@nauth-toolkit/core 0.1.87 → 0.1.89
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/dto/admin-get-mfa-status.dto.d.ts +20 -0
- package/dist/dto/admin-get-mfa-status.dto.d.ts.map +1 -0
- package/dist/dto/{change-password-request.dto.js → admin-get-mfa-status.dto.js} +22 -32
- package/dist/dto/admin-get-mfa-status.dto.js.map +1 -0
- package/dist/dto/admin-get-user-auth-history.dto.d.ts +62 -0
- package/dist/dto/admin-get-user-auth-history.dto.d.ts.map +1 -0
- package/dist/dto/admin-get-user-auth-history.dto.js +87 -0
- package/dist/dto/admin-get-user-auth-history.dto.js.map +1 -0
- package/dist/dto/admin-logout-all.dto.d.ts +48 -0
- package/dist/dto/admin-logout-all.dto.d.ts.map +1 -0
- package/dist/dto/admin-logout-all.dto.js +85 -0
- package/dist/dto/admin-logout-all.dto.js.map +1 -0
- package/dist/dto/admin-remove-devices.dto.d.ts +25 -0
- package/dist/dto/admin-remove-devices.dto.d.ts.map +1 -0
- package/dist/dto/admin-remove-devices.dto.js +50 -0
- package/dist/dto/admin-remove-devices.dto.js.map +1 -0
- package/dist/dto/admin-reset-password.dto.d.ts +15 -19
- package/dist/dto/admin-reset-password.dto.d.ts.map +1 -1
- package/dist/dto/admin-reset-password.dto.js +21 -41
- package/dist/dto/admin-reset-password.dto.js.map +1 -1
- package/dist/dto/admin-revoke-session.dto.d.ts +22 -0
- package/dist/dto/admin-revoke-session.dto.d.ts.map +1 -0
- package/dist/dto/admin-revoke-session.dto.js +48 -0
- package/dist/dto/admin-revoke-session.dto.js.map +1 -0
- package/dist/dto/admin-set-password.dto.d.ts +8 -10
- package/dist/dto/admin-set-password.dto.d.ts.map +1 -1
- package/dist/dto/admin-set-password.dto.js +11 -21
- package/dist/dto/admin-set-password.dto.js.map +1 -1
- package/dist/dto/admin-set-preferred-method.dto.d.ts +25 -0
- package/dist/dto/admin-set-preferred-method.dto.d.ts.map +1 -0
- package/dist/dto/admin-set-preferred-method.dto.js +50 -0
- package/dist/dto/admin-set-preferred-method.dto.js.map +1 -0
- package/dist/dto/admin-update-user-attributes.dto.d.ts +41 -0
- package/dist/dto/admin-update-user-attributes.dto.d.ts.map +1 -0
- package/dist/dto/{update-user-attributes-request.dto.js → admin-update-user-attributes.dto.js} +12 -17
- package/dist/dto/admin-update-user-attributes.dto.js.map +1 -0
- package/dist/dto/auth-challenge.dto.d.ts +2 -2
- package/dist/dto/auth-challenge.dto.d.ts.map +1 -1
- package/dist/dto/auth-challenge.dto.js +3 -3
- package/dist/dto/auth-challenge.dto.js.map +1 -1
- package/dist/dto/auth-response.dto.d.ts +1 -1
- package/dist/dto/auth-response.dto.d.ts.map +1 -1
- package/dist/dto/auth-response.dto.js +1 -1
- package/dist/dto/auth-response.dto.js.map +1 -1
- package/dist/dto/get-mfa-status.dto.d.ts +3 -32
- package/dist/dto/get-mfa-status.dto.d.ts.map +1 -1
- package/dist/dto/get-mfa-status.dto.js +4 -55
- package/dist/dto/get-mfa-status.dto.js.map +1 -1
- package/dist/dto/get-risk-assessment-history.dto.d.ts +3 -3
- package/dist/dto/get-risk-assessment-history.dto.d.ts.map +1 -1
- package/dist/dto/get-risk-assessment-history.dto.js +5 -5
- package/dist/dto/get-risk-assessment-history.dto.js.map +1 -1
- package/dist/dto/get-suspicious-activity.dto.d.ts +3 -3
- package/dist/dto/get-suspicious-activity.dto.d.ts.map +1 -1
- package/dist/dto/get-suspicious-activity.dto.js +5 -5
- package/dist/dto/get-suspicious-activity.dto.js.map +1 -1
- package/dist/dto/get-user-auth-history.dto.d.ts +4 -39
- package/dist/dto/get-user-auth-history.dto.d.ts.map +1 -1
- package/dist/dto/get-user-auth-history.dto.js +53 -51
- package/dist/dto/get-user-auth-history.dto.js.map +1 -1
- package/dist/dto/get-user-devices.dto.d.ts +5 -18
- package/dist/dto/get-user-devices.dto.d.ts.map +1 -1
- package/dist/dto/get-user-devices.dto.js +5 -39
- package/dist/dto/get-user-devices.dto.js.map +1 -1
- package/dist/dto/get-user-sessions-response.dto.d.ts +1 -1
- package/dist/dto/get-user-sessions-response.dto.js +1 -1
- package/dist/dto/get-user-sessions.dto.d.ts +1 -1
- package/dist/dto/get-user-sessions.dto.js +1 -1
- package/dist/dto/index.d.ts +9 -2
- package/dist/dto/index.d.ts.map +1 -1
- package/dist/dto/index.js +9 -2
- package/dist/dto/index.js.map +1 -1
- package/dist/dto/logout-all-response.dto.d.ts +1 -1
- package/dist/dto/logout-all-response.dto.js +1 -1
- package/dist/dto/logout-all.dto.d.ts +1 -18
- package/dist/dto/logout-all.dto.d.ts.map +1 -1
- package/dist/dto/logout-all.dto.js +1 -30
- package/dist/dto/logout-all.dto.js.map +1 -1
- package/dist/dto/logout-session.dto.d.ts +0 -5
- package/dist/dto/logout-session.dto.d.ts.map +1 -1
- package/dist/dto/logout-session.dto.js +0 -12
- package/dist/dto/logout-session.dto.js.map +1 -1
- package/dist/dto/logout.dto.d.ts +1 -18
- package/dist/dto/logout.dto.d.ts.map +1 -1
- package/dist/dto/logout.dto.js +1 -30
- package/dist/dto/logout.dto.js.map +1 -1
- package/dist/dto/remove-devices.dto.d.ts +4 -16
- package/dist/dto/remove-devices.dto.d.ts.map +1 -1
- package/dist/dto/remove-devices.dto.js +4 -26
- package/dist/dto/remove-devices.dto.js.map +1 -1
- package/dist/dto/set-mfa-exemption.dto.d.ts +8 -9
- package/dist/dto/set-mfa-exemption.dto.d.ts.map +1 -1
- package/dist/dto/set-mfa-exemption.dto.js +11 -13
- package/dist/dto/set-mfa-exemption.dto.js.map +1 -1
- package/dist/dto/set-must-change-password.dto.d.ts +3 -3
- package/dist/dto/set-must-change-password.dto.d.ts.map +1 -1
- package/dist/dto/set-must-change-password.dto.js +5 -5
- package/dist/dto/set-must-change-password.dto.js.map +1 -1
- package/dist/dto/set-preferred-method.dto.d.ts +4 -16
