@ackplus/nest-auth 1.1.1 → 1.1.5

package/src/lib/user/entities/user.entity.d.ts

@@ -0,0 +1,40 @@
+import { BaseEntity } from "typeorm";
+import { NestAuthTenant } from "../../tenant/entities/tenant.entity";
+import { NestAuthIdentity } from "./identity.entity";
+import { NestAuthSession } from "../../session/entities/session.entity";
+import { NestAuthOTP } from "../../auth/entities/otp.entity";
+import { NestAuthMFASecret } from "../../auth/entities/mfa-secret.entity";
+import { NestAuthRole } from "../../role/entities/role.entity";
+export declare class NestAuthUser extends BaseEntity {
+    id: string;
+    email: string;
+    emailVerifiedAt: Date;
+    phone: string;
+    phoneVerifiedAt: Date;
+    passwordHash: string;
+    isVerified: boolean;
+    isActive: boolean;
+    metadata?: Record<string, any>;
+    tenantId?: string;
+    isMfaEnabled: boolean;
+    mfaRecoveryCode?: string;
+    tenant: NestAuthTenant;
+    identities: NestAuthIdentity[];
+    mfaSecrets: NestAuthMFASecret[];
+    sessions: NestAuthSession[];
+    otps: NestAuthOTP[];
+    roles: NestAuthRole[];
+    emailTenant: string;
+    phoneTenant: string;
+    createdAt: Date;
+    updatedAt: Date;
+    updateTenantFields(): void;
+    getPermissions(): Promise<string[]>;
+    getRoles(): Promise<NestAuthRole[]>;
+    assignRoles(roles: string | string[], guard: string): Promise<void>;
+    findOrCreateIdentity(provider: string, providerId: string): Promise<NestAuthIdentity>;
+    updateOrCreateIdentity(provider: string, data: Partial<NestAuthIdentity>): Promise<NestAuthIdentity>;
+    validatePassword(password: string): Promise<boolean>;
+    setPassword(password: string): Promise<void>;
+}
+//# sourceMappingURL=user.entity.d.ts.map

package/src/lib/user/entities/user.entity.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"user.entity.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/user/entities/user.entity.ts"],"names":[],"mappings":"AAAA,OAAO,EAQH,UAAU,EAMb,MAAM,SAAS,CAAC;AAEjB,OAAO,EAAE,cAAc,EAAE,MAAM,qCAAqC,CAAC;AACrE,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,MAAM,uCAAuC,CAAC;AAExE,OAAO,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;AAC7D,OAAO,EAAE,iBAAiB,EAAE,MAAM,uCAAuC,CAAC;AAC1E,OAAO,EAAE,YAAY,EAAE,MAAM,iCAAiC,CAAC;AAE/D,qBACa,YAAa,SAAQ,UAAU;IAExC,EAAE,EAAE,MAAM,CAAC;IAIX,KAAK,EAAE,MAAM,CAAC;IAId,eAAe,EAAE,IAAI,CAAC;IAItB,KAAK,EAAE,MAAM,CAAC;IAId,eAAe,EAAE,IAAI,CAAC;IAGtB,YAAY,EAAE,MAAM,CAAC;IAGrB,UAAU,EAAE,OAAO,CAAC;IAGpB,QAAQ,EAAE,OAAO,CAAC;IAGlB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAG/B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAGlB,YAAY,EAAE,OAAO,CAAC;IAGtB,eAAe,CAAC,EAAE,MAAM,CAAC;IAGzB,MAAM,EAAE,cAAc,CAAC;IAGvB,UAAU,EAAE,gBAAgB,EAAE,CAAC;IAG/B,UAAU,EAAE,iBAAiB,EAAE,CAAC;IAGhC,QAAQ,EAAE,eAAe,EAAE,CAAC;IAG5B,IAAI,EAAE,WAAW,EAAE,CAAC;IAGpB,KAAK,EAAE,YAAY,EAAE,CAAC;IAItB,WAAW,EAAE,MAAM,CAAC;IAIpB,WAAW,EAAE,MAAM,CAAC;IAGpB,SAAS,EAAE,IAAI,CAAC;IAGhB,SAAS,EAAE,IAAI,CAAC;IAKhB,kBAAkB;IASZ,cAAc,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;IAkBnC,QAAQ,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;IAenC,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,EAAE,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAYnE,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM;IAiBzD,sBAAsB,CACxB,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,OAAO,CAAC,gBAAgB,CAAC,GAChC,OAAO,CAAC,gBAAgB,CAAC;IAiBtB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAUpD,WAAW,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CASrD"}

