@nauth-toolkit/core 0.1.13 → 0.1.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (623) hide show
  1. package/dist/adapters/database-columns.d.ts +70 -0
  2. package/dist/adapters/database-columns.d.ts.map +1 -1
  3. package/dist/adapters/database-columns.js +76 -2
  4. package/dist/adapters/database-columns.js.map +1 -1
  5. package/dist/adapters/express.adapter.d.ts +66 -0
  6. package/dist/adapters/express.adapter.d.ts.map +1 -1
  7. package/dist/adapters/express.adapter.js +80 -0
  8. package/dist/adapters/express.adapter.js.map +1 -1
  9. package/dist/adapters/fastify.adapter.d.ts +42 -0
  10. package/dist/adapters/fastify.adapter.d.ts.map +1 -1
  11. package/dist/adapters/fastify.adapter.js +86 -0
  12. package/dist/adapters/fastify.adapter.js.map +1 -1
  13. package/dist/adapters/index.d.ts +5 -0
  14. package/dist/adapters/index.d.ts.map +1 -1
  15. package/dist/adapters/index.js +9 -0
  16. package/dist/adapters/index.js.map +1 -1
  17. package/dist/adapters/storage.factory.d.ts +107 -0
  18. package/dist/adapters/storage.factory.d.ts.map +1 -1
  19. package/dist/adapters/storage.factory.js +114 -0
  20. package/dist/adapters/storage.factory.js.map +1 -1
  21. package/dist/adapters.d.ts +8 -0
  22. package/dist/adapters.d.ts.map +1 -1
  23. package/dist/adapters.js +8 -0
  24. package/dist/adapters.js.map +1 -1
  25. package/dist/bootstrap.d.ts +82 -0
  26. package/dist/bootstrap.d.ts.map +1 -1
  27. package/dist/bootstrap.js +106 -0
  28. package/dist/bootstrap.js.map +1 -1
  29. package/dist/dto/admin-set-password.dto.d.ts +90 -0
  30. package/dist/dto/admin-set-password.dto.d.ts.map +1 -1
  31. package/dist/dto/admin-set-password.dto.js +91 -0
  32. package/dist/dto/admin-set-password.dto.js.map +1 -1
  33. package/dist/dto/auth-challenge.dto.d.ts +170 -0
  34. package/dist/dto/auth-challenge.dto.d.ts.map +1 -1
  35. package/dist/dto/auth-challenge.dto.js +170 -0
  36. package/dist/dto/auth-challenge.dto.js.map +1 -1
  37. package/dist/dto/auth-response.dto.d.ts +196 -0
  38. package/dist/dto/auth-response.dto.d.ts.map +1 -1
  39. package/dist/dto/auth-response.dto.js +149 -0
  40. package/dist/dto/auth-response.dto.js.map +1 -1
  41. package/dist/dto/challenge-response.dto.d.ts +155 -0
  42. package/dist/dto/challenge-response.dto.d.ts.map +1 -1
  43. package/dist/dto/challenge-response.dto.js +8 -0
  44. package/dist/dto/challenge-response.dto.js.map +1 -1
  45. package/dist/dto/change-password-request.dto.d.ts +35 -0
  46. package/dist/dto/change-password-request.dto.d.ts.map +1 -1
  47. package/dist/dto/change-password-request.dto.js +35 -0
  48. package/dist/dto/change-password-request.dto.js.map +1 -1
  49. package/dist/dto/change-password-response.dto.d.ts +25 -0
  50. package/dist/dto/change-password-response.dto.d.ts.map +1 -1
  51. package/dist/dto/change-password-response.dto.js +25 -0
  52. package/dist/dto/change-password-response.dto.js.map +1 -1
  53. package/dist/dto/change-password.dto.d.ts +45 -0
  54. package/dist/dto/change-password.dto.d.ts.map +1 -1
  55. package/dist/dto/change-password.dto.js +45 -0
  56. package/dist/dto/change-password.dto.js.map +1 -1
  57. package/dist/dto/confirm-forgot-password.dto.d.ts +59 -0
  58. package/dist/dto/confirm-forgot-password.dto.d.ts.map +1 -1
  59. package/dist/dto/confirm-forgot-password.dto.js +59 -0
  60. package/dist/dto/confirm-forgot-password.dto.js.map +1 -1
  61. package/dist/dto/error-response.dto.d.ts +103 -0
  62. package/dist/dto/error-response.dto.d.ts.map +1 -1
  63. package/dist/dto/error-response.dto.js +103 -0
  64. package/dist/dto/error-response.dto.js.map +1 -1
  65. package/dist/dto/forgot-password.dto.d.ts +58 -0
  66. package/dist/dto/forgot-password.dto.d.ts.map +1 -1
  67. package/dist/dto/forgot-password.dto.js +58 -0
  68. package/dist/dto/forgot-password.dto.js.map +1 -1
  69. package/dist/dto/get-available-methods.dto.d.ts +37 -0
  70. package/dist/dto/get-available-methods.dto.d.ts.map +1 -1
  71. package/dist/dto/get-available-methods.dto.js +37 -0
  72. package/dist/dto/get-available-methods.dto.js.map +1 -1
  73. package/dist/dto/get-challenge-data-response.dto.d.ts +24 -0
  74. package/dist/dto/get-challenge-data-response.dto.d.ts.map +1 -1
  75. package/dist/dto/get-challenge-data-response.dto.js +24 -0
  76. package/dist/dto/get-challenge-data-response.dto.js.map +1 -1
  77. package/dist/dto/get-challenge-data.dto.d.ts +46 -0
  78. package/dist/dto/get-challenge-data.dto.d.ts.map +1 -1
  79. package/dist/dto/get-challenge-data.dto.js +46 -0
  80. package/dist/dto/get-challenge-data.dto.js.map +1 -1
  81. package/dist/dto/get-client-info.dto.d.ts +74 -0
  82. package/dist/dto/get-client-info.dto.d.ts.map +1 -1
  83. package/dist/dto/get-client-info.dto.js +74 -0
  84. package/dist/dto/get-client-info.dto.js.map +1 -1
  85. package/dist/dto/get-device-token-response.dto.d.ts +21 -0
  86. package/dist/dto/get-device-token-response.dto.d.ts.map +1 -1
  87. package/dist/dto/get-device-token-response.dto.js +21 -0
  88. package/dist/dto/get-device-token-response.dto.js.map +1 -1
  89. package/dist/dto/get-events-by-type.dto.d.ts +50 -0
  90. package/dist/dto/get-events-by-type.dto.d.ts.map +1 -1
  91. package/dist/dto/get-events-by-type.dto.js +50 -0
  92. package/dist/dto/get-events-by-type.dto.js.map +1 -1
  93. package/dist/dto/get-ip-address-response.dto.d.ts +20 -0
  94. package/dist/dto/get-ip-address-response.dto.d.ts.map +1 -1
  95. package/dist/dto/get-ip-address-response.dto.js +20 -0
  96. package/dist/dto/get-ip-address-response.dto.js.map +1 -1
  97. package/dist/dto/get-mfa-status.dto.d.ts +59 -0
  98. package/dist/dto/get-mfa-status.dto.d.ts.map +1 -1
  99. package/dist/dto/get-mfa-status.dto.js +59 -0
  100. package/dist/dto/get-mfa-status.dto.js.map +1 -1
  101. package/dist/dto/get-risk-assessment-history.dto.d.ts +28 -0
  102. package/dist/dto/get-risk-assessment-history.dto.d.ts.map +1 -1
  103. package/dist/dto/get-risk-assessment-history.dto.js +28 -0
  104. package/dist/dto/get-risk-assessment-history.dto.js.map +1 -1
  105. package/dist/dto/get-session-id-response.dto.d.ts +21 -0
  106. package/dist/dto/get-session-id-response.dto.d.ts.map +1 -1
  107. package/dist/dto/get-session-id-response.dto.js +21 -0
  108. package/dist/dto/get-session-id-response.dto.js.map +1 -1
  109. package/dist/dto/get-setup-data-response.dto.d.ts +27 -0
  110. package/dist/dto/get-setup-data-response.dto.d.ts.map +1 -1
  111. package/dist/dto/get-setup-data-response.dto.js +27 -0
  112. package/dist/dto/get-setup-data-response.dto.js.map +1 -1
  113. package/dist/dto/get-setup-data.dto.d.ts +51 -0
  114. package/dist/dto/get-setup-data.dto.d.ts.map +1 -1
  115. package/dist/dto/get-setup-data.dto.js +51 -0
  116. package/dist/dto/get-setup-data.dto.js.map +1 -1
  117. package/dist/dto/get-suspicious-activity.dto.d.ts +31 -0
  118. package/dist/dto/get-suspicious-activity.dto.d.ts.map +1 -1
  119. package/dist/dto/get-suspicious-activity.dto.js +31 -0
  120. package/dist/dto/get-suspicious-activity.dto.js.map +1 -1
  121. package/dist/dto/get-user-agent-response.dto.d.ts +19 -0
  122. package/dist/dto/get-user-agent-response.dto.d.ts.map +1 -1
  123. package/dist/dto/get-user-agent-response.dto.js +19 -0
  124. package/dist/dto/get-user-agent-response.dto.js.map +1 -1
  125. package/dist/dto/get-user-auth-history.dto.d.ts +64 -0
  126. package/dist/dto/get-user-auth-history.dto.d.ts.map +1 -1
  127. package/dist/dto/get-user-auth-history.dto.js +64 -0
  128. package/dist/dto/get-user-auth-history.dto.js.map +1 -1
  129. package/dist/dto/get-user-by-email.dto.d.ts +42 -0
  130. package/dist/dto/get-user-by-email.dto.d.ts.map +1 -1
  131. package/dist/dto/get-user-by-email.dto.js +42 -0
  132. package/dist/dto/get-user-by-email.dto.js.map +1 -1
  133. package/dist/dto/get-user-by-id.dto.d.ts +32 -0
  134. package/dist/dto/get-user-by-id.dto.d.ts.map +1 -1
  135. package/dist/dto/get-user-by-id.dto.js +32 -0
  136. package/dist/dto/get-user-by-id.dto.js.map +1 -1
  137. package/dist/dto/get-user-devices.dto.d.ts +34 -0
  138. package/dist/dto/get-user-devices.dto.d.ts.map +1 -1
  139. package/dist/dto/get-user-devices.dto.js +34 -0
  140. package/dist/dto/get-user-devices.dto.js.map +1 -1
