@anarchitects/auth-nest 0.4.2 → 0.5.1

package/src/infrastructure-engine/better-auth/better-auth-auth-engine.adapter.d.ts

@@ -0,0 +1,21 @@
+import type { LoginRequestDTO, LoginResponseDTO, LogoutRequestDTO, RefreshTokenRequestDTO } from '@anarchitects/auth-ts/dtos';
+import type { ResolvedAuthApplicationModuleOptions } from '../../config';
+import { AuthEngineCapabilityReport, AuthEnginePort, AuthPasskeySignInInput, AuthSignOutOrRefreshInput, AuthSocialSignInInput } from '../../application/services/auth-engine.port';
+export declare class BetterAuthAuthEngineAdapter implements AuthEnginePort {
+    private readonly options;
+    private authInstancePromise;
+    constructor(options: ResolvedAuthApplicationModuleOptions);
+    describeCapabilities(): Promise<AuthEngineCapabilityReport>;
+    login(dto: LoginRequestDTO): Promise<LoginResponseDTO>;
+    logout(_dto: LogoutRequestDTO): Promise<{
+        success: boolean;
+    }>;
+    refreshTokens(userId: string, dto: RefreshTokenRequestDTO): Promise<LoginResponseDTO>;
+    passwordSignIn(dto: LoginRequestDTO): Promise<LoginResponseDTO>;
+    passkeySignIn(input: AuthPasskeySignInInput): Promise<unknown>;
+    socialSignIn(input: AuthSocialSignInInput): Promise<unknown>;
+    signOutOrRefresh(input: AuthSignOutOrRefreshInput): Promise<unknown>;
+    private getAuthInstance;
+    private createAuthInstance;
+    private isLoginResponse;
+}

package/src/infrastructure-engine/better-auth/better-auth-auth-engine.adapter.js

@@ -0,0 +1,180 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BetterAuthAuthEngineAdapter = void 0;
+const tslib_1 = require("tslib");
+const common_1 = require("@nestjs/common");
+const application_module_definition_1 = require("../../application/application.module-definition");
+const better_auth_module_loader_1 = require("./better-auth.module-loader");
+const dynamic_import_1 = require("./dynamic-import");
+let BetterAuthAuthEngineAdapter = class BetterAuthAuthEngineAdapter {
+    constructor(options) {
+        this.options = options;
+        this.authInstancePromise = null;
+    }
+    async describeCapabilities() {
+        const hasGithubConfig = Boolean(this.options.spike.socialProviders.github?.clientId &&
+            this.options.spike.socialProviders.github?.clientSecret);
+        return {
+            engine: 'better-auth',
+            flows: [
+                {
+                    flow: 'password-sign-in',
+                    status: 'supported',
+                    notes: 'Spike adapter maps email-password auth through Better Auth internal APIs.',
+                },
+                {
+                    flow: 'passkey-sign-in',
+                    status: this.options.features.passkeys ? 'supported' : 'needs-config',
+                    notes: this.options.features.passkeys
+                        ? 'Passkey plugin is enabled for proof-harness execution.'
+                        : 'Enable auth feature flag `passkeys` before running the passkey proof.',
+                },
+                {
+                    flow: 'social-sign-in',
+                    status: this.options.features.social && hasGithubConfig
+                        ? 'supported'
+                        : 'needs-config',
+                    notes: this.options.features.social && hasGithubConfig
+                        ? 'GitHub social sign-in is configured for the proof harness.'
+                        : 'Enable social feature flag and provide GitHub client credentials.',
+                },
+                {
+                    flow: 'sign-out-or-refresh',
+                    status: 'supported',
+                    notes: this.options.sessionMode === 'session'
+                        ? 'Better Auth session sign-out is the spike proof path.'
+                        : 'Better Auth sign-out is available; session-vs-jwt default remains an ADR decision.',
+                },
+            ],
+        };
+    }
+    login(dto) {
+        return this.passwordSignIn(dto);
+    }
+    logout(_dto) {
+        return Promise.reject(new Error('Better Auth logout via the legacy LogoutRequestDTO is unavailable in the spike adapter.'));
+    }
+    async refreshTokens(userId, dto) {
+        const result = await this.signOutOrRefresh({
+            mode: 'refresh',
+            userId,
+            dto,
+        });
+        if (this.isLoginResponse(result)) {
+            return result;
+        }
+        throw new Error('Better Auth refresh-token mapping is unavailable in the spike adapter.');
