@nauth-toolkit/nestjs 0.1.18 → 0.1.22
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth.module.d.ts.map +1 -1
- package/dist/auth.module.js +29 -14
- package/dist/auth.module.js.map +1 -1
- package/dist/factories/storage-adapter.factory.d.ts.map +1 -1
- package/dist/factories/storage-adapter.factory.js +204 -63
- package/dist/factories/storage-adapter.factory.js.map +1 -1
- package/dist/guards/auth.guard.d.ts +3 -4
- package/dist/guards/auth.guard.d.ts.map +1 -1
- package/dist/guards/auth.guard.js +49 -60
- package/dist/guards/auth.guard.js.map +1 -1
- package/dist/guards/nauth-context.guard.d.ts +44 -0
- package/dist/guards/nauth-context.guard.d.ts.map +1 -0
- package/dist/guards/nauth-context.guard.js +140 -0
- package/dist/guards/nauth-context.guard.js.map +1 -0
- package/dist/index.d.ts +2 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +5 -3
- package/dist/index.js.map +1 -1
- package/dist/interceptors/cookie-token.interceptor.d.ts +3 -7
- package/dist/interceptors/cookie-token.interceptor.d.ts.map +1 -1
- package/dist/interceptors/cookie-token.interceptor.js +25 -139
- package/dist/interceptors/cookie-token.interceptor.js.map +1 -1
- package/dist/interceptors/index.d.ts +1 -1
- package/dist/interceptors/index.d.ts.map +1 -1
- package/dist/interceptors/index.js +1 -1
- package/dist/interceptors/index.js.map +1 -1
- package/dist/interceptors/nauth-context.interceptor.d.ts +27 -0
- package/dist/interceptors/nauth-context.interceptor.d.ts.map +1 -0
- package/dist/interceptors/nauth-context.interceptor.js +64 -0
- package/dist/interceptors/nauth-context.interceptor.js.map +1 -0
- package/dist/services/token-delivery-http.service.d.ts +68 -0
- package/dist/services/token-delivery-http.service.d.ts.map +1 -0
- package/dist/services/token-delivery-http.service.js +194 -0
- package/dist/services/token-delivery-http.service.js.map +1 -0
- package/package.json +2 -2
- package/dist/interceptors/client-info.interceptor.d.ts +0 -50
- package/dist/interceptors/client-info.interceptor.d.ts.map +0 -1
- package/dist/interceptors/client-info.interceptor.js +0 -196
- package/dist/interceptors/client-info.interceptor.js.map +0 -1
|
@@ -15,11 +15,11 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
15
15
|
exports.AuthGuard = void 0;
|
|
16
16
|
const common_1 = require("@nestjs/common");
|
|
17
17
|
const core_1 = require("@nestjs/core");
|
|
18
|
-
const typeorm_1 = require("typeorm");
|
|
19
18
|
const core_2 = require("@nauth-toolkit/core");
|
|
20
19
|
const internal_1 = require("@nauth-toolkit/core/internal");
|
|
21
20
|
const public_decorator_1 = require("../decorators/public.decorator");
|
|
22
21
|
const token_delivery_decorator_1 = require("../decorators/token-delivery.decorator");
|
|
22
|
+
const nauth_context_guard_1 = require("./nauth-context.guard");
|
|
23
23
|
/**
|
|
24
24
|
* Native Auth Guard (NO Passport dependency)
|
|
25
25
|
*
|
|
@@ -40,13 +40,13 @@ let AuthGuard = class AuthGuard {
|
|
|
40
40
|
reflector;
|
|
41
41
|
jwtService;
|
|
42
42
|
sessionService;
|
|
43
|
-
|
|
43
|
+
authService;
|
|
44
44
|
config;
|
|
45
|
-
constructor(reflector, jwtService, sessionService,
|
|
45
|
+
constructor(reflector, jwtService, sessionService, authService, config) {
|
|
46
46
|
this.reflector = reflector;
|
|
47
47
|
this.jwtService = jwtService;
|
|
48
48
|
this.sessionService = sessionService;
|
|
49
|
-
this.
|
|
49
|
+
this.authService = authService;
|
|
50
50
|
this.config = config;
|
|
51
51
|
}
|
|
52
52
|
async canActivate(context) {
|
|
@@ -87,61 +87,51 @@ let AuthGuard = class AuthGuard {
|
|
|
87
87
|
if (session.expiresAt < new Date()) {
|
|
88
88
|
throw new core_2.NAuthException(core_2.AuthErrorCode.SESSION_EXPIRED, 'Session has expired');
|
|
89
89
|
}
|
|
90
|
-
//
|
|
91
|
-
//
|
|
92
|
-
//
|
|
93
|
-
//
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
'isPhoneVerified',
|
|
105
|
-
'isActive',
|
|
106
|
-
'mustChangePassword',
|
|
107
|
-
'isLocked',
|
|
108
|
-
'lockReason',
|
|
109
|
-
'lockedAt',
|
|
110
|
-
'lockedUntil',
|
|
111
|
-
'failedLoginAttempts',
|
|
112
|
-
'lastFailedLoginAt',
|
|
113
|
-
'lastLoginAt',
|
|
114
|
-
'lastLoginIp',
|
|
115
|
-
'hasSocialAuth',
|
|
116
|
-
'socialProviders',
|
|
117
|
-
'mfaEnabled',
|
|
118
|
-
'mfaMethods',
|
|
119
|
-
'preferredMfaMethod',
|
|
120
|
-
'mfaExempt',
|
|
121
|
-
'mfaExemptReason',
|
|
122
|
-
'mfaExemptGrantedAt',
|
|
123
|
-
'metadata',
|
|
124
|
-
'createdAt',
|
|
125
|
-
'updatedAt',
|
|
126
|
-
],
|
|
127
|
-
where: { sub: validation.payload.sub },
|
|
128
|
-
});
|
|
129
|
-
if (!user) {
|
|
130
|
-
throw new core_2.NAuthException(core_2.AuthErrorCode.NOT_FOUND, 'User not found');
|
|
131
|
-
}
|
|
132
|
-
if (!user.isActive) {
|
|
133
|
-
throw new core_2.NAuthException(core_2.AuthErrorCode.ACCOUNT_INACTIVE, 'Account is not active');
|
|
134
|
-
