/auth/events/user-logged-in.event.d.ts.map +1 -0
- package/src/lib/auth/events/user-logged-in.event.js +10 -0
- package/src/lib/auth/events/{user-refresh-token.event.ts → user-refresh-token.event.d.ts} +4 -6
- package/src/lib/auth/events/user-refresh-token.event.d.ts.map +1 -0
- package/src/lib/auth/events/user-refresh-token.event.js +9 -0
- package/src/lib/auth/events/{user-registered.event.ts → user-registered.event.d.ts} +4 -7
- package/src/lib/auth/events/user-registered.event.d.ts.map +1 -0
- package/src/lib/auth/events/user-registered.event.js +10 -0
- package/src/lib/auth/guards/auth.guard.d.ts +56 -0
- package/src/lib/auth/guards/auth.guard.d.ts.map +1 -0
- package/src/lib/auth/guards/{auth.guard.ts → auth.guard.js} +92 -135
- package/src/lib/auth/{index.ts → index.d.ts} +1 -13
- package/src/lib/auth/index.d.ts.map +1 -0
- package/src/lib/auth/index.js +51 -0
- package/src/lib/auth/interceptors/refresh-token.interceptor.d.ts +43 -0
- package/src/lib/auth/interceptors/refresh-token.interceptor.d.ts.map +1 -0
- package/src/lib/auth/interceptors/{refresh-token.interceptor.ts → refresh-token.interceptor.js} +38 -40
- package/src/lib/auth/services/auth.service.d.ts +67 -0
- package/src/lib/auth/services/auth.service.d.ts.map +1 -0
- package/src/lib/auth/services/{auth.service.ts → auth.service.js} +262 -475
- package/src/lib/auth/services/client-config.service.d.ts +12 -0
- package/src/lib/auth/services/client-config.service.d.ts.map +1 -0
- package/src/lib/auth/services/{client-config.service.ts → client-config.service.js} +28 -33
- package/src/lib/auth/services/cookie.service.d.ts +10 -0
- package/src/lib/auth/services/cookie.service.d.ts.map +1 -0
- package/src/lib/auth/services/cookie.service.js +42 -0
- package/src/lib/auth/services/mfa.service.d.ts +45 -0
- package/src/lib/auth/services/mfa.service.d.ts.map +1 -0
- package/src/lib/auth/services/{mfa.service.ts → mfa.service.js} +105 -184
- package/src/lib/auth.constants.d.ts +43 -0
- package/src/lib/auth.constants.d.ts.map +1 -0
- package/src/lib/auth.constants.js +54 -0
- package/src/lib/core/core.module.d.ts +7 -0
- package/src/lib/core/core.module.d.ts.map +1 -0
- package/src/lib/core/core.module.js +57 -0
- package/src/lib/core/decorators/{auth.decorator.ts → auth.decorator.d.ts} +2 -7
- package/src/lib/core/decorators/auth.decorator.d.ts.map +1 -0
- package/src/lib/core/decorators/auth.decorator.js +38 -0
- package/src/lib/core/decorators/permissions.decorator.d.ts +8 -0
- package/src/lib/core/decorators/permissions.decorator.d.ts.map +1 -0
- package/src/lib/core/decorators/permissions.decorator.js +18 -0
- package/src/lib/core/decorators/{public.decorator.ts → public.decorator.d.ts} +3 -5
- package/src/lib/core/decorators/public.decorator.d.ts.map +1 -0
- package/src/lib/core/decorators/public.decorator.js +35 -0
- package/src/lib/core/decorators/role.decorator.d.ts +4 -0
- package/src/lib/core/decorators/role.decorator.d.ts.map +1 -0
- package/src/lib/core/decorators/role.decorator.js +13 -0
- package/src/lib/core/decorators/skip-mfa.decorator.d.ts +3 -0
- package/src/lib/core/decorators/skip-mfa.decorator.d.ts.map +1 -0
- package/src/lib/core/decorators/skip-mfa.decorator.js +7 -0
- package/src/lib/core/dto/message.response.dto.d.ts +4 -0
- package/src/lib/core/dto/message.response.dto.d.ts.map +1 -0
- package/src/lib/core/dto/message.response.dto.js +12 -0
- package/src/lib/core/{entities.ts → entities.d.ts} +2 -14
- package/src/lib/core/entities.d.ts.map +1 -0
- package/src/lib/core/entities.js +37 -0
- package/src/lib/core/{index.ts → index.d.ts} +1 -15
- package/src/lib/core/index.d.ts.map +1 -0
- package/src/lib/core/index.js +35 -0
- package/src/lib/core/interfaces/{auth-module-options.interface.ts → auth-module-options.interface.d.ts} +13 -16
- package/src/lib/core/interfaces/auth-module-options.interface.d.ts.map +1 -0
- package/src/lib/core/interfaces/auth-module-options.interface.js +2 -0
- package/src/lib/core/interfaces/mfa-options.interface.d.ts +26 -0
- package/src/lib/core/interfaces/mfa-options.interface.d.ts.map +1 -0
- package/src/lib/core/interfaces/mfa-options.interface.js +9 -0
- package/src/lib/core/interfaces/otp.interface.d.ts +6 -0
- package/src/lib/core/interfaces/otp.interface.d.ts.map +1 -0
- package/src/lib/core/interfaces/otp.interface.js +9 -0
- package/src/lib/core/interfaces/session-options.interface.d.ts +16 -0
- package/src/lib/core/interfaces/session-options.interface.d.ts.map +1 -0
- package/src/lib/core/interfaces/session-options.interface.js +9 -0
- package/src/lib/core/interfaces/{token-payload.interface.ts → token-payload.interface.d.ts} +2 -4
- package/src/lib/core/interfaces/token-payload.interface.d.ts.map +1 -0
- package/src/lib/core/interfaces/token-payload.interface.js +2 -0
- package/src/lib/core/providers/apple-auth.provider.d.ts +19 -0
- package/src/lib/core/providers/apple-auth.provider.d.ts.map +1 -0
- package/src/lib/core/providers/apple-auth.provider.js +56 -0
- package/src/lib/core/providers/base-auth.provider.d.ts +33 -0
- package/src/lib/core/providers/base-auth.provider.d.ts.map +1 -0
- package/src/lib/core/providers/base-auth.provider.js +48 -0
- package/src/lib/core/providers/email-auth.provider.d.ts +31 -0
- package/src/lib/core/providers/email-auth.provider.d.ts.map +1 -0
- package/src/lib/core/providers/email-auth.provider.js +66 -0
- package/src/lib/core/providers/facebook-auth.provider.d.ts +19 -0
- package/src/lib/core/providers/facebook-auth.provider.d.ts.map +1 -0
- package/src/lib/core/providers/facebook-auth.provider.js +55 -0
- package/src/lib/core/providers/github-auth.provider.d.ts +24 -0
- package/src/lib/core/providers/github-auth.provider.d.ts.map +1 -0
- package/src/lib/core/providers/{github-auth.provider.ts → github-auth.provider.js} +31 -36
- package/src/lib/core/providers/google-auth.provider.d.ts +22 -0
- package/src/lib/core/providers/google-auth.provider.d.ts.map +1 -0
- package/src/lib/core/providers/google-auth.provider.js +57 -0
- package/src/lib/core/providers/jwt-auth.provider.d.ts +34 -0
- package/src/lib/core/providers/jwt-auth.provider.d.ts.map +1 -0