+    }
+    async passwordSignIn(dto) {
+        const auth = await this.getAuthInstance();
+        if (!auth.api?.signInEmail) {
+            throw new Error('Better Auth email sign-in API is unavailable.');
+        }
+        const result = (await auth.api.signInEmail({
+            body: {
+                email: dto.credential,
+                password: dto.password,
+            },
+        }));
+        return {
+            accessToken: result.accessToken ??
+                result.token ??
+                result.session?.token ??
+                'better-auth-session',
+            refreshToken: result.refreshToken ??
+                result.token ??
+                result.session?.token ??
+                'better-auth-session',
+        };
+    }
+    async passkeySignIn(input) {
+        const auth = await this.getAuthInstance();
+        if (!auth.api?.signInPasskey) {
+            throw new Error('Better Auth passkey API is unavailable.');
+        }
+        return auth.api.signInPasskey({
+            body: { autoFill: input.autoFill },
+            headers: input.headers,
+        });
+    }
+    async socialSignIn(input) {
+        const auth = await this.getAuthInstance();
+        if (!auth.api?.signInSocial) {
+            throw new Error('Better Auth social sign-in API is unavailable.');
+        }
+        return auth.api.signInSocial({
+            body: {
+                provider: input.provider,
+                callbackURL: input.callbackURL,
+                errorCallbackURL: input.errorCallbackURL,
+                newUserCallbackURL: input.newUserCallbackURL,
+                disableRedirect: true,
+            },
+            headers: input.headers,
+        });
+    }
+    async signOutOrRefresh(input) {
+        if (input.mode === 'refresh') {
+            return {
+                mode: 'refresh',
+                status: 'not-implemented',
+                notes: 'Better Auth spike uses sign-out/session semantics; refresh mapping is deferred to ADR.',
+            };
+        }
+        const auth = await this.getAuthInstance();
+        if (!auth.api?.signOut) {
+            throw new Error('Better Auth sign-out API is unavailable.');
+        }
+        return auth.api.signOut({ headers: input.headers });
+    }
+    async getAuthInstance() {
+        if (!this.authInstancePromise) {
+            this.authInstancePromise = this.createAuthInstance();
+        }
+        return this.authInstancePromise;
+    }
+    async createAuthInstance() {
+        const { betterAuth, betterAuthPasskey } = await (0, better_auth_module_loader_1.loadBetterAuthRuntimeModules)();
+        const { DatabaseSync } = await (0, dynamic_import_1.importEsmModule)('node:sqlite');
+        return betterAuth.betterAuth({
+            secret: this.options.spike.secret,
+            baseURL: this.options.spike.baseUrl,
+            database: new DatabaseSync(':memory:'),
+            emailAndPassword: {
+                enabled: true,
+            },
+            socialProviders: this.options.features.social
+                ? {
+                    github: {
+                        clientId: this.options.spike.socialProviders.github?.clientId ??
+                            'spike-client-id',
+                        clientSecret: this.options.spike.socialProviders.github?.clientSecret ??
+                            'spike-client-secret',
+                    },
+                }
+                : {},
+            plugins: this.options.features.passkeys
+                ? [
+                    betterAuthPasskey.passkey({
+                        rpID: this.options.spike.passkeys.rpID,
+                        rpName: this.options.spike.passkeys.rpName,
+                        origin: this.options.spike.passkeys.origin,
+                    }),
+                ]
+                : [],
+        });
+    }
+    isLoginResponse(value) {
+        return Boolean(value &&
+            typeof value === 'object' &&
+            'accessToken' in value &&
+            'refreshToken' in value);
+    }
+};
+exports.BetterAuthAuthEngineAdapter = BetterAuthAuthEngineAdapter;
+exports.BetterAuthAuthEngineAdapter = BetterAuthAuthEngineAdapter = tslib_1.__decorate([
+    (0, common_1.Injectable)(),
+    tslib_1.__param(0, (0, common_1.Inject)(application_module_definition_1.AUTH_APPLICATION_MODULE_OPTIONS)),
+    tslib_1.__metadata("design:paramtypes", [Object])
+], BetterAuthAuthEngineAdapter);
+//# sourceMappingURL=better-auth-auth-engine.adapter.js.map

