@os.io/nest-kit 0.0.1-alpha.0 → 0.0.1-alpha.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (286) hide show
  1. package/README.md +30 -30
  2. package/package.json +41 -5
  3. package/dist/auth/auth.constants.d.ts +0 -19
  4. package/dist/auth/auth.constants.d.ts.map +0 -1
  5. package/dist/auth/auth.constants.js +0 -19
  6. package/dist/auth/auth.constants.js.map +0 -1
  7. package/dist/auth/auth.guard.d.ts +0 -20
  8. package/dist/auth/auth.guard.d.ts.map +0 -1
  9. package/dist/auth/auth.guard.js +0 -84
  10. package/dist/auth/auth.guard.js.map +0 -1
  11. package/dist/auth/auth.module.d.ts +0 -26
  12. package/dist/auth/auth.module.d.ts.map +0 -1
  13. package/dist/auth/auth.module.js +0 -344
  14. package/dist/auth/auth.module.js.map +0 -1
  15. package/dist/auth/auth.options.d.ts +0 -179
  16. package/dist/auth/auth.options.d.ts.map +0 -1
  17. package/dist/auth/auth.options.js +0 -2
  18. package/dist/auth/auth.options.js.map +0 -1
  19. package/dist/auth/auth.service.d.ts +0 -57
  20. package/dist/auth/auth.service.d.ts.map +0 -1
  21. package/dist/auth/auth.service.js +0 -175
  22. package/dist/auth/auth.service.js.map +0 -1
  23. package/dist/auth/authorization/index.d.ts +0 -3
  24. package/dist/auth/authorization/index.d.ts.map +0 -1
  25. package/dist/auth/authorization/index.js +0 -3
  26. package/dist/auth/authorization/index.js.map +0 -1
  27. package/dist/auth/authorization/pbac/index.d.ts +0 -6
  28. package/dist/auth/authorization/pbac/index.d.ts.map +0 -1
  29. package/dist/auth/authorization/pbac/index.js +0 -4
  30. package/dist/auth/authorization/pbac/index.js.map +0 -1
  31. package/dist/auth/authorization/pbac/pbac.decorator.d.ts +0 -18
  32. package/dist/auth/authorization/pbac/pbac.decorator.d.ts.map +0 -1
  33. package/dist/auth/authorization/pbac/pbac.decorator.js +0 -14
  34. package/dist/auth/authorization/pbac/pbac.decorator.js.map +0 -1
  35. package/dist/auth/authorization/pbac/pbac.guard.d.ts +0 -19
  36. package/dist/auth/authorization/pbac/pbac.guard.d.ts.map +0 -1
  37. package/dist/auth/authorization/pbac/pbac.guard.js +0 -60
  38. package/dist/auth/authorization/pbac/pbac.guard.js.map +0 -1
  39. package/dist/auth/authorization/pbac/pbac.service.d.ts +0 -44
  40. package/dist/auth/authorization/pbac/pbac.service.d.ts.map +0 -1
  41. package/dist/auth/authorization/pbac/pbac.service.js +0 -146
  42. package/dist/auth/authorization/pbac/pbac.service.js.map +0 -1
  43. package/dist/auth/authorization/pbac/pbac.types.d.ts +0 -47
  44. package/dist/auth/authorization/pbac/pbac.types.d.ts.map +0 -1
  45. package/dist/auth/authorization/pbac/pbac.types.js +0 -2
  46. package/dist/auth/authorization/pbac/pbac.types.js.map +0 -1
  47. package/dist/auth/authorization/rbac/index.d.ts +0 -4
  48. package/dist/auth/authorization/rbac/index.d.ts.map +0 -1
  49. package/dist/auth/authorization/rbac/index.js +0 -4
  50. package/dist/auth/authorization/rbac/index.js.map +0 -1
  51. package/dist/auth/authorization/rbac/rbac.decorator.d.ts +0 -18
  52. package/dist/auth/authorization/rbac/rbac.decorator.d.ts.map +0 -1
  53. package/dist/auth/authorization/rbac/rbac.decorator.js +0 -25
  54. package/dist/auth/authorization/rbac/rbac.decorator.js.map +0 -1
  55. package/dist/auth/authorization/rbac/rbac.guard.d.ts +0 -19
  56. package/dist/auth/authorization/rbac/rbac.guard.d.ts.map +0 -1
  57. package/dist/auth/authorization/rbac/rbac.guard.js +0 -50
  58. package/dist/auth/authorization/rbac/rbac.guard.js.map +0 -1
  59. package/dist/auth/authorization/rbac/rbac.service.d.ts +0 -43
  60. package/dist/auth/authorization/rbac/rbac.service.d.ts.map +0 -1
  61. package/dist/auth/authorization/rbac/rbac.service.js +0 -95
  62. package/dist/auth/authorization/rbac/rbac.service.js.map +0 -1
  63. package/dist/auth/decorators/current-user.decorator.d.ts +0 -17
  64. package/dist/auth/decorators/current-user.decorator.d.ts.map +0 -1
  65. package/dist/auth/decorators/current-user.decorator.js +0 -23
  66. package/dist/auth/decorators/current-user.decorator.js.map +0 -1
  67. package/dist/auth/decorators/index.d.ts +0 -3
  68. package/dist/auth/decorators/index.d.ts.map +0 -1
  69. package/dist/auth/decorators/index.js +0 -3
  70. package/dist/auth/decorators/index.js.map +0 -1
  71. package/dist/auth/decorators/public.decorator.d.ts +0 -13
  72. package/dist/auth/decorators/public.decorator.d.ts.map +0 -1
  73. package/dist/auth/decorators/public.decorator.js +0 -15
  74. package/dist/auth/decorators/public.decorator.js.map +0 -1
  75. package/dist/auth/index.d.ts +0 -63
  76. package/dist/auth/index.d.ts.map +0 -1
  77. package/dist/auth/index.js +0 -65
  78. package/dist/auth/index.js.map +0 -1
  79. package/dist/auth/interfaces/auth-request.interface.d.ts +0 -18
  80. package/dist/auth/interfaces/auth-request.interface.d.ts.map +0 -1
  81. package/dist/auth/interfaces/auth-request.interface.js +0 -2
  82. package/dist/auth/interfaces/auth-request.interface.js.map +0 -1
  83. package/dist/auth/interfaces/auth-result.interface.d.ts +0 -28
  84. package/dist/auth/interfaces/auth-result.interface.d.ts.map +0 -1
  85. package/dist/auth/interfaces/auth-result.interface.js +0 -2
  86. package/dist/auth/interfaces/auth-result.interface.js.map +0 -1
  87. package/dist/auth/interfaces/auth-strategy.interface.d.ts +0 -37
  88. package/dist/auth/interfaces/auth-strategy.interface.d.ts.map +0 -1
  89. package/dist/auth/interfaces/auth-strategy.interface.js +0 -16
  90. package/dist/auth/interfaces/auth-strategy.interface.js.map +0 -1
  91. package/dist/auth/interfaces/auth-user.interface.d.ts +0 -25
  92. package/dist/auth/interfaces/auth-user.interface.d.ts.map +0 -1
  93. package/dist/auth/interfaces/auth-user.interface.js +0 -2
  94. package/dist/auth/interfaces/auth-user.interface.js.map +0 -1
  95. package/dist/auth/interfaces/cache-service.interface.d.ts +0 -30
  96. package/dist/auth/interfaces/cache-service.interface.d.ts.map +0 -1
  97. package/dist/auth/interfaces/cache-service.interface.js +0 -2
  98. package/dist/auth/interfaces/cache-service.interface.js.map +0 -1
  99. package/dist/auth/interfaces/index.d.ts +0 -8
