@nauth-toolkit/core 0.1.13 → 0.1.17

package/dist/dto/get-ip-address-response.dto.js

@@ -1,7 +1,27 @@
 "use strict";
+/**
+ * Response DTO for getting IP address
+ *
+ * Used to return just the IP address from the current request context.
+ *
+ * @example
+ * ```typescript
+ * const result = await clientInfoService.getIpAddress();
+ * // Returns: { ipAddress: '192.168.1.100' }
+ * ```
+ */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.GetIpAddressResponseDTO = void 0;
+/**
+ * Response DTO for IP address
+ */
 class GetIpAddressResponseDTO {
+    /**
+     * Client IP address
+     *
+     * Extracted from X-Forwarded-For, CF-Connecting-IP, etc.
+     * Returns 'unknown' if called outside request context.
+     */
     ipAddress;
 }
 exports.GetIpAddressResponseDTO = GetIpAddressResponseDTO;

package/dist/dto/get-ip-address-response.dto.js.map

@@ -1 +1 @@
-{"version":3,"file":"get-ip-address-response.dto.js","sourceRoot":"","sources":["../../src/dto/get-ip-address-response.dto.ts"],"names":[],"mappings":";;;AAeA,MAAa,uBAAuB;IAOlC,SAAS,CAAU;CACpB;AARD,0DAQC"}
+{"version":3,"file":"get-ip-address-response.dto.js","sourceRoot":"","sources":["../../src/dto/get-ip-address-response.dto.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;GAUG;;;AAEH;;GAEG;AACH,MAAa,uBAAuB;IAClC;;;;;OAKG;IACH,SAAS,CAAU;CACpB;AARD,0DAQC"}

package/dist/dto/get-mfa-status.dto.d.ts

@@ -1,16 +1,75 @@
+/**
+ * DTO for getting MFA status
+ *
+ * Used to retrieve comprehensive MFA status for a user including enabled status,
+ * configured methods, available methods, backup codes, and exemption information.
+ *
+ * @example
+ * ```typescript
+ * const status = await mfaService.getMFAStatus({
+ *   sub: 'user-uuid'
+ * });
+ * ```
+ */
 import { MFADeviceMethod } from '../enums/mfa-method.enum';
+/**
+ * DTO for getting MFA status
+ */
 export declare class GetMFAStatusDTO {
+    /**
+     * User's unique identifier (UUID v4)
+     *
+     * Validation:
+     * - Must be a valid UUID v4 format
+     * - Matches DB constraint: char(36) or uuid
+     *
+     * Sanitization:
+     * - Trimmed
+     * - Lowercased for consistency
+     *
+     * @example "a21b654c-2746-4168-acee-c175083a65cd"
+     */
     sub: string;
 }
+/**
+ * Response DTO for MFA status
+ */
 export declare class GetMFAStatusResponseDTO {
+    /**
+     * Whether MFA is enabled for the user
+     */
     enabled: boolean;
+    /**
+     * Whether MFA is required (enabled and has configured devices)
+     */
     required: boolean;
+    /**
+     * Array of configured MFA device methods
+     */
     configuredMethods: Array<MFADeviceMethod>;
+    /**
+     * Array of available MFA methods that can be set up
+     */
     availableMethods: Array<string>;
+    /**
+     * Whether user has backup codes
+     */
     hasBackupCodes: boolean;
+    /**
+     * Preferred MFA method (if set)
+     */
     preferredMethod?: MFADeviceMethod;
+    /**
+     * Whether user is exempt from MFA requirements
+     */
     mfaExempt: boolean;
+    /**
+     * Reason for MFA exemption (if exempt)
+     */
     mfaExemptReason: string | null;
+    /**
+     * Date when MFA exemption was granted (if exempt)
+     */
     mfaExemptGrantedAt: Date | null;
 }
 //# sourceMappingURL=get-mfa-status.dto.d.ts.map

