@os.io/nest-kit 0.0.1-alpha.0 → 0.0.1-alpha.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +30 -30
- package/package.json +41 -5
- package/dist/auth/auth.constants.d.ts +0 -19
- package/dist/auth/auth.constants.d.ts.map +0 -1
- package/dist/auth/auth.constants.js +0 -19
- package/dist/auth/auth.constants.js.map +0 -1
- package/dist/auth/auth.guard.d.ts +0 -20
- package/dist/auth/auth.guard.d.ts.map +0 -1
- package/dist/auth/auth.guard.js +0 -84
- package/dist/auth/auth.guard.js.map +0 -1
- package/dist/auth/auth.module.d.ts +0 -26
- package/dist/auth/auth.module.d.ts.map +0 -1
- package/dist/auth/auth.module.js +0 -344
- package/dist/auth/auth.module.js.map +0 -1
- package/dist/auth/auth.options.d.ts +0 -179
- package/dist/auth/auth.options.d.ts.map +0 -1
- package/dist/auth/auth.options.js +0 -2
- package/dist/auth/auth.options.js.map +0 -1
- package/dist/auth/auth.service.d.ts +0 -57
- package/dist/auth/auth.service.d.ts.map +0 -1
- package/dist/auth/auth.service.js +0 -175
- package/dist/auth/auth.service.js.map +0 -1
- package/dist/auth/authorization/index.d.ts +0 -3
- package/dist/auth/authorization/index.d.ts.map +0 -1
- package/dist/auth/authorization/index.js +0 -3
- package/dist/auth/authorization/index.js.map +0 -1
- package/dist/auth/authorization/pbac/index.d.ts +0 -6
- package/dist/auth/authorization/pbac/index.d.ts.map +0 -1
- package/dist/auth/authorization/pbac/index.js +0 -4
- package/dist/auth/authorization/pbac/index.js.map +0 -1
- package/dist/auth/authorization/pbac/pbac.decorator.d.ts +0 -18
- package/dist/auth/authorization/pbac/pbac.decorator.d.ts.map +0 -1
- package/dist/auth/authorization/pbac/pbac.decorator.js +0 -14
- package/dist/auth/authorization/pbac/pbac.decorator.js.map +0 -1
- package/dist/auth/authorization/pbac/pbac.guard.d.ts +0 -19
- package/dist/auth/authorization/pbac/pbac.guard.d.ts.map +0 -1
- package/dist/auth/authorization/pbac/pbac.guard.js +0 -60
- package/dist/auth/authorization/pbac/pbac.guard.js.map +0 -1
- package/dist/auth/authorization/pbac/pbac.service.d.ts +0 -44
- package/dist/auth/authorization/pbac/pbac.service.d.ts.map +0 -1
- package/dist/auth/authorization/pbac/pbac.service.js +0 -146
- package/dist/auth/authorization/pbac/pbac.service.js.map +0 -1
- package/dist/auth/authorization/pbac/pbac.types.d.ts +0 -47
- package/dist/auth/authorization/pbac/pbac.types.d.ts.map +0 -1
- package/dist/auth/authorization/pbac/pbac.types.js +0 -2
- package/dist/auth/authorization/pbac/pbac.types.js.map +0 -1
- package/dist/auth/authorization/rbac/index.d.ts +0 -4
- package/dist/auth/authorization/rbac/index.d.ts.map +0 -1
- package/dist/auth/authorization/rbac/index.js +0 -4
- package/dist/auth/authorization/rbac/index.js.map +0 -1
- package/dist/auth/authorization/rbac/rbac.decorator.d.ts +0 -18
- package/dist/auth/authorization/rbac/rbac.decorator.d.ts.map +0 -1
- package/dist/auth/authorization/rbac/rbac.decorator.js +0 -25
- package/dist/auth/authorization/rbac/rbac.decorator.js.map +0 -1
- package/dist/auth/authorization/rbac/rbac.guard.d.ts +0 -19
- package/dist/auth/authorization/rbac/rbac.guard.d.ts.map +0 -1
- package/dist/auth/authorization/rbac/rbac.guard.js +0 -50
- package/dist/auth/authorization/rbac/rbac.guard.js.map +0 -1
- package/dist/auth/authorization/rbac/rbac.service.d.ts +0 -43
- package/dist/auth/authorization/rbac/rbac.service.d.ts.map +0 -1
- package/dist/auth/authorization/rbac/rbac.service.js +0 -95
- package/dist/auth/authorization/rbac/rbac.service.js.map +0 -1
- package/dist/auth/decorators/current-user.decorator.d.ts +0 -17
- package/dist/auth/decorators/current-user.decorator.d.ts.map +0 -1
- package/dist/auth/decorators/current-user.decorator.js +0 -23
- package/dist/auth/decorators/current-user.decorator.js.map +0 -1
- package/dist/auth/decorators/index.d.ts +0 -3
- package/dist/auth/decorators/index.d.ts.map +0 -1
- package/dist/auth/decorators/index.js +0 -3
- package/dist/auth/decorators/index.js.map +0 -1
- package/dist/auth/decorators/public.decorator.d.ts +0 -13
- package/dist/auth/decorators/public.decorator.d.ts.map +0 -1
- package/dist/auth/decorators/public.decorator.js +0 -15
- package/dist/auth/decorators/public.decorator.js.map +0 -1
- package/dist/auth/index.d.ts +0 -63
- package/dist/auth/index.d.ts.map +0 -1
- package/dist/auth/index.js +0 -65
- package/dist/auth/index.js.map +0 -1
- package/dist/auth/interfaces/auth-request.interface.d.ts +0 -18
- package/dist/auth/interfaces/auth-request.interface.d.ts.map +0 -1
- package/dist/auth/interfaces/auth-request.interface.js +0 -2
- package/dist/auth/interfaces/auth-request.interface.js.map +0 -1
- package/dist/auth/interfaces/auth-result.interface.d.ts +0 -28
- package/dist/auth/interfaces/auth-result.interface.d.ts.map +0 -1
- package/dist/auth/interfaces/auth-result.interface.js +0 -2
- package/dist/auth/interfaces/auth-result.interface.js.map +0 -1
- package/dist/auth/interfaces/auth-strategy.interface.d.ts +0 -37
- package/dist/auth/interfaces/auth-strategy.interface.d.ts.map +0 -1
- package/dist/auth/interfaces/auth-strategy.interface.js +0 -16
- package/dist/auth/interfaces/auth-strategy.interface.js.map +0 -1
- package/dist/auth/interfaces/auth-user.interface.d.ts +0 -25
- package/dist/auth/interfaces/auth-user.interface.d.ts.map +0 -1
- package/dist/auth/interfaces/auth-user.interface.js +0 -2
- package/dist/auth/interfaces/auth-user.interface.js.map +0 -1
- package/dist/auth/interfaces/cache-service.interface.d.ts +0 -30
- package/dist/auth/interfaces/cache-service.interface.d.ts.map +0 -1
- package/dist/auth/interfaces/cache-service.interface.js +0 -2
- package/dist/auth/interfaces/cache-service.interface.js.map +0 -1
- package/dist/auth/interfaces/index.d.ts +0 -8
- package/dist/auth/interfaces/index.d.ts.map +0 -1
- package/dist/auth/interfaces/index.js +0 -2
- package/dist/auth/interfaces/index.js.map +0 -1
- package/dist/auth/interfaces/user-service.interface.d.ts +0 -34
- package/dist/auth/interfaces/user-service.interface.d.ts.map +0 -1
- package/dist/auth/interfaces/user-service.interface.js +0 -2
- package/dist/auth/interfaces/user-service.interface.js.map +0 -1
- package/dist/auth/password/password.service.d.ts +0 -23
- package/dist/auth/password/password.service.d.ts.map +0 -1
- package/dist/auth/password/password.service.js +0 -52
- package/dist/auth/password/password.service.js.map +0 -1
- package/dist/auth/session/device-session.service.d.ts +0 -43
