npm - @ackplus/nest-auth - Versions diffs - 1.1.1 → 1.1.5 - Mend

@ackplus/nest-auth 1.1.1 → 1.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (645) hide show

package/src/lib/auth/controllers/mfa.controller.js ADDED Viewed

@@ -0,0 +1,230 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MfaController = void 0;
+const tslib_1 = require("tslib");
+const common_1 = require("@nestjs/common");
+const core_1 = require("../../core");
+const mfa_service_1 = require("../services/mfa.service");
+const request_context_1 = require("../../request-context/request-context");
+const send_mfa_code_request_dto_1 = require("../dto/requests/send-mfa-code.request.dto");
+const verify_totp_setup_request_dto_1 = require("../dto/requests/verify-totp-setup.request.dto");
+const swagger_1 = require("@nestjs/swagger");
+const auth_constants_1 = require("../../auth.constants");
+const auth_guard_1 = require("../guards/auth.guard");
+const toggle_mfa_request_dto_1 = require("../dto/requests/toggle-mfa.request.dto");
+const mfa_status_response_dto_1 = require("../dto/responses/mfa-status.response.dto");
+const auth_config_service_1 = require("../../core/services/auth-config.service");
+let MfaController = class MfaController {
+    constructor(mfaService, authConfig) {
+        this.mfaService = mfaService;
+        this.authConfig = authConfig;
+    }
+    getCurrentUserOrThrow() {
+        const user = request_context_1.RequestContext.currentUser();
+        if (!user) {
+            throw new common_1.UnauthorizedException('User not found');
+        }
+        return user;
+    }
+    async getStatus() {
+        const user = this.getCurrentUserOrThrow();
+        const config = this.mfaService.mfaConfig;
+        const globallyEnabled = config?.enabled ?? false;
+        let enabledMethods = [];
+        let totpDevices = [];
+        let hasRecoveryCode = false;
+        let isEnabled = false;
+        if (globallyEnabled) {
+            [enabledMethods, totpDevices, hasRecoveryCode, isEnabled] = await Promise.all([
+                this.mfaService.getEnabledMethods(user.id),
+                this.mfaService.getTotpDevices(user.id),
+                this.mfaService.hasRecoveryCode(user.id),
+                this.mfaService.isMfaEnabled(user.id),
+            ]);
+        }
+        return {
+            isEnabled,
+            enabledMethods,
+            availableMethods: this.mfaService.getAvailableMethods(),
+            allowUserToggle: config?.allowUserToggle ?? false,
+            allowMethodSelection: config?.allowMethodSelection ?? false,
+            totpDevices,
+            hasRecoveryCode,
+        };
+    }
+    async toggleMfa(input) {
+        const user = this.getCurrentUserOrThrow();
+        this.mfaService.requireMfaEnabledForApp(true);
+        if (input.enabled) {
+            await this.mfaService.enableMFA(user.id);
+            return { message: 'MFA enabled successfully' };
+        }
+        await this.mfaService.disableMFA(user.id);
+        return { message: 'MFA disabled successfully' };
+    }
+    async listDevices() {
+        const user = this.getCurrentUserOrThrow();
+        this.mfaService.requireMfaEnabledForApp(true);
+        return await this.mfaService.getTotpDevices(user.id);
+    }
+    async removeDevice(deviceId) {
+        const user = this.getCurrentUserOrThrow();
+        this.mfaService.requireMfaEnabledForApp(true);
+        await this.mfaService.removeTotpDevice(deviceId);
+        return { message: 'MFA device removed successfully' };
+    }
+    async sendMfaCode(input) {
+        const user = this.getCurrentUserOrThrow();
