@anarchitects/auth-nest 0.4.2 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +110 -37
- package/package.json +25 -12
- package/src/application/application.module-definition.d.ts +4 -21
- package/src/application/application.module-definition.js.map +1 -1
- package/src/application/application.module.d.ts +5 -22
- package/src/application/application.module.js +59 -8
- package/src/application/application.module.js.map +1 -1
- package/src/application/factories/ability.factory.js +3 -3
- package/src/application/factories/ability.factory.js.map +1 -1
- package/src/application/index.d.ts +8 -4
- package/src/application/index.js +7 -4
- package/src/application/index.js.map +1 -1
- package/src/application/resource-authorization.tokens.d.ts +1 -0
- package/src/application/resource-authorization.tokens.js +5 -0
- package/src/application/resource-authorization.tokens.js.map +1 -0
- package/src/application/resource-authorization.types.d.ts +16 -0
- package/src/application/resource-authorization.types.js +3 -0
- package/src/application/resource-authorization.types.js.map +1 -0
- package/src/application/services/auth-engine.port.d.ts +42 -0
- package/src/application/services/auth-engine.port.js +12 -0
- package/src/application/services/auth-engine.port.js.map +1 -0
- package/src/application/services/auth-orchestration.service.d.ts +41 -0
- package/src/application/services/auth-orchestration.service.js +161 -0
- package/src/application/services/auth-orchestration.service.js.map +1 -0
- package/src/application/services/jwt-auth.service.d.ts +6 -36
- package/src/application/services/jwt-auth.service.js +8 -201
- package/src/application/services/jwt-auth.service.js.map +1 -1
- package/src/application/services/persisted-policy-rule.d.ts +2 -0
- package/src/application/services/persisted-policy-rule.js +20 -0
- package/src/application/services/persisted-policy-rule.js.map +1 -0
- package/src/application/services/policies.service.js +7 -10
- package/src/application/services/policies.service.js.map +1 -1
- package/src/application/services/resource-authorization.d.ts +5 -0
- package/src/application/services/resource-authorization.js +18 -0
- package/src/application/services/resource-authorization.js.map +1 -0
- package/src/application/strategies/{jwt/strategy.d.ts → jwt-strategy.d.ts} +2 -1
- package/src/application/strategies/{jwt/strategy.js → jwt-strategy.js} +6 -4
- package/src/application/strategies/jwt-strategy.js.map +1 -0
- package/src/auth.module.d.ts +4 -11
- package/src/auth.module.js +40 -24
- package/src/auth.module.js.map +1 -1
- package/src/config/auth.config.d.ts +64 -0
- package/src/config/auth.config.js +115 -7
- package/src/config/auth.config.js.map +1 -1
- package/src/config/index.d.ts +1 -0
- package/src/config/index.js +1 -0
- package/src/config/index.js.map +1 -1
- package/src/config/module-options.d.ts +108 -0
- package/src/config/module-options.js +111 -0
- package/src/config/module-options.js.map +1 -0
- package/src/infrastructure-engine/better-auth/better-auth-auth-engine.adapter.d.ts +21 -0
- package/src/infrastructure-engine/better-auth/better-auth-auth-engine.adapter.js +180 -0
- package/src/infrastructure-engine/better-auth/better-auth-auth-engine.adapter.js.map +1 -0
- package/src/infrastructure-engine/better-auth/better-auth-spike.harness.d.ts +17 -0
- package/src/infrastructure-engine/better-auth/better-auth-spike.harness.js +32 -0
- package/src/infrastructure-engine/better-auth/better-auth-spike.harness.js.map +1 -0
- package/src/infrastructure-engine/better-auth/better-auth.module-loader.d.ts +7 -0
- package/src/infrastructure-engine/better-auth/better-auth.module-loader.js +15 -0
- package/src/infrastructure-engine/better-auth/better-auth.module-loader.js.map +1 -0
- package/src/infrastructure-engine/better-auth/dynamic-import.d.ts +1 -0
- package/src/infrastructure-engine/better-auth/dynamic-import.js +9 -0
- package/src/infrastructure-engine/better-auth/dynamic-import.js.map +1 -0
- package/src/infrastructure-engine/legacy-jwt-auth-engine.adapter.d.ts +22 -0
- package/src/infrastructure-engine/legacy-jwt-auth-engine.adapter.js +131 -0
- package/src/infrastructure-engine/legacy-jwt-auth-engine.adapter.js.map +1 -0
- package/src/infrastructure-mailer/index.d.ts +1 -0
- package/src/infrastructure-mailer/mailer.module.d.ts +4 -0
- package/src/infrastructure-mailer/mailer.module.js +31 -6
- package/src/infrastructure-mailer/mailer.module.js.map +1 -1
- package/src/infrastructure-persistence/index.d.ts +1 -0
- package/src/infrastructure-persistence/persistence.module-definition.d.ts +4 -9