  141. package/dist/dto/get-user-response.dto.d.ts +14 -0
  142. package/dist/dto/get-user-response.dto.d.ts.map +1 -1
  143. package/dist/dto/get-user-response.dto.js +15 -0
  144. package/dist/dto/get-user-response.dto.js.map +1 -1
  145. package/dist/dto/has-provider.dto.d.ts +33 -0
  146. package/dist/dto/has-provider.dto.d.ts.map +1 -1
  147. package/dist/dto/has-provider.dto.js +33 -0
  148. package/dist/dto/has-provider.dto.js.map +1 -1
  149. package/dist/dto/index.js +5 -0
  150. package/dist/dto/index.js.map +1 -1
  151. package/dist/dto/is-trusted-device-response.dto.d.ts +28 -0
  152. package/dist/dto/is-trusted-device-response.dto.d.ts.map +1 -1
  153. package/dist/dto/is-trusted-device-response.dto.js +28 -0
  154. package/dist/dto/is-trusted-device-response.dto.js.map +1 -1
  155. package/dist/dto/list-providers-response.dto.d.ts +19 -0
  156. package/dist/dto/list-providers-response.dto.d.ts.map +1 -1
  157. package/dist/dto/list-providers-response.dto.js +19 -0
  158. package/dist/dto/list-providers-response.dto.js.map +1 -1
  159. package/dist/dto/login.dto.d.ts +48 -0
  160. package/dist/dto/login.dto.d.ts.map +1 -1
  161. package/dist/dto/login.dto.js +50 -1
  162. package/dist/dto/login.dto.js.map +1 -1
  163. package/dist/dto/logout-all-response.dto.d.ts +20 -0
  164. package/dist/dto/logout-all-response.dto.d.ts.map +1 -1
  165. package/dist/dto/logout-all-response.dto.js +20 -0
  166. package/dist/dto/logout-all-response.dto.js.map +1 -1
  167. package/dist/dto/logout-all.dto.d.ts +42 -0
  168. package/dist/dto/logout-all.dto.d.ts.map +1 -1
  169. package/dist/dto/logout-all.dto.js +42 -0
  170. package/dist/dto/logout-all.dto.js.map +1 -1
  171. package/dist/dto/logout-response.dto.d.ts +21 -0
  172. package/dist/dto/logout-response.dto.d.ts.map +1 -1
  173. package/dist/dto/logout-response.dto.js +21 -0
  174. package/dist/dto/logout-response.dto.js.map +1 -1
  175. package/dist/dto/logout.dto.d.ts +45 -0
  176. package/dist/dto/logout.dto.d.ts.map +1 -1
  177. package/dist/dto/logout.dto.js +45 -0
  178. package/dist/dto/logout.dto.js.map +1 -1
  179. package/dist/dto/refresh-token.dto.d.ts +28 -0
  180. package/dist/dto/refresh-token.dto.d.ts.map +1 -1
  181. package/dist/dto/refresh-token.dto.js +28 -0
  182. package/dist/dto/refresh-token.dto.js.map +1 -1
  183. package/dist/dto/remove-devices.dto.d.ts +51 -0
  184. package/dist/dto/remove-devices.dto.d.ts.map +1 -1
  185. package/dist/dto/remove-devices.dto.js +51 -0
  186. package/dist/dto/remove-devices.dto.js.map +1 -1
  187. package/dist/dto/resend-code-response.dto.d.ts +28 -0
  188. package/dist/dto/resend-code-response.dto.d.ts.map +1 -1
  189. package/dist/dto/resend-code-response.dto.js +28 -0
  190. package/dist/dto/resend-code-response.dto.js.map +1 -1
  191. package/dist/dto/resend-code.dto.d.ts +37 -0
  192. package/dist/dto/resend-code.dto.d.ts.map +1 -1
  193. package/dist/dto/resend-code.dto.js +37 -0
  194. package/dist/dto/resend-code.dto.js.map +1 -1
  195. package/dist/dto/reset-password.dto.d.ts +74 -0
  196. package/dist/dto/reset-password.dto.d.ts.map +1 -1
  197. package/dist/dto/reset-password.dto.js +76 -1
  198. package/dist/dto/reset-password.dto.js.map +1 -1
  199. package/dist/dto/respond-challenge.dto.d.ts +147 -0
  200. package/dist/dto/respond-challenge.dto.d.ts.map +1 -1
  201. package/dist/dto/respond-challenge.dto.js +162 -0
  202. package/dist/dto/respond-challenge.dto.js.map +1 -1
  203. package/dist/dto/set-mfa-exemption.dto.d.ts +65 -0
  204. package/dist/dto/set-mfa-exemption.dto.d.ts.map +1 -1
  205. package/dist/dto/set-mfa-exemption.dto.js +65 -0
  206. package/dist/dto/set-mfa-exemption.dto.js.map +1 -1
  207. package/dist/dto/set-must-change-password-response.dto.d.ts +23 -0
  208. package/dist/dto/set-must-change-password-response.dto.d.ts.map +1 -1
  209. package/dist/dto/set-must-change-password-response.dto.js +23 -0
  210. package/dist/dto/set-must-change-password-response.dto.js.map +1 -1
  211. package/dist/dto/set-must-change-password.dto.d.ts +32 -0
  212. package/dist/dto/set-must-change-password.dto.d.ts.map +1 -1
  213. package/dist/dto/set-must-change-password.dto.js +32 -0
  214. package/dist/dto/set-must-change-password.dto.js.map +1 -1
  215. package/dist/dto/set-preferred-method.dto.d.ts +48 -0
  216. package/dist/dto/set-preferred-method.dto.d.ts.map +1 -1
  217. package/dist/dto/set-preferred-method.dto.js +48 -0
  218. package/dist/dto/set-preferred-method.dto.js.map +1 -1
  219. package/dist/dto/setup-mfa.dto.d.ts +62 -0
  220. package/dist/dto/setup-mfa.dto.d.ts.map +1 -1
  221. package/dist/dto/setup-mfa.dto.js +62 -0
  222. package/dist/dto/setup-mfa.dto.js.map +1 -1
  223. package/dist/dto/signup.dto.d.ts +92 -0
  224. package/dist/dto/signup.dto.d.ts.map +1 -1
  225. package/dist/dto/signup.dto.js +93 -0
  226. package/dist/dto/signup.dto.js.map +1 -1
  227. package/dist/dto/social-auth.dto.d.ts +234 -0
  228. package/dist/dto/social-auth.dto.d.ts.map +1 -1
  229. package/dist/dto/social-auth.dto.js +234 -0
  230. package/dist/dto/social-auth.dto.js.map +1 -1
  231. package/dist/dto/trust-device-response.dto.d.ts +26 -0
  232. package/dist/dto/trust-device-response.dto.d.ts.map +1 -1
  233. package/dist/dto/trust-device-response.dto.js +26 -0
  234. package/dist/dto/trust-device-response.dto.js.map +1 -1
  235. package/dist/dto/trust-device.dto.d.ts +9 -0
  236. package/dist/dto/trust-device.dto.d.ts.map +1 -1
  237. package/dist/dto/trust-device.dto.js +9 -0
  238. package/dist/dto/trust-device.dto.js.map +1 -1
  239. package/dist/dto/update-user-attributes-request.dto.d.ts +36 -0
  240. package/dist/dto/update-user-attributes-request.dto.d.ts.map +1 -1
  241. package/dist/dto/update-user-attributes-request.dto.js +36 -0
  242. package/dist/dto/update-user-attributes-request.dto.js.map +1 -1
  243. package/dist/dto/user-response.dto.d.ts +81 -0
  244. package/dist/dto/user-response.dto.d.ts.map +1 -1
  245. package/dist/dto/user-response.dto.js +84 -2
  246. package/dist/dto/user-response.dto.js.map +1 -1
  247. package/dist/dto/user-update.dto.d.ts +132 -0
  248. package/dist/dto/user-update.dto.d.ts.map +1 -1
  249. package/dist/dto/user-update.dto.js +133 -0
  250. package/dist/dto/user-update.dto.js.map +1 -1
  251. package/dist/dto/verify-email.dto.d.ts +171 -0
  252. package/dist/dto/verify-email.dto.d.ts.map +1 -1
  253. package/dist/dto/verify-email.dto.js +173 -1
  254. package/dist/dto/verify-email.dto.js.map +1 -1
  255. package/dist/dto/verify-mfa-code.dto.d.ts +65 -0
  256. package/dist/dto/verify-mfa-code.dto.d.ts.map +1 -1
  257. package/dist/dto/verify-mfa-code.dto.js +65 -0
  258. package/dist/dto/verify-mfa-code.dto.js.map +1 -1
  259. package/dist/dto/verify-phone-by-sub.dto.d.ts +49 -0
  260. package/dist/dto/verify-phone-by-sub.dto.d.ts.map +1 -1
  261. package/dist/dto/verify-phone-by-sub.dto.js +49 -0
  262. package/dist/dto/verify-phone-by-sub.dto.js.map +1 -1
  263. package/dist/dto/verify-phone.dto.d.ts +139 -0
  264. package/dist/dto/verify-phone.dto.d.ts.map +1 -1
  265. package/dist/dto/verify-phone.dto.js +142 -1
  266. package/dist/dto/verify-phone.dto.js.map +1 -1
  267. package/dist/dto.d.ts +10 -0
  268. package/dist/dto.d.ts.map +1 -1
  269. package/dist/dto.js +10 -0
  270. package/dist/dto.js.map +1 -1
  271. package/dist/entities/auth-audit.entity.d.ts +159 -0
  272. package/dist/entities/auth-audit.entity.d.ts.map +1 -1
  273. package/dist/entities/auth-audit.entity.js +166 -0
  274. package/dist/entities/auth-audit.entity.js.map +1 -1
  275. package/dist/entities/challenge-session.entity.d.ts +87 -0
  276. package/dist/entities/challenge-session.entity.d.ts.map +1 -1
  277. package/dist/entities/challenge-session.entity.js +87 -0
  278. package/dist/entities/challenge-session.entity.js.map +1 -1
  279. package/dist/entities/index.d.ts +18 -0
  280. package/dist/entities/index.d.ts.map +1 -1
  281. package/dist/entities/index.js +18 -0
  282. package/dist/entities/index.js.map +1 -1
  283. package/dist/entities/login-attempt.entity.d.ts +43 -0
  284. package/dist/entities/login-attempt.entity.d.ts.map +1 -1
  285. package/dist/entities/login-attempt.entity.js +43 -0
  286. package/dist/entities/login-attempt.entity.js.map +1 -1
