@lenne.tech/nest-server 11.10.1 → 11.10.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/config.env.js +16 -133
- package/dist/config.env.js.map +1 -1
- package/dist/core/common/interfaces/server-options.interface.d.ts +4 -0
- package/dist/core/modules/auth/guards/auth.guard.d.ts +2 -2
- package/dist/core/modules/auth/guards/auth.guard.js +68 -8
- package/dist/core/modules/auth/guards/auth.guard.js.map +1 -1
- package/dist/core/modules/auth/guards/roles.guard.d.ts +3 -4
- package/dist/core/modules/auth/guards/roles.guard.js +64 -159
- package/dist/core/modules/auth/guards/roles.guard.js.map +1 -1
- package/dist/core/modules/better-auth/better-auth-token.service.d.ts +21 -0
- package/dist/core/modules/better-auth/better-auth-token.service.js +153 -0
- package/dist/core/modules/better-auth/better-auth-token.service.js.map +1 -0
- package/dist/core/modules/better-auth/better-auth.config.d.ts +3 -0
- package/dist/core/modules/better-auth/better-auth.config.js +176 -47
- package/dist/core/modules/better-auth/better-auth.config.js.map +1 -1
- package/dist/core/modules/better-auth/better-auth.types.d.ts +13 -0
- package/dist/core/modules/better-auth/better-auth.types.js.map +1 -1
- package/dist/core/modules/better-auth/core-better-auth-api.middleware.d.ts +5 -1
- package/dist/core/modules/better-auth/core-better-auth-api.middleware.js +101 -8
- package/dist/core/modules/better-auth/core-better-auth-api.middleware.js.map +1 -1
- package/dist/core/modules/better-auth/core-better-auth-challenge.service.d.ts +20 -0
- package/dist/core/modules/better-auth/core-better-auth-challenge.service.js +142 -0
- package/dist/core/modules/better-auth/core-better-auth-challenge.service.js.map +1 -0
- package/dist/core/modules/better-auth/core-better-auth-user.mapper.js +1 -1
- package/dist/core/modules/better-auth/core-better-auth-user.mapper.js.map +1 -1
- package/dist/core/modules/better-auth/core-better-auth-web.helper.d.ts +2 -0
- package/dist/core/modules/better-auth/core-better-auth-web.helper.js +29 -1
- package/dist/core/modules/better-auth/core-better-auth-web.helper.js.map +1 -1
- package/dist/core/modules/better-auth/core-better-auth.controller.js +5 -13
- package/dist/core/modules/better-auth/core-better-auth.controller.js.map +1 -1
- package/dist/core/modules/better-auth/core-better-auth.middleware.d.ts +0 -1
- package/dist/core/modules/better-auth/core-better-auth.middleware.js +6 -19
- package/dist/core/modules/better-auth/core-better-auth.middleware.js.map +1 -1
- package/dist/core/modules/better-auth/core-better-auth.module.d.ts +6 -1
- package/dist/core/modules/better-auth/core-better-auth.module.js +82 -19
- package/dist/core/modules/better-auth/core-better-auth.module.js.map +1 -1
- package/dist/core/modules/better-auth/core-better-auth.resolver.js +7 -6
- package/dist/core/modules/better-auth/core-better-auth.resolver.js.map +1 -1
- package/dist/core/modules/better-auth/core-better-auth.service.d.ts +1 -2
- package/dist/core/modules/better-auth/core-better-auth.service.js +27 -37
- package/dist/core/modules/better-auth/core-better-auth.service.js.map +1 -1
- package/dist/core/modules/better-auth/index.d.ts +1 -0
- package/dist/core/modules/better-auth/index.js +1 -0
- package/dist/core/modules/better-auth/index.js.map +1 -1
- package/dist/core.module.js +4 -0
- package/dist/core.module.js.map +1 -1
- package/dist/server/modules/better-auth/better-auth.module.d.ts +4 -1
- package/dist/server/modules/better-auth/better-auth.module.js +4 -1
- package/dist/server/modules/better-auth/better-auth.module.js.map +1 -1
- package/dist/server/server.module.js +1 -4
- package/dist/server/server.module.js.map +1 -1
- package/dist/tsconfig.build.tsbuildinfo +1 -1
- package/package.json +1 -1
- package/src/config.env.ts +24 -174
- package/src/core/common/interfaces/server-options.interface.ts +288 -35
- package/src/core/modules/auth/guards/auth.guard.ts +136 -23
- package/src/core/modules/auth/guards/roles.guard.ts +119 -239
- package/src/core/modules/better-auth/INTEGRATION-CHECKLIST.md +82 -56
- package/src/core/modules/better-auth/README.md +132 -35
- package/src/core/modules/better-auth/better-auth-token.service.ts +241 -0
- package/src/core/modules/better-auth/better-auth.config.ts +402 -70
- package/src/core/modules/better-auth/better-auth.types.ts +37 -0
- package/src/core/modules/better-auth/core-better-auth-api.middleware.ts +158 -18
- package/src/core/modules/better-auth/core-better-auth-challenge.service.ts +254 -0
- package/src/core/modules/better-auth/core-better-auth-user.mapper.ts +1 -1
- package/src/core/modules/better-auth/core-better-auth-web.helper.ts +64 -1
