@skyapp-labs/blueprint-backend-core 1.0.9

package/dist/modules/auth/controllers/auth.controller.d.ts

@@ -0,0 +1,32 @@
+import { Request } from 'express';
+import { LoginService } from '../services/login.service';
+import { RegistrationService } from '../services/registration.service';
+import { PasswordService } from '../services/password.service';
+import { LoginDto } from '../dto/login.dto';
+import { RegisterDto, AcceptInviteDto } from '../dto/register.dto';
+import { ForgotPasswordDto, ResetPasswordDto, ResetPasswordWithPhoneDto } from '../dto/password.dto';
+import { SettingsService } from '../../settings/services/settings.service';
+export declare class AuthController {
+    private readonly loginService;
+    private readonly registrationService;
+    private readonly passwordService;
+    private readonly settingsService;
+    constructor(loginService: LoginService, registrationService: RegistrationService, passwordService: PasswordService, settingsService: SettingsService);
+    getConfig(): {
+        authMethod: "email" | "phone";
+        passwordResetEnabled: boolean;
+    };
+    login(body: LoginDto, req: Request): Promise<import("..").TokenResponse>;
+    register(body: RegisterDto, req: Request): Promise<import("..").TokenResponse>;
+    acceptInvite(body: AcceptInviteDto, req: Request): Promise<import("..").TokenResponse>;
+    forgotPassword(body: ForgotPasswordDto): Promise<{
+        message: string;
+    }>;
+    resetPassword(body: ResetPasswordDto, req: Request): Promise<{
+        message: string;
+    }>;
+    resetPasswordWithPhone(body: ResetPasswordWithPhoneDto, req: Request): Promise<{
+        message: string;
+    }>;
+}
+//# sourceMappingURL=auth.controller.d.ts.map

package/dist/modules/auth/controllers/auth.controller.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.controller.d.ts","sourceRoot":"","sources":["../../../../modules/auth/controllers/auth.controller.ts"],"names":[],"mappings":"AAWA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAIlC,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,mBAAmB,EAAE,MAAM,kCAAkC,CAAC;AACvE,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACnE,OAAO,EACN,iBAAiB,EACjB,gBAAgB,EAChB,yBAAyB,EACzB,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EAAE,eAAe,EAAE,MAAM,0CAA0C,CAAC;AAG3E,qBAGa,cAAc;IAEzB,OAAO,CAAC,QAAQ,CAAC,YAAY;IAC7B,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IACpC,OAAO,CAAC,QAAQ,CAAC,eAAe;IAChC,OAAO,CAAC,QAAQ,CAAC,eAAe;gBAHf,YAAY,EAAE,YAAY,EAC1B,mBAAmB,EAAE,mBAAmB,EACxC,eAAe,EAAE,eAAe,EAChC,eAAe,EAAE,eAAe;IAoBlD,SAAS;;;;IA2BT,KAAK,CAAkC,IAAI,EAAE,QAAQ,EAAS,GAAG,EAAE,OAAO;IAoB1E,QAAQ,CAAkC,IAAI,EAAE,WAAW,EAAS,GAAG,EAAE,OAAO;IAgBhF,YAAY,CAAkC,IAAI,EAAE,eAAe,EAAS,GAAG,EAAE,OAAO;IAoBxF,cAAc,CAAS,IAAI,EAAE,iBAAiB;;;IAa9C,aAAa,CAAS,IAAI,EAAE,gBAAgB,EAAS,GAAG,EAAE,OAAO;;;IAejE,sBAAsB,CAAS,IAAI,EAAE,yBAAyB,EAAS,GAAG,EAAE,OAAO;;;CAInF"}