  100. package/dist/auth/interfaces/index.d.ts.map +0 -1
  101. package/dist/auth/interfaces/index.js +0 -2
  102. package/dist/auth/interfaces/index.js.map +0 -1
  103. package/dist/auth/interfaces/user-service.interface.d.ts +0 -34
  104. package/dist/auth/interfaces/user-service.interface.d.ts.map +0 -1
  105. package/dist/auth/interfaces/user-service.interface.js +0 -2
  106. package/dist/auth/interfaces/user-service.interface.js.map +0 -1
  107. package/dist/auth/password/password.service.d.ts +0 -23
  108. package/dist/auth/password/password.service.d.ts.map +0 -1
  109. package/dist/auth/password/password.service.js +0 -52
  110. package/dist/auth/password/password.service.js.map +0 -1
  111. package/dist/auth/session/device-session.service.d.ts +0 -43
  112. package/dist/auth/session/device-session.service.d.ts.map +0 -1
  113. package/dist/auth/session/device-session.service.js +0 -72
  114. package/dist/auth/session/device-session.service.js.map +0 -1
  115. package/dist/auth/session/index.d.ts +0 -5
  116. package/dist/auth/session/index.d.ts.map +0 -1
  117. package/dist/auth/session/index.js +0 -4
  118. package/dist/auth/session/index.js.map +0 -1
  119. package/dist/auth/session/jwt.service.d.ts +0 -37
  120. package/dist/auth/session/jwt.service.d.ts.map +0 -1
  121. package/dist/auth/session/jwt.service.js +0 -119
  122. package/dist/auth/session/jwt.service.js.map +0 -1
  123. package/dist/auth/session/token-blacklist.service.d.ts +0 -37
  124. package/dist/auth/session/token-blacklist.service.d.ts.map +0 -1
  125. package/dist/auth/session/token-blacklist.service.js +0 -70
  126. package/dist/auth/session/token-blacklist.service.js.map +0 -1
  127. package/dist/auth/strategies/anonymous/anonymous.strategy.d.ts +0 -19
  128. package/dist/auth/strategies/anonymous/anonymous.strategy.d.ts.map +0 -1
  129. package/dist/auth/strategies/anonymous/anonymous.strategy.js +0 -49
  130. package/dist/auth/strategies/anonymous/anonymous.strategy.js.map +0 -1
  131. package/dist/auth/strategies/base/base.strategy.d.ts +0 -11
  132. package/dist/auth/strategies/base/base.strategy.d.ts.map +0 -1
  133. package/dist/auth/strategies/base/base.strategy.js +0 -6
  134. package/dist/auth/strategies/base/base.strategy.js.map +0 -1
  135. package/dist/auth/strategies/credentials/credentials.strategy.d.ts +0 -21
  136. package/dist/auth/strategies/credentials/credentials.strategy.d.ts.map +0 -1
  137. package/dist/auth/strategies/credentials/credentials.strategy.js +0 -67
  138. package/dist/auth/strategies/credentials/credentials.strategy.js.map +0 -1
  139. package/dist/auth/strategies/index.d.ts +0 -12
  140. package/dist/auth/strategies/index.d.ts.map +0 -1
  141. package/dist/auth/strategies/index.js +0 -12
  142. package/dist/auth/strategies/index.js.map +0 -1
  143. package/dist/auth/strategies/magic-link/magic-link.strategy.d.ts +0 -31
  144. package/dist/auth/strategies/magic-link/magic-link.strategy.d.ts.map +0 -1
  145. package/dist/auth/strategies/magic-link/magic-link.strategy.js +0 -88
  146. package/dist/auth/strategies/magic-link/magic-link.strategy.js.map +0 -1
  147. package/dist/auth/strategies/oauth/index.d.ts +0 -3
  148. package/dist/auth/strategies/oauth/index.d.ts.map +0 -1
  149. package/dist/auth/strategies/oauth/index.js +0 -3
  150. package/dist/auth/strategies/oauth/index.js.map +0 -1
  151. package/dist/auth/strategies/oauth/oauth-provider-registry.d.ts +0 -13
  152. package/dist/auth/strategies/oauth/oauth-provider-registry.d.ts.map +0 -1
  153. package/dist/auth/strategies/oauth/oauth-provider-registry.js +0 -20
  154. package/dist/auth/strategies/oauth/oauth-provider-registry.js.map +0 -1
  155. package/dist/auth/strategies/oauth/oauth.strategy.d.ts +0 -23
  156. package/dist/auth/strategies/oauth/oauth.strategy.d.ts.map +0 -1
  157. package/dist/auth/strategies/oauth/oauth.strategy.js +0 -79
  158. package/dist/auth/strategies/oauth/oauth.strategy.js.map +0 -1
  159. package/dist/auth/strategies/onetap/onetap.strategy.d.ts +0 -24
  160. package/dist/auth/strategies/onetap/onetap.strategy.d.ts.map +0 -1
  161. package/dist/auth/strategies/onetap/onetap.strategy.js +0 -77
  162. package/dist/auth/strategies/onetap/onetap.strategy.js.map +0 -1
  163. package/dist/auth/strategies/otp/otp.strategy.d.ts +0 -31
  164. package/dist/auth/strategies/otp/otp.strategy.d.ts.map +0 -1
  165. package/dist/auth/strategies/otp/otp.strategy.js +0 -93
  166. package/dist/auth/strategies/otp/otp.strategy.js.map +0 -1
  167. package/dist/auth/strategies/passkey/passkey.strategy.d.ts +0 -32
  168. package/dist/auth/strategies/passkey/passkey.strategy.d.ts.map +0 -1
  169. package/dist/auth/strategies/passkey/passkey.strategy.js +0 -102
  170. package/dist/auth/strategies/passkey/passkey.strategy.js.map +0 -1
  171. package/dist/auth/strategies/sso/sso.strategy.d.ts +0 -25
  172. package/dist/auth/strategies/sso/sso.strategy.d.ts.map +0 -1
  173. package/dist/auth/strategies/sso/sso.strategy.js +0 -80
  174. package/dist/auth/strategies/sso/sso.strategy.js.map +0 -1
  175. package/dist/auth/strategies/totp/totp.strategy.d.ts +0 -37
  176. package/dist/auth/strategies/totp/totp.strategy.d.ts.map +0 -1
  177. package/dist/auth/strategies/totp/totp.strategy.js +0 -109
  178. package/dist/auth/strategies/totp/totp.strategy.js.map +0 -1
  179. package/dist/auth/throttling/index.d.ts +0 -2
  180. package/dist/auth/throttling/index.d.ts.map +0 -1
  181. package/dist/auth/throttling/index.js +0 -2
  182. package/dist/auth/throttling/index.js.map +0 -1
  183. package/dist/auth/throttling/throttle.service.d.ts +0 -27
  184. package/dist/auth/throttling/throttle.service.d.ts.map +0 -1
  185. package/dist/auth/throttling/throttle.service.js +0 -63
  186. package/dist/auth/throttling/throttle.service.js.map +0 -1
  187. package/dist/bootstrap/cache/config.d.ts +0 -135
  188. package/dist/bootstrap/cache/config.d.ts.map +0 -1
  189. package/dist/bootstrap/cache/config.js +0 -189
  190. package/dist/bootstrap/cache/config.js.map +0 -1
  191. package/dist/bootstrap/cache/index.d.ts +0 -11
  192. package/dist/bootstrap/cache/index.d.ts.map +0 -1
  193. package/dist/bootstrap/cache/index.js +0 -11
