@node-c/api-http 1.0.0-alpha9 → 1.0.0-beta1

package/dist/middlewares/http.middlewares.requestLogging.js

@@ -0,0 +1,35 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HTTPRequestLoggingMiddleware = void 0;
+const common_1 = require("@nestjs/common");
+const core_1 = require("@node-c/core");
+const definitions_1 = require("../common/definitions");
+let HTTPRequestLoggingMiddleware = class HTTPRequestLoggingMiddleware {
+    constructor(logger, moduleName) {
+        this.logger = logger;
+        this.moduleName = moduleName;
+    }
+    use(req, _res, next) {
+        this.logger.info(`[${this.moduleName}]: ${req.method} ${req.baseUrl}`);
+        next();
+    }
+};
+exports.HTTPRequestLoggingMiddleware = HTTPRequestLoggingMiddleware;
+exports.HTTPRequestLoggingMiddleware = HTTPRequestLoggingMiddleware = __decorate([
+    (0, common_1.Injectable)(),
+    __param(1, (0, common_1.Inject)(definitions_1.Constants.API_MODULE_NAME)),
+    __metadata("design:paramtypes", [core_1.LoggerService, String])
+], HTTPRequestLoggingMiddleware);
+//# sourceMappingURL=http.middlewares.requestLogging.js.map

package/dist/middlewares/http.middlewares.requestLogging.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"http.middlewares.requestLogging.js","sourceRoot":"","sources":["../../src/middlewares/http.middlewares.requestLogging.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAoE;AAEpE,uCAA6C;AAG7C,uDAAqE;AAG9D,IAAM,4BAA4B,GAAlC,MAAM,4BAA4B;IACvC,YAEY,MAAqB,EAGrB,UAAkB;QAHlB,WAAM,GAAN,MAAM,CAAe;QAGrB,eAAU,GAAV,UAAU,CAAQ;IAC3B,CAAC;IAEJ,GAAG,CAAC,GAA+B,EAAE,IAAc,EAAE,IAAkB;QACrE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,MAAM,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QACvE,IAAI,EAAE,CAAC;IACT,CAAC;CACF,CAAA;AAbY,oEAA4B;uCAA5B,4BAA4B;IADxC,IAAA,mBAAU,GAAE;IAKR,WAAA,IAAA,eAAM,EAAC,uBAAS,CAAC,eAAe,CAAC,CAAA;qCADhB,oBAAa;GAHtB,4BAA4B,CAaxC"}

package/dist/middlewares/index.d.ts

@@ -1,2 +1,3 @@
-export * from './http.middlewares.authentication';
+export * from './http.middlewares.authorization';
 export * from './http.middlewares.cors';
+export * from './http.middlewares.requestLogging';

package/dist/middlewares/index.js

@@ -14,6 +14,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./http.middlewares.authentication"), exports);
+__exportStar(require("./http.middlewares.authorization"), exports);
 __exportStar(require("./http.middlewares.cors"), exports);
+__exportStar(require("./http.middlewares.requestLogging"), exports);
 //# sourceMappingURL=index.js.map

package/dist/middlewares/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/middlewares/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,oEAAkD;AAClD,0DAAwC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/middlewares/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,mEAAiD;AACjD,0DAAwC;AACxC,oEAAkD"}

