@ackplus/nest-auth 1.1.28 → 1.1.29
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +480 -59
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +34 -0
- package/dist/index.js.map +1 -0
- package/dist/lib/admin-console/admin-console.module.d.ts.map +1 -0
- package/dist/lib/admin-console/admin-console.module.js +72 -0
- package/dist/lib/admin-console/admin-console.module.js.map +1 -0
- package/dist/lib/admin-console/controllers/admin-auth.controller.d.ts.map +1 -0
- package/dist/lib/admin-console/controllers/admin-auth.controller.js +376 -0
- package/dist/lib/admin-console/controllers/admin-auth.controller.js.map +1 -0
- package/dist/lib/admin-console/controllers/admin-console.controller.d.ts.map +1 -0
- package/dist/lib/admin-console/controllers/admin-console.controller.js +97 -0
- package/dist/lib/admin-console/controllers/admin-console.controller.js.map +1 -0
- package/dist/lib/admin-console/controllers/admin-permissions.controller.d.ts +83 -0
- package/dist/lib/admin-console/controllers/admin-permissions.controller.d.ts.map +1 -0
- package/dist/lib/admin-console/controllers/admin-permissions.controller.js +205 -0
- package/dist/lib/admin-console/controllers/admin-permissions.controller.js.map +1 -0
- package/dist/lib/admin-console/controllers/admin-roles.controller.d.ts.map +1 -0
- package/dist/lib/admin-console/controllers/admin-roles.controller.js +103 -0
- package/dist/lib/admin-console/controllers/admin-roles.controller.js.map +1 -0
- package/dist/lib/admin-console/controllers/admin-tenants.controller.d.ts.map +1 -0
- package/dist/lib/admin-console/controllers/admin-tenants.controller.js +99 -0
- package/dist/lib/admin-console/controllers/admin-tenants.controller.js.map +1 -0
- package/dist/lib/admin-console/controllers/admin-users.controller.d.ts.map +1 -0
- package/dist/lib/admin-console/controllers/admin-users.controller.js +398 -0
- package/dist/lib/admin-console/controllers/admin-users.controller.js.map +1 -0
- package/dist/lib/admin-console/decorators/current-admin.decorator.d.ts.map +1 -0
- package/dist/lib/admin-console/decorators/current-admin.decorator.js +9 -0
- package/dist/lib/admin-console/decorators/current-admin.decorator.js.map +1 -0
- package/dist/lib/admin-console/dto/admin-permission.dto.d.ts.map +1 -0
- package/dist/lib/admin-console/dto/admin-permission.dto.js +143 -0
- package/dist/lib/admin-console/dto/admin-permission.dto.js.map +1 -0
- package/dist/lib/admin-console/dto/admin-role.dto.d.ts.map +1 -0
- package/dist/lib/admin-console/dto/admin-role.dto.js +70 -0
- package/dist/lib/admin-console/dto/admin-role.dto.js.map +1 -0
- package/dist/lib/admin-console/dto/admin-tenant.dto.d.ts.map +1 -0
- package/dist/lib/admin-console/dto/admin-tenant.dto.js +74 -0
- package/dist/lib/admin-console/dto/admin-tenant.dto.js.map +1 -0
- package/dist/lib/admin-console/dto/admin-user.dto.d.ts.map +1 -0
- package/dist/lib/admin-console/dto/admin-user.dto.js +119 -0
- package/dist/lib/admin-console/dto/admin-user.dto.js.map +1 -0
- package/dist/lib/admin-console/dto/create-dashboard-admin.dto.d.ts.map +1 -0
- package/dist/lib/admin-console/dto/create-dashboard-admin.dto.js +53 -0
- package/dist/lib/admin-console/dto/create-dashboard-admin.dto.js.map +1 -0
- package/dist/lib/admin-console/dto/login.dto.d.ts.map +1 -0
- package/dist/lib/admin-console/dto/login.dto.js +28 -0
- package/dist/lib/admin-console/dto/login.dto.js.map +1 -0
- package/dist/lib/admin-console/dto/reset-password.dto.d.ts.map +1 -0
- package/dist/lib/admin-console/dto/reset-password.dto.js +38 -0
- package/dist/lib/admin-console/dto/reset-password.dto.js.map +1 -0
- package/dist/lib/admin-console/dto/setup-admin.dto.d.ts.map +1 -0
- package/dist/lib/admin-console/dto/setup-admin.dto.js +42 -0
- package/dist/lib/admin-console/dto/setup-admin.dto.js.map +1 -0
- package/dist/lib/admin-console/dto/signup.dto.d.ts.map +1 -0
- package/dist/lib/admin-console/dto/signup.dto.js +72 -0
- package/dist/lib/admin-console/dto/signup.dto.js.map +1 -0
- package/dist/lib/admin-console/entities/admin-user.entity.d.ts +18 -0
- package/dist/lib/admin-console/entities/admin-user.entity.d.ts.map +1 -0
- package/dist/lib/admin-console/entities/admin-user.entity.js +150 -0
- package/dist/lib/admin-console/entities/admin-user.entity.js.map +1 -0
- package/dist/lib/admin-console/guards/admin-session.guard.d.ts.map +1 -0
- package/dist/lib/admin-console/guards/admin-session.guard.js +52 -0
- package/dist/lib/admin-console/guards/admin-session.guard.js.map +1 -0
- package/dist/lib/admin-console/services/admin-auth.service.d.ts.map +1 -0
- package/dist/lib/admin-console/services/admin-auth.service.js +88 -0
- package/dist/lib/admin-console/services/admin-auth.service.js.map +1 -0
- package/dist/lib/admin-console/services/admin-console-config.service.d.ts.map +1 -0
- package/dist/lib/admin-console/services/admin-console-config.service.js +66 -0
- package/dist/lib/admin-console/services/admin-console-config.service.js.map +1 -0
- package/dist/lib/admin-console/services/admin-session.service.d.ts +22 -0
- package/dist/lib/admin-console/services/admin-session.service.d.ts.map +1 -0
- package/dist/lib/admin-console/services/admin-session.service.js +130 -0
- package/dist/lib/admin-console/services/admin-session.service.js.map +1 -0
- package/dist/lib/admin-console/services/admin-user.service.d.ts.map +1 -0
- package/dist/lib/admin-console/services/admin-user.service.js +101 -0
- package/dist/lib/admin-console/services/admin-user.service.js.map +1 -0
- package/dist/lib/audit/services/audit.service.d.ts.map +1 -0
- package/dist/lib/audit/services/audit.service.js +153 -0
- package/dist/lib/audit/services/audit.service.js.map +1 -0
- package/dist/lib/auth/auth.module.d.ts.map +1 -0
- package/dist/lib/auth/auth.module.js +74 -0
- package/dist/lib/auth/auth.module.js.map +1 -0
- package/dist/lib/auth/controllers/auth.controller.d.ts +57 -0
- package/dist/lib/auth/controllers/auth.controller.d.ts.map +1 -0
- package/dist/lib/auth/controllers/auth.controller.js +485 -0
- package/dist/lib/auth/controllers/auth.controller.js.map +1 -0
- package/dist/lib/auth/controllers/mfa.controller.d.ts.map +1 -0
- package/dist/lib/auth/controllers/mfa.controller.js +239 -0
- package/dist/lib/auth/controllers/mfa.controller.js.map +1 -0
- package/dist/lib/auth/dto/credentials/email-credentials.dto.d.ts +5 -0
- package/dist/lib/auth/dto/credentials/email-credentials.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/credentials/email-credentials.dto.js +39 -0
- package/dist/lib/auth/dto/credentials/email-credentials.dto.js.map +1 -0
- package/dist/lib/auth/dto/credentials/phone-credentials.dto.d.ts +5 -0
- package/dist/lib/auth/dto/credentials/phone-credentials.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/credentials/phone-credentials.dto.js +39 -0
- package/dist/lib/auth/dto/credentials/phone-credentials.dto.js.map +1 -0
- package/dist/lib/auth/dto/credentials/social-credentials.dto.d.ts +4 -0
- package/dist/lib/auth/dto/credentials/social-credentials.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/credentials/social-credentials.dto.js +28 -0
- package/dist/lib/auth/dto/credentials/social-credentials.dto.js.map +1 -0
- package/dist/lib/auth/dto/index.d.ts.map +1 -0
- package/dist/lib/auth/dto/index.js +1 -0
- package/dist/lib/auth/dto/index.js.map +1 -0
- package/dist/lib/auth/dto/requests/change-password.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/change-password.request.dto.js +53 -0
- package/dist/lib/auth/dto/requests/change-password.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/forgot-password.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/forgot-password.request.dto.js +50 -0
- package/dist/lib/auth/dto/requests/forgot-password.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/initialize-admin.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/initialize-admin.request.dto.js +72 -0
- package/dist/lib/auth/dto/requests/initialize-admin.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/login.request.dto.d.ts +10 -0
- package/dist/lib/auth/dto/requests/login.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/login.request.dto.js +85 -0
- package/dist/lib/auth/dto/requests/login.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/refresh-token.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/refresh-token.request.dto.js +28 -0
- package/dist/lib/auth/dto/requests/refresh-token.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/reset-password-with-token.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/reset-password-with-token.request.dto.js +40 -0
- package/dist/lib/auth/dto/requests/reset-password-with-token.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/reset-password.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/reset-password.request.dto.js +74 -0
- package/dist/lib/auth/dto/requests/reset-password.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/send-email-verification.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/send-email-verification.request.dto.js +28 -0
- package/dist/lib/auth/dto/requests/send-email-verification.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/send-mfa-code.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/send-mfa-code.request.dto.js +35 -0
- package/dist/lib/auth/dto/requests/send-mfa-code.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/signup.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/signup.request.dto.js +62 -0
- package/dist/lib/auth/dto/requests/signup.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/toggle-mfa.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/toggle-mfa.request.dto.js +28 -0
- package/dist/lib/auth/dto/requests/toggle-mfa.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/verify-2fa.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/verify-2fa.request.dto.js +51 -0
- package/dist/lib/auth/dto/requests/verify-2fa.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/verify-email.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/verify-email.request.dto.js +40 -0
- package/dist/lib/auth/dto/requests/verify-email.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.js +62 -0
- package/dist/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.js.map +1 -0
- package/dist/lib/auth/dto/requests/verify-totp-setup.request.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/requests/verify-totp-setup.request.dto.js +40 -0
- package/dist/lib/auth/dto/requests/verify-totp-setup.request.dto.js.map +1 -0
- package/dist/lib/auth/dto/responses/auth-cookie.response.dto.d.ts +5 -0
- package/dist/lib/auth/dto/responses/auth-cookie.response.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/responses/auth-cookie.response.dto.js +40 -0
- package/dist/lib/auth/dto/responses/auth-cookie.response.dto.js.map +1 -0
- package/dist/lib/auth/dto/responses/auth-success.response.dto.d.ts +5 -0
- package/dist/lib/auth/dto/responses/auth-success.response.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/responses/auth-success.response.dto.js +40 -0
- package/dist/lib/auth/dto/responses/auth-success.response.dto.js.map +1 -0
- package/dist/lib/auth/dto/responses/auth.response.dto.d.ts +22 -0
- package/dist/lib/auth/dto/responses/auth.response.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/responses/auth.response.dto.js +114 -0
- package/dist/lib/auth/dto/responses/auth.response.dto.js.map +1 -0
- package/dist/lib/auth/dto/responses/client-config.response.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/responses/client-config.response.dto.js +247 -0
- package/dist/lib/auth/dto/responses/client-config.response.dto.js.map +1 -0
- package/dist/lib/auth/dto/responses/initialize-admin.response.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/responses/initialize-admin.response.dto.js +42 -0
- package/dist/lib/auth/dto/responses/initialize-admin.response.dto.js.map +1 -0
- package/dist/lib/auth/dto/responses/mfa-code-response.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/responses/mfa-code-response.dto.js +49 -0
- package/dist/lib/auth/dto/responses/mfa-code-response.dto.js.map +1 -0
- package/dist/lib/auth/dto/responses/mfa-status.response.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/responses/mfa-status.response.dto.js +130 -0
- package/dist/lib/auth/dto/responses/mfa-status.response.dto.js.map +1 -0
- package/dist/lib/auth/dto/responses/verify-otp.response.dto.d.ts.map +1 -0
- package/dist/lib/auth/dto/responses/verify-otp.response.dto.js +27 -0
- package/dist/lib/auth/dto/responses/verify-otp.response.dto.js.map +1 -0
- package/dist/lib/auth/entities/mfa-secret.entity.d.ts.map +1 -0
- package/dist/lib/auth/entities/mfa-secret.entity.js +67 -0
- package/dist/lib/auth/entities/mfa-secret.entity.js.map +1 -0
- package/dist/lib/auth/entities/otp.entity.d.ts.map +1 -0
- package/dist/lib/auth/entities/otp.entity.js +67 -0
- package/dist/lib/auth/entities/otp.entity.js.map +1 -0
- package/dist/lib/auth/entities/trusted-device.entity.d.ts.map +1 -0
- package/dist/lib/auth/entities/trusted-device.entity.js +69 -0
- package/dist/lib/auth/entities/trusted-device.entity.js.map +1 -0
- package/dist/lib/auth/events/index.d.ts.map +1 -0
- package/dist/lib/auth/events/index.js +29 -0
- package/dist/lib/auth/events/index.js.map +1 -0
- package/dist/lib/auth/events/logged-out-all.event.d.ts.map +1 -0
- package/dist/lib/auth/events/logged-out-all.event.js +11 -0
- package/dist/lib/auth/events/logged-out-all.event.js.map +1 -0
- package/dist/lib/auth/events/logged-out.event.d.ts.map +1 -0
- package/dist/lib/auth/events/logged-out.event.js +11 -0
- package/dist/lib/auth/events/logged-out.event.js.map +1 -0
- package/dist/lib/auth/events/password-reset-requested.event.d.ts.map +1 -0
- package/dist/lib/auth/events/password-reset-requested.event.js +11 -0
- package/dist/lib/auth/events/password-reset-requested.event.js.map +1 -0
- package/dist/lib/auth/events/password-reset.event.d.ts.map +1 -0
- package/dist/lib/auth/events/password-reset.event.js +11 -0
