@os.io/nest-kit 0.0.1-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (287) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +111 -0
  3. package/dist/auth/auth.constants.d.ts +19 -0
  4. package/dist/auth/auth.constants.d.ts.map +1 -0
  5. package/dist/auth/auth.constants.js +19 -0
  6. package/dist/auth/auth.constants.js.map +1 -0
  7. package/dist/auth/auth.guard.d.ts +20 -0
  8. package/dist/auth/auth.guard.d.ts.map +1 -0
  9. package/dist/auth/auth.guard.js +84 -0
  10. package/dist/auth/auth.guard.js.map +1 -0
  11. package/dist/auth/auth.module.d.ts +26 -0
  12. package/dist/auth/auth.module.d.ts.map +1 -0
  13. package/dist/auth/auth.module.js +344 -0
  14. package/dist/auth/auth.module.js.map +1 -0
  15. package/dist/auth/auth.options.d.ts +179 -0
  16. package/dist/auth/auth.options.d.ts.map +1 -0
  17. package/dist/auth/auth.options.js +2 -0
  18. package/dist/auth/auth.options.js.map +1 -0
  19. package/dist/auth/auth.service.d.ts +57 -0
  20. package/dist/auth/auth.service.d.ts.map +1 -0
  21. package/dist/auth/auth.service.js +175 -0
  22. package/dist/auth/auth.service.js.map +1 -0
  23. package/dist/auth/authorization/index.d.ts +3 -0
  24. package/dist/auth/authorization/index.d.ts.map +1 -0
  25. package/dist/auth/authorization/index.js +3 -0
  26. package/dist/auth/authorization/index.js.map +1 -0
  27. package/dist/auth/authorization/pbac/index.d.ts +6 -0
  28. package/dist/auth/authorization/pbac/index.d.ts.map +1 -0
  29. package/dist/auth/authorization/pbac/index.js +4 -0
  30. package/dist/auth/authorization/pbac/index.js.map +1 -0
  31. package/dist/auth/authorization/pbac/pbac.decorator.d.ts +18 -0
  32. package/dist/auth/authorization/pbac/pbac.decorator.d.ts.map +1 -0
  33. package/dist/auth/authorization/pbac/pbac.decorator.js +14 -0
  34. package/dist/auth/authorization/pbac/pbac.decorator.js.map +1 -0
  35. package/dist/auth/authorization/pbac/pbac.guard.d.ts +19 -0
  36. package/dist/auth/authorization/pbac/pbac.guard.d.ts.map +1 -0
  37. package/dist/auth/authorization/pbac/pbac.guard.js +60 -0
  38. package/dist/auth/authorization/pbac/pbac.guard.js.map +1 -0
  39. package/dist/auth/authorization/pbac/pbac.service.d.ts +44 -0
  40. package/dist/auth/authorization/pbac/pbac.service.d.ts.map +1 -0
  41. package/dist/auth/authorization/pbac/pbac.service.js +146 -0
  42. package/dist/auth/authorization/pbac/pbac.service.js.map +1 -0
  43. package/dist/auth/authorization/pbac/pbac.types.d.ts +47 -0
  44. package/dist/auth/authorization/pbac/pbac.types.d.ts.map +1 -0
  45. package/dist/auth/authorization/pbac/pbac.types.js +2 -0
  46. package/dist/auth/authorization/pbac/pbac.types.js.map +1 -0
  47. package/dist/auth/authorization/rbac/index.d.ts +4 -0
  48. package/dist/auth/authorization/rbac/index.d.ts.map +1 -0
  49. package/dist/auth/authorization/rbac/index.js +4 -0
  50. package/dist/auth/authorization/rbac/index.js.map +1 -0
  51. package/dist/auth/authorization/rbac/rbac.decorator.d.ts +18 -0
  52. package/dist/auth/authorization/rbac/rbac.decorator.d.ts.map +1 -0
  53. package/dist/auth/authorization/rbac/rbac.decorator.js +25 -0
  54. package/dist/auth/authorization/rbac/rbac.decorator.js.map +1 -0
  55. package/dist/auth/authorization/rbac/rbac.guard.d.ts +19 -0
  56. package/dist/auth/authorization/rbac/rbac.guard.d.ts.map +1 -0
  57. package/dist/auth/authorization/rbac/rbac.guard.js +50 -0
  58. package/dist/auth/authorization/rbac/rbac.guard.js.map +1 -0
  59. package/dist/auth/authorization/rbac/rbac.service.d.ts +43 -0
  60. package/dist/auth/authorization/rbac/rbac.service.d.ts.map +1 -0
  61. package/dist/auth/authorization/rbac/rbac.service.js +95 -0
  62. package/dist/auth/authorization/rbac/rbac.service.js.map +1 -0
  63. package/dist/auth/decorators/current-user.decorator.d.ts +17 -0
  64. package/dist/auth/decorators/current-user.decorator.d.ts.map +1 -0
  65. package/dist/auth/decorators/current-user.decorator.js +23 -0
  66. package/dist/auth/decorators/current-user.decorator.js.map +1 -0
  67. package/dist/auth/decorators/index.d.ts +3 -0
  68. package/dist/auth/decorators/index.d.ts.map +1 -0
  69. package/dist/auth/decorators/index.js +3 -0
  70. package/dist/auth/decorators/index.js.map +1 -0
  71. package/dist/auth/decorators/public.decorator.d.ts +13 -0
  72. package/dist/auth/decorators/public.decorator.d.ts.map +1 -0
  73. package/dist/auth/decorators/public.decorator.js +15 -0
  74. package/dist/auth/decorators/public.decorator.js.map +1 -0
  75. package/dist/auth/index.d.ts +63 -0
  76. package/dist/auth/index.d.ts.map +1 -0
  77. package/dist/auth/index.js +65 -0
  78. package/dist/auth/index.js.map +1 -0
  79. package/dist/auth/interfaces/auth-request.interface.d.ts +18 -0
  80. package/dist/auth/interfaces/auth-request.interface.d.ts.map +1 -0
  81. package/dist/auth/interfaces/auth-request.interface.js +2 -0
  82. package/dist/auth/interfaces/auth-request.interface.js.map +1 -0
  83. package/dist/auth/interfaces/auth-result.interface.d.ts +28 -0
  84. package/dist/auth/interfaces/auth-result.interface.d.ts.map +1 -0
  85. package/dist/auth/interfaces/auth-result.interface.js +2 -0
  86. package/dist/auth/interfaces/auth-result.interface.js.map +1 -0
  87. package/dist/auth/interfaces/auth-strategy.interface.d.ts +37 -0
  88. package/dist/auth/interfaces/auth-strategy.interface.d.ts.map +1 -0
  89. package/dist/auth/interfaces/auth-strategy.interface.js +16 -0
  90. package/dist/auth/interfaces/auth-strategy.interface.js.map +1 -0
  91. package/dist/auth/interfaces/auth-user.interface.d.ts +25 -0
  92. package/dist/auth/interfaces/auth-user.interface.d.ts.map +1 -0
  93. package/dist/auth/interfaces/auth-user.interface.js +2 -0
  94. package/dist/auth/interfaces/auth-user.interface.js.map +1 -0
  95. package/dist/auth/interfaces/cache-service.interface.d.ts +30 -0
  96. package/dist/auth/interfaces/cache-service.interface.d.ts.map +1 -0
  97. package/dist/auth/interfaces/cache-service.interface.js +2 -0
  98. package/dist/auth/interfaces/cache-service.interface.js.map +1 -0
  99. package/dist/auth/interfaces/index.d.ts +8 -0
  100. package/dist/auth/interfaces/index.d.ts.map +1 -0
  101. package/dist/auth/interfaces/index.js +2 -0
  102. package/dist/auth/interfaces/index.js.map +1 -0
  103. package/dist/auth/interfaces/user-service.interface.d.ts +34 -0
  104. package/dist/auth/interfaces/user-service.interface.d.ts.map +1 -0
  105. package/dist/auth/interfaces/user-service.interface.js +2 -0
  106. package/dist/auth/interfaces/user-service.interface.js.map +1 -0
  107. package/dist/auth/password/password.service.d.ts +23 -0
  108. package/dist/auth/password/password.service.d.ts.map +1 -0
  109. package/dist/auth/password/password.service.js +52 -0
  110. package/dist/auth/password/password.service.js.map +1 -0
  111. package/dist/auth/session/device-session.service.d.ts +43 -0