- package/src/infrastructure-persistence/persistence.module-definition.js.map +1 -1
- package/src/infrastructure-persistence/persistence.module.d.ts +4 -2
- package/src/infrastructure-persistence/persistence.module.js +21 -4
- package/src/infrastructure-persistence/persistence.module.js.map +1 -1
- package/src/presentation/authorized-resource.request.d.ts +7 -0
- package/src/presentation/authorized-resource.request.js +16 -0
- package/src/presentation/authorized-resource.request.js.map +1 -0
- package/src/presentation/decorators/authorize-resource.decorator.d.ts +3 -0
- package/src/presentation/decorators/authorize-resource.decorator.js +9 -0
- package/src/presentation/decorators/authorize-resource.decorator.js.map +1 -0
- package/src/presentation/decorators/authorized-resource.decorator.d.ts +2 -0
- package/src/presentation/decorators/authorized-resource.decorator.js +32 -0
- package/src/presentation/decorators/authorized-resource.decorator.js.map +1 -0
- package/src/presentation/decorators/policies.decorator.d.ts +2 -2
- package/src/presentation/decorators/policies.decorator.js.map +1 -1
- package/src/presentation/guards/policies.guard.js +6 -5
- package/src/presentation/guards/policies.guard.js.map +1 -1
- package/src/presentation/guards/resource-authorization.guard.d.ts +11 -0
- package/src/presentation/guards/resource-authorization.guard.js +55 -0
- package/src/presentation/guards/resource-authorization.guard.js.map +1 -0
- package/src/presentation/guards/route-policy-matcher.d.ts +1 -0
- package/src/presentation/guards/route-policy-matcher.js +6 -0
- package/src/presentation/guards/route-policy-matcher.js.map +1 -0
- package/src/presentation/index.d.ts +5 -0
- package/src/presentation/index.js +4 -0
- package/src/presentation/index.js.map +1 -1
- package/src/presentation/presentation.module.d.ts +4 -0
- package/src/presentation/presentation.module.js +43 -2
- package/src/presentation/presentation.module.js.map +1 -1
- package/src/presentation/route-policy.d.ts +1 -0
- package/src/presentation/route-policy.js +3 -0
- package/src/presentation/route-policy.js.map +1 -0
- package/src/application/strategies/jwt/strategy.js.map +0 -1
|
@@ -3,6 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
exports.AuthPersistenceModule = void 0;
|
|
4
4
|
const tslib_1 = require("tslib");
|
|
5
5
|
const common_1 = require("@nestjs/common");
|
|
6
|
+
const config_1 = require("@nestjs/config");
|
|
6
7
|
const typeorm_1 = require("@nestjs/typeorm");
|
|
7
8
|
const invalidated_token_entity_1 = require("./entities/invalidated-token.entity");
|
|
8
9
|
const permission_entity_1 = require("./entities/permission.entity");
|
|
@@ -11,12 +12,14 @@ const user_entity_1 = require("./entities/user.entity");
|
|
|
11
12
|
const persistence_module_definition_1 = require("./persistence.module-definition");
|
|
12
13
|
const auth_user_repository_1 = require("./repositories/auth-user.repository");
|
|
13
14
|
const typeorm_auth_user_repository_1 = require("./repositories/typeorm-auth-user.repository");
|
|
15
|
+
const config_2 = require("../config");
|
|
14
16
|
let AuthPersistenceModule = class AuthPersistenceModule extends persistence_module_definition_1.ConfigurableModuleClass {
|
|
15
|
-
static forRoot(options) {
|
|
16
|
-
|
|
17
|
+
static forRoot(options = {}) {
|
|
18
|
+
const resolvedOptions = (0, config_2.resolveAuthPersistenceModuleOptions)(options);
|
|
19
|
+
switch (resolvedOptions.persistence) {
|
|
17
20
|
case 'typeorm':
|
|
18
21
|
return {
|
|
19
|
-
...super.forRoot(
|
|
22
|
+
...super.forRoot(resolvedOptions),
|
|
20
23
|
imports: [
|
|
21
24
|
typeorm_1.TypeOrmModule.forFeature([
|
|
22
25
|
user_entity_1.UserEntity,
|
|
@@ -35,9 +38,23 @@ let AuthPersistenceModule = class AuthPersistenceModule extends persistence_modu
|
|
|
35
38
|
exports: [auth_user_repository_1.AuthUserRepository, typeorm_1.TypeOrmModule],
|
|
36
39
|
};
|
|
37
40
|
default:
|
|
38
|
-
throw new Error(`Unsupported persistence type: ${
|
|
41
|
+
throw new Error(`Unsupported persistence type: ${resolvedOptions.persistence}`);
|
|
39
42
|
}
|
|
40
43
|
}
|
|
44
|
+
static forRootFromConfig(overrides = {}) {
|
|
45
|
+
const configOptions = (0, config_2.mapAuthConfigToPersistenceModuleOptions)((0, config_2.authConfig)());
|
|
46
|
+
const moduleDefinition = this.forRoot({
|
|
47
|
+
...configOptions,
|
|
48
|
+
...overrides,
|
|
49
|
+
});
|
|
50
|
+
return {
|
|
51
|
+
...moduleDefinition,
|
|
52
|
+
imports: [
|
|
53
|
+
config_1.ConfigModule.forFeature(config_2.authConfig),
|
|
54
|
+