}
|
|
135
|
-
// SECURITY CRITICAL: Re-check session hasn't been modified (optimistic locking)
|
|
136
|
-
// Prevents TOCTOU (Time-of-Check-Time-of-Use) vulnerabilities
|
|
137
|
-
const revalidated = await this.sessionService.findByIdLight(sessionId);
|
|
138
|
-
if (!revalidated || revalidated.version !== initialVersion || revalidated.isRevoked) {
|
|
139
|
-
throw new core_2.NAuthException(core_2.AuthErrorCode.TOKEN_INVALID, 'Session was modified during request - possible security breach');
|
|
90
|
+
// ============================================================================
|
|
91
|
+
// Load user via AuthService (service-first architecture)
|
|
92
|
+
// ============================================================================
|
|
93
|
+
// AuthService.getUserForAuthContext handles:
|
|
94
|
+
// - User lookup by sub
|
|
95
|
+
// - Active status check
|
|
96
|
+
// - Computing hasPasswordHash from passwordHash
|
|
97
|
+
// - Removing sensitive fields (passwordHash, totpSecret, backupCodes, passwordHistory)
|
|
98
|
+
//
|
|
99
|
+
// Wrap in context restoration to ensure ContextStorage.set() works
|
|
100
|
+
const store = (0, nauth_context_guard_1.getNAuthContextStore)(request);
|
|
101
|
+
if (!store) {
|
|
102
|
+
// No context available - should not happen with proper setup
|
|
103
|
+
throw new core_2.NAuthException(core_2.AuthErrorCode.INTERNAL_ERROR, 'Context not initialized');
|
|
140
104
|
}
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
105
|
+
return core_2.ContextStorage.enterStore(store, async () => {
|
|
106
|
+
const user = await this.authService.getUserForAuthContext(validation.payload.sub);
|
|
107
|
+
// SECURITY CRITICAL: Re-check session hasn't been modified (optimistic locking)
|
|
108
|
+
// Prevents TOCTOU (Time-of-Check-Time-of-Use) vulnerabilities
|
|
109
|
+
const revalidated = await this.sessionService.findByIdLight(sessionId);
|
|
110
|
+
if (!revalidated || revalidated.version !== initialVersion || revalidated.isRevoked) {
|
|
111
|
+
throw new core_2.NAuthException(core_2.AuthErrorCode.TOKEN_INVALID, 'Session was modified during request - possible security breach');
|
|
112
|
+
}
|
|
113
|
+
// Attach user to request
|
|
114
|
+
request.user = user;
|
|
115
|
+
request.token = validation.payload;
|
|
116
|
+
// Store in ContextStorage for service access
|
|
117
|
+
core_2.ContextStorage.set('CURRENT_USER', user);
|
|
118
|
+
core_2.ContextStorage.set('JWT_PAYLOAD', validation.payload);
|
|
119
|
+
core_2.ContextStorage.set('CURRENT_SESSION', sessionId);
|
|
120
|
+
// Update CLIENT_INFO with sessionId and userId
|
|
121
|
+
const clientInfo = core_2.ContextStorage.get('CLIENT_INFO');
|
|
122
|
+
if (clientInfo) {
|
|
123
|
+
const sessionIdNumber = typeof sessionId === 'number' ? sessionId : parseInt(String(sessionId), 10);
|
|
124
|
+
const userIdNumber = typeof user.id === 'number' ? user.id : parseInt(String(user.id), 10);
|
|
125
|
+
if (!isNaN(sessionIdNumber) && sessionIdNumber > 0) {
|
|
126
|
+
clientInfo.sessionId = sessionIdNumber;
|
|
127
|
+
}
|
|
128
|
+
if (!isNaN(userIdNumber) && userIdNumber > 0) {
|
|
129
|
+
clientInfo.userId = userIdNumber;
|
|
130
|
+
}
|
|
131
|
+
core_2.ContextStorage.set('CLIENT_INFO', clientInfo);
|
|
132
|
+
}
|
|
133
|
+
return true;
|
|
134
|
+
});
|
|
145
135
|
}
|
|
146
136
|
/**
|
|
147
137
|
* Extract JWT token from request with strict source validation based on configuration
|
|
@@ -192,11 +182,10 @@ let AuthGuard = class AuthGuard {
|
|
|
192
182
|
exports.AuthGuard = AuthGuard;
|
|
193
183
|
exports.AuthGuard = AuthGuard = __decorate([
|
|
194
184
|
(0, common_1.Injectable)(),
|
|
195
|
-
__param(3, (0, common_1.Inject)('UserRepository')),
|
|
196
185
|
__param(4, (0, common_1.Inject)('NAUTH_CONFIG')),
|
|
197
186
|
__metadata("design:paramtypes", [core_1.Reflector,
|
|
198
187
|
internal_1.JwtService,
|
|
199
188
|
internal_1.SessionService,
|
|
200
|
-
|
|
189
|
+
core_2.AuthService, Object])
|
|
201
190
|
], AuthGuard);
|
|
202
191
|
//# sourceMappingURL=auth.guard.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.guard.js","sourceRoot":"","sources":["../../src/guards/auth.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAmF;AACnF,uCAAyC;AACzC,
|
|
1
|
+
