@codecanva/nest-auth 0.1.0

package/dist/services/token.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"token.service.js","sourceRoot":"","sources":["../../src/lib/services/token.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAoD;AACpD,qCAIqB;AACrB,sDAA4E;AAUrE,IAAM,YAAY,GAAlB,MAAM,YAAY;IAEJ;IAEA;IAHnB,YACmB,GAAe,EAEf,OAA0B;QAF1B,QAAG,GAAH,GAAG,CAAY;QAEf,YAAO,GAAP,OAAO,CAAmB;IAC1C,CAAC;IAEJ,eAAe,CAAC,OAAmB;QACjC,OAAO,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,KAAK,CAAC,CAAC,CAAC;IAChH,CAAC;IAED,gBAAgB,CAAC,OAGhB;QACC,OAAO,IAAI,CAAC,GAAG,CAAC,SAAS,CACvB,EAAE,GAAG,OAAO,EAAE,GAAG,EAAE,mCAAkB,EAAE,EACvC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,KAAK,CAAC,CAC5E,CAAC;IACJ,CAAC;IAED,iBAAiB,CAAC,KAAa;QAC7B,OAAO,IAAI,CAAC,GAAG,CAAC,WAAW,CAAa,KAAK,EAAE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC;IAC7F,CAAC;IAED,kBAAkB,CAAC,KAAa;QAC9B,OAAO,IAAI,CAAC,GAAG,CAAC,WAAW,CAAoB,KAAK,EAAE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC;IACrG,CAAC;IAED;;;OAGG;IACH,gBAAgB,CAAC,MAAY,IAAI,IAAI,EAAE;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,KAAK,CAAC;QAC7C,MAAM,OAAO,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;QAClC,OAAO,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,OAAO,GAAG,IAAI,CAAC,CAAC;IAClD,CAAC;IAEO,QAAQ,CAAC,MAAc,EAAE,GAAoB;QACnD,MAAM,IAAI,GAAmB;YAC3B,MAAM;YACN,SAAS,EAAE,GAAmB;SAC/B,CAAC;QACF,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM;YAAE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC;QAC3D,IAAI,IAAI,CAAC,OAAO,CAAC,QAAQ;YAAE,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC;QACjE,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,UAAU,CAAC,MAAc;QAC/B,MAAM,IAAI,GAAqB;YAC7B,MAAM;YACN,cAAc,EAAE,IAAI,CAAC,OAAO,CAAC,cAAc,IAAI,CAAC;SACjD,CAAC;QACF,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM;YAAE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC;QAC3D,IAAI,IAAI,CAAC,OAAO,CAAC,QAAQ;YAAE,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC;QACjE,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AA1DY,oCAAY;uBAAZ,YAAY;IADxB,IAAA,mBAAU,GAAE;IAIR,WAAA,IAAA,eAAM,EAAC,oCAAmB,CAAC,CAAA;qCADN,gBAAU;GAFvB,YAAY,CA0DxB;AAED,SAAS,YAAY,CAAC,GAAoB;IACxC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,GAAG,CAAC;IACxC,MAAM,KAAK,GAAG,yBAAyB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IACzD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,gBAAgB,GAAG,EAAE,CAAC,CAAC;IACzC,CAAC;IACD,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACrC,MAAM,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;IAC7C,MAAM,WAAW,GAA2B;QAC1C,CAAC,EAAE,CAAC;QACJ,CAAC,EAAE,EAAE;QACL,CAAC,EAAE,IAAI;QACP,CAAC,EAAE,KAAK;QACR,CAAC,EAAE,MAAM;KACV,CAAC;IACF,OAAO,KAAK,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;AACnC,CAAC"}

package/dist/strategies/index.d.ts

@@ -0,0 +1,3 @@
+export * from './jwt.strategy';
+export * from './refresh.strategy';
+//# sourceMappingURL=index.d.ts.map

package/dist/strategies/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/lib/strategies/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAC;AAC/B,cAAc,oBAAoB,CAAC"}