- package/src/core/modules/better-auth/core-better-auth.controller.ts +7 -15
- package/src/core/modules/better-auth/core-better-auth.middleware.ts +7 -20
- package/src/core/modules/better-auth/core-better-auth.module.ts +182 -25
- package/src/core/modules/better-auth/core-better-auth.resolver.ts +8 -7
- package/src/core/modules/better-auth/core-better-auth.service.ts +40 -48
- package/src/core/modules/better-auth/index.ts +1 -0
- package/src/core.module.ts +8 -0
- package/src/server/modules/better-auth/better-auth.module.ts +40 -10
- package/src/server/server.module.ts +2 -4
|
@@ -17,10 +17,9 @@ exports.RolesGuard = void 0;
|
|
|
17
17
|
const common_1 = require("@nestjs/common");
|
|
18
18
|
const core_1 = require("@nestjs/core");
|
|
19
19
|
const graphql_1 = require("@nestjs/graphql");
|
|
20
|
-
const mongoose_1 = require("@nestjs/mongoose");
|
|
21
|
-
const mongoose_2 = require("mongoose");
|
|
22
20
|
const rxjs_1 = require("rxjs");
|
|
23
21
|
const role_enum_1 = require("../../../common/enums/role.enum");
|
|
22
|
+
const better_auth_token_service_1 = require("../../better-auth/better-auth-token.service");
|
|
24
23
|
const core_better_auth_service_1 = require("../../better-auth/core-better-auth.service");
|
|
25
24
|
const error_code_1 = require("../../error-code");
|
|
26
25
|
const auth_guard_strategy_enum_1 = require("../auth-guard-strategy.enum");
|
|
@@ -34,7 +33,7 @@ let RolesGuard = RolesGuard_1 = class RolesGuard extends (0, auth_guard_1.AuthGu
|
|
|
34
33
|
this.moduleRef = moduleRef;
|
|
35
34
|
this.logger = new common_1.Logger(RolesGuard_1.name);
|
|
36
35
|
this.betterAuthService = null;
|
|
37
|
-
this.
|
|
36
|
+
this.tokenService = null;
|
|
38
37
|
this.servicesResolved = false;
|
|
39
38
|
}
|
|
40
39
|
resolveServices() {
|
|
@@ -47,198 +46,104 @@ let RolesGuard = RolesGuard_1 = class RolesGuard extends (0, auth_guard_1.AuthGu
|
|
|
47
46
|
catch {
|
|
48
47
|
}
|
|
49
48
|
try {
|
|
50
|
-
this.
|
|
49
|
+
this.tokenService = this.moduleRef.get(better_auth_token_service_1.BetterAuthTokenService, { strict: false });
|
|
51
50
|
}
|
|
52
51
|
catch {
|
|
53
52
|
}
|
|
54
53
|
this.servicesResolved = true;
|
|
55
54
|
}
|
|
56
55
|
async canActivate(context) {
|
|
56
|
+
const reflectorRoles = this.reflector.getAll('roles', [context.getHandler(), context.getClass()]);
|
|
57
|
+
const roles = reflectorRoles[0]
|
|
58
|
+
? reflectorRoles[1]
|
|
59
|
+
? [...reflectorRoles[0], ...reflectorRoles[1]]
|
|
60
|
+
: reflectorRoles[0]
|
|
61
|
+
: reflectorRoles[1];
|
|
62
|
+
if (roles && roles.includes(role_enum_1.RoleEnum.S_NO_ONE)) {
|
|
63
|
+
throw new common_1.UnauthorizedException(error_code_1.ErrorCode.UNAUTHORIZED);
|
|
64
|
+
}
|
|
65
|
+
if (!roles || !roles.some((value) => !!value) || roles.includes(role_enum_1.RoleEnum.S_EVERYONE)) {
|
|
66
|
+
return true;
|
|
67
|
+
}
|
|
57
68
|
this.resolveServices();
|
|
69
|
+
const request = this.getRequest(context);
|
|
70
|
+
const existingUser = request?.user;
|
|
71
|
+
if (existingUser && existingUser._authenticatedViaBetterAuth === true) {
|
|
72
|
+
this.handleRequest(null, existingUser, null, context);
|
|
73
|
+
return true;
|
|
74
|
+
}
|
|
75
|
+
if (this.betterAuthService?.isEnabled()) {
|
|
76
|
+
const user = await this.verifyBetterAuthTokenFromContext(context);
|
|
77
|
+
if (user) {
|
|
78
|
+
if (request) {
|
|
79
|
+
request.user = user;
|
|
80
|
+
}
|
|
81
|
+
this.handleRequest(null, user, null, context);
|
|
82
|
+
return true;
|
|
83
|
+
}
|
|
84
|
+
}
|
|
58
85
|
try {
|
|
59
86
|
const result = super.canActivate(context);
|
|
60
87
|
return (0, rxjs_1.isObservable)(result) ? await (0, rxjs_1.firstValueFrom)(result) : await result;
|
|
61
88
|
}
|
|
62
89
|
catch (passportError) {
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
90
|
+
const errorMessage = passportError instanceof Error ? passportError.message : String(passportError);
|
|
91
|
+
const isStrategyError = errorMessage.includes('Unknown authentication strategy');
|
|
92
|
+
if (this.betterAuthService?.isEnabled()) {
|
|
93
|
+
if (isStrategyError) {
|
|
94
|
+
throw new invalid_token_exception_1.InvalidTokenException();
|
|
95
|
+
}
|
|
96
|
+
const user = await this.verifyBetterAuthTokenFromContext(context);
|
|
97
|
+
if (user) {
|
|
98
|
+
if (request) {
|
|
99
|
+
request.user = user;
|
|
100
|
+
}
|
|
101
|
+
this.handleRequest(null, user, null, context);
|
|
102
|
+
return true;
|
|
103
|
+
}
|
|
73
104
|
}
|
|
74
|
-
|
|
75
|
-
return true;
|
|
105
|
+
throw passportError;
|
|
76
106
|
}
|
|
77
107
|
}
|
|
78
108
|
async verifyBetterAuthTokenFromContext(context) {
|
|
79
|
-
if (!this.
