@ciscode/authentication-kit 1.0.43 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (32) hide show
  1. package/README.md +57 -73
  2. package/package.json +68 -43
  3. package/.github/workflows/ci .yml +0 -36
  4. package/.github/workflows/publish.yml +0 -37
  5. package/CODE_OF_CONDUCT +0 -38
  6. package/CONTRIBUTING.md +0 -40
  7. package/SECURITY +0 -31
  8. package/azure-pipelines.yml +0 -100
  9. package/src/config/db.config.js +0 -21
  10. package/src/config/passport.config.js +0 -280
  11. package/src/controllers/auth.controller.js +0 -566
  12. package/src/controllers/passwordReset.controller.js +0 -127
  13. package/src/controllers/permission.controller.js +0 -81
  14. package/src/controllers/roles.controller.js +0 -108
  15. package/src/controllers/user.controller.js +0 -283
  16. package/src/index.js +0 -32
  17. package/src/middleware/auth.middleware.js +0 -16
  18. package/src/middleware/authenticate.js +0 -25
  19. package/src/middleware/rbac.middleware.js +0 -24
  20. package/src/middleware/tenant.middleware.js +0 -16
  21. package/src/models/client.model.js +0 -39
  22. package/src/models/permission.model.js +0 -9
  23. package/src/models/role.model.js +0 -14
  24. package/src/models/tenant.model.js +0 -9
  25. package/src/models/user.model.js +0 -51
  26. package/src/routes/admin.routes.js +0 -8
  27. package/src/routes/auth.routes.js +0 -77
  28. package/src/routes/passwordReset.routes.js +0 -8
  29. package/src/routes/permission.routes.js +0 -17
  30. package/src/routes/roles.routes.js +0 -11
  31. package/src/routes/user.routes.js +0 -22
  32. package/src/utils/helper.js +0 -26
package/src/models/user.model.js DELETED
@@ -1,51 +0,0 @@
1
- const mongoose = require('mongoose');
2
- const mongoosePaginate = require('mongoose-paginate-v2');
3
-
4
- const UserSchema = new mongoose.Schema({
5
- email: {
6
- type: String,
7
- unique: true,
8
- required: true
9
- },
10
- // Hashed password; may be empty for social/OAuth accounts.
11
- password: {
12
- type: String,
13
- required: function () {
14
- // Require a password ONLY if no social provider
15
- return !this.microsoftId && !this.googleId && !this.facebookId;
16
- }
17
- },
18
- name: { type: String },
19
-
20
- // IMPORTANT: still required for staff
21
- tenantId: { type: String, required: true },
22
-
23
- // Social providers (all optional)
24
- microsoftId: { type: String, index: true },
25
- googleId: { type: String, index: true },
26
- facebookId: { type: String, index: true },
27
-
28
- // Roles: array of Role ObjectIds
29
- roles: [{ type: mongoose.Schema.Types.ObjectId, ref: 'Role' }],
30
-
31
- // Password reset
32
- resetPasswordToken: { type: String },
33
- resetPasswordExpires: { type: Date },
34
-
35
- status: {
36
- type: String,
37
- enum: ['pending', 'active', 'suspended', 'deactivated'],
38
- default: 'pending'
39
- },
40
-
41
- // Refresh token storage
42
- refreshToken: { type: String },
43
-
44
- // ─── Lockout fields ────────────────────────────────────────
45
- failedLoginAttempts: { type: Number, default: 0 },
46
- lockUntil: { type: Date }
47
- }, { timestamps: true });
48
-
49
- UserSchema.plugin(mongoosePaginate);
50
-
51
- module.exports = mongoose.model('User', UserSchema);
package/src/routes/admin.routes.js DELETED
@@ -1,8 +0,0 @@
1
- const express = require('express');
2
- const router = express.Router();
3
- const { suspendUser } = require('../controllers/roles.controller');
4
-
5
- // Example: PUT /api/admin/users/:id/suspend
6
- router.put('/:id/suspend', suspendUser);
7
-
8
- module.exports = router;
package/src/routes/auth.routes.js DELETED
@@ -1,77 +0,0 @@
1
- const express = require('express');
2
- const router = express.Router();
3
-
4
- const auth = require('../controllers/auth.controller');
5
- const passwordReset = require('../controllers/passwordReset.controller');
6
-
7
- /* ────────────────────────────────────────────────────────────────────────────
8
- * Client registration & login (client credentials)
9
- * ────────────────────────────────────────────────────────────────────────── */
10
- router.post('/clients/register', auth.registerClient);
11
- router.post('/clients/login', auth.clientLogin);
12
-
13
- /* ────────────────────────────────────────────────────────────────────────────
14
- * User login (local credentials)
15
- * ────────────────────────────────────────────────────────────────────────── */
16
- router.post('/login', auth.localLogin);
17
-
18
- /* ────────────────────────────────────────────────────────────────────────────
19
- * Microsoft OAuth (Users)
20
- * ────────────────────────────────────────────────────────────────────────── */
21
- router.get('/microsoft', auth.microsoftLogin);
22
- router.get('/microsoft/callback', auth.microsoftCallback);
23
-
24
- /* ────────────────────────────────────────────────────────────────────────────
25
- * Microsoft OAuth (Clients)
26
- * ────────────────────────────────────────────────────────────────────────── */
27
- router.get('/client/microsoft', auth.microsoftClientLogin);
28
- router.get('/client/microsoft/callback', auth.microsoftClientCallback);
29
-
30
- /* ────────────────────────────────────────────────────────────────────────────
31
- * Microsoft ID token → local JWTs (MSAL mobile token exchange)
32
- * ────────────────────────────────────────────────────────────────────────── */
33
- router.post('/microsoft/exchange', auth.microsoftExchange);
34
-
35
- /* ────────────────────────────────────────────────────────────────────────────
36
- * Google OAuth (Users)
37