- package/dist/lib/auth/events/password-reset.event.js.map +1 -0
- package/dist/lib/auth/events/two-factor-code-sent.event.d.ts.map +1 -0
- package/dist/lib/auth/events/two-factor-code-sent.event.js +11 -0
- package/dist/lib/auth/events/two-factor-code-sent.event.js.map +1 -0
- package/dist/lib/auth/events/user-2fa-disabled.event.d.ts.map +1 -0
- package/dist/lib/auth/events/user-2fa-disabled.event.js +14 -0
- package/dist/lib/auth/events/user-2fa-disabled.event.js.map +1 -0
- package/dist/lib/auth/events/user-2fa-enabled.event.d.ts.map +1 -0
- package/dist/lib/auth/events/user-2fa-enabled.event.js +17 -0
- package/dist/lib/auth/events/user-2fa-enabled.event.js.map +1 -0
- package/dist/lib/auth/events/user-2fa-verified.event.d.ts.map +1 -0
- package/dist/lib/auth/events/user-2fa-verified.event.js +11 -0
- package/dist/lib/auth/events/user-2fa-verified.event.js.map +1 -0
- package/dist/lib/auth/events/user-logged-in.event.d.ts.map +1 -0
- package/dist/lib/auth/events/user-logged-in.event.js +11 -0
- package/dist/lib/auth/events/user-logged-in.event.js.map +1 -0
- package/dist/lib/auth/events/user-password-changed.event.d.ts.map +1 -0
- package/dist/lib/auth/events/user-password-changed.event.js +17 -0
- package/dist/lib/auth/events/user-password-changed.event.js.map +1 -0
- package/dist/lib/auth/events/user-refresh-token.event.d.ts.map +1 -0
- package/dist/lib/auth/events/user-refresh-token.event.js +11 -0
- package/dist/lib/auth/events/user-refresh-token.event.js.map +1 -0
- package/dist/lib/auth/events/user-registered.event.d.ts.map +1 -0
- package/dist/lib/auth/events/user-registered.event.js +11 -0
- package/dist/lib/auth/events/user-registered.event.js.map +1 -0
- package/dist/lib/auth/guards/auth.guard.d.ts +27 -0
- package/dist/lib/auth/guards/auth.guard.d.ts.map +1 -0
- package/dist/lib/auth/guards/auth.guard.js +355 -0
- package/dist/lib/auth/guards/auth.guard.js.map +1 -0
- package/dist/lib/auth/index.d.ts.map +1 -0
- package/dist/lib/auth/index.js +60 -0
- package/dist/lib/auth/index.js.map +1 -0
- package/dist/lib/auth/interceptors/refresh-token.interceptor.d.ts +16 -0
- package/dist/lib/auth/interceptors/refresh-token.interceptor.d.ts.map +1 -0
- package/dist/lib/auth/interceptors/refresh-token.interceptor.js +87 -0
- package/dist/lib/auth/interceptors/refresh-token.interceptor.js.map +1 -0
- package/dist/lib/auth/services/auth-session-event-listener.service.d.ts +12 -0
- package/dist/lib/auth/services/auth-session-event-listener.service.d.ts.map +1 -0
- package/dist/lib/auth/services/auth-session-event-listener.service.js +58 -0
- package/dist/lib/auth/services/auth-session-event-listener.service.js.map +1 -0
- package/dist/lib/auth/services/auth.service.d.ts +72 -0
- package/dist/lib/auth/services/auth.service.d.ts.map +1 -0
- package/dist/lib/auth/services/auth.service.js +977 -0
- package/dist/lib/auth/services/auth.service.js.map +1 -0
- package/dist/lib/auth/services/client-config.service.d.ts.map +1 -0
- package/dist/lib/auth/services/client-config.service.js +159 -0
- package/dist/lib/auth/services/client-config.service.js.map +1 -0
- package/dist/lib/auth/services/cookie.service.d.ts.map +1 -0
- package/dist/lib/auth/services/cookie.service.js +55 -0
- package/dist/lib/auth/services/cookie.service.js.map +1 -0
- package/dist/lib/auth/services/mfa.service.d.ts.map +1 -0
- package/dist/lib/auth/services/mfa.service.js +420 -0
- package/dist/lib/auth/services/mfa.service.js.map +1 -0
- package/dist/lib/auth.constants.d.ts +210 -0
- package/dist/lib/auth.constants.d.ts.map +1 -0
- package/dist/lib/auth.constants.js +151 -0
- package/dist/lib/auth.constants.js.map +1 -0
- package/dist/lib/core/core.module.d.ts +3 -0
- package/dist/lib/core/core.module.d.ts.map +1 -0
- package/dist/lib/core/core.module.js +59 -0
- package/dist/lib/core/core.module.js.map +1 -0
- package/dist/lib/core/decorators/auth.decorator.d.ts +2 -0
- package/dist/lib/core/decorators/auth.decorator.d.ts.map +1 -0
- package/dist/lib/core/decorators/auth.decorator.js +8 -0
- package/dist/lib/core/decorators/auth.decorator.js.map +1 -0
- package/dist/lib/core/decorators/permissions.decorator.d.ts +3 -0
- package/dist/lib/core/decorators/permissions.decorator.d.ts.map +1 -0
- package/dist/lib/core/decorators/permissions.decorator.js +14 -0
- package/dist/lib/core/decorators/permissions.decorator.js.map +1 -0
- package/dist/lib/core/decorators/public.decorator.d.ts +3 -0
- package/dist/lib/core/decorators/public.decorator.d.ts.map +1 -0
- package/dist/lib/core/decorators/public.decorator.js +8 -0
- package/dist/lib/core/decorators/public.decorator.js.map +1 -0
- package/dist/lib/core/decorators/role.decorator.d.ts.map +1 -0
- package/dist/lib/core/decorators/role.decorator.js +14 -0
- package/dist/lib/core/decorators/role.decorator.js.map +1 -0
- package/dist/lib/core/decorators/skip-mfa.decorator.d.ts.map +1 -0
- package/dist/lib/core/decorators/skip-mfa.decorator.js +8 -0
- package/dist/lib/core/decorators/skip-mfa.decorator.js.map +1 -0
- package/dist/lib/core/dto/message.response.dto.d.ts.map +1 -0
- package/dist/lib/core/dto/message.response.dto.js +22 -0
- package/dist/lib/core/dto/message.response.dto.js.map +1 -0
- package/dist/lib/core/entities.d.ts.map +1 -0
- package/dist/lib/core/entities.js +53 -0
- package/dist/lib/core/entities.js.map +1 -0
- package/dist/lib/core/index.d.ts.map +1 -0
- package/dist/lib/core/index.js +42 -0
- package/dist/lib/core/index.js.map +1 -0
- package/dist/lib/core/interfaces/auth-module-options.interface.d.ts +164 -0
- package/dist/lib/core/interfaces/auth-module-options.interface.d.ts.map +1 -0
- package/dist/lib/core/interfaces/auth-module-options.interface.js +3 -0
- package/dist/lib/core/interfaces/auth-module-options.interface.js.map +1 -0
- package/dist/lib/core/interfaces/mfa-options.interface.d.ts.map +1 -0
- package/dist/lib/core/interfaces/mfa-options.interface.js +10 -0
- package/dist/lib/core/interfaces/mfa-options.interface.js.map +1 -0
- package/dist/lib/core/interfaces/otp.interface.d.ts.map +1 -0
- package/dist/lib/core/interfaces/otp.interface.js +10 -0
- package/dist/lib/core/interfaces/otp.interface.js.map +1 -0
- package/dist/lib/core/interfaces/session-options.interface.d.ts +23 -0
- package/dist/lib/core/interfaces/session-options.interface.d.ts.map +1 -0
- package/dist/lib/core/interfaces/session-options.interface.js +10 -0
- package/dist/lib/core/interfaces/session-options.interface.js.map +1 -0
- package/dist/lib/core/interfaces/token-payload.interface.d.ts +44 -0
- package/dist/lib/core/interfaces/token-payload.interface.d.ts.map +1 -0
- package/dist/lib/core/interfaces/token-payload.interface.js +3 -0
- package/dist/lib/core/interfaces/token-payload.interface.js.map +1 -0
- package/dist/lib/core/providers/apple-auth.provider.d.ts.map +1 -0
- package/dist/lib/core/providers/apple-auth.provider.js +73 -0
- package/dist/lib/core/providers/apple-auth.provider.js.map +1 -0
- package/dist/lib/core/providers/base-auth.provider.d.ts +28 -0
- package/dist/lib/core/providers/base-auth.provider.d.ts.map +1 -0
- package/dist/lib/core/providers/base-auth.provider.js +48 -0
- package/dist/lib/core/providers/base-auth.provider.js.map +1 -0
- package/dist/lib/core/providers/email-auth.provider.d.ts +22 -0
- package/dist/lib/core/providers/email-auth.provider.d.ts.map +1 -0
- package/dist/lib/core/providers/email-auth.provider.js +66 -0
- package/dist/lib/core/providers/email-auth.provider.js.map +1 -0
- package/dist/lib/core/providers/facebook-auth.provider.d.ts.map +1 -0
- package/dist/lib/core/providers/facebook-auth.provider.js +70 -0
- package/dist/lib/core/providers/facebook-auth.provider.js.map +1 -0
- package/dist/lib/core/providers/github-auth.provider.d.ts.map +1 -0
- package/dist/lib/core/providers/github-auth.provider.js +83 -0
- package/dist/lib/core/providers/github-auth.provider.js.map +1 -0
- package/dist/lib/core/providers/google-auth.provider.d.ts +24 -0
- package/dist/lib/core/providers/google-auth.provider.d.ts.map +1 -0
- package/dist/lib/core/providers/google-auth.provider.js +105 -0
- package/dist/lib/core/providers/google-auth.provider.js.map +1 -0
- package/dist/lib/core/providers/jwt-auth.provider.d.ts.map +1 -0
- package/dist/lib/core/providers/jwt-auth.provider.js +61 -0
- package/dist/lib/core/providers/jwt-auth.provider.js.map +1 -0
- package/dist/lib/core/providers/phone-auth.provider.d.ts.map +1 -0
- package/dist/lib/core/providers/phone-auth.provider.js +52 -0
- package/dist/lib/core/providers/phone-auth.provider.js.map +1 -0
- package/dist/lib/core/services/auth-config.service.d.ts +17 -0
- package/dist/lib/core/services/auth-config.service.d.ts.map +1 -0
- package/dist/lib/core/services/auth-config.service.js +152 -0
- package/dist/lib/core/services/auth-config.service.js.map +1 -0
- package/dist/lib/core/services/auth-provider-registry.service.d.ts +27 -0
- package/dist/lib/core/services/auth-provider-registry.service.d.ts.map +1 -0
- package/dist/lib/core/services/auth-provider-registry.service.js +93 -0
- package/dist/lib/core/services/auth-provider-registry.service.js.map +1 -0
- package/dist/lib/core/services/debug-logger.service.d.ts.map +1 -0
- package/dist/lib/core/services/debug-logger.service.js +165 -0
- package/dist/lib/core/services/debug-logger.service.js.map +1 -0
- package/dist/lib/core/services/initialization.service.d.ts.map +1 -0
- package/dist/lib/core/services/initialization.service.js +44 -0
- package/dist/lib/core/services/initialization.service.js.map +1 -0
- package/dist/lib/core/services/jwt.service.d.ts.map +1 -0
- package/dist/lib/core/services/jwt.service.js +132 -0
- package/dist/lib/core/services/jwt.service.js.map +1 -0
- package/dist/lib/nest-auth.module.d.ts.map +1 -0
- package/dist/lib/nest-auth.module.js +151 -0
- package/dist/lib/nest-auth.module.js.map +1 -0
- package/dist/lib/permission/entities/permission.entity.d.ts +12 -0
- package/dist/lib/permission/entities/permission.entity.d.ts.map +1 -0
- package/dist/lib/permission/entities/permission.entity.js +64 -0
- package/dist/lib/permission/entities/permission.entity.js.map +1 -0
- package/dist/lib/permission/index.d.ts.map +1 -0
- package/dist/lib/permission/index.js +20 -0
- package/dist/lib/permission/index.js.map +1 -0
- package/dist/lib/permission/permission.module.d.ts.map +1 -0
- package/dist/lib/permission/permission.module.js +26 -0
- package/dist/lib/permission/permission.module.js.map +1 -0
- package/dist/lib/permission/services/permission.service.d.ts +41 -0
- package/dist/lib/permission/services/permission.service.d.ts.map +1 -0
- package/dist/lib/permission/services/permission.service.js +180 -0
- package/dist/lib/permission/services/permission.service.js.map +1 -0
- package/dist/lib/request-context/index.d.ts.map +1 -0
- package/dist/lib/request-context/index.js +19 -0
- package/dist/lib/request-context/index.js.map +1 -0
- package/dist/lib/request-context/request-context.d.ts.map +1 -0
- package/dist/lib/request-context/request-context.js +111 -0
- package/dist/lib/request-context/request-context.js.map +1 -0
- package/dist/lib/request-context/request-context.middleware.d.ts.map +1 -0
- package/dist/lib/request-context/request-context.middleware.js +21 -0
- package/dist/lib/request-context/request-context.middleware.js.map +1 -0
- package/dist/lib/role/entities/role.entity.d.ts.map +1 -0
- package/dist/lib/role/entities/role.entity.js +129 -0
- package/dist/lib/role/entities/role.entity.js.map +1 -0
- package/dist/lib/role/index.d.ts.map +1 -0
- package/dist/lib/role/index.js +18 -0
- package/dist/lib/role/index.js.map +1 -0
- package/dist/lib/role/role.module.d.ts.map +1 -0
- package/dist/lib/role/role.module.js +28 -0
- package/dist/lib/role/role.module.js.map +1 -0
- package/dist/lib/role/services/role.service.d.ts +23 -0
- package/dist/lib/role/services/role.service.d.ts.map +1 -0
- package/dist/lib/role/services/role.service.js +226 -0
- package/dist/lib/role/services/role.service.js.map +1 -0
- package/dist/lib/session/entities/session.entity.d.ts.map +1 -0
- package/dist/lib/session/entities/session.entity.js +83 -0
- package/dist/lib/session/entities/session.entity.js.map +1 -0
- package/dist/lib/session/index.d.ts.map +1 -0
- package/dist/lib/session/index.js +26 -0
- package/dist/lib/session/index.js.map +1 -0
- package/dist/lib/session/interfaces/session-repository.interface.d.ts +15 -0
- package/dist/lib/session/interfaces/session-repository.interface.d.ts.map +1 -0
- package/dist/lib/session/interfaces/session-repository.interface.js +3 -0
- package/dist/lib/session/interfaces/session-repository.interface.js.map +1 -0
- package/dist/lib/session/repositories/base-session.repository.d.ts +21 -0
- package/dist/lib/session/repositories/base-session.repository.d.ts.map +1 -0
- package/dist/lib/session/repositories/base-session.repository.js +43 -0
- package/dist/lib/session/repositories/base-session.repository.js.map +1 -0
- package/dist/lib/session/repositories/memory-session.repository.d.ts +19 -0
- package/dist/lib/session/repositories/memory-session.repository.d.ts.map +1 -0
- package/dist/lib/session/repositories/memory-session.repository.js +125 -0
- package/dist/lib/session/repositories/memory-session.repository.js.map +1 -0
- package/dist/lib/session/repositories/redis-session.repository.d.ts +22 -0
- package/dist/lib/session/repositories/redis-session.repository.d.ts.map +1 -0
- package/dist/lib/session/repositories/redis-session.repository.js +139 -0
- package/dist/lib/session/repositories/redis-session.repository.js.map +1 -0
- package/dist/lib/session/repositories/typeorm-session.repository.d.ts +19 -0
- package/dist/lib/session/repositories/typeorm-session.repository.d.ts.map +1 -0
- package/dist/lib/session/repositories/typeorm-session.repository.js +88 -0
- package/dist/lib/session/repositories/typeorm-session.repository.js.map +1 -0
- package/dist/lib/session/services/session-manager.service.d.ts +39 -0
- package/dist/lib/session/services/session-manager.service.d.ts.map +1 -0
