@drax/identity-back 0.37.4 → 0.38.0

package/dist/index.js

@@ -30,6 +30,12 @@ import CreateOrUpdateRole from "./setup/CreateOrUpdateRole.js";
 import LoadPermissions from "./setup/LoadPermissions.js";
 import LoadIdentityConfigFromEnv from "./setup/LoadIdentityConfigFromEnv.js";
 import RecoveryUserPassword from "./setup/RecoveryUserPassword.js";
+import { RoleModel, RoleMongoSchema } from "./models/RoleModel.js";
+import { TenantModel, TenantMongoSchema } from "./models/TenantModel.js";
+import { UserModel, UserMongoSchema } from "./models/UserModel.js";
+import { UserApiKeyModel, UserApiKeyMongoSchema } from "./models/UserApiKeyModel.js";
+import { UserSessionModel, UserSessionMongoSchema } from "./models/UserSessionModel.js";
+import { UserLoginFailModel, UserLoginFailMongoSchema } from "./models/UserLoginFailModel.js";
 import RoleMongoRepository from "./repository/mongo/RoleMongoRepository.js";
 import TenantMongoRepository from "./repository/mongo/TenantMongoRepository.js";
 import UserMongoRepository from "./repository/mongo/UserMongoRepository.js";
@@ -52,14 +58,14 @@ import { UserSchema, UserBaseSchema } from "./schemas/UserSchema.js";
 import { TenantSchema, TenantBaseSchema } from "./schemas/TenantSchema.js";
 import { RoleSchema, RoleBaseSchema } from "./schemas/RoleSchema.js";
 import { UserApiKeySchema, UserApiKeyBaseSchema } from "./schemas/UserApiKeySchema.js";
-import { UserLoginFailBaseSchema, UserLoginFailSchema } from "./schemas/UserLoginFailSchema.js";
-import { UserSessionBaseSchema, UserSessionSchema } from "./schemas/UserSessionSchema.js";
+import { UserLoginFailBaseSchema } from "./schemas/UserLoginFailSchema.js";
+import { UserSessionBaseSchema } from "./schemas/UserSessionSchema.js";
 const graphqlMergeResult = await GraphqlMerge();
 const identityTypeDefs = await graphqlMergeResult.typeDefs;
 const identityResolvers = await graphqlMergeResult.resolvers;
 export { 
 //Schemas
-UserSchema, UserBaseSchema, TenantSchema, TenantBaseSchema, RoleSchema, RoleBaseSchema, UserApiKeyBaseSchema, UserApiKeySchema, UserLoginFailBaseSchema, UserLoginFailSchema, UserSessionBaseSchema, UserSessionSchema, 
+UserSchema, UserBaseSchema, TenantSchema, TenantBaseSchema, RoleSchema, RoleBaseSchema, UserApiKeyBaseSchema, UserApiKeySchema, UserLoginFailBaseSchema, UserSessionBaseSchema, 
 //Service
 UserService, RoleService, TenantService, UserApiKeyService, UserSessionService, UserLoginFailService, PermissionService, Rbac, 
 //Factories
@@ -74,6 +80,8 @@ jwtMiddleware, rbacMiddleware, apiKeyMiddleware,
 RolePermissions, TenantPermissions, UserPermissions, UserApiKeyPermissions, UserSessionPermissions, UserLoginFailPermissions, 
 //Mongo Repositories
 RoleMongoRepository, TenantMongoRepository, UserMongoRepository, UserApiKeyMongoRepository, UserSessionMongoRepository, UserLoginFailMongoRepository, 
+//Mongo Models
+RoleModel, TenantModel, UserModel, UserApiKeyModel, UserSessionModel, UserLoginFailModel, RoleMongoSchema, TenantMongoSchema, UserMongoSchema, UserApiKeyMongoSchema, UserSessionMongoSchema, UserLoginFailMongoSchema, 
 //Sqlite Repositories
 RoleSqliteRepository, TenantSqliteRepository, UserSqliteRepository, UserApiKeySqliteRepository, UserLoginFailSqliteRepository, UserSessionSqliteRepository, 
 //Config

