@coolsiarh/passport 1.0.0

package/dist/index.d.ts

@@ -0,0 +1,3 @@
+export * from './interfaces';
+export * from './passport.module';
+export * from './passport.service';

package/dist/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./interfaces"), exports);
+__exportStar(require("./passport.module"), exports);
+__exportStar(require("./passport.service"), exports);

package/dist/interfaces/index.d.ts

@@ -0,0 +1,3 @@
+export * from './possport-options.interface';
+export * from './possport-async-options.interface';
+export * from './token.interface';

package/dist/interfaces/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./possport-options.interface"), exports);
+__exportStar(require("./possport-async-options.interface"), exports);
+__exportStar(require("./token.interface"), exports);

package/dist/interfaces/possport-async-options.interface.d.ts

@@ -0,0 +1,6 @@
+import { FactoryProvider, ModuleMetadata } from '@nestjs/common';
+import type { PossportOptions } from './possport-options.interface';
+export interface PossportAsyncOptions extends Pick<ModuleMetadata, 'imports'> {
+    useFactory: (...args: any[]) => Promise<PossportOptions> | PossportOptions;
+    inject?: FactoryProvider['inject'];
+}

package/dist/interfaces/possport-async-options.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/interfaces/possport-options.interface.d.ts

@@ -0,0 +1,3 @@
+export interface PossportOptions {
+    secretKey: string;
+}

package/dist/interfaces/possport-options.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/interfaces/token.interface.d.ts

@@ -0,0 +1,8 @@
+export interface TokenPayload {
+    sub: string | number;
+}
+export interface VerifyREsult {
+    valid: boolean;
+    reason?: string;
+    userId?: string;
+}

package/dist/interfaces/token.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/passport.module.d.ts

@@ -0,0 +1,7 @@
+import { PossportOptions } from './interfaces/possport-options.interface';
+import { DynamicModule } from '@nestjs/common';
+import { PossportAsyncOptions } from './interfaces';
+export declare class PassportModule {
+    static register(options: PossportOptions): DynamicModule;
+    static registerAsync(options: PossportAsyncOptions): DynamicModule;
+}

package/dist/passport.module.js

@@ -0,0 +1,38 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var PassportModule_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PassportModule = void 0;
+const constants_1 = require("./utils/constants");
+const common_1 = require("@nestjs/common");
+const passport_service_1 = require("./passport.service");
+const possport_providers_1 = require("./possport.providers");
+let PassportModule = PassportModule_1 = class PassportModule {
+    static register(options) {
+        const optionsProvider = (0, possport_providers_1.createPassportOptionsProvider)(options);
+        return {
+            module: PassportModule_1,
+            providers: [optionsProvider, passport_service_1.PassportService],
+            exports: [passport_service_1.PassportService, constants_1.PASSPORT_OPTIONS]
+        };
+    }
+    static registerAsync(options) {
+        const asyncOptionsProvider = (0, possport_providers_1.createPassportAsyncOptionsProvider)(options);
+        return {
+            module: PassportModule_1,
+            imports: options.imports || [],
+            providers: [asyncOptionsProvider, passport_service_1.PassportService],
+            exports: [passport_service_1.PassportService, constants_1.PASSPORT_OPTIONS]
+        };
+    }
+};
+exports.PassportModule = PassportModule;
+exports.PassportModule = PassportModule = PassportModule_1 = __decorate([
+    (0, common_1.Global)(),
+    (0, common_1.Module)({})
+], PassportModule);

package/dist/passport.service.d.ts

@@ -0,0 +1,21 @@
+import { PossportOptions } from './interfaces';
+export declare class PassportService {
+    private readonly options;
+    private readonly SECRET_KEY;
+    private static readonly HMAC_DOMAIN;
+    private static readonly INTERNAL_SEP;
+    constructor(options: PossportOptions);
+    generate(userId: string, ttl: number): string;
+    verify(token: string): {
+        valid: boolean;
+        reason: string;
+        userId?: undefined;
+    } | {
+        valid: boolean;
+        userId: string;
+        reason?: undefined;
+    };
+    private now;
+    private serialize;
+    private computeHmac;
+}

