@nestjs-kitchen/authz 3.0.1 → 4.0.0

package/dist/session/session-authz.guard.js

@@ -15,24 +15,20 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.createSessionAuthzGuard = void 0;
 const common_1 = require("@nestjs/common");
 const core_1 = require("@nestjs/core");
-const passport_1 = require("@nestjs/passport");
 const authz_provider_1 = require("../authz.provider");
+const constants_1 = require("../constants");
 const errors_1 = require("../errors");
 const utils_1 = require("../utils");
-const createSessionAuthzGuard = ([SESSION_STRATEGY, AUTHZ_PROVIDER, SESSION_AUTHZ_OPTIONS, ALS_PROVIDER, SESSION_META_KEY]) => {
-    let SessionAuthzGuard = class SessionAuthzGuard extends (0, passport_1.AuthGuard)(SESSION_STRATEGY) {
+const createSessionAuthzGuard = ([AUTHZ_PROVIDER, SESSION_AUTHZ_OPTIONS, ALS_PROVIDER, SESSION_META_KEY]) => {
+    let SessionAuthzGuard = class SessionAuthzGuard {
         constructor(reflector, authzProvider, sessionAuthzOptions, als) {
-            super();
             this.reflector = reflector;
             this.authzProvider = authzProvider;
             this.sessionAuthzOptions = sessionAuthzOptions;
             this.als = als;
-        }
-        getAuthenticateOptions() {
-            return {
-                property: this.sessionAuthzOptions.passportProperty,
-                session: false
-            };
+            if (typeof this.authzProvider.authenticate !== 'function') {
+                throw new errors_1.AuthzError(`InternalError: Method 'authenticate' from abstract class 'AuthzProvider' must be implemented.`);
+            }
         }
         /**
          *
@@ -76,7 +72,7 @@ const createSessionAuthzGuard = ([SESSION_STRATEGY, AUTHZ_PROVIDER, SESSION_AUTH
             store.allowAnonymous = (0, utils_1.getAllowAnonymous)(contextParamsList, {
                 defaultAllowAnonymous: this.sessionAuthzOptions.defaultAllowAnonymous
             });
-            await super.canActivate(context);
+            req[this.sessionAuthzOptions.passportProperty] = this.handleRequest(undefined, ...(await this.validate(req)));
             // will be null if allowAnonymous=true.
             const user = (0, utils_1.getPassportProperty)(req);
             if (store.allowAnonymous && !user) {
@@ -89,6 +85,32 @@ const createSessionAuthzGuard = ([SESSION_STRATEGY, AUTHZ_PROVIDER, SESSION_AUTH
             }
             return true;
         }
+        async validate(req) {
+            const store = (0, utils_1.getAlsStore)(this.als);
+            const authOptions = this.sessionAuthzOptions;
+            req[constants_1.PASSPORT_PROPERTY] = authOptions.passportProperty;
+            const payload = req?.session?.[constants_1.SESSION_PASSPORT_KEY]?.user;
+            if (!payload) {
+                return [null, new errors_1.AuthzAnonymousError('AnonymousError: Cannnot find session.')];
+            }
+            let user = undefined;
+            try {
+                user = await this.authzProvider.authenticate(payload, req);
+            }
+            catch (error) {
+                return [
+                    null,
+                    error instanceof Error
+                        ? new errors_1.AuthzVerificationError(`${error.name}: ${error.message}`, error)
+                        : new errors_1.AuthzVerificationError(`${error}`)
+                ];
+            }
+            store.user = user;
+            if (!user) {
+                return [null, new errors_1.AuthzAnonymousError('AnonymousError: Cannnot find user.')];
+            }
+            return [user];
+        }
     };
     SessionAuthzGuard = __decorate([
         __param(1, (0, common_1.Inject)(AUTHZ_PROVIDER)),

