@nauth-toolkit/nestjs 0.1.62 → 0.1.63

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/guards/auth.guard.d.ts +11 -0
  2. package/dist/guards/auth.guard.d.ts.map +1 -1
  3. package/dist/guards/auth.guard.js +111 -59
  4. package/dist/guards/auth.guard.js.map +1 -1
  5. package/package.json +2 -2
package/dist/guards/auth.guard.d.ts CHANGED
@@ -22,6 +22,17 @@ export declare class AuthGuard implements CanActivate {
22
22
  private readonly _authService;
23
23
  private readonly config;
24
24
  canActivate(context: ExecutionContext): Promise<boolean>;
25
+ /**
26
+ * Attempt to authenticate the request and attach `request.user` + ContextStorage.
27
+ *
28
+ * When `strict` is true: behaves like a traditional auth guard (throws on failures).
29
+ * When `strict` is false: best-effort only; failures are treated as "unauthenticated"
30
+ * and the request is allowed to proceed without a user context.
31
+ *
32
+ * @param context - Nest execution context
33
+ * @param options - Behavior options
34
+ */
35
+ private tryAttachAuthContext;
25
36
  /**
26
37
  * Extract JWT token from request with strict source validation based on configuration
27
38
  *
package/dist/guards/auth.guard.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth.guard.d.ts","sourceRoot":"","sources":["../../src/guards/auth.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,WAAW,EAAE,gBAAgB,EAAU,MAAM,gBAAgB,CAAC;AAiBnF;;;;;;;;;;;;;;;GAeG;AACH,qBACa,SAAU,YAAW,WAAW;IAS3C,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAa;IAGxC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAc;IAG1C,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAkB;IAGlD,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAe;IAG5C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAe;IAEhC,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;IAoH9D;;;;;;;;;OASG;IACH,OAAO,CAAC,YAAY;CAwCrB"}
1
+ {"version":3,"file":"auth.guard.d.ts","sourceRoot":"","sources":["../../src/guards/auth.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,WAAW,EAAE,gBAAgB,EAAU,MAAM,gBAAgB,CAAC;AAiBnF;;;;;;;;;;;;;;;GAeG;AACH,qBACa,SAAU,YAAW,WAAW;IAS3C,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAa;IAGxC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAc;IAG1C,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAkB;IAGlD,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAe;IAG5C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAe;IAEhC,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;IAiB9D;;;;;;;;;OASG;YACW,oBAAoB;IA0IlC;;;;;;;;;OASG;IACH,OAAO,CAAC,YAAY;CAwCrB"}
package/dist/guards/auth.guard.js CHANGED
@@ -52,92 +52,144 @@ let AuthGuard = class AuthGuard {
52
52
  context.getHandler(),
53
53
  context.getClass(),
54
54
  ]);
55
- if (isPublic) {
56
- return true;
57
- }
55
+ // Public routes can optionally accept authentication:
56
+ // - If a valid token is present, we attach user/context so `@CurrentUser()` works.
57
+ // - If token is missing/invalid/expired (or session is revoked/expired), we do NOT throw.
58
+ // This keeps public endpoints resilient while still enabling "optional auth" patterns.
59
+ await this.tryAttachAuthContext(context, { strict: !isPublic });
60
+ // if error is not thrown then it's valid tokens or public route
61
+ return true;
62
+ }
63
+ /**
64
+ * Attempt to authenticate the request and attach `request.user` + ContextStorage.
65
+ *
66
+ * When `strict` is true: behaves like a traditional auth guard (throws on failures).
67
+ * When `strict` is false: best-effort only; failures are treated as "unauthenticated"
68
+ * and the request is allowed to proceed without a user context.