package/src/lib/user/entities/user.entity.js

@@ -0,0 +1,218 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NestAuthUser = void 0;
+const tslib_1 = require("tslib");
+const typeorm_1 = require("typeorm");
+const argon2 = tslib_1.__importStar(require("argon2"));
+const tenant_entity_1 = require("../../tenant/entities/tenant.entity");
+const identity_entity_1 = require("./identity.entity");
+const session_entity_1 = require("../../session/entities/session.entity");
+const lodash_1 = require("lodash");
+const otp_entity_1 = require("../../auth/entities/otp.entity");
+const mfa_secret_entity_1 = require("../../auth/entities/mfa-secret.entity");
+const role_entity_1 = require("../../role/entities/role.entity");
+let NestAuthUser = class NestAuthUser extends typeorm_1.BaseEntity {
+    updateTenantFields() {
+        // Normalize email to lowercase for consistency
+        if (this.email) {
+            this.email = this.email.toLowerCase().trim();
+        }
+        this.emailTenant = this.email ? `${this.email}:${this.tenantId || 'global'}` : null;
+        this.phoneTenant = this.phone ? `${this.phone}:${this.tenantId || 'global'}` : null;
+    }
+    async getPermissions() {
+        if (!this.roles) {
+            this.roles = await role_entity_1.NestAuthRole.find({
+                select: {
+                    id: true,
+                    name: true,
+                    permissions: true
+                },
+                where: { users: { id: this.id }, tenantId: this.tenantId }
+            });
+        }
+        return (0, lodash_1.chain)(this.roles)
+            .map(role => role.permissions)
+            .flatten()
+            .uniq()
+            .value();
+    }
+    async getRoles() {
+        if (!this.roles) {
+            this.roles = await role_entity_1.NestAuthRole.find({
+                select: {
+                    id: true,
+                    name: true,
+                    isSystem: true,
+                    guard: true,
+                },
+                where: { users: { id: this.id }, tenantId: this.tenantId }
+            });
+        }
+        return this.roles;
+    }
+    async assignRoles(roles, guard) {
+        // Find both system roles and tenant - specific roles
+        this.roles = await role_entity_1.NestAuthRole.find({
+            where: [
+                // System roles (tenantId is null)
+                { name: (0, typeorm_1.In)(Array.isArray(roles) ? roles : [roles]), isSystem: true, guard },
+                // Tenant-specific roles
+                { name: (0, typeorm_1.In)(Array.isArray(roles) ? roles : [roles]), tenantId: this.tenantId, isSystem: false, guard }
+            ]
+        });
+    }
+    async findOrCreateIdentity(provider, providerId) {
+        const existingIdentity = await identity_entity_1.NestAuthIdentity.findOne({
+            where: { provider, providerId, userId: this.id }
+        });
+        if (existingIdentity) {
+            return existingIdentity;
+        }
+        const identity = new identity_entity_1.NestAuthIdentity();
+        identity.provider = provider;
+        identity.providerId = providerId;
+        identity.user = this;
+        return identity.save();
+    }
+    async updateOrCreateIdentity(provider, data) {
+        let identity = {};
+        if (provider) {
+            identity = await identity_entity_1.NestAuthIdentity.findOne({
+                where: { provider, userId: this.id },
+            });
+        }
+        identity = identity_entity_1.NestAuthIdentity.create({
+            provider,
+            ...identity,
+            ...data,
+            userId: this.id,
+        });
+        return identity.save();
+    }
+    async validatePassword(password) {
+        if (!this.passwordHash)
+            return false;
+        try {
+            return await argon2.verify(this.passwordHash, password);
+        }
+        catch (error) {
+            // Invalid hash format or verification error
+            return false;
+        }
+    }
+    async setPassword(password) {
+        // Argon2id is the recommended variant (hybrid of Argon2i and Argon2d)
+        this.passwordHash = await argon2.hash(password, {
+            type: argon2.argon2id,
+            memoryCost: 65536, // 64 MiB
+            timeCost: 3, // 3 iterations
+            parallelism: 4 // 4 parallel threads
+        });
+    }
+};
+exports.NestAuthUser = NestAuthUser;
+tslib_1.__decorate([
+    (0, typeorm_1.PrimaryGeneratedColumn)('uuid'),
+    tslib_1.__metadata("design:type", String)
