npm - @lenne.tech/nest-server - Versions diffs - 9.1.0 → 9.2.1 - Mend

@lenne.tech/nest-server 9.1.0 → 9.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (121) hide show

package/src/core.module.ts CHANGED Viewed

@@ -8,6 +8,7 @@ import * as graphqlUploadExpress from 'graphql-upload/graphqlUploadExpress.js';
 import { merge } from './core/common/helpers/config.helper';
 import { IServerOptions } from './core/common/interfaces/server-options.interface';
 import { MapAndValidatePipe } from './core/common/pipes/map-and-validate.pipe';
+import { ComplexityPlugin } from './core/common/plugins/complexity.plugin';
 import { ConfigService } from './core/common/services/config.service';
 import { EmailService } from './core/common/services/email.service';
 import { MailjetService } from './core/common/services/mailjet.service';
@@ -41,6 +42,13 @@ export class CoreModule implements NestModule {
    */
   static forRoot(AuthService: any, AuthModule: any, options: Partial<IServerOptions>): DynamicModule {
     // Process config
+    let cors = {};
+    if (options?.cookies) {
+      cors = {
+        credentials: true,
+        origin: true,
+      };
+    }
     const config: IServerOptions = merge(
       {
         env: 'develop',
@@ -52,7 +60,8 @@ export class CoreModule implements NestModule {
               Object.assign(
                 {
                   autoSchemaFile: 'schema.gql',
-                  context: ({ req }) => ({ req }),
+                  context: ({ req, res }) => ({ req, res }),
+                  cors,
                   installSubscriptionHandlers: true,
                   subscriptions: {
                     'subscriptions-transport-ws': {
@@ -135,6 +144,9 @@ export class CoreModule implements NestModule {
       EmailService,
       TemplateService,
       MailjetService,
+      // Plugins
+      ComplexityPlugin,
     ];
     // Return dynamic module
@@ -147,7 +159,7 @@ export class CoreModule implements NestModule {
         ),
       ],
       providers,
-      exports: [ConfigService, EmailService, TemplateService, MailjetService],
+      exports: [ConfigService, EmailService, TemplateService, MailjetService, ComplexityPlugin],
     };
   }
 }

package/src/index.ts CHANGED Viewed

@@ -18,6 +18,7 @@ export * from './core/common/enums/logical-operator.enum';
 export * from './core/common/enums/process-type.enum';
 export * from './core/common/enums/role.enum';
 export * from './core/common/enums/sort-order.emum';
+export * from './core/common/filters/http-exception-log.filter';
 export * from './core/common/helpers/common.helper';
 export * from './core/common/helpers/config.helper';
 export * from './core/common/helpers/context.helper';
@@ -34,6 +35,7 @@ export * from './core/common/inputs/filter.input';
 export * from './core/common/inputs/single-filter.input';
 export * from './core/common/inputs/sort.input';
 export * from './core/common/interceptors/check-response.interceptor';
+export * from './core/common/interceptors/check-security.interceptor';
 export * from './core/common/interfaces/core-persistence-model.interface';
 export * from './core/common/interfaces/cron-job-config.interface';
 export * from './core/common/interfaces/mailjet-options.interface';
@@ -46,6 +48,8 @@ export * from './core/common/models/core-model.model';
 export * from './core/common/models/core-persistence.model';
 export * from './core/common/pipes/check-input.pipe';
 export * from './core/common/pipes/map-and-validate.pipe';
+export * from './core/common/plugins/complexity.plugin';
+export * from './core/common/plugins/mongoose-id.plugin';
 export * from './core/common/scalars/any.scalar';
 export * from './core/common/scalars/date.scalar';
 export * from './core/common/scalars/json.scalar';
@@ -83,7 +87,8 @@ export * from './core/modules/auth/services/core-auth-user.service';
 export * from './core/modules/auth/core-auth.model';
 export * from './core/modules/auth/core-auth.module';
 export * from './core/modules/auth/core-auth.resolver';
-export * from './core/modules/auth/jwt.strategy';
+export * from './core/modules/auth/strategies/jwt.strategy';
+export * from './core/modules/auth/strategies/jwt-refresh.strategy';
 // =====================================================================================================================
 // Core - Modules - File