package/dist/strategies/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./jwt.strategy"), exports);
+__exportStar(require("./refresh.strategy"), exports);
+//# sourceMappingURL=index.js.map

package/dist/strategies/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/lib/strategies/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iDAA+B;AAC/B,qDAAmC"}

package/dist/strategies/jwt.strategy.d.ts

@@ -0,0 +1,15 @@
+import { Strategy } from 'passport-jwt';
+import type { AuthModuleOptions } from '../interfaces/auth-module-options.interface';
+import type { AuthUser } from '../interfaces/auth-user.interface';
+import type { JwtPayload } from '../interfaces/jwt-payload.interface';
+import type { UserValidator } from '../interfaces/user-validator.interface';
+declare const JwtStrategy_base: new (...args: [opt: import("passport-jwt").StrategyOptionsWithRequest] | [opt: import("passport-jwt").StrategyOptionsWithoutRequest]) => Strategy & {
+    validate(...args: any[]): unknown;
+};
+export declare class JwtStrategy extends JwtStrategy_base {
+    private readonly validator;
+    constructor(options: AuthModuleOptions, validator: UserValidator);
+    validate(payload: JwtPayload): Promise<AuthUser>;
+}
+export {};
+//# sourceMappingURL=jwt.strategy.d.ts.map

package/dist/strategies/jwt.strategy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.strategy.d.ts","sourceRoot":"","sources":["../../src/lib/strategies/jwt.strategy.ts"],"names":[],"mappings":"AAEA,OAAO,EAAc,QAAQ,EAAE,MAAM,cAAc,CAAC;AAMpD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,6CAA6C,CAAC;AACrF,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,mCAAmC,CAAC;AAClE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,qCAAqC,CAAC;AACtE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,wCAAwC,CAAC;;;;AAE5E,qBACa,WAAY,SAAQ,gBAA6C;IAGlD,OAAO,CAAC,QAAQ,CAAC,SAAS;gBADrB,OAAO,EAAE,iBAAiB,EACd,SAAS,EAAE,aAAa;IAe7D,QAAQ,CAAC,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC;CAKvD"}

package/dist/strategies/jwt.strategy.js

@@ -0,0 +1,50 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.JwtStrategy = void 0;
+const common_1 = require("@nestjs/common");
+const passport_1 = require("@nestjs/passport");
+const passport_jwt_1 = require("passport-jwt");
+const auth_constants_1 = require("../auth.constants");
+let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(passport_jwt_1.Strategy, auth_constants_1.JWT_STRATEGY_NAME) {
+    validator;
+    constructor(options, validator) {
+        super({
+            jwtFromRequest: passport_jwt_1.ExtractJwt.fromAuthHeaderAsBearerToken(),
+            secretOrKey: options.accessSecret,
+            ignoreExpiration: false,
+            passReqToCallback: false,
+            ...(options.issuer ? { issuer: options.issuer } : {}),
+            ...(options.audience ? { audience: options.audience } : {}),
+            jsonWebTokenOptions: {
+                clockTolerance: options.clockTolerance ?? 5,
+            },
+        });
+        this.validator = validator;
+    }
+    async validate(payload) {
+        const user = await this.validator.findById(payload.sub);
+        if (!user)
+            throw new common_1.UnauthorizedException();
+        return user;
+    }
+};
+exports.JwtStrategy = JwtStrategy;
+exports.JwtStrategy = JwtStrategy = __decorate([
+    (0, common_1.Injectable)(),
+    __param(0, (0, common_1.Inject)(auth_constants_1.AUTH_MODULE_OPTIONS)),
+    __param(1, (0, common_1.Inject)(auth_constants_1.USER_VALIDATOR)),
+    __metadata("design:paramtypes", [Object, Object])
+], JwtStrategy);
+//# sourceMappingURL=jwt.strategy.js.map

