npm - @nauth-toolkit/nestjs - Versions diffs - 0.1.69 → 0.1.71 - Mend

@nauth-toolkit/nestjs 0.1.69 → 0.1.71

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/guards/csrf.guard.d.ts.map +1 -1
package/dist/guards/csrf.guard.js +18 -1
package/dist/guards/csrf.guard.js.map +1 -1
package/package.json +2 -2

package/dist/guards/csrf.guard.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"csrf.guard.d.ts","sourceRoot":"","sources":["../../src/guards/csrf.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,WAAW,EAAE,gBAAgB,EAAU,MAAM,gBAAgB,CAAC;AACnF,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,~~EAAE~~,WAAW,~~EAA4D~~,MAAM,qBAAqB,CAAC;~~AAG5G~~,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAEvD;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,qBACa,SAAU,YAAW,WAAW;IAGzC,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,WAAW;IAC5B,OAAO,CAAC,QAAQ,CAAC,SAAS;gBAFT,MAAM,EAAE,WAAW,EACnB,WAAW,EAAE,WAAW,EACxB,SAAS,EAAE,SAAS;IAGvC,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO;~~CA0EhD~~"}
1	+ {"version":3,"file":"csrf.guard.d.ts","sourceRoot":"","sources":["../../src/guards/csrf.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,WAAW,EAAE,gBAAgB,EAAU,MAAM,gBAAgB,CAAC;AACnF,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EACL,WAAW,EAKZ,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAEvD;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,qBACa,SAAU,YAAW,WAAW;IAGzC,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,WAAW;IAC5B,OAAO,CAAC,QAAQ,CAAC,SAAS;gBAFT,MAAM,EAAE,WAAW,EACnB,WAAW,EAAE,WAAW,EACxB,SAAS,EAAE,SAAS;IAGvC,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO;CA0FhD"}

package/dist/guards/csrf.guard.js CHANGED Viewed

@@ -85,7 +85,24 @@ let CsrfGuard = class CsrfGuard {
             effective = routeMode;
         }
         else if (method === 'hybrid') {
-            effective = (0, core_2.resolveDeliveryForRequest)(request, deliveryConfig?.hybridPolicy);
+            // ============================================================================
+            // HYBRID MODE: Prefer the credential that is actually present
+            // ============================================================================
+            // Match AuthGuard logic: if client sends Bearer token, treat as JSON mode
+            // This prevents CSRF enforcement for mobile apps using Bearer tokens
+            const authHeader = request.headers?.authorization;
+            const headerToken = authHeader?.startsWith('Bearer ') ? authHeader.substring(7) : null;
+            const accessTokenCookieName = (0, core_2.getAccessTokenCookieName)(this.config);
+            const cookieToken = request.cookies?.[accessTokenCookieName];
+            if (headerToken && !cookieToken) {
+                effective = 'json';
+            }
+            else if (cookieToken && !headerToken) {
+                effective = 'cookies';
+            }
+            else {
+                effective = (0, core_2.resolveDeliveryForRequest)(request, deliveryConfig?.hybridPolicy);
+            }
         }
         else if (method === 'cookies') {
             effective = 'cookies';