package/dist/dto/get-mfa-status.dto.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"get-mfa-status.dto.d.ts","sourceRoot":"","sources":["../../src/dto/get-mfa-status.dto.ts"],"names":[],"mappings":"AAgBA,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAK3D,qBAAa,eAAe;IAqB1B,GAAG,EAAG,MAAM,CAAC;CACd;AAKD,qBAAa,uBAAuB;IAIlC,OAAO,EAAG,OAAO,CAAC;IAKlB,QAAQ,EAAG,OAAO,CAAC;IAKnB,iBAAiB,EAAG,KAAK,CAAC,eAAe,CAAC,CAAC;IAK3C,gBAAgB,EAAG,KAAK,CAAC,MAAM,CAAC,CAAC;IAKjC,cAAc,EAAG,OAAO,CAAC;IAKzB,eAAe,CAAC,EAAE,eAAe,CAAC;IAKlC,SAAS,EAAG,OAAO,CAAC;IAKpB,eAAe,EAAG,MAAM,GAAG,IAAI,CAAC;IAKhC,kBAAkB,EAAG,IAAI,GAAG,IAAI,CAAC;CAClC"}
+{"version":3,"file":"get-mfa-status.dto.d.ts","sourceRoot":"","sources":["../../src/dto/get-mfa-status.dto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAIH,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAE3D;;GAEG;AACH,qBAAa,eAAe;IAC1B;;;;;;;;;;;;OAYG;IAQH,GAAG,EAAG,MAAM,CAAC;CACd;AAED;;GAEG;AACH,qBAAa,uBAAuB;IAClC;;OAEG;IACH,OAAO,EAAG,OAAO,CAAC;IAElB;;OAEG;IACH,QAAQ,EAAG,OAAO,CAAC;IAEnB;;OAEG;IACH,iBAAiB,EAAG,KAAK,CAAC,eAAe,CAAC,CAAC;IAE3C;;OAEG;IACH,gBAAgB,EAAG,KAAK,CAAC,MAAM,CAAC,CAAC;IAEjC;;OAEG;IACH,cAAc,EAAG,OAAO,CAAC;IAEzB;;OAEG;IACH,eAAe,CAAC,EAAE,eAAe,CAAC;IAElC;;OAEG;IACH,SAAS,EAAG,OAAO,CAAC;IAEpB;;OAEG;IACH,eAAe,EAAG,MAAM,GAAG,IAAI,CAAC;IAEhC;;OAEG;IACH,kBAAkB,EAAG,IAAI,GAAG,IAAI,CAAC;CAClC"}

package/dist/dto/get-mfa-status.dto.js

@@ -1,4 +1,17 @@
 "use strict";
+/**
+ * DTO for getting MFA status
+ *
+ * Used to retrieve comprehensive MFA status for a user including enabled status,
+ * configured methods, available methods, backup codes, and exemption information.
+ *
+ * @example
+ * ```typescript
+ * const status = await mfaService.getMFAStatus({
+ *   sub: 'user-uuid'
+ * });
+ * ```
+ */
 var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
     var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
     if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
@@ -12,7 +25,23 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.GetMFAStatusResponseDTO = exports.GetMFAStatusDTO = void 0;
 const class_validator_1 = require("class-validator");
 const class_transformer_1 = require("class-transformer");
+/**
+ * DTO for getting MFA status
+ */
 class GetMFAStatusDTO {
+    /**
+     * User's unique identifier (UUID v4)
+     *
+     * Validation:
+     * - Must be a valid UUID v4 format
+     * - Matches DB constraint: char(36) or uuid
+     *
+     * Sanitization:
+     * - Trimmed
+     * - Lowercased for consistency
+     *
+     * @example "a21b654c-2746-4168-acee-c175083a65cd"
+     */
     sub;
 }
 exports.GetMFAStatusDTO = GetMFAStatusDTO;
@@ -26,15 +55,45 @@ __decorate([
     }),
     __metadata("design:type", String)
 ], GetMFAStatusDTO.prototype, "sub", void 0);
+/**
+ * Response DTO for MFA status
+ */
 class GetMFAStatusResponseDTO {
+    /**
+     * Whether MFA is enabled for the user
+     */
     enabled;
+    /**
+     * Whether MFA is required (enabled and has configured devices)
+     */
     required;
+    /**
+     * Array of configured MFA device methods
+     */
     configuredMethods;
+    /**
+     * Array of available MFA methods that can be set up
+     */
     availableMethods;
+    /**
+     * Whether user has backup codes
+     */
     hasBackupCodes;
+    /**
+     * Preferred MFA method (if set)
+     */
     preferredMethod;
+    /**
+     * Whether user is exempt from MFA requirements
+     */
     mfaExempt;
+    /**
+     * Reason for MFA exemption (if exempt)
+     */
     mfaExemptReason;
+    /**
+     * Date when MFA exemption was granted (if exempt)
+     */
     mfaExemptGrantedAt;
 }
 exports.GetMFAStatusResponseDTO = GetMFAStatusResponseDTO;

