@os.io/nest-kit 0.0.1-alpha.0 → 0.0.1-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (286) hide show
  1. package/README.md +30 -30
  2. package/package.json +41 -5
  3. package/dist/auth/auth.constants.d.ts +0 -19
  4. package/dist/auth/auth.constants.d.ts.map +0 -1
  5. package/dist/auth/auth.constants.js +0 -19
  6. package/dist/auth/auth.constants.js.map +0 -1
  7. package/dist/auth/auth.guard.d.ts +0 -20
  8. package/dist/auth/auth.guard.d.ts.map +0 -1
  9. package/dist/auth/auth.guard.js +0 -84
  10. package/dist/auth/auth.guard.js.map +0 -1
  11. package/dist/auth/auth.module.d.ts +0 -26
  12. package/dist/auth/auth.module.d.ts.map +0 -1
  13. package/dist/auth/auth.module.js +0 -344
  14. package/dist/auth/auth.module.js.map +0 -1
  15. package/dist/auth/auth.options.d.ts +0 -179
  16. package/dist/auth/auth.options.d.ts.map +0 -1
  17. package/dist/auth/auth.options.js +0 -2
  18. package/dist/auth/auth.options.js.map +0 -1
  19. package/dist/auth/auth.service.d.ts +0 -57
  20. package/dist/auth/auth.service.d.ts.map +0 -1
  21. package/dist/auth/auth.service.js +0 -175
  22. package/dist/auth/auth.service.js.map +0 -1
  23. package/dist/auth/authorization/index.d.ts +0 -3
  24. package/dist/auth/authorization/index.d.ts.map +0 -1
  25. package/dist/auth/authorization/index.js +0 -3
  26. package/dist/auth/authorization/index.js.map +0 -1
  27. package/dist/auth/authorization/pbac/index.d.ts +0 -6
  28. package/dist/auth/authorization/pbac/index.d.ts.map +0 -1
  29. package/dist/auth/authorization/pbac/index.js +0 -4
  30. package/dist/auth/authorization/pbac/index.js.map +0 -1
  31. package/dist/auth/authorization/pbac/pbac.decorator.d.ts +0 -18
  32. package/dist/auth/authorization/pbac/pbac.decorator.d.ts.map +0 -1
  33. package/dist/auth/authorization/pbac/pbac.decorator.js +0 -14
  34. package/dist/auth/authorization/pbac/pbac.decorator.js.map +0 -1
  35. package/dist/auth/authorization/pbac/pbac.guard.d.ts +0 -19
  36. package/dist/auth/authorization/pbac/pbac.guard.d.ts.map +0 -1
  37. package/dist/auth/authorization/pbac/pbac.guard.js +0 -60
  38. package/dist/auth/authorization/pbac/pbac.guard.js.map +0 -1
  39. package/dist/auth/authorization/pbac/pbac.service.d.ts +0 -44
  40. package/dist/auth/authorization/pbac/pbac.service.d.ts.map +0 -1
  41. package/dist/auth/authorization/pbac/pbac.service.js +0 -146
  42. package/dist/auth/authorization/pbac/pbac.service.js.map +0 -1
  43. package/dist/auth/authorization/pbac/pbac.types.d.ts +0 -47
  44. package/dist/auth/authorization/pbac/pbac.types.d.ts.map +0 -1
  45. package/dist/auth/authorization/pbac/pbac.types.js +0 -2
  46. package/dist/auth/authorization/pbac/pbac.types.js.map +0 -1
  47. package/dist/auth/authorization/rbac/index.d.ts +0 -4
  48. package/dist/auth/authorization/rbac/index.d.ts.map +0 -1
  49. package/dist/auth/authorization/rbac/index.js +0 -4
  50. package/dist/auth/authorization/rbac/index.js.map +0 -1
  51. package/dist/auth/authorization/rbac/rbac.decorator.d.ts +0 -18
  52. package/dist/auth/authorization/rbac/rbac.decorator.d.ts.map +0 -1
  53. package/dist/auth/authorization/rbac/rbac.decorator.js +0 -25
  54. package/dist/auth/authorization/rbac/rbac.decorator.js.map +0 -1
  55. package/dist/auth/authorization/rbac/rbac.guard.d.ts +0 -19
  56. package/dist/auth/authorization/rbac/rbac.guard.d.ts.map +0 -1
  57. package/dist/auth/authorization/rbac/rbac.guard.js +0 -50
  58. package/dist/auth/authorization/rbac/rbac.guard.js.map +0 -1
  59. package/dist/auth/authorization/rbac/rbac.service.d.ts +0 -43
  60. package/dist/auth/authorization/rbac/rbac.service.d.ts.map +0 -1
  61. package/dist/auth/authorization/rbac/rbac.service.js +0 -95
  62. package/dist/auth/authorization/rbac/rbac.service.js.map +0 -1
  63. package/dist/auth/decorators/current-user.decorator.d.ts +0 -17
  64. package/dist/auth/decorators/current-user.decorator.d.ts.map +0 -1
  65. package/dist/auth/decorators/current-user.decorator.js +0 -23
  66. package/dist/auth/decorators/current-user.decorator.js.map +0 -1
  67. package/dist/auth/decorators/index.d.ts +0 -3
  68. package/dist/auth/decorators/index.d.ts.map +0 -1
  69. package/dist/auth/decorators/index.js +0 -3
  70. package/dist/auth/decorators/index.js.map +0 -1
  71. package/dist/auth/decorators/public.decorator.d.ts +0 -13
  72. package/dist/auth/decorators/public.decorator.d.ts.map +0 -1
  73. package/dist/auth/decorators/public.decorator.js +0 -15
  74. package/dist/auth/decorators/public.decorator.js.map +0 -1
  75. package/dist/auth/index.d.ts +0 -63
  76. package/dist/auth/index.d.ts.map +0 -1
  77. package/dist/auth/index.js +0 -65
  78. package/dist/auth/index.js.map +0 -1
  79. package/dist/auth/interfaces/auth-request.interface.d.ts +0 -18
  80. package/dist/auth/interfaces/auth-request.interface.d.ts.map +0 -1
  81. package/dist/auth/interfaces/auth-request.interface.js +0 -2
  82. package/dist/auth/interfaces/auth-request.interface.js.map +0 -1
  83. package/dist/auth/interfaces/auth-result.interface.d.ts +0 -28
  84. package/dist/auth/interfaces/auth-result.interface.d.ts.map +0 -1
  85. package/dist/auth/interfaces/auth-result.interface.js +0 -2
  86. package/dist/auth/interfaces/auth-result.interface.js.map +0 -1
  87. package/dist/auth/interfaces/auth-strategy.interface.d.ts +0 -37
  88. package/dist/auth/interfaces/auth-strategy.interface.d.ts.map +0 -1
  89. package/dist/auth/interfaces/auth-strategy.interface.js +0 -16
  90. package/dist/auth/interfaces/auth-strategy.interface.js.map +0 -1
  91. package/dist/auth/interfaces/auth-user.interface.d.ts +0 -25
  92. package/dist/auth/interfaces/auth-user.interface.d.ts.map +0 -1
  93. package/dist/auth/interfaces/auth-user.interface.js +0 -2
  94. package/dist/auth/interfaces/auth-user.interface.js.map +0 -1
  95. package/dist/auth/interfaces/cache-service.interface.d.ts +0 -30
  96. package/dist/auth/interfaces/cache-service.interface.d.ts.map +0 -1
  97. package/dist/auth/interfaces/cache-service.interface.js +0 -2
  98. package/dist/auth/interfaces/cache-service.interface.js.map +0 -1
  99. package/dist/auth/interfaces/index.d.ts +0 -8
  100. package/dist/auth/interfaces/index.d.ts.map +0 -1
  101. package/dist/auth/interfaces/index.js +0 -2
  102. package/dist/auth/interfaces/index.js.map +0 -1
  103. package/dist/auth/interfaces/user-service.interface.d.ts +0 -34
