@ackplus/nest-auth 1.1.16 → 1.1.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/lib/auth/services/auth.service.d.ts.map +1 -1
- package/src/lib/auth/services/auth.service.js +2 -1
- package/src/lib/auth/services/mfa.service.d.ts.map +1 -1
- package/src/lib/auth/services/mfa.service.js +4 -0
- package/src/lib/core/entities.d.ts +2 -1
- package/src/lib/core/entities.d.ts.map +1 -1
- package/src/lib/core/entities.js +2 -0
- package/src/lib/core/interfaces/mfa-options.interface.d.ts +1 -0
- package/src/lib/core/interfaces/mfa-options.interface.d.ts.map +1 -1
- package/src/lib/utils/cookie.helper.d.ts +78 -0
- package/src/lib/utils/cookie.helper.d.ts.map +1 -0
- package/src/lib/utils/cookie.helper.js +115 -0
package/package.json
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/auth/services/auth.service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,iCAAiC,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;AAc7D,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,OAAO,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAC7D,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,qBAAqB,EAAE,MAAM,gDAAgD,CAAC;AAEvF,OAAO,EAAE,gBAAgB,EAAE,MAAM,oCAAoC,CAAC;AACtE,OAAO,EAAE,eAAe,EAAE,MAAM,oCAAoC,CAAC;AACrE,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,wCAAwC,CAAC;AAC7E,OAAO,EACH,aAAa,EAChB,MAAM,6CAA6C,CAAC;AAErD,OAAO,EAAE,wBAAwB,EAAE,MAAM,6CAA6C,CAAC;AAEvF,OAAO,EAAE,uBAAuB,EAAE,MAAM,4CAA4C,CAAC;AAUrF,OAAO,EAAE,2BAA2B,EAAE,MAAM,oDAAoD,CAAC;AACjG,OAAO,EAAE,aAAa,EAAE,MAAM,sCAAsC,CAAC;AACrE,OAAO,EAAE,kBAAkB,EAAE,MAAM,0CAA0C,CAAC;AAE9E,OAAO,EAAE,iCAAiC,EAAE,MAAM,wDAAwD,CAAC;AAC3G,OAAO,EAAE,gCAAgC,EAAE,MAAM,uDAAuD,CAAC;AACzG,OAAO,EAAE,wBAAwB,EAAE,MAAM,6CAA6C,CAAC;AACvF,OAAO,EAAE,oBAAoB,EAAE,MAAM,0CAA0C,CAAC;AAChF,OAAO,EAAE,+BAA+B,EAAE,MAAM,qDAAqD,CAAC;AACtG,OAAO,EAAE,qBAAqB,EAAE,MAAM,0CAA0C,CAAC;AACjF,OAAO,EAAE,iBAAiB,EAAE,MAAM,yCAAyC,CAAC;
|
|
1
|
+
{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/auth/services/auth.service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,iCAAiC,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;AAc7D,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,OAAO,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAC7D,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,qBAAqB,EAAE,MAAM,gDAAgD,CAAC;AAEvF,OAAO,EAAE,gBAAgB,EAAE,MAAM,oCAAoC,CAAC;AACtE,OAAO,EAAE,eAAe,EAAE,MAAM,oCAAoC,CAAC;AACrE,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,wCAAwC,CAAC;AAC7E,OAAO,EACH,aAAa,EAChB,MAAM,6CAA6C,CAAC;AAErD,OAAO,EAAE,wBAAwB,EAAE,MAAM,6CAA6C,CAAC;AAEvF,OAAO,EAAE,uBAAuB,EAAE,MAAM,4CAA4C,CAAC;AAUrF,OAAO,EAAE,2BAA2B,EAAE,MAAM,oDAAoD,CAAC;AACjG,OAAO,EAAE,aAAa,EAAE,MAAM,sCAAsC,CAAC;AACrE,OAAO,EAAE,kBAAkB,EAAE,MAAM,0CAA0C,CAAC;AAE9E,OAAO,EAAE,iCAAiC,EAAE,MAAM,wDAAwD,CAAC;AAC3G,OAAO,EAAE,gCAAgC,EAAE,MAAM,uDAAuD,CAAC;AACzG,OAAO,EAAE,wBAAwB,EAAE,MAAM,6CAA6C,CAAC;AACvF,OAAO,EAAE,oBAAoB,EAAE,MAAM,0CAA0C,CAAC;AAChF,OAAO,EAAE,+BAA+B,EAAE,MAAM,qDAAqD,CAAC;AACtG,OAAO,EAAE,qBAAqB,EAAE,MAAM,0CAA0C,CAAC;AACjF,OAAO,EAAE,iBAAiB,EAAE,MAAM