{"version":3,"file":"auth.guard.js","sourceRoot":"","sources":["../../src/guards/auth.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAmF;AACnF,uCAAyC;AACzC,8CAQ6B;AAC7B,2DAA0E;AAC1E,qEAA+D;AAC/D,qFAA2F;AAC3F,+DAA6D;AAE7D;;;;;;;;;;;;;;;GAeG;AAEI,IAAM,SAAS,GAAf,MAAM,SAAS;IAED;IACA;IACA;IACA;IAEA;IANnB,YACmB,SAAoB,EACpB,UAAsB,EACtB,cAA8B,EAC9B,WAAwB,EAExB,MAAmB;QALnB,cAAS,GAAT,SAAS,CAAW;QACpB,eAAU,GAAV,UAAU,CAAY;QACtB,mBAAc,GAAd,cAAc,CAAgB;QAC9B,gBAAW,GAAX,WAAW,CAAa;QAExB,WAAM,GAAN,MAAM,CAAa;IACnC,CAAC;IAEJ,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,2BAA2B;QAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,gCAAa,EAAE;YACxE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QAEpD,sDAAsD;QACtD,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QAEzC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,aAAa,EAAE,mBAAmB,CAAC,CAAC;QAC7E,CAAC;QAED,iBAAiB;QACjB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;QAEpE,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;YACtB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,aAAa,EAAE,UAAU,CAAC,KAAK,IAAI,eAAe,CAAC,CAAC;QAC7F,CAAC;QAED,+EAA+E;QAC/E,qEAAqE;QACrE,+EAA+E;QAE/E,8BAA8B;QAC9B,MAAM,SAAS,GAAG,UAAU,CAAC,OAAQ,CAAC,SAAS,CAAC;QAChD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;QAEnE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,iBAAiB,EAAE,mBAAmB,CAAC,CAAC;QACjF,CAAC;QAED,qDAAqD;QACrD,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC;QAEvC,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;YACtB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,oBAAoB,EAAE,0BAA0B,CAAC,CAAC;QAC3F,CAAC;QAED,8BAA8B;QAC9B,IAAI,OAAO,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;YACnC,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,eAAe,EAAE,qBAAqB,CAAC,CAAC;QACjF,CAAC;QAED,+EAA+E;QAC/E,yDAAyD;QACzD,+EAA+E;QAC/E,6CAA6C;QAC7C,uBAAuB;QACvB,wBAAwB;QACxB,gDAAgD;QAChD,uFAAuF;QACvF,EAAE;QACF,mEAAmE;QACnE,MAAM,KAAK,GAAG,IAAA,0CAAoB,EAAC,OAAO,CAAC,CAAC;QAC5C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,6DAA6D;YAC7D,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,cAAc,EAAE,yBAAyB,CAAC,CAAC;QACpF,CAAC;QAED,OAAO,qBAAc,CAAC,UAAU,CAAC,KAAK,EAAE,KAAK,IAAI,EAAE;YACjD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,qBAAqB,CAAC,UAAU,CAAC,OAAQ,CAAC,GAAG,CAAC,CAAC;YAEnF,gFAAgF;YAChF,8DAA8D;YAC9D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;YACvE,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,OAAO,KAAK,cAAc,IAAI,WAAW,CAAC,SAAS,EAAE,CAAC;gBACpF,MAAM,IAAI,qBAAc,CACtB,oBAAa,CAAC,aAAa,EAC3B,gEAAgE,CACjE,CAAC;YACJ,CAAC;YAED,yBAAyB;YACzB,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;YACpB,OAAO,CAAC,KAAK,GAAG,UAAU,CAAC,OAAO,CAAC;YAEnC,6CAA6C;YAC7C,qBAAc,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;YACzC,qBAAc,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC;YACtD,qBAAc,CAAC,GAAG,CAAC,iBAAiB,EAAE,SAAS,CAAC,CAAC;YAEjD,+CAA+C;YAC/C,MAAM,UAAU,GAAG,qBAAc,CAAC,GAAG,CAA0C,aAAa,CAAC,CAAC;YAC9F,IAAI,UAAU,EAAE,CAAC;gBACf,MAAM,eAAe,GAAG,OAAO,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC,CAAC;gBACpG,MAAM,YAAY,GAAG,OAAO,IAAI,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC3F,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,eAAe,GAAG,CAAC,EAAE,CAAC;oBACnD,UAAU,CAAC,SAAS,GAAG,eAAe,CAAC;gBACzC,CAAC;gBACD,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;oBAC7C,UAAU,CAAC,MAAM,GAAG,YAAY,CAAC;gBACnC,CAAC;gBACD,qBAAc,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;YAChD,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;OASG;IACK,YAAY,CAAC,OAAyB;QAC5C,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QACpD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC;QACtC,MAAM,MAAM,GAAG,GAAG,EAAE,MAAM,IAAI,MAAM,CAAC;QAErC,MAAM,UAAU,GAAuB,OAAO,CAAC,OAAO,EAAE,aAAa,CAAC;QACtE,MAAM,WAAW,GAAG,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QACvF,MAAM,qBAAqB,GAAG,IAAA,+BAAwB,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACpE,MAAM,WAAW,GAAuB,OAAO,CAAC,OAAO,EAAE,CAAC,qBAAqB,CAAC,CAAC;QAEjF,iFAAiF;QACjF,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAgB,6CAAkB,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;QAE9F,IAAI,SAAS,GAAuB,MAAM,CAAC;QAC3C,IAAI,SAAS,EAAE,CAAC;YACd,SAAS,GAAG,SAAS,CAAC;QACxB,CAAC;aAAM,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,SAAS,GAAG,IAAA,gCAAyB,EAAC,OAAO,EAAE,GAAG,EAAE,YAAY,CAAC,CAAC;QACpE,CAAC;aAAM,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YAChC,SAAS,GAAG,SAAS,CAAC;QACxB,CAAC;aAAM,CAAC;YACN,SAAS,GAAG,MAAM,CAAC;QACrB,CAAC;QAED,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,IAAI,WAAW,IAAI,CAAC,WAAW,EAAE,CAAC;gBAChC,MAAM,IAAI,qBAAc,CACtB,oBAAa,CAAC,kBAAkB,EAChC,oDAAoD,CACrD,CAAC;YACJ,CAAC;YACD,OAAO,WAAW,IAAI,IAAI,CAAC;QAC7B,CAAC;QAED,uBAAuB;QACvB,IAAI,WAAW,IAAI,CAAC,WAAW,EAAE,CAAC;YAChC,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,mBAAmB,EAAE,kDAAkD,CAAC,CAAC;QAClH,CAAC;QACD,OAAO,WAAW,IAAI,IAAI,CAAC;IAC7B,CAAC;CACF,CAAA;AAvKY,8BAAS;oBAAT,SAAS;IADrB,IAAA,mBAAU,GAAE;IAOR,WAAA,IAAA,eAAM,EAAC,cAAc,CAAC,CAAA;qCAJK,gBAAS;QACR,qBAAU;QACN,yBAAc;QACjB,kBAAW;GALhC,SAAS,CAuKrB"}
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
import { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
2
|
+
import { NAuthConfig } from '@nauth-toolkit/core';
|
|
3
|
+
import { GeoLocationService } from '@nauth-toolkit/core/internal';
|
|
4
|
+
/**
|
|
5
|
+
* NAuth Context Guard
|
|
6
|
+
*
|
|
7
|
+
* Runs FIRST for HTTP requests (registered as APP_GUARD).
