@nestjs-kitchen/authz 2.0.7 → 3.0.1

package/README.md

@@ -31,6 +31,22 @@ Once completed NestJS project setup, install this package and its dependencies:
 $ npm install --save @nestjs/passport passport @nestjs-kitchen/authz
 ```
 
+## Beark change
+
+- From `@nestjs-kitchen/authz` **v3**, [`express-session`](https://www.npmjs.com/package/express-session) had been removed from dependency. Please setup session manually:
+
+    ```typescript
+    import * as session from 'express-session';
+    // somewhere in your initialization file
+    app.use(
+      session({
+        secret: 'my-secret',
+        resave: false,
+        saveUninitialized: false,
+      }),
+    );
+    ```
+
 ## Usage
 
 1. Create file `authz.provider.ts`:

package/dist/index.d.ts

@@ -1,5 +1,5 @@
 export { AuthzProviderClass } from './authz.provider';
-export { User } from './user.decorator';
-export { AuthzError, AuthzVerificationError, AuthzAnonymousError } from './errors';
-export { ExtractJwt, type JwtFromRequestFunction, createJwtAuthzModule } from './jwt';
+export { AuthzAnonymousError, AuthzError, AuthzVerificationError } from './errors';
+export { createJwtAuthzModule, ExtractJwt, type JwtFromRequestFunction } from './jwt';
 export { cereateSessionAuthzModule } from './session';
+export { User } from './user.decorator';

package/dist/index.js

@@ -1,16 +1,16 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.cereateSessionAuthzModule = exports.createJwtAuthzModule = exports.ExtractJwt = exports.AuthzAnonymousError = exports.AuthzVerificationError = exports.AuthzError = exports.User = exports.AuthzProviderClass = void 0;
+exports.User = exports.cereateSessionAuthzModule = exports.ExtractJwt = exports.createJwtAuthzModule = exports.AuthzVerificationError = exports.AuthzError = exports.AuthzAnonymousError = exports.AuthzProviderClass = void 0;
 var authz_provider_1 = require("./authz.provider");
 Object.defineProperty(exports, "AuthzProviderClass", { enumerable: true, get: function () { return authz_provider_1.AuthzProviderClass; } });
-var user_decorator_1 = require("./user.decorator");
-Object.defineProperty(exports, "User", { enumerable: true, get: function () { return user_decorator_1.User; } });
 var errors_1 = require("./errors");
+Object.defineProperty(exports, "AuthzAnonymousError", { enumerable: true, get: function () { return errors_1.AuthzAnonymousError; } });
 Object.defineProperty(exports, "AuthzError", { enumerable: true, get: function () { return errors_1.AuthzError; } });
 Object.defineProperty(exports, "AuthzVerificationError", { enumerable: true, get: function () { return errors_1.AuthzVerificationError; } });
-Object.defineProperty(exports, "AuthzAnonymousError", { enumerable: true, get: function () { return errors_1.AuthzAnonymousError; } });
 var jwt_1 = require("./jwt");
-Object.defineProperty(exports, "ExtractJwt", { enumerable: true, get: function () { return jwt_1.ExtractJwt; } });
 Object.defineProperty(exports, "createJwtAuthzModule", { enumerable: true, get: function () { return jwt_1.createJwtAuthzModule; } });
+Object.defineProperty(exports, "ExtractJwt", { enumerable: true, get: function () { return jwt_1.ExtractJwt; } });
 var session_1 = require("./session");
 Object.defineProperty(exports, "cereateSessionAuthzModule", { enumerable: true, get: function () { return session_1.cereateSessionAuthzModule; } });
+var user_decorator_1 = require("./user.decorator");
+Object.defineProperty(exports, "User", { enumerable: true, get: function () { return user_decorator_1.User; } });

package/dist/jwt/jwt-authz.guard.d.ts

@@ -4,8 +4,8 @@ import { Reflector } from '@nestjs/core';
 import type { Observable } from 'rxjs';
 import { AuthzProviderClass } from '../authz.provider';
 import { type AuthzError } from '../errors';
-import type { JwtAlsType } from './jwt-authz-als.middleware';
 import type { JwtAuthzOptions } from './jwt-authz.interface';
+import type { JwtAlsType } from './jwt-authz-als.middleware';