  112. package/dist/auth/session/device-session.service.d.ts.map +1 -0
  113. package/dist/auth/session/device-session.service.js +72 -0
  114. package/dist/auth/session/device-session.service.js.map +1 -0
  115. package/dist/auth/session/index.d.ts +5 -0
  116. package/dist/auth/session/index.d.ts.map +1 -0
  117. package/dist/auth/session/index.js +4 -0
  118. package/dist/auth/session/index.js.map +1 -0
  119. package/dist/auth/session/jwt.service.d.ts +37 -0
  120. package/dist/auth/session/jwt.service.d.ts.map +1 -0
  121. package/dist/auth/session/jwt.service.js +119 -0
  122. package/dist/auth/session/jwt.service.js.map +1 -0
  123. package/dist/auth/session/token-blacklist.service.d.ts +37 -0
  124. package/dist/auth/session/token-blacklist.service.d.ts.map +1 -0
  125. package/dist/auth/session/token-blacklist.service.js +70 -0
  126. package/dist/auth/session/token-blacklist.service.js.map +1 -0
  127. package/dist/auth/strategies/anonymous/anonymous.strategy.d.ts +19 -0
  128. package/dist/auth/strategies/anonymous/anonymous.strategy.d.ts.map +1 -0
  129. package/dist/auth/strategies/anonymous/anonymous.strategy.js +49 -0
  130. package/dist/auth/strategies/anonymous/anonymous.strategy.js.map +1 -0
  131. package/dist/auth/strategies/base/base.strategy.d.ts +11 -0
  132. package/dist/auth/strategies/base/base.strategy.d.ts.map +1 -0
  133. package/dist/auth/strategies/base/base.strategy.js +6 -0
  134. package/dist/auth/strategies/base/base.strategy.js.map +1 -0
  135. package/dist/auth/strategies/credentials/credentials.strategy.d.ts +21 -0
  136. package/dist/auth/strategies/credentials/credentials.strategy.d.ts.map +1 -0
  137. package/dist/auth/strategies/credentials/credentials.strategy.js +67 -0
  138. package/dist/auth/strategies/credentials/credentials.strategy.js.map +1 -0
  139. package/dist/auth/strategies/index.d.ts +12 -0
  140. package/dist/auth/strategies/index.d.ts.map +1 -0
  141. package/dist/auth/strategies/index.js +12 -0
  142. package/dist/auth/strategies/index.js.map +1 -0
  143. package/dist/auth/strategies/magic-link/magic-link.strategy.d.ts +31 -0
  144. package/dist/auth/strategies/magic-link/magic-link.strategy.d.ts.map +1 -0
  145. package/dist/auth/strategies/magic-link/magic-link.strategy.js +88 -0
  146. package/dist/auth/strategies/magic-link/magic-link.strategy.js.map +1 -0
  147. package/dist/auth/strategies/oauth/index.d.ts +3 -0
  148. package/dist/auth/strategies/oauth/index.d.ts.map +1 -0
  149. package/dist/auth/strategies/oauth/index.js +3 -0
  150. package/dist/auth/strategies/oauth/index.js.map +1 -0
  151. package/dist/auth/strategies/oauth/oauth-provider-registry.d.ts +13 -0
  152. package/dist/auth/strategies/oauth/oauth-provider-registry.d.ts.map +1 -0
  153. package/dist/auth/strategies/oauth/oauth-provider-registry.js +20 -0
  154. package/dist/auth/strategies/oauth/oauth-provider-registry.js.map +1 -0
  155. package/dist/auth/strategies/oauth/oauth.strategy.d.ts +23 -0
  156. package/dist/auth/strategies/oauth/oauth.strategy.d.ts.map +1 -0
  157. package/dist/auth/strategies/oauth/oauth.strategy.js +79 -0
  158. package/dist/auth/strategies/oauth/oauth.strategy.js.map +1 -0
  159. package/dist/auth/strategies/onetap/onetap.strategy.d.ts +24 -0
  160. package/dist/auth/strategies/onetap/onetap.strategy.d.ts.map +1 -0
  161. package/dist/auth/strategies/onetap/onetap.strategy.js +77 -0
  162. package/dist/auth/strategies/onetap/onetap.strategy.js.map +1 -0
  163. package/dist/auth/strategies/otp/otp.strategy.d.ts +31 -0
  164. package/dist/auth/strategies/otp/otp.strategy.d.ts.map +1 -0
  165. package/dist/auth/strategies/otp/otp.strategy.js +93 -0
  166. package/dist/auth/strategies/otp/otp.strategy.js.map +1 -0
  167. package/dist/auth/strategies/passkey/passkey.strategy.d.ts +32 -0
  168. package/dist/auth/strategies/passkey/passkey.strategy.d.ts.map +1 -0
  169. package/dist/auth/strategies/passkey/passkey.strategy.js +102 -0
  170. package/dist/auth/strategies/passkey/passkey.strategy.js.map +1 -0
  171. package/dist/auth/strategies/sso/sso.strategy.d.ts +25 -0
  172. package/dist/auth/strategies/sso/sso.strategy.d.ts.map +1 -0
  173. package/dist/auth/strategies/sso/sso.strategy.js +80 -0
  174. package/dist/auth/strategies/sso/sso.strategy.js.map +1 -0
  175. package/dist/auth/strategies/totp/totp.strategy.d.ts +37 -0
  176. package/dist/auth/strategies/totp/totp.strategy.d.ts.map +1 -0
  177. package/dist/auth/strategies/totp/totp.strategy.js +109 -0
  178. package/dist/auth/strategies/totp/totp.strategy.js.map +1 -0
  179. package/dist/auth/throttling/index.d.ts +2 -0
  180. package/dist/auth/throttling/index.d.ts.map +1 -0
  181. package/dist/auth/throttling/index.js +2 -0
  182. package/dist/auth/throttling/index.js.map +1 -0
  183. package/dist/auth/throttling/throttle.service.d.ts +27 -0
  184. package/dist/auth/throttling/throttle.service.d.ts.map +1 -0
  185. package/dist/auth/throttling/throttle.service.js +63 -0
  186. package/dist/auth/throttling/throttle.service.js.map +1 -0
  187. package/dist/bootstrap/cache/config.d.ts +135 -0
  188. package/dist/bootstrap/cache/config.d.ts.map +1 -0
  189. package/dist/bootstrap/cache/config.js +189 -0
  190. package/dist/bootstrap/cache/config.js.map +1 -0
  191. package/dist/bootstrap/cache/index.d.ts +11 -0
  192. package/dist/bootstrap/cache/index.d.ts.map +1 -0
  193. package/dist/bootstrap/cache/index.js +11 -0
  194. package/dist/bootstrap/cache/index.js.map +1 -0
  195. package/dist/bootstrap/index.d.ts +21 -0
  196. package/dist/bootstrap/index.d.ts.map +1 -0
  197. package/dist/bootstrap/index.js +21 -0
  198. package/dist/bootstrap/index.js.map +1 -0
  199. package/dist/bootstrap/scalar/api-docs.d.ts +39 -0
  200. package/dist/bootstrap/scalar/api-docs.d.ts.map +1 -0
  201. package/dist/bootstrap/scalar/api-docs.js +41 -0
  202. package/dist/bootstrap/scalar/api-docs.js.map +1 -0
  203. package/dist/bootstrap/scalar/index.d.ts +39 -0
  204. package/dist/bootstrap/scalar/index.d.ts.map +1 -0
  205. package/dist/bootstrap/scalar/index.js +41 -0
  206. package/dist/bootstrap/scalar/index.js.map +1 -0
  207. package/dist/bootstrap/swagger/api-docs.d.ts +73 -0
  208. package/dist/bootstrap/swagger/api-docs.d.ts.map +1 -0
  209. package/dist/bootstrap/swagger/api-docs.js +87 -0
  210. package/dist/bootstrap/swagger/api-docs.js.map +1 -0
  211. package/dist/bootstrap/swagger/index.d.ts +37 -0
  212. package/dist/bootstrap/swagger/index.d.ts.map +1 -0
  213. package/dist/bootstrap/swagger/index.js +36 -0
  214. package/dist/bootstrap/swagger/index.js.map +1 -0
  215. package/dist/bootstrap/typeorm/config/index.d.ts +12 -0
  216. package/dist/bootstrap/typeorm/config/index.d.ts.map +1 -0
  217. package/dist/bootstrap/typeorm/config/index.js +62 -0
  218. package/dist/bootstrap/typeorm/config/index.js.map +1 -0