+], NestAuthUser.prototype, "id", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.Column)({ nullable: true }),
+    (0, typeorm_1.Index)(),
+    tslib_1.__metadata("design:type", String)
+], NestAuthUser.prototype, "email", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.Column)({ nullable: true }),
+    (0, typeorm_1.Index)(),
+    tslib_1.__metadata("design:type", Date)
+], NestAuthUser.prototype, "emailVerifiedAt", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.Column)({ nullable: true }),
+    (0, typeorm_1.Index)(),
+    tslib_1.__metadata("design:type", String)
+], NestAuthUser.prototype, "phone", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.Column)({ nullable: true }),
+    (0, typeorm_1.Index)(),
+    tslib_1.__metadata("design:type", Date)
+], NestAuthUser.prototype, "phoneVerifiedAt", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.Column)({ nullable: true }),
+    tslib_1.__metadata("design:type", String)
+], NestAuthUser.prototype, "passwordHash", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.Column)({ default: false }),
+    tslib_1.__metadata("design:type", Boolean)
+], NestAuthUser.prototype, "isVerified", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.Column)({ default: true }),
+    tslib_1.__metadata("design:type", Boolean)
+], NestAuthUser.prototype, "isActive", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.Column)({ type: 'simple-json', nullable: true, default: '{}' }),
+    tslib_1.__metadata("design:type", Object)
+], NestAuthUser.prototype, "metadata", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.Column)({ nullable: true }),
+    tslib_1.__metadata("design:type", String)
+], NestAuthUser.prototype, "tenantId", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.Column)({ default: false }),
+    tslib_1.__metadata("design:type", Boolean)
+], NestAuthUser.prototype, "isMfaEnabled", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.Column)({ nullable: true }),
+    tslib_1.__metadata("design:type", String)
+], NestAuthUser.prototype, "mfaRecoveryCode", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.ManyToOne)(() => tenant_entity_1.NestAuthTenant, { onDelete: 'CASCADE' }),
+    tslib_1.__metadata("design:type", tenant_entity_1.NestAuthTenant)
+], NestAuthUser.prototype, "tenant", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.OneToMany)(() => identity_entity_1.NestAuthIdentity, identity => identity.user),
+    tslib_1.__metadata("design:type", Array)
+], NestAuthUser.prototype, "identities", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.OneToMany)(() => mfa_secret_entity_1.NestAuthMFASecret, mfaSecret => mfaSecret.user),
+    tslib_1.__metadata("design:type", Array)
+], NestAuthUser.prototype, "mfaSecrets", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.OneToMany)(() => session_entity_1.NestAuthSession, session => session.user),
+    tslib_1.__metadata("design:type", Array)
+], NestAuthUser.prototype, "sessions", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.OneToMany)(() => otp_entity_1.NestAuthOTP, otp => otp.user),
+    tslib_1.__metadata("design:type", Array)
+], NestAuthUser.prototype, "otps", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.ManyToMany)(() => role_entity_1.NestAuthRole, role => role.users, { onDelete: 'CASCADE' }),
+    tslib_1.__metadata("design:type", Array)
+], NestAuthUser.prototype, "roles", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.Index)('IDX_USER_EMAIL_TENANT', { unique: true }),
+    (0, typeorm_1.Column)({ nullable: true }),
+    tslib_1.__metadata("design:type", String)
+], NestAuthUser.prototype, "emailTenant", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.Index)('IDX_USER_PHONE_TENANT', { unique: true }),
+    (0, typeorm_1.Column)({ nullable: true }),
+    tslib_1.__metadata("design:type", String)
+], NestAuthUser.prototype, "phoneTenant", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.CreateDateColumn)(),
+    tslib_1.__metadata("design:type", Date)
+], NestAuthUser.prototype, "createdAt", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.UpdateDateColumn)(),
+    tslib_1.__metadata("design:type", Date)
+], NestAuthUser.prototype, "updatedAt", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.BeforeInsert)(),
+    (0, typeorm_1.BeforeUpdate)(),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", []),
+    tslib_1.__metadata("design:returntype", void 0)
+], NestAuthUser.prototype, "updateTenantFields", null);
+exports.NestAuthUser = NestAuthUser = tslib_1.__decorate([
+    (0, typeorm_1.Entity)('nest_auth_users')
+], NestAuthUser);