...(moduleDefinition.imports ?? []),
|
|
55
|
+
],
|
|
56
|
+
};
|
|
57
|
+
}
|
|
41
58
|
};
|
|
42
59
|
exports.AuthPersistenceModule = AuthPersistenceModule;
|
|
43
60
|
exports.AuthPersistenceModule = AuthPersistenceModule = tslib_1.__decorate([
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"persistence.module.js","sourceRoot":"","sources":["../../../../../../libs/auth/nest/src/infrastructure-persistence/persistence.module.ts"],"names":[],"mappings":";;;;AAAA,2CAAuD;AACvD,6CAAgD;AAChD,kFAA6E;AAC7E,oEAAgE;AAChE,wDAAoD;AACpD,wDAAoD;AACpD,mFAGyC;AACzC,8EAAyE;AACzE,8FAAwF;
|
|
1
|
+
{"version":3,"file":"persistence.module.js","sourceRoot":"","sources":["../../../../../../libs/auth/nest/src/infrastructure-persistence/persistence.module.ts"],"names":[],"mappings":";;;;AAAA,2CAAuD;AACvD,2CAA8C;AAC9C,6CAAgD;AAChD,kFAA6E;AAC7E,oEAAgE;AAChE,wDAAoD;AACpD,wDAAoD;AACpD,mFAGyC;AACzC,8EAAyE;AACzE,8FAAwF;AACxF,sCAImB;AAIZ,IAAM,qBAAqB,GAA3B,MAAM,qBAAsB,SAAQ,uDAAuB;IAChE,MAAM,CAAC,OAAO,CAAC,UAAwC,EAAE;QACvD,MAAM,eAAe,GACnB,IAAA,4CAAmC,EAAC,OAAO,CAAC,CAAC;QAE/C,QAAQ,eAAe,CAAC,WAAW,EAAE,CAAC;YACpC,KAAK,SAAS;gBACZ,OAAO;oBACL,GAAG,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC;oBACjC,OAAO,EAAE;wBACP,uBAAa,CAAC,UAAU,CAAC;4BACvB,wBAAU;4BACV,wBAAU;4BACV,oCAAgB;4BAChB,iDAAsB;yBACvB,CAAC;qBACH;oBACD,SAAS,EAAE;wBACT,wDAAyB;wBACzB;4BACE,OAAO,EAAE,yCAAkB;4BAC3B,WAAW,EAAE,wDAAyB;yBACvC;qBACF;oBACD,OAAO,EAAE,CAAC,yCAAkB,EAAE,uBAAa,CAAC;iBAC7C,CAAC;YACJ;gBACE,MAAM,IAAI,KAAK,CACb,iCAAiC,eAAe,CAAC,WAAW,EAAE,CAC/D,CAAC;QACN,CAAC;IACH,CAAC;IAED,MAAM,CAAC,iBAAiB,CACtB,YAA0C,EAAE;QAE5C,MAAM,aAAa,GAAG,IAAA,gDAAuC,EAAC,IAAA,mBAAU,GAAE,CAAC,CAAC;QAC5E,MAAM,gBAAgB,GAAG,IAAI,CAAC,OAAO,CAAC;YACpC,GAAG,aAAa;YAChB,GAAG,SAAS;SACb,CAAC,CAAC;QAEH,OAAO;YACL,GAAG,gBAAgB;YACnB,OAAO,EAAE;gBACP,qBAAY,CAAC,UAAU,CAAC,mBAAU,CAAC;gBACnC,GAAG,CAAC,gBAAgB,CAAC,OAAO,IAAI,EAAE,CAAC;aACpC;SACF,CAAC;IACJ,CAAC;CACF,CAAA;AAlDY,sDAAqB;gCAArB,qBAAqB;IADjC,IAAA,eAAM,EAAC,EAAE,CAAC;GACE,qBAAqB,CAkDjC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { Subject } from '@anarchitects/auth-ts/models';
|
|
2
|
+
export declare const AUTHORIZED_RESOURCES_REQUEST_KEY = "__authAuthorizedResources";
|
|
3
|
+
type AuthorizedResourceStore = Record<string, unknown>;
|
|
4
|
+
export declare const attachAuthorizedResource: (request: Record<string, unknown>, subject: Subject, resource: unknown) => void;
|
|
5
|
+
export declare const getAuthorizedResourceStore: (request: Record<string, unknown>) => AuthorizedResourceStore;
|
|
6
|
+
export declare const getAuthorizedResource: (request: Record<string, unknown>, subject: Subject) => unknown;
|
|
7
|
+
export {};
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.getAuthorizedResource = exports.getAuthorizedResourceStore = exports.attachAuthorizedResource = exports.AUTHORIZED_RESOURCES_REQUEST_KEY = void 0;
|
|
4
|
+
exports.AUTHORIZED_RESOURCES_REQUEST_KEY = '__authAuthorizedResources';
|
|
5
|
+
const attachAuthorizedResource = (request, subject, resource) => {
|
|
6
|
+
const requestWithResources = request;
|
|
7
|
+
const store = requestWithResources[exports.AUTHORIZED_RESOURCES_REQUEST_KEY] ??
|
|
8
|
+
(requestWithResources[exports.AUTHORIZED_RESOURCES_REQUEST_KEY] = {});
|
|
9
|
+
store[subject] = resource;
|
|
10
|
+
};
|
|
11
|
+
exports.attachAuthorizedResource = attachAuthorizedResource;
|
|
12
|
+
const getAuthorizedResourceStore = (request) => request[exports.AUTHORIZED_RESOURCES_REQUEST_KEY] ?? {};
|
|
13
|
+
exports.getAuthorizedResourceStore = getAuthorizedResourceStore;
|
|
14
|
+
const getAuthorizedResource = (request, subject) => (0, exports.getAuthorizedResourceStore)(request)[subject];
|
|
15
|
+
exports.getAuthorizedResource = getAuthorizedResource;
|
|
16
|
+
//# sourceMappingURL=authorized-resource.request.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"authorized-resource.request.js","sourceRoot":"","sources":["../../../../../../libs/auth/nest/src/presentation/authorized-resource.request.ts"],"names":[],"mappings":";;;AAEa,QAAA,gCAAgC,GAAG,2BAA2B,CAAC;AAQrE,MAAM,wBAAwB,GAAG,CACtC,OAAgC,EAChC,OAAgB,EAChB,QAAiB,EACX,EAAE;IACR,MAAM,oBAAoB,GAAG,OAAyC,CAAC;IACvE,MAAM,KAAK,GACT,oBAAoB,CAAC,wCAAgC,CAAC;QACtD,CAAC,oBAAoB,CAAC,wCAAgC,CAAC,GAAG,EAAE,CAAC,CAAC;IAChE,KAAK,CAAC,OAAO,CAAC,GAAG,QAAQ,CAAC;AAC5B,CAAC,CAAC;AAVW,QAAA,wBAAwB,4BAUnC;AAEK,MAAM,0BAA0B,GAAG,CACxC,OAAgC,EACP,EAAE,CAC1B,OAA0C,CACzC,wCAAgC,CACjC,IAAI,EAAE,CAAC;AALG,QAAA,0BAA0B,8BAK7B;AAEH,MAAM,qBAAqB,GAAG,CACnC,OAAgC,EAChC,OAAgB,EACP,EAAE,CAAC,IAAA,kCAA0B,EAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC;AAH9C,QAAA,qBAAqB,yBAGyB"}