- package/dist/dto/set-preferred-method.dto.d.ts.map +1 -1
- package/dist/dto/set-preferred-method.dto.js +4 -26
- package/dist/dto/set-preferred-method.dto.js.map +1 -1
- package/dist/dto/setup-mfa.dto.d.ts +3 -18
- package/dist/dto/setup-mfa.dto.d.ts.map +1 -1
- package/dist/dto/setup-mfa.dto.js +3 -30
- package/dist/dto/setup-mfa.dto.js.map +1 -1
- package/dist/dto/social-auth.dto.d.ts +4 -34
- package/dist/dto/social-auth.dto.d.ts.map +1 -1
- package/dist/dto/social-auth.dto.js +10 -68
- package/dist/dto/social-auth.dto.js.map +1 -1
- package/dist/dto/update-user-attributes.dto.d.ts +26 -0
- package/dist/dto/update-user-attributes.dto.d.ts.map +1 -0
- package/dist/dto/update-user-attributes.dto.js +30 -0
- package/dist/dto/update-user-attributes.dto.js.map +1 -0
- package/dist/index.d.ts +5 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +5 -0
- package/dist/index.js.map +1 -1
- package/dist/interfaces/hooks.interface.d.ts +2 -1
- package/dist/interfaces/hooks.interface.d.ts.map +1 -1
- package/dist/interfaces/mfa-provider.interface.d.ts +7 -8
- package/dist/interfaces/mfa-provider.interface.d.ts.map +1 -1
- package/dist/interfaces/provider.interface.d.ts +1 -1
- package/dist/interfaces/provider.interface.d.ts.map +1 -1
- package/dist/services/adaptive-mfa-decision.service.js +2 -2
- package/dist/services/adaptive-mfa-decision.service.js.map +1 -1
- package/dist/services/admin-auth.service.d.ts +307 -0
- package/dist/services/admin-auth.service.d.ts.map +1 -0
- package/dist/services/admin-auth.service.js +885 -0
- package/dist/services/admin-auth.service.js.map +1 -0
- package/dist/services/auth-audit.service.d.ts +16 -16
- package/dist/services/auth-audit.service.d.ts.map +1 -1
- package/dist/services/auth-audit.service.js +33 -33
- package/dist/services/auth-audit.service.js.map +1 -1
- package/dist/services/auth-challenge-helper.service.js +3 -3
- package/dist/services/auth-challenge-helper.service.js.map +1 -1
- package/dist/services/auth-service-internal-helpers.d.ts +13 -2
- package/dist/services/auth-service-internal-helpers.d.ts.map +1 -1
- package/dist/services/auth-service-internal-helpers.js +39 -1
- package/dist/services/auth-service-internal-helpers.js.map +1 -1
- package/dist/services/auth.service.d.ts +94 -438
- package/dist/services/auth.service.d.ts.map +1 -1
- package/dist/services/auth.service.js +388 -1255
- package/dist/services/auth.service.js.map +1 -1
- package/dist/services/mfa-base.service.d.ts +14 -4
- package/dist/services/mfa-base.service.d.ts.map +1 -1
- package/dist/services/mfa-base.service.js +22 -1
- package/dist/services/mfa-base.service.js.map +1 -1
- package/dist/services/mfa.service.d.ts +107 -33
- package/dist/services/mfa.service.d.ts.map +1 -1
- package/dist/services/mfa.service.js +456 -333
- package/dist/services/mfa.service.js.map +1 -1
- package/dist/services/social-auth.service.d.ts +7 -0
- package/dist/services/social-auth.service.d.ts.map +1 -1
- package/dist/services/social-auth.service.js +38 -26
- package/dist/services/social-auth.service.js.map +1 -1
- package/dist/services/user.service.d.ts +3 -3
- package/dist/services/user.service.d.ts.map +1 -1
- package/dist/services/user.service.js +7 -7
- package/dist/services/user.service.js.map +1 -1
- package/dist/utils/dto-validator.d.ts.map +1 -1
- package/dist/utils/dto-validator.js +50 -4
- package/dist/utils/dto-validator.js.map +1 -1
- package/dist/utils/setup/init-services.d.ts +2 -1
- package/dist/utils/setup/init-services.d.ts.map +1 -1
- package/dist/utils/setup/init-services.js +2 -0
- package/dist/utils/setup/init-services.js.map +1 -1
- package/package.json +1 -1
- package/dist/dto/change-password-request.dto.d.ts +0 -43
- package/dist/dto/change-password-request.dto.d.ts.map +0 -1
- package/dist/dto/change-password-request.dto.js.map +0 -1
- package/dist/dto/update-user-attributes-request.dto.d.ts +0 -44
- package/dist/dto/update-user-attributes-request.dto.d.ts.map +0 -1
- package/dist/dto/update-user-attributes-request.dto.js.map +0 -1
|
@@ -2,58 +2,24 @@
|
|
|
2
2
|
/**
|
|
3
3
|
* DTO for getting user MFA devices
|
|
4
4
|
*
|
|
5
|
-
* Used to retrieve all MFA devices configured for
|
|
5
|
+
* Used to retrieve all MFA devices configured for the current authenticated user.
|
|
6
|
+
* User sub is obtained from authenticated context automatically.
|
|
6
7
|
*
|
|
7
8
|
* @example
|
|
8
9
|
* ```typescript
|
|
9
|
-
* const devices = await mfaService.getUserDevices({
|
|
10
|
-
* sub: 'user-uuid'
|
|
11
|
-
* });
|
|
10
|
+
* const devices = await mfaService.getUserDevices({});
|
|
12
11
|
* ```
|
|
13
12
|
*/
|
|
14
|
-
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
15
|
-
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
16
|
-
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
17
|
-
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
18
|
-
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
19
|
-
};
|
|
20
|
-
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
21
|
-
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
22
|
-
};
|
|
23
13
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
24
14
|
exports.GetUserDevicesResponseDTO = exports.GetUserDevicesDTO = void 0;
|
|
25
|
-
const class_validator_1 = require("class-validator");
|
|
26
|
-
const class_transformer_1 = require("class-transformer");
|
|
27
15
|
/**
|
|
28
16
|
* DTO for getting user MFA devices
|
|
17
|
+
*
|
|
18
|
+
* User self-service DTO - no sub field. Service gets user from authenticated context.
