@ackplus/nest-auth 1.1.27 → 1.1.29
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +480 -59
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +34 -0
- package/dist/index.js.map +1 -0
- package/dist/lib/admin-console/admin-console.module.d.ts.map +1 -0
- package/dist/lib/admin-console/admin-console.module.js +72 -0
- package/dist/lib/admin-console/admin-console.module.js.map +1 -0
- package/dist/lib/admin-console/controllers/admin-auth.controller.d.ts.map +1 -0
- package/dist/lib/admin-console/controllers/admin-auth.controller.js +376 -0
- package/dist/lib/admin-console/controllers/admin-auth.controller.js.map +1 -0
- package/dist/lib/admin-console/controllers/admin-console.controller.d.ts.map +1 -0
- package/dist/lib/admin-console/controllers/admin-console.controller.js +97 -0
- package/dist/lib/admin-console/controllers/admin-console.controller.js.map +1 -0
- package/dist/lib/admin-console/controllers/admin-permissions.controller.d.ts +83 -0
- package/dist/lib/admin-console/controllers/admin-permissions.controller.d.ts.map +1 -0
- package/dist/lib/admin-console/controllers/admin-permissions.controller.js +205 -0
- package/dist/lib/admin-console/controllers/admin-permissions.controller.js.map +1 -0
- package/dist/lib/admin-console/controllers/admin-roles.controller.d.ts.map +1 -0
- package/dist/lib/admin-console/controllers/admin-roles.controller.js +103 -0
- package/dist/lib/admin-console/controllers/admin-roles.controller.js.map +1 -0
- package/dist/lib/admin-console/controllers/admin-tenants.controller.d.ts.map +1 -0
- package/dist/lib/admin-console/controllers/admin-tenants.controller.js +99 -0
- package/dist/lib/admin-console/controllers/admin-tenants.controller.js.map +1 -0
- package/dist/lib/admin-console/controllers/admin-users.controller.d.ts.map +1 -0
- package/dist/lib/admin-console/controllers/admin-users.controller.js +398 -0
- package/dist/lib/admin-console/controllers/admin-users.controller.js.map +1 -0
- package/dist/lib/admin-console/decorators/current-admin.decorator.d.ts.map +1 -0
- package/dist/lib/admin-console/decorators/current-admin.decorator.js +9 -0
- package/dist/lib/admin-console/decorators/current-admin.decorator.js.map +1 -0
- package/dist/lib/admin-console/dto/admin-permission.dto.d.ts.map +1 -0
- package/dist/lib/admin-console/dto/admin-permission.dto.js +143 -0
- package/dist/lib/admin-console/dto/admin-permission.dto.js.map +1 -0
- package/dist/lib/admin-console/dto/admin-role.dto.d.ts.map +1 -0
- package/dist/lib/admin-console/dto/admin-role.dto.js +70 -0
- package/dist/lib/admin-console/dto/admin-role.dto.js.map +1 -0
- package/dist/lib/admin-console/dto/admin-tenant.dto.d.ts.map +1 -0
- package/dist/lib/admin-console/dto/admin-tenant.dto.js +74 -0
- package/dist/lib/admin-console/dto/admin-tenant.dto.js.map +1 -0
- package/dist/lib/admin-console/dto/admin-user.dto.d.ts.map +1 -0
- package/dist/lib/admin-console/dto/admin-user.dto.js +119 -0
- package/dist/lib/admin-console/dto/admin-user.dto.js.map +1 -0
- package/dist/lib/admin-console/dto/create-dashboard-admin.dto.d.ts.map +1 -0
- package/dist/lib/admin-console/dto/create-dashboard-admin.dto.js +53 -0
- package/dist/lib/admin-console/dto/create-dashboard-admin.dto.js.map +1 -0
- package/dist/lib/admin-console/dto/login.dto.d.ts.map +1 -0
- package/dist/lib/admin-console/dto/login.dto.js +28 -0
- package/dist/lib/admin-console/dto/login.dto.js.map +1 -0
- package/dist/lib/admin-console/dto/reset-password.dto.d.ts.map +1 -0
- package/dist/lib/admin-console/dto/reset-password.dto.js +38 -0
- package/dist/lib/admin-console/dto/reset-password.dto.js.map +1 -0
- package/dist/lib/admin-console/dto/setup-admin.dto.d.ts.map +1 -0
- package/dist/lib/admin-console/dto/setup-admin.dto.js +42 -0
- package/dist/lib/admin-console/dto/setup-admin.dto.js.map +1 -0
- package/dist/lib/admin-console/dto/signup.dto.d.ts.map +1 -0
- package/dist/lib/admin-console/dto/signup.dto.js +72 -0
- package/dist/lib/admin-console/dto/signup.dto.js.map +1 -0
- package/dist/lib/admin-console/entities/admin-user.entity.d.ts +18 -0
- package/dist/lib/admin-console/entities/admin-user.entity.d.ts.map +1 -0
- package/dist/lib/admin-console/entities/admin-user.entity.js +150 -0
- package/dist/lib/admin-console/entities/admin-user.entity.js.map +1 -0
- package/dist/lib/admin-console/guards/admin-session.guard.d.ts.map +1 -0
- package/dist/lib/admin-console/guards/admin-session.guard.js +52 -0
- package/dist/lib/admin-console/guards/admin-session.guard.js.map +1 -0
- package/dist/lib/admin-console/services/admin-auth.service.d.ts.map +1 -0
- package/dist/lib/admin-console/services/admin-auth.service.js +88 -0
- package/dist/lib/admin-console/services/admin-auth.service.js.map +1 -0
- package/dist/lib/admin-console/services/admin-console-config.service.d.ts.map +1 -0
- package/dist/lib/admin-console/services/admin-console-config.service.js +66 -0
- package/dist/lib/admin-console/services/admin-console-config.service.js.map +1 -0
- package/dist/lib/admin-console/services/admin-session.service.d.ts +22 -0
- package/dist/lib/admin-console/services/admin-session.service.d.ts.map +1 -0
- package/dist/lib/admin-console/services/admin-session.service.js +130 -0
- package/dist/lib/admin-console/services/admin-session.service.js.map +1 -0
- package/dist/lib/admin-console/services/admin-user.service.d.ts.map +1 -0
- package/dist/lib/admin-console/services/admin-user.service.js +101 -0
- package/dist/lib/admin-console/services/admin-user.service.js.map +1 -0
- package/dist/lib/audit/services/audit.service.d.ts.map +1 -0
- package/dist/lib/audit/services/audit.service.js +153 -0
- package/dist/lib/audit/services/audit.service.js.map +1 -0
- package/dist/lib/auth/auth.module.d.ts.map +1 -0
- package/dist/lib/auth/auth.module.js +74 -0
- package/dist/lib/auth/auth.module.js.map +1 -0
- package/dist/lib/auth/controllers/auth.controller.d.ts +57 -0
- package/dist/lib/auth/controllers/auth.controller.d.ts.map +1 -0
- package/dist/lib/auth/controllers/auth.controller.js +485 -0
- package/dist/lib/auth/controllers/auth.controller.js.map +1 -0
- package/dist/lib/auth/controllers/mfa.controller.d.ts.map +1 -0
- package/dist/lib/auth/controllers/mfa.controller.js +239 -0
- package/dist/lib/auth/controllers/mfa.controller.js.map +1 -0
- package/dist/lib/auth/dto/credentials/email-credentials.dto.d.ts +5 -0
- package/dist/lib/auth/dto/credentials/email-credentials.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/credentials/email-credentials.dto.js +39 -0
- package/dist/lib/auth/dto/credentials/email-credentials.dto.js.map +1 -0
- package/dist/lib/auth/dto/credentials/phone-credentials.dto.d.ts +5 -0
- package/dist/lib/auth/dto/credentials/phone-credentials.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/credentials/phone-credentials.dto.js +39 -0
- package/dist/lib/auth/dto/credentials/phone-credentials.dto.js.map +1 -0
- package/dist/lib/auth/dto/credentials/social-credentials.dto.d.ts +4 -0
- package/dist/lib/auth/dto/credentials/social-credentials.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/credentials/social-credentials.dto.js +28 -0
- package/dist/lib/auth/dto/credentials/social-credentials.dto.js.map +1 -0
- package/dist/lib/auth/dto/index.d.ts.map +1 -0
- package/dist/lib/auth/dto/index.js +1 -0
- package/dist/lib/auth/dto/index.js.map +1 -0
- package/dist/lib/auth/dto/requests/change-password.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/change-password.request.dto.js +53 -0
- package/dist/lib/auth/dto/requests/change-password.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/forgot-password.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/forgot-password.request.dto.js +50 -0
- package/dist/lib/auth/dto/requests/forgot-password.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/initialize-admin.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/initialize-admin.request.dto.js +72 -0
- package/dist/lib/auth/dto/requests/initialize-admin.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/login.request.dto.d.ts +10 -0
- package/dist/lib/auth/dto/requests/login.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/login.request.dto.js +85 -0
- package/dist/lib/auth/dto/requests/login.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/refresh-token.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/refresh-token.request.dto.js +28 -0
- package/dist/lib/auth/dto/requests/refresh-token.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/reset-password-with-token.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/reset-password-with-token.request.dto.js +40 -0
- package/dist/lib/auth/dto/requests/reset-password-with-token.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/reset-password.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/reset-password.request.dto.js +74 -0
- package/dist/lib/auth/dto/requests/reset-password.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/send-email-verification.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/send-email-verification.request.dto.js +28 -0
- package/dist/lib/auth/dto/requests/send-email-verification.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/send-mfa-code.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/send-mfa-code.request.dto.js +35 -0
- package/dist/lib/auth/dto/requests/send-mfa-code.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/signup.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/signup.request.dto.js +62 -0
- package/dist/lib/auth/dto/requests/signup.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/toggle-mfa.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/toggle-mfa.request.dto.js +28 -0
- package/dist/lib/auth/dto/requests/toggle-mfa.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/verify-2fa.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/verify-2fa.request.dto.js +51 -0
- package/dist/lib/auth/dto/requests/verify-2fa.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/verify-email.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/verify-email.request.dto.js +40 -0
- package/dist/lib/auth/dto/requests/verify-email.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.js +62 -0
- package/dist/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/verify-totp-setup.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/verify-totp-setup.request.dto.js +40 -0
- package/dist/lib/auth/dto/requests/verify-totp-setup.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/responses/auth-cookie.response.dto.d.ts +5 -0
- package/dist/lib/auth/dto/responses/auth-cookie.response.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/responses/auth-cookie.response.dto.js +40 -0
- package/dist/lib/auth/dto/responses/auth-cookie.response.dto.js.map +1 -0
- package/dist/lib/auth/dto/responses/auth-success.response.dto.d.ts +5 -0
- package/dist/lib/auth/dto/responses/auth-success.response.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/responses/auth-success.response.dto.js +40 -0
- package/dist/lib/auth/dto/responses/auth-success.response.dto.js.map +1 -0
- package/dist/lib/auth/dto/responses/auth.response.dto.d.ts +22 -0
- package/dist/lib/auth/dto/responses/auth.response.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/responses/auth.response.dto.js +114 -0
- package/dist/lib/auth/dto/responses/auth.response.dto.js.map +1 -0
- package/dist/lib/auth/dto/responses/client-config.response.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/responses/client-config.response.dto.js +247 -0
- package/dist/lib/auth/dto/responses/client-config.response.dto.js.map +1 -0
- package/dist/lib/auth/dto/responses/initialize-admin.response.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/responses/initialize-admin.response.dto.js +42 -0
- package/dist/lib/auth/dto/responses/initialize-admin.response.dto.js.map +1 -0
- package/dist/lib/auth/dto/responses/mfa-code-response.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/responses/mfa-code-response.dto.js +49 -0
- package/dist/lib/auth/dto/responses/mfa-code-response.dto.js.map +1 -0
- package/dist/lib/auth/dto/responses/mfa-status.response.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/responses/mfa-status.response.dto.js +130 -0
- package/dist/lib/auth/dto/responses/mfa-status.response.dto.js.map +1 -0
- package/dist/lib/auth/dto/responses/verify-otp.response.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/responses/verify-otp.response.dto.js +27 -0
- package/dist/lib/auth/dto/responses/verify-otp.response.dto.js.map +1 -0
- package/dist/lib/auth/entities/mfa-secret.entity.d.ts.map +1 -0
- package/dist/lib/auth/entities/mfa-secret.entity.js +67 -0
- package/dist/lib/auth/entities/mfa-secret.entity.js.map +1 -0
- package/dist/lib/auth/entities/otp.entity.d.ts.map +1 -0
- package/dist/lib/auth/entities/otp.entity.js +67 -0
- package/dist/lib/auth/entities/otp.entity.js.map +1 -0
- package/dist/lib/auth/entities/trusted-device.entity.d.ts.map +1 -0
- package/dist/lib/auth/entities/trusted-device.entity.js +69 -0
- package/dist/lib/auth/entities/trusted-device.entity.js.map +1 -0
- package/dist/lib/auth/events/index.d.ts.map +1 -0
- package/dist/lib/auth/events/index.js +29 -0
- package/dist/lib/auth/events/index.js.map +1 -0
- package/dist/lib/auth/events/logged-out-all.event.d.ts.map +1 -0
- package/dist/lib/auth/events/logged-out-all.event.js +11 -0
- package/dist/lib/auth/events/logged-out-all.event.js.map +1 -0
- package/dist/lib/auth/events/logged-out.event.d.ts.map +1 -0
- package/dist/lib/auth/events/logged-out.event.js +11 -0
