@fabx.vn/core 1.0.0

package/dist/core/filters/http-exception.filter.js

@@ -0,0 +1,47 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var HttpExceptionFilter_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HttpExceptionFilter = void 0;
+const common_1 = require("@nestjs/common");
+const api_response_dto_1 = require("@core/dtos/api-response.dto");
+const messages_constants_1 = require("@constants/messages.constants");
+let HttpExceptionFilter = HttpExceptionFilter_1 = class HttpExceptionFilter {
+    constructor() {
+        this.logger = new common_1.Logger(HttpExceptionFilter_1.name);
+    }
+    catch(exception, host) {
+        const ctx = host.switchToHttp();
+        const response = ctx.getResponse();
+        let status = common_1.HttpStatus.INTERNAL_SERVER_ERROR;
+        let message = messages_constants_1.MESSAGES.API.INTERNAL_SERVER_ERROR;
+        if (exception instanceof common_1.HttpException) {
+            status = exception.getStatus();
+            const exceptionResponse = exception.getResponse();
+            message =
+                typeof exceptionResponse === "string"
+                    ? exceptionResponse
+                    : exceptionResponse.message || exception.message;
+        }
+        else if (exception instanceof Error) {
+            message = exception.message;
+            this.logger.error(`Unexpected error: ${exception.message}`, exception.stack);
+        }
+        else {
+            message = messages_constants_1.MESSAGES.API.UNEXPECTED_ERROR;
+            this.logger.error("Unknown exception:", exception);
+        }
+        const errorResponse = api_response_dto_1.ApiResponseDto.error(message, status);
+        response.status(status).json(errorResponse);
+    }
+};
+exports.HttpExceptionFilter = HttpExceptionFilter;
+exports.HttpExceptionFilter = HttpExceptionFilter = HttpExceptionFilter_1 = __decorate([
+    (0, common_1.Catch)()
+], HttpExceptionFilter);
+//# sourceMappingURL=http-exception.filter.js.map

package/dist/core/filters/http-exception.filter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"http-exception.filter.js","sourceRoot":"","sources":["../../../src/core/filters/http-exception.filter.ts"],"names":[],"mappings":";;;;;;;;;;AAAA,2CAOwB;AAExB,kEAA6D;AAC7D,sEAAyD;AAGlD,IAAM,mBAAmB,2BAAzB,MAAM,mBAAmB;IAAzB;QACY,WAAM,GAAG,IAAI,eAAM,CAAC,qBAAmB,CAAC,IAAI,CAAC,CAAC;IA+BjE,CAAC;IA7BC,KAAK,CAAC,SAAkB,EAAE,IAAmB;QAC3C,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;QAChC,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW,EAAY,CAAC;QAE7C,IAAI,MAAM,GAAG,mBAAU,CAAC,qBAAqB,CAAC;QAC9C,IAAI,OAAO,GAAW,6BAAQ,CAAC,GAAG,CAAC,qBAAqB,CAAC;QAEzD,IAAI,SAAS,YAAY,sBAAa,EAAE,CAAC;YACvC,MAAM,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC;YAC/B,MAAM,iBAAiB,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC;YAClD,OAAO;gBACL,OAAO,iBAAiB,KAAK,QAAQ;oBACnC,CAAC,CAAC,iBAAiB;oBACnB,CAAC,CAAE,iBAAyB,CAAC,OAAO,IAAI,SAAS,CAAC,OAAO,CAAC;QAChE,CAAC;aAAM,IAAI,SAAS,YAAY,KAAK,EAAE,CAAC;YACtC,OAAO,GAAG,SAAS,CAAC,OAAO,CAAC;YAC5B,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,qBAAqB,SAAS,CAAC,OAAO,EAAE,EACxC,SAAS,CAAC,KAAK,CAChB,CAAC;QACJ,CAAC;aAAM,CAAC;YAEN,OAAO,GAAG,6BAAQ,CAAC,GAAG,CAAC,gBAAgB,CAAC;YACxC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,oBAAoB,EAAE,SAAS,CAAC,CAAC;QACrD,CAAC;QAED,MAAM,aAAa,GAAG,iCAAc,CAAC,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC5D,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAC9C,CAAC;CACF,CAAA;AAhCY,kDAAmB;8BAAnB,mBAAmB;IAD/B,IAAA,cAAK,GAAE;GACK,mBAAmB,CAgC/B"}

