@rapidrest/service-core 1.0.0-beta.1

package/dist/lib/auth/AuthMiddleware.js

@@ -0,0 +1,229 @@
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+////////////////////////////////////////////////////////////////////////////////
+// Copyright (C) 2020-2026 Jean-Philippe Steinmetz
+///////////////////////////////////////////////////////////////////////////////
+import { ApiError, JWTUtils, ObjectDecorators } from "@rapidrest/core";
+import { ApiErrors, ApiErrorMessages } from "../ApiErrors.js";
+import { ObjectFactory } from "../ObjectFactory.js";
+import { JWTStrategy } from "./JWTStrategy.js";
+import { BasicStrategy } from "./BasicStrategy.js";
+const { Config, Init, Inject } = ObjectDecorators;
+/**
+ * A set of common utilities for performing authentication using one or more strategies.
+ *
+ * @author Jean-Philippe Steinmetz <rapidrests@gmail.com>
+ */
+export class AuthMiddleware {
+    constructor() {
+        this.authSocketTimeout = 2000;
+        /** The authentication strategies that have been registered. */
+        this.strategies = new Map();
+    }
+    async init() {
+        if (this.objectFactory) {
+            // Register built-in strategy classes with ObjectFactory
+            this.objectFactory.register(BasicStrategy, "auth.BasicStrategy");
+            this.objectFactory.register(JWTStrategy, "auth.JWTStrategy");
+            if (this.authConfig.strategy) {
+                const strategy = await this.objectFactory.newInstance(this.authConfig.strategy);
+                this.strategies.set(strategy.name, strategy);
+            }
+        }
+    }
+    /**
+     * Performs authentication of the given request using one of the provided strategies.
+     *
+     * @param strategies The list of strategy names to attempt authentication with.
+     * @param req The request containing data to perform authenticate with.
+     * @param res The response to use when writing back directly to the client.
+     * @param required Set to `true` to if authentication is required to pass, otherwise set to `false`.
+     */
+    authenticate(strategies, req, res, required) {
+        let authResult = undefined;
+        for (const name of strategies) {
+            // Attempt authentication with the strategy
+            const strategy = this.strategies.get(name);
+            if (strategy) {
+                authResult = strategy.authenticate(req, res, required);
+            }
+            else {
+                throw new Error("No authentication strategy has been registered with name: " + name);
+            }
+            // Was it successful?
+            if (authResult) {
+                break;
+            }
+        }
+        if (!authResult && required) {
+            throw new Error("Authentication failed but is required to proceed.");
+        }
+        return authResult;
+    }
+    /**
+     * Returns a request handler function that will perform authentication of a websocket connection. Authentication
+     * can be handled in two ways:
+     *
+     * 1. Authorization header
+     * 2. Negotiation via handshake
+     *
+     * This middleware function primarily provides the implementation for item 2 above.
+     *
+     * @param required Set to `true` to indicate that auth is required, otherwise `false`.
+     */
+    authWebSocket(required) {
+        return (req, _res, next) => {
+            const sock = req.websocket || req.socket;
+            const user = req.user;
+            // Pre-upgrade auth already set req.user — no LOGIN handshake needed
+            if (user && user.uid) {
+                next();
+                return;
+            }
+            // Ensures timer, message listener, and close listener each fire at most once.
+            // Prevents the timer from firing after the socket closes (which would try to call
+            // sock.close() on an already-closed handle and throw an unhandled rejection).
+            let settled = false;
+            const settle = (fn) => {
+                if (settled)
+                    return;
+                settled = true;
+                clearTimeout(timer);
+                sock.removeListener("message", onMessage);
+                sock.removeListener("close", onClose);
+                fn();
+            };
+            const onClose = () => {
+                // Socket closed before auth completed — unblock runChain so the open handler can
+                // finish. The readyState === 3 guard in Router.ts will skip the final ws.close().
+                settle(() => next());
+            };
+            const onMessage = (data, isBinary) => {
+                if (isBinary) {
+                    settle(() => {
+                        if (required) {
+                            const error = new ApiError(ApiErrors.INVALID_REQUEST, 400, ApiErrorMessages.INVALID_REQUEST);
+                            sock.close(1002, error.code);
+                            next(error);
+                        }
+                        else {
+                            next();
+                        }
+                    });
+                    return;
+                }
+                try {
+                    const message = JSON.parse(data);
+                    if (message.type === "LOGIN") {
+                        const payload = JWTUtils.decodeToken(this.authConfig, message.data);
+                        const loginUser = payload && payload.profile ? payload.profile : null;
+                        if (loginUser && loginUser.uid) {
+                            settle(() => {
+                                sock.send(JSON.stringify({ id: message.id, type: "LOGIN_RESPONSE", success: true }));
+                                req.user = loginUser;
+                                // Set req.auth so @User decorator in wrapMiddleware resolves correctly
+                                req.auth = { user: loginUser, method: "jwt", data: message.data, payload };
+                                next();
+                            });
+                        }
+                        else if (required) {
+                            settle(() => {
+                                const error = new ApiError(ApiErrors.AUTH_FAILED, 401, ApiErrorMessages.AUTH_FAILED);
+                                sock.send(JSON.stringify({
+                                    id: message.id,
+                                    type: "LOGIN_RESPONSE",
+                                    success: false,
+                                    data: error.message,
+                                }));
+                                sock.close(1002, error.message);
+                                next(error);
+                            });
+                        }
+                        else {
+                            settle(() => {
+                                sock.send(JSON.stringify({
+                                    id: message.id,
+                                    type: "LOGIN_RESPONSE",
+                                    success: false,
+                                    data: "Invalid authentication token.",
+                                }));
+                                next();
+                            });
+                        }
+                    }
+                    else if (required) {
+                        settle(() => {
+                            const error = new ApiError(ApiErrors.INVALID_REQUEST, 400, ApiErrorMessages.INVALID_REQUEST);
+                            sock.close(1002, error.code);
+                            next(error);
+                        });
+                    }
+                    else {
+                        settle(() => next());
+                    }
+                }
+                catch {
+                    settle(() => {
+                        if (required) {
+                            const error = new ApiError(ApiErrors.INVALID_REQUEST, 400, ApiErrorMessages.INVALID_REQUEST);
+                            sock.close(1002, error.code);
+                            next(error);
+                        }
+                        else {
+                            next();
+                        }
+                    });
+                }
+            };
+            sock.once("message", onMessage);
+            sock.once("close", onClose);
+            const timer = setTimeout(() => {
+                settle(() => {
+                    if (required) {
+                        const error = new ApiError(ApiErrors.AUTH_FAILED, 401, ApiErrorMessages.AUTH_FAILED);
+                        error.status = 401;
+                        sock.close(1002, error.message);
+                        next(error);
+                    }
+                    else {
+                        next();
+                    }
+                });
+            }, this.authSocketTimeout);
+        };
+    }
+    /**
+     * Registers the provided authentication strategy to be used
+     * @param name The name of the authentication type to associate the given strategy with
+     * @param strategy The strategy to register
+     */
+    register(name, strategy) {
+        this.strategies.set(name, strategy);
+    }
+}
+__decorate([
+    Config("auth"),
+    __metadata("design:type", Object)
+], AuthMiddleware.prototype, "authConfig", void 0);
+__decorate([
+    Config("auth:socketTimeout", 2000),
+    __metadata("design:type", Number)
+], AuthMiddleware.prototype, "authSocketTimeout", void 0);
+__decorate([
+    Inject(ObjectFactory),
+    __metadata("design:type", ObjectFactory)
+], AuthMiddleware.prototype, "objectFactory", void 0);
+__decorate([
+    Init,
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", []),
+    __metadata("design:returntype", Promise)
+], AuthMiddleware.prototype, "init", null);
+//# sourceMappingURL=AuthMiddleware.js.map