- package/dist/auth/session/device-session.service.d.ts.map +0 -1
- package/dist/auth/session/device-session.service.js +0 -72
- package/dist/auth/session/device-session.service.js.map +0 -1
- package/dist/auth/session/index.d.ts +0 -5
- package/dist/auth/session/index.d.ts.map +0 -1
- package/dist/auth/session/index.js +0 -4
- package/dist/auth/session/index.js.map +0 -1
- package/dist/auth/session/jwt.service.d.ts +0 -37
- package/dist/auth/session/jwt.service.d.ts.map +0 -1
- package/dist/auth/session/jwt.service.js +0 -119
- package/dist/auth/session/jwt.service.js.map +0 -1
- package/dist/auth/session/token-blacklist.service.d.ts +0 -37
- package/dist/auth/session/token-blacklist.service.d.ts.map +0 -1
- package/dist/auth/session/token-blacklist.service.js +0 -70
- package/dist/auth/session/token-blacklist.service.js.map +0 -1
- package/dist/auth/strategies/anonymous/anonymous.strategy.d.ts +0 -19
- package/dist/auth/strategies/anonymous/anonymous.strategy.d.ts.map +0 -1
- package/dist/auth/strategies/anonymous/anonymous.strategy.js +0 -49
- package/dist/auth/strategies/anonymous/anonymous.strategy.js.map +0 -1
- package/dist/auth/strategies/base/base.strategy.d.ts +0 -11
- package/dist/auth/strategies/base/base.strategy.d.ts.map +0 -1
- package/dist/auth/strategies/base/base.strategy.js +0 -6
- package/dist/auth/strategies/base/base.strategy.js.map +0 -1
- package/dist/auth/strategies/credentials/credentials.strategy.d.ts +0 -21
- package/dist/auth/strategies/credentials/credentials.strategy.d.ts.map +0 -1
- package/dist/auth/strategies/credentials/credentials.strategy.js +0 -67
- package/dist/auth/strategies/credentials/credentials.strategy.js.map +0 -1
- package/dist/auth/strategies/index.d.ts +0 -12
- package/dist/auth/strategies/index.d.ts.map +0 -1
- package/dist/auth/strategies/index.js +0 -12
- package/dist/auth/strategies/index.js.map +0 -1
- package/dist/auth/strategies/magic-link/magic-link.strategy.d.ts +0 -31
- package/dist/auth/strategies/magic-link/magic-link.strategy.d.ts.map +0 -1
- package/dist/auth/strategies/magic-link/magic-link.strategy.js +0 -88
- package/dist/auth/strategies/magic-link/magic-link.strategy.js.map +0 -1
- package/dist/auth/strategies/oauth/index.d.ts +0 -3
- package/dist/auth/strategies/oauth/index.d.ts.map +0 -1
- package/dist/auth/strategies/oauth/index.js +0 -3
- package/dist/auth/strategies/oauth/index.js.map +0 -1
- package/dist/auth/strategies/oauth/oauth-provider-registry.d.ts +0 -13
- package/dist/auth/strategies/oauth/oauth-provider-registry.d.ts.map +0 -1
- package/dist/auth/strategies/oauth/oauth-provider-registry.js +0 -20
- package/dist/auth/strategies/oauth/oauth-provider-registry.js.map +0 -1
- package/dist/auth/strategies/oauth/oauth.strategy.d.ts +0 -23
- package/dist/auth/strategies/oauth/oauth.strategy.d.ts.map +0 -1
- package/dist/auth/strategies/oauth/oauth.strategy.js +0 -79
- package/dist/auth/strategies/oauth/oauth.strategy.js.map +0 -1
- package/dist/auth/strategies/onetap/onetap.strategy.d.ts +0 -24
- package/dist/auth/strategies/onetap/onetap.strategy.d.ts.map +0 -1
- package/dist/auth/strategies/onetap/onetap.strategy.js +0 -77
- package/dist/auth/strategies/onetap/onetap.strategy.js.map +0 -1
- package/dist/auth/strategies/otp/otp.strategy.d.ts +0 -31
- package/dist/auth/strategies/otp/otp.strategy.d.ts.map +0 -1
- package/dist/auth/strategies/otp/otp.strategy.js +0 -93
- package/dist/auth/strategies/otp/otp.strategy.js.map +0 -1
- package/dist/auth/strategies/passkey/passkey.strategy.d.ts +0 -32
- package/dist/auth/strategies/passkey/passkey.strategy.d.ts.map +0 -1
- package/dist/auth/strategies/passkey/passkey.strategy.js +0 -102
- package/dist/auth/strategies/passkey/passkey.strategy.js.map +0 -1
- package/dist/auth/strategies/sso/sso.strategy.d.ts +0 -25
- package/dist/auth/strategies/sso/sso.strategy.d.ts.map +0 -1
- package/dist/auth/strategies/sso/sso.strategy.js +0 -80
- package/dist/auth/strategies/sso/sso.strategy.js.map +0 -1
- package/dist/auth/strategies/totp/totp.strategy.d.ts +0 -37
- package/dist/auth/strategies/totp/totp.strategy.d.ts.map +0 -1
- package/dist/auth/strategies/totp/totp.strategy.js +0 -109
- package/dist/auth/strategies/totp/totp.strategy.js.map +0 -1
- package/dist/auth/throttling/index.d.ts +0 -2
- package/dist/auth/throttling/index.d.ts.map +0 -1
- package/dist/auth/throttling/index.js +0 -2
- package/dist/auth/throttling/index.js.map +0 -1
- package/dist/auth/throttling/throttle.service.d.ts +0 -27
- package/dist/auth/throttling/throttle.service.d.ts.map +0 -1
- package/dist/auth/throttling/throttle.service.js +0 -63
- package/dist/auth/throttling/throttle.service.js.map +0 -1
- package/dist/bootstrap/cache/config.d.ts +0 -135
- package/dist/bootstrap/cache/config.d.ts.map +0 -1
- package/dist/bootstrap/cache/config.js +0 -189
- package/dist/bootstrap/cache/config.js.map +0 -1
- package/dist/bootstrap/cache/index.d.ts +0 -11
- package/dist/bootstrap/cache/index.d.ts.map +0 -1
- package/dist/bootstrap/cache/index.js +0 -11
- package/dist/bootstrap/cache/index.js.map +0 -1
- package/dist/bootstrap/index.d.ts +0 -21
- package/dist/bootstrap/index.d.ts.map +0 -1
- package/dist/bootstrap/index.js +0 -21
- package/dist/bootstrap/index.js.map +0 -1
- package/dist/bootstrap/scalar/api-docs.d.ts +0 -39
- package/dist/bootstrap/scalar/api-docs.d.ts.map +0 -1
- package/dist/bootstrap/scalar/api-docs.js +0 -41
- package/dist/bootstrap/scalar/api-docs.js.map +0 -1
- package/dist/bootstrap/scalar/index.d.ts +0 -39
- package/dist/bootstrap/scalar/index.d.ts.map +0 -1
- package/dist/bootstrap/scalar/index.js +0 -41
- package/dist/bootstrap/scalar/index.js.map +0 -1
- package/dist/bootstrap/swagger/api-docs.d.ts +0 -73
- package/dist/bootstrap/swagger/api-docs.d.ts.map +0 -1
- package/dist/bootstrap/swagger/api-docs.js +0 -87
- package/dist/bootstrap/swagger/api-docs.js.map +0 -1
- package/dist/bootstrap/swagger/index.d.ts +0 -37
- package/dist/bootstrap/swagger/index.d.ts.map +0 -1
- package/dist/bootstrap/swagger/index.js +0 -36
- package/dist/bootstrap/swagger/index.js.map +0 -1
- package/dist/bootstrap/typeorm/config/index.d.ts +0 -12
- package/dist/bootstrap/typeorm/config/index.d.ts.map +0 -1
- package/dist/bootstrap/typeorm/config/index.js +0 -62
- package/dist/bootstrap/typeorm/config/index.js.map +0 -1
- package/dist/bootstrap/typeorm/crud/controller.d.ts +0 -13
