@lenne.tech/nest-server 11.6.1 → 11.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/config.env.js +132 -0
- package/dist/config.env.js.map +1 -1
- package/dist/core/common/decorators/graphql-populate.decorator.d.ts +2 -2
- package/dist/core/common/decorators/restricted.decorator.d.ts +1 -0
- package/dist/core/common/decorators/restricted.decorator.js +1 -1
- package/dist/core/common/decorators/restricted.decorator.js.map +1 -1
- package/dist/core/common/helpers/filter.helper.d.ts +9 -9
- package/dist/core/common/helpers/filter.helper.js +2 -4
- package/dist/core/common/helpers/filter.helper.js.map +1 -1
- package/dist/core/common/helpers/gridfs.helper.js +3 -3
- package/dist/core/common/helpers/gridfs.helper.js.map +1 -1
- package/dist/core/common/helpers/input.helper.d.ts +1 -0
- package/dist/core/common/helpers/input.helper.js +1 -1
- package/dist/core/common/helpers/input.helper.js.map +1 -1
- package/dist/core/common/interfaces/server-options.interface.d.ts +51 -0
- package/dist/core/common/services/crud.service.d.ts +16 -16
- package/dist/core/common/services/crud.service.js +1 -1
- package/dist/core/common/services/crud.service.js.map +1 -1
- package/dist/core/modules/auth/auth-guard-strategy.enum.d.ts +1 -0
- package/dist/core/modules/auth/auth-guard-strategy.enum.js +1 -0
- package/dist/core/modules/auth/auth-guard-strategy.enum.js.map +1 -1
- package/dist/core/modules/auth/guards/auth.guard.js +11 -5
- package/dist/core/modules/auth/guards/auth.guard.js.map +1 -1
- package/dist/core/modules/auth/tokens.decorator.d.ts +1 -1
- package/dist/core/modules/better-auth/better-auth-auth.model.d.ts +9 -0
- package/dist/core/modules/better-auth/better-auth-auth.model.js +63 -0
- package/dist/core/modules/better-auth/better-auth-auth.model.js.map +1 -0
- package/dist/core/modules/better-auth/better-auth-models.d.ts +43 -0
- package/dist/core/modules/better-auth/better-auth-models.js +181 -0
- package/dist/core/modules/better-auth/better-auth-models.js.map +1 -0
- package/dist/core/modules/better-auth/better-auth-rate-limit.middleware.d.ts +12 -0
- package/dist/core/modules/better-auth/better-auth-rate-limit.middleware.js +70 -0
- package/dist/core/modules/better-auth/better-auth-rate-limit.middleware.js.map +1 -0
- package/dist/core/modules/better-auth/better-auth-rate-limiter.service.d.ts +32 -0
- package/dist/core/modules/better-auth/better-auth-rate-limiter.service.js +173 -0
- package/dist/core/modules/better-auth/better-auth-rate-limiter.service.js.map +1 -0
- package/dist/core/modules/better-auth/better-auth-user.mapper.d.ts +43 -0
- package/dist/core/modules/better-auth/better-auth-user.mapper.js +159 -0
- package/dist/core/modules/better-auth/better-auth-user.mapper.js.map +1 -0
- package/dist/core/modules/better-auth/better-auth.config.d.ts +9 -0
- package/dist/core/modules/better-auth/better-auth.config.js +254 -0
- package/dist/core/modules/better-auth/better-auth.config.js.map +1 -0
- package/dist/core/modules/better-auth/better-auth.middleware.d.ts +20 -0
- package/dist/core/modules/better-auth/better-auth.middleware.js +79 -0
- package/dist/core/modules/better-auth/better-auth.middleware.js.map +1 -0
- package/dist/core/modules/better-auth/better-auth.module.d.ts +38 -0
- package/dist/core/modules/better-auth/better-auth.module.js +253 -0
- package/dist/core/modules/better-auth/better-auth.module.js.map +1 -0
- package/dist/core/modules/better-auth/better-auth.resolver.d.ts +45 -0
- package/dist/core/modules/better-auth/better-auth.resolver.js +221 -0
- package/dist/core/modules/better-auth/better-auth.resolver.js.map +1 -0
- package/dist/core/modules/better-auth/better-auth.service.d.ts +37 -0
- package/dist/core/modules/better-auth/better-auth.service.js +148 -0
- package/dist/core/modules/better-auth/better-auth.service.js.map +1 -0
- package/dist/core/modules/better-auth/better-auth.types.d.ts +39 -0
- package/dist/core/modules/better-auth/better-auth.types.js +26 -0
- package/dist/core/modules/better-auth/better-auth.types.js.map +1 -0
- package/dist/core/modules/better-auth/core-better-auth.controller.d.ts +66 -0
- package/dist/core/modules/better-auth/core-better-auth.controller.js +491 -0
- package/dist/core/modules/better-auth/core-better-auth.controller.js.map +1 -0
- package/dist/core/modules/better-auth/core-better-auth.resolver.d.ts +59 -0
- package/dist/core/modules/better-auth/core-better-auth.resolver.js +538 -0
- package/dist/core/modules/better-auth/core-better-auth.resolver.js.map +1 -0
- package/dist/core/modules/better-auth/index.d.ts +13 -0
- package/dist/core/modules/better-auth/index.js +30 -0
- package/dist/core/modules/better-auth/index.js.map +1 -0
- package/dist/core/modules/user/core-user.model.d.ts +2 -0
- package/dist/core/modules/user/core-user.model.js +21 -0
- package/dist/core/modules/user/core-user.model.js.map +1 -1
- package/dist/core.module.js +7 -0
- package/dist/core.module.js.map +1 -1
- package/dist/index.d.ts +1 -0
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/server/modules/better-auth/better-auth.controller.d.ts +10 -0
- package/dist/server/modules/better-auth/better-auth.controller.js +36 -0
- package/dist/server/modules/better-auth/better-auth.controller.js.map +1 -0
- package/dist/server/modules/better-auth/better-auth.module.d.ts +9 -0
- package/dist/server/modules/better-auth/better-auth.module.js +44 -0
- package/dist/server/modules/better-auth/better-auth.module.js.map +1 -0
- package/dist/server/modules/better-auth/better-auth.resolver.d.ts +45 -0
- package/dist/server/modules/better-auth/better-auth.resolver.js +221 -0
- package/dist/server/modules/better-auth/better-auth.resolver.js.map +1 -0
- package/dist/server/modules/file/file-info.model.d.ts +71 -3
- package/dist/server/modules/user/user.model.d.ts +169 -3
- package/dist/server/server.module.js +6 -1
- package/dist/server/server.module.js.map +1 -1
- package/dist/tsconfig.build.tsbuildinfo +1 -1
- package/package.json +21 -22
- package/src/config.env.ts +139 -1
- package/src/core/common/decorators/restricted.decorator.ts +2 -2
- package/src/core/common/helpers/filter.helper.ts +15 -17
- package/src/core/common/helpers/gridfs.helper.ts +5 -5
- package/src/core/common/helpers/input.helper.ts +2 -2
- package/src/core/common/interfaces/server-options.interface.ts +377 -20
- package/src/core/common/services/crud.service.ts +22 -22
- package/src/core/modules/auth/auth-guard-strategy.enum.ts +1 -0
- package/src/core/modules/auth/guards/auth.guard.ts +20 -6
- package/src/core/modules/better-auth/README.md +1422 -0
- package/src/core/modules/better-auth/better-auth-auth.model.ts +69 -0