package/dist/session/session-authz.module.d.ts

@@ -1,9 +1,9 @@
 import { AsyncLocalStorage } from 'node:async_hooks';
 import { type ConfigurableModuleAsyncOptions, DynamicModule, type ExecutionContext, MiddlewareConsumer, type Type } from '@nestjs/common';
-import type { Reflector } from '@nestjs/core';
+import { type Reflector } from '@nestjs/core';
 import { AuthzProviderClass } from '../authz.provider';
 import { AuthzError } from '../errors';
-import { type AbstractConstructor, type ApplyDecorators, type AuthzDecoParams, type AuthzModuleBaseOptions, type AuthzModuleRoutesOptions, type CookieOptionsWithSecret, type DeepReadonly, type MethodParameters, type RoutesOptions } from '../utils';
+import { type AbstractConstructor, type ApplyDecorators, type AuthzDecoParams, type AuthzModuleBaseOptions, type AuthzModuleRoutesOptions, type DeepReadonly, type MethodParameters, type RoutesOptions } from '../utils';
 import { type SessionAuthzModuleOptions, type SessionAuthzOptions } from './session-authz.interface';
 import { type SessionAlsType } from './session-authz-als.middleware';
 declare const ASYNC_OPTIONS_TYPE: ConfigurableModuleAsyncOptions<SessionAuthzModuleOptions, "createSessionAuthzModuleOptions"> & Partial<{
@@ -93,16 +93,9 @@ export declare const cereateSessionAuthzModule: <P, U, T extends AuthzProviderCl
         readonly authzProvider: AuthzProviderClass<unknown, unknown>;
         readonly sessionAuthzOptions: SessionAuthzOptions;
         readonly als: AsyncLocalStorage<SessionAlsType<unknown, unknown>>;
-        getAuthenticateOptions(): {
-            property: string;
-            session: boolean;
-        };
         handleRequest<T_1>(_err: unknown, user: T_1, info?: AuthzError): T_1;
         canActivate(context: ExecutionContext): Promise<boolean>;
-        logIn<TRequest extends {
-            logIn: Function;
-        } = any>(request: TRequest): Promise<void>;
-        getRequest(context: ExecutionContext): any;
+        validate(req: any): Promise<[any, any?]>;
     }, "als" | "reflector" | "authzProvider" | "sessionAuthzOptions">> & {
         /**
          * Verifies the user's authorization for specific meta data.
@@ -166,7 +159,7 @@ export declare const cereateSessionAuthzModule: <P, U, T extends AuthzProviderCl
         readonly als: AsyncLocalStorage<SessionAlsType<P, U>>;
         logIn(user: U): Promise<void>;
         logOut(): Promise<void>;
-        setCookie(name: string, value: string, options?: CookieOptionsWithSecret | undefined): void;
+        setCookie(name: string, value: string, options?: Record<string, any> | undefined): void;
         getUser(): DeepReadonly<U> | undefined;
     }, "als" | "authzProvider">>;
 };