package/dist/core/guards/internal-auth.guard.d.ts

@@ -0,0 +1,7 @@
+import { CanActivate, ExecutionContext } from "@nestjs/common";
+import { CoreJwtService } from "@core/services/jwt.service";
+export declare class InternalAuthGuard implements CanActivate {
+    private readonly coreJwtService;
+    constructor(coreJwtService: CoreJwtService);
+    canActivate(context: ExecutionContext): boolean;
+}

package/dist/core/guards/internal-auth.guard.js

@@ -0,0 +1,42 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.InternalAuthGuard = void 0;
+const common_1 = require("@nestjs/common");
+const jwt_service_1 = require("@core/services/jwt.service");
+const messages_constants_1 = require("@constants/messages.constants");
+let InternalAuthGuard = class InternalAuthGuard {
+    constructor(coreJwtService) {
+        this.coreJwtService = coreJwtService;
+    }
+    canActivate(context) {
+        const request = context.switchToHttp().getRequest();
+        const authHeader = request.headers.authorization;
+        if (!authHeader || !authHeader.startsWith("Bearer ")) {
+            throw new common_1.UnauthorizedException(messages_constants_1.MESSAGES.INTERNAL_AUTH.MISSING_OR_INVALID_HEADER);
+        }
+        const token = authHeader.split(" ")[1];
+        if (!token) {
+            throw new common_1.UnauthorizedException(messages_constants_1.MESSAGES.INTERNAL_AUTH.MISSING_INTERNAL_TOKEN);
+        }
+        const payload = this.coreJwtService.verifyInternalToken(token);
+        if (!payload || !payload.service) {
+            throw new common_1.UnauthorizedException(messages_constants_1.MESSAGES.INTERNAL_AUTH.INVALID_OR_EXPIRED_INTERNAL_TOKEN);
+        }
+        return true;
+    }
+};
+exports.InternalAuthGuard = InternalAuthGuard;
+exports.InternalAuthGuard = InternalAuthGuard = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [jwt_service_1.CoreJwtService])
+], InternalAuthGuard);
+//# sourceMappingURL=internal-auth.guard.js.map

package/dist/core/guards/internal-auth.guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"internal-auth.guard.js","sourceRoot":"","sources":["../../../src/core/guards/internal-auth.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAKwB;AACxB,4DAA4D;AAC5D,sEAAyD;AAGlD,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAC5B,YAA6B,cAA8B;QAA9B,mBAAc,GAAd,cAAc,CAAgB;IAAG,CAAC;IAE/D,WAAW,CAAC,OAAyB;QACnC,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QACpD,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QAEjD,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YACrD,MAAM,IAAI,8BAAqB,CAC7B,6BAAQ,CAAC,aAAa,CAAC,yBAAyB,CACjD,CAAC;QACJ,CAAC;QAED,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAEvC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,8BAAqB,CAC7B,6BAAQ,CAAC,aAAa,CAAC,sBAAsB,CAC9C,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;QAE/D,IAAI,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACjC,MAAM,IAAI,8BAAqB,CAC7B,6BAAQ,CAAC,aAAa,CAAC,iCAAiC,CACzD,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AA/BY,8CAAiB;4BAAjB,iBAAiB;IAD7B,IAAA,mBAAU,GAAE;qCAEkC,4BAAc;GADhD,iBAAiB,CA+B7B"}