  287. package/dist/entities/mfa-device.entity.d.ts +112 -0
  288. package/dist/entities/mfa-device.entity.d.ts.map +1 -1
  289. package/dist/entities/mfa-device.entity.js +112 -0
  290. package/dist/entities/mfa-device.entity.js.map +1 -1
  291. package/dist/entities/rate-limit.entity.d.ts +31 -0
  292. package/dist/entities/rate-limit.entity.d.ts.map +1 -1
  293. package/dist/entities/rate-limit.entity.js +31 -0
  294. package/dist/entities/rate-limit.entity.js.map +1 -1
  295. package/dist/entities/session.entity.d.ts +121 -0
  296. package/dist/entities/session.entity.d.ts.map +1 -1
  297. package/dist/entities/session.entity.js +121 -0
  298. package/dist/entities/session.entity.js.map +1 -1
  299. package/dist/entities/social-account.entity.d.ts +75 -0
  300. package/dist/entities/social-account.entity.d.ts.map +1 -1
  301. package/dist/entities/social-account.entity.js +75 -0
  302. package/dist/entities/social-account.entity.js.map +1 -1
  303. package/dist/entities/storage-lock.entity.d.ts +28 -0
  304. package/dist/entities/storage-lock.entity.d.ts.map +1 -1
  305. package/dist/entities/storage-lock.entity.js +28 -0
  306. package/dist/entities/storage-lock.entity.js.map +1 -1
  307. package/dist/entities/trusted-device.entity.d.ts +83 -0
  308. package/dist/entities/trusted-device.entity.d.ts.map +1 -1
  309. package/dist/entities/trusted-device.entity.js +83 -0
  310. package/dist/entities/trusted-device.entity.js.map +1 -1
  311. package/dist/entities/user.entity.d.ts +166 -0
  312. package/dist/entities/user.entity.d.ts.map +1 -1
  313. package/dist/entities/user.entity.js +166 -0
  314. package/dist/entities/user.entity.js.map +1 -1
  315. package/dist/entities/verification-token.entity.d.ts +102 -0
  316. package/dist/entities/verification-token.entity.d.ts.map +1 -1
  317. package/dist/entities/verification-token.entity.js +102 -0
  318. package/dist/entities/verification-token.entity.js.map +1 -1
  319. package/dist/entities.d.ts +8 -0
  320. package/dist/entities.d.ts.map +1 -1
  321. package/dist/entities.js +8 -0
  322. package/dist/entities.js.map +1 -1
  323. package/dist/enums/auth-audit-event-type.enum.d.ts +211 -0
  324. package/dist/enums/auth-audit-event-type.enum.d.ts.map +1 -1
  325. package/dist/enums/auth-audit-event-type.enum.js +244 -0
  326. package/dist/enums/auth-audit-event-type.enum.js.map +1 -1
  327. package/dist/enums/error-codes.enum.d.ts +296 -0
  328. package/dist/enums/error-codes.enum.d.ts.map +1 -1
  329. package/dist/enums/error-codes.enum.js +332 -0
  330. package/dist/enums/error-codes.enum.js.map +1 -1
  331. package/dist/enums/mfa-method.enum.d.ts +74 -0
  332. package/dist/enums/mfa-method.enum.d.ts.map +1 -1
  333. package/dist/enums/mfa-method.enum.js +64 -0
  334. package/dist/enums/mfa-method.enum.js.map +1 -1
  335. package/dist/enums/risk-factor.enum.d.ts +91 -0
  336. package/dist/enums/risk-factor.enum.d.ts.map +1 -1
  337. package/dist/enums/risk-factor.enum.js +97 -0
  338. package/dist/enums/risk-factor.enum.js.map +1 -1
  339. package/dist/exceptions/nauth.exception.d.ts +149 -0
  340. package/dist/exceptions/nauth.exception.d.ts.map +1 -1
  341. package/dist/exceptions/nauth.exception.js +159 -0
  342. package/dist/exceptions/nauth.exception.js.map +1 -1
  343. package/dist/handlers/auth.handler.d.ts +32 -0
  344. package/dist/handlers/auth.handler.d.ts.map +1 -1
  345. package/dist/handlers/auth.handler.js +47 -1
  346. package/dist/handlers/auth.handler.js.map +1 -1
  347. package/dist/handlers/client-info.handler.d.ts +25 -0
  348. package/dist/handlers/client-info.handler.d.ts.map +1 -1
  349. package/dist/handlers/client-info.handler.js +36 -2
  350. package/dist/handlers/client-info.handler.js.map +1 -1
  351. package/dist/handlers/csrf.handler.d.ts +32 -0
  352. package/dist/handlers/csrf.handler.d.ts.map +1 -1
  353. package/dist/handlers/csrf.handler.js +49 -1
  354. package/dist/handlers/csrf.handler.js.map +1 -1
  355. package/dist/handlers/token-delivery.handler.d.ts +16 -0
  356. package/dist/handlers/token-delivery.handler.d.ts.map +1 -1
  357. package/dist/handlers/token-delivery.handler.js +22 -1
  358. package/dist/handlers/token-delivery.handler.js.map +1 -1
  359. package/dist/index.d.ts +34 -0
  360. package/dist/index.d.ts.map +1 -1
  361. package/dist/index.js +67 -0
  362. package/dist/index.js.map +1 -1
  363. package/dist/interfaces/client-info.interface.d.ts +58 -0
  364. package/dist/interfaces/client-info.interface.d.ts.map +1 -1
  365. package/dist/interfaces/config.interface.d.ts +1774 -0
  366. package/dist/interfaces/config.interface.d.ts.map +1 -1
  367. package/dist/interfaces/config.interface.js +16 -0
  368. package/dist/interfaces/config.interface.js.map +1 -1
  369. package/dist/interfaces/entities.interface.d.ts +48 -0
  370. package/dist/interfaces/entities.interface.d.ts.map +1 -1
  371. package/dist/interfaces/entities.interface.js +8 -0
  372. package/dist/interfaces/entities.interface.js.map +1 -1
  373. package/dist/interfaces/index.js +5 -0
  374. package/dist/interfaces/index.js.map +1 -1
  375. package/dist/interfaces/logger.interface.d.ts +213 -0
  376. package/dist/interfaces/logger.interface.d.ts.map +1 -1
  377. package/dist/interfaces/logger.interface.js +35 -0
  378. package/dist/interfaces/logger.interface.js.map +1 -1
  379. package/dist/interfaces/mfa-provider.interface.d.ts +134 -0
  380. package/dist/interfaces/mfa-provider.interface.d.ts.map +1 -1
  381. package/dist/interfaces/oauth.interface.d.ts +110 -0
  382. package/dist/interfaces/oauth.interface.d.ts.map +1 -1
  383. package/dist/interfaces/provider.interface.d.ts +83 -0
  384. package/dist/interfaces/provider.interface.d.ts.map +1 -1
  385. package/dist/interfaces/sms-template.interface.d.ts +246 -0
  386. package/dist/interfaces/sms-template.interface.d.ts.map +1 -1
  387. package/dist/interfaces/sms-template.interface.js +26 -0
  388. package/dist/interfaces/sms-template.interface.js.map +1 -1
  389. package/dist/interfaces/social-auth-provider.interface.d.ts +115 -0
  390. package/dist/interfaces/social-auth-provider.interface.d.ts.map +1 -1
  391. package/dist/interfaces/storage-adapter.interface.d.ts +37 -0
  392. package/dist/interfaces/storage-adapter.interface.d.ts.map +1 -1
  393. package/dist/interfaces/template.interface.d.ts +351 -0
  394. package/dist/interfaces/template.interface.d.ts.map +1 -1
  395. package/dist/interfaces/template.interface.js +13 -0
  396. package/dist/interfaces/template.interface.js.map +1 -1
  397. package/dist/interfaces/token-verifier.interface.d.ts +101 -0
  398. package/dist/interfaces/token-verifier.interface.d.ts.map +1 -1
  399. package/dist/interfaces.d.ts +8 -0
  400. package/dist/interfaces.d.ts.map +1 -1
  401. package/dist/interfaces.js +8 -0
  402. package/dist/interfaces.js.map +1 -1
  403. package/dist/internal.d.ts +120 -0
  404. package/dist/internal.d.ts.map +1 -1
  405. package/dist/internal.js +138 -0
  406. package/dist/internal.js.map +1 -1
  407. package/dist/platform/interfaces.d.ts +187 -0
  408. package/dist/platform/interfaces.d.ts.map +1 -1
  409. package/dist/platform/interfaces.js +11 -0
  410. package/dist/platform/interfaces.js.map +1 -1
  411. package/dist/schemas/auth-config.schema.d.ts +48 -0
  412. package/dist/schemas/auth-config.schema.d.ts.map +1 -1
  413. package/dist/schemas/auth-config.schema.js +188 -9
  414. package/dist/schemas/auth-config.schema.js.map +1 -1
  415. package/dist/services/adaptive-mfa-decision.service.d.ts +144 -0
  416. package/dist/services/adaptive-mfa-decision.service.d.ts.map +1 -1
  417. package/dist/services/adaptive-mfa-decision.service.js +151 -5
  418. package/dist/services/adaptive-mfa-decision.service.js.map +1 -1
  419. package/dist/services/auth-audit.service.d.ts +195 -0
  420. package/dist/services/auth-audit.service.d.ts.map +1 -1
  421. package/dist/services/auth-audit.service.js +228 -1
  422. package/dist/services/auth-audit.service.js.map +1 -1
  423. package/dist/services/auth-challenge-helper.service.d.ts +144 -1
  424. package/dist/services/auth-challenge-helper.service.d.ts.map +1 -1
  425. package/dist/services/auth-challenge-helper.service.js +295 -16
  426. package/dist/services/auth-challenge-helper.service.js.map +1 -1