package/dist/module/http.api.module.js

@@ -18,11 +18,12 @@ var HTTPAPIModule_1;
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.HTTPAPIModule = void 0;
 const common_1 = require("@nestjs/common");
-const core_1 = require("@node-c/core");
+const core_1 = require("@nestjs/core");
+const core_2 = require("@node-c/core");
 const cookie_parser_1 = __importDefault(require("cookie-parser"));
 const express_1 = __importDefault(require("express"));
 const definitions_1 = require("../common/definitions");
-const exceptionFilters_1 = require("../exceptionFilters");
+const filters_1 = require("../filters");
 const interceptors_1 = require("../interceptors");
 const middlewares_1 = require("../middlewares");
 let HTTPAPIModule = HTTPAPIModule_1 = class HTTPAPIModule {
@@ -34,8 +35,9 @@ let HTTPAPIModule = HTTPAPIModule_1 = class HTTPAPIModule {
         consumer.apply(express_1.default.urlencoded({ verify: HTTPAPIModule_1.rawBodyBuffer, extended: true })).forRoutes('*');
         consumer.apply(express_1.default.json({ verify: HTTPAPIModule_1.rawBodyBuffer })).forRoutes('*');
         consumer.apply((0, cookie_parser_1.default)()).forRoutes('*');
+        consumer.apply(middlewares_1.HTTPRequestLoggingMiddleware).forRoutes('*');
         consumer.apply(middlewares_1.HTTPCORSMiddleware).forRoutes('*');
-        consumer.apply(middlewares_1.HTTPAuthenticationMiddleware).forRoutes('*');
+        consumer.apply(middlewares_1.HTTPAuthorizationMiddleware).forRoutes('*');
     }
     static rawBodyBuffer(req, _res, buffer) {
         if (buffer && buffer.length) {
@@ -45,18 +47,24 @@ let HTTPAPIModule = HTTPAPIModule_1 = class HTTPAPIModule {
     static register(options) {
         const { folderData, imports: additionalImports, moduleClass } = options;
         const { atEnd: importsAtEnd, atStart: importsAtStart } = additionalImports || {};
-        const { controllers, services } = (0, core_1.loadDynamicModules)(folderData);
+        const { controllers, services } = (0, core_2.loadDynamicModules)(folderData);
         return {
             module: moduleClass,
             imports: [...(importsAtStart || []), ...(importsAtEnd || [])],
             providers: [
+                {
+                    provide: core_1.APP_PIPE,
+                    useValue: new common_1.ValidationPipe({
+                        whitelist: true
+                    })
+                },
                 {
                     provide: definitions_1.Constants.API_MODULE_NAME,
                     useValue: options.moduleName
                 },
                 {
                     provide: definitions_1.Constants.AUTHORIZATION_INTERCEPTOR,
-                    useClass: interceptors_1.HTTPAuthorizationInterceptor
+                    useClass: interceptors_1.HTTPAccessControlInterceptor
                 },
                 {
                     provide: definitions_1.Constants.ERROR_INTERCEPTOR,
@@ -64,7 +72,7 @@ let HTTPAPIModule = HTTPAPIModule_1 = class HTTPAPIModule {
                 },
                 {
                     provide: definitions_1.Constants.HTTP_EXCEPTION_FILTER,
-                    useClass: exceptionFilters_1.HttpExceptionFilter
+                    useClass: filters_1.HttpExceptionFilter
                 },
                 ...(options.providers || []),
                 ...(services || [])
@@ -77,6 +85,6 @@ let HTTPAPIModule = HTTPAPIModule_1 = class HTTPAPIModule {
 exports.HTTPAPIModule = HTTPAPIModule;
 exports.HTTPAPIModule = HTTPAPIModule = HTTPAPIModule_1 = __decorate([
     __param(1, (0, common_1.Inject)(definitions_1.Constants.API_MODULE_NAME)),
-    __metadata("design:paramtypes", [core_1.ConfigProviderService, String])
+    __metadata("design:paramtypes", [core_2.ConfigProviderService, String])
 ], HTTPAPIModule);
 //# sourceMappingURL=http.api.module.js.map