package/dist/lib/auth/AuthMiddleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthMiddleware.js","sourceRoot":"","sources":["../../../src/auth/AuthMiddleware.ts"],"names":[],"mappings":";;;;;;;;;AAAA,gFAAgF;AAChF,kDAAkD;AAClD,+EAA+E;AAC/E,OAAO,EAAW,QAAQ,EAAc,QAAQ,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AAE5F,OAAO,EAAE,SAAS,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AAG9D,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,gBAAgB,CAAC;AAElD;;;;GAIG;AACH,MAAM,OAAO,cAAc;IAA3B;QAKY,sBAAiB,GAAW,IAAI,CAAC;QAKzC,+DAA+D;QAC/C,eAAU,GAA8B,IAAI,GAAG,EAAE,CAAC;IAoNtE,CAAC;IAjNiB,AAAN,KAAK,CAAC,IAAI;QACd,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACrB,wDAAwD;YACxD,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,aAAa,EAAE,oBAAoB,CAAC,CAAC;YACjE,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;YAE7D,IAAI,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;gBAC3B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAe,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;gBAC9F,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QACL,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACI,YAAY,CACf,UAAoB,EACpB,GAAgB,EAChB,GAAkB,EAClB,QAAkB;QAElB,IAAI,UAAU,GAAiD,SAAS,CAAC;QAEzE,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;YAC5B,2CAA2C;YAC3C,MAAM,QAAQ,GAA6B,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YACrE,IAAI,QAAQ,EAAE,CAAC;gBACX,UAAU,GAAG,QAAQ,CAAC,YAAY,CAAC,GAAG,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC;YAC3D,CAAC;iBAAM,CAAC;gBACJ,MAAM,IAAI,KAAK,CAAC,4DAA4D,GAAG,IAAI,CAAC,CAAC;YACzF,CAAC;YAED,qBAAqB;YACrB,IAAI,UAAU,EAAE,CAAC;gBACb,MAAM;YACV,CAAC;QACL,CAAC;QAED,IAAI,CAAC,UAAU,IAAI,QAAQ,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;QACzE,CAAC;QAED,OAAO,UAAU,CAAC;IACtB,CAAC;IAED;;;;;;;;;;OAUG;IACI,aAAa,CAAC,QAAiB;QAClC,OAAO,CAAC,GAAgB,EAAE,IAAkB,EAAE,IAAkB,EAAE,EAAE;YAChE,MAAM,IAAI,GAAS,GAAiB,CAAC,SAAS,IAAI,GAAG,CAAC,MAAM,CAAC;YAC7D,MAAM,IAAI,GAAwB,GAAG,CAAC,IAAe,CAAC;YAEtD,oEAAoE;YACpE,IAAI,IAAI,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;gBACnB,IAAI,EAAE,CAAC;gBACP,OAAO;YACX,CAAC;YAED,8EAA8E;YAC9E,kFAAkF;YAClF,8EAA8E;YAC9E,IAAI,OAAO,GAAG,KAAK,CAAC;YACpB,MAAM,MAAM,GAAG,CAAC,EAAc,EAAE,EAAE;gBAC9B,IAAI,OAAO;oBAAE,OAAO;gBACpB,OAAO,GAAG,IAAI,CAAC;gBACf,YAAY,CAAC,KAAK,CAAC,CAAC;gBACpB,IAAI,CAAC,cAAc,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;gBAC1C,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;gBACtC,EAAE,EAAE,CAAC;YACT,CAAC,CAAC;YAEF,MAAM,OAAO,GAAG,GAAG,EAAE;gBACjB,iFAAiF;gBACjF,kFAAkF;gBAClF,MAAM,CAAC,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC;YACzB,CAAC,CAAC;YAEF,MAAM,SAAS,GAAG,CAAC,IAAS,EAAE,QAAiB,EAAE,EAAE;gBAC/C,IAAI,QAAQ,EAAE,CAAC;oBACX,MAAM,CAAC,GAAG,EAAE;wBACR,IAAI,QAAQ,EAAE,CAAC;4BACX,MAAM,KAAK,GAAG,IAAI,QAAQ,CACtB,SAAS,CAAC,eAAe,EACzB,GAAG,EACH,gBAAgB,CAAC,eAAe,CACnC,CAAC;4BACF,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;4BAC7B,IAAI,CAAC,KAAK,CAAC,CAAC;wBAChB,CAAC;6BAAM,CAAC;4BACJ,IAAI,EAAE,CAAC;wBACX,CAAC;oBACL,CAAC,CAAC,CAAC;oBACH,OAAO;gBACX,CAAC;gBAED,IAAI,CAAC;oBACD,MAAM,OAAO,GAAQ,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;oBAEtC,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;wBAC3B,MAAM,OAAO,GAAe,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;wBAChF,MAAM,SAAS,GACX,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC,CAAE,OAAO,CAAC,OAAmB,CAAC,CAAC,CAAC,IAAI,CAAC;wBAErE,IAAI,SAAS,IAAI,SAAS,CAAC,GAAG,EAAE,CAAC;4BAC7B,MAAM,CAAC,GAAG,EAAE;gCACR,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;gCACrF,GAAG,CAAC,IAAI,GAAG,SAAS,CAAC;gCACrB,uEAAuE;gCACvE,GAAG,CAAC,IAAI,GAAG,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC;gCAC3E,IAAI,EAAE,CAAC;4BACX,CAAC,CAAC,CAAC;wBACP,CAAC;6BAAM,IAAI,QAAQ,EAAE,CAAC;4BAClB,MAAM,CAAC,GAAG,EAAE;gCACR,MAAM,KAAK,GAAG,IAAI,QAAQ,CAAC,SAAS,CAAC,WAAW,EAAE,GAAG,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAC;gCACrF,IAAI,CAAC,IAAI,CACL,IAAI,CAAC,SAAS,CAAC;oCACX,EAAE,EAAE,OAAO,CAAC,EAAE;oCACd,IAAI,EAAE,gBAAgB;oCACtB,OAAO,EAAE,KAAK;oCACd,IAAI,EAAE,KAAK,CAAC,OAAO;iCACtB,CAAC,CACL,CAAC;gCACF,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;gCAChC,IAAI,CAAC,KAAK,CAAC,CAAC;4BAChB,CAAC,CAAC,CAAC;wBACP,CAAC;6BAAM,CAAC;4BACJ,MAAM,CAAC,GAAG,EAAE;gCACR,IAAI,CAAC,IAAI,CACL,IAAI,CAAC,SAAS,CAAC;oCACX,EAAE,EAAE,OAAO,CAAC,EAAE;oCACd,IAAI,EAAE,gBAAgB;oCACtB,OAAO,EAAE,KAAK;oCACd,IAAI,EAAE,+BAA+B;iCACxC,CAAC,CACL,CAAC;gCACF,IAAI,EAAE,CAAC;4BACX,CAAC,CAAC,CAAC;wBACP,CAAC;oBACL,CAAC;yBAAM,IAAI,QAAQ,EAAE,CAAC;wBAClB,MAAM,CAAC,GAAG,EAAE;4BACR,MAAM,KAAK,GAAG,IAAI,QAAQ,CACtB,SAAS,CAAC,eAAe,EACzB,GAAG,EACH,gBAAgB,CAAC,eAAe,CACnC,CAAC;4BACF,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;4BAC7B,IAAI,CAAC,KAAK,CAAC,CAAC;wBAChB,CAAC,CAAC,CAAC;oBACP,CAAC;yBAAM,CAAC;wBACJ,MAAM,CAAC,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC;oBACzB,CAAC;gBACL,CAAC;gBAAC,MAAM,CAAC;oBACL,MAAM,CAAC,GAAG,EAAE;wBACR,IAAI,QAAQ,EAAE,CAAC;4BACX,MAAM,KAAK,GAAG,IAAI,QAAQ,CACtB,SAAS,CAAC,eAAe,EACzB,GAAG,EACH,gBAAgB,CAAC,eAAe,CACnC,CAAC;4BACF,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;4BAC7B,IAAI,CAAC,KAAK,CAAC,CAAC;wBAChB,CAAC;6BAAM,CAAC;4BACJ,IAAI,EAAE,CAAC;wBACX,CAAC;oBACL,CAAC,CAAC,CAAC;gBACP,CAAC;YACL,CAAC,CAAC;YAEF,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;YAChC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAE5B,MAAM,KAAK,GAAmB,UAAU,CAAC,GAAG,EAAE;gBAC1C,MAAM,CAAC,GAAG,EAAE;oBACR,IAAI,QAAQ,EAAE,CAAC;wBACX,MAAM,KAAK,GAAG,IAAI,QAAQ,CAAC,SAAS,CAAC,WAAW,EAAE,GAAG,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAC;wBACrF,KAAK,CAAC,MAAM,GAAG,GAAG,CAAC;wBACnB,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;wBAChC,IAAI,CAAC,KAAK,CAAC,CAAC;oBAChB,CAAC;yBAAM,CAAC;wBACJ,IAAI,EAAE,CAAC;oBACX,CAAC;gBACL,CAAC,CAAC,CAAC;YACP,CAAC,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;QAC/B,CAAC,CAAC;IACN,CAAC;IAED;;;;OAIG;IACI,QAAQ,CAAC,IAAY,EAAE,QAAsB;QAChD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IACxC,CAAC;CACJ;AA7NW;IADP,MAAM,CAAC,MAAM,CAAC;;kDACS;AAGhB;IADP,MAAM,CAAC,oBAAoB,EAAE,IAAI,CAAC;;yDACM;AAGjC;IADP,MAAM,CAAC,aAAa,CAAC;8BACE,aAAa;qDAAC;AAMxB;IADb,IAAI;;;;0CAYJ"}

