@nauth-toolkit/core 0.1.14 → 0.1.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/database-columns.d.ts +70 -0
- package/dist/adapters/database-columns.d.ts.map +1 -1
- package/dist/adapters/database-columns.js +76 -2
- package/dist/adapters/database-columns.js.map +1 -1
- package/dist/adapters/express.adapter.d.ts +66 -0
- package/dist/adapters/express.adapter.d.ts.map +1 -1
- package/dist/adapters/express.adapter.js +80 -0
- package/dist/adapters/express.adapter.js.map +1 -1
- package/dist/adapters/fastify.adapter.d.ts +42 -0
- package/dist/adapters/fastify.adapter.d.ts.map +1 -1
- package/dist/adapters/fastify.adapter.js +86 -0
- package/dist/adapters/fastify.adapter.js.map +1 -1
- package/dist/adapters/index.d.ts +5 -0
- package/dist/adapters/index.d.ts.map +1 -1
- package/dist/adapters/index.js +9 -0
- package/dist/adapters/index.js.map +1 -1
- package/dist/adapters/storage.factory.d.ts +107 -0
- package/dist/adapters/storage.factory.d.ts.map +1 -1
- package/dist/adapters/storage.factory.js +114 -0
- package/dist/adapters/storage.factory.js.map +1 -1
- package/dist/adapters.d.ts +8 -0
- package/dist/adapters.d.ts.map +1 -1
- package/dist/adapters.js +8 -0
- package/dist/adapters.js.map +1 -1
- package/dist/bootstrap.d.ts +82 -0
- package/dist/bootstrap.d.ts.map +1 -1
- package/dist/bootstrap.js +106 -0
- package/dist/bootstrap.js.map +1 -1
- package/dist/dto/admin-set-password.dto.d.ts +90 -0
- package/dist/dto/admin-set-password.dto.d.ts.map +1 -1
- package/dist/dto/admin-set-password.dto.js +91 -0
- package/dist/dto/admin-set-password.dto.js.map +1 -1
- package/dist/dto/auth-challenge.dto.d.ts +170 -0
- package/dist/dto/auth-challenge.dto.d.ts.map +1 -1
- package/dist/dto/auth-challenge.dto.js +170 -0
- package/dist/dto/auth-challenge.dto.js.map +1 -1
- package/dist/dto/auth-response.dto.d.ts +196 -0
- package/dist/dto/auth-response.dto.d.ts.map +1 -1
- package/dist/dto/auth-response.dto.js +149 -0
- package/dist/dto/auth-response.dto.js.map +1 -1
- package/dist/dto/challenge-response.dto.d.ts +155 -0
- package/dist/dto/challenge-response.dto.d.ts.map +1 -1
- package/dist/dto/challenge-response.dto.js +8 -0
- package/dist/dto/challenge-response.dto.js.map +1 -1
- package/dist/dto/change-password-request.dto.d.ts +35 -0
- package/dist/dto/change-password-request.dto.d.ts.map +1 -1
- package/dist/dto/change-password-request.dto.js +35 -0
- package/dist/dto/change-password-request.dto.js.map +1 -1
- package/dist/dto/change-password-response.dto.d.ts +25 -0
- package/dist/dto/change-password-response.dto.d.ts.map +1 -1
- package/dist/dto/change-password-response.dto.js +25 -0
- package/dist/dto/change-password-response.dto.js.map +1 -1
- package/dist/dto/change-password.dto.d.ts +45 -0
- package/dist/dto/change-password.dto.d.ts.map +1 -1
- package/dist/dto/change-password.dto.js +45 -0
- package/dist/dto/change-password.dto.js.map +1 -1
- package/dist/dto/confirm-forgot-password.dto.d.ts +59 -0
- package/dist/dto/confirm-forgot-password.dto.d.ts.map +1 -1
- package/dist/dto/confirm-forgot-password.dto.js +59 -0
- package/dist/dto/confirm-forgot-password.dto.js.map +1 -1
- package/dist/dto/error-response.dto.d.ts +103 -0
- package/dist/dto/error-response.dto.d.ts.map +1 -1
- package/dist/dto/error-response.dto.js +103 -0
- package/dist/dto/error-response.dto.js.map +1 -1
- package/dist/dto/forgot-password.dto.d.ts +58 -0
- package/dist/dto/forgot-password.dto.d.ts.map +1 -1
- package/dist/dto/forgot-password.dto.js +58 -0
- package/dist/dto/forgot-password.dto.js.map +1 -1
- package/dist/dto/get-available-methods.dto.d.ts +37 -0
- package/dist/dto/get-available-methods.dto.d.ts.map +1 -1
- package/dist/dto/get-available-methods.dto.js +37 -0
- package/dist/dto/get-available-methods.dto.js.map +1 -1
- package/dist/dto/get-challenge-data-response.dto.d.ts +24 -0
- package/dist/dto/get-challenge-data-response.dto.d.ts.map +1 -1
- package/dist/dto/get-challenge-data-response.dto.js +24 -0
- package/dist/dto/get-challenge-data-response.dto.js.map +1 -1
- package/dist/dto/get-challenge-data.dto.d.ts +46 -0
- package/dist/dto/get-challenge-data.dto.d.ts.map +1 -1
- package/dist/dto/get-challenge-data.dto.js +46 -0
- package/dist/dto/get-challenge-data.dto.js.map +1 -1
- package/dist/dto/get-client-info.dto.d.ts +74 -0
- package/dist/dto/get-client-info.dto.d.ts.map +1 -1
- package/dist/dto/get-client-info.dto.js +74 -0
- package/dist/dto/get-client-info.dto.js.map +1 -1
- package/dist/dto/get-device-token-response.dto.d.ts +21 -0
- package/dist/dto/get-device-token-response.dto.d.ts.map +1 -1
- package/dist/dto/get-device-token-response.dto.js +21 -0
- package/dist/dto/get-device-token-response.dto.js.map +1 -1
- package/dist/dto/get-events-by-type.dto.d.ts +50 -0
- package/dist/dto/get-events-by-type.dto.d.ts.map +1 -1
- package/dist/dto/get-events-by-type.dto.js +50 -0
- package/dist/dto/get-events-by-type.dto.js.map +1 -1
- package/dist/dto/get-ip-address-response.dto.d.ts +20 -0
- package/dist/dto/get-ip-address-response.dto.d.ts.map +1 -1
- package/dist/dto/get-ip-address-response.dto.js +20 -0
- package/dist/dto/get-ip-address-response.dto.js.map +1 -1
- package/dist/dto/get-mfa-status.dto.d.ts +59 -0
- package/dist/dto/get-mfa-status.dto.d.ts.map +1 -1
- package/dist/dto/get-mfa-status.dto.js +59 -0
- package/dist/dto/get-mfa-status.dto.js.map +1 -1
- package/dist/dto/get-risk-assessment-history.dto.d.ts +28 -0
- package/dist/dto/get-risk-assessment-history.dto.d.ts.map +1 -1
- package/dist/dto/get-risk-assessment-history.dto.js +28 -0
- package/dist/dto/get-risk-assessment-history.dto.js.map +1 -1
- package/dist/dto/get-session-id-response.dto.d.ts +21 -0
- package/dist/dto/get-session-id-response.dto.d.ts.map +1 -1
- package/dist/dto/get-session-id-response.dto.js +21 -0
- package/dist/dto/get-session-id-response.dto.js.map +1 -1
- package/dist/dto/get-setup-data-response.dto.d.ts +27 -0
- package/dist/dto/get-setup-data-response.dto.d.ts.map +1 -1
- package/dist/dto/get-setup-data-response.dto.js +27 -0
- package/dist/dto/get-setup-data-response.dto.js.map +1 -1
- package/dist/dto/get-setup-data.dto.d.ts +51 -0
- package/dist/dto/get-setup-data.dto.d.ts.map +1 -1
- package/dist/dto/get-setup-data.dto.js +51 -0
- package/dist/dto/get-setup-data.dto.js.map +1 -1
- package/dist/dto/get-suspicious-activity.dto.d.ts +31 -0
- package/dist/dto/get-suspicious-activity.dto.d.ts.map +1 -1
- package/dist/dto/get-suspicious-activity.dto.js +31 -0
- package/dist/dto/get-suspicious-activity.dto.js.map +1 -1
- package/dist/dto/get-user-agent-response.dto.d.ts +19 -0
- package/dist/dto/get-user-agent-response.dto.d.ts.map +1 -1
- package/dist/dto/get-user-agent-response.dto.js +19 -0
- package/dist/dto/get-user-agent-response.dto.js.map +1 -1
- package/dist/dto/get-user-auth-history.dto.d.ts +64 -0
- package/dist/dto/get-user-auth-history.dto.d.ts.map +1 -1
- package/dist/dto/get-user-auth-history.dto.js +64 -0
- package/dist/dto/get-user-auth-history.dto.js.map +1 -1
- package/dist/dto/get-user-by-email.dto.d.ts +42 -0
- package/dist/dto/get-user-by-email.dto.d.ts.map +1 -1
- package/dist/dto/get-user-by-email.dto.js +42 -0
- package/dist/dto/get-user-by-email.dto.js.map +1 -1
- package/dist/dto/get-user-by-id.dto.d.ts +32 -0
- package/dist/dto/get-user-by-id.dto.d.ts.map +1 -1
- package/dist/dto/get-user-by-id.dto.js +32 -0
- package/dist/dto/get-user-by-id.dto.js.map +1 -1
- package/dist/dto/get-user-devices.dto.d.ts +34 -0
- package/dist/dto/get-user-devices.dto.d.ts.map +1 -1
- package/dist/dto/get-user-devices.dto.js +34 -0
- package/dist/dto/get-user-devices.dto.js.map +1 -1
- package/dist/dto/get-user-response.dto.d.ts +14 -0
- package/dist/dto/get-user-response.dto.d.ts.map +1 -1
- package/dist/dto/get-user-response.dto.js +15 -0
- package/dist/dto/get-user-response.dto.js.map +1 -1
- package/dist/dto/has-provider.dto.d.ts +33 -0
- package/dist/dto/has-provider.dto.d.ts.map +1 -1
- package/dist/dto/has-provider.dto.js +33 -0
- package/dist/dto/has-provider.dto.js.map +1 -1
- package/dist/dto/index.js +5 -0
- package/dist/dto/index.js.map +1 -1
- package/dist/dto/is-trusted-device-response.dto.d.ts +28 -0
- package/dist/dto/is-trusted-device-response.dto.d.ts.map +1 -1
- package/dist/dto/is-trusted-device-response.dto.js +28 -0
- package/dist/dto/is-trusted-device-response.dto.js.map +1 -1
- package/dist/dto/list-providers-response.dto.d.ts +19 -0
