@bpinhosilva/agent-orchestrator 1.0.0-alpha.2 → 1.0.0-alpha.21

package/dist/auth/auth.service.js

@@ -0,0 +1,239 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthService = void 0;
+const common_1 = require("@nestjs/common");
+const jwt_1 = require("@nestjs/jwt");
+const config_1 = require("@nestjs/config");
+const typeorm_1 = require("typeorm");
+const typeorm_2 = require("@nestjs/typeorm");
+const users_service_1 = require("../users/users.service");
+const refresh_token_entity_1 = require("./entities/refresh-token.entity");
+const bcrypt = __importStar(require("bcrypt"));
+let AuthService = class AuthService {
+    usersService;
+    jwtService;
+    configService;
+    refreshTokenRepository;
+    accessTokenExpiresIn = '60m';
+    refreshTokenExpiresIn = '1d';
+    absoluteMaxExpiresIn = 30 * 24 * 60 * 60 * 1000;
+    constructor(usersService, jwtService, configService, refreshTokenRepository) {
+        this.usersService = usersService;
+        this.jwtService = jwtService;
+        this.configService = configService;
+        this.refreshTokenRepository = refreshTokenRepository;
+    }
+    async validateUser(userId) {
+        try {
+            const user = await this.usersService.findOne(userId);
+            if (user) {
+                const { password, ...result } = user;
+                return result;
+            }
+        }
+        catch {
+            return null;
+        }
+        return null;
+    }
+    generateAccessToken(payload) {
+        return this.jwtService.sign(payload, {
+            expiresIn: this.accessTokenExpiresIn,
+            algorithm: 'HS256',
+        });
+    }
+    async generateRefreshToken(userId) {
+        const issuedAt = new Date();
+        const expiresAt = new Date(issuedAt.getTime() + 24 * 60 * 60 * 1000);
+        const absoluteExpiry = new Date(issuedAt.getTime() + this.absoluteMaxExpiresIn);
+        const payload = {
+            sub: userId,
+            type: 'refresh',
+            iat: Math.floor(issuedAt.getTime() / 1000),
+        };
+        const token = this.jwtService.sign(payload, {
+            expiresIn: this.refreshTokenExpiresIn,
+            secret: this.configService.get('JWT_SECRET'),
+            algorithm: 'HS256',
+        });
+        const hashedToken = await bcrypt.hash(token, 10);
+        await this.refreshTokenRepository.save({
+            userId,
+            token: hashedToken,
+            issuedAt,
+            expiresAt,
+            absoluteExpiry,
+            revokedAt: null,
+        });
+        return { token, expiresAt, absoluteExpiry };
+    }
+    async validateRefreshToken(token) {
+        try {
+            const payload = this.jwtService.verify(token, {
+                secret: this.configService.get('JWT_SECRET'),
+                algorithms: ['HS256'],
+            });
+            if (payload.type !== 'refresh') {
+                return null;
+            }
+            const refreshTokens = await this.refreshTokenRepository.find({
+                where: {
+                    userId: payload.sub,
+                    revokedAt: (0, typeorm_1.IsNull)(),
+                },
+            });
+            if (!refreshTokens.length) {
+                return null;
+            }
+            let tokenFound = false;
+            for (const dbToken of refreshTokens) {
+                const isMatch = await bcrypt.compare(token, dbToken.token);
+                if (isMatch) {
+                    if (new Date() > dbToken.expiresAt) {
+                        return null;
+                    }
+                    if (new Date() > dbToken.absoluteExpiry) {
+                        return null;
+                    }
+                    tokenFound = true;
+                    break;
+                }
+            }
+            return tokenFound
+                ? payload.sub
+                : null;
+        }
+        catch {
+            return null;
+        }
+    }
+    async register(registerDto) {
+        const existingUser = await this.usersService.findByEmail(registerDto.email);
+        if (existingUser) {
+            throw new common_1.ConflictException('Email already in use');
+        }
+        const hashedPassword = await bcrypt.hash(registerDto.password, 10);
+        const user = await this.usersService.create({
+            ...registerDto,
+            password: hashedPassword,
+        });
+        const { password, ...result } = user;
+        return result;
+    }
+    async login(loginDto) {
+        const user = await this.usersService.findByEmail(loginDto.email);
+        if (!user) {
+            throw new common_1.UnauthorizedException('Invalid credentials');
+        }
+        if (!user.password) {
+            throw new common_1.UnauthorizedException('Invalid credentials');
+        }
+        const isMatch = await bcrypt.compare(loginDto.password, user.password);
+        if (!isMatch) {
+            throw new common_1.UnauthorizedException('Invalid credentials');
+        }
+        const payload = { email: user.email, sub: user.id };
+        const accessToken = this.generateAccessToken(payload);
+        const { token: refreshToken } = await this.generateRefreshToken(user.id);
+        return {
+            access_token: accessToken,
+            refresh_token: refreshToken,
+            expires_in: 3600,
+            refresh_expires_in: 86400,
+            refresh_absolute_expires_in: 2592000,
+            token_type: 'Bearer',
+        };
+    }
+    async refresh(refreshToken) {
+        const userId = await this.validateRefreshToken(refreshToken);
+        if (!userId) {
+            throw new common_1.UnauthorizedException('Invalid or expired refresh token');
+        }
+        const user = await this.usersService.findOne(userId);
+        if (!user) {
+            throw new common_1.UnauthorizedException('User not found');
+        }
+        await this.refreshTokenRepository.update({ userId, revokedAt: (0, typeorm_1.IsNull)() }, { revokedAt: new Date() });
+        const payload = { email: user.email, sub: user.id };
+        const newAccessToken = this.generateAccessToken(payload);
+        const { token: newRefreshToken } = await this.generateRefreshToken(user.id);
+        return {
+            access_token: newAccessToken,
+            refresh_token: newRefreshToken,
+            expires_in: 3600,
+            refresh_expires_in: 86400,
+            token_type: 'Bearer',
+        };
+    }
+    async revokeRefreshToken(token) {
+        try {
+            const payload = this.jwtService.verify(token, {
+                secret: this.configService.get('JWT_SECRET'),
+                algorithms: ['HS256'],
+            });
+            if (payload.sub) {
+                await this.refreshTokenRepository.update({
+                    userId: payload.sub,
+                    revokedAt: (0, typeorm_1.IsNull)(),
+                }, { revokedAt: new Date() });
+            }
+        }
+        catch {
+        }
+    }
+};
+exports.AuthService = AuthService;
+exports.AuthService = AuthService = __decorate([
+    (0, common_1.Injectable)(),
+    __param(3, (0, typeorm_2.InjectRepository)(refresh_token_entity_1.RefreshToken)),
+    __metadata("design:paramtypes", [users_service_1.UsersService,
+        jwt_1.JwtService,
+        config_1.ConfigService,
+        typeorm_1.Repository])
+], AuthService);
+//# sourceMappingURL=auth.service.js.map