package/dist/lib/auth/AuthStrategy.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=AuthStrategy.js.map

package/dist/lib/auth/AuthStrategy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthStrategy.js","sourceRoot":"","sources":["../../../src/auth/AuthStrategy.ts"],"names":[],"mappings":""}

package/dist/lib/auth/BasicStrategy.js

@@ -0,0 +1,106 @@
+import { ApiErrorMessages } from "../ApiErrors.js";
+/**
+ * Describes the configuration options that can be used to initialize BasicStrategy.
+ *
+ * @author Jean-Philippe Steinmetz
+ */
+export class BasicStrategyOptions {
+    constructor() {
+        /** The name of the header to look for when performing header based authentication. Default value is `Authorization`. */
+        this.headerKey = "authorization";
+        /** The authorization scheme type when using header based authentication. Default value is `jwt`. */
+        this.headerScheme = "basic";
+        /** The name of the request query parameter to retrieve the token from when using query based authentication. Default value is `auth_basic`. */
+        this.queryKey = "auth_basic";
+        /**
+         * Set to `true` to allow credentials to be supplied via the `queryKey` URL parameter.
+         * Disabled by default — query parameters appear in server logs, browser history, and
+         * Referer headers, which permanently exposes credentials outside the application.
+         */
+        this.allowQueryParam = false;
+    }
+    /** You must override this function to perform verification of the login information. */
+    verify(uid, secret) {
+        return undefined;
+    }
+}
+/**
+ * @author Jean-Philippe Steinmetz <rapidrests@gmail.com>
+ */
+export class BasicStrategy {
+    constructor(options = new BasicStrategyOptions()) {
+        this.name = "basic";
+        this.options = options;
+    }
+    authenticate(req, res, required) {
+        let error = "";
+        let loginFound = false;
+        let loginInfo = "";
+        // Login info should be found in this order: Query Parameter => Authorization
+        // Check the query parameter (only when explicitly opted in — tokens in URLs appear in logs)
+        if (this.options.allowQueryParam && this.options.queryKey && req.query && this.options.queryKey in req.query) {
+            loginInfo = req.query[this.options.queryKey];
+            loginFound = true;
+        }
+        // Next check the headers. It's possible there is more than one header value defined. Loop through each of
+        // them until we have a verified login info.
+        if (!loginFound && this.options.headerKey && this.options.headerKey in req.headers) {
+            loginFound = true;
+            const value = req.headers[this.options.headerKey];
+            const headers = Array.isArray(value) ? value : typeof value === "string" ? [value] : [];
+            // Loop throught th
+            for (const header in headers) {
+                const parts = headers[header].split(" ");
+                if (parts.length !== 2) {
+                    error = ApiErrorMessages.AUTH_FAILED;
+                    continue;
+                }
+                if (!parts[0].match(new RegExp("^" + this.options.headerScheme + "$", "i"))) {
+                    error = ApiErrorMessages.AUTH_FAILED;
+                    continue;
+                }
+                loginInfo = parts[1];
+            }
+        }
+        // If the login info has been found, verify it.
+        if (loginInfo && loginInfo.length > 0) {
+            const info = Buffer.from(loginInfo, "base64").toString("utf-8");
+            const parts = info.split(":");
+            if (parts.length !== 2) {
+                throw new Error("Invalid or missing username of password.");
+            }
+            const result = this.options.verify(parts[0], parts[1]);
+            if (result) {
+                if (result instanceof Promise) {
+                    return new Promise(async (resolve, reject) => {
+                        try {
+                            const user = await result;
+                            resolve({
+                                data: loginInfo,
+                                method: this.name,
+                                payload: info,
+                                user,
+                            });
+                        }
+                        catch (err) {
+                            reject(err);
+                        }
+                    });
+                }
+                else {
+                    return {
+                        data: loginInfo,
+                        method: this.name,
+                        payload: info,
+                        user: result,
+                    };
+                }
+            }
+        }
+        if (required) {
+            throw new Error("Invalid or missing username of password.");
+        }
+        return undefined;
+    }
+}
+//# sourceMappingURL=BasicStrategy.js.map