69
+ *
70
+ * @param context - Nest execution context
71
+ * @param options - Behavior options
72
+ */
73
+ async tryAttachAuthContext(context, options) {
58
74
  const request = context.switchToHttp().getRequest();
59
- // Extract token according to configured delivery mode
60
- const token = this.extractToken(context);
75
+ // ============================================================================
76
+ // Token extraction (delivery-mode aware)
77
+ // ============================================================================
78
+ let token = null;
79
+ try {
80
+ token = this.extractToken(context);
81
+ }
82
+ catch (error) {
83
+ if (options.strict) {
84
+ throw error;
85
+ }
86
+ return; // Optional auth: treat as unauthenticated
87
+ }
61
88
  if (!token) {
62
- throw new core_2.NAuthException(core_2.AuthErrorCode.TOKEN_INVALID, 'No token provided');
89
+ if (options.strict) {
90
+ throw new core_2.NAuthException(core_2.AuthErrorCode.TOKEN_INVALID, 'No token provided');
91
+ }
92
+ return;
63
93
  }
64
94
  // Validate token
65
95
  const validation = await this._jwtService.validateAccessToken(token);
66
96
  if (!validation.valid) {
67
- throw new core_2.NAuthException(core_2.AuthErrorCode.TOKEN_INVALID, validation.error || 'Invalid token');
97
+ if (options.strict) {
98
+ throw new core_2.NAuthException(core_2.AuthErrorCode.TOKEN_INVALID, validation.error || 'Invalid token');
99
+ }
100
+ return;
68
101
  }
69
102
  // ============================================================================
70
- // CRITICAL SECURITY FIX #3: Optimistic Locking for TOCTOU Prevention
103
+ // Session checks (revocation + expiry)
71
104
  // ============================================================================
72
- // Check if session is revoked
105
+ // WHY:
106
+ // - Even if the JWT is cryptographically valid, we must ensure the session
107
+ // hasn't been revoked/expired server-side.
73
108
  const sessionId = validation.payload.sessionId;
74
109
  const session = await this._sessionService.findByIdLight(sessionId);
75
110
  if (!session) {
76
- throw new core_2.NAuthException(core_2.AuthErrorCode.SESSION_NOT_FOUND, 'Session not found');
111
+ if (options.strict) {
112
+ throw new core_2.NAuthException(core_2.AuthErrorCode.SESSION_NOT_FOUND, 'Session not found');
113
+ }
114
+ return;
77
115
  }
78
- // Store initial version for optimistic locking check
116
+ // Store initial version for optimistic locking check (TOCTOU prevention)
79
117
  const initialVersion = session.version;
80
118
  if (session.isRevoked) {
81
- throw new core_2.NAuthException(core_2.AuthErrorCode.TOKEN_REUSE_DETECTED, 'Session has been revoked');
119
+ if (options.strict) {
120
+ throw new core_2.NAuthException(core_2.AuthErrorCode.TOKEN_REUSE_DETECTED, 'Session has been revoked');
121
+ }
122
+ return;
82
123
  }
83
- // Check if session is expired
84
124
  if (session.expiresAt < new Date()) {
85
- throw new core_2.NAuthException(core_2.AuthErrorCode.SESSION_EXPIRED, 'Session has expired');
125
+ if (options.strict) {
126
+ throw new core_2.NAuthException(core_2.AuthErrorCode.SESSION_EXPIRED, 'Session has expired');
127
+ }
128
+ return;
86
129
  }
87
130
  // ============================================================================
88
131
  // Load user via AuthService (service-first architecture)
89
132
  // ============================================================================
90
- // AuthService.getUserForAuthContext handles:
91
- // - User lookup by sub
92
- // - Active status check
93
- // - Computing hasPasswordHash from passwordHash
94
- // - Removing sensitive fields (passwordHash, totpSecret, backupCodes, passwordHistory)
95
- //
96
- // Wrap in context restoration to ensure ContextStorage.set() works
133
+ // Wrap in context restoration to ensure ContextStorage.set() works.
