npm - @lenne.tech/nest-server - Versions diffs - 11.5.0 → 11.6.1 - Mend

@lenne.tech/nest-server 11.5.0 → 11.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@lenne.tech/nest-server",
-  "version": "11.5.0",
+  "version": "11.6.1",
   "description": "Modern, fast, powerful Node.js web framework in TypeScript based on Nest with a GraphQL API and a connection to MongoDB (or other databases).",
   "keywords": [
     "node",
@@ -77,24 +77,22 @@
     "node": ">= 20"
   },
   "dependencies": {
-    "@apollo/gateway": "2.12.0",
     "@getbrevo/brevo": "3.0.1",
     "@nestjs/apollo": "13.1.0",
-    "@nestjs/common": "11.1.8",
-    "@nestjs/core": "11.1.8",
-    "@nestjs/graphql": "13.1.0",
-    "@nestjs/jwt": "11.0.1",
-    "@nestjs/mongoose": "11.0.3",
+    "@nestjs/common": "11.1.9",
+    "@nestjs/core": "11.1.9",
+    "@nestjs/graphql": "13.2.0",
+    "@nestjs/jwt": "11.0.2",
+    "@nestjs/mongoose": "11.0.4",
     "@nestjs/passport": "11.0.5",
-    "@nestjs/platform-express": "11.1.8",
-    "@nestjs/schedule": "6.0.1",
-    "@nestjs/swagger": "11.2.1",
+    "@nestjs/platform-express": "11.1.9",
+    "@nestjs/schedule": "6.1.0",
+    "@nestjs/swagger": "11.2.3",
     "@nestjs/terminus": "11.0.0",
     "apollo-server-core": "3.13.0",
-    "apollo-server-express": "3.13.0",
     "bcrypt": "6.0.0",
     "class-transformer": "0.5.1",
-    "class-validator": "0.14.2",
+    "class-validator": "0.14.3",
     "compression": "1.8.1",
     "cookie-parser": "1.4.7",
     "dotenv": "17.2.3",
@@ -110,41 +108,38 @@
     "mongoose": "8.19.3",
     "multer": "2.0.2",
     "node-mailjet": "6.0.11",
-    "nodemailer": "7.0.10",
+    "nodemailer": "7.0.11",
     "passport": "0.7.0",
     "passport-jwt": "4.0.1",
     "reflect-metadata": "0.2.2",
     "rfdc": "1.4.1",
     "rxjs": "7.8.2",
+    "ts-jest": "29.4.6",
     "yuml-diagram": "1.2.0"
   },
   "devDependencies": {
-    "@babel/plugin-proposal-private-methods": "7.18.6",
     "@compodoc/compodoc": "1.1.32",
     "@lenne.tech/eslint-config-ts": "2.1.4",
-    "@nestjs/cli": "11.0.10",
+    "@nestjs/cli": "11.0.14",
     "@nestjs/schematics": "11.0.9",
-    "@nestjs/testing": "11.1.8",
+    "@nestjs/testing": "11.1.9",
     "@swc/cli": "0.7.9",
-    "@swc/core": "1.15.0",
-    "@swc/jest": "0.2.39",
+    "@swc/core": "1.15.3",
     "@types/compression": "1.8.1",
     "@types/cookie-parser": "1.4.10",
     "@types/ejs": "3.1.5",
     "@types/express": "4.17.21",
-    "@types/jest": "30.0.0",
-    "@types/lodash": "4.17.20",
+    "@types/lodash": "4.17.21",
     "@types/multer": "2.0.0",
-    "@types/node": "24.10.0",
-    "@types/nodemailer": "7.0.3",
+    "@types/node": "25.0.1",
+    "@types/nodemailer": "7.0.4",
     "@types/passport": "1.0.17",
     "@types/supertest": "6.0.3",
-    "@typescript-eslint/eslint-plugin": "8.46.3",
-    "@typescript-eslint/parser": "8.46.3",
-    "@vitest/coverage-v8": "4.0.9",
-    "@vitest/ui": "4.0.9",
+    "@typescript-eslint/eslint-plugin": "8.49.0",
+    "@typescript-eslint/parser": "8.49.0",
+    "@vitest/coverage-v8": "4.0.15",
+    "@vitest/ui": "4.0.15",
     "ansi-colors": "4.1.3",
-    "coffeescript": "2.7.0",
     "eslint": "9.39.1",
     "eslint-config-prettier": "10.1.8",
     "eslint-plugin-unused-imports": "4.3.0",
@@ -155,25 +150,23 @@
     "grunt-contrib-watch": "1.1.0",
     "grunt-sync": "0.8.2",
     "husky": "9.1.7",
-    "jest": "30.2.0",
-    "nodemon": "3.1.10",
+    "nodemon": "3.1.11",
     "npm-watch": "0.13.0",
-    "pm2": "6.0.13",
-    "prettier": "3.6.2",
+    "pm2": "6.0.14",
+    "prettier": "3.7.4",
     "pretty-quick": "4.2.2",
-    "rimraf": "6.1.0",
+    "rimraf": "6.1.2",
     "supertest": "7.1.4",
-    "ts-jest": "29.4.5",
     "ts-loader": "9.5.4",
     "ts-morph": "27.0.2",
     "ts-node": "10.9.2",
     "tsconfig-paths": "4.2.0",
     "typescript": "5.9.3",
-    "unplugin-swc": "1.5.8",
-    "vite": "7.2.2",
+    "unplugin-swc": "1.5.9",
+    "vite": "7.2.7",
     "vite-plugin-node": "7.0.0",
     "vite-tsconfig-paths": "5.1.4",
-    "vitest": "4.0.9",
+    "vitest": "4.0.15",
     "yalc": "1.0.0-pre.53"
   },
   "overrides": {