package/dist/core/guards/jwt-auth.guard.d.ts

@@ -0,0 +1,12 @@
+import { ExecutionContext } from "@nestjs/common";
+import { Reflector } from "@nestjs/core";
+import { CoreJwtService } from "@core/services/jwt.service";
+declare const JwtAuthGuard_base: import("@nestjs/passport").Type<import("@nestjs/passport").IAuthGuard>;
+export declare class JwtAuthGuard extends JwtAuthGuard_base {
+    private reflector;
+    private coreJwtService;
+    constructor(reflector: Reflector, coreJwtService: CoreJwtService);
+    canActivate(context: ExecutionContext): Promise<boolean>;
+    handleRequest(err: any, user: any, info: any): any;
+}
+export {};

package/dist/core/guards/jwt-auth.guard.js

@@ -0,0 +1,56 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.JwtAuthGuard = void 0;
+const common_1 = require("@nestjs/common");
+const passport_1 = require("@nestjs/passport");
+const core_1 = require("@nestjs/core");
+const jwt_service_1 = require("@core/services/jwt.service");
+const cookie_service_1 = require("@core/services/cookie.service");
+const messages_constants_1 = require("@constants/messages.constants");
+let JwtAuthGuard = class JwtAuthGuard extends (0, passport_1.AuthGuard)("jwt") {
+    constructor(reflector, coreJwtService) {
+        super();
+        this.reflector = reflector;
+        this.coreJwtService = coreJwtService;
+    }
+    async canActivate(context) {
+        const isPublic = this.reflector.getAllAndOverride("isPublic", [
+            context.getHandler(),
+            context.getClass(),
+        ]);
+        if (isPublic)
+            return true;
+        const request = context.switchToHttp().getRequest();
+        const tokens = cookie_service_1.CookieService.extractTokensFromCookie(request);
+        if (!tokens?.accessToken) {
+            throw new common_1.UnauthorizedException(messages_constants_1.MESSAGES.AUTH.NO_TOKEN);
+        }
+        const currentUser = await this.coreJwtService.getCurrentUser(tokens.accessToken);
+        if (!currentUser) {
+            throw new common_1.UnauthorizedException(messages_constants_1.MESSAGES.AUTH.INVALID_TOKEN);
+        }
+        request.user = currentUser;
+        return true;
+    }
+    handleRequest(err, user, info) {
+        if (err || !user)
+            new common_1.UnauthorizedException(messages_constants_1.MESSAGES.AUTH.INVALID_TOKEN);
+        return user;
+    }
+};
+exports.JwtAuthGuard = JwtAuthGuard;
+exports.JwtAuthGuard = JwtAuthGuard = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [core_1.Reflector,
+        jwt_service_1.CoreJwtService])
+], JwtAuthGuard);
+//# sourceMappingURL=jwt-auth.guard.js.map

package/dist/core/guards/jwt-auth.guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt-auth.guard.js","sourceRoot":"","sources":["../../../src/core/guards/jwt-auth.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAIwB;AACxB,+CAA6C;AAC7C,uCAAyC;AACzC,4DAA4D;AAC5D,kEAA8D;AAC9D,sEAAyD;AAGlD,IAAM,YAAY,GAAlB,MAAM,YAAa,SAAQ,IAAA,oBAAS,EAAC,KAAK,CAAC;IAChD,YACU,SAAoB,EACpB,cAA8B;QAEtC,KAAK,EAAE,CAAC;QAHA,cAAS,GAAT,SAAS,CAAW;QACpB,mBAAc,GAAd,cAAc,CAAgB;IAGxC,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,OAAyB;QAEzC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,UAAU,EAAE;YACrE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,QAAQ;YAAE,OAAO,IAAI,CAAC;QAE1B,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QACpD,MAAM,MAAM,GAAG,8BAAa,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAC;QAE9D,IAAI,CAAC,MAAM,EAAE,WAAW,EAAE,CAAC;YACzB,MAAM,IAAI,8BAAqB,CAAC,6BAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC1D,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAC1D,MAAM,CAAC,WAAW,CACnB,CAAC;QAEF,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,8BAAqB,CAAC,6BAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC/D,CAAC;QAGD,OAAO,CAAC,IAAI,GAAG,WAAW,CAAC;QAE3B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,aAAa,CAAC,GAAQ,EAAE,IAAS,EAAE,IAAS;QAC1C,IAAI,GAAG,IAAI,CAAC,IAAI;YAAE,IAAI,8BAAqB,CAAC,6BAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACzE,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AA1CY,oCAAY;uBAAZ,YAAY;IADxB,IAAA,mBAAU,GAAE;qCAGU,gBAAS;QACJ,4BAAc;GAH7B,YAAY,CA0CxB"}