- package/dist/bootstrap/typeorm/crud/controller.d.ts.map +0 -1
- package/dist/bootstrap/typeorm/crud/controller.js +0 -72
- package/dist/bootstrap/typeorm/crud/controller.js.map +0 -1
- package/dist/bootstrap/typeorm/crud/index.d.ts +0 -4
- package/dist/bootstrap/typeorm/crud/index.d.ts.map +0 -1
- package/dist/bootstrap/typeorm/crud/index.js +0 -3
- package/dist/bootstrap/typeorm/crud/index.js.map +0 -1
- package/dist/bootstrap/typeorm/crud/service.d.ts +0 -10
- package/dist/bootstrap/typeorm/crud/service.d.ts.map +0 -1
- package/dist/bootstrap/typeorm/crud/service.js +0 -21
- package/dist/bootstrap/typeorm/crud/service.js.map +0 -1
- package/dist/bootstrap/typeorm/index.d.ts +0 -18
- package/dist/bootstrap/typeorm/index.d.ts.map +0 -1
- package/dist/bootstrap/typeorm/index.js +0 -18
- package/dist/bootstrap/typeorm/index.js.map +0 -1
- package/dist/bootstrap/typeorm/uow/factory.d.ts +0 -5
- package/dist/bootstrap/typeorm/uow/factory.d.ts.map +0 -1
- package/dist/bootstrap/typeorm/uow/factory.js +0 -27
- package/dist/bootstrap/typeorm/uow/factory.js.map +0 -1
- package/dist/bootstrap/typeorm/uow/index.d.ts +0 -4
- package/dist/bootstrap/typeorm/uow/index.d.ts.map +0 -1
- package/dist/bootstrap/typeorm/uow/index.js +0 -4
- package/dist/bootstrap/typeorm/uow/index.js.map +0 -1
- package/dist/bootstrap/typeorm/uow/transactional.decorator.d.ts +0 -62
- package/dist/bootstrap/typeorm/uow/transactional.decorator.d.ts.map +0 -1
- package/dist/bootstrap/typeorm/uow/transactional.decorator.js +0 -114
- package/dist/bootstrap/typeorm/uow/transactional.decorator.js.map +0 -1
- package/dist/bootstrap/typeorm/uow/unit-of-work.d.ts +0 -11
- package/dist/bootstrap/typeorm/uow/unit-of-work.d.ts.map +0 -1
- package/dist/bootstrap/typeorm/uow/unit-of-work.js +0 -23
- package/dist/bootstrap/typeorm/uow/unit-of-work.js.map +0 -1
- package/dist/core/index.d.ts +0 -11
- package/dist/core/index.d.ts.map +0 -1
- package/dist/core/index.js +0 -11
- package/dist/core/index.js.map +0 -1
- package/dist/infra/audit-log/index.d.ts +0 -12
- package/dist/infra/audit-log/index.d.ts.map +0 -1
- package/dist/infra/audit-log/index.js +0 -13
- package/dist/infra/audit-log/index.js.map +0 -1
- package/dist/infra/index.d.ts +0 -20
- package/dist/infra/index.d.ts.map +0 -1
- package/dist/infra/index.js +0 -21
- package/dist/infra/index.js.map +0 -1
- package/dist/infra/logger/index.d.ts +0 -12
- package/dist/infra/logger/index.d.ts.map +0 -1
- package/dist/infra/logger/index.js +0 -13
- package/dist/infra/logger/index.js.map +0 -1
- package/dist/infra/metrics/index.d.ts +0 -18
- package/dist/infra/metrics/index.d.ts.map +0 -1
- package/dist/infra/metrics/index.js +0 -19
- package/dist/infra/metrics/index.js.map +0 -1
- package/dist/infra/notification/index.d.ts +0 -12
- package/dist/infra/notification/index.d.ts.map +0 -1
- package/dist/infra/notification/index.js +0 -13
- package/dist/infra/notification/index.js.map +0 -1
- package/dist/infra/storage/index.d.ts +0 -12
- package/dist/infra/storage/index.d.ts.map +0 -1
- package/dist/infra/storage/index.js +0 -13
- package/dist/infra/storage/index.js.map +0 -1
- package/dist/infra/stripe/index.d.ts +0 -12
- package/dist/infra/stripe/index.d.ts.map +0 -1
- package/dist/infra/stripe/index.js +0 -13
- package/dist/infra/stripe/index.js.map +0 -1
- package/dist/saas/index.d.ts +0 -18
- package/dist/saas/index.d.ts.map +0 -1
- package/dist/saas/index.js +0 -19
- package/dist/saas/index.js.map +0 -1
|
@@ -1,18 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Require specific roles to access a route.
|
|
3
|
-
* Works with the RbacGuard.
|
|
4
|
-
*
|
|
5
|
-
* By default, a user needs **at least one** of the listed roles.
|
|
6
|
-
* Pass `{ requireAll: true }` in options to require all roles.
|
|
7
|
-
*
|
|
8
|
-
* @example
|
|
9
|
-
* ```typescript
|
|
10
|
-
* @Roles('admin')
|
|
11
|
-
* @Roles('admin', 'moderator')
|
|
12
|
-
* @Roles('admin', 'super-admin', { requireAll: true })
|
|
13
|
-
* ```
|
|
14
|
-
*/
|
|
15
|
-
export declare const Roles: (...args: (string | {
|
|
16
|
-
requireAll: boolean;
|
|
17
|
-
})[]) => import("@nestjs/common").CustomDecorator<string>;
|
|
18
|
-
//# sourceMappingURL=rbac.decorator.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"rbac.decorator.d.ts","sourceRoot":"","sources":["../../../../packages/auth/authorization/rbac/rbac.decorator.ts"],"names":[],"mappings":"AAGA;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,KAAK,GAAI,GAAG,MAAM,CAAC,MAAM,GAAG;IAAE,UAAU,EAAE,OAAO,CAAA;CAAE,CAAC,EAAE,qDAOlE,CAAC"}
|
|
@@ -1,25 +0,0 @@
|
|
|
1
|
-
import { SetMetadata } from '@nestjs/common';
|
|
2
|
-
import { METADATA_ROLES } from '../../auth.constants';
|
|
3
|
-
/**
|
|
4
|
-
* Require specific roles to access a route.
|
|
5
|
-
* Works with the RbacGuard.
|
|
6
|
-
*
|
|
7
|
-
* By default, a user needs **at least one** of the listed roles.
|
|
8
|
-
* Pass `{ requireAll: true }` in options to require all roles.
|
|
9
|
-
*
|
|
10
|
-
* @example
|
|
11
|
-
* ```typescript
|
|
12
|
-
* @Roles('admin')
|
|
13
|
-
* @Roles('admin', 'moderator')
|
|
14
|
-
* @Roles('admin', 'super-admin', { requireAll: true })
|
|
15
|
-
* ```
|
|
16
|
-
*/
|
|
17
|
-
export const Roles = (...args) => {
|
|
18
|
-
const last = args[args.length - 1];
|
|
19
|
-
const opts = typeof last === 'object' ? args.pop() : undefined;
|
|
20
|
-
return SetMetadata(METADATA_ROLES, {
|
|
21
|
-
roles: args,
|
|
22
|
-
requireAll: opts?.requireAll ?? false,
|
|
23
|
-
});
|
|
24
|
-
};
|
|
25
|
-
//# sourceMappingURL=rbac.decorator.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"rbac.decorator.js","sourceRoot":"","sources":["../../../../packages/auth/authorization/rbac/rbac.decorator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEtD;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,MAAM,KAAK,GAAG,CAAC,GAAG,IAA0C,EAAE,EAAE;IACrE,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACnC,MAAM,IAAI,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAE,IAAI,CAAC,GAAG,EAA8B,CAAC,CAAC,CAAC,SAAS,CAAC;IAC5F,OAAO,WAAW,CAAC,cAAc,EAAE;QACjC,KAAK,EAAE,IAAgB;QACvB,UAAU,EAAE,IAAI,EAAE,UAAU,IAAI,KAAK;KACtC,CAAC,CAAC;AACL,CAAC,CAAC"}
|
|
@@ -1,19 +0,0 @@
|
|
|
1
|
-
import { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
2
|
-
import { Reflector } from '@nestjs/core';
|
|
3
|
-
import { RbacService } from './rbac.service';
|
|
4
|
-
/**
|
|
5
|
-
* Guard that enforces Role-Based Access Control.