|
|
109
|
+
if (!this.tokenService) {
|
|
80
110
|
return null;
|
|
81
111
|
}
|
|
82
112
|
try {
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
const ctx = gqlContext.getContext();
|
|
87
|
-
if (ctx?.req?.headers) {
|
|
88
|
-
authHeader = ctx.req.headers.authorization || ctx.req.headers.Authorization;
|
|
89
|
-
}
|
|
90
|
-
}
|
|
91
|
-
catch {
|
|
92
|
-
}
|
|
93
|
-
if (!authHeader) {
|
|
94
|
-
try {
|
|
95
|
-
const httpRequest = context.switchToHttp().getRequest();
|
|
96
|
-
if (httpRequest?.headers) {
|
|
97
|
-
authHeader = httpRequest.headers.authorization || httpRequest.headers.Authorization;
|
|
98
|
-
}
|
|
99
|
-
}
|
|
100
|
-
catch {
|
|
101
|
-
}
|
|
102
|
-
}
|
|
103
|
-
let token;
|
|
104
|
-
if (authHeader?.startsWith('Bearer ')) {
|
|
105
|
-
token = authHeader.substring(7);
|
|
106
|
-
}
|
|
107
|
-
else if (authHeader?.startsWith('bearer ')) {
|
|
108
|
-
token = authHeader.substring(7);
|
|
109
|
-
}
|
|
110
|
-
if (!token) {
|
|
111
|
-
let cookies;
|
|
112
|
-
try {
|
|
113
|
-
const gqlContext = graphql_1.GqlExecutionContext.create(context);
|
|
114
|
-
const ctx = gqlContext.getContext();
|
|
115
|
-
if (ctx?.req?.cookies) {
|
|
116
|
-
cookies = ctx.req.cookies;
|
|
117
|
-
}
|
|
118
|
-
}
|
|
119
|
-
catch {
|
|
120
|
-
}
|
|
121
|
-
if (!cookies) {
|
|
122
|
-
try {
|
|
123
|
-
const httpRequest = context.switchToHttp().getRequest();
|
|
124
|
-
if (httpRequest?.cookies) {
|
|
125
|
-
cookies = httpRequest.cookies;
|
|
126
|
-
}
|
|
127
|
-
}
|
|
128
|
-
catch {
|
|
129
|
-
}
|
|
130
|
-
}
|
|
131
|
-
if (cookies) {
|
|
132
|
-
const basePath = this.betterAuthService.getBasePath?.()?.replace(/^\//, '').replace(/\//g, '.') || 'iam';
|
|
133
|
-
const basePathCookie = `${basePath}.session_token`;
|
|
134
|
-
token =
|
|
135
|
-
cookies[basePathCookie] ||
|
|
136
|
-
cookies['better-auth.session_token'] ||
|
|
137
|
-
cookies['token'] ||
|
|
138
|
-
undefined;
|
|
139
|
-
}
|
|
113
|
+
const request = this.extractRequestFromContext(context);
|
|
114
|
+
if (!request) {
|
|
115
|
+
return null;
|
|
140
116
|
}
|
|
117
|
+
const { token } = this.tokenService.extractTokenFromRequest(request);
|
|
141
118
|
if (!token) {
|
|
142
119
|
return null;
|
|
143
120
|
}
|
|
144
|
-
|
|
145
|
-
try {
|
|
146
|
-
const payload = await this.betterAuthService.verifyJwtToken(token);
|
|
147
|
-
if (payload?.sub) {
|
|
148
|
-
const user = await this.loadUserFromPayload(payload);
|
|
149
|
-
if (user) {
|
|
150
|
-
return user;
|
|
151
|
-
}
|
|
152
|
-
}
|
|
153
|
-
}
|
|
154
|
-
catch {
|
|
155
|
-
}
|
|
156
|
-
}
|
|
157
|
-
try {
|
|
158
|
-
const sessionResult = await this.betterAuthService.getSessionByToken(token);
|
|
159
|
-
if (sessionResult?.user) {
|
|
160
|
-
return this.loadUserFromSessionResult(sessionResult.user);
|
|
161
|
-
}
|
|
162
|
-
}
|
|
163
|
-
catch {
|
|
164
|
-
}
|
|
165
|
-
return null;
|
|
121
|
+
return await this.tokenService.verifyAndLoadUser(token);
|
|
166
122
|
}
|
|
167
123
|
catch (error) {
|
|
168
|
-
this.logger.debug(`BetterAuth token
|
|
124
|
+
this.logger.debug(`BetterAuth token verification failed: ${error instanceof Error ? error.message : 'Unknown error'}`);
|
|
169
125
|
return null;
|
|
170
126
|
}
|
|
171
127
|
}
|
|
172
|
-
|
|
173
|
-
if (!this.mongoConnection) {
|
|
174
|
-
return null;
|
|
175
|
-
}
|
|
128
|
+
extractRequestFromContext(context) {
|
|
176
129
|
try {
|
|
177
|
-
const
|
|
178
|
-
|
|
179
|
-
if (
|
|
180
|
-
|
|
181
|
-
}
|
|
182
|
-
if (!user) {
|
|
183
|
-
user = await usersCollection.findOne({ iamId: payload.sub });
|
|
130
|
+
const gqlContext = graphql_1.GqlExecutionContext.create(context);
|
|
131
|
+
const ctx = gqlContext.getContext();
|
|
132
|
+
if (ctx?.req) {
|
|
133
|
+
return ctx.req;
|
|
184
134
|
}
|
|
185
|
-
if (!user) {
|
|
186
|
-
return null;
|
|
187
|
-
}
|
|
188
|
-
const userObject = {
|
|
189
|
-
...user,
|
|
190
|
-
_authenticatedViaBetterAuth: true,
|
|
191
|
-
hasRole: (roles) => {
|
|
192
|
-
if (!user.roles || !Array.isArray(user.roles)) {
|
|
193
|
-
return false;
|
|
194
|
-
}
|
|
195
|
-
return roles.some((role) => user.roles.includes(role));
|
|
196
|
-
},
|
|
197
|
-
id: user._id?.toString(),
|
|
198
|
-
};
|
|
199
|
-
return userObject;
