npm - @baseplate-dev/plugin-auth - Versions diffs - 1.0.1 → 1.0.3 - Mend

@baseplate-dev/plugin-auth 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (706) hide show

package/dist/auth/core/generators/auth-module/generated/typed-templates.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"typed-templates.d.ts","sourceRoot":"","sources":["../../../../../../src/auth/core/generators/auth-module/generated/typed-templates.ts"],"names":[],"mappings":"AA0BA,eAAO,MAAM,cAAc;;CAA2B,CAAC;AA6CvD,eAAO,MAAM,WAAW;;;;;;;;;;;;;;;;;;;CAIvB,CAAC;AAiEF,eAAO,MAAM,UAAU;;;;;;;;CAAuD,CAAC;AAE/E,eAAO,MAAM,+BAA+B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAK3C,CAAC"}

package/dist/auth/{generators/fastify → core/generators}/auth-module/generated/typed-templates.js RENAMED Viewed

@@ -1,5 +1,5 @@
 import { createTsTemplateFile } from '@baseplate-dev/core-generators';
-import { authContextImportsProvider, authRolesImportsProvider, configServiceImportsProvider, errorHandlerServiceImportsProvider, requestServiceContextImportsProvider, userSessionTypesImportsProvider, } from '@baseplate-dev/fastify-generators';
+import { authContextImportsProvider, authRolesImportsProvider, configServiceImportsProvider, errorHandlerServiceImportsProvider, pothosImportsProvider, requestServiceContextImportsProvider, userSessionTypesImportsProvider, } from '@baseplate-dev/fastify-generators';
 import path from 'node:path';
 const userSessionConstants = createTsTemplateFile({
     fileOptions: { kind: 'singleton' },
@@ -12,6 +12,42 @@ const userSessionConstants = createTsTemplateFile({
     variables: {},
 });
 export const constantsGroup = { userSessionConstants };
+const schemaUserSessionMutations = createTsTemplateFile({
+    fileOptions: { kind: 'singleton' },
+    group: 'module',
+    importMapProviders: { pothosImports: pothosImportsProvider },
+    name: 'schema-user-session-mutations',
+    source: {
+        path: path.join(import.meta.dirname, '../templates/module/schema/user-session.mutations.ts'),
+    },
+    variables: {},
+});
+const schemaUserSessionPayloadObjectType = createTsTemplateFile({
+    fileOptions: { kind: 'singleton' },
+    group: 'module',
+    importMapProviders: { pothosImports: pothosImportsProvider },
+    name: 'schema-user-session-payload-object-type',
+    projectExports: { userSessionPayload: {} },
+    source: {
+        path: path.join(import.meta.dirname, '../templates/module/schema/user-session-payload.object-type.ts'),
+    },
+    variables: { TPL_PRISMA_USER: {}, TPL_USER_OBJECT_TYPE: {} },
+});
+const schemaUserSessionQueries = createTsTemplateFile({
+    fileOptions: { kind: 'singleton' },
+    group: 'module',
+    importMapProviders: { pothosImports: pothosImportsProvider },
+    name: 'schema-user-session-queries',
+    source: {
+        path: path.join(import.meta.dirname, '../templates/module/schema/user-session.queries.ts'),
+    },
+    variables: {},
+});
+export const moduleGroup = {
+    schemaUserSessionMutations,
+    schemaUserSessionPayloadObjectType,
+    schemaUserSessionQueries,
+};
 const userSessionService = createTsTemplateFile({
     fileOptions: { kind: 'singleton' },
     importMapProviders: {
@@ -60,9 +96,10 @@ const verifyRequestOrigin = createTsTemplateFile({
     variables: {},
 });
 export const utilsGroup = { cookieSigner, sessionCookie, verifyRequestOrigin };
-export const FASTIFY_AUTH_MODULE_TEMPLATES = {
+export const AUTH_CORE_AUTH_MODULE_TEMPLATES = {
     constantsGroup,
-    utilsGroup,
+    moduleGroup,
     userSessionService,
+    utilsGroup,
 };
 //# sourceMappingURL=typed-templates.js.map