package/dist/modules/auth/controllers/auth.controller.js

@@ -0,0 +1,206 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthController = void 0;
+const common_1 = require("@nestjs/common");
+const swagger_1 = require("@nestjs/swagger");
+const decorators_1 = require("../../../common/decorators");
+const request_utils_1 = require("../../../common/utils/request.utils");
+const guards_1 = require("../../../common/guards");
+const login_service_1 = require("../services/login.service");
+const registration_service_1 = require("../services/registration.service");
+const password_service_1 = require("../services/password.service");
+const login_dto_1 = require("../dto/login.dto");
+const register_dto_1 = require("../dto/register.dto");
+const password_dto_1 = require("../dto/password.dto");
+const config_aware_validation_pipe_1 = require("../../../common/pipes/config-aware-validation.pipe");
+const settings_service_1 = require("../../settings/services/settings.service");
+const settings_keys_1 = require("../../settings/constants/settings.keys");
+let AuthController = class AuthController {
+    constructor(loginService, registrationService, passwordService, settingsService) {
+        this.loginService = loginService;
+        this.registrationService = registrationService;
+        this.passwordService = passwordService;
+        this.settingsService = settingsService;
+    }
+    getConfig() {
+        const authMethod = this.settingsService.get(settings_keys_1.SETTING_KEYS.AUTH_METHOD);
+        return {
+            authMethod,
+            passwordResetEnabled: authMethod === 'email',
+        };
+    }
+    login(body, req) {
+        const { ip, deviceInfo } = (0, request_utils_1.extractRequestInfo)(req);
+        return this.loginService.login(body, deviceInfo, ip);
+    }
+    register(body, req) {
+        const { ip, deviceInfo } = (0, request_utils_1.extractRequestInfo)(req);
+        return this.registrationService.register(body, deviceInfo, ip);
+    }
+    acceptInvite(body, req) {
+        const { ip, deviceInfo } = (0, request_utils_1.extractRequestInfo)(req);
+        return this.registrationService.acceptInvite(body, deviceInfo, ip);
+    }
+    forgotPassword(body) {
+        return this.passwordService.forgotPassword(body);
+    }
+    resetPassword(body, req) {
+        const { ip } = (0, request_utils_1.extractRequestInfo)(req);
+        return this.passwordService.resetPassword(body, ip);
+    }
+    resetPasswordWithPhone(body, req) {
+        const { ip } = (0, request_utils_1.extractRequestInfo)(req);
+        return this.passwordService.resetPasswordWithPhone(body, ip);
+    }
+};
+exports.AuthController = AuthController;
+__decorate([
+    (0, common_1.Get)('config'),
+    (0, swagger_1.ApiOperation)({
+        summary: 'Auth configuration',
+        description: 'Returns the active authentication configuration. ' +
+            'Clients should call this on startup to determine which login/registration UI to present.',
+    }),
+    (0, swagger_1.ApiOkResponse)({
+        schema: {
+            example: {
+                authMethod: 'phone',
+                passwordResetEnabled: false,
+            },
+        },
+    }),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", []),
+    __metadata("design:returntype", void 0)
+], AuthController.prototype, "getConfig", null);
+__decorate([
+    (0, common_1.Post)('login'),
+    (0, common_1.HttpCode)(common_1.HttpStatus.OK),
+    (0, common_1.UseGuards)(guards_1.LoginIpRateLimitGuard),
+    (0, swagger_1.ApiOperation)({
+        summary: 'Login',
+        description: 'Login with phone or email and password.',
+    }),
+    (0, swagger_1.ApiBody)({ type: login_dto_1.LoginDto }),
+    (0, swagger_1.ApiOkResponse)({
+        schema: { example: { accessToken: 'jwt', refreshToken: 'id.secret', expiresIn: 900000 } },
+    }),
+    (0, swagger_1.ApiUnauthorizedResponse)({ description: 'Invalid or expired temporary token' }),
+    (0, swagger_1.ApiTooManyRequestsResponse)({
+        description: 'Too many login attempts from this IP or identifier is locked',
+    }),
+    __param(0, (0, common_1.Body)(config_aware_validation_pipe_1.ConfigAwareValidationPipe)),
+    __param(1, (0, common_1.Req)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [login_dto_1.LoginDto, Object]),
+    __metadata("design:returntype", void 0)
+], AuthController.prototype, "login", null);
+__decorate([
+    (0, common_1.Post)('register'),
+    (0, common_1.HttpCode)(common_1.HttpStatus.CREATED),
+    (0, swagger_1.ApiOperation)({
+        summary: 'Register new account',
+        description: 'Create a new account using the phoneVerifiedToken from verify-otp. Issues access + refresh tokens immediately.',