- package/src/lib/core/providers/jwt-auth.provider.js +49 -0
- package/src/lib/core/providers/phone-auth.provider.d.ts +19 -0
- package/src/lib/core/providers/phone-auth.provider.d.ts.map +1 -0
- package/src/lib/core/providers/phone-auth.provider.js +42 -0
- package/src/lib/core/services/auth-config.service.d.ts +39 -0
- package/src/lib/core/services/auth-config.service.d.ts.map +1 -0
- package/src/lib/core/services/auth-config.service.js +167 -0
- package/src/lib/core/services/auth-provider-registry.service.d.ts +42 -0
- package/src/lib/core/services/auth-provider-registry.service.d.ts.map +1 -0
- package/src/lib/core/services/auth-provider-registry.service.js +91 -0
- package/src/lib/core/services/debug-logger.service.d.ts +39 -0
- package/src/lib/core/services/debug-logger.service.d.ts.map +1 -0
- package/src/lib/core/services/{debug-logger.service.ts → debug-logger.service.js} +57 -88
- package/src/lib/core/services/initialization.service.d.ts +11 -0
- package/src/lib/core/services/initialization.service.d.ts.map +1 -0
- package/src/lib/core/services/initialization.service.js +35 -0
- package/src/lib/core/services/jwt.service.d.ts +23 -0
- package/src/lib/core/services/jwt.service.d.ts.map +1 -0
- package/src/lib/core/services/jwt.service.js +119 -0
- package/src/lib/nest-auth.module.d.ts +11 -0
- package/src/lib/nest-auth.module.d.ts.map +1 -0
- package/src/lib/nest-auth.module.js +144 -0
- package/src/lib/permission/entities/permission.entity.d.ts +27 -0
- package/src/lib/permission/entities/permission.entity.d.ts.map +1 -0
- package/src/lib/permission/entities/permission.entity.js +62 -0
- package/src/lib/permission/{index.ts → index.d.ts} +1 -1
- package/src/lib/permission/index.d.ts.map +1 -0
- package/src/lib/permission/index.js +6 -0
- package/src/lib/permission/permission.module.d.ts +3 -0
- package/src/lib/permission/permission.module.d.ts.map +1 -0
- package/src/lib/permission/permission.module.js +20 -0
- package/src/lib/permission/services/permission.service.d.ts +44 -0
- package/src/lib/permission/services/permission.service.d.ts.map +1 -0
- package/src/lib/permission/services/{permission.service.ts → permission.service.js} +48 -108
- package/src/lib/request-context/{index.ts → index.d.ts} +1 -0
- package/src/lib/request-context/index.d.ts.map +1 -0
- package/src/lib/request-context/index.js +5 -0
- package/src/lib/request-context/request-context.d.ts +23 -0
- package/src/lib/request-context/request-context.d.ts.map +1 -0
- package/src/lib/request-context/{request-context.ts → request-context.js} +26 -44
- package/src/lib/request-context/request-context.middleware.d.ts +5 -0
- package/src/lib/request-context/request-context.middleware.d.ts.map +1 -0
- package/src/lib/request-context/request-context.middleware.js +15 -0
- package/src/lib/role/entities/role.entity.d.ts +21 -0
- package/src/lib/role/entities/role.entity.d.ts.map +1 -0
- package/src/lib/role/entities/role.entity.js +110 -0
- package/src/lib/role/{index.ts → index.d.ts} +1 -2
- package/src/lib/role/index.d.ts.map +1 -0
- package/src/lib/role/index.js +5 -0
- package/src/lib/role/role.module.d.ts +3 -0
- package/src/lib/role/role.module.d.ts.map +1 -0
- package/src/lib/role/role.module.js +22 -0
- package/src/lib/role/services/role.service.d.ts +21 -0
- package/src/lib/role/services/role.service.d.ts.map +1 -0
- package/src/lib/role/services/{role.service.ts → role.service.js} +51 -107
- package/src/lib/session/entities/session.entity.d.ts +17 -0
- package/src/lib/session/entities/session.entity.d.ts.map +1 -0
- package/src/lib/session/entities/session.entity.js +62 -0
- package/src/lib/session/{index.ts → index.d.ts} +1 -11
- package/src/lib/session/index.d.ts.map +1 -0
- package/src/lib/session/index.js +18 -0
- package/src/lib/session/interfaces/{session-repository.interface.ts → session-repository.interface.d.ts} +1 -10
- package/src/lib/session/interfaces/session-repository.interface.d.ts.map +1 -0
- package/src/lib/session/interfaces/session-repository.interface.js +2 -0
- package/src/lib/session/repositories/{base-session.repository.ts → base-session.repository.d.ts} +7 -41
- package/src/lib/session/repositories/base-session.repository.d.ts.map +1 -0
- package/src/lib/session/repositories/base-session.repository.js +59 -0
- package/src/lib/session/repositories/memory-session.repository.d.ts +27 -0
- package/src/lib/session/repositories/memory-session.repository.d.ts.map +1 -0
- package/src/lib/session/repositories/{memory-session.repository.ts → memory-session.repository.js} +41 -61
- package/src/lib/session/repositories/redis-session.repository.d.ts +30 -0
- package/src/lib/session/repositories/redis-session.repository.d.ts.map +1 -0
- package/src/lib/session/repositories/{redis-session.repository.ts → redis-session.repository.js} +45 -75
- package/src/lib/session/repositories/typeorm-session.repository.d.ts +23 -0
- package/src/lib/session/repositories/typeorm-session.repository.d.ts.map +1 -0
- package/src/lib/session/repositories/typeorm-session.repository.js +79 -0
- package/src/lib/session/services/session-manager.service.d.ts +100 -0
- package/src/lib/session/services/session-manager.service.d.ts.map +1 -0
- package/src/lib/session/services/{session-manager.service.ts → session-manager.service.js} +54 -94
- package/src/lib/session/session.module.d.ts +14 -0
- package/src/lib/session/session.module.d.ts.map +1 -0
- package/src/lib/session/session.module.js +96 -0
- package/src/lib/session/utils/session.util.d.ts +73 -0
- package/src/lib/session/utils/session.util.d.ts.map +1 -0
- package/src/lib/session/utils/{session.util.ts → session.util.js} +24 -63
- package/src/lib/tenant/entities/{tenant.entity.ts → tenant.entity.d.ts} +2 -21
- package/src/lib/tenant/entities/tenant.entity.d.ts.map +1 -0
- package/src/lib/tenant/entities/tenant.entity.js +47 -0
- package/src/lib/tenant/events/tenant-created.event.d.ts +9 -0
- package/src/lib/tenant/events/tenant-created.event.d.ts.map +1 -0
- package/src/lib/tenant/events/tenant-created.event.js +9 -0
- package/src/lib/tenant/events/tenant-deleted.event.d.ts +9 -0
- package/src/lib/tenant/events/tenant-deleted.event.d.ts.map +1 -0