- package/dist/dto/list-providers-response.dto.d.ts.map +1 -1
- package/dist/dto/list-providers-response.dto.js +19 -0
- package/dist/dto/list-providers-response.dto.js.map +1 -1
- package/dist/dto/login.dto.d.ts +48 -0
- package/dist/dto/login.dto.d.ts.map +1 -1
- package/dist/dto/login.dto.js +50 -1
- package/dist/dto/login.dto.js.map +1 -1
- package/dist/dto/logout-all-response.dto.d.ts +20 -0
- package/dist/dto/logout-all-response.dto.d.ts.map +1 -1
- package/dist/dto/logout-all-response.dto.js +20 -0
- package/dist/dto/logout-all-response.dto.js.map +1 -1
- package/dist/dto/logout-all.dto.d.ts +42 -0
- package/dist/dto/logout-all.dto.d.ts.map +1 -1
- package/dist/dto/logout-all.dto.js +42 -0
- package/dist/dto/logout-all.dto.js.map +1 -1
- package/dist/dto/logout-response.dto.d.ts +21 -0
- package/dist/dto/logout-response.dto.d.ts.map +1 -1
- package/dist/dto/logout-response.dto.js +21 -0
- package/dist/dto/logout-response.dto.js.map +1 -1
- package/dist/dto/logout.dto.d.ts +45 -0
- package/dist/dto/logout.dto.d.ts.map +1 -1
- package/dist/dto/logout.dto.js +45 -0
- package/dist/dto/logout.dto.js.map +1 -1
- package/dist/dto/refresh-token.dto.d.ts +28 -0
- package/dist/dto/refresh-token.dto.d.ts.map +1 -1
- package/dist/dto/refresh-token.dto.js +28 -0
- package/dist/dto/refresh-token.dto.js.map +1 -1
- package/dist/dto/remove-devices.dto.d.ts +51 -0
- package/dist/dto/remove-devices.dto.d.ts.map +1 -1
- package/dist/dto/remove-devices.dto.js +51 -0
- package/dist/dto/remove-devices.dto.js.map +1 -1
- package/dist/dto/resend-code-response.dto.d.ts +28 -0
- package/dist/dto/resend-code-response.dto.d.ts.map +1 -1
- package/dist/dto/resend-code-response.dto.js +28 -0
- package/dist/dto/resend-code-response.dto.js.map +1 -1
- package/dist/dto/resend-code.dto.d.ts +37 -0
- package/dist/dto/resend-code.dto.d.ts.map +1 -1
- package/dist/dto/resend-code.dto.js +37 -0
- package/dist/dto/resend-code.dto.js.map +1 -1
- package/dist/dto/reset-password.dto.d.ts +74 -0
- package/dist/dto/reset-password.dto.d.ts.map +1 -1
- package/dist/dto/reset-password.dto.js +76 -1
- package/dist/dto/reset-password.dto.js.map +1 -1
- package/dist/dto/respond-challenge.dto.d.ts +147 -0
- package/dist/dto/respond-challenge.dto.d.ts.map +1 -1
- package/dist/dto/respond-challenge.dto.js +162 -0
- package/dist/dto/respond-challenge.dto.js.map +1 -1
- package/dist/dto/set-mfa-exemption.dto.d.ts +65 -0
- package/dist/dto/set-mfa-exemption.dto.d.ts.map +1 -1
- package/dist/dto/set-mfa-exemption.dto.js +65 -0
- package/dist/dto/set-mfa-exemption.dto.js.map +1 -1
- package/dist/dto/set-must-change-password-response.dto.d.ts +23 -0
- package/dist/dto/set-must-change-password-response.dto.d.ts.map +1 -1
- package/dist/dto/set-must-change-password-response.dto.js +23 -0
- package/dist/dto/set-must-change-password-response.dto.js.map +1 -1
- package/dist/dto/set-must-change-password.dto.d.ts +32 -0
- package/dist/dto/set-must-change-password.dto.d.ts.map +1 -1
- package/dist/dto/set-must-change-password.dto.js +32 -0
- package/dist/dto/set-must-change-password.dto.js.map +1 -1
- package/dist/dto/set-preferred-method.dto.d.ts +48 -0
- package/dist/dto/set-preferred-method.dto.d.ts.map +1 -1
- package/dist/dto/set-preferred-method.dto.js +48 -0
- package/dist/dto/set-preferred-method.dto.js.map +1 -1
- package/dist/dto/setup-mfa.dto.d.ts +62 -0
- package/dist/dto/setup-mfa.dto.d.ts.map +1 -1
- package/dist/dto/setup-mfa.dto.js +62 -0
- package/dist/dto/setup-mfa.dto.js.map +1 -1
- package/dist/dto/signup.dto.d.ts +92 -0
- package/dist/dto/signup.dto.d.ts.map +1 -1
- package/dist/dto/signup.dto.js +93 -0
- package/dist/dto/signup.dto.js.map +1 -1
- package/dist/dto/social-auth.dto.d.ts +234 -0
- package/dist/dto/social-auth.dto.d.ts.map +1 -1
- package/dist/dto/social-auth.dto.js +234 -0
- package/dist/dto/social-auth.dto.js.map +1 -1
- package/dist/dto/trust-device-response.dto.d.ts +26 -0
- package/dist/dto/trust-device-response.dto.d.ts.map +1 -1
- package/dist/dto/trust-device-response.dto.js +26 -0
- package/dist/dto/trust-device-response.dto.js.map +1 -1
- package/dist/dto/trust-device.dto.d.ts +9 -0
- package/dist/dto/trust-device.dto.d.ts.map +1 -1
- package/dist/dto/trust-device.dto.js +9 -0
- package/dist/dto/trust-device.dto.js.map +1 -1
- package/dist/dto/update-user-attributes-request.dto.d.ts +36 -0
- package/dist/dto/update-user-attributes-request.dto.d.ts.map +1 -1
- package/dist/dto/update-user-attributes-request.dto.js +36 -0
- package/dist/dto/update-user-attributes-request.dto.js.map +1 -1
- package/dist/dto/user-response.dto.d.ts +81 -0
- package/dist/dto/user-response.dto.d.ts.map +1 -1
- package/dist/dto/user-response.dto.js +84 -2
- package/dist/dto/user-response.dto.js.map +1 -1
- package/dist/dto/user-update.dto.d.ts +132 -0
- package/dist/dto/user-update.dto.d.ts.map +1 -1
- package/dist/dto/user-update.dto.js +133 -0
- package/dist/dto/user-update.dto.js.map +1 -1
- package/dist/dto/verify-email.dto.d.ts +171 -0
- package/dist/dto/verify-email.dto.d.ts.map +1 -1
- package/dist/dto/verify-email.dto.js +173 -1
- package/dist/dto/verify-email.dto.js.map +1 -1
- package/dist/dto/verify-mfa-code.dto.d.ts +65 -0
- package/dist/dto/verify-mfa-code.dto.d.ts.map +1 -1
- package/dist/dto/verify-mfa-code.dto.js +65 -0
- package/dist/dto/verify-mfa-code.dto.js.map +1 -1
- package/dist/dto/verify-phone-by-sub.dto.d.ts +49 -0
- package/dist/dto/verify-phone-by-sub.dto.d.ts.map +1 -1
- package/dist/dto/verify-phone-by-sub.dto.js +49 -0
- package/dist/dto/verify-phone-by-sub.dto.js.map +1 -1
- package/dist/dto/verify-phone.dto.d.ts +139 -0
- package/dist/dto/verify-phone.dto.d.ts.map +1 -1
- package/dist/dto/verify-phone.dto.js +142 -1
- package/dist/dto/verify-phone.dto.js.map +1 -1
- package/dist/dto.d.ts +10 -0
- package/dist/dto.d.ts.map +1 -1
- package/dist/dto.js +10 -0
- package/dist/dto.js.map +1 -1
- package/dist/entities/auth-audit.entity.d.ts +159 -0
- package/dist/entities/auth-audit.entity.d.ts.map +1 -1
- package/dist/entities/auth-audit.entity.js +166 -0
- package/dist/entities/auth-audit.entity.js.map +1 -1
- package/dist/entities/challenge-session.entity.d.ts +87 -0
- package/dist/entities/challenge-session.entity.d.ts.map +1 -1
- package/dist/entities/challenge-session.entity.js +87 -0
- package/dist/entities/challenge-session.entity.js.map +1 -1
- package/dist/entities/index.d.ts +18 -0
- package/dist/entities/index.d.ts.map +1 -1
- package/dist/entities/index.js +18 -0
- package/dist/entities/index.js.map +1 -1
- package/dist/entities/login-attempt.entity.d.ts +43 -0
- package/dist/entities/login-attempt.entity.d.ts.map +1 -1
- package/dist/entities/login-attempt.entity.js +43 -0
- package/dist/entities/login-attempt.entity.js.map +1 -1
- package/dist/entities/mfa-device.entity.d.ts +112 -0
- package/dist/entities/mfa-device.entity.d.ts.map +1 -1
- package/dist/entities/mfa-device.entity.js +112 -0
- package/dist/entities/mfa-device.entity.js.map +1 -1
- package/dist/entities/rate-limit.entity.d.ts +31 -0
- package/dist/entities/rate-limit.entity.d.ts.map +1 -1
- package/dist/entities/rate-limit.entity.js +31 -0
- package/dist/entities/rate-limit.entity.js.map +1 -1
- package/dist/entities/session.entity.d.ts +121 -0
- package/dist/entities/session.entity.d.ts.map +1 -1
- package/dist/entities/session.entity.js +121 -0
- package/dist/entities/session.entity.js.map +1 -1
- package/dist/entities/social-account.entity.d.ts +75 -0
- package/dist/entities/social-account.entity.d.ts.map +1 -1
- package/dist/entities/social-account.entity.js +75 -0
- package/dist/entities/social-account.entity.js.map +1 -1
- package/dist/entities/storage-lock.entity.d.ts +28 -0
- package/dist/entities/storage-lock.entity.d.ts.map +1 -1
- package/dist/entities/storage-lock.entity.js +28 -0
- package/dist/entities/storage-lock.entity.js.map +1 -1
- package/dist/entities/trusted-device.entity.d.ts +83 -0
- package/dist/entities/trusted-device.entity.d.ts.map +1 -1
- package/dist/entities/trusted-device.entity.js +83 -0
- package/dist/entities/trusted-device.entity.js.map +1 -1
- package/dist/entities/user.entity.d.ts +166 -0
- package/dist/entities/user.entity.d.ts.map +1 -1
- package/dist/entities/user.entity.js +166 -0
- package/dist/entities/user.entity.js.map +1 -1
- package/dist/entities/verification-token.entity.d.ts +102 -0
- package/dist/entities/verification-token.entity.d.ts.map +1 -1