package/src/infrastructure-engine/better-auth/better-auth-auth-engine.adapter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"better-auth-auth-engine.adapter.js","sourceRoot":"","sources":["../../../../../../../libs/auth/nest/src/infrastructure-engine/better-auth/better-auth-auth-engine.adapter.ts"],"names":[],"mappings":";;;;AAAA,2CAAoD;AAOpD,mGAAkG;AASlG,2EAA2E;AAC3E,qDAAmD;AA6B5C,IAAM,2BAA2B,GAAjC,MAAM,2BAA2B;IAGtC,YAEE,OAA8D;QAA7C,YAAO,GAAP,OAAO,CAAsC;QAJxD,wBAAmB,GAA2C,IAAI,CAAC;IAKxE,CAAC;IAEJ,KAAK,CAAC,oBAAoB;QACxB,MAAM,eAAe,GAAG,OAAO,CAC7B,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,MAAM,EAAE,QAAQ;YACjD,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,MAAM,EAAE,YAAY,CAC1D,CAAC;QAEF,OAAO;YACL,MAAM,EAAE,aAAa;YACrB,KAAK,EAAE;gBACL;oBACE,IAAI,EAAE,kBAAkB;oBACxB,MAAM,EAAE,WAAW;oBACnB,KAAK,EACH,2EAA2E;iBAC9E;gBACD;oBACE,IAAI,EAAE,iBAAiB;oBACvB,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,cAAc;oBACrE,KAAK,EAAE,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ;wBACnC,CAAC,CAAC,wDAAwD;wBAC1D,CAAC,CAAC,uEAAuE;iBAC5E;gBACD;oBACE,IAAI,EAAE,gBAAgB;oBACtB,MAAM,EACJ,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,IAAI,eAAe;wBAC7C,CAAC,CAAC,WAAW;wBACb,CAAC,CAAC,cAAc;oBACpB,KAAK,EACH,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,IAAI,eAAe;wBAC7C,CAAC,CAAC,4DAA4D;wBAC9D,CAAC,CAAC,mEAAmE;iBAC1E;gBACD;oBACE,IAAI,EAAE,qBAAqB;oBAC3B,MAAM,EAAE,WAAW;oBACnB,KAAK,EACH,IAAI,CAAC,OAAO,CAAC,WAAW,KAAK,SAAS;wBACpC,CAAC,CAAC,uDAAuD;wBACzD,CAAC,CAAC,oFAAoF;iBAC3F;aACF;SACF,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,GAAoB;QACxB,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC;IAClC,CAAC;IAED,MAAM,CAAC,IAAsB;QAC3B,OAAO,OAAO,CAAC,MAAM,CACnB,IAAI,KAAK,CACP,yFAAyF,CAC1F,CACF,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,MAAc,EACd,GAA2B;QAE3B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC;YACzC,IAAI,EAAE,SAAS;YACf,MAAM;YACN,GAAG;SACJ,CAAC,CAAC;QAEH,IAAI,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;YACjC,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,MAAM,IAAI,KAAK,CACb,wEAAwE,CACzE,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,GAAoB;QACvC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QAE1C,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;QACnE,CAAC;QAED,MAAM,MAAM,GAAG,CAAC,MAAM,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC;YACzC,IAAI,EAAE;gBACJ,KAAK,EAAE,GAAG,CAAC,UAAU;gBACrB,QAAQ,EAAE,GAAG,CAAC,QAAQ;aACvB;SACF,CAAC,CAKD,CAAC;QAEF,OAAO;YACL,WAAW,EACT,MAAM,CAAC,WAAW;gBAClB,MAAM,CAAC,KAAK;gBACZ,MAAM,CAAC,OAAO,EAAE,KAAK;gBACrB,qBAAqB;YACvB,YAAY,EACV,MAAM,CAAC,YAAY;gBACnB,MAAM,CAAC,KAAK;gBACZ,MAAM,CAAC,OAAO,EAAE,KAAK;gBACrB,qBAAqB;SACxB,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,KAA6B;QAC/C,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QAE1C,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC7D,CAAC;QAED,OAAO,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC;YAC5B,IAAI,EAAE,EAAE,QAAQ,EAAE,KAAK,CAAC,QAAQ,EAAE;YAClC,OAAO,EAAE,KAAK,CAAC,OAAO;SACvB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,KAA4B;QAC7C,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QAE1C,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;QACpE,CAAC;QAED,OAAO,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC;YAC3B,IAAI,EAAE;gBACJ,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;gBACxC,kBAAkB,EAAE,KAAK,CAAC,kBAAkB;gBAC5C,eAAe,EAAE,IAAI;aACtB;YACD,OAAO,EAAE,KAAK,CAAC,OAAO;SACvB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,KAAgC;QACrD,IAAI,KAAK,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAC7B,OAAO;gBACL,IAAI,EAAE,SAAS;gBACf,MAAM,EAAE,iBAAiB;gBACzB,KAAK,EACH,wFAAwF;aAC3F,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QAE1C,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;QAC9D,CAAC;QAED,OAAO,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IACtD,CAAC;IAEO,KAAK,CAAC,eAAe;QAC3B,IAAI,CAAC,IAAI,CAAC,mBAAmB,EAAE,CAAC;YAC9B,IAAI,CAAC,mBAAmB,GAAG,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACvD,CAAC;QAED,OAAO,IAAI,CAAC,mBAAmB,CAAC;IAClC,CAAC;IAEO,KAAK,CAAC,kBAAkB;QAC9B,MAAM,EAAE,UAAU,EAAE,iBAAiB,EAAE,GACrC,MAAM,IAAA,wDAA4B,GAAE,CAAC;QACvC,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,IAAA,gCAAe,EAE3C,aAAa,CAAC,CAAC;QAElB,OAAO,UAAU,CAAC,UAAU,CAAC;YAC3B,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM;YACjC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO;YACnC,QAAQ,EAAE,IAAI,YAAY,CAAC,UAAU,CAAC;YACtC,gBAAgB,EAAE;gBAChB,OAAO,EAAE,IAAI;aACd;YACD,eAAe,EAAE,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM;gBAC3C,CAAC,CAAC;oBACE,MAAM,EAAE;wBACN,QAAQ,EACN,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,MAAM,EAAE,QAAQ;4BACnD,iBAAiB;wBACnB,YAAY,EACV,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,MAAM,EAAE,YAAY;4BACvD,qBAAqB;qBACxB;iBACF;gBACH,CAAC,CAAC,EAAE;YACN,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ;gBACrC,CAAC,CAAC;oBACE,iBAAiB,CAAC,OAAO,CAAC;wBACxB,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI;wBACtC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM;wBAC1C,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM;qBAC3C,CAAC;iBACH;gBACH,CAAC,CAAC,EAAE;SACP,CAAsC,CAAC;IAC1C,CAAC;IAEO,eAAe,CAAC,KAAc;QACpC,OAAO,OAAO,CACZ,KAAK;YACH,OAAO,KAAK,KAAK,QAAQ;YACzB,aAAa,IAAI,KAAK;YACtB,cAAc,IAAI,KAAK,CAC1B,CAAC;IACJ,CAAC;CACF,CAAA;AA9NY,kEAA2B;sCAA3B,2BAA2B;IADvC,IAAA,mBAAU,GAAE;IAKR,mBAAA,IAAA,eAAM,EAAC,+DAA+B,CAAC,CAAA;;GAJ/B,2BAA2B,CA8NvC"}

