@lenne.tech/nest-server 11.7.0 → 11.7.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/config.env.js +17 -1
- package/dist/config.env.js.map +1 -1
- package/dist/core/common/interfaces/server-options.interface.d.ts +35 -15
- package/dist/core/modules/auth/core-auth.controller.d.ts +1 -0
- package/dist/core/modules/auth/core-auth.controller.js +29 -3
- package/dist/core/modules/auth/core-auth.controller.js.map +1 -1
- package/dist/core/modules/auth/core-auth.module.js +14 -1
- package/dist/core/modules/auth/core-auth.module.js.map +1 -1
- package/dist/core/modules/auth/core-auth.resolver.d.ts +1 -0
- package/dist/core/modules/auth/core-auth.resolver.js +21 -3
- package/dist/core/modules/auth/core-auth.resolver.js.map +1 -1
- package/dist/core/modules/auth/exceptions/legacy-auth-disabled.exception.d.ts +4 -0
- package/dist/core/modules/auth/exceptions/legacy-auth-disabled.exception.js +17 -0
- package/dist/core/modules/auth/exceptions/legacy-auth-disabled.exception.js.map +1 -0
- package/dist/core/modules/auth/guards/legacy-auth-rate-limit.guard.d.ts +9 -0
- package/dist/core/modules/auth/guards/legacy-auth-rate-limit.guard.js +74 -0
- package/dist/core/modules/auth/guards/legacy-auth-rate-limit.guard.js.map +1 -0
- package/dist/core/modules/auth/interfaces/auth-provider.interface.d.ts +7 -0
- package/dist/core/modules/auth/interfaces/auth-provider.interface.js +5 -0
- package/dist/core/modules/auth/interfaces/auth-provider.interface.js.map +1 -0
- package/dist/core/modules/auth/interfaces/core-auth-user.interface.d.ts +1 -0
- package/dist/core/modules/auth/services/core-auth.service.d.ts +10 -1
- package/dist/core/modules/auth/services/core-auth.service.js +141 -9
- package/dist/core/modules/auth/services/core-auth.service.js.map +1 -1
- package/dist/core/modules/auth/services/legacy-auth-rate-limiter.service.d.ts +31 -0
- package/dist/core/modules/auth/services/legacy-auth-rate-limiter.service.js +153 -0
- package/dist/core/modules/auth/services/legacy-auth-rate-limiter.service.js.map +1 -0
- package/dist/core/modules/better-auth/better-auth-migration-status.model.d.ts +10 -0
- package/dist/core/modules/better-auth/better-auth-migration-status.model.js +57 -0
- package/dist/core/modules/better-auth/better-auth-migration-status.model.js.map +1 -0
- package/dist/core/modules/better-auth/better-auth-rate-limiter.service.js +1 -1
- package/dist/core/modules/better-auth/better-auth-rate-limiter.service.js.map +1 -1
- package/dist/core/modules/better-auth/better-auth-user.mapper.d.ts +33 -0
- package/dist/core/modules/better-auth/better-auth-user.mapper.js +395 -0
- package/dist/core/modules/better-auth/better-auth-user.mapper.js.map +1 -1
- package/dist/core/modules/better-auth/better-auth.config.js +29 -10
- package/dist/core/modules/better-auth/better-auth.config.js.map +1 -1
- package/dist/core/modules/better-auth/better-auth.middleware.d.ts +1 -0
- package/dist/core/modules/better-auth/better-auth.middleware.js +55 -1
- package/dist/core/modules/better-auth/better-auth.middleware.js.map +1 -1
- package/dist/core/modules/better-auth/better-auth.module.d.ts +1 -1
- package/dist/core/modules/better-auth/better-auth.module.js +46 -18
- package/dist/core/modules/better-auth/better-auth.module.js.map +1 -1
- package/dist/core/modules/better-auth/better-auth.resolver.js +0 -11
- package/dist/core/modules/better-auth/better-auth.resolver.js.map +1 -1
- package/dist/core/modules/better-auth/better-auth.service.d.ts +22 -1
- package/dist/core/modules/better-auth/better-auth.service.js +209 -8
- package/dist/core/modules/better-auth/better-auth.service.js.map +1 -1
- package/dist/core/modules/better-auth/better-auth.types.d.ts +2 -0
- package/dist/core/modules/better-auth/better-auth.types.js.map +1 -1
- package/dist/core/modules/better-auth/core-better-auth.controller.d.ts +1 -0
- package/dist/core/modules/better-auth/core-better-auth.controller.js +15 -2
- package/dist/core/modules/better-auth/core-better-auth.controller.js.map +1 -1
- package/dist/core/modules/better-auth/core-better-auth.resolver.d.ts +7 -0
- package/dist/core/modules/better-auth/core-better-auth.resolver.js +72 -12
- package/dist/core/modules/better-auth/core-better-auth.resolver.js.map +1 -1
- package/dist/core/modules/better-auth/index.d.ts +1 -0
- package/dist/core/modules/better-auth/index.js +1 -0
- package/dist/core/modules/better-auth/index.js.map +1 -1
- package/dist/core/modules/user/core-user.service.d.ts +7 -1
- package/dist/core/modules/user/core-user.service.js +57 -3
- package/dist/core/modules/user/core-user.service.js.map +1 -1
- package/dist/core/modules/user/interfaces/core-user-service-options.interface.d.ts +4 -0
- package/dist/core/modules/user/interfaces/core-user-service-options.interface.js +3 -0
- package/dist/core/modules/user/interfaces/core-user-service-options.interface.js.map +1 -0
- package/dist/core.module.d.ts +3 -0
- package/dist/core.module.js +136 -55
- package/dist/core.module.js.map +1 -1
- package/dist/index.d.ts +5 -0
- package/dist/index.js +5 -0
- package/dist/index.js.map +1 -1
- package/dist/server/modules/auth/auth.resolver.js +2 -0
- package/dist/server/modules/auth/auth.resolver.js.map +1 -1
- package/dist/server/modules/better-auth/better-auth.module.d.ts +1 -1
- package/dist/server/modules/better-auth/better-auth.module.js +2 -1
- package/dist/server/modules/better-auth/better-auth.module.js.map +1 -1
- package/dist/server/modules/better-auth/better-auth.resolver.d.ts +5 -0
- package/dist/server/modules/better-auth/better-auth.resolver.js +27 -11
- package/dist/server/modules/better-auth/better-auth.resolver.js.map +1 -1
- package/dist/server/modules/user/user.controller.js +0 -8
- package/dist/server/modules/user/user.controller.js.map +1 -1
- package/dist/server/modules/user/user.service.d.ts +3 -1
- package/dist/server/modules/user/user.service.js +7 -3
- package/dist/server/modules/user/user.service.js.map +1 -1
- package/dist/tsconfig.build.tsbuildinfo +1 -1
- package/package.json +1 -1
- package/src/config.env.ts +32 -2
- package/src/core/common/interfaces/server-options.interface.ts +304 -58
- package/src/core/modules/auth/core-auth.controller.ts +94 -6
- package/src/core/modules/auth/core-auth.module.ts +15 -1
- package/src/core/modules/auth/core-auth.resolver.ts +71 -3
- package/src/core/modules/auth/exceptions/legacy-auth-disabled.exception.ts +35 -0
- package/src/core/modules/auth/guards/legacy-auth-rate-limit.guard.ts +109 -0
- package/src/core/modules/auth/interfaces/auth-provider.interface.ts +86 -0
- package/src/core/modules/auth/interfaces/core-auth-user.interface.ts +6 -0
- package/src/core/modules/auth/services/core-auth.service.ts +245 -6
- package/src/core/modules/auth/services/legacy-auth-rate-limiter.service.ts +283 -0