- package/dist/lib/session/services/session-manager.service.js +193 -0
- package/dist/lib/session/services/session-manager.service.js.map +1 -0
- package/dist/lib/session/session.module.d.ts +4 -0
- package/dist/lib/session/session.module.d.ts.map +1 -0
- package/dist/lib/session/session.module.js +83 -0
- package/dist/lib/session/session.module.js.map +1 -0
- package/dist/lib/session/utils/session.util.d.ts +40 -0
- package/dist/lib/session/utils/session.util.d.ts.map +1 -0
- package/dist/lib/session/utils/session.util.js +96 -0
- package/dist/lib/session/utils/session.util.js.map +1 -0
- package/dist/lib/tenant/entities/tenant.entity.d.ts +12 -0
- package/dist/lib/tenant/entities/tenant.entity.d.ts.map +1 -0
- package/dist/lib/tenant/entities/tenant.entity.js +65 -0
- package/dist/lib/tenant/entities/tenant.entity.js.map +1 -0
- package/dist/lib/tenant/events/tenant-created.event.d.ts.map +1 -0
- package/dist/lib/tenant/events/tenant-created.event.js +11 -0
- package/dist/lib/tenant/events/tenant-created.event.js.map +1 -0
- package/dist/lib/tenant/events/tenant-deleted.event.d.ts.map +1 -0
- package/dist/lib/tenant/events/tenant-deleted.event.js +11 -0
- package/dist/lib/tenant/events/tenant-deleted.event.js.map +1 -0
- package/dist/lib/tenant/events/tenant-updated.event.d.ts.map +1 -0
- package/dist/lib/tenant/events/tenant-updated.event.js +11 -0
- package/dist/lib/tenant/events/tenant-updated.event.js.map +1 -0
- package/dist/lib/tenant/index.d.ts.map +1 -0
- package/dist/lib/tenant/index.js +27 -0
- package/dist/lib/tenant/index.js.map +1 -0
- package/dist/lib/tenant/services/tenant.service.d.ts +28 -0
- package/dist/lib/tenant/services/tenant.service.d.ts.map +1 -0
- package/dist/lib/tenant/services/tenant.service.js +258 -0
- package/dist/lib/tenant/services/tenant.service.js.map +1 -0
- package/dist/lib/tenant/tenant.module.d.ts.map +1 -0
- package/dist/lib/tenant/tenant.module.js +32 -0
- package/dist/lib/tenant/tenant.module.js.map +1 -0
- package/dist/lib/user/dto/requests/update-user.dto.d.ts.map +1 -0
- package/dist/lib/user/dto/requests/update-user.dto.js +35 -0
- package/dist/lib/user/dto/requests/update-user.dto.js.map +1 -0
- package/dist/lib/user/entities/access-key.entity.d.ts.map +1 -0
- package/dist/lib/user/entities/access-key.entity.js +83 -0
- package/dist/lib/user/entities/access-key.entity.js.map +1 -0
- package/dist/lib/user/entities/identity.entity.d.ts.map +1 -0
- package/dist/lib/user/entities/identity.entity.js +63 -0
- package/dist/lib/user/entities/identity.entity.js.map +1 -0
- package/dist/lib/user/entities/user.entity.d.ts +42 -0
- package/dist/lib/user/entities/user.entity.d.ts.map +1 -0
- package/dist/lib/user/entities/user.entity.js +306 -0
- package/dist/lib/user/entities/user.entity.js.map +1 -0
- package/dist/lib/user/events/user-created.event.d.ts.map +1 -0
- package/dist/lib/user/events/user-created.event.js +11 -0
- package/dist/lib/user/events/user-created.event.js.map +1 -0
- package/dist/lib/user/events/user-deleted.event.d.ts.map +1 -0
- package/dist/lib/user/events/user-deleted.event.js +11 -0
- package/dist/lib/user/events/user-deleted.event.js.map +1 -0
- package/dist/lib/user/events/user-updated.event.d.ts.map +1 -0
- package/dist/lib/user/events/user-updated.event.js +11 -0
- package/dist/lib/user/events/user-updated.event.js.map +1 -0
- package/dist/lib/user/index.d.ts.map +1 -0
- package/dist/lib/user/index.js +23 -0
- package/dist/lib/user/index.js.map +1 -0
- package/dist/lib/user/services/access-key.service.d.ts.map +1 -0
- package/dist/lib/user/services/access-key.service.js +133 -0
- package/dist/lib/user/services/access-key.service.js.map +1 -0
- package/dist/lib/user/services/user.service.d.ts.map +1 -0
- package/dist/lib/user/services/user.service.js +371 -0
- package/dist/lib/user/services/user.service.js.map +1 -0
- package/dist/lib/user/user.module.d.ts.map +1 -0
- package/dist/lib/user/user.module.js +39 -0
- package/dist/lib/user/user.module.js.map +1 -0
- package/dist/lib/utils/cookie.helper.d.ts +25 -0
- package/dist/lib/utils/cookie.helper.d.ts.map +1 -0
- package/dist/lib/utils/cookie.helper.js +63 -0
- package/dist/lib/utils/cookie.helper.js.map +1 -0
- package/dist/lib/utils/database.utils.d.ts.map +1 -0
- package/dist/lib/utils/database.utils.js +8 -0
- package/dist/lib/utils/database.utils.js.map +1 -0
- package/dist/lib/utils/date.util.d.ts +17 -0
- package/dist/lib/utils/date.util.d.ts.map +1 -0
- package/dist/lib/utils/date.util.js +78 -0
- package/dist/lib/utils/date.util.js.map +1 -0
- package/dist/lib/utils/device.util.d.ts +20 -0
- package/dist/lib/utils/device.util.d.ts.map +1 -0
- package/dist/lib/utils/device.util.js +85 -0
- package/dist/lib/utils/device.util.js.map +1 -0
- package/dist/lib/utils/index.d.ts.map +1 -0
- package/dist/lib/utils/index.js +23 -0
- package/dist/lib/utils/index.js.map +1 -0
- package/dist/lib/utils/otp.d.ts.map +1 -0
- package/dist/lib/utils/otp.js +7 -0
- package/dist/lib/utils/otp.js.map +1 -0
- package/dist/lib/utils/security.util.d.ts +2 -0
- package/dist/lib/utils/security.util.d.ts.map +1 -0
- package/dist/lib/utils/security.util.js +18 -0
- package/dist/lib/utils/security.util.js.map +1 -0
- package/dist/lib/utils/slug.util.d.ts +3 -0
- package/dist/lib/utils/slug.util.d.ts.map +1 -0
- package/dist/lib/utils/slug.util.js +24 -0
- package/dist/lib/utils/slug.util.js.map +1 -0
- package/package.json +86 -18
- package/src/index.d.ts.map +0 -1
- package/src/index.js +0 -24
- package/src/lib/admin-console/admin-console.module.d.ts.map +0 -1
- package/src/lib/admin-console/admin-console.module.js +0 -69
- package/src/lib/admin-console/controllers/admin-auth.controller.d.ts.map +0 -1
- package/src/lib/admin-console/controllers/admin-auth.controller.js +0 -374
- package/src/lib/admin-console/controllers/admin-console.controller.d.ts.map +0 -1
- package/src/lib/admin-console/controllers/admin-console.controller.js +0 -87
- package/src/lib/admin-console/controllers/admin-permissions.controller.d.ts +0 -86
- package/src/lib/admin-console/controllers/admin-permissions.controller.d.ts.map +0 -1
- package/src/lib/admin-console/controllers/admin-permissions.controller.js +0 -195
- package/src/lib/admin-console/controllers/admin-roles.controller.d.ts.map +0 -1
- package/src/lib/admin-console/controllers/admin-roles.controller.js +0 -93
- package/src/lib/admin-console/controllers/admin-tenants.controller.d.ts.map +0 -1
- package/src/lib/admin-console/controllers/admin-tenants.controller.js +0 -86
- package/src/lib/admin-console/controllers/admin-users.controller.d.ts.map +0 -1
- package/src/lib/admin-console/controllers/admin-users.controller.js +0 -400
- package/src/lib/admin-console/decorators/current-admin.decorator.d.ts.map +0 -1
- package/src/lib/admin-console/decorators/current-admin.decorator.js +0 -8
- package/src/lib/admin-console/dto/admin-permission.dto.d.ts.map +0 -1
- package/src/lib/admin-console/dto/admin-permission.dto.js +0 -123
- package/src/lib/admin-console/dto/admin-role.dto.d.ts.map +0 -1
- package/src/lib/admin-console/dto/admin-role.dto.js +0 -53
- package/src/lib/admin-console/dto/admin-tenant.dto.d.ts.map +0 -1
- package/src/lib/admin-console/dto/admin-tenant.dto.js +0 -57
- package/src/lib/admin-console/dto/admin-user.dto.d.ts.map +0 -1
- package/src/lib/admin-console/dto/admin-user.dto.js +0 -94
- package/src/lib/admin-console/dto/create-dashboard-admin.dto.d.ts.map +0 -1
- package/src/lib/admin-console/dto/create-dashboard-admin.dto.js +0 -39
- package/src/lib/admin-console/dto/login.dto.d.ts.map +0 -1
- package/src/lib/admin-console/dto/login.dto.js +0 -17
- package/src/lib/admin-console/dto/reset-password.dto.d.ts.map +0 -1
- package/src/lib/admin-console/dto/reset-password.dto.js +0 -26
- package/src/lib/admin-console/dto/setup-admin.dto.d.ts.map +0 -1
- package/src/lib/admin-console/dto/setup-admin.dto.js +0 -29
- package/src/lib/admin-console/dto/signup.dto.d.ts.map +0 -1
- package/src/lib/admin-console/dto/signup.dto.js +0 -58
- package/src/lib/admin-console/entities/admin-user.entity.d.ts +0 -16
- package/src/lib/admin-console/entities/admin-user.entity.d.ts.map +0 -1
- package/src/lib/admin-console/entities/admin-user.entity.js +0 -86
- package/src/lib/admin-console/guards/admin-session.guard.d.ts.map +0 -1
- package/src/lib/admin-console/guards/admin-session.guard.js +0 -40
- package/src/lib/admin-console/services/admin-auth.service.d.ts.map +0 -1
- package/src/lib/admin-console/services/admin-auth.service.js +0 -77
- package/src/lib/admin-console/services/admin-console-config.service.d.ts.map +0 -1
- package/src/lib/admin-console/services/admin-console-config.service.js +0 -58
- package/src/lib/admin-console/services/admin-session.service.d.ts +0 -27
- package/src/lib/admin-console/services/admin-session.service.d.ts.map +0 -1
- package/src/lib/admin-console/services/admin-session.service.js +0 -94
- package/src/lib/admin-console/services/admin-user.service.d.ts.map +0 -1
- package/src/lib/admin-console/services/admin-user.service.js +0 -87
- package/src/lib/admin-console/static/index.html +0 -5596
- package/src/lib/audit/services/audit.service.d.ts.map +0 -1
- package/src/lib/audit/services/audit.service.js +0 -143
- package/src/lib/auth/auth.module.d.ts.map +0 -1
- package/src/lib/auth/auth.module.js +0 -68
- package/src/lib/auth/controllers/auth.controller.d.ts +0 -74
- package/src/lib/auth/controllers/auth.controller.d.ts.map +0 -1
- package/src/lib/auth/controllers/auth.controller.js +0 -494
- package/src/lib/auth/controllers/mfa.controller.d.ts.map +0 -1
- package/src/lib/auth/controllers/mfa.controller.js +0 -230
- package/src/lib/auth/dto/credentials/email-credentials.dto.d.ts +0 -8
- package/src/lib/auth/dto/credentials/email-credentials.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/credentials/email-credentials.dto.js +0 -31
- package/src/lib/auth/dto/credentials/phone-credentials.dto.d.ts +0 -8
- package/src/lib/auth/dto/credentials/phone-credentials.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/credentials/phone-credentials.dto.js +0 -31
- package/src/lib/auth/dto/credentials/social-credentials.dto.d.ts +0 -7
- package/src/lib/auth/dto/credentials/social-credentials.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/credentials/social-credentials.dto.js +0 -21
- package/src/lib/auth/dto/index.d.ts.map +0 -1
- package/src/lib/auth/dto/index.js +0 -0
- package/src/lib/auth/dto/requests/change-password.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/change-password.request.dto.js +0 -42
- package/src/lib/auth/dto/requests/forgot-password.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/forgot-password.request.dto.js +0 -38
- package/src/lib/auth/dto/requests/initialize-admin.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/initialize-admin.request.dto.js +0 -58
- package/src/lib/auth/dto/requests/login.request.dto.d.ts +0 -13
- package/src/lib/auth/dto/requests/login.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/login.request.dto.js +0 -75
- package/src/lib/auth/dto/requests/refresh-token.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/refresh-token.request.dto.js +0 -18
- package/src/lib/auth/dto/requests/reset-password-with-token.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/reset-password-with-token.request.dto.js +0 -29
- package/src/lib/auth/dto/requests/reset-password.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/reset-password.request.dto.js +0 -60
- package/src/lib/auth/dto/requests/send-email-verification.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/send-email-verification.request.dto.js +0 -18
- package/src/lib/auth/dto/requests/send-mfa-code.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/send-mfa-code.request.dto.js +0 -25
- package/src/lib/auth/dto/requests/signup.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/signup.request.dto.js +0 -49
- package/src/lib/auth/dto/requests/toggle-mfa.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/toggle-mfa.request.dto.js +0 -18
- package/src/lib/auth/dto/requests/verify-2fa.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/verify-2fa.request.dto.js +0 -39
- package/src/lib/auth/dto/requests/verify-email.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/verify-email.request.dto.js +0 -29
- package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.js +0 -49
- package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/requests/verify-totp-setup.request.dto.js +0 -29
- package/src/lib/auth/dto/responses/auth-cookie.response.dto.d.ts +0 -41
- package/src/lib/auth/dto/responses/auth-cookie.response.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/responses/auth-cookie.response.dto.js +0 -65
- package/src/lib/auth/dto/responses/auth-success.response.dto.d.ts +0 -41
- package/src/lib/auth/dto/responses/auth-success.response.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/responses/auth-success.response.dto.js +0 -65
- package/src/lib/auth/dto/responses/auth.response.dto.d.ts +0 -40
- package/src/lib/auth/dto/responses/auth.response.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/responses/auth.response.dto.js +0 -112
- package/src/lib/auth/dto/responses/client-config.response.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/responses/client-config.response.dto.js +0 -202
- package/src/lib/auth/dto/responses/initialize-admin.response.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/responses/initialize-admin.response.dto.js +0 -30
- package/src/lib/auth/dto/responses/mfa-code-response.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/responses/mfa-code-response.dto.js +0 -36
- package/src/lib/auth/dto/responses/mfa-status.response.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/responses/mfa-status.response.dto.js +0 -108
- package/src/lib/auth/dto/responses/verify-otp.response.dto.d.ts.map +0 -1
- package/src/lib/auth/dto/responses/verify-otp.response.dto.js +0 -16
- package/src/lib/auth/entities/mfa-secret.entity.d.ts.map +0 -1
- package/src/lib/auth/entities/mfa-secret.entity.js +0 -49