|
|
200
135
|
}
|
|
201
|
-
catch
|
|
202
|
-
this.logger.debug(`Failed to load user from payload: ${error instanceof Error ? error.message : 'Unknown error'}`);
|
|
203
|
-
return null;
|
|
204
|
-
}
|
|
205
|
-
}
|
|
206
|
-
async loadUserFromSessionResult(sessionUser) {
|
|
207
|
-
if (!this.mongoConnection || !sessionUser) {
|
|
208
|
-
return null;
|
|
136
|
+
catch {
|
|
209
137
|
}
|
|
210
138
|
try {
|
|
211
|
-
const
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
user = await usersCollection.findOne({ email: sessionUser.email });
|
|
139
|
+
const httpRequest = context.switchToHttp().getRequest();
|
|
140
|
+
if (httpRequest) {
|
|
141
|
+
return httpRequest;
|
|
215
142
|
}
|
|
216
|
-
if (!user && sessionUser.id) {
|
|
217
|
-
user = await usersCollection.findOne({ iamId: sessionUser.id });
|
|
218
|
-
}
|
|
219
|
-
if (!user && sessionUser.id && mongoose_2.Types.ObjectId.isValid(sessionUser.id)) {
|
|
220
|
-
user = await usersCollection.findOne({ _id: new mongoose_2.Types.ObjectId(sessionUser.id) });
|
|
221
|
-
}
|
|
222
|
-
if (!user) {
|
|
223
|
-
return null;
|
|
224
|
-
}
|
|
225
|
-
const userObject = {
|
|
226
|
-
...user,
|
|
227
|
-
_authenticatedViaBetterAuth: true,
|
|
228
|
-
hasRole: (roles) => {
|
|
229
|
-
if (!user.roles || !Array.isArray(user.roles)) {
|
|
230
|
-
return false;
|
|
231
|
-
}
|
|
232
|
-
return roles.some((role) => user.roles.includes(role));
|
|
233
|
-
},
|
|
234
|
-
id: user._id?.toString(),
|
|
235
|
-
};
|
|
236
|
-
return userObject;
|
|
237
143
|
}
|
|
238
|
-
catch
|
|
239
|
-
this.logger.debug(`Failed to load user from session: ${error instanceof Error ? error.message : 'Unknown error'}`);
|
|
240
|
-
return null;
|
|
144
|
+
catch {
|
|
241
145
|
}
|
|
146
|
+
return null;
|
|
242
147
|
}
|
|
243
148
|
handleRequest(err, user, info, context) {
|
|
244
149
|
const reflectorRoles = this.reflector.getAll('roles', [context.getHandler(), context.getClass()]);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"roles.guard.js","sourceRoot":"","sources":["../../../../../src/core/modules/auth/guards/roles.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAA2H;AAC3H,uCAAoD;AACpD,6CAAsD;AACtD,+
|
|
1
|
+
{"version":3,"file":"roles.guard.js","sourceRoot":"","sources":["../../../../../src/core/modules/auth/guards/roles.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAA2H;AAC3H,uCAAoD;AACpD,6CAAsD;AACtD,+BAAoD;AAEpD,+DAA2D;AAC3D,2FAAqF;AAErF,yFAAmF;AACnF,iDAA6C;AAC7C,0EAAgE;AAChE,mFAA8E;AAC9E,mFAA8E;AAC9E,6CAAyC;AAuBlC,IAAM,UAAU,kBAAhB,MAAM,UAAW,SAAQ,IAAA,sBAAS,EAAC,4CAAiB,CAAC,GAAG,CAAC;IAS9D,YACqB,SAAoB,EAC3B,SAAsC;QAElD,KAAK,EAAE,CAAC;QAHW,cAAS,GAAT,SAAS,CAAW;QACV,cAAS,GAAT,SAAS,CAAY;QAVnC,WAAM,GAAG,IAAI,eAAM,CAAC,YAAU,CAAC,IAAI,CAAC,CAAC;QAC9C,sBAAiB,GAAiC,IAAI,CAAC;QACvD,iBAAY,GAAkC,IAAI,CAAC;QACnD,qBAAgB,GAAG,KAAK,CAAC;IAUjC,CAAC;IAKO,eAAe;QACrB,IAAI,IAAI,CAAC,gBAAgB,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YAC7C,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,gDAAqB,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACxF,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QAED,IAAI,CAAC;YACH,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,kDAAsB,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACpF,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QAED,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC;IAC/B,CAAC;IAcQ,KAAK,CAAC,WAAW,CAAC,OAAyB;QAElD,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAa,OAAO,EAAE,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC9G,MAAM,KAAK,GAAa,cAAc,CAAC,CAAC,CAAC;YACvC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC;gBACjB,CAAC,CAAC,CAAC,GAAG,cAAc,CAAC,CAAC,CAAC,EAAE,GAAG,cAAc,CAAC,CAAC,CAAC,CAAC;gBAC9C,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC;YACrB,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;QAGtB,IAAI,KAAK,IAAI,KAAK,CAAC,QAAQ,CAAC,oBAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC/C,MAAM,IAAI,8BAAqB,CAAC,sBAAS,CAAC,YAAY,CAAC,CAAC;QAC1D,CAAC;QAID,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,oBAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YACrF,OAAO,IAAI,CAAC;QACd,CAAC;QAGD,IAAI,CAAC,eAAe,EAAE,CAAC;QAGvB,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