|
|
@@ -0,0 +1,3 @@
|
|
|
1
|
+
import { ResourceAuthorizationRoute } from '../../application/resource-authorization.types';
|
|
2
|
+
export declare const AUTHORIZE_RESOURCE_KEY = "authorize-resource";
|
|
3
|
+
export declare const AuthorizeResource: (...resources: ResourceAuthorizationRoute[]) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.AuthorizeResource = exports.AUTHORIZE_RESOURCE_KEY = void 0;
|
|
4
|
+
const common_1 = require("@nestjs/common");
|
|
5
|
+
const resource_authorization_guard_1 = require("../guards/resource-authorization.guard");
|
|
6
|
+
exports.AUTHORIZE_RESOURCE_KEY = 'authorize-resource';
|
|
7
|
+
const AuthorizeResource = (...resources) => (0, common_1.applyDecorators)((0, common_1.SetMetadata)(exports.AUTHORIZE_RESOURCE_KEY, resources), (0, common_1.UseGuards)(resource_authorization_guard_1.ResourceAuthorizationGuard));
|
|
8
|
+
exports.AuthorizeResource = AuthorizeResource;
|
|
9
|
+
//# sourceMappingURL=authorize-resource.decorator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"authorize-resource.decorator.js","sourceRoot":"","sources":["../../../../../../../libs/auth/nest/src/presentation/decorators/authorize-resource.decorator.ts"],"names":[],"mappings":";;;AAAA,2CAAyE;AAEzE,yFAAoF;AAEvE,QAAA,sBAAsB,GAAG,oBAAoB,CAAC;AAEpD,MAAM,iBAAiB,GAAG,CAAC,GAAG,SAAuC,EAAE,EAAE,CAC9E,IAAA,wBAAe,EACb,IAAA,oBAAW,EAAC,8BAAsB,EAAE,SAAS,CAAC,EAC9C,IAAA,kBAAS,EAAC,yDAA0B,CAAC,CACtC,CAAC;AAJS,QAAA,iBAAiB,qBAI1B"}
|
|
@@ -0,0 +1,2 @@
|
|
|
1
|
+
import { Subject } from '@anarchitects/auth-ts/models';
|
|
2
|
+
export declare const AuthorizedResource: (...dataOrPipes: (Subject | import("@nestjs/common").PipeTransform<any, any> | import("@nestjs/common").Type<import("@nestjs/common").PipeTransform<any, any>> | undefined)[]) => ParameterDecorator;
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.AuthorizedResource = void 0;
|
|
4
|
+
const common_1 = require("@nestjs/common");
|
|
5
|
+
const authorize_resource_decorator_1 = require("./authorize-resource.decorator");
|
|
6
|
+
const authorized_resource_request_1 = require("../authorized-resource.request");
|
|
7
|
+
const resolveAuthorizedResourceSubject = (context, subjectOverride) => {
|
|
8
|
+
if (subjectOverride) {
|
|
9
|
+
return subjectOverride;
|
|
10
|
+
}
|
|
11
|
+
const resources = Reflect.getMetadata(authorize_resource_decorator_1.AUTHORIZE_RESOURCE_KEY, context.getHandler()) ??
|
|
12
|
+
Reflect.getMetadata(authorize_resource_decorator_1.AUTHORIZE_RESOURCE_KEY, context.getClass()) ??
|
|
13
|
+
[];
|
|
14
|
+
const subjects = resources.map((resource) => resource.subject);
|
|
15
|
+
if (subjects.length === 1) {
|
|
16
|
+
return subjects[0];
|
|
17
|
+
}
|
|
18
|
+
throw new common_1.InternalServerErrorException('Authorized resource subject could not be resolved from route metadata');
|
|
19
|
+
};
|
|
20
|
+
exports.AuthorizedResource = (0, common_1.createParamDecorator)((subjectOverride, context) => {
|
|
21
|
+
const request = context
|
|
22
|
+
.switchToHttp()
|
|
23
|
+
.getRequest();
|
|
24
|
+
const subject = resolveAuthorizedResourceSubject(context, subjectOverride);
|
|
25
|
+
const resource = (0, authorized_resource_request_1.getAuthorizedResource)(request, subject);
|
|
26
|
+
if (resource === undefined) {
|
|
27
|
+
const store = (0, authorized_resource_request_1.getAuthorizedResourceStore)(request);
|
|
28
|
+
throw new common_1.InternalServerErrorException(`Authorized resource for subject "${subject}" is not attached to the request. Available subjects: ${Object.keys(store).join(', ')}`);
|
|
29
|
+
}
|
|
30
|
+
return resource;
|
|
31
|
+
});
|
|
32
|
+
//# sourceMappingURL=authorized-resource.decorator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"authorized-resource.decorator.js","sourceRoot":"","sources":["../../../../../../../libs/auth/nest/src/presentation/decorators/authorized-resource.decorator.ts"],"names":[],"mappings":";;;AAAA,2CAIwB;AAGxB,iFAAwE;AACxE,gFAGwC;AAExC,MAAM,gCAAgC,GAAG,CACvC,OAAyB,EACzB,eAAyB,EAChB,EAAE;IACX,IAAI,eAAe,EAAE,CAAC;QACpB,OAAO,eAAe,CAAC;IACzB,CAAC;IAED,MAAM,SAAS,GACb,OAAO,CAAC,WAAW,CAAC,qDAAsB,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC;QACjE,OAAO,CAAC,WAAW,CAAC,qDAAsB,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC;QAC/D,EAAE,CAAC;IAEL,MAAM,QAAQ,GAAI,SAA0C,CAAC,GAAG,CAC9D,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,OAAO,CAC/B,CAAC;IAEF,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,QAAQ,CAAC,CAAC,CAAC,CAAC;IACrB,CAAC;IAED,MAAM,IAAI,qCAA4B,CACpC,uEAAuE,CACxE,CAAC;AACJ,CAAC,CAAC;AAEW,QAAA,kBAAkB,GAAG,IAAA,6BAAoB,EACpD,CAAC,eAAoC,EAAE,OAAyB,EAAE,EAAE;IAClE,MAAM,OAAO,GAAG,OAAO;SACpB,YAAY,EAAE;SACd,UAAU,EAA2B,CAAC;IACzC,MAAM,OAAO,GAAG,gCAAgC,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;IAC3E,MAAM,QAAQ,GAAG,IAAA,mDAAqB,EAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAEzD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,IAAA,wDAA0B,EAAC,OAAO,CAAC,CAAC;QAClD,MAAM,IAAI,qCAA4B,CACpC,oCAAoC,OAAO,yDAAyD,MAAM,CAAC,IAAI,CAC7G,KAAK,CACN,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACf,CAAC;IACJ,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC,CACF,CAAC"}