package/dist/session/session-authz.module.js

@@ -22,7 +22,6 @@ const utils_1 = require("../utils");
 const session_authz_guard_1 = require("./session-authz.guard");
 const session_authz_interface_1 = require("./session-authz.interface");
 const session_authz_service_1 = require("./session-authz.service");
-const session_authz_strategy_1 = require("./session-authz.strategy");
 const session_authz_als_middleware_1 = require("./session-authz-als.middleware");
 const store = {
     globalInited: 0
@@ -53,6 +52,7 @@ const { ConfigurableModuleClass, MODULE_OPTIONS_TOKEN, ASYNC_OPTIONS_TYPE, OPTIO
     return (0, utils_1.mergeDynamicModuleConfigs)(definition, {
         global,
         providers: [
+            ...(0, utils_1.createOnceAdapterShimProvider)(),
             {
                 provide: constants_1.ROUTES_OPTIONS,
                 useValue: {
@@ -75,28 +75,18 @@ const { ConfigurableModuleClass, MODULE_OPTIONS_TOKEN, ASYNC_OPTIONS_TYPE, OPTIO
  */
 const cereateSessionAuthzModule = (authzProvider) => {
     const id = `${constants_1.PREFIX}${(0, uid_1.uid)()}`;
-    // strategy tokens
-    const SESSION_STRATEGY = `${id}_SESSION_STRATEGY`;
     // provider tokens
     const AUTHZ_PROVIDER = `${id}_AUTHZ_PROVIDER`;
     const ALS_PROVIDER = `${id}_ALS_PROVIDER`;
     const SESSION_AUTHZ_OPTIONS = `${id}_SESSION_AUTHZ_OPTIONS`;
     // meta keys
     const SESSION_META_KEY = `${id}_SESSION_META_KEY`;
-    // strategies
-    const SessionAuthzStrategy = (0, session_authz_strategy_1.createSessionAuthzStrategy)([SESSION_STRATEGY, AUTHZ_PROVIDER, ALS_PROVIDER]);
     // providers
     const SessionAuthzService = (0, session_authz_service_1.createSessionAuthzService)([AUTHZ_PROVIDER, ALS_PROVIDER]);
     const SessionAuthzAlsMiddleware = (0, session_authz_als_middleware_1.createSessionAuthzAlsMiddleware)([ALS_PROVIDER, SESSION_AUTHZ_OPTIONS]);
     const als = new node_async_hooks_1.AsyncLocalStorage();
-    // each strategy can be only registered once in passport.
-    // no need to provide multiple times as
-    //  1. they use the same ALS and authzProvider instance.
-    //  2. guard use strategy through passport via strategy name.
-    let isStrategyInited = false;
     // guards
     const SessionAuthzGuard = (0, session_authz_guard_1.createSessionAuthzGuard)([
-        SESSION_STRATEGY,
         AUTHZ_PROVIDER,
         SESSION_AUTHZ_OPTIONS,
         ALS_PROVIDER,
@@ -125,12 +115,10 @@ const cereateSessionAuthzModule = (authzProvider) => {
                     provide: ALS_PROVIDER,
                     useValue: als
                 },
-                ...(!isStrategyInited ? [SessionAuthzStrategy] : []),
                 SessionAuthzService
             ],
             exports: [AUTHZ_PROVIDER, ALS_PROVIDER, SESSION_AUTHZ_OPTIONS, SessionAuthzService]
         };
-        isStrategyInited = true;
         return configs;
     };
     let SessionAuthzModule = class SessionAuthzModule extends ConfigurableModuleClass {

package/dist/session/session-authz.service.d.ts

@@ -1,7 +1,7 @@
 import { AsyncLocalStorage } from 'node:async_hooks';
 import { type Type } from '@nestjs/common';
 import { AuthzProviderClass } from '../authz.provider';
-import { type CookieOptionsWithSecret, type DeepReadonly } from '../utils';
+import { type DeepReadonly } from '../utils';
 import type { SessionAlsType } from './session-authz-als.middleware';
 export declare const createSessionAuthzService: <P = unknown, U = unknown>([AUTHZ_PROVIDER, ALS_PROVIDER]: [any, any]) => Type<Omit<{
     readonly authzProvider: AuthzProviderClass<P, U>;
@@ -19,7 +19,7 @@ export declare const createSessionAuthzService: <P = unknown, U = unknown>([AUTH
     /**
      * Sets a secure HTTP cookie with the given name, value, and optional cookie options.
      */
-    setCookie(name: string, value: string, options?: CookieOptionsWithSecret | undefined): void;
+    setCookie(name: string, value: string, options?: Record<string, any> | undefined): void;
     /**
      * Retrieves the current user associated with the request, if available.
      */

package/dist/utils/adapter-shim.d.ts

@@ -0,0 +1,28 @@
+import { type CanActivate, ExecutionContext, type OnModuleInit, type Provider } from '@nestjs/common';
+import { HttpAdapterHost } from '@nestjs/core';
+export type RawRequestWithShims = {
+    shims: {
+        getSession(key?: string): any;
+        getAllSession(): any;
+        setSession(key: string, value: any): void;
+        deleteSession(key: string): void;
+        sessionContains(key: string): boolean;
+        regenerateSession(): Promise<void>;
+        saveSession(): Promise<void>;
+    };
+    [key: string]: any;
+};
+export type RawResponseWithShims = {
+    shims: {
+        setCookie(key: string, value: string, options?: Record<string, any>): void;
+    };
+    [key: string]: any;
+};
+export declare class AdapterShim implements CanActivate, OnModuleInit {
+    private httpAdapterHost;
+    private addShims;
+    constructor(httpAdapterHost: HttpAdapterHost);
+    onModuleInit(): void;
+    canActivate(context: ExecutionContext): boolean;
+}
+export declare const createOnceAdapterShimProvider: () => Provider[];