- package/dist/lib/auth/events/logged-out.event.js.map +1 -0
- package/dist/lib/auth/events/password-reset-requested.event.d.ts.map +1 -0
- package/dist/lib/auth/events/password-reset-requested.event.js +11 -0
- package/dist/lib/auth/events/password-reset-requested.event.js.map +1 -0
- package/dist/lib/auth/events/password-reset.event.d.ts.map +1 -0
- package/dist/lib/auth/events/password-reset.event.js +11 -0
- package/dist/lib/auth/events/password-reset.event.js.map +1 -0
- package/dist/lib/auth/events/two-factor-code-sent.event.d.ts.map +1 -0
- package/dist/lib/auth/events/two-factor-code-sent.event.js +11 -0
- package/dist/lib/auth/events/two-factor-code-sent.event.js.map +1 -0
- package/dist/lib/auth/events/user-2fa-disabled.event.d.ts.map +1 -0
- package/dist/lib/auth/events/user-2fa-disabled.event.js +14 -0
- package/dist/lib/auth/events/user-2fa-disabled.event.js.map +1 -0
- package/dist/lib/auth/events/user-2fa-enabled.event.d.ts.map +1 -0
- package/dist/lib/auth/events/user-2fa-enabled.event.js +17 -0
- package/dist/lib/auth/events/user-2fa-enabled.event.js.map +1 -0
- package/dist/lib/auth/events/user-2fa-verified.event.d.ts.map +1 -0
- package/dist/lib/auth/events/user-2fa-verified.event.js +11 -0
- package/dist/lib/auth/events/user-2fa-verified.event.js.map +1 -0
- package/dist/lib/auth/events/user-logged-in.event.d.ts.map +1 -0
- package/dist/lib/auth/events/user-logged-in.event.js +11 -0
- package/dist/lib/auth/events/user-logged-in.event.js.map +1 -0
- package/dist/lib/auth/events/user-password-changed.event.d.ts.map +1 -0
- package/dist/lib/auth/events/user-password-changed.event.js +17 -0
- package/dist/lib/auth/events/user-password-changed.event.js.map +1 -0
- package/dist/lib/auth/events/user-refresh-token.event.d.ts.map +1 -0
- package/dist/lib/auth/events/user-refresh-token.event.js +11 -0
- package/dist/lib/auth/events/user-refresh-token.event.js.map +1 -0
- package/dist/lib/auth/events/user-registered.event.d.ts.map +1 -0
- package/dist/lib/auth/events/user-registered.event.js +11 -0
- package/dist/lib/auth/events/user-registered.event.js.map +1 -0
- package/dist/lib/auth/guards/auth.guard.d.ts +27 -0
- package/dist/lib/auth/guards/auth.guard.d.ts.map +1 -0
- package/dist/lib/auth/guards/auth.guard.js +355 -0
- package/dist/lib/auth/guards/auth.guard.js.map +1 -0
- package/dist/lib/auth/index.d.ts.map +1 -0
- package/dist/lib/auth/index.js +60 -0
- package/dist/lib/auth/index.js.map +1 -0
- package/dist/lib/auth/interceptors/refresh-token.interceptor.d.ts +16 -0
- package/dist/lib/auth/interceptors/refresh-token.interceptor.d.ts.map +1 -0
- package/dist/lib/auth/interceptors/refresh-token.interceptor.js +87 -0
- package/dist/lib/auth/interceptors/refresh-token.interceptor.js.map +1 -0
- package/dist/lib/auth/services/auth-session-event-listener.service.d.ts +12 -0
- package/dist/lib/auth/services/auth-session-event-listener.service.d.ts.map +1 -0
- package/dist/lib/auth/services/auth-session-event-listener.service.js +58 -0
- package/dist/lib/auth/services/auth-session-event-listener.service.js.map +1 -0
- package/dist/lib/auth/services/auth.service.d.ts +72 -0
- package/dist/lib/auth/services/auth.service.d.ts.map +1 -0
- package/dist/lib/auth/services/auth.service.js +977 -0
- package/dist/lib/auth/services/auth.service.js.map +1 -0
- package/dist/lib/auth/services/client-config.service.d.ts.map +1 -0
- package/dist/lib/auth/services/client-config.service.js +159 -0
- package/dist/lib/auth/services/client-config.service.js.map +1 -0
- package/dist/lib/auth/services/cookie.service.d.ts.map +1 -0
- package/dist/lib/auth/services/cookie.service.js +55 -0
- package/dist/lib/auth/services/cookie.service.js.map +1 -0
- package/dist/lib/auth/services/mfa.service.d.ts.map +1 -0
- package/dist/lib/auth/services/mfa.service.js +420 -0
- package/dist/lib/auth/services/mfa.service.js.map +1 -0
- package/dist/lib/auth.constants.d.ts +210 -0
- package/dist/lib/auth.constants.d.ts.map +1 -0
- package/dist/lib/auth.constants.js +151 -0
- package/dist/lib/auth.constants.js.map +1 -0
- package/dist/lib/core/core.module.d.ts +3 -0
- package/dist/lib/core/core.module.d.ts.map +1 -0
- package/dist/lib/core/core.module.js +59 -0
- package/dist/lib/core/core.module.js.map +1 -0
- package/dist/lib/core/decorators/auth.decorator.d.ts +2 -0
- package/dist/lib/core/decorators/auth.decorator.d.ts.map +1 -0
- package/dist/lib/core/decorators/auth.decorator.js +8 -0
- package/dist/lib/core/decorators/auth.decorator.js.map +1 -0
- package/dist/lib/core/decorators/permissions.decorator.d.ts +3 -0
- package/dist/lib/core/decorators/permissions.decorator.d.ts.map +1 -0
- package/dist/lib/core/decorators/permissions.decorator.js +14 -0
- package/dist/lib/core/decorators/permissions.decorator.js.map +1 -0
- package/dist/lib/core/decorators/public.decorator.d.ts +3 -0
- package/dist/lib/core/decorators/public.decorator.d.ts.map +1 -0
- package/dist/lib/core/decorators/public.decorator.js +8 -0
- package/dist/lib/core/decorators/public.decorator.js.map +1 -0
- package/dist/lib/core/decorators/role.decorator.d.ts.map +1 -0
- package/dist/lib/core/decorators/role.decorator.js +14 -0
- package/dist/lib/core/decorators/role.decorator.js.map +1 -0
- package/dist/lib/core/decorators/skip-mfa.decorator.d.ts.map +1 -0
- package/dist/lib/core/decorators/skip-mfa.decorator.js +8 -0
- package/dist/lib/core/decorators/skip-mfa.decorator.js.map +1 -0
- package/dist/lib/core/dto/message.response.dto.d.ts.map +1 -0
- package/dist/lib/core/dto/message.response.dto.js +22 -0
- package/dist/lib/core/dto/message.response.dto.js.map +1 -0
- package/dist/lib/core/entities.d.ts.map +1 -0
- package/dist/lib/core/entities.js +53 -0
- package/dist/lib/core/entities.js.map +1 -0
- package/dist/lib/core/index.d.ts.map +1 -0
- package/dist/lib/core/index.js +42 -0
- package/dist/lib/core/index.js.map +1 -0
- package/dist/lib/core/interfaces/auth-module-options.interface.d.ts +164 -0
- package/dist/lib/core/interfaces/auth-module-options.interface.d.ts.map +1 -0
- package/dist/lib/core/interfaces/auth-module-options.interface.js +3 -0
- package/dist/lib/core/interfaces/auth-module-options.interface.js.map +1 -0
- package/dist/lib/core/interfaces/mfa-options.interface.d.ts.map +1 -0
- package/dist/lib/core/interfaces/mfa-options.interface.js +10 -0
- package/dist/lib/core/interfaces/mfa-options.interface.js.map +1 -0
- package/dist/lib/core/interfaces/otp.interface.d.ts.map +1 -0
- package/dist/lib/core/interfaces/otp.interface.js +10 -0
- package/dist/lib/core/interfaces/otp.interface.js.map +1 -0
- package/dist/lib/core/interfaces/session-options.interface.d.ts +23 -0
- package/dist/lib/core/interfaces/session-options.interface.d.ts.map +1 -0
- package/dist/lib/core/interfaces/session-options.interface.js +10 -0
- package/dist/lib/core/interfaces/session-options.interface.js.map +1 -0
- package/dist/lib/core/interfaces/token-payload.interface.d.ts +44 -0
- package/dist/lib/core/interfaces/token-payload.interface.d.ts.map +1 -0
- package/dist/lib/core/interfaces/token-payload.interface.js +3 -0
- package/dist/lib/core/interfaces/token-payload.interface.js.map +1 -0
- package/dist/lib/core/providers/apple-auth.provider.d.ts.map +1 -0
- package/dist/lib/core/providers/apple-auth.provider.js +73 -0
- package/dist/lib/core/providers/apple-auth.provider.js.map +1 -0
- package/dist/lib/core/providers/base-auth.provider.d.ts +28 -0
- package/dist/lib/core/providers/base-auth.provider.d.ts.map +1 -0
- package/dist/lib/core/providers/base-auth.provider.js +48 -0
- package/dist/lib/core/providers/base-auth.provider.js.map +1 -0
- package/dist/lib/core/providers/email-auth.provider.d.ts +22 -0
- package/dist/lib/core/providers/email-auth.provider.d.ts.map +1 -0
- package/dist/lib/core/providers/email-auth.provider.js +66 -0
- package/dist/lib/core/providers/email-auth.provider.js.map +1 -0
- package/dist/lib/core/providers/facebook-auth.provider.d.ts.map +1 -0
- package/dist/lib/core/providers/facebook-auth.provider.js +70 -0
- package/dist/lib/core/providers/facebook-auth.provider.js.map +1 -0
- package/dist/lib/core/providers/github-auth.provider.d.ts.map +1 -0
- package/dist/lib/core/providers/github-auth.provider.js +83 -0
- package/dist/lib/core/providers/github-auth.provider.js.map +1 -0
- package/dist/lib/core/providers/google-auth.provider.d.ts +24 -0
- package/dist/lib/core/providers/google-auth.provider.d.ts.map +1 -0
- package/dist/lib/core/providers/google-auth.provider.js +105 -0
- package/dist/lib/core/providers/google-auth.provider.js.map +1 -0
- package/dist/lib/core/providers/jwt-auth.provider.d.ts.map +1 -0
- package/dist/lib/core/providers/jwt-auth.provider.js +61 -0
- package/dist/lib/core/providers/jwt-auth.provider.js.map +1 -0
- package/dist/lib/core/providers/phone-auth.provider.d.ts.map +1 -0
- package/dist/lib/core/providers/phone-auth.provider.js +52 -0
- package/dist/lib/core/providers/phone-auth.provider.js.map +1 -0
- package/dist/lib/core/services/auth-config.service.d.ts +17 -0
- package/dist/lib/core/services/auth-config.service.d.ts.map +1 -0
- package/dist/lib/core/services/auth-config.service.js +152 -0
- package/dist/lib/core/services/auth-config.service.js.map +1 -0
- package/dist/lib/core/services/auth-provider-registry.service.d.ts +27 -0
- package/dist/lib/core/services/auth-provider-registry.service.d.ts.map +1 -0
- package/dist/lib/core/services/auth-provider-registry.service.js +93 -0
- package/dist/lib/core/services/auth-provider-registry.service.js.map +1 -0
- package/dist/lib/core/services/debug-logger.service.d.ts.map +1 -0
- package/dist/lib/core/services/debug-logger.service.js +165 -0
- package/dist/lib/core/services/debug-logger.service.js.map +1 -0
- package/dist/lib/core/services/initialization.service.d.ts.map +1 -0
- package/dist/lib/core/services/initialization.service.js +44 -0
- package/dist/lib/core/services/initialization.service.js.map +1 -0
- package/dist/lib/core/services/jwt.service.d.ts.map +1 -0
- package/dist/lib/core/services/jwt.service.js +132 -0
- package/dist/lib/core/services/jwt.service.js.map +1 -0
- package/dist/lib/nest-auth.module.d.ts.map +1 -0
- package/dist/lib/nest-auth.module.js +151 -0
- package/dist/lib/nest-auth.module.js.map +1 -0
- package/dist/lib/permission/entities/permission.entity.d.ts +12 -0
- package/dist/lib/permission/entities/permission.entity.d.ts.map +1 -0
- package/dist/lib/permission/entities/permission.entity.js +64 -0
- package/dist/lib/permission/entities/permission.entity.js.map +1 -0
- package/dist/lib/permission/index.d.ts.map +1 -0
- package/dist/lib/permission/index.js +20 -0
- package/dist/lib/permission/index.js.map +1 -0
- package/dist/lib/permission/permission.module.d.ts.map +1 -0
- package/dist/lib/permission/permission.module.js +26 -0
- package/dist/lib/permission/permission.module.js.map +1 -0
- package/dist/lib/permission/services/permission.service.d.ts +41 -0
- package/dist/lib/permission/services/permission.service.d.ts.map +1 -0
- package/dist/lib/permission/services/permission.service.js +180 -0
- package/dist/lib/permission/services/permission.service.js.map +1 -0
- package/dist/lib/request-context/index.d.ts.map +1 -0
- package/dist/lib/request-context/index.js +19 -0
- package/dist/lib/request-context/index.js.map +1 -0
- package/dist/lib/request-context/request-context.d.ts.map +1 -0
- package/dist/lib/request-context/request-context.js +111 -0
- package/dist/lib/request-context/request-context.js.map +1 -0
- package/dist/lib/request-context/request-context.middleware.d.ts.map +1 -0
- package/dist/lib/request-context/request-context.middleware.js +21 -0
- package/dist/lib/request-context/request-context.middleware.js.map +1 -0
- package/dist/lib/role/entities/role.entity.d.ts.map +1 -0
- package/dist/lib/role/entities/role.entity.js +129 -0
- package/dist/lib/role/entities/role.entity.js.map +1 -0
- package/dist/lib/role/index.d.ts.map +1 -0
- package/dist/lib/role/index.js +18 -0
- package/dist/lib/role/index.js.map +1 -0
- package/dist/lib/role/role.module.d.ts.map +1 -0
- package/dist/lib/role/role.module.js +28 -0
- package/dist/lib/role/role.module.js.map +1 -0
- package/dist/lib/role/services/role.service.d.ts +23 -0
- package/dist/lib/role/services/role.service.d.ts.map +1 -0
- package/dist/lib/role/services/role.service.js +226 -0
- package/dist/lib/role/services/role.service.js.map +1 -0
- package/dist/lib/session/entities/session.entity.d.ts.map +1 -0
- package/dist/lib/session/entities/session.entity.js +83 -0
- package/dist/lib/session/entities/session.entity.js.map +1 -0
- package/dist/lib/session/index.d.ts.map +1 -0
- package/dist/lib/session/index.js +26 -0
- package/dist/lib/session/index.js.map +1 -0
- package/dist/lib/session/interfaces/session-repository.interface.d.ts +15 -0
- package/dist/lib/session/interfaces/session-repository.interface.d.ts.map +1 -0
- package/dist/lib/session/interfaces/session-repository.interface.js +3 -0
- package/dist/lib/session/interfaces/session-repository.interface.js.map +1 -0
- package/dist/lib/session/repositories/base-session.repository.d.ts +21 -0
- package/dist/lib/session/repositories/base-session.repository.d.ts.map +1 -0
- package/dist/lib/session/repositories/base-session.repository.js +43 -0
- package/dist/lib/session/repositories/base-session.repository.js.map +1 -0
- package/dist/lib/session/repositories/memory-session.repository.d.ts +19 -0
- package/dist/lib/session/repositories/memory-session.repository.d.ts.map +1 -0
- package/dist/lib/session/repositories/memory-session.repository.js +125 -0