package/dist/auth/core/generators/auth-module/generated/typed-templates.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"typed-templates.js","sourceRoot":"","sources":["../../../../../../src/auth/core/generators/auth-module/generated/typed-templates.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AACtE,OAAO,EACL,0BAA0B,EAC1B,wBAAwB,EACxB,4BAA4B,EAC5B,kCAAkC,EAClC,qBAAqB,EACrB,oCAAoC,EACpC,+BAA+B,GAChC,MAAM,mCAAmC,CAAC;AAC3C,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,MAAM,oBAAoB,GAAG,oBAAoB,CAAC;IAChD,WAAW,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE;IAClC,KAAK,EAAE,WAAW;IAClB,kBAAkB,EAAE,EAAE;IACtB,IAAI,EAAE,wBAAwB;IAC9B,MAAM,EAAE;QACN,IAAI,EAAE,IAAI,CAAC,IAAI,CACb,MAAM,CAAC,IAAI,CAAC,OAAO,EACnB,yDAAyD,CAC1D;KACF;IACD,SAAS,EAAE,EAAE;CACd,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,cAAc,GAAG,EAAE,oBAAoB,EAAE,CAAC;AAEvD,MAAM,0BAA0B,GAAG,oBAAoB,CAAC;IACtD,WAAW,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE;IAClC,KAAK,EAAE,QAAQ;IACf,kBAAkB,EAAE,EAAE,aAAa,EAAE,qBAAqB,EAAE;IAC5D,IAAI,EAAE,+BAA+B;IACrC,MAAM,EAAE;QACN,IAAI,EAAE,IAAI,CAAC,IAAI,CACb,MAAM,CAAC,IAAI,CAAC,OAAO,EACnB,sDAAsD,CACvD;KACF;IACD,SAAS,EAAE,EAAE;CACd,CAAC,CAAC;AAEH,MAAM,kCAAkC,GAAG,oBAAoB,CAAC;IAC9D,WAAW,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE;IAClC,KAAK,EAAE,QAAQ;IACf,kBAAkB,EAAE,EAAE,aAAa,EAAE,qBAAqB,EAAE;IAC5D,IAAI,EAAE,yCAAyC;IAC/C,cAAc,EAAE,EAAE,kBAAkB,EAAE,EAAE,EAAE;IAC1C,MAAM,EAAE;QACN,IAAI,EAAE,IAAI,CAAC,IAAI,CACb,MAAM,CAAC,IAAI,CAAC,OAAO,EACnB,gEAAgE,CACjE;KACF;IACD,SAAS,EAAE,EAAE,eAAe,EAAE,EAAE,EAAE,oBAAoB,EAAE,EAAE,EAAE;CAC7D,CAAC,CAAC;AAEH,MAAM,wBAAwB,GAAG,oBAAoB,CAAC;IACpD,WAAW,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE;IAClC,KAAK,EAAE,QAAQ;IACf,kBAAkB,EAAE,EAAE,aAAa,EAAE,qBAAqB,EAAE;IAC5D,IAAI,EAAE,6BAA6B;IACnC,MAAM,EAAE;QACN,IAAI,EAAE,IAAI,CAAC,IAAI,CACb,MAAM,CAAC,IAAI,CAAC,OAAO,EACnB,oDAAoD,CACrD;KACF;IACD,SAAS,EAAE,EAAE;CACd,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,WAAW,GAAG;IACzB,0BAA0B;IAC1B,kCAAkC;IAClC,wBAAwB;CACzB,CAAC;AAEF,MAAM,kBAAkB,GAAG,oBAAoB,CAAC;IAC9C,WAAW,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE;IAClC,kBAAkB,EAAE;QAClB,kBAAkB,EAAE,0BAA0B;QAC9C,gBAAgB,EAAE,wBAAwB;QAC1C,oBAAoB,EAAE,4BAA4B;QAClD,0BAA0B,EAAE,kCAAkC;QAC9D,4BAA4B,EAAE,oCAAoC;QAClE,uBAAuB,EAAE,+BAA+B;KACzD;IACD,IAAI,EAAE,sBAAsB;IAC5B,cAAc,EAAE,EAAE,kBAAkB,EAAE,EAAE,EAAE;IAC1C,MAAM,EAAE;QACN,IAAI,EAAE,IAAI,CAAC,IAAI,CACb,MAAM,CAAC,IAAI,CAAC,OAAO,EACnB,sDAAsD,CACvD;KACF;IACD,SAAS,EAAE,EAAE,uBAAuB,EAAE,EAAE,EAAE;CAC3C,CAAC,CAAC;AAEH,MAAM,YAAY,GAAG,oBAAoB,CAAC;IACxC,WAAW,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE;IAClC,KAAK,EAAE,OAAO;IACd,kBAAkB,EAAE,EAAE;IACtB,IAAI,EAAE,eAAe;IACrB,MAAM,EAAE;QACN,IAAI,EAAE,IAAI,CAAC,IAAI,CACb,MAAM,CAAC,IAAI,CAAC,OAAO,EACnB,4CAA4C,CAC7C;KACF;IACD,SAAS,EAAE,EAAE;CACd,CAAC,CAAC;AAEH,MAAM,aAAa,GAAG,oBAAoB,CAAC;IACzC,WAAW,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE;IAClC,KAAK,EAAE,OAAO;IACd,kBAAkB,EAAE,EAAE,oBAAoB,EAAE,4BAA4B,EAAE;IAC1E,IAAI,EAAE,gBAAgB;IACtB,MAAM,EAAE;QACN,IAAI,EAAE,IAAI,CAAC,IAAI,CACb,MAAM,CAAC,IAAI,CAAC,OAAO,EACnB,6CAA6C,CAC9C;KACF;IACD,SAAS,EAAE,EAAE;CACd,CAAC,CAAC;AAEH,MAAM,mBAAmB,GAAG,oBAAoB,CAAC;IAC/C,WAAW,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE;IAClC,KAAK,EAAE,OAAO;IACd,kBAAkB,EAAE,EAAE;IACtB,IAAI,EAAE,uBAAuB;IAC7B,MAAM,EAAE;QACN,IAAI,EAAE,IAAI,CAAC,IAAI,CACb,MAAM,CAAC,IAAI,CAAC,OAAO,EACnB,oDAAoD,CACrD;KACF;IACD,SAAS,EAAE,EAAE;CACd,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,UAAU,GAAG,EAAE,YAAY,EAAE,aAAa,EAAE,mBAAmB,EAAE,CAAC;AAE/E,MAAM,CAAC,MAAM,+BAA+B,GAAG;IAC7C,cAAc;IACd,WAAW;IACX,kBAAkB;IAClB,UAAU;CACX,CAAC"}

package/dist/auth/core/generators/auth-module/index.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export * from './auth-module.generator.js';
+export type { AuthModuleImportsProvider } from './generated/ts-import-providers.js';
+export { authModuleImportsProvider } from './generated/ts-import-providers.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/auth/core/generators/auth-module/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../src/auth/core/generators/auth-module/index.ts"],"names":[],"mappings":"AAAA,cAAc,4BAA4B,CAAC;AAC3C,YAAY,EAAE,yBAAyB,EAAE,MAAM,oCAAoC,CAAC;AACpF,OAAO,EAAE,yBAAyB,EAAE,MAAM,oCAAoC,CAAC"}

package/dist/auth/core/generators/auth-module/index.js ADDED Viewed

@@ -0,0 +1,3 @@
+export * from './auth-module.generator.js';
+export { authModuleImportsProvider } from './generated/ts-import-providers.js';
+//# sourceMappingURL=index.js.map

