@nestjs-kitchen/authz 2.0.6 → 3.0.0

package/README.md

@@ -31,6 +31,22 @@ Once completed NestJS project setup, install this package and its dependencies:
 $ npm install --save @nestjs/passport passport @nestjs-kitchen/authz
 ```
 
+## Beark change
+
+- From `@nestjs-kitchen/authz` **v3**, [`express-session`](https://www.npmjs.com/package/express-session) had been removed from dependency. Please setup session manually:
+
+    ```typescript
+    import * as session from 'express-session';
+    // somewhere in your initialization file
+    app.use(
+      session({
+        secret: 'my-secret',
+        resave: false,
+        saveUninitialized: false,
+      }),
+    );
+    ```
+
 ## Usage
 
 1. Create file `authz.provider.ts`:

package/dist/jwt/jwt-authz-als.middleware.d.ts

@@ -1,4 +1,5 @@
 import { AsyncLocalStorage } from 'node:async_hooks';
+import { type Type } from '@nestjs/common';
 import type { NextFunction, Request, Response } from 'express';
 import { JwtValidationType } from '../constants';
 import { type CookieOptionsWithSecret } from '../utils';
@@ -11,7 +12,7 @@ export interface JwtAlsType<U> {
     authOptions: JwtAuthzOptions;
     setCookie: (name: string, value: string, options?: CookieOptionsWithSecret) => void;
 }
-export declare const createJwtAuthzAlsMiddleware: ([ALS_PROVIDER, JWT_AUTHZ_OPTIONS]: [any, any]) => import("@nestjs/common").Type<Omit<{
+export declare const createJwtAuthzAlsMiddleware: ([ALS_PROVIDER, JWT_AUTHZ_OPTIONS]: [any, any]) => Type<Omit<{
     readonly als: AsyncLocalStorage<JwtAlsType<unknown>>;
     readonly jwtAuthzOptions: JwtAuthzOptions;
     use(req: Request, res: Response, next: NextFunction): void;

package/dist/jwt/jwt-authz.guard.d.ts

@@ -1,11 +1,12 @@
 import type { AsyncLocalStorage } from 'node:async_hooks';
-import { ExecutionContext } from '@nestjs/common';
+import { ExecutionContext, type Type } from '@nestjs/common';
 import { Reflector } from '@nestjs/core';
+import type { Observable } from 'rxjs';
 import { AuthzProviderClass } from '../authz.provider';
 import { type AuthzError } from '../errors';
 import type { JwtAlsType } from './jwt-authz-als.middleware';
 import type { JwtAuthzOptions } from './jwt-authz.interface';
-export declare const createJwtAuthzGuard: ([JWT_STRATEGY, AUTHZ_PROVIDER, JWT_AUTHZ_OPTIONS, ALS_PROVIDER, JWT_META_KEY, JWT_REFRESH_META_KEY]: [string, any, any, any, any, any]) => import("@nestjs/common").Type<Omit<{
+export declare const createJwtAuthzGuard: ([JWT_STRATEGY, AUTHZ_PROVIDER, JWT_AUTHZ_OPTIONS, ALS_PROVIDER, JWT_META_KEY, JWT_REFRESH_META_KEY]: [string, any, any, any, any, any]) => Type<Omit<{
     readonly reflector: Reflector;
     readonly authzProvider: AuthzProviderClass<unknown, unknown>;
     readonly jwtAuthzOptions: JwtAuthzOptions;
@@ -32,14 +33,14 @@ export declare const createJwtAuthzGuard: ([JWT_STRATEGY, AUTHZ_PROVIDER, JWT_AU
     } = any>(request: TRequest): Promise<void>;
     getRequest(context: ExecutionContext): any;
 }, "als" | "jwtAuthzOptions" | "reflector" | "authzProvider">>;
-export declare const createJwtRefreshAuthzGuard: ([JWT_REFRESH_STRATEGY, JWT_AUTHZ_OPTIONS]: [string, any]) => import("@nestjs/common").Type<Omit<{
+export declare const createJwtRefreshAuthzGuard: ([JWT_REFRESH_STRATEGY, JWT_AUTHZ_OPTIONS]: [string, any]) => Type<Omit<{
     readonly jwtAuthzOptions: JwtAuthzOptions;
     getAuthenticateOptions(): {
         property: string;
         session: boolean;
     };