97
134
  const store = (0, nauth_context_guard_1.getNAuthContextStore)(request);
98
135
  if (!store) {
99
- // No context available - should not happen with proper setup
100
- throw new core_2.NAuthException(core_2.AuthErrorCode.INTERNAL_ERROR, 'Context not initialized');
101
- }
102
- return core_2.ContextStorage.enterStore(store, async () => {
103
- const user = await this._authService.getUserForAuthContext(validation.payload.sub);
104
- //
105
- // ============================================================================
106
- // Session-scoped auth method propagation
107
- // ============================================================================
108
- // WHY: NestJS `@CurrentUser()` often backs `/profile` and other "who am I" endpoints.
109
- // Attaching session auth method allows frontends to show "Signed in with Google/Apple/etc."
110
- // even after refresh or cookie-based OAuth redirects.
111
- const sessionAuthMethod = session.authMethod ?? null;
112
- user.sessionAuthMethod = sessionAuthMethod;
113
- // SECURITY CRITICAL: Re-check session hasn't been modified (optimistic locking)
114
- // Prevents TOCTOU (Time-of-Check-Time-of-Use) vulnerabilities
115
- const revalidated = await this._sessionService.findByIdLight(sessionId);
116
- if (!revalidated || revalidated.version !== initialVersion || revalidated.isRevoked) {
117
- throw new core_2.NAuthException(core_2.AuthErrorCode.TOKEN_INVALID, 'Session was modified during request - possible security breach');
136
+ if (options.strict) {
137
+ // No context available - should not happen with proper setup
138
+ throw new core_2.NAuthException(core_2.AuthErrorCode.INTERNAL_ERROR, 'Context not initialized');
118
139
  }
119
- // Attach user to request
120
- request.user = user;
121
- request.token = validation.payload;
122
- // Store in ContextStorage for service access
123
- core_2.ContextStorage.set('CURRENT_USER', user);
124
- core_2.ContextStorage.set('JWT_PAYLOAD', validation.payload);
125
- core_2.ContextStorage.set('CURRENT_SESSION', sessionId);
126
- // Update CLIENT_INFO with sessionId and userId
127
- const clientInfo = core_2.ContextStorage.get('CLIENT_INFO');
128
- if (clientInfo) {
129
- const sessionIdNumber = typeof sessionId === 'number' ? sessionId : parseInt(String(sessionId), 10);
130
- const userIdNumber = typeof user.id === 'number' ? user.id : parseInt(String(user.id), 10);
131
- if (!isNaN(sessionIdNumber) && sessionIdNumber > 0) {
132
- clientInfo.sessionId = sessionIdNumber;
140
+ // Optional auth: still provide `@CurrentUser()` support by attaching user to the request,
141
+ // but skip ContextStorage because the request isn't context-initialized.
142
+ try {
143
+ const user = await this._authService.getUserForAuthContext(validation.payload.sub);
144
+ request.user = user;
145
+ request.token = validation.payload;
146
+ }
147
+ catch {
148
+ // Optional auth must not block public endpoints
149
+ }
150
+ return;
151
+ }
152
+ try {
153