- package/dist/lib/session/repositories/memory-session.repository.js.map +1 -0
- package/dist/lib/session/repositories/redis-session.repository.d.ts +22 -0
- package/dist/lib/session/repositories/redis-session.repository.d.ts.map +1 -0
- package/dist/lib/session/repositories/redis-session.repository.js +139 -0
- package/dist/lib/session/repositories/redis-session.repository.js.map +1 -0
- package/dist/lib/session/repositories/typeorm-session.repository.d.ts +19 -0
- package/dist/lib/session/repositories/typeorm-session.repository.d.ts.map +1 -0
- package/dist/lib/session/repositories/typeorm-session.repository.js +88 -0
- package/dist/lib/session/repositories/typeorm-session.repository.js.map +1 -0
- package/dist/lib/session/services/session-manager.service.d.ts +39 -0
- package/dist/lib/session/services/session-manager.service.d.ts.map +1 -0
- package/dist/lib/session/services/session-manager.service.js +193 -0
- package/dist/lib/session/services/session-manager.service.js.map +1 -0
- package/dist/lib/session/session.module.d.ts +4 -0
- package/dist/lib/session/session.module.d.ts.map +1 -0
- package/dist/lib/session/session.module.js +83 -0
- package/dist/lib/session/session.module.js.map +1 -0
- package/dist/lib/session/utils/session.util.d.ts +40 -0
- package/dist/lib/session/utils/session.util.d.ts.map +1 -0
- package/dist/lib/session/utils/session.util.js +96 -0
- package/dist/lib/session/utils/session.util.js.map +1 -0
- package/dist/lib/tenant/entities/tenant.entity.d.ts +12 -0
- package/dist/lib/tenant/entities/tenant.entity.d.ts.map +1 -0
- package/dist/lib/tenant/entities/tenant.entity.js +65 -0
- package/dist/lib/tenant/entities/tenant.entity.js.map +1 -0
- package/dist/lib/tenant/events/tenant-created.event.d.ts.map +1 -0
- package/dist/lib/tenant/events/tenant-created.event.js +11 -0
- package/dist/lib/tenant/events/tenant-created.event.js.map +1 -0
- package/dist/lib/tenant/events/tenant-deleted.event.d.ts.map +1 -0
- package/dist/lib/tenant/events/tenant-deleted.event.js +11 -0
- package/dist/lib/tenant/events/tenant-deleted.event.js.map +1 -0
- package/dist/lib/tenant/events/tenant-updated.event.d.ts.map +1 -0
- package/dist/lib/tenant/events/tenant-updated.event.js +11 -0
- package/dist/lib/tenant/events/tenant-updated.event.js.map +1 -0
- package/dist/lib/tenant/index.d.ts.map +1 -0
- package/dist/lib/tenant/index.js +27 -0
- package/dist/lib/tenant/index.js.map +1 -0
- package/dist/lib/tenant/services/tenant.service.d.ts +28 -0
- package/dist/lib/tenant/services/tenant.service.d.ts.map +1 -0
- package/dist/lib/tenant/services/tenant.service.js +258 -0
- package/dist/lib/tenant/services/tenant.service.js.map +1 -0
- package/dist/lib/tenant/tenant.module.d.ts.map +1 -0
- package/dist/lib/tenant/tenant.module.js +32 -0
- package/dist/lib/tenant/tenant.module.js.map +1 -0
- package/dist/lib/user/dto/requests/update-user.dto.d.ts.map +1 -0
- package/dist/lib/user/dto/requests/update-user.dto.js +35 -0
- package/dist/lib/user/dto/requests/update-user.dto.js.map +1 -0
- package/dist/lib/user/entities/access-key.entity.d.ts.map +1 -0
- package/dist/lib/user/entities/access-key.entity.js +83 -0
- package/dist/lib/user/entities/access-key.entity.js.map +1 -0
- package/dist/lib/user/entities/identity.entity.d.ts.map +1 -0
- package/dist/lib/user/entities/identity.entity.js +63 -0
- package/dist/lib/user/entities/identity.entity.js.map +1 -0
- package/dist/lib/user/entities/user.entity.d.ts +42 -0
- package/dist/lib/user/entities/user.entity.d.ts.map +1 -0
- package/dist/lib/user/entities/user.entity.js +306 -0
- package/dist/lib/user/entities/user.entity.js.map +1 -0
- package/dist/lib/user/events/user-created.event.d.ts.map +1 -0
- package/dist/lib/user/events/user-created.event.js +11 -0
- package/dist/lib/user/events/user-created.event.js.map +1 -0
- package/dist/lib/user/events/user-deleted.event.d.ts.map +1 -0
- package/dist/lib/user/events/user-deleted.event.js +11 -0
- package/dist/lib/user/events/user-deleted.event.js.map +1 -0
- package/dist/lib/user/events/user-updated.event.d.ts.map +1 -0
- package/dist/lib/user/events/user-updated.event.js +11 -0
- package/dist/lib/user/events/user-updated.event.js.map +1 -0
- package/dist/lib/user/index.d.ts.map +1 -0
- package/dist/lib/user/index.js +23 -0
- package/dist/lib/user/index.js.map +1 -0
- package/dist/lib/user/services/access-key.service.d.ts.map +1 -0
- package/dist/lib/user/services/access-key.service.js +133 -0
- package/dist/lib/user/services/access-key.service.js.map +1 -0
- package/dist/lib/user/services/user.service.d.ts.map +1 -0
- package/dist/lib/user/services/user.service.js +371 -0
- package/dist/lib/user/services/user.service.js.map +1 -0
- package/dist/lib/user/user.module.d.ts.map +1 -0
- package/dist/lib/user/user.module.js +39 -0
- package/dist/lib/user/user.module.js.map +1 -0
- package/dist/lib/utils/cookie.helper.d.ts +25 -0
- package/dist/lib/utils/cookie.helper.d.ts.map +1 -0
- package/dist/lib/utils/cookie.helper.js +63 -0
- package/dist/lib/utils/cookie.helper.js.map +1 -0
- package/dist/lib/utils/database.utils.d.ts.map +1 -0
- package/dist/lib/utils/database.utils.js +8 -0
- package/dist/lib/utils/database.utils.js.map +1 -0
- package/dist/lib/utils/date.util.d.ts +17 -0
- package/dist/lib/utils/date.util.d.ts.map +1 -0
- package/dist/lib/utils/date.util.js +78 -0
- package/dist/lib/utils/date.util.js.map +1 -0
- package/dist/lib/utils/device.util.d.ts +20 -0
- package/dist/lib/utils/device.util.d.ts.map +1 -0
- package/dist/lib/utils/device.util.js +85 -0
- package/dist/lib/utils/device.util.js.map +1 -0
- package/dist/lib/utils/index.d.ts.map +1 -0
- package/dist/lib/utils/index.js +23 -0
- package/dist/lib/utils/index.js.map +1 -0
- package/dist/lib/utils/otp.d.ts.map +1 -0
- package/dist/lib/utils/otp.js +7 -0
- package/dist/lib/utils/otp.js.map +1 -0
- package/dist/lib/utils/security.util.d.ts +2 -0
- package/dist/lib/utils/security.util.d.ts.map +1 -0
- package/dist/lib/utils/security.util.js +18 -0
- package/dist/lib/utils/security.util.js.map +1 -0
- package/dist/lib/utils/slug.util.d.ts +3 -0
- package/dist/lib/utils/slug.util.d.ts.map +1 -0
- package/dist/lib/utils/slug.util.js +24 -0
- package/dist/lib/utils/slug.util.js.map +1 -0
- package/package.json +86 -18
- package/src/index.d.ts.map +0 -1
- package/src/index.js +0 -24
- package/src/lib/admin-console/admin-console.module.d.ts.map +0 -1
- package/src/lib/admin-console/admin-console.module.js +0 -69
- package/src/lib/admin-console/controllers/admin-auth.controller.d.ts.map +0 -1
- package/src/lib/admin-console/controllers/admin-auth.controller.js +0 -374
- package/src/lib/admin-console/controllers/admin-console.controller.d.ts.map +0 -1
- package/src/lib/admin-console/controllers/admin-console.controller.js +0 -87
- package/src/lib/admin-console/controllers/admin-permissions.controller.d.ts +0 -86
- package/src/lib/admin-console/controllers/admin-permissions.controller.d.ts.map +0 -1
- package/src/lib/admin-console/controllers/admin-permissions.controller.js +0 -195
- package/src/lib/admin-console/controllers/admin-roles.controller.d.ts.map +0 -1
- package/src/lib/admin-console/controllers/admin-roles.controller.js +0 -93
- package/src/lib/admin-console/controllers/admin-tenants.controller.d.ts.map +0 -1
- package/src/lib/admin-console/controllers/admin-tenants.controller.js +0 -86
- package/src/lib/admin-console/controllers/admin-users.controller.d.ts.map +0 -1
- package/src/lib/admin-console/controllers/admin-users.controller.js +0 -400
- package/src/lib/admin-console/decorators/current-admin.decorator.d.ts.map +0 -1
- package/src/lib/admin-console/decorators/current-admin.decorator.js +0 -8
- package/src/lib/admin-console/dto/admin-permission.dto.d.ts.map +0 -1
- package/src/lib/admin-console/dto/admin-permission.dto.js +0 -123
- package/src/lib/admin-console/dto/admin-role.dto.d.ts.map +0 -1
- package/src/lib/admin-console/dto/admin-role.dto.js +0 -53
- package/src/lib/admin-console/dto/admin-tenant.dto.d.ts.map +0 -1
- package/src/lib/admin-console/dto/admin-tenant.dto.js +0 -57
- package/src/lib/admin-console/dto/admin-user.dto.d.ts.map +0 -1
- package/src/lib/admin-console/dto/admin-user.dto.js +0 -94
- package/src/lib/admin-console/dto/create-dashboard-admin.dto.d.ts.map +0 -1
- package/src/lib/admin-console/dto/create-dashboard-admin.dto.js +0 -39
- package/src/lib/admin-console/dto/login.dto.d.ts.map +0 -1
- package/src/lib/admin-console/dto/login.dto.js +0 -17
- package/src/lib/admin-console/dto/reset-password.dto.d.ts.map +0 -1
- package/src/lib/admin-console/dto/reset-password.dto.js +0 -26
- package/src/lib/admin-console/dto/setup-admin.dto.d.ts.map +0 -1
- package/src/lib/admin-console/dto/setup-admin.dto.js +0 -29
- package/src/lib/admin-console/dto/signup.dto.d.ts.map +0 -1
- package/src/lib/admin-console/dto/signup.dto.js +0 -58
- package/src/lib/admin-console/entities/admin-user.entity.d.ts +0 -16
- package/src/lib/admin-console/entities/admin-user.entity.d.ts.map +0 -1
- package/src/lib/admin-console/entities/admin-user.entity.js +0 -86
- package/src/lib/admin-console/guards/admin-session.guard.d.ts.map +0 -1
- package/src/lib/admin-console/guards/admin-session.guard.js +0 -40
- package/src/lib/admin-console/services/admin-auth.service.d.ts.map +0 -1
- package/src/lib/admin-console/services/admin-auth.service.js +0 -77
- package/src/lib/admin-console/services/admin-console-config.service.d.ts.map +0 -1
- package/src/lib/admin-console/services/admin-console-config.service.js +0 -58
- package/src/lib/admin-console/services/admin-session.service.d.ts +0 -27
- package/src/lib/admin-console/services/admin-session.service.d.ts.map +0 -1
- package/src/lib/admin-console/services/admin-session.service.js +0 -94
- package/src/lib/admin-console/services/admin-user.service.d.ts.map +0 -1
- package/src/lib/admin-console/services/admin-user.service.js +0 -87
- package/src/lib/admin-console/static/index.html +0 -5596
- package/src/lib/audit/services/audit.service.d.ts.map +0 -1
- package/src/lib/audit/services/audit.service.js +0 -143
- package/src/lib/auth/auth.module.d.ts.map +0 -1
- package/src/lib/auth/auth.module.js +0 -68
- package/src/lib/auth/controllers/auth.controller.d.ts +0 -74
- package/src/lib/auth/controllers/auth.controller.d.ts.map +0 -1
- package/src/lib/auth/controllers/auth.controller.js +0 -494
- package/src/lib/auth/controllers/mfa.controller.d.ts.map +0 -1
- package/src/lib/auth/controllers/mfa.controller.js +0 -230
- package/src/lib/auth/dto/credentials/email-credentials.dto.d.ts +0 -8
- package/src/lib/auth/dto/credentials/email-credentials.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/credentials/email-credentials.dto.js +0 -31
- package/src/lib/auth/dto/credentials/phone-credentials.dto.d.ts +0 -8
- package/src/lib/auth/dto/credentials/phone-credentials.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/credentials/phone-credentials.dto.js +0 -31
- package/src/lib/auth/dto/credentials/social-credentials.dto.d.ts +0 -7
- package/src/lib/auth/dto/credentials/social-credentials.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/credentials/social-credentials.dto.js +0 -21
- package/src/lib/auth/dto/index.d.ts.map +0 -1
- package/src/lib/auth/dto/index.js +0 -0
- package/src/lib/auth/dto/requests/change-password.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/change-password.request.dto.js +0 -42
- package/src/lib/auth/dto/requests/forgot-password.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/forgot-password.request.dto.js +0 -38
- package/src/lib/auth/dto/requests/initialize-admin.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/initialize-admin.request.dto.js +0 -58
- package/src/lib/auth/dto/requests/login.request.dto.d.ts +0 -13
- package/src/lib/auth/dto/requests/login.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/login.request.dto.js +0 -75
- package/src/lib/auth/dto/requests/refresh-token.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/refresh-token.request.dto.js +0 -18
- package/src/lib/auth/dto/requests/reset-password-with-token.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/reset-password-with-token.request.dto.js +0 -29
- package/src/lib/auth/dto/requests/reset-password.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/reset-password.request.dto.js +0 -60
- package/src/lib/auth/dto/requests/send-email-verification.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/send-email-verification.request.dto.js +0 -18
- package/src/lib/auth/dto/requests/send-mfa-code.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/send-mfa-code.request.dto.js +0 -25
- package/src/lib/auth/dto/requests/signup.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/signup.request.dto.js +0 -49
- package/src/lib/auth/dto/requests/toggle-mfa.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/toggle-mfa.request.dto.js +0 -18
- package/src/lib/auth/dto/requests/verify-2fa.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/verify-2fa.request.dto.js +0 -39
- package/src/lib/auth/dto/requests/verify-email.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/verify-email.request.dto.js +0 -29
- package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.js +0 -49
- package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.js +0 -29
- package/src/lib/auth/dto/responses/auth-cookie.response.dto.d.ts +0 -41
- package/src/lib/auth/dto/responses/auth-cookie.response.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/responses/auth-cookie.response.dto.js +0 -65
- package/src/lib/auth/dto/responses/auth-success.response.dto.d.ts +0 -41