- package/src/core/modules/better-auth/better-auth-models.ts +140 -0
- package/src/core/modules/better-auth/better-auth-rate-limit.middleware.ts +113 -0
- package/src/core/modules/better-auth/better-auth-rate-limiter.service.ts +326 -0
- package/src/core/modules/better-auth/better-auth-user.mapper.ts +269 -0
- package/src/core/modules/better-auth/better-auth.config.ts +488 -0
- package/src/core/modules/better-auth/better-auth.middleware.ts +111 -0
- package/src/core/modules/better-auth/better-auth.module.ts +474 -0
- package/src/core/modules/better-auth/better-auth.resolver.ts +213 -0
- package/src/core/modules/better-auth/better-auth.service.ts +314 -0
- package/src/core/modules/better-auth/better-auth.types.ts +90 -0
- package/src/core/modules/better-auth/core-better-auth.controller.ts +605 -0
- package/src/core/modules/better-auth/core-better-auth.resolver.ts +705 -0
- package/src/core/modules/better-auth/index.ts +32 -0
- package/src/core/modules/user/core-user.model.ts +29 -0
- package/src/core.module.ts +13 -0
- package/src/index.ts +6 -0
- package/src/server/modules/better-auth/better-auth.controller.ts +41 -0
- package/src/server/modules/better-auth/better-auth.module.ts +88 -0
- package/src/server/modules/better-auth/better-auth.resolver.ts +201 -0
- package/src/server/server.module.ts +10 -1
|
@@ -0,0 +1,538 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
12
|
+
return function (target, key) { decorator(target, key, paramIndex); }
|
|
13
|
+
};
|
|
14
|
+
var CoreBetterAuthResolver_1;
|
|
15
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
16
|
+
exports.CoreBetterAuthResolver = void 0;
|
|
17
|
+
const common_1 = require("@nestjs/common");
|
|
18
|
+
const graphql_1 = require("@nestjs/graphql");
|
|
19
|
+
const roles_decorator_1 = require("../../common/decorators/roles.decorator");
|
|
20
|
+
const role_enum_1 = require("../../common/enums/role.enum");
|
|
21
|
+
const auth_guard_strategy_enum_1 = require("../auth/auth-guard-strategy.enum");
|
|
22
|
+
const auth_guard_1 = require("../auth/guards/auth.guard");
|
|
23
|
+
const better_auth_auth_model_1 = require("./better-auth-auth.model");
|
|
24
|
+
const better_auth_models_1 = require("./better-auth-models");
|
|
25
|
+
const better_auth_user_mapper_1 = require("./better-auth-user.mapper");
|
|
26
|
+
const better_auth_service_1 = require("./better-auth.service");
|
|
27
|
+
const better_auth_types_1 = require("./better-auth.types");
|
|
28
|
+
let CoreBetterAuthResolver = CoreBetterAuthResolver_1 = class CoreBetterAuthResolver {
|
|
29
|
+
constructor(betterAuthService, userMapper) {
|
|
30
|
+
this.betterAuthService = betterAuthService;
|
|
31
|
+
this.userMapper = userMapper;
|
|
32
|
+
this.logger = new common_1.Logger(CoreBetterAuthResolver_1.name);
|
|
33
|
+
}
|
|
34
|
+
async betterAuthSession(ctx) {
|
|
35
|
+
if (!this.betterAuthService.isEnabled()) {
|
|
36
|
+
return null;
|
|
37
|
+
}
|
|
38
|
+
const { session, user } = await this.betterAuthService.getSession(ctx.req);
|
|
39
|
+
if (!session || !user) {
|
|
40
|
+
return null;
|
|
41
|
+
}
|
|
42
|
+
return {
|
|
43
|
+
expiresAt: session.expiresAt,
|
|
44
|
+
id: session.id,
|
|
45
|
+
user: {
|
|
46
|
+
email: user.email,
|
|
47
|
+
emailVerified: user.emailVerified,
|
|
48
|
+
id: user.id,
|
|
49
|
+
name: user.name,
|
|
50
|
+
},
|
|
51
|
+
};
|
|
52
|
+
}
|
|
53
|
+
betterAuthEnabled() {
|
|
54
|
+
return this.betterAuthService.isEnabled();
|
|
55
|
+
}
|
|
56
|
+
betterAuthFeatures() {
|
|
57
|
+
return {
|
|
58
|
+
enabled: this.betterAuthService.isEnabled(),
|
|
59
|
+
jwt: this.betterAuthService.isJwtEnabled(),
|
|
60
|
+
passkey: this.betterAuthService.isPasskeyEnabled(),
|
|
61
|
+
socialProviders: this.betterAuthService.getEnabledSocialProviders(),
|
|
62
|
+
twoFactor: this.betterAuthService.isTwoFactorEnabled(),
|
|
63
|
+
};
|
|
64
|
+
}
|
|
65
|
+
async betterAuthSignIn(email, password, _ctx) {
|
|
66
|
+
this.ensureEnabled();
|
|
67
|
+
const api = this.betterAuthService.getApi();
|
|
68
|
+
if (!api) {
|
|
69
|
+
throw new common_1.BadRequestException('Better-Auth API not available');
|
|
70
|
+
}
|
|
71
|
+
try {
|
|
72
|
+
const response = (await api.signInEmail({
|
|
73
|
+
body: { email, password },
|
|
74
|
+
}));
|
|
75
|
+
if (!response) {
|
|
76
|
+
throw new common_1.UnauthorizedException('Invalid credentials');
|
|
77
|
+
}
|
|
78
|
+
if ((0, better_auth_types_1.requires2FA)(response)) {
|
|
79
|
+
return {
|
|
80
|
+
requiresTwoFactor: true,
|
|
81
|
+
success: false,
|
|
82
|
+
user: null,
|
|
83
|
+
};
|
|
84
|
+
}
|
|
85
|
+
if ((0, better_auth_types_1.hasUser)(response)) {
|
|
86
|
+
const sessionUser = response.user;
|
|
87
|
+
const mappedUser = await this.userMapper.mapSessionUser(sessionUser);
|
|
88
|
+
const token = this.betterAuthService.isJwtEnabled() ? response.token : undefined;
|
|
89
|
+
return {
|
|
90
|
+
requiresTwoFactor: false,
|
|
91
|
+
session: (0, better_auth_types_1.hasSession)(response) ? this.mapSessionInfo(response.session) : null,
|
|
92
|
+
success: true,
|
|
93
|
+
token,
|
|
94
|
+
user: mappedUser ? this.mapToUserModel(mappedUser) : null,
|
|
95
|
+
};
|
|
96
|
+
}
|
|
97
|
+
throw new common_1.UnauthorizedException('Invalid credentials');
|
|
98
|
+
}
|
|
99
|
+
catch (error) {
|
|
100
|
+
this.logger.debug(`Sign-in error: ${error instanceof Error ? error.message : 'Unknown error'}`);
|
|
101
|
+
throw new common_1.UnauthorizedException('Invalid credentials');
|
|
102
|
+
}
|
|
103
|
+
}
|
|
104
|
+
async betterAuthSignUp(email, password, name) {
|
|
105
|
+
this.ensureEnabled();
|
|
106
|
+
const api = this.betterAuthService.getApi();
|
|
107
|
+
if (!api) {
|
|
108
|
+
throw new common_1.BadRequestException('Better-Auth API not available');
|
|
109
|
+
}
|
|
110
|
+
try {
|
|
111
|
+
const response = (await api.signUpEmail({
|
|
112
|
+
body: {
|
|
113
|
+
email,
|
|
114
|
+
name: name || email.split('@')[0],
|
|
115
|
+
password,
|
|
116
|
+
},
|
|
117
|
+
}));
|
|
118
|
+
if (!response) {
|
|
119
|
+
throw new common_1.BadRequestException('Sign-up failed');
|
|
120
|
+
}
|
|
121
|
+
if ((0, better_auth_types_1.hasUser)(response)) {
|
|
122
|
+
const sessionUser = response.user;
|
|
123
|
+
await this.userMapper.linkOrCreateUser(sessionUser);
|
|
124
|
+
const mappedUser = await this.userMapper.mapSessionUser(sessionUser);
|
|
125
|
+
return {
|
|
126
|
+
requiresTwoFactor: false,
|
|
127
|
+
session: (0, better_auth_types_1.hasSession)(response) ? this.mapSessionInfo(response.session) : null,
|
|
128
|
+
success: true,
|
|
129
|
+
user: mappedUser ? this.mapToUserModel(mappedUser) : null,
|