     handleRequest<T>(_err: unknown, user: T, info?: AuthzError): T;
-    canActivate(context: ExecutionContext): boolean | Promise<boolean> | import("rxjs").Observable<boolean>;
+    canActivate(context: ExecutionContext): boolean | Promise<boolean> | Observable<boolean>;
     logIn<TRequest extends {
         logIn: Function;
     } = any>(request: TRequest): Promise<void>;

package/dist/jwt/jwt-authz.interface.d.ts

@@ -1,3 +1,4 @@
+import type { JsonWebKeyInput, KeyObject, PrivateKeyInput, PublicKeyInput } from 'node:crypto';
 import { type PrivateKey, type PublicKey, type Secret, type SignOptions, type VerifyOptions } from 'jsonwebtoken';
 import { type AuthzModuleBaseOptions } from '../utils';
 import type { JwtFromRequestFunction } from './extract-jwt';
@@ -43,27 +44,27 @@ export declare const normalizedJwtAuthzModuleOptions: (options: JwtAuthzModuleOp
     skipFalsyMetadata: boolean;
     defaultAllowAnonymous: boolean;
     jwt: {
-        secretOrPrivateKey: string | Buffer<ArrayBufferLike> | import("crypto").KeyObject | {
+        secretOrPrivateKey: string | Buffer<ArrayBufferLike> | KeyObject | {
             key: string | Buffer;
             passphrase: string;
-        } | import("crypto").PrivateKeyInput | import("crypto").JsonWebKeyInput | null;
-        secretOrPublicKey: string | Buffer<ArrayBufferLike> | import("crypto").KeyObject | {
+        } | PrivateKeyInput | JsonWebKeyInput | null;
+        secretOrPublicKey: string | Buffer<ArrayBufferLike> | KeyObject | {
             key: string | Buffer;
             passphrase: string;
-        } | import("crypto").JsonWebKeyInput | import("crypto").PublicKeyInput | null;
+        } | JsonWebKeyInput | PublicKeyInput | null;
         jwtFromRequest: JwtFromRequestFunction<any>[];
         sign: SignOptions;
         verify: VerifyOptions;
     };
     refresh: {
-        secretOrPrivateKey: string | Buffer<ArrayBufferLike> | import("crypto").KeyObject | {
+        secretOrPrivateKey: string | Buffer<ArrayBufferLike> | KeyObject | {
             key: string | Buffer;
             passphrase: string;
-        } | import("crypto").PrivateKeyInput | import("crypto").JsonWebKeyInput | null;
-        secretOrPublicKey: string | Buffer<ArrayBufferLike> | import("crypto").KeyObject | {
+        } | PrivateKeyInput | JsonWebKeyInput | null;
+        secretOrPublicKey: string | Buffer<ArrayBufferLike> | KeyObject | {
             key: string | Buffer;
             passphrase: string;
-        } | import("crypto").JsonWebKeyInput | import("crypto").PublicKeyInput | null;
+        } | JsonWebKeyInput | PublicKeyInput | null;
         jwtFromRequest: JwtFromRequestFunction<any>[];
         sign: SignOptions;
         verify: VerifyOptions;

package/dist/jwt/jwt-authz.module.d.ts

@@ -1,15 +1,16 @@
 import { AsyncLocalStorage } from 'node:async_hooks';
-import { DynamicModule, MiddlewareConsumer, type Type } from '@nestjs/common';
+import { type ConfigurableModuleAsyncOptions, DynamicModule, type ExecutionContext, MiddlewareConsumer, type Type } from '@nestjs/common';
+import type { Reflector } from '@nestjs/core';
 import { AuthzProviderClass } from '../authz.provider';
 import { AuthzError } from '../errors';
-import { type AbstractConstructor, type ApplyDecorators, type AuthzModuleRoutesOptions, type RoutesOptions } from '../utils';
+import { type AbstractConstructor, type ApplyDecorators, type AuthzDecoParams, type AuthzModuleBaseOptions, type AuthzModuleRoutesOptions, type CookieOptionsWithSecret, type DeepReadonly, type MethodParameters, type RoutesOptions } from '../utils';