- package/src/lib/auth/dto/responses/auth-success.response.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/responses/auth-success.response.dto.js +0 -65
- package/src/lib/auth/dto/responses/auth.response.dto.d.ts +0 -40
- package/src/lib/auth/dto/responses/auth.response.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/responses/auth.response.dto.js +0 -112
- package/src/lib/auth/dto/responses/client-config.response.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/responses/client-config.response.dto.js +0 -202
- package/src/lib/auth/dto/responses/initialize-admin.response.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/responses/initialize-admin.response.dto.js +0 -30
- package/src/lib/auth/dto/responses/mfa-code-response.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/responses/mfa-code-response.dto.js +0 -36
- package/src/lib/auth/dto/responses/mfa-status.response.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/responses/mfa-status.response.dto.js +0 -108
- package/src/lib/auth/dto/responses/verify-otp.response.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/responses/verify-otp.response.dto.js +0 -16
- package/src/lib/auth/entities/mfa-secret.entity.d.ts.map +0 -1
- package/src/lib/auth/entities/mfa-secret.entity.js +0 -49
- package/src/lib/auth/entities/otp.entity.d.ts.map +0 -1
- package/src/lib/auth/entities/otp.entity.js +0 -49
- package/src/lib/auth/entities/trusted-device.entity.d.ts.map +0 -1
- package/src/lib/auth/entities/trusted-device.entity.js +0 -51
- package/src/lib/auth/events/index.d.ts.map +0 -1
- package/src/lib/auth/events/index.js +0 -15
- package/src/lib/auth/events/logged-out-all.event.d.ts.map +0 -1
- package/src/lib/auth/events/logged-out-all.event.js +0 -9
- package/src/lib/auth/events/logged-out.event.d.ts.map +0 -1
- package/src/lib/auth/events/logged-out.event.js +0 -9
- package/src/lib/auth/events/password-reset-requested.event.d.ts.map +0 -1
- package/src/lib/auth/events/password-reset-requested.event.js +0 -9
- package/src/lib/auth/events/password-reset.event.d.ts.map +0 -1
- package/src/lib/auth/events/password-reset.event.js +0 -9
- package/src/lib/auth/events/two-factor-code-sent.event.d.ts.map +0 -1
- package/src/lib/auth/events/two-factor-code-sent.event.js +0 -9
- package/src/lib/auth/events/user-2fa-disabled.event.d.ts.map +0 -1
- package/src/lib/auth/events/user-2fa-disabled.event.js +0 -12
- package/src/lib/auth/events/user-2fa-enabled.event.d.ts.map +0 -1
- package/src/lib/auth/events/user-2fa-enabled.event.js +0 -15
- package/src/lib/auth/events/user-2fa-verified.event.d.ts.map +0 -1
- package/src/lib/auth/events/user-2fa-verified.event.js +0 -9
- package/src/lib/auth/events/user-logged-in.event.d.ts.map +0 -1
- package/src/lib/auth/events/user-logged-in.event.js +0 -10
- package/src/lib/auth/events/user-password-changed.event.d.ts.map +0 -1
- package/src/lib/auth/events/user-password-changed.event.js +0 -15
- package/src/lib/auth/events/user-refresh-token.event.d.ts.map +0 -1
- package/src/lib/auth/events/user-refresh-token.event.js +0 -9
- package/src/lib/auth/events/user-registered.event.d.ts.map +0 -1
- package/src/lib/auth/events/user-registered.event.js +0 -10
- package/src/lib/auth/guards/auth.guard.d.ts +0 -74
- package/src/lib/auth/guards/auth.guard.d.ts.map +0 -1
- package/src/lib/auth/guards/auth.guard.js +0 -454
- package/src/lib/auth/index.d.ts.map +0 -1
- package/src/lib/auth/index.js +0 -53
- package/src/lib/auth/interceptors/refresh-token.interceptor.d.ts +0 -43
- package/src/lib/auth/interceptors/refresh-token.interceptor.d.ts.map +0 -1
- package/src/lib/auth/interceptors/refresh-token.interceptor.js +0 -115
- package/src/lib/auth/services/auth-session-event-listener.service.d.ts +0 -16
- package/src/lib/auth/services/auth-session-event-listener.service.d.ts.map +0 -1
- package/src/lib/auth/services/auth-session-event-listener.service.js +0 -52
- package/src/lib/auth/services/auth.service.d.ts +0 -75
- package/src/lib/auth/services/auth.service.d.ts.map +0 -1
- package/src/lib/auth/services/auth.service.js +0 -999
- package/src/lib/auth/services/client-config.service.d.ts.map +0 -1
- package/src/lib/auth/services/client-config.service.js +0 -152
- package/src/lib/auth/services/cookie.service.d.ts.map +0 -1
- package/src/lib/auth/services/cookie.service.js +0 -42
- package/src/lib/auth/services/mfa.service.d.ts.map +0 -1
- package/src/lib/auth/services/mfa.service.js +0 -410
- package/src/lib/auth.constants.d.ts +0 -218
- package/src/lib/auth.constants.d.ts.map +0 -1
- package/src/lib/auth.constants.js +0 -188
- package/src/lib/core/core.module.d.ts +0 -7
- package/src/lib/core/core.module.d.ts.map +0 -1
- package/src/lib/core/core.module.js +0 -57
- package/src/lib/core/decorators/auth.decorator.d.ts +0 -33
- package/src/lib/core/decorators/auth.decorator.d.ts.map +0 -1
- package/src/lib/core/decorators/auth.decorator.js +0 -38
- package/src/lib/core/decorators/permissions.decorator.d.ts +0 -8
- package/src/lib/core/decorators/permissions.decorator.d.ts.map +0 -1
- package/src/lib/core/decorators/permissions.decorator.js +0 -18
- package/src/lib/core/decorators/public.decorator.d.ts +0 -31
- package/src/lib/core/decorators/public.decorator.d.ts.map +0 -1
- package/src/lib/core/decorators/public.decorator.js +0 -35
- package/src/lib/core/decorators/role.decorator.d.ts.map +0 -1
- package/src/lib/core/decorators/role.decorator.js +0 -13
- package/src/lib/core/decorators/skip-mfa.decorator.d.ts.map +0 -1
- package/src/lib/core/decorators/skip-mfa.decorator.js +0 -7
- package/src/lib/core/dto/message.response.dto.d.ts.map +0 -1
- package/src/lib/core/dto/message.response.dto.js +0 -12
- package/src/lib/core/entities.d.ts.map +0 -1
- package/src/lib/core/entities.js +0 -39
- package/src/lib/core/index.d.ts.map +0 -1
- package/src/lib/core/index.js +0 -35
- package/src/lib/core/interfaces/auth-module-options.interface.d.ts +0 -378
- package/src/lib/core/interfaces/auth-module-options.interface.d.ts.map +0 -1
- package/src/lib/core/interfaces/auth-module-options.interface.js +0 -2
- package/src/lib/core/interfaces/mfa-options.interface.d.ts.map +0 -1
- package/src/lib/core/interfaces/mfa-options.interface.js +0 -9
- package/src/lib/core/interfaces/otp.interface.d.ts.map +0 -1
- package/src/lib/core/interfaces/otp.interface.js +0 -9
- package/src/lib/core/interfaces/session-options.interface.d.ts +0 -68
- package/src/lib/core/interfaces/session-options.interface.d.ts.map +0 -1
- package/src/lib/core/interfaces/session-options.interface.js +0 -9
- package/src/lib/core/interfaces/token-payload.interface.d.ts +0 -49
- package/src/lib/core/interfaces/token-payload.interface.d.ts.map +0 -1
- package/src/lib/core/interfaces/token-payload.interface.js +0 -2
- package/src/lib/core/providers/apple-auth.provider.d.ts.map +0 -1
- package/src/lib/core/providers/apple-auth.provider.js +0 -57
- package/src/lib/core/providers/base-auth.provider.d.ts +0 -34
- package/src/lib/core/providers/base-auth.provider.d.ts.map +0 -1
- package/src/lib/core/providers/base-auth.provider.js +0 -49
- package/src/lib/core/providers/email-auth.provider.d.ts +0 -31
- package/src/lib/core/providers/email-auth.provider.d.ts.map +0 -1
- package/src/lib/core/providers/email-auth.provider.js +0 -66
- package/src/lib/core/providers/facebook-auth.provider.d.ts.map +0 -1
- package/src/lib/core/providers/facebook-auth.provider.js +0 -56
- package/src/lib/core/providers/github-auth.provider.d.ts.map +0 -1
- package/src/lib/core/providers/github-auth.provider.js +0 -74
- package/src/lib/core/providers/google-auth.provider.d.ts +0 -31
- package/src/lib/core/providers/google-auth.provider.d.ts.map +0 -1
- package/src/lib/core/providers/google-auth.provider.js +0 -109
- package/src/lib/core/providers/jwt-auth.provider.d.ts.map +0 -1
- package/src/lib/core/providers/jwt-auth.provider.js +0 -49
- package/src/lib/core/providers/phone-auth.provider.d.ts.map +0 -1
- package/src/lib/core/providers/phone-auth.provider.js +0 -42
- package/src/lib/core/services/auth-config.service.d.ts +0 -39
- package/src/lib/core/services/auth-config.service.d.ts.map +0 -1
- package/src/lib/core/services/auth-config.service.js +0 -170
- package/src/lib/core/services/auth-provider-registry.service.d.ts +0 -42
- package/src/lib/core/services/auth-provider-registry.service.d.ts.map +0 -1
- package/src/lib/core/services/auth-provider-registry.service.js +0 -91
- package/src/lib/core/services/debug-logger.service.d.ts.map +0 -1
- package/src/lib/core/services/debug-logger.service.js +0 -158
- package/src/lib/core/services/initialization.service.d.ts.map +0 -1
- package/src/lib/core/services/initialization.service.js +0 -35
- package/src/lib/core/services/jwt.service.d.ts.map +0 -1
- package/src/lib/core/services/jwt.service.js +0 -119
- package/src/lib/nest-auth.module.d.ts.map +0 -1
- package/src/lib/nest-auth.module.js +0 -149
- package/src/lib/permission/entities/permission.entity.d.ts +0 -27
- package/src/lib/permission/entities/permission.entity.d.ts.map +0 -1
- package/src/lib/permission/entities/permission.entity.js +0 -62
- package/src/lib/permission/index.d.ts.map +0 -1
- package/src/lib/permission/index.js +0 -6
- package/src/lib/permission/permission.module.d.ts.map +0 -1
- package/src/lib/permission/permission.module.js +0 -20
- package/src/lib/permission/services/permission.service.d.ts +0 -44
- package/src/lib/permission/services/permission.service.d.ts.map +0 -1
- package/src/lib/permission/services/permission.service.js +0 -173
- package/src/lib/request-context/index.d.ts.map +0 -1
- package/src/lib/request-context/index.js +0 -5
- package/src/lib/request-context/request-context.d.ts.map +0 -1
- package/src/lib/request-context/request-context.js +0 -114
- package/src/lib/request-context/request-context.middleware.d.ts.map +0 -1
- package/src/lib/request-context/request-context.middleware.js +0 -15
- package/src/lib/role/entities/role.entity.d.ts.map +0 -1
- package/src/lib/role/entities/role.entity.js +0 -110
- package/src/lib/role/index.d.ts.map +0 -1
- package/src/lib/role/index.js +0 -5
- package/src/lib/role/role.module.d.ts.map +0 -1
- package/src/lib/role/role.module.js +0 -22
- package/src/lib/role/services/role.service.d.ts +0 -29
- package/src/lib/role/services/role.service.d.ts.map +0 -1
- package/src/lib/role/services/role.service.js +0 -231
- package/src/lib/session/entities/session.entity.d.ts.map +0 -1
- package/src/lib/session/entities/session.entity.js +0 -62
- package/src/lib/session/index.d.ts.map +0 -1
- package/src/lib/session/index.js +0 -18
- package/src/lib/session/interfaces/session-repository.interface.d.ts +0 -49
- package/src/lib/session/interfaces/session-repository.interface.d.ts.map +0 -1
- package/src/lib/session/interfaces/session-repository.interface.js +0 -2
- package/src/lib/session/repositories/base-session.repository.d.ts +0 -40
- package/src/lib/session/repositories/base-session.repository.d.ts.map +0 -1
- package/src/lib/session/repositories/base-session.repository.js +0 -59
- package/src/lib/session/repositories/memory-session.repository.d.ts +0 -27
- package/src/lib/session/repositories/memory-session.repository.d.ts.map +0 -1
- package/src/lib/session/repositories/memory-session.repository.js +0 -133
- package/src/lib/session/repositories/redis-session.repository.d.ts +0 -30
- package/src/lib/session/repositories/redis-session.repository.d.ts.map +0 -1
- package/src/lib/session/repositories/redis-session.repository.js +0 -141
- package/src/lib/session/repositories/typeorm-session.repository.d.ts +0 -23
- package/src/lib/session/repositories/typeorm-session.repository.d.ts.map +0 -1
- package/src/lib/session/repositories/typeorm-session.repository.js +0 -79
- package/src/lib/session/services/session-manager.service.d.ts +0 -100
- package/src/lib/session/services/session-manager.service.d.ts.map +0 -1
- package/src/lib/session/services/session-manager.service.js +0 -254
- package/src/lib/session/session.module.d.ts +0 -14
- package/src/lib/session/session.module.d.ts.map +0 -1
- package/src/lib/session/session.module.js +0 -96
- package/src/lib/session/utils/session.util.d.ts +0 -73
- package/src/lib/session/utils/session.util.d.ts.map +0 -1
- package/src/lib/session/utils/session.util.js +0 -127
- package/src/lib/tenant/entities/tenant.entity.d.ts +0 -21
- package/src/lib/tenant/entities/tenant.entity.d.ts.map +0 -1
- package/src/lib/tenant/entities/tenant.entity.js +0 -47
- package/src/lib/tenant/events/tenant-created.event.d.ts.map +0 -1
- package/src/lib/tenant/events/tenant-created.event.js +0 -9
- package/src/lib/tenant/events/tenant-deleted.event.d.ts.map +0 -1
- package/src/lib/tenant/events/tenant-deleted.event.js +0 -9
- package/src/lib/tenant/events/tenant-updated.event.d.ts.map +0 -1
- package/src/lib/tenant/events/tenant-updated.event.js +0 -9
- package/src/lib/tenant/index.d.ts.map +0 -1
- package/src/lib/tenant/index.js +0 -14
- package/src/lib/tenant/services/tenant.service.d.ts +0 -35
- package/src/lib/tenant/services/tenant.service.d.ts.map +0 -1
- package/src/lib/tenant/services/tenant.service.js +0 -265
- package/src/lib/tenant/tenant.module.d.ts.map +0 -1
- package/src/lib/tenant/tenant.module.js +0 -26
- package/src/lib/user/dto/requests/update-user.dto.d.ts.map +0 -1
- package/src/lib/user/dto/requests/update-user.dto.js +0 -23
- package/src/lib/user/entities/access-key.entity.d.ts.map +0 -1
- package/src/lib/user/entities/access-key.entity.js +0 -62
- package/src/lib/user/entities/identity.entity.d.ts.map +0 -1