package/src/core/common/interceptors/check-security.interceptor.ts CHANGED Viewed

@@ -31,12 +31,13 @@ export class CheckSecurityInterceptor implements NestInterceptor {
     // Get current user
     const user = getContextData(context)?.currentUser || null;
-    // Set force mode for sign in and sign up
+    // Set force mode for sign in and sign up (both GraphQL and REST)
     let force = false;
     if (!user) {
       // Here the name is used and not the class itself, because the concrete class is located in the respective project.
-      // In case of an override it is better to use the concrete class directly (context.getClass() instead of context.getClasss()?.name).
-      if (context.getClass()?.name === 'AuthResolver') {
+      // In case of an override it is better to use the concrete class directly (context.getClass() instead of context.getClass()?.name).
+      const className = context.getClass()?.name;
+      if (className === 'AuthResolver' || className === 'AuthController') {
         force = true;
       }
     }
@@ -76,7 +77,7 @@ export class CheckSecurityInterceptor implements NestInterceptor {
       // Check if data is writeable (e.g. objects from direct access to json files via http are not writable)
       if (data && typeof data === 'object') {
-        const writeable = !Object.keys(data).find(key => !Object.getOwnPropertyDescriptor(data, key).writable);
+        const writeable = !Object.keys(data).find((key) => !Object.getOwnPropertyDescriptor(data, key).writable);
         if (!writeable) {
           return data;
         }
@@ -88,7 +89,7 @@ export class CheckSecurityInterceptor implements NestInterceptor {
         (item) => {
           if (!item || typeof item !== 'object' || typeof item.securityCheck !== 'function') {
             if (Array.isArray(item)) {
-              return item.filter(i => i !== undefined);
+              return item.filter((i) => i !== undefined);
             }
             return item;
           }