  427. package/dist/services/auth-flow-context-builder.service.d.ts +120 -1
  428. package/dist/services/auth-flow-context-builder.service.d.ts.map +1 -1
  429. package/dist/services/auth-flow-context-builder.service.js +184 -5
  430. package/dist/services/auth-flow-context-builder.service.js.map +1 -1
  431. package/dist/services/auth-flow-rules.d.ts +136 -0
  432. package/dist/services/auth-flow-rules.d.ts.map +1 -1
  433. package/dist/services/auth-flow-rules.js +137 -0
  434. package/dist/services/auth-flow-rules.js.map +1 -1
  435. package/dist/services/auth-flow-state-definitions.d.ts +40 -0
  436. package/dist/services/auth-flow-state-definitions.d.ts.map +1 -1
  437. package/dist/services/auth-flow-state-definitions.js +98 -0
  438. package/dist/services/auth-flow-state-definitions.js.map +1 -1
  439. package/dist/services/auth-flow-state-machine.service.d.ts +91 -0
  440. package/dist/services/auth-flow-state-machine.service.d.ts.map +1 -1
  441. package/dist/services/auth-flow-state-machine.service.js +102 -0
  442. package/dist/services/auth-flow-state-machine.service.js.map +1 -1
  443. package/dist/services/auth-flow-state-machine.types.d.ts +221 -0
  444. package/dist/services/auth-flow-state-machine.types.d.ts.map +1 -1
  445. package/dist/services/auth-flow-state-machine.types.js +47 -0
  446. package/dist/services/auth-flow-state-machine.types.js.map +1 -1
  447. package/dist/services/auth.service.d.ts +397 -1
  448. package/dist/services/auth.service.d.ts.map +1 -1
  449. package/dist/services/auth.service.js +943 -27
  450. package/dist/services/auth.service.js.map +1 -1
  451. package/dist/services/challenge.service.d.ts +255 -1
  452. package/dist/services/challenge.service.d.ts.map +1 -1
  453. package/dist/services/challenge.service.js +327 -3
  454. package/dist/services/challenge.service.js.map +1 -1
  455. package/dist/services/client-info.service.d.ts +143 -0
  456. package/dist/services/client-info.service.d.ts.map +1 -1
  457. package/dist/services/client-info.service.js +161 -0
  458. package/dist/services/client-info.service.js.map +1 -1
  459. package/dist/services/csrf.service.d.ts +15 -0
  460. package/dist/services/csrf.service.d.ts.map +1 -1
  461. package/dist/services/csrf.service.js +16 -0
  462. package/dist/services/csrf.service.js.map +1 -1
  463. package/dist/services/email-verification.service.d.ts +52 -0
  464. package/dist/services/email-verification.service.d.ts.map +1 -1
  465. package/dist/services/email-verification.service.js +149 -10
  466. package/dist/services/email-verification.service.js.map +1 -1
  467. package/dist/services/geo-location.service.d.ts +105 -0
  468. package/dist/services/geo-location.service.d.ts.map +1 -1
  469. package/dist/services/geo-location.service.js +188 -2
  470. package/dist/services/geo-location.service.js.map +1 -1
  471. package/dist/services/jwt.service.d.ts +257 -0
  472. package/dist/services/jwt.service.d.ts.map +1 -1
  473. package/dist/services/jwt.service.js +284 -1
  474. package/dist/services/jwt.service.js.map +1 -1
  475. package/dist/services/mfa-base.service.d.ts +179 -1
  476. package/dist/services/mfa-base.service.d.ts.map +1 -1
  477. package/dist/services/mfa-base.service.js +256 -2
  478. package/dist/services/mfa-base.service.js.map +1 -1
  479. package/dist/services/mfa.service.d.ts +304 -0
  480. package/dist/services/mfa.service.d.ts.map +1 -1
  481. package/dist/services/mfa.service.js +380 -0
  482. package/dist/services/mfa.service.js.map +1 -1
  483. package/dist/services/password-reset.service.d.ts +46 -0
  484. package/dist/services/password-reset.service.d.ts.map +1 -1
  485. package/dist/services/password-reset.service.js +79 -0
  486. package/dist/services/password-reset.service.js.map +1 -1
  487. package/dist/services/password.service.d.ts +139 -0
  488. package/dist/services/password.service.d.ts.map +1 -1
  489. package/dist/services/password.service.js +167 -9
  490. package/dist/services/password.service.js.map +1 -1
  491. package/dist/services/phone-verification.service.d.ts +75 -0
  492. package/dist/services/phone-verification.service.d.ts.map +1 -1
  493. package/dist/services/phone-verification.service.js +188 -6
  494. package/dist/services/phone-verification.service.js.map +1 -1
  495. package/dist/services/risk-detection.service.d.ts +198 -0
  496. package/dist/services/risk-detection.service.d.ts.map +1 -1
  497. package/dist/services/risk-detection.service.js +358 -11
  498. package/dist/services/risk-detection.service.js.map +1 -1
  499. package/dist/services/risk-scoring.service.d.ts +84 -0
  500. package/dist/services/risk-scoring.service.d.ts.map +1 -1
  501. package/dist/services/risk-scoring.service.js +87 -0
  502. package/dist/services/risk-scoring.service.js.map +1 -1
  503. package/dist/services/session.service.d.ts +204 -0
  504. package/dist/services/session.service.d.ts.map +1 -1
  505. package/dist/services/session.service.js +289 -4
  506. package/dist/services/session.service.js.map +1 -1
  507. package/dist/services/social-auth-base.service.d.ts +123 -1
  508. package/dist/services/social-auth-base.service.d.ts.map +1 -1
  509. package/dist/services/social-auth-base.service.js +155 -2
  510. package/dist/services/social-auth-base.service.js.map +1 -1
  511. package/dist/services/social-auth.service.d.ts +191 -0
  512. package/dist/services/social-auth.service.d.ts.map +1 -1
  513. package/dist/services/social-auth.service.js +215 -2
  514. package/dist/services/social-auth.service.js.map +1 -1
  515. package/dist/services/social-provider-registry.service.d.ts +86 -0
  516. package/dist/services/social-provider-registry.service.d.ts.map +1 -1
  517. package/dist/services/social-provider-registry.service.js +86 -0
  518. package/dist/services/social-provider-registry.service.js.map +1 -1
  519. package/dist/services/trusted-device.service.d.ts +105 -0
  520. package/dist/services/trusted-device.service.d.ts.map +1 -1
  521. package/dist/services/trusted-device.service.js +133 -4
  522. package/dist/services/trusted-device.service.js.map +1 -1
  523. package/dist/storage/account-lockout-storage.service.d.ts +35 -0
  524. package/dist/storage/account-lockout-storage.service.d.ts.map +1 -1
  525. package/dist/storage/account-lockout-storage.service.js +35 -0
  526. package/dist/storage/account-lockout-storage.service.js.map +1 -1
  527. package/dist/storage/memory-storage.adapter.d.ts +148 -0
  528. package/dist/storage/memory-storage.adapter.d.ts.map +1 -1
  529. package/dist/storage/memory-storage.adapter.js +201 -6
  530. package/dist/storage/memory-storage.adapter.js.map +1 -1
  531. package/dist/storage/rate-limit-storage.service.d.ts +3 -0
  532. package/dist/storage/rate-limit-storage.service.d.ts.map +1 -1
  533. package/dist/storage/rate-limit-storage.service.js +4 -0
  534. package/dist/storage/rate-limit-storage.service.js.map +1 -1
  535. package/dist/storage.d.ts +8 -0
  536. package/dist/storage.d.ts.map +1 -1
  537. package/dist/storage.js +8 -0
  538. package/dist/storage.js.map +1 -1
  539. package/dist/templates/html-template.engine.d.ts +110 -0
  540. package/dist/templates/html-template.engine.d.ts.map +1 -1
  541. package/dist/templates/html-template.engine.js +147 -0
  542. package/dist/templates/html-template.engine.js.map +1 -1
  543. package/dist/templates/index.d.ts +5 -0
  544. package/dist/templates/index.d.ts.map +1 -1
  545. package/dist/templates/index.js +5 -0
  546. package/dist/templates/index.js.map +1 -1
  547. package/dist/templates/sms-template.engine.d.ts +151 -0
  548. package/dist/templates/sms-template.engine.d.ts.map +1 -1
  549. package/dist/templates/sms-template.engine.js +171 -0
  550. package/dist/templates/sms-template.engine.js.map +1 -1
  551. package/dist/templates.d.ts +8 -0
  552. package/dist/templates.d.ts.map +1 -1
  553. package/dist/templates.js +8 -0
  554. package/dist/templates.js.map +1 -1
  555. package/dist/utils/common-passwords.d.ts +42 -0
  556. package/dist/utils/common-passwords.d.ts.map +1 -1
  557. package/dist/utils/common-passwords.js +88 -0
  558. package/dist/utils/common-passwords.js.map +1 -1
  559. package/dist/utils/context-storage.d.ts +129 -0
  560. package/dist/utils/context-storage.d.ts.map +1 -1
