@nest-boot/auth 7.0.0 → 7.2.0

package/dist/auth.module-definition.d.ts

@@ -1,4 +1,4 @@
-import { type AuthModuleOptions } from "./interfaces";
+import { type AuthModuleOptions } from "./auth-module-options.interface";
 export declare const ConfigurableModuleClass: import("@nestjs/common").ConfigurableModuleCls<AuthModuleOptions, "register", "create", {
     isGlobal: boolean;
 }>, MODULE_OPTIONS_TOKEN: string | symbol;

package/dist/auth.module.d.ts

@@ -1,3 +1,13 @@
+import { MiddlewareConsumer, NestModule, OnModuleInit } from "@nestjs/common";
+import { HttpAdapterHost } from "@nestjs/core";
+import { Auth } from "better-auth";
 import { ConfigurableModuleClass } from "./auth.module-definition";
-export declare class AuthModule extends ConfigurableModuleClass {
+import { AuthModuleOptions } from "./auth-module-options.interface";
+export declare class AuthModule extends ConfigurableModuleClass implements NestModule, OnModuleInit {
+    private readonly adapterHost;
+    private readonly auth;
+    private readonly options;
+    constructor(adapterHost: HttpAdapterHost, auth: Auth, options: AuthModuleOptions);
+    configure(consumer: MiddlewareConsumer): void;
+    onModuleInit(): void;
 }

package/dist/auth.module.js

@@ -5,29 +5,65 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
     else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
     return c > 3 && r && Object.defineProperty(target, key, r), r;
 };
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.AuthModule = void 0;
-const request_context_1 = require("@nest-boot/request-context");
+const core_1 = require("@mikro-orm/core");
 const common_1 = require("@nestjs/common");
-const core_1 = require("@nestjs/core");
-const auth_guard_1 = require("./auth.guard");
+const core_2 = require("@nestjs/core");
+const better_auth_1 = require("better-auth");
+const node_1 = require("better-auth/node");
+const mikro_orm_adapter_1 = require("./adapters/mikro-orm-adapter");
+const auth_constants_1 = require("./auth.constants");
+const auth_middleware_1 = require("./auth.middleware");
 const auth_module_definition_1 = require("./auth.module-definition");
 const auth_service_1 = require("./auth.service");
+const authProvider = {
+    provide: auth_constants_1.AUTH_TOKEN,
+    inject: [auth_module_definition_1.MODULE_OPTIONS_TOKEN, core_1.MikroORM],
+    useFactory: (options, orm) => (0, better_auth_1.betterAuth)({
+        ...options,
+        database: (0, mikro_orm_adapter_1.mikroOrmAdapter)({
+            orm,
+            entities: options.entities,
+        }),
+    }),
+};
 let AuthModule = class AuthModule extends auth_module_definition_1.ConfigurableModuleClass {
+    constructor(adapterHost, auth, options) {
+        super();
+        this.adapterHost = adapterHost;
+        this.auth = auth;
+        this.options = options;
+    }
+    configure(consumer) {
+        const proxy = consumer.apply(auth_middleware_1.AuthMiddleware);
+        if (this.options.middleware?.excludeRoutes) {
+            proxy.exclude(...this.options.middleware.excludeRoutes);
+        }
+        proxy.forRoutes(...(this.options.middleware?.includeRoutes ?? ["*"]));
+    }
+    onModuleInit() {
+        const httpAdapter = this.adapterHost.httpAdapter;
+        if (httpAdapter) {
+            const app = httpAdapter.getInstance();
+            app.all(this.options.basePath ?? "/api/auth/{*any}", (0, node_1.toNodeHandler)(this.auth));
+        }
+    }
 };
 exports.AuthModule = AuthModule;
 exports.AuthModule = AuthModule = __decorate([
     (0, common_1.Module)({
-        imports: [request_context_1.RequestContextModule],
-        providers: [
-            {
-                provide: core_1.APP_GUARD,
-                useClass: auth_guard_1.AuthGuard,
-            },
-            auth_service_1.AuthService,
-            core_1.Reflector,
-        ],
+        providers: [authProvider, auth_service_1.AuthService],
         exports: [auth_service_1.AuthService],
-    })
+    }),
+    __param(1, (0, common_1.Inject)(auth_constants_1.AUTH_TOKEN)),
+    __param(2, (0, common_1.Inject)(auth_module_definition_1.MODULE_OPTIONS_TOKEN)),
+    __metadata("design:paramtypes", [core_2.HttpAdapterHost, Object, Object])
 ], AuthModule);
 //# sourceMappingURL=auth.module.js.map