package/src/main.ts CHANGED Viewed

@@ -1,7 +1,10 @@
 import { NestFactory } from '@nestjs/core';
 import { NestExpressApplication } from '@nestjs/platform-express';
 import { exec } from 'child_process';
+import * as compression from 'compression';
+import * as cookieParser from 'cookie-parser';
 import envConfig from './config.env';
+import { HttpExceptionLogFilter } from './core/common/filters/http-exception-log.filter';
 import { ServerModule } from './server/server.module';
 /**
@@ -14,6 +17,32 @@ async function bootstrap() {
     ServerModule
   );
+  // Log exceptions
+  if (envConfig.logExceptions) {
+    server.useGlobalFilters(new HttpExceptionLogFilter());
+  }
+  // Compression (gzip)
+  if (envConfig.compression) {
+    let envCompressionOptions = {};
+    if (typeof envConfig.compression === 'object') {
+      envCompressionOptions = envConfig.compression;
+    }
+    const compressionOptions = {
+      filter: () => {
+        return true;
+      },
+      threshold: 0,
+      ...envCompressionOptions,
+    };
+    server.use(compression(compressionOptions));
+  }
+  // Cookie handling
+  if (envConfig.cookies) {
+    server.use(cookieParser());
+  }
   // Asset directory
   server.useStaticAssets(envConfig.staticAssets.path, envConfig.staticAssets.options);

package/src/server/modules/auth/auth.model.ts CHANGED Viewed

@@ -16,7 +16,7 @@ export class Auth extends CoreAuthModel {
    * Signed-in user
    */
   @Field(() => User, { description: 'User who signed in' })
-  user: User = undefined;
+  override user: User = undefined;
   // ===================================================================================================================
   // Methods

package/src/server/modules/auth/auth.resolver.ts CHANGED Viewed

@@ -1,5 +1,8 @@
-import { Args, Info, Mutation, Query, Resolver } from '@nestjs/graphql';
+import { Args, Context, Info, Mutation, Resolver } from '@nestjs/graphql';
+import { Response as ResponseType } from 'express';
 import { GraphQLResolveInfo } from 'graphql';
+import { ConfigService } from '../../../core/common/services/config.service';
+import { CoreAuthResolver } from '../../../core/modules/auth/core-auth.resolver';
 import { Auth } from './auth.model';
 import { AuthService } from './auth.service';
 import { AuthSignInInput } from './inputs/auth-sign-in.input';
@@ -9,21 +12,31 @@ import { AuthSignUpInput } from './inputs/auth-sign-up.input';
  * Authentication resolver for the sign in
  */
 @Resolver(() => Auth)
-export class AuthResolver {
+export class AuthResolver extends CoreAuthResolver {
   /**
    * Integrate services
    */
-  constructor(private readonly authService: AuthService) {}
+  constructor(
+    protected override readonly authService: AuthService,
+    protected override readonly configService: ConfigService
+  ) {
+    super(authService, configService);
+  }
   /**
    * SignIn for User
    */
-  @Query(() => Auth, { description: 'Sign in and get JWT token' })
-  async signIn(@Info() info: GraphQLResolveInfo, @Args('input') input: AuthSignInInput): Promise<Auth> {
-    return this.authService.signIn(input, {
+  @Mutation(() => Auth, { description: 'Sign in and get JWT token' })
+  override async signIn(
+    @Info() info: GraphQLResolveInfo,
+    @Context() ctx: { res: ResponseType },
+    @Args('input') input: AuthSignInInput
+  ): Promise<Auth> {
+    const result = await this.authService.signIn(input, {
       fieldSelection: { info, select: 'signIn' },
       inputType: AuthSignInInput,
     });
+    return this.processCookies(ctx, result);
   }
   /**
@@ -32,9 +45,14 @@ export class AuthResolver {
   @Mutation(() => Auth, {
     description: 'Sign up user and get JWT token',
   })
-  async signUp(@Info() info: GraphQLResolveInfo, @Args('input') input: AuthSignUpInput): Promise<Auth> {
-    return this.authService.signUp(input, {
+  override async signUp(
+    @Info() info: GraphQLResolveInfo,
+    @Context() ctx: { res: ResponseType },
+    @Args('input') input: AuthSignUpInput
+  ): Promise<Auth> {
+    const result = await this.authService.signUp(input, {
       fieldSelection: { info, select: 'signUp' },
     });
+    return this.processCookies(ctx, result);
   }
 }