+ await core_2.ContextStorage.enterStore(store, async () => {
154
+ const user = await this._authService.getUserForAuthContext(validation.payload.sub);
155
+ // ============================================================================
156
+ // Session-scoped auth method propagation
157
+ // ============================================================================
158
+ const sessionAuthMethod = session.authMethod ?? null;
159
+ user.sessionAuthMethod = sessionAuthMethod;
160
+ // SECURITY CRITICAL: Re-check session hasn't been modified (optimistic locking)
161
+ const revalidated = await this._sessionService.findByIdLight(sessionId);
162
+ if (!revalidated || revalidated.version !== initialVersion || revalidated.isRevoked) {
163
+ throw new core_2.NAuthException(core_2.AuthErrorCode.TOKEN_INVALID, 'Session was modified during request - possible security breach');
133
164
  }
134
- if (!isNaN(userIdNumber) && userIdNumber > 0) {
135
- clientInfo.userId = userIdNumber;
165
+ // Attach user to request
166
+ request.user = user;
167
+ request.token = validation.payload;
168
+ // Store in ContextStorage for service access
169
+ core_2.ContextStorage.set('CURRENT_USER', user);
170
+ core_2.ContextStorage.set('JWT_PAYLOAD', validation.payload);
171
+ core_2.ContextStorage.set('CURRENT_SESSION', sessionId);
172
+ // Update CLIENT_INFO with sessionId and userId
173
+ const clientInfo = core_2.ContextStorage.get('CLIENT_INFO');
174
+ if (clientInfo) {
175
+ const sessionIdNumber = typeof sessionId === 'number' ? sessionId : parseInt(String(sessionId), 10);
176
+ const userIdNumber = typeof user.id === 'number' ? user.id : parseInt(String(user.id), 10);
177
+ if (!isNaN(sessionIdNumber) && sessionIdNumber > 0) {
178
+ clientInfo.sessionId = sessionIdNumber;
179
+ }
180
+ if (!isNaN(userIdNumber) && userIdNumber > 0) {
181
+ clientInfo.userId = userIdNumber;
182
+ }
183
+ core_2.ContextStorage.set('CLIENT_INFO', clientInfo);
136
184
  }
137
- core_2.ContextStorage.set('CLIENT_INFO', clientInfo);
185
+ });
186
+ }
187
+ catch (error) {
188
+ if (options.strict) {
189
+ throw error;
138
190
  }
139
- return true;
140
- });
191
+ // Optional auth must not block public endpoints; treat as unauthenticated.
192
+ }
141
193
  }
142
194
  /**
143
195
  * Extract JWT token from request with strict source validation based on configuration
package/dist/guards/auth.guard.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth.guard.js","sourceRoot":"","sources":["../../src/guards/auth.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAmF;AACnF,uCAAyC;AACzC,8CAS6B;AAC7B,2DAA0E;AAC1E,qEAA+D;AAC/D,qFAA2F;AAC3F,+DAA6D;AAE7D;;;;;;;;;;;;;;;GAeG;AAEI,IAAM,SAAS,GAAf,MAAM,SAAS;IACpB,+EAA+E;IAC/E,wCAAwC;IACxC,+EAA+E;IAC/E,OAAO;IACP,4DAA4D;IAC5D,qGAAqG;IACrG,4FAA4F;IAE3E,UAAU,CAAa;IAGvB,WAAW,CAAc;IAGzB,eAAe,CAAkB;IAGjC,YAAY,CAAe;IAG3B,MAAM,CAAe;IAEtC,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,2BAA2B;QAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