|
|
6
|
-
*
|
|
7
|
-
* Reads the required roles from the `@Roles()` decorator on the route
|
|
8
|
-
* handler (or controller) and checks them against the authenticated user.
|
|
9
|
-
*
|
|
10
|
-
* This guard is independent — you can use it with or without PBAC on
|
|
11
|
-
* different routes in the same application.
|
|
12
|
-
*/
|
|
13
|
-
export declare class RbacGuard implements CanActivate {
|
|
14
|
-
private readonly reflector;
|
|
15
|
-
private readonly rbacService;
|
|
16
|
-
constructor(reflector: Reflector, rbacService: RbacService);
|
|
17
|
-
canActivate(context: ExecutionContext): Promise<boolean>;
|
|
18
|
-
}
|
|
19
|
-
//# sourceMappingURL=rbac.guard.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"rbac.guard.d.ts","sourceRoot":"","sources":["../../../../packages/auth/authorization/rbac/rbac.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,WAAW,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAC3E,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAG7C;;;;;;;;GAQG;AACH,qBACa,SAAU,YAAW,WAAW;IAEzC,OAAO,CAAC,QAAQ,CAAC,SAAS;IAC1B,OAAO,CAAC,QAAQ,CAAC,WAAW;gBADX,SAAS,EAAE,SAAS,EACpB,WAAW,EAAE,WAAW;IAGrC,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;CAmB/D"}
|
|
@@ -1,50 +0,0 @@
|
|
|
1
|
-
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
2
|
-
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
3
|
-
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
4
|
-
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
5
|
-
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
6
|
-
};
|
|
7
|
-
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
8
|
-
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
9
|
-
};
|
|
10
|
-
import { Injectable } from '@nestjs/common';
|
|
11
|
-
import { Reflector } from '@nestjs/core';
|
|
12
|
-
import { RbacService } from './rbac.service';
|
|
13
|
-
import { METADATA_ROLES } from '../../auth.constants';
|
|
14
|
-
/**
|
|
15
|
-
* Guard that enforces Role-Based Access Control.
|
|
16
|
-
*
|
|
17
|
-
* Reads the required roles from the `@Roles()` decorator on the route
|
|
18
|
-
* handler (or controller) and checks them against the authenticated user.
|
|
19
|
-
*
|
|
20
|
-
* This guard is independent — you can use it with or without PBAC on
|
|
21
|
-
* different routes in the same application.
|
|
22
|
-
*/
|
|
23
|
-
let RbacGuard = class RbacGuard {
|
|
24
|
-
reflector;
|
|
25
|
-
rbacService;
|
|
26
|
-
constructor(reflector, rbacService) {
|
|
27
|
-
this.reflector = reflector;
|
|
28
|
-
this.rbacService = rbacService;
|
|
29
|
-
}
|
|
30
|
-
async canActivate(context) {
|
|
31
|
-
const meta = this.reflector.getAllAndOverride(METADATA_ROLES, [context.getHandler(), context.getClass()]);
|
|
32
|
-
if (!meta || !meta.roles || meta.roles.length === 0) {
|
|
33
|
-
return true;
|
|
34
|
-
}
|
|
35
|
-
const request = context
|
|
36
|
-
.switchToHttp()
|
|
37
|
-
.getRequest();
|
|
38
|
-
const user = request.user;
|
|
39
|
-
if (!user)
|
|
40
|
-
return false;
|
|
41
|
-
return this.rbacService.hasRoles(user, meta.roles, meta.requireAll);
|
|
42
|
-
}
|
|
43
|
-
};
|
|
44
|
-
RbacGuard = __decorate([
|
|
45
|
-
Injectable(),
|
|
46
|
-
__metadata("design:paramtypes", [Reflector,
|
|
47
|
-
RbacService])
|
|
48
|
-
], RbacGuard);
|
|
49
|
-
export { RbacGuard };
|
|
50
|
-
//# sourceMappingURL=rbac.guard.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"rbac.guard.js","sourceRoot":"","sources":["../../../../packages/auth/authorization/rbac/rbac.guard.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,UAAU,EAAiC,MAAM,gBAAgB,CAAC;AAC3E,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEtD;;;;;;;;GAQG;AAEI,IAAM,SAAS,GAAf,MAAM,SAAS;IAED;IACA;IAFnB,YACmB,SAAoB,EACpB,WAAwB;QADxB,cAAS,GAAT,SAAS,CAAW;QACpB,gBAAW,GAAX,WAAW,CAAa;IACxC,CAAC;IAEJ,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAG1C,cAAc,EAAE,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAE/D,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACpD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,OAAO,GAAG,OAAO;aACpB,YAAY,EAAE;aACd,UAAU,EAAmD,CAAC;QACjE,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;QAE1B,IAAI,CAAC,IAAI;YAAE,OAAO,KAAK,CAAC;QAExB,OAAO,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;IACtE,CAAC;CACF,CAAA;AAzBY,SAAS;IADrB,UAAU,EAAE;qCAGmB,SAAS;QACP,WAAW;GAHhC,SAAS,CAyBrB"}
|
|
@@ -1,43 +0,0 @@
|
|
|
1
|
-
import type { IAuthUser, ICacheService } from '../../interfaces';
|
|
2
|
-
/**
|
|
3
|
-
* Service that resolves and caches role → permissions mappings.
|
|
4
|
-
*
|
|
5
|
-
* Cache key convention: `rbac:roles:<userId>` → string[]
|
|
6
|
-
* `rbac:perms:<role>` → string[]
|
|
7
|
-
*/
|
|
8
|
-
export declare class RbacService {
|
|
9
|
-
private readonly cache;
|
|
10
|
-
constructor(cache: ICacheService);
|
|
11
|
-
/**
|
|
12
|
-
* Check if a user has at least one of the required roles.
|
|
13
|
-
*
|
|
14
|
-
* @param user Authenticated user
|
|
15
|
-
* @param roles List of role names required (at least one must match)
|
|
16
|
-
* @param requireAll If true, the user must have ALL specified roles
|
|
17
|
-
*/
|
|
18
|
-
hasRoles(user: IAuthUser, roles: string[], requireAll?: boolean): Promise<boolean>;
|
|
19
|
-
/**
|
|
20
|
-
* Check if a user has a specific permission (derived from their roles).
|
|
21
|
-
*
|
|
22
|
-
* @param user Authenticated user
|
|
23
|
-
* @param permission Permission identifier
|
|
24
|
-
*/
|
|
25
|
-
hasPermission(user: IAuthUser, permission: string): Promise<boolean>;
|
|
26
|
-
/**
|
|
27
|
-
* Fetch roles for a user, using cache when possible.
|
|
28
|
-
*/
|
|
29
|
-
getUserRoles(userId: string): Promise<string[]>;
|
|
30
|
-
/**
|
|
31
|
-
* Fetch permissions for a role, using cache when possible.
|
|
32
|
-
*/
|
|
33
|
-
getRolePermissions(role: string): Promise<string[]>;
|
|
34
|
-
/**
|
|
35
|
-
* Invalidate the role cache for a user.
|
|
36
|
-
*/
|
|
37
|
-
invalidateUser(userId: string): Promise<void>;
|
|
38
|
-
/**
|
|
39
|
-
* Invalidate the permission cache for a role.
