npm - @hemia/core - Versions diffs - 0.0.3 → 0.0.4 - Mend

@hemia/core 0.0.3 → 0.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/hemia-core.esm.js +78 -5
package/dist/hemia-core.js +76 -3
package/dist/types/guards/api-key.guard.d.ts +11 -0
package/dist/types/guards/auth.guard.d.ts +4 -0
package/dist/types/guards/index.d.ts +2 -0
package/dist/types/guards/jwt.guard.d.ts +13 -0
package/package.json +4 -3

package/dist/hemia-core.esm.js CHANGED Viewed

@@ -4,7 +4,8 @@ import { METADATA_KEYS, ParamType, isRedirectResponse, ApiResponse } from '@hemi
 import { TRACE_METADATA_KEY } from '@hemia/trace-manager';
 import { traceMiddleware } from '@hemia/app-context';
 import { plainToInstance } from 'class-transformer';
-import { injectable } from 'inversify';
+import { injectable, inject } from 'inversify';
+import { AUTH_SERVICE_ID, AuthService } from '@hemia/auth-sdk';
 class GuardsConsumer {
     /**
@@ -206,6 +207,10 @@ function __decorate(decorators, target, key, desc) {
     return c > 3 && r && Object.defineProperty(target, key, r), r;
 }
+function __param(paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+}
 function __metadata(metadataKey, metadataValue) {
     if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(metadataKey, metadataValue);
 }
@@ -299,6 +304,10 @@ class HemiaFactory {
     }
 }
+/**
+ * Guardia de autorización que verifica roles y permisos definidos en los controladores y métodos.
+ * Utiliza los metadatos definidos con los decoradores @Roles y @Permissions.
+ */
 let AuthGuard = class AuthGuard {
     constructor(reflector) {
         this.reflector = reflector;
@@ -315,17 +324,19 @@ let AuthGuard = class AuthGuard {
         }
         const request = context.switchToHttp().getRequest();
         const user = request.user;
-        if (!user || !user.roles) {
+        const permissions = request.permissions;
+        const contextData = request.context;
+        if (!user) {
             return false;
         }
         if (requiredRoles) {
-            const userRoleNames = user.roles.map((r) => r.name);
+            const userRoleNames = Array.isArray(contextData.roles) ? contextData.roles : [];
             const hasRole = requiredRoles.some((role) => userRoleNames.includes(role));
             if (!hasRole)
                 return false;
         }
         if (requiredPermissions) {
-            const userPermissions = user.roles.flatMap((r) => r.permissions || []);
+            const userPermissions = Array.isArray(permissions) ? permissions : [];
             const hasPermission = requiredPermissions.some((perm) => userPermissions.includes(perm));
             if (!hasPermission)
                 return false;
@@ -338,4 +349,66 @@ AuthGuard = __decorate([
     __metadata("design:paramtypes", [Reflector])
 ], AuthGuard);
-export { AuthGuard, GuardsConsumer, HemiaExecutionContext, HemiaFactory, Reflector, ResponseSerializer, registerRoutes };
+/**
+ * Guardia para validar la presencia y validez de una API Key en las solicitudes entrantes.
+ * La API Key se espera en el encabezado 'x-api-key' o como parámetro de consulta 'api_key'.
+ * Las claves válidas se configuran mediante la variable de entorno 'API_KEY' y pueden ser múltiples, separadas por comas.
+ */
+let ApiKeyGuard = class ApiKeyGuard {
+    constructor() {
+        this.validApiKeys = (process.env.API_KEY || "")
+            .split(",")
+            .map(key => key.trim())
+            .filter(key => !!key);
+    }
+    canActivate(context) {
+        const request = context.switchToHttp().getRequest();
+        const apiKey = request.headers['x-api-key'] || request.query['api_key'];
+        if (!apiKey)
+            return false;
+        return this.validApiKeys.includes(apiKey);
+    }
+};
+ApiKeyGuard = __decorate([
+    injectable(),
+    __metadata("design:paramtypes", [])
+], ApiKeyGuard);
+/**
+ * Guardia para validar y procesar tokens JWT en las solicitudes entrantes.
+ * Extrae el token de sesión del encabezado 'x-session' o de las cookies,
+ * y utiliza el AuthService para validar el token y obtener los datos del usuario.
+ * Si el token es válido, adjunta la información del usuario, permisos y contexto a la solicitud.
+ */
+let JWTGuard = class JWTGuard {
+    constructor(authService) {
+        this.authService = authService;
+    }
+    async canActivate(context) {
+        const request = context.switchToHttp().getRequest();
+        const sessionId = request.headers['x-session'] || request.cookies['x-session'];
+        if (!sessionId) {
+            return false;
+        }
+        try {
+            const accessTokenData = await this.authService.getSessionAccess(sessionId);
+            if (!accessTokenData) {
+                return false;
+            }
+            request.user = accessTokenData.user;
+            request.permissions = accessTokenData.permissions;
+            request.context = accessTokenData.context;
+            return true;
+        }
+        catch (error) {
+            return false;
+        }
+    }
+};
+JWTGuard = __decorate([
+    injectable(),
+    __param(0, inject(AUTH_SERVICE_ID)),
+    __metadata("design:paramtypes", [AuthService])
+], JWTGuard);
+export { ApiKeyGuard, AuthGuard, GuardsConsumer, HemiaExecutionContext, HemiaFactory, JWTGuard, Reflector, ResponseSerializer, registerRoutes };

