@nauth-toolkit/core 0.1.13 → 0.1.17

package/dist/dto/set-mfa-exemption.dto.js.map

@@ -1 +1 @@
-{"version":3,"file":"set-mfa-exemption.dto.js","sourceRoot":"","sources":["../../src/dto/set-mfa-exemption.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAiBA,qDAAqF;AACrF,yDAA8C;AAK9C,MAAa,kBAAkB;IAqB7B,OAAO,CAAU;IAMjB,MAAM,CAAW;IAoBjB,MAAM,CAAiB;IAoBvB,SAAS,CAAiB;CAC3B;AApED,gDAoEC;AA/CC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,yCAAyC,EAAE,CAAC;IACnE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;mDACe;AAMjB;IADC,IAAA,2BAAS,EAAC,EAAE,OAAO,EAAE,0BAA0B,EAAE,CAAC;;kDAClC;AAoBjB;IATC,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,yBAAyB,EAAE,CAAC;IAChD,IAAA,2BAAS,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,uCAAuC,EAAE,CAAC;IACpE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;QACtB,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;kDACqB;AAoBvB;IATC,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,6BAA6B,EAAE,CAAC;IACpD,IAAA,2BAAS,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,2CAA2C,EAAE,CAAC;IACxE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;QACtB,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;qDACwB;AAM5B,MAAa,0BAA0B;IAIrC,SAAS,CAAW;IAKpB,eAAe,CAAiB;IAKhC,kBAAkB,CAAe;CAClC;AAfD,gEAeC"}
+{"version":3,"file":"set-mfa-exemption.dto.js","sourceRoot":"","sources":["../../src/dto/set-mfa-exemption.dto.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;GAeG;;;;;;;;;;;;AAEH,qDAAqF;AACrF,yDAA8C;AAE9C;;GAEG;AACH,MAAa,kBAAkB;IAC7B;;;;;;;;;;;;OAYG;IAQH,OAAO,CAAU;IAEjB;;OAEG;IAEH,MAAM,CAAW;IAEjB;;;;;;;;OAQG;IAUH,MAAM,CAAiB;IAEvB;;;;;;;;OAQG;IAUH,SAAS,CAAiB;CAC3B;AApED,gDAoEC;AA/CC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,yCAAyC,EAAE,CAAC;IACnE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;mDACe;AAMjB;IADC,IAAA,2BAAS,EAAC,EAAE,OAAO,EAAE,0BAA0B,EAAE,CAAC;;kDAClC;AAoBjB;IATC,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,yBAAyB,EAAE,CAAC;IAChD,IAAA,2BAAS,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,uCAAuC,EAAE,CAAC;IACpE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;QACtB,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;kDACqB;AAoBvB;IATC,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,6BAA6B,EAAE,CAAC;IACpD,IAAA,2BAAS,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,2CAA2C,EAAE,CAAC;IACxE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;QACtB,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;qDACwB;AAG5B;;GAEG;AACH,MAAa,0BAA0B;IACrC;;OAEG;IACH,SAAS,CAAW;IAEpB;;OAEG;IACH,eAAe,CAAiB;IAEhC;;OAEG;IACH,kBAAkB,CAAe;CAClC;AAfD,gEAeC"}

package/dist/dto/set-must-change-password-response.dto.d.ts

@@ -1,4 +1,27 @@
+/**
+ * Set Must Change Password Response DTO
+ *
+ * Response DTO for setting must change password flag.
+ * No validators needed - this is generated internally by the library.
+ *
+ * @example
+ * ```typescript
+ * await authService.setMustChangePassword({
+ *   userId: 'user-uuid'
+ * });
+ * // Returns: { success: true }
+ * ```
+ */
+/**
+ * Response DTO for set must change password
+ */
 export declare class SetMustChangePasswordResponseDTO {
+    /**
+     * Success indicator
+     * Always true on successful flag set
+     *
+     * @example true
+     */
     success: boolean;
 }
 //# sourceMappingURL=set-must-change-password-response.dto.d.ts.map

package/dist/dto/set-must-change-password-response.dto.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"set-must-change-password-response.dto.d.ts","sourceRoot":"","sources":["../../src/dto/set-must-change-password-response.dto.ts"],"names":[],"mappings":"AAkBA,qBAAa,gCAAgC;IAO3C,OAAO,EAAG,OAAO,CAAC;CACnB"}
+{"version":3,"file":"set-must-change-password-response.dto.d.ts","sourceRoot":"","sources":["../../src/dto/set-must-change-password-response.dto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH;;GAEG;AACH,qBAAa,gCAAgC;IAC3C;;;;;OAKG;IACH,OAAO,EAAG,OAAO,CAAC;CACnB"}

