@nauth-toolkit/core 0.1.0

package/dist/utils/setup/register-mfa.js

@@ -0,0 +1,85 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.registerMFAProviders = registerMFAProviders;
+async function registerMFAProviders(config, mfaService, mfaDeviceRepository, userRepository, logger, passwordService, emailVerificationService, phoneVerificationService, challengeService, auditService, clientInfoService) {
+    if (!config.mfa?.enabled) {
+        return;
+    }
+    try {
+        const { TOTPMFAProviderService, TOTPService } = await Promise.resolve().then(() => __importStar(require('@nauth-toolkit/mfa-totp')));
+        const totpService = new TOTPService(config, logger);
+        const totpProvider = new TOTPMFAProviderService(mfaDeviceRepository, userRepository, config, logger, passwordService, totpService, challengeService, auditService, clientInfoService);
+        mfaService.registerProvider(totpProvider);
+        logger?.debug?.('TOTP MFA provider registered');
+    }
+    catch (error) {
+        logger?.warn?.('TOTP MFA package not found. Install @nauth-toolkit/mfa-totp to enable TOTP MFA.');
+    }
+    if (phoneVerificationService) {
+        try {
+            const { SMSMFAProviderService } = await Promise.resolve().then(() => __importStar(require('@nauth-toolkit/mfa-sms')));
+            const smsProvider = new SMSMFAProviderService(mfaDeviceRepository, userRepository, config, logger, passwordService, phoneVerificationService, challengeService, auditService, clientInfoService);
+            mfaService.registerProvider(smsProvider);
+            logger?.debug?.('SMS MFA provider registered');
+        }
+        catch (error) {
+            logger?.warn?.('SMS MFA package not found. Install @nauth-toolkit/mfa-sms to enable SMS MFA.');
+        }
+    }
+    else {
+        logger?.debug?.('Phone verification service not configured. Skipping SMS MFA registration.');
+    }
+    try {
+        const { EmailMFAProviderService } = await Promise.resolve().then(() => __importStar(require('@nauth-toolkit/mfa-email')));
+        const emailProvider = new EmailMFAProviderService(mfaDeviceRepository, userRepository, config, logger, passwordService, emailVerificationService, challengeService, auditService, clientInfoService);
+        mfaService.registerProvider(emailProvider);
+        logger?.debug?.('Email MFA provider registered');
+    }
+    catch (error) {
+        logger?.warn?.('Email MFA package not found. Install @nauth-toolkit/mfa-email to enable Email MFA.');
+    }
+    try {
+        const { PasskeyMFAProviderService, PasskeyService } = await Promise.resolve().then(() => __importStar(require('@nauth-toolkit/mfa-passkey')));
+        const passkeyService = new PasskeyService(config, logger);
+        const passkeyProvider = new PasskeyMFAProviderService(mfaDeviceRepository, userRepository, config, logger, passwordService, passkeyService, challengeService, auditService, clientInfoService);
+        mfaService.registerProvider(passkeyProvider);
+        logger?.debug?.('Passkey MFA provider registered');
+    }
+    catch (error) {
+        logger?.warn?.('Passkey MFA package not found. Install @nauth-toolkit/mfa-passkey to enable Passkey MFA.');
+    }
+}
+//# sourceMappingURL=register-mfa.js.map