  194. package/dist/bootstrap/cache/index.js.map +0 -1
  195. package/dist/bootstrap/index.d.ts +0 -21
  196. package/dist/bootstrap/index.d.ts.map +0 -1
  197. package/dist/bootstrap/index.js +0 -21
  198. package/dist/bootstrap/index.js.map +0 -1
  199. package/dist/bootstrap/scalar/api-docs.d.ts +0 -39
  200. package/dist/bootstrap/scalar/api-docs.d.ts.map +0 -1
  201. package/dist/bootstrap/scalar/api-docs.js +0 -41
  202. package/dist/bootstrap/scalar/api-docs.js.map +0 -1
  203. package/dist/bootstrap/scalar/index.d.ts +0 -39
  204. package/dist/bootstrap/scalar/index.d.ts.map +0 -1
  205. package/dist/bootstrap/scalar/index.js +0 -41
  206. package/dist/bootstrap/scalar/index.js.map +0 -1
  207. package/dist/bootstrap/swagger/api-docs.d.ts +0 -73
  208. package/dist/bootstrap/swagger/api-docs.d.ts.map +0 -1
  209. package/dist/bootstrap/swagger/api-docs.js +0 -87
  210. package/dist/bootstrap/swagger/api-docs.js.map +0 -1
  211. package/dist/bootstrap/swagger/index.d.ts +0 -37
  212. package/dist/bootstrap/swagger/index.d.ts.map +0 -1
  213. package/dist/bootstrap/swagger/index.js +0 -36
  214. package/dist/bootstrap/swagger/index.js.map +0 -1
  215. package/dist/bootstrap/typeorm/config/index.d.ts +0 -12
  216. package/dist/bootstrap/typeorm/config/index.d.ts.map +0 -1
  217. package/dist/bootstrap/typeorm/config/index.js +0 -62
  218. package/dist/bootstrap/typeorm/config/index.js.map +0 -1
  219. package/dist/bootstrap/typeorm/crud/controller.d.ts +0 -13
  220. package/dist/bootstrap/typeorm/crud/controller.d.ts.map +0 -1
  221. package/dist/bootstrap/typeorm/crud/controller.js +0 -72
  222. package/dist/bootstrap/typeorm/crud/controller.js.map +0 -1
  223. package/dist/bootstrap/typeorm/crud/index.d.ts +0 -4
  224. package/dist/bootstrap/typeorm/crud/index.d.ts.map +0 -1
  225. package/dist/bootstrap/typeorm/crud/index.js +0 -3
  226. package/dist/bootstrap/typeorm/crud/index.js.map +0 -1
  227. package/dist/bootstrap/typeorm/crud/service.d.ts +0 -10
  228. package/dist/bootstrap/typeorm/crud/service.d.ts.map +0 -1
  229. package/dist/bootstrap/typeorm/crud/service.js +0 -21
  230. package/dist/bootstrap/typeorm/crud/service.js.map +0 -1
  231. package/dist/bootstrap/typeorm/index.d.ts +0 -18
  232. package/dist/bootstrap/typeorm/index.d.ts.map +0 -1
  233. package/dist/bootstrap/typeorm/index.js +0 -18
  234. package/dist/bootstrap/typeorm/index.js.map +0 -1
  235. package/dist/bootstrap/typeorm/uow/factory.d.ts +0 -5
  236. package/dist/bootstrap/typeorm/uow/factory.d.ts.map +0 -1
  237. package/dist/bootstrap/typeorm/uow/factory.js +0 -27
  238. package/dist/bootstrap/typeorm/uow/factory.js.map +0 -1
  239. package/dist/bootstrap/typeorm/uow/index.d.ts +0 -4
  240. package/dist/bootstrap/typeorm/uow/index.d.ts.map +0 -1
  241. package/dist/bootstrap/typeorm/uow/index.js +0 -4
  242. package/dist/bootstrap/typeorm/uow/index.js.map +0 -1
  243. package/dist/bootstrap/typeorm/uow/transactional.decorator.d.ts +0 -62
  244. package/dist/bootstrap/typeorm/uow/transactional.decorator.d.ts.map +0 -1
  245. package/dist/bootstrap/typeorm/uow/transactional.decorator.js +0 -114
  246. package/dist/bootstrap/typeorm/uow/transactional.decorator.js.map +0 -1
  247. package/dist/bootstrap/typeorm/uow/unit-of-work.d.ts +0 -11
  248. package/dist/bootstrap/typeorm/uow/unit-of-work.d.ts.map +0 -1
  249. package/dist/bootstrap/typeorm/uow/unit-of-work.js +0 -23
  250. package/dist/bootstrap/typeorm/uow/unit-of-work.js.map +0 -1
  251. package/dist/core/index.d.ts +0 -11
  252. package/dist/core/index.d.ts.map +0 -1
  253. package/dist/core/index.js +0 -11
  254. package/dist/core/index.js.map +0 -1
  255. package/dist/infra/audit-log/index.d.ts +0 -12
  256. package/dist/infra/audit-log/index.d.ts.map +0 -1
  257. package/dist/infra/audit-log/index.js +0 -13
  258. package/dist/infra/audit-log/index.js.map +0 -1
  259. package/dist/infra/index.d.ts +0 -20
  260. package/dist/infra/index.d.ts.map +0 -1
  261. package/dist/infra/index.js +0 -21
  262. package/dist/infra/index.js.map +0 -1
  263. package/dist/infra/logger/index.d.ts +0 -12
  264. package/dist/infra/logger/index.d.ts.map +0 -1
  265. package/dist/infra/logger/index.js +0 -13
  266. package/dist/infra/logger/index.js.map +0 -1
  267. package/dist/infra/metrics/index.d.ts +0 -18
  268. package/dist/infra/metrics/index.d.ts.map +0 -1
  269. package/dist/infra/metrics/index.js +0 -19
  270. package/dist/infra/metrics/index.js.map +0 -1
  271. package/dist/infra/notification/index.d.ts +0 -12
  272. package/dist/infra/notification/index.d.ts.map +0 -1
  273. package/dist/infra/notification/index.js +0 -13
  274. package/dist/infra/notification/index.js.map +0 -1
  275. package/dist/infra/storage/index.d.ts +0 -12
  276. package/dist/infra/storage/index.d.ts.map +0 -1
  277. package/dist/infra/storage/index.js +0 -13
  278. package/dist/infra/storage/index.js.map +0 -1
  279. package/dist/infra/stripe/index.d.ts +0 -12
  280. package/dist/infra/stripe/index.d.ts.map +0 -1
  281. package/dist/infra/stripe/index.js +0 -13
  282. package/dist/infra/stripe/index.js.map +0 -1
  283. package/dist/saas/index.d.ts +0 -18
  284. package/dist/saas/index.d.ts.map +0 -1
  285. package/dist/saas/index.js +0 -19
  286. package/dist/saas/index.js.map +0 -1
@@ -1 +0,0 @@
1
- {"version":3,"file":"auth-strategy.interface.d.ts","sourceRoot":"","sources":["../../../packages/auth/interfaces/auth-strategy.interface.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AACvD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAE3D;;GAEG;AACH,oBAAY,UAAU;IACpB,WAAW,gBAAgB;IAC3B,KAAK,UAAU;IACf,IAAI,SAAS;IACb,SAAS,cAAc;IACvB,UAAU,eAAe;IACzB,GAAG,QAAQ;IACX,OAAO,YAAY;IACnB,MAAM,WAAW;IACjB,GAAG,QAAQ;CACZ;AAED;;;GAGG;AACH,MAAM,WAAW,aAAa;IAC5B,sCAAsC;IACtC,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAC;IAE1B,2DAA2D;IAC3D,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IAEtB;;;;;;;;OAQG;IACH,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,CAAC,EAAE,gBAAgB,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;CAClG"}
@@ -1,16 +0,0 @@
1
- /**
2
- * Authentication method enum — each value maps to a strategy.