package/dist/dto/set-must-change-password-response.dto.js

@@ -1,7 +1,30 @@
 "use strict";
+/**
+ * Set Must Change Password Response DTO
+ *
+ * Response DTO for setting must change password flag.
+ * No validators needed - this is generated internally by the library.
+ *
+ * @example
+ * ```typescript
+ * await authService.setMustChangePassword({
+ *   userId: 'user-uuid'
+ * });
+ * // Returns: { success: true }
+ * ```
+ */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.SetMustChangePasswordResponseDTO = void 0;
+/**
+ * Response DTO for set must change password
+ */
 class SetMustChangePasswordResponseDTO {
+    /**
+     * Success indicator
+     * Always true on successful flag set
+     *
+     * @example true
+     */
     success;
 }
 exports.SetMustChangePasswordResponseDTO = SetMustChangePasswordResponseDTO;

package/dist/dto/set-must-change-password-response.dto.js.map

@@ -1 +1 @@
-{"version":3,"file":"set-must-change-password-response.dto.js","sourceRoot":"","sources":["../../src/dto/set-must-change-password-response.dto.ts"],"names":[],"mappings":";;;AAkBA,MAAa,gCAAgC;IAO3C,OAAO,CAAW;CACnB;AARD,4EAQC"}
+{"version":3,"file":"set-must-change-password-response.dto.js","sourceRoot":"","sources":["../../src/dto/set-must-change-password-response.dto.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;GAaG;;;AAEH;;GAEG;AACH,MAAa,gCAAgC;IAC3C;;;;;OAKG;IACH,OAAO,CAAW;CACnB;AARD,4EAQC"}

package/dist/dto/set-must-change-password.dto.d.ts

@@ -1,4 +1,36 @@
+/**
+ * Set Must Change Password DTO
+ *
+ * Request DTO for requiring a user to change their password on next login.
+ *
+ * Security:
+ * - User ID validated (UUID)
+ * - Prevents unauthorized password change requirements
+ *
+ * @example
+ * ```typescript
+ * await authService.setMustChangePassword({
+ *   userId: 'user-uuid'
+ * });
+ * ```
+ */
+/**
+ * Request DTO for setting must change password flag
+ */
 export declare class SetMustChangePasswordDTO {
+    /**
+     * User's unique identifier (UUID v4)
+     *
+     * Validation:
+     * - Must be a valid UUID v4 format
+     * - Matches DB constraint: char(36) or uuid
+     *
+     * Sanitization:
+     * - Trimmed
+     * - Lowercased for consistency
+     *
+     * @example "a21b654c-2746-4168-acee-c175083a65cd"
+     */
     userId: string;
 }
 //# sourceMappingURL=set-must-change-password.dto.d.ts.map

package/dist/dto/set-must-change-password.dto.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"set-must-change-password.dto.d.ts","sourceRoot":"","sources":["../../src/dto/set-must-change-password.dto.ts"],"names":[],"mappings":"AAuBA,qBAAa,wBAAwB;IAqBnC,MAAM,EAAG,MAAM,CAAC;CACjB"}
+{"version":3,"file":"set-must-change-password.dto.d.ts","sourceRoot":"","sources":["../../src/dto/set-must-change-password.dto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAKH;;GAEG;AACH,qBAAa,wBAAwB;IACnC;;;;;;;;;;;;OAYG;IAQH,MAAM,EAAG,MAAM,CAAC;CACjB"}

package/dist/dto/set-must-change-password.dto.js

@@ -1,4 +1,20 @@
 "use strict";
+/**
+ * Set Must Change Password DTO
+ *
+ * Request DTO for requiring a user to change their password on next login.
+ *
+ * Security:
+ * - User ID validated (UUID)
+ * - Prevents unauthorized password change requirements
+ *
+ * @example
+ * ```typescript
+ * await authService.setMustChangePassword({
+ *   userId: 'user-uuid'
+ * });
+ * ```
+ */
 var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
     var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
     if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
@@ -12,7 +28,23 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.SetMustChangePasswordDTO = void 0;
 const class_validator_1 = require("class-validator");
 const class_transformer_1 = require("class-transformer");
+/**
+ * Request DTO for setting must change password flag
+ */
 class SetMustChangePasswordDTO {
+    /**
+     * User's unique identifier (UUID v4)
+     *
+     * Validation:
+     * - Must be a valid UUID v4 format
+     * - Matches DB constraint: char(36) or uuid
+     *
+     * Sanitization:
+     * - Trimmed
+     * - Lowercased for consistency
+     *
+     * @example "a21b654c-2746-4168-acee-c175083a65cd"
+     */
     userId;
 }
 exports.SetMustChangePasswordDTO = SetMustChangePasswordDTO;