,iBAAiB,CAAU,gCAAa,EAAE;YACzE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QAEpD,sDAAsD;QACtD,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QAEzC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,aAAa,EAAE,mBAAmB,CAAC,CAAC;QAC7E,CAAC;QAED,iBAAiB;QACjB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;QAErE,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;YACtB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,aAAa,EAAE,UAAU,CAAC,KAAK,IAAI,eAAe,CAAC,CAAC;QAC7F,CAAC;QAED,+EAA+E;QAC/E,qEAAqE;QACrE,+EAA+E;QAE/E,8BAA8B;QAC9B,MAAM,SAAS,GAAG,UAAU,CAAC,OAAQ,CAAC,SAAS,CAAC;QAChD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;QAEpE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,iBAAiB,EAAE,mBAAmB,CAAC,CAAC;QACjF,CAAC;QAED,qDAAqD;QACrD,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC;QAEvC,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;YACtB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,oBAAoB,EAAE,0BAA0B,CAAC,CAAC;QAC3F,CAAC;QAED,8BAA8B;QAC9B,IAAI,OAAO,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;YACnC,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,eAAe,EAAE,qBAAqB,CAAC,CAAC;QACjF,CAAC;QAED,+EAA+E;QAC/E,yDAAyD;QACzD,+EAA+E;QAC/E,6CAA6C;QAC7C,uBAAuB;QACvB,wBAAwB;QACxB,gDAAgD;QAChD,uFAAuF;QACvF,EAAE;QACF,mEAAmE;QACnE,MAAM,KAAK,GAAG,IAAA,0CAAoB,EAAC,OAAO,CAAC,CAAC;QAC5C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,6DAA6D;YAC7D,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,cAAc,EAAE,yBAAyB,CAAC,CAAC;QACpF,CAAC;QAED,OAAO,qBAAc,CAAC,UAAU,CAAC,KAAK,EAAE,KAAK,IAAI,EAAE;YACjD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,CAAC,UAAU,CAAC,OAAQ,CAAC,GAAG,CAAC,CAAC;YACpF,EAAE;YACF,+EAA+E;YAC/E,yCAAyC;YACzC,+EAA+E;YAC/E,sFAAsF;YACtF,4FAA4F;YAC5F,sDAAsD;YACtD,MAAM,iBAAiB,GAAI,OAAqD,CAAC,UAAU,IAAI,IAAI,CAAC;YACnG,IAAsD,CAAC,iBAAiB,GAAG,iBAAiB,CAAC;YAE9F,gFAAgF;YAChF,8DAA8D;YAC9D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;YACxE,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,OAAO,KAAK,cAAc,IAAI,WAAW,CAAC,SAAS,EAAE,CAAC;gBACpF,MAAM,IAAI,qBAAc,CACtB,oBAAa,CAAC,aAAa,EAC3B,gEAAgE,CACjE,CAAC;YACJ,CAAC;YAED,yBAAyB;YACzB,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;YACpB,OAAO,CAAC,KAAK,GAAG,UAAU,CAAC,OAAO,CAAC;YAEnC,6CAA6C;YAC7C,qBAAc,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;YACzC,qBAAc,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC;YACtD,qBAAc,CAAC,GAAG,CAAC,iBAAiB,EAAE,SAAS,CAAC,CAAC;YAEjD,+CAA+C;YAC/C,MAAM,UAAU,GAAG,qBAAc,CAAC,GAAG,CAA0C,aAAa,CAAC,CAAC;YAC9F,IAAI,UAAU,EAAE,CAAC;gBACf,MAAM,eAAe,GAAG,OAAO,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC,CAAC;gBACpG,MAAM,YAAY,GAAG,OAAO,IAAI,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC3F,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,eAAe,GAAG,CAAC,EAAE,CAAC;oBACnD,UAAU,CAAC,SAAS,GAAG,eAAe,CAAC;gBACzC,CAAC;gBACD,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;oBAC7C,UAAU,CAAC,MAAM,GAAG,YAAY,CAAC;gBACnC,CAAC;gBACD,qBAAc,