- package/src/core/modules/better-auth/INTEGRATION-CHECKLIST.md +255 -0
- package/src/core/modules/better-auth/README.md +565 -208
- package/src/core/modules/better-auth/better-auth-migration-status.model.ts +73 -0
- package/src/core/modules/better-auth/better-auth-rate-limiter.service.ts +1 -1
- package/src/core/modules/better-auth/better-auth-user.mapper.ts +737 -0
- package/src/core/modules/better-auth/better-auth.config.ts +45 -15
- package/src/core/modules/better-auth/better-auth.middleware.ts +85 -2
- package/src/core/modules/better-auth/better-auth.module.ts +83 -27
- package/src/core/modules/better-auth/better-auth.resolver.ts +0 -11
- package/src/core/modules/better-auth/better-auth.service.ts +367 -12
- package/src/core/modules/better-auth/better-auth.types.ts +16 -0
- package/src/core/modules/better-auth/core-better-auth.controller.ts +44 -3
- package/src/core/modules/better-auth/core-better-auth.resolver.ts +136 -16
- package/src/core/modules/better-auth/index.ts +1 -0
- package/src/core/modules/user/core-user.service.ts +131 -4
- package/src/core/modules/user/interfaces/core-user-service-options.interface.ts +15 -0
- package/src/core.module.ts +264 -76
- package/src/index.ts +5 -0
- package/src/server/modules/auth/auth.resolver.ts +8 -0
- package/src/server/modules/better-auth/better-auth.module.ts +9 -3
- package/src/server/modules/better-auth/better-auth.resolver.ts +18 -11
- package/src/server/modules/user/user.controller.ts +1 -9
- package/src/server/modules/user/user.service.ts +4 -2
package/dist/config.env.js
CHANGED
|
@@ -7,6 +7,11 @@ const config_helper_1 = require("./core/common/helpers/config.helper");
|
|
|
7
7
|
dotenv.config();
|
|
8
8
|
const config = {
|
|
9
9
|
development: {
|
|
10
|
+
auth: {
|
|
11
|
+
legacyEndpoints: {
|
|
12
|
+
enabled: true,
|
|
13
|
+
},
|
|
14
|
+
},
|
|
10
15
|
automaticObjectIdFiltering: true,
|
|
11
16
|
betterAuth: {
|
|
12
17
|
basePath: '/iam',
|
|
@@ -142,10 +147,16 @@ const config = {
|
|
|
142
147
|
},
|
|
143
148
|
},
|
|
144
149
|
local: {
|
|
150
|
+
auth: {
|
|
151
|
+
legacyEndpoints: {
|
|
152
|
+
enabled: true,
|
|
153
|
+
},
|
|
154
|
+
},
|
|
145
155
|
automaticObjectIdFiltering: true,
|
|
146
156
|
betterAuth: {
|
|
147
157
|
basePath: '/iam',
|
|
148
158
|
baseUrl: 'http://localhost:3000',
|
|
159
|
+
enabled: true,
|
|
149
160
|
jwt: {
|
|
150
161
|
enabled: true,
|
|
151
162
|
expiresIn: '15m',
|
|
@@ -158,7 +169,7 @@ const config = {
|
|
|
158
169
|
},
|
|
159
170
|
rateLimit: {
|
|
160
171
|
enabled: true,
|
|
161
|
-
max:
|
|
172
|
+
max: 100,
|
|
162
173
|
message: 'Too many requests, please try again later.',
|
|
163
174
|
skipEndpoints: ['/session', '/callback'],
|
|
164
175
|
strictEndpoints: ['/sign-in', '/sign-up', '/forgot-password', '/reset-password'],
|
|
@@ -288,6 +299,11 @@ const config = {
|
|
|
288
299
|
},
|
|
289
300
|
},
|
|
290
301
|
production: {
|
|
302
|
+
auth: {
|
|
303
|
+
legacyEndpoints: {
|
|
304
|
+
enabled: process.env.LEGACY_AUTH_ENABLED !== 'false',
|
|
305
|
+
},
|
|
306
|
+
},
|
|
291
307
|
automaticObjectIdFiltering: true,
|
|
292
308
|
betterAuth: {
|
|
293
309
|
basePath: '/iam',
|
package/dist/config.env.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.env.js","sourceRoot":"","sources":["../src/config.env.ts"],"names":[],"mappings":";;AAAA,+CAAkD;AAClD,iCAAiC;AACjC,+BAA4B;AAE5B,uEAA2E;AAM3E,MAAM,CAAC,MAAM,EAAE,CAAC;AAChB,MAAM,MAAM,GAAsC;IAIhD,WAAW,EAAE;
|
|
1
|
+
{"version":3,"file":"config.env.js","sourceRoot":"","sources":["../src/config.env.ts"],"names":[],"mappings":";;AAAA,+CAAkD;AAClD,iCAAiC;AACjC,+BAA4B;AAE5B,uEAA2E;AAM3E,MAAM,CAAC,MAAM,EAAE,CAAC;AAChB,MAAM,MAAM,GAAsC;IAIhD,WAAW,EAAE;QAIX,IAAI,EAAE;YACJ,eAAe,EAAE;gBACf,OAAO,EAAE,IAAI;aAGd;SACF;QACD,0BAA0B,EAAE,IAAI;QAChC,UAAU,EAAE;YACV,QAAQ,EAAE,MAAM;YAChB,OAAO,EAAE,uBAAuB;YAEhC,GAAG,EAAE;gBACH,OAAO,EAAE,IAAI;gBACb,SAAS,EAAE,KAAK;aACjB;YACD,OAAO,EAAE;gBACP,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,uBAAuB;gBAC/B,IAAI,EAAE,WAAW;gBACjB,MAAM,EAAE,yBAAyB;aAClC;YACD,SAAS,EAAE;gBACT,OAAO,EAAE,IAAI;gBACb,GAAG,EAAE,EAAE;gBACP,OAAO,EAAE,4CAA4C;gBACrD,aAAa,EAAE,CAAC,UAAU,EAAE,WAAW,CAAC;gBACxC,eAAe,EAAE,CAAC,UAAU,EAAE,UAAU,EAAE,kBAAkB,EAAE,iBAAiB,CAAC;gBAChF,aAAa,EAAE,EAAE;aAClB;YACD,MAAM,EAAE,qCAAqC;YAC7C,eAAe,EAAE;gBACf,KAAK,EAAE;oBACL,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,sBAAsB,IAAI,EAAE;oBAClD,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,0BAA0B,IAAI,EAAE;oBAC1D,OAAO,EAAE,KAAK;iBACf;gBACD,MAAM,EAAE;oBACN,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,uBAAuB,IAAI,EAAE;oBACnD,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,2BAA2B,IAAI,EAAE;oBAC3D,OAAO,EAAE,KAAK;iBACf;gBACD,MAAM,EAAE;oBACN,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,uBAAuB,IAAI,EAAE;oBACnD,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,2BAA2B,IAAI,EAAE;oBAC3D,OAAO,EAAE,KAAK;iBACf;aACF;YACD,SAAS,EAAE;gBACT,OAAO,EAAE,yBAAyB;gBAClC,OAAO,EAAE,KAAK;aACf;SACF;QACD,WAAW,EAAE,IAAI;QACjB,OAAO,EAAE,KAAK;QACd,KAAK,EAAE;YACL,aAAa,EAAE;gBACb,KAAK,EAAE,iCAAiC;gBACxC,IAAI,EAAE,yBAAyB;aAChC;YACD,OAAO,EAAE;gBACP,eAAe,EAAE,yBAAyB;gBAC1C,cAAc,EAAE,wBAAwB;aACzC;YACD,iBAAiB,EAAE,2CAA2C;YAC9D,IAAI,EAAE;gBACJ,IAAI,EAAE;oBACJ,IAAI,EAAE,oBAAoB;oBAC1B,IAAI,EAAE,iCAAiC;iBACxC;gBACD,IAAI,EAAE,oBAAoB;gBAC1B,IAAI,EAAE,IAAI;gBACV,MAAM,EAAE,KAAK;aACd;YACD,gBAAgB,EAAE,yCAAyC;SAC5D;QACD,GAAG,EAAE,aAAa;QAClB,aAAa,EAAE,wBAAwB;QACvC,MAAM,EAAE;YACN,QAAQ,EAAE,IAAI;SACf;QACD,OAAO,EAAE;YACP,MAAM,EAAE;gBACN,aAAa,EAAE,IAAI;aACpB;YACD,aAAa,EAAE,IAAI;SACpB;QACD,WAAW,EAAE;YACX,OAAO,EAAE;gBACP,QAAQ,EAAE;oBACR,OAAO,EAAE,IAAI;iBACd;aACF;YACD,OAAO,EAAE,IAAI;SACd;QACD,2BAA2B,EAAE,IAAI;QACjC,GAAG,EAAE;YAIH,OAAO,EAAE;gBACP,OAAO,EAAE,IAAI;gBAKb,MAAM,EAAE,mCAAmC;gBAC3C,aAAa,EAAE;oBACb,SAAS,EAAE,IAAI;iBAChB;aACF;YACD,iBAAiB,EAAE,IAAI;YAEvB,MAAM,EAAE,2BAA2B;YACnC,aAAa,EAAE;gBACb,SAAS,EAAE,KAAK;aACjB;SACF;QACD,eAAe,EAAE,KAAK;QACtB,aAAa,EAAE,IAAI;QACnB,QAAQ,EAAE;YACR,SAAS,EAAE;gBACT,MAAM,EAAE,IAAI;aACb;YACD,kBAAkB,EAAE,KAAK;YACzB,GAAG,EAAE,qCAAqC;SAC3C;QACD,IAAI,EAAE,IAAI;QACV,QAAQ,EAAE;YACR,wBAAwB,EAAE;gBACxB,iBAAiB,EAAE,KAAK;gBACxB,KAAK,EAAE,KAAK;gBACZ,eAAe,EAAE,IAAI;gBACrB,UAAU,EAAE,IAAI;gBAChB,8BAA8B,EAAE,IAAI;gBACpC,UAAU,EAAE,KAAK;aAClB;YACD,wBAAwB,EAAE,IAAI;YAC9B,kBAAkB,EAAE,IAAI;SACzB;QACD,MAAM,EAAE,IAAI;QACZ,YAAY,EAAE;YACZ,OAAO,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE;YACvB,IAAI,EAAE,IAAA,WAAI,EAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,CAAC;SACtC;QACD,SAAS,EAAE;YACT,MAAM,EAAE,KAAK;YACb,IAAI,EAAE,IAAA,WAAI,EAAC,SAAS,EAAE,WAAW,CAAC;SACnC;KACF;IAKD,KAAK,EAAE;QAIL,IAAI,EAAE;YACJ,eAAe,EAAE;gBACf,OAAO,EAAE,IAAI;aAGd;SACF;QACD,0BAA0B,EAAE,IAAI;QAChC,UAAU,EAAE;YACV,QAAQ,EAAE,MAAM;YAChB,OAAO,EAAE,uBAAuB;YAChC,OAAO,EAAE,IAAI;YACb,GAAG,EAAE;gBACH,OAAO,EAAE,IAAI;gBACb,SAAS,EAAE,KAAK;aACjB;YACD,OAAO,EAAE;gBACP,OAAO,EAAE,IAAI;gBACb,MAAM,EAAE,uBAAuB;gBAC/B,IAAI,EAAE,WAAW;gBACjB,MAAM,EAAE,mBAAmB;aAC5B;YACD,SAAS,EAAE;gBACT,OAAO,EAAE,IAAI;gBACb,GAAG,EAAE,GAAG;gBACR,OAAO,EAAE,4CAA4C;gBACrD,aAAa,EAAE,CAAC,UAAU,EAAE,WAAW,CAAC;gBACxC,eAAe,EAAE,CAAC,UAAU,EAAE,UAAU,EAAE,kBAAkB,EAAE,iBAAiB,CAAC;gBAChF,aAAa,EAAE,EAAE;aAClB;YACD,MAAM,EAAE,qCAAqC;YAC7C,eAAe,EAAE;gBACf,KAAK,EAAE;oBACL,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,sBAAsB,IAAI,EAAE;oBAClD,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,0BAA0B,IAAI,EAAE;oBAC1D,OAAO,EAAE,KAAK;iBACf;gBACD,MAAM,EAAE;oBACN,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,uBAAuB,IAAI,EAAE;oBACnD,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,2BAA2B,IAAI,EAAE;oBAC3D,OAAO,EAAE,KAAK;iBACf;gBACD,MAAM,EAAE;oBACN,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,uBAAuB,IAAI,EAAE;oBACnD,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,2BAA2B,IAAI,EAAE;oBAC3D,OAAO,EAAE,KAAK;iBACf;aACF;YACD,SAAS,EAAE;gBACT,OAAO,EAAE,mBAAmB;gBAC5B,OAAO,EAAE,IAAI;aACd;SACF;QACD,WAAW,EAAE,IAAI;QACjB,OAAO,EAAE,KAAK;QACd,QAAQ,EAAE;YACR,QAAQ,EAAE;gBACR,QAAQ,EAAE,yBAAc,CAAC,gBAAgB;gBACzC,QAAQ,EAAE,KAAK;gBACf,SAAS,EAAE,KAAK;gBAChB,WAAW,EAAE,CAAC;gBACd,cAAc,EAAE,KAAK;gBACrB,QAAQ,EAAE,eAAe;aAC1B;SACF;QACD,KAAK,EAAE;YACL,aAAa,EAAE;gBACb,KAAK,EAAE,iCAAiC;gBACxC,IAAI,EAAE,mBAAmB;aAC1B;YACD,OAAO,EAAE;gBACP,eAAe,EAAE,yBAAyB;gBAC1C,cAAc,EAAE,wBAAwB;aACzC;YACD,iBAAiB,EAAE,2CAA2C;YAC9D,IAAI,EAAE;gBACJ,IAAI,EAAE;oBACJ,IAAI,EAAE,oBAAoB;oBAC1B,IAAI,EAAE,iCAAiC;iBACxC;gBACD,IAAI,EAAE,oBAAoB;gBAC1B,IAAI,EAAE,IAAI;gBACV,MAAM,EAAE,KAAK;aACd;YACD,gBAAgB,EAAE,yCAAyC;SAC5D;QACD,GAAG,EAAE,OAAO;QACZ,aAAa,EAAE,wBAAwB;QACvC,MAAM,EAAE;YACN,QAAQ,EAAE,IAAI;SACf;QACD,OAAO,EAAE;YACP,MAAM,EAAE;gBACN,aAAa,EAAE,IAAI;aACpB;YACD,aAAa,EAAE,IAAI;SACpB;QACD,WAAW,EAAE;YACX,OAAO,EAAE;gBACP,QAAQ,EAAE;oBACR,OAAO,EAAE,IAAI;iBACd;aACF;YACD,OAAO,EAAE,IAAI;SACd;QACD,QAAQ,EAAE,WAAW;QACrB,2BAA2B,EAAE,IAAI;QACjC,GAAG,EAAE;YAIH,OAAO,EAAE;gBACP,OAAO,EAAE,IAAI;gBAKb,MAAM,EAAE,qCAAqC;gBAC7C,aAAa,EAAE;oBACb,SAAS,EAAE,IAAI;iBAChB;aACF;YACD,iBAAiB,EAAE,IAAI;YAEvB,MAAM,EAAE,6BAA6B;YACrC,aAAa,EAAE;gBACb,SAAS,EAAE,KAAK;aACjB;SACF;QACD,eAAe,EAAE,IAAI;QACrB,aAAa,EAAE,IAAI;QACnB,QAAQ,EAAE;YACR,SAAS,EAAE;gBACT,MAAM,EAAE,IAAI;aACb;YACD,kBAAkB,EAAE,IAAI;YACxB,GAAG,EAAE,uCAAuC;SAC7C;QACD,IAAI,EAAE,IAAI;QACV,QAAQ,EAAE;YACR,wBAAwB,EAAE;gBACxB,iBAAiB,EAAE,KAAK;gBACxB,KAAK,EAAE,KAAK;gBACZ,eAAe,EAAE,IAAI;gBACrB,UAAU,EAAE,IAAI;gBAChB,8BAA8B,EAAE,IAAI;gBACpC,UAAU,EAAE,KAAK;aAClB;YACD,wBAAwB,EAAE,IAAI;YAC9B,kBAAkB,EAAE,IAAI;SACzB;QACD,MAAM,EAAE,IAAI;QACZ,YAAY,EAAE;YACZ,OAAO,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE;YACvB,IAAI,EAAE,IAAA,WAAI,EAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,CAAC;SACtC;QACD,SAAS,EAAE;YACT,MAAM,EAAE,KAAK;YACb,IAAI,EAAE,IAAA,WAAI,EAAC,SAAS,EAAE,WAAW,CAAC;SACnC;KACF;IAKD,UAAU,EAAE;QAIV,IAAI,EAAE;YACJ,eAAe,EAAE;gBACf,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,mBAAmB,KAAK,OAAO;aAGrD;SACF;QACD,0BAA0B,EAAE,IAAI;QAChC,UAAU,EAAE;YACV,QAAQ,EAAE,MAAM;YAChB,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,qBAAqB;YAE7D,GAAG,EAAE;gBACH,OAAO,EAAE,IAAI;gBACb,SAAS,EAAE,KAAK;aACjB;YACD,OAAO,EAAE;gBACP,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,qBAAqB;gBAC5D,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,aAAa;gBAChD,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,wBAAwB;aAChE;YACD,SAAS,EAAE;gBACT,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,OAAO;gBACnD,GAAG,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,IAAI,EAAE,EAAE,CAAC;gBACrD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,4CAA4C;gBACvF,aAAa,EAAE,CAAC,UAAU,EAAE,WAAW,CAAC;gBACxC,eAAe,EAAE,CAAC,UAAU,EAAE,UAAU,EAAE,kBAAkB,EAAE,iBAAiB,CAAC;gBAChF,aAAa,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,yBAAyB,IAAI,IAAI,EAAE,EAAE,CAAC;aAC3E;YAID,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB;YACtC,eAAe,EAAE;gBACf,KAAK,EAAE;oBACL,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,sBAAsB,IAAI,EAAE;oBAClD,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,0BAA0B,IAAI,EAAE;oBAC1D,OAAO,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,sBAAsB;iBAC9C;gBACD,MAAM,EAAE;oBACN,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,uBAAuB,IAAI,EAAE;oBACnD,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,2BAA2B,IAAI,EAAE;oBAC3D,OAAO,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAuB;iBAC/C;gBACD,MAAM,EAAE;oBACN,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,uBAAuB,IAAI,EAAE;oBACnD,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,2BAA2B,IAAI,EAAE;oBAC3D,OAAO,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAuB;iBAC/C;aACF;YACD,SAAS,EAAE;gBACT,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,aAAa;gBACzD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,MAAM;aACnD;SACF;QACD,WAAW,EAAE,IAAI;QACjB,OAAO,EAAE,KAAK;QACd,KAAK,EAAE;YACL,aAAa,EAAE;gBACb,KAAK,EAAE,iCAAiC;gBACxC,IAAI,EAAE,wBAAwB;aAC/B;YACD,OAAO,EAAE;gBACP,eAAe,EAAE,yBAAyB;gBAC1C,cAAc,EAAE,wBAAwB;aACzC;YACD,iBAAiB,EAAE,2CAA2C;YAC9D,IAAI,EAAE;gBACJ,IAAI,EAAE;oBACJ,IAAI,EAAE,oBAAoB;oBAC1B,IAAI,EAAE,iCAAiC;iBACxC;gBACD,IAAI,EAAE,oBAAoB;gBAC1B,IAAI,EAAE,IAAI;gBACV,MAAM,EAAE,KAAK;aACd;YACD,gBAAgB,EAAE,yCAAyC;SAC5D;QACD,GAAG,EAAE,YAAY;QACjB,aAAa,EAAE,wBAAwB;QACvC,MAAM,EAAE;YACN,QAAQ,EAAE,IAAI;SACf;QACD,OAAO,EAAE;YACP,MAAM,EAAE;gBACN,aAAa,EAAE,IAAI;aACpB;YACD,aAAa,EAAE,IAAI;SACpB;QACD,WAAW,EAAE;YACX,OAAO,EAAE;gBACP,QAAQ,EAAE;oBACR,OAAO,EAAE,IAAI;iBACd;aACF;YACD,OAAO,EAAE,IAAI;SACd;QACD,2BAA2B,EAAE,IAAI;QACjC,GAAG,EAAE;YAIH,OAAO,EAAE;gBACP,OAAO,EAAE,IAAI;gBAKb,MAAM,EAAE,oCAAoC;gBAC5C,aAAa,EAAE;oBACb,SAAS,EAAE,IAAI;iBAChB;aACF;YACD,iBAAiB,EAAE,IAAI;YAEvB,MAAM,EAAE,4BAA4B;YACpC,aAAa,EAAE;gBACb,SAAS,EAAE,KAAK;aACjB;SACF;QACD,eAAe,EAAE,KAAK;QACtB,aAAa,EAAE,IAAI;QACnB,QAAQ,EAAE;YACR,SAAS,EAAE;gBACT,MAAM,EAAE,IAAI;aACb;YACD,kBAAkB,EAAE,KAAK;YACzB,GAAG,EAAE,sCAAsC;SAC5C;QACD,IAAI,EAAE,IAAI;QACV,QAAQ,EAAE;YACR,wBAAwB,EAAE;gBACxB,iBAAiB,EAAE,KAAK;gBACxB,KAAK,EAAE,KAAK;gBACZ,eAAe,EAAE,IAAI;gBACrB,UAAU,EAAE,IAAI;gBAChB,8BAA8B,EAAE,IAAI;gBACpC,UAAU,EAAE,KAAK;aAClB;YACD,wBAAwB,EAAE,IAAI;YAC9B,kBAAkB,EAAE,IAAI;SACzB;QACD,MAAM,EAAE,IAAI;QACZ,YAAY,EAAE;YACZ,OAAO,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE;YACvB,IAAI,EAAE,IAAA,WAAI,EAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,CAAC;SACtC;QACD,SAAS,EAAE;YACT,MAAM,EAAE,KAAK;YACb,IAAI,EAAE,IAAA,WAAI,EAAC,SAAS,EAAE,WAAW,CAAC;SACnC;KACF;CACF,CAAC;AAKF,kBAAe,IAAA,oCAAoB,EAAC,EAAE,MAAM,EAAE,CAAC,CAAC"}
|
|
@@ -15,6 +15,22 @@ import { CronJobConfigWithTimeZone } from './cron-job-config-with-time-zone.inte
|
|
|
15
15
|
import { CronJobConfigWithUtcOffset } from './cron-job-config-with-utc-offset.interface';
|
|
16
16
|
import { MailjetOptions } from './mailjet-options.interface';
|
|
17
17
|