+        await this.mfaService.sendMfaCode(user.id, input.method);
+        return { message: 'MFA code sent' };
+    }
+    // These routes skip MFA verification
+    async setupTotp() {
+        const user = this.getCurrentUserOrThrow();
+        const config = this.authConfig.getConfig();
+        // Get app name from config, fallback to default
+        const appName = config.appName;
+        // Get user email - try from JWT token first, then from database
+        let userEmail = user.email;
+        if (!userEmail) {
+            const fullUser = await core_1.NestAuthUser.findOne({ where: { id: user.id } });
+            userEmail = fullUser?.email || 'User';
+        }
+        // Generate meaningful device name: {APP_NAME} : {email}
+        const deviceName = `${appName} : ${userEmail}`;
+        const { secret, qrCode } = await this.mfaService.setupTotpDevice(user.id, deviceName);
+        return { secret, qrCode };
+    }
+    async verifyTotpSetup(input) {
+        const user = this.getCurrentUserOrThrow();
+        const isVerified = await this.mfaService.verifyTotpSetup(user.id, input.secret, input.otp);
+        if (!isVerified) {
+            throw new common_1.UnauthorizedException({
+                message: 'Invalid OTP',
+                code: auth_constants_1.INVALID_MFA_EXCEPTION_CODE
+            });
+        }
+        return { message: 'Device setup successfully' };
+    }
+    async generateRecoveryCodes() {
+        const user = this.getCurrentUserOrThrow();
+        // Generate recovery codes
+        const code = await this.mfaService.generateRecoveryCode(user.id);
+        return { code };
+    }
+    async resetTotp(code) {
+        const user = this.getCurrentUserOrThrow();
+        await this.mfaService.resetMfa(user.id, code);
+        return { message: 'MFA reset successfully' };
+    }
+};
+exports.MfaController = MfaController;
+tslib_1.__decorate([
+    (0, swagger_1.ApiOperation)({ summary: 'Get MFA status for the current user' }),
+    (0, swagger_1.ApiResponse)({ status: 200, type: mfa_status_response_dto_1.MfaStatusResponseDto }),
+    (0, common_1.HttpCode)(200),
+    (0, common_1.Get)('status'),
+    (0, core_1.SkipMfa)(),
+    (0, common_1.UseGuards)(auth_guard_1.NestAuthAuthGuard),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", []),
+    tslib_1.__metadata("design:returntype", Promise)
+], MfaController.prototype, "getStatus", null);
+tslib_1.__decorate([
+    (0, swagger_1.ApiOperation)({ summary: 'Enable or disable MFA for the current user' }),
+    (0, swagger_1.ApiResponse)({ status: 200, type: core_1.MessageResponseDto }),
+    (0, common_1.HttpCode)(200),
+    (0, common_1.Post)('toggle'),
+    (0, core_1.SkipMfa)(),
+    (0, common_1.UseGuards)(auth_guard_1.NestAuthAuthGuard),
+    tslib_1.__param(0, (0, common_1.Body)()),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", [toggle_mfa_request_dto_1.ToggleMfaRequestDto]),
+    tslib_1.__metadata("design:returntype", Promise)
+], MfaController.prototype, "toggleMfa", null);
+tslib_1.__decorate([
+    (0, swagger_1.ApiOperation)({ summary: 'List registered MFA devices' }),
+    (0, swagger_1.ApiResponse)({ status: 200, type: [mfa_status_response_dto_1.MfaDeviceDto] }),
+    (0, common_1.HttpCode)(200),
+    (0, common_1.Get)('devices'),
+    (0, core_1.SkipMfa)(),
+    (0, common_1.UseGuards)(auth_guard_1.NestAuthAuthGuard),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", []),
+    tslib_1.__metadata("design:returntype", Promise)
+], MfaController.prototype, "listDevices", null);
+tslib_1.__decorate([
