@skalfa/skalfa-api-core 1.0.3 → 1.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (284) hide show
  1. package/CONTRIBUTING.md +45 -0
  2. package/LICENSE +21 -0
  3. package/README.md +60 -0
  4. package/dist/auth/auth.d.ts +18 -15
  5. package/dist/auth/auth.js +20 -203
  6. package/dist/auth/auth.js.map +1 -1
  7. package/dist/auth/create-access-token.d.ts +4 -0
  8. package/dist/auth/create-access-token.js +26 -0
  9. package/dist/auth/create-access-token.js.map +1 -0
  10. package/dist/auth/create-user-mail-token.d.ts +4 -0
  11. package/dist/auth/create-user-mail-token.js +19 -0
  12. package/dist/auth/create-user-mail-token.js.map +1 -0
  13. package/dist/auth/helpers/generate-agent-id.d.ts +1 -0
  14. package/dist/auth/helpers/generate-agent-id.js +7 -0
  15. package/dist/auth/helpers/generate-agent-id.js.map +1 -0
  16. package/dist/auth/helpers/get-request-ip.d.ts +1 -0
  17. package/dist/auth/helpers/get-request-ip.js +4 -0
  18. package/dist/auth/helpers/get-request-ip.js.map +1 -0
  19. package/dist/auth/helpers/get-user-permissions.d.ts +1 -0
  20. package/dist/auth/helpers/get-user-permissions.js +9 -0
  21. package/dist/auth/helpers/get-user-permissions.js.map +1 -0
  22. package/dist/auth/helpers/index.d.ts +3 -0
  23. package/dist/auth/helpers/index.js +4 -0
  24. package/dist/auth/helpers/index.js.map +1 -0
  25. package/dist/auth/list-user-sessions.d.ts +1 -0
  26. package/dist/auth/list-user-sessions.js +10 -0
  27. package/dist/auth/list-user-sessions.js.map +1 -0
  28. package/dist/auth/revalidate-user-permissions-by-role.d.ts +1 -0
  29. package/dist/auth/revalidate-user-permissions-by-role.js +12 -0
  30. package/dist/auth/revalidate-user-permissions-by-role.js.map +1 -0
  31. package/dist/auth/revalidate-user-permissions.d.ts +1 -0
  32. package/dist/auth/revalidate-user-permissions.js +21 -0
  33. package/dist/auth/revalidate-user-permissions.js.map +1 -0
  34. package/dist/auth/revoke-access-token.d.ts +1 -0
  35. package/dist/auth/revoke-access-token.js +5 -0
  36. package/dist/auth/revoke-access-token.js.map +1 -0
  37. package/dist/auth/verify-access-token.d.ts +1 -0
  38. package/dist/auth/verify-access-token.js +47 -0
  39. package/dist/auth/verify-access-token.js.map +1 -0
  40. package/dist/auth/verify-user-mail-token.d.ts +1 -0
  41. package/dist/auth/verify-user-mail-token.js +21 -0
  42. package/dist/auth/verify-user-mail-token.js.map +1 -0
  43. package/dist/commands/cli.js +18 -27
  44. package/dist/commands/cli.js.map +1 -1
  45. package/dist/commands/make/basic-controller.js +1 -1
  46. package/dist/commands/make/basic-controller.js.map +1 -1
  47. package/dist/commands/make/basic-migration.d.ts +1 -1
  48. package/dist/commands/make/basic-migration.js +2 -2
  49. package/dist/commands/make/basic-migration.js.map +1 -1
  50. package/dist/commands/make/basic-model.js +1 -1
  51. package/dist/commands/make/basic-model.js.map +1 -1
  52. package/dist/commands/make/basic-seeder.js +1 -1
  53. package/dist/commands/make/basic-seeder.js.map +1 -1
  54. package/dist/commands/make/blueprint.js +1 -1
  55. package/dist/commands/make/blueprint.js.map +1 -1
  56. package/dist/commands/make/da-migration.js +3 -3
  57. package/dist/commands/make/da-migration.js.map +1 -1
  58. package/dist/commands/make/mail.js +2 -2
  59. package/dist/commands/make/mail.js.map +1 -1
  60. package/dist/commands/make/notification.js +1 -1
  61. package/dist/commands/make/notification.js.map +1 -1
  62. package/dist/commands/make/queue.js +1 -1
  63. package/dist/commands/make/queue.js.map +1 -1
  64. package/dist/commands/make/resource.d.ts +2 -0
  65. package/dist/commands/make/resource.js +19 -0
  66. package/dist/commands/make/resource.js.map +1 -0
  67. package/dist/commands/make/skalfa-controller.d.ts +3 -0
  68. package/dist/commands/make/{light-controller.js → skalfa-controller.js} +9 -9
  69. package/dist/commands/make/skalfa-controller.js.map +1 -0
  70. package/dist/commands/make/skalfa-model.d.ts +3 -0
  71. package/dist/commands/make/{light-model.js → skalfa-model.js} +11 -11
  72. package/dist/commands/make/skalfa-model.js.map +1 -0
  73. package/dist/commands/runner/barrels.js.map +1 -1
  74. package/dist/commands/runner/blueprint/controller-generation.js +2 -2
  75. package/dist/commands/runner/blueprint/controller-generation.js.map +1 -1
  76. package/dist/commands/runner/blueprint/documentation-generation.js.map +1 -1
  77. package/dist/commands/runner/blueprint/migration-generation.js +3 -3
  78. package/dist/commands/runner/blueprint/migration-generation.js.map +1 -1
  79. package/dist/commands/runner/blueprint/model-generation.js +2 -2
  80. package/dist/commands/runner/blueprint/model-generation.js.map +1 -1
  81. package/dist/commands/runner/blueprint/runner.js +7 -8
  82. package/dist/commands/runner/blueprint/runner.js.map +1 -1
  83. package/dist/commands/runner/blueprint/seeder-generation.js +3 -3
  84. package/dist/commands/runner/blueprint/seeder-generation.js.map +1 -1
  85. package/dist/commands/runner/da-migration.js +1 -2
  86. package/dist/commands/runner/da-migration.js.map +1 -1
  87. package/dist/commands/runner/generate-docs.d.ts +2 -0
  88. package/dist/commands/runner/generate-docs.js +400 -0
  89. package/dist/commands/runner/generate-docs.js.map +1 -0
  90. package/dist/commands/runner/migration.js +1 -1
  91. package/dist/commands/runner/migration.js.map +1 -1
  92. package/dist/commands/runner/seeder.js +1 -1
  93. package/dist/commands/runner/seeder.js.map +1 -1
  94. package/dist/commands/stubs/index.d.ts +4 -4
  95. package/dist/commands/stubs/index.js +4 -4
  96. package/dist/commands/stubs/index.js.map +1 -1
  97. package/dist/context/context.js +6 -0
  98. package/dist/context/context.js.map +1 -1
  99. package/dist/controller/controller.d.ts +17 -30
  100. package/dist/controller/controller.js +39 -121
  101. package/dist/controller/controller.js.map +1 -1
  102. package/dist/controller/response.d.ts +6 -0
  103. package/dist/controller/response.js +63 -0
  104. package/dist/controller/response.js.map +1 -0
  105. package/dist/controller/storage.d.ts +9 -0
  106. package/dist/controller/storage.js +56 -0
  107. package/dist/controller/storage.js.map +1 -0
  108. package/dist/conversion/conversion.d.ts +3 -0
  109. package/dist/conversion/conversion.js +28 -4
  110. package/dist/conversion/conversion.js.map +1 -1