- package/src/lib/tenant/events/tenant-deleted.event.js +9 -0
- package/src/lib/tenant/events/tenant-updated.event.d.ts +10 -0
- package/src/lib/tenant/events/tenant-updated.event.d.ts.map +1 -0
- package/src/lib/tenant/events/tenant-updated.event.js +9 -0
- package/src/lib/tenant/{index.ts → index.d.ts} +1 -2
- package/src/lib/tenant/index.d.ts.map +1 -0
- package/src/lib/tenant/index.js +14 -0
- package/src/lib/tenant/services/tenant.service.d.ts +35 -0
- package/src/lib/tenant/services/tenant.service.d.ts.map +1 -0
- package/src/lib/tenant/services/{tenant.service.ts → tenant.service.js} +83 -137
- package/src/lib/tenant/tenant.module.d.ts +3 -0
- package/src/lib/tenant/tenant.module.d.ts.map +1 -0
- package/src/lib/tenant/tenant.module.js +26 -0
- package/src/lib/user/dto/requests/update-user.dto.d.ts +6 -0
- package/src/lib/user/dto/requests/update-user.dto.d.ts.map +1 -0
- package/src/lib/user/dto/requests/update-user.dto.js +23 -0
- package/src/lib/user/entities/access-key.entity.d.ts +17 -0
- package/src/lib/user/entities/access-key.entity.d.ts.map +1 -0
- package/src/lib/user/entities/access-key.entity.js +62 -0
- package/src/lib/user/entities/identity.entity.d.ts +13 -0
- package/src/lib/user/entities/identity.entity.d.ts.map +1 -0
- package/src/lib/user/entities/identity.entity.js +46 -0
- package/src/lib/user/entities/user.entity.d.ts +40 -0
- package/src/lib/user/entities/user.entity.d.ts.map +1 -0
- package/src/lib/user/entities/user.entity.js +218 -0
- package/src/lib/user/events/user-created.event.d.ts +10 -0
- package/src/lib/user/events/user-created.event.d.ts.map +1 -0
- package/src/lib/user/events/user-created.event.js +9 -0
- package/src/lib/user/events/user-deleted.event.d.ts +10 -0
- package/src/lib/user/events/user-deleted.event.d.ts.map +1 -0
- package/src/lib/user/events/user-deleted.event.js +9 -0
- package/src/lib/user/events/user-updated.event.d.ts +11 -0
- package/src/lib/user/events/user-updated.event.d.ts.map +1 -0
- package/src/lib/user/events/user-updated.event.js +9 -0
- package/src/lib/user/{index.ts → index.d.ts} +1 -5
- package/src/lib/user/index.d.ts.map +1 -0
- package/src/lib/user/index.js +12 -0
- package/src/lib/user/services/access-key.service.d.ts +20 -0
- package/src/lib/user/services/access-key.service.d.ts.map +1 -0
- package/src/lib/user/services/access-key.service.js +121 -0
- package/src/lib/user/services/user.service.d.ts +28 -0
- package/src/lib/user/services/user.service.d.ts.map +1 -0
- package/src/lib/user/services/{user.service.ts → user.service.js} +92 -164
- package/src/lib/user/user.module.d.ts +3 -0
- package/src/lib/user/user.module.d.ts.map +1 -0
- package/src/lib/user/user.module.js +33 -0
- package/src/lib/utils/database.utils.d.ts +3 -0
- package/src/lib/utils/database.utils.d.ts.map +1 -0
- package/src/lib/utils/database.utils.js +7 -0
- package/src/lib/utils/date.util.d.ts +41 -0
- package/src/lib/utils/date.util.d.ts.map +1 -0
- package/src/lib/utils/{date.util.ts → date.util.js} +28 -35
- package/src/lib/utils/device.util.d.ts +50 -0
- package/src/lib/utils/device.util.d.ts.map +1 -0
- package/src/lib/utils/device.util.js +114 -0
- package/src/lib/utils/{index.ts → index.d.ts} +1 -0
- package/src/lib/utils/index.d.ts.map +1 -0
- package/src/lib/utils/index.js +9 -0
- package/src/lib/utils/otp.d.ts +2 -0
- package/src/lib/utils/otp.d.ts.map +1 -0
- package/src/lib/utils/otp.js +6 -0
- package/src/lib/utils/security.util.d.ts +11 -0
- package/src/lib/utils/security.util.d.ts.map +1 -0
- package/src/lib/utils/{security.util.ts → security.util.js} +10 -9
- package/src/lib/utils/slug.util.d.ts +38 -0
- package/src/lib/utils/slug.util.d.ts.map +1 -0
- package/src/lib/utils/{slug.util.ts → slug.util.js} +10 -9
- package/eslint.config.mjs +0 -59
- package/jest.config.ts +0 -10
- package/project.json +0 -86
- package/src/lib/admin-console/admin-console.module.ts +0 -62
- package/src/lib/admin-console/controllers/admin-auth.controller.ts +0 -339
- package/src/lib/admin-console/controllers/admin-console.controller.ts +0 -82
- package/src/lib/admin-console/controllers/admin-permissions.controller.ts +0 -180
- package/src/lib/admin-console/controllers/admin-roles.controller.ts +0 -89
- package/src/lib/admin-console/controllers/admin-tenants.controller.ts +0 -68
- package/src/lib/admin-console/controllers/admin-users.controller.ts +0 -379
- package/src/lib/admin-console/decorators/current-admin.decorator.ts +0 -9
- package/src/lib/admin-console/dto/admin-permission.dto.ts +0 -106
- package/src/lib/admin-console/dto/admin-role.dto.ts +0 -45
- package/src/lib/admin-console/dto/admin-tenant.dto.ts +0 -43
- package/src/lib/admin-console/dto/admin-user.dto.ts +0 -87
- package/src/lib/admin-console/dto/create-dashboard-admin.dto.ts +0 -34
- package/src/lib/admin-console/dto/login.dto.ts +0 -10
- package/src/lib/admin-console/dto/reset-password.dto.ts +0 -21
- package/src/lib/admin-console/dto/setup-admin.dto.ts +0 -23
- package/src/lib/admin-console/dto/signup.dto.ts +0 -51
- package/src/lib/admin-console/entities/admin-user.entity.ts +0 -74
- package/src/lib/admin-console/guards/admin-session.guard.ts +0 -47
- package/src/lib/admin-console/services/admin-auth.service.ts +0 -82
- package/src/lib/admin-console/services/admin-console-config.service.ts +0 -62
- package/src/lib/admin-console/services/admin-session.service.ts +0 -106
- package/src/lib/admin-console/services/admin-user.service.ts +0 -96
- package/src/lib/auth/auth.module.ts +0 -58
- package/src/lib/auth/controllers/auth.controller.ts +0 -393
- package/src/lib/auth/controllers/mfa.controller.ts +0 -200
- package/src/lib/auth/dto/credentials/email-credentials.dto.ts +0 -24
- package/src/lib/auth/dto/credentials/phone-credentials.dto.ts +0 -24
- package/src/lib/auth/dto/credentials/social-credentials.dto.ts +0 -15
- package/src/lib/auth/dto/index.ts +0 -1
- package/src/lib/auth/dto/requests/change-password.request.dto.ts +0 -34
- package/src/lib/auth/dto/requests/forgot-password.request.dto.ts +0 -30
- package/src/lib/auth/dto/requests/initialize-admin.request.dto.ts +0 -51