- package/src/lib/user/entities/identity.entity.js +0 -46
- package/src/lib/user/entities/user.entity.d.ts +0 -40
- package/src/lib/user/entities/user.entity.d.ts.map +0 -1
- package/src/lib/user/entities/user.entity.js +0 -237
- package/src/lib/user/events/user-created.event.d.ts.map +0 -1
- package/src/lib/user/events/user-created.event.js +0 -9
- package/src/lib/user/events/user-deleted.event.d.ts.map +0 -1
- package/src/lib/user/events/user-deleted.event.js +0 -9
- package/src/lib/user/events/user-updated.event.d.ts.map +0 -1
- package/src/lib/user/events/user-updated.event.js +0 -9
- package/src/lib/user/index.d.ts.map +0 -1
- package/src/lib/user/index.js +0 -12
- package/src/lib/user/services/access-key.service.d.ts.map +0 -1
- package/src/lib/user/services/access-key.service.js +0 -121
- package/src/lib/user/services/user.service.d.ts.map +0 -1
- package/src/lib/user/services/user.service.js +0 -369
- package/src/lib/user/user.module.d.ts.map +0 -1
- package/src/lib/user/user.module.js +0 -33
- package/src/lib/utils/cookie.helper.d.ts +0 -78
- package/src/lib/utils/cookie.helper.d.ts.map +0 -1
- package/src/lib/utils/cookie.helper.js +0 -115
- package/src/lib/utils/database.utils.d.ts.map +0 -1
- package/src/lib/utils/database.utils.js +0 -7
- package/src/lib/utils/date.util.d.ts +0 -41
- package/src/lib/utils/date.util.d.ts.map +0 -1
- package/src/lib/utils/date.util.js +0 -99
- package/src/lib/utils/device.util.d.ts +0 -50
- package/src/lib/utils/device.util.d.ts.map +0 -1
- package/src/lib/utils/device.util.js +0 -114
- package/src/lib/utils/index.d.ts.map +0 -1
- package/src/lib/utils/index.js +0 -9
- package/src/lib/utils/otp.d.ts.map +0 -1
- package/src/lib/utils/otp.js +0 -6
- package/src/lib/utils/security.util.d.ts +0 -11
- package/src/lib/utils/security.util.d.ts.map +0 -1
- package/src/lib/utils/security.util.js +0 -28
- package/src/lib/utils/slug.util.d.ts +0 -38
- package/src/lib/utils/slug.util.d.ts.map +0 -1
- package/src/lib/utils/slug.util.js +0 -59
- /package/{src → dist}/index.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/admin-console.module.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/controllers/admin-auth.controller.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/controllers/admin-console.controller.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/controllers/admin-roles.controller.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/controllers/admin-tenants.controller.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/controllers/admin-users.controller.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/decorators/current-admin.decorator.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/dto/admin-permission.dto.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/dto/admin-role.dto.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/dto/admin-tenant.dto.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/dto/admin-user.dto.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/dto/create-dashboard-admin.dto.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/dto/login.dto.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/dto/reset-password.dto.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/dto/setup-admin.dto.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/dto/signup.dto.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/guards/admin-session.guard.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/services/admin-auth.service.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/services/admin-console-config.service.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/services/admin-user.service.d.ts +0 -0
- /package/{src → dist}/lib/audit/services/audit.service.d.ts +0 -0
- /package/{src → dist}/lib/auth/auth.module.d.ts +0 -0
- /package/{src → dist}/lib/auth/controllers/mfa.controller.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/index.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/change-password.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/forgot-password.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/initialize-admin.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/refresh-token.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/reset-password-with-token.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/reset-password.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/send-email-verification.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/send-mfa-code.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/signup.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/toggle-mfa.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/verify-2fa.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/verify-email.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/verify-totp-setup.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/responses/client-config.response.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/responses/initialize-admin.response.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/responses/mfa-code-response.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/responses/mfa-status.response.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/responses/verify-otp.response.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/entities/mfa-secret.entity.d.ts +0 -0
- /package/{src → dist}/lib/auth/entities/otp.entity.d.ts +0 -0
- /package/{src → dist}/lib/auth/entities/trusted-device.entity.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/index.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/logged-out-all.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/logged-out.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/password-reset-requested.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/password-reset.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/two-factor-code-sent.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/user-2fa-disabled.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/user-2fa-enabled.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/user-2fa-verified.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/user-logged-in.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/user-password-changed.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/user-refresh-token.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/user-registered.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/index.d.ts +0 -0
- /package/{src → dist}/lib/auth/services/client-config.service.d.ts +0 -0
- /package/{src → dist}/lib/auth/services/cookie.service.d.ts +0 -0
- /package/{src → dist}/lib/auth/services/mfa.service.d.ts +0 -0
- /package/{src → dist}/lib/core/decorators/role.decorator.d.ts +0 -0
- /package/{src → dist}/lib/core/decorators/skip-mfa.decorator.d.ts +0 -0
- /package/{src → dist}/lib/core/dto/message.response.dto.d.ts +0 -0
- /package/{src → dist}/lib/core/entities.d.ts +0 -0
- /package/{src → dist}/lib/core/index.d.ts +0 -0
- /package/{src → dist}/lib/core/interfaces/mfa-options.interface.d.ts +0 -0
- /package/{src → dist}/lib/core/interfaces/otp.interface.d.ts +0 -0
- /package/{src → dist}/lib/core/providers/apple-auth.provider.d.ts +0 -0
- /package/{src → dist}/lib/core/providers/facebook-auth.provider.d.ts +0 -0
- /package/{src → dist}/lib/core/providers/github-auth.provider.d.ts +0 -0
- /package/{src → dist}/lib/core/providers/jwt-auth.provider.d.ts +0 -0
- /package/{src → dist}/lib/core/providers/phone-auth.provider.d.ts +0 -0
- /package/{src → dist}/lib/core/services/debug-logger.service.d.ts +0 -0
- /package/{src → dist}/lib/core/services/initialization.service.d.ts +0 -0
- /package/{src → dist}/lib/core/services/jwt.service.d.ts +0 -0
- /package/{src → dist}/lib/nest-auth.module.d.ts +0 -0
- /package/{src → dist}/lib/permission/index.d.ts +0 -0
- /package/{src → dist}/lib/permission/permission.module.d.ts +0 -0
- /package/{src → dist}/lib/request-context/index.d.ts +0 -0
- /package/{src → dist}/lib/request-context/request-context.d.ts +0 -0
- /package/{src → dist}/lib/request-context/request-context.middleware.d.ts +0 -0
- /package/{src → dist}/lib/role/entities/role.entity.d.ts +0 -0
- /package/{src → dist}/lib/role/index.d.ts +0 -0
- /package/{src → dist}/lib/role/role.module.d.ts +0 -0
- /package/{src → dist}/lib/session/entities/session.entity.d.ts +0 -0
- /package/{src → dist}/lib/session/index.d.ts +0 -0
- /package/{src → dist}/lib/tenant/events/tenant-created.event.d.ts +0 -0
- /package/{src → dist}/lib/tenant/events/tenant-deleted.event.d.ts +0 -0
- /package/{src → dist}/lib/tenant/events/tenant-updated.event.d.ts +0 -0
- /package/{src → dist}/lib/tenant/index.d.ts +0 -0
- /package/{src → dist}/lib/tenant/tenant.module.d.ts +0 -0
- /package/{src → dist}/lib/user/dto/requests/update-user.dto.d.ts +0 -0
- /package/{src → dist}/lib/user/entities/access-key.entity.d.ts +0 -0
- /package/{src → dist}/lib/user/entities/identity.entity.d.ts +0 -0
- /package/{src → dist}/lib/user/events/user-created.event.d.ts +0 -0
- /package/{src → dist}/lib/user/events/user-deleted.event.d.ts +0 -0
- /package/{src → dist}/lib/user/events/user-updated.event.d.ts +0 -0
- /package/{src → dist}/lib/user/index.d.ts +0 -0
- /package/{src → dist}/lib/user/services/access-key.service.d.ts +0 -0
- /package/{src → dist}/lib/user/services/user.service.d.ts +0 -0
- /package/{src → dist}/lib/user/user.module.d.ts +0 -0
- /package/{src → dist}/lib/utils/database.utils.d.ts +0 -0
- /package/{src → dist}/lib/utils/index.d.ts +0 -0
- /package/{src → dist}/lib/utils/otp.d.ts +0 -0
|
@@ -0,0 +1,977 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
12
|
+
return function (target, key) { decorator(target, key, paramIndex); }
|
|
13
|
+
};
|
|
14
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
15
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
16
|
+
};
|
|
17
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
18
|
+
exports.AuthService = void 0;
|
|
19
|
+
const common_1 = require("@nestjs/common");
|
|
20
|
+
const typeorm_1 = require("@nestjs/typeorm");
|
|
21
|
+
const typeorm_2 = require("typeorm");
|
|
22
|
+
const user_entity_1 = require("../../user/entities/user.entity");
|
|
23
|
+
const otp_entity_1 = require("../../auth/entities/otp.entity");
|
|
24
|
+
const otp_interface_1 = require("../../core/interfaces/otp.interface");
|
|
25
|
+
const auth_constants_1 = require("../../auth.constants");
|
|
26
|
+
const typeorm_3 = require("typeorm");
|
|
27
|
+
const mfa_service_1 = require("./mfa.service");
|
|
28
|
+
const jwt_service_1 = require("../../core/services/jwt.service");
|
|
29
|
+
const event_emitter_1 = require("@nestjs/event-emitter");
|
|
30
|
+
const session_manager_service_1 = require("../../session/services/session-manager.service");
|
|
31
|
+
const request_context_1 = require("../../request-context/request-context");
|
|
32
|
+
const otp_1 = require("../../utils/otp");
|
|
33
|
+
const user_registered_event_1 = require("../events/user-registered.event");
|
|
34
|
+
const user_logged_in_event_1 = require("../events/user-logged-in.event");
|
|
35
|
+
const user_2fa_verified_event_1 = require("../events/user-2fa-verified.event");
|
|
36
|
+
const user_refresh_token_event_1 = require("../events/user-refresh-token.event");
|
|
37
|
+
const logged_out_event_1 = require("../events/logged-out.event");
|
|
38
|
+
const logged_out_all_event_1 = require("../events/logged-out-all.event");
|
|
39
|
+
const password_reset_requested_event_1 = require("../events/password-reset-requested.event");
|
|
40
|
+
const password_reset_event_1 = require("../events/password-reset.event");
|
|
41
|
+
const auth_provider_registry_service_1 = require("../../core/services/auth-provider-registry.service");
|
|
42
|
+
const tenant_service_1 = require("../../tenant/services/tenant.service");
|
|
43
|
+
const debug_logger_service_1 = require("../../core/services/debug-logger.service");
|
|
44
|
+
const moment_1 = __importDefault(require("moment"));
|
|
45
|
+
const auth_config_service_1 = require("../../core/services/auth-config.service");
|
|
46
|
+
const cookie_helper_1 = require("../../utils/cookie.helper");
|
|
47
|
+
const user_password_changed_event_1 = require("../events/user-password-changed.event");
|
|
48
|
+
const user_service_1 = require("../../user/services/user.service");
|
|
49
|
+
const ms_1 = __importDefault(require("ms"));
|
|
50
|
+
let AuthService = class AuthService {
|
|
51
|
+
userRepository;
|
|
52
|
+
otpRepository;
|
|
53
|
+
authProviderRegistry;
|
|
54
|
+
mfaService;
|
|
55
|
+
sessionManager;
|
|
56
|
+
jwtService;
|
|
57
|
+
eventEmitter;
|
|
58
|
+
tenantService;
|
|
59
|
+
debugLogger;
|
|
60
|
+
authConfigService;
|
|
61
|
+
userService;
|
|
62
|
+
constructor(userRepository, otpRepository, authProviderRegistry, mfaService, sessionManager, jwtService, eventEmitter, tenantService, debugLogger, authConfigService, userService) {
|
|
63
|
+
this.userRepository = userRepository;
|
|
64
|
+
this.otpRepository = otpRepository;
|
|
65
|
+
this.authProviderRegistry = authProviderRegistry;
|
|
66
|
+
this.mfaService = mfaService;
|
|
67
|
+
this.sessionManager = sessionManager;
|
|
68
|
+
this.jwtService = jwtService;
|
|
69
|
+
this.eventEmitter = eventEmitter;
|
|
70
|
+
this.tenantService = tenantService;
|
|
71
|
+
this.debugLogger = debugLogger;
|
|
72
|
+
this.authConfigService = authConfigService;
|
|
73
|
+
this.userService = userService;
|
|
74
|
+
}
|
|
75
|
+
get mfaConfig() {
|
|
76
|
+
return auth_config_service_1.AuthConfigService.getOptions().mfa || {};
|
|
77
|
+
}
|
|
78
|
+