  219. package/dist/bootstrap/typeorm/crud/controller.d.ts +13 -0
  220. package/dist/bootstrap/typeorm/crud/controller.d.ts.map +1 -0
  221. package/dist/bootstrap/typeorm/crud/controller.js +72 -0
  222. package/dist/bootstrap/typeorm/crud/controller.js.map +1 -0
  223. package/dist/bootstrap/typeorm/crud/index.d.ts +4 -0
  224. package/dist/bootstrap/typeorm/crud/index.d.ts.map +1 -0
  225. package/dist/bootstrap/typeorm/crud/index.js +3 -0
  226. package/dist/bootstrap/typeorm/crud/index.js.map +1 -0
  227. package/dist/bootstrap/typeorm/crud/service.d.ts +10 -0
  228. package/dist/bootstrap/typeorm/crud/service.d.ts.map +1 -0
  229. package/dist/bootstrap/typeorm/crud/service.js +21 -0
  230. package/dist/bootstrap/typeorm/crud/service.js.map +1 -0
  231. package/dist/bootstrap/typeorm/index.d.ts +18 -0
  232. package/dist/bootstrap/typeorm/index.d.ts.map +1 -0
  233. package/dist/bootstrap/typeorm/index.js +18 -0
  234. package/dist/bootstrap/typeorm/index.js.map +1 -0
  235. package/dist/bootstrap/typeorm/uow/factory.d.ts +5 -0
  236. package/dist/bootstrap/typeorm/uow/factory.d.ts.map +1 -0
  237. package/dist/bootstrap/typeorm/uow/factory.js +27 -0
  238. package/dist/bootstrap/typeorm/uow/factory.js.map +1 -0
  239. package/dist/bootstrap/typeorm/uow/index.d.ts +4 -0
  240. package/dist/bootstrap/typeorm/uow/index.d.ts.map +1 -0
  241. package/dist/bootstrap/typeorm/uow/index.js +4 -0
  242. package/dist/bootstrap/typeorm/uow/index.js.map +1 -0
  243. package/dist/bootstrap/typeorm/uow/transactional.decorator.d.ts +62 -0
  244. package/dist/bootstrap/typeorm/uow/transactional.decorator.d.ts.map +1 -0
  245. package/dist/bootstrap/typeorm/uow/transactional.decorator.js +114 -0
  246. package/dist/bootstrap/typeorm/uow/transactional.decorator.js.map +1 -0
  247. package/dist/bootstrap/typeorm/uow/unit-of-work.d.ts +11 -0
  248. package/dist/bootstrap/typeorm/uow/unit-of-work.d.ts.map +1 -0
  249. package/dist/bootstrap/typeorm/uow/unit-of-work.js +23 -0
  250. package/dist/bootstrap/typeorm/uow/unit-of-work.js.map +1 -0
  251. package/dist/core/index.d.ts +11 -0
  252. package/dist/core/index.d.ts.map +1 -0
  253. package/dist/core/index.js +11 -0
  254. package/dist/core/index.js.map +1 -0
  255. package/dist/infra/audit-log/index.d.ts +12 -0
  256. package/dist/infra/audit-log/index.d.ts.map +1 -0
  257. package/dist/infra/audit-log/index.js +13 -0
  258. package/dist/infra/audit-log/index.js.map +1 -0
  259. package/dist/infra/index.d.ts +20 -0
  260. package/dist/infra/index.d.ts.map +1 -0
  261. package/dist/infra/index.js +21 -0
  262. package/dist/infra/index.js.map +1 -0
  263. package/dist/infra/logger/index.d.ts +12 -0
  264. package/dist/infra/logger/index.d.ts.map +1 -0
  265. package/dist/infra/logger/index.js +13 -0
  266. package/dist/infra/logger/index.js.map +1 -0
  267. package/dist/infra/metrics/index.d.ts +18 -0
  268. package/dist/infra/metrics/index.d.ts.map +1 -0
  269. package/dist/infra/metrics/index.js +19 -0
  270. package/dist/infra/metrics/index.js.map +1 -0
  271. package/dist/infra/notification/index.d.ts +12 -0
  272. package/dist/infra/notification/index.d.ts.map +1 -0
  273. package/dist/infra/notification/index.js +13 -0
  274. package/dist/infra/notification/index.js.map +1 -0
  275. package/dist/infra/storage/index.d.ts +12 -0
  276. package/dist/infra/storage/index.d.ts.map +1 -0
  277. package/dist/infra/storage/index.js +13 -0
  278. package/dist/infra/storage/index.js.map +1 -0
  279. package/dist/infra/stripe/index.d.ts +12 -0
  280. package/dist/infra/stripe/index.d.ts.map +1 -0
  281. package/dist/infra/stripe/index.js +13 -0
  282. package/dist/infra/stripe/index.js.map +1 -0
  283. package/dist/saas/index.d.ts +18 -0
  284. package/dist/saas/index.d.ts.map +1 -0
  285. package/dist/saas/index.js +19 -0
  286. package/dist/saas/index.js.map +1 -0
  287. package/package.json +165 -0
@@ -0,0 +1 @@
1
+ {"version":3,"file":"auth.module.js","sourceRoot":"","sources":["../../packages/auth/auth.module.ts"],"names":[],"mappings":";;;;;;;AAAA,OAAO,EAAqC,MAAM,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAEnF,OAAO,EACL,mBAAmB,EACnB,eAAe,EACf,aAAa,EACb,YAAY,GACb,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC9D,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,qBAAqB,EAAE,MAAM,mCAAmC,CAAC;AAC1E,OAAO,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AACxE,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAChE,OAAO,EAAE,mBAAmB,EAAE,MAAM,+CAA+C,CAAC;AACpF,OAAO,EAAE,aAAa,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AAChF,OAAO,EAAE,YAAY,EAAE,MAAM,iCAAiC,CAAC;AAC/D,OAAO,EAAE,iBAAiB,EAAE,MAAM,2CAA2C,CAAC;AAC9E,OAAO,EAAE,iBAAiB,EAAE,MAAM,6CAA6C,CAAC;AAChF,OAAO,EAAE,WAAW,EAAE,MAAM,+BAA+B,CAAC;AAC5D,OAAO,EAAE,eAAe,EAAE,MAAM,uCAAuC,CAAC;AACxE,OAAO,EAAE,cAAc,EAAE,MAAM,qCAAqC,CAAC;AACrE,OAAO,EAAE,WAAW,EAAE,MAAM,+BAA+B,CAAC;AAC5D,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AAC9D,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AAG9D,MAAM,MAAM,GAAG,IAAI,MAAM,CAAC,YAAY,CAAC,CAAC;AAGjC,IAAM,UAAU,kBAAhB,MAAM,UAAU;IACrB;;OAEG;IACH,MAAM,CAAC,OAAO,CAAC,OAA0B,EAAE,iBAA6B,EAAE;QACxE,OAAO,YAAU,CAAC,WAAW,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;IACzD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,YAAY,CAAC,OAA+B;QACjD,MAAM,cAAc,GAAG,YAAU,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;QAChE,MAAM,iBAAiB,GAAG,YAAU,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAC;QACnE,MAAM,aAAa,GAAG,YAAU,CAAC,mBAAmB,EAAE,CAAC;QACvD,MAAM,cAAc,GAAG,YAAU,CAAC,oBAAoB,EAAE,CAAC;QACzD,MAAM,yBAAyB,GAAG,YAAU,CAAC,+BAA+B,EAAE,CAAC;QAE/E,OAAO;YACL,MAAM,EAAE,YAAU;YAClB,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,IAAI;YAC9B,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,EAAE;YAC9B,SAAS,EAAE;gBACT,GAAG,cAAc;gBACjB,GAAG,iBAAiB;gBACpB,GAAG,aAAa;gBAChB,GAAG,cAAc;gBACjB,yBAAyB;gBACzB,GAAG,CAAC,OAAO,CAAC,cAAc,IAAI,EAAE,CAAC;aAClC;YACD,OAAO,EAAE,YAAU,CAAC,UAAU,EAAE;SACjC,CAAC;IACJ,CAAC;IAEO,MAAM,CAAC,WAAW,CACxB,OAA0B,EAC1B,cAA0B;QAE1B,MAAM,SAAS,GAAe;YAC5B,EAAE,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,OAAO,EAAE;YACnD,GAAG,YAAU,CAAC,uBAAuB,CAAC,KAAK,CAAC;YAC5C,GAAG,YAAU,CAAC,mBAAmB,EAAE;YACnC,GAAG,YAAU,CAAC,oBAAoB,EAAE;YACpC,YAAU,CAAC,+BAA+B,EAAE;YAC5C,GAAG,cAAc;SAClB,CAAC;QAEF,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,CAAC;YAC/B,MAAM,CAAC,IAAI,CACT,0EAA0E;gBACxE,0CAA0C,CAC7C,CAAC;QACJ,CAAC;QAED,OAAO;YACL,MAAM,EAAE,YAAU;YAClB,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,IAAI;YAC9B,SAAS;YACT,OAAO,EAAE,YAAU,CAAC,UAAU,EAAE;SACjC,CAAC;IACJ,CAAC;IAEO,MAAM,CAAC,oBAAoB,CAAC,OAA+B;QACjE,OAAO;YACL;gBACE,OAAO,EAAE,mBAAmB;gBAC5B,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE;aAC7B;SACF,CAAC;IACJ,CAAC;IAED;;;OAGG;IACK,MAAM,CAAC,uBAAuB,CAAC,KAAc;QACnD,MAAM,SAAS,GAAe,EAAE,CAAC;QAEjC,6DAA6D;QAC7D,SAAS,CAAC,IAAI,CAAC;YACb,OAAO,EAAE,mBAAmB;YAC5B,UAAU,