package/dist/auth/auth.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../src/auth/auth.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAIwB;AACxB,qCAAyC;AACzC,2CAA+C;AAC/C,qCAA6C;AAC7C,6CAAmD;AACnD,0DAAsD;AAGtD,0EAA+D;AAC/D,+CAAiC;AAI1B,IAAM,WAAW,GAAjB,MAAM,WAAW;IAMZ;IACA;IACA;IAEA;IATO,oBAAoB,GAAG,KAAK,CAAC;IAC7B,qBAAqB,GAAG,IAAI,CAAC;IAC7B,oBAAoB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IAEjE,YACU,YAA0B,EAC1B,UAAsB,EACtB,aAA4B,EAE5B,sBAAgD;QAJhD,iBAAY,GAAZ,YAAY,CAAc;QAC1B,eAAU,GAAV,UAAU,CAAY;QACtB,kBAAa,GAAb,aAAa,CAAe;QAE5B,2BAAsB,GAAtB,sBAAsB,CAA0B;IACvD,CAAC;IAEJ,KAAK,CAAC,YAAY,CAAC,MAAc;QAC/B,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;YACrD,IAAI,IAAI,EAAE,CAAC;gBAET,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,EAAE,GAAG,IAAI,CAAC;gBACrC,OAAO,MAAM,CAAC;YAChB,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,mBAAmB,CAAC,OAA+B;QACzD,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,EAAE;YACnC,SAAS,EAAE,IAAI,CAAC,oBAAoB;YACpC,SAAS,EAAE,OAAO;SACnB,CAAC,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,oBAAoB,CAChC,MAAc;QAEd,MAAM,QAAQ,GAAG,IAAI,IAAI,EAAE,CAAC;QAC5B,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QACrE,MAAM,cAAc,GAAG,IAAI,IAAI,CAC7B,QAAQ,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,oBAAoB,CAC/C,CAAC;QAEF,MAAM,OAAO,GAAG;YACd,GAAG,EAAE,MAAM;YACX,IAAI,EAAE,SAAS;YACf,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC;SAC3C,CAAC;QAEF,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,EAAE;YAC1C,SAAS,EAAE,IAAI,CAAC,qBAAqB;YACrC,MAAM,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAS,YAAY,CAAC;YACpD,SAAS,EAAE,OAAO;SACnB,CAAC,CAAC;QAGH,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAGjD,MAAM,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC;YACrC,MAAM;YACN,KAAK,EAAE,WAAW;YAClB,QAAQ;YACR,SAAS;YACT,cAAc;YACd,SAAS,EAAE,IAAI;SAChB,CAAC,CAAC;QAEH,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,cAAc,EAAE,CAAC;IAC9C,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,KAAa;QACtC,IAAI,CAAC;YAGH,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,EAAE;gBAC5C,MAAM,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAS,YAAY,CAAC;gBACpD,UAAU,EAAE,CAAC,OAAO,CAAC;aACtB,CAAC,CAAC;YAEH,IAAK,OAAmC,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;gBAC5D,OAAO,IAAI,CAAC;YACd,CAAC;YAGD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC;gBAC3D,KAAK,EAAE;oBACL,MAAM,EAAG,OAAmC,CAAC,GAAa;oBAC1D,SAAS,EAAE,IAAA,gBAAM,GAAE;iBACpB;aACF,CAAC,CAAC;YAEH,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC;gBAC1B,OAAO,IAAI,CAAC;YACd,CAAC;YAGD,IAAI,UAAU,GAAG,KAAK,CAAC;YACvB,KAAK,MAAM,OAAO,IAAI,aAAa,EAAE,CAAC;gBACpC,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;gBAC3D,IAAI,OAAO,EAAE,CAAC;oBAEZ,IAAI,IAAI,IAAI,EAAE,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;wBACnC,OAAO,IAAI,CAAC;oBACd,CAAC;oBAGD,IAAI,IAAI,IAAI,EAAE,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC;wBACxC,OAAO,IAAI,CAAC;oBACd,CAAC;oBAED,UAAU,GAAG,IAAI,CAAC;oBAClB,MAAM;gBACR,CAAC;YACH,CAAC;YAED,OAAO,