package/dist/utils/setup/register-mfa.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"register-mfa.js","sourceRoot":"","sources":["../../../src/utils/setup/register-mfa.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAwCA,oDA4HC;AA5HM,KAAK,UAAU,oBAAoB,CACxC,MAAmB,EACnB,UAAsB,EACtB,mBAA8C,EAC9C,cAAoC,EACpC,MAAmB,EACnB,eAAgC,EAChC,wBAAkD,EAClD,wBAAmD,EACnD,gBAAmC,EACnC,YAA+B,EAC/B,iBAAqC;IAErC,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,OAAO,EAAE,CAAC;QACzB,OAAO;IACT,CAAC;IAKD,IAAI,CAAC;QAEH,MAAM,EAAE,sBAAsB,EAAE,WAAW,EAAE,GAAG,wDAAa,yBAAyB,GAAC,CAAC;QAExF,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAEpD,MAAM,YAAY,GAAG,IAAI,sBAAsB,CAC7C,mBAAmB,EACnB,cAAc,EACd,MAAM,EACN,MAAM,EACN,eAAe,EACf,WAAW,EACX,gBAAgB,EAChB,YAAY,EACZ,iBAAiB,CAClB,CAAC;QAEF,UAAU,CAAC,gBAAgB,CAAC,YAA8C,CAAC,CAAC;QAC5E,MAAM,EAAE,KAAK,EAAE,CAAC,8BAA8B,CAAC,CAAC;IAClD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,EAAE,IAAI,EAAE,CAAC,iFAAiF,CAAC,CAAC;IACpG,CAAC;IAKD,IAAI,wBAAwB,EAAE,CAAC;QAC7B,IAAI,CAAC;YAEH,MAAM,EAAE,qBAAqB,EAAE,GAAG,wDAAa,wBAAwB,GAAC,CAAC;YAEzE,MAAM,WAAW,GAAG,IAAI,qBAAqB,CAC3C,mBAAmB,EACnB,cAAc,EACd,MAAM,EACN,MAAM,EACN,eAAe,EACf,wBAAwB,EACxB,gBAAgB,EAChB,YAAY,EACZ,iBAAiB,CAClB,CAAC;YAEF,UAAU,CAAC,gBAAgB,CAAC,WAA6C,CAAC,CAAC;YAC3E,MAAM,EAAE,KAAK,EAAE,CAAC,6BAA6B,CAAC,CAAC;QACjD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,EAAE,IAAI,EAAE,CAAC,8EAA8E,CAAC,CAAC;QACjG,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,EAAE,KAAK,EAAE,CAAC,2EAA2E,CAAC,CAAC;IAC/F,CAAC;IAKD,IAAI,CAAC;QAEH,MAAM,EAAE,uBAAuB,EAAE,GAAG,wDAAa,0BAA0B,GAAC,CAAC;QAE7E,MAAM,aAAa,GAAG,IAAI,uBAAuB,CAC/C,mBAAmB,EACnB,cAAc,EACd,MAAM,EACN,MAAM,EACN,eAAe,EACf,wBAAwB,EACxB,gBAAgB,EAChB,YAAY,EACZ,iBAAiB,CAClB,CAAC;QAEF,UAAU,CAAC,gBAAgB,CAAC,aAA+C,CAAC,CAAC;QAC7E,MAAM,EAAE,KAAK,EAAE,CAAC,+BAA+B,CAAC,CAAC;IACnD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,EAAE,IAAI,EAAE,CAAC,oFAAoF,CAAC,CAAC;IACvG,CAAC;IAKD,IAAI,CAAC;QAEH,MAAM,EAAE,yBAAyB,EAAE,cAAc,EAAE,GAAG,wDAAa,4BAA4B,GAAC,CAAC;QAEjG,MAAM,cAAc,GAAG,IAAI,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAE1D,MAAM,eAAe,GAAG,IAAI,yBAAyB,CACnD,mBAAmB,EACnB,cAAc,EACd,MAAM,EACN,MAAM,EACN,eAAe,EACf,cAAc,EACd,gBAAgB,EAChB,YAAY,EACZ,iBAAiB,CAClB,CAAC;QAEF,UAAU,CAAC,gBAAgB,CAAC,eAAiD,CAAC,CAAC;QAC/E,MAAM,EAAE,KAAK,EAAE,CAAC,iCAAiC,CAAC,CAAC;IACrD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,EAAE,IAAI,EAAE,CAAC,0FAA0F,CAAC,CAAC;IAC7G,CAAC;AACH,CAAC"}

package/dist/utils/setup/run-nauth-migrations.d.ts

@@ -0,0 +1,5 @@
+import type { DataSource } from 'typeorm';
+import type { NAuthConfig } from '../../interfaces/config.interface';
+import type { NAuthLogger } from '../nauth-logger';
+export declare function runNAuthMigrationsOnStartup(config: NAuthConfig, dataSource: DataSource, logger: NAuthLogger): Promise<void>;
+//# sourceMappingURL=run-nauth-migrations.d.ts.map

package/dist/utils/setup/run-nauth-migrations.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"run-nauth-migrations.d.ts","sourceRoot":"","sources":["../../../src/utils/setup/run-nauth-migrations.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAC1C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mCAAmC,CAAC;AACrE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAqBnD,wBAAsB,2BAA2B,CAC/C,MAAM,EAAE,WAAW,EACnB,UAAU,EAAE,UAAU,EACtB,MAAM,EAAE,WAAW,GAClB,OAAO,CAAC,IAAI,CAAC,CAiCf"}