package/dist/core/guards/permission.guard.d.ts

@@ -0,0 +1,9 @@
+import { CanActivate, ExecutionContext } from "@nestjs/common";
+import { Reflector } from "@nestjs/core";
+import { CoreJwtService } from "@core/services/jwt.service";
+export declare class PermissionGuard implements CanActivate {
+    private reflector;
+    private coreJwtService;
+    constructor(reflector: Reflector, coreJwtService: CoreJwtService);
+    canActivate(context: ExecutionContext): Promise<boolean>;
+}

package/dist/core/guards/permission.guard.js

@@ -0,0 +1,71 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PermissionGuard = void 0;
+const common_1 = require("@nestjs/common");
+const core_1 = require("@nestjs/core");
+const require_permissions_decorator_1 = require("@core/decorators/require-permissions.decorator");
+const public_decorator_1 = require("@core/decorators/public.decorator");
+const jwt_service_1 = require("@core/services/jwt.service");
+const cookie_service_1 = require("@core/services/cookie.service");
+const messages_constants_1 = require("@constants/messages.constants");
+let PermissionGuard = class PermissionGuard {
+    constructor(reflector, coreJwtService) {
+        this.reflector = reflector;
+        this.coreJwtService = coreJwtService;
+    }
+    async canActivate(context) {
+        const request = context.switchToHttp().getRequest();
+        const isPublic = this.reflector.getAllAndOverride(public_decorator_1.IS_PUBLIC_KEY, [
+            context.getHandler(),
+            context.getClass(),
+        ]);
+        if (isPublic)
+            return true;
+        const tokens = cookie_service_1.CookieService.extractTokensFromCookie(request);
+        if (!tokens)
+            throw new common_1.ForbiddenException(messages_constants_1.MESSAGES.AUTH.NO_TOKEN);
+        try {
+            const currentUser = await this.coreJwtService.getCurrentUser(tokens.accessToken);
+            if (!currentUser)
+                throw new common_1.ForbiddenException(messages_constants_1.MESSAGES.AUTH.INVALID_TOKEN);
+            const userPermissions = currentUser.permissions || [];
+            const requiredPermissions = this.reflector.getAllAndOverride(require_permissions_decorator_1.PERMISSIONS_KEY, [context.getHandler(), context.getClass()]);
+            const anyPermissions = this.reflector.getAllAndOverride(require_permissions_decorator_1.ANY_PERMISSIONS_KEY, [context.getHandler(), context.getClass()]);
+            if ((!requiredPermissions || requiredPermissions.length === 0) &&
+                (!anyPermissions || anyPermissions.length === 0))
+                return true;
+            if (requiredPermissions && requiredPermissions.length > 0) {
+                const hasAllPermissions = requiredPermissions.every((permission) => userPermissions.includes(permission));
+                if (!hasAllPermissions)
+                    throw new common_1.ForbiddenException(messages_constants_1.MESSAGES.AUTH.INSUFFICIENT_PERMISSIONS);
+            }
+            if (anyPermissions && anyPermissions.length > 0) {
+                const hasAnyPermission = anyPermissions.some((permission) => userPermissions.includes(permission));
+                if (!hasAnyPermission)
+                    throw new common_1.ForbiddenException(messages_constants_1.MESSAGES.AUTH.INSUFFICIENT_PERMISSIONS);
+            }
+            return true;
+        }
+        catch (error) {
+            if (error instanceof common_1.ForbiddenException)
+                throw error;
+            throw new common_1.ForbiddenException(messages_constants_1.MESSAGES.AUTH.INVALID_TOKEN);
+        }
+    }
+};
+exports.PermissionGuard = PermissionGuard;
+exports.PermissionGuard = PermissionGuard = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [core_1.Reflector,
+        jwt_service_1.CoreJwtService])
+], PermissionGuard);
+//# sourceMappingURL=permission.guard.js.map