package/dist/middleware/apiKeyMiddleware.js

@@ -21,7 +21,7 @@ async function apiKeyMiddleware(request, reply) {
             apiKey = request.headers?.authorization?.replace(/ApiKey /i, "");
         }
         //Por authorization '<uuid-key>'
-        const uuidRegex = /^[0-9a-fA-F]{24}$/i;
+        const uuidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i;
         if (request.headers['authorization'] && uuidRegex.test(request.headers['authorization'])) {
             apiKey = request.headers['authorization'];
         }
@@ -32,7 +32,11 @@ async function apiKeyMiddleware(request, reply) {
                     id: userApiKey.user._id.toString(),
                     username: userApiKey.user.username,
                     roleId: userApiKey.user.role?._id?.toString(),
+                    roleName: userApiKey.user.role?.name,
                     tenantId: userApiKey.user?.tenant?._id?.toString(),
+                    tenantName: userApiKey.user?.tenant?.name,
+                    apiKeyId: userApiKey?._id?.toString(),
+                    apiKeyName: userApiKey?.name
                 };
                 request.authUser = authUser;
             }

package/dist/models/UserLoginFailModel.js

@@ -1,20 +1,20 @@
 import { mongoose } from '@drax/common-back';
 import uniqueValidator from 'mongoose-unique-validator';
 import mongoosePaginate from 'mongoose-paginate-v2';
-const UserLoginFailSchema = new mongoose.Schema({
+const UserLoginFailMongoSchema = new mongoose.Schema({
     username: { type: String, required: false, index: false, unique: false },
     userAgent: { type: String, required: false, index: false, unique: false },
     ip: { type: String, required: false, index: false, unique: false },
 }, { timestamps: true });
-UserLoginFailSchema.plugin(uniqueValidator, { message: 'validation.unique' });
-UserLoginFailSchema.plugin(mongoosePaginate);
-UserLoginFailSchema.virtual("id").get(function () {
+UserLoginFailMongoSchema.plugin(uniqueValidator, { message: 'validation.unique' });
+UserLoginFailMongoSchema.plugin(mongoosePaginate);
+UserLoginFailMongoSchema.virtual("id").get(function () {
     return this._id.toString();
 });
-UserLoginFailSchema.set('toJSON', { getters: true, virtuals: true });
-UserLoginFailSchema.set('toObject', { getters: true, virtuals: true });
+UserLoginFailMongoSchema.set('toJSON', { getters: true, virtuals: true });
+UserLoginFailMongoSchema.set('toObject', { getters: true, virtuals: true });
 const MODEL_NAME = 'UserLoginFail';
 const COLLECTION_NAME = 'UserLoginFail';
-const UserLoginFailModel = mongoose.model(MODEL_NAME, UserLoginFailSchema, COLLECTION_NAME);
-export { UserLoginFailSchema, UserLoginFailModel };
+const UserLoginFailModel = mongoose.model(MODEL_NAME, UserLoginFailMongoSchema, COLLECTION_NAME);
+export { UserLoginFailMongoSchema, UserLoginFailModel };
 export default UserLoginFailModel;

package/dist/models/UserSessionModel.js

@@ -1,21 +1,21 @@
 import { mongoose } from '@drax/common-back';
 import uniqueValidator from 'mongoose-unique-validator';
 import mongoosePaginate from 'mongoose-paginate-v2';
-const UserSessionSchema = new mongoose.Schema({
+const UserSessionMongoSchema = new mongoose.Schema({
     uuid: { type: String, required: true, index: true, unique: false },
     user: { type: mongoose.Schema.Types.ObjectId, ref: 'User', required: true, index: true, unique: false },
     userAgent: { type: String, required: false, index: false, unique: false },
     ip: { type: String, required: false, index: false, unique: false },
 }, { timestamps: true });
-UserSessionSchema.plugin(uniqueValidator, { message: 'validation.unique' });
-UserSessionSchema.plugin(mongoosePaginate);
-UserSessionSchema.virtual("id").get(function () {
+UserSessionMongoSchema.plugin(uniqueValidator, { message: 'validation.unique' });
+UserSessionMongoSchema.plugin(mongoosePaginate);
+UserSessionMongoSchema.virtual("id").get(function () {
     return this._id.toString();
 });
-UserSessionSchema.set('toJSON', { getters: true, virtuals: true });
-UserSessionSchema.set('toObject', { getters: true, virtuals: true });
+UserSessionMongoSchema.set('toJSON', { getters: true, virtuals: true });
+UserSessionMongoSchema.set('toObject', { getters: true, virtuals: true });
 const MODEL_NAME = 'UserSession';
 const COLLECTION_NAME = 'UserSession';
-const UserSessionModel = mongoose.model(MODEL_NAME, UserSessionSchema, COLLECTION_NAME);
-export { UserSessionSchema, UserSessionModel };
+const UserSessionModel = mongoose.model(MODEL_NAME, UserSessionMongoSchema, COLLECTION_NAME);
+export { UserSessionMongoSchema, UserSessionModel };
 export default UserSessionModel;