|
|
40
|
-
*/
|
|
41
|
-
invalidateRole(role: string): Promise<void>;
|
|
42
|
-
}
|
|
43
|
-
//# sourceMappingURL=rbac.service.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"rbac.service.d.ts","sourceRoot":"","sources":["../../../../packages/auth/authorization/rbac/rbac.service.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAGjE;;;;;GAKG;AACH,qBACa,WAAW;IAGpB,OAAO,CAAC,QAAQ,CAAC,KAAK;gBAAL,KAAK,EAAE,aAAa;IAGvC;;;;;;OAMG;IACG,QAAQ,CAAC,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,UAAU,UAAQ,GAAG,OAAO,CAAC,OAAO,CAAC;IAUtF;;;;;OAKG;IACG,aAAa,CAAC,IAAI,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAW1E;;OAEG;IACG,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAOrD;;OAEG;IACG,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAOzD;;OAEG;IACG,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAInD;;OAEG;IACG,cAAc,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAGlD"}
|
|
@@ -1,95 +0,0 @@
|
|
|
1
|
-
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
2
|
-
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
3
|
-
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
4
|
-
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
5
|
-
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
6
|
-
};
|
|
7
|
-
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
8
|
-
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
9
|
-
};
|
|
10
|
-
var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
11
|
-
return function (target, key) { decorator(target, key, paramIndex); }
|
|
12
|
-
};
|
|
13
|
-
import { Inject, Injectable } from '@nestjs/common';
|
|
14
|
-
import { CACHE_SERVICE } from '../../auth.constants';
|
|
15
|
-
/**
|
|
16
|
-
* Service that resolves and caches role → permissions mappings.
|
|
17
|
-
*
|
|
18
|
-
* Cache key convention: `rbac:roles:<userId>` → string[]
|
|
19
|
-
* `rbac:perms:<role>` → string[]
|
|
20
|
-
*/
|
|
21
|
-
let RbacService = class RbacService {
|
|
22
|
-
cache;
|
|
23
|
-
constructor(cache) {
|
|
24
|
-
this.cache = cache;
|
|
25
|
-
}
|
|
26
|
-
/**
|
|
27
|
-
* Check if a user has at least one of the required roles.
|
|
28
|
-
*
|
|
29
|
-
* @param user Authenticated user
|
|
30
|
-
* @param roles List of role names required (at least one must match)
|
|
31
|
-
* @param requireAll If true, the user must have ALL specified roles
|
|
32
|
-
*/
|
|
33
|
-
async hasRoles(user, roles, requireAll = false) {
|
|
34
|
-
if (!roles.length)
|
|
35
|
-
return true;
|
|
36
|
-
const userRoles = user.roles ?? (await this.getUserRoles(user.id));
|
|
37
|
-
return requireAll
|
|
38
|
-
? roles.every((r) => userRoles.includes(r))
|
|
39
|
-
: roles.some((r) => userRoles.includes(r));
|
|
40
|
-
}
|
|
41
|
-
/**
|
|
42
|
-
* Check if a user has a specific permission (derived from their roles).
|
|
43
|
-
*
|
|
44
|
-
* @param user Authenticated user
|
|
45
|
-
* @param permission Permission identifier
|
|
46
|
-
*/
|
|
47
|
-
async hasPermission(user, permission) {
|
|
48
|
-
const userRoles = user.roles ?? (await this.getUserRoles(user.id));
|
|
49
|
-
for (const role of userRoles) {
|
|
50
|
-
const perms = await this.getRolePermissions(role);
|
|
51
|
-
if (perms.includes(permission))
|
|
52
|
-
return true;
|
|
53
|
-
}
|
|
54
|
-
return false;
|
|
55
|
-
}
|
|
56
|
-
/**
|
|
57
|
-
* Fetch roles for a user, using cache when possible.
|
|
58
|
-
*/
|
|
59
|
-
async getUserRoles(userId) {
|
|
60
|
-
const cacheKey = `rbac:roles:${userId}`;
|
|
61
|
-
const cached = await this.cache.get(cacheKey);
|
|
62
|
-
if (cached)
|
|
63
|
-
return cached;
|
|
64
|
-
return [];
|
|
65
|
-
}
|
|
66
|
-
/**
|
|
67
|
-
* Fetch permissions for a role, using cache when possible.
|
|
68
|
-
*/
|
|
69
|
-
async getRolePermissions(role) {
|
|
70
|
-
const cacheKey = `rbac:perms:${role}`;
|
|
71
|
-
const cached = await this.cache.get(cacheKey);
|
|
72
|
-
if (cached)
|
|
73
|
-
return cached;
|
|
74
|
-
return [];
|
|
75
|
-
}
|
|
76
|
-
/**
|
|
77
|
-
* Invalidate the role cache for a user.
|
|
78
|
-
*/
|
|
79
|
-
async invalidateUser(userId) {
|
|
80
|
-
await this.cache.del(`rbac:roles:${userId}`);
|
|
81
|
-
}
|
|
82
|
-
/**
|
|
83
|
-
* Invalidate the permission cache for a role.
|
|
84
|
-
*/
|
|
85
|
-
async invalidateRole(role) {
|
|
86
|
-
await this.cache.del(`rbac:perms:${role}`);
|
|
87
|
-
}
|
|
88
|
-
};
|
|
89
|
-
RbacService = __decorate([
|
|
90
|
-
Injectable(),
|
|
91
|
-
__param(0, Inject(CACHE_SERVICE)),
|
|
92
|
-
__metadata("design:paramtypes", [Object])
|
|
93
|
-
], RbacService);
|
|
94
|
-
export { RbacService };
|
|
95
|
-
//# sourceMappingURL=rbac.service.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"rbac.service.js","sourceRoot":"","sources":["../../../../packages/auth/authorization/rbac/rbac.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAEpD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAErD;;;;;GAKG;AAEI,IAAM,WAAW,GAAjB,MAAM,WAAW;IAGH;IAFnB,YAEmB,KAAoB;QAApB,UAAK,GAAL,KAAK,CAAe;IACpC,CAAC;IAEJ;;;;;;OAMG;IACH,KAAK,CAAC,QAAQ,CAAC,IAAe,EAAE,KAAe,EAAE,UAAU,GAAG,KAAK;QACjE,IAAI,CAAC,KAAK,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC;QAE/B,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,IAAI,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QAEnE,OAAO,UAAU;YACf,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC3C,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/C,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,aAAa,CAAC,IAAe,EAAE,UAAkB;QACrD,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,IAAI,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QAEnE,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC7B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC;YAClD,IAAI,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC;gBAAE,OAAO,IAAI,CAAC;QAC9C,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,MAAc;QAC/B,MAAM,QAAQ,GAAG,cAAc,MAAM,EAAE,CAAC;QACxC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAW,QAAQ,CAAC,CAAC;QACxD,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAC1B,OAAO,EAAE,CAAC;IACZ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,kBAAkB,CAAC,IAAY;QACnC,MAAM,QAAQ,GAAG,cAAc,IAAI,EAAE,CAAC;QACtC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAW,QAAQ,CAAC,CAAC;QACxD,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAC1B,OAAO,EAAE,CAAC;IACZ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc,CAAC,MAAc;QACjC,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,cAAc,MAAM,EAAE,CAAC,CAAC;IAC/C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc,CAAC,IAAY;QAC/B,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,cAAc,IAAI,EAAE,CAAC,CAAC;IAC7C,CAAC;CACF,CAAA;AAzEY,WAAW;IADvB,UAAU,EAAE;IAGR,WAAA,MAAM,CAAC,aAAa,CAAC,CAAA;;GAFb,WAAW,CAyEvB"}
|
|
@@ -1,17 +0,0 @@
|
|
|
1
|
-
import type { IAuthUser } from '../interfaces';
|
|
2
|
-
/**
|
|
3
|
-
* Parameter decorator that extracts the authenticated user from the request.