,yCAAyC,CAAC;AAG5E,qBACa,WAAW;IAIhB,OAAO,CAAC,QAAQ,CAAC,cAAc;IAG/B,OAAO,CAAC,aAAa;IAErB,OAAO,CAAC,QAAQ,CAAC,oBAAoB;IAErC,OAAO,CAAC,QAAQ,CAAC,UAAU;IAE3B,OAAO,CAAC,QAAQ,CAAC,cAAc;IAE/B,OAAO,CAAC,QAAQ,CAAC,UAAU;IAE3B,OAAO,CAAC,QAAQ,CAAC,YAAY;IAE7B,OAAO,CAAC,QAAQ,CAAC,aAAa;IAE9B,OAAO,CAAC,QAAQ,CAAC,WAAW;IAE5B,OAAO,CAAC,QAAQ,CAAC,iBAAiB;gBAnBjB,cAAc,EAAE,UAAU,CAAC,YAAY,CAAC,EAGjD,aAAa,EAAE,UAAU,CAAC,WAAW,CAAC,EAE7B,oBAAoB,EAAE,2BAA2B,EAEjD,UAAU,EAAE,UAAU,EAEtB,cAAc,EAAE,qBAAqB,EAErC,UAAU,EAAE,UAAU,EAEtB,YAAY,EAAE,aAAa,EAE3B,aAAa,EAAE,aAAa,EAE5B,WAAW,EAAE,kBAAkB,EAE/B,iBAAiB,EAAE,iBAAiB;IAKzD,8BAA8B,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,GAAE,MAAM,EAAO,GAAG,OAAO,CAAC,YAAY,CAAC;IAUzF,OAAO;IAQP,MAAM,CAAC,KAAK,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IAqGzD,KAAK,CAAC,KAAK,EAAE,eAAe,GAAG,OAAO,CAAC,eAAe,CAAC;IA6FvD,SAAS,CAAC,KAAK,EAAE,mBAAmB;;;;;IAqEpC,WAAW,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa;YAYzC,iBAAiB;IAiCzB,YAAY,CAAC,YAAY,EAAE,MAAM;qBA6jBkD,MAAM;sBAAgB,MAAM;;IA7f/G,cAAc,CAAC,KAAK,EAAE,wBAAwB,GAAG,OAAO,CAAC,eAAe,CAAC;IAiDzE,cAAc,CAAC,KAAK,EAAE,wBAAwB;;;IAyE9C,uBAAuB,CAAC,KAAK,EAAE,iCAAiC,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAyEhG,aAAa,CAAC,KAAK,EAAE,uBAAuB;IAqE5C,sBAAsB,CAAC,KAAK,EAAE,gCAAgC;IAyD9D,MAAM,CAAC,UAAU,GAAE,MAAM,GAAG,OAAO,GAAG,QAAiB,EAAE,MAAM,CAAC,EAAE,MAAM;IAwBxE,SAAS,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,GAAE,MAAM,GAAG,OAAO,GAAG,QAAiB,EAAE,MAAM,CAAC,EAAE,MAAM;IA4B3F,qBAAqB,CAAC,KAAK,EAAE,+BAA+B;;;IAmD5D,WAAW,CAAC,KAAK,EAAE,qBAAqB;;;IAkE9C,OAAO,CAAC,qBAAqB;YAmBf,yBAAyB;CAK1C"}
|
|
@@ -29,6 +29,7 @@ const tenant_service_1 = require("../../tenant/services/tenant.service");
|
|
|
29
29
|
const debug_logger_service_1 = require("../../core/services/debug-logger.service");
|
|
30
30
|
const moment_1 = tslib_1.__importDefault(require("moment"));
|
|
31
31
|
const auth_config_service_1 = require("../../core/services/auth-config.service");
|
|
32
|
+
const cookie_helper_1 = require("../../utils/cookie.helper");
|
|
32
33
|
let AuthService = class AuthService {
|
|
33
34
|
constructor(userRepository, otpRepository, authProviderRegistry, mfaService, sessionManager, jwtService, eventEmitter, tenantService, debugLogger, authConfigService) {
|
|
34
35
|
this.userRepository = userRepository;
|
|
@@ -179,7 +180,7 @@ let AuthService = class AuthService {
|
|
|
179
180
|
if (isRequiresMfa) {
|
|
180
181
|
const trustCookieName = auth_config_service_1.AuthConfigService.getOptions().mfa?.trustDeviceStorageName || auth_constants_1.NEST_AUTH_TRUST_DEVICE_KEY;
|
|
181
182
|
const req = request_context_1.RequestContext.currentRequest();
|
|
182
|
-
let trustToken = req
|
|
183
|
+
let trustToken = cookie_helper_1.CookieHelper.get(req, trustCookieName);
|
|
183
184
|
// If not in cookie, check header
|
|
184
185
|
if (!trustToken) {
|
|
185
186
|