package/src/infrastructure-engine/better-auth/better-auth-spike.harness.d.ts

@@ -0,0 +1,17 @@
+import type { ResolvedAuthApplicationModuleOptions } from '../../config';
+import { AuthEngineCapabilityReport, AuthEnginePort } from '../../application/services/auth-engine.port';
+export type BetterAuthSpikeFlowResult = {
+    flow: string;
+    status: 'ready' | 'blocked';
+    notes: string;
+};
+export declare class BetterAuthSpikeHarness {
+    private readonly authEnginePort;
+    private readonly options;
+    constructor(authEnginePort: AuthEnginePort, options: ResolvedAuthApplicationModuleOptions);
+    collectProofMatrix(): Promise<{
+        engine: AuthEngineCapabilityReport['engine'];
+        proofHarnessEnabled: boolean;
+        flows: BetterAuthSpikeFlowResult[];
+    }>;
+}

package/src/infrastructure-engine/better-auth/better-auth-spike.harness.js

@@ -0,0 +1,32 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BetterAuthSpikeHarness = void 0;
+const tslib_1 = require("tslib");
+const common_1 = require("@nestjs/common");
+const application_module_definition_1 = require("../../application/application.module-definition");
+const auth_engine_port_1 = require("../../application/services/auth-engine.port");
+let BetterAuthSpikeHarness = class BetterAuthSpikeHarness {
+    constructor(authEnginePort, options) {
+        this.authEnginePort = authEnginePort;
+        this.options = options;
+    }
+    async collectProofMatrix() {
+        const report = await this.authEnginePort.describeCapabilities();
+        return {
+            engine: report.engine,
+            proofHarnessEnabled: this.options.spike.proofHarnessEnabled,
+            flows: report.flows.map((flow) => ({
+                flow: flow.flow,
+                status: flow.status === 'supported' ? 'ready' : 'blocked',
+                notes: flow.notes,
+            })),
+        };
+    }
+};
+exports.BetterAuthSpikeHarness = BetterAuthSpikeHarness;
+exports.BetterAuthSpikeHarness = BetterAuthSpikeHarness = tslib_1.__decorate([
+    (0, common_1.Injectable)(),
+    tslib_1.__param(1, (0, common_1.Inject)(application_module_definition_1.AUTH_APPLICATION_MODULE_OPTIONS)),
+    tslib_1.__metadata("design:paramtypes", [auth_engine_port_1.AuthEnginePort, Object])
+], BetterAuthSpikeHarness);
+//# sourceMappingURL=better-auth-spike.harness.js.map

package/src/infrastructure-engine/better-auth/better-auth-spike.harness.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"better-auth-spike.harness.js","sourceRoot":"","sources":["../../../../../../../libs/auth/nest/src/infrastructure-engine/better-auth/better-auth-spike.harness.ts"],"names":[],"mappings":";;;;AAAA,2CAAoD;AACpD,mGAAkG;AAElG,kFAGqD;AAS9C,IAAM,sBAAsB,GAA5B,MAAM,sBAAsB;IACjC,YACmB,cAA8B,EAE9B,OAA6C;QAF7C,mBAAc,GAAd,cAAc,CAAgB;QAE9B,YAAO,GAAP,OAAO,CAAsC;IAC7D,CAAC;IAEJ,KAAK,CAAC,kBAAkB;QAKtB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,oBAAoB,EAAE,CAAC;QAEhE,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,mBAAmB,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,mBAAmB;YAC3D,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;gBACjC,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,MAAM,EAAE,IAAI,CAAC,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;gBACzD,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB,CAAC,CAAC;SACJ,CAAC;IACJ,CAAC;CACF,CAAA;AAxBY,wDAAsB;iCAAtB,sBAAsB;IADlC,IAAA,mBAAU,GAAE;IAIR,mBAAA,IAAA,eAAM,EAAC,+DAA+B,CAAC,CAAA;6CADP,iCAAc;GAFtC,sBAAsB,CAwBlC"}

package/src/infrastructure-engine/better-auth/better-auth.module-loader.d.ts

@@ -0,0 +1,7 @@
+export type BetterAuthModule = typeof import('better-auth');
+export type BetterAuthPasskeyModule = typeof import('@better-auth/passkey');
+export type BetterAuthRuntimeModules = {
+    betterAuth: BetterAuthModule;
+    betterAuthPasskey: BetterAuthPasskeyModule;
+};
+export declare function loadBetterAuthRuntimeModules(): Promise<BetterAuthRuntimeModules>;

package/src/infrastructure-engine/better-auth/better-auth.module-loader.js

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.loadBetterAuthRuntimeModules = loadBetterAuthRuntimeModules;
+const dynamic_import_1 = require("./dynamic-import");
+async function loadBetterAuthRuntimeModules() {
+    const [betterAuth, betterAuthPasskey] = await Promise.all([
+        (0, dynamic_import_1.importEsmModule)('better-auth'),
+        (0, dynamic_import_1.importEsmModule)('@better-auth/passkey'),
+    ]);
+    return {
+        betterAuth,
+        betterAuthPasskey,
+    };
+}
+//# sourceMappingURL=better-auth.module-loader.js.map

package/src/infrastructure-engine/better-auth/better-auth.module-loader.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"better-auth.module-loader.js","sourceRoot":"","sources":["../../../../../../../libs/auth/nest/src/infrastructure-engine/better-auth/better-auth.module-loader.ts"],"names":[],"mappings":";;AAUA,oEAUC;AApBD,qDAAmD;AAU5C,KAAK,UAAU,4BAA4B;IAChD,MAAM,CAAC,UAAU,EAAE,iBAAiB,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QACxD,IAAA,gCAAe,EAAmB,aAAa,CAAC;QAChD,IAAA,gCAAe,EAA0B,sBAAsB,CAAC;KACjE,CAAC,CAAC;IAEH,OAAO;QACL,UAAU;QACV,iBAAiB;KAClB,CAAC;AACJ,CAAC"}

package/src/infrastructure-engine/better-auth/dynamic-import.d.ts

@@ -0,0 +1 @@
+export declare function importEsmModule<T>(specifier: string): Promise<T>;

package/src/infrastructure-engine/better-auth/dynamic-import.js

@@ -0,0 +1,9 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.importEsmModule = importEsmModule;
+// Better Auth is ESM-only. Preserve native import() from this CommonJS package.
+const dynamicImporter = new Function('specifier', 'return import(specifier);');
+function importEsmModule(specifier) {
+    return dynamicImporter(specifier);
+}
+//# sourceMappingURL=dynamic-import.js.map

package/src/infrastructure-engine/better-auth/dynamic-import.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"dynamic-import.js","sourceRoot":"","sources":["../../../../../../../libs/auth/nest/src/infrastructure-engine/better-auth/dynamic-import.ts"],"names":[],"mappings":";;AAQA,0CAEC;AARD,gFAAgF;AAChF,MAAM,eAAe,GAAG,IAAI,QAAQ,CAClC,WAAW,EACX,2BAA2B,CACT,CAAC;AAErB,SAAgB,eAAe,CAAI,SAAiB;IAClD,OAAO,eAAe,CAAC,SAAS,CAAe,CAAC;AAClD,CAAC"}