QACzC,MAAM,YAAY,GAAG,OAAO,EAAE,IAAI,CAAC;QAGnC,IAAI,YAAY,IAAI,YAAY,CAAC,2BAA2B,KAAK,IAAI,EAAE,CAAC;YACtE,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;YACtD,OAAO,IAAI,CAAC;QACd,CAAC;QAID,IAAI,IAAI,CAAC,iBAAiB,EAAE,SAAS,EAAE,EAAE,CAAC;YACxC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,gCAAgC,CAAC,OAAO,CAAC,CAAC;YAClE,IAAI,IAAI,EAAE,CAAC;gBAET,IAAI,OAAO,EAAE,CAAC;oBACZ,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;gBACtB,CAAC;gBAED,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;gBAC9C,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAGD,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;YAC1C,OAAO,IAAA,mBAAY,EAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,IAAA,qBAAc,EAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,MAAM,CAAC;QAC5E,CAAC;QAAC,OAAO,aAAa,EAAE,CAAC;YAGvB,MAAM,YAAY,GAAG,aAAa,YAAY,KAAK,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;YACpG,MAAM,eAAe,GAAG,YAAY,CAAC,QAAQ,CAAC,iCAAiC,CAAC,CAAC;YAGjF,IAAI,IAAI,CAAC,iBAAiB,EAAE,SAAS,EAAE,EAAE,CAAC;gBAGxC,IAAI,eAAe,EAAE,CAAC;oBACpB,MAAM,IAAI,+CAAqB,EAAE,CAAC;gBACpC,CAAC;gBAGD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,gCAAgC,CAAC,OAAO,CAAC,CAAC;gBAClE,IAAI,IAAI,EAAE,CAAC;oBACT,IAAI,OAAO,EAAE,CAAC;wBACZ,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;oBACtB,CAAC;oBACD,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;oBAC9C,OAAO,IAAI,CAAC;gBACd,CAAC;YACH,CAAC;YAGD,MAAM,aAAa,CAAC;QACtB,CAAC;IACH,CAAC;IAWO,KAAK,CAAC,gCAAgC,CAAC,OAAyB;QACtE,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YAEH,MAAM,OAAO,GAAG,IAAI,CAAC,yBAAyB,CAAC,OAAO,CAAC,CAAC;YACxD,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,IAAI,CAAC;YACd,CAAC;YAGD,MAAM,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC,YAAY,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAC;YACrE,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,IAAI,CAAC;YACd,CAAC;YAGD,OAAO,MAAM,IAAI,CAAC,YAAY,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;QAC1D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,yCAAyC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CACpG,CAAC;YACF,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IASO,yBAAyB,CAAC,OAAyB;QAKzD,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,6BAAmB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACvD,MAAM,GAAG,GAAG,UAAU,CAAC,UAAU,EAAE,CAAC;YACpC,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC;gBACb,OAAO,GAAG,CAAC,GAAG,CAAC;YACjB,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QAGD,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;YACxD,IAAI,WAAW,EAAE,CAAC;gBAChB,OAAO,WAAW,CAAC;YACrB,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAKQ,aAAa,CAAC,GAAiB,EAAE,IAAS,EAAE,IAAS,EAAE,OAAyB;QAEvF,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAa,OAAO,EAAE,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC9G,MAAM,KAAK,GAAa,cAAc,CAAC,CAAC,CAAC;YACvC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC;gBACjB,CAAC,CAAC,CAAC,GAAG,cAAc,CAAC,CAAC,CAAC,EAAE,GAAG,cAAc,CAAC,CAAC,CAAC,CAAC;gBAC9C,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC;YACrB,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;QAGtB,IAAI,KAAK,IAAI,KAAK,CAAC,QAAQ,CAAC,oBAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC/C,MAAM,IAAI,8BAAqB,CAAC,sBAAS,CAAC,YAAY,CAAC,CAAC;QAC1D,CAAC;QAGD,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9C,OAAO,IAAI,CAAC;QACd,CAAC;QAGD,IAAI,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC;YAE5B,IAAI,CAAC,IAAI,IAAI,KAAK,CAAC,QAAQ,CAAC,oBAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,oBAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBACrF,OAAO,IAAI,CAAC;YACd,CAAC;YAGD,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,IAAI,GAAG,EAAE,CAAC;oBACR,MAAM,IAAI,+CAAqB,EAAE,CAAC;gBACpC,CAAC;gBACD,IAAI,IAAI,EAAE,IAAI,KAAK,mBAAmB,EAAE,CAAC;oBACvC,MAAM,IAAI,+CAAqB,EAAE,CAAC;gBACpC,CAAC;gBACD,MAAM,IAAI,8BAAqB,CAAC,sBAAS,CAAC,YAAY,CAAC,CAAC;YAC1D,CAAC;YAGD,MAAM,IAAI,2BAAkB,CAAC,sBAAS,CAAC,aAAa,CAAC,CAAC;QACxD,CAAC;QAGD,OAAO,IAAI,CAAC;IACd,CAAC;IAKD,UAAU,CAAC,OAAyB;QAClC,MAAM,GAAG,GAAG,6BAAmB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAChD,OAAO,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;IACvF,CAAC;CACF,CAAA;AApQY,gCAAU;qBAAV,UAAU;IADtB,IAAA,mBAAU,GAAE;IAYR,WAAA,IAAA,iBAAQ,GAAE,CAAA;qCADmB,gBAAS;QACE,gBAAS;GAXzC,UAAU,CAoQtB"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import { Connection } from 'mongoose';