|
130
|
+
};
|
|
131
|
+
}
|
|
132
|
+
throw new common_1.BadRequestException('Sign-up failed');
|
|
133
|
+
}
|
|
134
|
+
catch (error) {
|
|
135
|
+
const errorMessage = error instanceof Error ? error.message : 'Unknown error';
|
|
136
|
+
this.logger.debug(`Sign-up error: ${errorMessage}`);
|
|
137
|
+
if (errorMessage.includes('already exists')) {
|
|
138
|
+
throw new common_1.BadRequestException('User with this email already exists');
|
|
139
|
+
}
|
|
140
|
+
throw new common_1.BadRequestException('Sign-up failed');
|
|
141
|
+
}
|
|
142
|
+
}
|
|
143
|
+
async betterAuthSignOut(ctx) {
|
|
144
|
+
if (!this.betterAuthService.isEnabled()) {
|
|
145
|
+
return false;
|
|
146
|
+
}
|
|
147
|
+
const api = this.betterAuthService.getApi();
|
|
148
|
+
if (!api) {
|
|
149
|
+
return false;
|
|
150
|
+
}
|
|
151
|
+
try {
|
|
152
|
+
const headers = this.convertHeaders(ctx.req.headers);
|
|
153
|
+
await api.signOut({ headers });
|
|
154
|
+
return true;
|
|
155
|
+
}
|
|
156
|
+
catch (error) {
|
|
157
|
+
this.logger.debug(`Sign-out error: ${error instanceof Error ? error.message : 'Unknown error'}`);
|
|
158
|
+
return false;
|
|
159
|
+
}
|
|
160
|
+
}
|
|
161
|
+
async betterAuthVerify2FA(code, ctx) {
|
|
162
|
+
this.ensureEnabled();
|
|
163
|
+
if (!this.betterAuthService.isTwoFactorEnabled()) {
|
|
164
|
+
throw new common_1.BadRequestException('Two-factor authentication is not enabled');
|
|
165
|
+
}
|
|
166
|
+
const api = this.betterAuthService.getApi();
|
|
167
|
+
if (!api) {
|
|
168
|
+
throw new common_1.BadRequestException('Better-Auth API not available');
|
|
169
|
+
}
|
|
170
|
+
try {
|
|
171
|
+
const headers = this.convertHeaders(ctx.req.headers);
|
|
172
|
+
const twoFactorApi = api.twoFactor;
|
|
173
|
+
if (!twoFactorApi?.verifyTotp) {
|
|
174
|
+
throw new common_1.BadRequestException('2FA verification method not available');
|
|
175
|
+
}
|
|
176
|
+
const response = await twoFactorApi.verifyTotp({
|
|
177
|
+
body: { code },
|
|
178
|
+
headers,
|
|
179
|
+
});
|
|
180
|
+
if (response && (0, better_auth_types_1.hasUser)(response)) {
|
|
181
|
+
const sessionUser = response.user;
|
|
182
|
+
const mappedUser = await this.userMapper.mapSessionUser(sessionUser);
|
|
183
|
+
return {
|
|
184
|
+
requiresTwoFactor: false,
|
|
185
|
+
success: true,
|
|
186
|
+
user: mappedUser ? this.mapToUserModel(mappedUser) : null,
|
|
187
|
+
};
|
|
188
|
+
}
|
|
189
|
+
throw new common_1.UnauthorizedException('Invalid 2FA code');
|
|
190
|
+
}
|
|
191
|
+
catch (error) {
|
|
192
|
+
this.logger.debug(`2FA verification error: ${error instanceof Error ? error.message : 'Unknown error'}`);
|
|
193
|
+
throw new common_1.UnauthorizedException('Invalid 2FA code');
|
|
194
|
+
}
|
|
195
|
+
}
|
|
196
|
+
async betterAuthEnable2FA(password, ctx) {
|
|
197
|
+
this.ensureEnabled();
|
|
198
|
+
if (!this.betterAuthService.isTwoFactorEnabled()) {
|
|
199
|
+
return { error: 'Two-factor authentication is not enabled on this server', success: false };
|
|
200
|
+
}
|
|
201
|
+
const api = this.betterAuthService.getApi();
|
|
202
|
+
if (!api) {
|
|
203
|
+
return { error: 'Better-Auth API not available', success: false };
|
|
204
|
+
}
|
|
205
|
+
try {
|
|
206
|
+
const headers = this.convertHeaders(ctx.req.headers);
|
|
207
|
+
const twoFactorApi = api.twoFactor;
|
|
208
|
+
if (!twoFactorApi?.enable) {
|
|
209
|
+
return { error: '2FA enable method not available', success: false };
|
|
210
|
+
}
|
|
211
|
+
const response = await twoFactorApi.enable({
|
|
212
|
+
body: { password },
|
|
213
|
+
headers,
|
|
214
|
+
});
|
|
215
|
+
return {
|
|
216
|
+
backupCodes: response.backupCodes,
|
|
217
|
+
success: true,
|
|
218
|
+
totpUri: response.totpURI,
|
|
219
|
+
};
|
|
220
|
+
}
|
|
221
|
+
catch (error) {
|
|
222
|
+
this.logger.debug(`2FA enable error: ${error instanceof Error ? error.message : 'Unknown error'}`);
|
|
223
|
+
return { error: error instanceof Error ? error.message : 'Failed to enable 2FA', success: false };
|
|
224
|
+
}
|
|
225
|
+
}
|
|
226
|
+
async betterAuthDisable2FA(password, ctx) {
|
|
227
|
+
this.ensureEnabled();
|
|
228
|
+
if (!this.betterAuthService.isTwoFactorEnabled()) {
|
|
229
|
+
throw new common_1.BadRequestException('Two-factor authentication is not enabled on this server');
|
|
230
|
+
}
|
|
231
|
+
const api = this.betterAuthService.getApi();
|
|
232
|
+
if (!api) {
|
|
233
|
+
return false;
|
|
234
|
+
}
|
|
235
|
+
try {
|
|
236
|
+
const headers = this.convertHeaders(ctx.req.headers);
|
|
237
|
+
const twoFactorApi = api.twoFactor;
|
|
238
|
+
if (!twoFactorApi?.disable) {
|
|
239
|
+
throw new common_1.BadRequestException('2FA disable method not available');
|
|
240
|
+
}
|
|
241
|
+
const response = await twoFactorApi.disable({
|
|
242
|
+
body: { password },
|
|
243
|
+
headers,
|
|
244
|
+
});
|
|
245
|
+
return response?.status === true;
|
|
246
|
+
}
|
|
247
|
+
catch (error) {
|
|
248
|
+
this.logger.debug(`2FA disable error: ${error instanceof Error ? error.message : 'Unknown error'}`);
|
|
249
|
+
return false;
|
|
250
|
+
}
|
|
251
|
+
}
|
|
252
|
+
async betterAuthGenerateBackupCodes(ctx) {
|
|
253
|
+
this.ensureEnabled();
|
|
254
|
+
if (!this.betterAuthService.isTwoFactorEnabled()) {
|
|
255
|
+
throw new common_1.BadRequestException('Two-factor authentication is not enabled on this server');
|
|
256
|
+
}
|
|
257
|
+
const api = this.betterAuthService.getApi();
|
|
258
|
+
if (!api) {
|
|
259
|
+
return null;
|
|
260
|
+
}
|
|
261
|
+
try {
|
|
262
|
+
const headers = this.convertHeaders(ctx.req.headers);
|
|
263
|
+
const twoFactorApi = api.twoFactor;
|
|
264
|
+
if (!twoFactorApi?.generateBackupCodes) {
|
|
265
|
+
throw new common_1.BadRequestException('Generate backup codes method not available');
|
|
266
|
+
}
|
|
267
|
+
const response = await twoFactorApi.generateBackupCodes({ headers });
|
|
268
|
+
return response?.backupCodes || null;
|
|
269
|
+
}
|
|
270
|
+
catch (error) {
|
|
271
|
+
this.logger.debug(`Generate backup codes error: ${error instanceof Error ? error.message : 'Unknown error'}`);
|
|
272
|
+
return null;
|
|
273
|
+
}
|
|
274
|
+
}
|
|
275
|
+
async betterAuthGetPasskeyChallenge(ctx) {
|
|
276
|
+
this.ensureEnabled();
|
|
277
|
+
if (!this.betterAuthService.isPasskeyEnabled()) {
|
|
278
|
+
return { error: 'Passkey authentication is not enabled on this server', success: false };
|
|
279
|
+
}
|
|
280
|
+
const api = this.betterAuthService.getApi();
|
|
281
|
+
if (!api) {
|
|
282
|
+
return { error: 'Better-Auth API not available', success: false };
|
|
283
|
+
}
|
|
284
|
+
try {
|
|
285
|
+