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;YAChD,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;OASG;IACK,YAAY,CAAC,OAAyB;QAC5C,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QACpD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC;QACtC,MAAM,MAAM,GAAG,GAAG,EAAE,MAAM,IAAI,MAAM,CAAC;QAErC,MAAM,UAAU,GAAuB,OAAO,CAAC,OAAO,EAAE,aAAa,CAAC;QACtE,MAAM,WAAW,GAAG,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QACvF,MAAM,qBAAqB,GAAG,IAAA,+BAAwB,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACpE,MAAM,WAAW,GAAuB,OAAO,CAAC,OAAO,EAAE,CAAC,qBAAqB,CAAC,CAAC;QAEjF,iFAAiF;QACjF,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAgB,6CAAkB,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;QAE/F,IAAI,SAAS,GAAuB,MAAM,CAAC;QAC3C,IAAI,SAAS,EAAE,CAAC;YACd,SAAS,GAAG,SAAS,CAAC;QACxB,CAAC;aAAM,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,SAAS,GAAG,IAAA,gCAAyB,EAAC,OAAO,EAAE,GAAG,EAAE,YAAY,CAAC,CAAC;QACpE,CAAC;aAAM,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YAChC,SAAS,GAAG,SAAS,CAAC;QACxB,CAAC;aAAM,CAAC;YACN,SAAS,GAAG,MAAM,CAAC;QACrB,CAAC;QAED,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,IAAI,WAAW,IAAI,CAAC,WAAW,EAAE,CAAC;gBAChC,MAAM,IAAI,qBAAc,CACtB,oBAAa,CAAC,kBAAkB,EAChC,oDAAoD,CACrD,CAAC;YACJ,CAAC;YACD,OAAO,WAAW,IAAI,IAAI,CAAC;QAC7B,CAAC;QAED,uBAAuB;QACvB,IAAI,WAAW,IAAI,CAAC,WAAW,EAAE,CAAC;YAChC,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,mBAAmB,EAAE,kDAAkD,CAAC,CAAC;QAClH,CAAC;QACD,OAAO,WAAW,IAAI,IAAI,CAAC;IAC7B,CAAC;CACF,CAAA;AA7LY,8BAAS;AASH;IADhB,IAAA,eAAM,EAAC,gBAAS,CAAC;8BACY,gBAAS;6CAAC;AAGvB;IADhB,IAAA,eAAM,EAAC,qBAAU,CAAC;8BACY,qBAAU;8CAAC;AAGzB;IADhB,IAAA,eAAM,EAAC,yBAAc,CAAC;8BACY,yBAAc;kDAAC;AAGjC;IADhB,IAAA,eAAM,EAAC,kBAAW,CAAC;8BACY,kBAAW;+CAAC;AAG3B;IADhB,IAAA,eAAM,EAAC,cAAc,CAAC;;yCACe;oBArB3B,SAAS;IADrB,IAAA,mBAAU,GAAE;GACA,SAAS,CA6LrB"}
1
+ {"version":3,"file":"auth.guard.js","sourceRoot":"","sources":["../../src/guards/auth.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAmF;AACnF,uCAAyC;AACzC,8CAS6B;AAC7B,2DAA0E;AAC1E,qEAA+D;AAC/D,qFAA2F;AAC3F,+DAA6D;AAE7D;;;;;;;;;;;;;;;GAeG;AAEI,IAAM,SAAS,GAAf,MAAM,SAAS;IACpB,+EAA+E;IAC/E,wCAAwC;IACxC,+EAA+E;IAC/E,OAAO;IACP,4DAA4D;IAC5D,qGAAqG;IACrG,4FAA4F;IAE3E,UAAU,CAAa;IAGvB,WAAW,CAAc;IAGzB,eAAe,CAAkB;IAGjC,YAAY,CAAe;IAG3B,MAAM,CAAe;IAEtC,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,2BAA2B;QAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,iBAAiB,CAAU,gCAAa,EAAE;YACzE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,sDAAsD;QACtD,mFAAmF;QACnF,0FAA0F;QAC1F,yFAAyF;QACzF,MAAM,IAAI,CAAC,oBAAoB,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,CAAC;QAEhE,gEAAgE;QAChE,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;;;;OASG;IACK,KAAK,CAAC,oBAAoB,CAAC,OAAyB,EAAE,OAA4B;QACxF,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QAEpD,+EAA+E;QAC/E,yCAAyC;QACzC,+EAA+E;QAC/E,IAAI,KAAK,GAAkB,IAAI,CAAC;QAChC,IAAI,CAAC;YACH,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QACrC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