package/dist/auth.module.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth.module.js","sourceRoot":"","sources":["../src/auth.module.ts"],"names":[],"mappings":";;;;;;;;;AAAA,gEAAkE;AAClE,2CAAwC;AACxC,uCAAoD;AAEpD,6CAAyC;AACzC,qEAAmE;AACnE,iDAA6C;AActC,IAAM,UAAU,GAAhB,MAAM,UAAW,SAAQ,gDAAuB;CAAG,CAAA;AAA7C,gCAAU;qBAAV,UAAU;IAZtB,IAAA,eAAM,EAAC;QACN,OAAO,EAAE,CAAC,sCAAoB,CAAC;QAC/B,SAAS,EAAE;YACT;gBACE,OAAO,EAAE,gBAAS;gBAClB,QAAQ,EAAE,sBAAS;aACpB;YACD,0BAAW;YACX,gBAAS;SACV;QACD,OAAO,EAAE,CAAC,0BAAW,CAAC;KACvB,CAAC;GACW,UAAU,CAAmC"}
+{"version":3,"file":"auth.module.js","sourceRoot":"","sources":["../src/auth.module.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,0CAA2C;AAC3C,2CAOwB;AACxB,uCAA+C;AAC/C,6CAA+C;AAC/C,2CAAiD;AAGjD,oEAA+D;AAC/D,qDAA8C;AAC9C,uDAAmD;AACnD,qEAGkC;AAClC,iDAA6C;AAG7C,MAAM,YAAY,GAAa;IAC7B,OAAO,EAAE,2BAAU;IACnB,MAAM,EAAE,CAAC,6CAAoB,EAAE,eAAQ,CAAC;IACxC,UAAU,EAAE,CAAC,OAA0B,EAAE,GAAa,EAAE,EAAE,CACxD,IAAA,wBAAU,EAAC;QACT,GAAG,OAAO;QACV,QAAQ,EAAE,IAAA,mCAAe,EAAC;YACxB,GAAG;YACH,QAAQ,EAAE,OAAO,CAAC,QAAQ;SAC3B,CAAC;KACH,CAAC;CACL,CAAC;AAMK,IAAM,UAAU,GAAhB,MAAM,UACX,SAAQ,gDAAuB;IAG/B,YACmB,WAA4B,EAE5B,IAAU,EAEV,OAA0B;QAE3C,KAAK,EAAE,CAAC;QANS,gBAAW,GAAX,WAAW,CAAiB;QAE5B,SAAI,GAAJ,IAAI,CAAM;QAEV,YAAO,GAAP,OAAO,CAAmB;IAG7C,CAAC;IAED,SAAS,CAAC,QAA4B;QACpC,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,gCAAc,CAAC,CAAC;QAE7C,IAAI,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,aAAa,EAAE,CAAC;YAC3C,KAAK,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;QAC1D,CAAC;QAED,KAAK,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,aAAa,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACxE,CAAC;IAED,YAAY;QACV,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC;QAEjD,IAAI,WAAW,EAAE,CAAC;YAChB,MAAM,GAAG,GAAG,WAAW,CAAC,WAAW,EAAW,CAAC;YAE/C,GAAG,CAAC,GAAG,CACL,IAAI,CAAC,OAAO,CAAC,QAAQ,IAAI,kBAAkB,EAC3C,IAAA,oBAAa,EAAC,IAAI,CAAC,IAAI,CAAC,CACzB,CAAC;QACJ,CAAC;IACH,CAAC;CACF,CAAA;AApCY,gCAAU;qBAAV,UAAU;IAJtB,IAAA,eAAM,EAAC;QACN,SAAS,EAAE,CAAC,YAAY,EAAE,0BAAW,CAAC;QACtC,OAAO,EAAE,CAAC,0BAAW,CAAC;KACvB,CAAC;IAOG,WAAA,IAAA,eAAM,EAAC,2BAAU,CAAC,CAAA;IAElB,WAAA,IAAA,eAAM,EAAC,6CAAoB,CAAC,CAAA;qCAHC,sBAAe;GALpC,UAAU,CAoCtB"}