 import { type JwtAlsType } from './jwt-authz-als.middleware';
-import { type JwtAuthzModuleOptions, type JwtAuthzOptions } from './jwt-authz.interface';
-declare const ASYNC_OPTIONS_TYPE: import("@nestjs/common").ConfigurableModuleAsyncOptions<JwtAuthzModuleOptions, "createJwtAuthzModuleOptions"> & Partial<{
+import { type JwtAuthzModuleOptions, type JwtAuthzOptions, type JwtOptions } from './jwt-authz.interface';
+declare const ASYNC_OPTIONS_TYPE: ConfigurableModuleAsyncOptions<JwtAuthzModuleOptions, "createJwtAuthzModuleOptions"> & Partial<{
     authzProvider?: Type<AuthzProviderClass<unknown, unknown>>;
-} & AuthzModuleRoutesOptions>, OPTIONS_TYPE: Partial<import("../utils").AuthzModuleBaseOptions> & {
-    jwt: import("./jwt-authz.interface").JwtOptions;
-    refresh?: import("./jwt-authz.interface").JwtOptions;
+} & AuthzModuleRoutesOptions>, OPTIONS_TYPE: Partial<AuthzModuleBaseOptions> & {
+    jwt: JwtOptions;
+    refresh?: JwtOptions;
 } & Partial<{
     authzProvider?: Type<AuthzProviderClass<unknown, unknown>>;
 } & AuthzModuleRoutesOptions>;
@@ -92,7 +93,7 @@ export declare const createJwtAuthzModule: <P, U, T extends AuthzProviderClass<P
      * ```
      */
     AuthzGuard: Type<Omit<{
-        readonly reflector: import("@nestjs/core").Reflector;
+        readonly reflector: Reflector;
         readonly authzProvider: AuthzProviderClass<unknown, unknown>;
         readonly jwtAuthzOptions: JwtAuthzOptions;
         readonly als: AsyncLocalStorage<JwtAlsType<unknown>>;
@@ -101,11 +102,11 @@ export declare const createJwtAuthzModule: <P, U, T extends AuthzProviderClass<P
             session: boolean;
         };
         handleRequest<T_1>(_err: unknown, user: T_1, info?: AuthzError): T_1;
-        canActivate(context: import("@nestjs/common").ExecutionContext): Promise<boolean>;
+        canActivate(context: ExecutionContext): Promise<boolean>;
         logIn<TRequest extends {
             logIn: Function;
         } = any>(request: TRequest): Promise<void>;
-        getRequest(context: import("@nestjs/common").ExecutionContext): any;
+        getRequest(context: ExecutionContext): any;
     }, "als" | "jwtAuthzOptions" | "reflector" | "authzProvider">> & {
         /**
          * Verifies the user's authorization for specific meta data.
@@ -124,7 +125,7 @@ export declare const createJwtAuthzModule: <P, U, T extends AuthzProviderClass<P
          * }
          * ```
          */
-        Verify: (...args: import("../utils").AuthzDecoParams<import("../utils").MethodParameters<T, "authorize">[1]>) => ApplyDecorators;
+        Verify: (...args: AuthzDecoParams<MethodParameters<T, "authorize">[1]>) => ApplyDecorators;
         /**
          * Skips authentication & authorization checks for specific routes.
          *
@@ -177,7 +178,7 @@ export declare const createJwtAuthzModule: <P, U, T extends AuthzProviderClass<P
          * }
          * ```
          */
-        Apply: (...rest: Parameters<(...args: import("../utils").AuthzDecoParams<import("../utils").MethodParameters<T, "authorize">[1]>) => ApplyDecorators>) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+        Apply: (...rest: Parameters<(...args: AuthzDecoParams<MethodParameters<T, "authorize">[1]>) => ApplyDecorators>) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
     };
     /**
      * A custom servcie to provide methods to handle authentication and authorization.