- * ────────────────────────────────────────────────────────────────────────── */
38
- router.get('/google', auth.googleUserLogin);
39
- router.get('/google/callback', auth.googleUserCallback);
40
-
41
- /* ────────────────────────────────────────────────────────────────────────────
42
- * Google OAuth (Clients)
43
- * ────────────────────────────────────────────────────────────────────────── */
44
- router.get('/client/google', auth.googleClientLogin);
45
- router.get('/client/google/callback', auth.googleClientCallback);
46
-
47
- /* ────────────────────────────────────────────────────────────────────────────
48
- * Google token exchange (mobile-friendly)
49
- * Body: { code: "<serverAuthCode>", type: "user"|"client" }
50
- * or { idToken: "<google id_token>", type: "user"|"client" }
51
- * ────────────────────────────────────────────────────────────────────────── */
52
- router.post('/google/exchange', auth.googleExchange);
53
-
54
- /* ────────────────────────────────────────────────────────────────────────────
55
- * Facebook OAuth (Users)
56
- * ────────────────────────────────────────────────────────────────────────── */
57
- router.get('/facebook', auth.facebookUserLogin);
58
- router.get('/facebook/callback', auth.facebookUserCallback);
59
-
60
- /* ────────────────────────────────────────────────────────────────────────────
61
- * Facebook OAuth (Clients)
62
- * ────────────────────────────────────────────────────────────────────────── */
63
- router.get('/client/facebook', auth.facebookClientLogin);
64
- router.get('/client/facebook/callback', auth.facebookClientCallback);
65
-
66
- /* ────────────────────────────────────────────────────────────────────────────
67
- * Password reset (Users & Clients) — body must include { type: "user"|"client" }
68
- * ────────────────────────────────────────────────────────────────────────── */
69
- router.post('/request-password-reset', passwordReset.requestPasswordReset);
70
- router.post('/reset-password', passwordReset.resetPassword);
71
-
72
- /* ────────────────────────────────────────────────────────────────────────────
73
- * Refresh token → new access token (works for User or Client)
74
- * ────────────────────────────────────────────────────────────────────────── */
75
- router.post('/refresh-token', auth.refreshToken);
76
-
77
- module.exports = router;
package/src/routes/passwordReset.routes.js DELETED
@@ -1,8 +0,0 @@
1
- const express = require('express');
2
- const router = express.Router();
3
- const passwordResetController = require('../controllers/passwordReset.controller');
4
-
5
- router.post('/forgot-password', passwordResetController.requestPasswordReset);
6
- router.post('/reset-password', passwordResetController.resetPassword);
7
-
8
- module.exports = router;
package/src/routes/permission.routes.js DELETED
@@ -1,17 +0,0 @@
1
- const express = require('express');
2
- const router = express.Router();
3
- const permissionController = require('../controllers/permission.controller');
4
-
5
- // Create a new permission
6
- router.post('/add-permission', permissionController.createPermission);
7
-
8
- // Retrieve a list of permissions (with pagination)
9
- router.get('/get-permission', permissionController.getPermissions);
10
-
11
- // Update an existing permission by its ID
12
- router.put('/update-permission/:id', permissionController.updatePermission);
13
-
14
- // Delete a permission by its ID
15
- router.delete('/delete-permission:id', permissionController.deletePermission);
16
-
17
- module.exports = router;
package/src/routes/roles.routes.js DELETED
@@ -1,11 +0,0 @@
1
- const express = require('express');
2
- const router = express.Router();
3
- const rolesController = require('../controllers/roles.controller');
4
-
5
- // These endpoints should be protected and accessible only by a superadmin
6
- router.post('/', rolesController.createRole);
7
- router.get('/:tenantId', rolesController.getRoles);
8
- router.put('/:id', rolesController.updateRole);
9
- router.delete('/:id', rolesController.deleteRole);
10
-
11
- module.exports = router;
package/src/routes/user.routes.js DELETED
@@ -1,22 +0,0 @@
1
- // src/routes/user.routes.js
2
-
3
- const express = require('express');
4
- const router = express.Router();
5
- const userController = require('../controllers/user.controller');
6
-
7
- // Fetch all users (optionally filtered via query params)
8
- router.get('/', userController.getAllUsers);
9
-
10
- // Create a new user (with immediate password or MSFT ID)
11
- router.post('/', userController.createUser);
12
-
13
- // Update an existing user
14
- router.put('/:id', userController.updateUser);
15
-
16
- // Delete a user by ID
17
- router.delete('/:id', userController.deleteUser);
18
-
19
- // Send an invitation email (no password yet)
20
- router.post('/invite', userController.createUserInvitation);
21
-
22
- module.exports = router;
package/src/utils/helper.js DELETED
@@ -1,26 +0,0 @@
1
- // src/utils/helper.js
2
-
3
- /**
4
- * Converts an expiry string into milliseconds.
5
- *
6
- * Supported formats:
7
- * - "15m" → 15 minutes
8
- * - "2h" → 2 hours
9
- * - "1d" → 1 day
10
- * - "30s" → 30 seconds
11
- */
12
- function getMillisecondsFromExpiry(expiry) {
13
- const unit = expiry.slice(-1).toLowerCase();
14
- const value = parseInt(expiry.slice(0, -1), 10);
15
-
16
- switch (unit) {
17
- case 's': return value * 1000;
18
- case 'm': return value * 60 * 1000;
19
- case 'h': return value * 60 * 60 * 1000;
20
- case 'd': return value * 24 * 60 * 60 * 1000;
21
- default: return 0;
22
- }
23
- }
24
-
25
- module.exports = { getMillisecondsFromExpiry };
26
-