 export declare const createJwtAuthzGuard: ([JWT_STRATEGY, AUTHZ_PROVIDER, JWT_AUTHZ_OPTIONS, ALS_PROVIDER, JWT_META_KEY, JWT_REFRESH_META_KEY]: [string, any, any, any, any, any]) => Type<Omit<{
     readonly reflector: Reflector;
     readonly authzProvider: AuthzProviderClass<unknown, unknown>;

package/dist/jwt/jwt-authz.interface.js

@@ -28,7 +28,7 @@ const normalizedJwtOptions = (jwtOptions) => {
     };
     const verify = {
         algorithms,
-        audience,
+        audience: audience,
         clockTimestamp,
         clockTolerance,
         complete,

package/dist/jwt/jwt-authz.module.d.ts

@@ -4,8 +4,8 @@ import type { Reflector } from '@nestjs/core';
 import { AuthzProviderClass } from '../authz.provider';
 import { AuthzError } from '../errors';
 import { type AbstractConstructor, type ApplyDecorators, type AuthzDecoParams, type AuthzModuleBaseOptions, type AuthzModuleRoutesOptions, type CookieOptionsWithSecret, type DeepReadonly, type MethodParameters, type RoutesOptions } from '../utils';
-import { type JwtAlsType } from './jwt-authz-als.middleware';
 import { type JwtAuthzModuleOptions, type JwtAuthzOptions, type JwtOptions } from './jwt-authz.interface';
+import { type JwtAlsType } from './jwt-authz-als.middleware';
 declare const ASYNC_OPTIONS_TYPE: ConfigurableModuleAsyncOptions<JwtAuthzModuleOptions, "createJwtAuthzModuleOptions"> & Partial<{
     authzProvider?: Type<AuthzProviderClass<unknown, unknown>>;
 } & AuthzModuleRoutesOptions>, OPTIONS_TYPE: Partial<AuthzModuleBaseOptions> & {

package/dist/jwt/jwt-authz.module.js

@@ -19,11 +19,11 @@ const uid_1 = require("uid");
 const constants_1 = require("../constants");
 const errors_1 = require("../errors");
 const utils_1 = require("../utils");
-const jwt_authz_als_middleware_1 = require("./jwt-authz-als.middleware");
 const jwt_authz_guard_1 = require("./jwt-authz.guard");
 const jwt_authz_interface_1 = require("./jwt-authz.interface");
 const jwt_authz_service_1 = require("./jwt-authz.service");
 const jwt_authz_strategy_1 = require("./jwt-authz.strategy");
+const jwt_authz_als_middleware_1 = require("./jwt-authz-als.middleware");
 const store = {
     globalInited: 0
 };

package/dist/jwt/jwt-authz.service.d.ts

@@ -2,8 +2,8 @@ import { AsyncLocalStorage } from 'node:async_hooks';
 import { type Type } from '@nestjs/common';
 import { AuthzProviderClass } from '../authz.provider';
 import { type CookieOptionsWithSecret, type DeepReadonly } from '../utils';
-import type { JwtAlsType } from './jwt-authz-als.middleware';
 import type { JwtAuthzOptions } from './jwt-authz.interface';
+import type { JwtAlsType } from './jwt-authz-als.middleware';
 export declare const createJwtAuthzService: <P = unknown, U = unknown>([AUTHZ_PROVIDER, JWT_AUTHZ_OPTIONS, ALS_PROVIDER]: [any, any, any]) => Type<Omit<{
     readonly authzProvider: AuthzProviderClass<P, U>;
     readonly jwtAuthzOptions: JwtAuthzOptions;

package/dist/session/session-authz.guard.d.ts

@@ -3,8 +3,8 @@ import { Reflector } from '@nestjs/core';
 import type { AsyncLocalStorage } from 'async_hooks';
 import { AuthzProviderClass } from '../authz.provider';
 import { type AuthzError } from '../errors';
-import type { SessionAlsType } from './session-authz-als.middleware';
 import type { SessionAuthzOptions } from './session-authz.interface';
+import type { SessionAlsType } from './session-authz-als.middleware';
 export declare const createSessionAuthzGuard: ([SESSION_STRATEGY, AUTHZ_PROVIDER, SESSION_AUTHZ_OPTIONS, ALS_PROVIDER, SESSION_META_KEY]: [string, any, any, any, any]) => Type<Omit<{
     readonly reflector: Reflector;
     readonly authzProvider: AuthzProviderClass<unknown, unknown>;

package/dist/session/session-authz.interface.d.ts

@@ -1,13 +1,6 @@
-import session from 'express-session';
 import type { AuthzModuleBaseOptions } from '../utils';
-export type SessionOptions = Parameters<typeof session>[0];
 export type SessionAuthzModuleOptions = Partial<AuthzModuleBaseOptions> & {
-    /**
-     * Session options.