  104. package/dist/auth/interfaces/user-service.interface.d.ts.map +0 -1
  105. package/dist/auth/interfaces/user-service.interface.js +0 -2
  106. package/dist/auth/interfaces/user-service.interface.js.map +0 -1
  107. package/dist/auth/password/password.service.d.ts +0 -23
  108. package/dist/auth/password/password.service.d.ts.map +0 -1
  109. package/dist/auth/password/password.service.js +0 -52
  110. package/dist/auth/password/password.service.js.map +0 -1
  111. package/dist/auth/session/device-session.service.d.ts +0 -43
  112. package/dist/auth/session/device-session.service.d.ts.map +0 -1
  113. package/dist/auth/session/device-session.service.js +0 -72
  114. package/dist/auth/session/device-session.service.js.map +0 -1
  115. package/dist/auth/session/index.d.ts +0 -5
  116. package/dist/auth/session/index.d.ts.map +0 -1
  117. package/dist/auth/session/index.js +0 -4
  118. package/dist/auth/session/index.js.map +0 -1
  119. package/dist/auth/session/jwt.service.d.ts +0 -37
  120. package/dist/auth/session/jwt.service.d.ts.map +0 -1
  121. package/dist/auth/session/jwt.service.js +0 -119
  122. package/dist/auth/session/jwt.service.js.map +0 -1
  123. package/dist/auth/session/token-blacklist.service.d.ts +0 -37
  124. package/dist/auth/session/token-blacklist.service.d.ts.map +0 -1
  125. package/dist/auth/session/token-blacklist.service.js +0 -70
  126. package/dist/auth/session/token-blacklist.service.js.map +0 -1
  127. package/dist/auth/strategies/anonymous/anonymous.strategy.d.ts +0 -19
  128. package/dist/auth/strategies/anonymous/anonymous.strategy.d.ts.map +0 -1
  129. package/dist/auth/strategies/anonymous/anonymous.strategy.js +0 -49
  130. package/dist/auth/strategies/anonymous/anonymous.strategy.js.map +0 -1
  131. package/dist/auth/strategies/base/base.strategy.d.ts +0 -11
  132. package/dist/auth/strategies/base/base.strategy.d.ts.map +0 -1
  133. package/dist/auth/strategies/base/base.strategy.js +0 -6
  134. package/dist/auth/strategies/base/base.strategy.js.map +0 -1
  135. package/dist/auth/strategies/credentials/credentials.strategy.d.ts +0 -21
  136. package/dist/auth/strategies/credentials/credentials.strategy.d.ts.map +0 -1
  137. package/dist/auth/strategies/credentials/credentials.strategy.js +0 -67
  138. package/dist/auth/strategies/credentials/credentials.strategy.js.map +0 -1
  139. package/dist/auth/strategies/index.d.ts +0 -12
  140. package/dist/auth/strategies/index.d.ts.map +0 -1
  141. package/dist/auth/strategies/index.js +0 -12
  142. package/dist/auth/strategies/index.js.map +0 -1
  143. package/dist/auth/strategies/magic-link/magic-link.strategy.d.ts +0 -31
  144. package/dist/auth/strategies/magic-link/magic-link.strategy.d.ts.map +0 -1
  145. package/dist/auth/strategies/magic-link/magic-link.strategy.js +0 -88
  146. package/dist/auth/strategies/magic-link/magic-link.strategy.js.map +0 -1
  147. package/dist/auth/strategies/oauth/index.d.ts +0 -3
  148. package/dist/auth/strategies/oauth/index.d.ts.map +0 -1
  149. package/dist/auth/strategies/oauth/index.js +0 -3
  150. package/dist/auth/strategies/oauth/index.js.map +0 -1
  151. package/dist/auth/strategies/oauth/oauth-provider-registry.d.ts +0 -13
  152. package/dist/auth/strategies/oauth/oauth-provider-registry.d.ts.map +0 -1
  153. package/dist/auth/strategies/oauth/oauth-provider-registry.js +0 -20
  154. package/dist/auth/strategies/oauth/oauth-provider-registry.js.map +0 -1
  155. package/dist/auth/strategies/oauth/oauth.strategy.d.ts +0 -23
  156. package/dist/auth/strategies/oauth/oauth.strategy.d.ts.map +0 -1
  157. package/dist/auth/strategies/oauth/oauth.strategy.js +0 -79
  158. package/dist/auth/strategies/oauth/oauth.strategy.js.map +0 -1
  159. package/dist/auth/strategies/onetap/onetap.strategy.d.ts +0 -24
  160. package/dist/auth/strategies/onetap/onetap.strategy.d.ts.map +0 -1
  161. package/dist/auth/strategies/onetap/onetap.strategy.js +0 -77
  162. package/dist/auth/strategies/onetap/onetap.strategy.js.map +0 -1
  163. package/dist/auth/strategies/otp/otp.strategy.d.ts +0 -31
  164. package/dist/auth/strategies/otp/otp.strategy.d.ts.map +0 -1
  165. package/dist/auth/strategies/otp/otp.strategy.js +0 -93
  166. package/dist/auth/strategies/otp/otp.strategy.js.map +0 -1
  167. package/dist/auth/strategies/passkey/passkey.strategy.d.ts +0 -32
  168. package/dist/auth/strategies/passkey/passkey.strategy.d.ts.map +0 -1
  169. package/dist/auth/strategies/passkey/passkey.strategy.js +0 -102
  170. package/dist/auth/strategies/passkey/passkey.strategy.js.map +0 -1
  171. package/dist/auth/strategies/sso/sso.strategy.d.ts +0 -25
  172. package/dist/auth/strategies/sso/sso.strategy.d.ts.map +0 -1
  173. package/dist/auth/strategies/sso/sso.strategy.js +0 -80
  174. package/dist/auth/strategies/sso/sso.strategy.js.map +0 -1
  175. package/dist/auth/strategies/totp/totp.strategy.d.ts +0 -37
  176. package/dist/auth/strategies/totp/totp.strategy.d.ts.map +0 -1
  177. package/dist/auth/strategies/totp/totp.strategy.js +0 -109
  178. package/dist/auth/strategies/totp/totp.strategy.js.map +0 -1
  179. package/dist/auth/throttling/index.d.ts +0 -2
  180. package/dist/auth/throttling/index.d.ts.map +0 -1
  181. package/dist/auth/throttling/index.js +0 -2
  182. package/dist/auth/throttling/index.js.map +0 -1
  183. package/dist/auth/throttling/throttle.service.d.ts +0 -27
  184. package/dist/auth/throttling/throttle.service.d.ts.map +0 -1
  185. package/dist/auth/throttling/throttle.service.js +0 -63
  186. package/dist/auth/throttling/throttle.service.js.map +0 -1
  187. package/dist/bootstrap/cache/config.d.ts +0 -135
  188. package/dist/bootstrap/cache/config.d.ts.map +0 -1
  189. package/dist/bootstrap/cache/config.js +0 -189
  190. package/dist/bootstrap/cache/config.js.map +0 -1
  191. package/dist/bootstrap/cache/index.d.ts +0 -11
  192. package/dist/bootstrap/cache/index.d.ts.map +0 -1
  193. package/dist/bootstrap/cache/index.js +0 -11
  194. package/dist/bootstrap/cache/index.js.map +0 -1
  195. package/dist/bootstrap/index.d.ts +0 -21
  196. package/dist/bootstrap/index.d.ts.map +0 -1
  197. package/dist/bootstrap/index.js +0 -21
  198. package/dist/bootstrap/index.js.map +0 -1
  199. package/dist/bootstrap/scalar/api-docs.d.ts +0 -39
  200. package/dist/bootstrap/scalar/api-docs.d.ts.map +0 -1
  201. package/dist/bootstrap/scalar/api-docs.js +0 -41
  202. package/dist/bootstrap/scalar/api-docs.js.map +0 -1