package/dist/dto/get-mfa-status.dto.js.map

@@ -1 +1 @@
-{"version":3,"file":"get-mfa-status.dto.js","sourceRoot":"","sources":["../../src/dto/get-mfa-status.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAcA,qDAAyC;AACzC,yDAA8C;AAM9C,MAAa,eAAe;IAqB1B,GAAG,CAAU;CACd;AAtBD,0CAsBC;AADC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,yCAAyC,EAAE,CAAC;IACnE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;4CACW;AAMf,MAAa,uBAAuB;IAIlC,OAAO,CAAW;IAKlB,QAAQ,CAAW;IAKnB,iBAAiB,CAA0B;IAK3C,gBAAgB,CAAiB;IAKjC,cAAc,CAAW;IAKzB,eAAe,CAAmB;IAKlC,SAAS,CAAW;IAKpB,eAAe,CAAiB;IAKhC,kBAAkB,CAAe;CAClC;AA7CD,0DA6CC"}
+{"version":3,"file":"get-mfa-status.dto.js","sourceRoot":"","sources":["../../src/dto/get-mfa-status.dto.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;GAYG;;;;;;;;;;;;AAEH,qDAAyC;AACzC,yDAA8C;AAG9C;;GAEG;AACH,MAAa,eAAe;IAC1B;;;;;;;;;;;;OAYG;IAQH,GAAG,CAAU;CACd;AAtBD,0CAsBC;AADC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,yCAAyC,EAAE,CAAC;IACnE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;4CACW;AAGf;;GAEG;AACH,MAAa,uBAAuB;IAClC;;OAEG;IACH,OAAO,CAAW;IAElB;;OAEG;IACH,QAAQ,CAAW;IAEnB;;OAEG;IACH,iBAAiB,CAA0B;IAE3C;;OAEG;IACH,gBAAgB,CAAiB;IAEjC;;OAEG;IACH,cAAc,CAAW;IAEzB;;OAEG;IACH,eAAe,CAAmB;IAElC;;OAEG;IACH,SAAS,CAAW;IAEpB;;OAEG;IACH,eAAe,CAAiB;IAEhC;;OAEG;IACH,kBAAkB,CAAe;CAClC;AA7CD,0DA6CC"}

package/dist/dto/get-risk-assessment-history.dto.d.ts

@@ -1,9 +1,37 @@
 import { IAuthAudit } from '../interfaces/entities.interface';
+/**
+ * Request DTO for getting risk assessment history
+ *
+ * Returns events where risk assessment was performed (ADAPTIVE_MFA_RISK_ASSESSED,
+ * ADAPTIVE_MFA_TRIGGERED, ADAPTIVE_MFA_BYPASSED).
+ *
+ * @example
+ * ```typescript
+ * const result = await auditService.getRiskAssessmentHistory({
+ *   userSub: 'user-uuid',
+ *   limit: 50,
+ * });
+ * ```
+ */
 export declare class GetRiskAssessmentHistoryDTO {
+    /**
+     * User identifier
+     */
     userSub: string;
+    /**
+     * Maximum number of records to return
+     *
+     * @default 100
+     */
     limit?: number;
 }
+/**
+ * Response DTO for risk assessment history
+ */
 export declare class GetRiskAssessmentHistoryResponseDTO {
+    /**
+     * Array of risk assessment audit events
+     */
     data: IAuthAudit[];
 }
 //# sourceMappingURL=get-risk-assessment-history.dto.d.ts.map