package/dist/passport.service.js

@@ -0,0 +1,104 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+var PassportService_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PassportService = void 0;
+const node_crypto_1 = require("node:crypto");
+const constants_1 = require("./utils/constants");
+const common_1 = require("@nestjs/common");
+const utils_1 = require("./utils");
+let PassportService = class PassportService {
+    static { PassportService_1 = this; }
+    options;
+    SECRET_KEY;
+    static HMAC_DOMAIN = 'PassportTokenAuth/v1';
+    static INTERNAL_SEP = '|';
+    constructor(options) {
+        this.options = options;
+        this.SECRET_KEY = this.options.secretKey;
+    }
+    generate(userId, ttl) {
+        const issuedAt = this.now();
+        const expiresAt = issuedAt + ttl;
+        //dXNlcjEyMwkJCQ
+        const userPart = (0, utils_1.base64UrlEncode)(userId);
+        console.log('userPart:', userPart);
+        //MTc2ODcyMjY3Mg
+        const iatPart = (0, utils_1.base64UrlEncode)(String(issuedAt));
+        console.log('iatPart:', iatPart);
+        //MTc2ODc1ODg2OQ
+        const expPart = (0, utils_1.base64UrlEncode)(String(expiresAt));
+        console.log('expPart:', expPart);
+        //dXNlcjEyMwkJCQ|MTc2ODcyMjY3Mg|MTc2ODc1ODg2OQ
+        const serialized = this.serialize(userPart, iatPart, expPart);
+        console.log('serialized:', serialized);
+        //1e9f20ab540607c8f3c747a795f488ba4db9416a681807481d71abc32e66dcf6
+        const mac = this.computeHmac(this.SECRET_KEY, serialized);
+        console.log('mac:', mac);
+        //dXNlcjEyMwkJCQ.MTc2ODcyMjY3Mg.MTc2ODc1ODg2OQ.1e9f20ab540607c8f3c747a795f488ba4db9416a681807481d71abc32e66dcf6
+        const token = `${userPart}.${iatPart}.${expPart}.${mac}`;
+        return token;
+    }
+    verify(token) {
+        const parts = token.split('.');
+        if (parts.length !== 4) {
+            return { valid: false, reason: 'Invalid token format' };
+        }
+        const [userPart, iatPart, expPart, mac] = parts;
+        const serialized = this.serialize(userPart, iatPart, expPart);
+        const computedMac = this.computeHmac(this.SECRET_KEY, serialized);
+        if (!(0, utils_1.constantTimeCompare)(computedMac, mac)) {
+            return { valid: false, reason: 'Invalid token signature' };
+        }
+        const expNumber = Number((0, utils_1.base64UrlDecode)(expPart));
+        if (this.now() > expNumber) {
+            return { valid: false, reason: 'Token has expired' };
+        }
+        return {
+            valid: true,
+            userId: (0, utils_1.base64UrlDecode)(userPart)
+        };
+    }
+    now() {
+        return Math.floor(Date.now() / 1000);
+    }
+    serialize(user, iat, exp) {
+        return [PassportService_1.HMAC_DOMAIN, user, iat, exp].join(PassportService_1.INTERNAL_SEP);
+    }
+    // signature of token:f49cf057cd4de7c1a4cb0b051570372892674487333ac5ab3ea603f29aec9ffe
+    computeHmac(secretKey, data) {
+        return (0, node_crypto_1.createHmac)('sha256', secretKey).update(data).digest('hex');
+    }
+};
+exports.PassportService = PassportService;
+exports.PassportService = PassportService = PassportService_1 = __decorate([
+    (0, common_1.Injectable)(),
+    __param(0, (0, common_1.Inject)(constants_1.PASSPORT_OPTIONS)),
+    __metadata("design:paramtypes", [Object])
+], PassportService);
+/* // Example usage:
+const SECRET_KEY = 'mysecret'
+const PassportServiceInstance = new PassportService()
+const { generate, verify } = PassportServiceInstance
+console.log('GENERATED_TOKEN:', generate('sk', 1000000))
+
+console.log('---------------------')
+
+console.log(
+    'USER_FROM_TOKEN:',
+    verify(
+        'c2s.MTc2ODcyNjQ0NQ.MTc2OTcyNjQ0NQ.a67e30d676ed4757cc3f1665f71c226d76c5f98553bc2c73132cb42ade73c655'
+    )
+)
+ */

package/dist/possport.providers.d.ts

@@ -0,0 +1,4 @@
+import { Provider } from '@nestjs/common';
+import { PossportAsyncOptions, PossportOptions } from './interfaces';
+export declare function createPassportOptionsProvider(options: PossportOptions): Provider;
+export declare function createPassportAsyncOptionsProvider(options: PossportAsyncOptions): Provider;