package/dist/strategies/jwt.strategy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.strategy.js","sourceRoot":"","sources":["../../src/lib/strategies/jwt.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAA2E;AAC3E,+CAAoD;AACpD,+CAAoD;AACpD,sDAI2B;AAOpB,IAAM,WAAW,GAAjB,MAAM,WAAY,SAAQ,IAAA,2BAAgB,EAAC,uBAAQ,EAAE,kCAAiB,CAAC;IAGjC;IAF3C,YAC+B,OAA0B,EACd,SAAwB;QAEjE,KAAK,CAAC;YACJ,cAAc,EAAE,yBAAU,CAAC,2BAA2B,EAAE;YACxD,WAAW,EAAE,OAAO,CAAC,YAAY;YACjC,gBAAgB,EAAE,KAAK;YACvB,iBAAiB,EAAE,KAAK;YACxB,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACrD,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3D,mBAAmB,EAAE;gBACnB,cAAc,EAAE,OAAO,CAAC,cAAc,IAAI,CAAC;aAC5C;SACF,CAAC,CAAC;QAZsC,cAAS,GAAT,SAAS,CAAe;IAanE,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,OAAmB;QAChC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACxD,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,8BAAqB,EAAE,CAAC;QAC7C,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AAvBY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;IAGR,WAAA,IAAA,eAAM,EAAC,oCAAmB,CAAC,CAAA;IAC3B,WAAA,IAAA,eAAM,EAAC,+BAAc,CAAC,CAAA;;GAHd,WAAW,CAuBvB"}

package/dist/strategies/refresh.strategy.d.ts

@@ -0,0 +1,18 @@
+import { Request } from 'express';
+import { Strategy } from 'passport-jwt';
+import type { AuthModuleOptions } from '../interfaces/auth-module-options.interface';
+import type { RefreshJwtPayload } from '../interfaces/jwt-payload.interface';
+export interface RefreshRequestUser {
+    userId: string | number;
+    jti: string;
+    refreshToken: string;
+}
+declare const RefreshStrategy_base: new (...args: [opt: import("passport-jwt").StrategyOptionsWithRequest] | [opt: import("passport-jwt").StrategyOptionsWithoutRequest]) => Strategy & {
+    validate(...args: any[]): unknown;
+};
+export declare class RefreshStrategy extends RefreshStrategy_base {
+    constructor(options: AuthModuleOptions);
+    validate(req: Request, payload: RefreshJwtPayload): RefreshRequestUser;
+}
+export {};
+//# sourceMappingURL=refresh.strategy.d.ts.map

package/dist/strategies/refresh.strategy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"refresh.strategy.d.ts","sourceRoot":"","sources":["../../src/lib/strategies/refresh.strategy.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAc,QAAQ,EAAE,MAAM,cAAc,CAAC;AAMpD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,6CAA6C,CAAC;AACrF,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,qCAAqC,CAAC;AAE7E,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC;IACxB,GAAG,EAAE,MAAM,CAAC;IACZ,YAAY,EAAE,MAAM,CAAC;CACtB;;;;AAOD,qBACa,eAAgB,SAAQ,oBAGpC;gBAC0C,OAAO,EAAE,iBAAiB;IAiBnE,QAAQ,CAAC,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,iBAAiB,GAAG,kBAAkB;CAUvE"}