|
|
29
19
|
*/
|
|
30
20
|
class GetUserDevicesDTO {
|
|
31
|
-
/**
|
|
32
|
-
* User's unique identifier (UUID v4)
|
|
33
|
-
*
|
|
34
|
-
* Validation:
|
|
35
|
-
* - Must be a valid UUID v4 format
|
|
36
|
-
* - Matches DB constraint: char(36) or uuid
|
|
37
|
-
*
|
|
38
|
-
* Sanitization:
|
|
39
|
-
* - Trimmed
|
|
40
|
-
* - Lowercased for consistency
|
|
41
|
-
*
|
|
42
|
-
* @example "a21b654c-2746-4168-acee-c175083a65cd"
|
|
43
|
-
*/
|
|
44
|
-
sub;
|
|
45
21
|
}
|
|
46
22
|
exports.GetUserDevicesDTO = GetUserDevicesDTO;
|
|
47
|
-
__decorate([
|
|
48
|
-
(0, class_validator_1.IsUUID)('4', { message: 'User sub must be a valid UUID v4 format' }),
|
|
49
|
-
(0, class_transformer_1.Transform)(({ value }) => {
|
|
50
|
-
if (typeof value === 'string') {
|
|
51
|
-
return value.trim().toLowerCase();
|
|
52
|
-
}
|
|
53
|
-
return value;
|
|
54
|
-
}),
|
|
55
|
-
__metadata("design:type", String)
|
|
56
|
-
], GetUserDevicesDTO.prototype, "sub", void 0);
|
|
57
23
|
/**
|
|
58
24
|
* Response DTO for user MFA devices
|
|
59
25
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"get-user-devices.dto.js","sourceRoot":"","sources":["../../src/dto/get-user-devices.dto.ts"],"names":[],"mappings":";AAAA
|
|
1
|
+
{"version":3,"file":"get-user-devices.dto.js","sourceRoot":"","sources":["../../src/dto/get-user-devices.dto.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;GAUG;;;AAIH;;;;GAIG;AACH,MAAa,iBAAiB;CAE7B;AAFD,8CAEC;AAED;;GAEG;AACH,MAAa,yBAAyB;IACpC;;OAEG;IACH,OAAO,CAAgB;CACxB;AALD,8DAKC"}
|
|
@@ -75,7 +75,7 @@ export declare class UserSessionInfo {
|
|
|
75
75
|
*
|
|
76
76
|
* @example
|
|
77
77
|
* ```typescript
|
|
78
|
-
* const response = await authService.getUserSessions(
|
|
78
|
+
* const response = await authService.getUserSessions();
|
|
79
79
|
* // response.sessions = [{ sessionId: '123', authMethod: 'password', ... }, ...]
|
|
80
80
|
* ```
|
|
81
81
|
*/
|
|
@@ -167,7 +167,7 @@ __decorate([
|
|
|
167
167
|
*
|
|
168
168
|
* @example
|
|
169
169
|
* ```typescript
|
|
170
|
-
* const response = await authService.getUserSessions(
|
|
170
|
+
* const response = await authService.getUserSessions();
|
|
171
171
|
* // response.sessions = [{ sessionId: '123', authMethod: 'password', ... }, ...]
|
|
172
172
|
* ```
|
|
173
173
|
*/
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
* ```typescript
|
|
6
6
|
* const dto = new GetUserSessionsDTO();
|
|
7
7
|
* dto.sub = 'user-uuid-123';
|
|
8
|
-
* const sessions = await
|
|
8
|
+
* const sessions = await adminAuthService.getUserSessions(dto);
|
|
9
9
|
* ```
|
|
10
10
|
*/
|
|
11
11
|
export declare class GetUserSessionsDTO {
|
|
@@ -19,7 +19,7 @@ const class_transformer_1 = require("class-transformer");
|
|
|
19
19
|
* ```typescript
|
|
20
20
|
* const dto = new GetUserSessionsDTO();
|
|
21
21
|
* dto.sub = 'user-uuid-123';
|
|
22
|
-
* const sessions = await
|
|
22
|
+
* const sessions = await adminAuthService.getUserSessions(dto);
|
|
23
23
|
* ```
|
|
24
24
|
*/
|
|
25
25
|
class GetUserSessionsDTO {
|
package/dist/dto/index.d.ts
CHANGED
|
@@ -7,11 +7,11 @@ export * from './disable-user.dto';
|
|
|
7
7
|
export * from './enable-user.dto';
|
|
8
8
|
export * from './login.dto';
|
|
9
9
|
export * from './change-password.dto';
|
|
10
|
-
export * from './change-password-request.dto';
|
|
11
10
|
export * from './change-password-response.dto';
|
|
12
11
|
export * from './user-response.dto';
|
|
13
12
|
export * from './user-update.dto';
|
|
14
|
-
export * from './update-user-attributes
|
|
13
|
+
export * from './update-user-attributes.dto';
|
|
14
|
+
export * from './admin-update-user-attributes.dto';
|
|
15
15
|
export * from './update-verified-status-request.dto';
|
|
16
16
|
export * from './verify-email.dto';
|
|
17
17
|
export * from './verify-phone.dto';
|
|
@@ -30,12 +30,15 @@ export * from './get-challenge-data.dto';
|
|
|
30
30
|
export * from './get-challenge-data-response.dto';
|
|
31
31
|
export * from './get-available-methods.dto';
|
|
32
32
|
export * from './get-mfa-status.dto';
|
|
33
|
+
export * from './admin-get-mfa-status.dto';
|
|
33
34
|
export * from './get-user-devices.dto';
|
|
34
35
|
export * from './has-provider.dto';
|
|
35
36
|
export * from './list-providers-response.dto';
|
|
36
37
|
export * from './remove-devices.dto';
|
|
38
|
+
export * from './admin-remove-devices.dto';
|
|
37
39
|
export * from './set-mfa-exemption.dto';
|
|
38
40
|
export * from './set-preferred-method.dto';
|
|
41
|
+
export * from './admin-set-preferred-method.dto';
|
|
39
42
|
export * from './setup-mfa.dto';
|
|
40
43
|
export * from './verify-mfa-code.dto';
|
|
41
44
|
export * from './get-client-info.dto';
|
|
@@ -52,10 +55,12 @@ export * from './logout.dto';
|
|
|
52
55
|
export * from './logout-response.dto';
|
|
53
56
|
export * from './logout-all.dto';
|
|
54
57
|
export * from './logout-all-response.dto';
|
|
58
|
+
export * from './admin-logout-all.dto';
|
|
55
59
|
export * from './get-user-sessions.dto';
|
|
56
60
|
export * from './get-user-sessions-response.dto';
|
|
57
61
|
export * from './logout-session.dto';
|