package/dist/utils/adapter-shim.js

@@ -0,0 +1,174 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createOnceAdapterShimProvider = exports.AdapterShim = void 0;
+const common_1 = require("@nestjs/common");
+const core_1 = require("@nestjs/core");
+const errors_1 = require("../errors");
+const safe_clone_1 = require("./safe-clone");
+const addExpressShims = (req, res) => {
+    const reqShims = {
+        getSession(key) {
+            return req.session?.[key];
+        },
+        getAllSession() {
+            return (0, safe_clone_1.safeClone)(req.session);
+        },
+        setSession(key, value) {
+            req.session[key] = value;
+        },
+        deleteSession(key) {
+            delete req.session?.[key];
+        },
+        sessionContains(key) {
+            if (!req.session) {
+                return false;
+            }
+            return key in req.session;
+        },
+        async regenerateSession() {
+            return new Promise((resolve, reject) => {
+                req.session.regenerate((err) => {
+                    if (err)
+                        return reject(err);
+                    resolve();
+                });
+            });
+        },
+        async saveSession() {
+            return new Promise((resolve, reject) => {
+                req.session.save((err) => {
+                    if (err)
+                        return reject(err);
+                    resolve();
+                });
+            });
+        }
+    };
+    const resShims = {
+        setCookie(key, value, options) {
+            res.cookie(key, value, options);
+        }
+    };
+    req.shims = reqShims;
+    res.shims = resShims;
+};
+const addFastifyShims = (req, res) => {
+    const reqShims = {
+        getSession(key) {
+            return req.session.get(key);
+        },
+        getAllSession() {
+            const cloned = (0, safe_clone_1.safeClone)(req.session);
+            // exclude cookie in @fastify/session
+            if (req.session?.cookie?.constructor?.name === 'Cookie') {
+                delete cloned.cookie;
+            }
+            // exclude built-in props in @fastify/secure-session
+            if (req.session?.constructor?.name === 'Session') {
+                delete cloned.changed;
+                delete cloned.deleted;
+            }
+            return cloned;
+        },
+        setSession(key, value) {
+            req.session.set(key, value);
+        },
+        deleteSession(key) {
+            req.session[key] = undefined;
+        },
+        sessionContains(key) {
+            if (!req.session) {
+                return false;
+            }
+            // fastify-session
+            if (key in req.session) {
+                return true;
+            }
+            // fastify-secure-session
+            return req.session.get(key) !== undefined;
+        },
+        async regenerateSession() {
+            if (typeof req.session.save === 'function') {
+                // fastify-session
+                return req.session.regenerate();
+            }
+            else {
+                // fastify-secure-session
+                try {
+                    req.session.regenerate();
+                    return Promise.resolve();
+                }
+                catch (err) {
+                    return Promise.reject(err);
+                }
+            }
+        },
+        async saveSession() {
+            if (typeof req.session.save === 'function') {
+                // fastify-session
+                return req.session.save();
+            }
+            else {
+                // fastify-secure-session does not have save method
+                return Promise.resolve();
+            }
+        }
+    };
+    const resShims = {
+        setCookie(key, value, options) {
+            res.setCookie(key, value, options);
+        }
+    };
+    req.raw.shims = reqShims;
+    res.raw.shims = resShims;
+};
+const getShimsFactory = (adapter) => {
+    switch (adapter) {
+        case 'ExpressAdapter':
+            return addExpressShims;
+        case 'FastifyAdapter':
+            return addFastifyShims;
+    }
+    throw new errors_1.AuthzError(`Cannot find shims factory for adapter "${adapter}".`);
+};
+let AdapterShim = class AdapterShim {
+    constructor(httpAdapterHost) {
+        this.httpAdapterHost = httpAdapterHost;
+    }
+    onModuleInit() {
+        const adapter = this.httpAdapterHost?.httpAdapter?.constructor?.name;
+        this.addShims = getShimsFactory(adapter);
+    }
+    canActivate(context) {
+        this.addShims(context.switchToHttp().getRequest(), context.switchToHttp().getResponse());
+        return true;
+    }
+};
+exports.AdapterShim = AdapterShim;
+exports.AdapterShim = AdapterShim = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [core_1.HttpAdapterHost])
+], AdapterShim);
+let guardRegistered = false;
+const createOnceAdapterShimProvider = () => {
+    if (guardRegistered) {
+        return [];
+    }
+    guardRegistered = true;
+    return [
+        {
+            provide: core_1.APP_GUARD,
+            useClass: AdapterShim
+        }
+    ];
+};
+exports.createOnceAdapterShimProvider = createOnceAdapterShimProvider;