export type BetterAuthFieldType = 'boolean' | 'date' | 'json' | 'number' | 'number[]' | 'string' | 'string[]';
|
|
18
|
+
export interface IAuth {
|
|
19
|
+
legacyEndpoints?: IAuthLegacyEndpoints;
|
|
20
|
+
preventUserEnumeration?: boolean;
|
|
21
|
+
rateLimit?: IAuthRateLimit;
|
|
22
|
+
}
|
|
23
|
+
export interface IAuthLegacyEndpoints {
|
|
24
|
+
enabled?: boolean;
|
|
25
|
+
graphql?: boolean;
|
|
26
|
+
rest?: boolean;
|
|
27
|
+
}
|
|
28
|
+
export interface IAuthRateLimit {
|
|
29
|
+
enabled?: boolean;
|
|
30
|
+
max?: number;
|
|
31
|
+
message?: string;
|
|
32
|
+
windowSeconds?: number;
|
|
33
|
+
}
|
|
18
34
|
export interface IBetterAuth {
|
|
19
35
|
additionalUserFields?: Record<string, IBetterAuthUserField>;
|
|
20
36
|
autoRegister?: boolean;
|
|
@@ -24,26 +40,25 @@ export interface IBetterAuth {
|
|
|
24
40
|
enabled?: boolean;
|
|
25
41
|
};
|
|
26
42
|
enabled?: boolean;
|
|
27
|
-
jwt?:
|
|
28
|
-
enabled?: boolean;
|
|
29
|
-
expiresIn?: string;
|
|
30
|
-
};
|
|
43
|
+
jwt?: boolean | IBetterAuthJwtConfig;
|
|
31
44
|
options?: Record<string, unknown>;
|
|
32
|
-
passkey?:
|
|
33
|
-
enabled?: boolean;
|
|
34
|
-
origin?: string;
|
|
35
|
-
rpId?: string;
|
|
36
|
-
rpName?: string;
|
|
37
|
-
};
|
|
45
|
+
passkey?: boolean | IBetterAuthPasskeyConfig;
|
|
38
46
|
plugins?: unknown[];
|
|
39
47
|
rateLimit?: IBetterAuthRateLimit;
|
|
40
48
|
secret?: string;
|
|
41
49
|
socialProviders?: Record<string, IBetterAuthSocialProvider>;
|
|
42
50
|
trustedOrigins?: string[];
|
|
43
|
-
twoFactor?:
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
51
|
+
twoFactor?: boolean | IBetterAuthTwoFactorConfig;
|
|
52
|
+
}
|
|
53
|
+
export interface IBetterAuthJwtConfig {
|
|
54
|
+
enabled?: boolean;
|
|
55
|
+
expiresIn?: string;
|
|
56
|
+
}
|
|
57
|
+
export interface IBetterAuthPasskeyConfig {
|
|
58
|
+
enabled?: boolean;
|
|
59
|
+
origin?: string;
|
|
60
|
+
rpId?: string;
|
|
61
|
+
rpName?: string;
|
|
47
62
|
}
|
|
48
63
|
export interface IBetterAuthRateLimit {
|
|
49
64
|
enabled?: boolean;
|
|
@@ -58,6 +73,10 @@ export interface IBetterAuthSocialProvider {
|
|
|
58
73
|
clientSecret: string;
|
|
59
74
|
enabled?: boolean;
|
|
60
75
|
}
|
|
76
|
+
export interface IBetterAuthTwoFactorConfig {
|
|
77
|
+
appName?: string;
|
|
78
|
+
enabled?: boolean;
|
|
79
|
+
}
|
|
61
80
|
export interface IBetterAuthUserField {
|
|
62
81
|
defaultValue?: unknown;
|
|
63
82
|
fieldName?: string;
|
|
@@ -73,8 +92,9 @@ export interface IJwt {
|
|
|
73
92
|
signInOptions?: JwtSignOptions;
|
|
74
93
|
}
|
|
75
94
|
export interface IServerOptions {
|
|
95
|
+
auth?: IAuth;
|
|
76
96
|
automaticObjectIdFiltering?: boolean;
|
|
77
|
-
betterAuth?: IBetterAuth;
|
|
97
|
+
betterAuth?: boolean | IBetterAuth;
|
|
78
98
|
brevo?: {
|
|
79
99
|
apiKey: string;
|
|
80
100
|
exclude?: RegExp;
|
|
@@ -9,6 +9,7 @@ export declare class CoreAuthController {
|
|
|
9
9
|
protected readonly authService: CoreAuthService;
|
|
10
10
|
protected readonly configService: ConfigService;
|
|
11
11
|
constructor(authService: CoreAuthService, configService: ConfigService);
|
|
12
|
+
protected checkLegacyRESTEnabled(endpointName: string): void;
|
|
12
13
|
logout(currentUser: ICoreAuthUser, token: string, res: ResponseType, allDevices?: boolean): Promise<boolean>;
|
|
13
14
|
refreshToken(user: ICoreAuthUser, refreshToken: string, res: ResponseType): Promise<CoreAuthModel>;
|
|
14
15
|
signIn(res: ResponseType, input: CoreAuthSignInInput): Promise<CoreAuthModel>;
|
|
@@ -22,7 +22,9 @@ const role_enum_1 = require("../../common/enums/role.enum");
|
|
|
22
22
|
const config_service_1 = require("../../common/services/config.service");
|
|
23
23
|
const auth_guard_strategy_enum_1 = require("./auth-guard-strategy.enum");
|
|
24
24
|
const core_auth_model_1 = require("./core-auth.model");
|
|
25
|
+
const legacy_auth_disabled_exception_1 = require("./exceptions/legacy-auth-disabled.exception");
|
|
25
26
|
const auth_guard_1 = require("./guards/auth.guard");
|
|
27
|
+
const legacy_auth_rate_limit_guard_1 = require("./guards/legacy-auth-rate-limit.guard");
|
|
26
28
|
const core_auth_sign_in_input_1 = require("./inputs/core-auth-sign-in.input");
|
|
27
29
|
const core_auth_sign_up_input_1 = require("./inputs/core-auth-sign-up.input");
|
|
28
30
|
const core_auth_service_1 = require("./services/core-auth.service");
|
|
@@ -32,19 +34,33 @@ let CoreAuthController = class CoreAuthController {
|
|
|
32
34
|
this.authService = authService;
|
|
33
35
|
this.configService = configService;
|
|
34
36
|
}
|
|
37
|
+
checkLegacyRESTEnabled(endpointName) {
|
|
38
|
+
const authConfig = this.configService.getFastButReadOnly('auth');
|
|
39
|
+
const legacyConfig = authConfig?.legacyEndpoints;
|
|
40
|
+
if (legacyConfig?.enabled === false) {
|
|
41
|
+
throw new legacy_auth_disabled_exception_1.LegacyAuthDisabledException(endpointName);
|
|
42
|
+
}
|
|
43
|
+
if (legacyConfig?.rest === false) {
|
|
44
|
+
throw new legacy_auth_disabled_exception_1.LegacyAuthDisabledException(endpointName);
|
|
45
|
+
}
|
|
46
|
+
}
|
|
35
47
|
async logout(currentUser, token, res, allDevices) {
|
|
48
|
+
this.checkLegacyRESTEnabled('logout');
|
|
36
49
|
const result = await this.authService.logout(token, { allDevices, currentUser });
|
|
37
50
|
return this.processCookies(res, result);
|
|
38
51
|
}
|
|
39
52
|
async refreshToken(user, refreshToken, res) {
|
|
53
|
+
this.checkLegacyRESTEnabled('refresh-token');
|
|
40
54
|
const result = await this.authService.refreshTokens(user, refreshToken);
|
|
41
55
|
return this.processCookies(res, result);
|
|
42
56
|
}
|
|
43
57
|
async signIn(res, input) {
|
|
58
|
+
this.checkLegacyRESTEnabled('signin');
|
|
44
59
|
const result = await this.authService.signIn(input);
|
|
45
60
|
return this.processCookies(res, result);
|
|
46
61
|
}
|
|
47
62
|
async signUp(res, input) {
|
|
63
|
+
this.checkLegacyRESTEnabled('signup');
|
|
48
64
|
const result = await this.authService.signUp(input);
|
|
49
65
|
return this.processCookies(res, result);
|
|
50
66
|
}
|
|
@@ -69,12 +85,14 @@ let CoreAuthController = class CoreAuthController {
|
|
|
69
85
|
};
|
|
70
86
|
exports.CoreAuthController = CoreAuthController;
|
|
71
87
|
__decorate([
|
|
88
|
+
(0, swagger_1.ApiGoneResponse)({ description: 'Legacy Auth endpoints are disabled' }),
|
|
72
89
|
(0, swagger_1.ApiOkResponse)({ type: Boolean }),
|
|
73
90
|
(0, swagger_1.ApiOperation)({ description: 'Logs a user out from a specific device' }),
|
|
74
91
|
(0, swagger_1.ApiQuery)({ description: 'If all devices should be logged out,', name: 'allDevices', required: false, type: Boolean }),
|
|
92
|
+
(0, swagger_1.ApiTooManyRequestsResponse)({ description: 'Rate limit exceeded' }),
|
|
75
93
|
(0, common_1.Get)('logout'),
|
|
76
|
-
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.