@@ -196,8 +197,8 @@ export declare const createJwtAuthzModule: <P, U, T extends AuthzProviderClass<P
         refresh(user?: U | undefined): Promise<{
             token: string;
         } | undefined>;
-        setCookie(name: string, value: string, options?: import("../utils").CookieOptionsWithSecret | undefined): void;
-        getUser(): import("../utils").DeepReadonly<U> | undefined;
+        setCookie(name: string, value: string, options?: CookieOptionsWithSecret | undefined): void;
+        getUser(): DeepReadonly<U> | undefined;
     }, "als" | "jwtAuthzOptions" | "authzProvider">>;
 };
 export {};

package/dist/jwt/jwt-authz.service.d.ts

@@ -1,9 +1,10 @@
 import { AsyncLocalStorage } from 'node:async_hooks';
+import { type Type } from '@nestjs/common';
 import { AuthzProviderClass } from '../authz.provider';
-import { type DeepReadonly } from '../utils';
+import { type CookieOptionsWithSecret, type DeepReadonly } from '../utils';
 import type { JwtAlsType } from './jwt-authz-als.middleware';
 import type { JwtAuthzOptions } from './jwt-authz.interface';
-export declare const createJwtAuthzService: <P = unknown, U = unknown>([AUTHZ_PROVIDER, JWT_AUTHZ_OPTIONS, ALS_PROVIDER]: [any, any, any]) => import("@nestjs/common").Type<Omit<{
+export declare const createJwtAuthzService: <P = unknown, U = unknown>([AUTHZ_PROVIDER, JWT_AUTHZ_OPTIONS, ALS_PROVIDER]: [any, any, any]) => Type<Omit<{
     readonly authzProvider: AuthzProviderClass<P, U>;
     readonly jwtAuthzOptions: JwtAuthzOptions;
     readonly als: AsyncLocalStorage<JwtAlsType<U>>;
@@ -35,7 +36,7 @@ export declare const createJwtAuthzService: <P = unknown, U = unknown>([AUTHZ_PR
     /**
      * Sets a secure HTTP cookie with the given name, value, and optional cookie options.
      */
-    setCookie(name: string, value: string, options?: import("../utils").CookieOptionsWithSecret | undefined): void;
+    setCookie(name: string, value: string, options?: CookieOptionsWithSecret | undefined): void;
     /**
      * Retrieves the current user associated with the request, if available.
      */

package/dist/jwt/jwt-authz.strategy.d.ts

@@ -1,14 +1,15 @@
 import { AsyncLocalStorage } from 'node:async_hooks';
+import { type Type } from '@nestjs/common';
 import type { Request } from 'express';
 import { AuthzProviderClass } from '../authz.provider';
 import type { JwtAlsType } from './jwt-authz-als.middleware';
-export declare const createJwtStrategy: ([JWT_STRATEGY, AUTHZ_PROVIDER, ALS_PROVIDER]: [string, any, any]) => import("@nestjs/common").Type<Omit<{
+export declare const createJwtStrategy: ([JWT_STRATEGY, AUTHZ_PROVIDER, ALS_PROVIDER]: [string, any, any]) => Type<Omit<{
     readonly authzProvider: AuthzProviderClass<unknown, unknown>;
     readonly als: AsyncLocalStorage<JwtAlsType<unknown>>;
     validate(req: Request): Promise<{}>;
     authenticate(req: Request, options?: any): any;
 }, "als" | "authzProvider">>;
-export declare const createRefreshStrategy: ([JWT_REFRESH_STRATEGY, AUTHZ_PROVIDER, ALS_PROVIDER]: [string, any, any]) => import("@nestjs/common").Type<Omit<{