|
|
8
|
+
* Initializes AsyncLocalStorage context and extracts client information.
|
|
9
|
+
*
|
|
10
|
+
* **Responsibilities:**
|
|
11
|
+
* - Creates a new AsyncLocalStorage store using `ContextStorage.run()`
|
|
12
|
+
* - Stores the created store on the raw request object for subsequent hooks/interceptors
|
|
13
|
+
* - Extracts and stores client info (IP, user agent, device token, geolocation)
|
|
14
|
+
* - Stores HTTP_RESPONSE in context for services that need response access
|
|
15
|
+
*
|
|
16
|
+
* **Why a Guard (not Middleware):**
|
|
17
|
+
* - Guards run before interceptors, ensuring context is available for both guards and controllers
|
|
18
|
+
* - Works with Fastify adapter (Nest middleware is not consistently supported)
|
|
19
|
+
* - Mirrors the core FastifyAdapter pattern for context management
|
|
20
|
+
*
|
|
21
|
+
* @example
|
|
22
|
+
* ```typescript
|
|
23
|
+
* // Registered globally in AuthModule as APP_GUARD
|
|
24
|
+
* // No manual usage required - runs automatically for all HTTP requests
|
|
25
|
+
* ```
|
|
26
|
+
*/
|
|
27
|
+
export declare class NAuthContextGuard implements CanActivate {
|
|
28
|
+
private readonly config;
|
|
29
|
+
private readonly geoLocationService?;
|
|
30
|
+
private readonly clientInfoService;
|
|
31
|
+
constructor(config: NAuthConfig, geoLocationService?: GeoLocationService | undefined);
|
|
32
|
+
canActivate(context: ExecutionContext): Promise<boolean>;
|
|
33
|
+
/**
|
|
34
|
+
* Extract client information and store in context
|
|
35
|
+
*
|
|
36
|
+
* Equivalent to core ClientInfoHandler behavior.
|
|
37
|
+
*/
|
|
38
|
+
private extractAndStoreClientInfo;
|
|
39
|
+
}
|
|
40
|
+
/**
|
|
41
|
+
* Get the context store from request (for use in interceptor)
|
|
42
|
+
*/
|
|
43
|
+
export declare function getNAuthContextStore(request: unknown): Map<string, unknown> | undefined;
|
|
44
|
+
//# sourceMappingURL=nauth-context.guard.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"nauth-context.guard.d.ts","sourceRoot":"","sources":["../../src/guards/nauth-context.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,WAAW,EAAE,gBAAgB,EAAoB,MAAM,gBAAgB,CAAC;AAC7F,OAAO,EAKL,WAAW,EAEZ,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,kBAAkB,EAAE,MAAM,8BAA8B,CAAC;AAOlE;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,qBACa,iBAAkB,YAAW,WAAW;IAKjD,OAAO,CAAC,QAAQ,CAAC,MAAM;IAEvB,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAC;IANtC,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAA2B;gBAI1C,MAAM,EAAE,WAAW,EAEnB,kBAAkB,CAAC,EAAE,kBAAkB,YAAA;IAGpD,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;IAsB9D;;;;OAIG;YACW,yBAAyB;CAiExC;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,OAAO,GAAG,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAAS,CAEvF"}
|
|
@@ -0,0 +1,140 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
12
|
+
return function (target, key) { decorator(target, key, paramIndex); }
|
|
13
|
+
};
|
|
14
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
+
exports.NAuthContextGuard = void 0;
|
|
16
|
+
exports.getNAuthContextStore = getNAuthContextStore;
|
|
17
|
+
const common_1 = require("@nestjs/common");
|
|
18
|
+
const core_1 = require("@nauth-toolkit/core");
|
|
19
|
+
const internal_1 = require("@nauth-toolkit/core/internal");
|
|
20
|
+
/**
|
|
21
|
+
* Symbol for storing context store on request (avoids property name collisions)
|
|
22
|
+
*/
|
|
23
|
+
const NAUTH_CONTEXT_STORE = Symbol.for('nauth.contextStore');
|
|
24
|
+
/**
|
|
25
|
+
* NAuth Context Guard
|
|
26
|
+
*
|
|
27
|
+
* Runs FIRST for HTTP requests (registered as APP_GUARD).
|
|
28
|
+
* Initializes AsyncLocalStorage context and extracts client information.