-     *
-     * Same as `express-session` [session options](https://www.npmjs.com/package/express-session#options).
-     */
-    session: SessionOptions & {
+    session?: {
         /**
          * Option to keep session information after regenerating.
          *
@@ -22,6 +15,5 @@ export declare const normalizedSessionAuthzModuleOptions: (options?: Partial<Ses
     skipFalsyMetadata: boolean;
     defaultAllowAnonymous: boolean;
     keepSessionInfo: boolean | undefined;
-    session: SessionOptions;
 };
 export type SessionAuthzOptions = ReturnType<typeof normalizedSessionAuthzModuleOptions>;

package/dist/session/session-authz.interface.js

@@ -3,18 +3,13 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.normalizedSessionAuthzModuleOptions = void 0;
 const constants_1 = require("../constants");
 const normalizedSessionAuthzModuleOptions = (options = {}) => {
-    const { keepSessionInfo, ...sessionOpts } = options.session ?? {};
+    const { keepSessionInfo } = options.session ?? {};
     return {
         defaultOverride: options.defaultOverride || false,
         passportProperty: options.passportProperty || constants_1.DEFAULT_PASSPORT_PROPERTY_VALUE,
         skipFalsyMetadata: options.skipFalsyMetadata || false,
         defaultAllowAnonymous: options.defaultAllowAnonymous || false,
-        keepSessionInfo,
-        session: {
-            resave: false,
-            saveUninitialized: false,
-            ...sessionOpts
-        }
+        keepSessionInfo
     };
 };
 exports.normalizedSessionAuthzModuleOptions = normalizedSessionAuthzModuleOptions;

package/dist/session/session-authz.module.d.ts

@@ -4,12 +4,12 @@ import type { Reflector } from '@nestjs/core';
 import { AuthzProviderClass } from '../authz.provider';
 import { AuthzError } from '../errors';
 import { type AbstractConstructor, type ApplyDecorators, type AuthzDecoParams, type AuthzModuleBaseOptions, type AuthzModuleRoutesOptions, type CookieOptionsWithSecret, type DeepReadonly, type MethodParameters, type RoutesOptions } from '../utils';
+import { type SessionAuthzModuleOptions, type SessionAuthzOptions } from './session-authz.interface';
 import { type SessionAlsType } from './session-authz-als.middleware';
-import { type SessionAuthzModuleOptions, type SessionAuthzOptions, type SessionOptions } from './session-authz.interface';
 declare const ASYNC_OPTIONS_TYPE: ConfigurableModuleAsyncOptions<SessionAuthzModuleOptions, "createSessionAuthzModuleOptions"> & Partial<{
     authzProvider?: Type<AuthzProviderClass<unknown, unknown>>;
 } & AuthzModuleRoutesOptions>, OPTIONS_TYPE: Partial<AuthzModuleBaseOptions> & {
-    session: SessionOptions & {
+    session?: {
         keepSessionInfo?: boolean;
     };
 } & Partial<{
@@ -61,13 +61,11 @@ export declare const cereateSessionAuthzModule: <P, U, T extends AuthzProviderCl
         /**
          * Configures authz module.
          *
-         * Note: DO NOT register the same routes in multiple session authz modules, or import the same session authz module in the same module multiple times, express-session middleware will not work properly.
          */
         register(options: Omit<typeof OPTIONS_TYPE, "authzProvider">): DynamicModule;
         /**
          * Configures authz module asynchronously.