  203. package/dist/bootstrap/scalar/index.d.ts +0 -39
  204. package/dist/bootstrap/scalar/index.d.ts.map +0 -1
  205. package/dist/bootstrap/scalar/index.js +0 -41
  206. package/dist/bootstrap/scalar/index.js.map +0 -1
  207. package/dist/bootstrap/swagger/api-docs.d.ts +0 -73
  208. package/dist/bootstrap/swagger/api-docs.d.ts.map +0 -1
  209. package/dist/bootstrap/swagger/api-docs.js +0 -87
  210. package/dist/bootstrap/swagger/api-docs.js.map +0 -1
  211. package/dist/bootstrap/swagger/index.d.ts +0 -37
  212. package/dist/bootstrap/swagger/index.d.ts.map +0 -1
  213. package/dist/bootstrap/swagger/index.js +0 -36
  214. package/dist/bootstrap/swagger/index.js.map +0 -1
  215. package/dist/bootstrap/typeorm/config/index.d.ts +0 -12
  216. package/dist/bootstrap/typeorm/config/index.d.ts.map +0 -1
  217. package/dist/bootstrap/typeorm/config/index.js +0 -62
  218. package/dist/bootstrap/typeorm/config/index.js.map +0 -1
  219. package/dist/bootstrap/typeorm/crud/controller.d.ts +0 -13
  220. package/dist/bootstrap/typeorm/crud/controller.d.ts.map +0 -1
  221. package/dist/bootstrap/typeorm/crud/controller.js +0 -72
  222. package/dist/bootstrap/typeorm/crud/controller.js.map +0 -1
  223. package/dist/bootstrap/typeorm/crud/index.d.ts +0 -4
  224. package/dist/bootstrap/typeorm/crud/index.d.ts.map +0 -1
  225. package/dist/bootstrap/typeorm/crud/index.js +0 -3
  226. package/dist/bootstrap/typeorm/crud/index.js.map +0 -1
  227. package/dist/bootstrap/typeorm/crud/service.d.ts +0 -10
  228. package/dist/bootstrap/typeorm/crud/service.d.ts.map +0 -1
  229. package/dist/bootstrap/typeorm/crud/service.js +0 -21
  230. package/dist/bootstrap/typeorm/crud/service.js.map +0 -1
  231. package/dist/bootstrap/typeorm/index.d.ts +0 -18
  232. package/dist/bootstrap/typeorm/index.d.ts.map +0 -1
  233. package/dist/bootstrap/typeorm/index.js +0 -18
  234. package/dist/bootstrap/typeorm/index.js.map +0 -1
  235. package/dist/bootstrap/typeorm/uow/factory.d.ts +0 -5
  236. package/dist/bootstrap/typeorm/uow/factory.d.ts.map +0 -1
  237. package/dist/bootstrap/typeorm/uow/factory.js +0 -27
  238. package/dist/bootstrap/typeorm/uow/factory.js.map +0 -1
  239. package/dist/bootstrap/typeorm/uow/index.d.ts +0 -4
  240. package/dist/bootstrap/typeorm/uow/index.d.ts.map +0 -1
  241. package/dist/bootstrap/typeorm/uow/index.js +0 -4
  242. package/dist/bootstrap/typeorm/uow/index.js.map +0 -1
  243. package/dist/bootstrap/typeorm/uow/transactional.decorator.d.ts +0 -62
  244. package/dist/bootstrap/typeorm/uow/transactional.decorator.d.ts.map +0 -1
  245. package/dist/bootstrap/typeorm/uow/transactional.decorator.js +0 -114
  246. package/dist/bootstrap/typeorm/uow/transactional.decorator.js.map +0 -1
  247. package/dist/bootstrap/typeorm/uow/unit-of-work.d.ts +0 -11
  248. package/dist/bootstrap/typeorm/uow/unit-of-work.d.ts.map +0 -1
  249. package/dist/bootstrap/typeorm/uow/unit-of-work.js +0 -23
  250. package/dist/bootstrap/typeorm/uow/unit-of-work.js.map +0 -1
  251. package/dist/core/index.d.ts +0 -11
  252. package/dist/core/index.d.ts.map +0 -1
  253. package/dist/core/index.js +0 -11
  254. package/dist/core/index.js.map +0 -1
  255. package/dist/infra/audit-log/index.d.ts +0 -12
  256. package/dist/infra/audit-log/index.d.ts.map +0 -1
  257. package/dist/infra/audit-log/index.js +0 -13
  258. package/dist/infra/audit-log/index.js.map +0 -1
  259. package/dist/infra/index.d.ts +0 -20
  260. package/dist/infra/index.d.ts.map +0 -1
  261. package/dist/infra/index.js +0 -21
  262. package/dist/infra/index.js.map +0 -1
  263. package/dist/infra/logger/index.d.ts +0 -12
  264. package/dist/infra/logger/index.d.ts.map +0 -1
  265. package/dist/infra/logger/index.js +0 -13
  266. package/dist/infra/logger/index.js.map +0 -1
  267. package/dist/infra/metrics/index.d.ts +0 -18
  268. package/dist/infra/metrics/index.d.ts.map +0 -1
  269. package/dist/infra/metrics/index.js +0 -19
  270. package/dist/infra/metrics/index.js.map +0 -1
  271. package/dist/infra/notification/index.d.ts +0 -12
  272. package/dist/infra/notification/index.d.ts.map +0 -1
  273. package/dist/infra/notification/index.js +0 -13
  274. package/dist/infra/notification/index.js.map +0 -1
  275. package/dist/infra/storage/index.d.ts +0 -12
  276. package/dist/infra/storage/index.d.ts.map +0 -1
  277. package/dist/infra/storage/index.js +0 -13
  278. package/dist/infra/storage/index.js.map +0 -1
  279. package/dist/infra/stripe/index.d.ts +0 -12
  280. package/dist/infra/stripe/index.d.ts.map +0 -1
  281. package/dist/infra/stripe/index.js +0 -13
  282. package/dist/infra/stripe/index.js.map +0 -1
  283. package/dist/saas/index.d.ts +0 -18
  284. package/dist/saas/index.d.ts.map +0 -1
  285. package/dist/saas/index.js +0 -19
  286. package/dist/saas/index.js.map +0 -1
@@ -1,70 +0,0 @@
1
- var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
2
- var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
3
- if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
4
- else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
5
- return c > 3 && r && Object.defineProperty(target, key, r), r;
6
- };
7
- var __metadata = (this && this.__metadata) || function (k, v) {
8
- if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
9
- };
10
- var __param = (this && this.__param) || function (paramIndex, decorator) {
11
- return function (target, key) { decorator(target, key, paramIndex); }
12
- };
13
- import { Inject, Injectable } from '@nestjs/common';
14
- import { CACHE_SERVICE, TOKEN_BLACKLIST_PREFIX, REFRESH_TOKEN_FAMILY_PREFIX, } from '../auth.constants';
15
- /**
16
- * Redis-backed token blacklist that enables immediate token revocation.
17
- *
18
- * Tokens are stored with a TTL matching the token's remaining lifespan
19
- * so the blacklist does not grow unbounded.
20
- */
21
- let TokenBlacklistService = class TokenBlacklistService {
22
- cache;
23
- constructor(cache) {
24
- this.cache = cache;
25
- }
26
- /**
27
- * Blacklist an access token (by its `jti`) until its natural expiry.
28
- *
29
- * @param jti Token ID (unique per token)
30
- * @param ttlSeconds Seconds until the token would have expired
31
- */
32
- async blacklistAccess(jti, ttlSeconds) {
33
- await this.cache.set(`${TOKEN_BLACKLIST_PREFIX}${jti}`, true, ttlSeconds);
34
- }
35
- /**
36
- * Check whether an access token has been blacklisted.