package/dist/lib/auth/BasicStrategy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"BasicStrategy.js","sourceRoot":"","sources":["../../../src/auth/BasicStrategy.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AAEnD;;;;GAIG;AACH,MAAM,OAAO,oBAAoB;IAAjC;QACI,wHAAwH;QACjH,cAAS,GAAW,eAAe,CAAC;QAC3C,oGAAoG;QAC7F,iBAAY,GAAW,OAAO,CAAC;QACtC,+IAA+I;QACxI,aAAQ,GAAW,YAAY,CAAC;QACvC;;;;WAIG;QACI,oBAAe,GAAY,KAAK,CAAC;IAK5C,CAAC;IAJG,wFAAwF;IACjF,MAAM,CAAC,GAAW,EAAE,MAAc;QACrC,OAAO,SAAS,CAAC;IACrB,CAAC;CACJ;AAED;;GAEG;AACH,MAAM,OAAO,aAAa;IAItB,YAAY,UAAgC,IAAI,oBAAoB,EAAE;QAHtD,SAAI,GAAW,OAAO,CAAC;QAInC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IAC3B,CAAC;IAED,YAAY,CACR,GAAgB,EAChB,GAAiB,EACjB,QAAkB;QAElB,IAAI,KAAK,GAAW,EAAE,CAAC;QACvB,IAAI,UAAU,GAAY,KAAK,CAAC;QAChC,IAAI,SAAS,GAAW,EAAE,CAAC;QAE3B,6EAA6E;QAC7E,4FAA4F;QAC5F,IAAI,IAAI,CAAC,OAAO,CAAC,eAAe,IAAI,IAAI,CAAC,OAAO,CAAC,QAAQ,IAAI,GAAG,CAAC,KAAK,IAAI,IAAI,CAAC,OAAO,CAAC,QAAQ,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;YAC3G,SAAS,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAW,CAAC;YACvD,UAAU,GAAG,IAAI,CAAC;QACtB,CAAC;QAED,0GAA0G;QAC1G,4CAA4C;QAC5C,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;YACjF,UAAU,GAAG,IAAI,CAAC;YAClB,MAAM,KAAK,GAAkC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YACjF,MAAM,OAAO,GAAa,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAElG,mBAAmB;YACnB,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC3B,MAAM,KAAK,GAAa,OAAO,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACnD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBACrB,KAAK,GAAG,gBAAgB,CAAC,WAAW,CAAC;oBACrC,SAAS;gBACb,CAAC;gBAED,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,YAAY,GAAG,GAAG,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC;oBAC1E,KAAK,GAAG,gBAAgB,CAAC,WAAW,CAAC;oBACrC,SAAS;gBACb,CAAC;gBAED,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACzB,CAAC;QACL,CAAC;QAED,+CAA+C;QAC/C,IAAI,SAAS,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpC,MAAM,IAAI,GAAW,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YACxE,MAAM,KAAK,GAAa,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACxC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACrB,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;YAChE,CAAC;YACD,MAAM,MAAM,GAA2C,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAC/F,IAAI,MAAM,EAAE,CAAC;gBACT,IAAI,MAAM,YAAY,OAAO,EAAE,CAAC;oBAC5B,OAAO,IAAI,OAAO,CAAC,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE;wBACzC,IAAI,CAAC;4BACD,MAAM,IAAI,GAAY,MAAM,MAAM,CAAC;4BACnC,OAAO,CAAC;gCACJ,IAAI,EAAE,SAAS;gCACf,MAAM,EAAE,IAAI,CAAC,IAAI;gCACjB,OAAO,EAAE,IAAI;gCACb,IAAI;6BACP,CAAC,CAAC;wBACP,CAAC;wBAAC,OAAO,GAAG,EAAE,CAAC;4BACX,MAAM,CAAC,GAAG,CAAC,CAAC;wBAChB,CAAC;oBACL,CAAC,CAAC,CAAC;gBACP,CAAC;qBAAM,CAAC;oBACJ,OAAO;wBACH,IAAI,EAAE,SAAS;wBACf,MAAM,EAAE,IAAI,CAAC,IAAI;wBACjB,OAAO,EAAE,IAAI;wBACb,IAAI,EAAE,MAAM;qBACf,CAAC;gBACN,CAAC;YACL,CAAC;QACL,CAAC;QAED,IAAI,QAAQ,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;QAChE,CAAC;QAED,OAAO,SAAS,CAAC;IACrB,CAAC;CACJ"}