package/dist/rbac/Rbac.js

@@ -11,8 +11,13 @@ class Rbac {
         return {
             id: this.userId,
             username: this.username,
+            session: this.session,
             roleId: this.roleId,
-            tenantId: this.tenantId
+            roleName: this.roleName,
+            tenantId: this.tenantId,
+            tenantName: this.tenantName,
+            apiKeyId: this.apiKeyId,
+            apiKeyName: this.apiKeyName
         };
     }
     get username() {
@@ -21,12 +26,27 @@ class Rbac {
     get userId() {
         return this.authUser?.id.toString();
     }
+    get session() {
+        return this.authUser?.session;
+    }
+    get apiKeyId() {
+        return this.authUser?.apiKeyId.toString();
+    }
+    get apiKeyName() {
+        return this.authUser?.apiKeyName;
+    }
     get roleId() {
         return this.authUser?.roleId.toString();
     }
+    get roleName() {
+        return this.authUser?.roleName;
+    }
     get tenantId() {
         return this.authUser?.tenantId?.toString();
     }
+    get tenantName() {
+        return this.authUser?.tenantName;
+    }
     assertAuthenticated() {
         if (!this.authUser) {
             throw new UnauthorizedError();

package/dist/schemas/TokenPayloadSchema.js

@@ -0,0 +1,14 @@
+import { z } from 'zod';
+const TokenPayloadSchema = z.object({
+    id: z.string(),
+    username: z.string(),
+    session: z.string(),
+    roleId: z.string(),
+    roleName: z.string().optional().nullable(),
+    tenantId: z.string().optional().nullable(),
+    tenantName: z.string().optional().nullable(),
+    apiKeyId: z.string().optional().nullable(),
+    apiKeyName: z.string().optional().nullable(),
+});
+export default TokenPayloadSchema;
+export { TokenPayloadSchema };

package/dist/services/UserService.js

@@ -15,19 +15,19 @@ class UserService extends AbstractService {
     }
     async auth(username, password, { userAgent, ip }) {
         let user = null;
-        console.log("auth username", username);
         user = await this.findByUsernameWithPassword(username);
         if (user && user.active && AuthUtils.checkPassword(password, user.password)) {
-            //TODO: Generar session
-            const sessionUUID = randomUUID();
-            const sessionService = UserSessionServiceFactory();
-            await sessionService.create({
-                user: user._id.toString(),
-                uuid: sessionUUID,
-                userAgent: userAgent,
-                ip: ip
-            });
-            const accessToken = AuthUtils.generateToken(user._id.toString(), user.username, user.role._id, user.tenant?._id, sessionUUID);
+            const sessionUUID = await this.generateSession(user, userAgent, ip);
+            const tokenPayload = {
+                id: user._id.toString(),
+                username: user.username,
+                roleId: user.role?._id?.toString(),
+                roleName: user.role?.name,
+                tenantId: user.tenant ? user.tenant?._id?.toString() : null,
+                tenantName: user.tenant ? user.tenant?.name : null,
+                session: sessionUUID
+            };
+            const accessToken = AuthUtils.generateToken(tokenPayload);
             return { accessToken: accessToken };
         }
         else {
@@ -40,11 +40,22 @@ class UserService extends AbstractService {
             throw new BadCredentialsError();
         }
     }
+    async generateSession(user, userAgent, ip) {
+        const sessionUUID = randomUUID();
+        const sessionService = UserSessionServiceFactory();
+        await sessionService.create({
+            user: user._id.toString(),
+            uuid: sessionUUID,
+            userAgent: userAgent,
+            ip: ip
+        });
+        return sessionUUID;
+    }
     async switchTenant(accessToken, tenantId) {
         const newAccessToken = AuthUtils.switchTenant(accessToken, tenantId);
         return { accessToken: newAccessToken };
     }
-    async authByEmail(email, createIfNotFound = false, userData) {
+    async authByEmail(email, createIfNotFound = false, userData, { userAgent, ip }) {
         let user = null;
         console.log("auth email", email);
         user = await this.findByEmail(email);
@@ -54,8 +65,17 @@ class UserService extends AbstractService {
             user = await this.create(userData);
         }
         if (user && user.active) {
-            const session = randomUUID();
-            const accessToken = AuthUtils.generateToken(user._id.toString(), user.username, user.role._id, user.tenant?._id, session);
+            const sessionUUID = await this.generateSession(user, userAgent, ip);
+            const tokenPayload = {
+                id: user._id.toString(),
+                username: user.username,
+                roleId: user.role?._id?.toString(),
+                roleName: user.role?.name,
+                tenantId: user.tenant ? user.tenant?._id?.toString() : null,
+                tenantName: user.tenant ? user.tenant?.name : null,
+                session: sessionUUID
+            };
+            const accessToken = AuthUtils.generateToken(tokenPayload);
             return { accessToken: accessToken };
         }
         else {