package/dist/utils/setup/run-nauth-migrations.js

@@ -0,0 +1,67 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runNAuthMigrationsOnStartup = runNAuthMigrationsOnStartup;
+function getDbType(dataSource) {
+    const type = dataSource.options?.type;
+    if (type === 'postgres' || type === 'mysql' || type === 'mariadb')
+        return type;
+    return null;
+}
+async function runNAuthMigrationsOnStartup(config, dataSource, logger) {
+    if (!dataSource.isInitialized) {
+        logger.warn('[nauth-toolkit] DataSource not initialized; skipping migrations');
+        return;
+    }
+    const dbType = getDbType(dataSource);
+    if (!dbType) {
+        logger.debug(`[nauth-toolkit] Skipping migrations: unsupported TypeORM DataSource type: ${String(dataSource.options?.type)}`);
+        return;
+    }
+    const adapterPackageName = dbType === 'postgres' ? '@nauth-toolkit/database-typeorm-postgres' : '@nauth-toolkit/database-typeorm-mysql';
+    let imported;
+    try {
+        imported = (await Promise.resolve(`${adapterPackageName}`).then(s => __importStar(require(s))));
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        throw new Error(`[nauth-toolkit] Failed to load migration adapter ${adapterPackageName}: ${message}`);
+    }
+    if (typeof imported.runNAuthMigrations !== 'function') {
+        throw new Error(`[nauth-toolkit] Migration adapter ${adapterPackageName} does not export runNAuthMigrations()`);
+    }
+    await imported.runNAuthMigrations(dataSource, logger, config);
+}
+//# sourceMappingURL=run-nauth-migrations.js.map

package/dist/utils/setup/run-nauth-migrations.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"run-nauth-migrations.js","sourceRoot":"","sources":["../../../src/utils/setup/run-nauth-migrations.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAuBA,kEAqCC;AAtDD,SAAS,SAAS,CAAC,UAAsB;IACvC,MAAM,IAAI,GAAI,UAAU,CAAC,OAA0C,EAAE,IAAI,CAAC;IAC1E,IAAI,IAAI,KAAK,UAAU,IAAI,IAAI,KAAK,OAAO,IAAI,IAAI,KAAK,SAAS;QAAE,OAAO,IAAI,CAAC;IAC/E,OAAO,IAAI,CAAC;AACd,CAAC;AAaM,KAAK,UAAU,2BAA2B,CAC/C,MAAmB,EACnB,UAAsB,EACtB,MAAmB;IAEnB,IAAI,CAAC,UAAU,CAAC,aAAa,EAAE,CAAC;QAC9B,MAAM,CAAC,IAAI,CAAC,iEAAiE,CAAC,CAAC;QAC/E,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;IACrC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,CAAC,KAAK,CACV,6EAA6E,MAAM,CAChF,UAAU,CAAC,OAA0C,EAAE,IAAI,CAC7D,EAAE,CACJ,CAAC;QACF,OAAO;IACT,CAAC;IAED,MAAM,kBAAkB,GACtB,MAAM,KAAK,UAAU,CAAC,CAAC,CAAC,0CAA0C,CAAC,CAAC,CAAC,uCAAuC,CAAC;IAE/G,IAAI,QAA+B,CAAC;IACpC,IAAI,CAAC;QAEH,QAAQ,GAAG,CAAC,yBAAa,kBAAkB,uCAAC,CAAqC,CAAC;IACpF,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,MAAM,IAAI,KAAK,CAAC,oDAAoD,kBAAkB,KAAK,OAAO,EAAE,CAAC,CAAC;IACxG,CAAC;IAED,IAAI,OAAO,QAAQ,CAAC,kBAAkB,KAAK,UAAU,EAAE,CAAC;QACtD,MAAM,IAAI,KAAK,CAAC,qCAAqC,kBAAkB,uCAAuC,CAAC,CAAC;IAClH,CAAC;IAED,MAAM,QAAQ,CAAC,kBAAkB,CAAC,UAAU,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;AAChE,CAAC"}

package/dist/utils/token-delivery-policy.d.ts

@@ -0,0 +1,6 @@
+export interface HybridPolicy {
+    webOrigins?: string[];
+    nativeOrigins?: string[];
+}
+export declare function resolveDeliveryForRequest(req: unknown, policy?: HybridPolicy): 'cookies' | 'json';
+//# sourceMappingURL=token-delivery-policy.d.ts.map