- package/src/lib/auth/entities/otp.entity.d.ts.map +0 -1
- package/src/lib/auth/entities/otp.entity.js +0 -49
- package/src/lib/auth/entities/trusted-device.entity.d.ts.map +0 -1
- package/src/lib/auth/entities/trusted-device.entity.js +0 -51
- package/src/lib/auth/events/index.d.ts.map +0 -1
- package/src/lib/auth/events/index.js +0 -15
- package/src/lib/auth/events/logged-out-all.event.d.ts.map +0 -1
- package/src/lib/auth/events/logged-out-all.event.js +0 -9
- package/src/lib/auth/events/logged-out.event.d.ts.map +0 -1
- package/src/lib/auth/events/logged-out.event.js +0 -9
- package/src/lib/auth/events/password-reset-requested.event.d.ts.map +0 -1
- package/src/lib/auth/events/password-reset-requested.event.js +0 -9
- package/src/lib/auth/events/password-reset.event.d.ts.map +0 -1
- package/src/lib/auth/events/password-reset.event.js +0 -9
- package/src/lib/auth/events/two-factor-code-sent.event.d.ts.map +0 -1
- package/src/lib/auth/events/two-factor-code-sent.event.js +0 -9
- package/src/lib/auth/events/user-2fa-disabled.event.d.ts.map +0 -1
- package/src/lib/auth/events/user-2fa-disabled.event.js +0 -12
- package/src/lib/auth/events/user-2fa-enabled.event.d.ts.map +0 -1
- package/src/lib/auth/events/user-2fa-enabled.event.js +0 -15
- package/src/lib/auth/events/user-2fa-verified.event.d.ts.map +0 -1
- package/src/lib/auth/events/user-2fa-verified.event.js +0 -9
- package/src/lib/auth/events/user-logged-in.event.d.ts.map +0 -1
- package/src/lib/auth/events/user-logged-in.event.js +0 -10
- package/src/lib/auth/events/user-password-changed.event.d.ts.map +0 -1
- package/src/lib/auth/events/user-password-changed.event.js +0 -15
- package/src/lib/auth/events/user-refresh-token.event.d.ts.map +0 -1
- package/src/lib/auth/events/user-refresh-token.event.js +0 -9
- package/src/lib/auth/events/user-registered.event.d.ts.map +0 -1
- package/src/lib/auth/events/user-registered.event.js +0 -10
- package/src/lib/auth/guards/auth.guard.d.ts +0 -74
- package/src/lib/auth/guards/auth.guard.d.ts.map +0 -1
- package/src/lib/auth/guards/auth.guard.js +0 -454
- package/src/lib/auth/index.d.ts.map +0 -1
- package/src/lib/auth/index.js +0 -53
- package/src/lib/auth/interceptors/refresh-token.interceptor.d.ts +0 -43
- package/src/lib/auth/interceptors/refresh-token.interceptor.d.ts.map +0 -1
- package/src/lib/auth/interceptors/refresh-token.interceptor.js +0 -115
- package/src/lib/auth/services/auth-session-event-listener.service.d.ts +0 -16
- package/src/lib/auth/services/auth-session-event-listener.service.d.ts.map +0 -1
- package/src/lib/auth/services/auth-session-event-listener.service.js +0 -52
- package/src/lib/auth/services/auth.service.d.ts +0 -75
- package/src/lib/auth/services/auth.service.d.ts.map +0 -1
- package/src/lib/auth/services/auth.service.js +0 -1020
- package/src/lib/auth/services/client-config.service.d.ts.map +0 -1
- package/src/lib/auth/services/client-config.service.js +0 -152
- package/src/lib/auth/services/cookie.service.d.ts.map +0 -1
- package/src/lib/auth/services/cookie.service.js +0 -42
- package/src/lib/auth/services/mfa.service.d.ts.map +0 -1
- package/src/lib/auth/services/mfa.service.js +0 -410
- package/src/lib/auth.constants.d.ts +0 -218
- package/src/lib/auth.constants.d.ts.map +0 -1
- package/src/lib/auth.constants.js +0 -188
- package/src/lib/core/core.module.d.ts +0 -7
- package/src/lib/core/core.module.d.ts.map +0 -1
- package/src/lib/core/core.module.js +0 -57
- package/src/lib/core/decorators/auth.decorator.d.ts +0 -33
- package/src/lib/core/decorators/auth.decorator.d.ts.map +0 -1
- package/src/lib/core/decorators/auth.decorator.js +0 -38
- package/src/lib/core/decorators/permissions.decorator.d.ts +0 -8
- package/src/lib/core/decorators/permissions.decorator.d.ts.map +0 -1
- package/src/lib/core/decorators/permissions.decorator.js +0 -18
- package/src/lib/core/decorators/public.decorator.d.ts +0 -31
- package/src/lib/core/decorators/public.decorator.d.ts.map +0 -1
- package/src/lib/core/decorators/public.decorator.js +0 -35
- package/src/lib/core/decorators/role.decorator.d.ts.map +0 -1
- package/src/lib/core/decorators/role.decorator.js +0 -13
- package/src/lib/core/decorators/skip-mfa.decorator.d.ts.map +0 -1
- package/src/lib/core/decorators/skip-mfa.decorator.js +0 -7
- package/src/lib/core/dto/message.response.dto.d.ts.map +0 -1
- package/src/lib/core/dto/message.response.dto.js +0 -12
- package/src/lib/core/entities.d.ts.map +0 -1
- package/src/lib/core/entities.js +0 -39
- package/src/lib/core/index.d.ts.map +0 -1
- package/src/lib/core/index.js +0 -35
- package/src/lib/core/interfaces/auth-module-options.interface.d.ts +0 -378
- package/src/lib/core/interfaces/auth-module-options.interface.d.ts.map +0 -1
- package/src/lib/core/interfaces/auth-module-options.interface.js +0 -2
- package/src/lib/core/interfaces/mfa-options.interface.d.ts.map +0 -1
- package/src/lib/core/interfaces/mfa-options.interface.js +0 -9
- package/src/lib/core/interfaces/otp.interface.d.ts.map +0 -1
- package/src/lib/core/interfaces/otp.interface.js +0 -9
- package/src/lib/core/interfaces/session-options.interface.d.ts +0 -68
- package/src/lib/core/interfaces/session-options.interface.d.ts.map +0 -1
- package/src/lib/core/interfaces/session-options.interface.js +0 -9
- package/src/lib/core/interfaces/token-payload.interface.d.ts +0 -49
- package/src/lib/core/interfaces/token-payload.interface.d.ts.map +0 -1
- package/src/lib/core/interfaces/token-payload.interface.js +0 -2
- package/src/lib/core/providers/apple-auth.provider.d.ts.map +0 -1
- package/src/lib/core/providers/apple-auth.provider.js +0 -57
- package/src/lib/core/providers/base-auth.provider.d.ts +0 -34
- package/src/lib/core/providers/base-auth.provider.d.ts.map +0 -1
- package/src/lib/core/providers/base-auth.provider.js +0 -49
- package/src/lib/core/providers/email-auth.provider.d.ts +0 -31
- package/src/lib/core/providers/email-auth.provider.d.ts.map +0 -1
- package/src/lib/core/providers/email-auth.provider.js +0 -66
- package/src/lib/core/providers/facebook-auth.provider.d.ts.map +0 -1
- package/src/lib/core/providers/facebook-auth.provider.js +0 -56
- package/src/lib/core/providers/github-auth.provider.d.ts.map +0 -1
- package/src/lib/core/providers/github-auth.provider.js +0 -74
- package/src/lib/core/providers/google-auth.provider.d.ts +0 -31
- package/src/lib/core/providers/google-auth.provider.d.ts.map +0 -1
- package/src/lib/core/providers/google-auth.provider.js +0 -109
- package/src/lib/core/providers/jwt-auth.provider.d.ts.map +0 -1
- package/src/lib/core/providers/jwt-auth.provider.js +0 -49
- package/src/lib/core/providers/phone-auth.provider.d.ts.map +0 -1
- package/src/lib/core/providers/phone-auth.provider.js +0 -42
- package/src/lib/core/services/auth-config.service.d.ts +0 -39
- package/src/lib/core/services/auth-config.service.d.ts.map +0 -1
- package/src/lib/core/services/auth-config.service.js +0 -170
- package/src/lib/core/services/auth-provider-registry.service.d.ts +0 -42
- package/src/lib/core/services/auth-provider-registry.service.d.ts.map +0 -1
- package/src/lib/core/services/auth-provider-registry.service.js +0 -91
- package/src/lib/core/services/debug-logger.service.d.ts.map +0 -1
- package/src/lib/core/services/debug-logger.service.js +0 -158
- package/src/lib/core/services/initialization.service.d.ts.map +0 -1
- package/src/lib/core/services/initialization.service.js +0 -35
- package/src/lib/core/services/jwt.service.d.ts.map +0 -1
- package/src/lib/core/services/jwt.service.js +0 -119
- package/src/lib/nest-auth.module.d.ts.map +0 -1
- package/src/lib/nest-auth.module.js +0 -149
- package/src/lib/permission/entities/permission.entity.d.ts +0 -27
- package/src/lib/permission/entities/permission.entity.d.ts.map +0 -1
- package/src/lib/permission/entities/permission.entity.js +0 -62
- package/src/lib/permission/index.d.ts.map +0 -1
- package/src/lib/permission/index.js +0 -6
- package/src/lib/permission/permission.module.d.ts.map +0 -1
- package/src/lib/permission/permission.module.js +0 -20
- package/src/lib/permission/services/permission.service.d.ts +0 -44
- package/src/lib/permission/services/permission.service.d.ts.map +0 -1
- package/src/lib/permission/services/permission.service.js +0 -173
- package/src/lib/request-context/index.d.ts.map +0 -1
- package/src/lib/request-context/index.js +0 -5
- package/src/lib/request-context/request-context.d.ts.map +0 -1
- package/src/lib/request-context/request-context.js +0 -114
- package/src/lib/request-context/request-context.middleware.d.ts.map +0 -1
- package/src/lib/request-context/request-context.middleware.js +0 -15
- package/src/lib/role/entities/role.entity.d.ts.map +0 -1
- package/src/lib/role/entities/role.entity.js +0 -110
- package/src/lib/role/index.d.ts.map +0 -1
- package/src/lib/role/index.js +0 -5
- package/src/lib/role/role.module.d.ts.map +0 -1
- package/src/lib/role/role.module.js +0 -22
- package/src/lib/role/services/role.service.d.ts +0 -29
- package/src/lib/role/services/role.service.d.ts.map +0 -1
- package/src/lib/role/services/role.service.js +0 -231
- package/src/lib/session/entities/session.entity.d.ts.map +0 -1
- package/src/lib/session/entities/session.entity.js +0 -62
- package/src/lib/session/index.d.ts.map +0 -1
- package/src/lib/session/index.js +0 -18
- package/src/lib/session/interfaces/session-repository.interface.d.ts +0 -49
- package/src/lib/session/interfaces/session-repository.interface.d.ts.map +0 -1
- package/src/lib/session/interfaces/session-repository.interface.js +0 -2
- package/src/lib/session/repositories/base-session.repository.d.ts +0 -40
- package/src/lib/session/repositories/base-session.repository.d.ts.map +0 -1
- package/src/lib/session/repositories/base-session.repository.js +0 -59
- package/src/lib/session/repositories/memory-session.repository.d.ts +0 -27
- package/src/lib/session/repositories/memory-session.repository.d.ts.map +0 -1
- package/src/lib/session/repositories/memory-session.repository.js +0 -133
- package/src/lib/session/repositories/redis-session.repository.d.ts +0 -30
- package/src/lib/session/repositories/redis-session.repository.d.ts.map +0 -1
- package/src/lib/session/repositories/redis-session.repository.js +0 -141
- package/src/lib/session/repositories/typeorm-session.repository.d.ts +0 -23
- package/src/lib/session/repositories/typeorm-session.repository.d.ts.map +0 -1
- package/src/lib/session/repositories/typeorm-session.repository.js +0 -79
- package/src/lib/session/services/session-manager.service.d.ts +0 -100
- package/src/lib/session/services/session-manager.service.d.ts.map +0 -1
- package/src/lib/session/services/session-manager.service.js +0 -254
- package/src/lib/session/session.module.d.ts +0 -14
- package/src/lib/session/session.module.d.ts.map +0 -1
- package/src/lib/session/session.module.js +0 -96
- package/src/lib/session/utils/session.util.d.ts +0 -73
- package/src/lib/session/utils/session.util.d.ts.map +0 -1
- package/src/lib/session/utils/session.util.js +0 -127
- package/src/lib/tenant/entities/tenant.entity.d.ts +0 -21
- package/src/lib/tenant/entities/tenant.entity.d.ts.map +0 -1
- package/src/lib/tenant/entities/tenant.entity.js +0 -47
- package/src/lib/tenant/events/tenant-created.event.d.ts.map +0 -1
- package/src/lib/tenant/events/tenant-created.event.js +0 -9
- package/src/lib/tenant/events/tenant-deleted.event.d.ts.map +0 -1
- package/src/lib/tenant/events/tenant-deleted.event.js +0 -9
- package/src/lib/tenant/events/tenant-updated.event.d.ts.map +0 -1
- package/src/lib/tenant/events/tenant-updated.event.js +0 -9
- package/src/lib/tenant/index.d.ts.map +0 -1
- package/src/lib/tenant/index.js +0 -14
- package/src/lib/tenant/services/tenant.service.d.ts +0 -35
- package/src/lib/tenant/services/tenant.service.d.ts.map +0 -1
- package/src/lib/tenant/services/tenant.service.js +0 -265
- package/src/lib/tenant/tenant.module.d.ts.map +0 -1
- package/src/lib/tenant/tenant.module.js +0 -26
- package/src/lib/user/dto/requests/update-user.dto.d.ts.map +0 -1
- package/src/lib/user/dto/requests/update-user.dto.js +0 -23
- package/src/lib/user/entities/access-key.entity.d.ts.map +0 -1
- package/src/lib/user/entities/access-key.entity.js +0 -62
- package/src/lib/user/entities/identity.entity.d.ts.map +0 -1
- package/src/lib/user/entities/identity.entity.js +0 -46
- package/src/lib/user/entities/user.entity.d.ts +0 -40
- package/src/lib/user/entities/user.entity.d.ts.map +0 -1
- package/src/lib/user/entities/user.entity.js +0 -237
- package/src/lib/user/events/user-created.event.d.ts.map +0 -1
- package/src/lib/user/events/user-created.event.js +0 -9
- package/src/lib/user/events/user-deleted.event.d.ts.map +0 -1
- package/src/lib/user/events/user-deleted.event.js +0 -9
- package/src/lib/user/events/user-updated.event.d.ts.map +0 -1
- package/src/lib/user/events/user-updated.event.js +0 -9
- package/src/lib/user/index.d.ts.map +0 -1
- package/src/lib/user/index.js +0 -12
- package/src/lib/user/services/access-key.service.d.ts.map +0 -1
- package/src/lib/user/services/access-key.service.js +0 -121
- package/src/lib/user/services/user.service.d.ts.map +0 -1
- package/src/lib/user/services/user.service.js +0 -369
- package/src/lib/user/user.module.d.ts.map +0 -1
- package/src/lib/user/user.module.js +0 -33
- package/src/lib/utils/cookie.helper.d.ts +0 -78
- package/src/lib/utils/cookie.helper.d.ts.map +0 -1
- package/src/lib/utils/cookie.helper.js +0 -115
- package/src/lib/utils/database.utils.d.ts.map +0 -1
- package/src/lib/utils/database.utils.js +0 -7
- package/src/lib/utils/date.util.d.ts +0 -41
- package/src/lib/utils/date.util.d.ts.map +0 -1
- package/src/lib/utils/date.util.js +0 -99
- package/src/lib/utils/device.util.d.ts +0 -50
- package/src/lib/utils/device.util.d.ts.map +0 -1
- package/src/lib/utils/device.util.js +0 -114
- package/src/lib/utils/index.d.ts.map +0 -1
- package/src/lib/utils/index.js +0 -9
- package/src/lib/utils/otp.d.ts.map +0 -1
- package/src/lib/utils/otp.js +0 -6
- package/src/lib/utils/security.util.d.ts +0 -11