package/dist/dto/get-risk-assessment-history.dto.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"get-risk-assessment-history.dto.d.ts","sourceRoot":"","sources":["../../src/dto/get-risk-assessment-history.dto.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,kCAAkC,CAAC;AAgB9D,qBAAa,2BAA2B;IAItC,OAAO,EAAG,MAAM,CAAC;IAOjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAKD,qBAAa,mCAAmC;IAI9C,IAAI,EAAG,UAAU,EAAE,CAAC;CACrB"}
+{"version":3,"file":"get-risk-assessment-history.dto.d.ts","sourceRoot":"","sources":["../../src/dto/get-risk-assessment-history.dto.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,kCAAkC,CAAC;AAE9D;;;;;;;;;;;;;GAaG;AACH,qBAAa,2BAA2B;IACtC;;OAEG;IACH,OAAO,EAAG,MAAM,CAAC;IAEjB;;;;OAIG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,qBAAa,mCAAmC;IAC9C;;OAEG;IACH,IAAI,EAAG,UAAU,EAAE,CAAC;CACrB"}

package/dist/dto/get-risk-assessment-history.dto.js

@@ -1,12 +1,40 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.GetRiskAssessmentHistoryResponseDTO = exports.GetRiskAssessmentHistoryDTO = void 0;
+/**
+ * Request DTO for getting risk assessment history
+ *
+ * Returns events where risk assessment was performed (ADAPTIVE_MFA_RISK_ASSESSED,
+ * ADAPTIVE_MFA_TRIGGERED, ADAPTIVE_MFA_BYPASSED).
+ *
+ * @example
+ * ```typescript
+ * const result = await auditService.getRiskAssessmentHistory({
+ *   userSub: 'user-uuid',
+ *   limit: 50,
+ * });
+ * ```
+ */
 class GetRiskAssessmentHistoryDTO {
+    /**
+     * User identifier
+     */
     userSub;
+    /**
+     * Maximum number of records to return
+     *
+     * @default 100
+     */
     limit;
 }
 exports.GetRiskAssessmentHistoryDTO = GetRiskAssessmentHistoryDTO;
+/**
+ * Response DTO for risk assessment history
+ */
 class GetRiskAssessmentHistoryResponseDTO {
+    /**
+     * Array of risk assessment audit events
+     */
     data;
 }
 exports.GetRiskAssessmentHistoryResponseDTO = GetRiskAssessmentHistoryResponseDTO;

package/dist/dto/get-risk-assessment-history.dto.js.map

@@ -1 +1 @@
-{"version":3,"file":"get-risk-assessment-history.dto.js","sourceRoot":"","sources":["../../src/dto/get-risk-assessment-history.dto.ts"],"names":[],"mappings":";;;AAgBA,MAAa,2BAA2B;IAItC,OAAO,CAAU;IAOjB,KAAK,CAAU;CAChB;AAZD,kEAYC;AAKD,MAAa,mCAAmC;IAI9C,IAAI,CAAgB;CACrB;AALD,kFAKC"}
+{"version":3,"file":"get-risk-assessment-history.dto.js","sourceRoot":"","sources":["../../src/dto/get-risk-assessment-history.dto.ts"],"names":[],"mappings":";;;AAEA;;;;;;;;;;;;;GAaG;AACH,MAAa,2BAA2B;IACtC;;OAEG;IACH,OAAO,CAAU;IAEjB;;;;OAIG;IACH,KAAK,CAAU;CAChB;AAZD,kEAYC;AAED;;GAEG;AACH,MAAa,mCAAmC;IAC9C;;OAEG;IACH,IAAI,CAAgB;CACrB;AALD,kFAKC"}

package/dist/dto/get-session-id-response.dto.d.ts

@@ -1,4 +1,25 @@
+/**
+ * Response DTO for getting session ID
+ *
+ * Used to return just the session ID from the current request context.
+ * Session ID is extracted from JWT token payload after authentication.
+ *
+ * @example
+ * ```typescript
+ * const result = await clientInfoService.getSessionId();
+ * // Returns: { sessionId: 123 } or { sessionId: undefined }
+ * ```
+ */
+/**
+ * Response DTO for session ID
+ */
 export declare class GetSessionIdResponseDTO {
+    /**
+     * Current session ID (if available from authenticated request)
+     *
+     * Extracted from JWT token payload after authentication.
+     * Optional - undefined if not available.
+     */
     sessionId?: number;
 }
 //# sourceMappingURL=get-session-id-response.dto.d.ts.map