;gBACnB,MAAM,KAAK,CAAC;YACd,CAAC;YACD,OAAO,CAAC,0CAA0C;QACpD,CAAC;QAED,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;gBACnB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,aAAa,EAAE,mBAAmB,CAAC,CAAC;YAC7E,CAAC;YACD,OAAO;QACT,CAAC;QAED,iBAAiB;QACjB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;QACrE,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;YACtB,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;gBACnB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,aAAa,EAAE,UAAU,CAAC,KAAK,IAAI,eAAe,CAAC,CAAC;YAC7F,CAAC;YACD,OAAO;QACT,CAAC;QAED,+EAA+E;QAC/E,uCAAuC;QACvC,+EAA+E;QAC/E,OAAO;QACP,2EAA2E;QAC3E,6CAA6C;QAC7C,MAAM,SAAS,GAAG,UAAU,CAAC,OAAQ,CAAC,SAAS,CAAC;QAChD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;QAEpE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;gBACnB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,iBAAiB,EAAE,mBAAmB,CAAC,CAAC;YACjF,CAAC;YACD,OAAO;QACT,CAAC;QAED,yEAAyE;QACzE,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC;QAEvC,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;YACtB,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;gBACnB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,oBAAoB,EAAE,0BAA0B,CAAC,CAAC;YAC3F,CAAC;YACD,OAAO;QACT,CAAC;QAED,IAAI,OAAO,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;YACnC,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;gBACnB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,eAAe,EAAE,qBAAqB,CAAC,CAAC;YACjF,CAAC;YACD,OAAO;QACT,CAAC;QAED,+EAA+E;QAC/E,yDAAyD;QACzD,+EAA+E;QAC/E,oEAAoE;QACpE,MAAM,KAAK,GAAG,IAAA,0CAAoB,EAAC,OAAO,CAAC,CAAC;QAC5C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;gBACnB,6DAA6D;gBAC7D,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,cAAc,EAAE,yBAAyB,CAAC,CAAC;YACpF,CAAC;YAED,0FAA0F;YAC1F,yEAAyE;YACzE,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,CAAC,UAAU,CAAC,OAAQ,CAAC,GAAG,CAAC,CAAC;gBACpF,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;gBACpB,OAAO,CAAC,KAAK,GAAG,UAAU,CAAC,OAAO,CAAC;YACrC,CAAC;YAAC,MAAM,CAAC;gBACP,gDAAgD;YAClD,CAAC;YACD,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,MAAM,qBAAc,CAAC,UAAU,CAAC,KAAK,EAAE,KAAK,IAAI,EAAE;gBAChD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,CAAC,UAAU,CAAC,OAAQ,CAAC,GAAG,CAAC,CAAC;gBAEpF,+EAA+E;gBAC/E,yCAAyC;gBACzC,+EAA+E;gBAC/E,MAAM,iBAAiB,GAAI,OAAqD,CAAC,UAAU,IAAI,IAAI,CAAC;gBACnG,IAAsD,CAAC,iBAAiB,GAAG,iBAAiB,CAAC;gBAE9F,gFAAgF;gBAChF,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;gBACxE,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,OAAO,KAAK,cAAc,IAAI,WAAW,CAAC,SAAS,EAAE,CAAC;oBACpF,MAAM,IAAI,qBAAc,CACtB,oBAAa,CAAC,aAAa,EAC3B,gEAAgE,CACjE,CAAC;gBACJ,CAAC;gBAED,yBAAyB;gBACzB,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;gBACpB,OAAO,CAAC,KAAK,GAAG,UAAU,CAAC,OAAO,CAAC;gBAEnC,6CAA6C;gBAC7C,qBAAc,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;gBACzC,qBAAc,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC;gBACtD,qBAAc,CAAC,GAAG,CAAC,