- package/dist/entities/verification-token.entity.js +102 -0
- package/dist/entities/verification-token.entity.js.map +1 -1
- package/dist/entities.d.ts +8 -0
- package/dist/entities.d.ts.map +1 -1
- package/dist/entities.js +8 -0
- package/dist/entities.js.map +1 -1
- package/dist/enums/auth-audit-event-type.enum.d.ts +211 -0
- package/dist/enums/auth-audit-event-type.enum.d.ts.map +1 -1
- package/dist/enums/auth-audit-event-type.enum.js +244 -0
- package/dist/enums/auth-audit-event-type.enum.js.map +1 -1
- package/dist/enums/error-codes.enum.d.ts +296 -0
- package/dist/enums/error-codes.enum.d.ts.map +1 -1
- package/dist/enums/error-codes.enum.js +332 -0
- package/dist/enums/error-codes.enum.js.map +1 -1
- package/dist/enums/mfa-method.enum.d.ts +74 -0
- package/dist/enums/mfa-method.enum.d.ts.map +1 -1
- package/dist/enums/mfa-method.enum.js +64 -0
- package/dist/enums/mfa-method.enum.js.map +1 -1
- package/dist/enums/risk-factor.enum.d.ts +91 -0
- package/dist/enums/risk-factor.enum.d.ts.map +1 -1
- package/dist/enums/risk-factor.enum.js +97 -0
- package/dist/enums/risk-factor.enum.js.map +1 -1
- package/dist/exceptions/nauth.exception.d.ts +149 -0
- package/dist/exceptions/nauth.exception.d.ts.map +1 -1
- package/dist/exceptions/nauth.exception.js +159 -0
- package/dist/exceptions/nauth.exception.js.map +1 -1
- package/dist/handlers/auth.handler.d.ts +32 -0
- package/dist/handlers/auth.handler.d.ts.map +1 -1
- package/dist/handlers/auth.handler.js +47 -1
- package/dist/handlers/auth.handler.js.map +1 -1
- package/dist/handlers/client-info.handler.d.ts +25 -0
- package/dist/handlers/client-info.handler.d.ts.map +1 -1
- package/dist/handlers/client-info.handler.js +36 -2
- package/dist/handlers/client-info.handler.js.map +1 -1
- package/dist/handlers/csrf.handler.d.ts +32 -0
- package/dist/handlers/csrf.handler.d.ts.map +1 -1
- package/dist/handlers/csrf.handler.js +49 -1
- package/dist/handlers/csrf.handler.js.map +1 -1
- package/dist/handlers/token-delivery.handler.d.ts +16 -0
- package/dist/handlers/token-delivery.handler.d.ts.map +1 -1
- package/dist/handlers/token-delivery.handler.js +22 -1
- package/dist/handlers/token-delivery.handler.js.map +1 -1
- package/dist/index.d.ts +34 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +67 -0
- package/dist/index.js.map +1 -1
- package/dist/interfaces/client-info.interface.d.ts +58 -0
- package/dist/interfaces/client-info.interface.d.ts.map +1 -1
- package/dist/interfaces/config.interface.d.ts +1780 -0
- package/dist/interfaces/config.interface.d.ts.map +1 -1
- package/dist/interfaces/config.interface.js +16 -0
- package/dist/interfaces/config.interface.js.map +1 -1
- package/dist/interfaces/entities.interface.d.ts +48 -0
- package/dist/interfaces/entities.interface.d.ts.map +1 -1
- package/dist/interfaces/entities.interface.js +8 -0
- package/dist/interfaces/entities.interface.js.map +1 -1
- package/dist/interfaces/index.js +5 -0
- package/dist/interfaces/index.js.map +1 -1
- package/dist/interfaces/logger.interface.d.ts +213 -0
- package/dist/interfaces/logger.interface.d.ts.map +1 -1
- package/dist/interfaces/logger.interface.js +35 -0
- package/dist/interfaces/logger.interface.js.map +1 -1
- package/dist/interfaces/mfa-provider.interface.d.ts +134 -0
- package/dist/interfaces/mfa-provider.interface.d.ts.map +1 -1
- package/dist/interfaces/oauth.interface.d.ts +110 -0
- package/dist/interfaces/oauth.interface.d.ts.map +1 -1
- package/dist/interfaces/provider.interface.d.ts +83 -0
- package/dist/interfaces/provider.interface.d.ts.map +1 -1
- package/dist/interfaces/sms-template.interface.d.ts +246 -0
- package/dist/interfaces/sms-template.interface.d.ts.map +1 -1
- package/dist/interfaces/sms-template.interface.js +26 -0
- package/dist/interfaces/sms-template.interface.js.map +1 -1
- package/dist/interfaces/social-auth-provider.interface.d.ts +115 -0
- package/dist/interfaces/social-auth-provider.interface.d.ts.map +1 -1
- package/dist/interfaces/storage-adapter.interface.d.ts +37 -0
- package/dist/interfaces/storage-adapter.interface.d.ts.map +1 -1
- package/dist/interfaces/template.interface.d.ts +351 -0
- package/dist/interfaces/template.interface.d.ts.map +1 -1
- package/dist/interfaces/template.interface.js +13 -0
- package/dist/interfaces/template.interface.js.map +1 -1
- package/dist/interfaces/token-verifier.interface.d.ts +101 -0
- package/dist/interfaces/token-verifier.interface.d.ts.map +1 -1
- package/dist/interfaces.d.ts +8 -0
- package/dist/interfaces.d.ts.map +1 -1
- package/dist/interfaces.js +8 -0
- package/dist/interfaces.js.map +1 -1
- package/dist/internal.d.ts +120 -0
- package/dist/internal.d.ts.map +1 -1
- package/dist/internal.js +138 -0
- package/dist/internal.js.map +1 -1
- package/dist/platform/interfaces.d.ts +187 -0
- package/dist/platform/interfaces.d.ts.map +1 -1
- package/dist/platform/interfaces.js +11 -0
- package/dist/platform/interfaces.js.map +1 -1
- package/dist/schemas/auth-config.schema.d.ts +62 -0
- package/dist/schemas/auth-config.schema.d.ts.map +1 -1
- package/dist/schemas/auth-config.schema.js +189 -9
- package/dist/schemas/auth-config.schema.js.map +1 -1
- package/dist/services/adaptive-mfa-decision.service.d.ts +144 -0
- package/dist/services/adaptive-mfa-decision.service.d.ts.map +1 -1
- package/dist/services/adaptive-mfa-decision.service.js +151 -5
- package/dist/services/adaptive-mfa-decision.service.js.map +1 -1
- package/dist/services/auth-audit.service.d.ts +195 -0
- package/dist/services/auth-audit.service.d.ts.map +1 -1
- package/dist/services/auth-audit.service.js +228 -1
- package/dist/services/auth-audit.service.js.map +1 -1
- package/dist/services/auth-challenge-helper.service.d.ts +144 -1
- package/dist/services/auth-challenge-helper.service.d.ts.map +1 -1
- package/dist/services/auth-challenge-helper.service.js +295 -16
- package/dist/services/auth-challenge-helper.service.js.map +1 -1
- package/dist/services/auth-flow-context-builder.service.d.ts +120 -1
- package/dist/services/auth-flow-context-builder.service.d.ts.map +1 -1
- package/dist/services/auth-flow-context-builder.service.js +184 -5
- package/dist/services/auth-flow-context-builder.service.js.map +1 -1
- package/dist/services/auth-flow-rules.d.ts +136 -0
- package/dist/services/auth-flow-rules.d.ts.map +1 -1
- package/dist/services/auth-flow-rules.js +137 -0
- package/dist/services/auth-flow-rules.js.map +1 -1
- package/dist/services/auth-flow-state-definitions.d.ts +40 -0
- package/dist/services/auth-flow-state-definitions.d.ts.map +1 -1
- package/dist/services/auth-flow-state-definitions.js +98 -0
- package/dist/services/auth-flow-state-definitions.js.map +1 -1
- package/dist/services/auth-flow-state-machine.service.d.ts +91 -0
- package/dist/services/auth-flow-state-machine.service.d.ts.map +1 -1
- package/dist/services/auth-flow-state-machine.service.js +102 -0
- package/dist/services/auth-flow-state-machine.service.js.map +1 -1
- package/dist/services/auth-flow-state-machine.types.d.ts +221 -0
- package/dist/services/auth-flow-state-machine.types.d.ts.map +1 -1
- package/dist/services/auth-flow-state-machine.types.js +47 -0
- package/dist/services/auth-flow-state-machine.types.js.map +1 -1
- package/dist/services/auth.service.d.ts +397 -1
- package/dist/services/auth.service.d.ts.map +1 -1
- package/dist/services/auth.service.js +943 -27
- package/dist/services/auth.service.js.map +1 -1
- package/dist/services/challenge.service.d.ts +255 -1
- package/dist/services/challenge.service.d.ts.map +1 -1
- package/dist/services/challenge.service.js +327 -3
- package/dist/services/challenge.service.js.map +1 -1
- package/dist/services/client-info.service.d.ts +143 -0
- package/dist/services/client-info.service.d.ts.map +1 -1
- package/dist/services/client-info.service.js +161 -0
- package/dist/services/client-info.service.js.map +1 -1
- package/dist/services/csrf.service.d.ts +15 -0
- package/dist/services/csrf.service.d.ts.map +1 -1
- package/dist/services/csrf.service.js +16 -0
- package/dist/services/csrf.service.js.map +1 -1
- package/dist/services/email-verification.service.d.ts +52 -0
- package/dist/services/email-verification.service.d.ts.map +1 -1
- package/dist/services/email-verification.service.js +152 -12
- package/dist/services/email-verification.service.js.map +1 -1
- package/dist/services/geo-location.service.d.ts +105 -0
- package/dist/services/geo-location.service.d.ts.map +1 -1