package/dist/dto/get-session-id-response.dto.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"get-session-id-response.dto.d.ts","sourceRoot":"","sources":["../../src/dto/get-session-id-response.dto.ts"],"names":[],"mappings":"AAgBA,qBAAa,uBAAuB;IAOlC,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB"}
+{"version":3,"file":"get-session-id-response.dto.d.ts","sourceRoot":"","sources":["../../src/dto/get-session-id-response.dto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH;;GAEG;AACH,qBAAa,uBAAuB;IAClC;;;;;OAKG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB"}

package/dist/dto/get-session-id-response.dto.js

@@ -1,7 +1,28 @@
 "use strict";
+/**
+ * Response DTO for getting session ID
+ *
+ * Used to return just the session ID from the current request context.
+ * Session ID is extracted from JWT token payload after authentication.
+ *
+ * @example
+ * ```typescript
+ * const result = await clientInfoService.getSessionId();
+ * // Returns: { sessionId: 123 } or { sessionId: undefined }
+ * ```
+ */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.GetSessionIdResponseDTO = void 0;
+/**
+ * Response DTO for session ID
+ */
 class GetSessionIdResponseDTO {
+    /**
+     * Current session ID (if available from authenticated request)
+     *
+     * Extracted from JWT token payload after authentication.
+     * Optional - undefined if not available.
+     */
     sessionId;
 }
 exports.GetSessionIdResponseDTO = GetSessionIdResponseDTO;

package/dist/dto/get-session-id-response.dto.js.map

@@ -1 +1 @@
-{"version":3,"file":"get-session-id-response.dto.js","sourceRoot":"","sources":["../../src/dto/get-session-id-response.dto.ts"],"names":[],"mappings":";;;AAgBA,MAAa,uBAAuB;IAOlC,SAAS,CAAU;CACpB;AARD,0DAQC"}
+{"version":3,"file":"get-session-id-response.dto.js","sourceRoot":"","sources":["../../src/dto/get-session-id-response.dto.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;AAEH;;GAEG;AACH,MAAa,uBAAuB;IAClC;;;;;OAKG;IACH,SAAS,CAAU;CACpB;AARD,0DAQC"}

package/dist/dto/get-setup-data-response.dto.d.ts

@@ -1,4 +1,31 @@
+/**
+ * Response DTO for getting MFA setup data
+ *
+ * Used to return method-specific setup data during MFA enrollment.
+ * Structure varies by method (TOTP returns QR code, Passkey returns options, etc.).
+ *
+ * @example
+ * ```typescript
+ * const setupData = await mfaService.getSetupData({
+ *   session: 'challenge-session-token',
+ *   method: 'totp'
+ * });
+ * // Returns: { secret: '...', qrCode: '...', manualEntryKey: '...' }
+ * ```
+ */
+/**
+ * Response DTO for setup data
+ */
 export declare class GetSetupDataResponseDTO {
+    /**
+     * Provider-specific setup data
+     *
+     * Structure varies by method:
+     * - TOTP: { secret: string, qrCode: string, manualEntryKey: string }
+     * - SMS: { maskedPhone: string }
+     * - Email: { maskedEmail: string }
+     * - Passkey: WebAuthn registration options
+     */
     setupData: Record<string, unknown>;
 }
 //# sourceMappingURL=get-setup-data-response.dto.d.ts.map

package/dist/dto/get-setup-data-response.dto.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"get-setup-data-response.dto.d.ts","sourceRoot":"","sources":["../../src/dto/get-setup-data-response.dto.ts"],"names":[],"mappings":"AAmBA,qBAAa,uBAAuB;IAUlC,SAAS,EAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC"}
+{"version":3,"file":"get-setup-data-response.dto.d.ts","sourceRoot":"","sources":["../../src/dto/get-setup-data-response.dto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH;;GAEG;AACH,qBAAa,uBAAuB;IAClC;;;;;;;;OAQG;IACH,SAAS,EAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC"}