package/dist/dto/set-must-change-password.dto.js.map

@@ -1 +1 @@
-{"version":3,"file":"set-must-change-password.dto.js","sourceRoot":"","sources":["../../src/dto/set-must-change-password.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAiBA,qDAAyC;AACzC,yDAA8C;AAK9C,MAAa,wBAAwB;IAqBnC,MAAM,CAAU;CACjB;AAtBD,4DAsBC;AADC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,wCAAwC,EAAE,CAAC;IAClE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;wDACc"}
+{"version":3,"file":"set-must-change-password.dto.js","sourceRoot":"","sources":["../../src/dto/set-must-change-password.dto.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;GAeG;;;;;;;;;;;;AAEH,qDAAyC;AACzC,yDAA8C;AAE9C;;GAEG;AACH,MAAa,wBAAwB;IACnC;;;;;;;;;;;;OAYG;IAQH,MAAM,CAAU;CACjB;AAtBD,4DAsBC;AADC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,wCAAwC,EAAE,CAAC;IAClE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;wDACc"}

package/dist/dto/set-preferred-method.dto.d.ts

@@ -1,8 +1,56 @@
+/**
+ * DTO for setting preferred MFA method
+ *
+ * Used to set the preferred MFA method for a user.
+ * Updates the user's preferred method and device primary flags.
+ *
+ * @example
+ * ```typescript
+ * await mfaService.setPreferredMethod({
+ *   userSub: 'user-uuid',
+ *   methodType: 'totp'
+ * });
+ * ```
+ */
+/**
+ * DTO for setting preferred MFA method
+ */
 export declare class SetPreferredMethodDTO {
+    /**
+     * User's unique identifier (UUID v4)
+     *
+     * Validation:
+     * - Must be a valid UUID v4 format
+     * - Matches DB constraint: char(36) or uuid
+     *
+     * Sanitization:
+     * - Trimmed
+     * - Lowercased for consistency
+     *
+     * @example "a21b654c-2746-4168-acee-c175083a65cd"
+     */
     userSub: string;
+    /**
+     * MFA method type to set as preferred
+     *
+     * Validation:
+     * - Must be one of: totp, sms, email, passkey
+     * - Max 50 characters
+     *
+     * Sanitization:
+     * - Trimmed and lowercased
+     *
+     * @example "totp"
+     */
     methodType: string;
 }
+/**
+ * Response DTO for setting preferred method
+ */
 export declare class SetPreferredMethodResponseDTO {
+    /**
+     * Success message
+     */
     message: string;
 }
 //# sourceMappingURL=set-preferred-method.dto.d.ts.map

package/dist/dto/set-preferred-method.dto.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"set-preferred-method.dto.d.ts","sourceRoot":"","sources":["../../src/dto/set-preferred-method.dto.ts"],"names":[],"mappings":"AAsBA,qBAAa,qBAAqB;IAqBhC,OAAO,EAAG,MAAM,CAAC;IAyBjB,UAAU,EAAG,MAAM,CAAC;CACrB;AAKD,qBAAa,6BAA6B;IAIxC,OAAO,EAAG,MAAM,CAAC;CAClB"}
+{"version":3,"file":"set-preferred-method.dto.d.ts","sourceRoot":"","sources":["../../src/dto/set-preferred-method.dto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAMH;;GAEG;AACH,qBAAa,qBAAqB;IAChC;;;;;;;;;;;;OAYG;IAQH,OAAO,EAAG,MAAM,CAAC;IAEjB;;;;;;;;;;;OAWG;IAYH,UAAU,EAAG,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,qBAAa,6BAA6B;IACxC;;OAEG;IACH,OAAO,EAAG,MAAM,CAAC;CAClB"}