3
- */
4
- export var AuthMethod;
5
- (function (AuthMethod) {
6
- AuthMethod["CREDENTIALS"] = "credentials";
7
- AuthMethod["OAUTH"] = "oauth";
8
- AuthMethod["TOTP"] = "totp";
9
- AuthMethod["ANONYMOUS"] = "anonymous";
10
- AuthMethod["MAGIC_LINK"] = "magic-link";
11
- AuthMethod["OTP"] = "otp";
12
- AuthMethod["PASSKEY"] = "passkey";
13
- AuthMethod["ONETAP"] = "onetap";
14
- AuthMethod["SSO"] = "sso";
15
- })(AuthMethod || (AuthMethod = {}));
16
- //# sourceMappingURL=auth-strategy.interface.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"auth-strategy.interface.js","sourceRoot":"","sources":["../../../packages/auth/interfaces/auth-strategy.interface.ts"],"names":[],"mappings":"AAGA;;GAEG;AACH,MAAM,CAAN,IAAY,UAUX;AAVD,WAAY,UAAU;IACpB,yCAA2B,CAAA;IAC3B,6BAAe,CAAA;IACf,2BAAa,CAAA;IACb,qCAAuB,CAAA;IACvB,uCAAyB,CAAA;IACzB,yBAAW,CAAA;IACX,iCAAmB,CAAA;IACnB,+BAAiB,CAAA;IACjB,yBAAW,CAAA;AACb,CAAC,EAVW,UAAU,KAAV,UAAU,QAUrB"}
@@ -1,25 +0,0 @@
1
- /**
2
- * Represents an authenticated user across the system.
3
- * This interface is used inside JWT payloads, request objects, and guards.
4
- */
5
- export interface IAuthUser {
6
- /** Unique user identifier (UUID or numeric ID as string) */
7
- id: string;
8
- /** Email address (may be absent for anonymous users) */
9
- email?: string;
10
- /** Phone number (may be absent) */
11
- phone?: string;
12
- /** Username or display name */
13
- username?: string;
14
- /** Assigned roles for RBAC */
15
- roles?: string[];
16
- /** Direct permissions for simple permission checks */
17
- permissions?: string[];
18
- /** Whether this is an anonymous session */
19
- isAnonymous?: boolean;
20
- /** Whether the user has passed 2FA in this session */
21
- isMfaVerified?: boolean;
22
- /** Custom claims bag for extensibility */
23
- [key: string]: unknown;
24
- }
25
- //# sourceMappingURL=auth-user.interface.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"auth-user.interface.d.ts","sourceRoot":"","sources":["../../../packages/auth/interfaces/auth-user.interface.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,MAAM,WAAW,SAAS;IACxB,4DAA4D;IAC5D,EAAE,EAAE,MAAM,CAAC;IAEX,wDAAwD;IACxD,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,mCAAmC;IACnC,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,+BAA+B;IAC/B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,8BAA8B;IAC9B,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IAEjB,sDAAsD;IACtD,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IAEvB,2CAA2C;IAC3C,WAAW,CAAC,EAAE,OAAO,CAAC;IAEtB,sDAAsD;IACtD,aAAa,CAAC,EAAE,OAAO,CAAC;IAExB,0CAA0C;IAC1C,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB"}
@@ -1,2 +0,0 @@
1
- export {};
2
- //# sourceMappingURL=auth-user.interface.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"auth-user.interface.js","sourceRoot":"","sources":["../../../packages/auth/interfaces/auth-user.interface.ts"],"names":[],"mappings":""}
@@ -1,30 +0,0 @@
1
- /**
2
- * Minimal cache abstraction consumed internally by the auth module.
3
- *
4
- * > IMPORTANT: You must register a provider under the `'CACHE_SERVICE'`
5
- * > token (or a custom token via `AuthModuleOptions.cacheServiceToken`).
6
- * > The provider can be any compatible cache implementation:
7
- * > - `cache-manager` (`Cache` from `@nestjs/cache-manager`)
8
- * > - `keyv` instance
9
- * > - A custom wrapper implementing this interface
10
- *
11
- * @example
12
- * ```typescript
13
- * // Register this in your consumer module:
14
- * {
15
- * provide: 'CACHE_SERVICE',
16
- * useExisting: getCache(), // your cache instance
17
- * }
18
- * ```
19
- */
20
- export interface ICacheService {
21
- /** Retrieve a cached value by key */
22
- get<T = unknown>(key: string): Promise<T | undefined>;
23
- /** Store a value with optional TTL (seconds) */
24
- set<T = unknown>(key: string, value: T, ttl?: number): Promise<void>;
25
- /** Delete a single key */
26
- del(key: string): Promise<void>;
27
- /** Flush entire cache (use with care) */
28
- reset(): Promise<void>;
29
- }
30
- //# sourceMappingURL=cache-service.interface.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"cache-service.interface.d.ts","sourceRoot":"","sources":["../../../packages/auth/interfaces/cache-service.interface.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,WAAW,aAAa;IAC5B,qCAAqC;IACrC,GAAG,CAAC,CAAC,GAAG,OAAO,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC,CAAC;IAEtD,gDAAgD;IAChD,GAAG,CAAC,CAAC,GAAG,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAErE,0BAA0B;IAC1B,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEhC,yCAAyC;IACzC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;CACxB"}
@@ -1,2 +0,0 @@
1
- export {};
2
- //# sourceMappingURL=cache-service.interface.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"cache-service.interface.js","sourceRoot":"","sources":["../../../packages/auth/interfaces/cache-service.interface.ts"],"names":[],"mappings":""}
@@ -1,8 +0,0 @@
1
- export type { IAuthUser } from './auth-user.interface';
2
- export type { IAuthRequest } from './auth-request.interface';
3
- export type { ITokenPair, IAuthResult } from './auth-result.interface';
4
- export { AuthMethod } from './auth-strategy.interface';
5
- export type { IAuthStrategy } from './auth-strategy.interface';
6
- export type { ICacheService } from './cache-service.interface';
7
- export type { IUserService } from './user-service.interface';
8
- //# sourceMappingURL=index.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../packages/auth/interfaces/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AACvD,YAAY,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAC7D,YAAY,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACvE,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AACvD,YAAY,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC/D,YAAY,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC/D,YAAY,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC"}
@@ -1,2 +0,0 @@
1
- export { AuthMethod } from './auth-strategy.interface';
2
- //# sourceMappingURL=index.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../packages/auth/interfaces/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC"}
@@ -1,34 +0,0 @@
1
- import type { IAuthUser } from './auth-user.interface';
2
- /**
3
- * Consumer-provided user service.