package/dist/hemia-core.js CHANGED Viewed

@@ -7,6 +7,7 @@ var traceManager = require('@hemia/trace-manager');
 var appContext = require('@hemia/app-context');
 var classTransformer = require('class-transformer');
 var inversify = require('inversify');
+var authSdk = require('@hemia/auth-sdk');
 class GuardsConsumer {
     /**
@@ -208,6 +209,10 @@ function __decorate(decorators, target, key, desc) {
     return c > 3 && r && Object.defineProperty(target, key, r), r;
 }
+function __param(paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+}
 function __metadata(metadataKey, metadataValue) {
     if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(metadataKey, metadataValue);
 }
@@ -301,6 +306,10 @@ class HemiaFactory {
     }
 }
+/**
+ * Guardia de autorización que verifica roles y permisos definidos en los controladores y métodos.
+ * Utiliza los metadatos definidos con los decoradores @Roles y @Permissions.
+ */
 exports.AuthGuard = class AuthGuard {
     constructor(reflector) {
         this.reflector = reflector;
@@ -317,17 +326,19 @@ exports.AuthGuard = class AuthGuard {
         }
         const request = context.switchToHttp().getRequest();
         const user = request.user;
-        if (!user || !user.roles) {
+        const permissions = request.permissions;
+        const contextData = request.context;
+        if (!user) {
             return false;
         }
         if (requiredRoles) {
-            const userRoleNames = user.roles.map((r) => r.name);
+            const userRoleNames = Array.isArray(contextData.roles) ? contextData.roles : [];
             const hasRole = requiredRoles.some((role) => userRoleNames.includes(role));
             if (!hasRole)
                 return false;
         }
         if (requiredPermissions) {
-            const userPermissions = user.roles.flatMap((r) => r.permissions || []);
+            const userPermissions = Array.isArray(permissions) ? permissions : [];
             const hasPermission = requiredPermissions.some((perm) => userPermissions.includes(perm));
             if (!hasPermission)
                 return false;
@@ -340,6 +351,68 @@ exports.AuthGuard = __decorate([
     __metadata("design:paramtypes", [exports.Reflector])
 ], exports.AuthGuard);
+/**
+ * Guardia para validar la presencia y validez de una API Key en las solicitudes entrantes.
+ * La API Key se espera en el encabezado 'x-api-key' o como parámetro de consulta 'api_key'.
+ * Las claves válidas se configuran mediante la variable de entorno 'API_KEY' y pueden ser múltiples, separadas por comas.
+ */
+exports.ApiKeyGuard = class ApiKeyGuard {
+    constructor() {
+        this.validApiKeys = (process.env.API_KEY || "")
+            .split(",")
+            .map(key => key.trim())
+            .filter(key => !!key);
+    }
+    canActivate(context) {
+        const request = context.switchToHttp().getRequest();
+        const apiKey = request.headers['x-api-key'] || request.query['api_key'];
+        if (!apiKey)
+            return false;
+        return this.validApiKeys.includes(apiKey);
+    }
+};
+exports.ApiKeyGuard = __decorate([
+    inversify.injectable(),
+    __metadata("design:paramtypes", [])
+], exports.ApiKeyGuard);
+/**
+ * Guardia para validar y procesar tokens JWT en las solicitudes entrantes.
+ * Extrae el token de sesión del encabezado 'x-session' o de las cookies,
+ * y utiliza el AuthService para validar el token y obtener los datos del usuario.
+ * Si el token es válido, adjunta la información del usuario, permisos y contexto a la solicitud.
+ */
+exports.JWTGuard = class JWTGuard {
+    constructor(authService) {
+        this.authService = authService;
+    }
+    async canActivate(context) {
+        const request = context.switchToHttp().getRequest();
+        const sessionId = request.headers['x-session'] || request.cookies['x-session'];
+        if (!sessionId) {
+            return false;
+        }
+        try {
+            const accessTokenData = await this.authService.getSessionAccess(sessionId);
+            if (!accessTokenData) {
+                return false;
+            }
+            request.user = accessTokenData.user;
+            request.permissions = accessTokenData.permissions;
+            request.context = accessTokenData.context;
+            return true;
+        }
+        catch (error) {
+            return false;
+        }
+    }
+};
+exports.JWTGuard = __decorate([
+    inversify.injectable(),
+    __param(0, inversify.inject(authSdk.AUTH_SERVICE_ID)),
+    __metadata("design:paramtypes", [authSdk.AuthService])
+], exports.JWTGuard);
 exports.GuardsConsumer = GuardsConsumer;
 exports.HemiaExecutionContext = HemiaExecutionContext;
 exports.HemiaFactory = HemiaFactory;