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { RoutePolicy } from '../route-policy';
|
|
2
2
|
export declare const POLICIES_KEY = "policies";
|
|
3
|
-
export declare const Policies: (...rules:
|
|
3
|
+
export declare const Policies: (...rules: RoutePolicy[]) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"policies.decorator.js","sourceRoot":"","sources":["../../../../../../../libs/auth/nest/src/presentation/decorators/policies.decorator.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"policies.decorator.js","sourceRoot":"","sources":["../../../../../../../libs/auth/nest/src/presentation/decorators/policies.decorator.ts"],"names":[],"mappings":";;;AAAA,2CAA8D;AAGjD,QAAA,YAAY,GAAG,UAAU,CAAC;AAChC,MAAM,QAAQ,GAAG,CAAC,GAAG,KAAoB,EAAE,EAAE,CAClD,IAAA,wBAAe,EAAC,IAAA,oBAAW,EAAC,oBAAY,EAAE,KAAK,CAAC,CAAC,CAAC;AADvC,QAAA,QAAQ,YAC+B"}
|
|
@@ -6,6 +6,7 @@ const common_1 = require("@nestjs/common");
|
|
|
6
6
|
const core_1 = require("@nestjs/core");
|
|
7
7
|
const policies_service_1 = require("../../application/services/policies.service");
|
|
8
8
|
const policies_decorator_1 = require("../decorators/policies.decorator");
|
|
9
|
+
const route_policy_matcher_1 = require("./route-policy-matcher");
|
|
9
10
|
let PoliciesGuard = class PoliciesGuard {
|
|
10
11
|
constructor(reflector, policiesService) {
|
|
11
12
|
this.reflector = reflector;
|
|
@@ -14,17 +15,17 @@ let PoliciesGuard = class PoliciesGuard {
|
|
|
14
15
|
async canActivate(context) {
|
|
15
16
|
const req = context.switchToHttp().getRequest();
|
|
16
17
|
const policies = this.reflector.getAllAndOverride(policies_decorator_1.POLICIES_KEY, [context.getHandler(), context.getClass()]);
|
|
17
|
-
if (policies) {
|
|
18
|
+
if (policies?.length) {
|
|
18
19
|
const user = req.user;
|
|
19
20
|
if (!user) {
|
|
20
21
|
throw new common_1.UnauthorizedException('User not authenticated');
|
|
21
22
|
}
|
|
22
|
-
const
|
|
23
|
-
|
|
24
|
-
if (!
|
|
23
|
+
const policyRules = await this.policiesService.rulesForUser(user);
|
|
24
|
+
for (const policy of policies) {
|
|
25
|
+
if (!(0, route_policy_matcher_1.canAttemptRoutePolicy)(policy, policyRules)) {
|
|
25
26
|
throw new common_1.ForbiddenException();
|
|
26
27
|
}
|
|
27
|
-
}
|
|
28
|
+
}
|
|
28
29
|
}
|
|
29
30
|
return true;
|
|
30
31
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"policies.guard.js","sourceRoot":"","sources":["../../../../../../../libs/auth/nest/src/presentation/guards/policies.guard.ts"],"names":[],"mappings":";;;;AAAA,2CAMwB;AACxB,uCAAyC;
|
|
1
|
+
{"version":3,"file":"policies.guard.js","sourceRoot":"","sources":["../../../../../../../libs/auth/nest/src/presentation/guards/policies.guard.ts"],"names":[],"mappings":";;;;AAAA,2CAMwB;AACxB,uCAAyC;AACzC,kFAA8E;AAC9E,yEAAgE;AAEhE,iEAA+D;AAGxD,IAAM,aAAa,GAAnB,MAAM,aAAa;IACxB,YACmB,SAAoB,EACpB,eAAgC;QADhC,cAAS,GAAT,SAAS,CAAW;QACpB,oBAAe,GAAf,eAAe,CAAiB;IAChD,CAAC;IAEJ,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,MAAM,GAAG,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QAEhD,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAC/C,iCAAY,EACZ,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAC3C,CAAC;QAEF,IAAI,QAAQ,EAAE,MAAM,EAAE,CAAC;YACrB,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC;YACtB,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,MAAM,IAAI,8BAAqB,CAAC,wBAAwB,CAAC,CAAC;YAC5D,CAAC;YAED,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;YAElE,KAAK,MAAM,MAAM,IAAI,QAAQ,EAAE,CAAC;gBAC9B,IAAI,CAAC,IAAA,4CAAqB,EAAC,MAAM,EAAE,WAAW,CAAC,EAAE,CAAC;oBAChD,MAAM,IAAI,2BAAkB,EAAE,CAAC;gBACjC,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AA/BY,sCAAa;wBAAb,aAAa;IADzB,IAAA,mBAAU,GAAE;6CAGmB,gBAAS;QACH,kCAAe;GAHxC,aAAa,CA+BzB"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
2
|
+
import { Reflector } from '@nestjs/core';
|
|
3
|
+
import { PoliciesService } from '../../application/services/policies.service';
|
|
4
|
+