          *
-         * Note: DO NOT register the same routes in multiple session authz modules, express-session middleware will not work properly.
          */
         registerAsync(options: typeof ASYNC_OPTIONS_TYPE): DynamicModule;
     };

package/dist/session/session-authz.module.js

@@ -11,23 +11,19 @@ var __metadata = (this && this.__metadata) || function (k, v) {
 var __param = (this && this.__param) || function (paramIndex, decorator) {
     return function (target, key) { decorator(target, key, paramIndex); }
 };
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.cereateSessionAuthzModule = void 0;
 const node_async_hooks_1 = require("node:async_hooks");
 const common_1 = require("@nestjs/common");
-const express_session_1 = __importDefault(require("express-session"));
 const uid_1 = require("uid");
 const constants_1 = require("../constants");
 const errors_1 = require("../errors");
 const utils_1 = require("../utils");
-const session_authz_als_middleware_1 = require("./session-authz-als.middleware");
 const session_authz_guard_1 = require("./session-authz.guard");
 const session_authz_interface_1 = require("./session-authz.interface");
 const session_authz_service_1 = require("./session-authz.service");
 const session_authz_strategy_1 = require("./session-authz.strategy");
+const session_authz_als_middleware_1 = require("./session-authz-als.middleware");
 const store = {
     globalInited: 0
 };
@@ -141,7 +137,6 @@ const cereateSessionAuthzModule = (authzProvider) => {
         /**
          * Configures authz module.
          *
-         * Note: DO NOT register the same routes in multiple session authz modules, or import the same session authz module in the same module multiple times, express-session middleware will not work properly.
          */
         static register(options) {
             const sessionAuthzOptions = (0, session_authz_interface_1.normalizedSessionAuthzModuleOptions)(options);
@@ -157,7 +152,6 @@ const cereateSessionAuthzModule = (authzProvider) => {
         /**
          * Configures authz module asynchronously.
          *
-         * Note: DO NOT register the same routes in multiple session authz modules, express-session middleware will not work properly.
          */
         static registerAsync(options) {
             return (0, utils_1.mergeDynamicModuleConfigs)(super.registerAsync({ ...options, authzProvider }), getCommonConfigs(), {
@@ -179,7 +173,7 @@ const cereateSessionAuthzModule = (authzProvider) => {
         }
         configure(consumer) {
             consumer
-                .apply((0, express_session_1.default)(this.sessionAuthzOptions.session), SessionAuthzAlsMiddleware)
+                .apply(SessionAuthzAlsMiddleware)
                 .exclude(...this.routesOpt.excludes)
                 // nestjs v11 will be compatible with splat wildcard.
                 .forRoutes(...(this.routesOpt.global ? ['*'] : this.routesOpt.routes));

package/package.json

@@ -2,7 +2,7 @@
   "name": "@nestjs-kitchen/authz",
   "private": false,
   "description": "Simplest authentication & authorization module in NextJS",
-  "version": "2.0.7",
+  "version": "3.0.1",
   "homepage": "https://github.com/yikenman/nestjs-kitchen",
   "repository": "https://github.com/yikenman/nestjs-kitchen",
   "author": "yikenman",
@@ -20,7 +20,6 @@
   "dependencies": {
     "cookie": "^1.0.2",
     "cookie-parser": "^1.4.7",
-    "express-session": "^1.18.1",
     "jsonwebtoken": "^9.0.2",
     "msgpackr": "^1.11.2",
     "passport-custom": "^1.1.1",
@@ -31,12 +30,13 @@
     "@types/cookie-parser": "^1.4.8",
     "@types/express": "^5.0.1",
     "@types/express-session": "^1.18.1",
-    "@types/jest": "^29.5.14",
+    "@types/jest": "^30.0.0",
     "@types/jsonwebtoken": "^9.0.9",
     "@types/node": "^22.13.9",
     "@types/passport": "^1.0.17",
     "@types/supertest": "^6.0.2",
-    "jest": "^29.7.0",
+    "express-session": "^1.18.1",
+    "jest": "^30.0.5",
     "rimraf": "^6.0.1",
     "supertest": "^7.1.0",
     "ts-jest": "^29.3.0",