package/dist/dto/get-setup-data-response.dto.js

@@ -1,7 +1,34 @@
 "use strict";
+/**
+ * Response DTO for getting MFA setup data
+ *
+ * Used to return method-specific setup data during MFA enrollment.
+ * Structure varies by method (TOTP returns QR code, Passkey returns options, etc.).
+ *
+ * @example
+ * ```typescript
+ * const setupData = await mfaService.getSetupData({
+ *   session: 'challenge-session-token',
+ *   method: 'totp'
+ * });
+ * // Returns: { secret: '...', qrCode: '...', manualEntryKey: '...' }
+ * ```
+ */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.GetSetupDataResponseDTO = void 0;
+/**
+ * Response DTO for setup data
+ */
 class GetSetupDataResponseDTO {
+    /**
+     * Provider-specific setup data
+     *
+     * Structure varies by method:
+     * - TOTP: { secret: string, qrCode: string, manualEntryKey: string }
+     * - SMS: { maskedPhone: string }
+     * - Email: { maskedEmail: string }
+     * - Passkey: WebAuthn registration options
+     */
     setupData;
 }
 exports.GetSetupDataResponseDTO = GetSetupDataResponseDTO;

package/dist/dto/get-setup-data-response.dto.js.map

@@ -1 +1 @@
-{"version":3,"file":"get-setup-data-response.dto.js","sourceRoot":"","sources":["../../src/dto/get-setup-data-response.dto.ts"],"names":[],"mappings":";;;AAmBA,MAAa,uBAAuB;IAUlC,SAAS,CAA2B;CACrC;AAXD,0DAWC"}
+{"version":3,"file":"get-setup-data-response.dto.js","sourceRoot":"","sources":["../../src/dto/get-setup-data-response.dto.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;AAEH;;GAEG;AACH,MAAa,uBAAuB;IAClC;;;;;;;;OAQG;IACH,SAAS,CAA2B;CACrC;AAXD,0DAWC"}

package/dist/dto/get-setup-data.dto.d.ts

@@ -1,7 +1,58 @@
+/**
+ * DTO for requesting MFA setup data
+ *
+ * Used to get method-specific setup information during MFA enrollment.
+ * For example, TOTP setup returns QR code and secret.
+ *
+ * Security:
+ * - Session token length limited (prevents DoS)
+ * - Method validated against enum (prevents injection)
+ *
+ * @example
+ * ```typescript
+ * const setupData = await authService.getSetupData({
+ *   session: 'challenge-session-token',
+ *   method: 'totp'
+ * });
+ * // Returns: { secret: '...', qrCode: '...' }
+ * ```
+ */
 import { MFAMethod } from '../enums/mfa-method.enum';
+/**
+ * DTO for getting MFA setup data
+ */
 export declare class GetSetupDataDTO {
+    /**
+     * Challenge session token (UUID v4)
+     *
+     * Validation:
+     * - Must be a valid UUID v4 format
+     * - Generated using randomUUID() in challenge service
+     * - Matches DB constraint: varchar(255) but UUID format enforced
+     *
+     * Sanitization:
+     * - Trimmed
+     * - Lowercased for consistency
+     *
+     * @example "a21b654c-2746-4168-acee-c175083a65cd"
+     */
     session: string;
+    /**
+     * MFA method to set up
+     *
+     * Validation:
+     * - Must be one of: sms, email, totp, passkey
+     */
     method: MFAMethod;
+    /**
+     * Optional provider-specific setup data
+     *
+     * Validation:
+     * - Must be an object if provided
+     * - Structure validated by MFA provider services
+     *
+     * @example { phoneNumber: '+1234567890' } for SMS
+     */
     setupData?: Record<string, unknown>;
 }
 //# sourceMappingURL=get-setup-data.dto.d.ts.map