+    (0, swagger_1.ApiOperation)({ summary: 'Remove a registered MFA device' }),
+    (0, swagger_1.ApiResponse)({ status: 200, type: core_1.MessageResponseDto }),
+    (0, common_1.HttpCode)(200),
+    (0, common_1.Delete)('devices/:deviceId'),
+    (0, core_1.SkipMfa)(),
+    (0, common_1.UseGuards)(auth_guard_1.NestAuthAuthGuard),
+    tslib_1.__param(0, (0, common_1.Param)('deviceId')),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", [String]),
+    tslib_1.__metadata("design:returntype", Promise)
+], MfaController.prototype, "removeDevice", null);
+tslib_1.__decorate([
+    (0, swagger_1.ApiOperation)({ summary: 'Send MFA Code' }),
+    (0, swagger_1.ApiResponse)({ status: 200, type: core_1.MessageResponseDto }),
+    (0, common_1.HttpCode)(200),
+    (0, common_1.Post)('send-mfa-code'),
+    (0, core_1.SkipMfa)(),
+    (0, common_1.UseGuards)(auth_guard_1.NestAuthAuthGuard),
+    tslib_1.__param(0, (0, common_1.Body)()),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", [send_mfa_code_request_dto_1.SendMfaCodeRequestDto]),
+    tslib_1.__metadata("design:returntype", Promise)
+], MfaController.prototype, "sendMfaCode", null);
+tslib_1.__decorate([
+    (0, swagger_1.ApiOperation)({ summary: 'Setup TOTP Device' }),
+    (0, swagger_1.ApiResponse)({ status: 200, type: core_1.MessageResponseDto }),
+    (0, common_1.HttpCode)(200),
+    (0, common_1.Post)('setup-totp'),
+    (0, core_1.SkipMfa)(),
+    (0, common_1.UseGuards)(auth_guard_1.NestAuthAuthGuard),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", []),
+    tslib_1.__metadata("design:returntype", Promise)
+], MfaController.prototype, "setupTotp", null);
+tslib_1.__decorate([
+    (0, swagger_1.ApiOperation)({ summary: 'Verify TOTP Setup' }),
+    (0, swagger_1.ApiResponse)({ status: 200, type: core_1.MessageResponseDto }),
+    (0, common_1.HttpCode)(200),
+    (0, common_1.Post)('verify-totp-setup'),
+    (0, core_1.SkipMfa)(),
+    (0, common_1.UseGuards)(auth_guard_1.NestAuthAuthGuard),
+    tslib_1.__param(0, (0, common_1.Body)()),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", [verify_totp_setup_request_dto_1.VerifyTotpSetupRequestDto]),
+    tslib_1.__metadata("design:returntype", Promise)
+], MfaController.prototype, "verifyTotpSetup", null);
+tslib_1.__decorate([
+    (0, swagger_1.ApiOperation)({ summary: 'Generate Recovery Codes' }),
+    (0, swagger_1.ApiResponse)({ status: 200, type: core_1.MessageResponseDto }),
+    (0, common_1.HttpCode)(200),
+    (0, common_1.Post)('generate-recovery-code'),
+    (0, core_1.SkipMfa)(),
+    (0, common_1.UseGuards)(auth_guard_1.NestAuthAuthGuard),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", []),
+    tslib_1.__metadata("design:returntype", Promise)
+], MfaController.prototype, "generateRecoveryCodes", null);
+tslib_1.__decorate([
+    (0, swagger_1.ApiOperation)({ summary: 'Reset TOTP Device' }),
+    (0, swagger_1.ApiResponse)({ status: 200, type: core_1.MessageResponseDto }),
+    (0, common_1.HttpCode)(200),
+    (0, common_1.Post)('reset-totp'),
+    (0, core_1.SkipMfa)(),
+    (0, common_1.UseGuards)(auth_guard_1.NestAuthAuthGuard),
+    tslib_1.__param(0, (0, common_1.Body)('code')),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", [String]),
+    tslib_1.__metadata("design:returntype", Promise)
+], MfaController.prototype, "resetTotp", null);
+exports.MfaController = MfaController = tslib_1.__decorate([
+    (0, common_1.Controller)('auth/mfa'),
+    tslib_1.__metadata("design:paramtypes", [mfa_service_1.MfaService,
+        auth_config_service_1.AuthConfigService])
+], MfaController);