UAAU;gBACf,CAAC,CAAG,OAAmC,CAAC,GAAc;gBACtD,CAAC,CAAC,IAAI,CAAC;QACX,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,WAAwB;QACrC,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QAC5E,IAAI,YAAY,EAAE,CAAC;YACjB,MAAM,IAAI,0BAAiB,CAAC,sBAAsB,CAAC,CAAC;QACtD,CAAC;QAED,MAAM,cAAc,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QACnE,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC;YAC1C,GAAG,WAAW;YACd,QAAQ,EAAE,cAAc;SACzB,CAAC,CAAC;QAGH,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,EAAE,GAAG,IAAI,CAAC;QACrC,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,QAAkB;QAC5B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACjE,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,8BAAqB,CAAC,qBAAqB,CAAC,CAAC;QACzD,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACnB,MAAM,IAAI,8BAAqB,CAAC,qBAAqB,CAAC,CAAC;QACzD,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;QACvE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,8BAAqB,CAAC,qBAAqB,CAAC,CAAC;QACzD,CAAC;QAED,MAAM,OAAO,GAAG,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;QACpD,MAAM,WAAW,GAAG,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC;QACtD,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEzE,OAAO;YACL,YAAY,EAAE,WAAW;YACzB,aAAa,EAAE,YAAY;YAC3B,UAAU,EAAE,IAAI;YAChB,kBAAkB,EAAE,KAAK;YACzB,2BAA2B,EAAE,OAAO;YACpC,UAAU,EAAE,QAAQ;SACrB,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,YAAoB;QAChC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,YAAY,CAAC,CAAC;QAC7D,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,8BAAqB,CAAC,kCAAkC,CAAC,CAAC;QACtE,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACrD,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,8BAAqB,CAAC,gBAAgB,CAAC,CAAC;QACpD,CAAC;QAGD,MAAM,IAAI,CAAC,sBAAsB,CAAC,MAAM,CACtC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAA,gBAAM,GAAE,EAAE,EAC/B,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAE,CAC1B,CAAC;QAEF,MAAM,OAAO,GAAG,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;QACpD,MAAM,cAAc,GAAG,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC;QAGzD,MAAM,EAAE,KAAK,EAAE,eAAe,EAAE,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAE5E,OAAO;YACL,YAAY,EAAE,cAAc;YAC5B,aAAa,EAAE,eAAe;YAC9B,UAAU,EAAE,IAAI;YAChB,kBAAkB,EAAE,KAAK;YACzB,UAAU,EAAE,QAAQ;SACrB,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,KAAa;QACpC,IAAI,CAAC;YAGH,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,EAAE;gBAC5C,MAAM,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAS,YAAY,CAAC;gBACpD,UAAU,EAAE,CAAC,OAAO,CAAC;aACtB,CAAC,CAAC;YAEH,IAAK,OAAmC,CAAC,GAAG,EAAE,CAAC;gBAC7C,MAAM,IAAI,CAAC,sBAAsB,CAAC,MAAM,CACtC;oBACE,MAAM,EAAG,OAAmC,CAAC,GAAa;oBAC1D,SAAS,EAAE,IAAA,gBAAM,GAAE;iBACpB,EACD,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAE,CAC1B,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;QAGT,CAAC;IACH,CAAC;CACF,CAAA;AAjOY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;IAUR,WAAA,IAAA,0BAAgB,EAAC,mCAAY,CAAC,CAAA;qCAHT,4BAAY;QACd,gBAAU;QACP,sBAAa;QAEJ,oBAAU;GAVjC,WAAW,CAiOvB"}