package/dist/strategies/refresh.strategy.js

@@ -0,0 +1,65 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RefreshStrategy = void 0;
+const common_1 = require("@nestjs/common");
+const passport_1 = require("@nestjs/passport");
+const passport_jwt_1 = require("passport-jwt");
+const auth_constants_1 = require("../auth.constants");
+const fromBody = (req) => {
+    const body = (req?.body ?? {});
+    return typeof body.refreshToken === 'string' ? body.refreshToken : null;
+};
+let RefreshStrategy = class RefreshStrategy extends (0, passport_1.PassportStrategy)(passport_jwt_1.Strategy, auth_constants_1.REFRESH_STRATEGY_NAME) {
+    constructor(options) {
+        super({
+            jwtFromRequest: passport_jwt_1.ExtractJwt.fromExtractors([
+                fromBody,
+                passport_jwt_1.ExtractJwt.fromAuthHeaderAsBearerToken(),
+            ]),
+            secretOrKey: options.refreshSecret,
+            ignoreExpiration: false,
+            passReqToCallback: true,
+            ...(options.issuer ? { issuer: options.issuer } : {}),
+            ...(options.audience ? { audience: options.audience } : {}),
+            jsonWebTokenOptions: {
+                clockTolerance: options.clockTolerance ?? 5,
+            },
+        });
+    }
+    validate(req, payload) {
+        if (payload?.typ !== auth_constants_1.REFRESH_TOKEN_TYPE) {
+            throw new common_1.UnauthorizedException('Not a refresh token');
+        }
+        const refreshToken = fromBody(req) ?? extractFromHeader(req);
+        if (!refreshToken) {
+            throw new common_1.UnauthorizedException('Missing refresh token');
+        }
+        return { userId: payload.sub, jti: payload.jti, refreshToken };
+    }
+};
+exports.RefreshStrategy = RefreshStrategy;
+exports.RefreshStrategy = RefreshStrategy = __decorate([
+    (0, common_1.Injectable)(),
+    __param(0, (0, common_1.Inject)(auth_constants_1.AUTH_MODULE_OPTIONS)),
+    __metadata("design:paramtypes", [Object])
+], RefreshStrategy);
+function extractFromHeader(req) {
+    const auth = req.headers?.authorization;
+    if (!auth)
+        return null;
+    const [scheme, token] = auth.split(' ');
+    return scheme?.toLowerCase() === 'bearer' && token ? token : null;
+}
+//# sourceMappingURL=refresh.strategy.js.map

package/dist/strategies/refresh.strategy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"refresh.strategy.js","sourceRoot":"","sources":["../../src/lib/strategies/refresh.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAA2E;AAC3E,+CAAoD;AAEpD,+CAAoD;AACpD,sDAI2B;AAU3B,MAAM,QAAQ,GAAG,CAAC,GAAY,EAAiB,EAAE;IAC/C,MAAM,IAAI,GAAG,CAAC,GAAG,EAAE,IAAI,IAAI,EAAE,CAA+B,CAAC;IAC7D,OAAO,OAAO,IAAI,CAAC,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC;AAC1E,CAAC,CAAC;AAGK,IAAM,eAAe,GAArB,MAAM,eAAgB,SAAQ,IAAA,2BAAgB,EACnD,uBAAQ,EACR,sCAAqB,CACtB;IACC,YAAyC,OAA0B;QACjE,KAAK,CAAC;YACJ,cAAc,EAAE,yBAAU,CAAC,cAAc,CAAC;gBACxC,QAAQ;gBACR,yBAAU,CAAC,2BAA2B,EAAE;aACzC,CAAC;YACF,WAAW,EAAE,OAAO,CAAC,aAAa;YAClC,gBAAgB,EAAE,KAAK;YACvB,iBAAiB,EAAE,IAAI;YACvB,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACrD,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3D,mBAAmB,EAAE;gBACnB,cAAc,EAAE,OAAO,CAAC,cAAc,IAAI,CAAC;aAC5C;SACF,CAAC,CAAC;IACL,CAAC;IAED,QAAQ,CAAC,GAAY,EAAE,OAA0B;QAC/C,IAAI,OAAO,EAAE,GAAG,KAAK,mCAAkB,EAAE,CAAC;YACxC,MAAM,IAAI,8BAAqB,CAAC,qBAAqB,CAAC,CAAC;QACzD,CAAC;QACD,MAAM,YAAY,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,iBAAiB,CAAC,GAAG,CAAC,CAAC;QAC7D,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,MAAM,IAAI,8BAAqB,CAAC,uBAAuB,CAAC,CAAC;QAC3D,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,YAAY,EAAE,CAAC;IACjE,CAAC;CACF,CAAA;AA/BY,0CAAe;0BAAf,eAAe;IAD3B,IAAA,mBAAU,GAAE;IAKE,WAAA,IAAA,eAAM,EAAC,oCAAmB,CAAC,CAAA;;GAJ7B,eAAe,CA+B3B;AAED,SAAS,iBAAiB,CAAC,GAAY;IACrC,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,EAAE,aAAa,CAAC;IACxC,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IACvB,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACxC,OAAO,MAAM,EAAE,WAAW,EAAE,KAAK,QAAQ,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;AACpE,CAAC"}