import { ResourceAuthorizationLoaders } from '../../application/resource-authorization.types';
|
|
5
|
+
export declare class ResourceAuthorizationGuard implements CanActivate {
|
|
6
|
+
private readonly reflector;
|
|
7
|
+
private readonly policiesService;
|
|
8
|
+
private readonly loaders;
|
|
9
|
+
constructor(reflector: Reflector, policiesService: PoliciesService, loaders: ResourceAuthorizationLoaders);
|
|
10
|
+
canActivate(context: ExecutionContext): Promise<boolean>;
|
|
11
|
+
}
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.ResourceAuthorizationGuard = void 0;
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
const common_1 = require("@nestjs/common");
|
|
6
|
+
const core_1 = require("@nestjs/core");
|
|
7
|
+
const policies_service_1 = require("../../application/services/policies.service");
|
|
8
|
+
const resource_authorization_1 = require("../../application/services/resource-authorization");
|
|
9
|
+
const resource_authorization_tokens_1 = require("../../application/resource-authorization.tokens");
|
|
10
|
+
const authorize_resource_decorator_1 = require("../decorators/authorize-resource.decorator");
|
|
11
|
+
const authorized_resource_request_1 = require("../authorized-resource.request");
|
|
12
|
+
let ResourceAuthorizationGuard = class ResourceAuthorizationGuard {
|
|
13
|
+
constructor(reflector, policiesService, loaders) {
|
|
14
|
+
this.reflector = reflector;
|
|
15
|
+
this.policiesService = policiesService;
|
|
16
|
+
this.loaders = loaders;
|
|
17
|
+
}
|
|
18
|
+
async canActivate(context) {
|
|
19
|
+
const request = context.switchToHttp().getRequest();
|
|
20
|
+
const resources = this.reflector.getAllAndOverride(authorize_resource_decorator_1.AUTHORIZE_RESOURCE_KEY, [context.getHandler(), context.getClass()]) ?? [];
|
|
21
|
+
if (!resources.length) {
|
|
22
|
+
return true;
|
|
23
|
+
}
|
|
24
|
+
const user = request.user;
|
|
25
|
+
if (!user) {
|
|
26
|
+
throw new common_1.UnauthorizedException('User not authenticated');
|
|
27
|
+
}
|
|
28
|
+
const ability = await this.policiesService.buildAbilityForUser(user);
|
|
29
|
+
for (const resource of resources) {
|
|
30
|
+
const loader = this.loaders[resource.subject];
|
|
31
|
+
if (!loader) {
|
|
32
|
+
throw new common_1.InternalServerErrorException(`No resource authorization loader registered for subject "${resource.subject}"`);
|
|
33
|
+
}
|
|
34
|
+
const resourceId = request.params?.[resource.idParam];
|
|
35
|
+
if (!resourceId) {
|
|
36
|
+
throw new common_1.BadRequestException(`Missing route parameter "${resource.idParam}" for resource authorization`);
|
|
37
|
+
}
|
|
38
|
+
const loadedResource = await loader({ user, resourceId });
|
|
39
|
+
if (!loadedResource) {
|
|
40
|
+
throw new common_1.NotFoundException();
|
|
41
|
+
}
|
|
42
|
+
(0, resource_authorization_1.assertCanAccessResource)(ability, resource.action, resource.subject, loadedResource);
|
|
43
|
+
(0, authorized_resource_request_1.attachAuthorizedResource)(request, resource.subject, loadedResource);
|
|
44
|
+
}
|
|
45
|
+
return true;
|
|
46
|
+
}
|
|
47
|
+
};
|
|
48
|
+
exports.ResourceAuthorizationGuard = ResourceAuthorizationGuard;
|
|
49
|
+
exports.ResourceAuthorizationGuard = ResourceAuthorizationGuard = tslib_1.__decorate([
|
|
50
|
+
(0, common_1.Injectable)(),
|
|
51
|
+
tslib_1.__param(2, (0, common_1.Inject)(resource_authorization_tokens_1.AUTH_RESOURCE_AUTHORIZATION_LOADERS)),
|
|
52
|
+
tslib_1.__metadata("design:paramtypes", [core_1.Reflector,
|
|
53
|
+
policies_service_1.PoliciesService, Object])
|
|
54
|
+
], ResourceAuthorizationGuard);
|
|
55
|
+
//# sourceMappingURL=resource-authorization.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"resource-authorization.guard.js","sourceRoot":"","sources":["../../../../../../../libs/auth/nest/src/presentation/guards/resource-authorization.guard.ts"],"names":[],"mappings":";;;;AACA,2CASwB;AACxB,uCAAyC;AACzC,kFAA8E;AAC9E,8FAA4F;AAC5F,mGAAsG;AAKtG,6FAAoF;AACpF,gFAA0E;AAGnE,IAAM,0BAA0B,GAAhC,MAAM,0BAA0B;IACrC,YACmB,SAAoB,EACpB,eAAgC,EAEhC,OAAqC;QAHrC,cAAS,GAAT,SAAS,CAAW;QACpB,oBAAe,GAAf,eAAe,CAAiB;QAEhC,YAAO,GAAP,OAAO,CAA8B;IACrD,CAAC;IAEJ,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAG7C,CAAC;QACL,MAAM,SAAS,GACb,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAC9B,qDAAsB,EACtB,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAC3C,IAAI,EAAE,CAAC;QAEV,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;YACtB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;QAC1B,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,8BAAqB,CAAC,wBAAwB,CAAC,CAAC;QAC5D,