|
58
62
|
export * from './logout-session-response.dto';
|
|
63
|
+
export * from './admin-revoke-session.dto';
|
|
59
64
|
export * from './set-must-change-password.dto';
|
|
60
65
|
export * from './set-must-change-password-response.dto';
|
|
61
66
|
export * from './admin-set-password.dto';
|
|
@@ -65,6 +70,8 @@ export * from './is-trusted-device-response.dto';
|
|
|
65
70
|
export * from './validate-access-token.dto';
|
|
66
71
|
export * from './validate-access-token-response.dto';
|
|
67
72
|
export * from './get-user-auth-history.dto';
|
|
73
|
+
export * from './admin-get-user-auth-history.dto';
|
|
74
|
+
export * from './admin-get-user-auth-history.dto';
|
|
68
75
|
export * from './social-auth.dto';
|
|
69
76
|
export * from './social-redirect.dto';
|
|
70
77
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/dto/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/dto/index.ts"],"names":[],"mappings":"AACA,cAAc,cAAc,CAAC;AAC7B,cAAc,oBAAoB,CAAC;AACnC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,mBAAmB,CAAC;AAClC,cAAc,iBAAiB,CAAC;AAChC,cAAc,oBAAoB,CAAC;AACnC,cAAc,mBAAmB,CAAC;AAClC,cAAc,aAAa,CAAC;AAC5B,cAAc,uBAAuB,CAAC;AACtC,cAAc
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/dto/index.ts"],"names":[],"mappings":"AACA,cAAc,cAAc,CAAC;AAC7B,cAAc,oBAAoB,CAAC;AACnC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,mBAAmB,CAAC;AAClC,cAAc,iBAAiB,CAAC;AAChC,cAAc,oBAAoB,CAAC;AACnC,cAAc,mBAAmB,CAAC;AAClC,cAAc,aAAa,CAAC;AAC5B,cAAc,uBAAuB,CAAC;AACtC,cAAc,gCAAgC,CAAC;AAC/C,cAAc,qBAAqB,CAAC;AACpC,cAAc,mBAAmB,CAAC;AAClC,cAAc,8BAA8B,CAAC;AAC7C,cAAc,oCAAoC,CAAC;AACnD,cAAc,sCAAsC,CAAC;AACrD,cAAc,oBAAoB,CAAC;AACnC,cAAc,oBAAoB,CAAC;AACnC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,sBAAsB,CAAC;AACrC,cAAc,uBAAuB,CAAC;AACtC,cAAc,+BAA+B,CAAC;AAC9C,cAAc,qBAAqB,CAAC;AACpC,cAAc,qBAAqB,CAAC;AACpC,cAAc,sBAAsB,CAAC;AACrC,cAAc,0BAA0B,CAAC;AACzC,cAAc,yBAAyB,CAAC;AACxC,cAAc,sBAAsB,CAAC;AACrC,cAAc,+BAA+B,CAAC;AAC9C,cAAc,0BAA0B,CAAC;AACzC,cAAc,mCAAmC,CAAC;AAClD,cAAc,6BAA6B,CAAC;AAC5C,cAAc,sBAAsB,CAAC;AACrC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,wBAAwB,CAAC;AACvC,cAAc,oBAAoB,CAAC;AACnC,cAAc,+BAA+B,CAAC;AAC9C,cAAc,sBAAsB,CAAC;AACrC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,yBAAyB,CAAC;AACxC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,kCAAkC,CAAC;AACjD,cAAc,iBAAiB,CAAC;AAChC,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AACtC,cAAc,+BAA+B,CAAC;AAC9C,cAAc,+BAA+B,CAAC;AAC9C,cAAc,iCAAiC,CAAC;AAChD,cAAc,+BAA+B,CAAC;AAC9C,cAAc,mBAAmB,CAAC;AAClC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,yBAAyB,CAAC;AACxC,cAAc,sBAAsB,CAAC;AACrC,cAAc,yBAAyB,CAAC;AACxC,cAAc,cAAc,CAAC;AAC7B,cAAc,uBAAuB,CAAC;AACtC,cAAc,kBAAkB,CAAC;AACjC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,wBAAwB,CAAC;AACvC,cAAc,yBAAyB,CAAC;AACxC,cAAc,kCAAkC,CAAC;AACjD,cAAc,sBAAsB,CAAC;AACrC,cAAc,+BAA+B,CAAC;AAC9C,cAAc,4BAA4B,CAAC;AAC3C,cAAc,gCAAgC,CAAC;AAC/C,cAAc,yCAAyC,CAAC;AACxD,cAAc,0BAA0B,CAAC;AACzC,cAAc,4BAA4B,CAAC;AAE3C,cAAc,6BAA6B,CAAC;AAC5C,cAAc,kCAAkC,CAAC;AACjD,cAAc,6BAA6B,CAAC;AAC5C,cAAc,sCAAsC,CAAC;AACrD,cAAc,6BAA6B,CAAC;AAC5C,cAAc,mCAAmC,CAAC;AAClD,cAAc,mCAAmC,CAAC;AAElD,cAAc,mBAAmB,CAAC;AAClC,cAAc,uBAAuB,CAAC"}
|
package/dist/dto/index.js
CHANGED
|
@@ -24,11 +24,11 @@ __exportStar(require("./disable-user.dto"), exports);
|
|
|
24
24
|
__exportStar(require("./enable-user.dto"), exports);
|
|
25
25
|
__exportStar(require("./login.dto"), exports);
|
|
26
26
|
__exportStar(require("./change-password.dto"), exports);
|
|
27
|
-
__exportStar(require("./change-password-request.dto"), exports);
|
|
28
27
|
__exportStar(require("./change-password-response.dto"), exports);
|
|
29
28
|
__exportStar(require("./user-response.dto"), exports);
|
|
30
29
|
__exportStar(require("./user-update.dto"), exports);
|
|
31
|
-
__exportStar(require("./update-user-attributes
|
|
30
|
+
__exportStar(require("./update-user-attributes.dto"), exports);
|
|
31
|
+
__exportStar(require("./admin-update-user-attributes.dto"), exports);
|
|
32
32
|
__exportStar(require("./update-verified-status-request.dto"), exports);
|
|
33
33
|
__exportStar(require("./verify-email.dto"), exports);
|
|
34
34
|
__exportStar(require("./verify-phone.dto"), exports);
|
|
@@ -47,12 +47,15 @@ __exportStar(require("./get-challenge-data.dto"), exports);
|
|
|
47
47
|
__exportStar(require("./get-challenge-data-response.dto"), exports);
|
|
48
48
|
__exportStar(require("./get-available-methods.dto"), exports);
|
|
49
49
|
__exportStar(require("./get-mfa-status.dto"), exports);
|
|
50
|
+
__exportStar(require("./admin-get-mfa-status.dto"), exports);
|
|
50
51
|
__exportStar(require("./get-user-devices.dto"), exports);
|
|
51
52
|
__exportStar(require("./has-provider.dto"), exports);
|
|
52
53
|
__exportStar(require("./list-providers-response.dto"), exports);
|
|
53
54
|
__exportStar(require("./remove-devices.dto"), exports);
|
|
55
|
+
__exportStar(require("./admin-remove-devices.dto"), exports);
|
|
54
56
|
__exportStar(require("./set-mfa-exemption.dto"), exports);
|
|
55
57
|
__exportStar(require("./set-preferred-method.dto"), exports);
|
|
58
|