package/dist/types/guards/api-key.guard.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { CanActivate, ExecutionContext } from "@hemia/common";
+/**
+ * Guardia para validar la presencia y validez de una API Key en las solicitudes entrantes.
+ * La API Key se espera en el encabezado 'x-api-key' o como parámetro de consulta 'api_key'.
+ * Las claves válidas se configuran mediante la variable de entorno 'API_KEY' y pueden ser múltiples, separadas por comas.
+ */
+export declare class ApiKeyGuard implements CanActivate {
+    private readonly validApiKeys;
+    constructor();
+    canActivate(context: ExecutionContext): boolean;
+}

package/dist/types/guards/auth.guard.d.ts CHANGED Viewed

@@ -1,5 +1,9 @@
 import { CanActivate, ExecutionContext } from '@hemia/common';
 import { Reflector } from '../services';
+/**
+ * Guardia de autorización que verifica roles y permisos definidos en los controladores y métodos.
+ * Utiliza los metadatos definidos con los decoradores @Roles y @Permissions.
+ */
 export declare class AuthGuard implements CanActivate {
     private reflector;
     constructor(reflector: Reflector);

package/dist/types/guards/index.d.ts CHANGED Viewed

@@ -1,2 +1,4 @@
 export * from "./auth.guard";
 export * from "./guards-consumer";
+export * from "./api-key.guard";
+export * from "./jwt.guard";

package/dist/types/guards/jwt.guard.d.ts ADDED Viewed

@@ -0,0 +1,13 @@
+import { CanActivate, ExecutionContext } from "@hemia/common";
+import { AuthService } from "@hemia/auth-sdk";
+/**
+ * Guardia para validar y procesar tokens JWT en las solicitudes entrantes.
+ * Extrae el token de sesión del encabezado 'x-session' o de las cookies,
+ * y utiliza el AuthService para validar el token y obtener los datos del usuario.
+ * Si el token es válido, adjunta la información del usuario, permisos y contexto a la solicitud.
+ */
+export declare class JWTGuard implements CanActivate {
+    private readonly authService;
+    constructor(authService: AuthService);
+    canActivate(context: ExecutionContext): Promise<boolean>;
+}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@hemia/core",
-  "version": "0.0.3",
+  "version": "0.0.4",
   "description": "Core utilities for Hemia projects",
   "main": "dist/hemia-core.js",
   "module": "dist/hemia-core.esm.js",
@@ -17,9 +17,10 @@
     "@rollup/plugin-commonjs": "^26.0.1",
     "@rollup/plugin-json": "^6.1.0",
     "@rollup/plugin-node-resolve": "^15.2.3",
-    "@hemia/common": "^0.0.4",
+    "@hemia/common": "^0.0.5",
     "@hemia/app-context": "^0.0.6",
     "@hemia/trace-manager": "^0.0.9",
+    "@hemia/auth-sdk": "^0.0.9",
     "@types/express": "^5.0.5",
     "express": "^5.1.0",
     "inversify": "^7.10.4",
@@ -45,6 +46,6 @@
     "class-transformer": "^0.5.1",
     "express": "^5.0.0",
     "inversify": "^7.0.0",
-    "reflect-metadata": "^0.1.13"
+    "reflect-metadata": "^0.2.2"
   }
 }