package/dist/utils/extract-token.d.ts

@@ -0,0 +1,2 @@
+export declare function extractBearerToken(headerValue?: string): string | null;
+//# sourceMappingURL=extract-token.d.ts.map

package/dist/utils/extract-token.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"extract-token.d.ts","sourceRoot":"","sources":["../../src/lib/utils/extract-token.ts"],"names":[],"mappings":"AAAA,wBAAgB,kBAAkB,CAAC,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAKtE"}

package/dist/utils/extract-token.js

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.extractBearerToken = extractBearerToken;
+function extractBearerToken(headerValue) {
+    if (!headerValue)
+        return null;
+    const [scheme, token] = headerValue.split(' ');
+    if (!scheme || scheme.toLowerCase() !== 'bearer' || !token)
+        return null;
+    return token.trim() || null;
+}
+//# sourceMappingURL=extract-token.js.map

package/dist/utils/extract-token.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"extract-token.js","sourceRoot":"","sources":["../../src/lib/utils/extract-token.ts"],"names":[],"mappings":";;AAAA,gDAKC;AALD,SAAgB,kBAAkB,CAAC,WAAoB;IACrD,IAAI,CAAC,WAAW;QAAE,OAAO,IAAI,CAAC;IAC9B,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC/C,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,WAAW,EAAE,KAAK,QAAQ,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IACxE,OAAO,KAAK,CAAC,IAAI,EAAE,IAAI,IAAI,CAAC;AAC9B,CAAC"}

package/dist/utils/hash-token.d.ts

@@ -0,0 +1,3 @@
+export declare function hashToken(token: string, pepper?: string): string;
+export declare function generateTokenId(): string;
+//# sourceMappingURL=hash-token.d.ts.map

package/dist/utils/hash-token.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"hash-token.d.ts","sourceRoot":"","sources":["../../src/lib/utils/hash-token.ts"],"names":[],"mappings":"AAEA,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,CAKhE;AAED,wBAAgB,eAAe,IAAI,MAAM,CAExC"}

package/dist/utils/hash-token.js

@@ -0,0 +1,16 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.hashToken = hashToken;
+exports.generateTokenId = generateTokenId;
+const crypto_1 = require("crypto");
+function hashToken(token, pepper) {
+    const h = (0, crypto_1.createHash)('sha256');
+    h.update(token);
+    if (pepper)
+        h.update(pepper);
+    return h.digest('hex');
+}
+function generateTokenId() {
+    return (0, crypto_1.randomBytes)(16).toString('hex');
+}
+//# sourceMappingURL=hash-token.js.map

package/dist/utils/hash-token.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hash-token.js","sourceRoot":"","sources":["../../src/lib/utils/hash-token.ts"],"names":[],"mappings":";;AAEA,8BAKC;AAED,0CAEC;AAXD,mCAAiD;AAEjD,SAAgB,SAAS,CAAC,KAAa,EAAE,MAAe;IACtD,MAAM,CAAC,GAAG,IAAA,mBAAU,EAAC,QAAQ,CAAC,CAAC;IAC/B,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAChB,IAAI,MAAM;QAAE,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC7B,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACzB,CAAC;AAED,SAAgB,eAAe;IAC7B,OAAO,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACzC,CAAC"}

package/dist/utils/index.d.ts

@@ -0,0 +1,3 @@
+export * from './extract-token';
+export * from './hash-token';
+//# sourceMappingURL=index.d.ts.map

package/dist/utils/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/lib/utils/index.ts"],"names":[],"mappings":"AAAA,cAAc,iBAAiB,CAAC;AAChC,cAAc,cAAc,CAAC"}

package/dist/utils/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./extract-token"), exports);
+__exportStar(require("./hash-token"), exports);
+//# sourceMappingURL=index.js.map

package/dist/utils/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/lib/utils/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,kDAAgC;AAChC,+CAA6B"}