package/dist/lib/auth/JWTStrategy.js

@@ -0,0 +1,161 @@
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+////////////////////////////////////////////////////////////////////////////////
+// Copyright (C) 2020-2026 Jean-Philippe Steinmetz
+///////////////////////////////////////////////////////////////////////////////
+import { JWTUtils, ObjectDecorators } from "@rapidrest/core";
+import { ApiErrorMessages } from "../ApiErrors.js";
+import dayjs from "dayjs";
+import { createRequire } from "module";
+const { Config } = ObjectDecorators;
+const _require = createRequire(process.cwd() + "/package.json");
+const duration = _require("dayjs/plugin/duration");
+dayjs.extend(duration);
+/**
+ * Describes the configuration options that can be used to initialize JWTStrategy.
+ *
+ * @author Jean-Philippe Steinmetz
+ */
+export class JWTStrategyOptions {
+    constructor() {
+        /** The name of the header to look for when performing header based authentication. Default value is `Authorization`. */
+        this.headerKey = "authorization";
+        /** The authorization scheme type when using header based authentication. Default value is `jwt`. */
+        this.headerScheme = "(jwt|bearer)";
+        /** The name of the cookie to retrieve the token from when using cookie based authentication. Default value is `jwt`. */
+        this.cookieName = "jwt";
+        /** The name of the secured cookie to retreive the token from when using cookie based authentication. */
+        this.cookieSecure = false;
+        /** The name of the request query parameter to retrieve the token from when using query based authentication. Default value is `auth_token`. */
+        this.queryKey = "auth_token";
+        /**
+         * Set to `true` to allow tokens to be supplied via the `queryKey` URL parameter.
+         * Disabled by default — query parameters appear in server logs, browser history, and
+         * Referer headers, which permanently exposes tokens outside the application.
+         */
+        this.allowQueryParam = false;
+    }
+}
+/**
+ * JWT authentication strategy. Performs JWT verification and searches for a token by one of the
+ * following methods (in order of precedence):
+ * * Query Parameter
+ * * Authorization Header
+ * * Cookie
+ *
+ * This class no longer extends `passport-strategy`; it is used directly by route middleware
+ * and returns a plain result object instead of calling Passport callbacks.
+ *
+ * @author Jean-Philippe Steinmetz
+ */
+export class JWTStrategy {
+    constructor(options = new JWTStrategyOptions()) {
+        this.name = "jwt";
+        this.options = options;
+        this.options.headerKey = options.headerKey.toLowerCase();
+    }
+    /**
+     * Attempts to authenticate the incoming request by extracting and verifying a JWT token.
+     * Returns a `JWTAuthResult` describing the outcome.
+     */
+    authenticate(req, res, required) {
+        let error = "";
+        let user = undefined;
+        let authPayload = undefined;
+        let authToken = undefined;
+        let tokenFound = false;
+        // Tokens should be found in this order: Query Parameter => Authorization => Cookie
+        // Check the query parameter (only when explicitly opted in — tokens in URLs appear in logs)
+        if ((this.options.allowQueryParam || this.config?.allowQueryParam) && this.options.queryKey && req.query && this.options.queryKey in req.query) {
+            let token = req.query[this.options.queryKey];
+            tokenFound = true;
+            const payload = JWTUtils.decodeToken(this.config, token);
+            // If the verification succeeded clear out any existing error, we have success
+            if (payload && payload.profile) {
+                error = "";
+                user = payload.profile;
+            }
+            // Store the payload in the request in case someone needs it
+            authPayload = payload;
+            // Store the full token in the request in case someone needs it
+            authToken = token;
+        }
+        // Next check the headers. It's possible there is more than one header value defined. Loop through each of
+        // them until we have a verified token.
+        if (!user && this.options.headerKey && this.options.headerKey in req.headers) {
+            tokenFound = true;
+            const value = req.headers[this.options.headerKey];
+            const headers = Array.isArray(value) ? value : typeof value === "string" ? [value] : [];
+            // Loop throught th
+            for (const header in headers) {
+                const parts = headers[header].split(" ");
+                if (parts.length !== 2) {
+                    error = ApiErrorMessages.AUTH_FAILED;
+                    continue;
+                }
+                if (!parts[0].match(new RegExp("^" + this.options.headerScheme + "$", "i"))) {
+                    error = ApiErrorMessages.AUTH_FAILED;
+                    continue;
+                }
+                let token = parts[1];
+                const payload = JWTUtils.decodeToken(this.config, token);
+                // If the verification succeeded clear out any existing error, we have success
+                if (payload && payload.profile) {
+                    error = "";
+                    user = payload.profile;
+                    authPayload = payload;
+                    authToken = token;
+                    // No need to continue checking remaining headers. We have our success.
+                    break;
+                }
+                authPayload = payload;
+                authToken = token;
+            }
+        }
+        // Check the cookie header
+        let token = "";
+        if (!user && this.options.cookieSecure && this.options.cookieName && req.signedCookies) {
+            // TODO Decrypt the signed cookie
+            token = req.signedCookies[this.options.cookieName];
+        }
+        if (!user && !this.options.cookieSecure && this.options.cookieName && req.cookies) {
+            token = req.cookies[this.options.cookieName];
+        }
+        // If the token has been found, verify it.
+        if (!user && token && token.length > 0) {
+            tokenFound = true;
+            try {
+                const payload = JWTUtils.decodeToken(this.config, token);
+                // If the verification succeeded clear out any existing error, we have success
+                if (payload && payload.profile) {
+                    error = "";
+                    user = payload.profile;
+                }
+                authPayload = payload;
+                authToken = token;
+            }
+            catch (err) {
+                error = err;
+            }
+        }
+        if (user) {
+            return { data: authToken, method: this.name, payload: authPayload, tokenFound, user };
+        }
+        if (required) {
+            throw new Error("Invalid or missing auth token.");
+        }
+        return undefined;
+    }
+}
+__decorate([
+    Config("auth"),
+    __metadata("design:type", Object)
+], JWTStrategy.prototype, "config", void 0);
+//# sourceMappingURL=JWTStrategy.js.map