+
__exportStar(require("./admin-set-preferred-method.dto"), exports);
|
|
56
59
|
__exportStar(require("./setup-mfa.dto"), exports);
|
|
57
60
|
__exportStar(require("./verify-mfa-code.dto"), exports);
|
|
58
61
|
__exportStar(require("./get-client-info.dto"), exports);
|
|
@@ -69,10 +72,12 @@ __exportStar(require("./logout.dto"), exports);
|
|
|
69
72
|
__exportStar(require("./logout-response.dto"), exports);
|
|
70
73
|
__exportStar(require("./logout-all.dto"), exports);
|
|
71
74
|
__exportStar(require("./logout-all-response.dto"), exports);
|
|
75
|
+
__exportStar(require("./admin-logout-all.dto"), exports);
|
|
72
76
|
__exportStar(require("./get-user-sessions.dto"), exports);
|
|
73
77
|
__exportStar(require("./get-user-sessions-response.dto"), exports);
|
|
74
78
|
__exportStar(require("./logout-session.dto"), exports);
|
|
75
79
|
__exportStar(require("./logout-session-response.dto"), exports);
|
|
80
|
+
__exportStar(require("./admin-revoke-session.dto"), exports);
|
|
76
81
|
__exportStar(require("./set-must-change-password.dto"), exports);
|
|
77
82
|
__exportStar(require("./set-must-change-password-response.dto"), exports);
|
|
78
83
|
__exportStar(require("./admin-set-password.dto"), exports);
|
|
@@ -83,6 +88,8 @@ __exportStar(require("./is-trusted-device-response.dto"), exports);
|
|
|
83
88
|
__exportStar(require("./validate-access-token.dto"), exports);
|
|
84
89
|
__exportStar(require("./validate-access-token-response.dto"), exports);
|
|
85
90
|
__exportStar(require("./get-user-auth-history.dto"), exports);
|
|
91
|
+
__exportStar(require("./admin-get-user-auth-history.dto"), exports);
|
|
92
|
+
__exportStar(require("./admin-get-user-auth-history.dto"), exports);
|
|
86
93
|
__exportStar(require("./social-auth.dto"), exports);
|
|
87
94
|
__exportStar(require("./social-redirect.dto"), exports);
|
|
88
95
|
// Note: Social and MFA DTOs moved to their respective packages
|
package/dist/dto/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/dto/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iBAAiB;AACjB,+CAA6B;AAC7B,qDAAmC;AACnC,4DAA0C;AAC1C,oDAAkC;AAClC,kDAAgC;AAChC,qDAAmC;AACnC,oDAAkC;AAClC,8CAA4B;AAC5B,wDAAsC;AACtC,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/dto/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iBAAiB;AACjB,+CAA6B;AAC7B,qDAAmC;AACnC,4DAA0C;AAC1C,oDAAkC;AAClC,kDAAgC;AAChC,qDAAmC;AACnC,oDAAkC;AAClC,8CAA4B;AAC5B,wDAAsC;AACtC,iEAA+C;AAC/C,sDAAoC;AACpC,oDAAkC;AAClC,+DAA6C;AAC7C,qEAAmD;AACnD,uEAAqD;AACrD,qDAAmC;AACnC,qDAAmC;AACnC,4DAA0C;AAC1C,uDAAqC;AACrC,wDAAsC;AACtC,gEAA8C;AAC9C,sDAAoC;AACpC,sDAAoC;AACpC,uDAAqC;AACrC,2DAAyC;AACzC,0DAAwC;AACxC,uDAAqC;AACrC,gEAA8C;AAC9C,2DAAyC;AACzC,oEAAkD;AAClD,8DAA4C;AAC5C,uDAAqC;AACrC,6DAA2C;AAC3C,yDAAuC;AACvC,qDAAmC;AACnC,gEAA8C;AAC9C,uDAAqC;AACrC,6DAA2C;AAC3C,0DAAwC;AACxC,6DAA2C;AAC3C,mEAAiD;AACjD,kDAAgC;AAChC,wDAAsC;AACtC,wDAAsC;AACtC,gEAA8C;AAC9C,gEAA8C;AAC9C,kEAAgD;AAChD,gEAA8C;AAC9C,oDAAkC;AAClC,6DAA2C;AAC3C,0DAAwC;AACxC,uDAAqC;AACrC,0DAAwC;AACxC,+CAA6B;AAC7B,wDAAsC;AACtC,mDAAiC;AACjC,4DAA0C;AAC1C,yDAAuC;AACvC,0DAAwC;AACxC,mEAAiD;AACjD,uDAAqC;AACrC,gEAA8C;AAC9C,6DAA2C;AAC3C,iEAA+C;AAC/C,0EAAwD;AACxD,2DAAyC;AACzC,6DAA2C;AAC3C,+EAA+E;AAC/E,8DAA4C;AAC5C,mEAAiD;AACjD,8DAA4C;AAC5C,uEAAqD;AACrD,8DAA4C;AAC5C,oEAAkD;AAClD,oEAAkD;AAElD,oDAAkC;AAClC,wDAAsC;AAEtC,+DAA+D;AAC/D,+CAA+C;AAC/C,mCAAmC"}
|
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
* Request DTO for logging out a user from all sessions (global logout).
|
|
5
5
|
*
|
|
6
6
|
* Security:
|
|
7
|
-
* -
|
|
7
|
+
* - Uses authenticated user context for sub
|
|
8
8
|
* - Prevents unauthorized logout attempts
|
|
9
9
|
*
|
|
10
10
|
* @example
|
|
@@ -18,23 +18,6 @@
|
|
|
18
18
|
* Request DTO for logout all sessions
|
|
19
19
|
*/
|
|
20
20
|
export declare class LogoutAllDTO {
|
|
21
|
-
/**
|
|
22
|
-
* User's unique identifier (UUID v4)
|
|
23
|
-
*
|
|
24
|
-
* Optional at controller level - filled from authenticated user's JWT.
|
|
25
|
-
* Validated only when provided (service layer will ensure it's set).
|
|
26
|
-
*
|
|
27
|
-
* Validation:
|
|
28
|
-
* - Must be a valid UUID v4 format when provided
|
|
29
|
-
* - Matches DB constraint: char(36) or uuid
|
|
30
|
-
*
|
|
31
|
-
* Sanitization:
|
|
32
|
-
* - Trimmed
|
|
33
|
-
* - Lowercased for consistency
|
|
34
|
-
*
|
|
35
|
-
* @example "a21b654c-2746-4168-acee-c175083a65cd"
|
|
36
|
-
*/
|
|
37
|
-
sub?: string;
|
|
38
21
|
/**
|
|
39
22
|
* Whether to also forget/revoke all trusted devices
|
|
40
23
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"logout-all.dto.d.ts","sourceRoot":"","sources":["../../src/dto/logout-all.dto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAKH;;GAEG;AACH,qBAAa,YAAY;IACvB
|
|
1
|
+
{"version":3,"file":"logout-all.dto.d.ts","sourceRoot":"","sources":["../../src/dto/logout-all.dto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAKH;;GAEG;AACH,qBAAa,YAAY;IACvB;;;;;;;;;OASG;IAQH,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB"}
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
* Request DTO for logging out a user from all sessions (global logout).