package/src/lib/user/events/user-created.event.d.ts

@@ -0,0 +1,10 @@
+import { NestAuthUser } from '../entities/user.entity';
+export interface UserCreatedEventPayload {
+    user: NestAuthUser;
+    tenantId?: string;
+}
+export declare class UserCreatedEvent {
+    readonly payload: UserCreatedEventPayload;
+    constructor(payload: UserCreatedEventPayload);
+}
+//# sourceMappingURL=user-created.event.d.ts.map

package/src/lib/user/events/user-created.event.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"user-created.event.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/user/events/user-created.event.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAEvD,MAAM,WAAW,uBAAuB;IACpC,IAAI,EAAE,YAAY,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,qBAAa,gBAAgB;aACG,OAAO,EAAE,uBAAuB;gBAAhC,OAAO,EAAE,uBAAuB;CAC/D"}

package/src/lib/user/events/user-created.event.js

@@ -0,0 +1,9 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.UserCreatedEvent = void 0;
+class UserCreatedEvent {
+    constructor(payload) {
+        this.payload = payload;
+    }
+}
+exports.UserCreatedEvent = UserCreatedEvent;

package/src/lib/user/events/user-deleted.event.d.ts

@@ -0,0 +1,10 @@
+import { NestAuthUser } from "../entities/user.entity";
+export interface UserDeletedEventPayload {
+    user: NestAuthUser;
+    tenantId?: string;
+}
+export declare class UserDeletedEvent {
+    readonly payload: UserDeletedEventPayload;
+    constructor(payload: UserDeletedEventPayload);
+}
+//# sourceMappingURL=user-deleted.event.d.ts.map

package/src/lib/user/events/user-deleted.event.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"user-deleted.event.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/user/events/user-deleted.event.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAEvD,MAAM,WAAW,uBAAuB;IACpC,IAAI,EAAE,YAAY,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,qBAAa,gBAAgB;aAEL,OAAO,EAAE,uBAAuB;gBAAhC,OAAO,EAAE,uBAAuB;CAEvD"}

package/src/lib/user/events/user-deleted.event.js

@@ -0,0 +1,9 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.UserDeletedEvent = void 0;
+class UserDeletedEvent {
+    constructor(payload) {
+        this.payload = payload;
+    }
+}
+exports.UserDeletedEvent = UserDeletedEvent;

package/src/lib/user/events/user-updated.event.d.ts

@@ -0,0 +1,11 @@
+import { NestAuthUser } from "../entities/user.entity";
+export interface UserUpdatedEventPayload {
+    user: NestAuthUser;
+    tenantId?: string;
+    updatedFields: string[];
+}
+export declare class UserUpdatedEvent {
+    readonly payload: UserUpdatedEventPayload;
+    constructor(payload: UserUpdatedEventPayload);
+}
+//# sourceMappingURL=user-updated.event.d.ts.map

package/src/lib/user/events/user-updated.event.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"user-updated.event.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/user/events/user-updated.event.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAEvD,MAAM,WAAW,uBAAuB;IACpC,IAAI,EAAE,YAAY,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED,qBAAa,gBAAgB;aAEL,OAAO,EAAE,uBAAuB;gBAAhC,OAAO,EAAE,uBAAuB;CAEvD"}

package/src/lib/user/events/user-updated.event.js

@@ -0,0 +1,9 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.UserUpdatedEvent = void 0;
+class UserUpdatedEvent {
+    constructor(payload) {
+        this.payload = payload;
+    }
+}
+exports.UserUpdatedEvent = UserUpdatedEvent;

package/src/lib/user/{index.ts → index.d.ts}

@@ -1,11 +1,7 @@
-// DTOs
 export * from './dto/requests/update-user.dto';
-
-// Services
 export * from './services/user.service';
 export * from './services/access-key.service';
-
-// Entities
 export * from './entities/user.entity';
 export * from './entities/identity.entity';
 export * from './entities/access-key.entity';
+//# sourceMappingURL=index.d.ts.map

package/src/lib/user/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/user/index.ts"],"names":[],"mappings":"AACA,cAAc,gCAAgC,CAAC;AAG/C,cAAc,yBAAyB,CAAC;AACxC,cAAc,+BAA+B,CAAC;AAG9C,cAAc,wBAAwB,CAAC;AACvC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,8BAA8B,CAAC"}