package/dist/utils/cookie-parsers.d.ts

@@ -1,9 +1,8 @@
-import type { Request } from 'express';
-export declare const normalCookieParser: (req: Request, _secrets?: string[], decode?: (str: string) => string | undefined) => {
-    cookies: Record<string, any>;
-    signedCookies: Record<string, any>;
+export declare const normalCookieParser: (req: any, _secrets?: string[], decode?: (str: string) => string | undefined) => {
+    cookies: any;
+    signedCookies: any;
 };
-export declare const customCookieParser: (req: Request, secrets?: string[], decode?: (str: string) => string | undefined) => {
-    cookies: Record<string, any>;
-    signedCookies: Record<string, any>;
+export declare const customCookieParser: (req: any, secrets?: string[], decode?: (str: string) => string | undefined) => {
+    cookies: {};
+    signedCookies: {};
 };

package/dist/utils/cookie-parsers.js

@@ -42,8 +42,18 @@ const cookie_parser_1 = __importDefault(require("cookie-parser"));
 const normalCookieParser = (req, _secrets = [], decode) => {
     let cookies = req.cookies || {};
     let signedCookies = req.signedCookies || {};
+    // compatible to @fastify/cookie
+    if (typeof req.unsignCookie === 'function') {
+        for (const [key, value] of Object.entries(cookies)) {
+            const unsigned = req.unsignCookie(value);
+            if (unsigned.valid) {
+                signedCookies[key] = unsigned.value;
+            }
+        }
+    }
     if (!req.cookies && req.headers.cookie) {
         const parsedCookies = cookie.parse(req.headers.cookie, { decode });
+        // cookie-parser uses req.secret to decrypt cookies
         if (req.secret) {
             signedCookies = cookie_parser_1.default.JSONCookies(cookie_parser_1.default.signedCookies(parsedCookies, [req.secret]));
         }

package/dist/utils/create-set-cookie-fn.d.ts

@@ -1,3 +1,2 @@
-import type { Request, Response } from 'express';
-import type { CookieOptionsWithSecret } from './types';
-export declare const createSetCookieFn: (req: Request, res: Response) => (name: string, value: string, options?: CookieOptionsWithSecret) => void;
+import type { RawRequestWithShims, RawResponseWithShims } from './adapter-shim';
+export declare const createSetCookieFn: (req: RawRequestWithShims, res: RawResponseWithShims) => (name: string, value: string, options?: Record<string, any>) => void;

package/dist/utils/create-set-cookie-fn.js

@@ -2,6 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.createSetCookieFn = void 0;
 const generics_1 = require("./generics");
+// @fastify/cookie does not use req.secret to encrypted.
 const createSetCookieFn = (req, res) => (name, value, options = {}) => {
     const { secret, signed: optSigned, ...restOpts } = options;
     const secrets = (0, generics_1.normalizedArray)(secret) ?? [];
@@ -15,7 +16,7 @@ const createSetCookieFn = (req, res) => (name, value, options = {}) => {
     else {
         req.secret = undefined;
     }
-    res.cookie(name, value, {
+    res.shims.setCookie(name, value, {
         signed,
         ...restOpts
     });

package/dist/utils/generics.d.ts

@@ -1,4 +1,3 @@
 export declare const isNotFalsy: <T>(val: T) => val is T;
 export declare const normalizedArray: <T>(val?: T | T[]) => undefined extends T ? T[] | undefined : NonNullable<T>[];
 export declare const normalizedObject: <T extends Record<string, any>>(obj?: T) => T | undefined;
-export declare const merge: <T extends Record<string, any>, U extends Record<string, any>>(obj1: T, obj2?: U) => T & U;