package/dist/auth/decorators/public.decorator.d.ts

@@ -0,0 +1,2 @@
+export declare const IS_PUBLIC_KEY = "isPublic";
+export declare const Public: () => import("@nestjs/common").CustomDecorator<string>;

package/dist/auth/decorators/public.decorator.js

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Public = exports.IS_PUBLIC_KEY = void 0;
+const common_1 = require("@nestjs/common");
+exports.IS_PUBLIC_KEY = 'isPublic';
+const Public = () => (0, common_1.SetMetadata)(exports.IS_PUBLIC_KEY, true);
+exports.Public = Public;
+//# sourceMappingURL=public.decorator.js.map

package/dist/auth/decorators/public.decorator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"public.decorator.js","sourceRoot":"","sources":["../../../src/auth/decorators/public.decorator.ts"],"names":[],"mappings":";;;AAAA,2CAA6C;AAEhC,QAAA,aAAa,GAAG,UAAU,CAAC;AACjC,MAAM,MAAM,GAAG,GAAG,EAAE,CAAC,IAAA,oBAAW,EAAC,qBAAa,EAAE,IAAI,CAAC,CAAC;AAAhD,QAAA,MAAM,UAA0C"}

package/dist/auth/dto/login.dto.d.ts

@@ -0,0 +1,4 @@
+export declare class LoginDto {
+    email: string;
+    password: string;
+}