package/src/lib/auth/dto/credentials/email-credentials.dto.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+/**
+ * Email-based login credentials
+ */
+export declare class EmailCredentialsDto {
+    email: string;
+    password: string;
+}
+//# sourceMappingURL=email-credentials.dto.d.ts.map

package/src/lib/auth/dto/credentials/email-credentials.dto.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"email-credentials.dto.d.ts","sourceRoot":"","sources":["../../../../../../../../packages/nest-auth/src/lib/auth/dto/credentials/email-credentials.dto.ts"],"names":[],"mappings":"AAGA;;GAEG;AACH,qBAAa,mBAAmB;IAO5B,KAAK,EAAE,MAAM,CAAC;IASd,QAAQ,EAAE,MAAM,CAAC;CACpB"}

package/src/lib/auth/dto/credentials/email-credentials.dto.js ADDED Viewed

@@ -0,0 +1,31 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EmailCredentialsDto = void 0;
+const tslib_1 = require("tslib");
+const swagger_1 = require("@nestjs/swagger");
+const class_validator_1 = require("class-validator");
+/**
+ * Email-based login credentials
+ */
+class EmailCredentialsDto {
+}
+exports.EmailCredentialsDto = EmailCredentialsDto;
+tslib_1.__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'User email address',
+        example: 'user@example.com',
+    }),
+    (0, class_validator_1.IsEmail)(),
+    (0, class_validator_1.IsNotEmpty)(),
+    tslib_1.__metadata("design:type", String)
+], EmailCredentialsDto.prototype, "email", void 0);
+tslib_1.__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'User password',
+        example: 'SecurePass123!',
+        minLength: 8,
+    }),
+    (0, class_validator_1.IsString)(),
+    (0, class_validator_1.IsNotEmpty)(),
+    tslib_1.__metadata("design:type", String)
+], EmailCredentialsDto.prototype, "password", void 0);

package/src/lib/auth/dto/credentials/phone-credentials.dto.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+/**
+ * Phone-based login credentials
+ */
+export declare class PhoneCredentialsDto {
+    phone: string;
+    password: string;
+}
+//# sourceMappingURL=phone-credentials.dto.d.ts.map

package/src/lib/auth/dto/credentials/phone-credentials.dto.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"phone-credentials.dto.d.ts","sourceRoot":"","sources":["../../../../../../../../packages/nest-auth/src/lib/auth/dto/credentials/phone-credentials.dto.ts"],"names":[],"mappings":"AAGA;;GAEG;AACH,qBAAa,mBAAmB;IAO5B,KAAK,EAAE,MAAM,CAAC;IASd,QAAQ,EAAE,MAAM,CAAC;CACpB"}

package/src/lib/auth/dto/credentials/phone-credentials.dto.js ADDED Viewed

@@ -0,0 +1,31 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PhoneCredentialsDto = void 0;
+const tslib_1 = require("tslib");
+const swagger_1 = require("@nestjs/swagger");
+const class_validator_1 = require("class-validator");
+/**
+ * Phone-based login credentials
+ */
+class PhoneCredentialsDto {
+}
+exports.PhoneCredentialsDto = PhoneCredentialsDto;
+tslib_1.__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'User phone number',
+        example: '+1234567890',
+    }),
+    (0, class_validator_1.IsPhoneNumber)(),
+    (0, class_validator_1.IsNotEmpty)(),
+    tslib_1.__metadata("design:type", String)
+], PhoneCredentialsDto.prototype, "phone", void 0);
+tslib_1.__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'User password',
+        example: 'SecurePass123!',
+        minLength: 8,
+    }),
+    (0, class_validator_1.IsString)(),
+    (0, class_validator_1.IsNotEmpty)(),
+    tslib_1.__metadata("design:type", String)
+], PhoneCredentialsDto.prototype, "password", void 0);

package/src/lib/auth/dto/credentials/social-credentials.dto.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+/**
+ * Social login credentials (Google, Facebook, Apple, GitHub)
+ */
+export declare class SocialCredentialsDto {
+    accessToken: string;
+}
+//# sourceMappingURL=social-credentials.dto.d.ts.map