package/dist/guards/csrf.guard.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"csrf.guard.js","sourceRoot":"","sources":["../../src/guards/csrf.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAmF;AACnF,uCAAyC;AACzC,~~8CAA4G~~;~~AAC5G~~,qEAA+D;AAC/D,qFAA2F;AAC3F,2DAAuD;AAEvD;;;;;;;;;;;;;;;;;;;;GAoBG;AAEI,IAAM,SAAS,GAAf,MAAM,SAAS;IAGD;IACA;IACA;IAJnB,YAEmB,MAAmB,EACnB,WAAwB,EACxB,SAAoB;QAFpB,WAAM,GAAN,MAAM,CAAa;QACnB,gBAAW,GAAX,WAAW,CAAa;QACxB,cAAS,GAAT,SAAS,CAAW;IACpC,CAAC;IAEJ,WAAW,CAAC,OAAyB;QACnC,+BAA+B;QAC/B,IAAI,OAAO,CAAC,OAAO,EAAE,KAAK,MAAM,EAAE,CAAC;YACjC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QACpD,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC;QAE9C,sCAAsC;QACtC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,kDAAkD;QAClD,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YACxD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,oCAAoC;QACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,gCAAa,EAAE;YACxE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QACH,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,IAAI,CAAC;QACd,CAAC;QAED,sBAAsB;QACtB,IAAI,UAAU,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;YAC3E,OAAO,IAAI,CAAC;QACd,CAAC;QAED,kCAAkC;QAClC,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC;QACjD,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAgB,6CAAkB,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;QAC9F,MAAM,MAAM,GAAG,cAAc,EAAE,MAAM,IAAI,MAAM,CAAC;QAChD,IAAI,SAAS,GAAuB,MAAM,CAAC;QAE3C,IAAI,SAAS,EAAE,CAAC;YACd,SAAS,GAAG,SAAS,CAAC;QACxB,CAAC;aAAM,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,SAAS,GAAG,IAAA,gCAAyB,EAAC,OAAO,EAAE,cAAc,EAAE,YAAY,CAAC,CAAC;~~QAC~~/E,CAAC;aAAM,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YAChC,SAAS,GAAG,SAAS,CAAC;QACxB,CAAC;aAAM,CAAC;YACN,SAAS,GAAG,MAAM,CAAC;QACrB,CAAC;QAED,oDAAoD;QACpD,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,CAAC,4DAA4D;QAC3E,CAAC;QAED,sBAAsB;QACtB,MAAM,UAAU,GAAG,IAAI,CAAC,WAAW,CAAC,aAAa,EAAE,CAAC;QACpD,MAAM,UAAU,GAAG,IAAI,CAAC,WAAW,CAAC,aAAa,EAAE,CAAC;QACpD,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,WAAW,EAAE,CAAuB,CAAC;QAClF,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,UAAU,CAAuB,CAAC;QAEvE,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,kBAAkB,EAAE,iCAAiC,UAAU,EAAE,CAAC,CAAC;QAC5G,CAAC;QAED,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,kBAAkB,EAAE,iCAAiC,UAAU,EAAE,CAAC,CAAC;QAC5G,CAAC;QAED,IAAI,SAAS,KAAK,UAAU,EAAE,CAAC;YAC7B,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,kBAAkB,EAAE,qBAAqB,CAAC,CAAC;QACpF,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;~~AAlFY~~,8BAAS;oBAAT,SAAS;IADrB,IAAA,mBAAU,GAAE;IAGR,WAAA,IAAA,eAAM,EAAC,cAAc,CAAC,CAAA;6CAEO,0BAAW;QACb,gBAAS;GAL5B,SAAS,~~CAkFrB~~"}