+export declare const createRefreshStrategy: ([JWT_REFRESH_STRATEGY, AUTHZ_PROVIDER, ALS_PROVIDER]: [string, any, any]) => Type<Omit<{
     readonly authzProvider: AuthzProviderClass<unknown, unknown>;
     readonly als: AsyncLocalStorage<JwtAlsType<unknown>>;
     validate(req: Request): Promise<{}>;

package/dist/session/session-authz-als.middleware.d.ts

@@ -1,4 +1,5 @@
 import { AsyncLocalStorage } from 'node:async_hooks';
+import { type Type } from '@nestjs/common';
 import type { NextFunction, Request, Response } from 'express';
 import { type CookieOptionsWithSecret } from '../utils';
 import type { SessionAuthzOptions } from './session-authz.interface';
@@ -11,7 +12,7 @@ export interface SessionAlsType<P, U> {
     logOut: () => Promise<void>;
     setCookie: (name: string, value: string, options?: CookieOptionsWithSecret) => void;
 }
-export declare const createSessionAuthzAlsMiddleware: ([ALS_PROVIDER, SESSION_AUTHZ_OPTIONS]: [any, any]) => import("@nestjs/common").Type<Omit<{
+export declare const createSessionAuthzAlsMiddleware: ([ALS_PROVIDER, SESSION_AUTHZ_OPTIONS]: [any, any]) => Type<Omit<{
     readonly als: AsyncLocalStorage<SessionAlsType<unknown, unknown>>;
     readonly sessionAuthzOptions: SessionAuthzOptions;
     use(req: Request, res: Response, next: NextFunction): void;

package/dist/session/session-authz.guard.d.ts

@@ -1,11 +1,11 @@
-import { ExecutionContext } from '@nestjs/common';
+import { ExecutionContext, type Type } from '@nestjs/common';
 import { Reflector } from '@nestjs/core';
 import type { AsyncLocalStorage } from 'async_hooks';
 import { AuthzProviderClass } from '../authz.provider';
 import { type AuthzError } from '../errors';
 import type { SessionAlsType } from './session-authz-als.middleware';
 import type { SessionAuthzOptions } from './session-authz.interface';
-export declare const createSessionAuthzGuard: ([SESSION_STRATEGY, AUTHZ_PROVIDER, SESSION_AUTHZ_OPTIONS, ALS_PROVIDER, SESSION_META_KEY]: [string, any, any, any, any]) => import("@nestjs/common").Type<Omit<{
+export declare const createSessionAuthzGuard: ([SESSION_STRATEGY, AUTHZ_PROVIDER, SESSION_AUTHZ_OPTIONS, ALS_PROVIDER, SESSION_META_KEY]: [string, any, any, any, any]) => Type<Omit<{
     readonly reflector: Reflector;
     readonly authzProvider: AuthzProviderClass<unknown, unknown>;
     readonly sessionAuthzOptions: SessionAuthzOptions;

package/dist/session/session-authz.interface.d.ts

@@ -1,13 +1,6 @@
-import session from 'express-session';
 import type { AuthzModuleBaseOptions } from '../utils';
-export type SessionOptions = Parameters<typeof session>[0];
 export type SessionAuthzModuleOptions = Partial<AuthzModuleBaseOptions> & {
-    /**
-     * Session options.
-     *
-     * Same as `express-session` [session options](https://www.npmjs.com/package/express-session#options).
-     */
-    session: SessionOptions & {
+    session?: {
         /**
          * Option to keep session information after regenerating.