37
- */
38
- async isBlacklisted(jti) {
39
- const result = await this.cache.get(`${TOKEN_BLACKLIST_PREFIX}${jti}`);
40
- return result === true;
41
- }
42
- /**
43
- * Flag a refresh token family as revoked.
44
- * When rotation detects a reused old refresh token, the entire
45
- * family is revoked to prevent token theft.
46
- */
47
- async revokeFamily(familyId, ttlSeconds) {
48
- await this.cache.set(`${REFRESH_TOKEN_FAMILY_PREFIX}${familyId}`, true, ttlSeconds);
49
- }
50
- /**
51
- * Check whether a refresh token family has been revoked.
52
- */
53
- async isFamilyRevoked(familyId) {
54
- const result = await this.cache.get(`${REFRESH_TOKEN_FAMILY_PREFIX}${familyId}`);
55
- return result === true;
56
- }
57
- /**
58
- * Remove a specific token from the blacklist (used during cleanup).
59
- */
60
- async remove(jti) {
61
- await this.cache.del(`${TOKEN_BLACKLIST_PREFIX}${jti}`);
62
- }
63
- };
64
- TokenBlacklistService = __decorate([
65
- Injectable(),
66
- __param(0, Inject(CACHE_SERVICE)),
67
- __metadata("design:paramtypes", [Object])
68
- ], TokenBlacklistService);
69
- export { TokenBlacklistService };
70
- //# sourceMappingURL=token-blacklist.service.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"token-blacklist.service.js","sourceRoot":"","sources":["../../../packages/auth/session/token-blacklist.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAEpD,OAAO,EACL,aAAa,EACb,sBAAsB,EACtB,2BAA2B,GAC5B,MAAM,mBAAmB,CAAC;AAE3B;;;;;GAKG;AAEI,IAAM,qBAAqB,GAA3B,MAAM,qBAAqB;IAGb;IAFnB,YAEmB,KAAoB;QAApB,UAAK,GAAL,KAAK,CAAe;IACpC,CAAC;IAEJ;;;;;OAKG;IACH,KAAK,CAAC,eAAe,CAAC,GAAW,EAAE,UAAkB;QACnD,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,sBAAsB,GAAG,GAAG,EAAE,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;IAC5E,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa,CAAC,GAAW;QAC7B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAU,GAAG,sBAAsB,GAAG,GAAG,EAAE,CAAC,CAAC;QAChF,OAAO,MAAM,KAAK,IAAI,CAAC;IACzB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,YAAY,CAAC,QAAgB,EAAE,UAAkB;QACrD,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,2BAA2B,GAAG,QAAQ,EAAE,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;IACtF,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe,CAAC,QAAgB;QACpC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAU,GAAG,2BAA2B,GAAG,QAAQ,EAAE,CAAC,CAAC;QAC1F,OAAO,MAAM,KAAK,IAAI,CAAC;IACzB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,sBAAsB,GAAG,GAAG,EAAE,CAAC,CAAC;IAC1D,CAAC;CACF,CAAA;AA/CY,qBAAqB;IADjC,UAAU,EAAE;IAGR,WAAA,MAAM,CAAC,aAAa,CAAC,CAAA;;GAFb,qBAAqB,CA+CjC"}
@@ -1,19 +0,0 @@
1
- import type { ExecutionContext } from '@nestjs/common';
2
- import { AuthMethod, type IAuthResult } from '../../interfaces';
3
- import { JwtService } from '../../session/jwt.service';
4
- import { BaseStrategy } from '../base/base.strategy';
5
- /**
6
- * Anonymous session strategy.
7
- *
8
- * Creates a temporary identity without requiring credentials.
9
- * These sessions can later be converted to permanent accounts.
10
- */
11
- export declare class AnonymousStrategy extends BaseStrategy {
12
- private readonly jwtService;
13
- readonly type = AuthMethod.ANONYMOUS;
14
- readonly name = "anonymous";
15
- private counter;
16
- constructor(jwtService: JwtService);
17
- authenticate(payload: Record<string, unknown>, _context?: ExecutionContext): Promise<IAuthResult>;
18
- }
19
- //# sourceMappingURL=anonymous.strategy.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"anonymous.strategy.d.ts","sourceRoot":"","sources":["../../../../packages/auth/strategies/anonymous/anonymous.strategy.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AACvD,OAAO,EAAE,UAAU,EAAE,KAAK,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAChE,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAErD;;;;;GAKG;AACH,qBACa,iBAAkB,SAAQ,YAAY;IAMrC,OAAO,CAAC,QAAQ,CAAC,UAAU;IALvC,QAAQ,CAAC,IAAI,wBAAwB;IACrC,QAAQ,CAAC,IAAI,eAAe;IAE5B,OAAO,CAAC,OAAO,CAAK;gBAES,UAAU,EAAE,UAAU;IAIpC,YAAY,CACzB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAChC,QAAQ,CAAC,EAAE,gBAAgB,GAC1B,OAAO,CAAC,WAAW,CAAC;CAiBxB"}
@@ -1,49 +0,0 @@
1
- var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
2
- var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
3
- if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
4
- else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
5
- return c > 3 && r && Object.defineProperty(target, key, r), r;
6
- };
7
- var __metadata = (this && this.__metadata) || function (k, v) {
8
- if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
9
- };
10
- import { Injectable } from '@nestjs/common';
11
- import { AuthMethod } from '../../interfaces';
12
- import { JwtService } from '../../session/jwt.service';
13
- import { BaseStrategy } from '../base/base.strategy';
14
- /**
15
- * Anonymous session strategy.
16
- *
17
- * Creates a temporary identity without requiring credentials.
18
- * These sessions can later be converted to permanent accounts.
19
- */
20
- let AnonymousStrategy = class AnonymousStrategy extends BaseStrategy {
21
- jwtService;
22
- type = AuthMethod.ANONYMOUS;
23
- name = 'anonymous';
24
- counter = 0;
25
- constructor(jwtService) {
26
- super();
27
- this.jwtService = jwtService;
28
- }
29
- async authenticate(payload, _context) {
30
- this.counter += 1;
31
- const idPrefix = payload.idPrefix || 'anon_';
32
- const id = `${idPrefix}${Date.now()}_${this.counter}_${Math.random().toString(36).slice(2, 8)}`;
33
- const user = {
34
- id,
35
- username: `Anonymous_${id.slice(-8)}`,
36
- isAnonymous: true,
37
- roles: [],
38
- permissions: [],
39
- };
40
- const tokens = await this.jwtService.signTokens(user);
41
- return { user, tokens, isNewUser: true };
42
- }
43
- };
44
- AnonymousStrategy = __decorate([
45
- Injectable(),
46
- __metadata("design:paramtypes", [JwtService])
47
- ], AnonymousStrategy);
48
- export { AnonymousStrategy };
49
- //# sourceMappingURL=anonymous.strategy.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"anonymous.strategy.js","sourceRoot":"","sources":["../../../../packages/auth/strategies/anonymous/anonymous.strategy.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAE5C,OAAO,EAAE,UAAU,EAAoB,MAAM,kBAAkB,CAAC;AAChE,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAErD;;;;;GAKG;AAEI,IAAM,iBAAiB,GAAvB,MAAM,iBAAkB,SAAQ,YAAY;IAMpB;IALpB,IAAI,GAAG,UAAU,CAAC,SAAS,CAAC;IAC5B,IAAI,GAAG,WAAW,CAAC;IAEpB,OAAO,GAAG,CAAC,CAAC;IAEpB,YAA6B,UAAsB;QACjD,KAAK,EAAE,CAAC;QADmB,eAAU,GAAV,UAAU,CAAY;IAEnD,CAAC;IAEQ,KAAK,CAAC,YAAY,CACzB,OAAgC,EAChC,QAA2B;QAE3B,IAAI,CAAC,OAAO,IAAI,CAAC,CAAC;QAClB,MAAM,QAAQ,GAAI,OAAO,CAAC,QAAmB,IAAI,OAAO,CAAC;QACzD,MAAM,EAAE,GAAG,GAAG,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;QAEhG,MAAM,IAAI,GAAG;YACX,EAAE;YACF,QAAQ,EAAE,aAAa,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE;YACrC,WAAW,EAAE,IAAI;YACjB,KAAK,EAAE,EAAc;YACrB,WAAW,EAAE,EAAc;SAC5B,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAEtD,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;IAC3C,CAAC;CACF,CAAA;AA9BY,iBAAiB;IAD7B,UAAU,EAAE;qCAO8B,UAAU;GANxC,iBAAiB,CA8B7B"}
@@ -1,11 +0,0 @@
1
- import type { ExecutionContext } from '@nestjs/common';
2
- import type { IAuthStrategy, IAuthResult, AuthMethod } from '../../interfaces';
3
- /**
4
- * Abstract base strategy providing a common type and name for all strategies.