|
|
6
6
|
*
|
|
7
7
|
* Security:
|
|
8
|
-
* -
|
|
8
|
+
* - Uses authenticated user context for sub
|
|
9
9
|
* - Prevents unauthorized logout attempts
|
|
10
10
|
*
|
|
11
11
|
* @example
|
|
@@ -32,23 +32,6 @@ const class_transformer_1 = require("class-transformer");
|
|
|
32
32
|
* Request DTO for logout all sessions
|
|
33
33
|
*/
|
|
34
34
|
class LogoutAllDTO {
|
|
35
|
-
/**
|
|
36
|
-
* User's unique identifier (UUID v4)
|
|
37
|
-
*
|
|
38
|
-
* Optional at controller level - filled from authenticated user's JWT.
|
|
39
|
-
* Validated only when provided (service layer will ensure it's set).
|
|
40
|
-
*
|
|
41
|
-
* Validation:
|
|
42
|
-
* - Must be a valid UUID v4 format when provided
|
|
43
|
-
* - Matches DB constraint: char(36) or uuid
|
|
44
|
-
*
|
|
45
|
-
* Sanitization:
|
|
46
|
-
* - Trimmed
|
|
47
|
-
* - Lowercased for consistency
|
|
48
|
-
*
|
|
49
|
-
* @example "a21b654c-2746-4168-acee-c175083a65cd"
|
|
50
|
-
*/
|
|
51
|
-
sub;
|
|
52
35
|
/**
|
|
53
36
|
* Whether to also forget/revoke all trusted devices
|
|
54
37
|
*
|
|
@@ -62,18 +45,6 @@ class LogoutAllDTO {
|
|
|
62
45
|
forgetDevices;
|
|
63
46
|
}
|
|
64
47
|
exports.LogoutAllDTO = LogoutAllDTO;
|
|
65
|
-
__decorate([
|
|
66
|
-
(0, class_validator_1.ValidateIf)((o) => o.sub !== undefined && o.sub !== null && o.sub !== ''),
|
|
67
|
-
(0, class_validator_1.IsUUID)('4', { message: 'User sub must be a valid UUID v4 format' }),
|
|
68
|
-
(0, class_transformer_1.Transform)(({ value }) => {
|
|
69
|
-
if (typeof value === 'string') {
|
|
70
|
-
return value.trim().toLowerCase();
|
|
71
|
-
}
|
|
72
|
-
return value;
|
|
73
|
-
}),
|
|
74
|
-
(0, class_validator_1.IsOptional)(),
|
|
75
|
-
__metadata("design:type", String)
|
|
76
|
-
], LogoutAllDTO.prototype, "sub", void 0);
|
|
77
48
|
__decorate([
|
|
78
49
|
(0, class_validator_1.IsOptional)(),
|
|
79
50
|
(0, class_validator_1.IsBoolean)(),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"logout-all.dto.js","sourceRoot":"","sources":["../../src/dto/logout-all.dto.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;GAeG;;;;;;;;;;;;AAEH,
|
|
1
|
+
{"version":3,"file":"logout-all.dto.js","sourceRoot":"","sources":["../../src/dto/logout-all.dto.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;GAeG;;;;;;;;;;;;AAEH,qDAAwD;AACxD,yDAA8C;AAE9C;;GAEG;AACH,MAAa,YAAY;IACvB;;;;;;;;;OASG;IAQH,aAAa,CAAW;CACzB;AAnBD,oCAmBC;AADC;IAPC,IAAA,4BAAU,GAAE;IACZ,IAAA,2BAAS,GAAE;IACX,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,KAAK,KAAK,MAAM,IAAI,KAAK,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC;QACnD,IAAI,KAAK,KAAK,OAAO,IAAI,KAAK,KAAK,GAAG;YAAE,OAAO,KAAK,CAAC;QACrD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;mDACsB"}
|
|
@@ -4,16 +4,11 @@
|
|
|
4
4
|
* @example
|
|
5
5
|
* ```typescript
|
|
6
6
|
* const dto = new LogoutSessionDTO();
|
|
7
|
-
* dto.sub = 'user-uuid-123';
|
|
8
7
|
* dto.sessionId = '456';
|
|
9
8
|
* await authService.logoutSession(dto);
|
|
10
9
|
* ```
|
|
11
10
|
*/
|
|
12
11
|
export declare class LogoutSessionDTO {
|
|
13
|
-
/**
|
|
14
|
-
* User sub (UUID) - must match the session owner
|
|
15
|
-
*/
|
|
16
|
-
sub: string;
|
|
17
12
|
/**
|
|
18
13
|
* Session ID to revoke
|
|
19
14
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"logout-session.dto.d.ts","sourceRoot":"","sources":["../../src/dto/logout-session.dto.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"logout-session.dto.d.ts","sourceRoot":"","sources":["../../src/dto/logout-session.dto.ts"],"names":[],"mappings":"AAEA;;;;;;;;;GASG;AACH,qBAAa,gBAAgB;IAC3B;;OAEG;IAGH,SAAS,EAAG,MAAM,CAAC;CACpB"}
|
|
@@ -11,35 +11,23 @@ var __metadata = (this && this.__metadata) || function (k, v) {
|
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
12
|
exports.LogoutSessionDTO = void 0;
|
|
13
13
|
const class_validator_1 = require("class-validator");
|
|
14
|
-
const class_transformer_1 = require("class-transformer");
|
|
15
14
|
/**
|
|
16
15
|
* DTO for logging out a specific session
|
|
17
16
|
*
|
|
18
17
|
* @example
|
|
19
18
|
* ```typescript
|
|
20
19
|
* const dto = new LogoutSessionDTO();
|
|
21
|
-
* dto.sub = 'user-uuid-123';
|
|
22
20
|
* dto.sessionId = '456';
|
|
23
21
|
* await authService.logoutSession(dto);
|
|
24
22
|
* ```
|
|
25
23
|
*/
|
|
26
24
|
class LogoutSessionDTO {
|
|
27
|
-
/**
|
|
28
|
-
* User sub (UUID) - must match the session owner
|
|
29
|
-
*/
|
|
30
|
-
sub;
|
|
31
25
|
/**
|
|
32
26
|
* Session ID to revoke
|
|
33
27
|
*/
|
|
34
28
|
sessionId;
|
|
35
29
|
}
|
|
36
30
|
exports.LogoutSessionDTO = LogoutSessionDTO;
|
|
37
|
-
__decorate([
|
|
38
|
-
(0, class_validator_1.IsUUID)('4'),
|
|
39
|
-
(0, class_validator_1.IsNotEmpty)(),
|
|
40
|
-
(0, class_transformer_1.Transform)(({ value }) => value?.trim().toLowerCase()),
|
|
41
|
-
__metadata("design:type", String)
|
|
42
|
-
], LogoutSessionDTO.prototype, "sub", void 0);
|
|
43
31
|
__decorate([
|
|
44
32
|
(0, class_validator_1.IsString)(),
|
|
45
33
|
(0, class_validator_1.IsNotEmpty)(),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"logout-session.dto.js","sourceRoot":"","sources":["../../src/dto/logout-session.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,
|
|
1
|
+
{"version":3,"file":"logout-session.dto.js","sourceRoot":"","sources":["../../src/dto/logout-session.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,qDAAuD;AAEvD;;;;;;;;;GASG;AACH,MAAa,gBAAgB;IAC3B;;OAEG;IAGH,SAAS,CAAU;CACpB;AAPD,4CAOC;AADC;IAFC,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;;mDACM"}
|
package/dist/dto/logout.dto.d.ts
CHANGED
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
*
|
|
6
6
|
* Security:
|
|
7
7
|
* - Session ID is automatically extracted from JWT token context (via ClientInfoService)
|
|
8
|
-
* -
|
|
8
|
+
* - Uses authenticated user context for sub
|
|
9
9
|
* - Prevents unauthorized logout attempts
|
|
10
10
|
*
|
|
11
11
|
* @example
|
|
@@ -19,23 +19,6 @@
|
|
|
19
19
|
* Request DTO for logout
|
|
20
20
|
*/
|
|
21
21
|
export declare class LogoutDTO {
|
|
22
|
-
/**
|
|
23
|
-
* User's unique identifier (UUID v4) - Optional
|
|
24
|
-
*
|
|
25
|
-
* If provided, validates that the authenticated user matches this sub.