- package/src/lib/auth/dto/requests/login.request.dto.ts +0 -65
- package/src/lib/auth/dto/requests/refresh-token.request.dto.ts +0 -12
- package/src/lib/auth/dto/requests/reset-password-with-token.request.dto.ts +0 -22
- package/src/lib/auth/dto/requests/reset-password.request.dto.ts +0 -50
- package/src/lib/auth/dto/requests/send-email-verification.request.dto.ts +0 -12
- package/src/lib/auth/dto/requests/send-mfa-code.request.dto.ts +0 -19
- package/src/lib/auth/dto/requests/signup.request.dto.ts +0 -42
- package/src/lib/auth/dto/requests/toggle-mfa.request.dto.ts +0 -12
- package/src/lib/auth/dto/requests/verify-2fa.request.dto.ts +0 -24
- package/src/lib/auth/dto/requests/verify-email.request.dto.ts +0 -22
- package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.ts +0 -41
- package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.ts +0 -22
- package/src/lib/auth/dto/responses/auth.response.dto.ts +0 -99
- package/src/lib/auth/dto/responses/client-config.response.dto.ts +0 -153
- package/src/lib/auth/dto/responses/initialize-admin.response.dto.ts +0 -22
- package/src/lib/auth/dto/responses/mfa-code-response.dto.ts +0 -27
- package/src/lib/auth/dto/responses/mfa-status.response.dto.ts +0 -89
- package/src/lib/auth/dto/responses/verify-otp.response.dto.ts +0 -9
- package/src/lib/auth/entities/mfa-secret.entity.ts +0 -33
- package/src/lib/auth/entities/otp.entity.ts +0 -33
- package/src/lib/auth/services/cookie.service.ts +0 -43
- package/src/lib/auth.constants.ts +0 -63
- package/src/lib/core/core.module.ts +0 -50
- package/src/lib/core/decorators/permissions.decorator.ts +0 -17
- package/src/lib/core/decorators/role.decorator.ts +0 -12
- package/src/lib/core/decorators/skip-mfa.decorator.ts +0 -4
- package/src/lib/core/dto/message.response.dto.ts +0 -6
- package/src/lib/core/interfaces/mfa-options.interface.ts +0 -46
- package/src/lib/core/interfaces/otp.interface.ts +0 -6
- package/src/lib/core/interfaces/session-options.interface.ts +0 -19
- package/src/lib/core/providers/apple-auth.provider.ts +0 -61
- package/src/lib/core/providers/base-auth.provider.ts +0 -74
- package/src/lib/core/providers/email-auth.provider.ts +0 -71
- package/src/lib/core/providers/facebook-auth.provider.ts +0 -55
- package/src/lib/core/providers/google-auth.provider.ts +0 -61
- package/src/lib/core/providers/jwt-auth.provider.ts +0 -50
- package/src/lib/core/providers/phone-auth.provider.ts +0 -45
- package/src/lib/core/services/auth-config.service.ts +0 -184
- package/src/lib/core/services/auth-provider-registry.service.ts +0 -93
- package/src/lib/core/services/initialization.service.ts +0 -29
- package/src/lib/core/services/jwt.service.ts +0 -137
- package/src/lib/nest-auth.module.ts +0 -152
- package/src/lib/permission/entities/permission.entity.ts +0 -56
- package/src/lib/permission/permission.module.ts +0 -14
- package/src/lib/request-context/request-context.middleware.ts +0 -13
- package/src/lib/role/entities/role.entity.ts +0 -103
- package/src/lib/role/role.module.ts +0 -15
- package/src/lib/session/entities/session.entity.ts +0 -54
- package/src/lib/session/repositories/typeorm-session.repository.ts +0 -86
- package/src/lib/session/session.module.ts +0 -102
- package/src/lib/tenant/events/tenant-created.event.ts +0 -9
- package/src/lib/tenant/events/tenant-deleted.event.ts +0 -11
- package/src/lib/tenant/events/tenant-updated.event.ts +0 -12
- package/src/lib/tenant/tenant.module.ts +0 -19
- package/src/lib/types/express.d.ts +0 -14
- package/src/lib/user/dto/requests/update-user.dto.ts +0 -15
- package/src/lib/user/entities/access-key.entity.ts +0 -53
- package/src/lib/user/entities/identity.entity.ts +0 -31
- package/src/lib/user/entities/user.entity.ts +0 -212
- package/src/lib/user/events/user-created.event.ts +0 -10
- package/src/lib/user/events/user-deleted.event.ts +0 -12
- package/src/lib/user/events/user-updated.event.ts +0 -13
- package/src/lib/user/services/access-key.service.ts +0 -145
- package/src/lib/user/user.module.ts +0 -26
- package/src/lib/utils/database.utils.ts +0 -6
- package/src/lib/utils/device.util.ts +0 -111
- package/src/lib/utils/otp.ts +0 -3
- package/src/types/ms.d.ts +0 -1
- package/test/access-key.service.spec.ts +0 -204
- package/test/auth.service.spec.ts +0 -541
- package/test/mfa.service.spec.ts +0 -359
- package/test/role.service.spec.ts +0 -418
- package/test/tenant.service.spec.ts +0 -218
- package/test/test.setup.ts +0 -66
- package/test/user.service.spec.ts +0 -374
- package/tsconfig.json +0 -17
- package/tsconfig.lib.json +0 -15
- package/tsconfig.spec.json +0 -15
- package/tsconfig.tsbuildinfo +0 -1
- package/ui/.env +0 -1
- package/ui/.env.example +0 -1
- package/ui/.eslintignore +0 -7
- package/ui/README.md +0 -288
- package/ui/index.html +0 -17
- package/ui/package.json +0 -34
- package/ui/postcss.config.js +0 -6
- package/ui/src/App.tsx +0 -245
- package/ui/src/components/AuthGuard.tsx +0 -59
- package/ui/src/components/AuthProvider.tsx +0 -76
- package/ui/src/components/Button.tsx +0 -37
- package/ui/src/components/Card.tsx +0 -37
- package/ui/src/components/ErrorMessage.tsx +0 -15
- package/ui/src/components/FormDialog.tsx +0 -61
- package/ui/src/components/FormFooter.tsx +0 -37
- package/ui/src/components/Layout.tsx +0 -112
- package/ui/src/components/LoadingMessage.tsx +0 -11
- package/ui/src/components/Modal.tsx +0 -97
- package/ui/src/components/MultiSelect.tsx +0 -145
- package/ui/src/components/PageHeader.tsx +0 -42
- package/ui/src/components/PanelHeader.tsx +0 -28
- package/ui/src/components/PermissionInput.tsx +0 -473
- package/ui/src/components/SearchInput.tsx +0 -69
- package/ui/src/components/Select.tsx +0 -51
- package/ui/src/components/SwaggerUIWrapper.tsx +0 -316
- package/ui/src/components/Table.tsx +0 -207
- package/ui/src/components/Tag.tsx +0 -9
- package/ui/src/components/TagsInput.tsx +0 -96
- package/ui/src/components/admin/AdminForm.tsx +0 -170
- package/ui/src/components/admin/CreateAdminDialog.tsx +0 -38
- package/ui/src/components/auth/LoginFooter.tsx +0 -17
- package/ui/src/components/auth/LoginHeader.tsx +0 -14
- package/ui/src/components/auth/components/CodeBlock.tsx +0 -43