package/src/lib/auth/dto/credentials/social-credentials.dto.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"social-credentials.dto.d.ts","sourceRoot":"","sources":["../../../../../../../../packages/nest-auth/src/lib/auth/dto/credentials/social-credentials.dto.ts"],"names":[],"mappings":"AAGA;;GAEG;AACH,qBAAa,oBAAoB;IAO7B,WAAW,EAAE,MAAM,CAAC;CACvB"}

package/src/lib/auth/dto/credentials/social-credentials.dto.js ADDED Viewed

@@ -0,0 +1,21 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SocialCredentialsDto = void 0;
+const tslib_1 = require("tslib");
+const swagger_1 = require("@nestjs/swagger");
+const class_validator_1 = require("class-validator");
+/**
+ * Social login credentials (Google, Facebook, Apple, GitHub)
+ */
+class SocialCredentialsDto {
+}
+exports.SocialCredentialsDto = SocialCredentialsDto;
+tslib_1.__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'OAuth token or ID token from social provider',
+        example: 'ya29.a0AfH6SMBx1234567890abcdefghijklmnop',
+    }),
+    (0, class_validator_1.IsString)(),
+    (0, class_validator_1.IsNotEmpty)(),
+    tslib_1.__metadata("design:type", String)
+], SocialCredentialsDto.prototype, "accessToken", void 0);

package/src/lib/auth/dto/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ //# sourceMappingURL=index.d.ts.map

package/src/lib/auth/dto/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/auth/dto/index.ts"],"names":[],"mappings":""}

package/src/lib/auth/dto/index.js ADDED Viewed

File without changes

package/src/lib/auth/dto/requests/change-password.request.dto.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export declare class ChangePasswordRequestDto {
+    currentPassword: string;
+    newPassword: string;
+}
+//# sourceMappingURL=change-password.request.dto.d.ts.map

package/src/lib/auth/dto/requests/change-password.request.dto.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"change-password.request.dto.d.ts","sourceRoot":"","sources":["../../../../../../../../packages/nest-auth/src/lib/auth/dto/requests/change-password.request.dto.ts"],"names":[],"mappings":"AAcA,qBAAa,wBAAwB;IAQjC,eAAe,EAAE,MAAM,CAAC;IAUxB,WAAW,EAAE,MAAM,CAAC;CACvB"}

package/src/lib/auth/dto/requests/change-password.request.dto.js ADDED Viewed

@@ -0,0 +1,42 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ChangePasswordRequestDto = void 0;
+const tslib_1 = require("tslib");
+const swagger_1 = require("@nestjs/swagger");
+const class_validator_1 = require("class-validator");
+let PasswordNotSameAsCurrent = class PasswordNotSameAsCurrent {
+    validate(newPassword, args) {
+        const obj = args.object;
+        return typeof newPassword === 'string' && newPassword !== obj.currentPassword;
+    }
+    defaultMessage(_args) {
+        return 'New password must be different from the current password';
+    }
+};
+PasswordNotSameAsCurrent = tslib_1.__decorate([
+    (0, class_validator_1.ValidatorConstraint)({ name: 'passwordNotSameAsCurrent', async: false })
+], PasswordNotSameAsCurrent);
+class ChangePasswordRequestDto {
+}
+exports.ChangePasswordRequestDto = ChangePasswordRequestDto;
+tslib_1.__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'Current password',
+        example: 'DemoOwner1!',
+        minLength: 8,
+    }),
+    (0, class_validator_1.IsString)(),
+    (0, class_validator_1.MinLength)(8),
+    tslib_1.__metadata("design:type", String)
+], ChangePasswordRequestDto.prototype, "currentPassword", void 0);
+tslib_1.__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'New password',
+        example: 'DemoOwner1!New',
+        minLength: 8,
+    }),
+    (0, class_validator_1.IsString)(),
+    (0, class_validator_1.MinLength)(8),
+    (0, class_validator_1.Validate)(PasswordNotSameAsCurrent),
+    tslib_1.__metadata("design:type", String)
+], ChangePasswordRequestDto.prototype, "newPassword", void 0);