iBAAiB,EAAE,SAAS,CAAC,CAAC;gBAEjD,+CAA+C;gBAC/C,MAAM,UAAU,GAAG,qBAAc,CAAC,GAAG,CAA0C,aAAa,CAAC,CAAC;gBAC9F,IAAI,UAAU,EAAE,CAAC;oBACf,MAAM,eAAe,GAAG,OAAO,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC,CAAC;oBACpG,MAAM,YAAY,GAAG,OAAO,IAAI,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;oBAC3F,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,eAAe,GAAG,CAAC,EAAE,CAAC;wBACnD,UAAU,CAAC,SAAS,GAAG,eAAe,CAAC;oBACzC,CAAC;oBACD,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;wBAC7C,UAAU,CAAC,MAAM,GAAG,YAAY,CAAC;oBACnC,CAAC;oBACD,qBAAc,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;gBAChD,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;gBACnB,MAAM,KAAK,CAAC;YACd,CAAC;YACD,2EAA2E;QAC7E,CAAC;IACH,CAAC;IAED;;;;;;;;;OASG;IACK,YAAY,CAAC,OAAyB;QAC5C,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QACpD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC;QACtC,MAAM,MAAM,GAAG,GAAG,EAAE,MAAM,IAAI,MAAM,CAAC;QAErC,MAAM,UAAU,GAAuB,OAAO,CAAC,OAAO,EAAE,aAAa,CAAC;QACtE,MAAM,WAAW,GAAG,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QACvF,MAAM,qBAAqB,GAAG,IAAA,+BAAwB,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACpE,MAAM,WAAW,GAAuB,OAAO,CAAC,OAAO,EAAE,CAAC,qBAAqB,CAAC,CAAC;QAEjF,iFAAiF;QACjF,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAgB,6CAAkB,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;QAE/F,IAAI,SAAS,GAAuB,MAAM,CAAC;QAC3C,IAAI,SAAS,EAAE,CAAC;YACd,SAAS,GAAG,SAAS,CAAC;QACxB,CAAC;aAAM,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,SAAS,GAAG,IAAA,gCAAyB,EAAC,OAAO,EAAE,GAAG,EAAE,YAAY,CAAC,CAAC;QACpE,CAAC;aAAM,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YAChC,SAAS,GAAG,SAAS,CAAC;QACxB,CAAC;aAAM,CAAC;YACN,SAAS,GAAG,MAAM,CAAC;QACrB,CAAC;QAED,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,IAAI,WAAW,IAAI,CAAC,WAAW,EAAE,CAAC;gBAChC,MAAM,IAAI,qBAAc,CACtB,oBAAa,CAAC,kBAAkB,EAChC,oDAAoD,CACrD,CAAC;YACJ,CAAC;YACD,OAAO,WAAW,IAAI,IAAI,CAAC;QAC7B,CAAC;QAED,uBAAuB;QACvB,IAAI,WAAW,IAAI,CAAC,WAAW,EAAE,CAAC;YAChC,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,mBAAmB,EAAE,kDAAkD,CAAC,CAAC;QAClH,CAAC;QACD,OAAO,WAAW,IAAI,IAAI,CAAC;IAC7B,CAAC;CACF,CAAA;AA9OY,8BAAS;AASH;IADhB,IAAA,eAAM,EAAC,gBAAS,CAAC;8BACY,gBAAS;6CAAC;AAGvB;IADhB,IAAA,eAAM,EAAC,qBAAU,CAAC;8BACY,qBAAU;8CAAC;AAGzB;IADhB,IAAA,eAAM,EAAC,yBAAc,CAAC;8BACY,yBAAc;kDAAC;AAGjC;IADhB,IAAA,eAAM,EAAC,kBAAW,CAAC;8BACY,kBAAW;+CAAC;AAG3B;IADhB,IAAA,eAAM,EAAC,cAAc,CAAC;;yCACe;oBArB3B,SAAS;IADrB,IAAA,mBAAU,GAAE;GACA,SAAS,CA8OrB"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@nauth-toolkit/nestjs",
3
- "version": "0.1.62",
3
+ "version": "0.1.63",
4
4
  "description": "NestJS adapter for nauth-toolkit - Platform-specific integrations",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",
@@ -39,7 +39,7 @@
39
39
  "typeorm": "^0.3.0"
40
40
  },
41
41
  "dependencies": {
42
- "@nauth-toolkit/core": "0.1.62"
42
+ "@nauth-toolkit/core": "0.1.63"
43
43
  },
44
44
  "devDependencies": {
45
45
  "@nestjs/common": "^11.1.8",