package/dist/auth/core/generators/auth-module/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../src/auth/core/generators/auth-module/index.ts"],"names":[],"mappings":"AAAA,cAAc,4BAA4B,CAAC;AAE3C,OAAO,EAAE,yBAAyB,EAAE,MAAM,oCAAoC,CAAC"}

package/dist/auth/core/generators/auth-module/templates/module/constants/user-session.constants.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+/**
+ * Defines the duration of a user session before it expires, in seconds.
+ */
+export declare const USER_SESSION_DURATION_SEC: number;
+/**
+ * Defines the duration after which a user session should be renewed, in seconds.
+ */
+export declare const USER_SESSION_RENEWAL_THRESHOLD_SEC: number;
+/**
+ * Sets the maximum possible lifespan of a user session, in seconds, including renewals.
+ *
+ * A value of 0 allows the session to persist indefinitely, provided it is renewed
+ * before the session expiration.
+ */
+export declare const USER_SESSION_MAX_LIFETIME_SEC: number;
+//# sourceMappingURL=user-session.constants.d.ts.map

package/dist/auth/core/generators/auth-module/templates/module/constants/user-session.constants.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"user-session.constants.d.ts","sourceRoot":"","sources":["../../../../../../../../src/auth/core/generators/auth-module/templates/module/constants/user-session.constants.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,yBAAyB,QAAoB,CAAC;AAE3D;;GAEG;AACH,eAAO,MAAM,kCAAkC,QAAmB,CAAC;AAEnE;;;;;GAKG;AACH,eAAO,MAAM,6BAA6B,EAAQ,MAAM,CAAC"}

package/dist/auth/core/generators/auth-module/templates/module/constants/user-session.constants.js ADDED Viewed

@@ -0,0 +1,17 @@
+// @ts-nocheck
+/**
+ * Defines the duration of a user session before it expires, in seconds.
+ */
+export const USER_SESSION_DURATION_SEC = 14 * 24 * 60 * 60; // 14 days
+/**
+ * Defines the duration after which a user session should be renewed, in seconds.
+ */
+export const USER_SESSION_RENEWAL_THRESHOLD_SEC = 1 * 24 * 60 * 60; // 1 day
+/**
+ * Sets the maximum possible lifespan of a user session, in seconds, including renewals.
+ *
+ * A value of 0 allows the session to persist indefinitely, provided it is renewed
+ * before the session expiration.
+ */
+export const USER_SESSION_MAX_LIFETIME_SEC = 0;
+//# sourceMappingURL=user-session.constants.js.map

package/dist/auth/core/generators/auth-module/templates/module/constants/user-session.constants.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"user-session.constants.js","sourceRoot":"","sources":["../../../../../../../../src/auth/core/generators/auth-module/templates/module/constants/user-session.constants.ts"],"names":[],"mappings":"AAAA,cAAc;AAEd;;GAEG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,UAAU;AAEtE;;GAEG;AACH,MAAM,CAAC,MAAM,kCAAkC,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,QAAQ;AAE5E;;;;;GAKG;AACH,MAAM,CAAC,MAAM,6BAA6B,GAAG,CAAW,CAAC"}

package/dist/auth/core/generators/auth-module/templates/module/schema/user-session-payload.object-type.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export declare const userSessionPayload: any;
2	+ //# sourceMappingURL=user-session-payload.object-type.d.ts.map

package/dist/auth/core/generators/auth-module/templates/module/schema/user-session-payload.object-type.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"user-session-payload.object-type.d.ts","sourceRoot":"","sources":["../../../../../../../../src/auth/core/generators/auth-module/templates/module/schema/user-session-payload.object-type.ts"],"names":[],"mappings":"AAIA,eAAO,MAAM,kBAAkB,KAkB9B,CAAC"}

package/dist/auth/core/generators/auth-module/templates/module/schema/user-session-payload.object-type.js ADDED Viewed

@@ -0,0 +1,17 @@
+// @ts-nocheck
+import { builder } from '%pothosImports';
+export const userSessionPayload = builder.simpleObject('UserSessionPayload', {
+    fields: (t) => ({
+        expiresAt: t.field({ type: 'DateTime', nullable: true }),
+        userId: t.field({ type: 'Uuid' }),
+    }),
+}, (t) => ({
+    user: t.prismaField({
+        type: TPL_USER_OBJECT_TYPE,
+        resolve: async (query, root) => TPL_PRISMA_USER.findUniqueOrThrow({
+            where: { id: root.userId },
+            ...query,
+        }),
+    }),
+}));
+//# sourceMappingURL=user-session-payload.object-type.js.map

package/dist/auth/core/generators/auth-module/templates/module/schema/user-session-payload.object-type.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"user-session-payload.object-type.js","sourceRoot":"","sources":["../../../../../../../../src/auth/core/generators/auth-module/templates/module/schema/user-session-payload.object-type.ts"],"names":[],"mappings":"AAAA,cAAc;AAEd,OAAO,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAEzC,MAAM,CAAC,MAAM,kBAAkB,GAAG,OAAO,CAAC,YAAY,CACpD,oBAAoB,EACpB;IACE,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACd,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;QACxD,MAAM,EAAE,CAAC,CAAC,KAAK,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;KAClC,CAAC;CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACN,IAAI,EAAE,CAAC,CAAC,WAAW,CAAC;QAClB,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,CAC7B,eAAe,CAAC,iBAAiB,CAAC;YAChC,KAAK,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,MAAM,EAAE;YAC1B,GAAG,KAAK;SACT,CAAC;KACL,CAAC;CACH,CAAC,CACH,CAAC"}

package/dist/auth/core/generators/auth-module/templates/module/schema/user-session-payload.object-type.ts ADDED Viewed