  111. package/dist/conversion/date.d.ts +1 -0
  112. package/dist/conversion/date.js +77 -0
  113. package/dist/conversion/date.js.map +1 -0
  114. package/dist/index.d.ts +2 -0
  115. package/dist/index.js +2 -0
  116. package/dist/index.js.map +1 -1
  117. package/dist/logger/logger.js +33 -0
  118. package/dist/logger/logger.js.map +1 -1
  119. package/dist/mail/mail.js +6 -6
  120. package/dist/mail/mail.js.map +1 -1
  121. package/dist/middleware/access-log.d.ts +31 -0
  122. package/dist/middleware/access-log.js +13 -0
  123. package/dist/middleware/access-log.js.map +1 -0
  124. package/dist/middleware/auth.d.ts +37 -0
  125. package/dist/middleware/auth.js +16 -0
  126. package/dist/middleware/auth.js.map +1 -0
  127. package/dist/middleware/body-parse.d.ts +35 -0
  128. package/dist/middleware/body-parse.js +87 -0
  129. package/dist/middleware/body-parse.js.map +1 -0
  130. package/dist/middleware/context.d.ts +29 -0
  131. package/dist/middleware/context.js +8 -0
  132. package/dist/middleware/context.js.map +1 -0
  133. package/dist/middleware/cors.d.ts +31 -0
  134. package/dist/middleware/cors.js +27 -0
  135. package/dist/middleware/cors.js.map +1 -0
  136. package/dist/middleware/error-handler.d.ts +33 -0
  137. package/dist/middleware/error-handler.js +17 -0
  138. package/dist/middleware/error-handler.js.map +1 -0
  139. package/dist/middleware/middleware.d.ts +31 -10
  140. package/dist/middleware/middleware.js +41 -209
  141. package/dist/middleware/middleware.js.map +1 -1
  142. package/dist/middleware/private.d.ts +29 -0
  143. package/dist/middleware/private.js +8 -0
  144. package/dist/middleware/private.js.map +1 -0
  145. package/dist/middleware/rate-limiter.d.ts +32 -0
  146. package/dist/middleware/rate-limiter.js +30 -0
  147. package/dist/middleware/rate-limiter.js.map +1 -0
  148. package/dist/notification/index.d.ts +1 -0
  149. package/dist/notification/index.js +2 -0
  150. package/dist/notification/index.js.map +1 -0
  151. package/dist/notification/notification.d.ts +16 -0
  152. package/dist/notification/notification.js +64 -0
  153. package/dist/notification/notification.js.map +1 -0
  154. package/dist/permission/permission.js +9 -0
  155. package/dist/permission/permission.js.map +1 -1
  156. package/dist/registry/registry.d.ts +0 -6
  157. package/dist/registry/registry.js +6 -6
  158. package/dist/registry/registry.js.map +1 -1
  159. package/dist/storage/storage.d.ts +3 -3
  160. package/dist/storage/storage.js.map +1 -1
  161. package/dist/validation/validation.js +43 -51
  162. package/dist/validation/validation.js.map +1 -1
  163. package/package.json +4 -4
  164. package/src/auth/auth.ts +21 -252
  165. package/src/auth/create-access-token.ts +29 -0
  166. package/src/auth/create-user-mail-token.ts +24 -0
  167. package/src/auth/helpers/generate-agent-id.ts +8 -0
  168. package/src/auth/helpers/get-request-ip.ts +3 -0
  169. package/src/auth/helpers/get-user-permissions.ts +15 -0
  170. package/src/auth/helpers/index.ts +3 -0
  171. package/src/auth/list-user-sessions.ts +11 -0
  172. package/src/auth/revalidate-user-permissions-by-role.ts +13 -0
  173. package/src/auth/revalidate-user-permissions.ts +26 -0
  174. package/src/auth/revoke-access-token.ts +5 -0
  175. package/src/auth/verify-access-token.ts +56 -0
  176. package/src/auth/verify-user-mail-token.ts +24 -0
  177. package/src/commands/cli.ts +19 -29
  178. package/src/commands/make/basic-controller.ts +4 -2
  179. package/src/commands/make/basic-migration.ts +5 -3
  180. package/src/commands/make/basic-model.ts +3 -1
  181. package/src/commands/make/basic-seeder.ts +3 -1
  182. package/src/commands/make/blueprint.ts +3 -1
  183. package/src/commands/make/da-migration.ts +6 -5
  184. package/src/commands/make/mail.ts +4 -2
  185. package/src/commands/make/notification.ts +3 -1
  186. package/src/commands/make/queue.ts +3 -1
  187. package/src/commands/make/resource.ts +21 -0
  188. package/src/commands/make/{light-controller.ts → skalfa-controller.ts} +10 -8
  189. package/src/commands/make/{light-model.ts → skalfa-model.ts} +12 -10
  190. package/src/commands/runner/barrels.ts +4 -0
  191. package/src/commands/runner/blueprint/controller-generation.ts +4 -2
  192. package/src/commands/runner/blueprint/documentation-generation.ts +2 -0
  193. package/src/commands/runner/blueprint/migration-generation.ts +5 -3
  194. package/src/commands/runner/blueprint/model-generation.ts +4 -2
  195. package/src/commands/runner/blueprint/runner.ts +15 -8
  196. package/src/commands/runner/blueprint/seeder-generation.ts +5 -3
  197. package/src/commands/runner/da-migration.ts +3 -2
  198. package/src/commands/runner/generate-docs.ts +495 -0
  199. package/src/commands/runner/migration.ts +1 -1
  200. package/src/commands/runner/seeder.ts +1 -1
  201. package/src/commands/stubs/index.ts +4 -4
  202. package/src/context/context.ts +23 -17
  203. package/src/controller/controller.ts +124 -239
  204. package/src/controller/response.ts +78 -0
  205. package/src/controller/storage.ts +78 -0
  206. package/src/conversion/conversion.ts +90 -64
  207. package/src/conversion/date.ts +74 -0
  208. package/src/index.ts +2 -0
  209. package/src/logger/logger.ts +217 -176
  210. package/src/mail/mail.ts +85 -85
  211. package/src/middleware/access-log.ts +15 -0
  212. package/src/middleware/auth.ts +19 -0
  213. package/src/middleware/body-parse.ts +83 -0
  214. package/src/middleware/context.ts +11 -0
  215. package/src/middleware/cors.ts +31 -0
  216. package/src/middleware/error-handler.ts +20 -0
  217. package/src/middleware/middleware.ts +91 -288
  218. package/src/middleware/private.ts +8 -0
  219. package/src/middleware/rate-limiter.ts +41 -0
  220. package/src/notification/index.ts +1 -0
  221. package/src/notification/notification.ts +86 -0
  222. package/src/permission/permission.ts +140 -136
  223. package/src/registry/registry.ts +17 -15
  224. package/src/route/route.ts +11 -11
  225. package/src/storage/storage.ts +104 -106
  226. package/src/validation/validation.ts +322 -346
  227. package/dist/auth.util.d.ts +0 -19
  228. package/dist/auth.util.js +0 -183
  229. package/dist/auth.util.js.map +0 -1
  230. package/dist/commands/make/light-controller.d.ts +0 -3
  231. package/dist/commands/make/light-controller.js.map +0 -1
  232. package/dist/commands/make/light-model.d.ts +0 -3