package/dist/utils/generics.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.merge = exports.normalizedObject = exports.normalizedArray = exports.isNotFalsy = void 0;
+exports.normalizedObject = exports.normalizedArray = exports.isNotFalsy = void 0;
 const isNotFalsy = (val) => {
     return val !== undefined && val !== null && !Number.isNaN(val);
 };
@@ -27,14 +27,3 @@ const normalizedObject = (obj) => {
     return Object.fromEntries(filtered);
 };
 exports.normalizedObject = normalizedObject;
-// ref: https://github.com/jaredhanson/utils-merge/blob/master/index.js
-const merge = (obj1, obj2) => {
-    if (obj1 && obj2) {
-        for (var key in obj2) {
-            // @ts-ignore
-            obj1[key] = obj2[key];
-        }
-    }
-    return obj1;
-};
-exports.merge = merge;

package/dist/utils/get-passport-property.d.ts

@@ -1 +1 @@
-export declare const getPassportProperty: <T>(request: Express.Request) => T;
+export declare const getPassportProperty: <T>(request: any) => T;

package/dist/utils/get-passport-property.js

@@ -3,7 +3,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.getPassportProperty = void 0;
 const constants_1 = require("../constants");
 const getPassportProperty = (request) => {
-    // @ts-ignore
     return request[request[constants_1.PASSPORT_PROPERTY]];
 };
 exports.getPassportProperty = getPassportProperty;

package/dist/utils/index.d.ts

@@ -1,3 +1,4 @@
+export * from './adapter-shim';
 export * from './cookie-parsers';
 export * from './create-authz-decorator-factory';
 export * from './create-set-cookie-fn';
@@ -8,4 +9,5 @@ export * from './get-context-authz-meta-params-list';
 export * from './get-passport-property';
 export * from './merge-dynamic-module-configs';
 export * from './msgpackrs';
+export * from './safe-clone';
 export * from './types';

package/dist/utils/index.js

@@ -14,6 +14,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./adapter-shim"), exports);
 __exportStar(require("./cookie-parsers"), exports);
 __exportStar(require("./create-authz-decorator-factory"), exports);
 __exportStar(require("./create-set-cookie-fn"), exports);
@@ -24,4 +25,5 @@ __exportStar(require("./get-context-authz-meta-params-list"), exports);
 __exportStar(require("./get-passport-property"), exports);
 __exportStar(require("./merge-dynamic-module-configs"), exports);
 __exportStar(require("./msgpackrs"), exports);
+__exportStar(require("./safe-clone"), exports);
 __exportStar(require("./types"), exports);

package/dist/utils/safe-clone.d.ts

@@ -0,0 +1 @@
+export declare const safeClone: (obj: any) => any;

package/dist/utils/safe-clone.js

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.safeClone = void 0;
+const safeClone = (obj) => {
+    if (!obj) {
+        return {};
+    }
+    try {
+        return JSON.parse(JSON.stringify(obj));
+    }
+    catch {
+        return {};
+    }
+};
+exports.safeClone = safeClone;

package/dist/utils/types.d.ts

@@ -1,6 +1,5 @@
 import type { applyDecorators } from '@nestjs/common';
 import type { RouteInfo, Type } from '@nestjs/common/interfaces';
-import type { CookieOptions } from 'express';
 import type { AuthzProviderClass } from '../authz.provider';
 export type OmitClassInstance<T extends abstract new (...args: any) => any, K extends keyof any> = Type<Omit<InstanceType<T>, K>>;
 export type SetRequired<T, K extends keyof T> = T & {
@@ -12,12 +11,6 @@ export type IsUnknown<T> = unknown extends T ? IsNull<T> extends false ? true :
 export type DeepReadonly<T> = {
     readonly [K in keyof T]: T[K] extends object ? DeepReadonly<T[K]> : T[K];
 };
-export type CookieOptionsWithSecret = CookieOptions & {
-    /**
-     * a string or array used to sign cookies.
-     */
-    secret?: string | string[];
-};
 export interface AuthzDecoBaseOptions {
     /**
      * When set, overrides the previous metadatas during the authorization, instead of inheriting.