- package/src/lib/utils/security.util.d.ts.map +0 -1
- package/src/lib/utils/security.util.js +0 -28
- package/src/lib/utils/slug.util.d.ts +0 -38
- package/src/lib/utils/slug.util.d.ts.map +0 -1
- package/src/lib/utils/slug.util.js +0 -59
- /package/{src → dist}/index.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/admin-console.module.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/controllers/admin-auth.controller.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/controllers/admin-console.controller.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/controllers/admin-roles.controller.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/controllers/admin-tenants.controller.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/controllers/admin-users.controller.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/decorators/current-admin.decorator.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/dto/admin-permission.dto.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/dto/admin-role.dto.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/dto/admin-tenant.dto.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/dto/admin-user.dto.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/dto/create-dashboard-admin.dto.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/dto/login.dto.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/dto/reset-password.dto.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/dto/setup-admin.dto.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/dto/signup.dto.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/guards/admin-session.guard.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/services/admin-auth.service.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/services/admin-console-config.service.d.ts +0 -0
- /package/{src → dist}/lib/admin-console/services/admin-user.service.d.ts +0 -0
- /package/{src → dist}/lib/audit/services/audit.service.d.ts +0 -0
- /package/{src → dist}/lib/auth/auth.module.d.ts +0 -0
- /package/{src → dist}/lib/auth/controllers/mfa.controller.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/index.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/change-password.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/forgot-password.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/initialize-admin.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/refresh-token.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/reset-password-with-token.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/reset-password.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/send-email-verification.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/send-mfa-code.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/signup.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/toggle-mfa.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/verify-2fa.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/verify-email.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/verify-forgot-password-otp-request-dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/requests/verify-totp-setup.request.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/responses/client-config.response.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/responses/initialize-admin.response.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/responses/mfa-code-response.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/responses/mfa-status.response.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/dto/responses/verify-otp.response.dto.d.ts +0 -0
- /package/{src → dist}/lib/auth/entities/mfa-secret.entity.d.ts +0 -0
- /package/{src → dist}/lib/auth/entities/otp.entity.d.ts +0 -0
- /package/{src → dist}/lib/auth/entities/trusted-device.entity.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/index.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/logged-out-all.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/logged-out.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/password-reset-requested.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/password-reset.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/two-factor-code-sent.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/user-2fa-disabled.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/user-2fa-enabled.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/user-2fa-verified.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/user-logged-in.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/user-password-changed.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/user-refresh-token.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/events/user-registered.event.d.ts +0 -0
- /package/{src → dist}/lib/auth/index.d.ts +0 -0
- /package/{src → dist}/lib/auth/services/client-config.service.d.ts +0 -0
- /package/{src → dist}/lib/auth/services/cookie.service.d.ts +0 -0
- /package/{src → dist}/lib/auth/services/mfa.service.d.ts +0 -0
- /package/{src → dist}/lib/core/decorators/role.decorator.d.ts +0 -0
- /package/{src → dist}/lib/core/decorators/skip-mfa.decorator.d.ts +0 -0
- /package/{src → dist}/lib/core/dto/message.response.dto.d.ts +0 -0
- /package/{src → dist}/lib/core/entities.d.ts +0 -0
- /package/{src → dist}/lib/core/index.d.ts +0 -0
- /package/{src → dist}/lib/core/interfaces/mfa-options.interface.d.ts +0 -0
- /package/{src → dist}/lib/core/interfaces/otp.interface.d.ts +0 -0
- /package/{src → dist}/lib/core/providers/apple-auth.provider.d.ts +0 -0
- /package/{src → dist}/lib/core/providers/facebook-auth.provider.d.ts +0 -0
- /package/{src → dist}/lib/core/providers/github-auth.provider.d.ts +0 -0
- /package/{src → dist}/lib/core/providers/jwt-auth.provider.d.ts +0 -0
- /package/{src → dist}/lib/core/providers/phone-auth.provider.d.ts +0 -0
- /package/{src → dist}/lib/core/services/debug-logger.service.d.ts +0 -0
- /package/{src → dist}/lib/core/services/initialization.service.d.ts +0 -0
- /package/{src → dist}/lib/core/services/jwt.service.d.ts +0 -0
- /package/{src → dist}/lib/nest-auth.module.d.ts +0 -0
- /package/{src → dist}/lib/permission/index.d.ts +0 -0
- /package/{src → dist}/lib/permission/permission.module.d.ts +0 -0
- /package/{src → dist}/lib/request-context/index.d.ts +0 -0
- /package/{src → dist}/lib/request-context/request-context.d.ts +0 -0
- /package/{src → dist}/lib/request-context/request-context.middleware.d.ts +0 -0
- /package/{src → dist}/lib/role/entities/role.entity.d.ts +0 -0
- /package/{src → dist}/lib/role/index.d.ts +0 -0
- /package/{src → dist}/lib/role/role.module.d.ts +0 -0
- /package/{src → dist}/lib/session/entities/session.entity.d.ts +0 -0
- /package/{src → dist}/lib/session/index.d.ts +0 -0
- /package/{src → dist}/lib/tenant/events/tenant-created.event.d.ts +0 -0
- /package/{src → dist}/lib/tenant/events/tenant-deleted.event.d.ts +0 -0
- /package/{src → dist}/lib/tenant/events/tenant-updated.event.d.ts +0 -0
- /package/{src → dist}/lib/tenant/index.d.ts +0 -0
- /package/{src → dist}/lib/tenant/tenant.module.d.ts +0 -0
- /package/{src → dist}/lib/user/dto/requests/update-user.dto.d.ts +0 -0
- /package/{src → dist}/lib/user/entities/access-key.entity.d.ts +0 -0
- /package/{src → dist}/lib/user/entities/identity.entity.d.ts +0 -0
- /package/{src → dist}/lib/user/events/user-created.event.d.ts +0 -0
- /package/{src → dist}/lib/user/events/user-deleted.event.d.ts +0 -0
- /package/{src → dist}/lib/user/events/user-updated.event.d.ts +0 -0
- /package/{src → dist}/lib/user/index.d.ts +0 -0
- /package/{src → dist}/lib/user/services/access-key.service.d.ts +0 -0
- /package/{src → dist}/lib/user/services/user.service.d.ts +0 -0
- /package/{src → dist}/lib/user/user.module.d.ts +0 -0
- /package/{src → dist}/lib/utils/database.utils.d.ts +0 -0
- /package/{src → dist}/lib/utils/index.d.ts +0 -0
- /package/{src → dist}/lib/utils/otp.d.ts +0 -0
|
@@ -1,1020 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.AuthService = void 0;
|
|
4
|
-
const tslib_1 = require("tslib");
|
|
5
|
-
const common_1 = require("@nestjs/common");
|
|
6
|
-
const typeorm_1 = require("@nestjs/typeorm");
|
|
7
|
-
const typeorm_2 = require("typeorm");
|
|
8
|
-
const user_entity_1 = require("../../user/entities/user.entity");
|
|
9
|
-
const otp_entity_1 = require("../../auth/entities/otp.entity");
|
|
10
|
-
const otp_interface_1 = require("../../core/interfaces/otp.interface");
|
|
11
|
-
const auth_constants_1 = require("../../auth.constants");
|
|
12
|
-
const typeorm_3 = require("typeorm");
|
|
13
|
-
const mfa_service_1 = require("./mfa.service");
|
|
14
|
-
const jwt_service_1 = require("../../core/services/jwt.service");
|
|
15
|
-
const event_emitter_1 = require("@nestjs/event-emitter");
|
|
16
|
-
const session_manager_service_1 = require("../../session/services/session-manager.service");
|
|
17
|
-
const request_context_1 = require("../../request-context/request-context");
|
|
18
|
-
const otp_1 = require("../../utils/otp");
|
|
19
|
-
const user_registered_event_1 = require("../events/user-registered.event");
|
|
20
|
-
const user_logged_in_event_1 = require("../events/user-logged-in.event");
|
|
21
|
-
const user_2fa_verified_event_1 = require("../events/user-2fa-verified.event");
|
|
22
|
-
const user_refresh_token_event_1 = require("../events/user-refresh-token.event");
|
|
23
|
-
const logged_out_event_1 = require("../events/logged-out.event");
|
|
24
|
-
const logged_out_all_event_1 = require("../events/logged-out-all.event");
|
|
25
|
-
const password_reset_requested_event_1 = require("../events/password-reset-requested.event");
|
|
26
|
-
const password_reset_event_1 = require("../events/password-reset.event");
|
|
27
|
-
const auth_provider_registry_service_1 = require("../../core/services/auth-provider-registry.service");
|
|
28
|
-
const tenant_service_1 = require("../../tenant/services/tenant.service");
|
|
29
|
-
const debug_logger_service_1 = require("../../core/services/debug-logger.service");
|
|
30
|
-
const moment_1 = tslib_1.__importDefault(require("moment"));
|
|
31
|
-
const auth_config_service_1 = require("../../core/services/auth-config.service");
|
|
32
|
-
const cookie_helper_1 = require("../../utils/cookie.helper");
|
|
33
|
-
const user_password_changed_event_1 = require("../events/user-password-changed.event");
|
|
34
|
-
const user_service_1 = require("../../user/services/user.service");
|
|
35
|
-
const ms_1 = tslib_1.__importDefault(require("ms"));
|
|
36
|
-
let AuthService = class AuthService {
|
|
37
|
-
constructor(userRepository, otpRepository, authProviderRegistry, mfaService, sessionManager, jwtService, eventEmitter, tenantService, debugLogger, authConfigService, userService) {
|
|
38
|
-
this.userRepository = userRepository;
|
|
39
|
-
this.otpRepository = otpRepository;
|
|
40
|
-
this.authProviderRegistry = authProviderRegistry;
|
|
41
|
-
this.mfaService = mfaService;
|
|
42
|
-
this.sessionManager = sessionManager;
|
|
43
|
-
this.jwtService = jwtService;
|
|
44
|
-
this.eventEmitter = eventEmitter;
|
|
45
|
-
this.tenantService = tenantService;
|
|
46
|
-
this.debugLogger = debugLogger;
|
|
47
|
-
this.authConfigService = authConfigService;
|
|
48
|
-
this.userService = userService;
|
|
49
|
-
}
|
|
50
|
-
get mfaConfig() {
|
|
51
|
-
return auth_config_service_1.AuthConfigService.getOptions().mfa || {};
|
|
52
|
-
}
|
|
53
|
-
getUserWithRolesAndPermissions(userId, relations = []) {
|
|
54
|
-
return this.userRepository.findOne({
|
|
55
|
-
where: { id: userId },
|
|
56
|
-
relations: [
|
|
57
|
-
'roles',
|
|
58
|
-
...relations
|
|
59
|
-
],
|
|
60
|
-
});
|
|
61
|
-
}
|
|
62
|
-
async getUser() {
|
|
63
|
-
const user = request_context_1.RequestContext.currentUser();
|
|
64
|
-
if (!user) {
|
|
65
|
-
return null;
|
|
66
|
-
}
|
|
67
|
-
const fullUser = await this.getUserWithRolesAndPermissions(user.id);
|
|
68
|
-
// Apply user.serialize hook if configured
|
|
69
|
-
const config = this.authConfigService.getConfig();
|
|
70
|
-
if (config.user?.serialize) {
|
|
71
|
-
return await config.user.serialize(fullUser);
|
|
72
|
-
}
|
|
73
|
-
return fullUser;
|
|
74
|
-
}
|
|
75
|
-
async signup(input) {
|
|
76
|
-
this.debugLogger.logFunctionEntry('signup', 'AuthService', { email: input.email, phone: input.phone, hasPassword: !!input.password });
|
|
77
|
-
try {
|
|
78
|
-
const config = this.authConfigService.getConfig();
|
|
79
|
-
if (config.registration?.enabled === false) {
|
|
80
|
-
throw new common_1.ForbiddenException({
|
|
81
|
-
message: 'Registration is disabled',
|
|
82
|
-
code: auth_constants_1.ERROR_CODES.REGISTRATION_DISABLED,
|
|
83
|
-
});
|
|
84
|
-
}
|
|
85
|
-
const { email, phone, password } = input;
|
|
86
|
-
let { tenantId = null } = input;
|
|
87
|
-
// Resolve tenant ID - use provided or default
|
|
88
|
-
tenantId = await this.tenantService.resolveTenantId(tenantId);
|
|
89
|
-
this.debugLogger.logAuthOperation('signup', 'email|phone', undefined, { email, phone, resolvedTenantId: tenantId });
|
|
90
|
-
if (!email && !phone) {
|
|
91
|
-
this.debugLogger.error('Signup failed: Neither email nor phone provided', 'AuthService');
|
|
92
|
-
throw new common_1.BadRequestException({
|
|
93
|
-
message: 'Either email or phone must be provided',
|
|
94
|
-
code: auth_constants_1.ERROR_CODES.EMAIL_OR_PHONE_REQUIRED,
|
|
95
|
-
});
|
|
96
|
-
}
|
|
97
|
-
const providersToLink = [];
|
|
98
|
-
if (email && config.emailAuth?.enabled !== false) {
|
|
99
|
-
const provider = this.authProviderRegistry.getProvider(auth_constants_1.EMAIL_AUTH_PROVIDER);
|
|
100
|
-
if (provider) {
|
|
101
|
-
providersToLink.push({ provider, userId: email, type: 'email' });
|
|
102
|
-
}
|
|
103
|
-
}
|
|
104
|
-
if (phone && config.phoneAuth?.enabled === true) {
|
|
105
|
-
const provider = this.authProviderRegistry.getProvider(auth_constants_1.PHONE_AUTH_PROVIDER);
|
|
106
|
-
if (provider) {
|
|
107
|
-
providersToLink.push({ provider, userId: phone, type: 'phone' });
|
|
108
|
-
}
|
|
109
|
-
}
|
|
110
|
-
if (providersToLink.length === 0) {
|