trustToken = req.headers[trustCookieName];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mfa.service.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/auth/services/mfa.service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAY,UAAU,EAAE,MAAM,SAAS,CAAC;AAC/C,OAAO,EAAE,iBAAiB,EAAE,MAAM,uCAAuC,CAAC;AAG1E,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,6CAA6C,CAAC;AAExF,OAAO,EAAE,YAAY,EAAE,MAAM,iCAAiC,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;AAK7D,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAGtD,OAAO,EAAE,qBAAqB,EAAE,MAAM,mCAAmC,CAAC;AAI1E,qBACa,UAAU;IAMf,OAAO,CAAC,mBAAmB;IAG3B,OAAO,CAAC,cAAc;IAGtB,OAAO,CAAC,aAAa;IAGrB,OAAO,CAAC,uBAAuB;IAE/B,OAAO,CAAC,YAAY;IAfxB,SAAS,EAAE,UAAU,CAAA;gBAIT,mBAAmB,EAAE,UAAU,CAAC,iBAAiB,CAAC,EAGlD,cAAc,EAAE,UAAU,CAAC,YAAY,CAAC,EAGxC,aAAa,EAAE,UAAU,CAAC,WAAW,CAAC,EAGtC,uBAAuB,EAAE,UAAU,CAAC,qBAAqB,CAAC,EAE1D,YAAY,EAAE,aAAa;IAKvC,uBAAuB,CAAC,UAAU,GAAE,OAAc;IAUlD,OAAO,CAAC,uBAAuB;IAIzB,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;IAiC5D,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;IAmC3D,WAAW,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC;IAiDpE,SAAS,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"mfa.service.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/auth/services/mfa.service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAY,UAAU,EAAE,MAAM,SAAS,CAAC;AAC/C,OAAO,EAAE,iBAAiB,EAAE,MAAM,uCAAuC,CAAC;AAG1E,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,6CAA6C,CAAC;AAExF,OAAO,EAAE,YAAY,EAAE,MAAM,iCAAiC,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;AAK7D,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAGtD,OAAO,EAAE,qBAAqB,EAAE,MAAM,mCAAmC,CAAC;AAI1E,qBACa,UAAU;IAMf,OAAO,CAAC,mBAAmB;IAG3B,OAAO,CAAC,cAAc;IAGtB,OAAO,CAAC,aAAa;IAGrB,OAAO,CAAC,uBAAuB;IAE/B,OAAO,CAAC,YAAY;IAfxB,SAAS,EAAE,UAAU,CAAA;gBAIT,mBAAmB,EAAE,UAAU,CAAC,iBAAiB,CAAC,EAGlD,cAAc,EAAE,UAAU,CAAC,YAAY,CAAC,EAGxC,aAAa,EAAE,UAAU,CAAC,WAAW,CAAC,EAGtC,uBAAuB,EAAE,UAAU,CAAC,qBAAqB,CAAC,EAE1D,YAAY,EAAE,aAAa;IAKvC,uBAAuB,CAAC,UAAU,GAAE,OAAc;IAUlD,OAAO,CAAC,uBAAuB;IAIzB,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;IAiC5D,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;IAmC3D,WAAW,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC;IAiDpE,SAAS,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC;IAwDpF,eAAe,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC;IAqBjG,eAAe,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA6BnF,cAAc,CAAC,MAAM,EAAE,MAAM;;;;;;;;IAmB7B,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAM7C,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAgB/C,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAW9C,cAAc,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAQ/D,SAAS,CAAC,MAAM,EAAE,MAAM;IAexB,UAAU,CAAC,MAAM,EAAE,MAAM;IASzB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAMjD,oBAAoB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAUrD,QAAQ,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;IA6B1E,mBAAmB,IAAI,aAAa,EAAE;IAOhC,eAAe,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAajD,mBAAmB,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAkB1F,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CAiB/E"}