package/src/infrastructure-engine/legacy-jwt-auth-engine.adapter.d.ts

@@ -0,0 +1,22 @@
+import { JwtService } from '@nestjs/jwt';
+import { LoginRequestDTO, LoginResponseDTO, LogoutRequestDTO, RefreshTokenRequestDTO } from '@anarchitects/auth-ts/dtos';
+import { AuthEngineCapabilityReport, AuthEnginePort, AuthPasskeySignInInput, AuthSignOutOrRefreshInput, AuthSocialSignInInput } from '../application/services/auth-engine.port';
+import { HashService } from '../application/services/hash.service';
+import { AuthUserRepository } from '../infrastructure-persistence/repositories/auth-user.repository';
+export declare class LegacyJwtAuthEngineAdapter implements AuthEnginePort {
+    private readonly hashService;
+    private readonly authUserRepository;
+    private readonly jwtService;
+    constructor(hashService: HashService, authUserRepository: AuthUserRepository, jwtService: JwtService);
+    login(dto: LoginRequestDTO): Promise<LoginResponseDTO>;
+    logout(dto: LogoutRequestDTO): Promise<{
+        success: boolean;
+    }>;
+    refreshTokens(userId: string, dto: RefreshTokenRequestDTO): Promise<LoginResponseDTO>;
+    describeCapabilities(): Promise<AuthEngineCapabilityReport>;
+    passwordSignIn(dto: LoginRequestDTO): Promise<LoginResponseDTO>;
+    passkeySignIn(_input: AuthPasskeySignInInput): Promise<unknown>;
+    socialSignIn(_input: AuthSocialSignInInput): Promise<unknown>;
+    signOutOrRefresh(input: AuthSignOutOrRefreshInput): Promise<unknown>;
+    private generateTokens;
+}

package/src/infrastructure-engine/legacy-jwt-auth-engine.adapter.js

@@ -0,0 +1,131 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LegacyJwtAuthEngineAdapter = void 0;
+const tslib_1 = require("tslib");
+const common_1 = require("@nestjs/common");
+const jwt_1 = require("@nestjs/jwt");
+const hash_service_1 = require("../application/services/hash.service");
+const auth_user_repository_1 = require("../infrastructure-persistence/repositories/auth-user.repository");
+let LegacyJwtAuthEngineAdapter = class LegacyJwtAuthEngineAdapter {
+    constructor(hashService, authUserRepository, jwtService) {
+        this.hashService = hashService;
+        this.authUserRepository = authUserRepository;
+        this.jwtService = jwtService;
+    }
+    async login(dto) {
+        const { credential, password } = dto;
+        const user = await this.authUserRepository.findOne({
+            where: [{ email: credential }, { userName: credential }],
+        });
+        if (!user) {
+            throw new common_1.BadRequestException('Invalid credentials');
+        }
+        const isPasswordValid = await this.hashService.compare(password, user.passwordHash);
+        if (!isPasswordValid) {
+            throw new common_1.BadRequestException('Invalid credentials');
+        }
+        return this.generateTokens(user);
+    }
+    async logout(dto) {
+        const { accessToken, refreshToken } = dto;
+        if (!refreshToken) {
+            throw new common_1.BadRequestException('Refresh token is required');
+        }
+        const payload = await this.jwtService.verifyAsync(refreshToken).catch(() => {
+            throw new common_1.BadRequestException('Invalid refresh token');
+        });
+        if (!payload?.sub) {
+            throw new common_1.BadRequestException('Invalid refresh token');
+        }
+        const user = await this.authUserRepository.findOne({
+            where: { id: payload.sub },
+        });
+        if (!user?.id) {
+            throw new common_1.BadRequestException('Invalid refresh token');
+        }
+        const tokenHashes = await Promise.all([accessToken, refreshToken]
+            .filter((token) => Boolean(token))
+            .map((token) => this.hashService.hash(token)));
+        await this.authUserRepository.invalidateTokens(tokenHashes, user.id);
+        return { success: true };
+    }
+    async refreshTokens(userId, dto) {
+        const { refreshToken } = dto;
+        const payload = await this.jwtService.verifyAsync(refreshToken).catch(() => {
+            throw new common_1.BadRequestException('Invalid refresh token');
+        });
+        if (!payload?.sub || payload.sub !== userId) {
+            throw new common_1.BadRequestException('Invalid refresh token');
+        }
+        const user = await this.authUserRepository.findOne({
+            where: { id: userId },
+        });
+        if (!user) {
+            throw new common_1.BadRequestException('User not found');
+        }
+        const isTokenInvalidated = await this.authUserRepository.isTokenInvalidated(await this.hashService.hash(refreshToken));
+        if (isTokenInvalidated) {
+            throw new common_1.BadRequestException('Refresh token has been invalidated');
+        }
+        return this.generateTokens(user);
+    }
+    async describeCapabilities() {
+        return {
+            engine: 'legacy-jwt',
+            flows: [
+                {
+                    flow: 'password-sign-in',
+                    status: 'supported',
+                    notes: 'Existing JwtAuthService email-or-username login path.',
+                },
+                {
+                    flow: 'passkey-sign-in',
+                    status: 'unsupported',
+                    notes: 'Legacy JWT engine does not implement WebAuthn.',
+                },
+                {
+                    flow: 'social-sign-in',
+                    status: 'unsupported',
+                    notes: 'Legacy JWT engine does not implement social provider sign-in.',
+                },
+                {
+                    flow: 'sign-out-or-refresh',
+                    status: 'supported',
+                    notes: 'Existing refresh-token flow remains available on the legacy engine.',
+                },
+            ],
+        };
+    }
+    passwordSignIn(dto) {
+        return this.login(dto);
+    }
+    passkeySignIn(_input) {
+        return Promise.reject(new Error('Passkey sign-in is unavailable on the legacy JWT engine.'));
+    }
+    socialSignIn(_input) {
+        return Promise.reject(new Error('Social sign-in is unavailable on the legacy JWT engine.'));
+    }
+    signOutOrRefresh(input) {
+        if (input.mode === 'refresh') {
+            return this.refreshTokens(input.userId, input.dto);
+        }
+        return Promise.reject(new Error('Legacy JWT proof path only supports refresh for the spike.'));
+    }
+    async generateTokens(user) {
+        const payload = {
+            sub: user.id,
+            roles: user.roles?.map((role) => role.name),
+        };
+        const accessToken = await this.jwtService.signAsync(payload);
+        const refreshToken = await this.jwtService.signAsync(payload);
+        return { accessToken, refreshToken };
+    }
+};
+exports.LegacyJwtAuthEngineAdapter = LegacyJwtAuthEngineAdapter;
+exports.LegacyJwtAuthEngineAdapter = LegacyJwtAuthEngineAdapter = tslib_1.__decorate([
+    (0, common_1.Injectable)(),
+    tslib_1.__metadata("design:paramtypes", [hash_service_1.HashService,
+        auth_user_repository_1.AuthUserRepository,
+        jwt_1.JwtService])
+], LegacyJwtAuthEngineAdapter);
+//# sourceMappingURL=legacy-jwt-auth-engine.adapter.js.map