- package/dist/services/geo-location.service.js +188 -2
- package/dist/services/geo-location.service.js.map +1 -1
- package/dist/services/jwt.service.d.ts +257 -0
- package/dist/services/jwt.service.d.ts.map +1 -1
- package/dist/services/jwt.service.js +284 -1
- package/dist/services/jwt.service.js.map +1 -1
- package/dist/services/mfa-base.service.d.ts +179 -1
- package/dist/services/mfa-base.service.d.ts.map +1 -1
- package/dist/services/mfa-base.service.js +256 -2
- package/dist/services/mfa-base.service.js.map +1 -1
- package/dist/services/mfa.service.d.ts +304 -0
- package/dist/services/mfa.service.d.ts.map +1 -1
- package/dist/services/mfa.service.js +380 -0
- package/dist/services/mfa.service.js.map +1 -1
- package/dist/services/password-reset.service.d.ts +46 -0
- package/dist/services/password-reset.service.d.ts.map +1 -1
- package/dist/services/password-reset.service.js +79 -0
- package/dist/services/password-reset.service.js.map +1 -1
- package/dist/services/password.service.d.ts +139 -0
- package/dist/services/password.service.d.ts.map +1 -1
- package/dist/services/password.service.js +167 -9
- package/dist/services/password.service.js.map +1 -1
- package/dist/services/phone-verification.service.d.ts +75 -0
- package/dist/services/phone-verification.service.d.ts.map +1 -1
- package/dist/services/phone-verification.service.js +188 -6
- package/dist/services/phone-verification.service.js.map +1 -1
- package/dist/services/risk-detection.service.d.ts +198 -0
- package/dist/services/risk-detection.service.d.ts.map +1 -1
- package/dist/services/risk-detection.service.js +358 -11
- package/dist/services/risk-detection.service.js.map +1 -1
- package/dist/services/risk-scoring.service.d.ts +84 -0
- package/dist/services/risk-scoring.service.d.ts.map +1 -1
- package/dist/services/risk-scoring.service.js +87 -0
- package/dist/services/risk-scoring.service.js.map +1 -1
- package/dist/services/session.service.d.ts +204 -0
- package/dist/services/session.service.d.ts.map +1 -1
- package/dist/services/session.service.js +289 -4
- package/dist/services/session.service.js.map +1 -1
- package/dist/services/social-auth-base.service.d.ts +123 -1
- package/dist/services/social-auth-base.service.d.ts.map +1 -1
- package/dist/services/social-auth-base.service.js +155 -2
- package/dist/services/social-auth-base.service.js.map +1 -1
- package/dist/services/social-auth.service.d.ts +191 -0
- package/dist/services/social-auth.service.d.ts.map +1 -1
- package/dist/services/social-auth.service.js +215 -2
- package/dist/services/social-auth.service.js.map +1 -1
- package/dist/services/social-provider-registry.service.d.ts +86 -0
- package/dist/services/social-provider-registry.service.d.ts.map +1 -1
- package/dist/services/social-provider-registry.service.js +86 -0
- package/dist/services/social-provider-registry.service.js.map +1 -1
- package/dist/services/trusted-device.service.d.ts +105 -0
- package/dist/services/trusted-device.service.d.ts.map +1 -1
- package/dist/services/trusted-device.service.js +133 -4
- package/dist/services/trusted-device.service.js.map +1 -1
- package/dist/storage/account-lockout-storage.service.d.ts +35 -0
- package/dist/storage/account-lockout-storage.service.d.ts.map +1 -1
- package/dist/storage/account-lockout-storage.service.js +35 -0
- package/dist/storage/account-lockout-storage.service.js.map +1 -1
- package/dist/storage/memory-storage.adapter.d.ts +148 -0
- package/dist/storage/memory-storage.adapter.d.ts.map +1 -1
- package/dist/storage/memory-storage.adapter.js +201 -6
- package/dist/storage/memory-storage.adapter.js.map +1 -1
- package/dist/storage/rate-limit-storage.service.d.ts +3 -0
- package/dist/storage/rate-limit-storage.service.d.ts.map +1 -1
- package/dist/storage/rate-limit-storage.service.js +4 -0
- package/dist/storage/rate-limit-storage.service.js.map +1 -1
- package/dist/storage.d.ts +8 -0
- package/dist/storage.d.ts.map +1 -1
- package/dist/storage.js +8 -0
- package/dist/storage.js.map +1 -1
- package/dist/templates/html-template.engine.d.ts +110 -0
- package/dist/templates/html-template.engine.d.ts.map +1 -1
- package/dist/templates/html-template.engine.js +147 -0
- package/dist/templates/html-template.engine.js.map +1 -1
- package/dist/templates/index.d.ts +5 -0
- package/dist/templates/index.d.ts.map +1 -1
- package/dist/templates/index.js +5 -0
- package/dist/templates/index.js.map +1 -1
- package/dist/templates/sms-template.engine.d.ts +151 -0
- package/dist/templates/sms-template.engine.d.ts.map +1 -1
- package/dist/templates/sms-template.engine.js +171 -0
- package/dist/templates/sms-template.engine.js.map +1 -1
- package/dist/templates.d.ts +8 -0
- package/dist/templates.d.ts.map +1 -1
- package/dist/templates.js +8 -0
- package/dist/templates.js.map +1 -1
- package/dist/utils/common-passwords.d.ts +42 -0
- package/dist/utils/common-passwords.d.ts.map +1 -1
- package/dist/utils/common-passwords.js +88 -0
- package/dist/utils/common-passwords.js.map +1 -1
- package/dist/utils/context-storage.d.ts +129 -0
- package/dist/utils/context-storage.d.ts.map +1 -1
- package/dist/utils/context-storage.js +129 -0
- package/dist/utils/context-storage.js.map +1 -1
- package/dist/utils/cookie-names.util.d.ts +35 -0
- package/dist/utils/cookie-names.util.d.ts.map +1 -1
- package/dist/utils/cookie-names.util.js +37 -0
- package/dist/utils/cookie-names.util.js.map +1 -1
- package/dist/utils/cookies.util.d.ts +19 -0
- package/dist/utils/cookies.util.d.ts.map +1 -1
- package/dist/utils/cookies.util.js +30 -3
- package/dist/utils/cookies.util.js.map +1 -1
- package/dist/utils/index.d.ts +3 -0
- package/dist/utils/index.d.ts.map +1 -1
- package/dist/utils/index.js +4 -0
- package/dist/utils/index.js.map +1 -1
- package/dist/utils/ip-extractor.d.ts +88 -0
- package/dist/utils/ip-extractor.d.ts.map +1 -1
- package/dist/utils/ip-extractor.js +109 -16
- package/dist/utils/ip-extractor.js.map +1 -1
- package/dist/utils/nauth-logger.d.ts +70 -0
- package/dist/utils/nauth-logger.d.ts.map +1 -1
- package/dist/utils/nauth-logger.js +82 -4
- package/dist/utils/nauth-logger.js.map +1 -1
- package/dist/utils/pii-redactor.d.ts +70 -0
- package/dist/utils/pii-redactor.d.ts.map +1 -1
- package/dist/utils/pii-redactor.js +102 -0
- package/dist/utils/pii-redactor.js.map +1 -1
- package/dist/utils/setup/get-repositories.d.ts +16 -0
- package/dist/utils/setup/get-repositories.d.ts.map +1 -1
- package/dist/utils/setup/get-repositories.js +21 -0
- package/dist/utils/setup/get-repositories.js.map +1 -1
- package/dist/utils/setup/init-services.d.ts +40 -1
- package/dist/utils/setup/init-services.d.ts.map +1 -1
- package/dist/utils/setup/init-services.js +98 -0
- package/dist/utils/setup/init-services.js.map +1 -1
- package/dist/utils/setup/init-social.d.ts +27 -0
- package/dist/utils/setup/init-social.d.ts.map +1 -1
- package/dist/utils/setup/init-social.js +49 -0
- package/dist/utils/setup/init-social.js.map +1 -1
- package/dist/utils/setup/init-storage.d.ts +22 -0
- package/dist/utils/setup/init-storage.d.ts.map +1 -1
- package/dist/utils/setup/init-storage.js +36 -0
- package/dist/utils/setup/init-storage.js.map +1 -1
- package/dist/utils/setup/register-mfa.d.ts +22 -0
- package/dist/utils/setup/register-mfa.d.ts.map +1 -1
- package/dist/utils/setup/register-mfa.js +41 -0
- package/dist/utils/setup/register-mfa.js.map +1 -1
- package/dist/utils/setup/run-nauth-migrations.d.ts +7 -0
- package/dist/utils/setup/run-nauth-migrations.d.ts.map +1 -1
- package/dist/utils/setup/run-nauth-migrations.js +8 -0
- package/dist/utils/setup/run-nauth-migrations.js.map +1 -1
- package/dist/utils/token-delivery-policy.d.ts +17 -0
- package/dist/utils/token-delivery-policy.d.ts.map +1 -1
- package/dist/utils/token-delivery-policy.js +17 -0
- package/dist/utils/token-delivery-policy.js.map +1 -1
- package/dist/utils.d.ts +8 -0
- package/dist/utils.d.ts.map +1 -1
- package/dist/utils.js +8 -0
- package/dist/utils.js.map +1 -1
- package/dist/validators/template.validator.d.ts +80 -0
- package/dist/validators/template.validator.d.ts.map +1 -1
- package/dist/validators/template.validator.js +94 -0
- package/dist/validators/template.validator.js.map +1 -1
- package/package.json +7 -2
|
@@ -1,24 +1,163 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Verify Phone with Code DTO
|
|
3
|
+
*
|
|
4
|
+
* Used for phone verification with 6-digit OTP code.