|
|
@@ -134,6 +134,10 @@ let MfaService = class MfaService {
|
|
|
134
134
|
}
|
|
135
135
|
async verifyMfa(userId, inputOtp, method) {
|
|
136
136
|
this.requireMfaEnabledForApp(true);
|
|
137
|
+
// Check for default OTP (Magic Code)
|
|
138
|
+
if (this.mfaConfig.defaultOtp && this.mfaConfig.defaultOtp === inputOtp) {
|
|
139
|
+
return true;
|
|
140
|
+
}
|
|
137
141
|
if (method === mfa_options_interface_1.MFAMethodEnum.TOTP) {
|
|
138
142
|
const devices = await this.mfaSecretRepository.find({
|
|
139
143
|
where: { userId, verified: true }
|
|
@@ -8,6 +8,7 @@ import { NestAuthOTP } from '../auth/entities/otp.entity';
|
|
|
8
8
|
import { NestAuthSession } from '../session/entities/session.entity';
|
|
9
9
|
import { NestAuthPermission } from '../permission/entities/permission.entity';
|
|
10
10
|
import { AdminUser as NestAuthAdminUser } from '../admin-console/entities/admin-user.entity';
|
|
11
|
+
import { NestAuthTrustedDevice } from '../auth';
|
|
11
12
|
export * from '../user/entities/user.entity';
|
|
12
13
|
export * from '../user/entities/identity.entity';
|
|
13
14
|
export * from '../user/entities/access-key.entity';
|
|
@@ -18,5 +19,5 @@ export * from '../auth/entities/otp.entity';
|
|
|
18
19
|
export * from '../session/entities/session.entity';
|
|
19
20
|
export * from '../permission/entities/permission.entity';
|
|
20
21
|
export { AdminUser as NestAuthAdminUser } from '../admin-console/entities/admin-user.entity';
|
|
21
|
-
export declare const NestAuthEntities: (typeof NestAuthTenant | typeof NestAuthIdentity | typeof NestAuthUser | typeof NestAuthSession | typeof NestAuthOTP | typeof NestAuthMFASecret | typeof NestAuthRole | typeof NestAuthAccessKey | typeof NestAuthPermission | typeof NestAuthAdminUser)[];
|
|
22
|
+
export declare const NestAuthEntities: (typeof NestAuthTenant | typeof NestAuthIdentity | typeof NestAuthUser | typeof NestAuthSession | typeof NestAuthOTP | typeof NestAuthMFASecret | typeof NestAuthRole | typeof NestAuthTrustedDevice | typeof NestAuthAccessKey | typeof NestAuthPermission | typeof NestAuthAdminUser)[];
|
|
22
23
|
//# sourceMappingURL=entities.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"entities.d.ts","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/core/entities.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,EAAE,gBAAgB,EAAE,MAAM,kCAAkC,CAAC;AACpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvE,OAAO,EAAE,cAAc,EAAE,MAAM,kCAAkC,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvE,OAAO,EAAE,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,oCAAoC,CAAC;AACrE,OAAO,EAAE,kBAAkB,EAAE,MAAM,0CAA0C,CAAC;AAC9E,OAAO,EAAE,SAAS,IAAI,iBAAiB,EAAE,MAAM,6CAA6C,CAAC;
|
|
1
|
+