package/dist/auth.service.d.ts

@@ -1,63 +1,5 @@
-import { EntityManager } from "@mikro-orm/core";
-import { HashService } from "@nest-boot/hash";
-import { PersonalAccessToken, User } from "./entities";
-import { AuthModuleOptions } from "./interfaces";
-/**
- * Service responsible for handling authentication-related operations.
- */
+import { Auth } from "better-auth";
 export declare class AuthService {
-    private readonly em;
-    private readonly hashService;
-    private readonly options;
-    private readonly User;
-    private readonly PersonalAccessToken;
-    private readonly expiresIn?;
-    /**
-     * Constructs a new instance of the AuthService class.
-     * @param em The EntityManager instance.
-     * @param hashService The HashService instance.
-     * @param options The options for the Auth module.
-     */
-    constructor(em: EntityManager, hashService: HashService, options: AuthModuleOptions);
-    /**
-     * Attempts to authenticate a user with the provided email and password.
-     * @param email The user's email.
-     * @param password The user's password.
-     * @returns The authenticated user if successful, otherwise null.
-     */
-    attempt(email: string, password: string): Promise<import("@mikro-orm/core").Loaded<User, never, "*", never> | null>;
-    /**
-     * Retrieves a personal access token by its token value.
-     * @param token The token value.
-     * @returns The personal access token if found, otherwise null.
-     */
-    getToken(token: string): Promise<PersonalAccessToken | null>;
-    /**
-     * Creates a new personal access token for a user.
-     * @param user The user for whom the token is created.
-     * @param name The name of the token.
-     * @param permissions The permissions associated with the token.
-     * @param expiresIn The expiration time for the token.
-     * @returns An object containing the token and the personal access token entity.
-     */
-    createToken(user: User, name: string, permissions?: string[], expiresIn?: number): Promise<{
-        token: string;
-        personalAccessToken: PersonalAccessToken;
-    }>;
-    /**
-     * Deletes a personal access token.
-     * @param personalAccessToken - The personal access token to be deleted.
-     * @returns A Promise that resolves when the token is successfully deleted.
-     */
-    deleteToken(personalAccessToken: PersonalAccessToken): Promise<void>;
-    /**
-     * Registers a new user.
-     * @param name The user's name.
-     * @param email The user's email.
-     * @param password The user's password.
-     * @param permissions The permissions associated with the user.
-     * @returns The registered user.
-     */
-    register(name: string, email: string, password: string, permissions?: string[]): Promise<User>;
-    updateLastUsedAt(personalAccessToken: PersonalAccessToken): Promise<void>;
+    readonly auth: Auth;
+    constructor(auth: Auth);
 }

package/dist/auth.service.js

@@ -13,120 +13,16 @@ var __param = (this && this.__param) || function (paramIndex, decorator) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.AuthService = void 0;
-const core_1 = require("@mikro-orm/core");
-const hash_1 = require("@nest-boot/hash");
 const common_1 = require("@nestjs/common");
-const auth_module_definition_1 = require("./auth.module-definition");
-const entities_1 = require("./entities");
-const random_string_util_1 = require("./utils/random-string.util");
-/**
- * Service responsible for handling authentication-related operations.
- */
+const auth_constants_1 = require("./auth.constants");
 let AuthService = class AuthService {
-    /**
-     * Constructs a new instance of the AuthService class.
-     * @param em The EntityManager instance.
-     * @param hashService The HashService instance.
-     * @param options The options for the Auth module.
-     */
-    constructor(em, hashService, options) {
-        this.em = em;
-        this.hashService = hashService;
-        this.options = options;
-        this.User = this.options?.entities?.User ?? entities_1.User;
-        this.PersonalAccessToken =
-            this.options?.entities?.PersonalAccessToken ?? entities_1.PersonalAccessToken;
-        this.expiresIn = this.options?.expiresIn;
-    }
-    /**
-     * Attempts to authenticate a user with the provided email and password.
-     * @param email The user's email.
-     * @param password The user's password.
-     * @returns The authenticated user if successful, otherwise null.
-     */
-    async attempt(email, password) {
-        const user = await this.em.findOne(this.User, { email }, { filters: false });
-        if (
-        // eslint-disable-next-line @typescript-eslint/prefer-optional-chain
-        user === null ||
-            user.password === null ||
-            !(await this.hashService.verify(user.password, password))) {
-            return null;
-        }
-        return user;
-    }
-    /**
-     * Retrieves a personal access token by its token value.
-     * @param token The token value.
-     * @returns The personal access token if found, otherwise null.
-     */
-    async getToken(token) {
-        return await this.em.findOne(this.PersonalAccessToken, {
-            token,
-        }, { populate: ["user"] });
-    }
-    /**
-     * Creates a new personal access token for a user.
-     * @param user The user for whom the token is created.
-     * @param name The name of the token.
-     * @param permissions The permissions associated with the token.
-     * @param expiresIn The expiration time for the token.
-     * @returns An object containing the token and the personal access token entity.
-     */
-    async createToken(user, name, permissions = ["*"], expiresIn) {
-        const token = (0, random_string_util_1.randomString)(48);
-        expiresIn = expiresIn ?? this.expiresIn;
-        const personalAccessToken = this.em.create(this.PersonalAccessToken, {
-            user,
-            name,
-            token,
-            permissions,
-            expiresAt: typeof expiresIn !== "undefined"
-                ? new Date(Date.now() + expiresIn)
-                : null,
-        });
-        await this.em.persistAndFlush(personalAccessToken);
-        return { token, personalAccessToken };
-    }
-    /**
-     * Deletes a personal access token.
-     * @param personalAccessToken - The personal access token to be deleted.
-     * @returns A Promise that resolves when the token is successfully deleted.
-     */
-    async deleteToken(personalAccessToken) {
-        await this.em.remove(personalAccessToken).flush();
-    }
-    /**
-     * Registers a new user.
-     * @param name The user's name.
-     * @param email The user's email.
-     * @param password The user's password.
-     * @param permissions The permissions associated with the user.
-     * @returns The registered user.
-     */
-    async register(name, email, password, permissions = []) {
-        const hashedPassword = await this.hashService.create(password);
-        const user = this.em.create(this.User, {
-            name,
-            email,
-            password: hashedPassword,
-            permissions,
-            createdAt: new Date(),
-            updatedAt: new Date(),
-        });
-        await this.em.persistAndFlush(user);
-        return user;
-    }
-    async updateLastUsedAt(personalAccessToken) {
-        personalAccessToken.lastUsedAt = new Date();
-        await this.em.flush();
+    constructor(auth) {
+        this.auth = auth;
     }
 };
 exports.AuthService = AuthService;
 exports.AuthService = AuthService = __decorate([
-    (0, common_1.Injectable)(),
-    __param(2, (0, common_1.Inject)(auth_module_definition_1.MODULE_OPTIONS_TOKEN)),
-    __metadata("design:paramtypes", [core_1.EntityManager,
-        hash_1.HashService, Object])
+    __param(0, (0, common_1.Inject)(auth_constants_1.AUTH_TOKEN)),
+    __metadata("design:paramtypes", [Object])
 ], AuthService);
 //# sourceMappingURL=auth.service.js.map