package/src/lib/user/index.js

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const tslib_1 = require("tslib");
+// DTOs
+tslib_1.__exportStar(require("./dto/requests/update-user.dto"), exports);
+// Services
+tslib_1.__exportStar(require("./services/user.service"), exports);
+tslib_1.__exportStar(require("./services/access-key.service"), exports);
+// Entities
+tslib_1.__exportStar(require("./entities/user.entity"), exports);
+tslib_1.__exportStar(require("./entities/identity.entity"), exports);
+tslib_1.__exportStar(require("./entities/access-key.entity"), exports);

package/src/lib/user/services/access-key.service.d.ts

@@ -0,0 +1,20 @@
+import { Repository } from 'typeorm';
+import { NestAuthAccessKey } from '../entities/access-key.entity';
+import { NestAuthUser } from '../entities/user.entity';
+import { EventEmitter2 } from '@nestjs/event-emitter';
+export declare class AccessKeyService {
+    private accessKeyRepository;
+    private userRepository;
+    private eventEmitter;
+    constructor(accessKeyRepository: Repository<NestAuthAccessKey>, userRepository: Repository<NestAuthUser>, eventEmitter: EventEmitter2);
+    private generateKeyPair;
+    createAccessKey(userId: string, name: string): Promise<NestAuthAccessKey>;
+    getAccessKey(publicKey: string): Promise<NestAuthAccessKey>;
+    validateAccessKey(publicKey: string, privateKey: string): Promise<boolean>;
+    getUserAccessKeys(userId: string): Promise<NestAuthAccessKey[]>;
+    deactivateAccessKey(publicKey: string): Promise<NestAuthAccessKey>;
+    updateAccessKeyLastUsed(publicKey: string): Promise<void>;
+    setAccessKeyExpiry(publicKey: string, expiresAt: Date): Promise<NestAuthAccessKey>;
+    deleteAccessKey(publicKey: string): Promise<void>;
+}
+//# sourceMappingURL=access-key.service.d.ts.map

package/src/lib/user/services/access-key.service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"access-key.service.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/user/services/access-key.service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,iBAAiB,EAAE,MAAM,+BAA+B,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAItD,qBACa,gBAAgB;IAGrB,OAAO,CAAC,mBAAmB;IAG3B,OAAO,CAAC,cAAc;IACtB,OAAO,CAAC,YAAY;gBAJZ,mBAAmB,EAAE,UAAU,CAAC,iBAAiB,CAAC,EAGlD,cAAc,EAAE,UAAU,CAAC,YAAY,CAAC,EACxC,YAAY,EAAE,aAAa;IAGvC,OAAO,CAAC,eAAe;IAMjB,eAAe,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAgCzE,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IA8B3D,iBAAiB,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAK1E,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,EAAE,CAAC;IAO/D,mBAAmB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAkBlE,uBAAuB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAMzD,kBAAkB,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAMlF,eAAe,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAc1D"}