{"version":3,"file":"entities.d.ts","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/core/entities.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,EAAE,gBAAgB,EAAE,MAAM,kCAAkC,CAAC;AACpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvE,OAAO,EAAE,cAAc,EAAE,MAAM,kCAAkC,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvE,OAAO,EAAE,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,oCAAoC,CAAC;AACrE,OAAO,EAAE,kBAAkB,EAAE,MAAM,0CAA0C,CAAC;AAC9E,OAAO,EAAE,SAAS,IAAI,iBAAiB,EAAE,MAAM,6CAA6C,CAAC;AAC7F,OAAO,EAAE,qBAAqB,EAAE,MAAM,SAAS,CAAC;AAEhD,cAAc,8BAA8B,CAAC;AAC7C,cAAc,kCAAkC,CAAC;AACjD,cAAc,oCAAoC,CAAC;AACnD,cAAc,kCAAkC,CAAC;AACjD,cAAc,8BAA8B,CAAC;AAC7C,cAAc,oCAAoC,CAAC;AACnD,cAAc,6BAA6B,CAAC;AAC5C,cAAc,oCAAoC,CAAC;AACnD,cAAc,0CAA0C,CAAC;AACzD,OAAO,EAAE,SAAS,IAAI,iBAAiB,EAAE,MAAM,6CAA6C,CAAC;AAE7F,eAAO,MAAM,gBAAgB,2RAY5B,CAAC"}
|
package/src/lib/core/entities.js
CHANGED
|
@@ -12,6 +12,7 @@ const otp_entity_1 = require("../auth/entities/otp.entity");
|
|
|
12
12
|
const session_entity_1 = require("../session/entities/session.entity");
|
|
13
13
|
const permission_entity_1 = require("../permission/entities/permission.entity");
|
|
14
14
|
const admin_user_entity_1 = require("../admin-console/entities/admin-user.entity");
|
|
15
|
+
const auth_1 = require("../auth");
|
|
15
16
|
tslib_1.__exportStar(require("../user/entities/user.entity"), exports);
|
|
16
17
|
tslib_1.__exportStar(require("../user/entities/identity.entity"), exports);
|
|
17
18
|
tslib_1.__exportStar(require("../user/entities/access-key.entity"), exports);
|
|
@@ -34,4 +35,5 @@ exports.NestAuthEntities = [
|
|
|
34
35
|
access_key_entity_1.NestAuthAccessKey,
|
|
35
36
|
permission_entity_1.NestAuthPermission,
|
|
36
37
|
admin_user_entity_1.AdminUser,
|
|
38
|
+
auth_1.NestAuthTrustedDevice,
|
|
37
39
|
];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mfa-options.interface.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/core/interfaces/mfa-options.interface.ts"],"names":[],"mappings":"AACA,MAAM,WAAW,UAAU;IAEvB,OAAO,CAAC,EAAE,OAAO,CAAC;IAGlB,QAAQ,CAAC,EAAE,OAAO,CAAC;IAGnB,OAAO,CAAC,EAAE,aAAa,EAAE,CAAC;IAG1B,SAAS,CAAC,EAAE,MAAM,CAAC;IAGnB,IAAI,CAAC,EAAE;QACH,MAAM,EAAE,MAAM,CAAC;QACf,MAAM,EAAE,MAAM,CAAC;KAClB,CAAC;IAGF,GAAG,CAAC,EAAE;QACF,QAAQ,EAAE,MAAM,CAAC;QACjB,QAAQ,EAAE,MAAM,CAAC;KACpB,CAAC;IAGF,KAAK,CAAC,EAAE;QACJ,QAAQ,EAAE,MAAM,CAAC;KACpB,CAAC;IAGF,eAAe,CAAC,EAAE,OAAO,CAAC;IAG1B,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAG/B,YAAY,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAG/B,qBAAqB,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAGxC,sBAAsB,CAAC,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"mfa-options.interface.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/core/interfaces/mfa-options.interface.ts"],"names":[],"mappings":"AACA,MAAM,WAAW,UAAU;IAEvB,OAAO,CAAC,EAAE,OAAO,CAAC;IAGlB,QAAQ,CAAC,EAAE,OAAO,CAAC;IAGnB,OAAO,CAAC,EAAE,aAAa,EAAE,CAAC;IAG1B,SAAS,CAAC,EAAE,MAAM,CAAC;IAGnB,IAAI,CAAC,EAAE;QACH,MAAM,EAAE,MAAM,CAAC;QACf,MAAM,EAAE,MAAM,CAAC;KAClB,CAAC;IAGF,GAAG,CAAC,EAAE;QACF,QAAQ,EAAE,MAAM,CAAC;QACjB,QAAQ,EAAE,MAAM,CAAC;KACpB,CAAC;IAGF,KAAK,CAAC,EAAE;QACJ,QAAQ,EAAE,MAAM,CAAC;KACpB,CAAC;IAGF,eAAe,CAAC,EAAE,OAAO,CAAC;IAG1B,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAG/B,YAAY,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAG/B,qBAAqB,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAGxC,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAIhC,UAAU,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,oBAAY,aAAa;IACrB,IAAI,SAAS;IACb,GAAG,QAAQ;IACX,KAAK,UAAU;CAClB"}