|
111
|
-
this.debugLogger.error('Provider not found for signup', 'AuthService', { email: !!email, phone: !!phone });
|
|
112
|
-
throw new common_1.InternalServerErrorException({
|
|
113
|
-
message: 'Phone or email authentication is not enabled',
|
|
114
|
-
code: auth_constants_1.ERROR_CODES.PROVIDER_NOT_FOUND,
|
|
115
|
-
});
|
|
116
|
-
}
|
|
117
|
-
// Check for existing identities across all providers
|
|
118
|
-
for (const item of providersToLink) {
|
|
119
|
-
this.debugLogger.debug('Checking for existing identity', 'AuthService', { providerUserId: item.userId, type: item.type });
|
|
120
|
-
const identity = await item.provider.findIdentity(item.userId);
|
|
121
|
-
if (identity) {
|
|
122
|
-
this.debugLogger.warn('Identity already exists', 'AuthService', { email: !!email, phone: !!phone, tenantId });
|
|
123
|
-
if (item.type === 'email') {
|
|
124
|
-
throw new common_1.BadRequestException({
|
|
125
|
-
message: 'Email already exists in this tenant',
|
|
126
|
-
code: auth_constants_1.ERROR_CODES.EMAIL_ALREADY_EXISTS,
|
|
127
|
-
});
|
|
128
|
-
}
|
|
129
|
-
if (item.type === 'phone') {
|
|
130
|
-
throw new common_1.BadRequestException({
|
|
131
|
-
message: 'Phone number already exists in this tenant',
|
|
132
|
-
code: auth_constants_1.ERROR_CODES.PHONE_ALREADY_EXISTS,
|
|
133
|
-
});
|
|
134
|
-
}
|
|
135
|
-
}
|
|
136
|
-
}
|
|
137
|
-
this.debugLogger.debug('Creating new user via UserService', 'AuthService', { email: !!email, phone: !!phone, tenantId });
|
|
138
|
-
// Use UserService to create user, which handles hooks and password hashing
|
|
139
|
-
// We pass the plain password, UserService will hash it if provided
|
|
140
|
-
let user = await this.userService.createUser({
|
|
141
|
-
email,
|
|
142
|
-
phone,
|
|
143
|
-
tenantId,
|
|
144
|
-
isVerified: false,
|
|
145
|
-
password
|
|
146
|
-
}, input);
|
|
147
|
-
this.debugLogger.info('User created successfully', 'AuthService', { userId: user.id, tenantId });
|
|
148
|
-
user = await this.getUserWithRolesAndPermissions(user.id);
|
|
149
|
-
// Link user to all enabled providers
|
|
150
|
-
for (const item of providersToLink) {
|
|
151
|
-
this.debugLogger.debug('Linking user to provider', 'AuthService', { userId: user.id, providerName: item.provider.providerName });
|
|
152
|
-
// Note: UserService might have already created the identity, but we ensure it's linked here
|
|
153
|
-
await item.provider.linkToUser(user.id, item.userId);
|
|
154
|
-
}
|
|
155
|
-
this.debugLogger.debug('Creating session for new user', 'AuthService', { userId: user.id });
|
|
156
|
-
const session = await this.sessionManager.createSessionFromUser(user);
|
|
157
|
-
const tokens = await this.generateTokensFromSession(session);
|
|
158
|
-
const isRequiresMfa = await this.mfaService.isRequiresMfa(user.id);
|
|
159
|
-
this.debugLogger.debug('Signup tokens generated', 'AuthService', { userId: user.id, isRequiresMfa });
|
|
160
|
-
// Emit registration event
|
|
161
|
-
this.debugLogger.debug('Emitting user registration event', 'AuthService', { userId: user.id });
|
|
162
|
-
const provider = providersToLink[0]?.provider;
|
|
163
|
-
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.REGISTERED, new user_registered_event_1.UserRegisteredEvent({
|
|
164
|
-
user,
|
|
165
|
-
tenantId: user.tenantId,
|
|
166
|
-
input,
|
|
167
|
-
provider,
|
|
168
|
-
session,
|
|
169
|
-
tokens,
|
|
170
|
-
isRequiresMfa
|
|
171
|
-
}));
|
|
172
|
-
this.debugLogger.logFunctionExit('signup', 'AuthService', { userId: user.id, isRequiresMfa });
|
|
173
|
-
// Build default response
|
|
174
|
-
let response = {
|
|
175
|
-
accessToken: tokens.accessToken,
|
|
176
|
-
refreshToken: tokens.refreshToken,
|
|
177
|
-
isRequiresMfa: isRequiresMfa,
|
|
178
|
-
};
|
|
179
|
-
// Apply auth.transformResponse hook if configured
|
|
180
|
-
if (config.auth?.transformResponse) {
|
|
181
|
-
response = await config.auth.transformResponse(response, user, session);
|
|
182
|
-
}
|
|
183
|
-
return response;
|
|
184
|
-
}
|
|
185
|
-
catch (error) {
|
|
186
|
-
this.debugLogger.logError(error, 'signup', { email: input.email, phone: input.phone });
|
|
187
|
-
this.handleError(error, 'signup');
|
|
188
|
-
throw error;
|
|
189
|
-
}
|
|
190
|
-
}
|
|
191
|
-
async login(input) {
|
|
192
|
-
const { credentials, providerName, createUserIfNotExists = false } = input;
|
|
193
|
-
this.debugLogger.logFunctionEntry('login', 'AuthService', { providerName, createUserIfNotExists });
|
|
194
|
-
let { tenantId = null } = input;
|
|
195
|
-
try {
|
|
196
|
-
// Resolve tenant ID - use provided or default
|
|
197
|
-
tenantId = await this.tenantService.resolveTenantId(tenantId);
|
|
198
|
-
this.debugLogger.logAuthOperation('login', providerName, undefined, { resolvedTenantId: tenantId, createUserIfNotExists });
|
|
199
|
-
const provider = this.authProviderRegistry.getProvider(providerName);
|
|
200
|
-
if (!provider) {
|
|
201
|
-
throw new common_1.UnauthorizedException({
|
|
202
|
-
message: 'Invalid authentication providerName or provider is not enabled',
|
|
203
|
-
code: auth_constants_1.ERROR_CODES.INVALID_PROVIDER,
|
|
204
|
-
});
|
|
205
|
-
}
|
|
206
|
-
const requiredFields = provider.getRequiredFields();
|
|
207
|
-
if (!requiredFields.every(field => credentials[field])) {
|
|
208
|
-
throw new common_1.BadRequestException({
|
|
209
|
-
message: `Missing ${requiredFields.join(', ')} required fields`,
|
|
210
|
-
code: auth_constants_1.ERROR_CODES.MISSING_REQUIRED_FIELDS,
|
|
211
|
-
});
|
|
212
|
-
}
|
|
213
|
-
const authProviderUser = await provider.validate(credentials);
|
|
214
|
-
const identity = await provider.findIdentity(authProviderUser.userId);
|
|
215
|
-
let user = identity?.user || null;
|
|
216
|
-
if (!user) {
|
|
217
|
-
if (!createUserIfNotExists) {
|
|
218
|
-
throw new common_1.UnauthorizedException({
|
|
219
|
-
message: 'Invalid credentials',
|
|
220
|
-
code: auth_constants_1.ERROR_CODES.INVALID_CREDENTIALS,
|
|
221
|
-
});
|
|
222
|
-
}
|
|
223
|
-
// Create new user if not exists and link to provider
|
|
224
|
-
user = await this.handleSocialLogin(provider, authProviderUser, tenantId);
|
|
225
|
-
}
|
|
226
|
-
if (user.isActive === false) {
|
|
227
|
-
throw new common_1.UnauthorizedException({
|
|
228
|
-
message: 'Your account is suspended, please contact support',
|
|
229
|
-
code: auth_constants_1.ERROR_CODES.ACCOUNT_INACTIVE,
|
|
230
|
-
});
|
|
231
|
-
}
|
|
232
|
-
user = await this.getUserWithRolesAndPermissions(user.id);
|
|
233
|
-
let isRequiresMfa = false;
|
|
234
|
-
// Skip MFA for social login providers as they are considered trusted/direct login
|
|
235
|
-
if (!provider.skipMfa) {
|
|
236
|
-
isRequiresMfa = await this.mfaService.isRequiresMfa(user.id);
|
|
237
|
-
}
|
|
238
|
-
user.isMfaEnabled = isRequiresMfa;
|
|
239
|
-
let session = await this.sessionManager.createSessionFromUser(user);
|
|
240
|
-
// Check for trusted device cookie or header if MFA is required
|
|
241
|
-
if (isRequiresMfa) {
|
|
242
|
-
const trustCookieName = auth_config_service_1.AuthConfigService.getOptions().mfa?.trustDeviceStorageName || auth_constants_1.NEST_AUTH_TRUST_DEVICE_KEY;
|
|
243
|
-
const req = request_context_1.RequestContext.currentRequest();
|
|
244
|
-
let trustToken = cookie_helper_1.CookieHelper.get(req, trustCookieName);
|
|
245
|
-
// If not in cookie, check header
|
|
246
|
-
if (!trustToken) {
|
|
247
|
-
trustToken = req.headers[trustCookieName];
|
|
248
|
-
}
|
|
249
|
-
let isTrusted = false;
|
|
250
|
-
if (trustToken) {
|
|
251
|
-
isTrusted = await this.mfaService.validateTrustedDevice(user.id, trustToken);
|
|
252
|
-
if (isTrusted) {
|
|
253
|
-
isRequiresMfa = false;
|
|
254
|
-
// Update session to indicate MFA is verified by trust
|
|
255
|
-
session = await this.sessionManager.updateSession(session.id, {
|
|
256
|
-
data: { ...session.data, isMfaVerified: true }
|
|
257
|
-
});
|
|
258
|
-
}
|
|
259
|
-
}
|
|
260
|
-
// Set Mfa enbale if requred for user, set in properly in session
|
|
261
|
-
session = await this.sessionManager.updateSession(session.id, {
|
|
262
|
-
data: { ...session.data, isMfaEnabled: true, isMfaVerified: isTrusted }
|
|
263
|
-
});
|
|
264
|
-
}
|
|
265
|
-
const tokens = await this.generateTokensFromSession(session);
|
|
266
|
-
// Emit login event
|
|
267
|
-
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.LOGGED_IN, new user_logged_in_event_1.UserLoggedInEvent({
|
|
268
|
-
user,
|
|
269
|
-
tenantId: user.tenantId,
|
|
270
|
-
input,
|
|
271
|
-
provider,
|
|
272
|
-
session,
|
|
273
|
-
tokens,
|
|
274
|
-
isRequiresMfa
|
|
275
|
-
}));
|
|
276
|
-
// Build default response
|
|
277
|
-
let response = {
|
|
278
|
-
accessToken: tokens.accessToken,
|
|
279
|
-
refreshToken: tokens.refreshToken,
|
|
280
|
-
isRequiresMfa: isRequiresMfa,
|
|
281
|
-
};
|
|
282
|
-
// Apply auth.transformResponse hook if configured
|
|
283
|
-
const config = this.authConfigService.getConfig();
|
|
284
|
-
if (config.auth?.transformResponse) {
|
|
285
|
-
response = await config.auth.transformResponse(response, user, session);
|
|
286
|
-
}
|
|
287
|
-
return response;
|
|
288
|
-
}
|
|
289
|
-
catch (error) {
|
|
290
|
-
this.debugLogger.logError(error, 'login', { providerName, createUserIfNotExists });
|
|
291
|
-
this.handleError(error, 'login');
|
|
292
|
-
throw error;
|
|
293
|
-
}
|
|
294
|
-
}
|
|
295
|
-
async verify2fa(input) {
|
|
296
|
-
this.debugLogger.logFunctionEntry('verify2fa', 'AuthService', { method: input.method });
|
|
297
|
-
try {
|
|
298
|
-
const session = request_context_1.RequestContext.currentSession();
|
|
299
|
-
if (!session) {
|
|
300
|
-
this.debugLogger.error('Session not found for 2FA verification', 'AuthService');
|
|
301
|
-
throw new common_1.UnauthorizedException({
|
|
302
|
-
message: 'Session not found',
|
|
303
|
-
code: auth_constants_1.ERROR_CODES.SESSION_NOT_FOUND,
|
|
304
|
-
});
|
|
305
|
-
}
|
|
306
|
-
this.debugLogger.debug('Verifying MFA code', 'AuthService', { userId: session.userId, method: input.method });
|
|
307
|
-
const isValid = await this.mfaService.verifyMfa(session.userId, input.otp, input.method);
|
|
308
|
-
if (!isValid) {
|
|
309
|
-
this.debugLogger.warn('Invalid MFA code provided', 'AuthService', { userId: session.userId, method: input.method });
|
|
310
|
-
throw new common_1.UnauthorizedException({
|
|
311
|
-
message: 'Invalid MFA code',
|
|
312
|
-
code: auth_constants_1.ERROR_CODES.MFA_CODE_INVALID,
|
|
313
|
-
});
|
|
314
|
-
}
|
|
315
|
-
this.debugLogger.debug('Updating session with MFA verification', 'AuthService', { sessionId: session.id });
|
|
316
|
-
const payload = await this.sessionManager.updateSession(session.id, {
|
|
317
|
-
data: {
|
|
318
|
-
...session.data,
|
|
319
|
-
isMfaVerified: true,
|
|
320
|
-
}
|
|
321
|
-
});
|
|
322
|
-
const tokens = await this.generateTokensFromSession(payload);
|
|
323
|
-
let trustToken;
|
|
324
|
-
if (input.rememberDevice) {
|
|
325
|
-
const req = request_context_1.RequestContext.currentRequest();
|
|
326
|
-
const userAgent = req.headers['user-agent'] || '';
|
|
327
|
-
const ip = req.ip || req.socket.remoteAddress || '';
|
|
328
|
-
trustToken = await this.mfaService.createTrustedDevice(session.userId, userAgent, ip);
|
|
329
|
-
}
|
|
330
|
-
const user = await this.getUser();
|
|
331
|
-
// Emit 2FA verified event
|
|
332
|
-
this.debugLogger.debug('Emitting 2FA verified event', 'AuthService', { userId: user.id });
|
|
333
|
-
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.TWO_FACTOR_VERIFIED, new user_2fa_verified_event_1.User2faVerifiedEvent({
|
|
334
|
-
user: user,
|
|
335
|
-
tenantId: user.tenantId,
|
|
336
|
-
input,
|
|
337
|
-
session,
|
|
338
|
-
tokens
|
|
339
|
-
}));
|
|
340
|
-
this.debugLogger.logFunctionExit('verify2fa', 'AuthService', { userId: user.id });
|
|
341
|
-
return {
|
|
342
|
-
accessToken: tokens.accessToken,
|
|
343
|
-
refreshToken: tokens.refreshToken,
|
|
344
|
-
trustToken,
|
|
345
|
-
};
|
|
346
|
-
}
|
|
347
|
-
catch (error) {
|
|
348
|
-
this.debugLogger.logError(error, 'verify2fa', { method: input.method });
|
|
349
|
-
this.handleError(error, 'mfa');
|
|
350
|
-
throw error;
|
|
351
|
-
}
|
|
352
|
-
}
|
|
353
|
-
async send2faCode(userId, method) {
|
|
354
|
-
const user = await this.userRepository.findOne({ where: { id: userId } });
|
|
355
|
-
if (!user) {
|
|
356
|
-
throw new common_1.UnauthorizedException({
|
|
357
|
-
message: 'User not found',
|
|
358
|
-
code: auth_constants_1.ERROR_CODES.USER_NOT_FOUND,
|
|
359
|
-
});
|
|
360
|
-
}
|
|
361
|
-
await this.mfaService.sendMfaCode(user.id, method);
|
|
362
|
-
return true;
|
|
363
|
-
}
|
|
364
|
-
async handleSocialLogin(provider, providerUser, tenantId) {
|
|
365
|
-
// Check if identity exists
|
|
366
|
-
let identity = await provider.findIdentity(providerUser.userId);
|
|
367
|
-
if (identity) {
|
|
368
|
-
return identity.user;
|
|
369
|
-
}
|
|
370
|
-
const linkUserWith = provider.linkUserWith();
|
|
371
|
-
const linkUserValue = providerUser?.[linkUserWith] || providerUser.userId;
|
|
372
|
-
let user = await this.userRepository.findOne({ where: { [linkUserWith]: linkUserValue } });
|
|
373
|
-
if (!user) {
|
|
374
|
-
// Create new user via UserService to ensure hooks and events are triggered
|
|
375
|
-
try {
|
|
376
|
-
user = await this.userService.createUser({
|
|
377
|
-
[linkUserWith]: linkUserValue,
|
|
378
|
-
isVerified: true,
|
|
379
|
-
metadata: providerUser.metadata || {},
|
|
380
|
-
tenantId: tenantId,
|
|
381
|
-
}, {
|
|
382
|
-
[linkUserWith]: linkUserValue,
|
|
383
|
-
...providerUser,
|
|
384
|
-
firstName: providerUser.metadata?.name?.split(' ')[0],
|
|
385
|
-
lastName: providerUser.metadata?.name?.split(' ').slice(1).join(' '),
|
|
386
|
-
provider: provider.providerName,
|
|
387
|
-
description: 'Social login auto-creation'
|
|
388
|
-
});
|
|
389
|
-
}
|
|
390
|
-
catch (error) {
|
|
391
|
-
// Handle race condition: user might have been created by another process
|
|
392
|
-
if (error instanceof common_1.ConflictException || error.status === 409) {