|
|
5
|
+
*
|
|
6
|
+
* Security:
|
|
7
|
+
* - Phone validated against E.164 format (prevents SQL injection)
|
|
8
|
+
* - Code validated for exact 6 digits
|
|
9
|
+
* - All fields match DB constraints
|
|
10
|
+
*
|
|
11
|
+
* @example
|
|
12
|
+
* ```typescript
|
|
13
|
+
* POST /auth/verify-phone/verify
|
|
14
|
+
* {
|
|
15
|
+
* "phone": "+1234567890",
|
|
16
|
+
* "code": "123456"
|
|
17
|
+
* }
|
|
18
|
+
* ```
|
|
19
|
+
*/
|
|
1
20
|
export declare class VerifyPhoneWithCodeDTO {
|
|
21
|
+
/**
|
|
22
|
+
* User's phone number in E.164 format
|
|
23
|
+
*
|
|
24
|
+
* Validation:
|
|
25
|
+
* - Must be a string
|
|
26
|
+
* - Must match E.164 format: +[country code][number]
|
|
27
|
+
* - Max 20 characters (matches DB constraint: varchar(20))
|
|
28
|
+
*
|
|
29
|
+
* Sanitization:
|
|
30
|
+
* - Trimmed
|
|
31
|
+
* - Whitespace removed
|
|
32
|
+
*
|
|
33
|
+
* @example "+1234567890"
|
|
34
|
+
*/
|
|
2
35
|
phone: string;
|
|
36
|
+
/**
|
|
37
|
+
* 6-digit verification code
|
|
38
|
+
*
|
|
39
|
+
* Validation:
|
|
40
|
+
* - Must be a string
|
|
41
|
+
* - Exactly 6 digits (numeric only)
|
|
42
|
+
* - No letters, spaces, or special characters
|
|
43
|
+
* - Fixed length prevents timing attacks
|
|
44
|
+
*
|
|
45
|
+
* Sanitization:
|
|
46
|
+
* - Removes all whitespace (users might copy "123 456")
|
|
47
|
+
* - Ensures only numeric string
|
|
48
|
+
*
|
|
49
|
+
* @example "123456"
|
|
50
|
+
*/
|
|
3
51
|
code: string;
|
|
52
|
+
/**
|
|
53
|
+
* Challenge session ID (internal use)
|
|
54
|
+
* Optional - used internally to link verification to specific challenge session.
|
|
55
|
+
* Provides security by ensuring codes are only valid for the session they were created for.
|
|
56
|
+
*
|
|
57
|
+
* Validation:
|
|
58
|
+
* - Must be a positive integer if provided
|
|
59
|
+
* - Optional (for backward compatibility and direct verification flows)
|
|
60
|
+
*/
|
|
4
61
|
challengeSessionId?: number;
|
|
5
62
|
}
|
|
63
|
+
/**
|
|
64
|
+
* DTO for sending verification SMS
|
|
65
|
+
*
|
|
66
|
+
* Security:
|
|
67
|
+
* - User sub validated as UUID v4
|
|
68
|
+
* - Skip flag is boolean (prevents injection)
|
|
69
|
+
*/
|
|
6
70
|
export declare class SendVerificationSMSDTO {
|
|
71
|
+
/**
|
|
72
|
+
* User identifier (UUID v4)
|
|
73
|
+
*
|
|
74
|
+
* Validation:
|
|
75
|
+
* - Must be valid UUID v4 format
|
|
76
|
+
*
|
|
77
|
+
* Sanitization:
|
|
78
|
+
* - Trimmed and lowercased
|
|
79
|
+
*/
|
|
7
80
|
sub: string;
|
|
81
|
+
/**
|
|
82
|
+
* Skip the "already verified" check
|
|
83
|
+
* Used for MFA contexts where codes are needed even if phone is verified
|
|
84
|
+
*
|
|
85
|
+
* Validation:
|
|
86
|
+
* - Must be boolean
|
|
87
|
+
* - Optional (defaults to true)
|
|
88
|
+
*/
|
|
8
89
|
skipAlreadyVerifiedCheck?: boolean;
|
|
90
|
+
/**
|
|
91
|
+
* Challenge session ID to link this verification token to
|
|
92
|
+
* Optional - for linking verification tokens to specific challenge sessions.
|
|
93
|
+
* Provides security by preventing old tokens from being used with new sessions.
|
|
94
|
+
*
|
|
95
|
+
* Validation:
|
|
96
|
+
* - Must be a positive integer
|
|
97
|
+
* - Optional (for backward compatibility and non-challenge flows)
|
|
98
|
+
*/
|
|
9
99
|
challengeSessionId?: number;
|
|
10
100
|
}
|
|
101
|
+
/**
|
|
102
|
+
* Response DTO for sendVerificationSMS
|
|
103
|
+
*/
|
|
11
104
|
export declare class SendVerificationSMSResponseDTO {
|
|
105
|
+
/**
|
|
106
|
+
* Verification token ID (internal integer)
|
|
107
|
+
*/
|
|
12
108
|
tokenId: number;
|
|
13
109
|
}
|
|
110
|
+
/**
|
|
111
|
+
* Response DTO for verifyPhoneWithCode and verifyPhoneWithCodeBySub
|
|
112
|
+
*/
|
|
14
113
|
export declare class VerifyPhoneResponseDTO {
|
|
114
|
+
/**
|
|
115
|
+
* Success message
|
|
116
|
+
*/
|
|
15
117
|
message: string;
|
|
16
118
|
}
|
|
119
|
+
/**
|
|
120
|
+
* DTO for resending verification SMS
|
|
121
|
+
*
|
|
122
|
+
* Supports both sub and phone-based resend
|
|
123
|
+
*
|
|
124
|
+
* Security:
|
|
125
|
+
* - Either sub or phone must be provided (conditional validation)
|
|
126
|
+
* - Rate limiting applied in service layer
|
|
127
|
+
* - Input sanitization prevents abuse
|
|
128
|
+
*/
|
|
17
129
|
export declare class ResendVerificationSMSDTO {
|
|
130
|
+
/**
|
|
131
|
+
* User identifier (UUID v4) - optional if phone provided
|
|
132
|
+
*
|
|
133
|
+
* Validation:
|
|
134
|
+
* - Must be valid UUID v4 format if provided
|
|
135
|
+
* - Required if phone is not provided
|
|
136
|
+
*
|
|
137
|
+
* Sanitization:
|
|
138
|
+
* - Trimmed and lowercased
|
|
139
|
+
*/
|
|
18
140
|
sub?: string;
|
|
141
|
+
/**
|
|
142
|
+
* User's phone number - optional if sub provided
|
|
143
|
+
*
|
|
144
|
+
* Validation:
|
|
145
|
+
* - Must match E.164 format if provided
|
|
146
|
+
* - Max 20 characters (DB limit)
|
|
147
|
+
* - Required if sub is not provided
|
|
148
|
+
*
|
|
149
|
+
* Sanitization:
|
|
150
|
+
* - Whitespace removed
|
|
151
|
+
*/
|
|
19
152
|
phone?: string;
|
|
20
153
|
}
|
|
154
|
+
/**
|
|
155
|
+
* Response DTO for resendVerificationSMS
|
|
156
|
+
*/
|
|
21
157
|
export declare class ResendVerificationSMSResponseDTO {
|
|
158
|
+
/**
|
|
159
|
+
* Verification token ID (internal integer)
|
|
160
|
+
*/
|
|
22
161
|
tokenId: number;
|
|
23
162
|
}
|
|
24
163
|
//# sourceMappingURL=verify-phone.dto.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify-phone.dto.d.ts","sourceRoot":"","sources":["../../src/dto/verify-phone.dto.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"verify-phone.dto.d.ts","sourceRoot":"","sources":["../../src/dto/verify-phone.dto.ts"],"names":[],"mappings":"AAeA;;;;;;;;;;;;;;;;;;GAkBG;AACH,qBAAa,sBAAsB;IACjC;;;;;;;;;;;;;OAaG;IAcH,KAAK,EAAG,MAAM,CAAC;IAEf;;;;;;;;;;;;;;OAcG;IAWH,IAAI,EAAG,MAAM,CAAC;IAEd;;;;;;;;OAQG;IAIH,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED;;;;;;GAMG;AACH,qBAAa,sBAAsB;IACjC;;;;;;;;OAQG;IAQH,GAAG,EAAG,MAAM,CAAC;IAEb;;;;;;;OAOG;IAGH,wBAAwB,CAAC,EAAE,OAAO,CAAC;IAEnC;;;;;;;;OAQG;IAIH,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED;;GAEG;AACH,qBAAa,8BAA8B;IACzC;;OAEG;IACH,OAAO,EAAG,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,qBAAa,sBAAsB;IACjC;;OAEG;IACH,OAAO,EAAG,MAAM,CAAC;CAClB;AAED;;;;;;;;;GASG;AACH,qBAAa,wBAAwB;IACnC;;;;;;;;;OASG;IASH,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb;;;;;;;;;;OAUG;IAaH,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,qBAAa,gCAAgC;IAC3C;;OAEG;IACH,OAAO,EAAG,MAAM,CAAC;CAClB"}
|
|
@@ -12,9 +12,66 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
12
12
|
exports.ResendVerificationSMSResponseDTO = exports.ResendVerificationSMSDTO = exports.VerifyPhoneResponseDTO = exports.SendVerificationSMSResponseDTO = exports.SendVerificationSMSDTO = exports.VerifyPhoneWithCodeDTO = void 0;
|
|
13
13
|
const class_validator_1 = require("class-validator");
|
|
14
14
|
const class_transformer_1 = require("class-transformer");
|
|
15
|
+
/**
|
|
16
|
+
* Verify Phone with Code DTO
|
|
17
|
+
*
|
|
18
|
+
* Used for phone verification with 6-digit OTP code.