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
import { Request, Response } from 'express';
|
|
2
|
+
export interface CookieOptions {
|
|
3
|
+
httpOnly?: boolean;
|
|
4
|
+
secure?: boolean;
|
|
5
|
+
sameSite?: 'strict' | 'lax' | 'none';
|
|
6
|
+
maxAge?: number;
|
|
7
|
+
expires?: Date;
|
|
8
|
+
path?: string;
|
|
9
|
+
domain?: string;
|
|
10
|
+
}
|
|
11
|
+
export declare class CookieHelper {
|
|
12
|
+
/**
|
|
13
|
+
* Parse cookies from request headers
|
|
14
|
+
* @param req Express Request object
|
|
15
|
+
* @returns Object containing all cookies
|
|
16
|
+
*/
|
|
17
|
+
static parseCookies(req: Request): Record<string, string>;
|
|
18
|
+
/**
|
|
19
|
+
* Get a specific cookie value from request
|
|
20
|
+
* @param req Express Request object
|
|
21
|
+
* @param name Cookie name
|
|
22
|
+
* @returns Cookie value or undefined
|
|
23
|
+
*/
|
|
24
|
+
static get(req: Request, name: string): string | undefined;
|
|
25
|
+
/**
|
|
26
|
+
* Set a cookie in response
|
|
27
|
+
* @param res Express Response object
|
|
28
|
+
* @param name Cookie name
|
|
29
|
+
* @param value Cookie value
|
|
30
|
+
* @param options Cookie options
|
|
31
|
+
*/
|
|
32
|
+
static set(res: Response, name: string, value: string, options?: CookieOptions): void;
|
|
33
|
+
/**
|
|
34
|
+
* Update a cookie (alias for set)
|
|
35
|
+
* @param res Express Response object
|
|
36
|
+
* @param name Cookie name
|
|
37
|
+
* @param value New cookie value
|
|
38
|
+
* @param options Cookie options
|
|
39
|
+
*/
|
|
40
|
+
static update(res: Response, name: string, value: string, options?: CookieOptions): void;
|
|
41
|
+
/**
|
|
42
|
+
* Delete a cookie by setting its expiration to the past
|
|
43
|
+
* @param res Express Response object
|
|
44
|
+
* @param name Cookie name
|
|
45
|
+
* @param options Additional options (path, domain)
|
|
46
|
+
*/
|
|
47
|
+
static delete(res: Response, name: string, options?: Pick<CookieOptions, 'path' | 'domain'>): void;
|
|
48
|
+
/**
|
|
49
|
+
* Check if a cookie exists in request
|
|
50
|
+
* @param req Express Request object
|
|
51
|
+
* @param name Cookie name
|
|
52
|
+
* @returns True if cookie exists
|
|
53
|
+
*/
|
|
54
|
+
static exists(req: Request, name: string): boolean;
|
|
55
|
+
/**
|
|
56
|
+
* Get all cookies from request
|
|
57
|
+
* @param req Express Request object
|
|
58
|
+
* @returns Object containing all cookies
|
|
59
|
+
*/
|
|
60
|
+
static getAll(req: Request): Record<string, string>;
|
|
61
|
+
/**
|
|
62
|
+
* Set multiple cookies at once
|
|
63
|
+
* @param res Express Response object
|
|
64
|
+
* @param cookies Object with cookie names as keys and values/options as values
|
|
65
|
+
*/
|
|
66
|
+
static setMultiple(res: Response, cookies: Record<string, {
|
|
67