package/dist/dto/set-preferred-method.dto.js

@@ -1,4 +1,18 @@
 "use strict";
+/**
+ * DTO for setting preferred MFA method
+ *
+ * Used to set the preferred MFA method for a user.
+ * Updates the user's preferred method and device primary flags.
+ *
+ * @example
+ * ```typescript
+ * await mfaService.setPreferredMethod({
+ *   userSub: 'user-uuid',
+ *   methodType: 'totp'
+ * });
+ * ```
+ */
 var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
     var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
     if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
@@ -13,8 +27,36 @@ exports.SetPreferredMethodResponseDTO = exports.SetPreferredMethodDTO = void 0;
 const class_validator_1 = require("class-validator");
 const class_transformer_1 = require("class-transformer");
 const mfa_method_enum_1 = require("../enums/mfa-method.enum");
+/**
+ * DTO for setting preferred MFA method
+ */
 class SetPreferredMethodDTO {
+    /**
+     * User's unique identifier (UUID v4)
+     *
+     * Validation:
+     * - Must be a valid UUID v4 format
+     * - Matches DB constraint: char(36) or uuid
+     *
+     * Sanitization:
+     * - Trimmed
+     * - Lowercased for consistency
+     *
+     * @example "a21b654c-2746-4168-acee-c175083a65cd"
+     */
     userSub;
+    /**
+     * MFA method type to set as preferred
+     *
+     * Validation:
+     * - Must be one of: totp, sms, email, passkey
+     * - Max 50 characters
+     *
+     * Sanitization:
+     * - Trimmed and lowercased
+     *
+     * @example "totp"
+     */
     methodType;
 }
 exports.SetPreferredMethodDTO = SetPreferredMethodDTO;
@@ -42,7 +84,13 @@ __decorate([
     }),
     __metadata("design:type", String)
 ], SetPreferredMethodDTO.prototype, "methodType", void 0);
+/**
+ * Response DTO for setting preferred method
+ */
 class SetPreferredMethodResponseDTO {
+    /**
+     * Success message
+     */
     message;
 }
 exports.SetPreferredMethodResponseDTO = SetPreferredMethodResponseDTO;

package/dist/dto/set-preferred-method.dto.js.map

@@ -1 +1 @@
-{"version":3,"file":"set-preferred-method.dto.js","sourceRoot":"","sources":["../../src/dto/set-preferred-method.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAeA,qDAAsE;AACtE,yDAA8C;AAC9C,8DAAqD;AAKrD,MAAa,qBAAqB;IAqBhC,OAAO,CAAU;IAyBjB,UAAU,CAAU;CACrB;AA/CD,sDA+CC;AA1BC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,yCAAyC,EAAE,CAAC;IACnE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;sDACe;AAyBjB;IAXC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC;IACrD,IAAA,wBAAM,EAAC,CAAC,2BAAS,CAAC,IAAI,EAAE,2BAAS,CAAC,GAAG,EAAE,2BAAS,CAAC,KAAK,EAAE,2BAAS,CAAC,OAAO,CAAC,EAAE;QAC3E,OAAO,EAAE,uDAAuD;KACjE,CAAC;IACD,IAAA,2BAAS,EAAC,EAAE,EAAE,EAAE,OAAO,EAAE,2CAA2C,EAAE,CAAC;IACvE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;yDACkB;AAMtB,MAAa,6BAA6B;IAIxC,OAAO,CAAU;CAClB;AALD,sEAKC"}
+{"version":3,"file":"set-preferred-method.dto.js","sourceRoot":"","sources":["../../src/dto/set-preferred-method.dto.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;GAaG;;;;;;;;;;;;AAEH,qDAAsE;AACtE,yDAA8C;AAC9C,8DAAqD;AAErD;;GAEG;AACH,MAAa,qBAAqB;IAChC;;;;;;;;;;;;OAYG;IAQH,OAAO,CAAU;IAEjB;;;;;;;;;;;OAWG;IAYH,UAAU,CAAU;CACrB;AA/CD,sDA+CC;AA1BC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,yCAAyC,EAAE,CAAC;IACnE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;sDACe;AAyBjB;IAXC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC;IACrD,IAAA,wBAAM,EAAC,CAAC,2BAAS,CAAC,IAAI,EAAE,2BAAS,CAAC,GAAG,EAAE,2BAAS,CAAC,KAAK,EAAE,2BAAS,CAAC,OAAO,CAAC,EAAE;QAC3E,OAAO,EAAE,uDAAuD;KACjE,CAAC;IACD,IAAA,2BAAS,EAAC,EAAE,EAAE,EAAE,OAAO,EAAE,2CAA2C,EAAE,CAAC;IACvE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;yDACkB;AAGtB;;GAEG;AACH,MAAa,6BAA6B;IACxC;;OAEG;IACH,OAAO,CAAU;CAClB;AALD,sEAKC"}