  233. package/dist/commands/make/light-model.js.map +0 -1
  234. package/dist/context.util.d.ts +0 -7
  235. package/dist/context.util.js +0 -11
  236. package/dist/context.util.js.map +0 -1
  237. package/dist/controller.util.d.ts +0 -118
  238. package/dist/controller.util.js +0 -144
  239. package/dist/controller.util.js.map +0 -1
  240. package/dist/conversion.util.d.ts +0 -8
  241. package/dist/conversion.util.js +0 -52
  242. package/dist/conversion.util.js.map +0 -1
  243. package/dist/db/db.d.ts +0 -84
  244. package/dist/db/db.js +0 -177
  245. package/dist/db/db.js.map +0 -1
  246. package/dist/db/index.d.ts +0 -1
  247. package/dist/db/index.js +0 -2
  248. package/dist/db/index.js.map +0 -1
  249. package/dist/db.util.d.ts +0 -84
  250. package/dist/db.util.js +0 -177
  251. package/dist/db.util.js.map +0 -1
  252. package/dist/logger.util.d.ts +0 -30
  253. package/dist/logger.util.js +0 -126
  254. package/dist/logger.util.js.map +0 -1
  255. package/dist/mail.util.d.ts +0 -21
  256. package/dist/mail.util.js +0 -53
  257. package/dist/mail.util.js.map +0 -1
  258. package/dist/middleware.util.d.ts +0 -263
  259. package/dist/middleware.util.js +0 -233
  260. package/dist/middleware.util.js.map +0 -1
  261. package/dist/model/index.d.ts +0 -3
  262. package/dist/model/index.js +0 -4
  263. package/dist/model/index.js.map +0 -1
  264. package/dist/model/model.d.ts +0 -204
  265. package/dist/model/model.js +0 -1495
  266. package/dist/model/model.js.map +0 -1
  267. package/dist/model.util.d.ts +0 -204
  268. package/dist/model.util.js +0 -1495
  269. package/dist/model.util.js.map +0 -1
  270. package/dist/permission.util.d.ts +0 -38
  271. package/dist/permission.util.js +0 -91
  272. package/dist/permission.util.js.map +0 -1
  273. package/dist/registry.util.d.ts +0 -28
  274. package/dist/registry.util.js +0 -19
  275. package/dist/registry.util.js.map +0 -1
  276. package/dist/route.util.d.ts +0 -1
  277. package/dist/route.util.js +0 -12
  278. package/dist/route.util.js.map +0 -1
  279. package/dist/storage.util.d.ts +0 -56
  280. package/dist/storage.util.js +0 -82
  281. package/dist/storage.util.js.map +0 -1
  282. package/dist/validation.util.d.ts +0 -7
  283. package/dist/validation.util.js +0 -237
  284. package/dist/validation.util.js.map +0 -1
@@ -0,0 +1,45 @@
1
+ # Contributing to @skalfa/skalfa-api-core
2
+
3
+ Thank you for your interest in contributing to Skalfa! We welcome contributions from the community to help make Skalfa the premier development framework.
4
+
5
+ ## How to Contribute
6
+
7
+ To contribute to this package, please follow these standard open-source steps:
8
+
9
+ ### 1. Fork the Repository
10
+ Fork the official Skalfa repository on GitHub to your personal account.
11
+
12
+ ### 2. Clone Your Fork
13
+ Clone your personal fork to your local machine:
14
+ ```bash
15
+ git clone https://github.com/your-username/skalfa.git
16
+ cd skalfa
17
+ ```
18
+
19
+ ### 3. Create a Feature Branch
20
+ Create a new branch for your feature or bugfix:
21
+ ```bash
22
+ git checkout -b feature/amazing-new-feature
23
+ ```
24
+ *(Use `bugfix/issue-description` for bugfixes).*
25
+
26
+ ### 4. Implement and Commit Your Changes
27
+ Make your changes in the codebase. Write clean, formatted code and ensure all tests and typechecks pass. Commit your changes using semantic commit messages:
28
+ ```bash
29
+ git commit -m "feat: add amazing new feature"
30
+ ```
31
+ *(Use `fix: description` for bugfixes, and `docs: description` for documentation updates).*
32
+
33
+ ### 5. Push to GitHub
34
+ Push your branch to your personal fork on GitHub:
35
+ ```bash
36
+ git push origin feature/amazing-new-feature
37
+ ```
38
+
39
+ ### 6. Submit a Pull Request (PR)
40
+ Go to the official Skalfa repository on GitHub. You will see a prompt to submit a pull request. Click "New Pull Request", describe your changes in detail, link any related issues, and submit it for review by the maintainers.
41
+
42
+ ## Guidelines
43
+ * **Code Style**: Ensure your code conforms to the project's ESLint rules and formatting guidelines.
44
+ * **Type Safety**: Write strict, type-safe TypeScript. Do not bypass the compiler.
45
+ * **Testing**: Run local tests and verify that the build compiles with 0 errors before submitting a PR.
package/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2026 Skalfa
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
package/README.md ADDED
@@ -0,0 +1,60 @@
1
+ <p align="center">
2
+ <img src="https://skalfa.sejedigital.com/images/logo-skalfa.png" alt="Skalfa Logo" width="300" />
3
+ </p>
4
+
5
+ # @skalfa/skalfa-api-core
6
+
7
+ > Core framework engine and foundational utilities for the Skalfa API backend.
8
+
9
+ ---
10
+
11
+ ## About this Package
12
+
13
+ This package is part of the **Skalfa Framework**, a premium development ecosystem designed to build high-performance, modular web applications and APIs.
14
+
15
+ ### Usage Scope & Standalone Status
16
+ > 🔒 **Skalfa Ecosystem Integration:** This package is designed to run **integrated within the Skalfa ecosystem** (such as Skalfa API or Skalfa App). It relies on the global service registry and core framework abstractions to operate.
17
+
18
+ ---
19
+
20
+ ## Documentation
21
+
22
+ See the usage documentation at [Documentation](https://skalfa.sejedigital.com).
23
+
24
+ ---
25
+
26
+ ## Installation
27
+
28
+ You can install this package using your preferred package manager:
29
+
30
+ ```bash
31
+ # Using npm
32
+ npm install @skalfa/skalfa-api-core
33
+
34
+ # Using bun
35
+ bun add @skalfa/skalfa-api-core
36
+ ```
37
+
38
+ ---
39
+
40
+ ## Pre-installed Dependencies
41
+
42
+ The following key dependencies are packaged and managed within this project:
43
+
44
+ | Dependency | Scope | Version |
45
+ | :--- | :--- | :--- |
46
+ | `@skalfa/skalfa-orm` | runtime | `file:../skalfa-orm` |
47
+ | `bcrypt` | runtime | `^6.0.0` |
48
+ | `commander` | runtime | `^12.1.0` |
49
+ | `dotenv` | runtime | `^17.2.2` |
50
+ | `elysia` | runtime | `^1.2.0` |
51
+ | `nodemailer` | runtime | `^7.0.9` |
52
+ | `validator` | runtime | `^13.15.15` |
53
+ | `@types/node` | development | `^26.0.0` |
54
+ | `typescript` | development | `^6.0.3` |
55
+
56
+ ---
57
+
58
+ ## License
59
+
60
+ This package is licensed under the **MIT License**. For full license text, see the [LICENSE](LICENSE) file.