|
|
19
|
+
*
|
|
20
|
+
* Security:
|
|
21
|
+
* - Phone validated against E.164 format (prevents SQL injection)
|
|
22
|
+
* - Code validated for exact 6 digits
|
|
23
|
+
* - All fields match DB constraints
|
|
24
|
+
*
|
|
25
|
+
* @example
|
|
26
|
+
* ```typescript
|
|
27
|
+
* POST /auth/verify-phone/verify
|
|
28
|
+
* {
|
|
29
|
+
* "phone": "+1234567890",
|
|
30
|
+
* "code": "123456"
|
|
31
|
+
* }
|
|
32
|
+
* ```
|
|
33
|
+
*/
|
|
15
34
|
class VerifyPhoneWithCodeDTO {
|
|
35
|
+
/**
|
|
36
|
+
* User's phone number in E.164 format
|
|
37
|
+
*
|
|
38
|
+
* Validation:
|
|
39
|
+
* - Must be a string
|
|
40
|
+
* - Must match E.164 format: +[country code][number]
|
|
41
|
+
* - Max 20 characters (matches DB constraint: varchar(20))
|
|
42
|
+
*
|
|
43
|
+
* Sanitization:
|
|
44
|
+
* - Trimmed
|
|
45
|
+
* - Whitespace removed
|
|
46
|
+
*
|
|
47
|
+
* @example "+1234567890"
|
|
48
|
+
*/
|
|
16
49
|
phone;
|
|
50
|
+
/**
|
|
51
|
+
* 6-digit verification code
|
|
52
|
+
*
|
|
53
|
+
* Validation:
|
|
54
|
+
* - Must be a string
|
|
55
|
+
* - Exactly 6 digits (numeric only)
|
|
56
|
+
* - No letters, spaces, or special characters
|
|
57
|
+
* - Fixed length prevents timing attacks
|
|
58
|
+
*
|
|
59
|
+
* Sanitization:
|
|
60
|
+
* - Removes all whitespace (users might copy "123 456")
|
|
61
|
+
* - Ensures only numeric string
|
|
62
|
+
*
|
|
63
|
+
* @example "123456"
|
|
64
|
+
*/
|
|
17
65
|
code;
|
|
66
|
+
/**
|
|
67
|
+
* Challenge session ID (internal use)
|
|
68
|
+
* Optional - used internally to link verification to specific challenge session.
|
|
69
|
+
* Provides security by ensuring codes are only valid for the session they were created for.
|
|
70
|
+
*
|
|
71
|
+
* Validation:
|
|
72
|
+
* - Must be a positive integer if provided
|
|
73
|
+
* - Optional (for backward compatibility and direct verification flows)
|
|
74
|
+
*/
|
|
18
75
|
challengeSessionId;
|
|
19
76
|
}
|
|
20
77
|
exports.VerifyPhoneWithCodeDTO = VerifyPhoneWithCodeDTO;
|
|
@@ -27,6 +84,7 @@ __decorate([
|
|
|
27
84
|
}),
|
|
28
85
|
(0, class_transformer_1.Transform)(({ value }) => {
|
|
29
86
|
if (typeof value === 'string') {
|
|
87
|
+
// Remove all whitespace and keep only digits and +
|
|
30
88
|
return value.replace(/\s/g, '');
|
|
31
89
|
}
|
|
32
90
|
return value;
|
|
@@ -38,8 +96,9 @@ __decorate([
|
|
|
38
96
|
(0, class_validator_1.Length)(6, 6, { message: 'Verification code must be exactly 6 digits' }),
|
|
39
97
|
(0, class_transformer_1.Transform)(({ value }) => {
|
|
40
98
|
if (typeof value === 'string') {
|
|
99
|
+
// Remove all whitespace and non-digit characters
|
|
41
100
|
const cleaned = value.replace(/\D/g, '');
|
|
42
|
-
return cleaned.length === 6 ? cleaned : value;
|
|
101
|
+
return cleaned.length === 6 ? cleaned : value; // Return original if not 6 digits (let validator catch it)
|
|
43
102
|
}
|
|
44
103
|
return value;
|
|
45
104
|
}),
|
|
@@ -51,9 +110,42 @@ __decorate([
|
|
|
51
110
|
(0, class_validator_1.Min)(1, { message: 'challengeSessionId must be a positive integer' }),
|
|
52
111
|
__metadata("design:type", Number)
|
|
53
112
|
], VerifyPhoneWithCodeDTO.prototype, "challengeSessionId", void 0);
|
|
113
|
+
/**
|
|
114
|
+
* DTO for sending verification SMS
|
|
115
|
+
*
|
|
116
|
+
* Security:
|
|
117
|
+
* - User sub validated as UUID v4
|
|
118
|
+
* - Skip flag is boolean (prevents injection)
|
|
119
|
+
*/
|
|
54
120
|
class SendVerificationSMSDTO {
|
|
121
|
+
/**
|
|
122
|
+
* User identifier (UUID v4)
|
|
123
|
+
*
|
|
124
|
+
* Validation:
|
|
125
|
+
* - Must be valid UUID v4 format
|
|
126
|
+
*
|
|
127
|
+
* Sanitization:
|
|
128
|
+
* - Trimmed and lowercased
|
|
129
|
+
*/
|
|
55
130
|
sub;
|
|
131
|
+
/**
|
|
132
|
+
* Skip the "already verified" check
|
|
133
|
+
* Used for MFA contexts where codes are needed even if phone is verified
|
|
134
|
+
*
|
|
135
|
+
* Validation:
|
|
136
|
+
* - Must be boolean
|
|
137
|
+
* - Optional (defaults to true)
|
|
138
|
+
*/
|
|
56
139
|
skipAlreadyVerifiedCheck;
|
|
140
|
+
/**
|
|
141
|
+
* Challenge session ID to link this verification token to
|
|
142
|
+
* Optional - for linking verification tokens to specific challenge sessions.
|
|
143
|
+
* Provides security by preventing old tokens from being used with new sessions.