4
- * You must register a provider under the `'USER_SERVICE'` token.
5
- */
6
- export interface IUserService {
7
- /** Find a user by their unique ID */
8
- findById(id: string): Promise<IAuthUser | null>;
9
- /** Find a user by email address */
10
- findByEmail(email: string): Promise<IAuthUser | null>;
11
- /** Find a user by username */
12
- findByUsername(username: string): Promise<IAuthUser | null>;
13
- /** Find a user by a social / OAuth provider ID */
14
- findBySocialId(provider: string, socialId: string): Promise<IAuthUser | null>;
15
- /** Create a new user account */
16
- create(data: Partial<IAuthUser> & {
17
- password?: string;
18
- }): Promise<IAuthUser>;
19
- /** Update user fields */
20
- update(id: string, data: Partial<IAuthUser>): Promise<IAuthUser>;
21
- /** Compare a plaintext password against the stored hash */
22
- validatePassword(user: IAuthUser, password: string): Promise<boolean>;
23
- /** Store / overwrite the password hash for a user */
24
- setPassword(id: string, passwordHash: string): Promise<void>;
25
- /** Retrieve the stored TOTP secret (null if 2FA not configured) */
26
- getTotpSecret(id: string): Promise<string | null>;
27
- /** Persist a new TOTP secret (e.g. after enrollment) */
28
- setTotpSecret(id: string, secret: string): Promise<void>;
29
- /** Get the list of role identifiers assigned to a user */
30
- getRoles(id: string): Promise<string[]>;
31
- /** Get the list of permission identifiers assigned to a user */
32
- getPermissions(id: string): Promise<string[]>;
33
- }
34
- //# sourceMappingURL=user-service.interface.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"user-service.interface.d.ts","sourceRoot":"","sources":["../../../packages/auth/interfaces/user-service.interface.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAEvD;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B,qCAAqC;IACrC,QAAQ,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IAEhD,mCAAmC;IACnC,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IAEtD,8BAA8B;IAC9B,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IAE5D,kDAAkD;IAClD,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IAE9E,gCAAgC;IAChC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,SAAS,CAAC,GAAG;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;IAE7E,yBAAyB;IACzB,MAAM,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,SAAS,CAAC,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;IAEjE,2DAA2D;IAC3D,gBAAgB,CAAC,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAEtE,qDAAqD;IACrD,WAAW,CAAC,EAAE,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAE7D,mEAAmE;IACnE,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAElD,wDAAwD;IACxD,aAAa,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEzD,0DAA0D;IAC1D,QAAQ,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IAExC,gEAAgE;IAChE,cAAc,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;CAC/C"}
@@ -1,2 +0,0 @@
1
- export {};
2
- //# sourceMappingURL=user-service.interface.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"user-service.interface.js","sourceRoot":"","sources":["../../../packages/auth/interfaces/user-service.interface.ts"],"names":[],"mappings":""}
@@ -1,23 +0,0 @@
1
- /**
2
- * Service for hashing and verifying passwords using bcrypt.
3
- *
4
- * Uses dynamic import of `bcrypt` so the dependency is optional.
5
- * If `bcrypt` is not installed, operations throw a descriptive error.
6
- */
7
- export declare class PasswordService {
8
- private bcrypt;
9
- private resolved;
10
- /**
11
- * Hash a plaintext password.
12
- *
13
- * @param password - Plaintext password
14
- * @param rounds - Cost factor (default 12)
15
- */
16
- hash(password: string, rounds?: number): Promise<string>;
17
- /**
18
- * Compare a plaintext password against a stored hash.
19
- */
20
- verify(password: string, hash: string): Promise<boolean>;
21
- private loadBcrypt;
22
- }
23
- //# sourceMappingURL=password.service.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"password.service.d.ts","sourceRoot":"","sources":["../../../packages/auth/password/password.service.ts"],"names":[],"mappings":"AAEA;;;;;GAKG;AACH,qBACa,eAAe;IAC1B,OAAO,CAAC,MAAM,CAAwC;IACtD,OAAO,CAAC,QAAQ,CAAS;IAEzB;;;;;OAKG;IACG,IAAI,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,SAAK,GAAG,OAAO,CAAC,MAAM,CAAC;IAK1D;;OAEG;IACG,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;YAKhD,UAAU;CAczB"}
@@ -1,52 +0,0 @@
1
- var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
2
- var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
3
- if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
4
- else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
5
- return c > 3 && r && Object.defineProperty(target, key, r), r;
6
- };
7
- import { Injectable } from '@nestjs/common';
8
- /**
9
- * Service for hashing and verifying passwords using bcrypt.
10
- *
11
- * Uses dynamic import of `bcrypt` so the dependency is optional.
12
- * If `bcrypt` is not installed, operations throw a descriptive error.
13
- */
14
- let PasswordService = class PasswordService {
15
- bcrypt = null;
16
- resolved = false;
17
- /**
18
- * Hash a plaintext password.
19
- *
20
- * @param password - Plaintext password
21
- * @param rounds - Cost factor (default 12)
22
- */
23
- async hash(password, rounds = 12) {
24
- const bcrypt = await this.loadBcrypt();
25
- return bcrypt.hash(password, rounds);
26
- }
27
- /**
28
- * Compare a plaintext password against a stored hash.