          *
@@ -22,6 +15,5 @@ export declare const normalizedSessionAuthzModuleOptions: (options?: Partial<Ses
     skipFalsyMetadata: boolean;
     defaultAllowAnonymous: boolean;
     keepSessionInfo: boolean | undefined;
-    session: SessionOptions;
 };
 export type SessionAuthzOptions = ReturnType<typeof normalizedSessionAuthzModuleOptions>;

package/dist/session/session-authz.interface.js

@@ -3,18 +3,13 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.normalizedSessionAuthzModuleOptions = void 0;
 const constants_1 = require("../constants");
 const normalizedSessionAuthzModuleOptions = (options = {}) => {
-    const { keepSessionInfo, ...sessionOpts } = options.session ?? {};
+    const { keepSessionInfo } = options.session ?? {};
     return {
         defaultOverride: options.defaultOverride || false,
         passportProperty: options.passportProperty || constants_1.DEFAULT_PASSPORT_PROPERTY_VALUE,
         skipFalsyMetadata: options.skipFalsyMetadata || false,
         defaultAllowAnonymous: options.defaultAllowAnonymous || false,
-        keepSessionInfo,
-        session: {
-            resave: false,
-            saveUninitialized: false,
-            ...sessionOpts
-        }
+        keepSessionInfo
     };
 };
 exports.normalizedSessionAuthzModuleOptions = normalizedSessionAuthzModuleOptions;

package/dist/session/session-authz.module.d.ts

@@ -1,14 +1,15 @@
 import { AsyncLocalStorage } from 'node:async_hooks';
-import { DynamicModule, MiddlewareConsumer, type Type } from '@nestjs/common';
+import { type ConfigurableModuleAsyncOptions, DynamicModule, type ExecutionContext, MiddlewareConsumer, type Type } from '@nestjs/common';
+import type { Reflector } from '@nestjs/core';
 import { AuthzProviderClass } from '../authz.provider';
 import { AuthzError } from '../errors';
-import { type AbstractConstructor, type AuthzModuleRoutesOptions, type RoutesOptions } from '../utils';
+import { type AbstractConstructor, type ApplyDecorators, type AuthzDecoParams, type AuthzModuleBaseOptions, type AuthzModuleRoutesOptions, type CookieOptionsWithSecret, type DeepReadonly, type MethodParameters, type RoutesOptions } from '../utils';
 import { type SessionAlsType } from './session-authz-als.middleware';
 import { type SessionAuthzModuleOptions, type SessionAuthzOptions } from './session-authz.interface';
-declare const ASYNC_OPTIONS_TYPE: import("@nestjs/common").ConfigurableModuleAsyncOptions<SessionAuthzModuleOptions, "createSessionAuthzModuleOptions"> & Partial<{
+declare const ASYNC_OPTIONS_TYPE: ConfigurableModuleAsyncOptions<SessionAuthzModuleOptions, "createSessionAuthzModuleOptions"> & Partial<{
     authzProvider?: Type<AuthzProviderClass<unknown, unknown>>;
-} & AuthzModuleRoutesOptions>, OPTIONS_TYPE: Partial<import("../utils").AuthzModuleBaseOptions> & {
-    session: import("./session-authz.interface").SessionOptions & {
+} & AuthzModuleRoutesOptions>, OPTIONS_TYPE: Partial<AuthzModuleBaseOptions> & {
+    session?: {
         keepSessionInfo?: boolean;
     };
 } & Partial<{
@@ -60,13 +61,11 @@ export declare const cereateSessionAuthzModule: <P, U, T extends AuthzProviderCl
         /**
          * Configures authz module.
          *
-         * Note: DO NOT register the same routes in multiple session authz modules, or import the same session authz module in the same module multiple times, express-session middleware will not work properly.
          */
         register(options: Omit<typeof OPTIONS_TYPE, "authzProvider">): DynamicModule;
         /**
          * Configures authz module asynchronously.
          *
-         * Note: DO NOT register the same routes in multiple session authz modules, express-session middleware will not work properly.
          */
         registerAsync(options: typeof ASYNC_OPTIONS_TYPE): DynamicModule;
     };
@@ -90,7 +89,7 @@ export declare const cereateSessionAuthzModule: <P, U, T extends AuthzProviderCl
      * ```
      */
     AuthzGuard: Type<Omit<{
-        readonly reflector: import("@nestjs/core").Reflector;
+        readonly reflector: Reflector;
         readonly authzProvider: AuthzProviderClass<unknown, unknown>;
         readonly sessionAuthzOptions: SessionAuthzOptions;
         readonly als: AsyncLocalStorage<SessionAlsType<unknown, unknown>>;
@@ -99,11 +98,11 @@ export declare const cereateSessionAuthzModule: <P, U, T extends AuthzProviderCl
             session: boolean;
         };
         handleRequest<T_1>(_err: unknown, user: T_1, info?: AuthzError): T_1;
-        canActivate(context: import("@nestjs/common").ExecutionContext): Promise<boolean>;
+        canActivate(context: ExecutionContext): Promise<boolean>;
         logIn<TRequest extends {
             logIn: Function;
         } = any>(request: TRequest): Promise<void>;
-        getRequest(context: import("@nestjs/common").ExecutionContext): any;
+        getRequest(context: ExecutionContext): any;
     }, "als" | "reflector" | "authzProvider" | "sessionAuthzOptions">> & {
         /**
          * Verifies the user's authorization for specific meta data.