@@ -0,0 +1,23 @@
+// @ts-nocheck
+import { builder } from '%pothosImports';
+export const userSessionPayload = builder.simpleObject(
+  'UserSessionPayload',
+  {
+    fields: (t) => ({
+      expiresAt: t.field({ type: 'DateTime', nullable: true }),
+      userId: t.field({ type: 'Uuid' }),
+    }),
+  },
+  (t) => ({
+    user: t.prismaField({
+      type: TPL_USER_OBJECT_TYPE,
+      resolve: async (query, root) =>
+        TPL_PRISMA_USER.findUniqueOrThrow({
+          where: { id: root.userId },
+          ...query,
+        }),
+    }),
+  }),
+);

package/dist/auth/core/generators/auth-module/templates/module/schema/user-session.mutations.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=user-session.mutations.d.ts.map

package/dist/auth/core/generators/auth-module/templates/module/schema/user-session.mutations.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"user-session.mutations.d.ts","sourceRoot":"","sources":["../../../../../../../../src/auth/core/generators/auth-module/templates/module/schema/user-session.mutations.ts"],"names":[],"mappings":""}

package/dist/auth/core/generators/auth-module/templates/module/schema/user-session.mutations.js ADDED Viewed

@@ -0,0 +1,18 @@
+// @ts-nocheck
+import { builder } from '%pothosImports';
+import { userSessionService } from '../services/user-session.service.js';
+builder.mutationField('logOut', (t) => t.fieldWithInputPayload({
+    authorize: ['public'],
+    payload: {
+        success: t.payload.boolean({
+            description: 'Whether the logout was successful.',
+        }),
+    },
+    resolve: async (parent, args, context) => {
+        if (context.auth.session && context.auth.session.type === 'user') {
+            await userSessionService.clearSession(context.auth.session, context);
+        }
+        return { success: true };
+    },
+}));
+//# sourceMappingURL=user-session.mutations.js.map

package/dist/auth/core/generators/auth-module/templates/module/schema/user-session.mutations.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"user-session.mutations.js","sourceRoot":"","sources":["../../../../../../../../src/auth/core/generators/auth-module/templates/module/schema/user-session.mutations.ts"],"names":[],"mappings":"AAAA,cAAc;AAEd,OAAO,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAEzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,qCAAqC,CAAC;AAEzE,OAAO,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CACpC,CAAC,CAAC,qBAAqB,CAAC;IACtB,SAAS,EAAE,CAAC,QAAQ,CAAC;IACrB,OAAO,EAAE;QACP,OAAO,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC;YACzB,WAAW,EAAE,oCAAoC;SAClD,CAAC;KACH;IACD,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE;QACvC,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;YACjE,MAAM,kBAAkB,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACvE,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;CACF,CAAC,CACH,CAAC"}

package/dist/auth/core/generators/auth-module/templates/module/schema/user-session.mutations.ts ADDED Viewed

@@ -0,0 +1,23 @@
+// @ts-nocheck
+import { builder } from '%pothosImports';
+import { userSessionService } from '../services/user-session.service.js';
+builder.mutationField('logOut', (t) =>
+  t.fieldWithInputPayload({
+    authorize: ['public'],
+    payload: {
+      success: t.payload.boolean({
+        description: 'Whether the logout was successful.',
+      }),
+    },
+    resolve: async (parent, args, context) => {
+      if (context.auth.session && context.auth.session.type === 'user') {
+        await userSessionService.clearSession(context.auth.session, context);
+      }
+      return { success: true };
+    },
+  }),
+);

package/dist/auth/core/generators/auth-module/templates/module/schema/user-session.queries.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=user-session.queries.d.ts.map

package/dist/auth/core/generators/auth-module/templates/module/schema/user-session.queries.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"user-session.queries.d.ts","sourceRoot":"","sources":["../../../../../../../../src/auth/core/generators/auth-module/templates/module/schema/user-session.queries.ts"],"names":[],"mappings":""}

package/dist/auth/core/generators/auth-module/templates/module/schema/user-session.queries.js ADDED Viewed

@@ -0,0 +1,19 @@
+// @ts-nocheck
+import { builder } from '%pothosImports';
+import { userSessionPayload } from './user-session-payload.object-type.js';
+builder.queryField('currentUserSession', (t) => t.field({
+    type: userSessionPayload,
+    description: 'Get the current user session',
+    nullable: true,
+    authorize: ['public'],
+    resolve: (root, args, { auth }) => {
+        if (!auth.session || auth.session.type !== 'user') {
+            return undefined;
+        }
+        return {
+            expiresAt: auth.session.expiresAt?.toISOString(),
+            userId: auth.session.userId,
+        };
+    },
+}));
+//# sourceMappingURL=user-session.queries.js.map

package/dist/auth/core/generators/auth-module/templates/module/schema/user-session.queries.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"user-session.queries.js","sourceRoot":"","sources":["../../../../../../../../src/auth/core/generators/auth-module/templates/module/schema/user-session.queries.ts"],"names":[],"mappings":"AAAA,cAAc;AAEd,OAAO,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAEzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,uCAAuC,CAAC;AAE3E,OAAO,CAAC,UAAU,CAAC,oBAAoB,EAAE,CAAC,CAAC,EAAE,EAAE,CAC7C,CAAC,CAAC,KAAK,CAAC;IACN,IAAI,EAAE,kBAAkB;IACxB,WAAW,EAAE,8BAA8B;IAC3C,QAAQ,EAAE,IAAI;IACd,SAAS,EAAE,CAAC,QAAQ,CAAC;IACrB,OAAO,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;QAChC,IAAI,CAAC,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;YAClD,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,OAAO;YACL,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,WAAW,EAAE;YAChD,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM;SAC5B,CAAC;IACJ,CAAC;CACF,CAAC,CACH,CAAC"}

package/dist/auth/core/generators/auth-module/templates/module/schema/user-session.queries.ts ADDED Viewed