package/dist/auth.service.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../src/auth.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,0CAA6D;AAC7D,0CAA8C;AAC9C,2CAAoD;AAEpD,qEAAgE;AAChE,yCAAuD;AAEvD,mEAA0D;AAE1D;;GAEG;AAEI,IAAM,WAAW,GAAjB,MAAM,WAAW;IAMtB;;;;;OAKG;IACH,YACmB,EAAiB,EACjB,WAAwB,EAExB,OAA0B;QAH1B,OAAE,GAAF,EAAE,CAAe;QACjB,gBAAW,GAAX,WAAW,CAAa;QAExB,YAAO,GAAP,OAAO,CAAmB;QAE3C,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,OAAO,EAAE,QAAQ,EAAE,IAAI,IAAI,eAAI,CAAC;QACjD,IAAI,CAAC,mBAAmB;YACtB,IAAI,CAAC,OAAO,EAAE,QAAQ,EAAE,mBAAmB,IAAI,8BAAmB,CAAC;QAErE,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC;IAC3C,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,OAAO,CAAC,KAAa,EAAE,QAAgB;QAC3C,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,OAAO,CAChC,IAAI,CAAC,IAAI,EACT,EAAE,KAAK,EAAE,EACT,EAAE,OAAO,EAAE,KAAK,EAAE,CACnB,CAAC;QAEF;QACE,oEAAoE;QACpE,IAAI,KAAK,IAAI;YACb,IAAI,CAAC,QAAQ,KAAK,IAAI;YACtB,CAAC,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,EACzD,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,QAAQ,CAAC,KAAa;QAC1B,OAAO,MAAM,IAAI,CAAC,EAAE,CAAC,OAAO,CAC1B,IAAI,CAAC,mBAAmB,EACxB;YACE,KAAK;SACN,EACD,EAAE,QAAQ,EAAE,CAAC,MAAM,CAAC,EAAE,CACvB,CAAC;IACJ,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,WAAW,CACf,IAAU,EACV,IAAY,EACZ,cAAwB,CAAC,GAAG,CAAC,EAC7B,SAAkB;QAElB,MAAM,KAAK,GAAG,IAAA,iCAAY,EAAC,EAAE,CAAC,CAAC;QAE/B,SAAS,GAAG,SAAS,IAAI,IAAI,CAAC,SAAS,CAAC;QAExC,MAAM,mBAAmB,GAAG,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,mBAAmB,EAAE;YACnE,IAAI;YACJ,IAAI;YACJ,KAAK;YACL,WAAW;YACX,SAAS,EACP,OAAO,SAAS,KAAK,WAAW;gBAC9B,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;gBAClC,CAAC,CAAC,IAAI;SACX,CAAC,CAAC;QAEH,MAAM,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,mBAAmB,CAAC,CAAC;QAEnD,OAAO,EAAE,KAAK,EAAE,mBAAmB,EAAE,CAAC;IACxC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,WAAW,CAAC,mBAAwC;QACxD,MAAM,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC,KAAK,EAAE,CAAC;IACpD,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,QAAQ,CACZ,IAAY,EACZ,KAAa,EACb,QAAgB,EAChB,cAAwB,EAAE;QAE1B,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAE/D,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE;YACrC,IAAI;YACJ,KAAK;YACL,QAAQ,EAAE,cAAc;YACxB,WAAW;YACX,SAAS,EAAE,IAAI,IAAI,EAAE;YACrB,SAAS,EAAE,IAAI,IAAI,EAAE;SACtB,CAAC,CAAC;QAEH,MAAM,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAEpC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,mBAAwC;QAC7D,mBAAmB,CAAC,UAAU,GAAG,IAAI,IAAI,EAAE,CAAC;QAC5C,MAAM,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;IACxB,CAAC;CACF,CAAA;AA9IY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;IAgBR,WAAA,IAAA,eAAM,EAAC,6CAAoB,CAAC,CAAA;qCAFR,oBAAa;QACJ,kBAAW;GAdhC,WAAW,CA8IvB"}
+{"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../src/auth.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAwC;AAGxC,qDAA8C;AAE9C,IAAa,WAAW,GAAxB,MAAa,WAAW;IACtB,YAEkB,IAAU;QAAV,SAAI,GAAJ,IAAI,CAAM;IACzB,CAAC;CACL,CAAA;AALY,kCAAW;sBAAX,WAAW;IAEnB,WAAA,IAAA,eAAM,EAAC,2BAAU,CAAC,CAAA;;GAFV,WAAW,CAKvB"}