+    }),
+    (0, swagger_1.ApiBody)({ type: register_dto_1.RegisterDto }),
+    (0, swagger_1.ApiCreatedResponse)({
+        schema: { example: { accessToken: 'jwt', refreshToken: 'id.secret', expiresIn: 900000 } },
+    }),
+    (0, swagger_1.ApiConflictResponse)({ description: 'Phone number or email already registered' }),
+    (0, swagger_1.ApiUnauthorizedResponse)({ description: 'Invalid or expired phone-verified token' }),
+    __param(0, (0, common_1.Body)(config_aware_validation_pipe_1.ConfigAwareValidationPipe)),
+    __param(1, (0, common_1.Req)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [register_dto_1.RegisterDto, Object]),
+    __metadata("design:returntype", void 0)
+], AuthController.prototype, "register", null);
+__decorate([
+    (0, common_1.Post)('accept-invite'),
+    (0, common_1.HttpCode)(common_1.HttpStatus.OK),
+    (0, swagger_1.ApiOperation)({
+        summary: 'Accept invitation',
+        description: 'Complete account setup using an invite token received by email.',
+    }),
+    (0, swagger_1.ApiBody)({ type: register_dto_1.AcceptInviteDto }),
+    (0, swagger_1.ApiOkResponse)({
+        schema: { example: { accessToken: 'jwt', refreshToken: 'id.secret', expiresIn: 900000 } },
+    }),
+    (0, swagger_1.ApiUnauthorizedResponse)({ description: 'Invalid or expired invite token' }),
+    __param(0, (0, common_1.Body)(config_aware_validation_pipe_1.ConfigAwareValidationPipe)),
+    __param(1, (0, common_1.Req)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [register_dto_1.AcceptInviteDto, Object]),
+    __metadata("design:returntype", void 0)
+], AuthController.prototype, "acceptInvite", null);
+__decorate([
+    (0, common_1.Post)('forgot-password'),
+    (0, common_1.HttpCode)(common_1.HttpStatus.OK),
+    (0, swagger_1.ApiOperation)({
+        summary: 'Forgot password (email)',
+        description: 'Sends a password reset link to the registered email. Always returns success to prevent user enumeration.',
+    }),
+    (0, swagger_1.ApiBody)({ type: password_dto_1.ForgotPasswordDto }),
+    (0, swagger_1.ApiOkResponse)({
+        schema: {
+            example: { message: 'If this email is registered, a reset link has been sent.' },
+        },
+    }),
+    __param(0, (0, common_1.Body)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [password_dto_1.ForgotPasswordDto]),
+    __metadata("design:returntype", void 0)
+], AuthController.prototype, "forgotPassword", null);
+__decorate([
+    (0, common_1.Post)('reset-password'),
+    (0, common_1.HttpCode)(common_1.HttpStatus.OK),
+    (0, swagger_1.ApiOperation)({
+        summary: 'Reset password (email token)',
+        description: 'Set a new password using the token from the email reset link.',
+    }),
+    (0, swagger_1.ApiBody)({ type: password_dto_1.ResetPasswordDto }),
+    (0, swagger_1.ApiOkResponse)({ schema: { example: { message: 'Password reset successfully.' } } }),
+    (0, swagger_1.ApiUnauthorizedResponse)({ description: 'Invalid or expired reset token' }),
+    __param(0, (0, common_1.Body)()),
+    __param(1, (0, common_1.Req)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [password_dto_1.ResetPasswordDto, Object]),
+    __metadata("design:returntype", void 0)
+], AuthController.prototype, "resetPassword", null);
+__decorate([
+    (0, common_1.Post)('reset-password/phone'),
+    (0, common_1.HttpCode)(common_1.HttpStatus.OK),
+    (0, swagger_1.ApiOperation)({
+        summary: 'Reset password (phone OTP)',
+        description: 'Set a new password using a phoneVerifiedToken from verify-otp. For phone-only users with no email.',
+    }),
+    (0, swagger_1.ApiBody)({ type: password_dto_1.ResetPasswordWithPhoneDto }),
+    (0, swagger_1.ApiOkResponse)({ schema: { example: { message: 'Password reset successfully.' } } }),
+    (0, swagger_1.ApiUnauthorizedResponse)({ description: 'Invalid or expired phone-verified token' }),
+    __param(0, (0, common_1.Body)()),
+    __param(1, (0, common_1.Req)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [password_dto_1.ResetPasswordWithPhoneDto, Object]),
+    __metadata("design:returntype", void 0)
+], AuthController.prototype, "resetPasswordWithPhone", null);
+exports.AuthController = AuthController = __decorate([
+    (0, swagger_1.ApiTags)('Auth'),
+    (0, common_1.Controller)('auth'),
+    (0, decorators_1.Public)(),
+    __metadata("design:paramtypes", [login_service_1.LoginService,
+        registration_service_1.RegistrationService,
+        password_service_1.PasswordService,
+        settings_service_1.SettingsService])
+], AuthController);
+//# sourceMappingURL=auth.controller.js.map