package/package.json

@@ -0,0 +1,107 @@
+{
+  "name": "@codecanva/nest-auth",
+  "version": "0.1.0",
+  "description": "Reusable NestJS authentication module with JWT access + refresh-token rotation, multi-device sessions, and pluggable persistence.",
+  "author": "codecanva",
+  "license": "MIT",
+  "keywords": [
+    "nestjs",
+    "auth",
+    "jwt",
+    "refresh-token",
+    "passport",
+    "authentication"
+  ],
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "scripts": {
+    "build:lib": "rm -rf dist && tsc -p tsconfig.lib.json",
+    "build:demo": "nest build",
+    "format": "prettier --write \"src/**/*.ts\" \"test/**/*.ts\"",
+    "start": "nest start",
+    "start:dev": "nest start --watch",
+    "start:debug": "nest start --debug --watch",
+    "start:prod": "node dist-demo/main",
+    "lint": "eslint \"{src,apps,libs,test}/**/*.ts\" --fix",
+    "test": "jest",
+    "test:watch": "jest --watch",
+    "test:cov": "jest --coverage",
+    "test:e2e": "jest --config ./test/jest-e2e.json",
+    "prepublishOnly": "npm run build:lib",
+    "publish:lib": "npm publish"
+  },
+  "peerDependencies": {
+    "@nestjs/common": "^10.0.0 || ^11.0.0",
+    "@nestjs/core": "^10.0.0 || ^11.0.0",
+    "@nestjs/jwt": "^10.0.0 || ^11.0.0",
+    "@nestjs/passport": "^10.0.0 || ^11.0.0",
+    "class-transformer": "^0.5.0",
+    "class-validator": "^0.14.0",
+    "passport": "^0.7.0",
+    "passport-jwt": "^4.0.0",
+    "reflect-metadata": "^0.2.0",
+    "rxjs": "^7.8.0"
+  },
+  "dependencies": {},
+  "devDependencies": {
+    "@eslint/eslintrc": "^3.2.0",
+    "@eslint/js": "^9.18.0",
+    "@nestjs/cli": "^11.0.0",
+    "@nestjs/common": "^11.0.1",
+    "@nestjs/core": "^11.0.1",
+    "@nestjs/jwt": "^11.0.0",
+    "@nestjs/passport": "^11.0.5",
+    "@nestjs/platform-express": "^11.0.1",
+    "@nestjs/schematics": "^11.0.0",
+    "@nestjs/testing": "^11.0.1",
+    "@types/express": "^5.0.0",
+    "@types/jest": "^30.0.0",
+    "@types/node": "^24.0.0",
+    "@types/passport-jwt": "^4.0.1",
+    "@types/supertest": "^7.0.0",
+    "class-transformer": "^0.5.1",
+    "class-validator": "^0.14.1",
+    "eslint": "^9.18.0",
+    "eslint-config-prettier": "^10.0.1",
+    "eslint-plugin-prettier": "^5.2.2",
+    "globals": "^17.0.0",
+    "jest": "^30.0.0",
+    "passport": "^0.7.0",
+    "passport-jwt": "^4.0.1",
+    "prettier": "^3.4.2",
+    "reflect-metadata": "^0.2.2",
+    "rxjs": "^7.8.1",
+    "source-map-support": "^0.5.21",
+    "supertest": "^7.0.0",
+    "ts-jest": "^29.2.5",
+    "ts-loader": "^9.5.2",
+    "ts-node": "^10.9.2",
+    "tsconfig-paths": "^4.2.0",
+    "typescript": "^5.7.3",
+    "typescript-eslint": "^8.20.0"
+  },
+  "jest": {
+    "moduleFileExtensions": [
+      "js",
+      "json",
+      "ts"
+    ],
+    "rootDir": "src",
+    "testRegex": ".*\\.spec\\.ts$",
+    "transform": {
+      "^.+\\.(t|j)s$": "ts-jest"
+    },
+    "collectCoverageFrom": [
+      "**/*.(t|j)s"
+    ],
+    "coverageDirectory": "../coverage",
+    "testEnvironment": "node"
+  }
+}