package/dist/module/http.api.module.js.map

@@ -1 +1 @@
-{"version":3,"file":"http.api.module.js","sourceRoot":"","sources":["../../src/module/http.api.module.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;AAAA,2CAA2F;AAE3F,uCAAyE;AAEzE,kEAAyC;AACzC,sDAA4C;AAI5C,uDAAqE;AACrE,0DAA0D;AAC1D,kDAAqF;AACrF,gDAAkF;AAElF,IAAa,aAAa,qBAA1B,MAAa,aAAa;IACxB,YAEY,cAAqC,EAGrC,UAAkB;QAHlB,mBAAc,GAAd,cAAc,CAAuB;QAGrC,eAAU,GAAV,UAAU,CAAQ;IAC3B,CAAC;IAEJ,SAAS,CAAC,QAA4B;QACpC,QAAQ,CAAC,KAAK,CAAC,iBAAO,CAAC,UAAU,CAAC,EAAE,MAAM,EAAE,eAAa,CAAC,aAAa,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QAC3G,QAAQ,CAAC,KAAK,CAAC,iBAAO,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,eAAa,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACrF,QAAQ,CAAC,KAAK,CAAC,IAAA,uBAAY,GAAE,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QAC9C,QAAQ,CAAC,KAAK,CAAC,gCAAkB,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QAClD,QAAQ,CAAC,KAAK,CAAC,0CAA4B,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,CAAC,aAAa,CAAC,GAA+B,EAAE,IAAc,EAAE,MAAc;QAClF,IAAI,MAAM,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;YAC5B,GAAG,CAAC,OAAO,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;QAClC,CAAC;IACH,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,OAA6B;QAC3C,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC;QACxE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,cAAc,EAAE,GAAG,iBAAiB,IAAI,EAAE,CAAC;QACjF,MAAM,EAAE,WAAW,EAAE,QAAQ,EAAE,GAAG,IAAA,yBAAkB,EAAC,UAAU,CAAC,CAAC;QACjE,OAAO;YACL,MAAM,EAAE,WAAsC;YAC9C,OAAO,EAAE,CAAC,GAAG,CAAC,cAAc,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC;YAC7D,SAAS,EAAE;gBACT;oBACE,OAAO,EAAE,uBAAS,CAAC,eAAe;oBAClC,QAAQ,EAAE,OAAO,CAAC,UAAU;iBAC7B;gBACD;oBACE,OAAO,EAAE,uBAAS,CAAC,yBAAyB;oBAC5C,QAAQ,EAAE,2CAA4B;iBACvC;gBACD;oBACE,OAAO,EAAE,uBAAS,CAAC,iBAAiB;oBACpC,QAAQ,EAAE,mCAAoB;iBAC/B;gBACD;oBACE,OAAO,EAAE,uBAAS,CAAC,qBAAqB;oBACxC,QAAQ,EAAE,sCAAmB;iBAC9B;gBACD,GAAG,CAAC,OAAO,CAAC,SAAS,IAAI,EAAE,CAAC;gBAC5B,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC;aACpB;YACD,WAAW,EAAE,CAAC,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,WAAW,IAAI,EAAE,CAAC,CAA6C;YACjH,OAAO,EAAE,CAAC,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;SAC3D,CAAC;IACJ,CAAC;CACF,CAAA;AAtDY,sCAAa;wBAAb,aAAa;IAIrB,WAAA,IAAA,eAAM,EAAC,uBAAS,CAAC,eAAe,CAAC,CAAA;qCADR,4BAAqB;GAHtC,aAAa,CAsDzB"}
+{"version":3,"file":"http.api.module.js","sourceRoot":"","sources":["../../src/module/http.api.module.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;AAAA,2CAA2G;AAC3G,uCAAwC;AAExC,uCAAyE;AAEzE,kEAAyC;AACzC,sDAA4C;AAI5C,uDAAqE;AACrE,wCAAiD;AACjD,kDAAqF;AACrF,gDAA+G;AAE/G,IAAa,aAAa,qBAA1B,MAAa,aAAa;IACxB,YAEY,cAAqC,EAGrC,UAAkB;QAHlB,mBAAc,GAAd,cAAc,CAAuB;QAGrC,eAAU,GAAV,UAAU,CAAQ;IAC3B,CAAC;IAEJ,SAAS,CAAC,QAA4B;QACpC,QAAQ,CAAC,KAAK,CAAC,iBAAO,CAAC,UAAU,CAAC,EAAE,MAAM,EAAE,eAAa,CAAC,aAAa,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QAC3G,QAAQ,CAAC,KAAK,CAAC,iBAAO,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,eAAa,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACrF,QAAQ,CAAC,KAAK,CAAC,IAAA,uBAAY,GAAE,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QAE9C,QAAQ,CAAC,KAAK,CAAC,0CAA4B,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QAC5D,QAAQ,CAAC,KAAK,CAAC,gCAAkB,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QAClD,QAAQ,CAAC,KAAK,CAAC,yCAA2B,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7D,CAAC;IAED,MAAM,CAAC,aAAa,CAAC,GAA+B,EAAE,IAAc,EAAE,MAAc;QAClF,IAAI,MAAM,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;YAC5B,GAAG,CAAC,OAAO,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;QAClC,CAAC;IACH,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,OAA6B;QAC3C,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC;QACxE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,cAAc,EAAE,GAAG,iBAAiB,IAAI,EAAE,CAAC;QACjF,MAAM,EAAE,WAAW,EAAE,QAAQ,EAAE,GAAG,IAAA,yBAAkB,EAAC,UAAU,CAAC,CAAC;QACjE,OAAO;YACL,MAAM,EAAE,WAAsC;YAC9C,OAAO,EAAE,CAAC,GAAG,CAAC,cAAc,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC;YAC7D,SAAS,EAAE;gBAET;oBACE,OAAO,EAAE,eAAQ;oBAEjB,QAAQ,EAAE,IAAI,uBAAc,CAAC;wBAC3B,SAAS,EAAE,IAAI;qBAChB,CAAC;iBACH;gBACD;oBACE,OAAO,EAAE,uBAAS,CAAC,eAAe;oBAClC,QAAQ,EAAE,OAAO,CAAC,UAAU;iBAC7B;gBACD;oBACE,OAAO,EAAE,uBAAS,CAAC,yBAAyB;oBAC5C,QAAQ,EAAE,2CAA4B;iBACvC;gBACD;oBACE,OAAO,EAAE,uBAAS,CAAC,iBAAiB;oBACpC,QAAQ,EAAE,mCAAoB;iBAC/B;gBACD;oBACE,OAAO,EAAE,uBAAS,CAAC,qBAAqB;oBACxC,QAAQ,EAAE,6BAAmB;iBAC9B;gBACD,GAAG,CAAC,OAAO,CAAC,SAAS,IAAI,EAAE,CAAC;gBAC5B,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC;aACpB;YACD,WAAW,EAAE,CAAC,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,WAAW,IAAI,EAAE,CAAC,CAA6C;YACjH,OAAO,EAAE,CAAC,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;SAC3D,CAAC;IACJ,CAAC;CACF,CAAA;AAhEY,sCAAa;wBAAb,aAAa;IAIrB,WAAA,IAAA,eAAM,EAAC,uBAAS,CAAC,eAAe,CAAC,CAAA;qCADR,4BAAqB;GAHtC,aAAa,CAgEzB"}