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE;gBACjC,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAsB,CAAC;gBAC7C,IAAI,OAAO,CAAC,WAAW,KAAK,KAAK,EAAE,CAAC;oBAClC,OAAO,YAAU,CAAC,sBAAsB,CAAC,YAAU,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC;gBAC9E,CAAC;gBACD,OAAO,IAAI,mBAAmB,CAC5B,IAAI,CAAC,CAAC,CAAiB,EACvB,IAAI,CAAC,CAAC,CAAoB,EAC1B,IAAI,CAAC,CAAC,CAAe,CACtB,CAAC;YACJ,CAAC;YACD,MAAM,EAAE,KAAK;gBACX,CAAC,CAAE,CAAC,mBAAmB,EAAE,YAAY,EAAE,eAAe,EAAE,UAAU,CAAW;gBAC7E,CAAC,CAAE,CAAC,mBAAmB,EAAE,YAAY,EAAE,eAAe,EAAE,UAAU,CAAW;SAChF,CAAC,CAAC;QAEH,uCAAuC;QACvC,SAAS,CAAC,IAAI,CAAC;YACb,OAAO,EAAE,aAAa;YACtB,UAAU,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE;gBACjC,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAsB,CAAC;gBAC7C,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;oBACnB,OAAO,YAAU,CAAC,sBAAsB,CAAC,YAAU,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;gBACxE,CAAC;gBACD,MAAM,QAAQ,GAAG,IAAI,qBAAqB,EAAE,CAAC;gBAC7C,MAAM,SAAS,GAAG,OAAO,CAAC,KAAgC,CAAC;gBAC3D,KAAK,MAAM,CAAC,QAAQ,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;oBACxD,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;wBAC5C,QAAQ,CAAC,QAAQ,CAAC,QAAQ,EAAE,GAAY,CAAC,CAAC;oBAC5C,CAAC;gBACH,CAAC;gBACD,OAAO,IAAI,aAAa,CAAC,IAAI,CAAC,CAAC,CAAiB,EAAE,IAAI,CAAC,CAAC,CAAe,EAAE,QAAQ,CAAC,CAAC;YACrF,CAAC;YACD,MAAM,EAAE,KAAK;gBACX,CAAC,CAAE,CAAC,mBAAmB,EAAE,YAAY,EAAE,UAAU,CAAW;gBAC5D,CAAC,CAAE,CAAC,mBAAmB,EAAE,YAAY,EAAE,UAAU,CAAW;SAC/D,CAAC,CAAC;QAEH,sCAAsC;QACtC,SAAS,CAAC,IAAI,CAAC;YACb,OAAO,EAAE,YAAY;YACrB,UAAU,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE;gBACjC,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAsB,CAAC;gBAC7C,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;oBAClB,OAAO,YAAU,CAAC,sBAAsB,CAAC,YAAU,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;gBACvE,CAAC;gBACD,OAAO,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC,CAAiB,EAAE,IAAI,CAAC,CAAC,CAAe,CAAC,CAAC;YAC1E,CAAC;YACD,MAAM,EAAE,KAAK;gBACX,CAAC,CAAE,CAAC,mBAAmB,EAAE,YAAY,EAAE,UAAU,CAAW;gBAC5D,CAAC,CAAE,CAAC,mBAAmB,EAAE,YAAY,EAAE,UAAU,CAAW;SAC/D,CAAC,CAAC;QAEH,2CAA2C;QAC3C,SAAS,CAAC,IAAI,CAAC;YACb,OAAO,EAAE,iBAAiB;YAC1B,UAAU,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE;gBACjC,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAsB,CAAC;gBAC7C,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;oBACvB,OAAO,YAAU,CAAC,sBAAsB,CAAC,YAAU,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC;gBAC5E,CAAC;gBACD,OAAO,IAAI,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAe,CAAC,CAAC;YACtD,CAAC;YACD,MAAM,EAAE,KAAK;gBACX,CAAC,CAAE,CAAC,mBAAmB,EAAE,UAAU,CAAW;gBAC9C,CAAC,CAAE,CAAC,mBAAmB,EAAE,UAAU,CAAW;SACjD,CAAC,CAAC;QAEH,4CAA4C;QAC5C,SAAS,CAAC,IAAI,CAAC;YACb,OAAO,EAAE,iBAAiB;YAC1B,UAAU,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE;gBACjC,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAsB,CAAC;gBAC7C,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;oBACvB,OAAO,YAAU,CAAC,sBAAsB,CAAC,YAAU,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC;gBAC7E,CAAC;gBACD,OAAO,IAAI,iBAAiB,CAC1B,IAAI,CAAC,CAAC,CAAkB,EACxB,IAAI,CAAC,CAAC,CAAiB,EACvB,IAAI,CAAC,CAAC,CAAe,CACtB,CAAC;YACJ,CAAC;YACD,MAAM,EAAE,KAAK;gBACX,CAAC,CAAE,CAAC,mBAAmB,EAAE,aAAa,EAAE,YAAY,EAAE,UAAU,CAAW;gBAC3E,CAAC,CAAE,CAAC,mBAAmB,EAAE,aAAa,EAAE,YAAY,EAAE,UAAU,CAAW;SAC9E,CAAC,CAAC;QAEH,qCAAqC;QACrC,SAAS,CAAC,IAAI,CAAC;YACb,OAAO,EAAE,WAAW;YACpB,UAAU,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE;gBACjC,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAsB,CAAC;gBAC7C,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;oBACjB,OAAO,YAAU,CAAC,sBAAsB,CAAC,YAAU,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;gBACtE,CAAC;gBACD,OAAO,IAAI,WAAW,CACpB,IAAI,CAAC,CAAC,CAAkB,EACxB,IAAI,CAAC,CAAC,CAAiB,EACvB,IAAI,CAAC,CAAC,CAAe,CACtB,CAAC;YACJ,CAAC;YACD,MAAM,EAAE,KAAK;gBACX,CAAC,CAAE,CAAC,mBAAmB,EAAE,aAAa,EAAE,YAAY,EAAE,UAAU,CAAW;gBAC3E,CAAC,CAAE,CAAC,mBAAmB,EAAE,aAAa,EAAE,YAAY,EAAE,UAAU,CAAW;SAC9E,CAAC,CAAC;QAEH,yCAAyC;QACzC,SAAS,CAAC,IAAI,CAAC;YACb,OAAO,EAAE,eAAe;YACxB,UAAU,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE;gBACjC,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAsB,CAAC;gBAC7C,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;oBACrB,OAAO,YAAU,CAAC,sBAAsB,CAAC,YAAU,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC;gBAC1E,CAAC;gBACD,OAAO,IAAI,eAAe,CAAC,IAAI,CAAC,CAAC,CAAiB,EAAE,IAAI,CAAC,CAAC,CAAe,CAAC,CAAC;YAC7E,CAAC;YACD,MAAM,EAAE,KAAK;gBACX,CAAC,CAAE,CAAC,mBAAmB,EAAE,YAAY,EAAE,UAAU,CAAW;gBAC5D,CAAC,CAAE,CAAC,mBAAmB,EAAE,YAAY,EAAE,UAAU,CAAW;SAC/D,CAAC,CAAC;QAEH,wCAAwC;QACxC,SAAS,CAAC,IAAI,CAAC;YACb,OAAO,EAAE,cAAc;YACvB,UAAU,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE;gBACjC,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAsB,CAAC;gBAC7C,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;oBACpB,OAAO,YAAU,CAAC,sBAAsB,CAAC,YAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;gBACzE,CAAC;gBACD,OAAO,IAAI,cAAc,CAAC,IAAI,CAAC,CAAC,CAAiB,EAAE,IAAI,CAAC,CAAC,CAAe,CAAC,CAAC;YAC5E,CAAC;YACD,MAAM,EAAE,KAAK;gBACX,CAAC,CAAE,CAAC,mBAAmB,EAAE,YAAY,EAAE,UAAU,CAAW;gBAC5D,CAAC,CAAE,CAAC,mBAAmB,EAAE,YAAY,EAAE,UAAU,CAAW;SAC/D,CAAC,CAAC;QAEH,qCAAqC;QACrC,SAAS,CAAC,IAAI,CAAC;YACb,OAAO,EAAE,WAAW;YACpB,UAAU,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE;gBACjC,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAsB,CAAC;gBAC7C,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;oBACjB,OAAO,YAAU,CAAC,sBAAsB,CAAC,YAAU,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;gBACtE,CAAC;gBACD,OAAO,IAAI,WAAW,CAAC,IAAI,CAAC,CAAC,CAAiB,EAAE,IAAI,CAAC,CAAC,CAAe,CAAC,CAAC;YACzE,CAAC;YACD,MAAM,EAAE,KAAK;gBACX,CAAC,CAAE,CAAC,mBAAmB,EAAE,YAAY,EAAE,UAAU,CAAW;gBAC5D,CAAC,CAAE,CAAC,mBAAmB,EAAE,YAAY,EAAE,UAAU,CAAW;SAC/D,CAAC,CAAC;QAEH,OAAO,SAAS,CAAC;IACnB,CAAC;IAEO,MAAM,CAAC,mBAAmB;QAChC,OAAO;YACL,WAAW;YACX,SAAS;YACT,eAAe;YACf,UAAU;YACV,qBAAqB;YACrB,oBAAoB;YACpB,eAAe;SAChB,CAAC;IACJ,CAAC;IAEO,MAAM,CAAC,oBAAoB;QACjC,OAAO;YACL,SAAS;YACT;gBACE,OAAO,EAAE,WAAW;gBACpB,UAAU,EAAE,CAAC,KAAoB,EAAE,EAAE;oBACnC,OAAO,IAAI,WAAW,CAAC,KAAK,CAAC,CAAC;gBAChC,CAAC;gBACD,MAAM,EAAE,CAAC,aAAa,CAAC;aACxB;YACD;gBACE,OAAO,EAAE,SAAS;gBAClB,UAAU,EAAE,CAAC,SAAkB,EAAE,WAAwB,EAAE,EAAE;oBAC3D,OAAO,IAAI,SAAS,CAAC,SAAkB,EAAE,WAAW,CAAC,CAAC;gBACxD,CAAC;gBACD,MAAM,EAAE,CAAC,WAAW,EAAE,WAAW,CAAC;aACnC;YACD;gBACE,OAAO,EAAE,WAAW;gBACpB,UAAU,EAAE,CAAC,KAAoB,EAAE,EAAE;oBACnC,OAAO,IAAI,WAAW,CAAC,KAAK,CAAC,CAAC;gBAChC,CAAC;gBACD,MAAM,EAAE,CAAC,aAAa,CAAC;aACxB;SACF,CAAC;IACJ,CAAC;IAEO,MAAM,CAAC,+BAA+B;QAC5C,OAAO;YACL,OAAO,EAAE,eAAe;YACxB,UAAU,EAAE,CACV,WAA0B,EAC1B,KAAoB,EACpB,IAAmB,EACnB,SAAwB,EACxB,SAAwB,EACxB,GAAkB,EAClB,OAAsB,EACtB,MAAqB,EACrB,GAAkB,EAClB,EAAE;gBACF,MAAM,GAAG,GAAG;oBACV,WAAW;oBACX,KAAK;oBACL,IAAI;oBACJ,SAAS;oBACT,SAAS;oBACT,GAAG;oBACH,OAAO;oBACP,MAAM;oBACN,GAAG;iBACe,CAAC;gBACrB,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAE,CAAiC,CAAC,SAAS,CAAC,CAAC;YAC1E,CAAC;YACD,MAAM,EAAE;gBACN,mBAAmB;gBACnB,aAAa;gBACb,YAAY;gBACZ,iBAAiB;gBACjB,iBAAiB;gBACjB,WAAW;gBACX,eAAe;gBACf,cAAc;gBACd,WAAW;aACZ;SACF,CAAC;IACJ,CAAC;IAEO,MAAM,CAAC,UAAU;QACvB,OAAO;YACL,WAAW;YACX,SAAS;YACT,WAAW;YACX,SAAS;YACT,WAAW;YACX,SAAS;YACT,eAAe;YACf,UAAU;YACV,qBAAqB;YACrB,oBAAoB;YACpB,eAAe;YACf,mBAAmB;YACnB,aAAa;YACb,qBAAqB;YACrB,YAAY;YACZ,iBAAiB;YACjB,iBAAiB;YACjB,WAAW;YACX,eAAe;YACf,cAAc;YACd,WAAW;SACZ,CAAC;IACJ,CAAC;IAEO,MAAM,CAAC,sBAAsB,CAAC,IAAY;QAChD,MAAM,CAAC,GAAG,IAAI,gBAAgB,EAAE,CAAC;QACjC,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC;QACf,OAAO,CAAC,CAAC;IACX,CAAC;IAEO,MAAM,CAAC,OAAO,CAAC,MAAc;QACnC,OAAO,MAAM,CAAC;IAChB,CAAC;CACF,CAAA;AA/VY,UAAU;IADtB,MAAM,CAAC,EAAE,CAAC;GACE,UAAU,CA+VtB;;AAED,MAAM,gBAAgB;IACpB,SAAS,GAAG,IAAI,CAAC;IACjB,KAAK,GAAG,UAAU,CAAC;IACnB,IAAI,GAAG,EAAW,CAAC;IACnB,IAAI,GAAG,UAAU,CAAC;IAElB,YAAY;QACV,MAAM,IAAI,KAAK,CAAC,aAAa,IAAI,CAAC,KAAK,kBAAkB,CAAC,CAAC;IAC7D,CAAC;CACF"}