package/dist/utils/token-delivery-policy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"token-delivery-policy.d.ts","sourceRoot":"","sources":["../../src/utils/token-delivery-policy.ts"],"names":[],"mappings":"AAUA,MAAM,WAAW,YAAY;IAE3B,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IAEtB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;CAC1B;AAQD,wBAAgB,yBAAyB,CAAC,GAAG,EAAE,OAAO,EAAE,MAAM,CAAC,EAAE,YAAY,GAAG,SAAS,GAAG,MAAM,CAcjG"}

package/dist/utils/token-delivery-policy.js

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveDeliveryForRequest = resolveDeliveryForRequest;
+function resolveDeliveryForRequest(req, policy) {
+    const r = req;
+    const origin = r?.headers?.origin || '';
+    if (policy?.nativeOrigins && policy.nativeOrigins.includes(origin)) {
+        return 'json';
+    }
+    if (policy?.webOrigins && policy.webOrigins.includes(origin)) {
+        return 'cookies';
+    }
+    return 'cookies';
+}
+//# sourceMappingURL=token-delivery-policy.js.map

package/dist/utils/token-delivery-policy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"token-delivery-policy.js","sourceRoot":"","sources":["../../src/utils/token-delivery-policy.ts"],"names":[],"mappings":";;AAuBA,8DAcC;AAdD,SAAgB,yBAAyB,CAAC,GAAY,EAAE,MAAqB;IAC3E,MAAM,CAAC,GAAG,GAAwD,CAAC;IACnE,MAAM,MAAM,GAAI,CAAC,EAAE,OAAO,EAAE,MAAiB,IAAI,EAAE,CAAC;IAGpD,IAAI,MAAM,EAAE,aAAa,IAAI,MAAM,CAAC,aAAa,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QACnE,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,IAAI,MAAM,EAAE,UAAU,IAAI,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QAC7D,OAAO,SAAS,CAAC;IACnB,CAAC;IAGD,OAAO,SAAS,CAAC;AACnB,CAAC"}

package/dist/validators/template.validator.d.ts

@@ -0,0 +1,7 @@
+import { TemplateType, CustomTemplateDefinition } from '../interfaces/template.interface';
+export declare const TEMPLATE_REQUIRED_PARAMS: Record<TemplateType, string[]>;
+export declare const TEMPLATE_OPTIONAL_PARAMS: string[];
+export declare function validateTemplateParams(templateType: TemplateType | string, templateContent: string): void;
+export declare function validateCustomTemplate(templateType: TemplateType | string, definition: CustomTemplateDefinition, templateContent?: string): void;
+export declare function getTemplateParamsHelp(templateType: TemplateType): string;
+//# sourceMappingURL=template.validator.d.ts.map

package/dist/validators/template.validator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"template.validator.d.ts","sourceRoot":"","sources":["../../src/validators/template.validator.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,YAAY,EAAE,wBAAwB,EAAE,MAAM,kCAAkC,CAAC;AAS1F,eAAO,MAAM,wBAAwB,EAAE,MAAM,CAAC,YAAY,EAAE,MAAM,EAAE,CASnE,CAAC;AAQF,eAAO,MAAM,wBAAwB,UA6BpC,CAAC;AAyBF,wBAAgB,sBAAsB,CAAC,YAAY,EAAE,YAAY,GAAG,MAAM,EAAE,eAAe,EAAE,MAAM,GAAG,IAAI,CA8BzG;AAqBD,wBAAgB,sBAAsB,CACpC,YAAY,EAAE,YAAY,GAAG,MAAM,EACnC,UAAU,EAAE,wBAAwB,EACpC,eAAe,CAAC,EAAE,MAAM,GACvB,IAAI,CA+BN;AAuBD,wBAAgB,qBAAqB,CAAC,YAAY,EAAE,YAAY,GAAG,MAAM,CAsBxE"}