|
|
29
|
+
*
|
|
30
|
+
* **Responsibilities:**
|
|
31
|
+
* - Creates a new AsyncLocalStorage store using `ContextStorage.run()`
|
|
32
|
+
* - Stores the created store on the raw request object for subsequent hooks/interceptors
|
|
33
|
+
* - Extracts and stores client info (IP, user agent, device token, geolocation)
|
|
34
|
+
* - Stores HTTP_RESPONSE in context for services that need response access
|
|
35
|
+
*
|
|
36
|
+
* **Why a Guard (not Middleware):**
|
|
37
|
+
* - Guards run before interceptors, ensuring context is available for both guards and controllers
|
|
38
|
+
* - Works with Fastify adapter (Nest middleware is not consistently supported)
|
|
39
|
+
* - Mirrors the core FastifyAdapter pattern for context management
|
|
40
|
+
*
|
|
41
|
+
* @example
|
|
42
|
+
* ```typescript
|
|
43
|
+
* // Registered globally in AuthModule as APP_GUARD
|
|
44
|
+
* // No manual usage required - runs automatically for all HTTP requests
|
|
45
|
+
* ```
|
|
46
|
+
*/
|
|
47
|
+
let NAuthContextGuard = class NAuthContextGuard {
|
|
48
|
+
config;
|
|
49
|
+
geoLocationService;
|
|
50
|
+
clientInfoService = new core_1.ClientInfoService();
|
|
51
|
+
constructor(config, geoLocationService) {
|
|
52
|
+
this.config = config;
|
|
53
|
+
this.geoLocationService = geoLocationService;
|
|
54
|
+
}
|
|
55
|
+
async canActivate(context) {
|
|
56
|
+
// Only operate in HTTP context
|
|
57
|
+
if (context.getType() !== 'http') {
|
|
58
|
+
return true;
|
|
59
|
+
}
|
|
60
|
+
const request = context.switchToHttp().getRequest();
|
|
61
|
+
const response = context.switchToHttp().getResponse();
|
|
62
|
+
// Initialize AsyncLocalStorage context
|
|
63
|
+
// Store the context store on the request for subsequent hooks/interceptors
|
|
64
|
+
return core_1.ContextStorage.run(() => {
|
|
65
|
+
// Store context store on request for restoration in interceptor
|
|
66
|
+
request[NAUTH_CONTEXT_STORE] = core_1.ContextStorage.getStore();
|
|
67
|
+
// Extract and store client information
|
|
68
|
+
this.extractAndStoreClientInfo(request, response);
|
|
69
|
+
return true;
|
|
70
|
+
});
|
|
71
|
+
}
|
|
72
|
+
/**
|
|
73
|
+
* Extract client information and store in context
|
|
74
|
+
*
|
|
75
|
+
* Equivalent to core ClientInfoHandler behavior.
|
|
76
|
+
*/
|
|
77
|
+
async extractAndStoreClientInfo(request, response) {
|
|
78
|
+
const req = request;
|
|
79
|
+
const headers = req.headers || {};
|
|
80
|
+
const userAgent = headers['user-agent'];
|
|
81
|
+
const userAgentString = typeof userAgent === 'string' ? userAgent : 'unknown';
|
|
82
|
+
// Parse user agent to extract platform and browser
|
|
83
|
+
const parsedUA = this.clientInfoService.parseUserAgent(userAgentString);
|
|
84
|
+
// Extract device token from cookie or header
|
|
85
|
+
const deviceTokenCookieName = (0, core_1.getDeviceTokenCookieName)(this.config);
|
|
86
|
+
const deviceTokenCookie = req.cookies?.[deviceTokenCookieName];
|
|
87
|
+
const deviceTokenHeader = headers['x-device-token'] || headers['X-Device-Token'];
|
|
88
|
+
const deviceToken = (typeof deviceTokenCookie === 'string' ? deviceTokenCookie : undefined) ||
|
|
89
|
+
(typeof deviceTokenHeader === 'string' ? deviceTokenHeader : undefined) ||
|
|
90
|
+
(deviceTokenHeader ? String(deviceTokenHeader) : undefined);
|
|
91
|
+
// Extract IP address
|
|
92
|
+
const ipAddress = (0, core_1.extractClientIp)(req);
|
|
93
|
+
const clientInfo = {
|
|
94
|
+
ipAddress,
|
|
95
|
+
userAgent: userAgentString,
|
|
96
|
+
deviceToken,
|
|
97
|
+
deviceName: req.body?.deviceName || parsedUA.deviceName || undefined,
|
|
98
|
+
deviceType: (req.body?.deviceType || parsedUA.deviceType || undefined),
|
|
99
|
+
platform: parsedUA.platform || undefined,
|
|
100
|
+
browser: parsedUA.browser || undefined,
|
|
101
|
+
sessionId: undefined, // Set later by AuthGuard after token validation
|
|
102
|
+
userId: undefined, // Set later by AuthGuard after token validation
|
|
103
|
+
ipCountry: undefined,
|
|
104
|
+
ipCity: undefined,
|
|
105
|
+
ipLatitude: undefined,
|
|
106
|
+
ipLongitude: undefined,
|
|
107
|
+
};
|
|
108
|
+
// Populate geolocation if service available
|
|
109
|
+
if (this.geoLocationService && clientInfo.ipAddress && clientInfo.ipAddress !== '0.0.0.0') {
|
|
110
|
+
try {
|
|
111
|
+
const geo = await this.geoLocationService.getIpGeolocation(clientInfo.ipAddress);
|
|
112
|
+
clientInfo.ipCountry = geo.country;