package/dist/modules/auth/controllers/auth.controller.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.controller.js","sourceRoot":"","sources":["../../../../modules/auth/controllers/auth.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAmG;AACnG,6CASyB;AAEzB,2DAAoD;AACpD,uEAAyE;AACzE,mDAA+D;AAC/D,6DAAyD;AACzD,2EAAuE;AACvE,mEAA+D;AAC/D,gDAA4C;AAC5C,sDAAmE;AACnE,sDAI6B;AAC7B,qGAA+F;AAC/F,+EAA2E;AAC3E,0EAAsE;AAK/D,IAAM,cAAc,GAApB,MAAM,cAAc;IAC1B,YACkB,YAA0B,EAC1B,mBAAwC,EACxC,eAAgC,EAChC,eAAgC;QAHhC,iBAAY,GAAZ,YAAY,CAAc;QAC1B,wBAAmB,GAAnB,mBAAmB,CAAqB;QACxC,oBAAe,GAAf,eAAe,CAAiB;QAChC,oBAAe,GAAf,eAAe,CAAiB;IAC/C,CAAC;IAmBJ,SAAS;QACR,MAAM,UAAU,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAS,4BAAY,CAAC,WAAW,CAElE,CAAC;QACX,OAAO;YACN,UAAU;YACV,oBAAoB,EAAE,UAAU,KAAK,OAAO;SAC5C,CAAC;IACH,CAAC;IAmBD,KAAK,CAAkC,IAAc,EAAS,GAAY;QACzE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,GAAG,IAAA,kCAAkB,EAAC,GAAG,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,IAAI,EAAE,UAAU,EAAE,EAAE,CAAC,CAAC;IACtD,CAAC;IAiBD,QAAQ,CAAkC,IAAiB,EAAS,GAAY;QAC/E,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,GAAG,IAAA,kCAAkB,EAAC,GAAG,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,EAAE,UAAU,EAAE,EAAE,CAAC,CAAC;IAChE,CAAC;IAaD,YAAY,CAAkC,IAAqB,EAAS,GAAY;QACvF,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,GAAG,IAAA,kCAAkB,EAAC,GAAG,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC,mBAAmB,CAAC,YAAY,CAAC,IAAI,EAAE,UAAU,EAAE,EAAE,CAAC,CAAC;IACpE,CAAC;IAiBD,cAAc,CAAS,IAAuB;QAC7C,OAAO,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;IAClD,CAAC;IAWD,aAAa,CAAS,IAAsB,EAAS,GAAY;QAChE,MAAM,EAAE,EAAE,EAAE,GAAG,IAAA,kCAAkB,EAAC,GAAG,CAAC,CAAC;QACvC,OAAO,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IACrD,CAAC;IAYD,sBAAsB,CAAS,IAA+B,EAAS,GAAY;QAClF,MAAM,EAAE,EAAE,EAAE,GAAG,IAAA,kCAAkB,EAAC,GAAG,CAAC,CAAC;QACvC,OAAO,IAAI,CAAC,eAAe,CAAC,sBAAsB,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IAC9D,CAAC;CACD,CAAA;AA5IY,wCAAc;AAyB1B;IAfC,IAAA,YAAG,EAAC,QAAQ,CAAC;IACb,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,oBAAoB;QAC7B,WAAW,EACV,mDAAmD;YACnD,0FAA0F;KAC3F,CAAC;IACD,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE;YACP,OAAO,EAAE;gBACR,UAAU,EAAE,OAAO;gBACnB,oBAAoB,EAAE,KAAK;aAC3B;SACD;KACD,CAAC;;;;+CASD;AAmBD;IAfC,IAAA,aAAI,EAAC,OAAO,CAAC;IACb,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,kBAAS,EAAC,8BAAqB,CAAC;IAChC,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,OAAO;QAChB,WAAW,EAAE,yCAAyC;KACtD,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,oBAAQ,EAAE,CAAC;IAC3B,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE;KACzF,CAAC;IACD,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,oCAAoC,EAAE,CAAC;IAC9E,IAAA,oCAA0B,EAAC;QAC3B,WAAW,EAAE,8DAA8D;KAC3E,CAAC;IACK,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;IAAkB,WAAA,IAAA,YAAG,GAAE,CAAA;;qCAAhB,oBAAQ;;2CAGpD;AAiBD;IAbC,IAAA,aAAI,EAAC,UAAU,CAAC;IAChB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,OAAO,CAAC;IAC5B,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,sBAAsB;QAC/B,WAAW,EACV,gHAAgH;KACjH,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,0BAAW,EAAE,CAAC;IAC9B,IAAA,4BAAkB,EAAC;QACnB,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE;KACzF,CAAC;IACD,IAAA,6BAAmB,EAAC,EAAE,WAAW,EAAE,0CAA0C,EAAE,CAAC;IAChF,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,yCAAyC,EAAE,CAAC;IAC1E,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;IAAqB,WAAA,IAAA,YAAG,GAAE,CAAA;;qCAAnB,0BAAW;;8CAG1D;AAaD;IAXC,IAAA,aAAI,EAAC,eAAe,CAAC;IACrB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,mBAAmB;QAC5B,WAAW,EAAE,iEAAiE;KAC9E,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,8BAAe,EAAE,CAAC;IAClC,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE;KACzF,CAAC;IACD,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,iCAAiC,EAAE,CAAC;IAC9D,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;IAAyB,WAAA,IAAA,YAAG,GAAE,CAAA;;qCAAvB,8BAAe;;kDAGlE;AAiBD;IAbC,IAAA,aAAI,EAAC,iBAAiB,CAAC;IACvB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,yBAAyB;QAClC,WAAW,EACV,0GAA0G;KAC3G,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,gCAAiB,EAAE,CAAC;IACpC,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE;YACP,OAAO,EAAE,EAAE,OAAO,EAAE,0DAA0D,EAAE;SAChF;KACD,CAAC;IACc,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAO,gCAAiB;;oDAE7C;AAWD;IATC,IAAA,aAAI,EAAC,gBAAgB,CAAC;IACtB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,8BAA8B;QACvC,WAAW,EAAE,+DAA+D;KAC5E,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,+BAAgB,EAAE,CAAC;IACnC,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,8BAA8B,EAAE,EAAE,EAAE,CAAC;IACnF,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE,CAAC;IAC5D,WAAA,IAAA,aAAI,GAAE,CAAA;IAA0B,WAAA,IAAA,YAAG,GAAE,CAAA;;qCAAxB,+BAAgB;;mDAG3C;AAYD;IAVC,IAAA,aAAI,EAAC,sBAAsB,CAAC;IAC5B,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,4BAA4B;QACrC,WAAW,EACV,oGAAoG;KACrG,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,wCAAyB,EAAE,CAAC;IAC5C,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,8BAA8B,EAAE,EAAE,EAAE,CAAC;IACnF,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,yCAAyC,EAAE,CAAC;IAC5D,WAAA,IAAA,aAAI,GAAE,CAAA;IAAmC,WAAA,IAAA,YAAG,GAAE,CAAA;;qCAAjC,wCAAyB;;4DAG7D;yBA3IW,cAAc;IAH1B,IAAA,iBAAO,EAAC,MAAM,CAAC;IACf,IAAA,mBAAU,EAAC,MAAM,CAAC;IAClB,IAAA,mBAAM,GAAE;qCAGwB,4BAAY;QACL,0CAAmB;QACvB,kCAAe;QACf,kCAAe;GALtC,cAAc,CA4I1B"}