package/src/lib/auth/dto/requests/forgot-password.request.dto.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+export declare class ForgotPasswordRequestDto {
+    email?: string;
+    phone?: string;
+    tenantId?: string;
+}
+//# sourceMappingURL=forgot-password.request.dto.d.ts.map

package/src/lib/auth/dto/requests/forgot-password.request.dto.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"forgot-password.request.dto.d.ts","sourceRoot":"","sources":["../../../../../../../../packages/nest-auth/src/lib/auth/dto/requests/forgot-password.request.dto.ts"],"names":[],"mappings":"AAGA,qBAAa,wBAAwB;IAQjC,KAAK,CAAC,EAAE,MAAM,CAAC;IASf,KAAK,CAAC,EAAE,MAAM,CAAC;IAQf,QAAQ,CAAC,EAAE,MAAM,CAAC;CACrB"}

package/src/lib/auth/dto/requests/forgot-password.request.dto.js ADDED Viewed

@@ -0,0 +1,38 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ForgotPasswordRequestDto = void 0;
+const tslib_1 = require("tslib");
+const swagger_1 = require("@nestjs/swagger");
+const class_validator_1 = require("class-validator");
+class ForgotPasswordRequestDto {
+}
+exports.ForgotPasswordRequestDto = ForgotPasswordRequestDto;
+tslib_1.__decorate([
+    (0, swagger_1.ApiPropertyOptional)({
+        description: 'User email address (required if phone not provided)',
+        example: 'user@example.com',
+    }),
+    (0, class_validator_1.ValidateIf)(o => !o.phone),
+    (0, class_validator_1.IsEmail)(),
+    (0, class_validator_1.IsNotEmpty)(),
+    tslib_1.__metadata("design:type", String)
+], ForgotPasswordRequestDto.prototype, "email", void 0);
+tslib_1.__decorate([
+    (0, swagger_1.ApiPropertyOptional)({
+        description: 'User phone number (required if email not provided)',
+        example: '+1234567890',
+    }),
+    (0, class_validator_1.ValidateIf)(o => !o.email),
+    (0, class_validator_1.IsPhoneNumber)(),
+    (0, class_validator_1.IsNotEmpty)(),
+    tslib_1.__metadata("design:type", String)
+], ForgotPasswordRequestDto.prototype, "phone", void 0);
+tslib_1.__decorate([
+    (0, swagger_1.ApiPropertyOptional)({
+        description: 'Tenant ID for multi-tenant applications',
+        example: '123e4567-e89b-12d3-a456-426614174000',
+    }),
+    (0, class_validator_1.IsUUID)(),
+    (0, class_validator_1.IsOptional)(),
+    tslib_1.__metadata("design:type", String)
+], ForgotPasswordRequestDto.prototype, "tenantId", void 0);

package/src/lib/auth/dto/requests/initialize-admin.request.dto.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+export declare class InitializeAdminRequestDto {
+    email: string;
+    password: string;
+    secretKey: string;
+    tenantId?: string;
+    metadata?: Record<string, any>;
+}
+//# sourceMappingURL=initialize-admin.request.dto.d.ts.map

package/src/lib/auth/dto/requests/initialize-admin.request.dto.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"initialize-admin.request.dto.d.ts","sourceRoot":"","sources":["../../../../../../../../packages/nest-auth/src/lib/auth/dto/requests/initialize-admin.request.dto.ts"],"names":[],"mappings":"AAGA,qBAAa,yBAAyB;IAOlC,KAAK,EAAE,MAAM,CAAC;IAcd,QAAQ,EAAE,MAAM,CAAC;IAQjB,SAAS,EAAE,MAAM,CAAC;IAQlB,QAAQ,CAAC,EAAE,MAAM,CAAC;IASlB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAClC"}