@@ -1,19 +1,22 @@
1
+ import { createAccessToken } from './create-access-token';
2
+ import { revokeAccessToken } from './revoke-access-token';
3
+ import { verifyAccessToken } from './verify-access-token';
4
+ import { createUserMailToken } from './create-user-mail-token';
5
+ import { verifyUserMailToken } from './verify-user-mail-token';
6
+ import { listUserSessions } from './list-user-sessions';
7
+ import { revalidateUserPermissions } from './revalidate-user-permissions';
8
+ import { revalidateUserPermissionsByRole } from './revalidate-user-permissions-by-role';
9
+ export declare const TOKEN_PLAIN_LENGTH = 20;
10
+ export declare const AUTH_PERMISSION: boolean;
11
+ export declare const AUTH_CACHE: boolean;
12
+ export declare const AUTH_CACHE_TTL: number;
1
13
  export declare const auth: {
2
- createAccessToken(userId: number, req: Request, permission?: boolean): Promise<{
3
- token: string;
4
- tokenId: any;
5
- }>;
6
- revokeAccessToken(id: number): Promise<number | undefined>;
7
- verifyAccessToken(token: string, req?: Request): Promise<any>;
8
- createUserMailToken(userId: number): Promise<{
9
- token: string;
10
- tokenId: any;
11
- }>;
12
- verifyUserMailToken(userId: number, token: string): Promise<boolean>;
13
- listUserSessions(userId: number, currentTokenId?: number): Promise<any[]>;
14
+ createAccessToken: typeof createAccessToken;
15
+ revokeAccessToken: typeof revokeAccessToken;
16
+ verifyAccessToken: typeof verifyAccessToken;
17
+ createUserMailToken: typeof createUserMailToken;
18
+ verifyUserMailToken: typeof verifyUserMailToken;
19
+ listUserSessions: typeof listUserSessions;
14
20
  revalidateUserPermissions: typeof revalidateUserPermissions;
15
21
  revalidateUserPermissionsByRole: typeof revalidateUserPermissionsByRole;
16
22
  };
17
- declare function revalidateUserPermissions(userId: number): Promise<void>;
18
- declare function revalidateUserPermissionsByRole(roleId: number): Promise<void>;
19
- export {};
package/dist/auth/auth.js CHANGED
@@ -1,227 +1,44 @@
1
- import crypto from 'crypto';
2
- import bcrypt from "bcrypt";
3
- import { db } from '@skalfa/skalfa-orm';
4
- import { registry } from '@utils/registry';
5
- // =====================================>
6
- // ## Auth: User Access Token
7
- // =====================================>
8
- const TOKEN_PLAIN_LENGTH = 20;
9
- const AUTH_PERMISSION = process.env.AUTH_CACHE === "true";
10
- const AUTH_CACHE = process.env.AUTH_CACHE === "true";
11
- const AUTH_CACHE_TTL = Number(process.env.AUTH_CACHE_TTL || 600);
1
+ import { createAccessToken } from './create-access-token';
2
+ import { revokeAccessToken } from './revoke-access-token';
3
+ import { verifyAccessToken } from './verify-access-token';
4
+ import { createUserMailToken } from './create-user-mail-token';
5
+ import { verifyUserMailToken } from './verify-user-mail-token';
6
+ import { listUserSessions } from './list-user-sessions';
7
+ import { revalidateUserPermissions } from './revalidate-user-permissions';
8
+ import { revalidateUserPermissionsByRole } from './revalidate-user-permissions-by-role';
9
+ export const TOKEN_PLAIN_LENGTH = 20;
10
+ export const AUTH_PERMISSION = process.env.AUTH_CACHE === "true";
11
+ export const AUTH_CACHE = process.env.AUTH_CACHE === "true";
12
+ export const AUTH_CACHE_TTL = Number(process.env.AUTH_CACHE_TTL || 600);
12
13
  export const auth = {
13
14
  // =====================================>
14
15
  // ## Auth: create access token with user id
15
16
  // =====================================>
16
- async createAccessToken(userId, req, permission = true) {
17
- const plain = crypto.randomBytes(TOKEN_PLAIN_LENGTH).toString("hex");
18
- const hash = await bcrypt.hash(plain, 10);
19
- const agent = generateAgentId(req);
20
- if (!db) {
21
- // get user from db (fallback / stub for no ORM)
22
- return {
23
- token: `1|${plain}`,
24
- tokenId: 1,
25
- };
26
- }
27
- let permissions = [];
28
- if (AUTH_PERMISSION && permission) {
29
- permissions = await getUserPermissions(userId);
30
- }
31
- const [row] = await db("user_access_tokens").insert({
32
- user_id: userId,
33
- token: hash,
34
- agent: agent,
35
- permissions: JSON.stringify(permissions),
36
- created_at: new Date(),
37
- }).returning(["id"]);
38
- return {
39
- token: `${row.id}|${plain}`,
40
- tokenId: row.id,
41
- };
42
- },
17
+ createAccessToken,
43
18
  // =====================================>
44
19
  // ## Auth: delete access token with user id
45
20
  // =====================================>
46
- async revokeAccessToken(id) {
47
- if (!db) {
48
- // delete user access token from db (stub for no ORM)
49
- return;
50
- }
51
- return db.table('user_access_tokens').where("id", id).delete();
52
- },
21
+ revokeAccessToken,
53
22
  // =====================================>
54
23
  // ## Auth: verify access token
55
24
  // =====================================>
56
- async verifyAccessToken(token, req) {
57
- if (!token.includes("|"))
58
- return null;
59
- const [tokenId, plain] = token.split("|", 2);
60
- const agent = req ? generateAgentId(req) : "";
61
- const ip = req ? getRequestIp(req) : "";
62
- const cacheKey = `auth:token:${tokenId}`;
63
- if (AUTH_CACHE) {
64
- const redis = registry.get('redis');
65
- if (redis) {
66
- const cached = await redis.get(cacheKey);
67
- if (cached) {
68
- const session = JSON.parse(cached);
69
- if (session.agent !== agent)
70
- return null;
71
- return session;
72
- }
73
- }
74
- }
75
- if (!db) {
76
- // get user and token from db (stub for no ORM)
77
- const user = { id: 1, name: "Admin", email: "admin@example.com" };
78
- const tokenRecord = { id: Number(tokenId), agent, permission: [] };
79
- return { user, token: tokenRecord, permissions: [] };
80
- }
81
- const tokenRecord = await db("user_access_tokens").where("id", tokenId).first();
82
- if (!tokenRecord)
83
- return null;
84
- if (tokenRecord.agent !== agent)
85
- return null;
86
- const valid = await bcrypt.compare(plain, tokenRecord.token);
87
- if (!valid)
88
- return null;
89
- await db("user_access_tokens").where("id", tokenRecord.id).update({ last_used_at: new Date(), last_used_ip: ip });
90
- const user = await db("users").where("id", tokenRecord.user_id).first();
91
- if (AUTH_CACHE) {
92
- const redis = registry.get('redis');
93
- if (redis) {
94