|
|
144
|
+
*
|
|
145
|
+
* Validation:
|
|
146
|
+
* - Must be a positive integer
|
|
147
|
+
* - Optional (for backward compatibility and non-challenge flows)
|
|
148
|
+
*/
|
|
57
149
|
challengeSessionId;
|
|
58
150
|
}
|
|
59
151
|
exports.SendVerificationSMSDTO = SendVerificationSMSDTO;
|
|
@@ -78,16 +170,59 @@ __decorate([
|
|
|
78
170
|
(0, class_validator_1.Min)(1, { message: 'challengeSessionId must be a positive integer' }),
|
|
79
171
|
__metadata("design:type", Number)
|
|
80
172
|
], SendVerificationSMSDTO.prototype, "challengeSessionId", void 0);
|
|
173
|
+
/**
|
|
174
|
+
* Response DTO for sendVerificationSMS
|
|
175
|
+
*/
|
|
81
176
|
class SendVerificationSMSResponseDTO {
|
|
177
|
+
/**
|
|
178
|
+
* Verification token ID (internal integer)
|
|
179
|
+
*/
|
|
82
180
|
tokenId;
|
|
83
181
|
}
|
|
84
182
|
exports.SendVerificationSMSResponseDTO = SendVerificationSMSResponseDTO;
|
|
183
|
+
/**
|
|
184
|
+
* Response DTO for verifyPhoneWithCode and verifyPhoneWithCodeBySub
|
|
185
|
+
*/
|
|
85
186
|
class VerifyPhoneResponseDTO {
|
|
187
|
+
/**
|
|
188
|
+
* Success message
|
|
189
|
+
*/
|
|
86
190
|
message;
|
|
87
191
|
}
|
|
88
192
|
exports.VerifyPhoneResponseDTO = VerifyPhoneResponseDTO;
|
|
193
|
+
/**
|
|
194
|
+
* DTO for resending verification SMS
|
|
195
|
+
*
|
|
196
|
+
* Supports both sub and phone-based resend
|
|
197
|
+
*
|
|
198
|
+
* Security:
|
|
199
|
+
* - Either sub or phone must be provided (conditional validation)
|
|
200
|
+
* - Rate limiting applied in service layer
|
|
201
|
+
* - Input sanitization prevents abuse
|
|
202
|
+
*/
|
|
89
203
|
class ResendVerificationSMSDTO {
|
|
204
|
+
/**
|
|
205
|
+
* User identifier (UUID v4) - optional if phone provided
|
|
206
|
+
*
|
|
207
|
+
* Validation:
|
|
208
|
+
* - Must be valid UUID v4 format if provided
|
|
209
|
+
* - Required if phone is not provided
|
|
210
|
+
*
|
|
211
|
+
* Sanitization:
|
|
212
|
+
* - Trimmed and lowercased
|
|
213
|
+
*/
|
|
90
214
|
sub;
|
|
215
|
+
/**
|
|
216
|
+
* User's phone number - optional if sub provided
|
|
217
|
+
*
|
|
218
|
+
* Validation:
|
|
219
|
+
* - Must match E.164 format if provided
|
|
220
|
+
* - Max 20 characters (DB limit)
|
|
221
|
+
* - Required if sub is not provided
|
|
222
|
+
*
|
|
223
|
+
* Sanitization:
|
|
224
|
+
* - Whitespace removed
|
|
225
|
+
*/
|
|
91
226
|
phone;
|
|
92
227
|
}
|
|
93
228
|
exports.ResendVerificationSMSDTO = ResendVerificationSMSDTO;
|
|
@@ -117,7 +252,13 @@ __decorate([
|
|
|
117
252
|
}),
|
|
118
253
|
__metadata("design:type", String)
|
|
119
254
|
], ResendVerificationSMSDTO.prototype, "phone", void 0);
|
|
255
|
+
/**
|
|
256
|
+
* Response DTO for resendVerificationSMS
|
|
257
|
+
*/
|
|
120
258
|
class ResendVerificationSMSResponseDTO {
|
|
259
|
+
/**
|
|
260
|
+
* Verification token ID (internal integer)
|
|
261
|
+
*/
|
|
121
262
|
tokenId;
|
|
122
263
|
}
|
|
123
264
|
exports.ResendVerificationSMSResponseDTO = ResendVerificationSMSResponseDTO;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify-phone.dto.js","sourceRoot":"","sources":["../../src/dto/verify-phone.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,qDAYyB;AACzB,yDAA8C;
|
|
1
|
+
{"version":3,"file":"verify-phone.dto.js","sourceRoot":"","sources":["../../src/dto/verify-phone.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,qDAYyB;AACzB,yDAA8C;AAE9C;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAa,sBAAsB;IACjC;;;;;;;;;;;;;OAaG;IAcH,KAAK,CAAU;IAEf;;;;;;;;;;;;;;OAcG;IAWH,IAAI,CAAU;IAEd;;;;;;;;OAQG;IAIH,kBAAkB,CAAU;CAC7B;AAtED,wDAsEC;AA1CC;IAbC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC;IAC/C,IAAA,4BAAU,EAAC,EAAE,OAAO,EAAE,mBAAmB,EAAE,CAAC;IAC5C,IAAA,2BAAS,EAAC,EAAE,EAAE,EAAE,OAAO,EAAE,4CAA4C,EAAE,CAAC;IACxE,IAAA,yBAAO,EAAC,mBAAmB,EAAE;QAC5B,OAAO,EAAE,mDAAmD;KAC7D,CAAC;IACD,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,mDAAmD;YACnD,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAClC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;qDACa;AA2Bf;IAVC,IAAA,gCAAc,EAAC,EAAE,EAAE,EAAE,OAAO,EAAE,+BAA+B,EAAE,CAAC;IAChE,IAAA,wBAAM,EAAC,CAAC,EAAE,CAAC,EAAE,EAAE,OAAO,EAAE,4CAA4C,EAAE,CAAC;IACvE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,iDAAiD;YACjD,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YACzC,OAAO,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,2DAA2D;QAC5G,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;oDACY;AAcd;IAHC,IAAA,4BAAU,GAAE;IACZ,IAAA,uBAAK,EAAC,EAAE,OAAO,EAAE,uCAAuC,EAAE,CAAC;IAC3D,IAAA,qBAAG,EAAC,CAAC,EAAE,EAAE,OAAO,EAAE,+CAA+C,EAAE,CAAC;;kEACzC;AAG9B;;;;;;GAMG;AACH,MAAa,sBAAsB;IACjC;;;;;;;;OAQG;IAQH,GAAG,CAAU;IAEb;;;;;;;OAOG;IAGH,wBAAwB,CAAW;IAEnC;;;;;;;;OAQG;IAIH,kBAAkB,CAAU;CAC7B;AA5CD,wDA4CC;AA3BC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,wCAAwC,EAAE,CAAC;IAClE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;mDACW;AAYb;IAFC,IAAA,4BAAU,GAAE;IACZ,IAAA,2BAAS,EAAC,EAAE,OAAO,EAAE,4CAA4C,EAAE,CAAC;;wEAClC;AAcnC;IAHC,IAAA,4BAAU,GAAE;IACZ,IAAA,uBAAK,EAAC,EAAE,OAAO,EAAE,uCAAuC,EAAE,CAAC;IAC3D,IAAA,qBAAG,EAAC,CAAC,EAAE,EAAE,OAAO,EAAE,+CAA+C,EAAE,CAAC;;kEACzC;AAG9B;;GAEG;AACH,MAAa,8BAA8B;IACzC;;OAEG;IACH,OAAO,CAAU;CAClB;AALD,wEAKC;AAED;;GAEG;AACH,MAAa,sBAAsB;IACjC;;OAEG;IACH,OAAO,CAAU;CAClB;AALD,wDAKC;AAED;;;;;;;;;GASG;AACH,MAAa,wBAAwB;IACnC;;;;;;;;;OASG;IASH,GAAG,CAAU;IAEb;;;;;;;;;;OAUG;IAaH,KAAK,CAAU;CAChB;AA7CD,4DA6CC;AA1BC;IARC,IAAA,4BAAU,GAAE;IACZ,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,wCAAwC,EAAE,CAAC;IAClE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;qDACW;AAyBb;IAZC,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC;IAC/C,IAAA,2BAAS,EAAC,EAAE,EAAE,EAAE,OAAO,EAAE,4CAA4C,EAAE,CAAC;IACxE,IAAA,yBAAO,EAAC,mBAAmB,EAAE;QAC5B,OAAO,EAAE,mDAAmD;KAC7D,CAAC;IACD,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAClC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;uDACa;AAGjB;;GAEG;AACH,MAAa,gCAAgC;IAC3C;;OAEG;IACH,OAAO,CAAU;CAClB;AALD,4EAKC"}
|
package/dist/dto.d.ts
CHANGED
|
@@ -1,2 +1,12 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* DTO barrel export (shim)
|
|
3
|
+
*
|
|
4
|
+
* This file exists to ensure TypeScript's emitted declaration paths (e.g. `./dto.js`)
|
|
5
|
+
* resolve correctly for consumers using Node's `exports`/ESM-style resolution.
|
|
6
|
+
*
|
|
7
|
+
* Without a top-level `dto.ts` file, `export * from './dto'` may emit `./dto.js` in
|
|
8
|
+
* `dist/index.d.ts` while the build output only contains `dist/dto/index.js`, causing
|
|
9
|
+
* missing exports in downstream packages.
|
|
10
|
+
*/
|
|
1
11
|
export * from './dto/index';
|
|
2
12
|
//# sourceMappingURL=dto.d.ts.map
|
package/dist/dto.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dto.d.ts","sourceRoot":"","sources":["../src/dto.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"dto.d.ts","sourceRoot":"","sources":["../src/dto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,cAAc,aAAa,CAAC"}
|
package/dist/dto.js
CHANGED
|
@@ -14,5 +14,15 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
14
14
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
15
|
};
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
/**
|
|
18
|
+
* DTO barrel export (shim)
|
|
19
|
+
*
|
|
20
|
+
* This file exists to ensure TypeScript's emitted declaration paths (e.g. `./dto.js`)
|
|
21
|
+
* resolve correctly for consumers using Node's `exports`/ESM-style resolution.
|
|
22
|
+
*
|
|
23
|
+
* Without a top-level `dto.ts` file, `export * from './dto'` may emit `./dto.js` in
|
|
24
|
+
* `dist/index.d.ts` while the build output only contains `dist/dto/index.js`, causing
|
|
25
|
+
* missing exports in downstream packages.
|
|
26
|
+
*/
|
|
17
27
|
__exportStar(require("./dto/index"), exports);
|
|
18
28
|
//# sourceMappingURL=dto.js.map
|
package/dist/dto.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dto.js","sourceRoot":"","sources":["../src/dto.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"dto.js","sourceRoot":"","sources":["../src/dto.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,8CAA4B"}
|
|
@@ -1,31 +1,190 @@
|
|
|
1
1
|
import { AuthAuditEventType } from '../enums/auth-audit-event-type.enum';
|
|
2
|
+
/**
|
|
3
|
+
* Authentication Audit Event Status
|
|
4
|
+
*
|
|
5
|
+
* Classification of event outcomes for filtering and analysis.
|
|
6
|
+
*/
|
|
2
7
|
export type AuthAuditEventStatus = 'SUCCESS' | 'FAILURE' | 'INFO' | 'SUSPICIOUS';
|
|
8
|
+
/**
|
|
9
|
+
* Base Authentication Audit Entity
|
|
10
|
+
*
|
|
11
|
+
* Core audit record with all fields and business logic.
|
|
12
|
+
* Database adapters extend this class and add ORM-specific decorators.
|
|
13
|
+
*
|
|
14
|
+
* @remarks
|
|
15
|
+
* This class is database-agnostic. TypeORM, Prisma, or other ORMs
|
|
16
|
+
* extend this class in their respective packages.
|
|
17
|
+
*
|
|
18
|
+
* **Design Notes:**
|
|
19
|
+
* - Only stores `userId` (integer internal ID) - no `userSub` duplication
|
|
20
|
+
* - Risk tracking fields are infrastructure for future adaptive MFA (no business logic)
|
|
21
|
+
* - All audit integrations are non-blocking (errors logged, don't throw)
|
|
22
|
+
*/
|
|
3
23
|
export declare class BaseAuthAudit {
|
|
24
|
+
/**
|
|
25
|
+
* Internal audit record ID (auto-increment integer)
|
|
26
|
+
*/
|
|
4
27
|
id: number;
|
|
28
|
+
/**
|
|
29
|
+
* Internal user ID (foreign key to users table)
|
|
30
|
+
* Uses integer for optimal performance in joins and lookups.
|
|
31
|
+
* API methods accepting userSub will resolve to userId before querying.