29
- */
30
- async verify(password, hash) {
31
- const bcrypt = await this.loadBcrypt();
32
- return bcrypt.compare(password, hash);
33
- }
34
- async loadBcrypt() {
35
- if (!this.resolved) {
36
- try {
37
- this.bcrypt = await import('bcrypt');
38
- }
39
- catch {
40
- throw new Error('PasswordService requires the "bcrypt" package. ' +
41
- 'Run: npm install bcrypt && npm install -D @types/bcrypt');
42
- }
43
- this.resolved = true;
44
- }
45
- return this.bcrypt;
46
- }
47
- };
48
- PasswordService = __decorate([
49
- Injectable()
50
- ], PasswordService);
51
- export { PasswordService };
52
- //# sourceMappingURL=password.service.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"password.service.js","sourceRoot":"","sources":["../../../packages/auth/password/password.service.ts"],"names":[],"mappings":";;;;;;AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAE5C;;;;;GAKG;AAEI,IAAM,eAAe,GAArB,MAAM,eAAe;IAClB,MAAM,GAAmC,IAAI,CAAC;IAC9C,QAAQ,GAAG,KAAK,CAAC;IAEzB;;;;;OAKG;IACH,KAAK,CAAC,IAAI,CAAC,QAAgB,EAAE,MAAM,GAAG,EAAE;QACtC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QACvC,OAAO,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACvC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAC,QAAgB,EAAE,IAAY;QACzC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QACvC,OAAO,MAAM,CAAC,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IACxC,CAAC;IAEO,KAAK,CAAC,UAAU;QACtB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACnB,IAAI,CAAC;gBACH,IAAI,CAAC,MAAM,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAC;YACvC,CAAC;YAAC,MAAM,CAAC;gBACP,MAAM,IAAI,KAAK,CACb,iDAAiD;oBAC/C,yDAAyD,CAC5D,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACvB,CAAC;QACD,OAAO,IAAI,CAAC,MAAO,CAAC;IACtB,CAAC;CACF,CAAA;AArCY,eAAe;IAD3B,UAAU,EAAE;GACA,eAAe,CAqC3B"}
@@ -1,43 +0,0 @@
1
- import type { ICacheService } from '../interfaces';
2
- export interface IDeviceInfo {
3
- deviceId: string;
4
- userId: string;
5
- userAgent?: string;
6
- ip?: string;
7
- lastActivity: number;
8
- createdAt: number;
9
- }
10
- /**
11
- * Tracks active devices / sessions per user so that:
12
- * - Users can view all active sessions
13
- * - Users can log out a specific device (like Telegram)
14
- * - Admins can force-terminate sessions
15
- */
16
- export declare class DeviceSessionService {
17
- private readonly cache;
18
- constructor(cache: ICacheService);
19
- /**
20
- * Register a new device session.
21
- *
22
- * @param info Device and session metadata
23
- * @param ttl Session TTL in seconds (default 30 days)
24
- */
25
- register(info: Omit<IDeviceInfo, 'createdAt'>, ttl?: number): Promise<void>;
26
- /**
27
- * Get all active sessions for a user.
28
- */
29
- getUserSessions(_userId: string): Promise<IDeviceInfo[]>;
30
- /**
31
- * Get a single device session by user + device ID.
32
- */
33
- getSession(userId: string, deviceId: string): Promise<IDeviceInfo | null>;
34
- /**
35
- * Remove a specific device session (per-device logout).
36
- */
37
- removeSession(userId: string, deviceId: string): Promise<void>;
38
- /**
39
- * Remove all sessions for a user (global logout).
40
- */
41
- removeAllUserSessions(_userId: string): Promise<void>;
42
- }
43
- //# sourceMappingURL=device-session.service.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"device-session.service.d.ts","sourceRoot":"","sources":["../../../packages/auth/session/device-session.service.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAGnD,MAAM,WAAW,WAAW;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;;;;GAKG;AACH,qBACa,oBAAoB;IAG7B,OAAO,CAAC,QAAQ,CAAC,KAAK;gBAAL,KAAK,EAAE,aAAa;IAGvC;;;;;OAKG;IACG,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,EAAE,GAAG,SAAY,GAAG,OAAO,CAAC,IAAI,CAAC;IAKpF;;OAEG;IACH,eAAe,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IAOxD;;OAEG;IACG,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAO/E;;OAEG;IACG,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIpE;;OAEG;IACG,qBAAqB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAI5D"}
@@ -1,72 +0,0 @@
1
- var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
2
- var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
3
- if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
4
- else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
5
- return c > 3 && r && Object.defineProperty(target, key, r), r;
6
- };
7
- var __metadata = (this && this.__metadata) || function (k, v) {
8
- if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
9
- };
10
- var __param = (this && this.__param) || function (paramIndex, decorator) {
11
- return function (target, key) { decorator(target, key, paramIndex); }
12
- };
13
- import { Inject, Injectable } from '@nestjs/common';
14
- import { CACHE_SERVICE, DEVICE_SESSION_PREFIX } from '../auth.constants';
15
- /**
16
- * Tracks active devices / sessions per user so that:
17
- * - Users can view all active sessions
18
- * - Users can log out a specific device (like Telegram)
19
- * - Admins can force-terminate sessions
20
- */
21
- let DeviceSessionService = class DeviceSessionService {
22
- cache;
23
- constructor(cache) {
24
- this.cache = cache;
25
- }
26
- /**
27
- * Register a new device session.
28
- *
29
- * @param info Device and session metadata
30
- * @param ttl Session TTL in seconds (default 30 days)
31
- */
32
- async register(info, ttl = 2_592_000) {
33
- const session = { ...info, createdAt: Date.now() };
34
- await this.cache.set(`${DEVICE_SESSION_PREFIX}${info.userId}:${info.deviceId}`, session, ttl);
35
- }
36
- /**
37
- * Get all active sessions for a user.
38
- */
39
- getUserSessions(_userId) {
40
- // In production, this would use Redis SCAN or a session DB table.
41
- // For simplicity we rely on a key convention and read individually.
42
- // Consumers are encouraged to override this method.
43
- return Promise.resolve([]);
44
- }
45
- /**
46
- * Get a single device session by user + device ID.
47
- */
48
- async getSession(userId, deviceId) {
49
- const result = await this.cache.get(`${DEVICE_SESSION_PREFIX}${userId}:${deviceId}`);
50
- return result ?? null;
51
- }
52
- /**
53
- * Remove a specific device session (per-device logout).
54
- */
55
- async removeSession(userId, deviceId) {
56
- await this.cache.del(`${DEVICE_SESSION_PREFIX}${userId}:${deviceId}`);
57
- }
58
- /**
59
- * Remove all sessions for a user (global logout).
60
- */
61
- async removeAllUserSessions(_userId) {
62
- // TODO: iterate all user sessions. For now, consumer's responsibility.