@@ -0,0 +1,24 @@
+// @ts-nocheck
+import { builder } from '%pothosImports';
+import { userSessionPayload } from './user-session-payload.object-type.js';
+builder.queryField('currentUserSession', (t) =>
+  t.field({
+    type: userSessionPayload,
+    description: 'Get the current user session',
+    nullable: true,
+    authorize: ['public'],
+    resolve: (root, args, { auth }) => {
+      if (!auth.session || auth.session.type !== 'user') {
+        return undefined;
+      }
+      return {
+        expiresAt: auth.session.expiresAt?.toISOString(),
+        userId: auth.session.userId,
+      };
+    },
+  }),
+);

package/dist/auth/core/generators/auth-module/templates/module/services/user-session.service.d.ts ADDED Viewed

@@ -0,0 +1,43 @@
+import type { AuthUserSessionInfo } from '%authContextImports';
+import type { RequestServiceContext } from '%requestServiceContextImports';
+import type { UserSessionPayload, UserSessionService } from '%userSessionTypesImports';
+import type { FastifyReply, FastifyRequest } from 'fastify';
+export declare class CookieUserSessionService implements UserSessionService {
+    /**
+     * Creates a user session cookie and sets it in the response.
+     *
+     * @param userId The ID of the user for whom the session is being created.
+     * @param context The request service context
+     * @param currentDate The current date and time. Defaults to the current date and time.
+     * @returns The session payload
+     */
+    createSession(userId: string, context: RequestServiceContext, currentDate?: Date): Promise<UserSessionPayload>;
+    /**
+     * Ends the user session by clearing the session cookie and deleting the session from the database.
+     *
+     * @param sessionInfo The session info
+     * @param context The request service context
+     */
+    clearSession(sessionInfo: AuthUserSessionInfo, context: RequestServiceContext): Promise<void>;
+    /**
+     * Retrieves the user session information from the request.
+     *
+     * @param req - The Fastify request object containing the cookies.
+     * @param reply - The Fastify reply object used to set or clear cookies.
+     * @param currentDate - The current date used for session validation. Defaults to the current date and time.
+     * @returns A promise that resolves to the authenticated user session information or null if the session is invalid.
+     * @throws {InvalidSessionError} If the session is invalid or expired.
+     */
+    getSessionInfoFromRequest(req: FastifyRequest, reply?: FastifyReply): Promise<AuthUserSessionInfo | undefined>;
+    /**
+     * Retrieves the user session information from the authentication token
+     *
+     * Note: Since we use cookies, we ignore the authToken parameter
+     *
+     * @param req The request object
+     * @returns The session info or undefined if no session is found
+     */
+    getSessionInfoFromToken(req: FastifyRequest): Promise<AuthUserSessionInfo | undefined>;
+}
+export declare const userSessionService: CookieUserSessionService;
+//# sourceMappingURL=user-session.service.d.ts.map

package/dist/auth/core/generators/auth-module/templates/module/services/user-session.service.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"user-session.service.d.ts","sourceRoot":"","sources":["../../../../../../../../src/auth/core/generators/auth-module/templates/module/services/user-session.service.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAE/D,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AAC3E,OAAO,KAAK,EACV,kBAAkB,EAClB,kBAAkB,EACnB,MAAM,0BAA0B,CAAC;AAElC,OAAO,KAAK,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAkF5D,qBAAa,wBAAyB,YAAW,kBAAkB;IACjE;;;;;;;OAOG;IACG,aAAa,CACjB,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,qBAAqB,EAC9B,WAAW,GAAE,IAAiB,GAC7B,OAAO,CAAC,kBAAkB,CAAC;IAsB9B;;;;;OAKG;IACG,YAAY,CAChB,WAAW,EAAE,mBAAmB,EAChC,OAAO,EAAE,qBAAqB,GAC7B,OAAO,CAAC,IAAI,CAAC;IAShB;;;;;;;;OAQG;IACG,yBAAyB,CAC7B,GAAG,EAAE,cAAc,EACnB,KAAK,CAAC,EAAE,YAAY,GACnB,OAAO,CAAC,mBAAmB,GAAG,SAAS,CAAC;IA8E3C;;;;;;;OAOG;IACG,uBAAuB,CAC3B,GAAG,EAAE,cAAc,GAClB,OAAO,CAAC,mBAAmB,GAAG,SAAS,CAAC;CAG5C;AAED,eAAO,MAAM,kBAAkB,0BAAiC,CAAC"}

package/dist/auth/core/generators/auth-module/templates/module/services/user-session.service.js ADDED Viewed