package/src/infrastructure-engine/legacy-jwt-auth-engine.adapter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"legacy-jwt-auth-engine.adapter.js","sourceRoot":"","sources":["../../../../../../libs/auth/nest/src/infrastructure-engine/legacy-jwt-auth-engine.adapter.ts"],"names":[],"mappings":";;;;AAAA,2CAAiE;AACjE,qCAAyC;AAezC,uEAAmE;AACnE,0GAAqG;AAG9F,IAAM,0BAA0B,GAAhC,MAAM,0BAA0B;IACrC,YACmB,WAAwB,EACxB,kBAAsC,EACtC,UAAsB;QAFtB,gBAAW,GAAX,WAAW,CAAa;QACxB,uBAAkB,GAAlB,kBAAkB,CAAoB;QACtC,eAAU,GAAV,UAAU,CAAY;IACtC,CAAC;IAEJ,KAAK,CAAC,KAAK,CAAC,GAAoB;QAC9B,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC;QACrC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC;YACjD,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;SACzD,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,4BAAmB,CAAC,qBAAqB,CAAC,CAAC;QACvD,CAAC;QACD,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CACpD,QAAQ,EACR,IAAI,CAAC,YAAY,CAClB,CAAC;QACF,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,MAAM,IAAI,4BAAmB,CAAC,qBAAqB,CAAC,CAAC;QACvD,CAAC;QACD,OAAO,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;IACnC,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAqB;QAChC,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,GAAG,GAAG,CAAC;QAE1C,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,MAAM,IAAI,4BAAmB,CAAC,2BAA2B,CAAC,CAAC;QAC7D,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;YACzE,MAAM,IAAI,4BAAmB,CAAC,uBAAuB,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC;YAClB,MAAM,IAAI,4BAAmB,CAAC,uBAAuB,CAAC,CAAC;QACzD,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC;YACjD,KAAK,EAAE,EAAE,EAAE,EAAE,OAAO,CAAC,GAAG,EAAE;SAC3B,CAAC,CAAC;QAEH,IAAI,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC;YACd,MAAM,IAAI,4BAAmB,CAAC,uBAAuB,CAAC,CAAC;QACzD,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CACnC,CAAC,WAAW,EAAE,YAAY,CAAC;aACxB,MAAM,CAAC,CAAC,KAAK,EAAmB,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;aAClD,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAChD,CAAC;QAEF,MAAM,IAAI,CAAC,kBAAkB,CAAC,gBAAgB,CAAC,WAAW,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAErE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,MAAc,EACd,GAA2B;QAE3B,MAAM,EAAE,YAAY,EAAE,GAAG,GAAG,CAAC;QAC7B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;YACzE,MAAM,IAAI,4BAAmB,CAAC,uBAAuB,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,OAAO,EAAE,GAAG,IAAI,OAAO,CAAC,GAAG,KAAK,MAAM,EAAE,CAAC;YAC5C,MAAM,IAAI,4BAAmB,CAAC,uBAAuB,CAAC,CAAC;QACzD,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC;YACjD,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE;SACtB,CAAC,CAAC;QAEH,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,4BAAmB,CAAC,gBAAgB,CAAC,CAAC;QAClD,CAAC;QAED,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,kBAAkB,CACzE,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,YAAY,CAAC,CAC1C,CAAC;QAEF,IAAI,kBAAkB,EAAE,CAAC;YACvB,MAAM,IAAI,4BAAmB,CAAC,oCAAoC,CAAC,CAAC;QACtE,CAAC;QAED,OAAO,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;IACnC,CAAC;IAED,KAAK,CAAC,oBAAoB;QACxB,OAAO;YACL,MAAM,EAAE,YAAY;YACpB,KAAK,EAAE;gBACL;oBACE,IAAI,EAAE,kBAAkB;oBACxB,MAAM,EAAE,WAAW;oBACnB,KAAK,EAAE,uDAAuD;iBAC/D;gBACD;oBACE,IAAI,EAAE,iBAAiB;oBACvB,MAAM,EAAE,aAAa;oBACrB,KAAK,EAAE,gDAAgD;iBACxD;gBACD;oBACE,IAAI,EAAE,gBAAgB;oBACtB,MAAM,EAAE,aAAa;oBACrB,KAAK,EACH,+DAA+D;iBAClE;gBACD;oBACE,IAAI,EAAE,qBAAqB;oBAC3B,MAAM,EAAE,WAAW;oBACnB,KAAK,EACH,qEAAqE;iBACxE;aACF;SACF,CAAC;IACJ,CAAC;IAED,cAAc,CAAC,GAAoB;QACjC,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;IAED,aAAa,CAAC,MAA8B;QAC1C,OAAO,OAAO,CAAC,MAAM,CACnB,IAAI,KAAK,CAAC,0DAA0D,CAAC,CACtE,CAAC;IACJ,CAAC;IAED,YAAY,CAAC,MAA6B;QACxC,OAAO,OAAO,CAAC,MAAM,CACnB,IAAI,KAAK,CAAC,yDAAyD,CAAC,CACrE,CAAC;IACJ,CAAC;IAED,gBAAgB,CAAC,KAAgC;QAC/C,IAAI,KAAK,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;QACrD,CAAC;QAED,OAAO,OAAO,CAAC,MAAM,CACnB,IAAI,KAAK,CAAC,4DAA4D,CAAC,CACxE,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,cAAc,CAAC,IAAU;QACrC,MAAM,OAAO,GAAG;YACd,GAAG,EAAE,IAAI,CAAC,EAAE;YACZ,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;SAC5C,CAAC;QACF,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC7D,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC9D,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC;IACvC,CAAC;CACF,CAAA;AA5JY,gEAA0B;qCAA1B,0BAA0B;IADtC,IAAA,mBAAU,GAAE;6CAGqB,0BAAW;QACJ,yCAAkB;QAC1B,gBAAU;GAJ9B,0BAA0B,CA4JtC"}