|
|
26
|
-
* Session ID is automatically extracted from JWT token context.
|
|
27
|
-
*
|
|
28
|
-
* Validation:
|
|
29
|
-
* - Must be a valid UUID v4 format if provided
|
|
30
|
-
* - Matches DB constraint: char(36) or uuid
|
|
31
|
-
*
|
|
32
|
-
* Sanitization:
|
|
33
|
-
* - Trimmed
|
|
34
|
-
* - Lowercased for consistency
|
|
35
|
-
*
|
|
36
|
-
* @example "a21b654c-2746-4168-acee-c175083a65cd"
|
|
37
|
-
*/
|
|
38
|
-
sub?: string;
|
|
39
22
|
/**
|
|
40
23
|
* If true, also removes trusted device
|
|
41
24
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"logout.dto.d.ts","sourceRoot":"","sources":["../../src/dto/logout.dto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;
|
|
1
|
+
{"version":3,"file":"logout.dto.d.ts","sourceRoot":"","sources":["../../src/dto/logout.dto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAIH;;GAEG;AACH,qBAAa,SAAS;IACpB;;;;;;;;OAQG;IAGH,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB"}
|
package/dist/dto/logout.dto.js
CHANGED
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
*
|
|
7
7
|
* Security:
|
|
8
8
|
* - Session ID is automatically extracted from JWT token context (via ClientInfoService)
|
|
9
|
-
* -
|
|
9
|
+
* - Uses authenticated user context for sub
|
|
10
10
|
* - Prevents unauthorized logout attempts
|
|
11
11
|
*
|
|
12
12
|
* @example
|
|
@@ -28,28 +28,10 @@ var __metadata = (this && this.__metadata) || function (k, v) {
|
|
|
28
28
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
29
29
|
exports.LogoutDTO = void 0;
|
|
30
30
|
const class_validator_1 = require("class-validator");
|
|
31
|
-
const class_transformer_1 = require("class-transformer");
|
|
32
31
|
/**
|
|
33
32
|
* Request DTO for logout
|
|
34
33
|
*/
|
|
35
34
|
class LogoutDTO {
|
|
36
|
-
/**
|
|
37
|
-
* User's unique identifier (UUID v4) - Optional
|
|
38
|
-
*
|
|
39
|
-
* If provided, validates that the authenticated user matches this sub.
|
|
40
|
-
* Session ID is automatically extracted from JWT token context.
|
|
41
|
-
*
|
|
42
|
-
* Validation:
|
|
43
|
-
* - Must be a valid UUID v4 format if provided
|
|
44
|
-
* - Matches DB constraint: char(36) or uuid
|
|
45
|
-
*
|
|
46
|
-
* Sanitization:
|
|
47
|
-
* - Trimmed
|
|
48
|
-
* - Lowercased for consistency
|
|
49
|
-
*
|
|
50
|
-
* @example "a21b654c-2746-4168-acee-c175083a65cd"
|
|
51
|
-
*/
|
|
52
|
-
sub;
|
|
53
35
|
/**
|
|
54
36
|
* If true, also removes trusted device
|
|
55
37
|
*
|
|
@@ -62,17 +44,6 @@ class LogoutDTO {
|
|
|
62
44
|
forgetMe;
|
|
63
45
|
}
|
|
64
46
|
exports.LogoutDTO = LogoutDTO;
|
|
65
|
-
__decorate([
|
|
66
|
-
(0, class_validator_1.IsOptional)(),
|
|
67
|
-
(0, class_validator_1.IsUUID)('4', { message: 'User sub must be a valid UUID v4 format' }),
|
|
68
|
-
(0, class_transformer_1.Transform)(({ value }) => {
|
|
69
|
-
if (typeof value === 'string') {
|
|
70
|
-
return value.trim().toLowerCase();
|
|
71
|
-
}
|
|
72
|
-
return value;
|
|
73
|
-
}),
|
|
74
|
-
__metadata("design:type", String)
|
|
75
|
-
], LogoutDTO.prototype, "sub", void 0);
|
|
76
47
|
__decorate([
|
|
77
48
|
(0, class_validator_1.IsOptional)(),
|
|
78
49
|
(0, class_validator_1.IsBoolean)({ message: 'forgetMe must be a boolean' }),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"logout.dto.js","sourceRoot":"","sources":["../../src/dto/logout.dto.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;GAgBG;;;;;;;;;;;;AAEH,
|
|
1
|
+
{"version":3,"file":"logout.dto.js","sourceRoot":"","sources":["../../src/dto/logout.dto.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;GAgBG;;;;;;;;;;;;AAEH,qDAAwD;AAExD;;GAEG;AACH,MAAa,SAAS;IACpB;;;;;;;;OAQG;IAGH,QAAQ,CAAW;CACpB;AAbD,8BAaC;AADC;IAFC,IAAA,4BAAU,GAAE;IACZ,IAAA,2BAAS,EAAC,EAAE,OAAO,EAAE,4BAA4B,EAAE,CAAC;;2CAClC"}
|
|
@@ -1,35 +1,23 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* DTO for removing MFA devices
|
|
3
3
|
*
|
|
4
|
-
* Used to remove all MFA devices of a specific method type for
|
|
4
|
+
* Used to remove all MFA devices of a specific method type for the current authenticated user.
|
|
5
5
|
* Automatically disables MFA if this was the last device.
|
|
6
|
+
* User sub is obtained from authenticated context automatically.