|
|
393
|
-
user = await this.userRepository.findOne({ where: { [linkUserWith]: linkUserValue } });
|
|
394
|
-
if (!user) {
|
|
395
|
-
// If still not found, rethrow
|
|
396
|
-
throw error;
|
|
397
|
-
}
|
|
398
|
-
}
|
|
399
|
-
else {
|
|
400
|
-
throw error;
|
|
401
|
-
}
|
|
402
|
-
}
|
|
403
|
-
}
|
|
404
|
-
await provider.linkToUser(user.id, providerUser.userId, providerUser.metadata || {});
|
|
405
|
-
return user;
|
|
406
|
-
}
|
|
407
|
-
async refreshToken(refreshToken) {
|
|
408
|
-
this.debugLogger.logFunctionEntry('refreshToken', 'AuthService', { hasRefreshToken: !!refreshToken });
|
|
409
|
-
try {
|
|
410
|
-
if (!refreshToken) {
|
|
411
|
-
this.debugLogger.error('No refresh token provided', 'AuthService');
|
|
412
|
-
throw new common_1.UnauthorizedException({
|
|
413
|
-
message: 'No refresh token provided',
|
|
414
|
-
code: auth_constants_1.ERROR_CODES.REFRESH_TOKEN_INVALID,
|
|
415
|
-
});
|
|
416
|
-
}
|
|
417
|
-
this.debugLogger.debug('Verifying refresh token', 'AuthService');
|
|
418
|
-
let payload;
|
|
419
|
-
try {
|
|
420
|
-
payload = await this.jwtService.verifyToken(refreshToken);
|
|
421
|
-
}
|
|
422
|
-
catch (error) {
|
|
423
|
-
this.debugLogger.warn('Invalid or expired refresh token', 'AuthService');
|
|
424
|
-
throw new common_1.UnauthorizedException({
|
|
425
|
-
message: 'Invalid or expired refresh token',
|
|
426
|
-
code: auth_constants_1.ERROR_CODES.REFRESH_TOKEN_EXPIRED,
|
|
427
|
-
});
|
|
428
|
-
}
|
|
429
|
-
const session = await this.sessionManager.getSession(payload.sessionId);
|
|
430
|
-
if (!session) {
|
|
431
|
-
throw new common_1.UnauthorizedException({
|
|
432
|
-
message: 'Invalid refresh token',
|
|
433
|
-
code: auth_constants_1.ERROR_CODES.REFRESH_TOKEN_INVALID,
|
|
434
|
-
});
|
|
435
|
-
}
|
|
436
|
-
// Refresh existing session
|
|
437
|
-
const newSession = await this.sessionManager.refreshSession(session);
|
|
438
|
-
// Generate new tokens
|
|
439
|
-
this.debugLogger.debug('Generating new tokens from refreshed session', 'AuthService', { sessionId: newSession.id });
|
|
440
|
-
const tokens = await this.generateTokensFromSession(newSession);
|
|
441
|
-
// Emit refresh token event
|
|
442
|
-
this.debugLogger.debug('Emitting refresh token event', 'AuthService', { sessionId: newSession.id });
|
|
443
|
-
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.REFRESH_TOKEN, new user_refresh_token_event_1.UserRefreshTokenEvent({
|
|
444
|
-
oldRefreshToken: refreshToken,
|
|
445
|
-
session: newSession,
|
|
446
|
-
tokens,
|
|
447
|
-
}));
|
|
448
|
-
this.debugLogger.logFunctionExit('refreshToken', 'AuthService', { sessionId: newSession.id });
|
|
449
|
-
return tokens;
|
|
450
|
-
}
|
|
451
|
-
catch (error) {
|
|
452
|
-
this.debugLogger.logError(error, 'refreshToken', { hasRefreshToken: !!refreshToken });
|
|
453
|
-
this.handleError(error, 'refresh');
|
|
454
|
-
throw error;
|
|
455
|
-
}
|
|
456
|
-
}
|
|
457
|
-
async changePassword(input) {
|
|
458
|
-
this.debugLogger.logFunctionEntry('changePassword', 'AuthService');
|
|
459
|
-
try {
|
|
460
|
-
const currentUser = request_context_1.RequestContext.currentUser();
|
|
461
|
-
if (!currentUser?.id) {
|
|
462
|
-
throw new common_1.UnauthorizedException({
|
|
463
|
-
message: 'User not found',
|
|
464
|
-
code: auth_constants_1.ERROR_CODES.USER_NOT_FOUND,
|
|
465
|
-
});
|
|
466
|
-
}
|
|
467
|
-
const user = await this.userRepository.findOne({
|
|
468
|
-
where: { id: currentUser.id },
|
|
469
|
-
});
|
|
470
|
-
if (!user) {
|
|
471
|
-
throw new common_1.UnauthorizedException({
|
|
472
|
-
message: 'User not found',
|
|
473
|
-
code: auth_constants_1.ERROR_CODES.USER_NOT_FOUND,
|
|
474
|
-
});
|
|
475
|
-
}
|
|
476
|
-
const isValid = await user.validatePassword(input.currentPassword);
|
|
477
|
-
if (!isValid) {
|
|
478
|
-
throw new common_1.BadRequestException({
|
|
479
|
-
message: 'Current password is incorrect',
|
|
480
|
-
code: auth_constants_1.ERROR_CODES.CURRENT_PASSWORD_INCORRECT,
|
|
481
|
-
});
|
|
482
|
-
}
|
|
483
|
-
if (input.currentPassword === input.newPassword) {
|
|
484
|
-
throw new common_1.BadRequestException({
|
|
485
|
-
message: 'New password must be different from the current password',
|
|
486
|
-
code: auth_constants_1.ERROR_CODES.NEW_PASSWORD_SAME_AS_CURRENT,
|
|
487
|
-
});
|
|
488
|
-
}
|
|
489
|
-
await user.setPassword(input.newPassword);
|
|
490
|
-
await this.userRepository.save(user);
|
|
491
|
-
await this.sessionManager.revokeAllUserSessions(user.id);
|
|
492
|
-
const hydratedUser = await this.getUserWithRolesAndPermissions(user.id);
|
|
493
|
-
const session = await this.sessionManager.createSessionFromUser(hydratedUser);
|
|
494
|
-
const tokens = await this.generateTokensFromSession(session);
|
|
495
|
-
const isRequiresMfa = await this.mfaService.isRequiresMfa(user.id);
|
|
496
|
-
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.PASSWORD_CHANGED, new user_password_changed_event_1.UserPasswordChangedEvent({
|
|
497
|
-
user,
|
|
498
|
-
initiatedBy: 'user'
|
|
499
|
-
}));
|
|
500
|
-
this.debugLogger.logFunctionExit('changePassword', 'AuthService', { userId: user.id });
|
|
501
|
-
return {
|
|
502
|
-
accessToken: tokens.accessToken,
|
|
503
|
-
refreshToken: tokens.refreshToken,
|
|
504
|
-
isRequiresMfa,
|
|
505
|
-
};
|
|
506
|
-
}
|
|
507
|
-
catch (error) {
|
|
508
|
-
this.debugLogger.logError(error, 'changePassword');
|
|
509
|
-
this.handleError(error, 'password_change');
|
|
510
|
-
throw error;
|
|
511
|
-
}
|
|
512
|
-
}
|
|
513
|
-
async forgotPassword(input) {
|
|
514
|
-
this.debugLogger.logFunctionEntry('forgotPassword', 'AuthService', { email: input.email, phone: input.phone });
|
|
515
|
-
try {
|
|
516
|
-
const { email, phone } = input;
|
|
517
|
-
let { tenantId = null } = input;
|
|
518
|
-
// Resolve tenant ID - use provided or default
|
|
519
|
-
tenantId = await this.tenantService.resolveTenantId(tenantId);
|
|
520
|
-
let provider = null;
|
|
521
|
-
if (phone) {
|
|
522
|
-
provider = this.authProviderRegistry.getProvider(auth_constants_1.PHONE_AUTH_PROVIDER);
|
|
523
|
-
}
|
|
524
|
-
else if (email) {
|
|
525
|
-
provider = this.authProviderRegistry.getProvider(auth_constants_1.EMAIL_AUTH_PROVIDER);
|
|
526
|
-
}
|
|
527
|
-
else {
|
|
528
|
-
throw new common_1.BadRequestException({
|
|
529
|
-
message: 'Either email or phone must be provided',
|
|
530
|
-
code: auth_constants_1.ERROR_CODES.EMAIL_OR_PHONE_REQUIRED,
|
|
531
|
-
});
|
|
532
|
-
}
|
|
533
|
-
if (!provider) {
|
|
534
|
-
throw new common_1.BadRequestException({
|
|
535
|
-
message: 'Phone or email authentication is not enabled',
|
|
536
|
-
code: auth_constants_1.ERROR_CODES.PROVIDER_NOT_FOUND,
|
|
537
|
-
});
|
|
538
|
-
}
|
|
539
|
-
if (!provider.enabled) {
|
|
540
|
-
if (email) {
|
|
541
|
-
throw new common_1.BadRequestException({
|
|
542
|
-
message: 'Email authentication is not enabled',
|
|
543
|
-
code: auth_constants_1.ERROR_CODES.PROVIDER_NOT_FOUND,
|
|
544
|
-
});
|
|
545
|
-
}
|
|
546
|
-
else if (phone) {
|
|
547
|
-
throw new common_1.BadRequestException({
|
|
548
|
-
message: 'Phone authentication is not enabled',
|
|
549
|
-
code: auth_constants_1.ERROR_CODES.PROVIDER_NOT_FOUND,
|
|
550
|
-
});
|
|
551
|
-
}
|
|
552
|
-
}
|
|
553
|
-
const identity = await provider.findIdentity(email || phone);
|
|
554
|
-
if (!identity) {
|
|
555
|
-
// Return success even if user not found to prevent email/phone enumeration
|
|
556
|
-
return { message: 'If the account exists, a password reset code has been sent' };
|
|
557
|
-
}
|
|
558
|
-
const options = auth_config_service_1.AuthConfigService.getOptions();
|
|
559
|
-
let code;
|
|
560
|
-
// Apply otp.generate hook if configured
|
|
561
|
-
if (options.otp?.generate) {
|
|
562
|
-
code = await options.otp.generate(this.mfaConfig.otpLength);
|
|
563
|
-
}
|
|
564
|
-
else {
|
|
565
|
-
code = (0, otp_1.generateOtp)(this.mfaConfig.otpLength);
|
|
566
|
-
}
|
|
567
|
-
let expiresAtMs;
|
|
568
|
-
if (typeof this.mfaConfig.otpExpiresIn === 'string') {
|
|
569
|
-
expiresAtMs = (0, ms_1.default)(this.mfaConfig.otpExpiresIn); // example: '15m', '1h', '1d'
|
|
570
|
-
}
|
|
571
|
-
else {
|
|
572
|
-
expiresAtMs = this.mfaConfig.otpExpiresIn || 900000; // Default to 15m if undefined
|
|
573
|
-
}
|
|
574
|
-
if (!expiresAtMs || isNaN(expiresAtMs) || expiresAtMs <= 0) {
|
|
575
|
-
throw new Error(`Invalid MFA configuration: otpExpiresIn '${this.mfaConfig.otpExpiresIn}' results in invalid duration`);
|
|
576
|
-
}
|
|
577
|
-
// Invalidate previous MFA OTPs for this user
|
|
578
|
-
await this.otpRepository.delete({
|
|
579
|
-
userId: identity.user?.id,
|
|
580
|
-
type: otp_interface_1.OTPTypeEnum.PASSWORD_RESET
|
|
581
|
-
});
|
|
582
|
-
// // Generate OTP
|
|
583
|
-
// const otp = generateOtp();
|
|
584
|
-
// const expiresAt = new Date();
|
|
585
|
-
// expiresAt.setMinutes(expiresAt.getMinutes() + this.mfaConfig.otpExpiresIn); // OTP expires in 15 minutes
|
|
586
|
-
// Save OTP to database
|
|
587
|
-
const otpEntity = await this.otpRepository.create({
|
|
588
|
-
userId: identity.user?.id,
|
|
589
|
-
type: otp_interface_1.OTPTypeEnum.PASSWORD_RESET,
|
|
590
|
-
expiresAt: new Date(Date.now() + expiresAtMs),
|
|
591
|
-
code,
|
|
592
|
-
});
|
|
593
|
-
await this.otpRepository.save(otpEntity);
|
|
594
|
-
// Emit refresh token event, Send OTP via email or SMS should be handled by the event listener
|
|
595
|
-
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.PASSWORD_RESET_REQUESTED, new password_reset_requested_event_1.PasswordResetRequestedEvent({
|
|
596
|
-
user: identity.user,
|
|
597
|
-
tenantId: identity.user?.tenantId,
|
|
598
|
-
input,
|
|
599
|
-
otp: otpEntity,
|
|
600
|
-
provider,
|
|
601
|
-
}));
|
|
602
|
-
this.debugLogger.logFunctionExit('forgotPassword', 'AuthService', { email: !!email, phone: !!phone });
|
|
603
|
-
return true;
|
|
604
|
-
}
|
|
605
|
-
catch (error) {
|
|
606
|
-
this.debugLogger.logError(error, 'forgotPassword', { email: input.email, phone: input.phone });
|
|
607
|
-
this.handleError(error, 'password_reset');
|
|
608
|
-
throw error;
|
|
609
|
-
}
|
|
610
|
-
}
|
|
611
|
-
async verifyForgotPasswordOtp(input) {
|
|
612
|
-
this.debugLogger.logFunctionEntry('verifyForgotPasswordOtp', 'AuthService', { email: input.email, phone: input.phone });
|
|
613
|
-
try {
|
|
614
|
-
const { email, phone, otp } = input;
|
|
615
|
-
let { tenantId = null } = input;
|
|
616
|
-
// Resolve tenant ID - use provided or default
|
|
617
|
-
tenantId = await this.tenantService.resolveTenantId(tenantId);
|
|
618
|
-
if (!email && !phone) {
|
|
619
|
-
throw new common_1.BadRequestException({
|
|
620
|
-
message: 'Either email or phone must be provided',
|
|
621
|
-
code: auth_constants_1.ERROR_CODES.EMAIL_OR_PHONE_REQUIRED,
|
|
622
|
-
});
|
|
623
|
-
}
|
|
624
|
-
let provider = null;
|
|
625
|
-
if (phone) {
|
|
626
|
-
provider = this.authProviderRegistry.getProvider(auth_constants_1.PHONE_AUTH_PROVIDER);
|
|
627
|
-
}
|
|
628
|
-
else if (email) {
|
|
629
|
-
provider = this.authProviderRegistry.getProvider(auth_constants_1.EMAIL_AUTH_PROVIDER);
|
|
630
|
-
}
|
|
631
|
-
if (!provider) {
|
|
632
|
-
throw new common_1.BadRequestException({
|
|
633
|
-
message: 'Phone or email authentication is not enabled',
|
|
634
|
-
code: auth_constants_1.ERROR_CODES.PROVIDER_NOT_FOUND,
|
|
635
|
-
});
|
|
636
|
-
}
|
|
637
|
-
const identity = await provider.findIdentity(email || phone);
|
|
638
|
-
if (!identity) {
|
|
639
|
-
throw new common_1.BadRequestException({
|
|
640
|
-
message: 'Invalid reset request',
|
|
641
|
-
code: auth_constants_1.ERROR_CODES.PASSWORD_RESET_INVALID_REQUEST,
|
|
642
|
-
});
|
|
643
|
-
}
|
|
644
|
-
const validOtp = await this.otpRepository.findOne({
|
|
645
|
-
where: {
|
|
646
|
-
userId: identity.user?.id,
|
|
647
|
-
code: otp,
|
|
648
|
-
type: otp_interface_1.OTPTypeEnum.PASSWORD_RESET,
|
|
649
|
-
used: false
|
|
650
|
-
},
|
|
651
|
-
relations: ['user']
|
|
652
|
-
});
|
|
653
|
-
if (!validOtp) {
|
|
654
|
-
throw new common_1.BadRequestException({
|
|
655
|
-
message: 'Invalid OTP code',
|
|
656
|
-
code: auth_constants_1.ERROR_CODES.OTP_INVALID,
|
|
657
|
-
});
|
|
658
|
-
}
|
|
659
|
-
if ((0, moment_1.default)(validOtp.expiresAt).isBefore(new Date())) {
|
|
660
|
-
throw new common_1.BadRequestException({
|
|
661
|
-
message: 'OTP code expired',
|
|
662
|
-
code: auth_constants_1.ERROR_CODES.OTP_EXPIRED,
|
|
663
|
-
});
|
|
664
|
-
}
|
|
665
|
-
const user = validOtp.user;
|
|
666
|
-
// Generate JWT-based password reset token
|
|
667
|
-
// Include password hash prefix to invalidate token if password changes
|
|
668
|
-
const passwordHashPrefix = user.passwordHash ? user.passwordHash.substring(0, 10) : '';
|
|
669
|
-
const resetToken = await this.jwtService.generatePasswordResetToken({
|
|
670
|
-
userId: user.id,
|
|
671
|
-
passwordHashPrefix,
|
|
672
|
-
type: 'password-reset'
|
|
673
|
-
});
|
|
674
|
-
// Delete the OTP since it's been verified
|
|
675
|
-
await this.otpRepository.remove(validOtp);
|
|
676
|
-
this.debugLogger.logFunctionExit('verifyForgotPasswordOtp', 'AuthService', { email: input.email, phone: input.phone });
|
|
677
|
-
return {
|
|
678
|
-
message: 'OTP verified successfully',
|
|
679
|
-
resetToken
|
|
680
|
-
};
|
|
681
|
-
}
|
|
682
|
-
catch (error) {
|
|
683
|
-
this.debugLogger.logError(error, 'verifyForgotPasswordOtp', { email: input.email, phone: input.phone });
|
|
684
|
-
this.handleError(error, 'password_reset');
|
|
685
|
-
throw error;
|
|
686
|
-
}
|
|
687
|
-
}
|
|
688
|
-
async resetPassword(input) {
|
|
689
|
-
this.debugLogger.logFunctionEntry('resetPassword', 'AuthService', { email: input.email, phone: input.phone });
|
|
690
|
-
try {
|
|
691
|
-
const { email, phone, otp, newPassword } = input;
|
|
692
|
-
let { tenantId = null } = input;
|
|
693
|
-
// Resolve tenant ID - use provided or default
|
|
694
|
-
tenantId = await this.tenantService.resolveTenantId(tenantId);
|
|
695
|
-
if (!email && !phone) {
|
|
696
|
-