@@ -0,0 +1,180 @@
+// @ts-nocheck
+import { InvalidSessionError } from '%authContextImports';
+import { DEFAULT_USER_ROLES } from '%authRolesImports';
+import { config } from '%configServiceImports';
+import { ForbiddenError } from '%errorHandlerServiceImports';
+import { randomBytes } from 'node:crypto';
+import { USER_SESSION_DURATION_SEC, USER_SESSION_MAX_LIFETIME_SEC, USER_SESSION_RENEWAL_THRESHOLD_SEC, } from '../constants/user-session.constants.js';
+import { signObject, unsignObject } from '../utils/cookie-signer.js';
+import { getUserSessionCookieName } from '../utils/session-cookie.js';
+import { verifyRequestOrigin } from '../utils/verify-request-origin.js';
+const COOKIE_OPTIONS = {
+    httpOnly: true,
+    sameSite: 'lax',
+    secure: config.APP_ENVIRONMENT !== 'dev',
+    maxAge: USER_SESSION_DURATION_SEC,
+    path: '/',
+};
+/**
+ * Validates the expiry of a user session and determines if it needs to be renewed.
+ *
+ * @param currentDate The current date and time.
+ * @param userSession The session details.
+ * @param userSession.expiresAt The date and time when the session expires.
+ * @param userSession.createdAt The date and time when the session was created.
+ * @param userSession.renewedAt The date and time when the session was last renewed.
+ * @returns The validity of the session and the new expiry date if applicable.
+ */
+function validateSessionExpiry(currentDate, userSession) {
+    // check if session is expired
+    if (userSession.expiresAt < currentDate) {
+        return { valid: false, newExpiry: null };
+    }
+    // check if session needs renewal
+    const shouldRenewBy = userSession.renewedAt.getTime() + USER_SESSION_RENEWAL_THRESHOLD_SEC * 1000;
+    if (shouldRenewBy < currentDate.getTime()) {
+        const newExpiry = currentDate.getTime() + USER_SESSION_DURATION_SEC * 1000;
+        const maxExpiry = USER_SESSION_MAX_LIFETIME_SEC === 0
+            ? undefined
+            : userSession.createdAt.getTime() +
+                USER_SESSION_MAX_LIFETIME_SEC * 1000;
+        return {
+            valid: true,
+            newExpiry: new Date(Math.min(newExpiry, maxExpiry ?? newExpiry)),
+        };
+    }
+    return { valid: true, newExpiry: null };
+}
+/**
+ * Generates a session token
+ *
+ * @returns The session token
+ */
+function generateSessionToken() {
+    return randomBytes(16).toString('base64url');
+}
+export class CookieUserSessionService {
+    /**
+     * Creates a user session cookie and sets it in the response.
+     *
+     * @param userId The ID of the user for whom the session is being created.
+     * @param context The request service context
+     * @param currentDate The current date and time. Defaults to the current date and time.
+     * @returns The session payload
+     */
+    async createSession(userId, context, currentDate = new Date()) {
+        const token = generateSessionToken();
+        const expiresAt = new Date(currentDate.getTime() + USER_SESSION_DURATION_SEC * 1000);
+        await TPL_PRISMA_USER_SESSION.create({
+            data: {
+                user: { connect: { id: userId } },
+                token,
+                expiresAt,
+            },
+        });
+        const cookieName = getUserSessionCookieName(context.reqInfo.headers);
+        const cookieValue = signObject({ token }, config.AUTH_SECRET);
+        context.cookieStore.set(cookieName, cookieValue, COOKIE_OPTIONS);
+        return { userId, expiresAt };
+    }
+    /**
+     * Ends the user session by clearing the session cookie and deleting the session from the database.
+     *
+     * @param sessionInfo The session info
+     * @param context The request service context
+     */
+    async clearSession(sessionInfo, context) {
+        await TPL_PRISMA_USER_SESSION.delete({
+            where: { id: sessionInfo.id },
+        });
+        const cookieName = getUserSessionCookieName(context.reqInfo.headers);
+        context.cookieStore.clear(cookieName);
+    }
+    /**
+     * Retrieves the user session information from the request.
+     *
+     * @param req - The Fastify request object containing the cookies.
+     * @param reply - The Fastify reply object used to set or clear cookies.
+     * @param currentDate - The current date used for session validation. Defaults to the current date and time.
+     * @returns A promise that resolves to the authenticated user session information or null if the session is invalid.
+     * @throws {InvalidSessionError} If the session is invalid or expired.
+     */
+    async getSessionInfoFromRequest(req, reply) {
+        const currentDate = new Date();
+        // Check Origin header for non-GET/HEAD requests to prevent CSRF attacks
+        if ((req.method !== 'GET' ||
+            req.headers.upgrade?.toLowerCase() === 'websocket') &&
+            req.method !== 'HEAD' &&
+            !verifyRequestOrigin(req, [req.host])) {
+            throw new ForbiddenError('Invalid Origin header');
+        }
+        const cookieName = getUserSessionCookieName(req.headers);
+        try {
+            // Check if the session cookie is present
+            const sessionCookieValue = req.cookies[cookieName];
+            if (!sessionCookieValue)
+                return undefined;
+            // Unsign the session cookie
+            const sessionCookieResult = unsignObject(sessionCookieValue, config.AUTH_SECRET);
+            if (!sessionCookieResult)
+                throw new InvalidSessionError();
+            const { token } = sessionCookieResult;
+            if (typeof token !== 'string')
+                throw new InvalidSessionError();
+            // Fetch and validate user session
+            const userSession = await TPL_PRISMA_USER_SESSION.findUnique({
+                where: { token },
+                include: { user: { select: { id: true, roles: true } } },
+            });
+            if (!userSession)
+                throw new InvalidSessionError();
+            const sessionExpiryResult = validateSessionExpiry(currentDate, userSession);
+            if (!sessionExpiryResult.valid)
+                throw new InvalidSessionError('Session expired');
+            // renew the session if needed
+            if (sessionExpiryResult.newExpiry && reply) {
+                await TPL_PRISMA_USER_SESSION.update({
+                    where: { id: userSession.id },
+                    data: {
+                        renewedAt: currentDate,
+                        expiresAt: sessionExpiryResult.newExpiry,
+                    },
+                });
+                const newSignedCookie = signObject({ token }, config.AUTH_SECRET);
+                reply.setCookie(cookieName, newSignedCookie, COOKIE_OPTIONS);
+            }
+            const { user } = userSession;
+            const expiresAt = sessionExpiryResult.newExpiry ?? userSession.expiresAt;
+            return {
+                id: userSession.id,
+                type: 'user',
+                roles: [
+                    ...DEFAULT_USER_ROLES,
+                    ...user.roles.map((role) => role.role),
+                ],
+                userId: user.id,
+                expiresAt,
+            };
+        }
+        catch (err) {
+            // clear the cookie if it's invalid
+            if (err instanceof InvalidSessionError && reply) {
+                reply.clearCookie(cookieName);
+            }
+            throw err;
+        }
+    }
+    /**
+     * Retrieves the user session information from the authentication token
+     *
+     * Note: Since we use cookies, we ignore the authToken parameter
+     *
+     * @param req The request object
+     * @returns The session info or undefined if no session is found
+     */
+    async getSessionInfoFromToken(req) {
+        return this.getSessionInfoFromRequest(req, undefined);
+    }
+}
+export const userSessionService = new CookieUserSessionService();
+//# sourceMappingURL=user-session.service.js.map