package/dist/modules/auth/controllers/otp.controller.d.ts

@@ -0,0 +1,10 @@
+import { OtpAuthService } from '../services/otp-auth.service';
+import { SendOtpDto, VerifyOtpDto, ResendOtpDto } from '../dto/otp.dto';
+export declare class OtpController {
+    private readonly otpAuthService;
+    constructor(otpAuthService: OtpAuthService);
+    sendOtp(body: SendOtpDto): Promise<import("../../otp").OtpGenerateResult>;
+    verifyOtp(body: VerifyOtpDto): Promise<import("../../otp").OtpVerifyResult>;
+    resendOtp(body: ResendOtpDto): Promise<import("../../otp").OtpGenerateResult>;
+}
+//# sourceMappingURL=otp.controller.d.ts.map

package/dist/modules/auth/controllers/otp.controller.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"otp.controller.d.ts","sourceRoot":"","sources":["../../../../modules/auth/controllers/otp.controller.ts"],"names":[],"mappings":"AAaA,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,YAAY,EAAkB,MAAM,gBAAgB,CAAC;AAExF,qBAGa,aAAa;IACb,OAAO,CAAC,QAAQ,CAAC,cAAc;gBAAd,cAAc,EAAE,cAAc;IAmD3D,OAAO,CAAkC,IAAI,EAAE,UAAU;IAkCzD,SAAS,CAAS,IAAI,EAAE,YAAY;IA0BpC,SAAS,CAAS,IAAI,EAAE,YAAY;CAGpC"}

package/dist/modules/auth/controllers/otp.controller.js

@@ -0,0 +1,156 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OtpController = void 0;
+const common_1 = require("@nestjs/common");
+const swagger_1 = require("@nestjs/swagger");
+const decorators_1 = require("../../../common/decorators");
+const guards_1 = require("../../../common/guards");
+const config_aware_validation_pipe_1 = require("../../../common/pipes/config-aware-validation.pipe");
+const otp_auth_service_1 = require("../services/otp-auth.service");
+const otp_dto_1 = require("../dto/otp.dto");
+let OtpController = class OtpController {
+    constructor(otpAuthService) {
+        this.otpAuthService = otpAuthService;
+    }
+    sendOtp(body) {
+        const channel = (0, otp_dto_1.resolveChannel)(body);
+        const identifier = channel === 'sms' ? body.phone : body.email;
+        return this.otpAuthService.sendOtp(identifier, channel);
+    }
+    verifyOtp(body) {
+        return this.otpAuthService.verifyOtp(body.verificationId, body.otp);
+    }
+    resendOtp(body) {
+        return this.otpAuthService.resendOtp(body.verificationId);
+    }
+};
+exports.OtpController = OtpController;
+__decorate([
+    (0, common_1.Post)('send-otp'),
+    (0, common_1.HttpCode)(common_1.HttpStatus.OK),
+    (0, common_1.UseGuards)(guards_1.OtpIpRateLimitGuard),
+    (0, swagger_1.ApiOperation)({
+        summary: 'Send OTP',
+        description: 'Generates a 6-digit OTP, delivers it via the requested channel (SMS or email), and returns an opaque verification ID.',
+    }),
+    (0, swagger_1.ApiBody)({
+        type: otp_dto_1.SendOtpDto,
+        examples: {
+            sms_default: {
+                summary: 'Send via SMS (default when AUTH_METHOD=phone)',
+                value: { phone: '+2348012345678' },
+            },
+            email_default: {
+                summary: 'Send via email (default when AUTH_METHOD=email)',
+                value: { email: 'user@example.com' },
+            },
+            sms_override: {
+                summary: 'Force SMS channel regardless of server default',
+                value: { channel: 'sms', phone: '+2348012345678' },
+            },
+            email_override: {
+                summary: 'Force email channel regardless of server default',
+                value: { channel: 'email', email: 'user@example.com' },
+            },
+        },
+    }),
+    (0, swagger_1.ApiOkResponse)({
+        schema: {
+            example: {
+                success: true,
+                message: 'OTP generated successfully',
+                data: { verificationId: 'uuid-v4', expiresAt: 1700000300000, resendIn: 60000 },
+            },
+        },
+    }),
+    (0, swagger_1.ApiBadRequestResponse)({
+        description: 'Invalid phone number or email format, or missing identifier for chosen channel',
+    }),
+    (0, swagger_1.ApiTooManyRequestsResponse)({
+        description: 'Rate limit exceeded — max 3 sends per 10 minutes per identifier, or max 20 per IP',
+    }),
+    (0, swagger_1.ApiServiceUnavailableResponse)({ description: 'Redis or delivery service unavailable' }),
+    __param(0, (0, common_1.Body)(config_aware_validation_pipe_1.ConfigAwareValidationPipe)),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [otp_dto_1.SendOtpDto]),
+    __metadata("design:returntype", void 0)
+], OtpController.prototype, "sendOtp", null);
+__decorate([
+    (0, common_1.Post)('verify-otp'),
+    (0, common_1.HttpCode)(common_1.HttpStatus.OK),
+    (0, common_1.UseGuards)(guards_1.OtpIpRateLimitGuard),
+    (0, swagger_1.ApiOperation)({
+        summary: 'Verify OTP',
+        description: 'Verifies the OTP code. Returns a verificationToken (existing user → proceed to login) or a verificationToken seeded with the verified identifier (new user → proceed to /auth/register).',
+    }),
+    (0, swagger_1.ApiBody)({ type: otp_dto_1.VerifyOtpDto }),
+    (0, swagger_1.ApiOkResponse)({
+        schema: {
+            example: {
+                success: true,
+                message: 'OTP verified successfully',
+                data: {
+                    subject: '+2348012345678',
+                    channel: 'sms',
+                    verificationToken: 'uuid-v4',
+                    expiresAt: 1700000300000,
+                    hasAccount: true,
+                },
+            },
+        },
+    }),
+    (0, swagger_1.ApiBadRequestResponse)({
+        description: 'Invalid or expired session, wrong code, or max attempts exceeded',
+    }),
+    (0, swagger_1.ApiTooManyRequestsResponse)({ description: 'IP rate limit exceeded' }),
+    __param(0, (0, common_1.Body)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [otp_dto_1.VerifyOtpDto]),
+    __metadata("design:returntype", void 0)
+], OtpController.prototype, "verifyOtp", null);
+__decorate([
+    (0, common_1.Post)('resend-otp'),
+    (0, common_1.HttpCode)(common_1.HttpStatus.OK),
+    (0, common_1.UseGuards)(guards_1.OtpIpRateLimitGuard),
+    (0, swagger_1.ApiOperation)({
+        summary: 'Resend OTP',
+        description: 'Invalidates the current session and sends a new OTP. Subject to 60-second cooldown.',
+    }),
+    (0, swagger_1.ApiBody)({ type: otp_dto_1.ResendOtpDto }),
+    (0, swagger_1.ApiOkResponse)({
+        schema: {
+            example: {
+                success: true,
+                message: 'OTP generated successfully',
+                data: { verificationId: 'new-uuid-v4', expiresAt: 1700000300000, resendIn: 60000 },
+            },
+        },
+    }),
+    (0, swagger_1.ApiBadRequestResponse)({ description: 'Invalid or expired session token' }),
+    (0, swagger_1.ApiTooManyRequestsResponse)({
+        description: 'Resend cooldown active — must wait 60 seconds between resends',
+    }),
+    __param(0, (0, common_1.Body)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [otp_dto_1.ResendOtpDto]),
+    __metadata("design:returntype", void 0)
+], OtpController.prototype, "resendOtp", null);
+exports.OtpController = OtpController = __decorate([
+    (0, swagger_1.ApiTags)('Auth'),
+    (0, common_1.Controller)('auth'),
+    (0, decorators_1.Public)(),
+    __metadata("design:paramtypes", [otp_auth_service_1.OtpAuthService])
+], OtpController);
+//# sourceMappingURL=otp.controller.js.map