package/src/server/modules/auth/auth.service.ts CHANGED Viewed

@@ -1,79 +1,42 @@
-import { Injectable, UnauthorizedException } from '@nestjs/common';
+import { Injectable } from '@nestjs/common';
 import { JwtService } from '@nestjs/jwt';
-import * as bcrypt from 'bcrypt';
-import { sha256 } from 'js-sha256';
-import { Roles } from '../../../core/common/decorators/roles.decorator';
-import { RoleEnum } from '../../../core/common/enums/role.enum';
-import { prepareServiceOptions } from '../../../core/common/helpers/service.helper';
 import { ServiceOptions } from '../../../core/common/interfaces/service-options.interface';
 import { ConfigService } from '../../../core/common/services/config.service';
 import { EmailService } from '../../../core/common/services/email.service';
-import { JwtPayload } from '../../../core/modules/auth/interfaces/jwt-payload.interface';
+import { CoreAuthService } from '../../../core/modules/auth/services/core-auth.service';
 import { UserService } from '../user/user.service';
 import { Auth } from './auth.model';
 import { AuthSignInInput } from './inputs/auth-sign-in.input';
 import { AuthSignUpInput } from './inputs/auth-sign-up.input';
 @Injectable()
-@Roles(RoleEnum.ADMIN)
-export class AuthService {
+export class AuthService extends CoreAuthService {
   constructor(
-    protected readonly jwtService: JwtService,
+    protected override readonly jwtService: JwtService,
     protected readonly emailService: EmailService,
-    protected readonly userService: UserService,
-    protected readonly configService: ConfigService
-  ) {}
+    protected override readonly userService: UserService,
+    protected override readonly configService: ConfigService
+  ) {
+    super(userService, jwtService, configService);
+  }
   /**
    * Sign in for user
+   *
+   * Overwrites the parent method for mapping
    */
-  @Roles(RoleEnum.S_EVERYONE)
-  async signIn(input: AuthSignInInput, serviceOptions?: ServiceOptions): Promise<Auth> {
-    // Prepare service options
-    const serviceOptionsForUserService = prepareServiceOptions(serviceOptions, {
-      // We need password, so we can't use prepare output handling and have to deactivate it
-      prepareOutput: null,
-      // Select user field for automatic populate handling via user service
-      subFieldSelection: 'user',
-    });
-    // Get and check user
-    const user = await this.userService.getViaEmail(input.email, serviceOptionsForUserService);
-    if (
-      !user ||
-      !(
-        (await bcrypt.compare(input.password, user.password)) ||
-        (await bcrypt.compare(sha256(input.password), user.password))
-      )
-    ) {
-      throw new UnauthorizedException();
-    }
-    // Create JWT and return sign-in data
-    const payload: JwtPayload = { email: user.email };
-    return Auth.map({
-      token: this.jwtService.sign(payload),
-      user,
-    });
+  override async signIn(input: AuthSignInInput, serviceOptions?: ServiceOptions): Promise<Auth> {
+    return Auth.map(await super.signIn(input, serviceOptions));
   }
   /**
    * Register a new user Account
+   *
+   * Overwrites the parent method for integrating email sending and mapping
    */
-  @Roles(RoleEnum.S_EVERYONE)
-  async signUp(input: AuthSignUpInput, serviceOptions?: ServiceOptions): Promise<Auth> {
-    // Prepare service options
-    const serviceOptionsForUserService = prepareServiceOptions(serviceOptions, {
-      // Select user field for automatic populate handling via user service
-      subFieldSelection: 'user',
-    });
-    // Get and check user
-    const user = await this.userService.create(input, serviceOptionsForUserService);
-    if (!user) {
-      throw Error('Email Address already in use');
-    }
+  override async signUp(input: AuthSignUpInput, serviceOptions?: ServiceOptions): Promise<Auth> {
+    const result = await super.signUp(input, serviceOptions);
+    const { user } = result;
     // Send email
     await this.emailService.sendMail(user.email, 'Welcome', {
@@ -84,11 +47,7 @@ export class AuthService {
       },
     });
-    // Create JWT and return sign-in data
-    const payload: JwtPayload = { email: user.email };
-    return Auth.map({
-      token: this.jwtService.sign(payload),
-      user: user,
-    });
+    // Return mapped result
+    return Auth.map(result);
   }
 }

package/src/server/modules/file/file.module.ts CHANGED Viewed

@@ -1,10 +1,10 @@
 import { forwardRef, Module } from '@nestjs/common';
+import { MulterModule } from '@nestjs/platform-express';
+import { UserModule } from '../user/user.module';
+import { FileController } from './file.controller';
 import { FileResolver } from './file.resolver';
 import { FileService } from './file.service';
-import { FileController } from './file.controller';
 import { GridFsMulterConfigService } from './multer-config.service';
-import { MulterModule } from '@nestjs/platform-express';
-import { UserModule } from '../user/user.module';
 /**
  * File module