package/dist/validators/template.validator.js

@@ -0,0 +1,95 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.TEMPLATE_OPTIONAL_PARAMS = exports.TEMPLATE_REQUIRED_PARAMS = void 0;
+exports.validateTemplateParams = validateTemplateParams;
+exports.validateCustomTemplate = validateCustomTemplate;
+exports.getTemplateParamsHelp = getTemplateParamsHelp;
+const template_interface_1 = require("../interfaces/template.interface");
+const nauth_exception_1 = require("../exceptions/nauth.exception");
+const error_codes_enum_1 = require("../enums/error-codes.enum");
+exports.TEMPLATE_REQUIRED_PARAMS = {
+    [template_interface_1.TemplateType.VERIFICATION]: ['code', 'link', 'expiryMinutes'],
+    [template_interface_1.TemplateType.PASSWORD_RESET]: ['link', 'expiryMinutes'],
+    [template_interface_1.TemplateType.WELCOME]: [],
+    [template_interface_1.TemplateType.ACCOUNT_LOCKOUT]: ['reason', 'durationMinutes'],
+    [template_interface_1.TemplateType.NEW_DEVICE]: ['deviceName', 'timestamp'],
+    [template_interface_1.TemplateType.PASSWORD_CHANGED]: [],
+    [template_interface_1.TemplateType.EMAIL_CHANGED]: ['userEmail'],
+    [template_interface_1.TemplateType.MFA_ENABLED]: [],
+};
+exports.TEMPLATE_OPTIONAL_PARAMS = [
+    'firstName',
+    'lastName',
+    'userName',
+    'userEmail',
+    'greetingName',
+    'appName',
+    'companyName',
+    'companyAddress',
+    'brandColor',
+    'logoUrl',
+    'dashboardUrl',
+    'supportEmail',
+    'facebookUrl',
+    'twitterUrl',
+    'linkedinUrl',
+    'currentYear',
+    'deviceType',
+    'ipAddress',
+    'location',
+];
+function validateTemplateParams(templateType, templateContent) {
+    const requiredParams = exports.TEMPLATE_REQUIRED_PARAMS[templateType] || [];
+    if (requiredParams.length === 0) {
+        return;
+    }
+    const variablePattern = /\{\{[#/]?(\w+)(?:\s|}})/g;
+    const foundVariables = new Set();
+    let match;
+    while ((match = variablePattern.exec(templateContent)) !== null) {
+        foundVariables.add(match[1]);
+    }
+    const missingParams = requiredParams.filter((param) => !foundVariables.has(param));
+    if (missingParams.length > 0) {
+        throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.INTERNAL_ERROR, `Invalid template configuration for "${templateType}": ` +
+            `Missing required parameters: ${missingParams.join(', ')}. ` +
+            `Template must include: ${requiredParams.map((p) => `{{${p}}}`).join(', ')}`);
+    }
+}
+function validateCustomTemplate(templateType, definition, templateContent) {
+    if (!definition.htmlPath && !definition.html) {
+        throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.INTERNAL_ERROR, `Invalid template configuration for "${templateType}": ` + `Must provide either "htmlPath" or "html" content.`);
+    }
+    if (definition.htmlPath && definition.html) {
+        throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.INTERNAL_ERROR, `Invalid template configuration for "${templateType}": ` +
+            `Cannot provide both "htmlPath" and "html". Use one or the other.`);
+    }
+    if (definition.textPath && definition.text) {
+        throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.INTERNAL_ERROR, `Invalid template configuration for "${templateType}": ` +
+            `Cannot provide both "textPath" and "text". Use one or the other.`);
+    }
+    if (templateContent) {
+        validateTemplateParams(templateType, templateContent);
+    }
+}
+function getTemplateParamsHelp(templateType) {
+    const required = exports.TEMPLATE_REQUIRED_PARAMS[templateType];
+    let help = `Template: ${templateType}\n\n`;
+    if (required.length > 0) {
+        help += `Required parameters (must be in template):\n`;
+        required.forEach((param) => {
+            help += `  - {{${param}}}\n`;
+        });
+    }
+    else {
+        help += `No required parameters.\n`;
+    }
+    help += `\nOptional parameters (available at runtime):\n`;
+    help += `  - User: {{firstName}}, {{lastName}}, {{userName}}, {{greetingName}}\n`;
+    help += `  - Branding: {{appName}}, {{companyName}}, {{brandColor}}, {{logoUrl}}\n`;
+    help += `  - Support: {{supportEmail}}, {{dashboardUrl}}\n`;
+    help += `  - Social: {{facebookUrl}}, {{twitterUrl}}, {{linkedinUrl}}\n`;
+    help += `  - Other: {{currentYear}}\n`;
+    return help;
+}
+//# sourceMappingURL=template.validator.js.map