@@ -0,0 +1,179 @@
1
+ import type { Provider, DynamicModule, Type } from '@nestjs/common';
2
+ import type { AuthMethod } from './interfaces';
3
+ export interface CredentialsOptions {
4
+ /** Enable email login (default true) */
5
+ email?: boolean;
6
+ /** Enable username login (default false) */
7
+ username?: boolean;
8
+ /** Require email verification before login (default false) */
9
+ requireEmailVerification?: boolean;
10
+ }
11
+ export interface OAuthProviderConfig {
12
+ clientId: string;
13
+ clientSecret: string;
14
+ callbackUrl: string;
15
+ scopes?: string[];
16
+ additionalParams?: Record<string, string>;
17
+ }
18
+ export interface OAuthOptions {
19
+ google?: OAuthProviderConfig;
20
+ github?: OAuthProviderConfig;
21
+ facebook?: OAuthProviderConfig;
22
+ apple?: OAuthProviderConfig;
23
+ microsoft?: OAuthProviderConfig;
24
+ discord?: OAuthProviderConfig;
25
+ custom?: Record<string, OAuthProviderConfig>;
26
+ }
27
+ export interface TOTPOptions {
28
+ /** Issuer name shown in authenticator apps (default "NestKit") */
29
+ issuer?: string;
30
+ /** Number of backup codes to generate (default 8) */
31
+ backupCodeCount?: number;
32
+ /** Algorithm: 'sha1' | 'sha256' | 'sha512' (default 'sha1') */
33
+ algorithm?: 'sha1' | 'sha256' | 'sha512';
34
+ /** Number of digits (default 6) */
35
+ digits?: number;
36
+ /** TOTP step window (seconds, default 30) */
37
+ period?: number;
38
+ }
39
+ export interface AnonymousOptions {
40
+ /** Prefix for anonymous user IDs (default "anon_") */
41
+ idPrefix?: string;
42
+ /** Whether anonymous sessions can be persisted (default true) */
43
+ allowConversion?: boolean;
44
+ }
45
+ export interface MagicLinkOptions {
46
+ /** Token expiry in seconds (default 900 / 15 min) */
47
+ tokenExpiresIn?: number;
48
+ /** Token length in bytes (default 32) */
49
+ tokenBytes?: number;
50
+ }
51
+ export interface OTPOptions {
52
+ /** OTP code length (default 6) */
53
+ digits?: number;
54
+ /** OTP expiry in seconds (default 300 / 5 min) */
55
+ expiresIn?: number;
56
+ /** Max allowed attempts before code is invalidated (default 3) */
57
+ maxAttempts?: number;
58
+ }
59
+ export interface PasskeyOptions {
60
+ /** Relying Party name (default "NestKit") */
61
+ rpName?: string;
62
+ /** Relying Party ID (default request hostname) */
63
+ rpId?: string;
64
+ /** Origin URL(s) allowed (default [request origin]) */
65
+ origins?: string[];
66
+ /** Timeout for WebAuthn ceremonies (ms, default 60000) */
67
+ timeout?: number;
68
+ }
69
+ export interface OneTapOptions {
70
+ google?: {
71
+ clientId: string;
72
+ };
73
+ apple?: {
74
+ clientId: string;
75
+ keyId: string;
76
+ teamId: string;
77
+ privateKey: string;
78
+ };
79
+ }
80
+ export interface SSOOptions {
81
+ /** SAML providers */
82
+ saml?: Record<string, SamlProviderConfig>;
83
+ /** OIDC providers */
84
+ oidc?: Record<string, OidcProviderConfig>;
85
+ }
86
+ export interface SamlProviderConfig {
87
+ entryPoint: string;
88
+ issuer: string;
89
+ cert?: string;
90
+ privateKey?: string;
91
+ callbackUrl: string;
92
+ }
93
+ export interface OidcProviderConfig {
94
+ issuerUrl: string;
95
+ clientId: string;
96
+ clientSecret: string;
97
+ callbackUrl: string;
98
+ scopes?: string[];
99
+ }
100
+ export interface RBACOptions {
101
+ /** Key in JWT payload that holds roles (default "roles") */
102
+ rolesClaim?: string;
103
+ /** Whether to require at least one role on protected routes (default true) */
104
+ requireRole?: boolean;
105
+ }
106
+ export interface PBACOptions {
107
+ /** Policy evaluation mode (default "deny-unless-permit") */
108
+ defaultEffect?: 'deny-unless-permit' | 'permit-unless-deny';
109
+ }
110
+ export interface SessionOptions {
111
+ /** Access token TTL (default "15m") */
112
+ accessTokenExpiresIn?: string;
113
+ /** Refresh token TTL (default "7d") */
114
+ refreshTokenExpiresIn?: string;
115
+ /** JWT signing algorithm (default "HS256") */
116
+ algorithm?: 'HS256' | 'RS256' | 'ES256';
117
+ /** Custom issuer claim */
118
+ issuer?: string;
119
+ /** Custom audience claim */
120
+ audience?: string;
121
+ /** Blacklist TTL (seconds, default = refresh token TTL) */
122
+ blacklistTtl?: number;
123
+ /** Enable refresh token rotation (default true) */
124
+ rotation?: boolean;
125
+ /** Enable multi-device tracking (default false) */
126
+ multiDevice?: boolean;
127
+ }
128
+ export interface ThrottleOptions {
129
+ /** Max login attempts per window (default 5) */
130
+ maxAttempts?: number;
131
+ /** Window duration in seconds (default 900 / 15 min) */
132
+ windowSeconds?: number;
133
+ }
134
+ export interface AuthModuleOptions {
135
+ /** JWT secret (required for HS256, ignored for RS256/ES256) */
136
+ jwtSecret?: string;
137
+ /** Private key PEM (required for RS256/ES256) */
138
+ jwtPrivateKey?: string;
139
+ /** Public key PEM (required for RS256/ES256) */
140
+ jwtPublicKey?: string;
141
+ /** Bcrypt cost rounds (default 12) */
142
+ passwordRounds?: number;
143
+ /** Injection token for your cache-service provider (default 'CACHE_SERVICE') */
144
+ cacheServiceToken?: string;
145
+ /**
146
+ * Injection token for your user-service provider (default 'USER_SERVICE').
147
+ * The token must resolve to an object implementing IUserService.
148
+ */
149
+ userServiceToken?: string;
150
+ /** Additional NestJS providers to register (e.g. your own services) */
151
+ extraProviders?: Provider[];
152
+ credentials?: boolean | CredentialsOptions;
153
+ oauth?: boolean | OAuthOptions;
154
+ totp?: boolean | TOTPOptions;
155
+ anonymous?: boolean | AnonymousOptions;
156
+ magicLink?: boolean | MagicLinkOptions;
157
+ otp?: boolean | OTPOptions;
158
+ passkey?: boolean | PasskeyOptions;
159
+ onetap?: boolean | OneTapOptions;
160
+ sso?: boolean | SSOOptions;
161
+ /**
162
+ * Override the default authentication method for routes.
163
+ * If not set, AuthGuard uses the first enabled strategy.
