@nestjs-kitchen/authz 2.0.7 → 3.0.0

package/README.md

@@ -31,6 +31,22 @@ Once completed NestJS project setup, install this package and its dependencies:
 $ npm install --save @nestjs/passport passport @nestjs-kitchen/authz
 ```
 
+## Beark change
+
+- From `@nestjs-kitchen/authz` **v3**, [`express-session`](https://www.npmjs.com/package/express-session) had been removed from dependency. Please setup session manually:
+
+    ```typescript
+    import * as session from 'express-session';
+    // somewhere in your initialization file
+    app.use(
+      session({
+        secret: 'my-secret',
+        resave: false,
+        saveUninitialized: false,
+      }),
+    );
+    ```
+
 ## Usage
 
 1. Create file `authz.provider.ts`:

package/dist/session/session-authz.interface.d.ts

@@ -1,13 +1,6 @@
-import session from 'express-session';
 import type { AuthzModuleBaseOptions } from '../utils';
-export type SessionOptions = Parameters<typeof session>[0];
 export type SessionAuthzModuleOptions = Partial<AuthzModuleBaseOptions> & {
-    /**
-     * Session options.
-     *
-     * Same as `express-session` [session options](https://www.npmjs.com/package/express-session#options).
-     */
-    session: SessionOptions & {
+    session?: {
         /**
          * Option to keep session information after regenerating.
          *
@@ -22,6 +15,5 @@ export declare const normalizedSessionAuthzModuleOptions: (options?: Partial<Ses
     skipFalsyMetadata: boolean;
     defaultAllowAnonymous: boolean;
     keepSessionInfo: boolean | undefined;
-    session: SessionOptions;
 };
 export type SessionAuthzOptions = ReturnType<typeof normalizedSessionAuthzModuleOptions>;

package/dist/session/session-authz.interface.js

@@ -3,18 +3,13 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.normalizedSessionAuthzModuleOptions = void 0;
 const constants_1 = require("../constants");
 const normalizedSessionAuthzModuleOptions = (options = {}) => {
-    const { keepSessionInfo, ...sessionOpts } = options.session ?? {};
+    const { keepSessionInfo } = options.session ?? {};
     return {
         defaultOverride: options.defaultOverride || false,
         passportProperty: options.passportProperty || constants_1.DEFAULT_PASSPORT_PROPERTY_VALUE,
         skipFalsyMetadata: options.skipFalsyMetadata || false,
         defaultAllowAnonymous: options.defaultAllowAnonymous || false,
-        keepSessionInfo,
-        session: {
-            resave: false,
-            saveUninitialized: false,
-            ...sessionOpts
-        }
+        keepSessionInfo
     };
 };
 exports.normalizedSessionAuthzModuleOptions = normalizedSessionAuthzModuleOptions;

package/dist/session/session-authz.module.d.ts

@@ -5,11 +5,11 @@ import { AuthzProviderClass } from '../authz.provider';
 import { AuthzError } from '../errors';
 import { type AbstractConstructor, type ApplyDecorators, type AuthzDecoParams, type AuthzModuleBaseOptions, type AuthzModuleRoutesOptions, type CookieOptionsWithSecret, type DeepReadonly, type MethodParameters, type RoutesOptions } from '../utils';
 import { type SessionAlsType } from './session-authz-als.middleware';
-import { type SessionAuthzModuleOptions, type SessionAuthzOptions, type SessionOptions } from './session-authz.interface';
+import { type SessionAuthzModuleOptions, type SessionAuthzOptions } from './session-authz.interface';
 declare const ASYNC_OPTIONS_TYPE: ConfigurableModuleAsyncOptions<SessionAuthzModuleOptions, "createSessionAuthzModuleOptions"> & Partial<{
     authzProvider?: Type<AuthzProviderClass<unknown, unknown>>;
 } & AuthzModuleRoutesOptions>, OPTIONS_TYPE: Partial<AuthzModuleBaseOptions> & {
-    session: SessionOptions & {
+    session?: {
         keepSessionInfo?: boolean;
     };
 } & Partial<{
@@ -61,13 +61,11 @@ export declare const cereateSessionAuthzModule: <P, U, T extends AuthzProviderCl
         /**
          * Configures authz module.