|
|
77
|
-
(0, common_1.UseGuards)(
|
|
94
|
+
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_USER),
|
|
95
|
+
(0, common_1.UseGuards)(legacy_auth_rate_limit_guard_1.LegacyAuthRateLimitGuard),
|
|
78
96
|
__param(0, (0, current_user_decorator_1.CurrentUser)()),
|
|
79
97
|
__param(1, (0, tokens_decorator_1.Tokens)('token')),
|
|
80
98
|
__param(2, (0, common_1.Res)({ passthrough: true })),
|
|
@@ -84,11 +102,13 @@ __decorate([
|
|
|
84
102
|
__metadata("design:returntype", Promise)
|
|
85
103
|
], CoreAuthController.prototype, "logout", null);
|
|
86
104
|
__decorate([
|
|
105
|
+
(0, swagger_1.ApiGoneResponse)({ description: 'Legacy Auth endpoints are disabled' }),
|
|
87
106
|
(0, swagger_1.ApiOkResponse)({ type: core_auth_model_1.CoreAuthModel }),
|
|
88
107
|
(0, swagger_1.ApiOperation)({ description: 'Refresh token (for specific device)' }),
|
|
108
|
+
(0, swagger_1.ApiTooManyRequestsResponse)({ description: 'Rate limit exceeded' }),
|
|
89
109
|
(0, common_1.Get)('refresh-token'),
|
|
90
110
|
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_EVERYONE),
|
|
91
|
-
(0, common_1.UseGuards)((0, auth_guard_1.AuthGuard)(auth_guard_strategy_enum_1.AuthGuardStrategy.JWT_REFRESH)),
|
|
111
|
+
(0, common_1.UseGuards)(legacy_auth_rate_limit_guard_1.LegacyAuthRateLimitGuard, (0, auth_guard_1.AuthGuard)(auth_guard_strategy_enum_1.AuthGuardStrategy.JWT_REFRESH)),
|
|
92
112
|
__param(0, (0, current_user_decorator_1.CurrentUser)()),
|
|
93
113
|
__param(1, (0, tokens_decorator_1.Tokens)('refreshToken')),
|
|
94
114
|
__param(2, (0, common_1.Res)({ passthrough: true })),
|
|
@@ -98,9 +118,12 @@ __decorate([
|
|
|
98
118
|
], CoreAuthController.prototype, "refreshToken", null);
|
|
99
119
|
__decorate([
|
|
100
120
|
(0, swagger_1.ApiCreatedResponse)({ description: 'Signed in successfully', type: core_auth_model_1.CoreAuthModel }),
|
|
121
|
+
(0, swagger_1.ApiGoneResponse)({ description: 'Legacy Auth endpoints are disabled' }),
|
|
101
122
|
(0, swagger_1.ApiOperation)({ description: 'Sign in via email and password' }),
|
|
123
|
+
(0, swagger_1.ApiTooManyRequestsResponse)({ description: 'Rate limit exceeded' }),
|
|
102
124
|
(0, common_1.Post)('signin'),
|
|
103
125
|
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_EVERYONE),
|
|
126
|
+
(0, common_1.UseGuards)(legacy_auth_rate_limit_guard_1.LegacyAuthRateLimitGuard),
|
|
104
127
|
__param(0, (0, common_1.Res)({ passthrough: true })),
|
|
105
128
|
__param(1, (0, common_1.Body)()),
|
|
106
129
|
__metadata("design:type", Function),
|
|
@@ -110,9 +133,12 @@ __decorate([
|
|
|
110
133
|
__decorate([
|
|
111
134
|
(0, swagger_1.ApiBody)({ type: core_auth_sign_up_input_1.CoreAuthSignUpInput }),
|
|
112
135
|
(0, swagger_1.ApiCreatedResponse)({ type: core_auth_sign_up_input_1.CoreAuthSignUpInput }),
|
|
136
|
+
(0, swagger_1.ApiGoneResponse)({ description: 'Legacy Auth endpoints are disabled' }),
|
|
113
137
|
(0, swagger_1.ApiOperation)({ description: 'Sign up via email and password' }),
|
|
138
|
+
(0, swagger_1.ApiTooManyRequestsResponse)({ description: 'Rate limit exceeded' }),
|
|
114
139
|
(0, common_1.Post)('signup'),
|
|
115
140
|
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_EVERYONE),
|
|
141
|
+
(0, common_1.UseGuards)(legacy_auth_rate_limit_guard_1.LegacyAuthRateLimitGuard),
|
|
116
142
|
__param(0, (0, common_1.Res)({ passthrough: true })),
|
|
117
143
|
__param(1, (0, common_1.Body)()),
|
|
118
144
|
__metadata("design:type", Function),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"core-auth.controller.js","sourceRoot":"","sources":["../../../../src/core/modules/auth/core-auth.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAmG;AACnG,
|
|
1
|
+
{"version":3,"file":"core-auth.controller.js","sourceRoot":"","sources":["../../../../src/core/modules/auth/core-auth.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAmG;AACnG,6CAQyB;AAGzB,2FAAyF;AACzF,2FAA6E;AAC7E,6EAAgE;AAChE,4DAAwD;AACxD,yEAAqE;AACrE,yEAA+D;AAC/D,uDAAkD;AAClD,gGAA0F;AAC1F,oDAAgD;AAChD,wFAAiF;AACjF,8EAAuE;AACvE,8EAAuE;AAEvE,oEAA+D;AAC/D,yDAA4C;AA4BrC,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;IAI7B,YACqB,WAA4B,EAC5B,aAA4B;QAD5B,gBAAW,GAAX,WAAW,CAAiB;QAC5B,kBAAa,GAAb,aAAa,CAAe;IAC9C,CAAC;IAeM,sBAAsB,CAAC,YAAoB;QACnD,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACjE,MAAM,YAAY,GAAG,UAAU,EAAE,eAAe,CAAC;QAGjD,IAAI,YAAY,EAAE,OAAO,KAAK,KAAK,EAAE,CAAC;YACpC,MAAM,IAAI,4DAA2B,CAAC,YAAY,CAAC,CAAC;QACtD,CAAC;QAGD,IAAI,YAAY,EAAE,IAAI,KAAK,KAAK,EAAE,CAAC;YACjC,MAAM,IAAI,4DAA2B,CAAC,YAAY,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;IAgBK,AAAN,KAAK,CAAC,MAAM,CACK,WAA0B,EACxB,KAAa,EACF,GAAiB,EACe,UAAoB;QAEhF,IAAI,CAAC,sBAAsB,CAAC,QAAQ,CAAC,CAAC;QACtC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,UAAU,EAAE,WAAW,EAAE,CAAC,CAAC;QACjF,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IAC1C,CAAC;IAeK,AAAN,KAAK,CAAC,YAAY,CACD,IAAmB,EACV,YAAoB,EAChB,GAAiB;QAE7C,IAAI,CAAC,sBAAsB,CAAC,eAAe,CAAC,CAAC;QAC7C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;QACxE,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IAC1C,CAAC;IAeK,AAAN,KAAK,CAAC,MAAM,CACkB,GAAiB,EACrC,KAA0B;QAElC,IAAI,CAAC,sBAAsB,CAAC,QAAQ,CAAC,CAAC;QACtC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACpD,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IAC1C,CAAC;IAgBK,AAAN,KAAK,CAAC,MAAM,CACkB,GAAiB,EACrC,KAA0B;QAElC,IAAI,CAAC,sBAAsB,CAAC,QAAQ,CAAC,CAAC;QACtC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACpD,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IAC1C,CAAC;IASS,cAAc,CAAC,GAAiB,EAAE,MAAW;QAErD,IAAI,IAAI,CAAC,aAAa,CAAC,kBAAkB,CAAC,SAAS,CAAC,EAAE,CAAC;YAErD,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;gBAC1C,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;gBAC5C,GAAG,CAAC,MAAM,CAAC,cAAc,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;gBACnD,OAAO,MAAM,CAAC;YAChB,CAAC;YACD,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,IAAI,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;YAC7D,GAAG,CAAC,MAAM,CAAC,cAAc,EAAE,MAAM,EAAE,YAAY,IAAI,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;YAG3E,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;gBACjB,OAAO,MAAM,CAAC,KAAK,CAAC;YACtB,CAAC;YACD,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;gBACxB,OAAO,MAAM,CAAC,YAAY,CAAC;YAC7B,CAAC;QACH,CAAC;QAGD,OAAO,MAAM,CAAC;IAChB,CAAC;CACF,CAAA;AAjKY,gDAAkB;AAmDvB;IARL,IAAA,yBAAe,EAAC,EAAE,WAAW,EAAE,oCAAoC,EAAE,CAAC;IACtE,IAAA,uBAAa,EAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;IAChC,IAAA,sBAAY,EAAC,EAAE,WAAW,EAAE,wCAAwC,EAAE,CAAC;IACvE,IAAA,kBAAQ,EAAC,EAAE,WAAW,EAAE,sCAAsC,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;IACrH,IAAA,oCAA0B,EAAC,EAAE,WAAW,EAAE,qBAAqB,EAAE,CAAC;IAClE,IAAA,YAAG,EAAC,QAAQ,CAAC;IACb,IAAA,uBAAK,EAAC,oBAAQ,CAAC,MAAM,CAAC;IACtB,IAAA,kBAAS,EAAC,uDAAwB,CAAC;IAEjC,WAAA,IAAA,oCAAW,GAAE,CAAA;IACb,WAAA,IAAA,yBAAM,EAAC,OAAO,CAAC,CAAA;IACf,WAAA,IAAA,YAAG,EAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAA;IAC1B,WAAA,IAAA,cAAK,EAAC,YAAY,EAAE,IAAI,sBAAa,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;;;;gDAK5D;AAeK;IAPL,IAAA,yBAAe,EAAC,EAAE,WAAW,EAAE,oCAAoC,EAAE,CAAC;IACtE,IAAA,uBAAa,EAAC,EAAE,IAAI,EAAE,+BAAa,EAAE,CAAC;IACtC,IAAA,sBAAY,EAAC,EAAE,WAAW,EAAE,qCAAqC,EAAE,CAAC;IACpE,IAAA,oCAA0B,EAAC,EAAE,WAAW,EAAE,qBAAqB,EAAE,CAAC;IAClE,IAAA,YAAG,EAAC,eAAe,CAAC;IACpB,IAAA,uBAAK,EAAC,oBAAQ,CAAC,UAAU,CAAC;IAC1B,IAAA,kBAAS,EAAC,uDAAwB,EAAE,IAAA,sBAAS,EAAC,4CAAiB,CAAC,WAAW,CAAC,CAAC;IAE3E,WAAA,IAAA,oCAAW,GAAE,CAAA;IACb,WAAA,IAAA,yBAAM,EAAC,cAAc,CAAC,CAAA;IACtB,WAAA,IAAA,YAAG,EAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAA;;;;sDAK5B;AAeK;IAPL,IAAA,4BAAkB,EAAC,EAAE,WAAW,EAAE,wBAAwB,EAAE,IAAI,EAAE,+BAAa,EAAE,CAAC;IAClF,IAAA,yBAAe,EAAC,EAAE,WAAW,EAAE,oCAAoC,EAAE,CAAC;IACtE,IAAA,sBAAY,EAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE,CAAC;IAC/D,IAAA,oCAA0B,EAAC,EAAE,WAAW,EAAE,qBAAqB,EAAE,CAAC;IAClE,IAAA,aAAI,EAAC,QAAQ,CAAC;IACd,IAAA,uBAAK,EAAC,oBAAQ,CAAC,UAAU,CAAC;IAC1B,IAAA,kBAAS,EAAC,uDAAwB,CAAC;IAEjC,WAAA,IAAA,YAAG,EAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAA;IAC1B,WAAA,IAAA,aAAI,GAAE,CAAA;;6CAAQ,6CAAmB;;gDAKnC;AAgBK;IARL,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,6CAAmB,EAAE,CAAC;IACtC,IAAA,4BAAkB,EAAC,EAAE,IAAI,EAAE,6CAAmB,EAAE,CAAC;IACjD,IAAA,yBAAe,EAAC,EAAE,WAAW,EAAE,oCAAoC,EAAE,CAAC;IACtE,IAAA,sBAAY,EAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE,CAAC;IAC/D,IAAA,oCAA0B,EAAC,EAAE,WAAW,EAAE,qBAAqB,EAAE,CAAC;IAClE,IAAA,aAAI,EAAC,QAAQ,CAAC;IACd,IAAA,uBAAK,EAAC,oBAAQ,CAAC,UAAU,CAAC;IAC1B,IAAA,kBAAS,EAAC,uDAAwB,CAAC;IAEjC,WAAA,IAAA,YAAG,EAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAA;IAC1B,WAAA,IAAA,aAAI,GAAE,CAAA;;6CAAQ,6CAAmB;;gDAKnC;6BAhIU,kBAAkB;IAH9B,IAAA,gDAAuB,GAAE;IACzB,IAAA,mBAAU,EAAC,MAAM,CAAC;IAClB,IAAA,uBAAK,EAAC,oBAAQ,CAAC,KAAK,CAAC;qCAMc,mCAAe;QACb,8BAAa;GANtC,kBAAkB,CAiK9B"}