  561. package/dist/utils/context-storage.js +129 -0
  562. package/dist/utils/context-storage.js.map +1 -1
  563. package/dist/utils/cookie-names.util.d.ts +35 -0
  564. package/dist/utils/cookie-names.util.d.ts.map +1 -1
  565. package/dist/utils/cookie-names.util.js +37 -0
  566. package/dist/utils/cookie-names.util.js.map +1 -1
  567. package/dist/utils/cookies.util.d.ts +19 -0
  568. package/dist/utils/cookies.util.d.ts.map +1 -1
  569. package/dist/utils/cookies.util.js +30 -3
  570. package/dist/utils/cookies.util.js.map +1 -1
  571. package/dist/utils/index.d.ts +3 -0
  572. package/dist/utils/index.d.ts.map +1 -1
  573. package/dist/utils/index.js +4 -0
  574. package/dist/utils/index.js.map +1 -1
  575. package/dist/utils/ip-extractor.d.ts +88 -0
  576. package/dist/utils/ip-extractor.d.ts.map +1 -1
  577. package/dist/utils/ip-extractor.js +109 -16
  578. package/dist/utils/ip-extractor.js.map +1 -1
  579. package/dist/utils/nauth-logger.d.ts +70 -0
  580. package/dist/utils/nauth-logger.d.ts.map +1 -1
  581. package/dist/utils/nauth-logger.js +82 -4
  582. package/dist/utils/nauth-logger.js.map +1 -1
  583. package/dist/utils/pii-redactor.d.ts +70 -0
  584. package/dist/utils/pii-redactor.d.ts.map +1 -1
  585. package/dist/utils/pii-redactor.js +102 -0
  586. package/dist/utils/pii-redactor.js.map +1 -1
  587. package/dist/utils/setup/get-repositories.d.ts +16 -0
  588. package/dist/utils/setup/get-repositories.d.ts.map +1 -1
  589. package/dist/utils/setup/get-repositories.js +21 -0
  590. package/dist/utils/setup/get-repositories.js.map +1 -1
  591. package/dist/utils/setup/init-services.d.ts +40 -1
  592. package/dist/utils/setup/init-services.d.ts.map +1 -1
  593. package/dist/utils/setup/init-services.js +98 -0
  594. package/dist/utils/setup/init-services.js.map +1 -1
  595. package/dist/utils/setup/init-social.d.ts +27 -0
  596. package/dist/utils/setup/init-social.d.ts.map +1 -1
  597. package/dist/utils/setup/init-social.js +49 -0
  598. package/dist/utils/setup/init-social.js.map +1 -1
  599. package/dist/utils/setup/init-storage.d.ts +22 -0
  600. package/dist/utils/setup/init-storage.d.ts.map +1 -1
  601. package/dist/utils/setup/init-storage.js +36 -0
  602. package/dist/utils/setup/init-storage.js.map +1 -1
  603. package/dist/utils/setup/register-mfa.d.ts +22 -0
  604. package/dist/utils/setup/register-mfa.d.ts.map +1 -1
  605. package/dist/utils/setup/register-mfa.js +41 -0
  606. package/dist/utils/setup/register-mfa.js.map +1 -1
  607. package/dist/utils/setup/run-nauth-migrations.d.ts +7 -0
  608. package/dist/utils/setup/run-nauth-migrations.d.ts.map +1 -1
  609. package/dist/utils/setup/run-nauth-migrations.js +8 -0
  610. package/dist/utils/setup/run-nauth-migrations.js.map +1 -1
  611. package/dist/utils/token-delivery-policy.d.ts +17 -0
  612. package/dist/utils/token-delivery-policy.d.ts.map +1 -1
  613. package/dist/utils/token-delivery-policy.js +17 -0
  614. package/dist/utils/token-delivery-policy.js.map +1 -1
  615. package/dist/utils.d.ts +8 -0
  616. package/dist/utils.d.ts.map +1 -1
  617. package/dist/utils.js +8 -0
  618. package/dist/utils.js.map +1 -1
  619. package/dist/validators/template.validator.d.ts +80 -0
  620. package/dist/validators/template.validator.d.ts.map +1 -1
  621. package/dist/validators/template.validator.js +94 -0
  622. package/dist/validators/template.validator.js.map +1 -1
  623. package/package.json +7 -2
package/dist/entities/user.entity.d.ts CHANGED
@@ -1,41 +1,207 @@
1
+ /**
2
+ * Base User Entity
3
+ *
4
+ * Core user authentication record with all fields and business logic.
5
+ * Database adapters extend this class and add ORM-specific decorators.
6
+ *
7
+ * @remarks
8
+ * This class is database-agnostic. TypeORM, Prisma, or other ORMs
9
+ * extend this class in their respective packages.
10
+ */
1
11
  export declare class BaseUser {
12
+ /**
13
+ * Internal database ID (auto-increment integer)
14
+ * Used for foreign key relationships and internal queries
15
+ * NOT exposed externally
16
+ */
2
17
  id: number;
18
+ /**
19
+ * External user identifier (UUID)
20
+ * Exposed in API responses and JWT tokens as 'sub' (subject)
21
+ * This is what consuming applications should use
22
+ */
3
23
  sub: string;
24
+ /**
25
+ * User's username (optional, unique if set)
26
+ */
4
27
  username: string | null;
28
+ /**
29
+ * User's first name
30
+ */
5
31
  firstName: string | null;
32
+ /**
33
+ * User's last name
34
+ */
6
35
  lastName: string | null;
36
+ /**
37
+ * User's email address (required, unique)
38
+ */
7
39
  email: string;
40
+ /**
41
+ * User's phone number in E.164 format (optional)
42
+ */
8
43
  phone: string | null;
44
+ /**
45
+ * Hashed password (Argon2)
46
+ * NULL for social-only accounts
47
+ */
9
48
  passwordHash: string | null;
49
+ /**
50
+ * When password was last changed
51
+ * Used for password expiry policies
52
+ */
10
53
  passwordChangedAt: Date | null;
54
+ /**
55
+ * Password history (hashed)
56
+ * Used to prevent password reuse
57
+ */
11
58
  passwordHistory: string[] | null;
59
+ /**
60
+ * Flag to force password change on next login
61
+ * When true, user must complete FORCE_CHANGE_PASSWORD challenge
62
+ * Can be set by admin or by password expiration policy
63
+ */
12
64
  mustChangePassword: boolean;
65
+ /**
66
+ * Email verification status
67
+ */
13
68
  isEmailVerified: boolean;
69
+ /**
70
+ * Phone verification status
71
+ */
14
72
  isPhoneVerified: boolean;
73
+ /**
74
+ * Account active status
75
+ * Inactive accounts cannot login
76
+ */
15
77
  isActive: boolean;
78
+ /**
79
+ * Account lock status
80
+ * Locked accounts cannot login until unlocked
81
+ */
16
82
  isLocked: boolean;
83
+ /**
84
+ * Reason for account lock
85
+ */
17
86
  lockReason: string | null;
87
+ /**
88
+ * When account was locked
89
+ */
18
90
  lockedAt: Date | null;
91
+ /**
92
+ * When account lock expires (NULL = permanent)
93
+ */
19
94
  lockedUntil: Date | null;
95
+ /**
96
+ * Number of consecutive failed login attempts
97
+ */
20
98
  failedLoginAttempts: number;
99
+ /**
100
+ * When last failed login occurred
101
+ */
21
102
  lastFailedLoginAt: Date | null;
103
+ /**
104
+ * When user last successfully logged in
105
+ */
22
106
  lastLoginAt: Date | null;
107
+ /**
108
+ * IP address of last successful login
109
+ */
23
110
  lastLoginIp: string | null;
111
+ /**
112
+ * MFA enabled status
113
+ */
24
114
  mfaEnabled: boolean;
115
+ /**
116
+ * List of enabled MFA methods
117
+ * Examples: ['totp', 'sms', 'passkey']
118
+ */
25
119
  mfaMethods: string[] | null;
120
+ /**
121
+ * When MFA was enforced for this user
122
+ */
26
123
  mfaEnforcedAt?: Date | null;
124
+ /**
125
+ * TOTP secret (encrypted)
126
+ * DEPRECATED: Use MFADevice entity instead
127
+ */
27
128
  totpSecret?: string | null;
129
+ /**
130
+ * Backup recovery codes (hashed)
131
+ * Single-use codes for account recovery
132
+ */
28
133
  backupCodes: string[] | null;
134
+ /**
135
+ * User's preferred MFA method
136
+ * Used to pre-select MFA method during authentication
137
+ */
29
138
  preferredMfaMethod: string | null;
139
+ /**
140
+ * MFA exemption status
141
+ *
142
+ * When true, user is exempt from MFA requirements (both setup and verification).
143
+ * This is an admin-only field and should only be set through admin functions.
144
+ *
145
+ * SECURITY: Exemption only affects MFA - other security measures (account lock,
146
+ * email verification, password change) still apply normally.
147
+ *
148
+ * @default false
149
+ */
30
150
  mfaExempt?: boolean;
151
+ /**
152
+ * Reason for MFA exemption (optional, for audit trail)
153
+ *
154
+ * Admin should provide reason when granting exemption (e.g., "Internal service account",
155
+ * "Legacy system integration", "Special access approval")
156
+ *
157
+ * @default null
158
+ */
31
159
  mfaExemptReason?: string | null;
160
+ /**
161
+ * When MFA exemption was granted
162
+ *
163
+ * Used for audit trail and potentially for expiration logic in future.
164
+ *
165
+ * @default null
166
+ */
32
167
  mfaExemptGrantedAt?: Date | null;
168
+ /**
169
+ * Who granted the MFA exemption (optional, admin identifier)
170
+ *
171
+ * For audit trail - store admin user ID or identifier who granted exemption.