const headers = this.convertHeaders(ctx.req.headers);
|
|
286
|
+
const passkeyApi = api.passkey;
|
|
287
|
+
if (!passkeyApi?.generateRegisterOptions) {
|
|
288
|
+
return { error: 'Passkey registration method not available', success: false };
|
|
289
|
+
}
|
|
290
|
+
const challenge = await passkeyApi.generateRegisterOptions({ headers });
|
|
291
|
+
return {
|
|
292
|
+
challenge: JSON.stringify(challenge),
|
|
293
|
+
success: true,
|
|
294
|
+
};
|
|
295
|
+
}
|
|
296
|
+
catch (error) {
|
|
297
|
+
this.logger.debug(`Passkey challenge error: ${error instanceof Error ? error.message : 'Unknown error'}`);
|
|
298
|
+
return { error: error instanceof Error ? error.message : 'Failed to get passkey challenge', success: false };
|
|
299
|
+
}
|
|
300
|
+
}
|
|
301
|
+
async betterAuthListPasskeys(ctx) {
|
|
302
|
+
if (!this.betterAuthService.isEnabled() || !this.betterAuthService.isPasskeyEnabled()) {
|
|
303
|
+
return null;
|
|
304
|
+
}
|
|
305
|
+
const api = this.betterAuthService.getApi();
|
|
306
|
+
if (!api) {
|
|
307
|
+
return null;
|
|
308
|
+
}
|
|
309
|
+
try {
|
|
310
|
+
const headers = this.convertHeaders(ctx.req.headers);
|
|
311
|
+
const passkeyApi = api.passkey;
|
|
312
|
+
if (!passkeyApi?.listUserPasskeys) {
|
|
313
|
+
return null;
|
|
314
|
+
}
|
|
315
|
+
const passkeys = await passkeyApi.listUserPasskeys({ headers });
|
|
316
|
+
return passkeys.map((pk) => ({
|
|
317
|
+
createdAt: pk.createdAt,
|
|
318
|
+
credentialId: pk.credentialID,
|
|
319
|
+
id: pk.id,
|
|
320
|
+
name: pk.name,
|
|
321
|
+
}));
|
|
322
|
+
}
|
|
323
|
+
catch (error) {
|
|
324
|
+
this.logger.debug(`List passkeys error: ${error instanceof Error ? error.message : 'Unknown error'}`);
|
|
325
|
+
return null;
|
|
326
|
+
}
|
|
327
|
+
}
|
|
328
|
+
async betterAuthDeletePasskey(passkeyId, ctx) {
|
|
329
|
+
this.ensureEnabled();
|
|
330
|
+
if (!this.betterAuthService.isPasskeyEnabled()) {
|
|
331
|
+
throw new common_1.BadRequestException('Passkey authentication is not enabled on this server');
|
|
332
|
+
}
|
|
333
|
+
const api = this.betterAuthService.getApi();
|
|
334
|
+
if (!api) {
|
|
335
|
+
return false;
|
|
336
|
+
}
|
|
337
|
+
try {
|
|
338
|
+
const headers = this.convertHeaders(ctx.req.headers);
|
|
339
|
+
const passkeyApi = api.passkey;
|
|
340
|
+
if (!passkeyApi?.deletePasskey) {
|
|
341
|
+
throw new common_1.BadRequestException('Delete passkey method not available');
|
|
342
|
+
}
|
|
343
|
+
const response = await passkeyApi.deletePasskey({
|
|
344
|
+
body: { id: passkeyId },
|
|
345
|
+
headers,
|
|
346
|
+
});
|
|
347
|
+
return response?.status === true;
|
|
348
|
+
}
|
|
349
|
+
catch (error) {
|
|
350
|
+
this.logger.debug(`Delete passkey error: ${error instanceof Error ? error.message : 'Unknown error'}`);
|
|
351
|
+
return false;
|
|
352
|
+
}
|
|
353
|
+
}
|
|
354
|
+
ensureEnabled() {
|
|
355
|
+
if (!this.betterAuthService.isEnabled()) {
|
|
356
|
+
throw new common_1.BadRequestException('Better-Auth is not enabled. Check that betterAuth.enabled is not set to false in your environment.');
|
|
357
|
+
}
|
|
358
|
+
}
|
|
359
|
+
convertHeaders(headers) {
|
|
360
|
+
const result = new Headers();
|
|
361
|
+
for (const [key, value] of Object.entries(headers)) {
|
|
362
|
+
if (typeof value === 'string') {
|
|
363
|
+
result.set(key, value);
|
|
364
|
+
}
|
|
365
|
+
else if (Array.isArray(value)) {
|
|
366
|
+
result.set(key, value.join(', '));
|
|
367
|
+
}
|
|
368
|
+
}
|
|
369
|
+
return result;
|
|
370
|
+
}
|
|
371
|
+
mapSessionInfo(session) {
|
|
372
|
+
return {
|
|
373
|
+
expiresAt: session.expiresAt,
|
|
374
|
+
id: session.id,
|
|
375
|
+
token: session.token,
|
|
376
|
+
};
|
|
377
|
+
}
|
|
378
|
+
mapToUserModel(user) {
|
|
379
|
+
return {
|
|
380
|
+
email: user.email,
|
|
381
|
+
emailVerified: user.emailVerified,
|
|
382
|
+
iamId: user.iamId,
|
|
383
|
+
id: user.id,
|
|
384
|
+
name: user.name,
|
|
385
|
+
roles: user.roles,
|
|
386
|
+
verified: user.verified,
|
|
387
|
+
};
|
|
388
|
+
}
|
|
389
|
+
};
|
|
390
|
+
exports.CoreBetterAuthResolver = CoreBetterAuthResolver;
|
|
391
|
+
__decorate([
|
|
392
|
+
(0, graphql_1.Query)(() => better_auth_models_1.BetterAuthSessionModel, {
|
|
393
|
+
description: 'Get current Better-Auth session',
|
|
394
|
+
nullable: true,
|
|
395
|
+
}),
|
|
396
|
+
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_USER),
|
|
397
|
+
(0, common_1.UseGuards)((0, auth_guard_1.AuthGuard)(auth_guard_strategy_enum_1.AuthGuardStrategy.JWT)),
|
|
398
|
+
__param(0, (0, graphql_1.Context)()),
|
|
399
|
+
__metadata("design:type", Function),
|
|
400
|
+
__metadata("design:paramtypes", [Object]),
|
|
401
|
+
__metadata("design:returntype", Promise)
|
|
402
|
+
], CoreBetterAuthResolver.prototype, "betterAuthSession", null);
|
|
403
|
+
__decorate([
|
|
404
|
+
(0, graphql_1.Query)(() => Boolean, { description: 'Check if Better-Auth is enabled' }),
|
|
405
|
+
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_EVERYONE),
|
|
406
|
+
__metadata("design:type", Function),
|
|
407
|
+
__metadata("design:paramtypes", []),
|
|
408
|
+
__metadata("design:returntype", Boolean)
|
|
409
|
+
], CoreBetterAuthResolver.prototype, "betterAuthEnabled", null);
|
|
410
|
+
__decorate([
|
|
411
|
+
(0, graphql_1.Query)(() => better_auth_models_1.BetterAuthFeaturesModel, { description: 'Get enabled Better-Auth features' }),
|
|
412
|
+
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_EVERYONE),
|
|
413
|
+
__metadata("design:type", Function),
|
|
414
|
+
__metadata("design:paramtypes", []),
|
|
415
|
+
__metadata("design:returntype", better_auth_models_1.BetterAuthFeaturesModel)
|
|
416
|
+
], CoreBetterAuthResolver.prototype, "betterAuthFeatures", null);
|
|
417
|
+
__decorate([
|
|
418
|
+
(0, graphql_1.Mutation)(() => better_auth_auth_model_1.BetterAuthAuthModel, {
|
|
419
|
+
description: 'Sign in via Better-Auth (email/password)',
|
|
420
|
+
}),
|
|
421
|
+
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_EVERYONE),
|
|
422
|
+
__param(0, (0, graphql_1.Args)('email')),
|
|
423
|
+
__param(1, (0, graphql_1.Args)('password')),
|
|
424
|
+
__param(2, (0, graphql_1.Context)()),
|
|
425
|
+
__metadata("design:type", Function),
|
|
426
|
+
__metadata("design:paramtypes", [String, String, Object]),
|
|
427
|
+
__metadata("design:returntype", Promise)
|
|
428
|
+
], CoreBetterAuthResolver.prototype, "betterAuthSignIn", null);
|
|
429
|
+
__decorate([
|
|
430
|
+
(0, graphql_1.Mutation)(() => better_auth_auth_model_1.BetterAuthAuthModel, {
|
|
431
|
+
description: 'Sign up via Better-Auth (email/password)',
|
|
432
|
+
}),
|
|
433
|
+