- await redis.setex(cacheKey, AUTH_CACHE_TTL, JSON.stringify({
95
- user: user,
96
- agent: tokenRecord.agent,
97
- permissions: tokenRecord.permission,
98
- }));
99
- }
100
- }
101
- return { user, token: tokenRecord, permissions: tokenRecord.permission };
102
- },
25
+ verifyAccessToken,
103
26
  // =====================================>
104
27
  // ## Auth: create user mail token
105
28
  // =====================================>
106
- async createUserMailToken(userId) {
107
- const token = Math.floor(100000 + Math.random() * 900000).toString();
108
- if (!db) {
109
- // create user mail token in db (stub for no ORM)
110
- return {
111
- token: token,
112
- tokenId: 1
113
- };
114
- }
115
- const hash = crypto.createHash('sha256').update(token).digest('hex');
116
- const trx = await db.transaction();
117
- await trx.table('user_mail_tokens').insert({
118
- user_id: userId,
119
- token: hash,
120
- created_at: new Date(),
121
- });
122
- const record = await trx.table('user_mail_tokens').orderBy('id', 'desc').first();
123
- await trx.commit();
124
- return {
125
- token: token,
126
- tokenId: record.id
127
- };
128
- },
29
+ createUserMailToken,
129
30
  // =====================================>
130
31
  // ## Auth: Verify user mail token
131
32
  // =====================================>
132
- async verifyUserMailToken(userId, token) {
133
- if (!db) {
134
- // verify user mail token in db (stub for no ORM)
135
- return true;
136
- }
137
- const hashedToken = crypto.createHash("sha256").update(token).digest("hex");
138
- const record = await db.table("user_mail_tokens")
139
- .where("user_id", userId)
140
- .whereNull("used_at")
141
- .orderBy("id", "desc")
142
- .first();
143
- if (!record)
144
- return false;
145
- if (record.token !== hashedToken)
146
- return false;
147
- const createdAt = new Date(record.created_at);
148
- const now = new Date();
149
- const diffMinutes = (now.getTime() - createdAt.getTime()) / (1000 * 60);
150
- if (diffMinutes > 10)
151
- return false;
152
- return true;
153
- },
33
+ verifyUserMailToken,
154
34
  // =====================================>
155
35
  // ## Auth: list user sessions
156
36
  // =====================================>
157
- async listUserSessions(userId, currentTokenId) {
158
- if (!db) {
159
- // list user sessions from db (stub for no ORM)
160
- return [];
161
- }
162
- const rows = await db("user_access_tokens").select(["id", "agent", "created_at", "last_used_at", "last_used_ip", "expired_at"]).where("user_id", userId).orderBy("last_used_at", "desc");
163
- return rows.map((r) => ({
164
- ...r,
165
- is_active: r.revoked_at === null,
166
- is_current: r.id === currentTokenId,
167
- }));
168
- },
37
+ listUserSessions,
169
38
  // =====================================>
170
39
  // ## Auth: revalidate user permission
171
40
  // =====================================>
172
- revalidateUserPermissions: revalidateUserPermissions,
173
- revalidateUserPermissionsByRole: revalidateUserPermissionsByRole,
41
+ revalidateUserPermissions,
42
+ revalidateUserPermissionsByRole,
174
43
  };
175
- function generateAgentId(req) {
176
- const ua = req.headers.get("user-agent") ?? "";
177
- const acc = req.headers.get("accept") ?? "";
178
- return crypto.createHash("sha256").update(ua + acc).digest("hex");
179
- }
180
- function getRequestIp(req) {
181
- return (req.headers.get("x-forwarded-for")?.split(",")[0]?.trim() || req.headers.get("x-real-ip") || "unknown");
182
- }
183
- async function getUserPermissions(userId) {
184
- if (!db) {
185
- // get user permissions from db (stub for no ORM)
186
- return [];
187
- }
188
- const roleIds = await db("user_roles").where("user_id", userId).pluck("role_id");
189
- if (roleIds.length === 0)
190
- return [];
191
- const rows = await db("permissions").whereIn("role_id", roleIds).pluck("permissions");
192
- return Array.from(new Set(rows.flatMap((p) => p ?? [])));
193
- }
194
- async function revalidateUserPermissions(userId) {
195
- if (!db) {
196
- // revalidate user permissions in db (stub for no ORM)
197
- return;
198
- }
199
- const permissions = await getUserPermissions(userId);
200
- const tokenIds = await db("user_access_tokens").where("user_id", userId).pluck("id");
201
- if (tokenIds.length === 0)
202
- return;
203
- await db("user_access_tokens").whereIn("id", tokenIds).update({
204
- permissions: JSON.stringify(permissions),
205
- updated_at: new Date(),
206
- });
207
- if (AUTH_CACHE) {
208
- const redis = registry.get('redis');
209
- if (redis) {
210
- await Promise.all(tokenIds.map((id) => redis.del(`auth:token:${id}`)));
211
- }
212
- }
213
- }
214
- async function revalidateUserPermissionsByRole(roleId) {
215
- if (!db) {
216
- // revalidate user permissions by role in db (stub for no ORM)
217
- return;
218
- }
219
- const userIds = await db("user_roles").where("role_id", roleId).pluck("user_id");
220
- const queue = registry.get('queue');
221
- if (queue) {
222
- for (const userId of userIds) {
223
- await queue.add("auth:revalidate-permission", { userId });
224
- }
225
- }
226
- }
227
44
  //# sourceMappingURL=auth.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/auth/auth.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAA;AAC3B,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAA;AACvC,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAA;AAE1C,yCAAyC;AACzC,6BAA6B;AAC7B,yCAAyC;AACzC,MAAM,kBAAkB,GAAK,EAAE,CAAA;AAC/B,MAAM,eAAe,GAAQ,OAAO,CAAC,GAAG,CAAC,UAAU,KAAO,MAAM,CAAA;AAChE,MAAM,UAAU,GAAa,OAAO,CAAC,GAAG,CAAC,UAAU,KAAO,MAAM,CAAA;AAChE,MAAM,cAAc,GAAS,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,GAAG,CAAC,CAAA;AAEtE,MAAM,CAAC,MAAM,IAAI,GAAG;IAElB,yCAAyC;IACzC,4CAA4C;IAC5C,yCAAyC;IACzC,KAAK,CAAC,iBAAiB,CAAC,MAAc,EAAE,GAAY,EAAE,aAAsB,IAAI;QAC9E,MAAM,KAAK,GAAK,MAAM,CAAC,WAAW,CAAC,kBAAkB,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;QACtE,MAAM,IAAI,GAAM,MAAM,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;QAC5C,MAAM,KAAK,GAAK,eAAe,CAAC,GAAG,CAAC,CAAA;QAEpC,IAAI,CAAC,EAAE,EAAE,CAAC;YACR,gDAAgD;YAChD,OAAO;gBACL,KAAK,EAAE,KAAK,KAAK,EAAE;gBACnB,OAAO,EAAE,CAAC;aACX,CAAA;QACH,CAAC;QAED,IAAI,WAAW,GAAa,EAAE,CAAA;QAC9B,IAAI,eAAe,IAAI,UAAU,EAAE,CAAC;YAClC,WAAW,GAAG,MAAM,kBAAkB,CAAC,MAAM,CAAC,CAAA;QAChD,CAAC;QAED,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,EAAE,CAAC,oBAAoB