package/dist/auth/dto/login.dto.js

@@ -0,0 +1,34 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LoginDto = void 0;
+const openapi = require("@nestjs/swagger");
+const class_validator_1 = require("class-validator");
+class LoginDto {
+    email;
+    password;
+    static _OPENAPI_METADATA_FACTORY() {
+        return { email: { required: true, type: () => String, maxLength: 255, format: "email" }, password: { required: true, type: () => String, minLength: 8, maxLength: 72 } };
+    }
+}
+exports.LoginDto = LoginDto;
+__decorate([
+    (0, class_validator_1.IsEmail)(),
+    (0, class_validator_1.MaxLength)(255),
+    __metadata("design:type", String)
+], LoginDto.prototype, "email", void 0);
+__decorate([
+    (0, class_validator_1.IsString)(),
+    (0, class_validator_1.MinLength)(8),
+    (0, class_validator_1.MaxLength)(72),
+    __metadata("design:type", String)
+], LoginDto.prototype, "password", void 0);
+//# sourceMappingURL=login.dto.js.map

package/dist/auth/dto/login.dto.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.dto.js","sourceRoot":"","sources":["../../../src/auth/dto/login.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,qDAA0E;AAE1E,MAAa,QAAQ;IAGnB,KAAK,CAAS;IAKd,QAAQ,CAAS;;;;CAClB;AATD,4BASC;AANC;IAFC,IAAA,yBAAO,GAAE;IACT,IAAA,2BAAS,EAAC,GAAG,CAAC;;uCACD;AAKd;IAHC,IAAA,0BAAQ,GAAE;IACV,IAAA,2BAAS,EAAC,CAAC,CAAC;IACZ,IAAA,2BAAS,EAAC,EAAE,CAAC;;0CACG"}

package/dist/auth/dto/register.dto.d.ts

@@ -0,0 +1,5 @@
+export declare class RegisterDto {
+    name: string;
+    email: string;
+    password: string;
+}

package/dist/auth/dto/register.dto.js

@@ -0,0 +1,41 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RegisterDto = void 0;
+const openapi = require("@nestjs/swagger");
+const class_validator_1 = require("class-validator");
+class RegisterDto {
+    name;
+    email;
+    password;
+    static _OPENAPI_METADATA_FACTORY() {
+        return { name: { required: true, type: () => String, maxLength: 100 }, email: { required: true, type: () => String, maxLength: 255, format: "email" }, password: { required: true, type: () => String, minLength: 8, maxLength: 72 } };
+    }
+}
+exports.RegisterDto = RegisterDto;
+__decorate([
+    (0, class_validator_1.IsString)(),
+    (0, class_validator_1.IsNotEmpty)(),
+    (0, class_validator_1.MaxLength)(100),
+    __metadata("design:type", String)
+], RegisterDto.prototype, "name", void 0);
+__decorate([
+    (0, class_validator_1.IsEmail)(),
+    (0, class_validator_1.MaxLength)(255),
+    __metadata("design:type", String)
+], RegisterDto.prototype, "email", void 0);
+__decorate([
+    (0, class_validator_1.IsString)(),
+    (0, class_validator_1.MinLength)(8),
+    (0, class_validator_1.MaxLength)(72),
+    __metadata("design:type", String)
+], RegisterDto.prototype, "password", void 0);
+//# sourceMappingURL=register.dto.js.map

package/dist/auth/dto/register.dto.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"register.dto.js","sourceRoot":"","sources":["../../../src/auth/dto/register.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,qDAMyB;AAEzB,MAAa,WAAW;IAItB,IAAI,CAAS;IAIb,KAAK,CAAS;IAKd,QAAQ,CAAS;;;;CAClB;AAdD,kCAcC;AAVC;IAHC,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;IACZ,IAAA,2BAAS,EAAC,GAAG,CAAC;;yCACF;AAIb;IAFC,IAAA,yBAAO,GAAE;IACT,IAAA,2BAAS,EAAC,GAAG,CAAC;;0CACD;AAKd;IAHC,IAAA,0BAAQ,GAAE;IACV,IAAA,2BAAS,EAAC,CAAC,CAAC;IACZ,IAAA,2BAAS,EAAC,EAAE,CAAC;;6CACG"}