164
+ */
165
+ defaultAuthMethod?: AuthMethod;
166
+ rbac?: boolean | RBACOptions;
167
+ pbac?: boolean | PBACOptions;
168
+ session?: SessionOptions;
169
+ throttle?: ThrottleOptions;
170
+ global?: boolean;
171
+ }
172
+ export interface AuthModuleAsyncOptions {
173
+ useFactory: (...args: unknown[]) => Promise<AuthModuleOptions> | AuthModuleOptions;
174
+ inject?: (Type<unknown> | string | symbol)[];
175
+ imports?: DynamicModule['imports'];
176
+ extraProviders?: Provider[];
177
+ global?: boolean;
178
+ }
179
+ //# sourceMappingURL=auth.options.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"auth.options.d.ts","sourceRoot":"","sources":["../../packages/auth/auth.options.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AACpE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAI/C,MAAM,WAAW,kBAAkB;IACjC,wCAAwC;IACxC,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,4CAA4C;IAC5C,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,8DAA8D;IAC9D,wBAAwB,CAAC,EAAE,OAAO,CAAC;CACpC;AAED,MAAM,WAAW,mBAAmB;IAClC,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,gBAAgB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC3C;AAED,MAAM,WAAW,YAAY;IAC3B,MAAM,CAAC,EAAE,mBAAmB,CAAC;IAC7B,MAAM,CAAC,EAAE,mBAAmB,CAAC;IAC7B,QAAQ,CAAC,EAAE,mBAAmB,CAAC;IAC/B,KAAK,CAAC,EAAE,mBAAmB,CAAC;IAC5B,SAAS,CAAC,EAAE,mBAAmB,CAAC;IAChC,OAAO,CAAC,EAAE,mBAAmB,CAAC;IAC9B,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAC;CAC9C;AAED,MAAM,WAAW,WAAW;IAC1B,kEAAkE;IAClE,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,qDAAqD;IACrD,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,+DAA+D;IAC/D,SAAS,CAAC,EAAE,MAAM,GAAG,QAAQ,GAAG,QAAQ,CAAC;IACzC,mCAAmC;IACnC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,6CAA6C;IAC7C,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,gBAAgB;IAC/B,sDAAsD;IACtD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,iEAAiE;IACjE,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED,MAAM,WAAW,gBAAgB;IAC/B,qDAAqD;IACrD,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,yCAAyC;IACzC,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,UAAU;IACzB,kCAAkC;IAClC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,kDAAkD;IAClD,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,kEAAkE;IAClE,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,cAAc;IAC7B,6CAA6C;IAC7C,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,kDAAkD;IAClD,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,uDAAuD;IACvD,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,0DAA0D;IAC1D,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,aAAa;IAC5B,MAAM,CAAC,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;IAC9B,KAAK,CAAC,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC;CACjF;AAED,MAAM,WAAW,UAAU;IACzB,qBAAqB;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,kBAAkB,CAAC,CAAC;IAC1C,qBAAqB;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,kBAAkB,CAAC,CAAC;CAC3C;AAED,MAAM,WAAW,kBAAkB;IACjC,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,kBAAkB;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB;AAID,MAAM,WAAW,WAAW;IAC1B,4DAA4D;IAC5D,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,8EAA8E;IAC9E,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED,MAAM,WAAW,WAAW;IAC1B,4DAA4D;IAC5D,aAAa,CAAC,EAAE,oBAAoB,GAAG,oBAAoB,CAAC;CAC7D;AAID,MAAM,WAAW,cAAc;IAC7B,uCAAuC;IACvC,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,uCAAuC;IACvC,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,8CAA8C;IAC9C,SAAS,CAAC,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;IACxC,0BAA0B;IAC1B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,4BAA4B;IAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,2DAA2D;IAC3D,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,mDAAmD;IACnD,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,mDAAmD;IACnD,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAID,MAAM,WAAW,eAAe;IAC9B,gDAAgD;IAChD,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,wDAAwD;IACxD,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAID,MAAM,WAAW,iBAAiB;IAChC,+DAA+D;IAC/D,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iDAAiD;IACjD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,gDAAgD;IAChD,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,sCAAsC;IACtC,cAAc,CAAC,EAAE,MAAM,CAAC;IAGxB,gFAAgF;IAChF,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B;;;OAGG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAG1B,uEAAuE;IACvE,cAAc,CAAC,EAAE,QAAQ,EAAE,CAAC;IAG5B,WAAW,CAAC,EAAE,OAAO,GAAG,kBAAkB,CAAC;IAC3C,KAAK,CAAC,EAAE,OAAO,GAAG,YAAY,CAAC;IAC/B,IAAI,CAAC,EAAE,OAAO,GAAG,WAAW,CAAC;IAC7B,SAAS,CAAC,EAAE,OAAO,GAAG,gBAAgB,CAAC;IACvC,SAAS,CAAC,EAAE,OAAO,GAAG,gBAAgB,CAAC;IACvC,GAAG,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IAC3B,OAAO,CAAC,EAAE,OAAO,GAAG,cAAc,CAAC;IACnC,MAAM,CAAC,EAAE,OAAO,GAAG,aAAa,CAAC;IACjC,GAAG,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IAG3B;;;OAGG;IACH,iBAAiB,CAAC,EAAE,UAAU,CAAC;IAG/B,IAAI,CAAC,EAAE,OAAO,GAAG,WAAW,CAAC;IAC7B,IAAI,CAAC,EAAE,OAAO,GAAG,WAAW,CAAC;IAG7B,OAAO,CAAC,EAAE,cAAc,CAAC;IAGzB,QAAQ,CAAC,EAAE,eAAe,CAAC;IAG3B,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,sBAAsB;IACrC,UAAU,EAAE,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,iBAAiB,CAAC,GAAG,iBAAiB,CAAC;IACnF,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,MAAM,GAAG,MAAM,CAAC,EAAE,CAAC;IAC7C,OAAO,CAAC,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC;IACnC,cAAc,CAAC,EAAE,QAAQ,EAAE,CAAC;IAC5B,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB"}
@@ -0,0 +1,2 @@
1
+ export {};
2
+ //# sourceMappingURL=auth.options.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"auth.options.js","sourceRoot":"","sources":["../../packages/auth/auth.options.ts"],"names":[],"mappings":""}
@@ -0,0 +1,57 @@
1
+ import { type ExecutionContext } from '@nestjs/common';
2
+ import type { IAuthResult, IAuthStrategy, ICacheService, ITokenPair } from './interfaces';
3
+ import { AuthMethod } from './interfaces';
4
+ import type { AuthModuleOptions } from './auth.options';
5
+ import { JwtService } from './session/jwt.service';
6
+ import { TokenBlacklistService } from './session/token-blacklist.service';
7
+ import { DeviceSessionService } from './session/device-session.service';
8
+ /**
9
+ * Central authentication orchestrator.
10
+ *
11
+ * Delegates to the appropriate strategy based on `AuthMethod`,
12
+ * manages token lifecycle, session tracking, and cache acceleration.
13
+ */
14
+ export declare class AuthService {
15
+ private readonly options;
16
+ private readonly cache;
17
+ private readonly jwtService;
18
+ private readonly tokenBlacklist;
19
+ private readonly deviceSession;
20
+ private readonly strategyMap;
21
+ constructor(options: AuthModuleOptions, _strategies: IAuthStrategy[], cache: ICacheService, jwtService: JwtService, tokenBlacklist: TokenBlacklistService, deviceSession: DeviceSessionService);
22
+ /**
23
+ * Authenticate using the given method.
24
+ *
25
+ * @param method Authentication method (e.g. 'credentials', 'oauth')
26
+ * @param payload Strategy-specific payload
27
+ * @param context Optional execution context
28
+ */
29
+ authenticate(method: AuthMethod, payload: Record<string, unknown>, context?: ExecutionContext): Promise<IAuthResult>;
30
+ /**
31
+ * Validate an access token and return its decoded payload.
32
+ * Uses cache for fast-path validation when available.
33
+ *
34
+ * @param token Raw JWT access token
35
+ */
36
+ validateToken(token: string): Promise<Record<string, unknown>>;
37
+ /**
38
+ * Refresh an expired access token using a refresh token.
39
+ * Implements refresh token rotation.
40
+ */
41
+ refreshToken(refreshToken: string, deviceId?: string): Promise<ITokenPair>;
42
+ /**
43
+ * Logout — blacklist the current access token and optionally
44
+ * remove a specific device session.
45
+ */
46
+ logout(accessToken: string, deviceId?: string): Promise<void>;
47
+ /**
48
+ * Logout from all devices — revoke all sessions for a user.
49
+ */
50
+ logoutAll(userId: string): Promise<void>;
51
+ /**
52
+ * Get all active sessions for a user (multi-device view).
53
+ */
54
+ getUserSessions(userId: string): Promise<import("./session").IDeviceInfo[]>;
55
+ private hash;
56
+ }
57
+ //# sourceMappingURL=auth.service.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../packages/auth/auth.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAsB,KAAK,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAC3E,OAAO,KAAK,EAAE,WAAW,EAAE,aAAa,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1F,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAE1C,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AACxD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,qBAAqB,EAAE,MAAM,mCAAmC,CAAC;AAC1E,OAAO,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AAExE;;;;;GAKG;AACH,qBACa,WAAW;IAKpB,OAAO,CAAC,QAAQ,CAAC,OAAO;IAIxB,OAAO,CAAC,QAAQ,CAAC,KAAK;IACtB,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,aAAa;IAXhC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAwC;gBAIjD,OAAO,EAAE,iBAAiB,EAE3C,WAAW,EAAE,aAAa,EAAE,EAEX,KAAK,EAAE,aAAa,EACpB,UAAU,EAAE,UAAU,EACtB,cAAc,EAAE,qBAAqB,EACrC,aAAa,EAAE,oBAAoB;IAOtD;;;;;;OAMG;IACG,YAAY,CAChB,MAAM,EAAE,UAAU,EAClB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAChC,OAAO,CAAC,EAAE,gBAAgB,GACzB,OAAO,CAAC,WAAW,CAAC;IAsBvB;;;;;OAKG;IACG,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAoBpE;;;OAGG;IACG,YAAY,CAAC,YAAY,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IA2ChF;;;OAGG;IACG,MAAM,CAAC,WAAW,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAcnE;;OAEG;IACG,SAAS,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI9C;;OAEG;IACG,eAAe,CAAC,MAAM,EAAE,MAAM;IAIpC,OAAO,CAAC,IAAI;CASb"}
@@ -0,0 +1,175 @@
1
+ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
2
+ var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
3
+ if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
4
+ else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
5
+ return c > 3 && r && Object.defineProperty(target, key, r), r;
6
+ };
7
+ var __metadata = (this && this.__metadata) || function (k, v) {
8
+ if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
9
+ };
10
+ var __param = (this && this.__param) || function (paramIndex, decorator) {
11
+ return function (target, key) { decorator(target, key, paramIndex); }
12
+ };
13
+ import { Inject, Injectable } from '@nestjs/common';
14
+ import { AUTH_MODULE_OPTIONS, AUTH_STRATEGIES, CACHE_SERVICE } from './auth.constants';
15
+ import { JwtService } from './session/jwt.service';
16
+ import { TokenBlacklistService } from './session/token-blacklist.service';
17
+ import { DeviceSessionService } from './session/device-session.service';
18
+ /**
19
+ * Central authentication orchestrator.
20
+ *
21
+ * Delegates to the appropriate strategy based on `AuthMethod`,
22
+ * manages token lifecycle, session tracking, and cache acceleration.
23
+ */
24
+ let AuthService = class AuthService {
25
+ options;
26
+ cache;
27
+ jwtService;
28
+ tokenBlacklist;
29
+ deviceSession;
30
+ strategyMap = new Map();
31
+ constructor(options, _strategies, cache, jwtService, tokenBlacklist, deviceSession) {
32
+ this.options = options;
33
+ this.cache = cache;
34
+ this.jwtService = jwtService;
35
+ this.tokenBlacklist = tokenBlacklist;
36
+ this.deviceSession = deviceSession;
37
+ for (const strategy of _strategies) {
38
+ this.strategyMap.set(strategy.type, strategy);
39
+ }
40
+ }
41
+ /**
42
+ * Authenticate using the given method.
43
+ *
44
+ * @param method Authentication method (e.g. 'credentials', 'oauth')
45
+ * @param payload Strategy-specific payload
46
+ * @param context Optional execution context
47
+ */
48
+ async authenticate(method, payload, context) {
49
+ const strategy = this.strategyMap.get(method);
50
+ if (!strategy) {
51
+ throw new Error(`Authentication method "${method}" is not enabled`);
52
+ }
53
+ const result = await strategy.authenticate(payload, context);
54
+ // Track device session if multi-device is enabled
55
+ if (this.options.session?.multiDevice) {
56
+ await this.deviceSession.register({
57
+ deviceId: payload.deviceId ?? 'default',
58
+ userId: result.user.id,
59
+ userAgent: payload.userAgent,
60
+ ip: payload.ip,
61
+ lastActivity: Date.now(),
62
+ });
63
+ }
64
+ return result;
65
+ }
66
+ /**
67
+ * Validate an access token and return its decoded payload.