|
|
@@ -14,9 +14,11 @@ const jwt_1 = require("@nestjs/jwt");
|
|
|
14
14
|
const passport_1 = require("@nestjs/passport");
|
|
15
15
|
const graphql_subscriptions_1 = require("graphql-subscriptions");
|
|
16
16
|
const auth_guard_strategy_enum_1 = require("./auth-guard-strategy.enum");
|
|
17
|
+
const legacy_auth_rate_limit_guard_1 = require("./guards/legacy-auth-rate-limit.guard");
|
|
17
18
|
const roles_guard_1 = require("./guards/roles.guard");
|
|
18
19
|
const core_auth_user_service_1 = require("./services/core-auth-user.service");
|
|
19
20
|
const core_auth_service_1 = require("./services/core-auth.service");
|
|
21
|
+
const legacy_auth_rate_limiter_service_1 = require("./services/legacy-auth-rate-limiter.service");
|
|
20
22
|
const jwt_refresh_strategy_1 = require("./strategies/jwt-refresh.strategy");
|
|
21
23
|
const jwt_strategy_1 = require("./strategies/jwt.strategy");
|
|
22
24
|
let CoreAuthModule = CoreAuthModule_1 = class CoreAuthModule {
|
|
@@ -54,12 +56,23 @@ let CoreAuthModule = CoreAuthModule_1 = class CoreAuthModule {
|
|
|
54
56
|
provide: jwt_refresh_strategy_1.JwtRefreshStrategy,
|
|
55
57
|
useClass: options.jwtRefreshStrategy || jwt_refresh_strategy_1.JwtRefreshStrategy,
|
|
56
58
|
},
|
|
59
|
+
legacy_auth_rate_limiter_service_1.LegacyAuthRateLimiter,
|
|
60
|
+
legacy_auth_rate_limit_guard_1.LegacyAuthRateLimitGuard,
|
|
57
61
|
];
|
|
58
62
|
if (Array.isArray(options?.providers)) {
|
|
59
63
|
providers = imports.concat(options.providers);
|
|
60
64
|
}
|
|
61
65
|
return {
|
|
62
|
-
exports: [
|
|
66
|
+
exports: [
|
|
67
|
+
core_auth_service_1.CoreAuthService,
|
|
68
|
+
jwt_1.JwtModule,
|
|
69
|
+
jwt_strategy_1.JwtStrategy,
|
|
70
|
+
jwt_refresh_strategy_1.JwtRefreshStrategy,
|
|
71
|
+
legacy_auth_rate_limiter_service_1.LegacyAuthRateLimiter,
|
|
72
|
+
legacy_auth_rate_limit_guard_1.LegacyAuthRateLimitGuard,
|
|
73
|
+
passport_1.PassportModule,
|
|
74
|
+
UserModule,
|
|
75
|
+
],
|
|
63
76
|
imports,
|
|
64
77
|
module: CoreAuthModule_1,
|
|
65
78
|
providers,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"core-auth.module.js","sourceRoot":"","sources":["../../../../src/core/modules/auth/core-auth.module.ts"],"names":[],"mappings":";;;;;;;;;;AAAA,2CAAyF;AACzF,uCAAyC;AACzC,qCAA0D;AAC1D,+CAAkD;AAClD,iEAA+C;AAE/C,yEAA+D;AAC/D,sDAAkD;AAClD,8EAAwE;AACxE,oEAA+D;AAC/D,4EAAuE;AACvE,4DAAwD;AAMjD,IAAM,cAAc,sBAApB,MAAM,cAAc;IAKzB,MAAM,CAAC,OAAO,CACZ,UAAqB,EACrB,WAAsC,EACtC,OAMC;QAGD,IAAI,OAAO,GAAU;YACnB,UAAU;YACV,yBAAc,CAAC,QAAQ,CAAC,EAAE,eAAe,EAAE,CAAC,4CAAiB,CAAC,GAAG,EAAE,4CAAiB,CAAC,WAAW,CAAC,EAAE,CAAC;YACpG,eAAS,CAAC,QAAQ,CAAC,OAAO,CAAC;SAC5B,CAAC;QACF,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,EAAE,CAAC;YACpC,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5C,CAAC;QAGD,IAAI,SAAS,GAAG;YAEd;gBACE,OAAO,EAAE,gBAAS;gBAClB,QAAQ,EAAE,wBAAU;aACrB;YACD;gBACE,OAAO,EAAE,4CAAmB;gBAC5B,QAAQ,EAAE,WAAW;aACtB;YACD;gBACE,OAAO,EAAE,SAAS;gBAClB,QAAQ,EAAE,IAAI,8BAAM,EAAE;aACvB;YACD;gBACE,OAAO,EAAE,mCAAe;gBACxB,QAAQ,EAAE,OAAO,CAAC,WAAW,IAAI,mCAAe;aACjD;YACD;gBACE,OAAO,EAAE,0BAAW;gBACpB,QAAQ,EAAE,OAAO,CAAC,WAAW,IAAI,0BAAW;aAC7C;YACD;gBACE,OAAO,EAAE,yCAAkB;gBAC3B,QAAQ,EAAE,OAAO,CAAC,kBAAkB,IAAI,yCAAkB;aAC3D;
|
|
1
|
+
{"version":3,"file":"core-auth.module.js","sourceRoot":"","sources":["../../../../src/core/modules/auth/core-auth.module.ts"],"names":[],"mappings":";;;;;;;;;;AAAA,2CAAyF;AACzF,uCAAyC;AACzC,qCAA0D;AAC1D,+CAAkD;AAClD,iEAA+C;AAE/C,yEAA+D;AAC/D,wFAAiF;AACjF,sDAAkD;AAClD,8EAAwE;AACxE,oEAA+D;AAC/D,kGAAoF;AACpF,4EAAuE;AACvE,4DAAwD;AAMjD,IAAM,cAAc,sBAApB,MAAM,cAAc;IAKzB,MAAM,CAAC,OAAO,CACZ,UAAqB,EACrB,WAAsC,EACtC,OAMC;QAGD,IAAI,OAAO,GAAU;YACnB,UAAU;YACV,yBAAc,CAAC,QAAQ,CAAC,EAAE,eAAe,EAAE,CAAC,4CAAiB,CAAC,GAAG,EAAE,4CAAiB,CAAC,WAAW,CAAC,EAAE,CAAC;YACpG,eAAS,CAAC,QAAQ,CAAC,OAAO,CAAC;SAC5B,CAAC;QACF,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,EAAE,CAAC;YACpC,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5C,CAAC;QAGD,IAAI,SAAS,GAAG;YAEd;gBACE,OAAO,EAAE,gBAAS;gBAClB,QAAQ,EAAE,wBAAU;aACrB;YACD;gBACE,OAAO,EAAE,4CAAmB;gBAC5B,QAAQ,EAAE,WAAW;aACtB;YACD;gBACE,OAAO,EAAE,SAAS;gBAClB,QAAQ,EAAE,IAAI,8BAAM,EAAE;aACvB;YACD;gBACE,OAAO,EAAE,mCAAe;gBACxB,QAAQ,EAAE,OAAO,CAAC,WAAW,IAAI,mCAAe;aACjD;YACD;gBACE,OAAO,EAAE,0BAAW;gBACpB,QAAQ,EAAE,OAAO,CAAC,WAAW,IAAI,0BAAW;aAC7C;YACD;gBACE,OAAO,EAAE,yCAAkB;gBAC3B,QAAQ,EAAE,OAAO,CAAC,kBAAkB,IAAI,yCAAkB;aAC3D;YAED,wDAAqB;YACrB,uDAAwB;SACzB,CAAC;QACF,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,SAAS,CAAC,EAAE,CAAC;YACtC,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAChD,CAAC;QAGD,OAAO;YACL,OAAO,EAAE;gBACP,mCAAe;gBACf,eAAS;gBACT,0BAAW;gBACX,yCAAkB;gBAClB,wDAAqB;gBACrB,uDAAwB;gBACxB,yBAAc;gBACd,UAAU;aACX;YACD,OAAO;YACP,MAAM,EAAE,gBAAc;YACtB,SAAS;SACV,CAAC;IACJ,CAAC;CACF,CAAA;AA9EY,wCAAc;yBAAd,cAAc;IAD1B,IAAA,eAAM,EAAC,EAAE,CAAC;GACE,cAAc,CA8E1B"}
|
|
@@ -10,6 +10,7 @@ export declare class CoreAuthResolver {
|
|
|
10
10
|
protected readonly authService: CoreAuthService;
|
|
11
11
|
protected readonly configService: ConfigService;
|
|
12
12
|
constructor(authService: CoreAuthService, configService: ConfigService);
|
|
13
|
+
protected checkLegacyGraphQLEnabled(endpointName: string): void;
|
|
13
14
|
logout(currentUser: ICoreAuthUser, ctx: {
|
|
14
15
|
res: ResponseType;
|
|
15
16
|
}, token: string, allDevices?: boolean): Promise<boolean>;
|
|
@@ -22,7 +22,9 @@ const role_enum_1 = require("../../common/enums/role.enum");
|
|
|
22
22
|
const config_service_1 = require("../../common/services/config.service");
|
|
23
23
|
const auth_guard_strategy_enum_1 = require("./auth-guard-strategy.enum");
|
|
24
24
|
const core_auth_model_1 = require("./core-auth.model");
|
|
25
|
+
const legacy_auth_disabled_exception_1 = require("./exceptions/legacy-auth-disabled.exception");
|
|
25
26
|
const auth_guard_1 = require("./guards/auth.guard");
|
|
27
|
+
const legacy_auth_rate_limit_guard_1 = require("./guards/legacy-auth-rate-limit.guard");
|
|
26
28
|
const core_auth_sign_in_input_1 = require("./inputs/core-auth-sign-in.input");
|
|
27
29
|
const core_auth_sign_up_input_1 = require("./inputs/core-auth-sign-up.input");
|
|
28
30
|
const core_auth_service_1 = require("./services/core-auth.service");
|
|
@@ -32,19 +34,33 @@ let CoreAuthResolver = class CoreAuthResolver {
|
|
|
32
34
|
this.authService = authService;
|
|
33
35
|
this.configService = configService;
|
|
34
36
|
}
|
|
37
|
+
checkLegacyGraphQLEnabled(endpointName) {
|
|
38
|
+
const authConfig = this.configService.getFastButReadOnly('auth');
|
|
39
|
+
const legacyConfig = authConfig?.legacyEndpoints;
|
|
40
|
+
if (legacyConfig?.enabled === false) {
|
|
41
|
+
throw new legacy_auth_disabled_exception_1.LegacyAuthDisabledException(endpointName);
|
|
42
|
+
}
|
|
43
|
+
if (legacyConfig?.graphql === false) {
|
|
44
|
+
throw new legacy_auth_disabled_exception_1.LegacyAuthDisabledException(endpointName);
|
|
45
|
+
}
|
|
46
|
+
}
|
|
35
47
|
async logout(currentUser, ctx, token, allDevices) {
|
|
48
|
+
this.checkLegacyGraphQLEnabled('logout');
|
|
36
49
|
const result = await this.authService.logout(token, { allDevices, currentUser });
|
|
37
50
|
return this.processCookies(ctx, result);
|
|
38
51
|
}
|
|
39
52
|
async refreshToken(user, refreshToken, ctx) {
|
|
53
|
+
this.checkLegacyGraphQLEnabled('refreshToken');
|
|
40
54
|
const result = await this.authService.refreshTokens(user, refreshToken);
|
|
41
55
|
return this.processCookies(ctx, result);
|
|
42
56
|
}
|
|
43
57
|
async signIn(serviceOptions, ctx, input) {
|
|
58
|
+
this.checkLegacyGraphQLEnabled('signIn');
|
|
44
59
|
const result = await this.authService.signIn(input, serviceOptions);
|
|
45
60
|
return this.processCookies(ctx, result);
|
|
46
61
|
}
|
|
47
62
|
async signUp(serviceOptions, ctx, input) {
|
|
63
|
+
this.checkLegacyGraphQLEnabled('signUp');
|
|
48
64
|
const result = await this.authService.signUp(input, serviceOptions);
|
|
49
65
|
return this.processCookies(ctx, result);
|
|
50
66
|
}
|
|
@@ -70,8 +86,8 @@ let CoreAuthResolver = class CoreAuthResolver {
|
|
|
70
86
|
exports.CoreAuthResolver = CoreAuthResolver;
|
|
71
87
|
__decorate([
|
|
72
88
|
(0, graphql_1.Mutation)(() => Boolean, { description: 'Logout user (from specific device)' }),
|
|
73
|
-
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.