,CAAC,CAAC,MAAM,CAAC;YAClD,OAAO,EAAS,MAAM;YACtB,KAAK,EAAW,IAAI;YACpB,KAAK,EAAW,KAAK;YACrB,WAAW,EAAK,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC;YAC3C,UAAU,EAAM,IAAI,IAAI,EAAE;SAC3B,CAAC,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAA;QAEpB,OAAO;YACL,KAAK,EAAO,GAAG,GAAG,CAAC,EAAE,IAAI,KAAK,EAAE;YAChC,OAAO,EAAK,GAAG,CAAC,EAAE;SACnB,CAAA;IACH,CAAC;IAED,yCAAyC;IACzC,4CAA4C;IAC5C,yCAAyC;IACzC,KAAK,CAAC,iBAAiB,CAAC,EAAU;QAChC,IAAI,CAAC,EAAE,EAAE,CAAC;YACR,qDAAqD;YACrD,OAAO;QACT,CAAC;QACD,OAAO,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAA;IAChE,CAAC;IAED,yCAAyC;IACzC,+BAA+B;IAC/B,yCAAyC;IACzC,KAAK,CAAC,iBAAiB,CAAC,KAAa,EAAE,GAAa;QAClD,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC;YAAE,OAAO,IAAI,CAAA;QAErC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,GAAK,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAA;QAC9C,MAAM,KAAK,GAAgB,GAAG,CAAC,CAAC,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;QAC1D,MAAM,EAAE,GAAmB,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;QAEvD,MAAM,QAAQ,GAAG,cAAc,OAAO,EAAE,CAAA;QAExC,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;YACnC,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;gBACxC,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;oBAClC,IAAI,OAAO,CAAC,KAAK,KAAK,KAAK;wBAAE,OAAO,IAAI,CAAA;oBACxC,OAAO,OAAO,CAAA;gBAChB,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,CAAC,EAAE,EAAE,CAAC;YACR,+CAA+C;YAC/C,MAAM,IAAI,GAAG,EAAE,EAAE,EAAE,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,mBAAmB,EAAE,CAAA;YACjE,MAAM,WAAW,GAAG,EAAE,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,EAAE,EAAE,CAAA;YAClE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE,EAAE,CAAA;QACtD,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,EAAE,CAAC,oBAAoB,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,KAAK,EAAE,CAAA;QAE/E,IAAI,CAAC,WAAW;YAAE,OAAO,IAAI,CAAA;QAC7B,IAAI,WAAW,CAAC,KAAK,KAAK,KAAK;YAAE,OAAO,IAAI,CAAA;QAE5C,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,WAAW,CAAC,KAAK,CAAC,CAAA;QAC5D,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAA;QAEvB,MAAM,EAAE,CAAC,oBAAoB,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,WAAW,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,YAAY,EAAE,IAAI,IAAI,EAAE,EAAE,YAAY,EAAE,EAAE,EAAE,CAAC,CAAA;QAEjH,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,CAAA;QAEvE,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;YACnC,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,KAAK,CAAC,KAAK,CACf,QAAQ,EACR,cAAc,EACd,IAAI,CAAC,SAAS,CAAC;oBACb,IAAI,EAAY,IAAI;oBACpB,KAAK,EAAW,WAAW,CAAC,KAAK;oBACjC,WAAW,EAAK,WAAW,CAAC,UAAU;iBACvC,CAAC,CACH,CAAA;YACH,CAAC;QACH,CAAC;QAED,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,CAAC,UAAU,EAAE,CAAA;IAC1E,CAAC;IAED,yCAAyC;IACzC,kCAAkC;IAClC,yCAAyC;IACzC,KAAK,CAAC,mBAAmB,CAAC,MAAc;QACtC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAA;QAEpE,IAAI,CAAC,EAAE,EAAE,CAAC;YACR,iDAAiD;YACjD,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,OAAO,EAAE,CAAC;aACX,CAAA;QACH,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QACpE,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,WAAW,EAAE,CAAA;QAElC,MAAM,GAAG,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,MAAM,CAAC;YACzC,OAAO,EAAO,MAAM;YACpB,KAAK,EAAS,IAAI;YAClB,UAAU,EAAI,IAAI,IAAI,EAAE;SACzB,CAAC,CAAA;QAEF,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,KAAK,EAAE,CAAA;QAEhF,MAAM,GAAG,CAAC,MAAM,EAAE,CAAA;QAElB,OAAO;YACL,KAAK,EAAM,KAAK;YAChB,OAAO,EAAI,MAAM,CAAC,EAAE;SACrB,CAAA;IACH,CAAC;IAED,yCAAyC;IACzC,kCAAkC;IAClC,yCAAyC;IACzC,KAAK,CAAC,mBAAmB,CAAC,MAAc,EAAE,KAAa;QACrD,IAAI,CAAC,EAAE,EAAE,CAAC;YACR,iDAAiD;YACjD,OAAO,IAAI,CAAA;QACb,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAE5E,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC;aAC9C,KAAK,CAAC,SAAS,EAAE,MAAM,CAAC;aACxB,SAAS,CAAC,SAAS,CAAC;aACpB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;aACrB,KAAK,EAAE,CAAC;QAEX,IAAI,CAAC,MAAM;YAAE,OAAO,KAAK,CAAA;QAEzB,IAAI,MAAM,CAAC,KAAK,KAAK,WAAW;YAAE,OAAO,KAAK,CAAC;QAE/C,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAC9C,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,WAAW,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,CAAC,CAAC;QAExE,IAAI,WAAW,GAAG,EAAE;YAAE,OAAO,KAAK,CAAC;QAEnC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,yCAAyC;IACzC,8BAA8B;IAC9B,yCAAyC;IACzC,KAAK,CAAC,gBAAgB,CAAC,MAAc,EAAE,cAAuB;QAC5D,IAAI,CAAC,EAAE,EAAE,CAAC;YACR,+CAA+C;YAC/C,OAAO,EAAE,CAAA;QACX,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,oBAAoB,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,cAAc,EAAC,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,cAAc,EAAE,MAAM,CAAC,CAAA;QAEvL,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC;YAC3B,GAAG,CAAC;YACJ,SAAS,EAAI,CAAC,CAAC,UAAU,KAAO,IAAI;YACpC,UAAU,EAAG,CAAC,CAAC,EAAE,KAAe,cAAc;SAC/C,CAAC,CAAC,CAAA;IACL,CAAC;IAED,yCAAyC;IACzC,sCAAsC;IACtC,yCAAyC;IACzC,yBAAyB,EAAE,yBAAyB;IACpD,+BAA+B,EAAE,+BAA+B;CACjE,CAAA;AAED,SAAS,eAAe,CAAC,GAAY;IACnC,MAAM,EAAE,GAAM,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAM,EAAE,CAAA;IACnD,MAAM,GAAG,GAAK,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAU,EAAE,CAAA;IAEnD,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;AACnE,CAAC;AAED,SAAS,YAAY,CAAC,GAAY;IAChC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,SAAS,CAAC,CAAA;AACjH,CAAC;AAED,KAAK,UAAU,kBAAkB,CAAC,MAAc;IAC9C,IAAI,CAAC,EAAE,EAAE,CAAC;QACR,iDAAiD;QACjD,OAAO,EAAE,CAAA;IACX,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;IAEhF,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAA;IAEnC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAA;IAErF,OAAO,KAAK,CAAC,IAAI,CACf,IAAI,GAAG,CACL,IAAI,CAAC,OAAO,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAClC,CACF,CAAA;AACH,CAAC;AAED,KAAK,UAAU,yBAAyB,CAAC,MAAc;IACrD,IAAI,CAAC,EAAE,EAAE,CAAC;QACR,sDAAsD;QACtD,OAAM;IACR,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,kBAAkB,CAAC,MAAM,CAAC,CAAA;IAEpD,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,oBAAoB,CAAC,CAAC,KAAK,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IAEpF,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAAE,OAAM;IAEjC,MAAM,EAAE,CAAC,oBAAoB,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC,MAAM,CAAC;QAC5D,WAAW,EAAK,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC;QAC3C,UAAU,EAAM,IAAI,IAAI,EAAE;KAC3B,CAAC,CAAA;IAEF,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QACnC,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,OAAO,CAAC,GAAG,CACf,QAAQ,CAAC,GAAG,CAAC,CAAC,EAAO,EAAE,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC,CACzD,CAAA;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,KAAK,UAAU,+BAA+B,CAAC,MAAc;IAC3D,IAAI,CAAC,EAAE,EAAE,CAAC;QACR,8DAA8D;QAC9D,OAAM;IACR,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;IAEhF,MAAM,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;IACnC,IAAI,KAAK,EAAE,CAAC;QACV,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,KAAK,CAAC,GAAG,CAAC,4BAA4B,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;QAC3D,CAAC;IACH,CAAC;AACH,CAAC"}