5
- */
6
- export declare abstract class BaseStrategy implements IAuthStrategy {
7
- abstract readonly type: AuthMethod;
8
- abstract readonly name: string;
9
- abstract authenticate(payload: Record<string, unknown>, context?: ExecutionContext): Promise<IAuthResult>;
10
- }
11
- //# sourceMappingURL=base.strategy.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"base.strategy.d.ts","sourceRoot":"","sources":["../../../../packages/auth/strategies/base/base.strategy.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AACvD,OAAO,KAAK,EAAE,aAAa,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAE/E;;GAEG;AACH,8BAAsB,YAAa,YAAW,aAAa;IACzD,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAC;IACnC,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IAE/B,QAAQ,CAAC,YAAY,CACnB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAChC,OAAO,CAAC,EAAE,gBAAgB,GACzB,OAAO,CAAC,WAAW,CAAC;CACxB"}
@@ -1,6 +0,0 @@
1
- /**
2
- * Abstract base strategy providing a common type and name for all strategies.
3
- */
4
- export class BaseStrategy {
5
- }
6
- //# sourceMappingURL=base.strategy.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"base.strategy.js","sourceRoot":"","sources":["../../../../packages/auth/strategies/base/base.strategy.ts"],"names":[],"mappings":"AAGA;;GAEG;AACH,MAAM,OAAgB,YAAY;CAQjC"}
@@ -1,21 +0,0 @@
1
- import type { ExecutionContext } from '@nestjs/common';
2
- import { AuthMethod, type IAuthResult } from '../../interfaces';
3
- import type { IUserService } from '../../interfaces';
4
- import { PasswordService } from '../../password/password.service';
5
- import { JwtService } from '../../session/jwt.service';
6
- import { BaseStrategy } from '../base/base.strategy';
7
- /**
8
- * Authenticates users via email/username + password.
9
- *
10
- * Enabled by default when `AuthModuleOptions.credentials` is `true`
11
- * (or an object).
12
- */
13
- export declare class CredentialsStrategy extends BaseStrategy {
14
- private readonly userService;
15
- private readonly jwtService;
16
- readonly type = AuthMethod.CREDENTIALS;
17
- readonly name = "credentials";
18
- constructor(userService: IUserService, _passwordService: PasswordService, jwtService: JwtService);
19
- authenticate(payload: Record<string, unknown>, _context?: ExecutionContext): Promise<IAuthResult>;
20
- }
21
- //# sourceMappingURL=credentials.strategy.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"credentials.strategy.d.ts","sourceRoot":"","sources":["../../../../packages/auth/strategies/credentials/credentials.strategy.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AACvD,OAAO,EAAE,UAAU,EAAE,KAAK,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAChE,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAErD,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AAClE,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAErD;;;;;GAKG;AACH,qBACa,mBAAoB,SAAQ,YAAY;IAMjD,OAAO,CAAC,QAAQ,CAAC,WAAW;IAE5B,OAAO,CAAC,QAAQ,CAAC,UAAU;IAP7B,QAAQ,CAAC,IAAI,0BAA0B;IACvC,QAAQ,CAAC,IAAI,iBAAiB;gBAIX,WAAW,EAAE,YAAY,EAC1C,gBAAgB,EAAE,eAAe,EAChB,UAAU,EAAE,UAAU;IAK1B,YAAY,CACzB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAChC,QAAQ,CAAC,EAAE,gBAAgB,GAC1B,OAAO,CAAC,WAAW,CAAC;CA+BxB"}
@@ -1,67 +0,0 @@
1
- var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
2
- var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
3
- if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
4
- else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
5
- return c > 3 && r && Object.defineProperty(target, key, r), r;
6
- };
7
- var __metadata = (this && this.__metadata) || function (k, v) {
8
- if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
9
- };
10
- var __param = (this && this.__param) || function (paramIndex, decorator) {
11
- return function (target, key) { decorator(target, key, paramIndex); }
12
- };
13
- import { Inject, Injectable } from '@nestjs/common';
14
- import { AuthMethod } from '../../interfaces';
15
- import { USER_SERVICE } from '../../auth.constants';
16
- import { PasswordService } from '../../password/password.service';
17
- import { JwtService } from '../../session/jwt.service';
18
- import { BaseStrategy } from '../base/base.strategy';
19
- /**
20
- * Authenticates users via email/username + password.
21
- *
22
- * Enabled by default when `AuthModuleOptions.credentials` is `true`
23
- * (or an object).
24
- */
25
- let CredentialsStrategy = class CredentialsStrategy extends BaseStrategy {
26
- userService;
27
- jwtService;
28
- type = AuthMethod.CREDENTIALS;
29
- name = 'credentials';
30
- constructor(userService, _passwordService, jwtService) {
31
- super();
32
- this.userService = userService;
33
- this.jwtService = jwtService;
34
- }
35
- async authenticate(payload, _context) {
36
- const email = payload.email;
37
- const username = payload.username;
38
- const password = payload.password;
39
- if (!password) {
40
- throw new Error('Password is required');
41
- }
42
- const user = email
43
- ? await this.userService.findByEmail(email)
44
- : username
45
- ? await this.userService.findByUsername(username)
46
- : null;
47
- if (!user) {
48
- throw new Error('Invalid credentials');
49
- }
50
- const valid = await this.userService.validatePassword(user, password);
51
- if (!valid) {
52
- throw new Error('Invalid credentials');
53
- }
54
- user.roles = await this.userService.getRoles(user.id);
55
- user.permissions = await this.userService.getPermissions(user.id);
56
- const tokens = await this.jwtService.signTokens(user);
57
- return { user, tokens };
58
- }
59
- };
60
- CredentialsStrategy = __decorate([
61
- Injectable(),
62
- __param(0, Inject(USER_SERVICE)),
63
- __metadata("design:paramtypes", [Object, PasswordService,
64
- JwtService])
65
- ], CredentialsStrategy);
66
- export { CredentialsStrategy };
67
- //# sourceMappingURL=credentials.strategy.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"credentials.strategy.js","sourceRoot":"","sources":["../../../../packages/auth/strategies/credentials/credentials.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAEpD,OAAO,EAAE,UAAU,EAAoB,MAAM,kBAAkB,CAAC;AAEhE,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AAClE,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAErD;;;;;GAKG;AAEI,IAAM,mBAAmB,GAAzB,MAAM,mBAAoB,SAAQ,YAAY;IAMhC;IAEA;IAPV,IAAI,GAAG,UAAU,CAAC,WAAW,CAAC;IAC9B,IAAI,GAAG,aAAa,CAAC;IAE9B,YAEmB,WAAyB,EAC1C,gBAAiC,EAChB,UAAsB;QAEvC,KAAK,EAAE,CAAC;QAJS,gBAAW,GAAX,WAAW,CAAc;QAEzB,eAAU,GAAV,UAAU,CAAY;IAGzC,CAAC;IAEQ,KAAK,CAAC,YAAY,CACzB,OAAgC,EAChC,QAA2B;QAE3B,MAAM,KAAK,GAAG,OAAO,CAAC,KAA2B,CAAC;QAClD,MAAM,QAAQ,GAAG,OAAO,CAAC,QAA8B,CAAC;QACxD,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAkB,CAAC;QAE5C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC1C,CAAC;QAED,MAAM,IAAI,GAAG,KAAK;YAChB,CAAC,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,KAAK,CAAC;YAC3C,CAAC,CAAC,QAAQ;gBACR,CAAC,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,QAAQ,CAAC;gBACjD,CAAC,CAAC,IAAI,CAAC;QAEX,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,gBAAgB,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACtE,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QAED,IAAI,CAAC,KAAK,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACtD,IAAI,CAAC,WAAW,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAElE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAEtD,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IAC1B,CAAC;CACF,CAAA;AA/CY,mBAAmB;IAD/B,UAAU,EAAE;IAMR,WAAA,MAAM,CAAC,YAAY,CAAC,CAAA;6CAEH,eAAe;QACJ,UAAU;GAR9B,mBAAmB,CA+C/B"}