package/dist/auth.transaction-context.d.ts

@@ -0,0 +1,11 @@
+type LowercaseLetter = "a" | "b" | "c" | "d" | "e" | "f" | "g" | "h" | "i" | "j" | "k" | "l" | "m" | "n" | "o" | "p" | "q" | "r" | "s" | "t" | "u" | "v" | "w" | "x" | "y" | "z";
+type ValidChar = LowercaseLetter | "_";
+type IsValidSnakeCase<S extends string> = S extends `${infer First}${infer Rest}` ? First extends ValidChar ? IsValidSnakeCase<Rest> : false : true;
+type SnakeCase<S extends string> = S extends "" ? never : S extends `_${string}` | `${string}_` ? never : S extends `${string}__${string}` ? never : IsValidSnakeCase<S> extends true ? S : never;
+export declare class AuthTransactionContext {
+    private readonly ctx;
+    set<S extends string>(key: SnakeCase<S>, value: string): this;
+    entries(): [string, string][];
+    toSQL(): string;
+}
+export {};

package/dist/auth.transaction-context.js

@@ -0,0 +1,28 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthTransactionContext = void 0;
+class AuthTransactionContext {
+    constructor() {
+        this.ctx = new Map();
+    }
+    set(key, value) {
+        if (!/^[a-z]+(_[a-z]+)*$/.test(key)) {
+            throw new Error(`Key must only contain lowercase letters and underscores, cannot start/end with underscore, and cannot have consecutive underscores: ${key}`);
+        }
+        this.ctx.set(key, value);
+        return this;
+    }
+    entries() {
+        return Array.from(this.ctx.entries());
+    }
+    toSQL() {
+        return /* SQL */ `SELECT ${Array.from(this.ctx.entries())
+            .map(([key, value]) => {
+            const escapedValue = value.replace(/'/g, "''");
+            return /* SQL */ `set_config('auth.${key}', '${escapedValue}', true)`;
+        })
+            .join(",")};`;
+    }
+}
+exports.AuthTransactionContext = AuthTransactionContext;
+//# sourceMappingURL=auth.transaction-context.js.map

package/dist/auth.transaction-context.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.transaction-context.js","sourceRoot":"","sources":["../src/auth.transaction-context.ts"],"names":[],"mappings":";;;AA+CA,MAAa,sBAAsB;IAAnC;QACmB,QAAG,GAAG,IAAI,GAAG,EAAkB,CAAC;IAwBnD,CAAC;IAtBC,GAAG,CAAmB,GAAiB,EAAE,KAAa;QACpD,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CACb,uIAAuI,GAAG,EAAE,CAC7I,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACzB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO;QACL,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;IACxC,CAAC;IAED,KAAK;QACH,OAAO,SAAS,CAAC,UAAU,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;aACtD,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;YACpB,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YAC/C,OAAO,SAAS,CAAC,oBAAoB,GAAG,OAAO,YAAY,UAAU,CAAC;QACxE,CAAC,CAAC;aACD,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;IAClB,CAAC;CACF;AAzBD,wDAyBC"}

package/dist/decorators/current-session.decorator.d.ts

@@ -0,0 +1 @@
+export declare const CurrentSession: (...dataOrPipes: unknown[]) => ParameterDecorator;