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC;QAErE,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;YACjC,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YAC9C,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,MAAM,IAAI,qCAA4B,CACpC,4DAA4D,QAAQ,CAAC,OAAO,GAAG,CAChF,CAAC;YACJ,CAAC;YAED,MAAM,UAAU,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YACtD,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,MAAM,IAAI,4BAAmB,CAC3B,4BAA4B,QAAQ,CAAC,OAAO,8BAA8B,CAC3E,CAAC;YACJ,CAAC;YAED,MAAM,cAAc,GAAG,MAAM,MAAM,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC;YAC1D,IAAI,CAAC,cAAc,EAAE,CAAC;gBACpB,MAAM,IAAI,0BAAiB,EAAE,CAAC;YAChC,CAAC;YAED,IAAA,gDAAuB,EACrB,OAAO,EACP,QAAQ,CAAC,MAAM,EACf,QAAQ,CAAC,OAAO,EAChB,cAAc,CACf,CAAC;YACF,IAAA,sDAAwB,EACtB,OAAkC,EAClC,QAAQ,CAAC,OAAO,EAChB,cAAc,CACf,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AAjEY,gEAA0B;qCAA1B,0BAA0B;IADtC,IAAA,mBAAU,GAAE;IAKR,mBAAA,IAAA,eAAM,EAAC,mEAAmC,CAAC,CAAA;6CAFhB,gBAAS;QACH,kCAAe;GAHxC,0BAA0B,CAiEtC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export { canAttemptRoutePolicy } from '@anarchitects/auth-ts/models';
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.canAttemptRoutePolicy = void 0;
|
|
4
|
+
var models_1 = require("@anarchitects/auth-ts/models");
|
|
5
|
+
Object.defineProperty(exports, "canAttemptRoutePolicy", { enumerable: true, get: function () { return models_1.canAttemptRoutePolicy; } });
|
|
6
|
+
//# sourceMappingURL=route-policy-matcher.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"route-policy-matcher.js","sourceRoot":"","sources":["../../../../../../../libs/auth/nest/src/presentation/guards/route-policy-matcher.ts"],"names":[],"mappings":";;;AAAA,uDAAqE;AAA5D,+GAAA,qBAAqB,OAAA"}
|
|
@@ -1,4 +1,9 @@
|
|
|
1
1
|
export * from './presentation.module';
|
|
2
2
|
export * from './controllers/auth.controller';
|
|
3
3
|
export * from './guards/policies.guard';
|
|
4
|
+
export * from './guards/resource-authorization.guard';
|
|
4
5
|
export * from './decorators/policies.decorator';
|
|
6
|
+
export * from './decorators/authorize-resource.decorator';
|
|
7
|
+
export * from './decorators/authorized-resource.decorator';
|
|
8
|
+
export * from './route-policy';
|
|
9
|
+
export type { AuthPresentationModuleOptions } from '../config';
|
|
@@ -4,5 +4,9 @@ const tslib_1 = require("tslib");
|
|
|
4
4
|
tslib_1.__exportStar(require("./presentation.module"), exports);
|
|
5
5
|
tslib_1.__exportStar(require("./controllers/auth.controller"), exports);
|
|
6
6
|
tslib_1.__exportStar(require("./guards/policies.guard"), exports);
|
|
7
|
+
tslib_1.__exportStar(require("./guards/resource-authorization.guard"), exports);
|
|
7
8
|
tslib_1.__exportStar(require("./decorators/policies.decorator"), exports);
|
|
9
|
+
tslib_1.__exportStar(require("./decorators/authorize-resource.decorator"), exports);
|
|
10
|
+
tslib_1.__exportStar(require("./decorators/authorized-resource.decorator"), exports);
|
|
11
|
+
tslib_1.__exportStar(require("./route-policy"), exports);
|
|
8
12
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../libs/auth/nest/src/presentation/index.ts"],"names":[],"mappings":";;;AAAA,gEAAsC;AACtC,wEAA8C;AAC9C,kEAAwC;AACxC,0EAAgD"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../libs/auth/nest/src/presentation/index.ts"],"names":[],"mappings":";;;AAAA,gEAAsC;AACtC,wEAA8C;AAC9C,kEAAwC;AACxC,gFAAsD;AACtD,0EAAgD;AAChD,oFAA0D;AAC1D,qFAA2D;AAC3D,yDAA+B"}
|
|
@@ -1,2 +1,6 @@
|
|
|
1
|
+
import { DynamicModule } from '@nestjs/common';
|
|
2
|
+
import type { AuthPresentationModuleOptions } from '../config';
|
|
1
3
|
export declare class AuthPresentationModule {
|
|
4
|
+
static forRoot(options?: AuthPresentationModuleOptions): DynamicModule;
|
|
5
|
+
static forRootFromConfig(overrides?: AuthPresentationModuleOptions): DynamicModule;
|
|
2
6
|
}
|
|
@@ -1,15 +1,56 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var AuthPresentationModule_1;
|
|
2
3
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
4
|
exports.AuthPresentationModule = void 0;
|
|
4
5
|
const tslib_1 = require("tslib");
|
|
5
6
|
const common_1 = require("@nestjs/common");
|
|
7
|
+
const config_1 = require("@nestjs/config");
|
|
6
8
|
const auth_controller_1 = require("./controllers/auth.controller");
|
|
7
|
-
|
|
9
|
+
const application_1 = require("../application");
|
|
10
|
+
const policies_guard_1 = require("./guards/policies.guard");
|
|
11
|
+
const resource_authorization_guard_1 = require("./guards/resource-authorization.guard");
|
|
12
|
+
const config_2 = require("../config");
|
|
13
|