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_EVERYONE),
|
|
434
|
+
__param(0, (0, graphql_1.Args)('email')),
|
|
435
|
+
__param(1, (0, graphql_1.Args)('password')),
|
|
436
|
+
__param(2, (0, graphql_1.Args)('name', { nullable: true })),
|
|
437
|
+
__metadata("design:type", Function),
|
|
438
|
+
__metadata("design:paramtypes", [String, String, String]),
|
|
439
|
+
__metadata("design:returntype", Promise)
|
|
440
|
+
], CoreBetterAuthResolver.prototype, "betterAuthSignUp", null);
|
|
441
|
+
__decorate([
|
|
442
|
+
(0, graphql_1.Mutation)(() => Boolean, { description: 'Sign out via Better-Auth' }),
|
|
443
|
+
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_USER),
|
|
444
|
+
(0, common_1.UseGuards)((0, auth_guard_1.AuthGuard)(auth_guard_strategy_enum_1.AuthGuardStrategy.JWT)),
|
|
445
|
+
__param(0, (0, graphql_1.Context)()),
|
|
446
|
+
__metadata("design:type", Function),
|
|
447
|
+
__metadata("design:paramtypes", [Object]),
|
|
448
|
+
__metadata("design:returntype", Promise)
|
|
449
|
+
], CoreBetterAuthResolver.prototype, "betterAuthSignOut", null);
|
|
450
|
+
__decorate([
|
|
451
|
+
(0, graphql_1.Mutation)(() => better_auth_auth_model_1.BetterAuthAuthModel, {
|
|
452
|
+
description: 'Verify 2FA code during sign-in',
|
|
453
|
+
}),
|
|
454
|
+
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_EVERYONE),
|
|
455
|
+
__param(0, (0, graphql_1.Args)('code')),
|
|
456
|
+
__param(1, (0, graphql_1.Context)()),
|
|
457
|
+
__metadata("design:type", Function),
|
|
458
|
+
__metadata("design:paramtypes", [String, Object]),
|
|
459
|
+
__metadata("design:returntype", Promise)
|
|
460
|
+
], CoreBetterAuthResolver.prototype, "betterAuthVerify2FA", null);
|
|
461
|
+
__decorate([
|
|
462
|
+
(0, graphql_1.Mutation)(() => better_auth_models_1.BetterAuth2FASetupModel, {
|
|
463
|
+
description: 'Enable 2FA for the current user',
|
|
464
|
+
}),
|
|
465
|
+
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_USER),
|
|
466
|
+
(0, common_1.UseGuards)((0, auth_guard_1.AuthGuard)(auth_guard_strategy_enum_1.AuthGuardStrategy.JWT)),
|
|
467
|
+
__param(0, (0, graphql_1.Args)('password')),
|
|
468
|
+
__param(1, (0, graphql_1.Context)()),
|
|
469
|
+
__metadata("design:type", Function),
|
|
470
|
+
__metadata("design:paramtypes", [String, Object]),
|
|
471
|
+
__metadata("design:returntype", Promise)
|
|
472
|
+
], CoreBetterAuthResolver.prototype, "betterAuthEnable2FA", null);
|
|
473
|
+
__decorate([
|
|
474
|
+
(0, graphql_1.Mutation)(() => Boolean, {
|
|
475
|
+
description: 'Disable 2FA for the current user',
|
|
476
|
+
}),
|
|
477
|
+
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_USER),
|
|
478
|
+
(0, common_1.UseGuards)((0, auth_guard_1.AuthGuard)(auth_guard_strategy_enum_1.AuthGuardStrategy.JWT)),
|
|
479
|
+
__param(0, (0, graphql_1.Args)('password')),
|
|
480
|
+
__param(1, (0, graphql_1.Context)()),
|
|
481
|
+
__metadata("design:type", Function),
|
|
482
|
+
__metadata("design:paramtypes", [String, Object]),
|
|
483
|
+
__metadata("design:returntype", Promise)
|
|
484
|
+
], CoreBetterAuthResolver.prototype, "betterAuthDisable2FA", null);
|
|
485
|
+
__decorate([
|
|
486
|
+
(0, graphql_1.Mutation)(() => [String], {
|
|
487
|
+
description: 'Generate new backup codes for 2FA',
|
|
488
|
+
nullable: true,
|
|
489
|
+
}),
|
|
490
|
+
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_USER),
|
|
491
|
+
(0, common_1.UseGuards)((0, auth_guard_1.AuthGuard)(auth_guard_strategy_enum_1.AuthGuardStrategy.JWT)),
|
|
492
|
+
__param(0, (0, graphql_1.Context)()),
|
|
493
|
+
__metadata("design:type", Function),
|
|
494
|
+
__metadata("design:paramtypes", [Object]),
|
|
495
|
+
__metadata("design:returntype", Promise)
|
|
496
|
+
], CoreBetterAuthResolver.prototype, "betterAuthGenerateBackupCodes", null);
|
|
497
|
+
__decorate([
|
|
498
|
+
(0, graphql_1.Mutation)(() => better_auth_models_1.BetterAuthPasskeyChallengeModel, {
|
|
499
|
+
description: 'Get passkey registration challenge for WebAuthn',
|
|
500
|
+
}),
|
|
501
|
+
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_USER),
|
|
502
|
+
(0, common_1.UseGuards)((0, auth_guard_1.AuthGuard)(auth_guard_strategy_enum_1.AuthGuardStrategy.JWT)),
|
|
503
|
+
__param(0, (0, graphql_1.Context)()),
|
|
504
|
+
__metadata("design:type", Function),
|
|
505
|
+
__metadata("design:paramtypes", [Object]),
|
|
506
|
+
__metadata("design:returntype", Promise)
|
|
507
|
+
], CoreBetterAuthResolver.prototype, "betterAuthGetPasskeyChallenge", null);
|
|
508
|
+
__decorate([
|
|
509
|
+
(0, graphql_1.Query)(() => [better_auth_models_1.BetterAuthPasskeyModel], {
|
|
510
|
+
description: 'List passkeys for the current user',
|
|
511
|
+
nullable: true,
|
|
512
|
+
}),
|
|
513
|
+
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_USER),
|
|
514
|
+
(0, common_1.UseGuards)((0, auth_guard_1.AuthGuard)(auth_guard_strategy_enum_1.AuthGuardStrategy.JWT)),
|
|
515
|
+
__param(0, (0, graphql_1.Context)()),
|
|
516
|
+
__metadata("design:type", Function),
|
|
517
|
+
__metadata("design:paramtypes", [Object]),
|
|
518
|
+
__metadata("design:returntype", Promise)
|
|
519
|
+
], CoreBetterAuthResolver.prototype, "betterAuthListPasskeys", null);
|
|
520
|
+
__decorate([
|
|
521
|
+
(0, graphql_1.Mutation)(() => Boolean, {
|
|
522
|
+
description: 'Delete a passkey by ID',
|
|
523
|
+
}),
|
|
524
|
+
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_USER),
|
|
525
|
+
(0, common_1.UseGuards)((0, auth_guard_1.AuthGuard)(auth_guard_strategy_enum_1.AuthGuardStrategy.JWT)),
|
|
526
|
+
__param(0, (0, graphql_1.Args)('passkeyId')),
|
|
527
|
+
__param(1, (0, graphql_1.Context)()),
|
|
528
|
+
__metadata("design:type", Function),
|
|
529
|
+
__metadata("design:paramtypes", [String, Object]),
|
|
530
|
+
__metadata("design:returntype", Promise)
|
|
531
|
+
], CoreBetterAuthResolver.prototype, "betterAuthDeletePasskey", null);
|
|
532
|
+
exports.CoreBetterAuthResolver = CoreBetterAuthResolver = CoreBetterAuthResolver_1 = __decorate([
|
|
533
|
+
(0, graphql_1.Resolver)(() => better_auth_auth_model_1.BetterAuthAuthModel, { isAbstract: true }),
|
|
534
|
+
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.ADMIN),
|
|
535
|
+
__metadata("design:paramtypes", [better_auth_service_1.BetterAuthService,
|
|
536
|
+
better_auth_user_mapper_1.BetterAuthUserMapper])
|
|
537
|
+
], CoreBetterAuthResolver);
|
|
538
|
+