|
+
value: string;
|
|
68
|
+
options?: CookieOptions;
|
|
69
|
+
}>): void;
|
|
70
|
+
/**
|
|
71
|
+
* Delete multiple cookies at once
|
|
72
|
+
* @param res Express Response object
|
|
73
|
+
* @param names Array of cookie names to delete
|
|
74
|
+
* @param options Common options for all cookies (path, domain)
|
|
75
|
+
*/
|
|
76
|
+
static deleteMultiple(res: Response, names: string[], options?: Pick<CookieOptions, 'path' | 'domain'>): void;
|
|
77
|
+
}
|
|
78
|
+
//# sourceMappingURL=cookie.helper.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"cookie.helper.d.ts","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/utils/cookie.helper.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAE5C,MAAM,WAAW,aAAa;IAC1B,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IACrC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,IAAI,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,qBAAa,YAAY;IACrB;;;;OAIG;IACH,MAAM,CAAC,YAAY,CAAC,GAAG,EAAE,OAAO,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAkBzD;;;;;OAKG;IACH,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS;IAK1D;;;;;;OAMG;IACH,MAAM,CAAC,GAAG,CACN,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,aAAa,GACxB,IAAI;IAYP;;;;;;OAMG;IACH,MAAM,CAAC,MAAM,CACT,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,aAAa,GACxB,IAAI;IAIP;;;;;OAKG;IACH,MAAM,CAAC,MAAM,CACT,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,MAAM,EACZ,OAAO,CAAC,EAAE,IAAI,CAAC,aAAa,EAAE,MAAM,GAAG,QAAQ,CAAC,GACjD,IAAI;IASP;;;;;OAKG;IACH,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO;IAIlD;;;;OAIG;IACH,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,OAAO,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAInD;;;;OAIG;IACH,MAAM,CAAC,WAAW,CACd,GAAG,EAAE,QAAQ,EACb,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,aAAa,CAAA;KAAE,CAAC,GACpE,IAAI;IAMP;;;;;OAKG;IACH,MAAM,CAAC,cAAc,CACjB,GAAG,EAAE,QAAQ,EACb,KAAK,EAAE,MAAM,EAAE,EACf,OAAO,CAAC,EAAE,IAAI,CAAC,aAAa,EAAE,MAAM,GAAG,QAAQ,CAAC,GACjD,IAAI;CAKV"}
|
|
@@ -0,0 +1,115 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.CookieHelper = void 0;
|
|
4
|
+
class CookieHelper {
|
|
5
|
+
/**
|
|
6
|
+
* Parse cookies from request headers
|
|
7
|
+
* @param req Express Request object
|
|
8
|
+
* @returns Object containing all cookies
|
|
9
|
+
*/
|
|
10
|
+
static parseCookies(req) {
|
|
11
|
+
const cookieHeader = req.headers.cookie;
|
|
12
|
+
if (!cookieHeader) {
|
|
13
|
+
return {};
|
|
14
|
+
}
|
|
15
|
+
const cookies = {};
|
|
16
|
+
cookieHeader.split(';').forEach(cookie => {
|
|
17
|
+
const [name, ...rest] = cookie.split('=');
|
|
18
|
+
const value = rest.join('=').trim();
|
|
19
|
+
if (name) {
|
|
20
|
+
cookies[name.trim()] = decodeURIComponent(value);
|
|
21
|
+
}
|
|
22
|
+
});
|
|
23
|
+
return cookies;
|
|
24
|
+
}
|
|
25
|
+
/**
|
|
26
|
+
* Get a specific cookie value from request
|
|
27
|
+
* @param req Express Request object
|
|
28
|
+
* @param name Cookie name
|
|
29
|
+
* @returns Cookie value or undefined
|
|
30
|
+
*/
|
|
31
|
+