package/dist/possport.providers.js

@@ -0,0 +1,24 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createPassportOptionsProvider = createPassportOptionsProvider;
+exports.createPassportAsyncOptionsProvider = createPassportAsyncOptionsProvider;
+const constants_1 = require("./utils/constants");
+function createPassportOptionsProvider(options) {
+    return {
+        provide: constants_1.PASSPORT_OPTIONS,
+        useValue: Object.freeze({ ...options })
+    };
+}
+function createPassportAsyncOptionsProvider(options) {
+    return {
+        provide: constants_1.PASSPORT_OPTIONS,
+        useFactory: async (...args) => {
+            const resolved = await options.useFactory(...args);
+            if (!resolved || typeof resolved.secretKey !== 'string') {
+                throw new Error('[PassportModule] "secretKey" is required  and must be a string');
+            }
+            return Object.freeze({ ...resolved });
+        },
+        inject: options.inject ?? []
+    };
+}

package/dist/utils/base64.d.ts

@@ -0,0 +1,2 @@
+export declare function base64UrlEncode(buf: Buffer | string): string;
+export declare function base64UrlDecode(str: string): string;

package/dist/utils/base64.js

@@ -0,0 +1,22 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.base64UrlEncode = base64UrlEncode;
+exports.base64UrlDecode = base64UrlDecode;
+function base64UrlEncode(buf) {
+    const buffer = typeof buf === 'string' ? Buffer.from(buf) : buf;
+    return buffer
+        .toString('base64')
+        .replace(/\+/g, '-')
+        .replace(/\//g, '_')
+        .replace(/=+/g, '');
+}
+function base64UrlDecode(str) {
+    if (!str || typeof str !== 'string') {
+        throw new Error('Invalid base64url string');
+    }
+    let decoded = str.replace(/-/g, '+').replace(/_/g, '/');
+    while (decoded.length % 4) {
+        decoded += '=';
+    }
+    return Buffer.from(decoded, 'base64').toString();
+}

package/dist/utils/constants/index.d.ts

@@ -0,0 +1 @@
+export * from './passport.constants';

package/dist/utils/constants/index.js

@@ -0,0 +1,17 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./passport.constants"), exports);

package/dist/utils/constants/passport.constants.d.ts

@@ -0,0 +1 @@
+export declare const PASSPORT_OPTIONS: unique symbol;

package/dist/utils/constants/passport.constants.js

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PASSPORT_OPTIONS = void 0;
+//DI key
+exports.PASSPORT_OPTIONS = Symbol('PASSPORT_OPTIONS');

package/dist/utils/crypto.d.ts

@@ -0,0 +1 @@
+export declare function constantTimeCompare(a: Buffer | string, b: Buffer | string): boolean;

package/dist/utils/crypto.js

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.constantTimeCompare = constantTimeCompare;
+const crypto_1 = require("crypto");
+function constantTimeCompare(a, b) {
+    const bufferA = Buffer.isBuffer(a) ? a : Buffer.from(a);
+    const bufferB = Buffer.isBuffer(b) ? b : Buffer.from(b);
+    if (bufferA.length !== bufferB.length) {
+        return false;
+    }
+    return (0, crypto_1.timingSafeEqual)(bufferA, bufferB);
+}

package/dist/utils/index.d.ts

@@ -0,0 +1,2 @@
+export * from './base64';
+export * from './crypto';

package/dist/utils/index.js

@@ -0,0 +1,18 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./base64"), exports);
+__exportStar(require("./crypto"), exports);

package/package.json

@@ -0,0 +1,34 @@
+{
+	"name": "@coolsiarh/passport",
+	"version": "1.0.0",
+	"description": "Lightweight authentication module for NestJS applications.",
+	"main": "./dist/index.js",
+	"types": "./dist/index.d.ts",
+	"files": [
+		"dist"
+	],
+	"scripts": {
+		"build": "tsc -p tsconfig.build.json",
+		"format": "prettier --write \"./lib/**/*.ts\""
+	},
+	"publishConfig": {
+		"access": "public"
+	},
+	"keywords": [],
+	"author": "",
+	"license": "ISC",
+	"type": "commonjs",
+	"devDependencies": {
+		"@coolsiarh/core": "^1.0.5",
+		"@types/node": "^25.0.9",
+		"prettier": "^3.8.0",
+		"ts-node": "^10.9.2",
+		"typescript": "^5.9.3"
+	},
+	"dependencies": {
+		"@nestjs/common": "^11.1.12",
+		"@nestjs/core": "^11.1.12",
+		"reflect-metadata": "^0.2.2",
+		"rxjs": "^7.8.2"
+	}
+}