package/dist/lib/auth/JWTStrategy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"JWTStrategy.js","sourceRoot":"","sources":["../../../src/auth/JWTStrategy.ts"],"names":[],"mappings":";;;;;;;;;AAAA,gFAAgF;AAChF,kDAAkD;AAClD,+EAA+E;AAC/E,OAAO,EAAE,QAAQ,EAAuC,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AAClG,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AAEnD,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC;AAEvC,MAAM,EAAE,MAAM,EAAE,GAAG,gBAAgB,CAAC;AACpC,MAAM,QAAQ,GAAG,aAAa,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,eAAe,CAAC,CAAC;AAChE,MAAM,QAAQ,GAAG,QAAQ,CAAC,uBAAuB,CAAC,CAAC;AACnD,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;AAEvB;;;;GAIG;AACH,MAAM,OAAO,kBAAkB;IAA/B;QAGI,wHAAwH;QACjH,cAAS,GAAW,eAAe,CAAC;QAC3C,oGAAoG;QAC7F,iBAAY,GAAW,cAAc,CAAC;QAC7C,wHAAwH;QACjH,eAAU,GAAW,KAAK,CAAC;QAClC,wGAAwG;QACjG,iBAAY,GAAY,KAAK,CAAC;QACrC,+IAA+I;QACxI,aAAQ,GAAW,YAAY,CAAC;QACvC;;;;WAIG;QACI,oBAAe,GAAY,KAAK,CAAC;IAC5C,CAAC;CAAA;AAaD;;;;;;;;;;;GAWG;AACH,MAAM,OAAO,WAAW;IAQpB,YAAY,UAA8B,IAAI,kBAAkB,EAAE;QAJlD,SAAI,GAAW,KAAK,CAAC;QAKjC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,OAAO,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC;IAC7D,CAAC;IAED;;;OAGG;IACI,YAAY,CAAC,GAAgB,EAAE,GAAiB,EAAE,QAAkB;QACvE,IAAI,KAAK,GAAW,EAAE,CAAC;QACvB,IAAI,IAAI,GAAwB,SAAS,CAAC;QAC1C,IAAI,WAAW,GAA2B,SAAS,CAAC;QACpD,IAAI,SAAS,GAAuB,SAAS,CAAC;QAC9C,IAAI,UAAU,GAAY,KAAK,CAAC;QAEhC,mFAAmF;QACnF,4FAA4F;QAC5F,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,eAAe,IAAI,IAAI,CAAC,MAAM,EAAE,eAAe,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,QAAQ,IAAI,GAAG,CAAC,KAAK,IAAI,IAAI,CAAC,OAAO,CAAC,QAAQ,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;YAC7I,IAAI,KAAK,GAAW,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAW,CAAC;YAC/D,UAAU,GAAG,IAAI,CAAC;YAElB,MAAM,OAAO,GAAe,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;YACrE,8EAA8E;YAC9E,IAAI,OAAO,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;gBAC7B,KAAK,GAAG,EAAE,CAAC;gBACX,IAAI,GAAG,OAAO,CAAC,OAAkB,CAAC;YACtC,CAAC;YACD,4DAA4D;YAC5D,WAAW,GAAG,OAAO,CAAC;YACtB,+DAA+D;YAC/D,SAAS,GAAG,KAAK,CAAC;QACtB,CAAC;QAED,0GAA0G;QAC1G,uCAAuC;QACvC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;YAC3E,UAAU,GAAG,IAAI,CAAC;YAClB,MAAM,KAAK,GAAkC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YACjF,MAAM,OAAO,GAAa,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAElG,mBAAmB;YACnB,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC3B,MAAM,KAAK,GAAa,OAAO,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACnD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBACrB,KAAK,GAAG,gBAAgB,CAAC,WAAW,CAAC;oBACrC,SAAS;gBACb,CAAC;gBAED,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,YAAY,GAAG,GAAG,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC;oBAC1E,KAAK,GAAG,gBAAgB,CAAC,WAAW,CAAC;oBACrC,SAAS;gBACb,CAAC;gBAED,IAAI,KAAK,GAAW,KAAK,CAAC,CAAC,CAAC,CAAC;gBAC7B,MAAM,OAAO,GAAe,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;gBACrE,8EAA8E;gBAC9E,IAAI,OAAO,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;oBAC7B,KAAK,GAAG,EAAE,CAAC;oBACX,IAAI,GAAG,OAAO,CAAC,OAAkB,CAAC;oBAClC,WAAW,GAAG,OAAO,CAAC;oBACtB,SAAS,GAAG,KAAK,CAAC;oBAClB,uEAAuE;oBACvE,MAAM;gBACV,CAAC;gBACD,WAAW,GAAG,OAAO,CAAC;gBACtB,SAAS,GAAG,KAAK,CAAC;YACtB,CAAC;QACL,CAAC;QAED,0BAA0B;QAC1B,IAAI,KAAK,GAAW,EAAE,CAAC;QACvB,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,CAAC,YAAY,IAAI,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;YACrF,iCAAiC;YACjC,KAAK,GAAG,GAAG,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QACvD,CAAC;QACD,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,IAAI,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;YAChF,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QACjD,CAAC;QAED,0CAA0C;QAC1C,IAAI,CAAC,IAAI,IAAI,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrC,UAAU,GAAG,IAAI,CAAC;YAClB,IAAI,CAAC;gBACD,MAAM,OAAO,GAAe,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;gBACrE,8EAA8E;gBAC9E,IAAI,OAAO,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;oBAC7B,KAAK,GAAG,EAAE,CAAC;oBACX,IAAI,GAAG,OAAO,CAAC,OAAkB,CAAC;gBACtC,CAAC;gBACD,WAAW,GAAG,OAAO,CAAC;gBACtB,SAAS,GAAG,KAAK,CAAC;YACtB,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAChB,KAAK,GAAG,GAAG,CAAC;YAChB,CAAC;QACL,CAAC;QAED,IAAI,IAAI,EAAE,CAAC;YACP,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,CAAC,IAAI,EAAE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;QAC1F,CAAC;QAED,IAAI,QAAQ,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACtD,CAAC;QAED,OAAO,SAAS,CAAC;IACrB,CAAC;CACJ;AAjHW;IADP,MAAM,CAAC,MAAM,CAAC;;2CACK"}