package/dist/dto/get-setup-data.dto.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"get-setup-data.dto.d.ts","sourceRoot":"","sources":["../../src/dto/get-setup-data.dto.ts"],"names":[],"mappings":"AAsBA,OAAO,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AAKrD,qBAAa,eAAe;IAsB1B,OAAO,EAAG,MAAM,CAAC;IAWjB,MAAM,EAAG,SAAS,CAAC;IAanB,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC"}
+{"version":3,"file":"get-setup-data.dto.d.ts","sourceRoot":"","sources":["../../src/dto/get-setup-data.dto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAIH,OAAO,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AAErD;;GAEG;AACH,qBAAa,eAAe;IAC1B;;;;;;;;;;;;;OAaG;IAQH,OAAO,EAAG,MAAM,CAAC;IAEjB;;;;;OAKG;IAIH,MAAM,EAAG,SAAS,CAAC;IAEnB;;;;;;;;OAQG;IAGH,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC"}

package/dist/dto/get-setup-data.dto.js

@@ -1,4 +1,23 @@
 "use strict";
+/**
+ * DTO for requesting MFA setup data
+ *
+ * Used to get method-specific setup information during MFA enrollment.
+ * For example, TOTP setup returns QR code and secret.
+ *
+ * Security:
+ * - Session token length limited (prevents DoS)
+ * - Method validated against enum (prevents injection)
+ *
+ * @example
+ * ```typescript
+ * const setupData = await authService.getSetupData({
+ *   session: 'challenge-session-token',
+ *   method: 'totp'
+ * });
+ * // Returns: { secret: '...', qrCode: '...' }
+ * ```
+ */
 var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
     var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
     if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
@@ -13,9 +32,41 @@ exports.GetSetupDataDTO = void 0;
 const class_validator_1 = require("class-validator");
 const class_transformer_1 = require("class-transformer");
 const mfa_method_enum_1 = require("../enums/mfa-method.enum");
+/**
+ * DTO for getting MFA setup data
+ */
 class GetSetupDataDTO {
+    /**
+     * Challenge session token (UUID v4)
+     *
+     * Validation:
+     * - Must be a valid UUID v4 format
+     * - Generated using randomUUID() in challenge service
+     * - Matches DB constraint: varchar(255) but UUID format enforced
+     *
+     * Sanitization:
+     * - Trimmed
+     * - Lowercased for consistency
+     *
+     * @example "a21b654c-2746-4168-acee-c175083a65cd"
+     */
     session;
+    /**
+     * MFA method to set up
+     *
+     * Validation:
+     * - Must be one of: sms, email, totp, passkey
+     */
     method;
+    /**
+     * Optional provider-specific setup data
+     *
+     * Validation:
+     * - Must be an object if provided
+     * - Structure validated by MFA provider services
+     *
+     * @example { phoneNumber: '+1234567890' } for SMS
+     */
     setupData;
 }
 exports.GetSetupDataDTO = GetSetupDataDTO;

package/dist/dto/get-setup-data.dto.js.map

@@ -1 +1 @@
-{"version":3,"file":"get-setup-data.dto.js","sourceRoot":"","sources":["../../src/dto/get-setup-data.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAoBA,qDAAuE;AACvE,yDAA8C;AAC9C,8DAAqD;AAKrD,MAAa,eAAe;IAsB1B,OAAO,CAAU;IAWjB,MAAM,CAAa;IAanB,SAAS,CAA2B;CACrC;AA/CD,0CA+CC;AAzBC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,8CAA8C,EAAE,CAAC;IACxE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;gDACe;AAWjB;IAHC,IAAA,wBAAM,EAAC,CAAC,2BAAS,CAAC,GAAG,EAAE,2BAAS,CAAC,KAAK,EAAE,2BAAS,CAAC,IAAI,EAAE,2BAAS,CAAC,OAAO,CAAC,EAAE;QAC3E,OAAO,EAAE,kDAAkD;KAC5D,CAAC;;+CACiB;AAanB;IAFC,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC;;kDAClB"}
+{"version":3,"file":"get-setup-data.dto.js","sourceRoot":"","sources":["../../src/dto/get-setup-data.dto.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;GAkBG;;;;;;;;;;;;AAEH,qDAAuE;AACvE,yDAA8C;AAC9C,8DAAqD;AAErD;;GAEG;AACH,MAAa,eAAe;IAC1B;;;;;;;;;;;;;OAaG;IAQH,OAAO,CAAU;IAEjB;;;;;OAKG;IAIH,MAAM,CAAa;IAEnB;;;;;;;;OAQG;IAGH,SAAS,CAA2B;CACrC;AA/CD,0CA+CC;AAzBC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,8CAA8C,EAAE,CAAC;IACxE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;gDACe;AAWjB;IAHC,IAAA,wBAAM,EAAC,CAAC,2BAAS,CAAC,GAAG,EAAE,2BAAS,CAAC,KAAK,EAAE,2BAAS,CAAC,IAAI,EAAE,2BAAS,CAAC,OAAO,CAAC,EAAE;QAC3E,OAAO,EAAE,kDAAkD;KAC5D,CAAC;;+CACiB;AAanB;IAFC,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC;;kDAClB"}