package/package.json

@@ -2,7 +2,7 @@
   "name": "@nestjs-kitchen/authz",
   "private": false,
   "description": "Simplest authentication & authorization module in NextJS",
-  "version": "3.0.1",
+  "version": "4.0.0",
   "homepage": "https://github.com/yikenman/nestjs-kitchen",
   "repository": "https://github.com/yikenman/nestjs-kitchen",
   "author": "yikenman",
@@ -22,20 +22,24 @@
     "cookie-parser": "^1.4.7",
     "jsonwebtoken": "^9.0.2",
     "msgpackr": "^1.11.2",
-    "passport-custom": "^1.1.1",
     "uid": "^2.0.2"
   },
   "devDependencies": {
+    "@fastify/cookie": "^11.0.2",
+    "@fastify/secure-session": "^8.2.0",
+    "@fastify/session": "^11.1.0",
+    "@nestjs/platform-express": "^11.0.0",
+    "@nestjs/platform-fastify": "^11.0.0",
     "@nestjs/testing": "^11.0.0",
     "@types/cookie-parser": "^1.4.8",
     "@types/express": "^5.0.1",
-    "@types/express-session": "^1.18.1",
+    "@types/express-session": "^1.18.2",
     "@types/jest": "^30.0.0",
     "@types/jsonwebtoken": "^9.0.9",
     "@types/node": "^22.13.9",
-    "@types/passport": "^1.0.17",
     "@types/supertest": "^6.0.2",
-    "express-session": "^1.18.1",
+    "express-session": "^1.18.2",
+    "fastify": "^5.5.0",
     "jest": "^30.0.5",
     "rimraf": "^6.0.1",
     "supertest": "^7.1.0",
@@ -52,17 +56,27 @@
     "authentication",
     "authorization",
     "authz",
+    "express",
+    "Express",
+    "fastify",
+    "Fastify",
     "JWT",
     "NextJS",
     "NodeJS",
     "Session"
   ],
+  "optionalDependencies": {
+    "@fastify/cookie": "^11.0.2",
+    "@fastify/secure-session": "^8.2.0",
+    "@fastify/session": "^11.1.0",
+    "@nestjs/platform-express": "^11.0.0",
+    "@nestjs/platform-fastify": "^11.0.0",
+    "@types/express-session": "^1.18.2",
+    "express-session": "^1.18.2"
+  },
   "peerDependencies": {
-    "@nestjs/common": "^10.0.0 || ^11.0.0",
-    "@nestjs/core": "^10.0.0 || ^11.0.0",
-    "@nestjs/passport": "^10.0.0 || ^11.0.0",
-    "@nestjs/platform-express": "^10.0.0 || ^11.0.0",
-    "passport": "^0.7.0",
+    "@nestjs/common": "^11.0.0",
+    "@nestjs/core": "^11.0.0",
     "reflect-metadata": "^0.2.2",
     "rxjs": "^7.8.2"
   },

package/dist/jwt/jwt-authz.strategy.d.ts

@@ -1,17 +0,0 @@
-import { AsyncLocalStorage } from 'node:async_hooks';
-import { type Type } from '@nestjs/common';
-import type { Request } from 'express';
-import { AuthzProviderClass } from '../authz.provider';
-import type { JwtAlsType } from './jwt-authz-als.middleware';
-export declare const createJwtStrategy: ([JWT_STRATEGY, AUTHZ_PROVIDER, ALS_PROVIDER]: [string, any, any]) => Type<Omit<{
-    readonly authzProvider: AuthzProviderClass<unknown, unknown>;
-    readonly als: AsyncLocalStorage<JwtAlsType<unknown>>;
-    validate(req: Request): Promise<{}>;
-    authenticate(req: Request, options?: any): any;
-}, "als" | "authzProvider">>;
-export declare const createRefreshStrategy: ([JWT_REFRESH_STRATEGY, AUTHZ_PROVIDER, ALS_PROVIDER]: [string, any, any]) => Type<Omit<{
-    readonly authzProvider: AuthzProviderClass<unknown, unknown>;
-    readonly als: AsyncLocalStorage<JwtAlsType<unknown>>;
-    validate(req: Request): Promise<{}>;
-    authenticate(req: Request, options?: any): any;
-}, "als" | "authzProvider">>;