package/src/lib/auth/dto/requests/initialize-admin.request.dto.js ADDED Viewed

@@ -0,0 +1,58 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.InitializeAdminRequestDto = void 0;
+const tslib_1 = require("tslib");
+const class_validator_1 = require("class-validator");
+const swagger_1 = require("@nestjs/swagger");
+class InitializeAdminRequestDto {
+}
+exports.InitializeAdminRequestDto = InitializeAdminRequestDto;
+tslib_1.__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'Super admin email address',
+        example: 'admin@example.com'
+    }),
+    (0, class_validator_1.IsEmail)(),
+    (0, class_validator_1.IsNotEmpty)(),
+    tslib_1.__metadata("design:type", String)
+], InitializeAdminRequestDto.prototype, "email", void 0);
+tslib_1.__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'Super admin password (minimum 8 characters, must contain uppercase, lowercase, number, and special character)',
+        example: 'SecurePassword123!',
+        minLength: 8
+    }),
+    (0, class_validator_1.IsString)(),
+    (0, class_validator_1.IsNotEmpty)(),
+    (0, class_validator_1.MinLength)(8),
+    (0, class_validator_1.Matches)(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]+$/, { message: 'Password must contain uppercase, lowercase, number, and special character' }),
+    tslib_1.__metadata("design:type", String)
+], InitializeAdminRequestDto.prototype, "password", void 0);
+tslib_1.__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'Secret key for authorization (provided in module configuration)',
+        example: 'your-secret-key'
+    }),
+    (0, class_validator_1.IsString)(),
+    (0, class_validator_1.IsNotEmpty)(),
+    tslib_1.__metadata("design:type", String)
+], InitializeAdminRequestDto.prototype, "secretKey", void 0);
+tslib_1.__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'Tenant ID (optional, uses default tenant if not provided)',
+        required: false
+    }),
+    (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.IsString)(),
+    tslib_1.__metadata("design:type", String)
+], InitializeAdminRequestDto.prototype, "tenantId", void 0);
+tslib_1.__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'Additional metadata for the admin user (free-form object for storing firstName, lastName, department, etc.)',
+        required: false,
+        example: { firstName: 'Admin', lastName: 'User', department: 'IT' }
+    }),
+    (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.IsObject)(),
+    tslib_1.__metadata("design:type", Object)
+], InitializeAdminRequestDto.prototype, "metadata", void 0);

package/src/lib/auth/dto/requests/login.request.dto.d.ts ADDED Viewed

@@ -0,0 +1,13 @@
+import { EmailCredentialsDto } from '../credentials/email-credentials.dto';
+import { PhoneCredentialsDto } from '../credentials/phone-credentials.dto';
+import { SocialCredentialsDto } from '../credentials/social-credentials.dto';
+/**
+ * Login request DTO supporting multiple authentication providers
+ */
+export declare class LoginRequestDto {
+    providerName?: string;
+    credentials?: EmailCredentialsDto | PhoneCredentialsDto | SocialCredentialsDto | Record<string, any>;
+    tenantId?: string;
+    createUserIfNotExists?: boolean;
+}
+//# sourceMappingURL=login.request.dto.d.ts.map

package/src/lib/auth/dto/requests/login.request.dto.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"login.request.dto.d.ts","sourceRoot":"","sources":["../../../../../../../../packages/nest-auth/src/lib/auth/dto/requests/login.request.dto.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,mBAAmB,EAAE,MAAM,sCAAsC,CAAC;AAC3E,OAAO,EAAE,mBAAmB,EAAE,MAAM,sCAAsC,CAAC;AAC3E,OAAO,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAC;AAE7E;;GAEG;AACH,qBACa,eAAe;IAUxB,YAAY,CAAC,EAAE,MAAM,CAAC;IA2BtB,WAAW,CAAC,EAAE,mBAAmB,GAAG,mBAAmB,GAAG,oBAAoB,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAQrG,QAAQ,CAAC,EAAE,MAAM,CAAC;IAQlB,qBAAqB,CAAC,EAAE,OAAO,CAAC;CACnC"}