|
|
113
|
+
clientInfo.ipCity = geo.city;
|
|
114
|
+
clientInfo.ipLatitude = geo.latitude;
|
|
115
|
+
clientInfo.ipLongitude = geo.longitude;
|
|
116
|
+
}
|
|
117
|
+
catch {
|
|
118
|
+
// Non-blocking: Silently fail - geolocation remains undefined
|
|
119
|
+
// Errors are already logged by GeoLocationService
|
|
120
|
+
}
|
|
121
|
+
}
|
|
122
|
+
// Store in AsyncLocalStorage context
|
|
123
|
+
core_1.ContextStorage.set('CLIENT_INFO', clientInfo);
|
|
124
|
+
core_1.ContextStorage.set('HTTP_RESPONSE', response);
|
|
125
|
+
}
|
|
126
|
+
};
|
|
127
|
+
exports.NAuthContextGuard = NAuthContextGuard;
|
|
128
|
+
exports.NAuthContextGuard = NAuthContextGuard = __decorate([
|
|
129
|
+
(0, common_1.Injectable)(),
|
|
130
|
+
__param(0, (0, common_1.Inject)('NAUTH_CONFIG')),
|
|
131
|
+
__param(1, (0, common_1.Optional)()),
|
|
132
|
+
__metadata("design:paramtypes", [Object, internal_1.GeoLocationService])
|
|
133
|
+
], NAuthContextGuard);
|
|
134
|
+
/**
|
|
135
|
+
* Get the context store from request (for use in interceptor)
|
|
136
|
+
*/
|
|
137
|
+
function getNAuthContextStore(request) {
|
|
138
|
+
return request[NAUTH_CONTEXT_STORE];
|
|
139
|
+
}
|
|
140
|
+
//# sourceMappingURL=nauth-context.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"nauth-context.guard.js","sourceRoot":"","sources":["../../src/guards/nauth-context.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAmJA,oDAEC;AArJD,2CAA6F;AAC7F,8CAO6B;AAC7B,2DAAkE;AAElE;;GAEG;AACH,MAAM,mBAAmB,GAAG,MAAM,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;AAE7D;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAEI,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAKT;IAEA;IANF,iBAAiB,GAAG,IAAI,wBAAiB,EAAE,CAAC;IAE7D,YAEmB,MAAmB,EAEnB,kBAAuC;QAFvC,WAAM,GAAN,MAAM,CAAa;QAEnB,uBAAkB,GAAlB,kBAAkB,CAAqB;IACvD,CAAC;IAEJ,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,+BAA+B;QAC/B,IAAI,OAAO,CAAC,OAAO,EAAE,KAAK,MAAM,EAAE,CAAC;YACjC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QACpD,MAAM,QAAQ,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,CAAC;QAEtD,uCAAuC;QACvC,2EAA2E;QAC3E,OAAO,qBAAc,CAAC,GAAG,CAAC,GAAG,EAAE;YAC7B,gEAAgE;YAC/D,OAAmC,CAAC,mBAAmB,CAAC,GAAG,qBAAc,CAAC,QAAQ,EAAE,CAAC;YAEtF,uCAAuC;YACvC,IAAI,CAAC,yBAAyB,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;YAElD,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,yBAAyB,CAAC,OAAgB,EAAE,QAAiB;QACzE,MAAM,GAAG,GAAG,OAKX,CAAC;QAEF,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC;QAClC,MAAM,SAAS,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;QACxC,MAAM,eAAe,GAAG,OAAO,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;QAE9E,mDAAmD;QACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,iBAAiB,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;QAExE,6CAA6C;QAC7C,MAAM,qBAAqB,GAAG,IAAA,+BAAwB,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACpE,MAAM,iBAAiB,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,qBAAqB,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,OAAO,CAAC,gBAAgB,CAAC,IAAI,OAAO,CAAC,gBAAgB,CAAC,CAAC;QACjF,MAAM,WAAW,GACf,CAAC,OAAO,iBAAiB,KAAK,QAAQ,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YACvE,CAAC,OAAO,iBAAiB,KAAK,QAAQ,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YACvE,CAAC,iBAAiB,CAAC,CAAC,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QAE9D,qBAAqB;QACrB,MAAM,SAAS,GAAG,IAAA,sBAAe,EAAC,GAAG,CAAC,CAAC;QAEvC,MAAM,UAAU,GAAgB;YAC9B,SAAS;YACT,SAAS,EAAE,eAAe;YAC1B,WAAW;YACX,UAAU,EAAG,GAAG,CAAC,IAAI,EAAE,UAAqB,IAAI,QAAQ,CAAC,UAAU,IAAI,SAAS;YAChF,UAAU,EAAE,CAAE,GAAG,CAAC,IAAI,EAAE,UAAqB,IAAI,QAAQ,CAAC,UAAU,IAAI,SAAS,CAIpE;YACb,QAAQ,EAAE,QAAQ,CAAC,QAAQ,IAAI,SAAS;YACxC,OAAO,EAAE,QAAQ,CAAC,OAAO,IAAI,SAAS;YACtC,SAAS,EAAE,SAAS,EAAE,gDAAgD;YACtE,MAAM,EAAE,SAAS,EAAE,gDAAgD;YACnE,SAAS,EAAE,SAAS;YACpB,MAAM,EAAE,SAAS;YACjB,UAAU,EAAE,SAAS;YACrB,WAAW,EAAE,SAAS;SACvB,CAAC;QAEF,4CAA4C;QAC5C,IAAI,IAAI,CAAC,kBAAkB,IAAI,UAAU,CAAC,SAAS,IAAI,UAAU,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;YAC1F,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,gBAAgB,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;gBACjF,UAAU,CAAC,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC;gBACnC,UAAU,CAAC,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC;gBAC7B,UAAU,CAAC,UAAU,GAAG,GAAG,CAAC,QAAQ,CAAC;gBACrC,UAAU,CAAC,WAAW,GAAG,GAAG,CAAC,SAAS,CAAC;YACzC,CAAC;YAAC,MAAM,CAAC;gBACP,8DAA8D;gBAC9D,kDAAkD;YACpD,CAAC;QACH,CAAC;QAED,qCAAqC;QACrC,qBAAc,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;QAC9C,qBAAc,CAAC,GAAG,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;IAChD,CAAC;CACF,CAAA;AAtGY,8CAAiB;4BAAjB,iBAAiB;IAD7B,IAAA,mBAAU,GAAE;IAKR,WAAA,IAAA,eAAM,EAAC,cAAc,CAAC,CAAA;IAEtB,WAAA,IAAA,iBAAQ,GAAE,CAAA;6CAC2B,6BAAkB;GAP/C,iBAAiB,CAsG7B;AAED;;GAEG;AACH,SAAgB,oBAAoB,CAAC,OAAgB;IACnD,OAAQ,OAAmC,CAAC,mBAAmB,CAAqC,CAAC;AACvG,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -14,11 +14,12 @@ export { AuthModule, NAuthModuleConfig } from './auth.module';