package/package.json

@@ -1,29 +1,34 @@
 {
   "name": "@node-c/api-http",
-  "version": "1.0.0-alpha9",
+  "version": "1.0.0-beta1",
   "license": "MIT",
   "main": "dist/index.js",
   "scripts": {
     "build": "tsc -p tsconfig.build.json",
+    "build:clean": "rm -rf dist/* && rm -f *.tsbuildinfo && npm run build",
     "check-types": "tsc -p tsconfig.build.json --noEmit",
     "dev": "tsc -p tsconfig.build.json --watch",
-    "publish-package": "rm -rf dist/* && rm -f *.tsbuildinfo && npm run build && npm publish --access public",
+    "lint": "eslint src",
+    "lint:fix": "eslint src --fix",
+    "publish-package": "npm run build:clean && npm publish --access public",
     "test": "vitest --config src/vitest.config.ts",
     "test:coverage": "vitest --config src/vitest.config.ts --coverage"
   },
   "dependencies": {
-    "@nestjs/common": "^10.4.12",
-    "@ramster/general-tools": "^2.3.0",
+    "@nestjs/common": "^11.1.16",
+    "@nestjs/platform-express": "^11.1.16",
     "cookie-parser": "^1.4.7",
     "express": "^4.21.2",
+    "lodash": "^4.17.21",
     "rxjs": "^7.8.1"
   },
   "devDependencies": {
     "@types/cookie-parser": "^1.4.8",
-    "@types/express": "^5.0.0"
+    "@types/express": "^5.0.0",
+    "@types/lodash": "^4.17.19"
   },
   "peerDependencies": {
-    "@node-c/core": "^1.0.0-alpha9",
-    "@node-c/domain-iam": "^1.0.0-alpha9"
+    "@node-c/core": "^1.0.0-beta1",
+    "@node-c/domain-iam": "^1.0.0-beta1"
   }
 }

package/src/common/definitions/common.constants.ts

@@ -4,7 +4,7 @@ export enum Constants {
   // eslint-disable-next-line no-unused-vars
   API_MODULE_NAME = 'API_MODULE_NAME',
   // eslint-disable-next-line no-unused-vars
-  AUTHENTICATION_MIDDLEWARE_TOKEN_MANAGER_SERVICE = 'AUTHENTICATION_MIDDLEWARE_TOKEN_MANAGER_SERVICE',
+  AUTHORIZATION_MIDDLEWARE_TOKEN_MANAGER_SERVICE = 'AUTHORIZATION_MIDDLEWARE_TOKEN_MANAGER_SERVICE',
   // eslint-disable-next-line no-unused-vars
   AUTHENTICATION_MIDDLEWARE_USERS_SERVICE = 'AUTHENTICATION_MIDDLEWARE_USERS_SERVICE',
   // eslint-disable-next-line no-unused-vars