|
|
2
|
+
import { BetterAuthenticatedUser } from './better-auth.types';
|
|
3
|
+
import { CoreBetterAuthService } from './core-better-auth.service';
|
|
4
|
+
export interface TokenExtractionResult {
|
|
5
|
+
source: 'cookie' | 'header' | null;
|
|
6
|
+
token: null | string;
|
|
7
|
+
}
|
|
8
|
+
export declare class BetterAuthTokenService {
|
|
9
|
+
private readonly betterAuthService?;
|
|
10
|
+
private readonly connection?;
|
|
11
|
+
private readonly logger;
|
|
12
|
+
constructor(betterAuthService?: CoreBetterAuthService, connection?: Connection);
|
|
13
|
+
extractTokenFromRequest(request: {
|
|
14
|
+
cookies?: Record<string, string>;
|
|
15
|
+
headers?: Record<string, string | string[] | undefined>;
|
|
16
|
+
}): TokenExtractionResult;
|
|
17
|
+
verifyAndLoadUser(token: string): Promise<BetterAuthenticatedUser | null>;
|
|
18
|
+
createUserWithHasRole(user: Record<string, unknown>): BetterAuthenticatedUser;
|
|
19
|
+
private loadUserFromPayload;
|
|
20
|
+
private loadUserFromSessionResult;
|
|
21
|
+
}
|
|
@@ -0,0 +1,153 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
12
|
+
return function (target, key) { decorator(target, key, paramIndex); }
|
|
13
|
+
};
|
|
14
|
+
var BetterAuthTokenService_1;
|
|
15
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
16
|
+
exports.BetterAuthTokenService = void 0;
|
|
17
|
+
const common_1 = require("@nestjs/common");
|
|
18
|
+
const mongoose_1 = require("@nestjs/mongoose");
|
|
19
|
+
const mongoose_2 = require("mongoose");
|
|
20
|
+
const core_better_auth_service_1 = require("./core-better-auth.service");
|
|
21
|
+
let BetterAuthTokenService = BetterAuthTokenService_1 = class BetterAuthTokenService {
|
|
22
|
+
constructor(betterAuthService, connection) {
|
|
23
|
+
this.betterAuthService = betterAuthService;
|
|
24
|
+
this.connection = connection;
|
|
25
|
+
this.logger = new common_1.Logger(BetterAuthTokenService_1.name);
|
|
26
|
+
}
|
|
27
|
+
extractTokenFromRequest(request) {
|
|
28
|
+
const authHeader = request.headers?.authorization || request.headers?.Authorization;
|
|
29
|
+
const headerValue = Array.isArray(authHeader) ? authHeader[0] : authHeader;
|
|
30
|
+
if (headerValue) {
|
|
31
|
+
if (headerValue.startsWith('Bearer ') || headerValue.startsWith('bearer ')) {
|
|
32
|
+
return { source: 'header', token: headerValue.substring(7) };
|
|
33
|
+
}
|
|
34
|
+
}
|
|
35
|
+
if (request.cookies && this.betterAuthService) {
|
|
36
|
+
const cookieName = this.betterAuthService.getSessionCookieName();
|
|
37
|
+
const token = request.cookies[cookieName] ||
|
|
38
|
+
request.cookies['better-auth.session_token'] ||
|
|
39
|
+
request.cookies['token'] ||
|
|
40
|
+
undefined;
|
|
41
|
+
if (token) {
|
|
42
|
+
return { source: 'cookie', token };
|
|
43
|
+
}
|
|
44
|
+
}
|
|
45
|
+
return { source: null, token: null };
|
|
46
|
+
}
|
|
47
|
+
async verifyAndLoadUser(token) {
|
|
48
|
+
if (!this.betterAuthService || !this.connection) {
|
|
49
|
+
return null;
|
|
50
|
+
}
|
|
51
|
+
if (this.betterAuthService.isJwtEnabled()) {
|
|
52
|
+
try {
|
|
53
|
+
const payload = await this.betterAuthService.verifyJwtToken(token);
|
|
54
|
+
if (payload?.sub) {
|
|
55
|
+
const user = await this.loadUserFromPayload(payload);
|
|
56
|
+
if (user) {
|
|
57
|
+
return user;
|
|
58
|
+
}
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
catch (error) {
|
|
62
|
+
if (error instanceof Error && error.message.includes('expired')) {
|
|
63
|
+
this.logger.debug('JWT token expired');
|
|
64
|
+
throw error;
|
|
65
|
+
}
|
|
66
|
+
this.logger.debug(`JWT verification failed, trying session: ${error instanceof Error ? error.message : 'Unknown error'}`);
|
|
67
|
+
}
|
|
68
|
+
}
|
|
69
|
+
try {
|
|
70
|
+
const sessionResult = await this.betterAuthService.getSessionByToken(token);
|
|
71
|
+
if (sessionResult?.user) {
|
|
72
|
+
return this.loadUserFromSessionResult(sessionResult.user);
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
catch (error) {
|
|
76
|
+