@@ -122,7 +121,7 @@ export declare const cereateSessionAuthzModule: <P, U, T extends AuthzProviderCl
          * }
          * ```
          */
-        Verify: (...args: import("../utils").AuthzDecoParams<import("../utils").MethodParameters<T, "authorize">[1]>) => import("../utils").ApplyDecorators;
+        Verify: (...args: AuthzDecoParams<MethodParameters<T, "authorize">[1]>) => ApplyDecorators;
         /**
          * Skips authentication & authorization checks for specific routes.
          *
@@ -157,7 +156,7 @@ export declare const cereateSessionAuthzModule: <P, U, T extends AuthzProviderCl
          * }
          * ```
          */
-        Apply: (...rest: Parameters<(...args: import("../utils").AuthzDecoParams<import("../utils").MethodParameters<T, "authorize">[1]>) => import("../utils").ApplyDecorators>) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+        Apply: (...rest: Parameters<(...args: AuthzDecoParams<MethodParameters<T, "authorize">[1]>) => ApplyDecorators>) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
     };
     /**
      * A custom servcie to provide methods to handle authentication and authorization.
@@ -167,8 +166,8 @@ export declare const cereateSessionAuthzModule: <P, U, T extends AuthzProviderCl
         readonly als: AsyncLocalStorage<SessionAlsType<P, U>>;
         logIn(user: U): Promise<void>;
         logOut(): Promise<void>;
-        setCookie(name: string, value: string, options?: import("../utils").CookieOptionsWithSecret | undefined): void;
-        getUser(): import("../utils").DeepReadonly<U> | undefined;
+        setCookie(name: string, value: string, options?: CookieOptionsWithSecret | undefined): void;
+        getUser(): DeepReadonly<U> | undefined;
     }, "als" | "authzProvider">>;
 };
 export {};

package/dist/session/session-authz.module.js

@@ -11,14 +11,10 @@ var __metadata = (this && this.__metadata) || function (k, v) {
 var __param = (this && this.__param) || function (paramIndex, decorator) {
     return function (target, key) { decorator(target, key, paramIndex); }
 };
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.cereateSessionAuthzModule = void 0;
 const node_async_hooks_1 = require("node:async_hooks");
 const common_1 = require("@nestjs/common");
-const express_session_1 = __importDefault(require("express-session"));
 const uid_1 = require("uid");
 const constants_1 = require("../constants");
 const errors_1 = require("../errors");
@@ -141,7 +137,6 @@ const cereateSessionAuthzModule = (authzProvider) => {
         /**
          * Configures authz module.
          *
-         * Note: DO NOT register the same routes in multiple session authz modules, or import the same session authz module in the same module multiple times, express-session middleware will not work properly.
          */
         static register(options) {
             const sessionAuthzOptions = (0, session_authz_interface_1.normalizedSessionAuthzModuleOptions)(options);
@@ -157,7 +152,6 @@ const cereateSessionAuthzModule = (authzProvider) => {
         /**
          * Configures authz module asynchronously.
          *
-         * Note: DO NOT register the same routes in multiple session authz modules, express-session middleware will not work properly.