package/dist/utils/AuthUtils.js

@@ -3,6 +3,7 @@ import jsonwebtoken from "jsonwebtoken";
 import { DraxConfig } from "@drax/common-back";
 import IdentityConfig from "../config/IdentityConfig.js";
 import crypto from "crypto";
+import { TokenPayloadSchema } from "../schemas/TokenPayloadSchema.js";
 class AuthUtils {
     static verifyToken(token) {
         const JWT_SECRET = DraxConfig.getOrLoad(IdentityConfig.JwtSecret);
@@ -12,7 +13,9 @@ class AuthUtils {
         const options = {
             algorithms: ['HS256'],
         };
-        return jsonwebtoken.verify(token, JWT_SECRET, options);
+        const tokenPayload = jsonwebtoken.verify(token, JWT_SECRET, options);
+        TokenPayloadSchema.parse(tokenPayload);
+        return tokenPayload;
     }
     static hashPassword(password) {
         if (!password) {
@@ -25,17 +28,8 @@ class AuthUtils {
     static checkPassword(password, hashPassword) {
         return bcryptjs.compareSync(password, hashPassword);
     }
-    static tokenSignPayload(userId, username, roleId, tenantId, session) {
-        return {
-            id: userId,
-            username: username,
-            roleId: roleId,
-            tenantId: tenantId,
-            session: session
-        };
-    }
-    static generateToken(userId, username, roleId, tenantId, session) {
-        const payload = AuthUtils.tokenSignPayload(userId, username, roleId, tenantId, session);
+    static generateToken(payload) {
+        TokenPayloadSchema.parse(payload);
         const JWT_SECRET = DraxConfig.getOrLoad(IdentityConfig.JwtSecret);
         if (!JWT_SECRET) {
             throw new Error("JWT_SECRET ENV must be provided");
@@ -44,9 +38,9 @@ class AuthUtils {
         const JWT_ISSUER = DraxConfig.getOrLoad(IdentityConfig.JwtIssuer) || 'DRAX';
         const options = {
             expiresIn: JWT_EXPIRATION,
-            jwtid: userId,
+            jwtid: payload.id,
             algorithm: 'HS256',
-            audience: username,
+            audience: payload.username,
             issuer: JWT_ISSUER
         };
         let token = jsonwebtoken.sign(payload, JWT_SECRET, options);
@@ -62,31 +56,23 @@ class AuthUtils {
     }
     static switchTenant(accessToken, newTenantId) {
         // Verificar que el token actual sea válido
-        const decodedToken = AuthUtils.verifyToken(accessToken);
-        if (!decodedToken) {
+        const tokenPayload = AuthUtils.verifyToken(accessToken);
+        if (!tokenPayload) {
             throw new Error("Invalid access token");
         }
-        // Crear el nuevo payload manteniendo todos los datos excepto tenantId
-        const newPayload = {
-            id: decodedToken.id,
-            username: decodedToken.username,
-            roleId: decodedToken.roleId,
-            tenantId: newTenantId,
-            session: decodedToken.session,
-            exp: decodedToken.exp
-        };
+        tokenPayload.tenantId = newTenantId;
         const JWT_SECRET = DraxConfig.getOrLoad(IdentityConfig.JwtSecret);
         if (!JWT_SECRET) {
             throw new Error("JWT_SECRET ENV must be provided");
         }
         const JWT_ISSUER = DraxConfig.getOrLoad(IdentityConfig.JwtIssuer) || 'DRAX';
         const options = {
-            jwtid: decodedToken.id,
+            jwtid: tokenPayload.id,
             algorithm: 'HS256',
-            audience: decodedToken.username,
+            audience: tokenPayload.username,
             issuer: JWT_ISSUER
         };
-        return jsonwebtoken.sign(newPayload, JWT_SECRET, options);
+        return jsonwebtoken.sign(tokenPayload, JWT_SECRET, options);
     }
 }
 export default AuthUtils;