package/dist/dto/setup-mfa.dto.d.ts

@@ -1,9 +1,71 @@
+/**
+ * DTO for setting up MFA device
+ *
+ * Used to initiate MFA device setup using the appropriate provider.
+ *
+ * @example
+ * ```typescript
+ * const setup = await mfaService.setup({
+ *   sub: 'user-uuid',
+ *   methodName: 'totp',
+ *   setupData: {}
+ * });
+ * ```
+ */
+/**
+ * DTO for setting up MFA device
+ */
 export declare class SetupMFADTO {
+    /**
+     * User's unique identifier (UUID v4)
+     *
+     * Validation:
+     * - Must be a valid UUID v4 format
+     * - Matches DB constraint: char(36) or uuid
+     *
+     * Sanitization:
+     * - Trimmed
+     * - Lowercased for consistency
+     *
+     * @example "a21b654c-2746-4168-acee-c175083a65cd"
+     */
     sub: string;
+    /**
+     * MFA method name
+     *
+     * Validation:
+     * - Must be one of: totp, sms, email, passkey
+     * - Max 50 characters
+     *
+     * Sanitization:
+     * - Trimmed and lowercased
+     *
+     * @example "totp"
+     */
     methodName: string;
+    /**
+     * Optional provider-specific setup data
+     *
+     * Validation:
+     * - Must be an object if provided
+     * - Structure validated by MFA provider services
+     *
+     * @example { phoneNumber: '+1234567890' } for SMS
+     */
     setupData?: Record<string, unknown>;
 }
+/**
+ * Response DTO for MFA setup
+ */
 export declare class SetupMFAResponseDTO {
+    /**
+     * Provider-specific setup response
+     *
+     * Structure varies by method:
+     * - TOTP: { secret, qrCode, manualEntryKey }
+     * - SMS: { maskedPhone }
+     * - Passkey: WebAuthn registration options
+     */
     setupData: Record<string, unknown>;
 }
 //# sourceMappingURL=setup-mfa.dto.d.ts.map

package/dist/dto/setup-mfa.dto.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"setup-mfa.dto.d.ts","sourceRoot":"","sources":["../../src/dto/setup-mfa.dto.ts"],"names":[],"mappings":"AAsBA,qBAAa,WAAW;IAqBtB,GAAG,EAAG,MAAM,CAAC;IAyBb,UAAU,EAAG,MAAM,CAAC;IAapB,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC;AAKD,qBAAa,mBAAmB;IAS9B,SAAS,EAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC"}
+{"version":3,"file":"setup-mfa.dto.d.ts","sourceRoot":"","sources":["../../src/dto/setup-mfa.dto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAMH;;GAEG;AACH,qBAAa,WAAW;IACtB;;;;;;;;;;;;OAYG;IAQH,GAAG,EAAG,MAAM,CAAC;IAEb;;;;;;;;;;;OAWG;IAYH,UAAU,EAAG,MAAM,CAAC;IAEpB;;;;;;;;OAQG;IAGH,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC;AAED;;GAEG;AACH,qBAAa,mBAAmB;IAC9B;;;;;;;OAOG;IACH,SAAS,EAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC"}