package/src/common/utils/index.ts

@@ -0,0 +1 @@
+export * from './utils.checkRoutes';

package/src/common/utils/utils.checkRoutes.ts

@@ -0,0 +1,31 @@
+/**
+ * Checks whether a route exists in a list of HTTP routes. Supports ExpressJS-style route parameters, i.e. /users/item/:id.
+ * @param route (required) - The route to be checked.
+ * @param routes (required) - The array of routes to check in.
+ * @returns A boolean, which is the result of the check.
+ */
+export function checkRoutes(route: string, routes: string[]): boolean {
+  const splitRoute = route.split('/');
+  for (const i in routes) {
+    const item = routes[i],
+      splitItem = item.split('/');
+    if (item === '*' || route === item) {
+      return true;
+    }
+    if (item.indexOf(':') !== -1 && splitItem.length === splitRoute.length) {
+      let valid = true;
+      for (const j in splitItem) {
+        const innerItem = splitItem[j],
+          routeItem = splitRoute[j];
+        if (routeItem !== innerItem && innerItem.indexOf(':') === -1) {
+          valid = false;
+          break;
+        }
+      }
+      if (valid) {
+        return true;
+      }
+    }
+  }
+  return false;
+}

package/src/decorators/http.decorators.accessControl.ts

@@ -0,0 +1,8 @@
+import { Reflector } from '@nestjs/core';
+import { GenericObject } from '@node-c/core';
+
+export const AccessControlContext = Reflector.createDecorator<
+  string | { context: string; resourceMap: GenericObject<string> }
+>();
+
+export const AccessControlResource = Reflector.createDecorator<string>();

package/src/decorators/index.ts

@@ -0,0 +1 @@
+export * from './http.decorators.accessControl';

package/src/filters/index.ts

@@ -0,0 +1 @@
+export * from './http.filtes.exception';

package/src/index.ts

@@ -1,5 +1,6 @@
 export * from './common/definitions';
-export * from './exceptionFilters';
+export * from './filters';
+export * from './decorators';
 export * from './interceptors';
 export * from './middlewares';
 export * from './module';