//# sourceMappingURL=core-better-auth.resolver.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"core-better-auth.resolver.js","sourceRoot":"","sources":["../../../../src/core/modules/better-auth/core-better-auth.resolver.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAA+F;AAC/F,6CAA2E;AAG3E,6EAAgE;AAChE,4DAAwD;AACxD,+EAAqE;AACrE,0DAAsD;AACtD,qEAA+D;AAC/D,6DAO8B;AAC9B,uEAAoG;AACpG,+DAA0D;AAC1D,2DAO6B;AAsCtB,IAAM,sBAAsB,8BAA5B,MAAM,sBAAsB;IAGjC,YACqB,iBAAoC,EACpC,UAAgC;QADhC,sBAAiB,GAAjB,iBAAiB,CAAmB;QACpC,eAAU,GAAV,UAAU,CAAsB;QAJlC,WAAM,GAAG,IAAI,eAAM,CAAC,wBAAsB,CAAC,IAAI,CAAC,CAAC;IAKjE,CAAC;IAeE,AAAN,KAAK,CAAC,iBAAiB,CAAY,GAAqB;QACtD,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,EAAE,CAAC;YACxC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAE3E,IAAI,CAAC,OAAO,IAAI,CAAC,IAAI,EAAE,CAAC;YACtB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO;YACL,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,EAAE,EAAE,OAAO,CAAC,EAAE;YACd,IAAI,EAAE;gBACJ,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,aAAa,EAAE,IAAI,CAAC,aAAa;gBACjC,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,IAAI,EAAE,IAAI,CAAC,IAAI;aAChB;SACF,CAAC;IACJ,CAAC;IAOD,iBAAiB;QACf,OAAO,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,CAAC;IAC5C,CAAC;IAOD,kBAAkB;QAChB,OAAO;YACL,OAAO,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE;YAC3C,GAAG,EAAE,IAAI,CAAC,iBAAiB,CAAC,YAAY,EAAE;YAC1C,OAAO,EAAE,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE;YAClD,eAAe,EAAE,IAAI,CAAC,iBAAiB,CAAC,yBAAyB,EAAE;YACnE,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,kBAAkB,EAAE;SACvD,CAAC;IACJ,CAAC;IAkBK,AAAN,KAAK,CAAC,gBAAgB,CACL,KAAa,EACV,QAAgB,EAEvB,IAAqC;QAEhD,IAAI,CAAC,aAAa,EAAE,CAAC;QAErB,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC;QAC5C,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,IAAI,4BAAmB,CAAC,+BAA+B,CAAC,CAAC;QACjE,CAAC;QAED,IAAI,CAAC;YAEH,MAAM,QAAQ,GAAG,CAAC,MAAM,GAAG,CAAC,WAAW,CAAC;gBACtC,IAAI,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE;aAC1B,CAAC,CAAoC,CAAC;YAEvC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,MAAM,IAAI,8BAAqB,CAAC,qBAAqB,CAAC,CAAC;YACzD,CAAC;YAGD,IAAI,IAAA,+BAAW,EAAC,QAAQ,CAAC,EAAE,CAAC;gBAC1B,OAAO;oBACL,iBAAiB,EAAE,IAAI;oBACvB,OAAO,EAAE,KAAK;oBACd,IAAI,EAAE,IAAI;iBACX,CAAC;YACJ,CAAC;YAGD,IAAI,IAAA,2BAAO,EAAC,QAAQ,CAAC,EAAE,CAAC;gBACtB,MAAM,WAAW,GAA0B,QAAQ,CAAC,IAAI,CAAC;gBACzD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;gBAGrE,MAAM,KAAK,GAAG,IAAI,CAAC,iBAAiB,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;gBAEjF,OAAO;oBACL,iBAAiB,EAAE,KAAK;oBACxB,OAAO,EAAE,IAAA,8BAAU,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI;oBAC5E,OAAO,EAAE,IAAI;oBACb,KAAK;oBACL,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI;iBAC1D,CAAC;YACJ,CAAC;YAED,MAAM,IAAI,8BAAqB,CAAC,qBAAqB,CAAC,CAAC;QACzD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,kBAAkB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;YAChG,MAAM,IAAI,8BAAqB,CAAC,qBAAqB,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAWK,AAAN,KAAK,CAAC,gBAAgB,CACL,KAAa,EACV,QAAgB,EACA,IAAa;QAE/C,IAAI,CAAC,aAAa,EAAE,CAAC;QAErB,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC;QAC5C,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,IAAI,4BAAmB,CAAC,+BAA+B,CAAC,CAAC;QACjE,CAAC;QAED,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,CAAC,MAAM,GAAG,CAAC,WAAW,CAAC;gBACtC,IAAI,EAAE;oBACJ,KAAK;oBACL,IAAI,EAAE,IAAI,IAAI,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;oBACjC,QAAQ;iBACT;aACF,CAAC,CAAoC,CAAC;YAEvC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,MAAM,IAAI,4BAAmB,CAAC,gBAAgB,CAAC,CAAC;YAClD,CAAC;YAED,IAAI,IAAA,2BAAO,EAAC,QAAQ,CAAC,EAAE,CAAC;gBACtB,MAAM,WAAW,GAA0B,QAAQ,CAAC,IAAI,CAAC;gBAGzD,MAAM,IAAI,CAAC,UAAU,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;gBACpD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;gBAErE,OAAO;oBACL,iBAAiB,EAAE,KAAK;oBACxB,OAAO,EAAE,IAAA,8BAAU,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI;oBAC5E,OAAO,EAAE,IAAI;oBACb,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI;iBAC1D,CAAC;YACJ,CAAC;YAED,MAAM,IAAI,4BAAmB,CAAC,gBAAgB,CAAC,CAAC;QAClD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;YAC9E,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,kBAAkB,YAAY,EAAE,CAAC,CAAC;YACpD,IAAI,YAAY,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;gBAC5C,MAAM,IAAI,4BAAmB,CAAC,qCAAqC,CAAC,CAAC;YACvE,CAAC;YACD,MAAM,IAAI,4BAAmB,CAAC,gBAAgB,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAQK,AAAN,KAAK,CAAC,iBAAiB,CAAY,GAAqB;QACtD,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,EAAE,CAAC;YACxC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC;QAC5C,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YACrD,MAAM,GAAG,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;YAC/B,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;YACjG,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IASK,AAAN,KAAK,CAAC,mBAAmB,CACT,IAAY,EACf,GAAqB;QAEhC,IAAI,CAAC,aAAa,EAAE,CAAC;QAErB,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,kBAAkB,EAAE,EAAE,CAAC;YACjD,MAAM,IAAI,4BAAmB,CAAC,0CAA0C,CAAC,CAAC;QAC5E,CAAC;QAED,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC;QAC5C,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,IAAI,4BAAmB,CAAC,+BAA+B,CAAC,CAAC;QACjE,CAAC;QAED,IAAI,CAAC;YAEH,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAIrD,MAAM,YAAY,GAAI,GAA+B,CAAC,SAIjD,CAAC;YAEN,IAAI,CAAC,YAAY,EAAE,UAAU,EAAE,CAAC;gBAC9B,MAAM,IAAI,4BAAmB,CAAC,uCAAuC,CAAC,CAAC;YACzE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,UAAU,CAAC;gBAC7C,IAAI,EAAE,EAAE,IAAI,EAAE;gBACd,OAAO;aACR,CAAC,CAAC;YAEH,IAAI,QAAQ,IAAI,IAAA,2BAAO,EAAC,QAAQ,CAAC,EAAE,CAAC;gBAClC,MAAM,WAAW,GAA0B,QAAQ,CAAC,IAAI,CAAC;gBACzD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;gBAErE,OAAO;oBACL,iBAAiB,EAAE,KAAK;oBACxB,OAAO,EAAE,IAAI;oBACb,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI;iBAC1D,CAAC;YACJ,CAAC;YAED,MAAM,IAAI,8BAAqB,CAAC,kBAAkB,CAAC,CAAC;QACtD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,2BAA2B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;YACzG,MAAM,IAAI,8BAAqB,CAAC,kBAAkB,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;IAeK,AAAN,KAAK,CAAC,mBAAmB,CACL,QAAgB,EACvB,GAAqB;QAEhC,IAAI,CAAC,aAAa,EAAE,CAAC;QAErB,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,kBAAkB,EAAE,EAAE,CAAC;YACjD,OAAO,EAAE,KAAK,EAAE,yDAAyD,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QAC9F,CAAC;QAED,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC;QAC5C,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,EAAE,KAAK,EAAE,+BAA+B,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QACpE,CAAC;QAED,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAErD,MAAM,YAAY,GAAI,GAA+B,CAAC,SAOjD,CAAC;YAEN,IAAI,CAAC,YAAY,EAAE,MAAM,EAAE,CAAC;gBAC1B,OAAO,EAAE,KAAK,EAAE,iCAAiC,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;YACtE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,MAAM,CAAC;gBACzC,IAAI,EAAE,EAAE,QAAQ,EAAE;gBAClB,OAAO;aACR,CAAC,CAAC;YAEH,OAAO;gBACL,WAAW,EAAE,QAAQ,CAAC,WAAW;gBACjC,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,QAAQ,CAAC,OAAO;aAC1B,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qBAAqB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;YACnG,OAAO,EAAE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,sBAAsB,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QACpG,CAAC;IACH,CAAC;IAUK,AAAN,KAAK,CAAC,oBAAoB,CAAmB,QAAgB,EAAa,GAAqB;QAC7F,IAAI,CAAC,aAAa,EAAE,CAAC;QAErB,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,kBAAkB,EAAE,EAAE,CAAC;YACjD,MAAM,IAAI,4BAAmB,CAAC,yDAAyD,CAAC,CAAC;QAC3F,CAAC;QAED,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC;QAC5C,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAErD,MAAM,YAAY,GAAI,GAA+B,CAAC,SAIjD,CAAC;YAEN,IAAI,CAAC,YAAY,EAAE,OAAO,EAAE,CAAC;gBAC3B,MAAM,IAAI,4BAAmB,CAAC,kCAAkC,CAAC,CAAC;YACpE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,OAAO,CAAC;gBAC1C,IAAI,EAAE,EAAE,QAAQ,EAAE;gBAClB,OAAO;aACR,CAAC,CAAC;YAEH,OAAO,QAAQ,EAAE,MAAM,KAAK,IAAI,CAAC;QACnC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAsB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;YACpG,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAWK,AAAN,KAAK,CAAC,6BAA6B,CAAY,GAAqB;QAClE,IAAI,CAAC,aAAa,EAAE,CAAC;QAErB,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,kBAAkB,EAAE,EAAE,CAAC;YACjD,MAAM,IAAI,4BAAmB,CAAC,yDAAyD,CAAC,CAAC;QAC3F,CAAC;QAED,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC;QAC5C,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAErD,MAAM,YAAY,GAAI,GAA+B,CAAC,SAIjD,CAAC;YAEN,IAAI,CAAC,YAAY,EAAE,mBAAmB,EAAE,CAAC;gBACvC,MAAM,IAAI,4BAAmB,CAAC,4CAA4C,CAAC,CAAC;YAC9E,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,mBAAmB,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;YAErE,OAAO,QAAQ,EAAE,WAAW,IAAI,IAAI,CAAC;QACvC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gCAAgC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;YAC9G,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAeK,AAAN,KAAK,CAAC,6BAA6B,CAAY,GAAqB;QAClE,IAAI,CAAC,aAAa,EAAE,CAAC;QAErB,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE,EAAE,CAAC;YAC/C,OAAO,EAAE,KAAK,EAAE,sDAAsD,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QAC3F,CAAC;QAED,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC;QAC5C,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,EAAE,KAAK,EAAE,+BAA+B,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QACpE,CAAC;QAED,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAErD,MAAM,UAAU,GAAI,GAA+B,CAAC,OAI/C,CAAC;YAEN,IAAI,CAAC,UAAU,EAAE,uBAAuB,EAAE,CAAC;gBACzC,OAAO,EAAE,KAAK,EAAE,2CAA2C,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;YAChF,CAAC;YAED,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,uBAAuB,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;YAExE,OAAO;gBACL,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC;gBACpC,OAAO,EAAE,IAAI;aACd,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;YAC1G,OAAO,EAAE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,iCAAiC,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QAC/G,CAAC;IACH,CAAC;IAWK,AAAN,KAAK,CAAC,sBAAsB,CAAY,GAAqB;QAC3D,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE,EAAE,CAAC;YACtF,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC;QAC5C,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAErD,MAAM,UAAU,GAAI,GAA+B,CAAC,OAM/C,CAAC;YAEN,IAAI,CAAC,UAAU,EAAE,gBAAgB,EAAE,CAAC;gBAClC,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,gBAAgB,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;YAEhE,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;gBAC3B,SAAS,EAAE,EAAE,CAAC,SAAS;gBACvB,YAAY,EAAE,EAAE,CAAC,YAAY;gBAC7B,EAAE,EAAE,EAAE,CAAC,EAAE;gBACT,IAAI,EAAE,EAAE,CAAC,IAAI;aACd,CAAC,CAAC,CAAC;QACN,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,wBAAwB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;YACtG,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAUK,AAAN,KAAK,CAAC,uBAAuB,CACR,SAAiB,EACzB,GAAqB;QAEhC,IAAI,CAAC,aAAa,EAAE,CAAC;QAErB,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE,EAAE,CAAC;YAC/C,MAAM,IAAI,4BAAmB,CAAC,sDAAsD,CAAC,CAAC;QACxF,CAAC;QAED,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC;QAC5C,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAErD,MAAM,UAAU,GAAI,GAA+B,CAAC,OAI/C,CAAC;YAEN,IAAI,CAAC,UAAU,EAAE,aAAa,EAAE,CAAC;gBAC/B,MAAM,IAAI,4BAAmB,CAAC,qCAAqC,CAAC,CAAC;YACvE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,aAAa,CAAC;gBAC9C,IAAI,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE;gBACvB,OAAO;aACR,CAAC,CAAC;YAEH,OAAO,QAAQ,EAAE,MAAM,KAAK,IAAI,CAAC;QACnC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;YACvG,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IASS,aAAa;QACrB,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,EAAE,CAAC;YACxC,MAAM,IAAI,4BAAmB,CAC3B,oGAAoG,CACrG,CAAC;QACJ,CAAC;IACH,CAAC;IAKS,cAAc,CAAC,OAAsD;QAC7E,MAAM,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;QAC7B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YACnD,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACzB,CAAC;iBAAM,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBAChC,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;YACpC,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAKS,cAAc,CAAC,OAA4E;QAKnG,OAAO;YACL,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,EAAE,EAAE,OAAO,CAAC,EAAE;YACd,KAAK,EAAE,OAAO,CAAC,KAAK;SACrB,CAAC;IACJ,CAAC;IAKS,cAAc,CAAC,IAAgB;QACvC,OAAO;YACL,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,aAAa,EAAE,IAAI,CAAC,aAAa;YACjC,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB,CAAC;IACJ,CAAC;CACF,CAAA;AAhoBY,wDAAsB;AAqB3B;IANL,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,2CAAsB,EAAE;QACnC,WAAW,EAAE,iCAAiC;QAC9C,QAAQ,EAAE,IAAI;KACf,CAAC;IACD,IAAA,uBAAK,EAAC,oBAAQ,CAAC,MAAM,CAAC;IACtB,IAAA,kBAAS,EAAC,IAAA,sBAAS,EAAC,4CAAiB,CAAC,GAAG,CAAC,CAAC;IACnB,WAAA,IAAA,iBAAO,GAAE,CAAA;;;;+DAqBjC;AAOD;IAFC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,iCAAiC,EAAE,CAAC;IACxE,IAAA,uBAAK,EAAC,oBAAQ,CAAC,UAAU,CAAC;;;;+DAG1B;AAOD;IAFC,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,4CAAuB,EAAE,EAAE,WAAW,EAAE,kCAAkC,EAAE,CAAC;IACzF,IAAA,uBAAK,EAAC,oBAAQ,CAAC,UAAU,CAAC;;;oCACL,4CAAuB;gEAQ5C;AAkBK;IAJL,IAAA,kBAAQ,EAAC,GAAG,EAAE,CAAC,4CAAmB,EAAE;QACnC,WAAW,EAAE,0CAA0C;KACxD,CAAC;IACD,IAAA,uBAAK,EAAC,oBAAQ,CAAC,UAAU,CAAC;IAExB,WAAA,IAAA,cAAI,EAAC,OAAO,CAAC,CAAA;IACb,WAAA,IAAA,cAAI,EAAC,UAAU,CAAC,CAAA;IAEhB,WAAA,IAAA,iBAAO,GAAE,CAAA;;;;8DAkDX;AAWK;IAJL,IAAA,kBAAQ,EAAC,GAAG,EAAE,CAAC,4CAAmB,EAAE;QACnC,WAAW,EAAE,0CAA0C;KACxD,CAAC;IACD,IAAA,uBAAK,EAAC,oBAAQ,