63
- return Promise.resolve();
64
- }
65
- };
66
- DeviceSessionService = __decorate([
67
- Injectable(),
68
- __param(0, Inject(CACHE_SERVICE)),
69
- __metadata("design:paramtypes", [Object])
70
- ], DeviceSessionService);
71
- export { DeviceSessionService };
72
- //# sourceMappingURL=device-session.service.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"device-session.service.js","sourceRoot":"","sources":["../../../packages/auth/session/device-session.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAEpD,OAAO,EAAE,aAAa,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAWzE;;;;;GAKG;AAEI,IAAM,oBAAoB,GAA1B,MAAM,oBAAoB;IAGZ;IAFnB,YAEmB,KAAoB;QAApB,UAAK,GAAL,KAAK,CAAe;IACpC,CAAC;IAEJ;;;;;OAKG;IACH,KAAK,CAAC,QAAQ,CAAC,IAAoC,EAAE,GAAG,GAAG,SAAS;QAClE,MAAM,OAAO,GAAgB,EAAE,GAAG,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAChE,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,qBAAqB,GAAG,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC;IAChG,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,OAAe;QAC7B,kEAAkE;QAClE,oEAAoE;QACpE,oDAAoD;QACpD,OAAO,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC7B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU,CAAC,MAAc,EAAE,QAAgB;QAC/C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CACjC,GAAG,qBAAqB,GAAG,MAAM,IAAI,QAAQ,EAAE,CAChD,CAAC;QACF,OAAO,MAAM,IAAI,IAAI,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa,CAAC,MAAc,EAAE,QAAgB;QAClD,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,qBAAqB,GAAG,MAAM,IAAI,QAAQ,EAAE,CAAC,CAAC;IACxE,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,qBAAqB,CAAC,OAAe;QACzC,uEAAuE;QACvE,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;CACF,CAAA;AAnDY,oBAAoB;IADhC,UAAU,EAAE;IAGR,WAAA,MAAM,CAAC,aAAa,CAAC,CAAA;;GAFb,oBAAoB,CAmDhC"}
@@ -1,5 +0,0 @@
1
- export { JwtService } from './jwt.service';
2
- export { TokenBlacklistService } from './token-blacklist.service';
3
- export { DeviceSessionService } from './device-session.service';
4
- export type { IDeviceInfo } from './device-session.service';
5
- //# sourceMappingURL=index.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../packages/auth/session/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,OAAO,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AAClE,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAChE,YAAY,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC"}
@@ -1,4 +0,0 @@
1
- export { JwtService } from './jwt.service';
2
- export { TokenBlacklistService } from './token-blacklist.service';
3
- export { DeviceSessionService } from './device-session.service';
4
- //# sourceMappingURL=index.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../packages/auth/session/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,OAAO,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AAClE,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC"}
@@ -1,37 +0,0 @@
1
- import type { IAuthUser, ITokenPair } from '../interfaces';
2
- import type { SessionOptions } from '../auth.options';
3
- /**
4
- * Low-level JWT service that signs and verifies tokens
5
- * using `@nestjs/jwt` (loaded dynamically so the dependency is optional).
6
- */
7
- export declare class JwtService {
8
- private readonly options;
9
- private nestJwt;
10
- private jwtServiceInstance;
11
- private resolved;
12
- constructor(options: {
13
- jwtSecret?: string;
14
- jwtPrivateKey?: string;
15
- jwtPublicKey?: string;
16
- session?: SessionOptions;
17
- });
18
- /**
19
- * Generate an access + refresh token pair for the given user.
20
- */
21
- signTokens(user: IAuthUser): Promise<ITokenPair>;
22
- /**
23
- * Verify and decode an access token. Throws if invalid / expired.
24
- */
25
- verifyAccess(token: string): Promise<Record<string, unknown>>;
26
- /**
27
- * Verify a refresh token. Throws if invalid / expired.
28
- */
29
- verifyRefresh(token: string): Promise<Record<string, unknown>>;
30
- /**
31
- * Decode a token without verification (useful for extracting metadata).
32
- */
33
- decode(token: string): Record<string, unknown> | null;
34
- private parseExpiresIn;
35
- private getInstance;
36
- }
37
- //# sourceMappingURL=jwt.service.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"jwt.service.d.ts","sourceRoot":"","sources":["../../../packages/auth/session/jwt.service.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3D,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAGtD;;;GAGG;AACH,qBACa,UAAU;IAOnB,OAAO,CAAC,QAAQ,CAAC,OAAO;IAN1B,OAAO,CAAC,OAAO,CAA6C;IAC5D,OAAO,CAAC,kBAAkB,CAAiD;IAC3E,OAAO,CAAC,QAAQ,CAAS;gBAIN,OAAO,EAAE;QACxB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,OAAO,CAAC,EAAE,cAAc,CAAC;KAC1B;IAGH;;OAEG;IACG,UAAU,CAAC,IAAI,EAAE,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC;IA+BtD;;OAEG;IACG,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAKnE;;OAEG;IACG,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAKpE;;OAEG;IACH,MAAM,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI;IAKrD,OAAO,CAAC,cAAc;YAcR,WAAW;CAqB1B"}
@@ -1,119 +0,0 @@
1
- var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
2
- var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
3
- if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
4
- else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
5
- return c > 3 && r && Object.defineProperty(target, key, r), r;
6
- };
7
- var __metadata = (this && this.__metadata) || function (k, v) {
8
- if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
9
- };
10
- var __param = (this && this.__param) || function (paramIndex, decorator) {
11
- return function (target, key) { decorator(target, key, paramIndex); }
12
- };
13
- import { Injectable, Inject } from '@nestjs/common';
14
- import { AUTH_MODULE_OPTIONS } from '../auth.constants';
15
- /**
16
- * Low-level JWT service that signs and verifies tokens
17
- * using `@nestjs/jwt` (loaded dynamically so the dependency is optional).
18
- */
19
- let JwtService = class JwtService {
20
- options;
21
- nestJwt = null;
22
- jwtServiceInstance = null;
23
- resolved = false;
24
- constructor(options) {
25
- this.options = options;
26
- }
27
- /**
28
- * Generate an access + refresh token pair for the given user.
29
- */
30
- async signTokens(user) {
31
- const jwt = await this.getInstance();
32
- const session = this.options.session ?? {};
33
- const accessExp = session.accessTokenExpiresIn ?? '15m';
34
- const refreshExp = session.refreshTokenExpiresIn ?? '7d';
35
- const payload = {
36
- sub: user.id,
37
- email: user.email,
38
- username: user.username,
39
- roles: user.roles,
40
- permissions: user.permissions,
41
- isAnonymous: user.isAnonymous ?? false,
42
- isMfaVerified: user.isMfaVerified ?? false,
43
- };
44
- const accessToken = jwt.sign(payload, {
45
- expiresIn: accessExp,
46
- });
47
- const refreshToken = jwt.sign({ sub: user.id, type: 'refresh' }, { expiresIn: refreshExp });
48
- return {
49
- accessToken,
50
- refreshToken,
51
- expiresIn: this.parseExpiresIn(accessExp),
52
- };
53
- }
54
- /**
55
- * Verify and decode an access token. Throws if invalid / expired.
56
- */
57
- async verifyAccess(token) {
58
- const jwt = await this.getInstance();
59
- return jwt.verifyAsync(token);
60
- }
61
- /**
62
- * Verify a refresh token. Throws if invalid / expired.
63
- */
64
- async verifyRefresh(token) {
65
- const jwt = await this.getInstance();
66
- return jwt.verifyAsync(token);
67
- }
68
- /**
69
- * Decode a token without verification (useful for extracting metadata).