package/dist/auth/core/generators/auth-module/templates/module/services/user-session.service.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"user-session.service.js","sourceRoot":"","sources":["../../../../../../../../src/auth/core/generators/auth-module/templates/module/services/user-session.service.ts"],"names":[],"mappings":"AAAA,cAAc;AAYd,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AACvD,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC7D,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE1C,OAAO,EACL,yBAAyB,EACzB,6BAA6B,EAC7B,kCAAkC,GACnC,MAAM,wCAAwC,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACrE,OAAO,EAAE,wBAAwB,EAAE,MAAM,4BAA4B,CAAC;AACtE,OAAO,EAAE,mBAAmB,EAAE,MAAM,mCAAmC,CAAC;AAOxE,MAAM,cAAc,GAA2B;IAC7C,QAAQ,EAAE,IAAI;IACd,QAAQ,EAAE,KAAK;IACf,MAAM,EAAE,MAAM,CAAC,eAAe,KAAK,KAAK;IACxC,MAAM,EAAE,yBAAyB;IACjC,IAAI,EAAE,GAAG;CACV,CAAC;AAEF;;;;;;;;;GASG;AACH,SAAS,qBAAqB,CAC5B,WAAiB,EACjB,WAIC;IAED,8BAA8B;IAC9B,IAAI,WAAW,CAAC,SAAS,GAAG,WAAW,EAAE,CAAC;QACxC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;IAC3C,CAAC;IAED,iCAAiC;IACjC,MAAM,aAAa,GACjB,WAAW,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,kCAAkC,GAAG,IAAI,CAAC;IAE9E,IAAI,aAAa,GAAG,WAAW,CAAC,OAAO,EAAE,EAAE,CAAC;QAC1C,MAAM,SAAS,GAAG,WAAW,CAAC,OAAO,EAAE,GAAG,yBAAyB,GAAG,IAAI,CAAC;QAC3E,MAAM,SAAS,GACb,6BAA6B,KAAK,CAAC;YACjC,CAAC,CAAC,SAAS;YACX,CAAC,CAAC,WAAW,CAAC,SAAS,CAAC,OAAO,EAAE;gBAC/B,6BAA6B,GAAG,IAAI,CAAC;QAC3C,OAAO;YACL,KAAK,EAAE,IAAI;YACX,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,SAAS,IAAI,SAAS,CAAC,CAAC;SACjE,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;AAC1C,CAAC;AAED;;;;GAIG;AACH,SAAS,oBAAoB;IAC3B,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AAC/C,CAAC;AAED,MAAM,OAAO,wBAAwB;IACnC;;;;;;;OAOG;IACH,KAAK,CAAC,aAAa,CACjB,MAAc,EACd,OAA8B,EAC9B,cAAoB,IAAI,IAAI,EAAE;QAE9B,MAAM,KAAK,GAAG,oBAAoB,EAAE,CAAC;QACrC,MAAM,SAAS,GAAG,IAAI,IAAI,CACxB,WAAW,CAAC,OAAO,EAAE,GAAG,yBAAyB,GAAG,IAAI,CACzD,CAAC;QAEF,MAAM,uBAAuB,CAAC,MAAM,CAAC;YACnC,IAAI,EAAE;gBACJ,IAAI,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE;gBACjC,KAAK;gBACL,SAAS;aACV;SACF,CAAC,CAAC;QAEH,MAAM,UAAU,GAAG,wBAAwB,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACrE,MAAM,WAAW,GAAG,UAAU,CAAC,EAAE,KAAK,EAAE,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;QAE9D,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,EAAE,WAAW,EAAE,cAAc,CAAC,CAAC;QAEjE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;IAC/B,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,YAAY,CAChB,WAAgC,EAChC,OAA8B;QAE9B,MAAM,uBAAuB,CAAC,MAAM,CAAC;YACnC,KAAK,EAAE,EAAE,EAAE,EAAE,WAAW,CAAC,EAAE,EAAE;SAC9B,CAAC,CAAC;QAEH,MAAM,UAAU,GAAG,wBAAwB,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACrE,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;IACxC,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,yBAAyB,CAC7B,GAAmB,EACnB,KAAoB;QAEpB,MAAM,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC;QAE/B,wEAAwE;QACxE,IACE,CAAC,GAAG,CAAC,MAAM,KAAK,KAAK;YACnB,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,WAAW,EAAE,KAAK,WAAW,CAAC;YACrD,GAAG,CAAC,MAAM,KAAK,MAAM;YACrB,CAAC,mBAAmB,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,EACrC,CAAC;YACD,MAAM,IAAI,cAAc,CAAC,uBAAuB,CAAC,CAAC;QACpD,CAAC;QAED,MAAM,UAAU,GAAG,wBAAwB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACzD,IAAI,CAAC;YACH,yCAAyC;YACzC,MAAM,kBAAkB,GAAG,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;YACnD,IAAI,CAAC,kBAAkB;gBAAE,OAAO,SAAS,CAAC;YAE1C,4BAA4B;YAC5B,MAAM,mBAAmB,GAAG,YAAY,CACtC,kBAAkB,EAClB,MAAM,CAAC,WAAW,CACe,CAAC;YACpC,IAAI,CAAC,mBAAmB;gBAAE,MAAM,IAAI,mBAAmB,EAAE,CAAC;YAE1D,MAAM,EAAE,KAAK,EAAE,GAAG,mBAAmB,CAAC;YACtC,IAAI,OAAO,KAAK,KAAK,QAAQ;gBAAE,MAAM,IAAI,mBAAmB,EAAE,CAAC;YAE/D,kCAAkC;YAClC,MAAM,WAAW,GAAG,MAAM,uBAAuB,CAAC,UAAU,CAAC;gBAC3D,KAAK,EAAE,EAAE,KAAK,EAAE;gBAChB,OAAO,EAAE,EAAE,IAAI,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE;aACzD,CAAC,CAAC;YACH,IAAI,CAAC,WAAW;gBAAE,MAAM,IAAI,mBAAmB,EAAE,CAAC;YAElD,MAAM,mBAAmB,GAAG,qBAAqB,CAC/C,WAAW,EACX,WAAW,CACZ,CAAC;YACF,IAAI,CAAC,mBAAmB,CAAC,KAAK;gBAC5B,MAAM,IAAI,mBAAmB,CAAC,iBAAiB,CAAC,CAAC;YAEnD,8BAA8B;YAC9B,IAAI,mBAAmB,CAAC,SAAS,IAAI,KAAK,EAAE,CAAC;gBAC3C,MAAM,uBAAuB,CAAC,MAAM,CAAC;oBACnC,KAAK,EAAE,EAAE,EAAE,EAAE,WAAW,CAAC,EAAE,EAAE;oBAC7B,IAAI,EAAE;wBACJ,SAAS,EAAE,WAAW;wBACtB,SAAS,EAAE,mBAAmB,CAAC,SAAS;qBACzC;iBACF,CAAC,CAAC;gBACH,MAAM,eAAe,GAAG,UAAU,CAAC,EAAE,KAAK,EAAE,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;gBAClE,KAAK,CAAC,SAAS,CAAC,UAAU,EAAE,eAAe,EAAE,cAAc,CAAC,CAAC;YAC/D,CAAC;YAED,MAAM,EAAE,IAAI,EAAE,GAAG,WAAW,CAAC;YAC7B,MAAM,SAAS,GAAG,mBAAmB,CAAC,SAAS,IAAI,WAAW,CAAC,SAAS,CAAC;YAEzE,OAAO;gBACL,EAAE,EAAE,WAAW,CAAC,EAAE;gBAClB,IAAI,EAAE,MAAM;gBACZ,KAAK,EAAE;oBACL,GAAG,kBAAkB;oBACrB,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAgB,CAAC;iBACnD;gBACD,MAAM,EAAE,IAAI,CAAC,EAAE;gBACf,SAAS;aACV,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,mCAAmC;YACnC,IAAI,GAAG,YAAY,mBAAmB,IAAI,KAAK,EAAE,CAAC;gBAChD,KAAK,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;YAChC,CAAC;YACD,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,uBAAuB,CAC3B,GAAmB;QAEnB,OAAO,IAAI,CAAC,yBAAyB,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;IACxD,CAAC;CACF;AAED,MAAM,CAAC,MAAM,kBAAkB,GAAG,IAAI,wBAAwB,EAAE,CAAC"}