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "0.37.4",
+  "version": "0.38.0",
   "description": "Identity module for user management, authentication and authorization.",
   "main": "dist/index.js",
   "types": "types/index.d.ts",
@@ -28,11 +28,11 @@
   "author": "Cristian Incarnato & Drax Team",
   "license": "ISC",
   "dependencies": {
-    "@drax/common-back": "^0.37.2",
-    "@drax/crud-back": "^0.37.4",
-    "@drax/crud-share": "^0.37.0",
-    "@drax/email-back": "^0.37.0",
-    "@drax/identity-share": "^0.37.0",
+    "@drax/common-back": "^0.38.0",
+    "@drax/crud-back": "^0.38.0",
+    "@drax/crud-share": "^0.38.0",
+    "@drax/email-back": "^0.38.0",
+    "@drax/identity-share": "^0.38.0",
     "bcryptjs": "^2.4.3",
     "graphql": "^16.8.2",
     "jsonwebtoken": "^9.0.2"
@@ -63,5 +63,5 @@
       "debug": "0"
     }
   },
-  "gitHead": "d30963a38a3efec693b589bcc55ae286f4a04386"
+  "gitHead": "43c90f3c12165e7527edefbc80dd327a59236dd5"
 }

package/src/index.ts

@@ -44,6 +44,13 @@ import type {IUserApiKeyRepository} from "./interfaces/IUserApiKeyRepository";
 import type {IUserLoginFailRepository} from "./interfaces/IUserLoginFailRepository";
 import type {IUserSessionRepository} from "./interfaces/IUserSessionRepository";
 
+import {RoleModel, RoleMongoSchema} from "./models/RoleModel.js";
+import {TenantModel, TenantMongoSchema} from "./models/TenantModel.js";
+import {UserModel, UserMongoSchema} from "./models/UserModel.js";
+import {UserApiKeyModel, UserApiKeyMongoSchema} from "./models/UserApiKeyModel.js";
+import {UserSessionModel,UserSessionMongoSchema} from "./models/UserSessionModel.js";
+import {UserLoginFailModel,UserLoginFailMongoSchema} from "./models/UserLoginFailModel.js";
+
 
 import RoleMongoRepository from "./repository/mongo/RoleMongoRepository.js";
 import TenantMongoRepository from "./repository/mongo/TenantMongoRepository.js";
@@ -101,9 +108,7 @@ export {
     UserApiKeyBaseSchema,
     UserApiKeySchema,
     UserLoginFailBaseSchema,
-    UserLoginFailSchema,
     UserSessionBaseSchema,
-    UserSessionSchema,
 
     //Service
     UserService,
@@ -158,6 +163,21 @@ export {
     UserSessionMongoRepository,
     UserLoginFailMongoRepository,
 
+    //Mongo Models
+    RoleModel,
+    TenantModel,
+    UserModel,
+    UserApiKeyModel,
+    UserSessionModel,
+    UserLoginFailModel,
+
+    RoleMongoSchema,
+    TenantMongoSchema,
+    UserMongoSchema,
+    UserApiKeyMongoSchema,
+    UserSessionMongoSchema,
+    UserLoginFailMongoSchema,
+
     //Sqlite Repositories
     RoleSqliteRepository,
     TenantSqliteRepository,

package/src/middleware/apiKeyMiddleware.ts

@@ -29,19 +29,23 @@ async function apiKeyMiddleware (request, reply) {
             }
 