package/dist/core/guards/permission.guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"permission.guard.js","sourceRoot":"","sources":["../../../src/core/guards/permission.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAKwB;AACxB,uCAAyC;AACzC,kGAGwD;AACxD,wEAAkE;AAClE,4DAA4D;AAC5D,kEAA8D;AAC9D,sEAAyD;AAGlD,IAAM,eAAe,GAArB,MAAM,eAAe;IAC1B,YACU,SAAoB,EACpB,cAA8B;QAD9B,cAAS,GAAT,SAAS,CAAW;QACpB,mBAAc,GAAd,cAAc,CAAgB;IACrC,CAAC;IAEJ,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QAGpD,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,gCAAa,EAAE;YACxE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QACH,IAAI,QAAQ;YAAE,OAAO,IAAI,CAAC;QAE1B,MAAM,MAAM,GAAG,8BAAa,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAC;QAC9D,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,2BAAkB,CAAC,6BAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAElE,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAC1D,MAAM,CAAC,WAAW,CACnB,CAAC;YACF,IAAI,CAAC,WAAW;gBACd,MAAM,IAAI,2BAAkB,CAAC,6BAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAE5D,MAAM,eAAe,GAAG,WAAW,CAAC,WAAW,IAAI,EAAE,CAAC;YAGtD,MAAM,mBAAmB,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAC1D,+CAAe,EACf,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAC3C,CAAC;YACF,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CACrD,mDAAmB,EACnB,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAC3C,CAAC;YAGF,IACE,CAAC,CAAC,mBAAmB,IAAI,mBAAmB,CAAC,MAAM,KAAK,CAAC,CAAC;gBAC1D,CAAC,CAAC,cAAc,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,CAAC;gBAEhD,OAAO,IAAI,CAAC;YAGd,IAAI,mBAAmB,IAAI,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC1D,MAAM,iBAAiB,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC,UAAU,EAAE,EAAE,CACjE,eAAe,CAAC,QAAQ,CAAC,UAAU,CAAC,CACrC,CAAC;gBACF,IAAI,CAAC,iBAAiB;oBACpB,MAAM,IAAI,2BAAkB,CAAC,6BAAQ,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;YACzE,CAAC;YAGD,IAAI,cAAc,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAChD,MAAM,gBAAgB,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE,CAC1D,eAAe,CAAC,QAAQ,CAAC,UAAU,CAAC,CACrC,CAAC;gBACF,IAAI,CAAC,gBAAgB;oBACnB,MAAM,IAAI,2BAAkB,CAAC,6BAAQ,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;YACzE,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,2BAAkB;gBAAE,MAAM,KAAK,CAAC;YACrD,MAAM,IAAI,2BAAkB,CAAC,6BAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;CACF,CAAA;AArEY,0CAAe;0BAAf,eAAe;IAD3B,IAAA,mBAAU,GAAE;qCAGU,gBAAS;QACJ,4BAAc;GAH7B,eAAe,CAqE3B"}

package/dist/core/interceptors/request-context.interceptor.d.ts

@@ -0,0 +1,8 @@
+import { NestInterceptor, ExecutionContext, CallHandler } from "@nestjs/common";
+import { Observable } from "rxjs";
+import { RequestInfoService } from "@core/services/request-info.service";
+export declare class RequestContextInterceptor implements NestInterceptor {
+    private requestInfoService;
+    constructor(requestInfoService: RequestInfoService);
+    intercept(context: ExecutionContext, next: CallHandler): Observable<any>;
+}