package/dist/auth/entities/refresh-token.entity.d.ts

@@ -0,0 +1,12 @@
+import { User } from '../../users/entities/user.entity';
+export declare class RefreshToken {
+    id: string;
+    userId: string;
+    user: User;
+    token: string;
+    issuedAt: Date;
+    expiresAt: Date;
+    absoluteExpiry: Date;
+    createdAt: Date;
+    revokedAt: Date | null;
+}

package/dist/auth/entities/refresh-token.entity.js

@@ -0,0 +1,72 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RefreshToken = void 0;
+const openapi = require("@nestjs/swagger");
+const typeorm_1 = require("typeorm");
+const user_entity_1 = require("../../users/entities/user.entity");
+let RefreshToken = class RefreshToken {
+    id;
+    userId;
+    user;
+    token;
+    issuedAt;
+    expiresAt;
+    absoluteExpiry;
+    createdAt;
+    revokedAt;
+    static _OPENAPI_METADATA_FACTORY() {
+        return { id: { required: true, type: () => String }, userId: { required: true, type: () => String }, user: { required: true, type: () => require("../../users/entities/user.entity").User }, token: { required: true, type: () => String }, issuedAt: { required: true, type: () => Date }, expiresAt: { required: true, type: () => Date }, absoluteExpiry: { required: true, type: () => Date }, createdAt: { required: true, type: () => Date }, revokedAt: { required: true, type: () => Date, nullable: true } };
+    }
+};
+exports.RefreshToken = RefreshToken;
+__decorate([
+    (0, typeorm_1.PrimaryGeneratedColumn)('uuid'),
+    __metadata("design:type", String)
+], RefreshToken.prototype, "id", void 0);
+__decorate([
+    (0, typeorm_1.Column)(),
+    __metadata("design:type", String)
+], RefreshToken.prototype, "userId", void 0);
+__decorate([
+    (0, typeorm_1.ManyToOne)(() => user_entity_1.User, { onDelete: 'CASCADE' }),
+    (0, typeorm_1.JoinColumn)({ name: 'userId' }),
+    __metadata("design:type", user_entity_1.User)
+], RefreshToken.prototype, "user", void 0);
+__decorate([
+    (0, typeorm_1.Column)({ type: 'text' }),
+    __metadata("design:type", String)
+], RefreshToken.prototype, "token", void 0);
+__decorate([
+    (0, typeorm_1.CreateDateColumn)(),
+    __metadata("design:type", Date)
+], RefreshToken.prototype, "issuedAt", void 0);
+__decorate([
+    (0, typeorm_1.Column)({ type: 'datetime' }),
+    __metadata("design:type", Date)
+], RefreshToken.prototype, "expiresAt", void 0);
+__decorate([
+    (0, typeorm_1.Column)({ type: 'datetime' }),
+    __metadata("design:type", Date)
+], RefreshToken.prototype, "absoluteExpiry", void 0);
+__decorate([
+    (0, typeorm_1.CreateDateColumn)(),
+    __metadata("design:type", Date)
+], RefreshToken.prototype, "createdAt", void 0);
+__decorate([
+    (0, typeorm_1.Column)({ type: 'datetime', nullable: true }),
+    __metadata("design:type", Object)
+], RefreshToken.prototype, "revokedAt", void 0);
+exports.RefreshToken = RefreshToken = __decorate([
+    (0, typeorm_1.Entity)('refresh_tokens'),
+    (0, typeorm_1.Index)(['userId', 'expiresAt'])
+], RefreshToken);
+//# sourceMappingURL=refresh-token.entity.js.map