package/src/lib/auth/dto/requests/login.request.dto.js ADDED Viewed

@@ -0,0 +1,75 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LoginRequestDto = void 0;
+const tslib_1 = require("tslib");
+const class_validator_1 = require("class-validator");
+const swagger_1 = require("@nestjs/swagger");
+const email_credentials_dto_1 = require("../credentials/email-credentials.dto");
+const phone_credentials_dto_1 = require("../credentials/phone-credentials.dto");
+const social_credentials_dto_1 = require("../credentials/social-credentials.dto");
+/**
+ * Login request DTO supporting multiple authentication providers
+ */
+let LoginRequestDto = class LoginRequestDto {
+};
+exports.LoginRequestDto = LoginRequestDto;
+tslib_1.__decorate([
+    (0, swagger_1.ApiPropertyOptional)({
+        description: 'Authentication provider name',
+        example: 'email',
+        enum: ['email', 'phone', 'google', 'facebook', 'apple', 'github'],
+        default: 'email',
+    }),
+    (0, class_validator_1.IsString)(),
+    (0, class_validator_1.IsOptional)(),
+    tslib_1.__metadata("design:type", String)
+], LoginRequestDto.prototype, "providerName", void 0);
+tslib_1.__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'Login credentials - type varies by provider',
+        required: false,
+        examples: {
+            emailLogin: {
+                summary: 'Email Login',
+                value: { email: 'user@example.com', password: 'SecurePass123!' },
+            },
+            phoneLogin: {
+                summary: 'Phone Login',
+                value: { phone: '+1234567890', password: 'SecurePass123!' },
+            },
+            socialLogin: {
+                summary: 'Social Login (Google/Facebook/etc)',
+                value: { token: 'ya29.a0AfH6SMBx...' },
+            },
+        },
+        oneOf: [
+            { $ref: (0, swagger_1.getSchemaPath)(email_credentials_dto_1.EmailCredentialsDto) },
+            { $ref: (0, swagger_1.getSchemaPath)(phone_credentials_dto_1.PhoneCredentialsDto) },
+            { $ref: (0, swagger_1.getSchemaPath)(social_credentials_dto_1.SocialCredentialsDto) },
+        ],
+    }),
+    (0, class_validator_1.IsObject)(),
+    (0, class_validator_1.IsOptional)(),
+    tslib_1.__metadata("design:type", Object)
+], LoginRequestDto.prototype, "credentials", void 0);
+tslib_1.__decorate([
+    (0, swagger_1.ApiPropertyOptional)({
+        description: 'Tenant ID for multi-tenant applications',
+        example: '123e4567-e89b-12d3-a456-426614174000',
+    }),
+    (0, class_validator_1.IsUUID)(),
+    (0, class_validator_1.IsOptional)(),
+    tslib_1.__metadata("design:type", String)
+], LoginRequestDto.prototype, "tenantId", void 0);
+tslib_1.__decorate([
+    (0, swagger_1.ApiPropertyOptional)({
+        description: 'Auto-create user if not exists (for social auth)',
+        default: false,
+    }),
+    (0, class_validator_1.IsBoolean)(),
+    (0, class_validator_1.IsOptional)(),
+    tslib_1.__metadata("design:type", Boolean)
+], LoginRequestDto.prototype, "createUserIfNotExists", void 0);
+exports.LoginRequestDto = LoginRequestDto = tslib_1.__decorate([
+    (0, swagger_1.ApiExtraModels)(email_credentials_dto_1.EmailCredentialsDto, phone_credentials_dto_1.PhoneCredentialsDto, social_credentials_dto_1.SocialCredentialsDto)
+], LoginRequestDto);

package/src/lib/auth/dto/requests/refresh-token.request.dto.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export declare class RefreshTokenRequestDto {
+    refreshToken: string;
+}
+//# sourceMappingURL=refresh-token.request.dto.d.ts.map

package/src/lib/auth/dto/requests/refresh-token.request.dto.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"refresh-token.request.dto.d.ts","sourceRoot":"","sources":["../../../../../../../../packages/nest-auth/src/lib/auth/dto/requests/refresh-token.request.dto.ts"],"names":[],"mappings":"AAGA,qBAAa,sBAAsB;IAO/B,YAAY,EAAE,MAAM,CAAC;CACxB"}