|
|
6
7
|
*
|
|
7
8
|
* @example
|
|
8
9
|
* ```typescript
|
|
9
10
|
* const result = await mfaService.removeDevices({
|
|
10
|
-
* userSub: 'user-uuid',
|
|
11
11
|
* methodType: 'totp'
|
|
12
12
|
* });
|
|
13
13
|
* ```
|
|
14
14
|
*/
|
|
15
15
|
/**
|
|
16
16
|
* DTO for removing MFA devices
|
|
17
|
+
*
|
|
18
|
+
* User self-service DTO - no userSub field. Service gets user from authenticated context.
|
|
17
19
|
*/
|
|
18
20
|
export declare class RemoveDevicesDTO {
|
|
19
|
-
/**
|
|
20
|
-
* User's unique identifier (UUID v4)
|
|
21
|
-
*
|
|
22
|
-
* Validation:
|
|
23
|
-
* - Must be a valid UUID v4 format
|
|
24
|
-
* - Matches DB constraint: char(36) or uuid
|
|
25
|
-
*
|
|
26
|
-
* Sanitization:
|
|
27
|
-
* - Trimmed
|
|
28
|
-
* - Lowercased for consistency
|
|
29
|
-
*
|
|
30
|
-
* @example "a21b654c-2746-4168-acee-c175083a65cd"
|
|
31
|
-
*/
|
|
32
|
-
userSub: string;
|
|
33
21
|
/**
|
|
34
22
|
* MFA method type to remove
|
|
35
23
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"remove-devices.dto.d.ts","sourceRoot":"","sources":["../../src/dto/remove-devices.dto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAMH
|
|
1
|
+
{"version":3,"file":"remove-devices.dto.d.ts","sourceRoot":"","sources":["../../src/dto/remove-devices.dto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAMH;;;;GAIG;AACH,qBAAa,gBAAgB;IAE3B;;;;;;;;;;;OAWG;IAYH,UAAU,EAAG,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,qBAAa,wBAAwB;IACnC;;OAEG;IACH,YAAY,EAAG,MAAM,CAAC;IAEtB;;OAEG;IACH,WAAW,EAAG,OAAO,CAAC;CACvB"}
|
|
@@ -2,13 +2,13 @@
|
|
|
2
2
|
/**
|
|
3
3
|
* DTO for removing MFA devices
|
|
4
4
|
*
|
|
5
|
-
* Used to remove all MFA devices of a specific method type for
|
|
5
|
+
* Used to remove all MFA devices of a specific method type for the current authenticated user.
|
|
6
6
|
* Automatically disables MFA if this was the last device.
|
|
7
|
+
* User sub is obtained from authenticated context automatically.
|
|
7
8
|
*
|
|
8
9
|
* @example
|
|
9
10
|
* ```typescript
|
|
10
11
|
* const result = await mfaService.removeDevices({
|
|
11
|
-
* userSub: 'user-uuid',
|
|
12
12
|
* methodType: 'totp'
|
|
13
13
|
* });
|
|
14
14
|
* ```
|
|
@@ -29,22 +29,10 @@ const class_transformer_1 = require("class-transformer");
|
|
|
29
29
|
const mfa_method_enum_1 = require("../enums/mfa-method.enum");
|
|
30
30
|
/**
|
|
31
31
|
* DTO for removing MFA devices
|
|
32
|
+
*
|
|
33
|
+
* User self-service DTO - no userSub field. Service gets user from authenticated context.
|
|
32
34
|
*/
|
|
33
35
|
class RemoveDevicesDTO {
|
|
34
|
-
/**
|
|
35
|
-
* User's unique identifier (UUID v4)
|
|
36
|
-
*
|
|
37
|
-
* Validation:
|
|
38
|
-
* - Must be a valid UUID v4 format
|
|
39
|
-
* - Matches DB constraint: char(36) or uuid
|
|
40
|
-
*
|
|
41
|
-
* Sanitization:
|
|
42
|
-
* - Trimmed
|
|
43
|
-
* - Lowercased for consistency
|
|
44
|
-
*
|
|
45
|
-
* @example "a21b654c-2746-4168-acee-c175083a65cd"
|
|
46
|
-
*/
|
|
47
|
-
userSub;
|
|
48
36
|
/**
|
|
49
37
|
* MFA method type to remove
|
|
50
38
|
*
|
|
@@ -60,16 +48,6 @@ class RemoveDevicesDTO {
|
|
|
60
48
|
methodType;
|
|
61
49
|
}
|
|
62
50
|
exports.RemoveDevicesDTO = RemoveDevicesDTO;
|
|
63
|
-
__decorate([
|
|
64
|
-
(0, class_validator_1.IsUUID)('4', { message: 'User sub must be a valid UUID v4 format' }),
|
|
65
|
-
(0, class_transformer_1.Transform)(({ value }) => {
|
|
66
|
-
if (typeof value === 'string') {
|
|
67
|
-
return value.trim().toLowerCase();
|
|
68
|
-
}
|
|
69
|
-
return value;
|
|
70
|
-
}),
|
|
71
|
-
__metadata("design:type", String)
|
|
72
|
-
], RemoveDevicesDTO.prototype, "userSub", void 0);
|
|
73
51
|
__decorate([
|
|
74
52
|
(0, class_validator_1.IsString)({ message: 'Method type must be a string' }),
|
|
75
53
|
(0, class_validator_1.IsEnum)([mfa_method_enum_1.MFAMethod.TOTP, mfa_method_enum_1.MFAMethod.SMS, mfa_method_enum_1.MFAMethod.EMAIL, mfa_method_enum_1.MFAMethod.PASSKEY], {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"remove-devices.dto.js","sourceRoot":"","sources":["../../src/dto/remove-devices.dto.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;GAaG;;;;;;;;;;;;AAEH,
|
|
1
|
+
{"version":3,"file":"remove-devices.dto.js","sourceRoot":"","sources":["../../src/dto/remove-devices.dto.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;GAaG;;;;;;;;;;;;AAEH,qDAA8D;AAC9D,yDAA8C;AAC9C,8DAAqD;AAErD;;;;GAIG;AACH,MAAa,gBAAgB;IAE3B;;;;;;;;;;;OAWG;IAYH,UAAU,CAAU;CACrB;AA1BD,4CA0BC;AADC;IAXC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC;IACrD,IAAA,wBAAM,EAAC,CAAC,2BAAS,CAAC,IAAI,EAAE,2BAAS,CAAC,GAAG,EAAE,2BAAS,CAAC,KAAK,EAAE,2BAAS,CAAC,OAAO,CAAC,EAAE;QAC3E,OAAO,EAAE,uDAAuD;KACjE,CAAC;IACD,IAAA,2BAAS,EAAC,EAAE,EAAE,EAAE,OAAO,EAAE,2CAA2C,EAAE,CAAC;IACvE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;oDACkB;AAGtB;;GAEG;AACH,MAAa,wBAAwB;IACnC;;OAEG;IACH,YAAY,CAAU;IAEtB;;OAEG;IACH,WAAW,CAAW;CACvB;AAVD,4DAUC"}
|