getUserWithRolesAndPermissions(userId, relations = []) {
|
|
79
|
+
return this.userRepository.findOne({
|
|
80
|
+
where: { id: userId },
|
|
81
|
+
relations: [
|
|
82
|
+
'roles',
|
|
83
|
+
...relations
|
|
84
|
+
],
|
|
85
|
+
});
|
|
86
|
+
}
|
|
87
|
+
async getUser() {
|
|
88
|
+
const user = request_context_1.RequestContext.currentUser();
|
|
89
|
+
if (!user) {
|
|
90
|
+
return null;
|
|
91
|
+
}
|
|
92
|
+
const fullUser = await this.getUserWithRolesAndPermissions(user.id);
|
|
93
|
+
const config = this.authConfigService.getConfig();
|
|
94
|
+
if (config.user?.serialize) {
|
|
95
|
+
return await config.user.serialize(fullUser);
|
|
96
|
+
}
|
|
97
|
+
return fullUser;
|
|
98
|
+
}
|
|
99
|
+
async signup(input) {
|
|
100
|
+
this.debugLogger.logFunctionEntry('signup', 'AuthService', { email: input.email, phone: input.phone, hasPassword: !!input.password });
|
|
101
|
+
try {
|
|
102
|
+
const config = this.authConfigService.getConfig();
|
|
103
|
+
if (config.registration?.enabled === false) {
|
|
104
|
+
throw new common_1.ForbiddenException({
|
|
105
|
+
message: 'Registration is disabled',
|
|
106
|
+
code: auth_constants_1.ERROR_CODES.REGISTRATION_DISABLED,
|
|
107
|
+
});
|
|
108
|
+
}
|
|
109
|
+
const { email, phone, password } = input;
|
|
110
|
+
let { tenantId = null } = input;
|
|
111
|
+
tenantId = await this.tenantService.resolveTenantId(tenantId);
|
|
112
|
+
this.debugLogger.logAuthOperation('signup', 'email|phone', undefined, { email, phone, resolvedTenantId: tenantId });
|
|
113
|
+
if (!email && !phone) {
|
|
114
|
+
this.debugLogger.error('Signup failed: Neither email nor phone provided', 'AuthService');
|
|
115
|
+
throw new common_1.BadRequestException({
|
|
116
|
+
message: 'Either email or phone must be provided',
|
|
117
|
+
code: auth_constants_1.ERROR_CODES.EMAIL_OR_PHONE_REQUIRED,
|
|
118
|
+
});
|
|
119
|
+
}
|
|
120
|
+
const providersToLink = [];
|
|
121
|
+
if (email && config.emailAuth?.enabled !== false) {
|
|
122
|
+
const provider = this.authProviderRegistry.getProvider(auth_constants_1.EMAIL_AUTH_PROVIDER);
|
|
123
|
+
if (provider) {
|
|
124
|
+
providersToLink.push({ provider, userId: email, type: 'email' });
|
|
125
|
+
}
|
|
126
|
+
}
|
|
127
|
+
if (phone && config.phoneAuth?.enabled === true) {
|
|
128
|
+
const provider = this.authProviderRegistry.getProvider(auth_constants_1.PHONE_AUTH_PROVIDER);
|
|
129
|
+
if (provider) {
|
|
130
|
+
providersToLink.push({ provider, userId: phone, type: 'phone' });
|
|
131
|
+
}
|
|
132
|
+
}
|
|
133
|
+
if (providersToLink.length === 0) {
|
|
134
|
+
this.debugLogger.error('Provider not found for signup', 'AuthService', { email: !!email, phone: !!phone });
|
|
135
|
+
throw new common_1.InternalServerErrorException({
|
|
136
|
+
message: 'Phone or email authentication is not enabled',
|
|
137
|
+
code: auth_constants_1.ERROR_CODES.PROVIDER_NOT_FOUND,
|
|
138
|
+
});
|
|
139
|
+
}
|
|
140
|
+
for (const item of providersToLink) {
|
|
141
|
+
this.debugLogger.debug('Checking for existing identity', 'AuthService', { providerUserId: item.userId, type: item.type });
|
|
142
|
+
const identity = await item.provider.findIdentity(item.userId);
|
|
143
|
+
if (identity) {
|
|
144
|
+
this.debugLogger.warn('Identity already exists', 'AuthService', { email: !!email, phone: !!phone, tenantId });
|
|
145
|
+
if (item.type === 'email') {
|
|
146
|
+
throw new common_1.BadRequestException({
|
|
147
|
+
message: 'Email already exists in this tenant',
|
|
148
|
+
code: auth_constants_1.ERROR_CODES.EMAIL_ALREADY_EXISTS,
|
|
149
|
+
});
|
|
150
|
+
}
|
|
151
|
+
if (item.type === 'phone') {
|
|
152
|
+
throw new common_1.BadRequestException({
|
|
153
|
+
message: 'Phone number already exists in this tenant',
|
|
154
|
+
code: auth_constants_1.ERROR_CODES.PHONE_ALREADY_EXISTS,
|
|
155
|
+
});
|
|
156
|
+
}
|
|
157
|
+
}
|
|
158
|
+
}
|
|
159
|
+
this.debugLogger.debug('Creating new user via UserService', 'AuthService', { email: !!email, phone: !!phone, tenantId });
|
|
160
|
+
let user = await this.userService.createUser({
|
|
161
|
+
email,
|
|
162
|
+
phone,
|
|
163
|
+
tenantId,
|
|
164
|
+
isVerified: false,
|
|
165
|
+
password
|
|
166
|
+
}, input);
|
|
167
|
+
this.debugLogger.info('User created successfully', 'AuthService', { userId: user.id, tenantId });
|
|
168
|
+
user = await this.getUserWithRolesAndPermissions(user.id);
|
|
169
|
+
for (const item of providersToLink) {
|
|
170
|
+
this.debugLogger.debug('Linking user to provider', 'AuthService', { userId: user.id, providerName: item.provider.providerName });
|
|
171
|
+
await item.provider.linkToUser(user.id, item.userId);
|
|
172
|
+
}
|
|
173
|
+
this.debugLogger.debug('Creating session for new user', 'AuthService', { userId: user.id });
|
|
174
|
+
const session = await this.sessionManager.createSessionFromUser(user);
|
|
175
|
+
const tokens = await this.generateTokensFromSession(session);
|
|
176
|
+
const isRequiresMfa = await this.mfaService.isRequiresMfa(user.id);
|
|
177
|
+
this.debugLogger.debug('Signup tokens generated', 'AuthService', { userId: user.id, isRequiresMfa });
|
|
178
|
+
this.debugLogger.debug('Emitting user registration event', 'AuthService', { userId: user.id });
|
|
179
|
+
const provider = providersToLink[0]?.provider;
|
|
180
|
+
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.REGISTERED, new user_registered_event_1.UserRegisteredEvent({
|
|
181
|
+
user,
|
|
182
|
+
tenantId: user.tenantId,
|
|
183
|
+
input,
|
|
184
|
+
provider,
|
|
185
|
+
session,
|
|
186
|
+
tokens,
|
|
187
|
+
isRequiresMfa
|
|
188
|
+
}));
|
|
189
|
+
this.debugLogger.logFunctionExit('signup', 'AuthService', { userId: user.id, isRequiresMfa });
|
|
190
|
+
let response = {
|
|
191
|
+
accessToken: tokens.accessToken,
|
|
192
|
+
refreshToken: tokens.refreshToken,
|
|
193
|
+
isRequiresMfa: isRequiresMfa,
|
|
194
|
+
};
|
|
195
|
+
if (config.auth?.transformResponse) {
|
|
196
|
+
response = await config.auth.transformResponse(response, user, session);
|
|
197
|
+
}
|
|
198
|
+
return response;
|
|
199
|
+
}
|
|
200
|
+
catch (error) {
|
|
201
|
+
this.debugLogger.logError(error, 'signup', { email: input.email, phone: input.phone });
|
|
202
|
+
this.handleError(error, 'signup');
|
|
203
|
+
throw error;
|
|
204
|
+
}
|
|
205
|
+
}
|
|
206
|
+
async login(input) {
|
|
207
|
+
const { credentials, providerName, createUserIfNotExists = false } = input;
|
|
208
|
+
this.debugLogger.logFunctionEntry('login', 'AuthService', { providerName, createUserIfNotExists });
|
|
209
|
+
let { tenantId = null } = input;
|
|
210
|
+
try {
|
|
211
|
+
tenantId = await this.tenantService.resolveTenantId(tenantId);
|
|
212
|
+
this.debugLogger.logAuthOperation('login', providerName, undefined, { resolvedTenantId: tenantId, createUserIfNotExists });
|
|
213
|
+
const provider = this.authProviderRegistry.getProvider(providerName);
|
|
214
|
+
if (!provider) {
|
|
215
|
+
throw new common_1.UnauthorizedException({
|
|
216
|
+
message: 'Invalid authentication providerName or provider is not enabled',
|
|
217
|
+
code: auth_constants_1.ERROR_CODES.INVALID_PROVIDER,
|
|
218
|
+
});
|
|
219
|
+
}
|
|
220
|
+
const requiredFields = provider.getRequiredFields();
|
|
221
|
+
if (!requiredFields.every(field => credentials[field])) {
|
|
222
|
+
throw new common_1.BadRequestException({
|
|
223
|
+
message: `Missing ${requiredFields.join(', ')} required fields`,
|
|
224
|
+
code: auth_constants_1.ERROR_CODES.MISSING_REQUIRED_FIELDS,
|
|
225
|
+
});
|
|
226
|
+
}
|
|
227
|
+
const authProviderUser = await provider.validate(credentials);
|
|
228
|
+
const identity = await provider.findIdentity(authProviderUser.userId);
|
|
229
|
+
let user = identity?.user || null;
|
|
230
|
+
if (!user) {
|
|
231
|
+
if (!createUserIfNotExists) {
|
|
232
|
+
throw new common_1.UnauthorizedException({
|
|
233
|
+
message: 'Invalid credentials',
|
|
234
|
+
code: auth_constants_1.ERROR_CODES.INVALID_CREDENTIALS,
|
|
235
|
+
});
|
|
236
|
+
}
|
|
237
|
+
user = await this.handleSocialLogin(provider, authProviderUser, tenantId);
|
|
238
|
+
}
|
|
239
|
+
if (user.isActive === false) {
|
|
240
|
+
throw new common_1.UnauthorizedException({
|
|
241
|
+
message: 'Your account is suspended, please contact support',
|
|
242
|
+
code: auth_constants_1.ERROR_CODES.ACCOUNT_INACTIVE,
|
|
243
|
+
});
|
|
244
|
+
}
|
|
245
|
+
user = await this.getUserWithRolesAndPermissions(user.id);
|
|
246
|
+
let isRequiresMfa = false;
|
|
247
|
+
if (!provider.skipMfa) {
|
|
248
|
+
isRequiresMfa = await this.mfaService.isRequiresMfa(user.id);
|
|
249
|
+
}
|
|
250
|
+
user.isMfaEnabled = isRequiresMfa;
|
|
251
|
+
let session = await this.sessionManager.createSessionFromUser(user);
|
|
252
|
+
if (isRequiresMfa) {
|
|
253
|
+
const trustCookieName = auth_config_service_1.AuthConfigService.getOptions().mfa?.trustDeviceStorageName || auth_constants_1.NEST_AUTH_TRUST_DEVICE_KEY;
|
|
254
|
+
const req = request_context_1.RequestContext.currentRequest();
|
|
255
|
+
let trustToken = cookie_helper_1.CookieHelper.get(req, trustCookieName);
|
|
256
|
+
if (!trustToken) {
|
|
257
|
+
trustToken = req.headers[trustCookieName];
|
|
258
|
+
}
|
|
259
|
+
let isTrusted = false;
|
|
260
|
+
if (trustToken) {
|
|
261
|
+
isTrusted = await this.mfaService.validateTrustedDevice(user.id, trustToken);
|
|
262
|
+
if (isTrusted) {
|
|
263
|
+
isRequiresMfa = false;
|
|
264
|
+
session = await this.sessionManager.updateSession(session.id, {
|
|
265
|
+
data: { ...session.data, isMfaVerified: true }
|
|
266
|
+
});
|
|
267
|
+
}
|
|
268
|
+
}
|
|
269
|
+
session = await this.sessionManager.updateSession(session.id, {
|
|
270
|
+
data: { ...session.data, isMfaEnabled: true, isMfaVerified: isTrusted }
|
|
271
|
+
});
|
|
272
|
+
}
|
|
273
|
+
const tokens = await this.generateTokensFromSession(session);
|
|
274
|
+
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.LOGGED_IN, new user_logged_in_event_1.UserLoggedInEvent({
|
|
275
|
+
user,
|
|
276
|
+
tenantId: user.tenantId,
|
|
277
|
+
input,
|
|
278
|
+
provider,
|
|
279
|
+
session,
|
|
280
|
+
tokens,
|
|
281
|
+
isRequiresMfa
|
|
282
|
+
}));
|
|
283
|
+
let response = {
|
|
284
|
+
accessToken: tokens.accessToken,
|
|
285
|
+
refreshToken: tokens.refreshToken,
|
|
286
|
+
isRequiresMfa: isRequiresMfa,
|
|
287
|
+
};
|
|
288
|
+
const config = this.authConfigService.getConfig();
|
|
289
|
+
if (config.auth?.transformResponse) {
|
|
290
|
+
response = await config.auth.transformResponse(response, user, session);
|
|
291
|
+
}
|
|
292
|
+
return response;
|
|
293
|
+
}
|
|
294
|
+
catch (error) {
|
|
295
|
+
this.debugLogger.logError(error, 'login', { providerName, createUserIfNotExists });
|
|
296
|
+
this.handleError(error, 'login');
|
|
297
|
+
throw error;
|
|
298
|
+
}
|
|
299
|
+
}
|
|
300
|
+
async verify2fa(input) {
|
|
301
|
+
this.debugLogger.logFunctionEntry('verify2fa', 'AuthService', { method: input.method });
|
|
302
|
+
try {
|
|
303
|
+
const session = request_context_1.RequestContext.currentSession();
|
|
304
|
+
if (!session) {
|
|
305
|
+
this.debugLogger.error('Session not found for 2FA verification', 'AuthService');
|
|
306
|
+
throw new common_1.UnauthorizedException({
|
|
307
|
+
message: 'Session not found',
|
|
308
|
+
code: auth_constants_1.ERROR_CODES.SESSION_NOT_FOUND,
|
|
309
|
+
});
|
|
310
|
+
}
|
|
311
|
+
this.debugLogger.debug('Verifying MFA code', 'AuthService', { userId: session.userId, method: input.method });
|
|
312
|
+
const isValid = await this.mfaService.verifyMfa(session.userId, input.otp, input.method);
|
|
313
|
+
if (!isValid) {
|
|
314
|
+
this.debugLogger.warn('Invalid MFA code provided', 'AuthService', { userId: session.userId, method: input.method });
|
|
315
|
+
throw new common_1.UnauthorizedException({
|
|
316
|
+
message: 'Invalid MFA code',
|
|
317
|
+
code: auth_constants_1.ERROR_CODES.MFA_CODE_INVALID,
|
|
318
|
+
});
|
|
319
|
+
}
|
|
320
|
+
this.debugLogger.debug('Updating session with MFA verification', 'AuthService', { sessionId: session.id });
|
|
321
|
+
const payload = await this.sessionManager.updateSession(session.id, {
|
|
322
|
+
data: {
|
|
323
|
+
...session.data,
|
|
324
|
+
isMfaVerified: true,
|
|
325
|
+
}
|
|
326
|
+
});
|
|
327
|
+
const tokens = await this.generateTokensFromSession(payload);
|
|
328
|
+
let trustToken;
|
|
329
|
+
if (input.rememberDevice) {
|
|
330
|
+
const req = request_context_1.RequestContext.currentRequest();
|
|
331
|
+
const userAgent = req.headers['user-agent'] || '';
|
|
332
|
+
const ip = req.ip || req.socket.remoteAddress || '';
|
|
333
|
+
trustToken = await this.mfaService.createTrustedDevice(session.userId, userAgent, ip);
|
|
334
|
+
}
|
|
335
|
+
const user = await this.getUser();
|
|
336
|
+
this.debugLogger.debug('Emitting 2FA verified event', 'AuthService', { userId: user.id });
|
|
337
|
+
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.TWO_FACTOR_VERIFIED, new user_2fa_verified_event_1.User2faVerifiedEvent({
|
|
338
|
+
user: user,
|
|
339
|
+
tenantId: user.tenantId,
|
|
340
|
+
input,
|
|
341
|
+
session,
|
|
342
|
+
tokens
|
|
343
|
+
}));
|
|
344
|
+
this.debugLogger.logFunctionExit('verify2fa', 'AuthService', { userId: user.id });
|
|
345
|
+
return {
|
|
346
|
+
accessToken: tokens.accessToken,
|
|
347
|
+
refreshToken: tokens.refreshToken,
|
|
348
|
+
trustToken,
|
|
349
|
+
};
|
|
350
|
+
}
|
|
351
|
+
catch (error) {
|
|
352
|
+
this.debugLogger.logError(error, 'verify2fa', { method: input.method });
|
|
353
|
+
this.handleError(error, 'mfa');
|
|
354
|
+
throw error;
|
|
355
|
+
}
|
|
356
|
+
}
|
|
357
|
+