68
+ * Uses cache for fast-path validation when available.
69
+ *
70
+ * @param token Raw JWT access token
71
+ */
72
+ async validateToken(token) {
73
+ // Fast-path: check cache first
74
+ const cacheKey = `auth:token:${this.hash(token)}`;
75
+ const cached = await this.cache.get(cacheKey);
76
+ if (cached)
77
+ return cached;
78
+ const payload = await this.jwtService.verifyAccess(token);
79
+ // Check blacklist
80
+ const jti = payload.jti;
81
+ if (jti && (await this.tokenBlacklist.isBlacklisted(jti))) {
82
+ throw new Error('Token has been revoked');
83
+ }
84
+ // Cache the validated payload for 30 seconds
85
+ await this.cache.set(cacheKey, payload, 30);
86
+ return payload;
87
+ }
88
+ /**
89
+ * Refresh an expired access token using a refresh token.
90
+ * Implements refresh token rotation.
91
+ */
92
+ async refreshToken(refreshToken, deviceId) {
93
+ const payload = await this.jwtService.verifyRefresh(refreshToken);
94
+ const userId = payload.sub;
95
+ // Check family revocation
96
+ if (this.options.session?.rotation !== false) {
97
+ const familyId = payload.family ?? payload.jti;
98
+ if (familyId && (await this.tokenBlacklist.isFamilyRevoked(familyId))) {
99
+ throw new Error('Refresh token family has been revoked');
100
+ }
101
+ }
102
+ // In rotation mode, blacklist the current refresh token
103
+ if (this.options.session?.rotation !== false && payload.jti) {
104
+ const exp = payload.exp;
105
+ const ttl = exp ? Math.max(1, exp - Math.floor(Date.now() / 1000)) : 86400;
106
+ await this.tokenBlacklist.blacklistAccess(payload.jti, ttl);
107
+ }
108
+ const user = {
109
+ id: userId,
110
+ email: payload.email,
111
+ username: payload.username,
112
+ roles: payload.roles,
113
+ permissions: payload.permissions,
114
+ isAnonymous: payload.isAnonymous ?? false,
115
+ isMfaVerified: payload.isMfaVerified ?? false,
116
+ };
117
+ const tokens = await this.jwtService.signTokens(user);
118
+ // Update device session timestamp
119
+ if (deviceId) {
120
+ const session = await this.deviceSession.getSession(userId, deviceId);
121
+ if (session) {
122
+ session.lastActivity = Date.now();
123
+ await this.deviceSession.register(session);
124
+ }
125
+ }
126
+ return tokens;
127
+ }
128
+ /**
129
+ * Logout — blacklist the current access token and optionally
130
+ * remove a specific device session.
131
+ */
132
+ async logout(accessToken, deviceId) {
133
+ const payload = this.jwtService.decode(accessToken);
134
+ const jti = payload?.jti ?? this.hash(accessToken);
135
+ const exp = payload?.exp;
136
+ const ttl = exp ? Math.max(1, exp - Math.floor(Date.now() / 1000)) : 3600;
137
+ await this.tokenBlacklist.blacklistAccess(jti, ttl);
138
+ const userId = payload?.sub;
139
+ if (userId && deviceId) {
140
+ await this.deviceSession.removeSession(userId, deviceId);
141
+ }
142
+ }
143
+ /**
144
+ * Logout from all devices — revoke all sessions for a user.
145
+ */
146
+ async logoutAll(userId) {
147
+ await this.deviceSession.removeAllUserSessions(userId);
148
+ }
149
+ /**
150
+ * Get all active sessions for a user (multi-device view).
151
+ */
152
+ async getUserSessions(userId) {
153
+ return this.deviceSession.getUserSessions(userId);
154
+ }
155
+ hash(value) {
156
+ let hash = 0;
157
+ for (let i = 0; i < value.length; i++) {
158
+ const char = value.charCodeAt(i);
159
+ hash = (hash << 5) - hash + char;
160
+ hash |= 0;
161
+ }
162
+ return Math.abs(hash).toString(16);
163
+ }
164
+ };
165
+ AuthService = __decorate([
166
+ Injectable(),
167
+ __param(0, Inject(AUTH_MODULE_OPTIONS)),
168
+ __param(1, Inject(AUTH_STRATEGIES)),
169
+ __param(2, Inject(CACHE_SERVICE)),
170
+ __metadata("design:paramtypes", [Object, Array, Object, JwtService,
171
+ TokenBlacklistService,
172
+ DeviceSessionService])
173
+ ], AuthService);
174
+ export { AuthService };
175
+ //# sourceMappingURL=auth.service.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../packages/auth/auth.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,MAAM,EAAE,UAAU,EAAyB,MAAM,gBAAgB,CAAC;AAG3E,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEvF,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,qBAAqB,EAAE,MAAM,mCAAmC,CAAC;AAC1E,OAAO,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AAExE;;;;;GAKG;AAEI,IAAM,WAAW,GAAjB,MAAM,WAAW;IAKH;IAIA;IACA;IACA;IACA;IAXF,WAAW,GAAG,IAAI,GAAG,EAA6B,CAAC;IAEpE,YAEmB,OAA0B,EAE3C,WAA4B,EAEX,KAAoB,EACpB,UAAsB,EACtB,cAAqC,EACrC,aAAmC;QAPnC,YAAO,GAAP,OAAO,CAAmB;QAI1B,UAAK,GAAL,KAAK,CAAe;QACpB,eAAU,GAAV,UAAU,CAAY;QACtB,mBAAc,GAAd,cAAc,CAAuB;QACrC,kBAAa,GAAb,aAAa,CAAsB;QAEpD,KAAK,MAAM,QAAQ,IAAI,WAAW,EAAE,CAAC;YACnC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,YAAY,CAChB,MAAkB,EAClB,OAAgC,EAChC,OAA0B;QAE1B,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC9C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,0BAA0B,MAAM,kBAAkB,CAAC,CAAC;QACtE,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAE7D,kDAAkD;QAClD,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,WAAW,EAAE,CAAC;YACtC,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC;gBAChC,QAAQ,EAAG,OAAO,CAAC,QAAmB,IAAI,SAAS;gBACnD,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE;gBACtB,SAAS,EAAE,OAAO,CAAC,SAA+B;gBAClD,EAAE,EAAE,OAAO,CAAC,EAAwB;gBACpC,YAAY,EAAE,IAAI,CAAC,GAAG,EAAE;aACzB,CAAC,CAAC;QACL,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,aAAa,CAAC,KAAa;QAC/B,+BAA+B;QAC/B,MAAM,QAAQ,GAAG,cAAc,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QAClD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAA0B,QAAQ,CAAC,CAAC;QACvE,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAE1B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;QAE1D,kBAAkB;QAClB,MAAM,GAAG,GAAG,OAAO,CAAC,GAAyB,CAAC;QAC9C,IAAI,GAAG,IAAI,CAAC,MAAM,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YAC1D,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;QAC5C,CAAC;QAED,6CAA6C;QAC7C,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,CAAC,CAAC;QAE5C,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,YAAY,CAAC,YAAoB,EAAE,QAAiB;QACxD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC;QAClE,MAAM,MAAM,GAAG,OAAO,CAAC,GAAa,CAAC;QAErC,0BAA0B;QAC1B,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,QAAQ,KAAK,KAAK,EAAE,CAAC;YAC7C,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC;YAC/C,IAAI,QAAQ,IAAI,CAAC,MAAM,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,QAAkB,CAAC,CAAC,EAAE,CAAC;gBAChF,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;YAC3D,CAAC;QACH,CAAC;QAED,wDAAwD;QACxD,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,QAAQ,KAAK,KAAK,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;YAC5D,MAAM,GAAG,GAAG,OAAO,CAAC,GAAyB,CAAC;YAC9C,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;YAC3E,MAAM,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,OAAO,CAAC,GAAa,EAAE,GAAG,CAAC,CAAC;QACxE,CAAC;QAED,MAAM,IAAI,GAAG;YACX,EAAE,EAAE,MAAM;YACV,KAAK,EAAE,OAAO,CAAC,KAA2B;YAC1C,QAAQ,EAAE,OAAO,CAAC,QAA8B;YAChD,KAAK,EAAE,OAAO,CAAC,KAA6B;YAC5C,WAAW,EAAE,OAAO,CAAC,WAAmC;YACxD,WAAW,EAAG,OAAO,CAAC,WAAuB,IAAI,KAAK;YACtD,aAAa,EAAG,OAAO,CAAC,aAAyB,IAAI,KAAK;SAC3D,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAEtD,kCAAkC;QAClC,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YACtE,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;gBAClC,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,MAAM,CAAC,WAAmB,EAAE,QAAiB;QACjD,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QACpD,MAAM,GAAG,GAAI,OAAO,EAAE,GAAc,IAAI,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC/D,MAAM,GAAG,GAAG,OAAO,EAAE,GAAyB,CAAC;QAC/C,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAE1E,MAAM,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAEpD,MAAM,MAAM,GAAG,OAAO,EAAE,GAAyB,CAAC;QAClD,IAAI,MAAM,IAAI,QAAQ,EAAE,CAAC;YACvB,MAAM,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS,CAAC,MAAc;QAC5B,MAAM,IAAI,CAAC,aAAa,CAAC,qBAAqB,CAAC,MAAM,CAAC,CAAC;IACzD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe,CAAC,MAAc;QAClC,OAAO,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;IACpD,CAAC;IAEO,IAAI,CAAC,KAAa;QACxB,IAAI,IAAI,GAAG,CAAC,CAAC;QACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YACjC,IAAI,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC;YACjC,IAAI,IAAI,CAAC,CAAC;QACZ,CAAC;QACD,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACrC,CAAC;CACF,CAAA;AAtKY,WAAW;IADvB,UAAU,EAAE;IAKR,WAAA,MAAM,CAAC,mBAAmB,CAAC,CAAA;IAE3B,WAAA,MAAM,CAAC,eAAe,CAAC,CAAA;IAEvB,WAAA,MAAM,CAAC,aAAa,CAAC,CAAA;4DAEO,UAAU;QACN,qBAAqB;QACtB,oBAAoB;GAZ3C,WAAW,CAsKvB"}
@@ -0,0 +1,3 @@
1
+ export * from './rbac';
2
+ export * from './pbac';
3
+ //# sourceMappingURL=index.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../packages/auth/authorization/index.ts"],"names":[],"mappings":"AAAA,cAAc,QAAQ,CAAC;AACvB,cAAc,QAAQ,CAAC"}
@@ -0,0 +1,3 @@
1
+ export * from './rbac';
2
+ export * from './pbac';
3
+ //# sourceMappingURL=index.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../packages/auth/authorization/index.ts"],"names":[],"mappings":"AAAA,cAAc,QAAQ,CAAC;AACvB,cAAc,QAAQ,CAAC"}
@@ -0,0 +1,6 @@
1
+ export { PbacService } from './pbac.service';
2
+ export { PbacGuard } from './pbac.guard';
3
+ export { RequirePolicy } from './pbac.decorator';
4
+ export type { PolicyDecoratorOptions } from './pbac.decorator';
5
+ export type { PolicyStatement, PolicyDocument, PolicyContext, PolicyEffect } from './pbac.types';
6
+ //# sourceMappingURL=index.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../packages/auth/authorization/pbac/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACjD,YAAY,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AAC/D,YAAY,EAAE,eAAe,EAAE,cAAc,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC"}
@@ -0,0 +1,4 @@
1
+ export { PbacService } from './pbac.service';
2
+ export { PbacGuard } from './pbac.guard';
3
+ export { RequirePolicy } from './pbac.decorator';
4
+ //# sourceMappingURL=index.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../packages/auth/authorization/pbac/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC"}
@@ -0,0 +1,18 @@
1
+ export interface PolicyDecoratorOptions {
2
+ /** Action being performed (e.g. 'document:read') */
3
+ action: string;
4
+ /** Resource being accessed (e.g. 'org:123:doc:456') */
5
+ resource: string | ((req: unknown) => string);
6
+ }
7
+ /**
8
+ * Require a policy check on a route handler.