|
|
74
|
-
(0, common_1.UseGuards)(
|
|
89
|
+
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_USER),
|
|
90
|
+
(0, common_1.UseGuards)(legacy_auth_rate_limit_guard_1.LegacyAuthRateLimitGuard),
|
|
75
91
|
__param(0, (0, current_user_decorator_1.CurrentUser)()),
|
|
76
92
|
__param(1, (0, graphql_1.Context)()),
|
|
77
93
|
__param(2, (0, tokens_decorator_1.Tokens)('token')),
|
|
@@ -83,7 +99,7 @@ __decorate([
|
|
|
83
99
|
__decorate([
|
|
84
100
|
(0, graphql_1.Mutation)(() => core_auth_model_1.CoreAuthModel, { description: 'Refresh tokens (for specific device)' }),
|
|
85
101
|
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_EVERYONE),
|
|
86
|
-
(0, common_1.UseGuards)((0, auth_guard_1.AuthGuard)(auth_guard_strategy_enum_1.AuthGuardStrategy.JWT_REFRESH)),
|
|
102
|
+
(0, common_1.UseGuards)(legacy_auth_rate_limit_guard_1.LegacyAuthRateLimitGuard, (0, auth_guard_1.AuthGuard)(auth_guard_strategy_enum_1.AuthGuardStrategy.JWT_REFRESH)),
|
|
87
103
|
__param(0, (0, current_user_decorator_1.CurrentUser)()),
|
|
88
104
|
__param(1, (0, tokens_decorator_1.Tokens)('refreshToken')),
|
|
89
105
|
__param(2, (0, graphql_1.Context)()),
|
|
@@ -96,6 +112,7 @@ __decorate([
|
|
|
96
112
|
description: 'Sign in user via email and password and get JWT tokens (for specific device)',
|
|
97
113
|
}),
|
|
98
114
|
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_EVERYONE),
|
|
115
|
+
(0, common_1.UseGuards)(legacy_auth_rate_limit_guard_1.LegacyAuthRateLimitGuard),
|
|
99
116
|
__param(0, (0, graphql_service_options_decorator_1.GraphQLServiceOptions)({ gqlPath: 'signIn.user' })),
|
|
100
117
|
__param(1, (0, graphql_1.Context)()),
|
|
101
118
|
__param(2, (0, graphql_1.Args)('input')),
|
|
@@ -106,6 +123,7 @@ __decorate([
|
|
|
106
123
|
__decorate([
|
|
107
124
|
(0, graphql_1.Mutation)(() => core_auth_model_1.CoreAuthModel, { description: 'Register a new user account (on specific device)' }),
|
|
108
125
|
(0, roles_decorator_1.Roles)(role_enum_1.RoleEnum.S_EVERYONE),
|
|
126
|
+
(0, common_1.UseGuards)(legacy_auth_rate_limit_guard_1.LegacyAuthRateLimitGuard),
|
|
109
127
|
__param(0, (0, graphql_service_options_decorator_1.GraphQLServiceOptions)({ gqlPath: 'signUp.user' })),
|
|
110
128
|
__param(1, (0, graphql_1.Context)()),
|
|
111
129
|
__param(2, (0, graphql_1.Args)('input')),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"core-auth.resolver.js","sourceRoot":"","sources":["../../../../src/core/modules/auth/core-auth.resolver.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAA2C;AAC3C,6CAAoE;AAGpE,2FAA6E;AAC7E,iHAAkG;AAClG,6EAAgE;AAChE,4DAAwD;AAExD,yEAAqE;AACrE,yEAA+D;AAC/D,uDAAkD;AAClD,oDAAgD;AAChD,8EAAuE;AACvE,8EAAuE;AAEvE,oEAA+D;AAC/D,yDAA4C;
|
|
1
|
+
{"version":3,"file":"core-auth.resolver.js","sourceRoot":"","sources":["../../../../src/core/modules/auth/core-auth.resolver.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAA2C;AAC3C,6CAAoE;AAGpE,2FAA6E;AAC7E,iHAAkG;AAClG,6EAAgE;AAChE,4DAAwD;AAExD,yEAAqE;AACrE,yEAA+D;AAC/D,uDAAkD;AAClD,gGAA0F;AAC1F,oDAAgD;AAChD,wFAAiF;AACjF,8EAAuE;AACvE,8EAAuE;AAEvE,oEAA+D;AAC/D,yDAA4C;AA2BrC,IAAM,gBAAgB,GAAtB,MAAM,gBAAgB;IAI3B,YACqB,WAA4B,EAC5B,aAA4B;QAD5B,gBAAW,GAAX,WAAW,CAAiB;QAC5B,kBAAa,GAAb,aAAa,CAAe;IAC9C,CAAC;IAeM,yBAAyB,CAAC,YAAoB;QACtD,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACjE,MAAM,YAAY,GAAG,UAAU,EAAE,eAAe,CAAC;QAGjD,IAAI,YAAY,EAAE,OAAO,KAAK,KAAK,EAAE,CAAC;YACpC,MAAM,IAAI,4DAA2B,CAAC,YAAY,CAAC,CAAC;QACtD,CAAC;QAGD,IAAI,YAAY,EAAE,OAAO,KAAK,KAAK,EAAE,CAAC;YACpC,MAAM,IAAI,4DAA2B,CAAC,YAAY,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;IAeK,AAAN,KAAK,CAAC,MAAM,CACK,WAA0B,EAC9B,GAA0B,EACpB,KAAa,EACU,UAAoB;QAE5D,IAAI,CAAC,yBAAyB,CAAC,QAAQ,CAAC,CAAC;QACzC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,UAAU,EAAE,WAAW,EAAE,CAAC,CAAC;QACjF,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IAC1C,CAAC;IAWK,AAAN,KAAK,CAAC,YAAY,CACD,IAAmB,EACV,YAAoB,EACjC,GAA0B;QAErC,IAAI,CAAC,yBAAyB,CAAC,cAAc,CAAC,CAAC;QAC/C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;QACxE,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IAC1C,CAAC;IAaK,AAAN,KAAK,CAAC,MAAM,CACyC,cAA8B,EACtE,GAA0B,EACtB,KAA0B;QAEzC,IAAI,CAAC,yBAAyB,CAAC,QAAQ,CAAC,CAAC;QACzC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC;QACpE,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IAC1C,CAAC;IAWK,AAAN,KAAK,CAAC,MAAM,CACyC,cAA8B,EACtE,GAA0B,EACtB,KAA0B;QAEzC,IAAI,CAAC,yBAAyB,CAAC,QAAQ,CAAC,CAAC;QACzC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC;QACpE,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IAC1C,CAAC;IASS,cAAc,CAAC,GAA0B,EAAE,MAAW;QAE9D,IAAI,IAAI,CAAC,aAAa,CAAC,kBAAkB,CAAC,SAAS,CAAC,EAAE,CAAC;YAErD,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;gBAC1C,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;gBAChD,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,cAAc,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;gBACvD,OAAO,MAAM,CAAC;YAChB,CAAC;YACD,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,IAAI,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;YACjE,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,cAAc,EAAE,MAAM,EAAE,YAAY,IAAI,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;YAG/E,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;gBACjB,OAAO,MAAM,CAAC,KAAK,CAAC;YACtB,CAAC;YACD,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;gBACxB,OAAO,MAAM,CAAC,YAAY,CAAC;YAC7B,CAAC;QACH,CAAC;QAGD,OAAO,MAAM,CAAC;IAChB,CAAC;CACF,CAAA;AAvJY,4CAAgB;AAkDrB;IAHL,IAAA,kBAAQ,EAAC,GAAG,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,oCAAoC,EAAE,CAAC;IAC9E,IAAA,uBAAK,EAAC,oBAAQ,CAAC,MAAM,CAAC;IACtB,IAAA,kBAAS,EAAC,uDAAwB,CAAC;IAEjC,WAAA,IAAA,oCAAW,GAAE,CAAA;IACb,WAAA,IAAA,iBAAO,GAAE,CAAA;IACT,WAAA,IAAA,yBAAM,EAAC,OAAO,CAAC,CAAA;IACf,WAAA,IAAA,cAAI,EAAC,YAAY,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;;;;8CAKxC;AAWK;IAHL,IAAA,kBAAQ,EAAC,GAAG,EAAE,CAAC,+BAAa,EAAE,EAAE,WAAW,EAAE,sCAAsC,EAAE,CAAC;IACtF,IAAA,uBAAK,EAAC,oBAAQ,CAAC,UAAU,CAAC;IAC1B,IAAA,kBAAS,EAAC,uDAAwB,EAAE,IAAA,sBAAS,EAAC,4CAAiB,CAAC,WAAW,CAAC,CAAC;IAE3E,WAAA,IAAA,oCAAW,GAAE,CAAA;IACb,WAAA,IAAA,yBAAM,EAAC,cAAc,CAAC,CAAA;IACtB,WAAA,IAAA,iBAAO,GAAE,CAAA;;;;oDAKX;AAaK;IALL,IAAA,kBAAQ,EAAC,GAAG,EAAE,CAAC,+BAAa,EAAE;QAC7B,WAAW,EAAE,8EAA8E;KAC5F,CAAC;IACD,IAAA,uBAAK,EAAC,oBAAQ,CAAC,UAAU,CAAC;IAC1B,IAAA,kBAAS,EAAC,uDAAwB,CAAC;IAEjC,WAAA,IAAA,yDAAqB,EAAC,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,CAAA;IACjD,WAAA,IAAA,iBAAO,GAAE,CAAA;IACT,WAAA,IAAA,cAAI,EAAC,OAAO,CAAC,CAAA;;qDAAQ,6CAAmB;;8CAK1C;AAWK;IAHL,IAAA,kBAAQ,EAAC,GAAG,EAAE,CAAC,+BAAa,EAAE,EAAE,WAAW,EAAE,kDAAkD,EAAE,CAAC;IAClG,IAAA,uBAAK,EAAC,oBAAQ,CAAC,UAAU,CAAC;IAC1B,IAAA,kBAAS,EAAC,uDAAwB,CAAC;IAEjC,WAAA,IAAA,yDAAqB,EAAC,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,CAAA;IACjD,WAAA,IAAA,iBAAO,GAAE,CAAA;IACT,WAAA,IAAA,cAAI,EAAC,OAAO,CAAC,CAAA;;qDAAQ,6CAAmB;;8CAK1C;2BAtHU,gBAAgB;IAF5B,IAAA,kBAAQ,EAAC,GAAG,EAAE,CAAC,+BAAa,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;IACnD,IAAA,uBAAK,EAAC,oBAAQ,CAAC,KAAK,CAAC;qCAMc,mCAAe;QACb,8BAAa;GANtC,gBAAgB,CAuJ5B"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.LegacyAuthDisabledException = void 0;
|
|
4
|
+
const common_1 = require("@nestjs/common");
|
|
5
|
+
class LegacyAuthDisabledException extends common_1.GoneException {
|
|
6
|
+
constructor(endpoint) {
|
|
7
|
+
super({
|
|