|
|
32
|
+
*
|
|
33
|
+
* @remarks
|
|
34
|
+
* No userSub field to avoid duplication. All queries use userId
|
|
35
|
+
* for efficient database operations.
|
|
36
|
+
*/
|
|
5
37
|
userId: number;
|
|
38
|
+
/**
|
|
39
|
+
* Type of authentication/security event
|
|
40
|
+
*/
|
|
6
41
|
eventType: AuthAuditEventType;
|
|
42
|
+
/**
|
|
43
|
+
* Event classification status
|
|
44
|
+
* - SUCCESS: Operation completed successfully
|
|
45
|
+
* - FAILURE: Operation failed (login failed, verification failed, etc.)
|
|
46
|
+
* - INFO: Informational event (profile update, device added, etc.)
|
|
47
|
+
* - SUSPICIOUS: Security violation or suspicious activity detected
|
|
48
|
+
*/
|
|
7
49
|
eventStatus: AuthAuditEventStatus;
|
|
50
|
+
/**
|
|
51
|
+
* Risk factor score (0-100)
|
|
52
|
+
* Calculated during adaptive MFA evaluation (future implementation).
|
|
53
|
+
* null if not applicable (non-adaptive flows).
|
|
54
|
+
*
|
|
55
|
+
* @remarks
|
|
56
|
+
* This is infrastructure for future adaptive MFA. The audit service
|
|
57
|
+
* records risk data but does NOT calculate risk scores. Risk calculation
|
|
58
|
+
* and adaptive MFA business logic will be implemented in future phases.
|
|
59
|
+
*/
|
|
8
60
|
riskFactor?: number | null;
|
|
61
|
+
/**
|
|
62
|
+
* Risk factors that contributed to the risk score
|
|
63
|
+
* Examples: ['new_device', 'new_ip', 'new_country', 'impossible_travel']
|
|
64
|
+
*
|
|
65
|
+
* @remarks
|
|
66
|
+
* Infrastructure field for future adaptive MFA implementation.
|
|
67
|
+
*/
|
|
9
68
|
riskFactors?: string[] | null;
|
|
69
|
+
/**
|
|
70
|
+
* Whether adaptive MFA was triggered for this event
|
|
71
|
+
* true if MFA was conditionally required based on risk (future implementation).
|
|
72
|
+
* null if not applicable.
|
|
73
|
+
*
|
|
74
|
+
* @remarks
|
|
75
|
+
* Infrastructure field for future adaptive MFA implementation.
|
|
76
|
+
*/
|
|
10
77
|
adaptiveMfaTriggered?: boolean | null;
|
|
78
|
+
/**
|
|
79
|
+
* IP address where event occurred
|
|
80
|
+
*/
|
|
11
81
|
ipAddress?: string | null;
|
|
82
|
+
/**
|
|
83
|
+
* Country from IP geolocation (optional, for geographic risk assessment)
|
|
84
|
+
*/
|
|
12
85
|
ipCountry?: string | null;
|
|
86
|
+
/**
|
|
87
|
+
* City from IP geolocation (optional, for geographic risk assessment)
|
|
88
|
+
*/
|
|
13
89
|
ipCity?: string | null;
|
|
90
|
+
/**
|
|
91
|
+
* Latitude from IP geolocation (optional, for impossible travel detection)
|
|
92
|
+
*/
|
|
14
93
|
ipLatitude?: number | null;
|
|
94
|
+
/**
|
|
95
|
+
* Longitude from IP geolocation (optional, for impossible travel detection)
|
|
96
|
+
*/
|
|
15
97
|
ipLongitude?: number | null;
|
|
98
|
+
/**
|
|
99
|
+
* User agent string
|
|
100
|
+
*/
|
|
16
101
|
userAgent?: string | null;
|
|
102
|
+
/**
|
|
103
|
+
* Platform extracted from user agent
|
|
104
|
+
* Examples: "iOS", "Android", "Windows", "macOS"
|
|
105
|
+
*/
|
|
17
106
|
platform?: string | null;
|
|
107
|
+
/**
|
|
108
|
+
* Browser extracted from user agent
|
|
109
|
+
* Examples: "Chrome", "Safari", "Firefox"
|
|
110
|
+
*/
|
|
18
111
|
browser?: string | null;
|
|
112
|
+
/**
|
|
113
|
+
* Device identifier (UUID)
|
|
114
|
+
* Unique identifier for the device/browser
|
|
115
|
+
*/
|
|
19
116
|
deviceId?: string | null;
|
|
117
|
+
/**
|
|
118
|
+
* User-friendly device name
|
|
119
|
+
* Examples: "iPhone 15 Pro", "Chrome on MacBook"
|
|
120
|
+
*/
|
|
20
121
|
deviceName?: string | null;
|
|
122
|
+
/**
|
|
123
|
+
* Device type
|
|
124
|
+
* Examples: "mobile", "desktop", "tablet"
|
|
125
|
+
*/
|
|
21
126
|
deviceType?: string | null;
|
|
127
|
+
/**
|
|
128
|
+
* Session ID (if event is related to a session)
|
|
129
|
+
* Foreign key to sessions table
|
|
130
|
+
*/
|
|
22
131
|
sessionId?: number | null;
|
|
132
|
+
/**
|
|
133
|
+
* Challenge session ID (if event is related to a challenge)
|
|
134
|
+
* Foreign key to challenge_sessions table
|
|
135
|
+
*/
|
|
23
136
|
challengeSessionId?: number | null;
|
|
137
|
+
/**
|
|
138
|
+
* Authentication method used
|
|
139
|
+
* Examples: "password", "google", "apple", "facebook"
|
|
140
|
+
* Used for social login provider tracking
|
|
141
|
+
*/
|
|
24
142
|
authMethod?: string | null;
|
|
143
|
+
/**
|
|
144
|
+
* Who performed this action (for admin/CLI/automated operations)
|
|
145
|
+
* - Admin user ID or email for manual admin actions
|
|
146
|
+
* - CLI identifier for command-line operations
|
|
147
|
+
* - 'system' for automated actions
|
|
148
|
+
* - null for user-initiated actions
|
|
149
|
+
*
|
|
150
|
+
* @example
|
|
151
|
+
* performedBy: 'admin@example.com'
|
|
152
|
+
* performedBy: 'cli-migration-2025'
|
|
153
|
+
* performedBy: 'system'
|
|
154
|
+
*/
|
|
25
155
|
performedBy?: string | null;
|
|
156
|
+
/**
|
|
157
|
+
* Reason for the event (optional)
|
|
158
|
+
* Used for security events, account locks, etc.
|
|
159
|
+
*/
|
|
26
160
|
reason?: string | null;
|
|
161
|
+
/**
|
|
162
|
+
* Detailed description of the event
|
|
163
|
+
*/
|
|
27
164
|
description?: string | null;
|
|
165
|
+
/**
|
|
166
|
+
* Rich metadata (JSON)
|
|
167
|
+
* Event-specific data stored without requiring schema changes.
|
|
168
|
+
*
|
|
169
|
+
* @example
|
|
170
|
+
* ```typescript
|
|
171
|
+
* // Social login
|
|
172
|
+
* metadata: { provider: 'google', isNewUser: true }
|
|
173
|
+
*
|
|
174
|
+
* // Challenge event
|
|
175
|
+
* metadata: { challengeName: 'VERIFY_EMAIL', challengeSessionId: 123 }
|
|
176
|
+
*
|
|
177
|
+
* // MFA device
|
|
178
|
+
* metadata: { deviceType: 'totp', deviceName: 'iPhone Authenticator' }
|
|
179
|
+
*
|
|
180
|
+
* // Token reuse
|
|
181
|
+
* metadata: { tokenFamily: 'abc123', action: 'token_family_revoked' }
|
|
182
|
+
* ```
|
|
183
|
+
*/
|
|
28
184
|
metadata?: Record<string, unknown> | null;
|
|
185
|
+
/**
|
|
186
|
+
* Timestamp when event occurred
|
|
187
|
+
*/
|
|
29
188
|
createdAt: Date;
|
|
30
189
|
}
|
|
31
190
|
//# sourceMappingURL=auth-audit.entity.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-audit.entity.d.ts","sourceRoot":"","sources":["../../src/entities/auth-audit.entity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,qCAAqC,CAAC;
|
|
1
|
+
{"version":3,"file":"auth-audit.entity.d.ts","sourceRoot":"","sources":["../../src/entities/auth-audit.entity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,qCAAqC,CAAC;AAEzE;;;;GAIG;AACH,MAAM,MAAM,oBAAoB,GAAG,SAAS,GAAG,SAAS,GAAG,MAAM,GAAG,YAAY,CAAC;AAEjF;;;;;;;;;;;;;;GAcG;AACH,qBAAa,aAAa;IACxB;;OAEG;IACH,EAAE,EAAG,MAAM,CAAC;IAEZ;;;;;;;;OAQG;IACH,MAAM,EAAG,MAAM,CAAC;IAEhB;;OAEG;IACH,SAAS,EAAG,kBAAkB,CAAC;IAE/B;;;;;;OAMG;IACH,WAAW,EAAG,oBAAoB,CAAC;IAMnC;;;;;;;;;OASG;IACH,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE3B;;;;;;OAMG;IACH,WAAW,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IAE9B;;;;;;;OAOG;IACH,oBAAoB,CAAC,EAAE,OAAO,GAAG,IAAI,CAAC;IAMtC;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE1B;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE1B;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAEvB;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE3B;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE5B;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE1B;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAEzB;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAExB;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAEzB;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE3B;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAM3B;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE1B;;;OAGG;IACH,kBAAkB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAEnC;;;;OAIG;IACH,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE3B;;;;;;;;;;;OAWG;IACH,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAM5B;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAEvB;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE5B;;;;;;;;;;;;;;;;;;OAkBG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAE1C;;OAEG;IACH,SAAS,EAAG,IAAI,CAAC;CAClB"}
|