throw new common_1.BadRequestException({
|
|
697
|
-
message: 'Either email or phone must be provided',
|
|
698
|
-
code: auth_constants_1.ERROR_CODES.EMAIL_OR_PHONE_REQUIRED,
|
|
699
|
-
});
|
|
700
|
-
}
|
|
701
|
-
// Find user by email or phone
|
|
702
|
-
const user = await this.userRepository.findOne({
|
|
703
|
-
where: [
|
|
704
|
-
...(email ? [{ email, tenantId }] : []),
|
|
705
|
-
...(phone ? [{ phone, tenantId }] : [])
|
|
706
|
-
]
|
|
707
|
-
});
|
|
708
|
-
if (!user) {
|
|
709
|
-
throw new common_1.BadRequestException({
|
|
710
|
-
message: 'Invalid reset request',
|
|
711
|
-
code: auth_constants_1.ERROR_CODES.PASSWORD_RESET_INVALID_REQUEST,
|
|
712
|
-
});
|
|
713
|
-
}
|
|
714
|
-
// Find valid OTP
|
|
715
|
-
const validOtp = await this.otpRepository.findOne({
|
|
716
|
-
where: {
|
|
717
|
-
userId: user.id,
|
|
718
|
-
code: otp,
|
|
719
|
-
type: otp_interface_1.OTPTypeEnum.PASSWORD_RESET,
|
|
720
|
-
expiresAt: (0, typeorm_3.MoreThan)(new Date()),
|
|
721
|
-
used: false
|
|
722
|
-
}
|
|
723
|
-
});
|
|
724
|
-
if (!validOtp) {
|
|
725
|
-
throw new common_1.BadRequestException({
|
|
726
|
-
message: 'Invalid or expired OTP',
|
|
727
|
-
code: auth_constants_1.ERROR_CODES.OTP_INVALID,
|
|
728
|
-
});
|
|
729
|
-
}
|
|
730
|
-
// Update password
|
|
731
|
-
await user.setPassword(newPassword);
|
|
732
|
-
await this.userRepository.save(user);
|
|
733
|
-
// Mark OTP as used
|
|
734
|
-
validOtp.used = true;
|
|
735
|
-
await this.otpRepository.save(validOtp);
|
|
736
|
-
// Emit refresh token event, If we want to send email or SMS should be handled by the event listener
|
|
737
|
-
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.PASSWORD_RESET, new password_reset_event_1.PasswordResetEvent({
|
|
738
|
-
user,
|
|
739
|
-
tenantId: user.tenantId,
|
|
740
|
-
input,
|
|
741
|
-
}));
|
|
742
|
-
this.debugLogger.logFunctionExit('resetPassword', 'AuthService', { email: !!email, phone: !!phone });
|
|
743
|
-
return true;
|
|
744
|
-
}
|
|
745
|
-
catch (error) {
|
|
746
|
-
this.debugLogger.logError(error, 'resetPassword', { email: input.email, phone: input.phone });
|
|
747
|
-
this.handleError(error, 'password_reset');
|
|
748
|
-
throw error;
|
|
749
|
-
}
|
|
750
|
-
}
|
|
751
|
-
async resetPasswordWithToken(input) {
|
|
752
|
-
this.debugLogger.logFunctionEntry('resetPasswordWithToken', 'AuthService', { token: '***' });
|
|
753
|
-
try {
|
|
754
|
-
const { token, newPassword } = input;
|
|
755
|
-
// Verify JWT token
|
|
756
|
-
let decoded;
|
|
757
|
-
try {
|
|
758
|
-
decoded = await this.jwtService.verifyPasswordResetToken(token);
|
|
759
|
-
}
|
|
760
|
-
catch (error) {
|
|
761
|
-
throw new common_1.BadRequestException({
|
|
762
|
-
message: 'Invalid or expired reset token',
|
|
763
|
-
code: auth_constants_1.ERROR_CODES.PASSWORD_RESET_TOKEN_INVALID,
|
|
764
|
-
});
|
|
765
|
-
}
|
|
766
|
-
if (decoded.type !== 'password-reset') {
|
|
767
|
-
throw new common_1.BadRequestException({
|
|
768
|
-
message: 'Invalid token type',
|
|
769
|
-
code: auth_constants_1.ERROR_CODES.PASSWORD_RESET_TOKEN_INVALID,
|
|
770
|
-
});
|
|
771
|
-
}
|
|
772
|
-
// Get user
|
|
773
|
-
const user = await this.userRepository.findOne({
|
|
774
|
-
where: { id: decoded.userId }
|
|
775
|
-
});
|
|
776
|
-
if (!user) {
|
|
777
|
-
throw new common_1.BadRequestException({
|
|
778
|
-
message: 'User not found',
|
|
779
|
-
code: auth_constants_1.ERROR_CODES.USER_NOT_FOUND,
|
|
780
|
-
});
|
|
781
|
-
}
|
|
782
|
-
// Verify password hasn't changed since token was issued
|
|
783
|
-
// This makes the token single-use in practice
|
|
784
|
-
const currentPasswordHashPrefix = user.passwordHash ? user.passwordHash.substring(0, 10) : '';
|
|
785
|
-
if (decoded.passwordHashPrefix !== currentPasswordHashPrefix) {
|
|
786
|
-
throw new common_1.BadRequestException({
|
|
787
|
-
message: 'Reset token is no longer valid',
|
|
788
|
-
code: auth_constants_1.ERROR_CODES.PASSWORD_RESET_TOKEN_INVALID,
|
|
789
|
-
});
|
|
790
|
-
}
|
|
791
|
-
// Update password
|
|
792
|
-
await user.setPassword(newPassword);
|
|
793
|
-
await this.userRepository.save(user);
|
|
794
|
-
// Emit password reset event
|
|
795
|
-
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.PASSWORD_RESET, new password_reset_event_1.PasswordResetEvent({
|
|
796
|
-
user,
|
|
797
|
-
tenantId: user.tenantId,
|
|
798
|
-
input: { token, newPassword },
|
|
799
|
-
}));
|
|
800
|
-
this.debugLogger.logFunctionExit('resetPasswordWithToken', 'AuthService');
|
|
801
|
-
return true;
|
|
802
|
-
}
|
|
803
|
-
catch (error) {
|
|
804
|
-
this.debugLogger.logError(error, 'resetPasswordWithToken');
|
|
805
|
-
this.handleError(error, 'password_reset');
|
|
806
|
-
throw error;
|
|
807
|
-
}
|
|
808
|
-
}
|
|
809
|
-
async logout(logoutType = 'user', reason) {
|
|
810
|
-
const session = request_context_1.RequestContext.currentSession();
|
|
811
|
-
const user = await this.getUser();
|
|
812
|
-
// Emit logout event
|
|
813
|
-
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.LOGGED_OUT, new logged_out_event_1.LoggedOutEvent({
|
|
814
|
-
user: user,
|
|
815
|
-
tenantId: user?.tenantId,
|
|
816
|
-
session,
|
|
817
|
-
logoutType,
|
|
818
|
-
reason,
|
|
819
|
-
}));
|
|
820
|
-
if (session) {
|
|
821
|
-
await this.sessionManager.revokeSession(session.id);
|
|
822
|
-
}
|
|
823
|
-
return true;
|
|
824
|
-
}
|
|
825
|
-
async logoutAll(userId, logoutType = 'user', reason) {
|
|
826
|
-
const session = request_context_1.RequestContext.currentSession();
|
|
827
|
-
if (!session) {
|
|
828
|
-
throw new common_1.UnauthorizedException({
|
|
829
|
-
message: 'Session not found',
|
|
830
|
-
code: auth_constants_1.ERROR_CODES.SESSION_NOT_FOUND,
|
|
831
|
-
});
|
|
832
|
-
}
|
|
833
|
-
const sessions = await this.sessionManager.getUserSessions(userId);
|
|
834
|
-
await this.sessionManager.revokeAllUserSessions(userId);
|
|
835
|
-
const user = await this.userRepository.findOne({ where: { id: userId } });
|
|
836
|
-
if (user) {
|
|
837
|
-
// Emit logout event
|
|
838
|
-
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.LOGGED_OUT_ALL, new logged_out_all_event_1.LoggedOutAllEvent({
|
|
839
|
-
user,
|
|
840
|
-
tenantId: user.tenantId,
|
|
841
|
-
logoutType,
|
|
842
|
-
reason,
|
|
843
|
-
currentSessionId: session.id,
|
|
844
|
-
sessions,
|
|
845
|
-
}));
|
|
846
|
-
}
|
|
847
|
-
return true;
|
|
848
|
-
}
|
|
849
|
-
async sendEmailVerification(input) {
|
|
850
|
-
this.debugLogger.logFunctionEntry('sendEmailVerification', 'AuthService');
|
|
851
|
-
try {
|
|
852
|
-
const user = request_context_1.RequestContext.currentUser();
|
|
853
|
-
if (!user) {
|
|
854
|
-
throw new common_1.UnauthorizedException({
|
|
855
|
-
message: 'User not authenticated',
|
|
856
|
-
code: auth_constants_1.ERROR_CODES.UNAUTHORIZED,
|
|
857
|
-
});
|
|
858
|
-
}
|
|
859
|
-
const fullUser = await this.getUserWithRolesAndPermissions(user.id);
|
|
860
|
-
if (!fullUser.email) {
|
|
861
|
-
throw new common_1.BadRequestException({
|
|
862
|
-
message: 'User does not have an email address',
|
|
863
|
-
code: auth_constants_1.ERROR_CODES.NO_EMAIL_ADDRESS,
|
|
864
|
-
});
|
|
865
|
-
}
|
|
866
|
-
if (fullUser.emailVerifiedAt) {
|
|
867
|
-
throw new common_1.BadRequestException({
|
|
868
|
-
message: 'Email is already verified',
|
|
869
|
-
code: auth_constants_1.ERROR_CODES.EMAIL_ALREADY_VERIFIED,
|
|
870
|
-
});
|
|
871
|
-
}
|
|
872
|
-
// Generate OTP
|
|
873
|
-
const otp = (0, otp_1.generateOtp)();
|
|
874
|
-
const expiresAt = new Date();
|
|
875
|
-
expiresAt.setMinutes(expiresAt.getMinutes() + 30); // OTP expires in 30 minutes
|
|
876
|
-
// Save OTP to database
|
|
877
|
-
const otpEntity = await this.otpRepository.save({
|
|
878
|
-
userId: fullUser.id,
|
|
879
|
-
code: otp,
|
|
880
|
-
expiresAt,
|
|
881
|
-
type: otp_interface_1.OTPTypeEnum.VERIFICATION
|
|
882
|
-
});
|
|
883
|
-
// Emit email verification event - email sending should be handled by event listener
|
|
884
|
-
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.EMAIL_VERIFICATION_REQUESTED, {
|
|
885
|
-
user: fullUser,
|
|
886
|
-
tenantId: fullUser.tenantId,
|
|
887
|
-
otp: otpEntity,
|
|
888
|
-
});
|
|
889
|
-
this.debugLogger.logFunctionExit('sendEmailVerification', 'AuthService');
|
|
890
|
-
return { message: 'Verification email sent successfully' };
|
|
891
|
-
}
|
|
892
|
-
catch (error) {
|
|
893
|
-
this.debugLogger.logError(error, 'sendEmailVerification');
|
|
894
|
-
this.handleError(error, 'signup'); // Assuming email verification is part of signup flow or user profile management
|
|
895
|
-
throw error;
|
|
896
|
-
}
|
|
897
|
-
}
|
|
898
|
-
async verifyEmail(input) {
|
|
899
|
-
this.debugLogger.logFunctionEntry('verifyEmail', 'AuthService');
|
|
900
|
-
try {
|
|
901
|
-
const user = request_context_1.RequestContext.currentUser();
|
|
902
|
-
if (!user) {
|
|
903
|
-
throw new common_1.UnauthorizedException({
|
|
904
|
-
message: 'User not authenticated',
|
|
905
|
-
code: auth_constants_1.ERROR_CODES.UNAUTHORIZED,
|
|
906
|
-
});
|
|
907
|
-
}
|
|
908
|
-
const fullUser = await this.getUserWithRolesAndPermissions(user.id);
|
|
909
|
-
if (!fullUser.email) {
|
|
910
|
-
throw new common_1.BadRequestException({
|
|
911
|
-
message: 'User does not have an email address',
|
|
912
|
-
code: auth_constants_1.ERROR_CODES.NO_EMAIL_ADDRESS,
|
|
913
|
-
});
|
|
914
|
-
}
|
|
915
|
-
if (fullUser.emailVerifiedAt) {
|
|
916
|
-
throw new common_1.BadRequestException({
|
|
917
|
-
message: 'Email is already verified',
|
|
918
|
-
code: auth_constants_1.ERROR_CODES.EMAIL_ALREADY_VERIFIED,
|
|
919
|
-
});
|
|
920
|
-
}
|
|
921
|
-
// Find valid OTP
|
|
922
|
-
const validOtp = await this.otpRepository.findOne({
|
|
923
|
-
where: {
|
|
924
|
-
userId: fullUser.id,
|
|
925
|
-
code: input.otp,
|
|
926
|
-
type: otp_interface_1.OTPTypeEnum.VERIFICATION,
|
|
927
|
-
used: false
|
|
928
|
-
}
|
|
929
|
-
});
|
|
930
|
-
if (!validOtp) {
|
|
931
|
-
throw new common_1.BadRequestException({
|
|
932
|
-
message: 'Invalid verification code',
|
|
933
|
-
code: auth_constants_1.ERROR_CODES.VERIFICATION_CODE_INVALID,
|
|
934
|
-
});
|
|
935
|
-
}
|
|
936
|
-
if ((0, moment_1.default)(validOtp.expiresAt).isBefore(new Date())) {
|
|
937
|
-
throw new common_1.BadRequestException({
|
|
938
|
-
message: 'Verification code has expired',
|
|
939
|
-
code: auth_constants_1.ERROR_CODES.VERIFICATION_CODE_EXPIRED,
|
|
940
|
-
});
|
|
941
|
-
}
|
|
942
|
-
// Mark OTP as used
|
|
943
|
-
validOtp.used = true;
|
|
944
|
-
await this.otpRepository.save(validOtp);
|
|
945
|
-
// Verify user email
|
|
946
|
-
fullUser.emailVerifiedAt = new Date();
|
|
947
|
-
fullUser.isVerified = true;
|
|
948
|
-
await this.userRepository.save(fullUser);
|
|
949
|
-
// Emit email verified event
|
|
950
|
-
await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.EMAIL_VERIFIED, {
|
|
951
|
-
user: fullUser,
|
|
952
|
-
tenantId: fullUser.tenantId,
|
|
953
|
-
});
|
|
954
|
-
this.debugLogger.logFunctionExit('verifyEmail', 'AuthService');
|
|
955
|
-
return { message: 'Email verified successfully' };
|
|
956
|
-
}
|
|
957
|
-
catch (error) {
|
|
958
|
-
this.debugLogger.logError(error, 'verifyEmail');
|
|
959
|
-
this.handleError(error, 'signup'); // Assuming email verification is part of signup flow or user profile management
|
|
960
|
-
throw error;
|
|
961
|
-
}
|
|
962
|
-
}
|
|
963
|
-
async generateTokensPayload(session, otherPayload = {}) {
|
|
964
|
-
let payload = {
|
|
965
|
-
id: session.userId,
|
|
966
|
-
sub: session.userId,
|
|
967
|
-
sessionId: session.id,
|
|
968
|
-
email: session.data?.user?.email,
|
|
969
|
-
phone: session.data?.user?.phone,
|
|
970
|
-
isVerified: session.data?.user?.isVerified,
|
|
971
|
-
roles: session.data?.roles,
|
|
972
|
-
tenantId: session.data?.user?.tenantId,
|
|
973
|
-
isMfaEnabled: session.data?.user?.isMfaEnabled,
|
|
974
|
-
isMfaVerified: session.data?.isMfaVerified,
|
|
975
|
-
...otherPayload,
|
|
976
|
-
};
|
|
977
|
-
// Apply custom token payload hook if configured
|
|
978
|
-
const config = this.authConfigService.getConfig();
|
|
979
|
-
if (config.session?.customizeTokenPayload) {
|
|
980
|
-
payload = await config.session.customizeTokenPayload(payload, session);
|
|
981
|
-
}
|
|
982
|
-
return payload;
|
|
983
|
-
}
|
|
984
|
-
/**
|
|
985
|
-
* Handle errors using the errorHandler hook if configured
|
|
986
|
-
*/
|
|
987
|
-
handleError(error, context) {
|
|
988
|
-
const config = this.authConfigService.getConfig();
|
|
989
|
-
if (config.errorHandler) {
|
|
990
|
-
// The hook can throw a new error or return a modified one
|
|
991
|
-
// If it returns, we throw that. If it throws, it propagates.
|
|
992
|
-
const result = config.errorHandler(error, context);
|
|
993
|
-
if (result) {
|
|
994
|
-
throw result;
|
|
995
|
-
}
|
|
996
|
-
}
|
|
997
|
-
}
|
|
998
|
-
async generateTokensFromSession(session) {
|
|
999
|
-
const payload = await this.generateTokensPayload(session);
|
|
1000
|
-
const tokens = await this.jwtService.generateTokens(payload);
|
|
1001
|
-
return tokens;
|
|
1002
|
-
}
|
|
1003
|
-
};
|
|
1004
|
-
exports.AuthService = AuthService;
|
|
1005
|
-
exports.AuthService = AuthService = tslib_1.__decorate([
|
|
1006
|
-
(0, common_1.Injectable)(),
|
|
1007
|
-
tslib_1.__param(0, (0, typeorm_1.InjectRepository)(user_entity_1.NestAuthUser)),
|
|
1008
|
-
tslib_1.__param(1, (0, typeorm_1.InjectRepository)(otp_entity_1.NestAuthOTP)),
|
|
1009
|
-
tslib_1.__metadata("design:paramtypes", [typeorm_2.Repository,
|
|
1010
|
-
typeorm_2.Repository,
|
|
1011
|
-
auth_provider_registry_service_1.AuthProviderRegistryService,
|
|
1012
|
-
mfa_service_1.MfaService,
|
|
1013
|
-
session_manager_service_1.SessionManagerService,
|
|
1014
|
-
jwt_service_1.JwtService,
|
|
1015
|
-
event_emitter_1.EventEmitter2,
|
|
1016
|
-
tenant_service_1.TenantService,
|
|
1017
|
-
debug_logger_service_1.DebugLoggerService,
|
|
1018
|
-
auth_config_service_1.AuthConfigService,
|
|
1019
|
-
user_service_1.UserService])
|
|
1020
|
-
], AuthService);
|