package/dist/core/interceptors/request-context.interceptor.js

@@ -0,0 +1,39 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RequestContextInterceptor = void 0;
+const common_1 = require("@nestjs/common");
+const request_context_service_1 = require("@core/services/request-context.service");
+const request_info_service_1 = require("@core/services/request-info.service");
+let RequestContextInterceptor = class RequestContextInterceptor {
+    constructor(requestInfoService) {
+        this.requestInfoService = requestInfoService;
+    }
+    intercept(context, next) {
+        const request = context.switchToHttp().getRequest();
+        const user = request.user;
+        const requestInfo = this.requestInfoService.getRequestInfo(request);
+        const requestContext = {
+            user,
+            requestId: request.headers["x-request-id"] ||
+                Math.random().toString(36).substring(7),
+            ipAddress: requestInfo.ipAddress,
+            userAgent: requestInfo.userAgent,
+        };
+        return request_context_service_1.RequestContextService.run(requestContext, () => next.handle());
+    }
+};
+exports.RequestContextInterceptor = RequestContextInterceptor;
+exports.RequestContextInterceptor = RequestContextInterceptor = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [request_info_service_1.RequestInfoService])
+], RequestContextInterceptor);
+//# sourceMappingURL=request-context.interceptor.js.map

package/dist/core/interceptors/request-context.interceptor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"request-context.interceptor.js","sourceRoot":"","sources":["../../../src/core/interceptors/request-context.interceptor.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAKwB;AAExB,oFAA+E;AAC/E,8EAAyE;AAGlE,IAAM,yBAAyB,GAA/B,MAAM,yBAAyB;IACpC,YAAoB,kBAAsC;QAAtC,uBAAkB,GAAlB,kBAAkB,CAAoB;IAAG,CAAC;IAE9D,SAAS,CAAC,OAAyB,EAAE,IAAiB;QACpD,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QACpD,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;QAG1B,MAAM,WAAW,GAAG,IAAI,CAAC,kBAAkB,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QAEpE,MAAM,cAAc,GAAG;YACrB,IAAI;YACJ,SAAS,EACP,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC;gBAC/B,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;YACzC,SAAS,EAAE,WAAW,CAAC,SAAS;YAChC,SAAS,EAAE,WAAW,CAAC,SAAS;SACjC,CAAC;QAEF,OAAO,+CAAqB,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IACxE,CAAC;CACF,CAAA;AArBY,8DAAyB;oCAAzB,yBAAyB;IADrC,IAAA,mBAAU,GAAE;qCAE6B,yCAAkB;GAD/C,yBAAyB,CAqBrC"}

package/dist/core/services/cache.service.d.ts

@@ -0,0 +1,13 @@
+import { OnModuleInit, OnModuleDestroy } from "@nestjs/common";
+export declare class CacheService implements OnModuleInit, OnModuleDestroy {
+    private redis;
+    onModuleInit(): Promise<void>;
+    onModuleDestroy(): Promise<void>;
+    get(key: string): Promise<string | null>;
+    set(key: string, value: string, ttl?: number): Promise<void>;
+    del(key: string): Promise<number>;
+    exists(key: string): Promise<number>;
+    expire(key: string, ttl: number): Promise<number>;
+    keys(pattern: string): Promise<string[]>;
+    flushall(): Promise<string>;
+}

package/dist/core/services/cache.service.js

@@ -0,0 +1,51 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CacheService = void 0;
+const common_1 = require("@nestjs/common");
+const ioredis_1 = require("ioredis");
+const redis_config_1 = require("@config/redis.config");
+let CacheService = class CacheService {
+    async onModuleInit() {
+        this.redis = new ioredis_1.default(redis_config_1.redisConfig);
+    }
+    async onModuleDestroy() {
+        await this.redis.quit();
+    }
+    async get(key) {
+        return this.redis.get(key);
+    }
+    async set(key, value, ttl) {
+        if (ttl) {
+            await this.redis.setex(key, ttl, value);
+        }
+        else {
+            await this.redis.set(key, value);
+        }
+    }
+    async del(key) {
+        return this.redis.del(key);
+    }
+    async exists(key) {
+        return this.redis.exists(key);
+    }
+    async expire(key, ttl) {
+        return this.redis.expire(key, ttl);
+    }
+    async keys(pattern) {
+        return this.redis.keys(pattern);
+    }
+    async flushall() {
+        return this.redis.flushall();
+    }
+};
+exports.CacheService = CacheService;
+exports.CacheService = CacheService = __decorate([
+    (0, common_1.Injectable)()
+], CacheService);
+//# sourceMappingURL=cache.service.js.map