package/dist/validators/template.validator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"template.validator.js","sourceRoot":"","sources":["../../src/validators/template.validator.ts"],"names":[],"mappings":";;;AAuFA,wDA8BC;AAqBD,wDAmCC;AAuBD,sDAsBC;AAnND,yEAA0F;AAC1F,mEAA+D;AAC/D,gEAA0D;AAO7C,QAAA,wBAAwB,GAAmC;IACtE,CAAC,iCAAY,CAAC,YAAY,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,eAAe,CAAC;IAC9D,CAAC,iCAAY,CAAC,cAAc,CAAC,EAAE,CAAC,MAAM,EAAE,eAAe,CAAC;IACxD,CAAC,iCAAY,CAAC,OAAO,CAAC,EAAE,EAAE;IAC1B,CAAC,iCAAY,CAAC,eAAe,CAAC,EAAE,CAAC,QAAQ,EAAE,iBAAiB,CAAC;IAC7D,CAAC,iCAAY,CAAC,UAAU,CAAC,EAAE,CAAC,YAAY,EAAE,WAAW,CAAC;IACtD,CAAC,iCAAY,CAAC,gBAAgB,CAAC,EAAE,EAAE;IACnC,CAAC,iCAAY,CAAC,aAAa,CAAC,EAAE,CAAC,WAAW,CAAC;IAC3C,CAAC,iCAAY,CAAC,WAAW,CAAC,EAAE,EAAE;CAC/B,CAAC;AAQW,QAAA,wBAAwB,GAAG;IAEtC,WAAW;IACX,UAAU;IACV,UAAU;IACV,WAAW;IACX,cAAc;IAGd,SAAS;IACT,aAAa;IACb,gBAAgB;IAChB,YAAY;IACZ,SAAS;IACT,cAAc;IACd,cAAc;IAGd,aAAa;IACb,YAAY;IACZ,aAAa;IAGb,aAAa;IAGb,YAAY;IACZ,WAAW;IACX,UAAU;CACX,CAAC;AAyBF,SAAgB,sBAAsB,CAAC,YAAmC,EAAE,eAAuB;IAEjG,MAAM,cAAc,GAAG,gCAAwB,CAAC,YAA4B,CAAC,IAAI,EAAE,CAAC;IAEpF,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAEhC,OAAO;IACT,CAAC;IAID,MAAM,eAAe,GAAG,0BAA0B,CAAC;IACnD,MAAM,cAAc,GAAG,IAAI,GAAG,EAAU,CAAC;IAEzC,IAAI,KAAK,CAAC;IACV,OAAO,CAAC,KAAK,GAAG,eAAe,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAChE,cAAc,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/B,CAAC;IAGD,MAAM,aAAa,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,cAAc,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;IAEnF,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,gCAAc,CACtB,gCAAa,CAAC,cAAc,EAC5B,uCAAuC,YAAY,KAAK;YACtD,gCAAgC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI;YAC5D,0BAA0B,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC/E,CAAC;IACJ,CAAC;AACH,CAAC;AAqBD,SAAgB,sBAAsB,CACpC,YAAmC,EACnC,UAAoC,EACpC,eAAwB;IAGxB,IAAI,CAAC,UAAU,CAAC,QAAQ,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;QAC7C,MAAM,IAAI,gCAAc,CACtB,gCAAa,CAAC,cAAc,EAC5B,uCAAuC,YAAY,KAAK,GAAG,mDAAmD,CAC/G,CAAC;IACJ,CAAC;IAGD,IAAI,UAAU,CAAC,QAAQ,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;QAC3C,MAAM,IAAI,gCAAc,CACtB,gCAAa,CAAC,cAAc,EAC5B,uCAAuC,YAAY,KAAK;YACtD,kEAAkE,CACrE,CAAC;IACJ,CAAC;IAGD,IAAI,UAAU,CAAC,QAAQ,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;QAC3C,MAAM,IAAI,gCAAc,CACtB,gCAAa,CAAC,cAAc,EAC5B,uCAAuC,YAAY,KAAK;YACtD,kEAAkE,CACrE,CAAC;IACJ,CAAC;IAGD,IAAI,eAAe,EAAE,CAAC;QACpB,sBAAsB,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;IACxD,CAAC;AACH,CAAC;AAuBD,SAAgB,qBAAqB,CAAC,YAA0B;IAC9D,MAAM,QAAQ,GAAG,gCAAwB,CAAC,YAAY,CAAC,CAAC;IAExD,IAAI,IAAI,GAAG,aAAa,YAAY,MAAM,CAAC;IAE3C,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,IAAI,IAAI,8CAA8C,CAAC;QACvD,QAAQ,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;YACzB,IAAI,IAAI,SAAS,KAAK,MAAM,CAAC;QAC/B,CAAC,CAAC,CAAC;IACL,CAAC;SAAM,CAAC;QACN,IAAI,IAAI,2BAA2B,CAAC;IACtC,CAAC;IAED,IAAI,IAAI,iDAAiD,CAAC;IAC1D,IAAI,IAAI,yEAAyE,CAAC;IAClF,IAAI,IAAI,2EAA2E,CAAC;IACpF,IAAI,IAAI,mDAAmD,CAAC;IAC5D,IAAI,IAAI,gEAAgE,CAAC;IACzE,IAAI,IAAI,8BAA8B,CAAC;IAEvC,OAAO,IAAI,CAAC;AACd,CAAC"}