package/src/core/modules/auth/services/core-auth.service.ts CHANGED Viewed

@@ -15,6 +15,18 @@ import { ICoreAuthUser } from '../interfaces/core-auth-user.interface';
 import { JwtPayload } from '../interfaces/jwt-payload.interface';
 import { CoreAuthUserService } from './core-auth-user.service';
+/**
+ * Options for getResult method
+ */
+export interface GetResultOptions {
+  /** Current refresh token (for renewal) */
+  currentRefreshToken?: string;
+  /** Additional data (deviceId, deviceDescription, etc.) */
+  data?: { [key: string]: any; deviceId?: string };
+  /** Service options including currentUser for securityCheck */
+  serviceOptions?: ServiceOptions;
+}
 /**
  * CoreAuthService to handle user authentication
  */
@@ -71,16 +83,17 @@ export class CoreAuthService {
   /**
    * Refresh tokens
    */
-  async refreshTokens(user: ICoreAuthUser, currentRefreshToken: string) {
+  async refreshTokens(user: ICoreAuthUser, currentRefreshToken: string, serviceOptions?: ServiceOptions) {
     // Create new tokens
     const { deviceDescription, deviceId } = this.decodeJwt(currentRefreshToken);
     const tokens = await this.createTokens(user.id, { deviceDescription, deviceId });
     tokens.refreshToken = await this.updateRefreshToken(user, currentRefreshToken, tokens.refreshToken);
-    // Return
-    return CoreAuthModel.map({
-      ...tokens,
-      user: await this.userService.prepareOutput(user),
+    // Return with currentUser set so securityCheck knows user is requesting own data
+    return this.getResult(user, {
+      currentRefreshToken,
+      data: { deviceDescription, deviceId },
+      serviceOptions: { ...serviceOptions, currentUser: user },
     });
   }
@@ -114,8 +127,11 @@ export class CoreAuthService {
       throw new UnauthorizedException('Wrong password');
     }
-    // Return tokens and user
-    return this.getResult(user, { deviceDescription, deviceId });
+    // Return tokens and user with currentUser set so securityCheck knows user is requesting own data
+    return this.getResult(user, {
+      data: { deviceDescription, deviceId },
+      serviceOptions: { ...serviceOptions, currentUser: user },
+    });
   }
   /**
@@ -138,8 +154,11 @@ export class CoreAuthService {
       // Set device ID
       const { deviceDescription, deviceId } = input;
-      // Return tokens and user
-      return this.getResult(user, { deviceDescription, deviceId });
+      // Return tokens and user with currentUser set so securityCheck knows user is requesting own data
+      return this.getResult(user, {
+        data: { deviceDescription, deviceId },
+        serviceOptions: { ...serviceOptions, currentUser: user },
+      });
     } catch (err) {
       if (err?.message === 'Unprocessable Entity') {
         throw new BadRequestException('Email address already in use');
@@ -171,12 +190,16 @@ export class CoreAuthService {
   /**
    * Rest result with user and tokens
+   *
+   * @param user - The authenticated user
+   * @param options - Optional configuration for result generation
+   * @param options.data - Additional data (deviceId, deviceDescription, etc.)
+   * @param options.currentRefreshToken - Current refresh token (for renewal)
+   * @param options.serviceOptions - Service options including currentUser for securityCheck
    */
-  protected async getResult(
-    user: ICoreAuthUser,
-    data?: { [key: string]: any; deviceId?: string },
-    currentRefreshToken?: string,
-  ) {
+  protected async getResult(user: ICoreAuthUser, options?: GetResultOptions) {
+    const { currentRefreshToken, data, serviceOptions } = options || {};
     // Create new tokens
     const tokens = await this.createTokens(user.id, data);
@@ -184,9 +207,10 @@ export class CoreAuthService {
     tokens.refreshToken = await this.updateRefreshToken(user, currentRefreshToken, tokens.refreshToken, data);
     // Return tokens and user
+    // Pass serviceOptions to prepareOutput so currentUser is available for securityCheck
     return CoreAuthModel.map({
       ...tokens,
-      user: await this.userService.prepareOutput(user),
+      user: await this.userService.prepareOutput(user, serviceOptions),
     });
   }
@@ -199,10 +223,10 @@ export class CoreAuthService {
       path += '.refresh';
     }
     return (
-      this.configService.getFastButReadOnly(`${path}.signInOptions.secret`)
-      || this.configService.getFastButReadOnly(`${path}.signInOptions.secretOrPrivateKey`)
-      || this.configService.getFastButReadOnly(`${path}.secret`)
-      || this.configService.getFastButReadOnly(`${path}.secretOrPrivateKey`)
+      this.configService.getFastButReadOnly(`${path}.signInOptions.secret`) ||
+      this.configService.getFastButReadOnly(`${path}.signInOptions.secretOrPrivateKey`) ||
+      this.configService.getFastButReadOnly(`${path}.secret`) ||
+      this.configService.getFastButReadOnly(`${path}.secretOrPrivateKey`)
     );
   }