|
|
4
|
-
*
|
|
5
|
-
* @example
|
|
6
|
-
* ```typescript
|
|
7
|
-
* // Returns the full IAuthUser object
|
|
8
|
-
* @Get('me')
|
|
9
|
-
* getProfile(@CurrentUser() user: IAuthUser) { … }
|
|
10
|
-
*
|
|
11
|
-
* // Returns only the email
|
|
12
|
-
* @Get('email')
|
|
13
|
-
* getEmail(@CurrentUser('email') email: string) { … }
|
|
14
|
-
* ```
|
|
15
|
-
*/
|
|
16
|
-
export declare const CurrentUser: (...dataOrPipes: (keyof IAuthUser | import("@nestjs/common").PipeTransform<any, any> | import("@nestjs/common").Type<import("@nestjs/common").PipeTransform<any, any>> | undefined)[]) => ParameterDecorator;
|
|
17
|
-
//# sourceMappingURL=current-user.decorator.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"current-user.decorator.d.ts","sourceRoot":"","sources":["../../../packages/auth/decorators/current-user.decorator.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAE/C;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,WAAW,8MAOvB,CAAC"}
|
|
@@ -1,23 +0,0 @@
|
|
|
1
|
-
import { createParamDecorator } from '@nestjs/common';
|
|
2
|
-
/**
|
|
3
|
-
* Parameter decorator that extracts the authenticated user from the request.
|
|
4
|
-
*
|
|
5
|
-
* @example
|
|
6
|
-
* ```typescript
|
|
7
|
-
* // Returns the full IAuthUser object
|
|
8
|
-
* @Get('me')
|
|
9
|
-
* getProfile(@CurrentUser() user: IAuthUser) { … }
|
|
10
|
-
*
|
|
11
|
-
* // Returns only the email
|
|
12
|
-
* @Get('email')
|
|
13
|
-
* getEmail(@CurrentUser('email') email: string) { … }
|
|
14
|
-
* ```
|
|
15
|
-
*/
|
|
16
|
-
export const CurrentUser = createParamDecorator((key, ctx) => {
|
|
17
|
-
const request = ctx.switchToHttp().getRequest();
|
|
18
|
-
const user = request.user;
|
|
19
|
-
if (!user)
|
|
20
|
-
return undefined;
|
|
21
|
-
return key ? user[key] : user;
|
|
22
|
-
});
|
|
23
|
-
//# sourceMappingURL=current-user.decorator.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"current-user.decorator.js","sourceRoot":"","sources":["../../../packages/auth/decorators/current-user.decorator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAyB,MAAM,gBAAgB,CAAC;AAG7E;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,oBAAoB,CAC7C,CAAC,GAAgC,EAAE,GAAqB,EAAW,EAAE;IACnE,MAAM,OAAO,GAAG,GAAG,CAAC,YAAY,EAAE,CAAC,UAAU,EAAwB,CAAC;IACtE,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAC1B,IAAI,CAAC,IAAI;QAAE,OAAO,SAAS,CAAC;IAC5B,OAAO,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AAChC,CAAC,CACF,CAAC"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../packages/auth/decorators/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../packages/auth/decorators/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC"}
|
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Mark a route handler or controller as publicly accessible
|
|
3
|
-
* (bypasses the global AuthGuard).
|
|
4
|
-
*
|
|
5
|
-
* @example
|
|
6
|
-
* ```typescript
|
|
7
|
-
* @Public()
|
|
8
|
-
* @Get('login')
|
|
9
|
-
* login() { … }
|
|
10
|
-
* ```
|
|
11
|
-
*/
|
|
12
|
-
export declare const Public: () => import("@nestjs/common").CustomDecorator<string>;
|
|
13
|
-
//# sourceMappingURL=public.decorator.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"public.decorator.d.ts","sourceRoot":"","sources":["../../../packages/auth/decorators/public.decorator.ts"],"names":[],"mappings":"AAGA;;;;;;;;;;GAUG;AACH,eAAO,MAAM,MAAM,wDAA2C,CAAC"}
|
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
import { SetMetadata } from '@nestjs/common';
|
|
2
|
-
import { METADATA_PUBLIC } from '../auth.constants';
|
|
3
|
-
/**
|
|
4
|
-
* Mark a route handler or controller as publicly accessible
|
|
5
|
-
* (bypasses the global AuthGuard).
|
|
6
|
-
*
|
|
7
|
-
* @example
|
|
8
|
-
* ```typescript
|
|
9
|
-
* @Public()
|
|
10
|
-
* @Get('login')
|
|
11
|
-
* login() { … }
|
|
12
|
-
* ```
|
|
13
|
-
*/
|
|
14
|
-
export const Public = () => SetMetadata(METADATA_PUBLIC, true);
|
|
15
|
-
//# sourceMappingURL=public.decorator.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"public.decorator.js","sourceRoot":"","sources":["../../../packages/auth/decorators/public.decorator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAEpD;;;;;;;;;;GAUG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,eAAe,EAAE,IAAI,CAAC,CAAC"}
|
package/dist/auth/index.d.ts
DELETED
|
@@ -1,63 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* @os.io/nest-kit/auth
|
|
3
|
-
*
|
|
4
|
-
* Authentication & Authorization toolkit for NestJS applications.
|
|
5
|
-
*
|
|
6
|
-
* ## Features
|
|
7
|
-
*
|
|
8
|
-
* - **Authentication**: Credentials (email/password), OAuth (Google, GitHub,
|
|
9
|
-
* Facebook, Apple, Microsoft, Discord, custom), TOTP 2FA, Anonymous sessions,
|
|
10
|
-
* Magic Link, OTP (email/phone), Passkey (WebAuthn/FIDO2), OneTap (Google
|
|
11
|
-
* & Apple), SSO (SAML & OpenID Connect).
|
|
12
|
-
* - **Authorization**: RBAC (Role-Based) and PBAC (Policy-Based) — use either
|
|
13
|
-
* or both independently on different routes.
|
|
14
|
-
* - **Session**: Stateless JWT with refresh-token rotation, multi-device tracking,
|
|
15
|
-
* per-device logout (Telegram-style).
|
|
16
|
-
* - **Security**: bcrypt password hashing, rate limiting, token blacklisting
|
|
17
|
-
* via Redis/Valkey, token versioning.
|
|
18
|
-
* - **Scalability**: Horizontal scaling via shared cache; asymmetric JWT
|
|
19
|
-
* (RS256/ES256) enables service-to-service token validation without
|
|
20
|
-
* centralised auth calls.