package/src/interceptors/http.interceptors.accessControl.ts

@@ -0,0 +1,101 @@
+import { CallHandler, ExecutionContext, HttpException, HttpStatus, Injectable, NestInterceptor } from '@nestjs/common';
+import { ModuleRef, Reflector } from '@nestjs/core';
+
+import { GenericObject, LoggerService, Constants as NodeCCoreConstants, setNested } from '@node-c/core';
+import {
+  IAMAuthorizationService,
+  IAMUserManagerUserWithPermissionsData,
+  Constants as NodeCDomainIAMConstants
+} from '@node-c/domain-iam';
+
+import { Observable, map } from 'rxjs';
+
+import { RequestWithLocals } from '../common/definitions';
+import { AccessControlContext, AccessControlResource } from '../decorators';
+
+/*
+ * Authorization interceptor - used for role-based and fine-grained access control.
+ */
+@Injectable()
+export class HTTPAccessControlInterceptor<
+  User extends IAMUserManagerUserWithPermissionsData<unknown, unknown>
+> implements NestInterceptor {
+  constructor(
+    // eslint-disable-next-line no-unused-vars
+    protected logger: LoggerService,
+    // eslint-disable-next-line no-unused-vars
+    protected moduleRef: ModuleRef,
+    // eslint-disable-next-line no-unused-vars
+    protected reflector: Reflector
+  ) {}
+
+  async intercept(context: ExecutionContext, next: CallHandler): Promise<Observable<unknown>> {
+    const [req]: [RequestWithLocals<User>, unknown] = context.getArgs();
+    const locals = req.locals!;
+    if (!locals) {
+      throw new HttpException('Forbidden', HttpStatus.FORBIDDEN);
+    } else if (locals.isAnonymous) {
+      return next.handle();
+    }
+    const { logger, moduleRef, reflector } = this;
+    const contextClass = context.getClass();
+    const contextHandler = context.getHandler();
+    const moduleName =
+      moduleRef.get(NodeCDomainIAMConstants.ACCESS_CONTROL_MODULE_NAME) ||
+      moduleRef.get(NodeCCoreConstants.API_MODULE_NAME);
+    if (!moduleName) {
+      logger.error(
+        `[HTTPAccessControlInterceptor]: No moduleName configured for ${contextClass.name}.${contextHandler.name}.`
+      );
+      throw new HttpException('Internal Server Error', HttpStatus.INTERNAL_SERVER_ERROR);
+    }
+    const resourceContextData = reflector.get(AccessControlContext, contextClass);
+    const accessControlOptions = {
+      moduleName,
+      resource:
+        reflector.get(AccessControlResource, contextHandler) ||
+        (typeof resourceContextData !== 'string' && resourceContextData?.resourceMap?.[contextHandler.name]) ||
+        contextHandler.name,
+      resourceContext:
+        (typeof resourceContextData === 'string' && resourceContextData) ||
+        (typeof resourceContextData !== 'string' && resourceContextData?.context) ||
+        contextClass.name
+    };
+    const user = locals.user!; // we'll always have this, otherwise the system has not been configured properly
+    const {
+      authorizationPoints: usedAuthorizationPoints,
+      errorCode,
+      hasAccess,
+      inputDataToBeMutated
+    } = IAMAuthorizationService.checkAccess(
+      { body: req.body, headers: req.headers, params: req.params, query: req.query },
+      user,
+      accessControlOptions
+    );
+    if (!hasAccess) {
+      logger.error(
+        `[${moduleName}][HTTPAccessControlInterceptor]: No user access to resource ${accessControlOptions.moduleName}.${accessControlOptions.resourceContext}.${accessControlOptions.resource} - ${errorCode}.`
+      );
+      throw new HttpException('Forbidden', HttpStatus.FORBIDDEN);
+    }
+    for (const key in inputDataToBeMutated) {
+      setNested(req, key, inputDataToBeMutated[key], { removeNestedFieldEscapeSign: true });
+    }
+    return next.handle().pipe(
+      map((data?: unknown) => {
+        if (typeof data === 'undefined' || data === null || typeof data !== 'object' || data instanceof Date) {
+          return data;
+        }
+        const actualData = data as GenericObject;
+        const { outputDataToBeMutated } = IAMAuthorizationService.processOutputData(
+          usedAuthorizationPoints,
+          actualData
+        );
+        for (const key in outputDataToBeMutated) {
+          setNested(actualData, key, outputDataToBeMutated[key]);
+        }
+        return actualData;
+      })
+    );
+  }
+}

package/src/interceptors/http.interceptors.error.ts

@@ -1,6 +1,6 @@
 import { CallHandler, ExecutionContext, Injectable, NestInterceptor } from '@nestjs/common';
 
-import { ApplicationError } from '@node-c/core';
+import { ApplicationError, LoggerService } from '@node-c/core';
 
 import { Observable } from 'rxjs';
 import { catchError } from 'rxjs/operators';
@@ -9,10 +9,15 @@ import { ServerError } from '../common/definitions/common.errors';
 
 @Injectable()
 export class HTTPErrorInterceptor implements NestInterceptor {
+  constructor(
+    // eslint-disable-next-line no-unused-vars
+    protected logger: LoggerService
+  ) {}
+
   intercept(context: ExecutionContext, next: CallHandler): Observable<unknown> {
     return next.handle().pipe(
       catchError(error => {
-        console.error(error);
+        this.logger.error(error);
         let message: string | string[] = 'An error has occurred.';
         let status = 500;
         if (error instanceof ApplicationError || error instanceof ServerError) {
@@ -43,16 +48,12 @@ export class HTTPErrorInterceptor implements NestInterceptor {
             message = error.message;
           }
         }
-        // TODO: fix this, as we're still getting error 500 when throwing the exception
         context
           .switchToHttp()
           .getResponse()
           .status(status)
           .json({ error: message instanceof Array ? message.join('\n') : message });
-        return [];
-        // return throwError(
-        //   () => new HttpException({ error: message instanceof Array ? message.join('\n') : message }, status)
-        // );
+        return new Observable();
       })
     );
   }