8
|
+
error: 'Legacy Auth Disabled',
|
|
9
|
+
message: endpoint
|
|
10
|
+
? `Legacy Auth endpoint '${endpoint}' is disabled. Use BetterAuth (IAM) endpoints instead.`
|
|
11
|
+
: 'Legacy Auth endpoints are disabled. Use BetterAuth (IAM) endpoints instead.',
|
|
12
|
+
statusCode: 410,
|
|
13
|
+
});
|
|
14
|
+
}
|
|
15
|
+
}
|
|
16
|
+
exports.LegacyAuthDisabledException = LegacyAuthDisabledException;
|
|
17
|
+
//# sourceMappingURL=legacy-auth-disabled.exception.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"legacy-auth-disabled.exception.js","sourceRoot":"","sources":["../../../../../src/core/modules/auth/exceptions/legacy-auth-disabled.exception.ts"],"names":[],"mappings":";;;AAAA,2CAA+C;AAwB/C,MAAa,2BAA4B,SAAQ,sBAAa;IAC5D,YAAY,QAAiB;QAC3B,KAAK,CAAC;YACJ,KAAK,EAAE,sBAAsB;YAC7B,OAAO,EAAE,QAAQ;gBACf,CAAC,CAAC,yBAAyB,QAAQ,wDAAwD;gBAC3F,CAAC,CAAC,6EAA6E;YACjF,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;CACF;AAVD,kEAUC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
2
|
+
import { LegacyAuthRateLimiter } from '../services/legacy-auth-rate-limiter.service';
|
|
3
|
+
export declare class LegacyAuthRateLimitGuard implements CanActivate {
|
|
4
|
+
private readonly rateLimiter;
|
|
5
|
+
constructor(rateLimiter: LegacyAuthRateLimiter);
|
|
6
|
+
canActivate(context: ExecutionContext): boolean;
|
|
7
|
+
private extractRequestInfo;
|
|
8
|
+
private getClientIp;
|
|
9
|
+
}
|
|
@@ -0,0 +1,74 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.LegacyAuthRateLimitGuard = void 0;
|
|
13
|
+
const common_1 = require("@nestjs/common");
|
|
14
|
+
const graphql_1 = require("@nestjs/graphql");
|
|
15
|
+
const legacy_auth_rate_limiter_service_1 = require("../services/legacy-auth-rate-limiter.service");
|
|
16
|
+
let LegacyAuthRateLimitGuard = class LegacyAuthRateLimitGuard {
|
|
17
|
+
constructor(rateLimiter) {
|
|
18
|
+
this.rateLimiter = rateLimiter;
|
|
19
|
+
}
|
|
20
|
+
canActivate(context) {
|
|
21
|
+
if (!this.rateLimiter.isEnabled()) {
|
|
22
|
+
return true;
|
|
23
|
+
}
|
|
24
|
+
const { endpoint, ip } = this.extractRequestInfo(context);
|
|
25
|
+
const result = this.rateLimiter.check(ip, endpoint);
|
|
26
|
+
if (!result.allowed) {
|
|
27
|
+
throw new common_1.HttpException({
|
|
28
|
+
error: 'Too Many Requests',
|
|
29
|
+
message: this.rateLimiter.getMessage(),
|
|
30
|
+
remaining: result.remaining,
|
|
31
|
+
retryAfter: result.resetIn,
|
|
32
|
+
statusCode: common_1.HttpStatus.TOO_MANY_REQUESTS,
|
|
33
|
+
}, common_1.HttpStatus.TOO_MANY_REQUESTS);
|
|
34
|
+
}
|
|
35
|
+
return true;
|
|
36
|
+
}
|
|
37
|
+
extractRequestInfo(context) {
|
|
38
|
+
const contextType = context.getType();
|
|
39
|
+
if (contextType === 'graphql') {
|
|
40
|
+
const gqlContext = graphql_1.GqlExecutionContext.create(context);
|
|
41
|
+
const info = gqlContext.getInfo();
|
|
42
|
+
const ctx = gqlContext.getContext();
|
|
43
|
+
const req = ctx.req;
|
|
44
|
+
const ip = this.getClientIp(req);
|
|
45
|
+
const endpoint = info?.fieldName || 'unknown';
|
|
46
|
+
return { endpoint, ip };
|
|
47
|
+
}
|
|
48
|
+
const request = context.switchToHttp().getRequest();
|
|
49
|
+
const ip = this.getClientIp(request);
|
|
50
|
+
const url = request.url || request.path || '';
|
|
51
|
+
const endpoint = url.split('/').pop() || 'unknown';
|
|
52
|
+
return { endpoint, ip };
|
|
53
|
+
}
|
|
54
|
+
getClientIp(request) {
|
|
55
|
+
if (!request) {
|
|
56
|
+
return 'unknown';
|
|
57
|
+
}
|
|
58
|
+
const forwardedFor = request.headers?.['x-forwarded-for'];
|
|
59
|
+
if (forwardedFor) {
|
|
60
|
+
return forwardedFor.split(',')[0].trim();
|
|
61
|
+
}
|
|
62
|
+
const realIp = request.headers?.['x-real-ip'];
|
|
63
|
+
if (realIp) {
|
|
64
|
+
return realIp;
|
|
65
|
+
}
|
|
66
|
+
return request.ip || request.connection?.remoteAddress || 'unknown';
|
|
67
|
+
}
|
|
68
|
+
};
|
|
69
|
+
exports.LegacyAuthRateLimitGuard = LegacyAuthRateLimitGuard;
|
|
70
|
+
exports.LegacyAuthRateLimitGuard = LegacyAuthRateLimitGuard = __decorate([
|
|
71
|
+
(0, common_1.Injectable)(),
|
|
72
|
+
__metadata("design:paramtypes", [legacy_auth_rate_limiter_service_1.LegacyAuthRateLimiter])
|
|
73
|
+
], LegacyAuthRateLimitGuard);
|
|
74
|
+
//# sourceMappingURL=legacy-auth-rate-limit.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"legacy-auth-rate-limit.guard.js","sourceRoot":"","sources":["../../../../../src/core/modules/auth/guards/legacy-auth-rate-limit.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAsG;AACtG,6CAAsD;AAEtD,mGAAqF;AAsB9E,IAAM,wBAAwB,GAA9B,MAAM,wBAAwB;IACnC,YAA6B,WAAkC;QAAlC,gBAAW,GAAX,WAAW,CAAuB;IAAG,CAAC;IAEnE,WAAW,CAAC,OAAyB;QAEnC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,EAAE,CAAC;YAClC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC;QAC1D,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;QAEpD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,IAAI,sBAAa,CACrB;gBACE,KAAK,EAAE,mBAAmB;gBAC1B,OAAO,EAAE,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE;gBACtC,SAAS,EAAE,MAAM,CAAC,SAAS;gBAC3B,UAAU,EAAE,MAAM,CAAC,OAAO;gBAC1B,UAAU,EAAE,mBAAU,CAAC,iBAAiB;aACzC,EACD,mBAAU,CAAC,iBAAiB,CAC7B,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAKO,kBAAkB,CAAC,OAAyB;QAClD,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,EAAsB,CAAC;QAE1D,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YAC9B,MAAM,UAAU,GAAG,6BAAmB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACvD,MAAM,IAAI,GAAG,UAAU,CAAC,OAAO,EAAE,CAAC;YAClC,MAAM,GAAG,GAAG,UAAU,CAAC,UAAU,EAAE,CAAC;YAGpC,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC;YACpB,MAAM,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;YAGjC,MAAM,QAAQ,GAAG,IAAI,EAAE,SAAS,IAAI,SAAS,CAAC;YAE9C,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;QAC1B,CAAC;QAGD,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QACpD,MAAM,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QAGrC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC;QAC9C,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,SAAS,CAAC;QAEnD,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IAC1B,CAAC;IAKO,WAAW,CAAC,OAAY;QAC9B,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,SAAS,CAAC;QACnB,CAAC;QAGD,MAAM,YAAY,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,iBAAiB,CAAC,CAAC;QAC1D,IAAI,YAAY,EAAE,CAAC;YAEjB,OAAO,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC3C,CAAC;QAED,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,WAAW,CAAC,CAAC;QAC9C,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,MAAM,CAAC;QAChB,CAAC;QAGD,OAAO,OAAO,CAAC,EAAE,IAAI,OAAO,CAAC,UAAU,EAAE,aAAa,IAAI,SAAS,CAAC;IACtE,CAAC;CACF,CAAA;AAnFY,4DAAwB;mCAAxB,wBAAwB;IADpC,IAAA,mBAAU,GAAE;qCAE+B,wDAAqB;GADpD,wBAAwB,CAmFpC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { JwtPayload } from './jwt-payload.interface';
|
|
2
|
+
export interface IAuthProvider {
|
|
3
|
+
decodeJwt(token: string): JwtPayload;
|
|
4
|
+
signToken(user: any, expiresIn?: string): string;
|
|
5
|
+
validateUser(payload: JwtPayload): Promise<any>;
|
|
6
|
+
}
|
|
7
|
+
export declare const AUTH_PROVIDER = "AUTH_PROVIDER";
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth-provider.interface.js","sourceRoot":"","sources":["../../../../../src/core/modules/auth/interfaces/auth-provider.interface.ts"],"names":[],"mappings":";;;AAqFa,QAAA,aAAa,GAAG,eAAe,CAAC"}
|