package/dist/auth/{generators/fastify → core/generators}/auth-module/templates/module/services/user-session.service.ts RENAMED Viewed

@@ -33,7 +33,7 @@ interface SessionCookieValue {
 const COOKIE_OPTIONS: CookieSerializeOptions = {
   httpOnly: true,
   sameSite: 'lax',
-  secure: config.APP_ENVIRONMENT !== 'development',
+  secure: config.APP_ENVIRONMENT !== 'dev',
   maxAge: USER_SESSION_DURATION_SEC,
   path: '/',
 };

package/dist/auth/core/generators/auth-module/templates/module/utils/cookie-signer.d.ts ADDED Viewed

@@ -0,0 +1,38 @@
+/**
+ * Cookie signing utilities
+ * Based on node-cookie-signature by TJ Holowaychuk
+ * Source: https://github.com/tj/node-cookie-signature
+ */
+/**
+ * Sign the given `val` with `secret` using HMAC-SHA256.
+ *
+ * @param val - The value to sign.
+ * @param secret - The secret key to use for signing.
+ * @returns The signed value.
+ */
+export declare function sign(val: string, secret: string): string;
+/**
+ * Unsign and decode the given `input` with `secret`,
+ *
+ * @param input - The signed cookie string to unsign.
+ * @param secret - The secret key used for signing.
+ * @returns The unsigned value or undefined if the signature is invalid.
+ */
+export declare function unsign(input: string, secret: string): string | undefined;
+/**
+ * Sign an object by JSON stringifying and base64 encoding it, then signing with secret.
+ *
+ * @param obj - The object to sign.
+ * @param secret - The secret key to use for signing.
+ * @returns The signed encoded object.
+ */
+export declare function signObject(obj: unknown, secret: string): string;
+/**
+ * Unsign and decode an object that was signed with signObject.
+ *
+ * @param input - The signed encoded object string to unsign.
+ * @param secret - The secret key used for signing.
+ * @returns The decoded object or undefined if the signature is invalid.
+ */
+export declare function unsignObject(input: string, secret: string): unknown;
+//# sourceMappingURL=cookie-signer.d.ts.map

package/dist/auth/core/generators/auth-module/templates/module/utils/cookie-signer.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"cookie-signer.d.ts","sourceRoot":"","sources":["../../../../../../../../src/auth/core/generators/auth-module/templates/module/utils/cookie-signer.ts"],"names":[],"mappings":"AAIA;;;;GAIG;AAEH;;;;;;GAMG;AACH,wBAAgB,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAOxD;AAED;;;;;;GAMG;AACH,wBAAgB,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAYxE;AAED;;;;;;GAMG;AACH,wBAAgB,UAAU,CAAC,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAG/D;AAED;;;;;;GAMG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAUnE"}