          *
-         * Note: DO NOT register the same routes in multiple session authz modules, or import the same session authz module in the same module multiple times, express-session middleware will not work properly.
          */
         register(options: Omit<typeof OPTIONS_TYPE, "authzProvider">): DynamicModule;
         /**
          * Configures authz module asynchronously.
          *
-         * Note: DO NOT register the same routes in multiple session authz modules, express-session middleware will not work properly.
          */
         registerAsync(options: typeof ASYNC_OPTIONS_TYPE): DynamicModule;
     };

package/dist/session/session-authz.module.js

@@ -11,14 +11,10 @@ var __metadata = (this && this.__metadata) || function (k, v) {
 var __param = (this && this.__param) || function (paramIndex, decorator) {
     return function (target, key) { decorator(target, key, paramIndex); }
 };
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.cereateSessionAuthzModule = void 0;
 const node_async_hooks_1 = require("node:async_hooks");
 const common_1 = require("@nestjs/common");
-const express_session_1 = __importDefault(require("express-session"));
 const uid_1 = require("uid");
 const constants_1 = require("../constants");
 const errors_1 = require("../errors");
@@ -141,7 +137,6 @@ const cereateSessionAuthzModule = (authzProvider) => {
         /**
          * Configures authz module.
          *
-         * Note: DO NOT register the same routes in multiple session authz modules, or import the same session authz module in the same module multiple times, express-session middleware will not work properly.
          */
         static register(options) {
             const sessionAuthzOptions = (0, session_authz_interface_1.normalizedSessionAuthzModuleOptions)(options);
@@ -157,7 +152,6 @@ const cereateSessionAuthzModule = (authzProvider) => {
         /**
          * Configures authz module asynchronously.
          *
-         * Note: DO NOT register the same routes in multiple session authz modules, express-session middleware will not work properly.
          */
         static registerAsync(options) {
             return (0, utils_1.mergeDynamicModuleConfigs)(super.registerAsync({ ...options, authzProvider }), getCommonConfigs(), {
@@ -179,7 +173,7 @@ const cereateSessionAuthzModule = (authzProvider) => {
         }
         configure(consumer) {
             consumer
-                .apply((0, express_session_1.default)(this.sessionAuthzOptions.session), SessionAuthzAlsMiddleware)
+                .apply(SessionAuthzAlsMiddleware)
                 .exclude(...this.routesOpt.excludes)
                 // nestjs v11 will be compatible with splat wildcard.
                 .forRoutes(...(this.routesOpt.global ? ['*'] : this.routesOpt.routes));

package/package.json

@@ -2,7 +2,7 @@
   "name": "@nestjs-kitchen/authz",
   "private": false,
   "description": "Simplest authentication & authorization module in NextJS",
-  "version": "2.0.7",
+  "version": "3.0.0",
   "homepage": "https://github.com/yikenman/nestjs-kitchen",
   "repository": "https://github.com/yikenman/nestjs-kitchen",
   "author": "yikenman",
@@ -20,7 +20,6 @@
   "dependencies": {
     "cookie": "^1.0.2",
     "cookie-parser": "^1.4.7",
-    "express-session": "^1.18.1",
     "jsonwebtoken": "^9.0.2",
     "msgpackr": "^1.11.2",
     "passport-custom": "^1.1.1",
@@ -36,6 +35,7 @@
     "@types/node": "^22.13.9",
     "@types/passport": "^1.0.17",
     "@types/supertest": "^6.0.2",
+    "express-session": "^1.18.1",
     "jest": "^29.7.0",
     "rimraf": "^6.0.1",
     "supertest": "^7.1.0",