70
- */
71
- decode(token) {
72
- if (!this.jwtServiceInstance)
73
- return null;
74
- return this.jwtServiceInstance.decode(token);
75
- }
76
- parseExpiresIn(value) {
77
- const match = value.match(/^(\d+)([smhd])$/);
78
- if (!match)
79
- return 900;
80
- const num = parseInt(match[1], 10);
81
- const unit = match[2];
82
- const multipliers = {
83
- s: 1,
84
- m: 60,
85
- h: 3600,
86
- d: 86400,
87
- };
88
- return num * (multipliers[unit] ?? 1);
89
- }
90
- async getInstance() {
91
- if (!this.resolved) {
92
- try {
93
- this.nestJwt = await import('@nestjs/jwt');
94
- const secretOrPrivateKey = this.options.jwtSecret ?? this.options.jwtPrivateKey;
95
- this.jwtServiceInstance = new this.nestJwt.JwtService({
96
- secret: secretOrPrivateKey,
97
- publicKey: this.options.jwtPublicKey,
98
- signOptions: {
99
- algorithm: this.options.session?.algorithm ?? 'HS256',
100
- issuer: this.options.session?.issuer,
101
- audience: this.options.session?.audience,
102
- },
103
- });
104
- }
105
- catch {
106
- throw new Error('JwtService requires "@nestjs/jwt". Run: npm install @nestjs/jwt');
107
- }
108
- this.resolved = true;
109
- }
110
- return this.jwtServiceInstance;
111
- }
112
- };
113
- JwtService = __decorate([
114
- Injectable(),
115
- __param(0, Inject(AUTH_MODULE_OPTIONS)),
116
- __metadata("design:paramtypes", [Object])
117
- ], JwtService);
118
- export { JwtService };
119
- //# sourceMappingURL=jwt.service.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"jwt.service.js","sourceRoot":"","sources":["../../../packages/auth/session/jwt.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAGpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAExD;;;GAGG;AAEI,IAAM,UAAU,GAAhB,MAAM,UAAU;IAOF;IANX,OAAO,GAAwC,IAAI,CAAC;IACpD,kBAAkB,GAA4C,IAAI,CAAC;IACnE,QAAQ,GAAG,KAAK,CAAC;IAEzB,YAEmB,OAKhB;QALgB,YAAO,GAAP,OAAO,CAKvB;IACA,CAAC;IAEJ;;OAEG;IACH,KAAK,CAAC,UAAU,CAAC,IAAe;QAC9B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,IAAI,EAAE,CAAC;QAC3C,MAAM,SAAS,GAAG,OAAO,CAAC,oBAAoB,IAAI,KAAK,CAAC;QACxD,MAAM,UAAU,GAAG,OAAO,CAAC,qBAAqB,IAAI,IAAI,CAAC;QAEzD,MAAM,OAAO,GAA4B;YACvC,GAAG,EAAE,IAAI,CAAC,EAAE;YACZ,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,KAAK;YACtC,aAAa,EAAE,IAAI,CAAC,aAAa,IAAI,KAAK;SAC3C,CAAC;QAEF,MAAM,WAAW,GAAG,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE;YACpC,SAAS,EAAE,SAAgD;SAC5D,CAAC,CAAC;QACH,MAAM,YAAY,GAAG,GAAG,CAAC,IAAI,CAC3B,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,EACjC,EAAE,SAAS,EAAE,UAAiD,EAAE,CACjE,CAAC;QAEF,OAAO;YACL,WAAW;YACX,YAAY;YACZ,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC;SAC1C,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,KAAa;QAC9B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;QACrC,OAAO,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa,CAAC,KAAa;QAC/B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;QACrC,OAAO,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAa;QAClB,IAAI,CAAC,IAAI,CAAC,kBAAkB;YAAE,OAAO,IAAI,CAAC;QAC1C,OAAO,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC/C,CAAC;IAEO,cAAc,CAAC,KAAa;QAClC,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK;YAAE,OAAO,GAAG,CAAC;QACvB,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACnC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,MAAM,WAAW,GAA2B;YAC1C,CAAC,EAAE,CAAC;YACJ,CAAC,EAAE,EAAE;YACL,CAAC,EAAE,IAAI;YACP,CAAC,EAAE,KAAK;SACT,CAAC;QACF,OAAO,GAAG,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IACxC,CAAC;IAEO,KAAK,CAAC,WAAW;QACvB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACnB,IAAI,CAAC;gBACH,IAAI,CAAC,OAAO,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;gBAC3C,MAAM,kBAAkB,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC;gBAChF,IAAI,CAAC,kBAAkB,GAAG,IAAI,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC;oBACpD,MAAM,EAAE,kBAAkB;oBAC1B,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,YAAY;oBACpC,WAAW,EAAE;wBACX,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,SAAS,IAAI,OAAO;wBACrD,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,MAAM;wBACpC,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,QAAQ;qBACzC;iBACF,CAAC,CAAC;YACL,CAAC;YAAC,MAAM,CAAC;gBACP,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAC;YACrF,CAAC;YACD,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACvB,CAAC;QACD,OAAO,IAAI,CAAC,kBAAmB,CAAC;IAClC,CAAC;CACF,CAAA;AA5GY,UAAU;IADtB,UAAU,EAAE;IAOR,WAAA,MAAM,CAAC,mBAAmB,CAAC,CAAA;;GANnB,UAAU,CA4GtB"}
@@ -1,37 +0,0 @@
1
- import type { ICacheService } from '../interfaces';
2
- /**
3
- * Redis-backed token blacklist that enables immediate token revocation.
4
- *
5
- * Tokens are stored with a TTL matching the token's remaining lifespan
6
- * so the blacklist does not grow unbounded.
7
- */
8
- export declare class TokenBlacklistService {
9
- private readonly cache;
10
- constructor(cache: ICacheService);
11
- /**
12
- * Blacklist an access token (by its `jti`) until its natural expiry.
13
- *
14
- * @param jti Token ID (unique per token)
15
- * @param ttlSeconds Seconds until the token would have expired
16
- */
17
- blacklistAccess(jti: string, ttlSeconds: number): Promise<void>;
18
- /**
19
- * Check whether an access token has been blacklisted.
20
- */
21
- isBlacklisted(jti: string): Promise<boolean>;
22
- /**
23
- * Flag a refresh token family as revoked.
24
- * When rotation detects a reused old refresh token, the entire
25
- * family is revoked to prevent token theft.
26
- */
27
- revokeFamily(familyId: string, ttlSeconds: number): Promise<void>;
28
- /**
29
- * Check whether a refresh token family has been revoked.
30
- */
31
- isFamilyRevoked(familyId: string): Promise<boolean>;
32
- /**
33
- * Remove a specific token from the blacklist (used during cleanup).
34
- */
35
- remove(jti: string): Promise<void>;
36
- }
37
- //# sourceMappingURL=token-blacklist.service.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"token-blacklist.service.d.ts","sourceRoot":"","sources":["../../../packages/auth/session/token-blacklist.service.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAOnD;;;;;GAKG;AACH,qBACa,qBAAqB;IAG9B,OAAO,CAAC,QAAQ,CAAC,KAAK;gBAAL,KAAK,EAAE,aAAa;IAGvC;;;;;OAKG;IACG,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIrE;;OAEG;IACG,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAKlD;;;;OAIG;IACG,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIvE;;OAEG;IACG,eAAe,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAKzD;;OAEG;IACG,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAGzC"}