|
|
|
14
14
|
* NestJS Guards - Route protection and authentication
|
|
15
15
|
*/
|
|
16
16
|
export { AuthGuard } from './guards/auth.guard';
|
|
17
|
+
export { NAuthContextGuard } from './guards/nauth-context.guard';
|
|
17
18
|
export { CsrfGuard } from './guards/csrf.guard';
|
|
18
19
|
/**
|
|
19
20
|
* NestJS Interceptors - Request/response processing
|
|
20
21
|
*/
|
|
21
|
-
export {
|
|
22
|
+
export { NAuthContextInterceptor } from './interceptors/nauth-context.interceptor';
|
|
22
23
|
export { CookieTokenInterceptor } from './interceptors/cookie-token.interceptor';
|
|
23
24
|
/**
|
|
24
25
|
* NestJS Decorators - Parameter decorators and metadata
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAWH,cAAc,qBAAqB,CAAC;AAMpC;;GAEG;AACH,OAAO,EAAE,UAAU,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAE9D;;GAEG;AACH,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAChD,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAEhD;;GAEG;AACH,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAWH,cAAc,qBAAqB,CAAC;AAMpC;;GAEG;AACH,OAAO,EAAE,UAAU,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAE9D;;GAEG;AACH,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAChD,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAEhD;;GAEG;AACH,OAAO,EAAE,uBAAuB,EAAE,MAAM,0CAA0C,CAAC;AACnF,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AAEjF;;GAEG;AACH,OAAO,EAAE,WAAW,EAAE,MAAM,qCAAqC,CAAC;AAClE,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AACtE,OAAO,EAAE,UAAU,EAAE,MAAM,oCAAoC,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,uCAAuC,CAAC;AAEzG;;GAEG;AACH,OAAO,EAAE,wBAAwB,EAAE,MAAM,uCAAuC,CAAC;AAEjF;;GAEG;AACH,OAAO,EAAE,mBAAmB,EAAE,MAAM,mCAAmC,CAAC;AAExE;;GAEG;AACH,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAEtD;;GAEG;AACH,cAAc,OAAO,CAAC;AAEtB;;GAEG;AACH,OAAO,EACL,4BAA4B,EAC5B,yBAAyB,EACzB,yBAAyB,GAC1B,MAAM,qCAAqC,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -21,7 +21,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
21
21
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
22
22
|
};
|
|
23
23
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
24
|
-
exports.createRedisClusterAdapter = exports.createRedisStorageAdapter = exports.createDatabaseStorageAdapter = exports.CsrfService = exports.NestJsLoggerAdapter = exports.NAuthHttpExceptionFilter = exports.TOKEN_DELIVERY_KEY = exports.TokenDelivery = exports.ClientInfo = exports.IS_PUBLIC_KEY = exports.Public = exports.CurrentUser = exports.CookieTokenInterceptor = exports.
|
|
24
|
+
exports.createRedisClusterAdapter = exports.createRedisStorageAdapter = exports.createDatabaseStorageAdapter = exports.CsrfService = exports.NestJsLoggerAdapter = exports.NAuthHttpExceptionFilter = exports.TOKEN_DELIVERY_KEY = exports.TokenDelivery = exports.ClientInfo = exports.IS_PUBLIC_KEY = exports.Public = exports.CurrentUser = exports.CookieTokenInterceptor = exports.NAuthContextInterceptor = exports.CsrfGuard = exports.NAuthContextGuard = exports.AuthGuard = exports.AuthModule = void 0;
|
|
25
25
|
// ============================================================================
|
|
26
26
|
// Re-export Public API from Core
|
|
27
27
|
// ============================================================================
|
|
@@ -45,13 +45,15 @@ Object.defineProperty(exports, "AuthModule", { enumerable: true, get: function (
|
|
|
45
45
|
*/
|
|
46
46
|
var auth_guard_1 = require("./guards/auth.guard");
|
|
47
47
|
Object.defineProperty(exports, "AuthGuard", { enumerable: true, get: function () { return auth_guard_1.AuthGuard; } });
|
|
48
|
+
var nauth_context_guard_1 = require("./guards/nauth-context.guard");
|
|
49
|
+
Object.defineProperty(exports, "NAuthContextGuard", { enumerable: true, get: function () { return nauth_context_guard_1.NAuthContextGuard; } });
|
|
48
50
|