             //Por authorization '<uuid-key>'
-            const uuidRegex = /^[0-9a-fA-F]{24}$/i;
+            const uuidRegex =  /^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i;
             if(request.headers['authorization'] && uuidRegex.test(request.headers['authorization'])){
                 apiKey = request.headers['authorization']
             }
 
             if(apiKey){
-                const userApiKey = await draxCache.getOrLoad(apiKey, userApiKeyLoader)
+                const userApiKey : IUserApiKey = await draxCache.getOrLoad(apiKey, userApiKeyLoader)
                 if(userApiKey && userApiKey.user){
                     const authUser: IAuthUser = {
                         id: userApiKey.user._id.toString(),
                         username: userApiKey.user.username,
                         roleId:  userApiKey.user.role?._id?.toString(),
+                        roleName:  userApiKey.user.role?.name,
                         tenantId: userApiKey.user?.tenant?._id?.toString(),
+                        tenantName: userApiKey.user?.tenant?.name,
+                        apiKeyId: userApiKey?._id?.toString(),
+                        apiKeyName: userApiKey?.name
                     }
                     request.authUser = authUser
                 }

package/src/middleware/jwtMiddleware.ts

@@ -1,5 +1,5 @@
 import AuthUtils from "../utils/AuthUtils.js";
-import {IJwtUser} from "@drax/identity-share";
+import {IAuthUser} from "@drax/identity-share";
 
 function jwtMiddleware (request, reply, done) {
         try{
@@ -14,7 +14,7 @@ function jwtMiddleware (request, reply, done) {
             const routerPath = request.url
 
             if(routerPath != '/api/auth/login' && token){
-                const authUser = AuthUtils.verifyToken(token) as IJwtUser
+                const authUser: IAuthUser = AuthUtils.verifyToken(token)
                 if(authUser){
                     request.authUser = authUser
                     request.token = token

package/src/middleware/rbacMiddleware.ts

@@ -1,4 +1,4 @@
-import {IJwtUser, IRole} from "@drax/identity-share";
+import {IAuthUser, IRbac, IRole} from "@drax/identity-share";
 import {DraxCache, DraxConfig} from "@drax/common-back";
 import RoleServiceFactory from "../factory/RoleServiceFactory.js";
 import Rbac from "../rbac/Rbac.js";
@@ -16,14 +16,14 @@ async function roleLoader(k):Promise<IRole | null> {
 
 async function rbacMiddleware (request, reply) {
         try{
-            if(request.authUser as IJwtUser){
-                const authUser = request.authUser
+            if(request.authUser as IAuthUser){
+                const authUser: IAuthUser = request.authUser
                 const cacheKey = authUser.roleId
-                const role = await draxCache.getOrLoad(cacheKey, roleLoader)
-                const rbac = new Rbac(authUser,role)
+                const role : IRole = await draxCache.getOrLoad(cacheKey, roleLoader)
+                const rbac: IRbac = new Rbac(authUser,role)
                 request.rbac = rbac
             }else{
-                const rbac = new Rbac(null,null)
+                const rbac: IRbac = new Rbac(null,null)
                 request.rbac = rbac
             }
             return

package/src/models/UserLoginFailModel.ts

@@ -4,30 +4,30 @@ import uniqueValidator from 'mongoose-unique-validator';
 import mongoosePaginate from 'mongoose-paginate-v2'
 import type {IUserLoginFail} from '@drax/identity-share'
 
-const UserLoginFailSchema = new mongoose.Schema<IUserLoginFail>({
+const UserLoginFailMongoSchema = new mongoose.Schema<IUserLoginFail>({
             username: {type: String,   required: false, index: false, unique: false },
             userAgent: {type: String,   required: false, index: false, unique: false },
             ip: {type: String,   required: false, index: false, unique: false },
 }, {timestamps: true});
 
-UserLoginFailSchema.plugin(uniqueValidator, {message: 'validation.unique'});
-UserLoginFailSchema.plugin(mongoosePaginate);
+UserLoginFailMongoSchema.plugin(uniqueValidator, {message: 'validation.unique'});
+UserLoginFailMongoSchema.plugin(mongoosePaginate);
 
-UserLoginFailSchema.virtual("id").get(function () {
+UserLoginFailMongoSchema.virtual("id").get(function () {
     return this._id.toString();
 });
 
 
-UserLoginFailSchema.set('toJSON', {getters: true, virtuals: true});
+UserLoginFailMongoSchema.set('toJSON', {getters: true, virtuals: true});
 