package/src/lib/user/services/access-key.service.js

@@ -0,0 +1,121 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AccessKeyService = void 0;
+const tslib_1 = require("tslib");
+const common_1 = require("@nestjs/common");
+const typeorm_1 = require("@nestjs/typeorm");
+const typeorm_2 = require("typeorm");
+const access_key_entity_1 = require("../entities/access-key.entity");
+const user_entity_1 = require("../entities/user.entity");
+const event_emitter_1 = require("@nestjs/event-emitter");
+const crypto_1 = require("crypto");
+const auth_constants_1 = require("../../auth.constants");
+let AccessKeyService = class AccessKeyService {
+    constructor(accessKeyRepository, userRepository, eventEmitter) {
+        this.accessKeyRepository = accessKeyRepository;
+        this.userRepository = userRepository;
+        this.eventEmitter = eventEmitter;
+    }
+    generateKeyPair() {
+        const privateKey = (0, crypto_1.randomBytes)(32).toString('hex');
+        const publicKey = (0, crypto_1.createHash)('sha256').update(privateKey).digest('hex');
+        return { publicKey, privateKey };
+    }
+    async createAccessKey(userId, name) {
+        const user = await this.userRepository.findOne({ where: { id: userId } });
+        if (!user) {
+            throw new common_1.NotFoundException({
+                message: `User with ID ${userId} not found`,
+                code: 'USER_NOT_FOUND'
+            });
+        }
+        const { publicKey, privateKey } = this.generateKeyPair();
+        const accessKey = this.accessKeyRepository.create({
+            name,
+            publicKey,
+            privateKey,
+            userId,
+        });
+        const savedKey = await this.accessKeyRepository.save(accessKey);
+        // Emit access key created event
+        await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.ACCESS_KEY_CREATED, {
+            accessKey: savedKey,
+            userId
+        });
+        return savedKey;
+    }
+    async getAccessKey(publicKey) {
+        const accessKey = await this.accessKeyRepository.findOne({
+            where: { publicKey },
+            relations: ['user']
+        });
+        if (!accessKey) {
+            throw new common_1.NotFoundException({
+                message: 'Invalid access key',
+                code: 'INVALID_ACCESS_KEY'
+            });
+        }
+        if (!accessKey.isActive) {
+            throw new common_1.BadRequestException({
+                message: 'Access key is inactive',
+                code: 'INACTIVE_ACCESS_KEY'
+            });
+        }
+        if (accessKey.expiresAt && accessKey.expiresAt < new Date()) {
+            throw new common_1.BadRequestException({
+                message: 'Access key has expired',
+                code: 'EXPIRED_ACCESS_KEY'
+            });
+        }
+        return accessKey;
+    }
+    async validateAccessKey(publicKey, privateKey) {
+        const accessKey = await this.getAccessKey(publicKey);
+        return accessKey.privateKey === privateKey;
+    }
+    async getUserAccessKeys(userId) {
+        return this.accessKeyRepository.find({
+            where: { userId },
+            order: { createdAt: 'DESC' }
+        });
+    }
+    async deactivateAccessKey(publicKey) {
+        const accessKey = await this.getAccessKey(publicKey);
+        accessKey.isActive = false;
+        const updatedKey = await this.accessKeyRepository.save(accessKey);
+        // Emit access key deactivated event
+        await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.ACCESS_KEY_DEACTIVATED, {
+            accessKey: updatedKey,
+            userId: updatedKey.userId
+        });
+        return updatedKey;
+    }
+    async updateAccessKeyLastUsed(publicKey) {
+        const accessKey = await this.getAccessKey(publicKey);
+        accessKey.lastUsedAt = new Date();
+        await this.accessKeyRepository.save(accessKey);
+    }
+    async setAccessKeyExpiry(publicKey, expiresAt) {
+        const accessKey = await this.getAccessKey(publicKey);
+        accessKey.expiresAt = expiresAt;
+        return this.accessKeyRepository.save(accessKey);
+    }
+    async deleteAccessKey(publicKey) {
+        const accessKey = await this.getAccessKey(publicKey);
+        // Emit access key deleted event before deletion
+        await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.ACCESS_KEY_DELETED, {
+            accessKey,
+            userId: accessKey.userId
+        });
+        await this.accessKeyRepository.remove(accessKey);
+    }
+};
+exports.AccessKeyService = AccessKeyService;
+exports.AccessKeyService = AccessKeyService = tslib_1.__decorate([
+    (0, common_1.Injectable)(),
+    tslib_1.__param(0, (0, typeorm_1.InjectRepository)(access_key_entity_1.NestAuthAccessKey)),
+    tslib_1.__param(1, (0, typeorm_1.InjectRepository)(user_entity_1.NestAuthUser)),
+    tslib_1.__metadata("design:paramtypes", [typeorm_2.Repository,
+        typeorm_2.Repository,
+        event_emitter_1.EventEmitter2])
+], AccessKeyService);