|
|
21
|
-
*
|
|
22
|
-
* ## Quick Start
|
|
23
|
-
*
|
|
24
|
-
* ```typescript
|
|
25
|
-
* import { AuthModule } from '@os.io/nest-kit/auth';
|
|
26
|
-
*
|
|
27
|
-
* @Module({
|
|
28
|
-
* imports: [
|
|
29
|
-
* AuthModule.forRoot({
|
|
30
|
-
* jwtSecret: process.env.JWT_SECRET,
|
|
31
|
-
* credentials: true,
|
|
32
|
-
* rbac: true,
|
|
33
|
-
* }),
|
|
34
|
-
* ],
|
|
35
|
-
* providers: [
|
|
36
|
-
* { provide: 'USER_SERVICE', useClass: MyUserService },
|
|
37
|
-
* { provide: 'CACHE_SERVICE', useExisting: getCache() },
|
|
38
|
-
* ],
|
|
39
|
-
* })
|
|
40
|
-
* export class AppModule {}
|
|
41
|
-
* ```
|
|
42
|
-
*
|
|
43
|
-
* @module
|
|
44
|
-
* @packageDocumentation
|
|
45
|
-
*/
|
|
46
|
-
export { AuthModule } from './auth.module';
|
|
47
|
-
export { AuthService } from './auth.service';
|
|
48
|
-
export { AuthGuard } from './auth.guard';
|
|
49
|
-
export { AUTH_MODULE_OPTIONS, CACHE_SERVICE, USER_SERVICE, AUTH_STRATEGIES, METADATA_PUBLIC, METADATA_ROLES, METADATA_PERMISSIONS, METADATA_POLICY, } from './auth.constants';
|
|
50
|
-
export type { AuthModuleOptions, AuthModuleAsyncOptions, CredentialsOptions, OAuthOptions, OAuthProviderConfig, TOTPOptions, AnonymousOptions, MagicLinkOptions, OTPOptions, PasskeyOptions, OneTapOptions, SSOOptions, SamlProviderConfig, OidcProviderConfig, RBACOptions, PBACOptions, SessionOptions, ThrottleOptions, } from './auth.options';
|
|
51
|
-
export type { IAuthUser, IAuthRequest, ITokenPair, IAuthResult, IAuthStrategy, ICacheService, IUserService, } from './interfaces';
|
|
52
|
-
export { AuthMethod } from './interfaces';
|
|
53
|
-
export { CurrentUser, Public } from './decorators';
|
|
54
|
-
export { JwtService, TokenBlacklistService, DeviceSessionService } from './session';
|
|
55
|
-
export type { IDeviceInfo } from './session';
|
|
56
|
-
export { PasswordService } from './password/password.service';
|
|
57
|
-
export { ThrottleService } from './throttling/throttle.service';
|
|
58
|
-
export { BaseStrategy, CredentialsStrategy, OAuthStrategy, OAuthProviderRegistry, TotpStrategy, AnonymousStrategy, MagicLinkStrategy, OtpStrategy, PasskeyStrategy, OneTapStrategy, SsoStrategy, } from './strategies';
|
|
59
|
-
export { RbacService, RbacGuard, Roles } from './authorization/rbac';
|
|
60
|
-
export { PbacService, PbacGuard, RequirePolicy } from './authorization/pbac';
|
|
61
|
-
export type { PolicyDecoratorOptions } from './authorization/pbac';
|
|
62
|
-
export type { PolicyStatement, PolicyDocument, PolicyContext, PolicyEffect, } from './authorization/pbac';
|
|
63
|
-
//# sourceMappingURL=index.d.ts.map
|
package/dist/auth/index.d.ts.map
DELETED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../packages/auth/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4CG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAGzC,OAAO,EACL,mBAAmB,EACnB,aAAa,EACb,YAAY,EACZ,eAAe,EACf,eAAe,EACf,cAAc,EACd,oBAAoB,EACpB,eAAe,GAChB,MAAM,kBAAkB,CAAC;AAG1B,YAAY,EACV,iBAAiB,EACjB,sBAAsB,EACtB,kBAAkB,EAClB,YAAY,EACZ,mBAAmB,EACnB,WAAW,EACX,gBAAgB,EAChB,gBAAgB,EAChB,UAAU,EACV,cAAc,EACd,aAAa,EACb,UAAU,EACV,kBAAkB,EAClB,kBAAkB,EAClB,WAAW,EACX,WAAW,EACX,cAAc,EACd,eAAe,GAChB,MAAM,gBAAgB,CAAC;AAGxB,YAAY,EACV,SAAS,EACT,YAAY,EACZ,UAAU,EACV,WAAW,EACX,aAAa,EACb,aAAa,EACb,YAAY,GACb,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAG1C,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAGnD,OAAO,EAAE,UAAU,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAC;AACpF,YAAY,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAG7C,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAG9D,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAGhE,OAAO,EACL,YAAY,EACZ,mBAAmB,EACnB,aAAa,EACb,qBAAqB,EACrB,YAAY,EACZ,iBAAiB,EACjB,iBAAiB,EACjB,WAAW,EACX,eAAe,EACf,cAAc,EACd,WAAW,GACZ,MAAM,cAAc,CAAC;AAGtB,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,sBAAsB,CAAC;AACrE,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAC7E,YAAY,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAC;AACnE,YAAY,EACV,eAAe,EACf,cAAc,EACd,aAAa,EACb,YAAY,GACb,MAAM,sBAAsB,CAAC"}
|
package/dist/auth/index.js
DELETED
|
@@ -1,65 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* @os.io/nest-kit/auth
|
|
3
|
-
*
|
|
4
|
-
* Authentication & Authorization toolkit for NestJS applications.
|
|
5
|
-
*
|
|
6
|
-
* ## Features
|
|
7
|
-
*
|
|
8
|
-
* - **Authentication**: Credentials (email/password), OAuth (Google, GitHub,
|
|
9
|
-
* Facebook, Apple, Microsoft, Discord, custom), TOTP 2FA, Anonymous sessions,
|
|
10
|
-
* Magic Link, OTP (email/phone), Passkey (WebAuthn/FIDO2), OneTap (Google
|
|
11
|
-
* & Apple), SSO (SAML & OpenID Connect).
|
|
12
|
-
* - **Authorization**: RBAC (Role-Based) and PBAC (Policy-Based) — use either
|
|
13
|
-
* or both independently on different routes.
|
|
14
|
-
* - **Session**: Stateless JWT with refresh-token rotation, multi-device tracking,
|
|
15
|
-
* per-device logout (Telegram-style).
|
|
16
|
-
* - **Security**: bcrypt password hashing, rate limiting, token blacklisting
|
|
17
|
-
* via Redis/Valkey, token versioning.
|
|
18
|
-
* - **Scalability**: Horizontal scaling via shared cache; asymmetric JWT
|
|
19
|
-
* (RS256/ES256) enables service-to-service token validation without
|
|
20
|
-
* centralised auth calls.
|
|
21
|
-
*
|
|
22
|
-
* ## Quick Start
|
|
23
|
-
*
|
|
24
|
-
* ```typescript
|
|
25
|
-
* import { AuthModule } from '@os.io/nest-kit/auth';
|
|
26
|
-
*
|
|
27
|
-
* @Module({
|
|
28
|
-
* imports: [
|
|
29
|
-
* AuthModule.forRoot({
|
|
30
|
-
* jwtSecret: process.env.JWT_SECRET,
|
|
31
|
-
* credentials: true,
|
|
32
|
-
* rbac: true,
|
|
33
|
-
* }),
|
|
34
|
-
* ],
|
|
35
|
-
* providers: [
|
|
36
|
-
* { provide: 'USER_SERVICE', useClass: MyUserService },
|
|
37
|
-
* { provide: 'CACHE_SERVICE', useExisting: getCache() },
|
|
38
|
-
* ],
|
|
39
|
-
* })
|
|
40
|
-
* export class AppModule {}
|
|
41
|
-
* ```
|
|
42
|
-
*
|
|
43
|
-
* @module
|
|
44
|
-
* @packageDocumentation
|
|
45
|
-
*/
|
|
46
|
-
export { AuthModule } from './auth.module';
|
|
47
|
-
export { AuthService } from './auth.service';
|
|
48
|
-
export { AuthGuard } from './auth.guard';
|
|
49
|
-
// ── Constants ──
|
|
50
|
-
export { AUTH_MODULE_OPTIONS, CACHE_SERVICE, USER_SERVICE, AUTH_STRATEGIES, METADATA_PUBLIC, METADATA_ROLES, METADATA_PERMISSIONS, METADATA_POLICY, } from './auth.constants';
|
|
51
|
-
export { AuthMethod } from './interfaces';
|
|
52
|
-
// ── Decorators ──
|
|
53
|
-
export { CurrentUser, Public } from './decorators';
|
|
54
|
-
// ── Session ──
|
|
55
|
-
export { JwtService, TokenBlacklistService, DeviceSessionService } from './session';
|
|
56
|
-
// ── Password ──
|
|
57
|
-
export { PasswordService } from './password/password.service';
|
|
58
|
-
// ── Throttling ──
|
|
59
|
-
export { ThrottleService } from './throttling/throttle.service';
|
|
60
|
-
// ── Strategies ──
|
|
61
|
-
export { BaseStrategy, CredentialsStrategy, OAuthStrategy, OAuthProviderRegistry, TotpStrategy, AnonymousStrategy, MagicLinkStrategy, OtpStrategy, PasskeyStrategy, OneTapStrategy, SsoStrategy, } from './strategies';
|
|
62
|
-
// ── Authorization ──
|
|
63
|
-
export { RbacService, RbacGuard, Roles } from './authorization/rbac';
|
|
64
|
-
export { PbacService, PbacGuard, RequirePolicy } from './authorization/pbac';
|
|
65
|
-
//# sourceMappingURL=index.js.map
|
package/dist/auth/index.js.map
DELETED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../packages/auth/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4CG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,kBAAkB;AAClB,OAAO,EACL,mBAAmB,EACnB,aAAa,EACb,YAAY,EACZ,eAAe,EACf,eAAe,EACf,cAAc,EACd,oBAAoB,EACpB,eAAe,GAChB,MAAM,kBAAkB,CAAC;AAkC1B,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAE1C,mBAAmB;AACnB,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAEnD,gBAAgB;AAChB,OAAO,EAAE,UAAU,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAC;AAGpF,iBAAiB;AACjB,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAE9D,mBAAmB;AACnB,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAEhE,mBAAmB;AACnB,OAAO,EACL,YAAY,EACZ,mBAAmB,EACnB,aAAa,EACb,qBAAqB,EACrB,YAAY,EACZ,iBAAiB,EACjB,iBAAiB,EACjB,WAAW,EACX,eAAe,EACf,cAAc,EACd,WAAW,GACZ,MAAM,cAAc,CAAC;AAEtB,sBAAsB;AACtB,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,sBAAsB,CAAC;AACrE,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC"}
|
|
@@ -1,18 +0,0 @@
|
|
|
1
|
-
import type { IAuthUser } from './auth-user.interface';
|
|
2
|
-
/**
|
|
3
|
-
* Extended Express/NestJS request with authenticated user info.