172
+ *
173
+ * @default null
174
+ */
33
175
  mfaExemptGrantedBy?: string | null;
176
+ /**
177
+ * Optimization flag: indicates if user has any social authentication methods
178
+ * Prevents unnecessary joins for password-only users (80%+ of users)
179
+ * Updated automatically when social accounts are linked/unlinked
180
+ */
34
181
  hasSocialAuth: boolean;
182
+ /**
183
+ * Array of social providers linked to this account
184
+ * Examples: ['google', 'apple', 'facebook']
185
+ * Updated automatically when social accounts are linked/unlinked
186
+ */
35
187
  socialProviders: string[] | null;
188
+ /**
189
+ * Additional user metadata (JSON)
190
+ * For custom application-specific data
191
+ */
36
192
  metadata: Record<string, unknown> | null;
193
+ /**
194
+ * Account creation timestamp
195
+ */
37
196
  createdAt: Date;
197
+ /**
198
+ * Last account update timestamp
199
+ */
38
200
  updatedAt: Date;
201
+ /**
202
+ * Soft delete timestamp
203
+ * NULL if account is not deleted
204
+ */
39
205
  deletedAt: Date | null;
40
206
  }
41
207
  //# sourceMappingURL=user.entity.d.ts.map
package/dist/entities/user.entity.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"user.entity.d.ts","sourceRoot":"","sources":["../../src/entities/user.entity.ts"],"names":[],"mappings":"AAUA,qBAAa,QAAQ;IAMnB,EAAE,EAAG,MAAM,CAAC;IAOZ,GAAG,EAAG,MAAM,CAAC;IAKb,QAAQ,EAAG,MAAM,GAAG,IAAI,CAAC;IAKzB,SAAS,EAAG,MAAM,GAAG,IAAI,CAAC;IAK1B,QAAQ,EAAG,MAAM,GAAG,IAAI,CAAC;IAKzB,KAAK,EAAG,MAAM,CAAC;IAKf,KAAK,EAAG,MAAM,GAAG,IAAI,CAAC;IAMtB,YAAY,EAAG,MAAM,GAAG,IAAI,CAAC;IAM7B,iBAAiB,EAAG,IAAI,GAAG,IAAI,CAAC;IAMhC,eAAe,EAAG,MAAM,EAAE,GAAG,IAAI,CAAC;IAOlC,kBAAkB,EAAG,OAAO,CAAC;IAK7B,eAAe,EAAG,OAAO,CAAC;IAK1B,eAAe,EAAG,OAAO,CAAC;IAM1B,QAAQ,EAAG,OAAO,CAAC;IAMnB,QAAQ,EAAG,OAAO,CAAC;IAKnB,UAAU,EAAG,MAAM,GAAG,IAAI,CAAC;IAK3B,QAAQ,EAAG,IAAI,GAAG,IAAI,CAAC;IAKvB,WAAW,EAAG,IAAI,GAAG,IAAI,CAAC;IAK1B,mBAAmB,EAAG,MAAM,CAAC;IAK7B,iBAAiB,EAAG,IAAI,GAAG,IAAI,CAAC;IAKhC,WAAW,EAAG,IAAI,GAAG,IAAI,CAAC;IAK1B,WAAW,EAAG,MAAM,GAAG,IAAI,CAAC;IAK5B,UAAU,EAAG,OAAO,CAAC;IAMrB,UAAU,EAAG,MAAM,EAAE,GAAG,IAAI,CAAC;IAK7B,aAAa,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAM5B,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAM3B,WAAW,EAAG,MAAM,EAAE,GAAG,IAAI,CAAC;IAM9B,kBAAkB,EAAG,MAAM,GAAG,IAAI,CAAC;IAanC,SAAS,CAAC,EAAE,OAAO,CAAC;IAUpB,eAAe,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAShC,kBAAkB,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IASjC,kBAAkB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAOnC,aAAa,EAAG,OAAO,CAAC;IAOxB,eAAe,EAAG,MAAM,EAAE,GAAG,IAAI,CAAC;IAMlC,QAAQ,EAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAK1C,SAAS,EAAG,IAAI,CAAC;IAKjB,SAAS,EAAG,IAAI,CAAC;IAMjB,SAAS,EAAG,IAAI,GAAG,IAAI,CAAC;CACzB"}
1
+ {"version":3,"file":"user.entity.d.ts","sourceRoot":"","sources":["../../src/entities/user.entity.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,qBAAa,QAAQ;IACnB;;;;OAIG;IACH,EAAE,EAAG,MAAM,CAAC;IAEZ;;;;OAIG;IACH,GAAG,EAAG,MAAM,CAAC;IAEb;;OAEG;IACH,QAAQ,EAAG,MAAM,GAAG,IAAI,CAAC;IAEzB;;OAEG;IACH,SAAS,EAAG,MAAM,GAAG,IAAI,CAAC;IAE1B;;OAEG;IACH,QAAQ,EAAG,MAAM,GAAG,IAAI,CAAC;IAEzB;;OAEG;IACH,KAAK,EAAG,MAAM,CAAC;IAEf;;OAEG;IACH,KAAK,EAAG,MAAM,GAAG,IAAI,CAAC;IAEtB;;;OAGG;IACH,YAAY,EAAG,MAAM,GAAG,IAAI,CAAC;IAE7B;;;OAGG;IACH,iBAAiB,EAAG,IAAI,GAAG,IAAI,CAAC;IAEhC;;;OAGG;IACH,eAAe,EAAG,MAAM,EAAE,GAAG,IAAI,CAAC;IAElC;;;;OAIG;IACH,kBAAkB,EAAG,OAAO,CAAC;IAE7B;;OAEG;IACH,eAAe,EAAG,OAAO,CAAC;IAE1B;;OAEG;IACH,eAAe,EAAG,OAAO,CAAC;IAE1B;;;OAGG;IACH,QAAQ,EAAG,OAAO,CAAC;IAEnB;;;OAGG;IACH,QAAQ,EAAG,OAAO,CAAC;IAEnB;;OAEG;IACH,UAAU,EAAG,MAAM,GAAG,IAAI,CAAC;IAE3B;;OAEG;IACH,QAAQ,EAAG,IAAI,GAAG,IAAI,CAAC;IAEvB;;OAEG;IACH,WAAW,EAAG,IAAI,GAAG,IAAI,CAAC;IAE1B;;OAEG;IACH,mBAAmB,EAAG,MAAM,CAAC;IAE7B;;OAEG;IACH,iBAAiB,EAAG,IAAI,GAAG,IAAI,CAAC;IAEhC;;OAEG;IACH,WAAW,EAAG,IAAI,GAAG,IAAI,CAAC;IAE1B;;OAEG;IACH,WAAW,EAAG,MAAM,GAAG,IAAI,CAAC;IAE5B;;OAEG;IACH,UAAU,EAAG,OAAO,CAAC;IAErB;;;OAGG;IACH,UAAU,EAAG,MAAM,EAAE,GAAG,IAAI,CAAC;IAE7B;;OAEG;IACH,aAAa,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAE5B;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE3B;;;OAGG;IACH,WAAW,EAAG,MAAM,EAAE,GAAG,IAAI,CAAC;IAE9B;;;OAGG;IACH,kBAAkB,EAAG,MAAM,GAAG,IAAI,CAAC;IAEnC;;;;;;;;;;OAUG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC;IAEpB;;;;;;;OAOG;IACH,eAAe,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAEhC;;;;;;OAMG;IACH,kBAAkB,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAEjC;;;;;;OAMG;IACH,kBAAkB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAEnC;;;;OAIG;IACH,aAAa,EAAG,OAAO,CAAC;IAExB;;;;OAIG;IACH,eAAe,EAAG,MAAM,EAAE,GAAG,IAAI,CAAC;IAElC;;;OAGG;IACH,QAAQ,EAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAE1C;;OAEG;IACH,SAAS,EAAG,IAAI,CAAC;IAEjB;;OAEG;IACH,SAAS,EAAG,IAAI,CAAC;IAEjB;;;OAGG;IACH,SAAS,EAAG,IAAI,GAAG,IAAI,CAAC;CACzB"}
package/dist/entities/user.entity.js CHANGED
@@ -1,44 +1,210 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.BaseUser = void 0;
4
+ /**
5
+ * Base User Entity
6
+ *
7
+ * Core user authentication record with all fields and business logic.
8
+ * Database adapters extend this class and add ORM-specific decorators.
9
+ *
10
+ * @remarks
11
+ * This class is database-agnostic. TypeORM, Prisma, or other ORMs
12
+ * extend this class in their respective packages.
13
+ */
4
14
  class BaseUser {
15
+ /**
16
+ * Internal database ID (auto-increment integer)
17
+ * Used for foreign key relationships and internal queries
18
+ * NOT exposed externally
19
+ */
5
20
  id;
21
+ /**
22
+ * External user identifier (UUID)
23
+ * Exposed in API responses and JWT tokens as 'sub' (subject)
24
+ * This is what consuming applications should use
25
+ */
6
26
  sub;
27
+ /**
28
+ * User's username (optional, unique if set)
29
+ */
7
30
  username;
31
+ /**
32
+ * User's first name
33
+ */
8
34
  firstName;
35
+ /**
36
+ * User's last name
37
+ */
9
38
  lastName;
39
+ /**
40
+ * User's email address (required, unique)
41
+ */
10
42
  email;
43
+ /**
44
+ * User's phone number in E.164 format (optional)
45
+ */
11
46
  phone;
47
+ /**
48
+ * Hashed password (Argon2)
49
+ * NULL for social-only accounts
50
+ */
12
51
  passwordHash;
52
+ /**
53
+ * When password was last changed
54
+ * Used for password expiry policies
55
+ */
13
56
  passwordChangedAt;
57
+ /**
58
+ * Password history (hashed)
59
+ * Used to prevent password reuse
60
+ */
14
61
  passwordHistory;
62
+ /**
63
+ * Flag to force password change on next login
64
+ * When true, user must complete FORCE_CHANGE_PASSWORD challenge
65
+ * Can be set by admin or by password expiration policy
66
+ */
15
67
  mustChangePassword;
68
+ /**
69
+ * Email verification status
70
+ */
16
71
  isEmailVerified;
72
+ /**
73
+ * Phone verification status
74
+ */
17
75
  isPhoneVerified;
76
+ /**
77
+ * Account active status
78
+ * Inactive accounts cannot login
79
+ */
18
80
  isActive;
81
+ /**
82
+ * Account lock status
83
+ * Locked accounts cannot login until unlocked
84
+ */
19
85
  isLocked;
86
+ /**
87
+ * Reason for account lock
88
+ */
20
89
  lockReason;
90
+ /**
91
+ * When account was locked
92
+ */
21
93
  lockedAt;
94
+ /**
95
+ * When account lock expires (NULL = permanent)
96
+ */
22
97
  lockedUntil;
98
+ /**
99
+ * Number of consecutive failed login attempts
100
+ */
23
101
  failedLoginAttempts;
102
+ /**
103
+ * When last failed login occurred
104
+ */
24
105
  lastFailedLoginAt;
106
+ /**
107
+ * When user last successfully logged in
108
+ */
25
109
  lastLoginAt;
110
+ /**
111
+ * IP address of last successful login
112
+ */
26
113
  lastLoginIp;
114
+ /**
115
+ * MFA enabled status
116
+ */
27
117
  mfaEnabled;
118
+ /**
119
+ * List of enabled MFA methods
120
+ * Examples: ['totp', 'sms', 'passkey']
121
+ */
28
122
  mfaMethods;
123
+ /**
124
+ * When MFA was enforced for this user
125
+ */
29
126
  mfaEnforcedAt;
127
+ /**
128
+ * TOTP secret (encrypted)
129
+ * DEPRECATED: Use MFADevice entity instead
130
+ */
30
131
  totpSecret;
132
+ /**
133
+ * Backup recovery codes (hashed)
134
+ * Single-use codes for account recovery
135
+ */
31
136
  backupCodes;
137
+ /**
138
+ * User's preferred MFA method
139
+ * Used to pre-select MFA method during authentication
140
+ */
32
141
  preferredMfaMethod;
142
+ /**
143
+ * MFA exemption status
144
+ *
145
+ * When true, user is exempt from MFA requirements (both setup and verification).