package/dist/auth/entities/refresh-token.entity.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"refresh-token.entity.js","sourceRoot":"","sources":["../../../src/auth/entities/refresh-token.entity.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,qCAQiB;AACjB,kEAAwD;AAIjD,IAAM,YAAY,GAAlB,MAAM,YAAY;IAEvB,EAAE,CAAS;IAGX,MAAM,CAAS;IAIf,IAAI,CAAO;IAGX,KAAK,CAAS;IAGd,QAAQ,CAAO;IAGf,SAAS,CAAO;IAGhB,cAAc,CAAO;IAGrB,SAAS,CAAO;IAGhB,SAAS,CAAc;;;;CACxB,CAAA;AA5BY,oCAAY;AAEvB;IADC,IAAA,gCAAsB,EAAC,MAAM,CAAC;;wCACpB;AAGX;IADC,IAAA,gBAAM,GAAE;;4CACM;AAIf;IAFC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,kBAAI,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IAC9C,IAAA,oBAAU,EAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;8BACzB,kBAAI;0CAAC;AAGX;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;;2CACX;AAGd;IADC,IAAA,0BAAgB,GAAE;8BACT,IAAI;8CAAC;AAGf;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;8BAClB,IAAI;+CAAC;AAGhB;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;8BACb,IAAI;oDAAC;AAGrB;IADC,IAAA,0BAAgB,GAAE;8BACR,IAAI;+CAAC;AAGhB;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;+CACtB;uBA3BZ,YAAY;IAFxB,IAAA,gBAAM,EAAC,gBAAgB,CAAC;IACxB,IAAA,eAAK,EAAC,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;GAClB,YAAY,CA4BxB"}

package/dist/auth/guards/jwt-auth.guard.d.ts

@@ -0,0 +1,9 @@
+import { ExecutionContext } from '@nestjs/common';
+import { Reflector } from '@nestjs/core';
+declare const JwtAuthGuard_base: import("@nestjs/passport").Type<import("@nestjs/passport").IAuthGuard>;
+export declare class JwtAuthGuard extends JwtAuthGuard_base {
+    private reflector;
+    constructor(reflector: Reflector);
+    canActivate(context: ExecutionContext): boolean | Promise<boolean> | import("rxjs").Observable<boolean>;
+}
+export {};

package/dist/auth/guards/jwt-auth.guard.js

@@ -0,0 +1,39 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.JwtAuthGuard = void 0;
+const common_1 = require("@nestjs/common");
+const core_1 = require("@nestjs/core");
+const passport_1 = require("@nestjs/passport");
+const public_decorator_1 = require("../decorators/public.decorator");
+let JwtAuthGuard = class JwtAuthGuard extends (0, passport_1.AuthGuard)('jwt') {
+    reflector;
+    constructor(reflector) {
+        super();
+        this.reflector = reflector;
+    }
+    canActivate(context) {
+        const isPublic = this.reflector.getAllAndOverride(public_decorator_1.IS_PUBLIC_KEY, [
+            context.getHandler(),
+            context.getClass(),
+        ]);
+        if (isPublic) {
+            return true;
+        }
+        return super.canActivate(context);
+    }
+};
+exports.JwtAuthGuard = JwtAuthGuard;
+exports.JwtAuthGuard = JwtAuthGuard = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [core_1.Reflector])
+], JwtAuthGuard);
+//# sourceMappingURL=jwt-auth.guard.js.map

package/dist/auth/guards/jwt-auth.guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt-auth.guard.js","sourceRoot":"","sources":["../../../src/auth/guards/jwt-auth.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAA8D;AAC9D,uCAAyC;AACzC,+CAA6C;AAC7C,qEAA+D;AAGxD,IAAM,YAAY,GAAlB,MAAM,YAAa,SAAQ,IAAA,oBAAS,EAAC,KAAK,CAAC;IAC5B;IAApB,YAAoB,SAAoB;QACtC,KAAK,EAAE,CAAC;QADU,cAAS,GAAT,SAAS,CAAW;IAExC,CAAC;IAED,WAAW,CAAC,OAAyB;QACnC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,gCAAa,EAAE;YACxE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QACH,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;IACpC,CAAC;CACF,CAAA;AAfY,oCAAY;uBAAZ,YAAY;IADxB,IAAA,mBAAU,GAAE;qCAEoB,gBAAS;GAD7B,YAAY,CAexB"}