package/src/infrastructure-mailer/index.d.ts

@@ -1,2 +1,3 @@
 export * from './adapters/node-mailer.adapter';
 export * from './mailer.module';
+export type { AuthMailerModuleOptions } from '../config';

package/src/infrastructure-mailer/mailer.module.d.ts

@@ -1,2 +1,6 @@
+import { DynamicModule } from '@nestjs/common';
+import type { AuthMailerModuleOptions } from '../config';
 export declare class AuthMailerModule {
+    static forRoot(options?: AuthMailerModuleOptions): DynamicModule;
+    static forRootFromConfig(overrides?: AuthMailerModuleOptions): DynamicModule;
 }

package/src/infrastructure-mailer/mailer.module.js

@@ -1,17 +1,42 @@
 "use strict";
+var AuthMailerModule_1;
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.AuthMailerModule = void 0;
 const tslib_1 = require("tslib");
 const common_1 = require("@nestjs/common");
+const config_1 = require("@nestjs/config");
 const common_nest_mailer_1 = require("@anarchitects/common-nest-mailer");
-let AuthMailerModule = class AuthMailerModule {
+const config_2 = require("../config");
+let AuthMailerModule = AuthMailerModule_1 = class AuthMailerModule {
+    static forRoot(options = {}) {
+        const resolvedOptions = (0, config_2.resolveAuthMailerModuleOptions)(options);
+        const commonMailerModule = common_nest_mailer_1.CommonMailerModule.forRoot({
+            provider: resolvedOptions.provider,
+        });
+        return {
+            module: AuthMailerModule_1,
+            imports: [commonMailerModule],
+            exports: [commonMailerModule],
+        };
+    }
+    static forRootFromConfig(overrides = {}) {
+        const configOptions = (0, config_2.mapAuthConfigToMailerModuleOptions)((0, config_2.authConfig)());
+        const moduleDefinition = this.forRoot({
+            ...configOptions,
+            ...overrides,
+        });
+        return {
+            ...moduleDefinition,
+            imports: [
+                config_1.ConfigModule.forFeature(config_2.authConfig),
+                ...(moduleDefinition.imports ?? []),
+            ],
+        };
+    }
 };
 exports.AuthMailerModule = AuthMailerModule;
-exports.AuthMailerModule = AuthMailerModule = tslib_1.__decorate([
+exports.AuthMailerModule = AuthMailerModule = AuthMailerModule_1 = tslib_1.__decorate([
     (0, common_1.Global)(),
-    (0, common_1.Module)({
-        imports: [common_nest_mailer_1.CommonNodeMailerModule],
-        exports: [common_nest_mailer_1.CommonNodeMailerModule],
-    })
+    (0, common_1.Module)({})
 ], AuthMailerModule);
 //# sourceMappingURL=mailer.module.js.map