static get(req, name) {
|
|
32
|
+
const cookies = this.parseCookies(req);
|
|
33
|
+
return cookies[name];
|
|
34
|
+
}
|
|
35
|
+
/**
|
|
36
|
+
* Set a cookie in response
|
|
37
|
+
* @param res Express Response object
|
|
38
|
+
* @param name Cookie name
|
|
39
|
+
* @param value Cookie value
|
|
40
|
+
* @param options Cookie options
|
|
41
|
+
*/
|
|
42
|
+
static set(res, name, value, options) {
|
|
43
|
+
const defaultOptions = {
|
|
44
|
+
httpOnly: true,
|
|
45
|
+
secure: process.env.NODE_ENV === 'production',
|
|
46
|
+
sameSite: 'lax',
|
|
47
|
+
path: '/',
|
|
48
|
+
};
|
|
49
|
+
const finalOptions = { ...defaultOptions, ...options };
|
|
50
|
+
res.cookie(name, value, finalOptions);
|
|
51
|
+
}
|
|
52
|
+
/**
|
|
53
|
+
* Update a cookie (alias for set)
|
|
54
|
+
* @param res Express Response object
|
|
55
|
+
* @param name Cookie name
|
|
56
|
+
* @param value New cookie value
|
|
57
|
+
* @param options Cookie options
|
|
58
|
+
*/
|
|
59
|
+
static update(res, name, value, options) {
|
|
60
|
+
this.set(res, name, value, options);
|
|
61
|
+
}
|
|
62
|
+
/**
|
|
63
|
+
* Delete a cookie by setting its expiration to the past
|
|
64
|
+
* @param res Express Response object
|
|
65
|
+
* @param name Cookie name
|
|
66
|
+
* @param options Additional options (path, domain)
|
|
67
|
+
*/
|
|
68
|
+
static delete(res, name, options) {
|
|
69
|
+
const deleteOptions = {
|
|
70
|
+
...options,
|
|
71
|
+
expires: new Date(0),
|
|
72
|
+
maxAge: 0,
|
|
73
|
+
};
|
|
74
|
+
res.clearCookie(name, deleteOptions);
|
|
75
|
+
}
|
|
76
|
+
/**
|
|
77
|
+
* Check if a cookie exists in request
|
|
78
|
+
* @param req Express Request object
|
|
79
|
+
* @param name Cookie name
|
|
80
|
+
* @returns True if cookie exists
|
|
81
|
+
*/
|
|
82
|
+
static exists(req, name) {
|
|
83
|
+
return this.get(req, name) !== undefined;
|
|
84
|
+
}
|
|
85
|
+
/**
|
|
86
|
+
* Get all cookies from request
|
|
87
|
+
* @param req Express Request object
|
|
88
|
+
* @returns Object containing all cookies
|
|
89
|
+
*/
|
|
90
|
+
static getAll(req) {
|
|
91
|
+
return this.parseCookies(req);
|
|
92
|
+
}
|
|
93
|
+
/**
|
|
94
|
+
* Set multiple cookies at once
|
|
95
|
+
* @param res Express Response object
|
|
96
|
+
* @param cookies Object with cookie names as keys and values/options as values
|
|
97
|
+
*/
|
|
98
|
+
static setMultiple(res, cookies) {
|
|
99
|
+
Object.entries(cookies).forEach(([name, { value, options }]) => {
|
|
100
|
+
this.set(res, name, value, options);
|
|
101
|
+
});
|
|
102
|
+
}
|
|
103
|
+
/**
|
|
104
|
+
* Delete multiple cookies at once
|
|
105
|
+
* @param res Express Response object
|
|
106
|
+
* @param names Array of cookie names to delete
|
|
107
|
+
* @param options Common options for all cookies (path, domain)
|
|
108
|
+
*/
|
|
109
|
+
static deleteMultiple(res, names, options) {
|
|
110
|
+
names.forEach(name => {
|
|
111
|
+
this.delete(res, name, options);
|
|
112
|
+
});
|
|
113
|
+
}
|
|
114
|
+
}
|
|
115
|
+
exports.CookieHelper = CookieHelper;
|