package/src/server/modules/user/user.model.ts CHANGED Viewed

@@ -1,6 +1,7 @@
 import { Field, ObjectType } from '@nestjs/graphql';
 import { Prop, Schema as MongooseSchema, SchemaFactory } from '@nestjs/mongoose';
 import { Document, Schema } from 'mongoose';
+import { RoleEnum } from '../../../core/common/enums/role.enum';
 import { CoreUserModel } from '../../../core/modules/user/core-user.model';
 import { PersistenceModel } from '../../common/models/persistence.model';
@@ -69,6 +70,34 @@ export class User extends CoreUserModel implements PersistenceModel {
     // If something comes up, you can use `mapClasses` / `mapClassesAsync` from ModelHelper.
     return this;
   }
+  /**
+   * Verification of the user's rights to access the properties of this object
+   */
+  override securityCheck(user: User, force?: boolean) {
+    if (force || (user && (user.id === this.id || user.hasRole(RoleEnum.ADMIN)))) {
+      return this;
+    }
+    // Remove (values of) properties
+    if (!user || user.id !== this.id) {
+      this.roles = [];
+      this.username = null;
+      this.verified = null;
+      this.verifiedAt = null;
+      // PersistenceModel and CorePersistenceModel
+      this.createdAt = null;
+      this.createdBy = null;
+      this.labels = null;
+      this.tags = null;
+      this.updatedAt = null;
+      this.updatedBy = null;
+    }
+    // Return prepared user
+    return this;
+  }
 }
 export const UserSchema = SchemaFactory.createForClass(User);

package/src/server/server.module.ts CHANGED Viewed

@@ -1,7 +1,9 @@
 import { Module } from '@nestjs/common';
+import { APP_INTERCEPTOR } from '@nestjs/core';
 import { ScheduleModule } from '@nestjs/schedule';
 import envConfig from '../config.env';
 import { CoreModule } from '../core.module';
+import { CheckSecurityInterceptor } from '../core/common/interceptors/check-security.interceptor';
 import { Any } from '../core/common/scalars/any.scalar';
 import { DateScalar } from '../core/common/scalars/date.scalar';
 import { JSON } from '../core/common/scalars/json.scalar';
@@ -34,7 +36,16 @@ import { ServerController } from './server.controller';
     FileModule,
   ],
-  providers: [Any, CronJobs, DateScalar, JSON],
+  providers: [
+    Any,
+    CronJobs,
+    DateScalar,
+    JSON,
+    {
+      provide: APP_INTERCEPTOR,
+      useClass: CheckSecurityInterceptor,
+    },
+  ],
   // Include REST controllers
   controllers: [ServerController],

package/dist/core/modules/auth/jwt.strategy.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"jwt.strategy.js","sourceRoot":"","sources":["../../../../src/core/modules/auth/jwt.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAmE;AACnE,+CAAoD;AACpD,+CAAoD;AACpD,yEAAqE;AAErE,oEAA+D;AAMxD,IAAM,WAAW,GAAjB,MAAM,WAAY,SAAQ,IAAA,2BAAgB,EAAC,uBAAQ,CAAC;IAIzD,YAA+B,WAA4B,EAAqB,aAA4B;QAC1G,KAAK,CAAC;YACJ,cAAc,EAAE,yBAAU,CAAC,2BAA2B,EAAE;YACxD,UAAU,EAAE,aAAa,CAAC,GAAG,CAAC,gBAAgB,CAAC;YAC/C,SAAS,EAAE,aAAa,CAAC,GAAG,CAAC,eAAe,CAAC;YAC7C,MAAM,EAAE,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,aAAa,CAAC,GAAG,CAAC,wBAAwB,CAAC;YACtF,WAAW,EAAE,aAAa,CAAC,GAAG,CAAC,wBAAwB,CAAC,IAAI,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC;YAC3F,mBAAmB,EAAE,aAAa,CAAC,GAAG,CAAC,yBAAyB,CAAC;SAClE,CAAC,CAAC;QAR0B,gBAAW,GAAX,WAAW,CAAiB;QAAqB,kBAAa,GAAb,aAAa,CAAe;IAS5G,CAAC;IAKD,KAAK,CAAC,QAAQ,CAAC,OAAmB;QAChC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QAC1D,IAAI,CAAC,IAAI,EAAE;YACT,MAAM,IAAI,8BAAqB,EAAE,CAAC;SACnC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AAzBY,WAAW;IADvB,IAAA,mBAAU,GAAE;qCAKiC,mCAAe,EAAoC,8BAAa;GAJjG,WAAW,CAyBvB;AAzBY,kCAAW"}