package/src/interceptors/index.ts

@@ -1,2 +1,2 @@
-export * from './http.interceptors.authorization';
+export * from './http.interceptors.accessControl';
 export * from './http.interceptors.error';

package/src/middlewares/http.middlewares.authorization.ts

@@ -0,0 +1,155 @@
+import { HttpException, HttpStatus, Inject, Injectable, NestMiddleware } from '@nestjs/common';
+
+import { AppConfigAPIHTTP, ConfigProviderService, LoggerService } from '@node-c/core';
+import {
+  AuthorizationPoint,
+  IAMAuthorizationService,
+  IAMTokenManagerService,
+  IAMUserManagerService,
+  IAMUserManagerUserTokenEnityFields
+} from '@node-c/domain-iam';
+
+import { NextFunction, Response } from 'express';
+
+import { Constants, RequestWithLocals } from '../common/definitions';
+import { checkRoutes } from '../common/utils';
+
+/*
+ * Authorization middleware - used for general authorization of the HTTP resource.
+ */
+@Injectable()
+export class HTTPAuthorizationMiddleware<User extends object> implements NestMiddleware {
+  constructor(
+    @Inject(Constants.API_MODULE_AUTHORIZATION_SERVICE)
+    // eslint-disable-next-line no-unused-vars
+    protected authorizationService: IAMAuthorizationService<AuthorizationPoint<unknown>>,
+    // eslint-disable-next-line no-unused-vars
+    protected configProvider: ConfigProviderService,
+    // eslint-disable-next-line no-unused-vars
+    protected logger: LoggerService,
+    @Inject(Constants.API_MODULE_NAME)
+    // eslint-disable-next-line no-unused-vars
+    protected moduleName: string,
+    @Inject(Constants.AUTHORIZATION_MIDDLEWARE_TOKEN_MANAGER_SERVICE)
+    // eslint-disable-next-line no-unused-vars
+    protected tokenManager?: IAMTokenManagerService<IAMUserManagerUserTokenEnityFields>,
+    @Inject(Constants.AUTHENTICATION_MIDDLEWARE_USERS_SERVICE)
+    // eslint-disable-next-line no-unused-vars
+    protected usersService?: IAMUserManagerService<User>
+  ) {}
+
+  use(req: RequestWithLocals<unknown>, res: Response, next: NextFunction): void {
+    const { configProvider, logger, moduleName, tokenManager, usersService } = this;
+    (async () => {
+      const moduleConfig = configProvider.config.api![moduleName] as AppConfigAPIHTTP;
+      const { anonymousAccessRoutes } = moduleConfig;
+      const requestMethod = req.method.toLowerCase();
+      if (!req.locals) {
+        req.locals = {};
+      }
+      if (anonymousAccessRoutes && Object.keys(anonymousAccessRoutes).length) {
+        const originalUrl = req.originalUrl.split('?')[0];
+        let isAnonymous = false;
+        for (const route in anonymousAccessRoutes) {
+          if (
+            checkRoutes(originalUrl, [route]) &&
+            anonymousAccessRoutes[route].find(method => method === requestMethod)
+          ) {
+            isAnonymous = true;
+            break;
+          }
+        }
+        if (isAnonymous) {
+          req.locals.isAnonymous = true;
+          next();
+          return;
+        }
+      }
+      const hasApiKey = !!req.headers.authorization?.match(/^ApiKey\s/);
+      if (hasApiKey) {
+        const [apiKeyFromHeader, requestSignature] =
+          req.headers.authorization?.replace(/^ApiKey\s/, '')?.split(' ') || [];
+        let signatureContent = '';
+        if (requestMethod === 'get' && req.query && Object.keys(req.query).length) {
+          signatureContent = JSON.stringify(req.query);
+        } else if (
+          (requestMethod === 'delete' ||
+            requestMethod === 'patch' ||
+            requestMethod === 'post' ||
+            requestMethod === 'put') &&
+          req.body &&
+          Object.keys(req.body).length
+        ) {
+          signatureContent = JSON.stringify(req.body);
+        } else {
+          signatureContent = req.originalUrl.split('?')[0];
+        }
+        const { valid } = await this.authorizationService.authorizeApiKey(
+          {
+            apiKey: apiKeyFromHeader,
+            signature: requestSignature,
+            signatureContent
+          },
+          { config: moduleConfig }
+        );
+        if (!valid) {
+          throw new HttpException('Unauthorized', HttpStatus.UNAUTHORIZED);
+        }
+        next();
+        return;
+      } else if (!tokenManager) {
+        logger.error('Missing api key in the configuration and no tokenManager set up.');
+        throw new HttpException('Unauthorized', HttpStatus.UNAUTHORIZED);
+      }
+      let tokens: string[] = [];
+      let authToken = req.headers.authorization;
+      let refreshToken: string | undefined;
+      let useCookie = false;
+      if (typeof authToken === 'string' && authToken.length && authToken.match(/^Bearer\s/)) {
+        tokens = authToken.split(' ');
+        if (tokens.length) {
+          authToken = tokens[1];
+          refreshToken = tokens[2];
+        }
+      } else {
+        authToken = req.cookies['sid'];
+        useCookie = true;
+      }
+      const { newAuthToken, tokenContent, valid } =
+        await this.authorizationService.authorizeBearer<IAMUserManagerUserTokenEnityFields>(
+          { authToken, refreshToken },
+          { identifierDataField: usersService ? 'userId' : undefined }
+        );
+      if (!valid) {
+        throw new HttpException('Unauthorized', HttpStatus.UNAUTHORIZED);
+      }
+      if (usersService) {
+        const userId = tokenContent?.data?.userId;
+        if (!userId) {
+          logger.error('Missing userId in the tokenContent data.');
+          throw new HttpException('Unauthorized', HttpStatus.UNAUTHORIZED);
+        }
+        // use the bearer auth token decoded payload for the user data, if configured this way
+        const user = tokenContent?.data?.user;
+        if (user) {
+          req.locals!.user = user;
+        } else {
+          req.locals!.user = await usersService.getUserWithPermissionsData({ filters: { id: userId } });
+        }
+      }
+      if (newAuthToken) {
+        res.setHeader('Authorization', `Bearer ${newAuthToken}${refreshToken ? ` ${refreshToken}` : ''}`);
+        if (useCookie) {
+          res.cookie('sid', newAuthToken);
+        }
+      }
+      next();
+    })().then(
+      () => true,
+      err => {
+        logger.error(err);
+        res.status((err && err.status) || HttpStatus.INTERNAL_SERVER_ERROR).end();
+      }
+    );
+  }
+}