package/src/infrastructure-mailer/mailer.module.js.map

@@ -1 +1 @@
-{"version":3,"file":"mailer.module.js","sourceRoot":"","sources":["../../../../../../libs/auth/nest/src/infrastructure-mailer/mailer.module.ts"],"names":[],"mappings":";;;;AAAA,2CAAgD;AAChD,yEAA0E;AAOnE,IAAM,gBAAgB,GAAtB,MAAM,gBAAgB;CAAG,CAAA;AAAnB,4CAAgB;2BAAhB,gBAAgB;IAL5B,IAAA,eAAM,GAAE;IACR,IAAA,eAAM,EAAC;QACN,OAAO,EAAE,CAAC,2CAAsB,CAAC;QACjC,OAAO,EAAE,CAAC,2CAAsB,CAAC;KAClC,CAAC;GACW,gBAAgB,CAAG"}
+{"version":3,"file":"mailer.module.js","sourceRoot":"","sources":["../../../../../../libs/auth/nest/src/infrastructure-mailer/mailer.module.ts"],"names":[],"mappings":";;;;;AAAA,2CAA+D;AAC/D,2CAA8C;AAC9C,yEAAsE;AACtE,sCAImB;AAKZ,IAAM,gBAAgB,wBAAtB,MAAM,gBAAgB;IAC3B,MAAM,CAAC,OAAO,CAAC,UAAmC,EAAE;QAClD,MAAM,eAAe,GAAG,IAAA,uCAA8B,EAAC,OAAO,CAAC,CAAC;QAChE,MAAM,kBAAkB,GAAG,uCAAkB,CAAC,OAAO,CAAC;YACpD,QAAQ,EAAE,eAAe,CAAC,QAAQ;SACnC,CAAC,CAAC;QAEH,OAAO;YACL,MAAM,EAAE,kBAAgB;YACxB,OAAO,EAAE,CAAC,kBAAkB,CAAC;YAC7B,OAAO,EAAE,CAAC,kBAAkB,CAAC;SAC9B,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,iBAAiB,CACtB,YAAqC,EAAE;QAEvC,MAAM,aAAa,GAAG,IAAA,2CAAkC,EAAC,IAAA,mBAAU,GAAE,CAAC,CAAC;QACvE,MAAM,gBAAgB,GAAG,IAAI,CAAC,OAAO,CAAC;YACpC,GAAG,aAAa;YAChB,GAAG,SAAS;SACb,CAAC,CAAC;QAEH,OAAO;YACL,GAAG,gBAAgB;YACnB,OAAO,EAAE;gBACP,qBAAY,CAAC,UAAU,CAAC,mBAAU,CAAC;gBACnC,GAAG,CAAC,gBAAgB,CAAC,OAAO,IAAI,EAAE,CAAC;aACpC;SACF,CAAC;IACJ,CAAC;CACF,CAAA;AA/BY,4CAAgB;2BAAhB,gBAAgB;IAF5B,IAAA,eAAM,GAAE;IACR,IAAA,eAAM,EAAC,EAAE,CAAC;GACE,gBAAgB,CA+B5B"}

package/src/infrastructure-persistence/index.d.ts

@@ -1,3 +1,4 @@
 export * from './persistence.module';
 export * from './repositories/auth-user.repository';
 export * from './migrations/1720200000000-create-auth-schema';
+export type { AuthPersistenceModuleOptions } from '../config';

package/src/infrastructure-persistence/persistence.module-definition.d.ts

@@ -1,13 +1,8 @@
-export declare const ConfigurableModuleClass: import("@nestjs/common").ConfigurableModuleCls<{
-    persistence: string;
-}, "forRoot", "create", {
+import type { ResolvedAuthPersistenceModuleOptions } from '../config';
+export declare const ConfigurableModuleClass: import("@nestjs/common").ConfigurableModuleCls<ResolvedAuthPersistenceModuleOptions, "forRoot", "create", {
     isGlobal?: boolean;
-}>, AUTH_PERSISTENCE_MODULE_OPTIONS: string | symbol, OPTIONS_TYPE: {
-    persistence: string;
-} & Partial<{
+}>, AUTH_PERSISTENCE_MODULE_OPTIONS: string | symbol, OPTIONS_TYPE: ResolvedAuthPersistenceModuleOptions & Partial<{
     isGlobal?: boolean;
-}>, ASYNC_OPTIONS_TYPE: import("@nestjs/common").ConfigurableModuleAsyncOptions<{
-    persistence: string;
-}, "create"> & Partial<{
+}>, ASYNC_OPTIONS_TYPE: import("@nestjs/common").ConfigurableModuleAsyncOptions<ResolvedAuthPersistenceModuleOptions, "create"> & Partial<{
     isGlobal?: boolean;
 }>;

package/src/infrastructure-persistence/persistence.module-definition.js.map

@@ -1 +1 @@
-{"version":3,"file":"persistence.module-definition.js","sourceRoot":"","sources":["../../../../../../libs/auth/nest/src/infrastructure-persistence/persistence.module-definition.ts"],"names":[],"mappings":";;;;AAAA,2CAA2D;AAE9C,KAKT,IAAI,kCAAyB,EAA2B;KACzD,kBAAkB,CAAC,SAAS,CAAC;KAC7B,SAAS,CACR,EAAE,QAAQ,EAAE,IAAI,EAAE,EAClB,CAAC,UAAU,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;IACvB,GAAG,UAAU;IACb,MAAM,EAAE,MAAM,CAAC,QAAQ,IAAI,KAAK;CACjC,CAAC,CACH;KACA,KAAK,EAAE,EAbR,+BAAuB,+BACD,uCAA+B,4BACrD,oBAAY,oBACZ,0BAAkB,yBAUT"}
+{"version":3,"file":"persistence.module-definition.js","sourceRoot":"","sources":["../../../../../../libs/auth/nest/src/infrastructure-persistence/persistence.module-definition.ts"],"names":[],"mappings":";;;;AAAA,2CAA2D;AAG9C,KAKT,IAAI,kCAAyB,EAAwC;KACtE,kBAAkB,CAAC,SAAS,CAAC;KAC7B,SAAS,CACR,EAAE,QAAQ,EAAE,IAAI,EAAE,EAClB,CAAC,UAAU,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;IACvB,GAAG,UAAU;IACb,MAAM,EAAE,MAAM,CAAC,QAAQ,IAAI,KAAK;CACjC,CAAC,CACH;KACA,KAAK,EAAE,EAbR,+BAAuB,+BACD,uCAA+B,4BACrD,oBAAY,oBACZ,0BAAkB,yBAUT"}

package/src/infrastructure-persistence/persistence.module.d.ts

@@ -1,5 +1,7 @@
 import { DynamicModule } from '@nestjs/common';
-import { ConfigurableModuleClass, OPTIONS_TYPE } from './persistence.module-definition';
+import { ConfigurableModuleClass } from './persistence.module-definition';
+import type { AuthPersistenceModuleOptions } from '../config';
 export declare class AuthPersistenceModule extends ConfigurableModuleClass {
-    static forRoot(options: typeof OPTIONS_TYPE): DynamicModule;
+    static forRoot(options?: AuthPersistenceModuleOptions): DynamicModule;
+    static forRootFromConfig(overrides?: AuthPersistenceModuleOptions): DynamicModule;
 }