package/jest.config.js

@@ -0,0 +1,15 @@
+module.exports = {
+  moduleFileExtensions: ['js', 'json', 'ts'],
+  rootDir: 'src',
+  testRegex: '.*\\.spec\\.ts$',
+  transform: {
+    '^.+\\.(t|j)s$': 'ts-jest',
+  },
+  collectCoverageFrom: ['**/*.(t|j)s'],
+  coverageDirectory: '../coverage',
+  testEnvironment: 'node',
+  // Transform ESM modules like jose
+  transformIgnorePatterns: ['node_modules/(?!(jose)/)'],
+  // Setup reflect-metadata for TypeORM
+  setupFilesAfterEnv: ['<rootDir>/../jest.setup.ts'],
+};

package/jest.setup.ts

@@ -0,0 +1,6 @@
+/**
+ * Jest setup file for reflect-metadata support
+ * Required for TypeORM decorators to work in tests
+ */
+import 'reflect-metadata';
+

package/package.json

@@ -0,0 +1,73 @@
+{
+  "name": "@nauth-toolkit/core",
+  "version": "0.1.0",
+  "description": "Core authentication toolkit for NestJS",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "require": "./dist/index.js",
+      "default": "./dist/index.js"
+    },
+    "./internal": {
+      "types": "./dist/internal.d.ts",
+      "require": "./dist/internal.js",
+      "default": "./dist/internal.js"
+    }
+  },
+  "typesVersions": {
+    "*": {
+      "internal": [
+        "dist/internal.d.ts"
+      ]
+    }
+  },
+  "scripts": {
+    "build": "yarn clean && tsc -b",
+    "clean": "rm -rf dist *.tsbuildinfo",
+    "test": "jest",
+    "lint": "eslint src --ext .ts",
+    "lint:fix": "eslint src --ext .ts --fix",
+    "format": "prettier --write \"src/**/*.ts\"",
+    "format:check": "prettier --check \"src/**/*.ts\""
+  },
+  "dependencies": {
+    "argon2": "^0.40.0",
+    "class-transformer": "^0.5.1",
+    "class-validator": "^0.14.0",
+    "jose": "^6.0.0",
+    "zod": "^3.23.8"
+  },
+  "peerDependencies": {
+    "@maxmind/geoip2-node": "^4.0.0 || ^5.0.0 || ^6.0.0",
+    "typeorm": "^0.3.0"
+  },
+  "peerDependenciesMeta": {
+    "@maxmind/geoip2-node": {
+      "optional": true
+    }
+  },
+  "devDependencies": {
+    "@types/jest": "^29.5.0",
+    "jest": "^29.7.0",
+    "reflect-metadata": "^0.2.2",
+    "ts-jest": "^29.2.0",
+    "typeorm": "^0.3.27",
+    "typescript": "^5.5.0"
+  },
+  "engines": {
+    "node": ">=22.0.0"
+  },
+  "publishConfig": {
+    "access": "public",
+    "tag": "preview"
+  },
+  "license": "SEE LICENSE IN LICENSE",
+  "keywords": [
+    "nestjs",
+    "authentication",
+    "jwt",
+    "typeorm"
+  ]
+}