package/dist/core/services/cache.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cache.service.js","sourceRoot":"","sources":["../../../src/core/services/cache.service.ts"],"names":[],"mappings":";;;;;;;;;AAAA,2CAA2E;AAC3E,qCAA4B;AAC5B,uDAAmD;AAG5C,IAAM,YAAY,GAAlB,MAAM,YAAY;IAGvB,KAAK,CAAC,YAAY;QAChB,IAAI,CAAC,KAAK,GAAG,IAAI,iBAAK,CAAC,0BAAW,CAAC,CAAC;IACtC,CAAC;IAED,KAAK,CAAC,eAAe;QACnB,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;IAC1B,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAW;QACnB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,KAAa,EAAE,GAAY;QAChD,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;QAC1C,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAW;QACnB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAChC,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAW,EAAE,GAAW;QACnC,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,OAAe;QACxB,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAClC,CAAC;IAED,KAAK,CAAC,QAAQ;QACZ,OAAO,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;IAC/B,CAAC;CACF,CAAA;AA1CY,oCAAY;uBAAZ,YAAY;IADxB,IAAA,mBAAU,GAAE;GACA,YAAY,CA0CxB"}

package/dist/core/services/cookie.service.d.ts

@@ -0,0 +1,13 @@
+import { Request, Response } from "express";
+export interface ExtractedTokensDto {
+    accessToken?: string;
+    refreshToken?: string;
+}
+export declare class CookieService {
+    private static readonly COOKIE_NAME;
+    private static readonly COOKIE_OPTIONS;
+    static setAuthCookies(res: Response, accessToken: string, refreshToken: string, refreshTokenExpiresAt: Date): void;
+    static clearAuthCookies(res: Response): void;
+    static setRefreshedCookies(res: Response, accessToken: string, refreshToken: string, refreshTokenExpiresAt: Date): void;
+    static extractTokensFromCookie(request: Request): ExtractedTokensDto | undefined;
+}

package/dist/core/services/cookie.service.js

@@ -0,0 +1,50 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CookieService = void 0;
+const cookie_config_1 = require("@config/cookie.config");
+class CookieService {
+    static setAuthCookies(res, accessToken, refreshToken, refreshTokenExpiresAt) {
+        const authData = {
+            accessToken,
+            refreshToken,
+            timestamp: Date.now(),
+            refreshTokenExpiresAt: refreshTokenExpiresAt.getTime(),
+        };
+        const cookieMaxAge = refreshTokenExpiresAt.getTime() - Date.now();
+        res.cookie(this.COOKIE_NAME, JSON.stringify(authData), {
+            ...this.COOKIE_OPTIONS,
+            maxAge: Math.max(cookieMaxAge, 0),
+        });
+    }
+    static clearAuthCookies(res) {
+        res.clearCookie(this.COOKIE_NAME, { path: "/" });
+    }
+    static setRefreshedCookies(res, accessToken, refreshToken, refreshTokenExpiresAt) {
+        this.setAuthCookies(res, accessToken, refreshToken, refreshTokenExpiresAt);
+    }
+    static extractTokensFromCookie(request) {
+        const authCookie = request.cookies?.[this.COOKIE_NAME];
+        if (!authCookie)
+            return undefined;
+        try {
+            const authData = JSON.parse(authCookie);
+            return {
+                accessToken: authData.accessToken,
+                refreshToken: authData.refreshToken,
+            };
+        }
+        catch (error) {
+            console.error("Failed to parse auth cookie:", error);
+            return undefined;
+        }
+    }
+}
+exports.CookieService = CookieService;
+CookieService.COOKIE_NAME = cookie_config_1.cookieConfig.cookieName;
+CookieService.COOKIE_OPTIONS = {
+    httpOnly: true,
+    secure: process.env.NODE_ENV === "production",
+    sameSite: process.env.NODE_ENV === "production" ? "none" : "strict",
+    path: "/",
+};
+//# sourceMappingURL=cookie.service.js.map