package/dist/modules/auth/controllers/otp.controller.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"otp.controller.js","sourceRoot":"","sources":["../../../../modules/auth/controllers/otp.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAyF;AACzF,6CAQyB;AACzB,2DAAoD;AACpD,mDAA6D;AAC7D,qGAA+F;AAC/F,mEAA8D;AAC9D,4CAAwF;AAKjF,IAAM,aAAa,GAAnB,MAAM,aAAa;IACzB,YAA6B,cAA8B;QAA9B,mBAAc,GAAd,cAAc,CAAgB;IAAG,CAAC;IAmD/D,OAAO,CAAkC,IAAgB;QACxD,MAAM,OAAO,GAAG,IAAA,wBAAc,EAAC,IAAI,CAAC,CAAC;QACrC,MAAM,UAAU,GAAG,OAAO,KAAK,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAM,CAAC,CAAC,CAAC,IAAI,CAAC,KAAM,CAAC;QACjE,OAAO,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IACzD,CAAC;IA8BD,SAAS,CAAS,IAAkB;QACnC,OAAO,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;IACrE,CAAC;IAwBD,SAAS,CAAS,IAAkB;QACnC,OAAO,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC3D,CAAC;CACD,CAAA;AAnHY,sCAAa;AAoDzB;IA/CC,IAAA,aAAI,EAAC,UAAU,CAAC;IAChB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,kBAAS,EAAC,4BAAmB,CAAC;IAC9B,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,UAAU;QACnB,WAAW,EACV,uHAAuH;KACxH,CAAC;IACD,IAAA,iBAAO,EAAC;QACR,IAAI,EAAE,oBAAU;QAChB,QAAQ,EAAE;YACT,WAAW,EAAE;gBACZ,OAAO,EAAE,+CAA+C;gBACxD,KAAK,EAAE,EAAE,KAAK,EAAE,gBAAgB,EAAE;aAClC;YACD,aAAa,EAAE;gBACd,OAAO,EAAE,iDAAiD;gBAC1D,KAAK,EAAE,EAAE,KAAK,EAAE,kBAAkB,EAAE;aACpC;YACD,YAAY,EAAE;gBACb,OAAO,EAAE,gDAAgD;gBACzD,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,gBAAgB,EAAE;aAClD;YACD,cAAc,EAAE;gBACf,OAAO,EAAE,kDAAkD;gBAC3D,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,kBAAkB,EAAE;aACtD;SACD;KACD,CAAC;IACD,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE;YACP,OAAO,EAAE;gBACR,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,4BAA4B;gBACrC,IAAI,EAAE,EAAE,cAAc,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,EAAE,QAAQ,EAAE,KAAK,EAAE;aAC9E;SACD;KACD,CAAC;IACD,IAAA,+BAAqB,EAAC;QACtB,WAAW,EACV,gFAAgF;KACjF,CAAC;IACD,IAAA,oCAA0B,EAAC;QAC3B,WAAW,EACV,mFAAmF;KACpF,CAAC;IACD,IAAA,uCAA6B,EAAC,EAAE,WAAW,EAAE,uCAAuC,EAAE,CAAC;IAC/E,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;;qCAAO,oBAAU;;4CAIxD;AA8BD;IA5BC,IAAA,aAAI,EAAC,YAAY,CAAC;IAClB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,kBAAS,EAAC,4BAAmB,CAAC;IAC9B,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,YAAY;QACrB,WAAW,EACV,0LAA0L;KAC3L,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,sBAAY,EAAE,CAAC;IAC/B,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE;YACP,OAAO,EAAE;gBACR,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,2BAA2B;gBACpC,IAAI,EAAE;oBACL,OAAO,EAAE,gBAAgB;oBACzB,OAAO,EAAE,KAAK;oBACd,iBAAiB,EAAE,SAAS;oBAC5B,SAAS,EAAE,aAAa;oBACxB,UAAU,EAAE,IAAI;iBAChB;aACD;SACD;KACD,CAAC;IACD,IAAA,+BAAqB,EAAC;QACtB,WAAW,EAAE,kEAAkE;KAC/E,CAAC;IACD,IAAA,oCAA0B,EAAC,EAAE,WAAW,EAAE,wBAAwB,EAAE,CAAC;IAC3D,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAO,sBAAY;;8CAEnC;AAwBD;IAtBC,IAAA,aAAI,EAAC,YAAY,CAAC;IAClB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,kBAAS,EAAC,4BAAmB,CAAC;IAC9B,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,YAAY;QACrB,WAAW,EACV,qFAAqF;KACtF,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,sBAAY,EAAE,CAAC;IAC/B,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE;YACP,OAAO,EAAE;gBACR,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,4BAA4B;gBACrC,IAAI,EAAE,EAAE,cAAc,EAAE,aAAa,EAAE,SAAS,EAAE,aAAa,EAAE,QAAQ,EAAE,KAAK,EAAE;aAClF;SACD;KACD,CAAC;IACD,IAAA,+BAAqB,EAAC,EAAE,WAAW,EAAE,kCAAkC,EAAE,CAAC;IAC1E,IAAA,oCAA0B,EAAC;QAC3B,WAAW,EAAE,+DAA+D;KAC5E,CAAC;IACS,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAO,sBAAY;;8CAEnC;wBAlHW,aAAa;IAHzB,IAAA,iBAAO,EAAC,MAAM,CAAC;IACf,IAAA,mBAAU,EAAC,MAAM,CAAC;IAClB,IAAA,mBAAM,GAAE;qCAEqC,iCAAc;GAD/C,aAAa,CAmHzB"}