package/dist/lib/auth/index.js

@@ -0,0 +1,5 @@
+export * from "./AuthMiddleware.js";
+export * from "./AuthStrategy.js";
+export * from "./BasicStrategy.js";
+export * from "./JWTStrategy.js";
+//# sourceMappingURL=index.js.map

package/dist/lib/auth/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/auth/index.ts"],"names":[],"mappings":"AAAA,cAAc,qBAAqB,CAAC;AACpC,cAAc,mBAAmB,CAAC;AAClC,cAAc,oBAAoB,CAAC;AACnC,cAAc,kBAAkB,CAAC"}

package/dist/lib/database/ConnectionKinds.js

@@ -0,0 +1,14 @@
+///////////////////////////////////////////////////////////////////////////////
+// Copyright (C) 2020-2026 Jean-Philippe Steinmetz. All rights reserved.
+///////////////////////////////////////////////////////////////////////////////
+import { MongoConnection } from "./MongoConnection.js";
+/**
+ * Determines whether the given connection object is a TypeORM `DataSource` for a SQL database. This check is
+ * performed without importing the optional `typeorm` package by duck-typing the connection object.
+ *
+ * @param conn The connection object to inspect.
+ */
+export function isSqlDataSource(conn) {
+    return !!conn && typeof conn.getRepository === "function" && !(conn instanceof MongoConnection);
+}
+//# sourceMappingURL=ConnectionKinds.js.map

package/dist/lib/database/ConnectionKinds.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ConnectionKinds.js","sourceRoot":"","sources":["../../../src/database/ConnectionKinds.ts"],"names":[],"mappings":"AAAA,+EAA+E;AAC/E,wEAAwE;AACxE,+EAA+E;AAC/E,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAEvD;;;;;GAKG;AACH,MAAM,UAAU,eAAe,CAAC,IAAS;IACrC,OAAO,CAAC,CAAC,IAAI,IAAI,OAAO,IAAI,CAAC,aAAa,KAAK,UAAU,IAAI,CAAC,CAAC,IAAI,YAAY,eAAe,CAAC,CAAC;AACpG,CAAC"}