1
+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/auth/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAA;AACzD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAA;AACzD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAA;AACzD,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAA;AAC9D,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAA;AAC9D,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvD,OAAO,EAAE,yBAAyB,EAAE,MAAM,+BAA+B,CAAA;AACzE,OAAO,EAAE,+BAA+B,EAAE,MAAM,uCAAuC,CAAA;AAEvF,MAAM,CAAC,MAAM,kBAAkB,GAAK,EAAE,CAAA;AACtC,MAAM,CAAC,MAAM,eAAe,GAAQ,OAAO,CAAC,GAAG,CAAC,UAAU,KAAO,MAAM,CAAA;AACvE,MAAM,CAAC,MAAM,UAAU,GAAa,OAAO,CAAC,GAAG,CAAC,UAAU,KAAO,MAAM,CAAA;AACvE,MAAM,CAAC,MAAM,cAAc,GAAS,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,GAAG,CAAC,CAAA;AAE7E,MAAM,CAAC,MAAM,IAAI,GAAG;IAClB,yCAAyC;IACzC,4CAA4C;IAC5C,yCAAyC;IACzC,iBAAiB;IAEjB,yCAAyC;IACzC,4CAA4C;IAC5C,yCAAyC;IACzC,iBAAiB;IAEjB,yCAAyC;IACzC,+BAA+B;IAC/B,yCAAyC;IACzC,iBAAiB;IAEjB,yCAAyC;IACzC,kCAAkC;IAClC,yCAAyC;IACzC,mBAAmB;IAEnB,yCAAyC;IACzC,kCAAkC;IAClC,yCAAyC;IACzC,mBAAmB;IAEnB,yCAAyC;IACzC,8BAA8B;IAC9B,yCAAyC;IACzC,gBAAgB;IAEhB,yCAAyC;IACzC,sCAAsC;IACtC,yCAAyC;IACzC,yBAAyB;IACzB,+BAA+B;CAChC,CAAA"}
@@ -0,0 +1,4 @@
1
+ export declare function createAccessToken(userId: number, req: Request, permission?: boolean): Promise<{
2
+ token: string;
3
+ tokenId: any;
4
+ }>;
@@ -0,0 +1,26 @@
1
+ import crypto from 'crypto';
2
+ import bcrypt from "bcrypt";
3
+ import { db } from '@skalfa/skalfa-orm';
4
+ import { TOKEN_PLAIN_LENGTH, AUTH_PERMISSION } from './auth';
5
+ import { getUserPermissions, generateAgentId } from './helpers';
6
+ export async function createAccessToken(userId, req, permission = true) {
7
+ const plain = crypto.randomBytes(TOKEN_PLAIN_LENGTH).toString("hex");
8
+ const hash = await bcrypt.hash(plain, 10);
9
+ const agent = generateAgentId(req);
10
+ let permissions = [];
11
+ if (AUTH_PERMISSION && permission) {
12
+ permissions = await getUserPermissions(userId);
13
+ }
14
+ const [row] = await db("user_access_tokens").insert({
15
+ user_id: userId,
16
+ token: hash,
17
+ agent: agent,
18
+ permissions: JSON.stringify(permissions),
19
+ created_at: new Date(),
20
+ }).returning(["id"]);
21
+ return {
22
+ token: `${row.id}|${plain}`,
23
+ tokenId: row.id,
24
+ };
25
+ }
26
+ //# sourceMappingURL=create-access-token.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"create-access-token.js","sourceRoot":"","sources":["../../src/auth/create-access-token.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAA;AAC3B,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAA;AACvC,OAAO,EAAE,kBAAkB,EAAE,eAAe,EAAE,MAAM,QAAQ,CAAA;AAC5D,OAAO,EAAE,kBAAkB,EAAE,eAAe,EAAE,MAAM,WAAW,CAAA;AAE/D,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,MAAc,EAAE,GAAY,EAAE,aAAsB,IAAI;IAC9F,MAAM,KAAK,GAAK,MAAM,CAAC,WAAW,CAAC,kBAAkB,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IACtE,MAAM,IAAI,GAAM,MAAM,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;IAC5C,MAAM,KAAK,GAAK,eAAe,CAAC,GAAG,CAAC,CAAA;IAEpC,IAAI,WAAW,GAAa,EAAE,CAAA;IAC9B,IAAI,eAAe,IAAI,UAAU,EAAE,CAAC;QAClC,WAAW,GAAG,MAAM,kBAAkB,CAAC,MAAM,CAAC,CAAA;IAChD,CAAC;IAED,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,EAAE,CAAC,oBAAoB,CAAC,CAAC,MAAM,CAAC;QAClD,OAAO,EAAS,MAAM;QACtB,KAAK,EAAW,IAAI;QACpB,KAAK,EAAW,KAAK;QACrB,WAAW,EAAK,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC;QAC3C,UAAU,EAAM,IAAI,IAAI,EAAE;KAC3B,CAAC,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAA;IAEpB,OAAO;QACL,KAAK,EAAO,GAAG,GAAG,CAAC,EAAE,IAAI,KAAK,EAAE;QAChC,OAAO,EAAK,GAAG,CAAC,EAAE;KACnB,CAAA;AACH,CAAC"}
@@ -0,0 +1,4 @@
1
+ export declare function createUserMailToken(userId: number): Promise<{
2
+ token: string;
3
+ tokenId: any;
4
+ }>;
@@ -0,0 +1,19 @@
1
+ import crypto from 'crypto';
2
+ import { db } from '@skalfa/skalfa-orm';
3
+ export async function createUserMailToken(userId) {
4
+ const token = Math.floor(100000 + Math.random() * 900000).toString();
5
+ const hash = crypto.createHash('sha256').update(token).digest('hex');
6
+ const trx = await db.transaction();
7
+ await trx.table('user_mail_tokens').insert({
8
+ user_id: userId,
9
+ token: hash,
10
+ created_at: new Date(),
11
+ });
12
+ const record = await trx.table('user_mail_tokens').orderBy('id', 'desc').first();
13
+ await trx.commit();
14
+ return {
15
+ token: token,
16
+ tokenId: record.id
17
+ };
18
+ }
19
+ //# sourceMappingURL=create-user-mail-token.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"create-user-mail-token.js","sourceRoot":"","sources":["../../src/auth/create-user-mail-token.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAA;AAC3B,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAA;AAEvC,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,MAAc;IACtD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAA;IAEpE,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IACpE,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,WAAW,EAAE,CAAA;IAElC,MAAM,GAAG,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,MAAM,CAAC;QACzC,OAAO,EAAO,MAAM;QACpB,KAAK,EAAS,IAAI;QAClB,UAAU,EAAI,IAAI,IAAI,EAAE;KACzB,CAAC,CAAA;IAEF,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,KAAK,EAAE,CAAA;IAEhF,MAAM,GAAG,CAAC,MAAM,EAAE,CAAA;IAElB,OAAO;QACL,KAAK,EAAM,KAAK;QAChB,OAAO,EAAI,MAAM,CAAC,EAAE;KACrB,CAAA;AACH,CAAC"}
@@ -0,0 +1 @@
1
+ export declare function generateAgentId(req: Request): string;
@@ -0,0 +1,7 @@
1
+ import crypto from 'crypto';
2
+ export function generateAgentId(req) {
3
+ const ua = req.headers.get("user-agent") ?? "";
4
+ const acc = req.headers.get("accept") ?? "";
5