package/src/adapters/database-columns.ts

@@ -0,0 +1,165 @@
+import { Column, ColumnOptions } from 'typeorm';
+
+/**
+ * Database-Agnostic Column Decorators
+ *
+ * Provides column decorators that automatically adapt to different database types.
+ * Uses the database adapter to determine appropriate column types.
+ *
+ * @example
+ * ```typescript
+ * @Entity()
+ * export class User {
+ *   @UuidColumn()
+ *   id!: string;
+ *
+ *   @JsonColumn()
+ *   metadata?: Record<string, any>;
+ *
+ *   @ArrayColumn()
+ *   tags?: string[];
+ * }
+ * ```
+ */
+
+/**
+ * Create UUID column with database-appropriate type
+ *
+ * @param options - Additional column options
+ * @returns Column decorator
+ */
+export function UuidColumn(options?: Partial<ColumnOptions>) {
+  return function (target: Record<string, unknown>, propertyKey: string) {
+    // This would be replaced with actual adapter-based logic
+    // For now, use PostgreSQL default
+    const columnOptions: ColumnOptions = {
+      type: 'uuid',
+      ...options,
+    };
+
+    // In a real implementation, this would use the injected adapter
+    // to determine the correct column type
+    return Column(columnOptions)(target, propertyKey);
+  };
+}
+
+/**
+ * Create JSON column with database-appropriate type
+ *
+ * @param options - Additional column options
+ * @returns Column decorator
+ */
+export function JsonColumn(options?: Partial<ColumnOptions>) {
+  return function (target: Record<string, unknown>, propertyKey: string) {
+    const columnOptions: ColumnOptions = {
+      type: 'jsonb', // PostgreSQL default
+      ...options,
+    };
+
+    return Column(columnOptions)(target, propertyKey);
+  };
+}
+
+/**
+ * Create array column with database-appropriate type
+ *
+ * @param options - Additional column options
+ * @returns Column decorator
+ */
+export function ArrayColumn(options?: Partial<ColumnOptions>) {
+  return function (target: Record<string, unknown>, propertyKey: string) {
+    const columnOptions: ColumnOptions = {
+      type: 'simple-array', // TypeORM handles this
+      ...options,
+    };
+
+    return Column(columnOptions)(target, propertyKey);
+  };
+}
+
+/**
+ * Create timestamp column with database-appropriate type
+ *
+ * @param options - Additional column options
+ * @returns Column decorator
+ */
+export function TimestampColumn(options?: Partial<ColumnOptions>) {
+  return function (target: Record<string, unknown>, propertyKey: string) {
+    const columnOptions: ColumnOptions = {
+      type: 'timestamp',
+      ...options,
+    };
+
+    return Column(columnOptions)(target, propertyKey);
+  };
+}
+
+/**
+ * Create boolean column with database-appropriate type
+ *
+ * @param options - Additional column options
+ * @returns Column decorator
+ */
+export function BooleanColumn(options?: Partial<ColumnOptions>) {
+  return function (target: Record<string, unknown>, propertyKey: string) {
+    const columnOptions: ColumnOptions = {
+      type: 'boolean',
+      ...options,
+    };
+
+    return Column(columnOptions)(target, propertyKey);
+  };
+}
+
+/**
+ * Create integer column with database-appropriate type
+ *
+ * @param options - Additional column options
+ * @returns Column decorator
+ */
+export function IntegerColumn(options?: Partial<ColumnOptions>) {
+  return function (target: Record<string, unknown>, propertyKey: string) {
+    const columnOptions: ColumnOptions = {
+      type: 'int',
+      ...options,
+    };
+
+    return Column(columnOptions)(target, propertyKey);
+  };
+}
+
+/**
+ * Create varchar column with database-appropriate type
+ *
+ * @param length - Maximum length
+ * @param options - Additional column options
+ * @returns Column decorator
+ */
+export function VarcharColumn(length: number, options?: Partial<ColumnOptions>) {
+  return function (target: Record<string, unknown>, propertyKey: string) {
+    const columnOptions: ColumnOptions = {
+      type: 'varchar',
+      length,
+      ...options,
+    };
+
+    return Column(columnOptions)(target, propertyKey);
+  };
+}
+
+/**
+ * Create text column with database-appropriate type
+ *
+ * @param options - Additional column options
+ * @returns Column decorator
+ */
+export function TextColumn(options?: Partial<ColumnOptions>) {
+  return function (target: Record<string, unknown>, propertyKey: string) {
+    const columnOptions: ColumnOptions = {
+      type: 'text',
+      ...options,
+    };
+
+    return Column(columnOptions)(target, propertyKey);
+  };
+}