this.logger.debug(`Session lookup failed: ${error instanceof Error ? error.message : 'Unknown error'}`);
|
|
77
|
+
}
|
|
78
|
+
return null;
|
|
79
|
+
}
|
|
80
|
+
createUserWithHasRole(user) {
|
|
81
|
+
return {
|
|
82
|
+
...user,
|
|
83
|
+
_authenticatedViaBetterAuth: true,
|
|
84
|
+
hasRole: (roles) => {
|
|
85
|
+
const userRoles = user.roles;
|
|
86
|
+
if (!userRoles || !Array.isArray(userRoles)) {
|
|
87
|
+
return false;
|
|
88
|
+
}
|
|
89
|
+
return roles.some((role) => userRoles.includes(role));
|
|
90
|
+
},
|
|
91
|
+
id: user._id?.toString() || user.id,
|
|
92
|
+
};
|
|
93
|
+
}
|
|
94
|
+
async loadUserFromPayload(payload) {
|
|
95
|
+
if (!this.connection) {
|
|
96
|
+
return null;
|
|
97
|
+
}
|
|
98
|
+
try {
|
|
99
|
+
const usersCollection = this.connection.collection('users');
|
|
100
|
+
let user = null;
|
|
101
|
+
if (mongoose_2.Types.ObjectId.isValid(payload.sub)) {
|
|
102
|
+
user = await usersCollection.findOne({ _id: new mongoose_2.Types.ObjectId(payload.sub) });
|
|
103
|
+
}
|
|
104
|
+
if (!user) {
|
|
105
|
+
user = await usersCollection.findOne({ iamId: payload.sub });
|
|
106
|
+
}
|
|
107
|
+
if (!user) {
|
|
108
|
+
return null;
|
|
109
|
+
}
|
|
110
|
+
return this.createUserWithHasRole(user);
|
|
111
|
+
}
|
|
112
|
+
catch (error) {
|
|
113
|
+
this.logger.debug(`Failed to load user from payload: ${error instanceof Error ? error.message : 'Unknown error'}`);
|
|
114
|
+
return null;
|
|
115
|
+
}
|
|
116
|
+
}
|
|
117
|
+
async loadUserFromSessionResult(sessionUser) {
|
|
118
|
+
if (!this.connection || !sessionUser) {
|
|
119
|
+
return null;
|
|
120
|
+
}
|
|
121
|
+
try {
|
|
122
|
+
const usersCollection = this.connection.collection('users');
|
|
123
|
+
let user = null;
|
|
124
|
+
if (sessionUser.email) {
|
|
125
|
+
user = await usersCollection.findOne({ email: sessionUser.email });
|
|
126
|
+
}
|
|
127
|
+
if (!user && sessionUser.id) {
|
|
128
|
+
user = await usersCollection.findOne({ iamId: sessionUser.id });
|
|
129
|
+
}
|
|
130
|
+
if (!user && sessionUser.id && mongoose_2.Types.ObjectId.isValid(sessionUser.id)) {
|
|
131
|
+
user = await usersCollection.findOne({ _id: new mongoose_2.Types.ObjectId(sessionUser.id) });
|
|
132
|
+
}
|
|
133
|
+
if (!user) {
|
|
134
|
+
return null;
|
|
135
|
+
}
|
|
136
|
+
return this.createUserWithHasRole(user);
|
|
137
|
+
}
|
|
138
|
+
catch (error) {
|
|
139
|
+
this.logger.debug(`Failed to load user from session: ${error instanceof Error ? error.message : 'Unknown error'}`);
|
|
140
|
+
return null;
|
|
141
|
+
}
|
|
142
|
+
}
|
|
143
|
+
};
|
|
144
|
+
exports.BetterAuthTokenService = BetterAuthTokenService;
|
|
145
|
+
exports.BetterAuthTokenService = BetterAuthTokenService = BetterAuthTokenService_1 = __decorate([
|
|
146
|
+
(0, common_1.Injectable)(),
|
|
147
|
+
__param(0, (0, common_1.Optional)()),
|
|
148
|
+
__param(1, (0, common_1.Optional)()),
|
|
149
|
+
__param(1, (0, mongoose_1.InjectConnection)()),
|
|
150
|
+
__metadata("design:paramtypes", [core_better_auth_service_1.CoreBetterAuthService,
|
|
151
|
+
mongoose_2.Connection])
|
|
152
|
+
], BetterAuthTokenService);
|
|
153
|
+
//# sourceMappingURL=better-auth-token.service.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"better-auth-token.service.js","sourceRoot":"","sources":["../../../../src/core/modules/better-auth/better-auth-token.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAA8D;AAC9D,+CAAoD;AACpD,uCAA6C;AAG7C,yEAAmE;AAmC5D,IAAM,sBAAsB,8BAA5B,MAAM,sBAAsB;IAGjC,YACc,iBAA0D,EACtC,UAAwC;QAD3C,sBAAiB,GAAjB,iBAAiB,CAAwB;QACrB,eAAU,GAAV,UAAU,CAAa;QAJzD,WAAM,GAAG,IAAI,eAAM,CAAC,wBAAsB,CAAC,IAAI,CAAC,CAAC;IAK/D,CAAC;IAYJ,uBAAuB,CAAC,OAGvB;QAEC,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,EAAE,aAAa,IAAI,OAAO,CAAC,OAAO,EAAE,aAAa,CAAC;QACpF,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC;QAE3E,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,WAAW,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,WAAW,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC3E,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/D,CAAC;QACH,CAAC;QAGD,IAAI,OAAO,CAAC,OAAO,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC9C,MAAM,UAAU,GAAG,IAAI,CAAC,iBAAiB,CAAC,oBAAoB,EAAE,CAAC;YACjE,MAAM,KAAK,GACT,