+
let AuthPresentationModule = AuthPresentationModule_1 = class AuthPresentationModule {
|
|
14
|
+
static forRoot(options = {}) {
|
|
15
|
+
return {
|
|
16
|
+
module: AuthPresentationModule_1,
|
|
17
|
+
imports: [application_1.AuthApplicationModule.forRoot(options.application)],
|
|
18
|
+
exports: [application_1.AuthApplicationModule],
|
|
19
|
+
};
|
|
20
|
+
}
|
|
21
|
+
static forRootFromConfig(overrides = {}) {
|
|
22
|
+
const configOptions = (0, config_2.mapAuthConfigToPresentationModuleOptions)((0, config_2.authConfig)());
|
|
23
|
+
const moduleDefinition = this.forRoot({
|
|
24
|
+
...configOptions,
|
|
25
|
+
...overrides,
|
|
26
|
+
application: {
|
|
27
|
+
...configOptions.application,
|
|
28
|
+
...overrides.application,
|
|
29
|
+
encryption: {
|
|
30
|
+
...configOptions.application?.encryption,
|
|
31
|
+
...overrides.application?.encryption,
|
|
32
|
+
},
|
|
33
|
+
persistence: {
|
|
34
|
+
...configOptions.application?.persistence,
|
|
35
|
+
...overrides.application?.persistence,
|
|
36
|
+
},
|
|
37
|
+
},
|
|
38
|
+
});
|
|
39
|
+
return {
|
|
40
|
+
...moduleDefinition,
|
|
41
|
+
imports: [
|
|
42
|
+
config_1.ConfigModule.forFeature(config_2.authConfig),
|
|
43
|
+
...(moduleDefinition.imports ?? []),
|
|
44
|
+
],
|
|
45
|
+
};
|
|
46
|
+
}
|
|
8
47
|
};
|
|
9
48
|
exports.AuthPresentationModule = AuthPresentationModule;
|
|
10
|
-
exports.AuthPresentationModule = AuthPresentationModule = tslib_1.__decorate([
|
|
49
|
+
exports.AuthPresentationModule = AuthPresentationModule = AuthPresentationModule_1 = tslib_1.__decorate([
|
|
11
50
|
(0, common_1.Module)({
|
|
12
51
|
controllers: [auth_controller_1.AuthController],
|
|
52
|
+
providers: [policies_guard_1.PoliciesGuard, resource_authorization_guard_1.ResourceAuthorizationGuard],
|
|
53
|
+
exports: [policies_guard_1.PoliciesGuard, resource_authorization_guard_1.ResourceAuthorizationGuard],
|
|
13
54
|
})
|
|
14
55
|
], AuthPresentationModule);
|
|
15
56
|
//# sourceMappingURL=presentation.module.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"presentation.module.js","sourceRoot":"","sources":["../../../../../../libs/auth/nest/src/presentation/presentation.module.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"presentation.module.js","sourceRoot":"","sources":["../../../../../../libs/auth/nest/src/presentation/presentation.module.ts"],"names":[],"mappings":";;;;;AAAA,2CAAuD;AACvD,2CAA8C;AAC9C,mEAA+D;AAC/D,gDAAuD;AACvD,4DAAwD;AACxD,wFAAmF;AACnF,sCAGmB;AAQZ,IAAM,sBAAsB,8BAA5B,MAAM,sBAAsB;IACjC,MAAM,CAAC,OAAO,CAAC,UAAyC,EAAE;QACxD,OAAO;YACL,MAAM,EAAE,wBAAsB;YAC9B,OAAO,EAAE,CAAC,mCAAqB,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;YAC7D,OAAO,EAAE,CAAC,mCAAqB,CAAC;SACjC,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,iBAAiB,CACtB,YAA2C,EAAE;QAE7C,MAAM,aAAa,GACjB,IAAA,iDAAwC,EAAC,IAAA,mBAAU,GAAE,CAAC,CAAC;QACzD,MAAM,gBAAgB,GAAG,IAAI,CAAC,OAAO,CAAC;YACpC,GAAG,aAAa;YAChB,GAAG,SAAS;YACZ,WAAW,EAAE;gBACX,GAAG,aAAa,CAAC,WAAW;gBAC5B,GAAG,SAAS,CAAC,WAAW;gBACxB,UAAU,EAAE;oBACV,GAAG,aAAa,CAAC,WAAW,EAAE,UAAU;oBACxC,GAAG,SAAS,CAAC,WAAW,EAAE,UAAU;iBACrC;gBACD,WAAW,EAAE;oBACX,GAAG,aAAa,CAAC,WAAW,EAAE,WAAW;oBACzC,GAAG,SAAS,CAAC,WAAW,EAAE,WAAW;iBACtC;aACF;SACF,CAAC,CAAC;QAEH,OAAO;YACL,GAAG,gBAAgB;YACnB,OAAO,EAAE;gBACP,qBAAY,CAAC,UAAU,CAAC,mBAAU,CAAC;gBACnC,GAAG,CAAC,gBAAgB,CAAC,OAAO,IAAI,EAAE,CAAC;aACpC;SACF,CAAC;IACJ,CAAC;CACF,CAAA;AAvCY,wDAAsB;iCAAtB,sBAAsB;IALlC,IAAA,eAAM,EAAC;QACN,WAAW,EAAE,CAAC,gCAAc,CAAC;QAC7B,SAAS,EAAE,CAAC,8BAAa,EAAE,yDAA0B,CAAC;QACtD,OAAO,EAAE,CAAC,8BAAa,EAAE,yDAA0B,CAAC;KACrD,CAAC;GACW,sBAAsB,CAuClC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export type { RoutePolicy } from '@anarchitects/auth-ts/models';
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"route-policy.js","sourceRoot":"","sources":["../../../../../../libs/auth/nest/src/presentation/route-policy.ts"],"names":[],"mappings":""}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"strategy.js","sourceRoot":"","sources":["../../../../../../../../libs/auth/nest/src/application/strategies/jwt/strategy.ts"],"names":[],"mappings":";;;;AACA,2CAA4C;AAC5C,+CAAoD;AACpD,+CAAoD;AAG7C,IAAM,WAAW,GAAjB,MAAM,WAAY,SAAQ,IAAA,2BAAgB,EAAC,uBAAQ,CAAC;IACzD;QACE,KAAK,CAAC;YACJ,cAAc,EAAE,yBAAU,CAAC,2BAA2B,EAAE;YACxD,gBAAgB,EAAE,KAAK;YACvB,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,eAAe;SAC1D,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,OAAuC;QACpD,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC;IACvD,CAAC;CACF,CAAA;AAZY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;;GACA,WAAW,CAYvB"}
|