CAAC,UAAU,CAAC;IAExB,WAAA,IAAA,cAAI,EAAC,OAAO,CAAC,CAAA;IACb,WAAA,IAAA,cAAI,EAAC,UAAU,CAAC,CAAA;IAChB,WAAA,IAAA,cAAI,EAAC,MAAM,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;;;;8DA8ClC;AAQK;IAHL,IAAA,kBAAQ,EAAC,GAAG,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,0BAA0B,EAAE,CAAC;IACpE,IAAA,uBAAK,EAAC,oBAAQ,CAAC,MAAM,CAAC;IACtB,IAAA,kBAAS,EAAC,IAAA,sBAAS,EAAC,4CAAiB,CAAC,GAAG,CAAC,CAAC;IACnB,WAAA,IAAA,iBAAO,GAAE,CAAA;;;;+DAkBjC;AASK;IAJL,IAAA,kBAAQ,EAAC,GAAG,EAAE,CAAC,4CAAmB,EAAE;QACnC,WAAW,EAAE,gCAAgC;KAC9C,CAAC;IACD,IAAA,uBAAK,EAAC,oBAAQ,CAAC,UAAU,CAAC;IAExB,WAAA,IAAA,cAAI,EAAC,MAAM,CAAC,CAAA;IACZ,WAAA,IAAA,iBAAO,GAAE,CAAA;;;;iEAkDX;AAeK;IALL,IAAA,kBAAQ,EAAC,GAAG,EAAE,CAAC,4CAAuB,EAAE;QACvC,WAAW,EAAE,iCAAiC;KAC/C,CAAC;IACD,IAAA,uBAAK,EAAC,oBAAQ,CAAC,MAAM,CAAC;IACtB,IAAA,kBAAS,EAAC,IAAA,sBAAS,EAAC,4CAAiB,CAAC,GAAG,CAAC,CAAC;IAEzC,WAAA,IAAA,cAAI,EAAC,UAAU,CAAC,CAAA;IAChB,WAAA,IAAA,iBAAO,GAAE,CAAA;;;;iEA2CX;AAUK;IALL,IAAA,kBAAQ,EAAC,GAAG,EAAE,CAAC,OAAO,EAAE;QACvB,WAAW,EAAE,kCAAkC;KAChD,CAAC;IACD,IAAA,uBAAK,EAAC,oBAAQ,CAAC,MAAM,CAAC;IACtB,IAAA,kBAAS,EAAC,IAAA,sBAAS,EAAC,4CAAiB,CAAC,GAAG,CAAC,CAAC;IAChB,WAAA,IAAA,cAAI,EAAC,UAAU,CAAC,CAAA;IAAoB,WAAA,IAAA,iBAAO,GAAE,CAAA;;;;kEAmCxE;AAWK;IANL,IAAA,kBAAQ,EAAC,GAAG,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE;QACxB,WAAW,EAAE,mCAAmC;QAChD,QAAQ,EAAE,IAAI;KACf,CAAC;IACD,IAAA,uBAAK,EAAC,oBAAQ,CAAC,MAAM,CAAC;IACtB,IAAA,kBAAS,EAAC,IAAA,sBAAS,EAAC,4CAAiB,CAAC,GAAG,CAAC,CAAC;IACP,WAAA,IAAA,iBAAO,GAAE,CAAA;;;;2EAgC7C;AAeK;IALL,IAAA,kBAAQ,EAAC,GAAG,EAAE,CAAC,oDAA+B,EAAE;QAC/C,WAAW,EAAE,iDAAiD;KAC/D,CAAC;IACD,IAAA,uBAAK,EAAC,oBAAQ,CAAC,MAAM,CAAC;IACtB,IAAA,kBAAS,EAAC,IAAA,sBAAS,EAAC,4CAAiB,CAAC,GAAG,CAAC,CAAC;IACP,WAAA,IAAA,iBAAO,GAAE,CAAA;;;;2EAmC7C;AAWK;IANL,IAAA,eAAK,EAAC,GAAG,EAAE,CAAC,CAAC,2CAAsB,CAAC,EAAE;QACrC,WAAW,EAAE,oCAAoC;QACjD,QAAQ,EAAE,IAAI;KACf,CAAC;IACD,IAAA,uBAAK,EAAC,oBAAQ,CAAC,MAAM,CAAC;IACtB,IAAA,kBAAS,EAAC,IAAA,sBAAS,EAAC,4CAAiB,CAAC,GAAG,CAAC,CAAC;IACd,WAAA,IAAA,iBAAO,GAAE,CAAA;;;;oEAqCtC;AAUK;IALL,IAAA,kBAAQ,EAAC,GAAG,EAAE,CAAC,OAAO,EAAE;QACvB,WAAW,EAAE,wBAAwB;KACtC,CAAC;IACD,IAAA,uBAAK,EAAC,oBAAQ,CAAC,MAAM,CAAC;IACtB,IAAA,kBAAS,EAAC,IAAA,sBAAS,EAAC,4CAAiB,CAAC,GAAG,CAAC,CAAC;IAEzC,WAAA,IAAA,cAAI,EAAC,WAAW,CAAC,CAAA;IACjB,WAAA,IAAA,iBAAO,GAAE,CAAA;;;;qEAoCX;iCAnkBU,sBAAsB;IAFlC,IAAA,kBAAQ,EAAC,GAAG,EAAE,CAAC,4CAAmB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;IACzD,IAAA,uBAAK,EAAC,oBAAQ,CAAC,KAAK,CAAC;qCAKoB,uCAAiB;QACxB,8CAAoB;GAL1C,sBAAsB,CAgoBlC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
export * from './better-auth-auth.model';
|
|
2
|
+
export * from './better-auth-models';
|
|
3
|
+
export * from './better-auth-rate-limit.middleware';
|
|
4
|
+
export * from './better-auth-rate-limiter.service';
|
|
5
|
+
export * from './better-auth-user.mapper';
|
|
6
|
+
export * from './better-auth.config';
|
|
7
|
+
export * from './better-auth.middleware';
|
|
8
|
+
export * from './better-auth.module';
|
|
9
|
+
export * from './better-auth.resolver';
|
|
10
|
+
export * from './better-auth.service';
|
|
11
|
+
export * from './better-auth.types';
|
|
12
|
+
export * from './core-better-auth.controller';
|
|
13
|
+
export * from './core-better-auth.resolver';
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
+
};
|
|
16
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
__exportStar(require("./better-auth-auth.model"), exports);
|
|
18
|
+
__exportStar(require("./better-auth-models"), exports);
|
|
19
|
+
__exportStar(require("./better-auth-rate-limit.middleware"), exports);
|
|
20
|
+
__exportStar(require("./better-auth-rate-limiter.service"), exports);
|
|
21
|
+
__exportStar(require("./better-auth-user.mapper"), exports);
|
|
22
|
+
__exportStar(require("./better-auth.config"), exports);
|
|
23
|
+
__exportStar(require("./better-auth.middleware"), exports);
|
|
24
|
+
__exportStar(require("./better-auth.module"), exports);
|
|
25
|
+
__exportStar(require("./better-auth.resolver"), exports);
|
|
26
|
+
__exportStar(require("./better-auth.service"), exports);
|
|
27
|
+
__exportStar(require("./better-auth.types"), exports);
|
|
28
|
+
__exportStar(require("./core-better-auth.controller"), exports);
|
|
29
|
+
__exportStar(require("./core-better-auth.resolver"), exports);
|
|
30
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/core/modules/better-auth/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAmBA,2DAAyC;AACzC,uDAAqC;AACrC,sEAAoD;AACpD,qEAAmD;AACnD,4DAA0C;AAC1C,uDAAqC;AACrC,2DAAyC;AACzC,uDAAqC;AACrC,yDAAuC;AACvC,wDAAsC;AACtC,sDAAoC;AACpC,gEAA8C;AAC9C,8DAA4C"}
|
|
@@ -19,6 +19,8 @@ export declare abstract class CoreUserModel extends CorePersistenceModel {
|
|
|
19
19
|
verificationToken: string;
|
|
20
20
|
verified: boolean;
|
|
21
21
|
verifiedAt: Date;
|
|
22
|
+
iamId: string;
|
|
23
|
+
twoFactorEnabled: boolean;
|
|
22
24
|
hasRole(roles: string | string[]): boolean;
|
|
23
25
|
hasAllRoles(roles: string | string[]): boolean;
|
|
24
26
|
init(): this;
|
|
@@ -32,6 +32,8 @@ let CoreUserModel = class CoreUserModel extends core_persistence_model_1.CorePer
|
|
|
32
32
|
this.verificationToken = undefined;
|
|
33
33
|
this.verified = undefined;
|
|
34
34
|
this.verifiedAt = undefined;
|
|
35
|
+
this.iamId = undefined;
|
|
36
|
+
this.twoFactorEnabled = undefined;
|
|
35
37
|
}
|
|
36
38
|
hasRole(roles) {
|
|
37
39
|
if (typeof roles === 'string') {
|
|
@@ -238,6 +240,25 @@ __decorate([
|
|
|
238
240
|
}),
|
|
239
241
|
__metadata("design:type", Date)
|
|
240
242
|
], CoreUserModel.prototype, "verifiedAt", void 0);
|
|
243
|
+
__decorate([
|
|
244
|
+
(0, unified_field_decorator_1.UnifiedField)({
|
|
245
|
+
description: 'IAM provider user ID (used for Better-Auth or other IAM integration)',
|
|
246
|
+
isOptional: true,
|
|
247
|
+
mongoose: { index: true, sparse: true },
|
|
248
|
+
roles: role_enum_1.RoleEnum.S_NO_ONE,
|
|
249
|
+
}),
|
|
250
|
+
__metadata("design:type", String)
|
|
251
|
+
], CoreUserModel.prototype, "iamId", void 0);
|
|
252
|
+
__decorate([
|
|
253
|
+
(0, unified_field_decorator_1.UnifiedField)({
|
|
254
|
+
description: 'Whether Two-Factor Authentication is enabled',
|
|
255
|
+
isOptional: true,
|
|
256
|
+
mongoose: { type: Boolean },
|
|
257
|
+
roles: role_enum_1.RoleEnum.S_EVERYONE,
|
|
258
|
+
type: () => Boolean,
|
|
259
|
+
}),
|
|
260
|
+
__metadata("design:type", Boolean)
|
|
261
|
+
], CoreUserModel.prototype, "twoFactorEnabled", void 0);
|
|
241
262
|
exports.CoreUserModel = CoreUserModel = __decorate([
|
|
242
263
|
(0, swagger_1.ApiExtraModels)(core_persistence_model_1.CorePersistenceModel),
|
|
243
264
|
(0, mongoose_1.Schema)({ timestamps: true }),
|