package/dist/dto/setup-mfa.dto.js

@@ -1,4 +1,18 @@
 "use strict";
+/**
+ * DTO for setting up MFA device
+ *
+ * Used to initiate MFA device setup using the appropriate provider.
+ *
+ * @example
+ * ```typescript
+ * const setup = await mfaService.setup({
+ *   sub: 'user-uuid',
+ *   methodName: 'totp',
+ *   setupData: {}
+ * });
+ * ```
+ */
 var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
     var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
     if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
@@ -13,9 +27,46 @@ exports.SetupMFAResponseDTO = exports.SetupMFADTO = void 0;
 const class_validator_1 = require("class-validator");
 const class_transformer_1 = require("class-transformer");
 const mfa_method_enum_1 = require("../enums/mfa-method.enum");
+/**
+ * DTO for setting up MFA device
+ */
 class SetupMFADTO {
+    /**
+     * User's unique identifier (UUID v4)
+     *
+     * Validation:
+     * - Must be a valid UUID v4 format
+     * - Matches DB constraint: char(36) or uuid
+     *
+     * Sanitization:
+     * - Trimmed
+     * - Lowercased for consistency
+     *
+     * @example "a21b654c-2746-4168-acee-c175083a65cd"
+     */
     sub;
+    /**
+     * MFA method name
+     *
+     * Validation:
+     * - Must be one of: totp, sms, email, passkey
+     * - Max 50 characters
+     *
+     * Sanitization:
+     * - Trimmed and lowercased
+     *
+     * @example "totp"
+     */
     methodName;
+    /**
+     * Optional provider-specific setup data
+     *
+     * Validation:
+     * - Must be an object if provided
+     * - Structure validated by MFA provider services
+     *
+     * @example { phoneNumber: '+1234567890' } for SMS
+     */
     setupData;
 }
 exports.SetupMFADTO = SetupMFADTO;
@@ -48,7 +99,18 @@ __decorate([
     (0, class_validator_1.IsObject)({ message: 'Setup data must be an object' }),
     __metadata("design:type", Object)
 ], SetupMFADTO.prototype, "setupData", void 0);
+/**
+ * Response DTO for MFA setup
+ */
 class SetupMFAResponseDTO {
+    /**
+     * Provider-specific setup response
+     *
+     * Structure varies by method:
+     * - TOTP: { secret, qrCode, manualEntryKey }
+     * - SMS: { maskedPhone }
+     * - Passkey: WebAuthn registration options
+     */
     setupData;
 }
 exports.SetupMFAResponseDTO = SetupMFAResponseDTO;

package/dist/dto/setup-mfa.dto.js.map

@@ -1 +1 @@
-{"version":3,"file":"setup-mfa.dto.js","sourceRoot":"","sources":["../../src/dto/setup-mfa.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAeA,qDAA4F;AAC5F,yDAA8C;AAC9C,8DAAqD;AAKrD,MAAa,WAAW;IAqBtB,GAAG,CAAU;IAyBb,UAAU,CAAU;IAapB,SAAS,CAA2B;CACrC;AA5DD,kCA4DC;AAvCC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,yCAAyC,EAAE,CAAC;IACnE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;wCACW;AAyBb;IAXC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC;IACrD,IAAA,wBAAM,EAAC,CAAC,2BAAS,CAAC,IAAI,EAAE,2BAAS,CAAC,GAAG,EAAE,2BAAS,CAAC,KAAK,EAAE,2BAAS,CAAC,OAAO,CAAC,EAAE;QAC3E,OAAO,EAAE,uDAAuD;KACjE,CAAC;IACD,IAAA,2BAAS,EAAC,EAAE,EAAE,EAAE,OAAO,EAAE,2CAA2C,EAAE,CAAC;IACvE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;+CACkB;AAapB;IAFC,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC;;8CAClB;AAMtC,MAAa,mBAAmB;IAS9B,SAAS,CAA2B;CACrC;AAVD,kDAUC"}
+{"version":3,"file":"setup-mfa.dto.js","sourceRoot":"","sources":["../../src/dto/setup-mfa.dto.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;GAaG;;;;;;;;;;;;AAEH,qDAA4F;AAC5F,yDAA8C;AAC9C,8DAAqD;AAErD;;GAEG;AACH,MAAa,WAAW;IACtB;;;;;;;;;;;;OAYG;IAQH,GAAG,CAAU;IAEb;;;;;;;;;;;OAWG;IAYH,UAAU,CAAU;IAEpB;;;;;;;;OAQG;IAGH,SAAS,CAA2B;CACrC;AA5DD,kCA4DC;AAvCC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,yCAAyC,EAAE,CAAC;IACnE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;wCACW;AAyBb;IAXC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC;IACrD,IAAA,wBAAM,EAAC,CAAC,2BAAS,CAAC,IAAI,EAAE,2BAAS,CAAC,GAAG,EAAE,2BAAS,CAAC,KAAK,EAAE,2BAAS,CAAC,OAAO,CAAC,EAAE;QAC3E,OAAO,EAAE,uDAAuD;KACjE,CAAC;IACD,IAAA,2BAAS,EAAC,EAAE,EAAE,EAAE,OAAO,EAAE,2CAA2C,EAAE,CAAC;IACvE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;+CACkB;AAapB;IAFC,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC;;8CAClB;AAGtC;;GAEG;AACH,MAAa,mBAAmB;IAC9B;;;;;;;OAOG;IACH,SAAS,CAA2B;CACrC;AAVD,kDAUC"}