package/dist/decorators/current-session.decorator.js

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CurrentSession = void 0;
+const common_1 = require("@nestjs/common");
+exports.CurrentSession = (0, common_1.createParamDecorator)((data, context) => {
+    let res;
+    if (context.getType() === "graphql") {
+        res = context.getArgByIndex(2).req.res;
+    }
+    else {
+        res = context.switchToHttp().getResponse();
+    }
+    return res.locals.session;
+});
+//# sourceMappingURL=current-session.decorator.js.map

package/dist/decorators/current-session.decorator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"current-session.decorator.js","sourceRoot":"","sources":["../../src/decorators/current-session.decorator.ts"],"names":[],"mappings":";;;AAAA,2CAAwE;AAG3D,QAAA,cAAc,GAAG,IAAA,6BAAoB,EAChD,CAAC,IAAa,EAAE,OAAyB,EAAE,EAAE;IAC3C,IAAI,GAAa,CAAC;IAElB,IAAI,OAAO,CAAC,OAAO,EAAa,KAAK,SAAS,EAAE,CAAC;QAC/C,GAAG,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;IACzC,CAAC;SAAM,CAAC;QACN,GAAG,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,CAAC;IAC7C,CAAC;IAED,OAAO,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC;AAC5B,CAAC,CACF,CAAC"}

package/dist/decorators/current-user.decorator.d.ts

@@ -1 +1 @@
-export declare const CurrentUser: (...dataOrPipes: any[]) => ParameterDecorator;
+export declare const CurrentUser: (...dataOrPipes: unknown[]) => ParameterDecorator;

package/dist/decorators/current-user.decorator.js

@@ -1,10 +1,15 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.CurrentUser = void 0;
-const request_context_1 = require("@nest-boot/request-context");
 const common_1 = require("@nestjs/common");
-const auth_constants_1 = require("../auth.constants");
-exports.CurrentUser = (0, common_1.createParamDecorator)(() => {
-    return request_context_1.RequestContext.get(auth_constants_1.AUTH_USER);
+exports.CurrentUser = (0, common_1.createParamDecorator)((data, context) => {
+    let res;
+    if (context.getType() === "graphql") {
+        res = context.getArgByIndex(2).req.res;
+    }
+    else {
+        res = context.switchToHttp().getResponse();
+    }
+    return res.locals.user;
 });
 //# sourceMappingURL=current-user.decorator.js.map

package/dist/decorators/current-user.decorator.js.map

@@ -1 +1 @@
-{"version":3,"file":"current-user.decorator.js","sourceRoot":"","sources":["../../src/decorators/current-user.decorator.ts"],"names":[],"mappings":";;;AAAA,gEAA4D;AAC5D,2CAAsD;AAEtD,sDAA8C;AAEjC,QAAA,WAAW,GAAG,IAAA,6BAAoB,EAAC,GAAG,EAAE;IACnD,OAAO,gCAAc,CAAC,GAAG,CAAC,0BAAS,CAAC,CAAC;AACvC,CAAC,CAAC,CAAC"}
+{"version":3,"file":"current-user.decorator.js","sourceRoot":"","sources":["../../src/decorators/current-user.decorator.ts"],"names":[],"mappings":";;;AAAA,2CAAwE;AAG3D,QAAA,WAAW,GAAG,IAAA,6BAAoB,EAC7C,CAAC,IAAa,EAAE,OAAyB,EAAE,EAAE;IAC3C,IAAI,GAAa,CAAC;IAElB,IAAI,OAAO,CAAC,OAAO,EAAa,KAAK,SAAS,EAAE,CAAC;QAC/C,GAAG,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;IACzC,CAAC;SAAM,CAAC;QACN,GAAG,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,CAAC;IAC7C,CAAC;IAED,OAAO,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC;AACzB,CAAC,CACF,CAAC"}

package/dist/decorators/index.d.ts

@@ -1,4 +1,3 @@
-export * from "./can.decorator";
-export * from "./current-personal-access-token.decorator";
+export * from "./current-session.decorator";
 export * from "./current-user.decorator";
-export * from "./require-auth.decorator";
+export * from "./public.decorator";

package/dist/decorators/index.js

@@ -14,8 +14,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./can.decorator"), exports);
-__exportStar(require("./current-personal-access-token.decorator"), exports);
+__exportStar(require("./current-session.decorator"), exports);
 __exportStar(require("./current-user.decorator"), exports);
-__exportStar(require("./require-auth.decorator"), exports);
+__exportStar(require("./public.decorator"), exports);
 //# sourceMappingURL=index.js.map

package/dist/decorators/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/decorators/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,kDAAgC;AAChC,4EAA0D;AAC1D,2DAAyC;AACzC,2DAAyC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/decorators/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,8DAA4C;AAC5C,2DAAyC;AACzC,qDAAmC"}

package/dist/decorators/public.decorator.d.ts

@@ -0,0 +1,2 @@
+import { IS_PUBLIC_KEY } from "../auth.constants";
+export declare const Public: (value?: boolean) => import("@nestjs/common").CustomDecorator<typeof IS_PUBLIC_KEY>;