package/dist/auth/strategies/jwt.strategy.d.ts

@@ -0,0 +1,16 @@
+import { Strategy } from 'passport-jwt';
+import { ConfigService } from '@nestjs/config';
+import { AuthService } from '../auth.service';
+declare const JwtStrategy_base: new (...args: [opt: import("passport-jwt").StrategyOptionsWithRequest] | [opt: import("passport-jwt").StrategyOptionsWithoutRequest]) => Strategy & {
+    validate(...args: any[]): unknown;
+};
+export declare class JwtStrategy extends JwtStrategy_base {
+    private readonly configService;
+    private readonly authService;
+    constructor(configService: ConfigService, authService: AuthService);
+    validate(payload: {
+        email: string;
+        sub: string;
+    }): Promise<Omit<import("../../users/entities/user.entity").User, "password">>;
+}
+export {};

package/dist/auth/strategies/jwt.strategy.js

@@ -0,0 +1,45 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.JwtStrategy = void 0;
+const passport_jwt_1 = require("passport-jwt");
+const passport_1 = require("@nestjs/passport");
+const common_1 = require("@nestjs/common");
+const config_1 = require("@nestjs/config");
+const auth_service_1 = require("../auth.service");
+let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(passport_jwt_1.Strategy) {
+    configService;
+    authService;
+    constructor(configService, authService) {
+        super({
+            jwtFromRequest: passport_jwt_1.ExtractJwt.fromAuthHeaderAsBearerToken(),
+            ignoreExpiration: false,
+            secretOrKey: configService.get('JWT_SECRET'),
+            algorithms: ['HS256'],
+        });
+        this.configService = configService;
+        this.authService = authService;
+    }
+    async validate(payload) {
+        const user = await this.authService.validateUser(payload.sub);
+        if (!user) {
+            throw new common_1.UnauthorizedException();
+        }
+        return user;
+    }
+};
+exports.JwtStrategy = JwtStrategy;
+exports.JwtStrategy = JwtStrategy = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [config_1.ConfigService,
+        auth_service_1.AuthService])
+], JwtStrategy);
+//# sourceMappingURL=jwt.strategy.js.map

package/dist/auth/strategies/jwt.strategy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.strategy.js","sourceRoot":"","sources":["../../../src/auth/strategies/jwt.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,+CAAoD;AACpD,+CAAoD;AACpD,2CAAmE;AACnE,2CAA+C;AAC/C,kDAA8C;AAGvC,IAAM,WAAW,GAAjB,MAAM,WAAY,SAAQ,IAAA,2BAAgB,EAAC,uBAAQ,CAAC;IAEtC;IACA;IAFnB,YACmB,aAA4B,EAC5B,WAAwB;QAEzC,KAAK,CAAC;YACJ,cAAc,EAAE,yBAAU,CAAC,2BAA2B,EAAE;YACxD,gBAAgB,EAAE,KAAK;YACvB,WAAW,EAAE,aAAa,CAAC,GAAG,CAAS,YAAY,CAAE;YACrD,UAAU,EAAE,CAAC,OAAO,CAAC;SACtB,CAAC,CAAC;QARc,kBAAa,GAAb,aAAa,CAAe;QAC5B,gBAAW,GAAX,WAAW,CAAa;IAQ3C,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,OAAuC;QACpD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAC9D,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,8BAAqB,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AApBY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;qCAGuB,sBAAa;QACf,0BAAW;GAHhC,WAAW,CAoBvB"}

package/dist/cli/index.d.ts

@@ -0,0 +1,15 @@
+#!/usr/bin/env node
+export declare const PID_DIR: string;
+export declare const PID_FILE: string;
+export declare const LOG_FILE: string;
+export declare const ENV_PATH: string;
+export declare const PACKAGE_ROOT: string;
+export declare function checkIfRunning(): number | null;
+export declare function checkPendingMigrations(): Promise<{
+    hasPending: boolean;
+    isEmpty: boolean;
+}>;
+export declare function runMigrations(force?: boolean): Promise<void>;
+export declare function setupAdminUser(): Promise<void>;
+export declare function defineCommands(): void;
+export declare function runCli(argv?: string[]): Promise<void>;