package/dist/dto/signup.dto.d.ts

@@ -1,10 +1,102 @@
+/**
+ * DTO for user signup with comprehensive validation
+ *
+ * Security:
+ * - All fields validated against DB constraints
+ * - Input sanitization applied automatically
+ * - Password strength enforced (8-128 chars)
+ * - Email/username uniqueness checked in service layer
+ */
 export declare class SignupDTO {
+    /**
+     * User email address
+     *
+     * Validation:
+     * - Valid email format (RFC 5322)
+     * - Max 255 characters (matches DB limit)
+     *
+     * Sanitization:
+     * - Trimmed and lowercased
+     */
     email: string;
+    /**
+     * User password
+     *
+     * Validation:
+     * - Min 8 characters
+     * - Max 128 characters (prevents DoS via bcrypt)
+     * - Additional policy checks in service layer
+     *
+     * Note: NOT trimmed (passwords can have leading/trailing spaces)
+     */
     password: string;
+    /**
+     * Optional username
+     *
+     * Validation:
+     * - 3-50 characters
+     * - Alphanumeric, underscores, and hyphens only
+     * - Max 255 characters (DB limit)
+     *
+     * Sanitization:
+     * - Trimmed
+     * - Case preserved (username can be case-sensitive per config)
+     */
     username?: string;
+    /**
+     * Optional first name
+     *
+     * Validation:
+     * - 1-100 characters
+     * - Letters, spaces, hyphens, and apostrophes only
+     * - Max 100 characters (DB limit)
+     *
+     * Sanitization:
+     * - Trimmed
+     * - Title case preserved
+     */
     firstName?: string;
+    /**
+     * Optional last name
+     *
+     * Validation:
+     * - 1-100 characters
+     * - Letters, spaces, hyphens, and apostrophes only
+     * - Max 100 characters (DB limit)
+     *
+     * Sanitization:
+     * - Trimmed
+     * - Title case preserved
+     */
     lastName?: string;
+    /**
+     * Optional phone number
+     *
+     * Validation:
+     * - E.164 format (international standard)
+     * - MUST start with + (required for security)
+     * - Max 20 characters (DB limit)
+     * - Example: +14155552671, +61444567890
+     *
+     * Sanitization:
+     * - Whitespace removed
+     * - Only digits and leading + preserved
+     *
+     * Security:
+     * - Strict E.164 validation prevents SQL injection
+     * - Max length prevents oversized inputs
+     *
+     * Note: Using regex for E.164 format as IsPhoneNumber requires specific country codes
+     * and doesn't support international E.164 format validation directly
+     */
     phone?: string;
+    /**
+     * Optional metadata (custom fields)
+     *
+     * Security:
+     * - Validated in service layer if used
+     * - Max depth/size limits should be enforced
+     */
     metadata?: Record<string, unknown>;
 }
 //# sourceMappingURL=signup.dto.d.ts.map

package/dist/dto/signup.dto.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"signup.dto.d.ts","sourceRoot":"","sources":["../../src/dto/signup.dto.ts"],"names":[],"mappings":"AAYA,qBAAa,SAAS;IAmBpB,KAAK,EAAG,MAAM,CAAC;IAef,QAAQ,EAAG,MAAM,CAAC;IA2BlB,QAAQ,CAAC,EAAE,MAAM,CAAC;IA2BlB,SAAS,CAAC,EAAE,MAAM,CAAC;IA2BnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAmClB,KAAK,CAAC,EAAE,MAAM,CAAC;IAUf,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC"}
+{"version":3,"file":"signup.dto.d.ts","sourceRoot":"","sources":["../../src/dto/signup.dto.ts"],"names":[],"mappings":"AAGA;;;;;;;;GAQG;AACH,qBAAa,SAAS;IACpB;;;;;;;;;OASG;IASH,KAAK,EAAG,MAAM,CAAC;IAEf;;;;;;;;;OASG;IAIH,QAAQ,EAAG,MAAM,CAAC;IAElB;;;;;;;;;;;OAWG;IAcH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;;;;;;;;;;OAWG;IAcH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;;;;;;;;;OAWG;IAcH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;;;;;;;;;;;;;;;;;;OAmBG;IAcH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;;;;;OAMG;IAEH,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC"}