package/dist/modules/auth/dto/index.d.ts

@@ -0,0 +1,7 @@
+export * from './otp.dto';
+export * from './login.dto';
+export * from './register.dto';
+export * from './password.dto';
+export * from './invite.dto';
+export * from './token.dto';
+//# sourceMappingURL=index.d.ts.map

package/dist/modules/auth/dto/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../modules/auth/dto/index.ts"],"names":[],"mappings":"AAAA,cAAc,WAAW,CAAC;AAC1B,cAAc,aAAa,CAAC;AAC5B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,cAAc,CAAC;AAC7B,cAAc,aAAa,CAAC"}

package/dist/modules/auth/dto/index.js

@@ -0,0 +1,23 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./otp.dto"), exports);
+__exportStar(require("./login.dto"), exports);
+__exportStar(require("./register.dto"), exports);
+__exportStar(require("./password.dto"), exports);
+__exportStar(require("./invite.dto"), exports);
+__exportStar(require("./token.dto"), exports);
+//# sourceMappingURL=index.js.map

package/dist/modules/auth/dto/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../modules/auth/dto/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,4CAA0B;AAC1B,8CAA4B;AAC5B,iDAA+B;AAC/B,iDAA+B;AAC/B,+CAA6B;AAC7B,8CAA4B"}

package/dist/modules/auth/dto/invite.dto.d.ts

@@ -0,0 +1,7 @@
+export declare class InviteUserDto {
+    email: string;
+    roleIds?: string[];
+}
+export declare class ResendInviteDto {
+}
+//# sourceMappingURL=invite.dto.d.ts.map

package/dist/modules/auth/dto/invite.dto.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"invite.dto.d.ts","sourceRoot":"","sources":["../../../../modules/auth/dto/invite.dto.ts"],"names":[],"mappings":"AAGA,qBAAa,aAAa;IAMzB,KAAK,EAAG,MAAM,CAAC;IASf,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB;AAED,qBAAa,eAAe;CAE3B"}