async send2faCode(userId, method) {
|
|
358
|
+
const user = await this.userRepository.findOne({ where: { id: userId } });
|
|
359
|
+
if (!user) {
|
|
360
|
+
throw new common_1.UnauthorizedException({
|
|
361
|
+
message: 'User not found',
|
|
362
|
+
code: auth_constants_1.ERROR_CODES.USER_NOT_FOUND,
|
|
363
|
+
});
|
|
364
|
+
}
|
|
365
|
+
await this.mfaService.sendMfaCode(user.id, method);
|
|
366
|
+
return true;
|
|
367
|
+
}
|
|
368
|
+
async handleSocialLogin(provider, providerUser, tenantId) {
|
|
369
|
+
let identity = await provider.findIdentity(providerUser.userId);
|
|
370
|
+
if (identity) {
|
|
371
|
+
return identity.user;
|
|
372
|
+
}
|
|
373
|
+
const linkUserWith = provider.linkUserWith();
|
|
374
|
+
const linkUserValue = providerUser?.[linkUserWith] || providerUser.userId;
|
|
375
|
+
let user = await this.userRepository.findOne({ where: { [linkUserWith]: linkUserValue } });
|
|
376
|
+
if (!user) {
|
|
377
|
+
try {
|
|
378
|
+
user = await this.userService.createUser({
|
|
379
|
+
[linkUserWith]: linkUserValue,
|
|
380
|
+
isVerified: true,
|
|
381
|
+
metadata: providerUser.metadata || {},
|
|
382
|
+
tenantId: tenantId,
|
|
383
|
+
}, {
|
|
384
|
+
[linkUserWith]: linkUserValue,
|
|
385
|
+
...providerUser,
|
|
386
|
+
firstName: providerUser.metadata?.name?.split(' ')[0],
|
|
387
|
+
lastName: providerUser.metadata?.name?.split(' ').slice(1).join(' '),
|
|
388
|
+
provider: provider.providerName,
|
|
389
|
+
description: 'Social login auto-creation'
|
|
390
|
+
});
|
|
391
|
+
}
|
|
392
|
+
catch (error) {
|
|
393
|
+
if (error instanceof common_1.ConflictException || error.status === 409) {
|
|
394
|
+
user = await this.userRepository.findOne({ where: { [linkUserWith]: linkUserValue } });
|
|
395
|
+
if (!user) {
|
|
396
|
+
throw error;
|
|
397
|
+
}
|
|
398
|
+
}
|
|
399
|
+
else {
|
|
400
|
+
throw error;
|
|
401
|
+
}
|
|
402
|
+
}
|
|
403
|
+
}
|
|
404
|
+
await provider.linkToUser(user.id, providerUser.userId, providerUser.metadata || {});
|
|
405
|
+
return user;
|
|
406
|
+
}
|
|
407
|
+
async refreshToken(refreshToken) {
|
|
408
|
+
this.debugLogger.logFunctionEntry('refreshToken', 'AuthService', { hasRefreshToken: !!refreshToken });
|
|
409
|
+
try {
|
|
410
|
+
if (!refreshToken) {
|
|
411
|
+
this.debugLogger.error('No refresh token provided', 'AuthService');
|
|
412
|
+
throw new common_1.UnauthorizedException({
|
|
413
|
+
message: 'No refresh token provided',
|
|
414
|
+
code: auth_constants_1.ERROR_CODES.REFRESH_TOKEN_INVALID,
|
|
415
|
+
});
|
|
416
|
+
}
|
|
417
|
+
this.debugLogger.debug('Verifying refresh token', 'AuthService');
|
|
418
|
+
let payload;
|
|
419
|
+
try {
|
|
420
|
+
payload = await this.jwtService.verifyToken(refreshToken);
|
|
421
|
+
}
|
|
422
|
+
catch (error) {
|
|
423
|
+
this.debugLogger.warn('Invalid or expired refresh token', 'AuthService');
|
|
424
|
+
throw new common_1.UnauthorizedException({
|
|
425
|
+
message: 'Invalid or expired refresh token',
|
|
426
|
+
code: auth_constants_1.ERROR_CODES.REFRESH_TOKEN_EXPIRED,
|
|
427
|
+
});
|
|
428
|
+
}
|
|
429
|
+
const session = await this.sessionManager.getSession(payload.sessionId);
|
|
430
|
+
if (!session) {
|
|
431
|
+
throw new common_1.UnauthorizedException({
|
|
432
|
+
message: 'Invalid refresh token',
|
|
433
|
+
code: auth_constants_1.ERROR_CODES.REFRESH_TOKEN_INVALID,
|
|
434
|
+
});
|
|
435
|
+
}
|
|
436
|
+
const newSession = await this.sessionManager.refreshSession(session);
|
|
437
|
+
this.debugLogger.debug('Generating new tokens from refreshed session', 'AuthService', { sessionId: newSession.id });
|
|
438
|
+
const tokens = await this.generateTokensFromSession(newSession);
|
|
439
|
+
this.debugLogger.debug('Emitting refresh token event', 'AuthService', { sessionId: newSession.id });
|
|
440
|
+
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.REFRESH_TOKEN, new user_refresh_token_event_1.UserRefreshTokenEvent({
|
|
441
|
+
oldRefreshToken: refreshToken,
|
|
442
|
+
session: newSession,
|
|
443
|
+
tokens,
|
|
444
|
+
}));
|
|
445
|
+
this.debugLogger.logFunctionExit('refreshToken', 'AuthService', { sessionId: newSession.id });
|
|
446
|
+
return tokens;
|
|
447
|
+
}
|
|
448
|
+
catch (error) {
|
|
449
|
+
this.debugLogger.logError(error, 'refreshToken', { hasRefreshToken: !!refreshToken });
|
|
450
|
+
this.handleError(error, 'refresh');
|
|
451
|
+
throw error;
|
|
452
|
+
}
|
|
453
|
+
}
|
|
454
|
+
async changePassword(input) {
|
|
455
|
+
this.debugLogger.logFunctionEntry('changePassword', 'AuthService');
|
|
456
|
+
try {
|
|
457
|
+
const currentUser = request_context_1.RequestContext.currentUser();
|
|
458
|
+
if (!currentUser?.id) {
|
|
459
|
+
throw new common_1.UnauthorizedException({
|
|
460
|
+
message: 'User not found',
|
|
461
|
+
code: auth_constants_1.ERROR_CODES.USER_NOT_FOUND,
|
|
462
|
+
});
|
|
463
|
+
}
|
|
464
|
+
const user = await this.userRepository.findOne({
|
|
465
|
+
where: { id: currentUser.id },
|
|
466
|
+
});
|
|
467
|
+
if (!user) {
|
|
468
|
+
throw new common_1.UnauthorizedException({
|
|
469
|
+
message: 'User not found',
|
|
470
|
+
code: auth_constants_1.ERROR_CODES.USER_NOT_FOUND,
|
|
471
|
+
});
|
|
472
|
+
}
|
|
473
|
+
const isValid = await user.validatePassword(input.currentPassword);
|
|
474
|
+
if (!isValid) {
|
|
475
|
+
throw new common_1.BadRequestException({
|
|
476
|
+
message: 'Current password is incorrect',
|
|
477
|
+
code: auth_constants_1.ERROR_CODES.CURRENT_PASSWORD_INCORRECT,
|
|
478
|
+
});
|
|
479
|
+
}
|
|
480
|
+
if (input.currentPassword === input.newPassword) {
|
|
481
|
+
throw new common_1.BadRequestException({
|
|
482
|
+
message: 'New password must be different from the current password',
|
|
483
|
+
code: auth_constants_1.ERROR_CODES.NEW_PASSWORD_SAME_AS_CURRENT,
|
|
484
|
+
});
|
|
485
|
+
}
|
|
486
|
+
await user.setPassword(input.newPassword);
|
|
487
|
+
await this.userRepository.save(user);
|
|
488
|
+
await this.sessionManager.revokeAllUserSessions(user.id);
|
|
489
|
+
const hydratedUser = await this.getUserWithRolesAndPermissions(user.id);
|
|
490
|
+
const session = await this.sessionManager.createSessionFromUser(hydratedUser);
|
|
491
|
+
const tokens = await this.generateTokensFromSession(session);
|
|
492
|
+
const isRequiresMfa = await this.mfaService.isRequiresMfa(user.id);
|
|
493
|
+
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.PASSWORD_CHANGED, new user_password_changed_event_1.UserPasswordChangedEvent({
|
|
494
|
+
user,
|
|
495
|
+
initiatedBy: 'user'
|
|
496
|
+
}));
|
|
497
|
+
this.debugLogger.logFunctionExit('changePassword', 'AuthService', { userId: user.id });
|
|
498
|
+
return {
|
|
499
|
+
accessToken: tokens.accessToken,
|
|
500
|
+
refreshToken: tokens.refreshToken,
|
|
501
|
+
isRequiresMfa,
|
|
502
|
+
};
|
|
503
|
+
}
|
|
504
|
+
catch (error) {
|
|
505
|
+
this.debugLogger.logError(error, 'changePassword');
|
|
506
|
+
this.handleError(error, 'password_change');
|
|
507
|
+
throw error;
|
|
508
|
+
}
|
|
509
|
+
}
|
|
510
|
+
async forgotPassword(input) {
|
|
511
|
+
this.debugLogger.logFunctionEntry('forgotPassword', 'AuthService', { email: input.email, phone: input.phone });
|
|
512
|
+
try {
|
|
513
|
+
const { email, phone } = input;
|
|
514
|
+
let { tenantId = null } = input;
|
|
515
|
+
tenantId = await this.tenantService.resolveTenantId(tenantId);
|
|
516
|
+
let provider = null;
|
|
517
|
+
if (phone) {
|
|
518
|
+
provider = this.authProviderRegistry.getProvider(auth_constants_1.PHONE_AUTH_PROVIDER);
|
|
519
|
+
}
|
|
520
|
+
else if (email) {
|
|
521
|
+
provider = this.authProviderRegistry.getProvider(auth_constants_1.EMAIL_AUTH_PROVIDER);
|
|
522
|
+
}
|
|
523
|
+
else {
|
|
524
|
+
throw new common_1.BadRequestException({
|
|
525
|
+
message: 'Either email or phone must be provided',
|
|
526
|
+
code: auth_constants_1.ERROR_CODES.EMAIL_OR_PHONE_REQUIRED,
|
|
527
|
+
});
|
|
528
|
+
}
|
|
529
|
+
if (!provider) {
|
|
530
|
+
throw new common_1.BadRequestException({
|
|
531
|
+
message: 'Phone or email authentication is not enabled',
|
|
532
|
+
code: auth_constants_1.ERROR_CODES.PROVIDER_NOT_FOUND,
|
|
533
|
+
});
|
|
534
|
+
}
|
|
535
|
+
if (!provider.enabled) {
|
|
536
|
+
if (email) {
|
|
537
|
+
throw new common_1.BadRequestException({
|
|
538
|
+
message: 'Email authentication is not enabled',
|
|
539
|
+
code: auth_constants_1.ERROR_CODES.PROVIDER_NOT_FOUND,
|
|
540
|
+
});
|
|
541
|
+
}
|
|
542
|
+
else if (phone) {
|
|
543
|
+
throw new common_1.BadRequestException({
|
|
544
|
+
message: 'Phone authentication is not enabled',
|
|
545
|
+
code: auth_constants_1.ERROR_CODES.PROVIDER_NOT_FOUND,
|
|
546
|
+
});
|
|
547
|
+
}
|
|
548
|
+
}
|
|
549
|
+
const identity = await provider.findIdentity(email || phone);
|
|
550
|
+
if (!identity) {
|
|
551
|
+
return { message: 'If the account exists, a password reset code has been sent' };
|
|
552
|
+
}
|
|
553
|
+
const options = auth_config_service_1.AuthConfigService.getOptions();
|
|
554
|
+
let code;
|
|
555
|
+
if (options.otp?.generate) {
|
|
556
|
+
code = await options.otp.generate(this.mfaConfig.otpLength);
|
|
557
|
+
}
|
|
558
|
+
else {
|
|
559
|
+
code = (0, otp_1.generateOtp)(this.mfaConfig.otpLength);
|
|
560
|
+
}
|
|
561
|
+
let expiresAtMs;
|
|
562
|
+
if (typeof this.mfaConfig.otpExpiresIn === 'string') {
|
|
563
|
+
expiresAtMs = (0, ms_1.default)(this.mfaConfig.otpExpiresIn);
|
|
564
|
+
}
|
|
565
|
+
else {
|
|
566
|
+
expiresAtMs = this.mfaConfig.otpExpiresIn || 900000;
|
|
567
|
+
}
|
|
568
|
+
if (!expiresAtMs || isNaN(expiresAtMs) || expiresAtMs <= 0) {
|
|
569
|
+
throw new Error(`Invalid MFA configuration: otpExpiresIn '${this.mfaConfig.otpExpiresIn}' results in invalid duration`);
|
|
570
|
+
}
|
|
571
|
+
await this.otpRepository.delete({
|
|
572
|
+
userId: identity.user?.id,
|
|
573
|
+
type: otp_interface_1.OTPTypeEnum.PASSWORD_RESET
|
|
574
|
+
});
|
|
575
|
+
const otpEntity = await this.otpRepository.create({
|
|
576
|
+
userId: identity.user?.id,
|
|
577
|
+
type: otp_interface_1.OTPTypeEnum.PASSWORD_RESET,
|
|
578
|
+
expiresAt: new Date(Date.now() + expiresAtMs),
|
|
579
|
+
code,
|
|
580
|
+
});
|
|
581
|
+
await this.otpRepository.save(otpEntity);
|
|
582
|
+
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.PASSWORD_RESET_REQUESTED, new password_reset_requested_event_1.PasswordResetRequestedEvent({
|
|
583
|
+
user: identity.user,
|
|
584
|
+
tenantId: identity.user?.tenantId,
|
|
585
|
+
input,
|
|
586
|
+
otp: otpEntity,
|
|
587
|
+
provider,
|
|
588
|
+
}));
|
|
589
|
+
this.debugLogger.logFunctionExit('forgotPassword', 'AuthService', { email: !!email, phone: !!phone });
|
|
590
|
+
return true;
|
|
591
|
+
}
|
|
592
|
+
catch (error) {
|
|
593
|
+
this.debugLogger.logError(error, 'forgotPassword', { email: input.email, phone: input.phone });
|
|
594
|
+
this.handleError(error, 'password_reset');
|
|
595
|
+
throw error;
|
|
596
|
+
}
|
|
597
|
+
}
|
|
598
|
+
async verifyForgotPasswordOtp(input) {
|
|
599
|
+
this.debugLogger.logFunctionEntry('verifyForgotPasswordOtp', 'AuthService', { email: input.email, phone: input.phone });
|
|
600
|
+
try {
|
|
601
|
+
const { email, phone, otp } = input;
|
|
602
|
+
let { tenantId = null } = input;
|
|
603
|
+
tenantId = await this.tenantService.resolveTenantId(tenantId);
|
|
604
|
+
if (!email && !phone) {
|
|
605
|
+
throw new common_1.BadRequestException({
|
|
606
|
+
message: 'Either email or phone must be provided',
|
|
607
|
+
code: auth_constants_1.ERROR_CODES.EMAIL_OR_PHONE_REQUIRED,
|
|
608
|
+
});
|
|
609
|
+
}
|
|
610
|
+
let provider = null;
|
|
611
|
+
if (phone) {
|
|
612
|
+
provider = this.authProviderRegistry.getProvider(auth_constants_1.PHONE_AUTH_PROVIDER);
|
|
613
|
+
}
|
|
614
|
+
else if (email) {
|
|
615
|
+
provider = this.authProviderRegistry.getProvider(auth_constants_1.EMAIL_AUTH_PROVIDER);
|
|
616
|
+
}
|
|
617
|
+
if (!provider) {
|
|
618
|
+
throw new common_1.BadRequestException({
|
|
619
|
+
message: 'Phone or email authentication is not enabled',
|
|
620
|
+
code: auth_constants_1.ERROR_CODES.PROVIDER_NOT_FOUND,
|
|
621
|
+
});
|
|
622
|
+
}
|
|
623
|
+
const identity = await provider.findIdentity(email || phone);
|
|
624
|
+
if (!identity) {
|
|
625
|
+
throw new common_1.BadRequestException({
|
|
626
|
+
message: 'Invalid reset request',
|
|
627
|
+
code: auth_constants_1.ERROR_CODES.PASSWORD_RESET_INVALID_REQUEST,
|
|
628
|
+
});
|
|
629
|
+
}
|
|
630
|
+
const validOtp = await this.otpRepository.findOne({
|
|
631
|
+
where: {
|
|
632
|
+
userId: identity.user?.id,
|
|
633
|
+
code: otp,
|
|
634
|
+
type: otp_interface_1.OTPTypeEnum.PASSWORD_RESET,
|
|
635
|
+
used: false
|
|
636
|
+
},
|
|
637
|
+
relations: ['user']
|
|
638
|
+
});
|
|
639
|
+
if (!validOtp) {
|
|
640
|
+
throw new common_1.BadRequestException({
|
|
641
|
+
message: 'Invalid OTP code',
|
|
642
|
+
code: auth_constants_1.ERROR_CODES.OTP_INVALID,
|
|
643
|
+
});
|
|
644
|
+
}
|
|
645
|
+
if ((0, moment_1.default)(validOtp.expiresAt).isBefore(new Date())) {
|
|
646
|
+
throw new common_1.BadRequestException({
|
|
647
|
+
message: 'OTP code expired',
|
|
648
|
+
code: auth_constants_1.ERROR_CODES.OTP_EXPIRED,
|
|
649
|
+
});
|
|
650
|
+
}
|
|
651
|
+
const user = validOtp.user;
|
|
652
|
+
const passwordHashPrefix = user.passwordHash ? user.passwordHash.substring(0, 10) : '';
|
|
653
|
+
const resetToken = await this.jwtService.generatePasswordResetToken({
|
|
654
|
+
userId: user.id,
|
|
655
|
+
passwordHashPrefix,
|
|
656
|
+
type: 'password-reset'
|
|
657
|
+
});
|
|
658
|
+
await this.otpRepository.remove(validOtp);
|
|
659
|
+