-UserLoginFailSchema.set('toObject', {getters: true, virtuals: true});
+UserLoginFailMongoSchema.set('toObject', {getters: true, virtuals: true});
 
 const MODEL_NAME = 'UserLoginFail';
 const COLLECTION_NAME = 'UserLoginFail';
-const UserLoginFailModel = mongoose.model<IUserLoginFail, PaginateModel<IUserLoginFail>>(MODEL_NAME, UserLoginFailSchema,COLLECTION_NAME);
+const UserLoginFailModel = mongoose.model<IUserLoginFail, PaginateModel<IUserLoginFail>>(MODEL_NAME, UserLoginFailMongoSchema,COLLECTION_NAME);
 
 export {
-    UserLoginFailSchema,
+    UserLoginFailMongoSchema,
     UserLoginFailModel
 }
 

package/src/models/UserSessionModel.ts

@@ -5,31 +5,31 @@ import uniqueValidator from 'mongoose-unique-validator';
 import mongoosePaginate from 'mongoose-paginate-v2'
 import type {IUserSession} from '@drax/identity-share'
 
-const UserSessionSchema = new mongoose.Schema<IUserSession>({
+const UserSessionMongoSchema = new mongoose.Schema<IUserSession>({
             uuid: {type: String,   required: true, index: true, unique: false },
             user: {type: mongoose.Schema.Types.ObjectId, ref: 'User',  required: true, index: true, unique: false },
             userAgent: {type: String,   required: false, index: false, unique: false },
             ip: {type: String,   required: false, index: false, unique: false },
 }, {timestamps: true});
 
-UserSessionSchema.plugin(uniqueValidator, {message: 'validation.unique'});
-UserSessionSchema.plugin(mongoosePaginate);
+UserSessionMongoSchema.plugin(uniqueValidator, {message: 'validation.unique'});
+UserSessionMongoSchema.plugin(mongoosePaginate);
 
-UserSessionSchema.virtual("id").get(function () {
+UserSessionMongoSchema.virtual("id").get(function () {
     return this._id.toString();
 });
 
 
-UserSessionSchema.set('toJSON', {getters: true, virtuals: true});
+UserSessionMongoSchema.set('toJSON', {getters: true, virtuals: true});
 
-UserSessionSchema.set('toObject', {getters: true, virtuals: true});
+UserSessionMongoSchema.set('toObject', {getters: true, virtuals: true});
 
 const MODEL_NAME = 'UserSession';
 const COLLECTION_NAME = 'UserSession';
-const UserSessionModel = mongoose.model<IUserSession, PaginateModel<IUserSession>>(MODEL_NAME, UserSessionSchema,COLLECTION_NAME);
+const UserSessionModel = mongoose.model<IUserSession, PaginateModel<IUserSession>>(MODEL_NAME, UserSessionMongoSchema,COLLECTION_NAME);
 
 export {
-    UserSessionSchema,
+    UserSessionMongoSchema,
     UserSessionModel
 }
 

package/src/rbac/Rbac.ts

@@ -1,12 +1,11 @@
-import type {IJwtUser, IRole, IRbac} from "@drax/identity-share";
+import type { IAuthUser, IRole, IRbac} from "@drax/identity-share";
 import {UnauthorizedError, ForbiddenError} from "@drax/common-back";
-import {IAuthUser} from "@drax/identity-share/dist";
 
 class Rbac implements IRbac{
     private role: IRole;
     private authUser: IAuthUser;
 
-    constructor(authUser: IJwtUser, role: IRole) {
+    constructor(authUser: IAuthUser, role: IRole) {
         this.authUser = authUser;
         this.role = role;
     }
@@ -19,8 +18,13 @@ class Rbac implements IRbac{
         return {
             id: this.userId,
             username: this.username,
+            session: this.session,
             roleId: this.roleId,
-            tenantId: this.tenantId
+            roleName: this.roleName,
+            tenantId: this.tenantId,
+            tenantName: this.tenantName,
+            apiKeyId: this.apiKeyId,
+            apiKeyName: this.apiKeyName
         }
     }
 
@@ -32,14 +36,34 @@ class Rbac implements IRbac{
         return this.authUser?.id.toString()
     }
 
+    get session(): string  {
+        return this.authUser?.session
+    }
+
+    get apiKeyId(): string  {
+        return this.authUser?.apiKeyId.toString()
+    }
+
+    get apiKeyName(): string  {
+        return this.authUser?.apiKeyName
+    }
+
     get roleId(): string  {
         return this.authUser?.roleId.toString()
     }
 
+    get roleName(): string  {
+        return this.authUser?.roleName
+    }
+
     get tenantId(): string | undefined  {
         return this.authUser?.tenantId?.toString();
     }
 
+    get tenantName(): string | undefined  {
+        return this.authUser?.tenantName;
+    }
+
     assertAuthenticated() {
         if (!this.authUser) {
             throw new UnauthorizedError()