- package/ui/src/components/auth/components/CreateAccountCodeExamples.tsx +0 -60
- package/ui/src/components/auth/components/PasswordRequirements.tsx +0 -16
- package/ui/src/components/auth/components/PasswordStrengthIndicator.tsx +0 -48
- package/ui/src/components/auth/components/ResetPasswordCodeExamples.tsx +0 -76
- package/ui/src/components/auth/components/Tabs.tsx +0 -32
- package/ui/src/components/auth/dialogs/CreateAccountDialog.tsx +0 -79
- package/ui/src/components/auth/dialogs/ForgotPasswordDialog.tsx +0 -79
- package/ui/src/components/auth/forms/CreateAccountForm.tsx +0 -226
- package/ui/src/components/auth/forms/LoginForm.tsx +0 -149
- package/ui/src/components/auth/forms/ResetPasswordForm.tsx +0 -202
- package/ui/src/components/auth/types.ts +0 -17
- package/ui/src/components/auth/utils/security.ts +0 -82
- package/ui/src/components/auth/utils/utils.ts +0 -25
- package/ui/src/components/form/EmailField.tsx +0 -25
- package/ui/src/components/form/FormField.tsx +0 -102
- package/ui/src/components/form/FormMultiSelect.tsx +0 -46
- package/ui/src/components/form/FormSelect.tsx +0 -60
- package/ui/src/components/form/FormTagsInput.tsx +0 -42
- package/ui/src/components/form/FormTextarea.tsx +0 -42
- package/ui/src/components/form/PasswordField.tsx +0 -93
- package/ui/src/components/form/SecretKeyField.tsx +0 -49
- package/ui/src/components/permission/CreatePermissionDialog.tsx +0 -44
- package/ui/src/components/permission/EditPermissionDialog.tsx +0 -55
- package/ui/src/components/permission/PermissionForm.tsx +0 -251
- package/ui/src/components/role/CreateRoleDialog.tsx +0 -45
- package/ui/src/components/role/EditRoleDialog.tsx +0 -55
- package/ui/src/components/role/RoleDialog.tsx +0 -252
- package/ui/src/components/role/RoleForm.tsx +0 -246
- package/ui/src/components/tenant/CreateTenantDialog.tsx +0 -41
- package/ui/src/components/tenant/EditTenantDialog.tsx +0 -52
- package/ui/src/components/tenant/TenantForm.tsx +0 -160
- package/ui/src/components/user/CreateUserDialog.tsx +0 -45
- package/ui/src/components/user/UserDetailModal.tsx +0 -815
- package/ui/src/components/user/UserForm.tsx +0 -191
- package/ui/src/data/nest-auth.json +0 -1687
- package/ui/src/hooks/useApi.ts +0 -69
- package/ui/src/hooks/useAuth.ts +0 -100
- package/ui/src/hooks/useConfirm.tsx +0 -105
- package/ui/src/hooks/useFormFooter.tsx +0 -42
- package/ui/src/hooks/usePagination.ts +0 -69
- package/ui/src/index.css +0 -59
- package/ui/src/main.tsx +0 -13
- package/ui/src/pages/AdminsPage.tsx +0 -178
- package/ui/src/pages/ApiPage.tsx +0 -89
- package/ui/src/pages/DashboardPage.tsx +0 -281
- package/ui/src/pages/LoginPage.tsx +0 -39
- package/ui/src/pages/PermissionsPage.tsx +0 -376
- package/ui/src/pages/RolesPage.tsx +0 -274
- package/ui/src/pages/TenantsPage.tsx +0 -221
- package/ui/src/pages/UsersPage.tsx +0 -387
- package/ui/src/services/api.ts +0 -115
- package/ui/src/types/index.ts +0 -136
- package/ui/src/vite-env.d.ts +0 -9
- package/ui/tailwind.config.js +0 -45
- package/ui/tsconfig.json +0 -24
- package/ui/tsconfig.node.json +0 -10
- package/ui/vite.config.ts +0 -37
- package/ui/yarn.lock +0 -3137
|
@@ -1,43 +0,0 @@
|
|
|
1
|
-
import { IsNotEmpty, IsObject, IsOptional, IsString, Matches } from 'class-validator';
|
|
2
|
-
|
|
3
|
-
export class AdminCreateTenantDto {
|
|
4
|
-
@IsString()
|
|
5
|
-
@IsNotEmpty()
|
|
6
|
-
name: string;
|
|
7
|
-
|
|
8
|
-
@IsString()
|
|
9
|
-
@IsNotEmpty()
|
|
10
|
-
@Matches(/^[a-z0-9]+(?:-[a-z0-9]+)*$/, {
|
|
11
|
-
message: 'Slug must be lowercase alphanumeric with hyphens, no leading/trailing or consecutive hyphens'
|
|
12
|
-
})
|
|
13
|
-
slug: string;
|
|
14
|
-
|
|
15
|
-
@IsOptional()
|
|
16
|
-
@IsString()
|
|
17
|
-
description?: string;
|
|
18
|
-
|
|
19
|
-
@IsOptional()
|
|
20
|
-
@IsObject()
|
|
21
|
-
metadata?: Record<string, any>;
|
|
22
|
-
}
|
|
23
|
-
|
|
24
|
-
export class AdminUpdateTenantDto {
|
|
25
|
-
@IsOptional()
|
|
26
|
-
@IsString()
|
|
27
|
-
name?: string;
|
|
28
|
-
|
|
29
|
-
@IsOptional()
|
|
30
|
-
@IsString()
|
|
31
|
-
@Matches(/^[a-z0-9]+(?:-[a-z0-9]+)*$/, {
|
|
32
|
-
message: 'Slug must be lowercase alphanumeric with hyphens, no leading/trailing or consecutive hyphens'
|
|
33
|
-
})
|
|
34
|
-
slug?: string;
|
|
35
|
-
|
|
36
|
-
@IsOptional()
|
|
37
|
-
@IsString()
|
|
38
|
-
description?: string;
|
|
39
|
-
|
|
40
|
-
@IsOptional()
|
|
41
|
-
@IsObject()
|
|
42
|
-
metadata?: Record<string, any>;
|
|
43
|
-
}
|
|
@@ -1,87 +0,0 @@
|
|
|
1
|
-
import {
|
|
2
|
-
IsArray,
|
|
3
|
-
IsBoolean,
|
|
4
|
-
IsEmail,
|
|
5
|
-
IsNotEmpty,
|
|
6
|
-
IsOptional,
|
|
7
|
-
IsString,
|
|
8
|
-
Matches,
|
|
9
|
-
MinLength,
|
|
10
|
-
} from 'class-validator';
|
|
11
|
-
|
|
12
|
-
export class AdminCreateUserDto {
|
|
13
|
-
@IsEmail()
|
|
14
|
-
email: string;
|
|
15
|
-
|
|
16
|
-
@IsOptional()
|
|
17
|
-
@IsString()
|
|
18
|
-
phone?: string;
|
|
19
|
-
|
|
20
|
-
@IsOptional()
|
|
21
|
-
@IsString()
|
|
22
|
-
@MinLength(8)
|
|
23
|
-
@Matches(
|
|
24
|
-
/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]+$/,
|
|
25
|
-
{ message: 'Password must contain uppercase, lowercase, number, and special character' }
|
|
26
|
-
)
|
|
27
|
-
password?: string;
|
|
28
|
-
|
|
29
|
-
@IsString()
|
|
30
|
-
@IsNotEmpty()
|
|
31
|
-
tenantId: string;
|
|
32
|
-
|
|
33
|
-
@IsOptional()
|
|
34
|
-
@IsBoolean()
|
|
35
|
-
isActive?: boolean;
|
|
36
|
-
|
|
37
|
-
@IsOptional()
|
|
38
|
-
@IsBoolean()
|
|
39
|
-
isVerified?: boolean;
|
|
40
|
-
|
|
41
|
-
@IsOptional()
|
|
42
|
-
@IsArray()
|
|
43
|
-
@IsString({ each: true })
|
|
44
|
-
roles?: string[];
|
|
45
|
-
|
|
46
|
-
@IsOptional()
|
|
47
|
-
metadata?: Record<string, any>;
|
|
48
|
-
}
|
|
49
|
-
|
|
50
|
-
export class AdminUpdateUserDto {
|
|
51
|
-
@IsOptional()
|
|
52
|
-
@IsBoolean()
|
|
53
|
-
isActive?: boolean;
|
|
54
|
-
|
|
55
|
-
@IsOptional()
|
|
56
|
-
@IsBoolean()
|
|
57
|
-
isVerified?: boolean;
|
|
58
|
-
|
|
59
|
-
@IsOptional()
|
|
60
|
-
@IsString()
|
|
61
|
-
@MinLength(8)
|
|
62
|
-
@Matches(
|
|
63
|
-
/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]+$/,