package/dist/dto/get-suspicious-activity.dto.d.ts

@@ -1,9 +1,40 @@
 import { IAuthAudit } from '../interfaces/entities.interface';
+/**
+ * Request DTO for getting suspicious activity
+ *
+ * @example
+ * ```typescript
+ * // Get all suspicious activity
+ * const result = await auditService.getSuspiciousActivity({});
+ *
+ * // Get suspicious activity for specific user
+ * const result = await auditService.getSuspiciousActivity({
+ *   userSub: 'user-uuid',
+ *   limit: 50,
+ * });
+ * ```
+ */
 export declare class GetSuspiciousActivityDTO {
+    /**
+     * Optional user identifier to filter by specific user
+     *
+     * If not provided, returns suspicious activity for all users.
+     */
     userSub?: string;
+    /**
+     * Maximum number of records to return
+     *
+     * @default 100
+     */
     limit?: number;
 }
+/**
+ * Response DTO for suspicious activity
+ */
 export declare class GetSuspiciousActivityResponseDTO {
+    /**
+     * Array of suspicious audit events
+     */
     data: IAuthAudit[];
 }
 //# sourceMappingURL=get-suspicious-activity.dto.d.ts.map

package/dist/dto/get-suspicious-activity.dto.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"get-suspicious-activity.dto.d.ts","sourceRoot":"","sources":["../../src/dto/get-suspicious-activity.dto.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,kCAAkC,CAAC;AAiB9D,qBAAa,wBAAwB;IAMnC,OAAO,CAAC,EAAE,MAAM,CAAC;IAOjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAKD,qBAAa,gCAAgC;IAI3C,IAAI,EAAG,UAAU,EAAE,CAAC;CACrB"}
+{"version":3,"file":"get-suspicious-activity.dto.d.ts","sourceRoot":"","sources":["../../src/dto/get-suspicious-activity.dto.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,kCAAkC,CAAC;AAE9D;;;;;;;;;;;;;;GAcG;AACH,qBAAa,wBAAwB;IACnC;;;;OAIG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;;;OAIG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,qBAAa,gCAAgC;IAC3C;;OAEG;IACH,IAAI,EAAG,UAAU,EAAE,CAAC;CACrB"}

package/dist/dto/get-suspicious-activity.dto.js

@@ -1,12 +1,43 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.GetSuspiciousActivityResponseDTO = exports.GetSuspiciousActivityDTO = void 0;
+/**
+ * Request DTO for getting suspicious activity
+ *
+ * @example
+ * ```typescript
+ * // Get all suspicious activity
+ * const result = await auditService.getSuspiciousActivity({});
+ *
+ * // Get suspicious activity for specific user
+ * const result = await auditService.getSuspiciousActivity({
+ *   userSub: 'user-uuid',
+ *   limit: 50,
+ * });
+ * ```
+ */
 class GetSuspiciousActivityDTO {
+    /**
+     * Optional user identifier to filter by specific user
+     *
+     * If not provided, returns suspicious activity for all users.
+     */
     userSub;
+    /**
+     * Maximum number of records to return
+     *
+     * @default 100
+     */
     limit;
 }
 exports.GetSuspiciousActivityDTO = GetSuspiciousActivityDTO;
+/**
+ * Response DTO for suspicious activity
+ */
 class GetSuspiciousActivityResponseDTO {
+    /**
+     * Array of suspicious audit events
+     */
     data;
 }
 exports.GetSuspiciousActivityResponseDTO = GetSuspiciousActivityResponseDTO;