@@ -1,12 +0,0 @@
1
- export { BaseStrategy } from './base/base.strategy';
2
- export { CredentialsStrategy } from './credentials/credentials.strategy';
3
- export { OAuthProviderRegistry } from './oauth/oauth-provider-registry';
4
- export { OAuthStrategy } from './oauth/oauth.strategy';
5
- export { TotpStrategy } from './totp/totp.strategy';
6
- export { AnonymousStrategy } from './anonymous/anonymous.strategy';
7
- export { MagicLinkStrategy } from './magic-link/magic-link.strategy';
8
- export { OtpStrategy } from './otp/otp.strategy';
9
- export { PasskeyStrategy } from './passkey/passkey.strategy';
10
- export { OneTapStrategy } from './onetap/onetap.strategy';
11
- export { SsoStrategy } from './sso/sso.strategy';
12
- //# sourceMappingURL=index.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../packages/auth/strategies/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AACzE,OAAO,EAAE,qBAAqB,EAAE,MAAM,iCAAiC,CAAC;AACxE,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAC;AACnE,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AACrE,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAC7D,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC"}
@@ -1,12 +0,0 @@
1
- export { BaseStrategy } from './base/base.strategy';
2
- export { CredentialsStrategy } from './credentials/credentials.strategy';
3
- export { OAuthProviderRegistry } from './oauth/oauth-provider-registry';
4
- export { OAuthStrategy } from './oauth/oauth.strategy';
5
- export { TotpStrategy } from './totp/totp.strategy';
6
- export { AnonymousStrategy } from './anonymous/anonymous.strategy';
7
- export { MagicLinkStrategy } from './magic-link/magic-link.strategy';
8
- export { OtpStrategy } from './otp/otp.strategy';
9
- export { PasskeyStrategy } from './passkey/passkey.strategy';
10
- export { OneTapStrategy } from './onetap/onetap.strategy';
11
- export { SsoStrategy } from './sso/sso.strategy';
12
- //# sourceMappingURL=index.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../packages/auth/strategies/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AACzE,OAAO,EAAE,qBAAqB,EAAE,MAAM,iCAAiC,CAAC;AACxE,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAC;AACnE,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AACrE,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAC7D,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC"}
@@ -1,31 +0,0 @@
1
- import type { ExecutionContext } from '@nestjs/common';
2
- import { AuthMethod, type IAuthResult, type ICacheService } from '../../interfaces';
3
- import type { IUserService } from '../../interfaces';
4
- import { JwtService } from '../../session/jwt.service';
5
- import { BaseStrategy } from '../base/base.strategy';
6
- /**
7
- * Passwordless email login via magic links.
8
- *
9
- * Flow:
10
- * 1. User enters their email → a token is generated and stored in cache
11
- * 2. Email is sent with a link containing the token
12
- * 3. User clicks the link → token is validated → user is signed in
13
- */
14
- export declare class MagicLinkStrategy extends BaseStrategy {
15
- private readonly cache;
16
- private readonly userService;
17
- private readonly jwtService;
18
- readonly type = AuthMethod.MAGIC_LINK;
19
- readonly name = "magic-link";
20
- constructor(cache: ICacheService, userService: IUserService, jwtService: JwtService);
21
- /**
22
- * Request a magic link for the given email.
23
- * Returns the raw token (in production, send this via email).
24
- */
25
- requestLink(email: string, expiresIn?: number, tokenBytes?: number): Promise<string>;
26
- /**
27
- * Authenticate using a magic-link token.
28
- */
29
- authenticate(payload: Record<string, unknown>, _context?: ExecutionContext): Promise<IAuthResult>;
30
- }
31
- //# sourceMappingURL=magic-link.strategy.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"magic-link.strategy.d.ts","sourceRoot":"","sources":["../../../../packages/auth/strategies/magic-link/magic-link.strategy.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AACvD,OAAO,EAAE,UAAU,EAAE,KAAK,WAAW,EAAE,KAAK,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACpF,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAErD,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAGrD;;;;;;;GAOG;AACH,qBACa,iBAAkB,SAAQ,YAAY;IAM/C,OAAO,CAAC,QAAQ,CAAC,KAAK;IAEtB,OAAO,CAAC,QAAQ,CAAC,WAAW;IAC5B,OAAO,CAAC,QAAQ,CAAC,UAAU;IAR7B,QAAQ,CAAC,IAAI,yBAAyB;IACtC,QAAQ,CAAC,IAAI,gBAAgB;gBAIV,KAAK,EAAE,aAAa,EAEpB,WAAW,EAAE,YAAY,EACzB,UAAU,EAAE,UAAU;IAKzC;;;OAGG;IACG,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,SAAM,EAAE,UAAU,SAAK,GAAG,OAAO,CAAC,MAAM,CAAC;IAMnF;;OAEG;IACY,YAAY,CACzB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAChC,QAAQ,CAAC,EAAE,gBAAgB,GAC1B,OAAO,CAAC,WAAW,CAAC;CAwCxB"}
@@ -1,88 +0,0 @@
1
- var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
2
- var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
3
- if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
4
- else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
5
- return c > 3 && r && Object.defineProperty(target, key, r), r;
6
- };
7
- var __metadata = (this && this.__metadata) || function (k, v) {
8
- if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
9
- };
10
- var __param = (this && this.__param) || function (paramIndex, decorator) {
11
- return function (target, key) { decorator(target, key, paramIndex); }
12
- };
13
- import { Inject, Injectable } from '@nestjs/common';
14
- import { AuthMethod } from '../../interfaces';
15
- import { CACHE_SERVICE, MAGIC_LINK_PREFIX, USER_SERVICE } from '../../auth.constants';
16
- import { JwtService } from '../../session/jwt.service';
17
- import { BaseStrategy } from '../base/base.strategy';
18
- import { randomBytes } from 'node:crypto';
19
- /**
20
- * Passwordless email login via magic links.
21
- *
22
- * Flow:
23
- * 1. User enters their email → a token is generated and stored in cache
24
- * 2. Email is sent with a link containing the token
25
- * 3. User clicks the link → token is validated → user is signed in
26
- */
27
- let MagicLinkStrategy = class MagicLinkStrategy extends BaseStrategy {
28
- cache;
29
- userService;
30
- jwtService;
31
- type = AuthMethod.MAGIC_LINK;
32
- name = 'magic-link';
33
- constructor(cache, userService, jwtService) {
34
- super();
35
- this.cache = cache;
36
- this.userService = userService;
37
- this.jwtService = jwtService;
38
- }
39
- /**
40
- * Request a magic link for the given email.
41
- * Returns the raw token (in production, send this via email).