|
|
64
|
-
{ message: 'Password must contain uppercase, lowercase, number, and special character' }
|
|
65
|
-
)
|
|
66
|
-
password?: string;
|
|
67
|
-
|
|
68
|
-
@IsOptional()
|
|
69
|
-
@IsArray()
|
|
70
|
-
@IsString({ each: true })
|
|
71
|
-
roles?: string[];
|
|
72
|
-
|
|
73
|
-
@IsOptional()
|
|
74
|
-
metadata?: Record<string, any>;
|
|
75
|
-
|
|
76
|
-
@IsOptional()
|
|
77
|
-
@IsBoolean()
|
|
78
|
-
isMfaEnabled?: boolean;
|
|
79
|
-
|
|
80
|
-
@IsOptional()
|
|
81
|
-
@IsBoolean()
|
|
82
|
-
emailLoginEnabled?: boolean;
|
|
83
|
-
|
|
84
|
-
@IsOptional()
|
|
85
|
-
@IsBoolean()
|
|
86
|
-
phoneLoginEnabled?: boolean;
|
|
87
|
-
}
|
|
@@ -1,34 +0,0 @@
|
|
|
1
|
-
import { IsEmail, IsNotEmpty, IsOptional, IsString, Matches, MinLength } from 'class-validator';
|
|
2
|
-
|
|
3
|
-
export class CreateDashboardAdminDto {
|
|
4
|
-
@IsEmail()
|
|
5
|
-
email: string;
|
|
6
|
-
|
|
7
|
-
@IsString()
|
|
8
|
-
@IsNotEmpty()
|
|
9
|
-
@MinLength(8)
|
|
10
|
-
@Matches(
|
|
11
|
-
/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]+$/,
|
|
12
|
-
{ message: 'Password must contain uppercase, lowercase, number, and special character' }
|
|
13
|
-
)
|
|
14
|
-
password: string;
|
|
15
|
-
|
|
16
|
-
@IsOptional()
|
|
17
|
-
@IsString()
|
|
18
|
-
name?: string;
|
|
19
|
-
}
|
|
20
|
-
|
|
21
|
-
export class UpdateDashboardAdminDto {
|
|
22
|
-
@IsOptional()
|
|
23
|
-
@IsString()
|
|
24
|
-
name?: string;
|
|
25
|
-
|
|
26
|
-
@IsOptional()
|
|
27
|
-
@IsString()
|
|
28
|
-
@MinLength(8)
|
|
29
|
-
@Matches(
|
|
30
|
-
/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]+$/,
|
|
31
|
-
{ message: 'Password must contain uppercase, lowercase, number, and special character' }
|
|
32
|
-
)
|
|
33
|
-
password?: string;
|
|
34
|
-
}
|
|
@@ -1,21 +0,0 @@
|
|
|
1
|
-
import { IsEmail, IsNotEmpty, IsString, Matches, MinLength } from 'class-validator';
|
|
2
|
-
|
|
3
|
-
export class AdminResetPasswordDto {
|
|
4
|
-
@IsString()
|
|
5
|
-
@IsEmail()
|
|
6
|
-
@IsNotEmpty()
|
|
7
|
-
email: string;
|
|
8
|
-
|
|
9
|
-
@IsString()
|
|
10
|
-
@IsNotEmpty()
|
|
11
|
-
secretKey: string;
|
|
12
|
-
|
|
13
|
-
@IsString()
|
|
14
|
-
@IsNotEmpty()
|
|
15
|
-
@MinLength(8)
|
|
16
|
-
@Matches(
|
|
17
|
-
/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]+$/,
|
|
18
|
-
{ message: 'Password must contain uppercase, lowercase, number, and special character' }
|
|
19
|
-
)
|
|
20
|
-
newPassword: string;
|
|
21
|
-
}
|
|
@@ -1,23 +0,0 @@
|
|
|
1
|
-
import { IsEmail, IsNotEmpty, IsOptional, IsString, Matches, MinLength } from 'class-validator';
|
|
2
|
-
|
|
3
|
-
export class AdminSetupDto {
|
|
4
|
-
@IsString()
|
|
5
|
-
@IsNotEmpty()
|
|
6
|
-
setupKey: string;
|
|
7
|
-
|
|
8
|
-
@IsEmail()
|
|
9
|
-
email: string;
|
|
10
|
-
|
|
11
|
-
@IsString()
|
|
12
|
-
@IsNotEmpty()
|
|
13
|
-
@MinLength(8)
|
|
14
|
-
@Matches(
|
|
15
|
-
/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]+$/,
|
|
16
|
-
{ message: 'Password must contain uppercase, lowercase, number, and special character' }
|
|
17
|
-
)
|
|
18
|
-
password: string;
|
|
19
|
-
|
|
20
|
-
@IsOptional()
|
|
21
|
-
@IsString()
|
|
22
|
-
name?: string;
|
|
23
|
-
}
|
|
@@ -1,51 +0,0 @@
|
|
|
1
|
-
import { IsEmail, IsNotEmpty, IsOptional, IsString, Matches, MinLength } from 'class-validator';
|
|
2
|
-
import { ApiProperty } from '@nestjs/swagger';
|
|
3
|
-
|
|
4
|
-
export class AdminSignupDto {
|
|
5
|
-
@ApiProperty({
|
|
6
|
-
description: 'Admin email address',
|
|
7
|
-
example: 'admin@example.com'
|
|
8
|
-
})
|
|
9
|
-
@IsEmail()
|
|
10
|
-
@IsNotEmpty()
|
|
11
|
-
email: string;
|
|
12
|
-
|
|
13
|
-
@ApiProperty({
|
|
14
|
-
description: 'Admin password (minimum 8 characters, must contain uppercase, lowercase, number, and special character)',
|
|
15
|
-
example: 'SecurePassword123!',
|
|
16
|
-
minLength: 8
|
|
17
|
-
})
|
|
18
|
-
@IsString()
|
|
19
|
-
@IsNotEmpty()
|
|
20
|
-
@MinLength(8)
|
|
21
|
-
@Matches(
|
|
22
|
-
/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]+$/,
|
|
23
|
-
{ message: 'Password must contain uppercase, lowercase, number, and special character' }
|
|
24
|
-
)
|
|
25
|
-
password: string;
|
|
26
|
-
|
|
27
|
-
@ApiProperty({
|
|
28
|
-
description: 'Secret key for authorization (provided in module configuration)',
|
|
29
|
-
example: 'your-secret-key'
|
|
30
|
-
})
|
|
31
|
-
@IsString()
|
|
32
|
-
@IsNotEmpty()
|
|
33
|
-
secretKey: string;
|
|
34
|
-
|
|
35
|
-
@ApiProperty({
|
|
36
|
-
description: 'Admin name (optional)',
|
|
37
|
-
required: false,
|
|
38
|
-
example: 'Admin User'
|
|
39
|
-
})
|
|
40
|
-
@IsOptional()
|
|
41
|
-
@IsString()
|
|
42
|
-
name?: string;
|
|
43
|
-
|
|
44
|
-
@ApiProperty({
|
|
45
|
-
description: 'Additional metadata for the admin user (optional)',
|
|
46
|
-
required: false,
|
|
47
|
-
example: { department: 'IT', role: 'super-admin' }
|
|
48
|
-
})
|
|
49
|
-
@IsOptional()
|
|
50
|
-
metadata?: Record<string, any>;
|
|
51
|
-
}
|
|
@@ -1,74 +0,0 @@
|
|
|
1
|
-
import {
|
|
2
|
-
BaseEntity,
|
|
3
|
-
BeforeInsert,
|
|
4
|
-
BeforeUpdate,
|
|
5
|
-
Column,
|
|
6
|
-
CreateDateColumn,
|
|
7
|
-
Entity,
|
|
8
|
-
Index,
|
|
9
|
-
PrimaryGeneratedColumn,
|
|
10
|
-
UpdateDateColumn,
|
|
11
|
-
} from 'typeorm';
|
|
12
|
-
import * as argon2 from 'argon2';
|
|
13
|
-
|
|
14
|
-
@Entity('nest_auth_admin_users')
|
|
15
|
-
export class AdminUser extends BaseEntity {
|
|
16
|
-
@PrimaryGeneratedColumn('uuid')
|
|
17
|
-
id: string;
|
|
18
|
-
|
|
19
|
-
@Column({ unique: true })
|
|
20
|
-
@Index()
|
|
21
|
-
email: string;
|
|
22
|
-
|
|
23
|
-
@Column({ nullable: true })
|
|
24
|
-
name?: string;
|
|
25
|
-
|
|
26
|
-
@Column()
|
|
27
|
-
passwordHash: string;
|
|
28
|
-
|
|
29
|
-
@Column({ type: 'simple-json', nullable: true, default: '{}' })
|
|
30
|
-
metadata?: Record<string, any>;
|
|
31
|
-
|
|
32
|
-
@Column({ type: 'datetime', nullable: true })
|
|
33
|
-
lastLoginAt?: Date;
|
|
34
|
-
|
|
35
|
-
@CreateDateColumn()
|
|
36
|
-
createdAt: Date;
|
|
37
|
-
|
|
38
|
-
@UpdateDateColumn()
|
|
39
|
-
updatedAt: Date;
|
|
40
|
-
|
|
41
|
-
@BeforeInsert()
|
|
42
|
-
normalizeEmail() {