package/dist/decorators/public.decorator.js

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Public = void 0;
+const common_1 = require("@nestjs/common");
+const auth_constants_1 = require("../auth.constants");
+const Public = (value = true) => (0, common_1.SetMetadata)(auth_constants_1.IS_PUBLIC_KEY, value);
+exports.Public = Public;
+//# sourceMappingURL=public.decorator.js.map

package/dist/decorators/public.decorator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"public.decorator.js","sourceRoot":"","sources":["../../src/decorators/public.decorator.ts"],"names":[],"mappings":";;;AAAA,2CAA6C;AAE7C,sDAAkD;AAE3C,MAAM,MAAM,GAAG,CAAC,KAAK,GAAG,IAAI,EAAE,EAAE,CAAC,IAAA,oBAAW,EAAC,8BAAa,EAAE,KAAK,CAAC,CAAC;AAA7D,QAAA,MAAM,UAAuD"}

package/dist/entities/account.entity.d.ts

@@ -0,0 +1,16 @@
+import { BaseEntity, Opt } from "@mikro-orm/core";
+export declare abstract class BaseAccount extends BaseEntity {
+    id: Opt<string>;
+    accountId: string;
+    providerId: string;
+    userId: string;
+    accessToken?: Opt<string>;
+    refreshToken?: Opt<string>;
+    idToken?: Opt<string>;
+    accessTokenExpiresAt?: Opt<Date>;
+    refreshTokenExpiresAt?: Opt<Date>;
+    scope?: Opt<string>;
+    password?: Opt<string>;
+    createdAt: Opt<Date>;
+    updatedAt: Opt<Date>;
+}

package/dist/entities/account.entity.js

@@ -0,0 +1,87 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BaseAccount = void 0;
+const core_1 = require("@mikro-orm/core");
+const crypto_1 = require("crypto");
+let BaseAccount = class BaseAccount extends core_1.BaseEntity {
+    constructor() {
+        super(...arguments);
+        this.id = (0, crypto_1.randomUUID)();
+        this.createdAt = new Date();
+        this.updatedAt = new Date();
+    }
+};
+exports.BaseAccount = BaseAccount;
+__decorate([
+    (0, core_1.PrimaryKey)({ type: core_1.t.uuid }),
+    __metadata("design:type", Object)
+], BaseAccount.prototype, "id", void 0);
+__decorate([
+    (0, core_1.Property)({ type: core_1.t.text }),
+    __metadata("design:type", String)
+], BaseAccount.prototype, "accountId", void 0);
+__decorate([
+    (0, core_1.Property)({ type: core_1.t.text }),
+    __metadata("design:type", String)
+], BaseAccount.prototype, "providerId", void 0);
+__decorate([
+    (0, core_1.ManyToOne)(() => "User", {
+        fieldName: "user_id",
+        mapToPk: true,
+        cascade: [core_1.Cascade.REMOVE],
+    }),
+    __metadata("design:type", String)
+], BaseAccount.prototype, "userId", void 0);
+__decorate([
+    (0, core_1.Property)({ type: core_1.t.text, nullable: true }),
+    __metadata("design:type", Object)
+], BaseAccount.prototype, "accessToken", void 0);
+__decorate([
+    (0, core_1.Property)({ type: core_1.t.text, nullable: true }),
+    __metadata("design:type", Object)
+], BaseAccount.prototype, "refreshToken", void 0);
+__decorate([
+    (0, core_1.Property)({ type: core_1.t.text, nullable: true }),
+    __metadata("design:type", Object)
+], BaseAccount.prototype, "idToken", void 0);
+__decorate([
+    (0, core_1.Property)({ type: core_1.t.datetime, nullable: true }),
+    __metadata("design:type", Object)
+], BaseAccount.prototype, "accessTokenExpiresAt", void 0);
+__decorate([
+    (0, core_1.Property)({ type: core_1.t.datetime, nullable: true }),
+    __metadata("design:type", Object)
+], BaseAccount.prototype, "refreshTokenExpiresAt", void 0);
+__decorate([
+    (0, core_1.Property)({ type: core_1.t.text, nullable: true }),
+    __metadata("design:type", Object)
+], BaseAccount.prototype, "scope", void 0);
+__decorate([
+    (0, core_1.Property)({ type: core_1.t.text, nullable: true }),
+    __metadata("design:type", Object)
+], BaseAccount.prototype, "password", void 0);
+__decorate([
+    (0, core_1.Property)({ type: core_1.t.datetime, defaultRaw: "now()" }),
+    __metadata("design:type", Object)
+], BaseAccount.prototype, "createdAt", void 0);
+__decorate([
+    (0, core_1.Property)({
+        type: core_1.t.datetime,
+        defaultRaw: "now()",
+        onUpdate: () => new Date(),
+    }),
+    __metadata("design:type", Object)
+], BaseAccount.prototype, "updatedAt", void 0);
+exports.BaseAccount = BaseAccount = __decorate([
+    (0, core_1.Entity)({ abstract: true })
+], BaseAccount);
+//# sourceMappingURL=account.entity.js.map