42
- */
43
- async requestLink(email, expiresIn = 900, tokenBytes = 32) {
44
- const token = randomBytes(tokenBytes).toString('hex');
45
- await this.cache.set(`${MAGIC_LINK_PREFIX}${token}`, { email, used: false }, expiresIn);
46
- return token;
47
- }
48
- /**
49
- * Authenticate using a magic-link token.
50
- */
51
- async authenticate(payload, _context) {
52
- const token = payload.token;
53
- if (!token) {
54
- throw new Error('Magic link token is required');
55
- }
56
- const data = await this.cache.get(`${MAGIC_LINK_PREFIX}${token}`);
57
- if (!data) {
58
- throw new Error('Invalid or expired magic link');
59
- }
60
- if (data.used) {
61
- throw new Error('Magic link has already been used');
62
- }
63
- // Mark as used immediately (prevent replay)
64
- await this.cache.set(`${MAGIC_LINK_PREFIX}${token}`, { ...data, used: true }, 60);
65
- const existingUser = await this.userService.findByEmail(data.email);
66
- let finalUser;
67
- let isNewUser = false;
68
- if (!existingUser) {
69
- finalUser = await this.userService.create({ email: data.email });
70
- isNewUser = true;
71
- }
72
- else {
73
- finalUser = existingUser;
74
- }
75
- finalUser.roles = await this.userService.getRoles(finalUser.id);
76
- finalUser.permissions = await this.userService.getPermissions(finalUser.id);
77
- const tokens = await this.jwtService.signTokens(finalUser);
78
- return { user: finalUser, tokens, isNewUser };
79
- }
80
- };
81
- MagicLinkStrategy = __decorate([
82
- Injectable(),
83
- __param(0, Inject(CACHE_SERVICE)),
84
- __param(1, Inject(USER_SERVICE)),
85
- __metadata("design:paramtypes", [Object, Object, JwtService])
86
- ], MagicLinkStrategy);
87
- export { MagicLinkStrategy };
88
- //# sourceMappingURL=magic-link.strategy.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"magic-link.strategy.js","sourceRoot":"","sources":["../../../../packages/auth/strategies/magic-link/magic-link.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAEpD,OAAO,EAAE,UAAU,EAAwC,MAAM,kBAAkB,CAAC;AAEpF,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACtF,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE1C;;;;;;;GAOG;AAEI,IAAM,iBAAiB,GAAvB,MAAM,iBAAkB,SAAQ,YAAY;IAM9B;IAEA;IACA;IARV,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC;IAC7B,IAAI,GAAG,YAAY,CAAC;IAE7B,YAEmB,KAAoB,EAEpB,WAAyB,EACzB,UAAsB;QAEvC,KAAK,EAAE,CAAC;QALS,UAAK,GAAL,KAAK,CAAe;QAEpB,gBAAW,GAAX,WAAW,CAAc;QACzB,eAAU,GAAV,UAAU,CAAY;IAGzC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,WAAW,CAAC,KAAa,EAAE,SAAS,GAAG,GAAG,EAAE,UAAU,GAAG,EAAE;QAC/D,MAAM,KAAK,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACtD,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,iBAAiB,GAAG,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,SAAS,CAAC,CAAC;QACxF,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACM,KAAK,CAAC,YAAY,CACzB,OAAgC,EAChC,QAA2B;QAE3B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAe,CAAC;QAEtC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAClD,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAC/B,GAAG,iBAAiB,GAAG,KAAK,EAAE,CAC/B,CAAC;QAEF,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QACnD,CAAC;QAED,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;QACtD,CAAC;QAED,4CAA4C;QAC5C,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,iBAAiB,GAAG,KAAK,EAAE,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;QAElF,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACpE,IAAI,SAA+C,CAAC;QACpD,IAAI,SAAS,GAAG,KAAK,CAAC;QAEtB,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;YACjE,SAAS,GAAG,IAAI,CAAC;QACnB,CAAC;aAAM,CAAC;YACN,SAAS,GAAG,YAAY,CAAC;QAC3B,CAAC;QAED,SAAS,CAAC,KAAK,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QAChE,SAAS,CAAC,WAAW,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QAE5E,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;QAE3D,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;IAChD,CAAC;CACF,CAAA;AAtEY,iBAAiB;IAD7B,UAAU,EAAE;IAMR,WAAA,MAAM,CAAC,aAAa,CAAC,CAAA;IAErB,WAAA,MAAM,CAAC,YAAY,CAAC,CAAA;qDAEQ,UAAU;GAT9B,iBAAiB,CAsE7B"}
@@ -1,3 +0,0 @@
1
- export { OAuthProviderRegistry } from './oauth-provider-registry';
2
- export { OAuthStrategy } from './oauth.strategy';
3
- //# sourceMappingURL=index.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../packages/auth/strategies/oauth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AAClE,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC"}
@@ -1,3 +0,0 @@
1
- export { OAuthProviderRegistry } from './oauth-provider-registry';
2
- export { OAuthStrategy } from './oauth.strategy';
3
- //# sourceMappingURL=index.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../packages/auth/strategies/oauth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AAClE,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC"}
@@ -1,13 +0,0 @@
1
- import type { OAuthProviderConfig } from '../../auth.options';
2
- /**
3
- * Registry of OAuth provider configurations.
4
- * Populated at runtime from AuthModuleOptions.oauth.
5
- */
6
- export declare class OAuthProviderRegistry {
7
- private providers;
8
- register(provider: string, config: OAuthProviderConfig): void;
9
- get(provider: string): OAuthProviderConfig | undefined;
10
- has(provider: string): boolean;
11
- all(): Map<string, OAuthProviderConfig>;
12
- }
13
- //# sourceMappingURL=oauth-provider-registry.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"oauth-provider-registry.d.ts","sourceRoot":"","sources":["../../../../packages/auth/strategies/oauth/oauth-provider-registry.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAE9D;;;GAGG;AACH,qBAAa,qBAAqB;IAChC,OAAO,CAAC,SAAS,CAA0C;IAE3D,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,mBAAmB,GAAG,IAAI;IAI7D,GAAG,CAAC,QAAQ,EAAE,MAAM,GAAG,mBAAmB,GAAG,SAAS;IAItD,GAAG,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAI9B,GAAG,IAAI,GAAG,CAAC,MAAM,EAAE,mBAAmB,CAAC;CAGxC"}
@@ -1,20 +0,0 @@
1
- /**
2
- * Registry of OAuth provider configurations.
3
- * Populated at runtime from AuthModuleOptions.oauth.
4
- */
5
- export class OAuthProviderRegistry {
6
- providers = new Map();
7
- register(provider, config) {
8
- this.providers.set(provider.toLowerCase(), config);
9
- }
10
- get(provider) {
11
- return this.providers.get(provider.toLowerCase());
12
- }
13
- has(provider) {
14
- return this.providers.has(provider.toLowerCase());
15
- }
16
- all() {
17
- return new Map(this.providers);
18
- }
19
- }
20
- //# sourceMappingURL=oauth-provider-registry.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"oauth-provider-registry.js","sourceRoot":"","sources":["../../../../packages/auth/strategies/oauth/oauth-provider-registry.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,MAAM,OAAO,qBAAqB;IACxB,SAAS,GAAG,IAAI,GAAG,EAA+B,CAAC;IAE3D,QAAQ,CAAC,QAAgB,EAAE,MAA2B;QACpD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,EAAE,MAAM,CAAC,CAAC;IACrD,CAAC;IAED,GAAG,CAAC,QAAgB;QAClB,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;IACpD,CAAC;IAED,GAAG,CAAC,QAAgB;QAClB,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;IACpD,CAAC;IAED,GAAG;QACD,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACjC,CAAC;CACF"}
@@ -1,23 +0,0 @@
1
- import type { ExecutionContext } from '@nestjs/common';
2
- import { AuthMethod, type IAuthResult } from '../../interfaces';
3
- import type { IUserService } from '../../interfaces';
4
- import { JwtService } from '../../session/jwt.service';
5
- import { BaseStrategy } from '../base/base.strategy';
6
- import { OAuthProviderRegistry } from './oauth-provider-registry';
7
- /**
8
- * OAuth 2.0 authentication strategy supporting Google, GitHub, Facebook,
9
- * Apple, Microsoft, Discord, and custom providers.