|
|
43
|
-
if (this.email) {
|
|
44
|
-
this.email = this.email.toLowerCase();
|
|
45
|
-
}
|
|
46
|
-
}
|
|
47
|
-
|
|
48
|
-
@BeforeUpdate()
|
|
49
|
-
normalizeEmailOnUpdate() {
|
|
50
|
-
if (this.email) {
|
|
51
|
-
this.email = this.email.toLowerCase();
|
|
52
|
-
}
|
|
53
|
-
}
|
|
54
|
-
|
|
55
|
-
async setPassword(password: string): Promise<void> {
|
|
56
|
-
this.passwordHash = await argon2.hash(password, {
|
|
57
|
-
type: argon2.argon2id,
|
|
58
|
-
memoryCost: 65536,
|
|
59
|
-
timeCost: 3,
|
|
60
|
-
parallelism: 4,
|
|
61
|
-
});
|
|
62
|
-
}
|
|
63
|
-
|
|
64
|
-
async validatePassword(password: string): Promise<boolean> {
|
|
65
|
-
if (!this.passwordHash) {
|
|
66
|
-
return false;
|
|
67
|
-
}
|
|
68
|
-
try {
|
|
69
|
-
return await argon2.verify(this.passwordHash, password);
|
|
70
|
-
} catch {
|
|
71
|
-
return false;
|
|
72
|
-
}
|
|
73
|
-
}
|
|
74
|
-
}
|
|
@@ -1,47 +0,0 @@
|
|
|
1
|
-
import {
|
|
2
|
-
CanActivate,
|
|
3
|
-
ExecutionContext,
|
|
4
|
-
Injectable,
|
|
5
|
-
UnauthorizedException,
|
|
6
|
-
} from '@nestjs/common';
|
|
7
|
-
import { Request } from 'express';
|
|
8
|
-
import { AdminSessionService } from '../services/admin-session.service';
|
|
9
|
-
import { AdminUserService } from '../services/admin-user.service';
|
|
10
|
-
import { AdminConsoleConfigService } from '../services/admin-console-config.service';
|
|
11
|
-
import { AdminUser } from '../entities/admin-user.entity';
|
|
12
|
-
|
|
13
|
-
export interface AdminRequest extends Request {
|
|
14
|
-
adminUser?: AdminUser;
|
|
15
|
-
}
|
|
16
|
-
|
|
17
|
-
@Injectable()
|
|
18
|
-
export class AdminSessionGuard implements CanActivate {
|
|
19
|
-
constructor(
|
|
20
|
-
private readonly sessions: AdminSessionService,
|
|
21
|
-
private readonly adminUsers: AdminUserService,
|
|
22
|
-
private readonly config: AdminConsoleConfigService,
|
|
23
|
-
) { }
|
|
24
|
-
|
|
25
|
-
async canActivate(context: ExecutionContext): Promise<boolean> {
|
|
26
|
-
const req = context.switchToHttp().getRequest<AdminRequest>();
|
|
27
|
-
this.config.ensureEnabled();
|
|
28
|
-
|
|
29
|
-
const token = this.sessions.extractToken(req);
|
|
30
|
-
if (!token) {
|
|
31
|
-
throw new UnauthorizedException('Admin authentication required');
|
|
32
|
-
}
|
|
33
|
-
|
|
34
|
-
const payload = this.sessions.verifySession(token);
|
|
35
|
-
if (!payload) {
|
|
36
|
-
throw new UnauthorizedException('Invalid admin session');
|
|
37
|
-
}
|
|
38
|
-
|
|
39
|
-
const admin = await this.adminUsers.findById(payload.sub);
|
|
40
|
-
if (!admin) {
|
|
41
|
-
throw new UnauthorizedException('Admin account not found');
|
|
42
|
-
}
|
|
43
|
-
|
|
44
|
-
req.adminUser = admin;
|
|
45
|
-
return true;
|
|
46
|
-
}
|
|
47
|
-
}
|
|
@@ -1,82 +0,0 @@
|
|
|
1
|
-
import { Injectable, UnauthorizedException, BadRequestException } from '@nestjs/common';
|
|
2
|
-
import { AdminUserService } from './admin-user.service';
|
|
3
|
-
import { AdminSessionService } from './admin-session.service';
|
|
4
|
-
import { AdminConsoleConfigService } from './admin-console-config.service';
|
|
5
|
-
import { AdminUser } from '../entities/admin-user.entity';
|
|
6
|
-
import { DebugLoggerService } from '../../core/services/debug-logger.service';
|
|
7
|
-
import { compareKeys } from '../../utils/security.util';
|
|
8
|
-
|
|
9
|
-
@Injectable()
|
|
10
|
-
export class AdminAuthService {
|
|
11
|
-
constructor(
|
|
12
|
-
private readonly adminUsers: AdminUserService,
|
|
13
|
-
private readonly sessions: AdminSessionService,
|
|
14
|
-
private readonly config: AdminConsoleConfigService,
|
|
15
|
-
private readonly debugLogger: DebugLoggerService,
|
|
16
|
-
) { }
|
|
17
|
-
|
|
18
|
-
async validateCredentials(email: string, password: string): Promise<AdminUser> {
|
|
19
|
-
const admin = await this.adminUsers.findByEmail(email);
|
|
20
|
-
if (!admin) {
|
|
21
|
-
throw new UnauthorizedException('Invalid credentials');
|
|
22
|
-
}
|
|
23
|
-
const valid = await admin.validatePassword(password);
|
|
24
|
-
if (!valid) {
|
|
25
|
-
throw new UnauthorizedException('Invalid credentials');
|
|
26
|
-
}
|
|
27
|
-
admin.lastLoginAt = new Date();
|
|
28
|
-
await admin.save();
|
|
29
|
-
return admin;
|
|
30
|
-
}
|
|
31
|
-
|
|
32
|
-
async createInitialAdmin(payload: {
|
|
33
|
-
setupKey: string;
|
|
34
|
-
email: string;
|
|
35
|
-
password: string;
|
|
36
|
-
name?: string;
|
|
37
|
-
metadata?: Record<string, any>;
|
|
38
|
-
}): Promise<AdminUser> {
|
|
39
|
-
this.config.ensureEnabled();
|
|
40
|
-
const configuredKey = this.config.getSecretKey();
|
|
41
|
-
|
|
42
|
-
if (!configuredKey) {
|
|
43
|
-
throw new BadRequestException({
|
|
44
|
-
message: 'Admin console setup key is not configured.',
|
|
45
|
-
code: 'ADMIN_CONSOLE_SETUP_DISABLED',
|
|
46
|
-
});
|
|
47
|
-
}
|
|
48
|
-
|
|
49
|
-
// Use constant-time comparison to prevent timing attacks
|
|
50
|
-
if (!compareKeys(payload.setupKey, configuredKey)) {
|
|
51
|
-
throw new UnauthorizedException({
|
|
52
|
-
message: 'Invalid admin console setup key.',
|
|
53
|
-
code: 'INVALID_ADMIN_CONSOLE_SETUP_KEY',
|
|
54
|
-
});
|
|
55
|
-
}
|
|
56
|
-
|
|
57
|
-
const existingAdmins = await this.adminUsers.listAdmins();
|
|
58
|
-
if (existingAdmins.length > 0) {
|
|
59
|
-
throw new BadRequestException({
|
|
60
|
-
message: 'Admin users already exist. Use the dashboard to manage administrators.',
|
|
61
|
-
code: 'ADMIN_USERS_ALREADY_INITIALIZED',
|
|
62
|
-
});
|
|
63
|
-
}
|
|
64
|
-
|
|
65
|
-
// Mask email to avoid logging PII
|
|
66
|
-
const maskedEmail = payload.email.replace(/(.{2})(.*)(@.*)/, '$1****$3');
|
|
67
|
-
this.debugLogger.info('Creating initial admin console user', 'AdminAuthService', {
|
|
68
|
-
email: maskedEmail,
|
|
69
|
-
});
|
|
70
|
-
|
|
71
|
-
return this.adminUsers.createAdmin({
|
|
72
|
-
email: payload.email,
|
|
73
|
-
password: payload.password,
|
|
74
|
-
name: payload.name,
|
|
75
|
-
metadata: payload.metadata,
|
|
76
|
-
});
|
|
77
|
-
}
|
|
78
|
-
|
|
79
|
-
createSession(admin: AdminUser): string {
|
|
80
|
-
return this.sessions.createSession(admin);
|
|
81
|
-
}
|
|
82
|