var csrf_guard_1 = require("./guards/csrf.guard");
|
|
49
51
|
Object.defineProperty(exports, "CsrfGuard", { enumerable: true, get: function () { return csrf_guard_1.CsrfGuard; } });
|
|
50
52
|
/**
|
|
51
53
|
* NestJS Interceptors - Request/response processing
|
|
52
54
|
*/
|
|
53
|
-
var
|
|
54
|
-
Object.defineProperty(exports, "
|
|
55
|
+
var nauth_context_interceptor_1 = require("./interceptors/nauth-context.interceptor");
|
|
56
|
+
Object.defineProperty(exports, "NAuthContextInterceptor", { enumerable: true, get: function () { return nauth_context_interceptor_1.NAuthContextInterceptor; } });
|
|
55
57
|
var cookie_token_interceptor_1 = require("./interceptors/cookie-token.interceptor");
|
|
56
58
|
Object.defineProperty(exports, "CookieTokenInterceptor", { enumerable: true, get: function () { return cookie_token_interceptor_1.CookieTokenInterceptor; } });
|
|
57
59
|
/**
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;;;;;;;;;;;;;;;;AAEH,+EAA+E;AAC/E,iCAAiC;AACjC,+EAA+E;AAC/E,+EAA+E;AAC/E,kFAAkF;AAClF,qCAAqC;AACrC,EAAE;AACF,wDAAwD;AACxD,qDAAqD;AACrD,sDAAoC;AAEpC,+EAA+E;AAC/E,0BAA0B;AAC1B,+EAA+E;AAE/E;;GAEG;AACH,6CAA8D;AAArD,yGAAA,UAAU,OAAA;AAEnB;;GAEG;AACH,kDAAgD;AAAvC,uGAAA,SAAS,OAAA;AAClB,kDAAgD;AAAvC,uGAAA,SAAS,OAAA;AAElB;;GAEG;AACH,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;;;;;;;;;;;;;;;;AAEH,+EAA+E;AAC/E,iCAAiC;AACjC,+EAA+E;AAC/E,+EAA+E;AAC/E,kFAAkF;AAClF,qCAAqC;AACrC,EAAE;AACF,wDAAwD;AACxD,qDAAqD;AACrD,sDAAoC;AAEpC,+EAA+E;AAC/E,0BAA0B;AAC1B,+EAA+E;AAE/E;;GAEG;AACH,6CAA8D;AAArD,yGAAA,UAAU,OAAA;AAEnB;;GAEG;AACH,kDAAgD;AAAvC,uGAAA,SAAS,OAAA;AAClB,oEAAiE;AAAxD,wHAAA,iBAAiB,OAAA;AAC1B,kDAAgD;AAAvC,uGAAA,SAAS,OAAA;AAElB;;GAEG;AACH,sFAAmF;AAA1E,oIAAA,uBAAuB,OAAA;AAChC,oFAAiF;AAAxE,kIAAA,sBAAsB,OAAA;AAE/B;;GAEG;AACH,8EAAkE;AAAzD,qHAAA,WAAW,OAAA;AACpB,kEAAsE;AAA7D,0GAAA,MAAM,OAAA;AAAE,iHAAA,aAAa,OAAA;AAC9B,4EAAgE;AAAvD,mHAAA,UAAU,OAAA;AACnB,kFAAyG;AAAhG,yHAAA,aAAa,OAAA;AAAE,8HAAA,kBAAkB,OAAA;AAE1C;;GAEG;AACH,qFAAiF;AAAxE,uIAAA,wBAAwB,OAAA;AAEjC;;GAEG;AACH,2EAAwE;AAA/D,4HAAA,mBAAmB,OAAA;AAE5B;;GAEG;AACH,wDAAsD;AAA7C,2GAAA,WAAW,OAAA;AAEpB;;GAEG;AACH,wCAAsB;AAEtB;;GAEG;AACH,+EAI6C;AAH3C,uIAAA,4BAA4B,OAAA;AAC5B,oIAAA,yBAAyB,OAAA;AACzB,oIAAA,yBAAyB,OAAA"}
|
|
@@ -1,9 +1,7 @@
|
|
|
1
1
|
import { NestInterceptor, ExecutionContext, CallHandler } from '@nestjs/common';
|
|
2
2
|
import { Reflector } from '@nestjs/core';
|
|
3
3
|
import { Observable } from 'rxjs';
|
|
4
|
-
import {
|
|
5
|
-
import { JwtService } from '@nauth-toolkit/core/internal';
|
|
6
|
-
import { CsrfService } from '../services/csrf.service';
|
|
4
|
+
import { TokenDeliveryHttpService } from '../services/token-delivery-http.service';
|
|
7
5
|
/**
|
|
8
6
|
* Cookie Token Interceptor
|
|
9
7
|
*
|
|
@@ -21,11 +19,9 @@ import { CsrfService } from '../services/csrf.service';
|
|
|
21
19
|
* It does nothing in other contexts (e.g., WebSocket, GraphQL).
|
|
22
20
|
*/
|
|
23
21
|
export declare class CookieTokenInterceptor implements NestInterceptor {
|
|
24
|
-
private readonly
|
|
25
|
-
private readonly jwtService;
|
|
22
|
+
private readonly tokenDeliveryHttp;
|
|
26
23
|
private readonly reflector;
|
|
27
|
-
|
|
28
|
-
constructor(config: NAuthConfig, jwtService: JwtService, reflector: Reflector, csrfService?: CsrfService | undefined);
|
|
24
|
+
constructor(tokenDeliveryHttp: TokenDeliveryHttpService, reflector: Reflector);
|
|
29
25
|
intercept(context: ExecutionContext, next: CallHandler): Observable<unknown>;
|
|
30
26
|
}
|
|
31
27
|
//# sourceMappingURL=cookie-token.interceptor.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cookie-token.interceptor.d.ts","sourceRoot":"","sources":["../../src/interceptors/cookie-token.interceptor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,eAAe,EAAE,gBAAgB,EAAE,WAAW,
|
|
1
|
+
{"version":3,"file":"cookie-token.interceptor.d.ts","sourceRoot":"","sources":["../../src/interceptors/cookie-token.interceptor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,eAAe,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC5F,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAIlC,OAAO,EAAE,wBAAwB,EAAE,MAAM,yCAAyC,CAAC;AAEnF;;;;;;;;;;;;;;;GAeG;AACH,qBACa,sBAAuB,YAAW,eAAe;IAE1D,OAAO,CAAC,QAAQ,CAAC,iBAAiB;IAClC,OAAO,CAAC,QAAQ,CAAC,SAAS;gBADT,iBAAiB,EAAE,wBAAwB,EAC3C,SAAS,EAAE,SAAS;IAGvC,SAAS,CAAC,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,WAAW,GAAG,UAAU,CAAC,OAAO,CAAC;CAkF7E"}
|