10
- *
11
- * The consumer must provide a handler to exchange the authorization code
12
- * for user info (or pass an access token directly).
13
- */
14
- export declare class OAuthStrategy extends BaseStrategy {
15
- private readonly userService;
16
- private readonly jwtService;
17
- readonly registry: OAuthProviderRegistry;
18
- readonly type = AuthMethod.OAUTH;
19
- readonly name = "oauth";
20
- constructor(userService: IUserService, jwtService: JwtService, registry: OAuthProviderRegistry);
21
- authenticate(payload: Record<string, unknown>, _context?: ExecutionContext): Promise<IAuthResult>;
22
- }
23
- //# sourceMappingURL=oauth.strategy.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"oauth.strategy.d.ts","sourceRoot":"","sources":["../../../../packages/auth/strategies/oauth/oauth.strategy.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AACvD,OAAO,EAAE,UAAU,EAAE,KAAK,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAChE,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAErD,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AAElE;;;;;;GAMG;AACH,qBACa,aAAc,SAAQ,YAAY;IAM3C,OAAO,CAAC,QAAQ,CAAC,WAAW;IAC5B,OAAO,CAAC,QAAQ,CAAC,UAAU;aACX,QAAQ,EAAE,qBAAqB;IAPjD,QAAQ,CAAC,IAAI,oBAAoB;IACjC,QAAQ,CAAC,IAAI,WAAW;gBAIL,WAAW,EAAE,YAAY,EACzB,UAAU,EAAE,UAAU,EACvB,QAAQ,EAAE,qBAAqB;IAKlC,YAAY,CACzB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAChC,QAAQ,CAAC,EAAE,gBAAgB,GAC1B,OAAO,CAAC,WAAW,CAAC;CA0CxB"}
@@ -1,79 +0,0 @@
1
- var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
2
- var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
3
- if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
4
- else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
5
- return c > 3 && r && Object.defineProperty(target, key, r), r;
6
- };
7
- var __metadata = (this && this.__metadata) || function (k, v) {
8
- if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
9
- };
10
- var __param = (this && this.__param) || function (paramIndex, decorator) {
11
- return function (target, key) { decorator(target, key, paramIndex); }
12
- };
13
- import { Inject, Injectable } from '@nestjs/common';
14
- import { AuthMethod } from '../../interfaces';
15
- import { USER_SERVICE } from '../../auth.constants';
16
- import { JwtService } from '../../session/jwt.service';
17
- import { BaseStrategy } from '../base/base.strategy';
18
- import { OAuthProviderRegistry } from './oauth-provider-registry';
19
- /**
20
- * OAuth 2.0 authentication strategy supporting Google, GitHub, Facebook,
21
- * Apple, Microsoft, Discord, and custom providers.
22
- *
23
- * The consumer must provide a handler to exchange the authorization code
24
- * for user info (or pass an access token directly).
25
- */
26
- let OAuthStrategy = class OAuthStrategy extends BaseStrategy {
27
- userService;
28
- jwtService;
29
- registry;
30
- type = AuthMethod.OAUTH;
31
- name = 'oauth';
32
- constructor(userService, jwtService, registry) {
33
- super();
34
- this.userService = userService;
35
- this.jwtService = jwtService;
36
- this.registry = registry;
37
- }
38
- async authenticate(payload, _context) {
39
- const provider = payload.provider;
40
- const code = payload.code;
41
- const accessToken = payload.accessToken;
42
- if (!provider) {
43
- throw new Error('OAuth provider is required');
44
- }
45
- if (!code && !accessToken) {
46
- throw new Error('Either authorization code or access token is required');
47
- }
48
- if (!this.registry.has(provider)) {
49
- throw new Error(`Unsupported OAuth provider: ${provider}`);
50
- }
51
- // In production, exchange the code for an access token and fetch user info
52
- // from the provider's userinfo endpoint. The exact implementation depends
53
- // on the provider. Here we delegate to the consumer via a custom handler.
54
- //
55
- // The consumer should override this by providing their own OAuth handler.
56
- const socialId = `${provider}:${(payload.sub || payload.id)}`;
57
- const email = payload.email;
58
- const name = payload.name;
59
- let user = await this.userService.findBySocialId(provider, socialId);
60
- if (!user) {
61
- user = await this.userService.create({
62
- email,
63
- username: name,
64
- });
65
- }
66
- user.roles = await this.userService.getRoles(user.id);
67
- user.permissions = await this.userService.getPermissions(user.id);
68
- const tokens = await this.jwtService.signTokens(user);
69
- return { user, tokens, isNewUser: !user.email };
70
- }
71
- };
72
- OAuthStrategy = __decorate([
73
- Injectable(),
74
- __param(0, Inject(USER_SERVICE)),
75
- __metadata("design:paramtypes", [Object, JwtService,
76
- OAuthProviderRegistry])
77
- ], OAuthStrategy);
78
- export { OAuthStrategy };
79
- //# sourceMappingURL=oauth.strategy.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"oauth.strategy.js","sourceRoot":"","sources":["../../../../packages/auth/strategies/oauth/oauth.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAEpD,OAAO,EAAE,UAAU,EAAoB,MAAM,kBAAkB,CAAC;AAEhE,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AAElE;;;;;;GAMG;AAEI,IAAM,aAAa,GAAnB,MAAM,aAAc,SAAQ,YAAY;IAM1B;IACA;IACD;IAPT,IAAI,GAAG,UAAU,CAAC,KAAK,CAAC;IACxB,IAAI,GAAG,OAAO,CAAC;IAExB,YAEmB,WAAyB,EACzB,UAAsB,EACvB,QAA+B;QAE/C,KAAK,EAAE,CAAC;QAJS,gBAAW,GAAX,WAAW,CAAc;QACzB,eAAU,GAAV,UAAU,CAAY;QACvB,aAAQ,GAAR,QAAQ,CAAuB;IAGjD,CAAC;IAEQ,KAAK,CAAC,YAAY,CACzB,OAAgC,EAChC,QAA2B;QAE3B,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAkB,CAAC;QAC5C,MAAM,IAAI,GAAG,OAAO,CAAC,IAA0B,CAAC;QAChD,MAAM,WAAW,GAAG,OAAO,CAAC,WAAiC,CAAC;QAE9D,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAChD,CAAC;QAED,IAAI,CAAC,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;QAC3E,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,+BAA+B,QAAQ,EAAE,CAAC,CAAC;QAC7D,CAAC;QAED,2EAA2E;QAC3E,0EAA0E;QAC1E,0EAA0E;QAC1E,EAAE;QACF,0EAA0E;QAC1E,MAAM,QAAQ,GAAG,GAAG,QAAQ,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,EAAE,CAAW,EAAE,CAAC;QACxE,MAAM,KAAK,GAAG,OAAO,CAAC,KAA2B,CAAC;QAClD,MAAM,IAAI,GAAG,OAAO,CAAC,IAA0B,CAAC;QAEhD,IAAI,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAErE,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;gBACnC,KAAK;gBACL,QAAQ,EAAE,IAAI;aACf,CAAC,CAAC;QACL,CAAC;QAED,IAAI,CAAC,KAAK,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACtD,IAAI,CAAC,WAAW,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAElE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAEtD,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;IAClD,CAAC;CACF,CAAA;AA1DY,aAAa;IADzB,UAAU,EAAE;IAMR,WAAA,MAAM,CAAC,YAAY,CAAC,CAAA;6CAEQ,UAAU;QACb,qBAAqB;GARtC,aAAa,CA0DzB"}