1	+ {"version":3,"file":"csrf.guard.js","sourceRoot":"","sources":["../../src/guards/csrf.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAmF;AACnF,uCAAyC;AACzC,8CAM6B;AAC7B,qEAA+D;AAC/D,qFAA2F;AAC3F,2DAAuD;AAEvD;;;;;;;;;;;;;;;;;;;;GAoBG;AAEI,IAAM,SAAS,GAAf,MAAM,SAAS;IAGD;IACA;IACA;IAJnB,YAEmB,MAAmB,EACnB,WAAwB,EACxB,SAAoB;QAFpB,WAAM,GAAN,MAAM,CAAa;QACnB,gBAAW,GAAX,WAAW,CAAa;QACxB,cAAS,GAAT,SAAS,CAAW;IACpC,CAAC;IAEJ,WAAW,CAAC,OAAyB;QACnC,+BAA+B;QAC/B,IAAI,OAAO,CAAC,OAAO,EAAE,KAAK,MAAM,EAAE,CAAC;YACjC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QACpD,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC;QAE9C,sCAAsC;QACtC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,kDAAkD;QAClD,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YACxD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,oCAAoC;QACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,gCAAa,EAAE;YACxE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QACH,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,IAAI,CAAC;QACd,CAAC;QAED,sBAAsB;QACtB,IAAI,UAAU,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;YAC3E,OAAO,IAAI,CAAC;QACd,CAAC;QAED,kCAAkC;QAClC,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC;QACjD,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAgB,6CAAkB,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;QAC9F,MAAM,MAAM,GAAG,cAAc,EAAE,MAAM,IAAI,MAAM,CAAC;QAChD,IAAI,SAAS,GAAuB,MAAM,CAAC;QAE3C,IAAI,SAAS,EAAE,CAAC;YACd,SAAS,GAAG,SAAS,CAAC;QACxB,CAAC;aAAM,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,+EAA+E;YAC/E,8DAA8D;YAC9D,+EAA+E;YAC/E,0EAA0E;YAC1E,qEAAqE;YACrE,MAAM,UAAU,GAAuB,OAAO,CAAC,OAAO,EAAE,aAAa,CAAC;YACtE,MAAM,WAAW,GAAG,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YACvF,MAAM,qBAAqB,GAAG,IAAA,+BAAwB,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACpE,MAAM,WAAW,GAAuB,OAAO,CAAC,OAAO,EAAE,CAAC,qBAAqB,CAAC,CAAC;YAEjF,IAAI,WAAW,IAAI,CAAC,WAAW,EAAE,CAAC;gBAChC,SAAS,GAAG,MAAM,CAAC;YACrB,CAAC;iBAAM,IAAI,WAAW,IAAI,CAAC,WAAW,EAAE,CAAC;gBACvC,SAAS,GAAG,SAAS,CAAC;YACxB,CAAC;iBAAM,CAAC;gBACN,SAAS,GAAG,IAAA,gCAAyB,EAAC,OAAO,EAAE,cAAc,EAAE,YAAY,CAAC,CAAC;YAC/E,CAAC;QACH,CAAC;aAAM,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YAChC,SAAS,GAAG,SAAS,CAAC;QACxB,CAAC;aAAM,CAAC;YACN,SAAS,GAAG,MAAM,CAAC;QACrB,CAAC;QAED,oDAAoD;QACpD,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,CAAC,4DAA4D;QAC3E,CAAC;QAED,sBAAsB;QACtB,MAAM,UAAU,GAAG,IAAI,CAAC,WAAW,CAAC,aAAa,EAAE,CAAC;QACpD,MAAM,UAAU,GAAG,IAAI,CAAC,WAAW,CAAC,aAAa,EAAE,CAAC;QACpD,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,WAAW,EAAE,CAAuB,CAAC;QAClF,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,UAAU,CAAuB,CAAC;QAEvE,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,kBAAkB,EAAE,iCAAiC,UAAU,EAAE,CAAC,CAAC;QAC5G,CAAC;QAED,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,kBAAkB,EAAE,iCAAiC,UAAU,EAAE,CAAC,CAAC;QAC5G,CAAC;QAED,IAAI,SAAS,KAAK,UAAU,EAAE,CAAC;YAC7B,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,kBAAkB,EAAE,qBAAqB,CAAC,CAAC;QACpF,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AAlGY,8BAAS;oBAAT,SAAS;IADrB,IAAA,mBAAU,GAAE;IAGR,WAAA,IAAA,eAAM,EAAC,cAAc,CAAC,CAAA;6CAEO,0BAAW;QACb,gBAAS;GAL5B,SAAS,CAkGrB"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@nauth-toolkit/nestjs",
-  "version": "0.1.69",
+  "version": "0.1.71",
   "description": "NestJS adapter for nauth-toolkit - Platform-specific integrations",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -39,7 +39,7 @@
     "typeorm": "^0.3.0"
   },
   "dependencies": {
-    "@nauth-toolkit/core": "0.1.69"
+    "@nauth-toolkit/core": "0.1.71"
   },
   "devDependencies": {
     "@nestjs/common": "^11.1.8",