package/dist/entities/account.entity.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"account.entity.js","sourceRoot":"","sources":["../../src/entities/account.entity.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,0CASyB;AACzB,mCAAoC;AAG7B,IAAe,WAAW,GAA1B,MAAe,WAAY,SAAQ,iBAAU;IAA7C;;QAEL,OAAE,GAAgB,IAAA,mBAAU,GAAE,CAAC;QAqC/B,cAAS,GAAc,IAAI,IAAI,EAAE,CAAC;QAOlC,cAAS,GAAc,IAAI,IAAI,EAAE,CAAC;IACpC,CAAC;CAAA,CAAA;AA/CqB,kCAAW;AAE/B;IADC,IAAA,iBAAU,EAAC,EAAE,IAAI,EAAE,QAAC,CAAC,IAAI,EAAE,CAAC;;uCACE;AAG/B;IADC,IAAA,eAAQ,EAAC,EAAE,IAAI,EAAE,QAAC,CAAC,IAAI,EAAE,CAAC;;8CACR;AAGnB;IADC,IAAA,eAAQ,EAAC,EAAE,IAAI,EAAE,QAAC,CAAC,IAAI,EAAE,CAAC;;+CACP;AAOpB;IALC,IAAA,gBAAS,EAAC,GAAG,EAAE,CAAC,MAAM,EAAE;QACvB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,IAAI;QACb,OAAO,EAAE,CAAC,cAAO,CAAC,MAAM,CAAC;KAC1B,CAAC;;2CACc;AAGhB;IADC,IAAA,eAAQ,EAAC,EAAE,IAAI,EAAE,QAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;gDACjB;AAG1B;IADC,IAAA,eAAQ,EAAC,EAAE,IAAI,EAAE,QAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;iDAChB;AAG3B;IADC,IAAA,eAAQ,EAAC,EAAE,IAAI,EAAE,QAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;4CACrB;AAGtB;IADC,IAAA,eAAQ,EAAC,EAAE,IAAI,EAAE,QAAC,CAAC,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;yDACd;AAGjC;IADC,IAAA,eAAQ,EAAC,EAAE,IAAI,EAAE,QAAC,CAAC,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;0DACb;AAGlC;IADC,IAAA,eAAQ,EAAC,EAAE,IAAI,EAAE,QAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;0CACvB;AAGpB;IADC,IAAA,eAAQ,EAAC,EAAE,IAAI,EAAE,QAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;6CACpB;AAGvB;IADC,IAAA,eAAQ,EAAC,EAAE,IAAI,EAAE,QAAC,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,CAAC;;8CAClB;AAOlC;IALC,IAAA,eAAQ,EAAC;QACR,IAAI,EAAE,QAAC,CAAC,QAAQ;QAChB,UAAU,EAAE,OAAO;QACnB,QAAQ,EAAE,GAAG,EAAE,CAAC,IAAI,IAAI,EAAE;KAC3B,CAAC;;8CACgC;sBA9Cd,WAAW;IADhC,IAAA,aAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;GACL,WAAW,CA+ChC"}

package/dist/entities/index.d.ts

@@ -1,2 +1,4 @@
-export * from "./personal-access-token.entity";
+export * from "./account.entity";
+export * from "./session.entity";
 export * from "./user.entity";
+export * from "./verification.entity";

package/dist/entities/index.js

@@ -14,6 +14,8 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./personal-access-token.entity"), exports);
+__exportStar(require("./account.entity"), exports);
+__exportStar(require("./session.entity"), exports);
 __exportStar(require("./user.entity"), exports);
+__exportStar(require("./verification.entity"), exports);
 //# sourceMappingURL=index.js.map

package/dist/entities/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/entities/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iEAA+C;AAC/C,gDAA8B"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/entities/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,mDAAiC;AACjC,mDAAiC;AACjC,gDAA8B;AAC9B,wDAAsC"}

package/dist/entities/session.entity.d.ts

@@ -0,0 +1,11 @@
+import { BaseEntity, Opt } from "@mikro-orm/core";
+export declare abstract class BaseSession extends BaseEntity {
+    id: Opt<string>;
+    token: string;
+    userId: string;
+    expiresAt: Date;
+    ipAddress?: Opt<string>;
+    userAgent?: Opt<string>;
+    createdAt: Opt<Date>;
+    updatedAt: Opt<Date>;
+}