package/src/lib/user/services/user.service.d.ts

@@ -0,0 +1,28 @@
+import { FindManyOptions, FindOneOptions, Repository } from 'typeorm';
+import { NestAuthUser } from '../entities/user.entity';
+import { EventEmitter2 } from '@nestjs/event-emitter';
+import { TenantService } from '../../tenant';
+import { DebugLoggerService } from '../../core/services/debug-logger.service';
+export declare class UserService {
+    private userRepository;
+    private eventEmitter;
+    private tenantService;
+    private debugLogger;
+    constructor(userRepository: Repository<NestAuthUser>, eventEmitter: EventEmitter2, tenantService: TenantService, debugLogger: DebugLoggerService);
+    createUser(data: Partial<NestAuthUser>): Promise<NestAuthUser>;
+    getUserById(id: string, options?: FindOneOptions<NestAuthUser>): Promise<NestAuthUser>;
+    getUserByEmail(email: string, tenantId?: string, options?: FindOneOptions<NestAuthUser>): Promise<NestAuthUser>;
+    getUserByPhone(phone: string, tenantId?: string, options?: FindOneOptions<NestAuthUser>): Promise<NestAuthUser>;
+    getUsers(options?: FindManyOptions<NestAuthUser>): Promise<NestAuthUser[]>;
+    getUsersByTenant(tenantId: string, options?: FindManyOptions<NestAuthUser>): Promise<NestAuthUser[]>;
+    updateUser(id: string, data: Partial<NestAuthUser>): Promise<NestAuthUser>;
+    deleteUser(id: string): Promise<void>;
+    verifyUser(id: string, verificationType?: 'email' | 'phone' | 'none'): Promise<NestAuthUser>;
+    unverifyUser(id: string, verificationType?: 'email' | 'phone' | 'none'): Promise<NestAuthUser>;
+    updateUserStatus(id: string, isActive: boolean): Promise<NestAuthUser>;
+    updateUserMetadata(id: string, metadata: Record<string, any>): Promise<NestAuthUser>;
+    countUsers(options?: FindManyOptions<NestAuthUser>): Promise<number>;
+    getUsersAndCount(options?: FindManyOptions<NestAuthUser>): Promise<[NestAuthUser[], number]>;
+    getUsersByRole(roleName: string, guard: string): Promise<NestAuthUser[]>;
+}
+//# sourceMappingURL=user.service.d.ts.map

package/src/lib/user/services/user.service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"user.service.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/user/services/user.service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,cAAc,EAAe,UAAU,EAAE,MAAM,SAAS,CAAC;AACnF,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAKtD,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC7C,OAAO,EAAE,kBAAkB,EAAE,MAAM,0CAA0C,CAAC;AAE9E,qBACa,WAAW;IAGhB,OAAO,CAAC,cAAc;IACtB,OAAO,CAAC,YAAY;IACpB,OAAO,CAAC,aAAa;IACrB,OAAO,CAAC,WAAW;gBAHX,cAAc,EAAE,UAAU,CAAC,YAAY,CAAC,EACxC,YAAY,EAAE,aAAa,EAC3B,aAAa,EAAE,aAAa,EAC5B,WAAW,EAAE,kBAAkB;IAGrC,UAAU,CAAC,IAAI,EAAE,OAAO,CAAC,YAAY,CAAC,GAAG,OAAO,CAAC,YAAY,CAAC;IAoF9D,WAAW,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,cAAc,CAAC,YAAY,CAAC,GAAG,OAAO,CAAC,YAAY,CAAC;IAsBtF,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,cAAc,CAAC,YAAY,CAAC,GAAG,OAAO,CAAC,YAAY,CAAC;IA6B/G,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,cAAc,CAAC,YAAY,CAAC,GAAG,OAAO,CAAC,YAAY,CAAC;IA0B/G,QAAQ,CAAC,OAAO,CAAC,EAAE,eAAe,CAAC,YAAY,CAAC,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC;IAI1E,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,eAAe,CAAC,YAAY,CAAC,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC;IAepG,UAAU,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,YAAY,CAAC,GAAG,OAAO,CAAC,YAAY,CAAC;IA+E1E,UAAU,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAoCrC,UAAU,CAAC,EAAE,EAAE,MAAM,EAAE,gBAAgB,CAAC,EAAE,OAAO,GAAG,OAAO,GAAG,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC;IAqB5F,YAAY,CAAC,EAAE,EAAE,MAAM,EAAE,gBAAgB,CAAC,EAAE,OAAO,GAAG,OAAO,GAAG,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC;IAwB9F,gBAAgB,CAAC,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,GAAG,OAAO,CAAC,YAAY,CAAC;IActE,kBAAkB,CAAC,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,YAAY,CAAC;IAkBpF,UAAU,CAAC,OAAO,CAAC,EAAE,eAAe,CAAC,YAAY,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC;IAIpE,gBAAgB,CAAC,OAAO,CAAC,EAAE,eAAe,CAAC,YAAY,CAAC,GAAG,OAAO,CAAC,CAAC,YAAY,EAAE,EAAE,MAAM,CAAC,CAAC;IAI5F,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC;CAajF"}