146
+ * This is an admin-only field and should only be set through admin functions.
147
+ *
148
+ * SECURITY: Exemption only affects MFA - other security measures (account lock,
149
+ * email verification, password change) still apply normally.
150
+ *
151
+ * @default false
152
+ */
33
153
  mfaExempt;
154
+ /**
155
+ * Reason for MFA exemption (optional, for audit trail)
156
+ *
157
+ * Admin should provide reason when granting exemption (e.g., "Internal service account",
158
+ * "Legacy system integration", "Special access approval")
159
+ *
160
+ * @default null
161
+ */
34
162
  mfaExemptReason;
163
+ /**
164
+ * When MFA exemption was granted
165
+ *
166
+ * Used for audit trail and potentially for expiration logic in future.
167
+ *
168
+ * @default null
169
+ */
35
170
  mfaExemptGrantedAt;
171
+ /**
172
+ * Who granted the MFA exemption (optional, admin identifier)
173
+ *
174
+ * For audit trail - store admin user ID or identifier who granted exemption.
175
+ *
176
+ * @default null
177
+ */
36
178
  mfaExemptGrantedBy;
179
+ /**
180
+ * Optimization flag: indicates if user has any social authentication methods
181
+ * Prevents unnecessary joins for password-only users (80%+ of users)
182
+ * Updated automatically when social accounts are linked/unlinked
183
+ */
37
184
  hasSocialAuth;
185
+ /**
186
+ * Array of social providers linked to this account
187
+ * Examples: ['google', 'apple', 'facebook']
188
+ * Updated automatically when social accounts are linked/unlinked
189
+ */
38
190
  socialProviders;
191
+ /**
192
+ * Additional user metadata (JSON)
193
+ * For custom application-specific data
194
+ */
39
195
  metadata;
196
+ /**
197
+ * Account creation timestamp
198
+ */
40
199
  createdAt;
200
+ /**
201
+ * Last account update timestamp
202
+ */
41
203
  updatedAt;
204
+ /**
205
+ * Soft delete timestamp
206
+ * NULL if account is not deleted
207
+ */
42
208
  deletedAt;
43
209
  }
44
210
  exports.BaseUser = BaseUser;
package/dist/entities/user.entity.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"user.entity.js","sourceRoot":"","sources":["../../src/entities/user.entity.ts"],"names":[],"mappings":";;;AAUA,MAAa,QAAQ;IAMnB,EAAE,CAAU;IAOZ,GAAG,CAAU;IAKb,QAAQ,CAAiB;IAKzB,SAAS,CAAiB;IAK1B,QAAQ,CAAiB;IAKzB,KAAK,CAAU;IAKf,KAAK,CAAiB;IAMtB,YAAY,CAAiB;IAM7B,iBAAiB,CAAe;IAMhC,eAAe,CAAmB;IAOlC,kBAAkB,CAAW;IAK7B,eAAe,CAAW;IAK1B,eAAe,CAAW;IAM1B,QAAQ,CAAW;IAMnB,QAAQ,CAAW;IAKnB,UAAU,CAAiB;IAK3B,QAAQ,CAAe;IAKvB,WAAW,CAAe;IAK1B,mBAAmB,CAAU;IAK7B,iBAAiB,CAAe;IAKhC,WAAW,CAAe;IAK1B,WAAW,CAAiB;IAK5B,UAAU,CAAW;IAMrB,UAAU,CAAmB;IAK7B,aAAa,CAAe;IAM5B,UAAU,CAAiB;IAM3B,WAAW,CAAmB;IAM9B,kBAAkB,CAAiB;IAanC,SAAS,CAAW;IAUpB,eAAe,CAAiB;IAShC,kBAAkB,CAAe;IASjC,kBAAkB,CAAiB;IAOnC,aAAa,CAAW;IAOxB,eAAe,CAAmB;IAMlC,QAAQ,CAAkC;IAK1C,SAAS,CAAQ;IAKjB,SAAS,CAAQ;IAMjB,SAAS,CAAe;CACzB;AAxOD,4BAwOC"}
1
+ {"version":3,"file":"user.entity.js","sourceRoot":"","sources":["../../src/entities/user.entity.ts"],"names":[],"mappings":";;;AAAA;;;;;;;;;GASG;AACH,MAAa,QAAQ;IACnB;;;;OAIG;IACH,EAAE,CAAU;IAEZ;;;;OAIG;IACH,GAAG,CAAU;IAEb;;OAEG;IACH,QAAQ,CAAiB;IAEzB;;OAEG;IACH,SAAS,CAAiB;IAE1B;;OAEG;IACH,QAAQ,CAAiB;IAEzB;;OAEG;IACH,KAAK,CAAU;IAEf;;OAEG;IACH,KAAK,CAAiB;IAEtB;;;OAGG;IACH,YAAY,CAAiB;IAE7B;;;OAGG;IACH,iBAAiB,CAAe;IAEhC;;;OAGG;IACH,eAAe,CAAmB;IAElC;;;;OAIG;IACH,kBAAkB,CAAW;IAE7B;;OAEG;IACH,eAAe,CAAW;IAE1B;;OAEG;IACH,eAAe,CAAW;IAE1B;;;OAGG;IACH,QAAQ,CAAW;IAEnB;;;OAGG;IACH,QAAQ,CAAW;IAEnB;;OAEG;IACH,UAAU,CAAiB;IAE3B;;OAEG;IACH,QAAQ,CAAe;IAEvB;;OAEG;IACH,WAAW,CAAe;IAE1B;;OAEG;IACH,mBAAmB,CAAU;IAE7B;;OAEG;IACH,iBAAiB,CAAe;IAEhC;;OAEG;IACH,WAAW,CAAe;IAE1B;;OAEG;IACH,WAAW,CAAiB;IAE5B;;OAEG;IACH,UAAU,CAAW;IAErB;;;OAGG;IACH,UAAU,CAAmB;IAE7B;;OAEG;IACH,aAAa,CAAe;IAE5B;;;OAGG;IACH,UAAU,CAAiB;IAE3B;;;OAGG;IACH,WAAW,CAAmB;IAE9B;;;OAGG;IACH,kBAAkB,CAAiB;IAEnC;;;;;;;;;;OAUG;IACH,SAAS,CAAW;IAEpB;;;;;;;OAOG;IACH,eAAe,CAAiB;IAEhC;;;;;;OAMG;IACH,kBAAkB,CAAe;IAEjC;;;;;;OAMG;IACH,kBAAkB,CAAiB;IAEnC;;;;OAIG;IACH,aAAa,CAAW;IAExB;;;;OAIG;IACH,eAAe,CAAmB;IAElC;;;OAGG;IACH,QAAQ,CAAkC;IAE1C;;OAEG;IACH,SAAS,CAAQ;IAEjB;;OAEG;IACH,SAAS,CAAQ;IAEjB;;;OAGG;IACH,SAAS,CAAe;CACzB;AAxOD,4BAwOC"}
package/dist/entities/verification-token.entity.d.ts CHANGED
@@ -1,19 +1,121 @@
1
+ /**
2
+ * Base Verification Token Entity
3
+ *
4
+ * Stores email/phone verification codes and password reset tokens.
5
+ * Supports multiple verification types with expiry and attempt tracking.
6
+ * Database adapters extend this class and add ORM-specific decorators.
7
+ *
8
+ * @remarks
9
+ * This class is database-agnostic. TypeORM, Prisma, or other ORMs
10
+ * extend this class in their respective packages.
11
+ */
1
12
  export declare class BaseVerificationToken {
13
+ /**
14
+ * Internal verification token ID (auto-increment integer)
15
+ */
2
16
  id: number;
17
+ /**
18
+ * Internal user ID (foreign key to users table)
19
+ * Uses integer for optimal performance
20
+ */
3
21
  userId: number;
22
+ /**
23
+ * Challenge session ID (foreign key to challenge sessions table)
24
+ * Links verification token to specific challenge session for security.
25
+ * Prevents old tokens from being used with new challenge sessions.