package/src/middlewares/http.middlewares.cors.ts

@@ -25,9 +25,9 @@ export class HTTPCORSMiddleware implements NestMiddleware {
       'Access-Control-Allow-Headers',
       'accept,accept-encoding,accept-language,authorization,connection,content-type,host,origin,referer,user-agent'
     );
-    res.set('Access-Control-Expose-Headers', 'Authorization');
     res.set('Access-Control-Allow-Methods', 'OPTIONS,GET,POST,PUT,PATCH,DELETE');
     res.set('Access-Control-Allow-Credentials', 'true');
+    res.set('Access-Control-Expose-Headers', 'Authorization');
     if (req.method.toLowerCase() === 'options') {
       res.status(HttpStatus.OK).end();
       return;

package/src/middlewares/http.middlewares.requestLogging.ts

@@ -0,0 +1,22 @@
+import { Inject, Injectable, NestMiddleware } from '@nestjs/common';
+
+import { LoggerService } from '@node-c/core';
+import { NextFunction, Response } from 'express';
+
+import { Constants, RequestWithLocals } from '../common/definitions';
+
+@Injectable()
+export class HTTPRequestLoggingMiddleware implements NestMiddleware {
+  constructor(
+    // eslint-disable-next-line no-unused-vars
+    protected logger: LoggerService,
+    @Inject(Constants.API_MODULE_NAME)
+    // eslint-disable-next-line no-unused-vars
+    protected moduleName: string
+  ) {}
+
+  use(req: RequestWithLocals<unknown>, _res: Response, next: NextFunction): void {
+    this.logger.info(`[${this.moduleName}]: ${req.method} ${req.baseUrl}`);
+    next();
+  }
+}

package/src/middlewares/index.ts

@@ -1,2 +1,3 @@
-export * from './http.middlewares.authentication';
+export * from './http.middlewares.authorization';
 export * from './http.middlewares.cors';
+export * from './http.middlewares.requestLogging';