|
|
4
|
-
* Attached by AuthGuard after successful token validation.
|
|
5
|
-
*/
|
|
6
|
-
export interface IAuthRequest {
|
|
7
|
-
/** Authenticated user entity */
|
|
8
|
-
user?: IAuthUser;
|
|
9
|
-
/** Raw access token from the request */
|
|
10
|
-
accessToken?: string;
|
|
11
|
-
/** Raw refresh token (if present in request) */
|
|
12
|
-
refreshToken?: string;
|
|
13
|
-
/** Device / session identifier for multi-device tracking */
|
|
14
|
-
deviceId?: string;
|
|
15
|
-
/** Session identifier */
|
|
16
|
-
sessionId?: string;
|
|
17
|
-
}
|
|
18
|
-
//# sourceMappingURL=auth-request.interface.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"auth-request.interface.d.ts","sourceRoot":"","sources":["../../../packages/auth/interfaces/auth-request.interface.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAEvD;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B,gCAAgC;IAChC,IAAI,CAAC,EAAE,SAAS,CAAC;IAEjB,wCAAwC;IACxC,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,gDAAgD;IAChD,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB,4DAA4D;IAC5D,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,yBAAyB;IACzB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"auth-request.interface.js","sourceRoot":"","sources":["../../../packages/auth/interfaces/auth-request.interface.ts"],"names":[],"mappings":""}
|
|
@@ -1,28 +0,0 @@
|
|
|
1
|
-
import type { IAuthUser } from './auth-user.interface';
|
|
2
|
-
/**
|
|
3
|
-
* Pair of access and refresh tokens returned from successful authentication.
|
|
4
|
-
*/
|
|
5
|
-
export interface ITokenPair {
|
|
6
|
-
/** Short-lived JWT access token (Bearer) */
|
|
7
|
-
accessToken: string;
|
|
8
|
-
/** Long-lived refresh token for rotating sessions */
|
|
9
|
-
refreshToken: string;
|
|
10
|
-
/** Access token TTL in seconds */
|
|
11
|
-
expiresIn: number;
|
|
12
|
-
}
|
|
13
|
-
/**
|
|
14
|
-
* Result returned by every authentication strategy on success.
|
|
15
|
-
*/
|
|
16
|
-
export interface IAuthResult {
|
|
17
|
-
/** Authenticated user entity */
|
|
18
|
-
user: IAuthUser;
|
|
19
|
-
/** Token pair for subsequent requests */
|
|
20
|
-
tokens: ITokenPair;
|
|
21
|
-
/** Whether the user was just created (first sign-up) */
|
|
22
|
-
isNewUser?: boolean;
|
|
23
|
-
/** Whether the user must complete a second factor */
|
|
24
|
-
isMfaRequired?: boolean;
|
|
25
|
-
/** Server-generated session identifier */
|
|
26
|
-
sessionId?: string;
|
|
27
|
-
}
|
|
28
|
-
//# sourceMappingURL=auth-result.interface.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"auth-result.interface.d.ts","sourceRoot":"","sources":["../../../packages/auth/interfaces/auth-result.interface.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAEvD;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,4CAA4C;IAC5C,WAAW,EAAE,MAAM,CAAC;IACpB,qDAAqD;IACrD,YAAY,EAAE,MAAM,CAAC;IACrB,kCAAkC;IAClC,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,gCAAgC;IAChC,IAAI,EAAE,SAAS,CAAC;IAChB,yCAAyC;IACzC,MAAM,EAAE,UAAU,CAAC;IACnB,wDAAwD;IACxD,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,qDAAqD;IACrD,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,0CAA0C;IAC1C,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"auth-result.interface.js","sourceRoot":"","sources":["../../../packages/auth/interfaces/auth-result.interface.ts"],"names":[],"mappings":""}
|
|
@@ -1,37 +0,0 @@
|
|
|
1
|
-
import type { ExecutionContext } from '@nestjs/common';
|
|
2
|
-
import type { IAuthResult } from './auth-result.interface';
|
|
3
|
-
/**
|
|
4
|
-
* Authentication method enum — each value maps to a strategy.
|
|
5
|
-
*/
|
|
6
|
-
export declare enum AuthMethod {
|
|
7
|
-
CREDENTIALS = "credentials",
|
|
8
|
-
OAUTH = "oauth",
|
|
9
|
-
TOTP = "totp",
|
|
10
|
-
ANONYMOUS = "anonymous",
|
|
11
|
-
MAGIC_LINK = "magic-link",
|
|
12
|
-
OTP = "otp",
|
|
13
|
-
PASSKEY = "passkey",
|
|
14
|
-
ONETAP = "onetap",
|
|
15
|
-
SSO = "sso"
|
|
16
|
-
}
|
|
17
|
-
/**
|
|
18
|
-
* Every authentication strategy must implement this interface.
|
|
19
|
-
* Strategies are registered in the IoC container and discovered by AuthGuard.
|
|
20
|
-
*/
|
|
21
|
-
export interface IAuthStrategy {
|
|
22
|
-
/** Unique strategy type identifier */
|
|
23
|
-
readonly type: AuthMethod;
|
|
24
|
-
/** Human-readable strategy name for logging / debugging */
|
|
25
|
-
readonly name: string;
|
|
26
|
-
/**
|
|
27
|
-
* Attempt to authenticate the request.
|
|
28
|
-
*
|
|
29
|
-
* @param payload Strategy-specific authentication payload
|
|
30
|
-
* (e.g. { email, password } for credentials,
|
|
31
|
-
* { provider, code } for OAuth, …)
|
|
32
|
-
* @param context Optional NestJS execution context for
|
|
33
|
-
* access to request / response objects
|
|
34
|
-
*/
|
|
35
|
-
authenticate(payload: Record<string, unknown>, context?: ExecutionContext): Promise<IAuthResult>;
|
|
36
|
-
}
|
|
37
|
-
//# sourceMappingURL=auth-strategy.interface.d.ts.map
|