-
}
|
|
@@ -1,62 +0,0 @@
|
|
|
1
|
-
import { Injectable, NotFoundException } from '@nestjs/common';
|
|
2
|
-
import { AuthConfigService } from '../../core/services/auth-config.service';
|
|
3
|
-
import { AdminConsoleOptions } from '../../core/interfaces/auth-module-options.interface';
|
|
4
|
-
import { CookieOptions } from 'express';
|
|
5
|
-
|
|
6
|
-
@Injectable()
|
|
7
|
-
export class AdminConsoleConfigService {
|
|
8
|
-
constructor(private readonly authConfig: AuthConfigService) { }
|
|
9
|
-
|
|
10
|
-
get options(): AdminConsoleOptions {
|
|
11
|
-
return this.authConfig.getConfig().adminConsole ?? ({} as AdminConsoleOptions);
|
|
12
|
-
}
|
|
13
|
-
|
|
14
|
-
ensureEnabled(): void {
|
|
15
|
-
if (this.options?.enabled === false) {
|
|
16
|
-
throw new NotFoundException('Admin console is disabled');
|
|
17
|
-
}
|
|
18
|
-
}
|
|
19
|
-
|
|
20
|
-
getCookieName(): string {
|
|
21
|
-
return this.options?.sessionCookieName ?? 'nest_auth_admin';
|
|
22
|
-
}
|
|
23
|
-
|
|
24
|
-
getBasePath(): string {
|
|
25
|
-
return this.options?.basePath;
|
|
26
|
-
}
|
|
27
|
-
|
|
28
|
-
getSessionSecret(): string {
|
|
29
|
-
// Use secretKey for session signing - unified key for all admin console security operations
|
|
30
|
-
return this.options?.secretKey ?? 'change-me-admin-secret';
|
|
31
|
-
}
|
|
32
|
-
|
|
33
|
-
getSessionDuration(): string | number {
|
|
34
|
-
return this.options?.sessionDuration ?? '2h';
|
|
35
|
-
}
|
|
36
|
-
|
|
37
|
-
getCookieOptions(): CookieOptions {
|
|
38
|
-
// Determine secure flag based on environment
|
|
39
|
-
const secureDefault = process.env.NODE_ENV === 'production';
|
|
40
|
-
|
|
41
|
-
const base: CookieOptions = {
|
|
42
|
-
httpOnly: true,
|
|
43
|
-
sameSite: 'lax',
|
|
44
|
-
secure: secureDefault,
|
|
45
|
-
path: this.getBasePath(),
|
|
46
|
-
};
|
|
47
|
-
|
|
48
|
-
return {
|
|
49
|
-
...base,
|
|
50
|
-
...(this.options?.cookie ?? {}),
|
|
51
|
-
path: this.options?.cookie?.path ?? base.path,
|
|
52
|
-
};
|
|
53
|
-
}
|
|
54
|
-
|
|
55
|
-
allowAdminManagement(): boolean {
|
|
56
|
-
return this.options?.allowAdminManagement !== false;
|
|
57
|
-
}
|
|
58
|
-
|
|
59
|
-
getSecretKey(): string | undefined {
|
|
60
|
-
return this.options?.secretKey;
|
|
61
|
-
}
|
|
62
|
-
}
|
|
@@ -1,106 +0,0 @@
|
|
|
1
|
-
import { Injectable } from '@nestjs/common';
|
|
2
|
-
import { Request } from 'express';
|
|
3
|
-
import * as jwt from 'jsonwebtoken';
|
|
4
|
-
import ms from 'ms';
|
|
5
|
-
import { AdminConsoleConfigService } from './admin-console-config.service';
|
|
6
|
-
import { AdminUser } from '../entities/admin-user.entity';
|
|
7
|
-
|
|
8
|
-
interface AdminSessionPayload {
|
|
9
|
-
sub: string;
|
|
10
|
-
email: string;
|
|
11
|
-
iat: number;
|
|
12
|
-
exp: number;
|
|
13
|
-
}
|
|
14
|
-
|
|
15
|
-
@Injectable()
|
|
16
|
-
export class AdminSessionService {
|
|
17
|
-
constructor(private readonly config: AdminConsoleConfigService) { }
|
|
18
|
-
|
|
19
|
-
createSession(admin: AdminUser): string {
|
|
20
|
-
const secret = this.config.getSessionSecret();
|
|
21
|
-
const duration = this.config.getSessionDuration();
|
|
22
|
-
const expiresIn = typeof duration === 'number' ? duration : duration || '2h';
|
|
23
|
-
return jwt.sign(
|
|
24
|
-
{
|
|
25
|
-
sub: admin.id,
|
|
26
|
-
email: admin.email,
|
|
27
|
-
},
|
|
28
|
-
secret,
|
|
29
|
-
{
|
|
30
|
-
expiresIn,
|
|
31
|
-
},
|
|
32
|
-
);
|
|
33
|
-
}
|
|
34
|
-
|
|
35
|
-
verifySession(token: string): AdminSessionPayload | null {
|
|
36
|
-
if (!token) {
|
|
37
|
-
return null;
|
|
38
|
-
}
|
|
39
|
-
try {
|
|
40
|
-
return jwt.verify(token, this.config.getSessionSecret()) as AdminSessionPayload;
|
|
41
|
-
} catch (error) {
|
|
42
|
-
// Log JWT verification failures for security monitoring
|
|
43
|
-
console.warn('JWT verification failed:', error.message);
|
|
44
|
-
return null;
|
|
45
|
-
}
|
|
46
|
-
}
|
|
47
|
-
|
|
48
|
-
getCookieName(): string {
|
|
49
|
-
return this.config.getCookieName();
|
|
50
|
-
}
|
|
51
|
-
|
|
52
|
-
getMaxAge(): number | undefined {
|
|
53
|
-
const duration = this.config.getSessionDuration();
|
|
54
|
-
if (typeof duration === 'number') {
|
|
55
|
-
return duration * 1000;
|
|
56
|
-
}
|
|
57
|
-
if (typeof duration === 'string') {
|
|
58
|
-
return ms(duration);
|
|
59
|
-
}
|
|
60
|
-
return ms('2h');
|
|
61
|
-
}
|
|
62
|
-
|
|
63
|
-
extractToken(request: Request): string | undefined {
|
|
64
|
-
const cookieName = this.getCookieName();
|
|
65
|
-
const cookieHeader = request.headers?.cookie;
|
|
66
|
-
|
|
67
|
-
if (request.cookies && request.cookies[cookieName]) {
|
|
68
|
-
return request.cookies[cookieName];
|
|
69
|
-
}
|
|
70
|
-
|
|
71
|
-
if (!cookieHeader) {
|
|
72
|
-
return undefined;
|
|
73
|
-
}
|
|
74
|
-
|
|
75
|
-
const cookies = this.parseCookieHeader(cookieHeader);
|
|
76
|
-
return cookies[cookieName];
|
|
77
|
-
}
|
|
78
|
-
|
|
79
|
-
/**
|
|
80
|
-
* Invalidate all sessions for a given admin user.
|
|
81
|
-
* Since we're using stateless JWT tokens, this is a no-op for now,
|
|
82
|
-
* but provides a hook for future stateful session implementations.
|
|
83
|
-
*/
|
|
84
|
-
async invalidateSessionForAdmin(adminId: string): Promise<void> {
|
|
85
|
-
// With JWT-based stateless sessions, we can't revoke tokens server-side
|
|
86
|
-
// This method exists for future implementations that use database-backed sessions
|
|
87
|
-
// For now, clearing the client cookie in the logout handler is sufficient
|
|
88
|
-
return Promise.resolve();
|
|
89
|
-
}
|
|
90
|
-
|
|
91
|
-
private parseCookieHeader(header: string): Record<string, string> {
|
|
92
|
-
return header.split(';').reduce<Record<string, string>>((acc, part) => {
|
|
93
|
-
const [key, ...rest] = part.split('=');
|
|
94
|
-
if (!key) {
|
|
95
|
-
return acc;
|
|
96
|
-
}
|
|
97
|
-
try {
|
|
98
|
-
acc[key.trim()] = decodeURIComponent(rest.join('=').trim());
|
|
99
|
-
} catch (error) {
|
|
100
|
-
// If decoding fails, use the raw value
|
|
101
|
-
acc[key.trim()] = rest.join('=').trim();
|
|
102
|
-
}
|
|
103
|
-
return acc;
|
|
104
|
-
}, {});
|
|
105
|
-
}
|
|
106
|
-
}
|