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC;gBAC3B,OAAO,CAAC,OAAO,CAAC,2BAA2B,CAAC;gBAC5C,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC;gBACxB,SAAS,CAAC;YAEZ,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;YACrC,CAAC;QACH,CAAC;QAED,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACvC,CAAC;IAYD,KAAK,CAAC,iBAAiB,CAAC,KAAa;QACnC,IAAI,CAAC,IAAI,CAAC,iBAAiB,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChD,OAAO,IAAI,CAAC;QACd,CAAC;QAGD,IAAI,IAAI,CAAC,iBAAiB,CAAC,YAAY,EAAE,EAAE,CAAC;YAC1C,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;gBACnE,IAAI,OAAO,EAAE,GAAG,EAAE,CAAC;oBACjB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC;oBACrD,IAAI,IAAI,EAAE,CAAC;wBACT,OAAO,IAAI,CAAC;oBACd,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBAEf,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;oBAChE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;oBACvC,MAAM,KAAK,CAAC;gBACd,CAAC;gBAED,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,4CAA4C,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CACvG,CAAC;YACJ,CAAC;QACH,CAAC;QAGD,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;YAC5E,IAAI,aAAa,EAAE,IAAI,EAAE,CAAC;gBACxB,OAAO,IAAI,CAAC,yBAAyB,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,0BAA0B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;QAC1G,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAQD,qBAAqB,CAAC,IAA6B;QACjD,OAAO;YACL,GAAG,IAAI;YACP,2BAA2B,EAAE,IAAI;YACjC,OAAO,EAAE,CAAC,KAAe,EAAW,EAAE;gBACpC,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC;gBAC7B,IAAI,CAAC,SAAS,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;oBAC5C,OAAO,KAAK,CAAC;gBACf,CAAC;gBACD,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;YACxD,CAAC;YACD,EAAE,EAAG,IAAI,CAAC,GAAsB,EAAE,QAAQ,EAAE,IAAK,IAAI,CAAC,EAAa;SACzC,CAAC;IAC/B,CAAC;IAQO,KAAK,CAAC,mBAAmB,CAAC,OAAgD;QAChF,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YACH,MAAM,eAAe,GAAG,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YAC5D,IAAI,IAAI,GAAmC,IAAI,CAAC;YAGhD,IAAI,gBAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;gBACxC,IAAI,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,EAAE,GAAG,EAAE,IAAI,gBAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACjF,CAAC;YAGD,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,IAAI,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;YAC/D,CAAC;YAED,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;QAC1C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qCAAqC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;YACnH,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAQO,KAAK,CAAC,yBAAyB,CAAC,WAGvC;QACC,IAAI,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,WAAW,EAAE,CAAC;YACrC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YACH,MAAM,eAAe,GAAG,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YAC5D,IAAI,IAAI,GAAmC,IAAI,CAAC;YAGhD,IAAI,WAAW,CAAC,KAAK,EAAE,CAAC;gBACtB,IAAI,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC;YACrE,CAAC;YAGD,IAAI,CAAC,IAAI,IAAI,WAAW,CAAC,EAAE,EAAE,CAAC;gBAC5B,IAAI,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,WAAW,CAAC,EAAE,EAAE,CAAC,CAAC;YAClE,CAAC;YAGD,IAAI,CAAC,IAAI,IAAI,WAAW,CAAC,EAAE,IAAI,gBAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC,EAAE,CAAC;gBACtE,IAAI,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,EAAE,GAAG,EAAE,IAAI,gBAAK,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;YACpF,CAAC;YAED,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;QAC1C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qCAAqC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;YACnH,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;CACF,CAAA;AAxMY,wDAAsB;iCAAtB,sBAAsB;IADlC,IAAA,mBAAU,GAAE;IAKR,WAAA,IAAA,iBAAQ,GAAE,CAAA;IACV,WAAA,IAAA,iBAAQ,GAAE,CAAA;IAAE,WAAA,IAAA,2BAAgB,GAAE,CAAA;qCADkB,gDAAqB;QACR,qBAAU;GAL/D,sBAAsB,CAwMlC"}
|
|
@@ -5,5 +5,8 @@ export interface CreateBetterAuthOptions {
|
|
|
5
5
|
config: IBetterAuth;
|
|
6
6
|
db: any;
|
|
7
7
|
fallbackSecrets?: (string | undefined)[];
|
|
8
|
+
serverAppUrl?: string;
|
|
9
|
+
serverBaseUrl?: string;
|
|
10
|
+
serverEnv?: string;
|
|
8
11
|
}
|
|
9
12
|
export declare function createBetterAuthInstance(options: CreateBetterAuthOptions): BetterAuthInstance | null;
|