          */
         static registerAsync(options) {
             return (0, utils_1.mergeDynamicModuleConfigs)(super.registerAsync({ ...options, authzProvider }), getCommonConfigs(), {
@@ -179,7 +173,7 @@ const cereateSessionAuthzModule = (authzProvider) => {
         }
         configure(consumer) {
             consumer
-                .apply((0, express_session_1.default)(this.sessionAuthzOptions.session), SessionAuthzAlsMiddleware)
+                .apply(SessionAuthzAlsMiddleware)
                 .exclude(...this.routesOpt.excludes)
                 // nestjs v11 will be compatible with splat wildcard.
                 .forRoutes(...(this.routesOpt.global ? ['*'] : this.routesOpt.routes));

package/dist/session/session-authz.service.d.ts

@@ -1,8 +1,9 @@
 import { AsyncLocalStorage } from 'node:async_hooks';
+import { type Type } from '@nestjs/common';
 import { AuthzProviderClass } from '../authz.provider';
-import { type DeepReadonly } from '../utils';
+import { type CookieOptionsWithSecret, type DeepReadonly } from '../utils';
 import type { SessionAlsType } from './session-authz-als.middleware';
-export declare const createSessionAuthzService: <P = unknown, U = unknown>([AUTHZ_PROVIDER, ALS_PROVIDER]: [any, any]) => import("@nestjs/common").Type<Omit<{
+export declare const createSessionAuthzService: <P = unknown, U = unknown>([AUTHZ_PROVIDER, ALS_PROVIDER]: [any, any]) => Type<Omit<{
     readonly authzProvider: AuthzProviderClass<P, U>;
     readonly als: AsyncLocalStorage<SessionAlsType<P, U>>;
     /**
@@ -18,7 +19,7 @@ export declare const createSessionAuthzService: <P = unknown, U = unknown>([AUTH
     /**
      * Sets a secure HTTP cookie with the given name, value, and optional cookie options.
      */
-    setCookie(name: string, value: string, options?: import("../utils").CookieOptionsWithSecret | undefined): void;
+    setCookie(name: string, value: string, options?: CookieOptionsWithSecret | undefined): void;
     /**
      * Retrieves the current user associated with the request, if available.
      */

package/dist/session/session-authz.strategy.d.ts

@@ -1,8 +1,9 @@
 import { AsyncLocalStorage } from 'node:async_hooks';
+import { type Type } from '@nestjs/common';
 import type { Request } from 'express';
 import { AuthzProviderClass } from '../authz.provider';
 import type { SessionAlsType } from './session-authz-als.middleware';
-export declare const createSessionAuthzStrategy: ([SESSION_STRATEGY, AUTHZ_PROVIDER, ALS_PROVIDER]: [string, any, any]) => import("@nestjs/common").Type<Omit<{
+export declare const createSessionAuthzStrategy: ([SESSION_STRATEGY, AUTHZ_PROVIDER, ALS_PROVIDER]: [string, any, any]) => Type<Omit<{
     readonly authzProvider: AuthzProviderClass<unknown, unknown>;
     readonly als: AsyncLocalStorage<SessionAlsType<unknown, unknown>>;
     validate(req: Request): Promise<{}>;

package/package.json

@@ -2,7 +2,7 @@
   "name": "@nestjs-kitchen/authz",
   "private": false,
   "description": "Simplest authentication & authorization module in NextJS",
-  "version": "2.0.6",
+  "version": "3.0.0",
   "homepage": "https://github.com/yikenman/nestjs-kitchen",
   "repository": "https://github.com/yikenman/nestjs-kitchen",
   "author": "yikenman",
@@ -20,7 +20,6 @@
   "dependencies": {
     "cookie": "^1.0.2",
     "cookie-parser": "^1.4.7",
-    "express-session": "^1.18.1",
     "jsonwebtoken": "^9.0.2",
     "msgpackr": "^1.11.2",
     "passport-custom": "^1.1.1",
@@ -36,6 +35,7 @@
     "@types/node": "^22.13.9",
     "@types/passport": "^1.0.17",
     "@types/supertest": "^6.0.2",
+    "express-session": "^1.18.1",
     "jest": "^29.7.0",
     "rimraf": "^6.0.1",
     "supertest": "^7.1.0",