9
+ * Works with the PbacGuard.
10
+ *
11
+ * @example
12
+ * ```typescript
13
+ * @RequirePolicy({ action: 'document:delete', resource: 'org:*' })
14
+ * @RequirePolicy({ action: 'document:read', resource: (req) => req.params.docId })
15
+ * ```
16
+ */
17
+ export declare const RequirePolicy: (options: PolicyDecoratorOptions) => import("@nestjs/common").CustomDecorator<string>;
18
+ //# sourceMappingURL=pbac.decorator.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"pbac.decorator.d.ts","sourceRoot":"","sources":["../../../../packages/auth/authorization/pbac/pbac.decorator.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,sBAAsB;IACrC,oDAAoD;IACpD,MAAM,EAAE,MAAM,CAAC;IACf,uDAAuD;IACvD,QAAQ,EAAE,MAAM,GAAG,CAAC,CAAC,GAAG,EAAE,OAAO,KAAK,MAAM,CAAC,CAAC;CAC/C;AAED;;;;;;;;;GASG;AACH,eAAO,MAAM,aAAa,GAAI,SAAS,sBAAsB,qDACtB,CAAC"}
@@ -0,0 +1,14 @@
1
+ import { SetMetadata } from '@nestjs/common';
2
+ import { METADATA_POLICY } from '../../auth.constants';
3
+ /**
4
+ * Require a policy check on a route handler.
5
+ * Works with the PbacGuard.
6
+ *
7
+ * @example
8
+ * ```typescript
9
+ * @RequirePolicy({ action: 'document:delete', resource: 'org:*' })
10
+ * @RequirePolicy({ action: 'document:read', resource: (req) => req.params.docId })
11
+ * ```
12
+ */
13
+ export const RequirePolicy = (options) => SetMetadata(METADATA_POLICY, options);
14
+ //# sourceMappingURL=pbac.decorator.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"pbac.decorator.js","sourceRoot":"","sources":["../../../../packages/auth/authorization/pbac/pbac.decorator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AASvD;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,OAA+B,EAAE,EAAE,CAC/D,WAAW,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC"}
@@ -0,0 +1,19 @@
1
+ import { CanActivate, ExecutionContext } from '@nestjs/common';
2
+ import { Reflector } from '@nestjs/core';
3
+ import { PbacService } from './pbac.service';
4
+ /**
5
+ * Guard that enforces Policy-Based Access Control.
6
+ *
7
+ * Reads the required policy from the `@RequirePolicy()` decorator
8
+ * and evaluates it against the user's assigned policies.
9
+ *
10
+ * This guard is independent — you can use it with or without RBAC on
11
+ * different routes in the same application.
12
+ */
13
+ export declare class PbacGuard implements CanActivate {
14
+ private readonly reflector;
15
+ private readonly pbacService;
16
+ constructor(reflector: Reflector, pbacService: PbacService);
17
+ canActivate(context: ExecutionContext): Promise<boolean>;
18
+ }
19
+ //# sourceMappingURL=pbac.guard.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"pbac.guard.d.ts","sourceRoot":"","sources":["../../../../packages/auth/authorization/pbac/pbac.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,WAAW,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAC3E,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAM7C;;;;;;;;GAQG;AACH,qBACa,SAAU,YAAW,WAAW;IAEzC,OAAO,CAAC,QAAQ,CAAC,SAAS;IAC1B,OAAO,CAAC,QAAQ,CAAC,WAAW;gBADX,SAAS,EAAE,SAAS,EACpB,WAAW,EAAE,WAAW;IAGrC,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;CAgC/D"}
@@ -0,0 +1,60 @@
1
+ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
2
+ var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
3
+ if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
4
+ else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
5
+ return c > 3 && r && Object.defineProperty(target, key, r), r;
6
+ };
7
+ var __metadata = (this && this.__metadata) || function (k, v) {
8
+ if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
9
+ };
10
+ import { Injectable } from '@nestjs/common';
11
+ import { Reflector } from '@nestjs/core';
12
+ import { PbacService } from './pbac.service';
13
+ import { METADATA_POLICY } from '../../auth.constants';
14
+ /**
15
+ * Guard that enforces Policy-Based Access Control.
16
+ *
17
+ * Reads the required policy from the `@RequirePolicy()` decorator
18
+ * and evaluates it against the user's assigned policies.
19
+ *
20
+ * This guard is independent — you can use it with or without RBAC on
21
+ * different routes in the same application.
22
+ */
23
+ let PbacGuard = class PbacGuard {
24
+ reflector;
25
+ pbacService;
26
+ constructor(reflector, pbacService) {
27
+ this.reflector = reflector;
28
+ this.pbacService = pbacService;
29
+ }
30
+ async canActivate(context) {
31
+ const policyMeta = this.reflector.getAllAndOverride(METADATA_POLICY, [
32
+ context.getHandler(),
33
+ context.getClass(),
34
+ ]);
35
+ if (!policyMeta)
36
+ return true;
37
+ const request = context.switchToHttp().getRequest();
38
+ const user = request.user;
39
+ if (!user)
40
+ return false;
41
+ const action = policyMeta.action;
42
+ const resource = typeof policyMeta.resource === 'function'
43
+ ? policyMeta.resource(request)
44
+ : policyMeta.resource;
45
+ const policies = await this.pbacService.getUserPolicies(user.id);
46
+ const ctx = {
47
+ user: user,
48
+ resource: { id: resource, ...request.params },
49
+ environment: {},
50
+ };
51
+ return this.pbacService.evaluate(policies, action, resource, ctx);
52
+ }
53
+ };
54
+ PbacGuard = __decorate([
55
+ Injectable(),
56
+ __metadata("design:paramtypes", [Reflector,
57
+ PbacService])
58
+ ], PbacGuard);
59
+ export { PbacGuard };
60
+ //# sourceMappingURL=pbac.guard.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"pbac.guard.js","sourceRoot":"","sources":["../../../../packages/auth/authorization/pbac/pbac.guard.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,UAAU,EAAiC,MAAM,gBAAgB,CAAC;AAC3E,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAKvD;;;;;;;;GAQG;AAEI,IAAM,SAAS,GAAf,MAAM,SAAS;IAED;IACA;IAFnB,YACmB,SAAoB,EACpB,WAAwB;QADxB,cAAS,GAAT,SAAS,CAAW;QACpB,gBAAW,GAAX,WAAW,CAAa;IACxC,CAAC;IAEJ,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAyB,eAAe,EAAE;YAC3F,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,CAAC,UAAU;YAAE,OAAO,IAAI,CAAC;QAE7B,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAI7C,CAAC;QACL,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;QAC1B,IAAI,CAAC,IAAI;YAAE,OAAO,KAAK,CAAC;QAExB,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC;QACjC,MAAM,QAAQ,GACZ,OAAO,UAAU,CAAC,QAAQ,KAAK,UAAU;YACvC,CAAC,CAAC,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC;YAC9B,CAAC,CAAC,UAAU,CAAC,QAAQ,CAAC;QAE1B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEjE,MAAM,GAAG,GAAkB;YACzB,IAAI,EAAE,IAAI;YACV,QAAQ,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,MAAM,EAAE;YAC7C,WAAW,EAAE,EAAE;SAChB,CAAC;QAEF,OAAO,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,CAAC,CAAC;IACpE,CAAC;CACF,CAAA;AAtCY,SAAS;IADrB,UAAU,EAAE;qCAGmB,SAAS;QACP,WAAW;GAHhC,SAAS,CAsCrB"}