this.debugLogger.logFunctionExit('verifyForgotPasswordOtp', 'AuthService', { email: input.email, phone: input.phone });
|
|
660
|
+
return {
|
|
661
|
+
message: 'OTP verified successfully',
|
|
662
|
+
resetToken
|
|
663
|
+
};
|
|
664
|
+
}
|
|
665
|
+
catch (error) {
|
|
666
|
+
this.debugLogger.logError(error, 'verifyForgotPasswordOtp', { email: input.email, phone: input.phone });
|
|
667
|
+
this.handleError(error, 'password_reset');
|
|
668
|
+
throw error;
|
|
669
|
+
}
|
|
670
|
+
}
|
|
671
|
+
async resetPassword(input) {
|
|
672
|
+
this.debugLogger.logFunctionEntry('resetPassword', 'AuthService', { email: input.email, phone: input.phone });
|
|
673
|
+
try {
|
|
674
|
+
const { email, phone, otp, newPassword } = input;
|
|
675
|
+
let { tenantId = null } = input;
|
|
676
|
+
tenantId = await this.tenantService.resolveTenantId(tenantId);
|
|
677
|
+
if (!email && !phone) {
|
|
678
|
+
throw new common_1.BadRequestException({
|
|
679
|
+
message: 'Either email or phone must be provided',
|
|
680
|
+
code: auth_constants_1.ERROR_CODES.EMAIL_OR_PHONE_REQUIRED,
|
|
681
|
+
});
|
|
682
|
+
}
|
|
683
|
+
const user = await this.userRepository.findOne({
|
|
684
|
+
where: [
|
|
685
|
+
...(email ? [{ email, tenantId }] : []),
|
|
686
|
+
...(phone ? [{ phone, tenantId }] : [])
|
|
687
|
+
]
|
|
688
|
+
});
|
|
689
|
+
if (!user) {
|
|
690
|
+
throw new common_1.BadRequestException({
|
|
691
|
+
message: 'Invalid reset request',
|
|
692
|
+
code: auth_constants_1.ERROR_CODES.PASSWORD_RESET_INVALID_REQUEST,
|
|
693
|
+
});
|
|
694
|
+
}
|
|
695
|
+
const validOtp = await this.otpRepository.findOne({
|
|
696
|
+
where: {
|
|
697
|
+
userId: user.id,
|
|
698
|
+
code: otp,
|
|
699
|
+
type: otp_interface_1.OTPTypeEnum.PASSWORD_RESET,
|
|
700
|
+
expiresAt: (0, typeorm_3.MoreThan)(new Date()),
|
|
701
|
+
used: false
|
|
702
|
+
}
|
|
703
|
+
});
|
|
704
|
+
if (!validOtp) {
|
|
705
|
+
throw new common_1.BadRequestException({
|
|
706
|
+
message: 'Invalid or expired OTP',
|
|
707
|
+
code: auth_constants_1.ERROR_CODES.OTP_INVALID,
|
|
708
|
+
});
|
|
709
|
+
}
|
|
710
|
+
await user.setPassword(newPassword);
|
|
711
|
+
await this.userRepository.save(user);
|
|
712
|
+
validOtp.used = true;
|
|
713
|
+
await this.otpRepository.save(validOtp);
|
|
714
|
+
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.PASSWORD_RESET, new password_reset_event_1.PasswordResetEvent({
|
|
715
|
+
user,
|
|
716
|
+
tenantId: user.tenantId,
|
|
717
|
+
input,
|
|
718
|
+
}));
|
|
719
|
+
this.debugLogger.logFunctionExit('resetPassword', 'AuthService', { email: !!email, phone: !!phone });
|
|
720
|
+
return true;
|
|
721
|
+
}
|
|
722
|
+
catch (error) {
|
|
723
|
+
this.debugLogger.logError(error, 'resetPassword', { email: input.email, phone: input.phone });
|
|
724
|
+
this.handleError(error, 'password_reset');
|
|
725
|
+
throw error;
|
|
726
|
+
}
|
|
727
|
+
}
|
|
728
|
+
async resetPasswordWithToken(input) {
|
|
729
|
+
this.debugLogger.logFunctionEntry('resetPasswordWithToken', 'AuthService', { token: '***' });
|
|
730
|
+
try {
|
|
731
|
+
const { token, newPassword } = input;
|
|
732
|
+
let decoded;
|
|
733
|
+
try {
|
|
734
|
+
decoded = await this.jwtService.verifyPasswordResetToken(token);
|
|
735
|
+
}
|
|
736
|
+
catch (error) {
|
|
737
|
+
throw new common_1.BadRequestException({
|
|
738
|
+
message: 'Invalid or expired reset token',
|
|
739
|
+
code: auth_constants_1.ERROR_CODES.PASSWORD_RESET_TOKEN_INVALID,
|
|
740
|
+
});
|
|
741
|
+
}
|
|
742
|
+
if (decoded.type !== 'password-reset') {
|
|
743
|
+
throw new common_1.BadRequestException({
|
|
744
|
+
message: 'Invalid token type',
|
|
745
|
+
code: auth_constants_1.ERROR_CODES.PASSWORD_RESET_TOKEN_INVALID,
|
|
746
|
+
});
|
|
747
|
+
}
|
|
748
|
+
const user = await this.userRepository.findOne({
|
|
749
|
+
where: { id: decoded.userId }
|
|
750
|
+
});
|
|
751
|
+
if (!user) {
|
|
752
|
+
throw new common_1.BadRequestException({
|
|
753
|
+
message: 'User not found',
|
|
754
|
+
code: auth_constants_1.ERROR_CODES.USER_NOT_FOUND,
|
|
755
|
+
});
|
|
756
|
+
}
|
|
757
|
+
const currentPasswordHashPrefix = user.passwordHash ? user.passwordHash.substring(0, 10) : '';
|
|
758
|
+
if (decoded.passwordHashPrefix !== currentPasswordHashPrefix) {
|
|
759
|
+
throw new common_1.BadRequestException({
|
|
760
|
+
message: 'Reset token is no longer valid',
|
|
761
|
+
code: auth_constants_1.ERROR_CODES.PASSWORD_RESET_TOKEN_INVALID,
|
|
762
|
+
});
|
|
763
|
+
}
|
|
764
|
+
await user.setPassword(newPassword);
|
|
765
|
+
await this.userRepository.save(user);
|
|
766
|
+
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.PASSWORD_RESET, new password_reset_event_1.PasswordResetEvent({
|
|
767
|
+
user,
|
|
768
|
+
tenantId: user.tenantId,
|
|
769
|
+
input: { token, newPassword },
|
|
770
|
+
}));
|
|
771
|
+
this.debugLogger.logFunctionExit('resetPasswordWithToken', 'AuthService');
|
|
772
|
+
return true;
|
|
773
|
+
}
|
|
774
|
+
catch (error) {
|
|
775
|
+
this.debugLogger.logError(error, 'resetPasswordWithToken');
|
|
776
|
+
this.handleError(error, 'password_reset');
|
|
777
|
+
throw error;
|
|
778
|
+
}
|
|
779
|
+
}
|
|
780
|
+
async logout(logoutType = 'user', reason) {
|
|
781
|
+
const session = request_context_1.RequestContext.currentSession();
|
|
782
|
+
const user = await this.getUser();
|
|
783
|
+
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.LOGGED_OUT, new logged_out_event_1.LoggedOutEvent({
|
|
784
|
+
user: user,
|
|
785
|
+
tenantId: user?.tenantId,
|
|
786
|
+
session,
|
|
787
|
+
logoutType,
|
|
788
|
+
reason,
|
|
789
|
+
}));
|
|
790
|
+
if (session) {
|
|
791
|
+
await this.sessionManager.revokeSession(session.id);
|
|
792
|
+
}
|
|
793
|
+
return true;
|
|
794
|
+
}
|
|
795
|
+
async logoutAll(userId, logoutType = 'user', reason) {
|
|
796
|
+
const session = request_context_1.RequestContext.currentSession();
|
|
797
|
+
if (!session) {
|
|
798
|
+
throw new common_1.UnauthorizedException({
|
|
799
|
+
message: 'Session not found',
|
|
800
|
+
code: auth_constants_1.ERROR_CODES.SESSION_NOT_FOUND,
|
|
801
|
+
});
|
|
802
|
+
}
|
|
803
|
+
const sessions = await this.sessionManager.getUserSessions(userId);
|
|
804
|
+
await this.sessionManager.revokeAllUserSessions(userId);
|
|
805
|
+
const user = await this.userRepository.findOne({ where: { id: userId } });
|
|
806
|
+
if (user) {
|
|
807
|
+
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.LOGGED_OUT_ALL, new logged_out_all_event_1.LoggedOutAllEvent({
|
|
808
|
+
user,
|
|
809
|
+
tenantId: user.tenantId,
|
|
810
|
+
logoutType,
|
|
811
|
+
reason,
|
|
812
|
+
currentSessionId: session.id,
|
|
813
|
+
sessions,
|
|
814
|
+
}));
|
|
815
|
+
}
|
|
816
|
+
return true;
|
|
817
|
+
}
|
|
818
|
+
async sendEmailVerification(input) {
|
|
819
|
+
this.debugLogger.logFunctionEntry('sendEmailVerification', 'AuthService');
|
|
820
|
+
try {
|
|
821
|
+
const user = request_context_1.RequestContext.currentUser();
|
|
822
|
+
if (!user) {
|
|
823
|
+
throw new common_1.UnauthorizedException({
|
|
824
|
+
message: 'User not authenticated',
|
|
825
|
+
code: auth_constants_1.ERROR_CODES.UNAUTHORIZED,
|
|
826
|
+
});
|
|
827
|
+
}
|
|
828
|
+
const fullUser = await this.getUserWithRolesAndPermissions(user.id);
|
|
829
|
+
if (!fullUser.email) {
|
|
830
|
+
throw new common_1.BadRequestException({
|
|
831
|
+
message: 'User does not have an email address',
|
|
832
|
+
code: auth_constants_1.ERROR_CODES.NO_EMAIL_ADDRESS,
|
|
833
|
+
});
|
|
834
|
+
}
|
|
835
|
+
if (fullUser.emailVerifiedAt) {
|
|
836
|
+
throw new common_1.BadRequestException({
|
|
837
|
+
message: 'Email is already verified',
|
|
838
|
+
code: auth_constants_1.ERROR_CODES.EMAIL_ALREADY_VERIFIED,
|
|
839
|
+
});
|
|
840
|
+
}
|
|
841
|
+
const otp = (0, otp_1.generateOtp)();
|
|
842
|
+
const expiresAt = new Date();
|
|
843
|
+
expiresAt.setMinutes(expiresAt.getMinutes() + 30);
|
|
844
|
+
const otpEntity = await this.otpRepository.save({
|
|
845
|
+
userId: fullUser.id,
|
|
846
|
+
code: otp,
|
|
847
|
+
expiresAt,
|
|
848
|
+
type: otp_interface_1.OTPTypeEnum.VERIFICATION
|
|
849
|
+
});
|
|
850
|
+
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.EMAIL_VERIFICATION_REQUESTED, {
|
|
851
|
+
user: fullUser,
|
|
852
|
+
tenantId: fullUser.tenantId,
|
|
853
|
+
otp: otpEntity,
|
|
854
|
+
});
|
|
855
|
+
this.debugLogger.logFunctionExit('sendEmailVerification', 'AuthService');
|
|
856
|
+
return { message: 'Verification email sent successfully' };
|
|
857
|
+
}
|
|
858
|
+
catch (error) {
|
|
859
|
+
this.debugLogger.logError(error, 'sendEmailVerification');
|
|
860
|
+
this.handleError(error, 'signup');
|
|
861
|
+
throw error;
|
|
862
|
+
}
|
|
863
|
+
}
|
|
864
|
+
async verifyEmail(input) {
|
|
865
|
+
this.debugLogger.logFunctionEntry('verifyEmail', 'AuthService');
|
|
866
|
+
try {
|
|
867
|
+
const user = request_context_1.RequestContext.currentUser();
|
|
868
|
+
if (!user) {
|
|
869
|
+
throw new common_1.UnauthorizedException({
|
|
870
|
+
message: 'User not authenticated',
|
|
871
|
+
code: auth_constants_1.ERROR_CODES.UNAUTHORIZED,
|
|
872
|
+
});
|
|
873
|
+
}
|
|
874
|
+
const fullUser = await this.getUserWithRolesAndPermissions(user.id);
|
|
875
|
+
if (!fullUser.email) {
|
|
876
|
+
throw new common_1.BadRequestException({
|
|
877
|
+
message: 'User does not have an email address',
|
|
878
|
+
code: auth_constants_1.ERROR_CODES.NO_EMAIL_ADDRESS,
|
|
879
|
+
});
|
|
880
|
+
}
|
|
881
|
+
if (fullUser.emailVerifiedAt) {
|
|
882
|
+
throw new common_1.BadRequestException({
|
|
883
|
+
message: 'Email is already verified',
|
|
884
|
+
code: auth_constants_1.ERROR_CODES.EMAIL_ALREADY_VERIFIED,
|
|
885
|
+
});
|
|
886
|
+
}
|
|
887
|
+
const validOtp = await this.otpRepository.findOne({
|
|
888
|
+
where: {
|
|
889
|
+
userId: fullUser.id,
|
|
890
|
+
code: input.otp,
|
|
891
|
+
type: otp_interface_1.OTPTypeEnum.VERIFICATION,
|
|
892
|
+
used: false
|
|
893
|
+
}
|
|
894
|
+
});
|
|
895
|
+
if (!validOtp) {
|
|
896
|
+
throw new common_1.BadRequestException({
|
|
897
|
+
message: 'Invalid verification code',
|
|
898
|
+
code: auth_constants_1.ERROR_CODES.VERIFICATION_CODE_INVALID,
|
|
899
|
+
});
|
|
900
|
+
}
|
|
901
|
+
if ((0, moment_1.default)(validOtp.expiresAt).isBefore(new Date())) {
|
|
902
|
+
throw new common_1.BadRequestException({
|
|
903
|
+
message: 'Verification code has expired',
|
|
904
|
+
code: auth_constants_1.ERROR_CODES.VERIFICATION_CODE_EXPIRED,
|
|
905
|
+
});
|
|
906
|
+
}
|
|
907
|
+
validOtp.used = true;
|
|
908
|
+
await this.otpRepository.save(validOtp);
|
|
909
|
+
fullUser.emailVerifiedAt = new Date();
|
|
910
|
+
fullUser.isVerified = true;
|
|
911
|
+
await this.userRepository.save(fullUser);
|
|
912
|
+
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.EMAIL_VERIFIED, {
|
|
913
|
+
user: fullUser,
|
|
914
|
+
tenantId: fullUser.tenantId,
|
|
915
|
+
});
|
|
916
|
+
this.debugLogger.logFunctionExit('verifyEmail', 'AuthService');
|
|
917
|
+
return { message: 'Email verified successfully' };
|
|
918
|
+
}
|
|
919
|
+
catch (error) {
|
|
920
|
+
this.debugLogger.logError(error, 'verifyEmail');
|
|
921
|
+
this.handleError(error, 'signup');
|
|
922
|
+
throw error;
|
|
923
|
+
}
|
|
924
|
+
}
|
|
925
|
+
async generateTokensPayload(session, otherPayload = {}) {
|
|
926
|
+
let payload = {
|
|
927
|
+
id: session.userId,
|
|
928
|
+
sub: session.userId,
|
|
929
|
+
sessionId: session.id,
|
|
930
|
+
email: session.data?.user?.email,
|
|
931
|
+
phone: session.data?.user?.phone,
|
|
932
|
+
isVerified: session.data?.user?.isVerified,
|
|
933
|
+
roles: session.data?.roles,
|
|
934
|
+
tenantId: session.data?.user?.tenantId,
|
|
935
|
+
isMfaEnabled: session.data?.user?.isMfaEnabled,
|
|
936
|
+
isMfaVerified: session.data?.isMfaVerified,
|
|
937
|
+
...otherPayload,
|
|
938
|
+
};
|
|
939
|
+
const config = this.authConfigService.getConfig();
|
|
940
|
+
if (config.session?.customizeTokenPayload) {
|
|
941
|
+
payload = await config.session.customizeTokenPayload(payload, session);
|
|
942
|
+
}
|
|
943
|
+
return payload;
|
|
944
|
+
}
|
|
945
|
+
handleError(error, context) {
|
|
946
|
+
const config = this.authConfigService.getConfig();
|
|
947
|
+
if (config.errorHandler) {
|
|
948
|
+
const result = config.errorHandler(error, context);
|
|
949
|
+
if (result) {
|
|
950
|
+
throw result;
|
|
951
|
+
}
|
|
952
|
+
}
|
|
953
|
+
}
|
|
954
|
+
async generateTokensFromSession(session) {
|
|
955
|
+
const payload = await this.generateTokensPayload(session);
|
|
956
|
+
const tokens = await this.jwtService.generateTokens(payload);
|
|
957
|
+
return tokens;
|
|
958
|
+
}
|
|
959
|
+
};
|
|
960
|
+
exports.AuthService = AuthService;
|
|
961
|
+
exports.AuthService = AuthService = __decorate([
|
|
962
|
+
(0, common_1.Injectable)(),
|
|
963
|
+
__param(0, (0, typeorm_1.InjectRepository)(user_entity_1.NestAuthUser)),
|
|
964
|
+
__param(1, (0, typeorm_1.InjectRepository)(otp_entity_1.NestAuthOTP)),
|
|
965
|
+
__metadata("design:paramtypes", [typeorm_2.Repository,
|
|
966
|
+
typeorm_2.Repository,
|
|
967
|
+
auth_provider_registry_service_1.AuthProviderRegistryService,
|
|
968
|
+
mfa_service_1.MfaService,
|
|
969
|
+
session_manager_service_1.SessionManagerService,
|
|
970
|
+
jwt_service_1.JwtService,
|
|
971
|
+
event_emitter_1.EventEmitter2,
|
|
972
|
+
tenant_service_1.TenantService,
|
|
973
|
+
debug_logger_service_1.DebugLoggerService,
|
|
974
|
+
auth_config_service_1.AuthConfigService,
|
|
975
|
+
user_service_1.UserService])
|
|
976
|
+
], AuthService);
|
|
977
|
+
//# sourceMappingURL=auth.service.js.map
|