26
+ * NULL for password reset tokens (not tied to challenges)
27
+ */
4
28
  challengeSessionId?: number | null;
29
+ /**
30
+ * Token type
31
+ * - 'email': Email verification
32
+ * - 'phone': Phone verification
33
+ * - 'password_reset': Password reset
34
+ */
5
35
  type: 'email' | 'phone' | 'password_reset';
36
+ /**
37
+ * Verification token (hashed for security)
38
+ * Used for magic links and password reset
39
+ */
6
40
  token: string;
41
+ /**
42
+ * Verification code (for email/SMS OTP)
43
+ * Usually 6 digits, stored as string for flexibility
44
+ */
7
45
  code?: string | null;
46
+ /**
47
+ * Token expiration timestamp
48
+ * After this time, token/code is invalid
49
+ */
8
50
  expiresAt: Date;
51
+ /**
52
+ * Number of failed verification attempts
53
+ * Used to prevent brute force attacks
54
+ */
9
55
  attempts: number;
56
+ /**
57
+ * When token was successfully used
58
+ * NULL if not yet used
59
+ */
10
60
  usedAt?: Date | null;
61
+ /**
62
+ * IP address when token was created
63
+ * For security auditing
64
+ */
11
65
  ipAddress?: string | null;
66
+ /**
67
+ * User agent when token was created
68
+ * For security auditing
69
+ */
12
70
  userAgent?: string | null;
71
+ /**
72
+ * Additional metadata (JSON)
73
+ * For storing additional verification-specific data
74
+ */
13
75
  metadata?: Record<string, unknown> | null;
76
+ /**
77
+ * Creation timestamp
78
+ */
14
79
  createdAt: Date;
80
+ /**
81
+ * Check if token is expired
82
+ *
83
+ * @returns true if token is expired
84
+ *
85
+ * @example
86
+ * ```typescript
87
+ * if (token.isExpired()) {
88
+ * throw new Error('Verification code has expired');
89
+ * }
90
+ * ```
91
+ */
15
92
  isExpired(): boolean;
93
+ /**
94
+ * Check if token has been used
95
+ *
96
+ * @returns true if token has been used
97
+ *
98
+ * @example
99
+ * ```typescript
100
+ * if (token.isUsed()) {
101
+ * throw new Error('Verification code has already been used');
102
+ * }
103
+ * ```
104
+ */
16
105
  isUsed(): boolean;
106
+ /**
107
+ * Check if max attempts exceeded
108
+ *
109
+ * @param maxAttempts - Maximum allowed attempts
110
+ * @returns true if max attempts exceeded
111
+ *
112
+ * @example
113
+ * ```typescript
114
+ * if (token.maxAttemptsExceeded(3)) {
115
+ * throw new Error('Too many failed attempts');
116
+ * }
117
+ * ```
118
+ */
17
119
  maxAttemptsExceeded(maxAttempts: number): boolean;
18
120
  }
19
121
  //# sourceMappingURL=verification-token.entity.d.ts.map
package/dist/entities/verification-token.entity.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"verification-token.entity.d.ts","sourceRoot":"","sources":["../../src/entities/verification-token.entity.ts"],"names":[],"mappings":"AAWA,qBAAa,qBAAqB;IAIhC,EAAE,EAAG,MAAM,CAAC;IAMZ,MAAM,EAAG,MAAM,CAAC;IAQhB,kBAAkB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAQnC,IAAI,EAAG,OAAO,GAAG,OAAO,GAAG,gBAAgB,CAAC;IAM5C,KAAK,EAAG,MAAM,CAAC;IAMf,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAMrB,SAAS,EAAG,IAAI,CAAC;IAMjB,QAAQ,EAAG,MAAM,CAAC;IAMlB,MAAM,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAMrB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAM1B,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAM1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAK1C,SAAS,EAAG,IAAI,CAAC;IAcjB,SAAS,IAAI,OAAO;IAgBpB,MAAM,IAAI,OAAO;IAiBjB,mBAAmB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO;CAGlD"}
1
+ {"version":3,"file":"verification-token.entity.d.ts","sourceRoot":"","sources":["../../src/entities/verification-token.entity.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,qBAAa,qBAAqB;IAChC;;OAEG;IACH,EAAE,EAAG,MAAM,CAAC;IAEZ;;;OAGG;IACH,MAAM,EAAG,MAAM,CAAC;IAEhB;;;;;OAKG;IACH,kBAAkB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAEnC;;;;;OAKG;IACH,IAAI,EAAG,OAAO,GAAG,OAAO,GAAG,gBAAgB,CAAC;IAE5C;;;OAGG;IACH,KAAK,EAAG,MAAM,CAAC;IAEf;;;OAGG;IACH,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAErB;;;OAGG;IACH,SAAS,EAAG,IAAI,CAAC;IAEjB;;;OAGG;IACH,QAAQ,EAAG,MAAM,CAAC;IAElB;;;OAGG;IACH,MAAM,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAErB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE1B;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE1B;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAE1C;;OAEG;IACH,SAAS,EAAG,IAAI,CAAC;IAEjB;;;;;;;;;;;OAWG;IACH,SAAS,IAAI,OAAO;IAIpB;;;;;;;;;;;OAWG;IACH,MAAM,IAAI,OAAO;IAIjB;;;;;;;;;;;;OAYG;IACH,mBAAmB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO;CAGlD"}
package/dist/entities/verification-token.entity.js CHANGED
@@ -1,26 +1,128 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.BaseVerificationToken = void 0;
4
+ /**
5
+ * Base Verification Token Entity
6
+ *
7
+ * Stores email/phone verification codes and password reset tokens.
8
+ * Supports multiple verification types with expiry and attempt tracking.
9
+ * Database adapters extend this class and add ORM-specific decorators.
10
+ *
11
+ * @remarks
12
+ * This class is database-agnostic. TypeORM, Prisma, or other ORMs
13
+ * extend this class in their respective packages.
14
+ */
4
15
  class BaseVerificationToken {
16
+ /**
17
+ * Internal verification token ID (auto-increment integer)
18
+ */
5
19
  id;
20
+ /**
21
+ * Internal user ID (foreign key to users table)
22
+ * Uses integer for optimal performance
23
+ */
6
24
  userId;
25
+ /**
26
+ * Challenge session ID (foreign key to challenge sessions table)
27
+ * Links verification token to specific challenge session for security.
28
+ * Prevents old tokens from being used with new challenge sessions.
29
+ * NULL for password reset tokens (not tied to challenges)
30
+ */
7
31
  challengeSessionId;
32
+ /**
33
+ * Token type
34
+ * - 'email': Email verification
35
+ * - 'phone': Phone verification
36
+ * - 'password_reset': Password reset
37
+ */
8
38
  type;
39
+ /**
40
+ * Verification token (hashed for security)
41
+ * Used for magic links and password reset
42
+ */
9
43
  token;
44
+ /**
45
+ * Verification code (for email/SMS OTP)
46
+ * Usually 6 digits, stored as string for flexibility
47
+ */
10
48
  code;
49
+ /**
50
+ * Token expiration timestamp
51
+ * After this time, token/code is invalid
52
+ */
11
53
  expiresAt;
54
+ /**
55
+ * Number of failed verification attempts
56
+ * Used to prevent brute force attacks
57
+ */
12
58
  attempts;
59
+ /**
60
+ * When token was successfully used
61
+ * NULL if not yet used
62
+ */
13
63
  usedAt;
64
+ /**
65
+ * IP address when token was created
66
+ * For security auditing
67
+ */
14
68
  ipAddress;
69
+ /**
70
+ * User agent when token was created
71
+ * For security auditing
72
+ */
15
73
  userAgent;
74
+ /**
75
+ * Additional metadata (JSON)
76
+ * For storing additional verification-specific data
77
+ */
16
78
  metadata;
79
+ /**
80
+ * Creation timestamp
81
+ */
17
82
  createdAt;
83
+ /**
84
+ * Check if token is expired
85
+ *
86
+ * @returns true if token is expired
87
+ *
88
+ * @example
89
+ * ```typescript
90
+ * if (token.isExpired()) {
91
+ * throw new Error('Verification code has expired');
92
+ * }
93
+ * ```
94
+ */
18
95
  isExpired() {
19
96
  return new Date() > this.expiresAt;
20
97
  }
98
+ /**
99
+ * Check if token has been used
100
+ *
101
+ * @returns true if token has been used
102
+ *
103
+ * @example
104
+ * ```typescript
105
+ * if (token.isUsed()) {
106
+ * throw new Error('Verification code has already been used');
107
+ * }
108
+ * ```
109
+ */
21
110
  isUsed() {
22
111
  return this.usedAt !== null && this.usedAt !== undefined;
23
112
  }
113
+ /**
114
+ * Check if max attempts exceeded
115
+ *
116
+ * @param maxAttempts - Maximum allowed attempts
117
+ * @returns true if max attempts exceeded
118
+ *
119
+ * @example
120
+ * ```typescript
121
+ * if (token.maxAttemptsExceeded(3)) {
122
+ * throw new Error('Too many failed attempts');
123
+ * }
124
+ * ```
125
+ */
24
126
  maxAttemptsExceeded(maxAttempts) {
25
127
  return this.attempts >= maxAttempts;
26
128
  }
package/dist/entities/verification-token.entity.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"verification-token.entity.js","sourceRoot":"","sources":["../../src/entities/verification-token.entity.ts"],"names":[],"mappings":";;;AAWA,MAAa,qBAAqB;IAIhC,EAAE,CAAU;IAMZ,MAAM,CAAU;IAQhB,kBAAkB,CAAiB;IAQnC,IAAI,CAAwC;IAM5C,KAAK,CAAU;IAMf,IAAI,CAAiB;IAMrB,SAAS,CAAQ;IAMjB,QAAQ,CAAU;IAMlB,MAAM,CAAe;IAMrB,SAAS,CAAiB;IAM1B,SAAS,CAAiB;IAM1B,QAAQ,CAAkC;IAK1C,SAAS,CAAQ;IAcjB,SAAS;QACP,OAAO,IAAI,IAAI,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC;IACrC,CAAC;IAcD,MAAM;QACJ,OAAO,IAAI,CAAC,MAAM,KAAK,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,CAAC;IAC3D,CAAC;IAeD,mBAAmB,CAAC,WAAmB;QACrC,OAAO,IAAI,CAAC,QAAQ,IAAI,WAAW,CAAC;IACtC,CAAC;CACF;AAjID,sDAiIC"}
1
+ {"version":3,"file":"verification-token.entity.js","sourceRoot":"","sources":["../../src/entities/verification-token.entity.ts"],"names":[],"mappings":";;;AAAA;;;;;;;;;;GAUG;AACH,MAAa,qBAAqB;IAChC;;OAEG;IACH,EAAE,CAAU;IAEZ;;;OAGG;IACH,MAAM,CAAU;IAEhB;;;;;OAKG;IACH,kBAAkB,CAAiB;IAEnC;;;;;OAKG;IACH,IAAI,CAAwC;IAE5C;;;OAGG;IACH,KAAK,CAAU;IAEf;;;OAGG;IACH,IAAI,CAAiB;IAErB;;;OAGG;IACH,SAAS,CAAQ;IAEjB;;;OAGG;IACH,QAAQ,CAAU;IAElB;;;OAGG;IACH,MAAM,CAAe;IAErB;;;OAGG;IACH,SAAS,CAAiB;IAE1B;;;OAGG;IACH,SAAS,CAAiB;IAE1B;;;OAGG;IACH,QAAQ,CAAkC;IAE1C;;OAEG;IACH,SAAS,CAAQ;IAEjB;;;;;;;;;;;OAWG;IACH,SAAS;QACP,OAAO,IAAI,IAAI,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC;IACrC,CAAC;IAED;;;;;;;;;;;OAWG;IACH,MAAM;QACJ,OAAO,IAAI,CAAC,MAAM,KAAK,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,CAAC;IAC3D,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,mBAAmB,CAAC,WAAmB;QACrC,OAAO,IAAI,CAAC,QAAQ,IAAI,WAAW,CAAC;IACtC,CAAC;CACF;AAjID,sDAiIC"}