+ return crypto.createHash("sha256").update(ua + acc).digest("hex");
6
+ }
7
+ //# sourceMappingURL=generate-agent-id.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"generate-agent-id.js","sourceRoot":"","sources":["../../../src/auth/helpers/generate-agent-id.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAA;AAE3B,MAAM,UAAU,eAAe,CAAC,GAAY;IAC1C,MAAM,EAAE,GAAM,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAM,EAAE,CAAA;IACnD,MAAM,GAAG,GAAK,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAU,EAAE,CAAA;IAEnD,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;AACnE,CAAC"}
@@ -0,0 +1 @@
1
+ export declare function getRequestIp(req: Request): string;
@@ -0,0 +1,4 @@
1
+ export function getRequestIp(req) {
2
+ return (req.headers.get("x-forwarded-for")?.split(",")[0]?.trim() || req.headers.get("x-real-ip") || "unknown");
3
+ }
4
+ //# sourceMappingURL=get-request-ip.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"get-request-ip.js","sourceRoot":"","sources":["../../../src/auth/helpers/get-request-ip.ts"],"names":[],"mappings":"AAAA,MAAM,UAAU,YAAY,CAAC,GAAY;IACvC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,SAAS,CAAC,CAAA;AACjH,CAAC"}
@@ -0,0 +1 @@
1
+ export declare function getUserPermissions(userId: number): Promise<string[]>;
@@ -0,0 +1,9 @@
1
+ import { db } from '@skalfa/skalfa-orm';
2
+ export async function getUserPermissions(userId) {
3
+ const roleIds = await db("user_roles").where("user_id", userId).pluck("role_id");
4
+ if (roleIds.length === 0)
5
+ return [];
6
+ const rows = await db("permissions").whereIn("role_id", roleIds).pluck("permissions");
7
+ return Array.from(new Set(rows.flatMap((p) => p ?? [])));
8
+ }
9
+ //# sourceMappingURL=get-user-permissions.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"get-user-permissions.js","sourceRoot":"","sources":["../../../src/auth/helpers/get-user-permissions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAA;AAEvC,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,MAAc;IACrD,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;IAEhF,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAA;IAEnC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAA;IAErF,OAAO,KAAK,CAAC,IAAI,CACf,IAAI,GAAG,CACL,IAAI,CAAC,OAAO,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAClC,CACF,CAAA;AACH,CAAC"}
@@ -0,0 +1,3 @@
1
+ export * from './generate-agent-id';
2
+ export * from './get-request-ip';
3
+ export * from './get-user-permissions';
@@ -0,0 +1,4 @@
1
+ export * from './generate-agent-id';
2
+ export * from './get-request-ip';
3
+ export * from './get-user-permissions';
4
+ //# sourceMappingURL=index.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/auth/helpers/index.ts"],"names":[],"mappings":"AAAA,cAAc,qBAAqB,CAAA;AACnC,cAAc,kBAAkB,CAAA;AAChC,cAAc,wBAAwB,CAAA"}
@@ -0,0 +1 @@
1
+ export declare function listUserSessions(userId: number, currentTokenId?: number): Promise<any[]>;
@@ -0,0 +1,10 @@
1
+ import { db } from '@skalfa/skalfa-orm';
2
+ export async function listUserSessions(userId, currentTokenId) {
3
+ const rows = await db("user_access_tokens").select(["id", "agent", "created_at", "last_used_at", "last_used_ip", "expired_at"]).where("user_id", userId).orderBy("last_used_at", "desc");
4
+ return rows.map((r) => ({
5
+ ...r,
6
+ is_active: r.revoked_at === null,
7
+ is_current: r.id === currentTokenId,
8
+ }));
9
+ }
10
+ //# sourceMappingURL=list-user-sessions.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"list-user-sessions.js","sourceRoot":"","sources":["../../src/auth/list-user-sessions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAA;AAEvC,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,MAAc,EAAE,cAAuB;IAC5E,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,oBAAoB,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,cAAc,EAAC,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,cAAc,EAAE,MAAM,CAAC,CAAA;IAEvL,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC;QAC3B,GAAG,CAAC;QACJ,SAAS,EAAI,CAAC,CAAC,UAAU,KAAO,IAAI;QACpC,UAAU,EAAG,CAAC,CAAC,EAAE,KAAe,cAAc;KAC/C,CAAC,CAAC,CAAA;AACL,CAAC"}
@@ -0,0 +1 @@
1
+ export declare function revalidateUserPermissionsByRole(roleId: number): Promise<void>;
@@ -0,0 +1,12 @@
1
+ import { db } from '@skalfa/skalfa-orm';
2
+ import { registry } from '@utils/registry';
3
+ export async function revalidateUserPermissionsByRole(roleId) {
4
+ const userIds = await db("user_roles").where("role_id", roleId).pluck("user_id");
5
+ const queue = registry.get('queue');
6
+ if (queue) {
7
+ for (const userId of userIds) {
8
+ await queue.add("auth:revalidate-permission", { userId });
9
+ }
10
+ }
11
+ }
12
+ //# sourceMappingURL=revalidate-user-permissions-by-role.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"revalidate-user-permissions-by-role.js","sourceRoot":"","sources":["../../src/auth/revalidate-user-permissions-by-role.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAA;AACvC,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAA;AAE1C,MAAM,CAAC,KAAK,UAAU,+BAA+B,CAAC,MAAc;IAClE,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;IAEhF,MAAM,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;IACnC,IAAI,KAAK,EAAE,CAAC;QACV,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,KAAK,CAAC,GAAG,CAAC,4BAA4B,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;QAC3D,CAAC;IACH,CAAC;AACH,CAAC"}
@@ -0,0 +1 @@
1
+ export declare function revalidateUserPermissions(userId: number): Promise<void>;
@@ -0,0 +1,21 @@
1
+ import { db } from '@skalfa/skalfa-orm';
2
+ import { registry } from '@utils/registry';
3
+ import { AUTH_CACHE } from './auth';
4
+ import { getUserPermissions } from './helpers';
5
+ export async function revalidateUserPermissions(userId) {
6
+ const permissions = await getUserPermissions(userId);
7
+ const tokenIds = await db("user_access_tokens").where("user_id", userId).pluck("id");
8
+ if (tokenIds.length === 0)
9
+ return;
10
+ await db("user_access_tokens").whereIn("id", tokenIds).update({
11
+ permissions: JSON.stringify(permissions),
12
+ updated_at: new Date(),
13
+ });
14
+ if (AUTH_CACHE) {
15
+ const redis = registry.get('redis');
16
+ if (redis) {
17
+ await Promise.all(tokenIds.map((id) => redis.del(`auth:token:${id}`)));
18
+ }
19
+ }
20
+ }
21
+ //# sourceMappingURL=revalidate-user-permissions.js.map