package/dist/core/services/cookie.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cookie.service.js","sourceRoot":"","sources":["../../../src/core/services/cookie.service.ts"],"names":[],"mappings":";;;AACA,yDAAqD;AAOrD,MAAa,aAAa;IAaxB,MAAM,CAAC,cAAc,CACnB,GAAa,EACb,WAAmB,EACnB,YAAoB,EACpB,qBAA2B;QAE3B,MAAM,QAAQ,GAAG;YACf,WAAW;YACX,YAAY;YACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,qBAAqB,EAAE,qBAAqB,CAAC,OAAO,EAAE;SACvD,CAAC;QAEF,MAAM,YAAY,GAAG,qBAAqB,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAElE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE;YACrD,GAAG,IAAI,CAAC,cAAc;YACtB,MAAM,EAAE,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,CAAC;SAClC,CAAC,CAAC;IACL,CAAC;IAKD,MAAM,CAAC,gBAAgB,CAAC,GAAa;QACnC,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;IACnD,CAAC;IAKD,MAAM,CAAC,mBAAmB,CACxB,GAAa,EACb,WAAmB,EACnB,YAAoB,EACpB,qBAA2B;QAE3B,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,WAAW,EAAE,YAAY,EAAE,qBAAqB,CAAC,CAAC;IAC7E,CAAC;IAKD,MAAM,CAAC,uBAAuB,CAC5B,OAAgB;QAEhB,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACvD,IAAI,CAAC,UAAU;YAAE,OAAO,SAAS,CAAC;QAElC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YACxC,OAAO;gBACL,WAAW,EAAE,QAAQ,CAAC,WAAW;gBACjC,YAAY,EAAE,QAAQ,CAAC,YAAY;aACpC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;YACrD,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;;AAxEH,sCAyEC;AAxEyB,yBAAW,GAAG,4BAAY,CAAC,UAAU,CAAC;AAEtC,4BAAc,GAAG;IACvC,QAAQ,EAAE,IAAI;IACd,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;IAC7C,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;IACnE,IAAI,EAAE,GAAG;CACD,CAAC"}

package/dist/core/services/jwt.service.d.ts

@@ -0,0 +1,37 @@
+import { JwtService } from "@nestjs/jwt";
+import { SessionService, CurrentUserDto } from "@core/services/session.service";
+export interface JwtTokenData {
+    sub: string | number;
+    sessionId?: string;
+    email?: string;
+}
+export interface JwtValidationResult {
+    isValid: boolean;
+    payload?: JwtTokenData;
+    error?: string;
+}
+export declare class CoreJwtService {
+    private readonly jwtService;
+    private readonly sessionService;
+    constructor(jwtService: JwtService, sessionService: SessionService);
+    createAccessToken(sessionData: CurrentUserDto): Promise<string>;
+    createSimpleAccessToken(userId: string | number, email: string): string;
+    decodeToken(token: string): JwtTokenData | null;
+    verifyToken(token: string): JwtTokenData | null;
+    validateTokenSignature(token: string): JwtValidationResult;
+    isTokenSignatureValid(token: string): boolean;
+    getUserIdFromToken(token: string): string | number | null;
+    getSessionIdFromToken(token: string): string | null;
+    deleteSessionFromToken(token: string): Promise<boolean>;
+    extractTokenFromHeader(request: any): string | null;
+    getTokenExpirationTime(token: string): number | null;
+    isTokenExpired(token: string): boolean;
+    createTokenPayload(userId: string | number, sessionId?: string, email?: string): JwtTokenData;
+    signToken(payload: JwtTokenData): string;
+    createInternalToken(service: string): string;
+    verifyInternalToken(token: string): {
+        service: string;
+    } | null;
+    getCurrentUser(accessToken: string): Promise<CurrentUserDto | null>;
+    getEmailFromToken(token: string): string | null;
+}