package/dist/modules/auth/dto/invite.dto.js

@@ -0,0 +1,39 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ResendInviteDto = exports.InviteUserDto = void 0;
+const class_validator_1 = require("class-validator");
+const swagger_1 = require("@nestjs/swagger");
+class InviteUserDto {
+}
+exports.InviteUserDto = InviteUserDto;
+__decorate([
+    (0, swagger_1.ApiProperty)({
+        example: 'newadmin@company.com',
+        description: 'Email address of the user to invite',
+    }),
+    (0, class_validator_1.IsEmail)(),
+    __metadata("design:type", String)
+], InviteUserDto.prototype, "email", void 0);
+__decorate([
+    (0, swagger_1.ApiPropertyOptional)({
+        description: 'Role IDs to pre-assign to the invited user',
+        type: [String],
+    }),
+    (0, class_validator_1.IsArray)(),
+    (0, class_validator_1.IsUUID)('all', { each: true }),
+    (0, class_validator_1.IsOptional)(),
+    __metadata("design:type", Array)
+], InviteUserDto.prototype, "roleIds", void 0);
+class ResendInviteDto {
+}
+exports.ResendInviteDto = ResendInviteDto;
+//# sourceMappingURL=invite.dto.js.map

package/dist/modules/auth/dto/invite.dto.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"invite.dto.js","sourceRoot":"","sources":["../../../../modules/auth/dto/invite.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,qDAAuE;AACvE,6CAAmE;AAEnE,MAAa,aAAa;CAgBzB;AAhBD,sCAgBC;AAVA;IALC,IAAA,qBAAW,EAAC;QACZ,OAAO,EAAE,sBAAsB;QAC/B,WAAW,EAAE,qCAAqC;KAClD,CAAC;IACD,IAAA,yBAAO,GAAE;;4CACK;AASf;IAPC,IAAA,6BAAmB,EAAC;QACpB,WAAW,EAAE,4CAA4C;QACzD,IAAI,EAAE,CAAC,MAAM,CAAC;KACd,CAAC;IACD,IAAA,yBAAO,GAAE;IACT,IAAA,wBAAM,EAAC,KAAK,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IAC7B,IAAA,4BAAU,GAAE;;8CACM;AAGpB,MAAa,eAAe;CAE3B;AAFD,0CAEC"}

package/dist/modules/auth/dto/login.dto.d.ts

@@ -0,0 +1,7 @@
+export declare class LoginDto {
+    _authMethod?: 'phone' | 'email';
+    verificationToken: string;
+    email: string;
+    password: string;
+}
+//# sourceMappingURL=login.dto.d.ts.map

package/dist/modules/auth/dto/login.dto.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.dto.d.ts","sourceRoot":"","sources":["../../../../modules/auth/dto/login.dto.ts"],"names":[],"mappings":"AAIA,qBACa,QAAQ;IAEpB,WAAW,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC;IAQhC,iBAAiB,EAAG,MAAM,CAAC;IAK3B,KAAK,EAAG,MAAM,CAAC;IAMf,QAAQ,EAAG,MAAM,CAAC;CAClB"}

package/dist/modules/auth/dto/login.dto.js

@@ -0,0 +1,48 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LoginDto = void 0;
+const class_validator_1 = require("class-validator");
+const swagger_1 = require("@nestjs/swagger");
+const auth_method_aware_decorator_1 = require("../../../common/decorators/auth-method-aware.decorator");
+let LoginDto = class LoginDto {
+};
+exports.LoginDto = LoginDto;
+__decorate([
+    (0, class_validator_1.IsOptional)(),
+    __metadata("design:type", String)
+], LoginDto.prototype, "_authMethod", void 0);
+__decorate([
+    (0, swagger_1.ApiPropertyOptional)({
+        description: 'Verification token returned by verify-otp (hasAccount=true)',
+    }),
+    (0, class_validator_1.IsString)(),
+    (0, class_validator_1.ValidateIf)((o) => o._authMethod === 'phone'),
+    (0, class_validator_1.IsNotEmpty)(),
+    __metadata("design:type", String)
+], LoginDto.prototype, "verificationToken", void 0);
+__decorate([
+    (0, swagger_1.ApiPropertyOptional)({ example: 'user@example.com', description: 'Registered email address' }),
+    (0, class_validator_1.ValidateIf)((o) => o._authMethod === 'email'),
+    (0, class_validator_1.IsEmail)(),
+    __metadata("design:type", String)
+], LoginDto.prototype, "email", void 0);
+__decorate([
+    (0, swagger_1.ApiPropertyOptional)({ example: 'P@ssw0rd!', description: 'Account password' }),
+    (0, class_validator_1.IsString)(),
+    (0, class_validator_1.ValidateIf)((o) => o._authMethod === 'email'),
+    (0, class_validator_1.IsNotEmpty)(),
+    __metadata("design:type", String)
+], LoginDto.prototype, "password", void 0);
+exports.LoginDto = LoginDto = __decorate([
+    (0, auth_method_aware_decorator_1.AuthMethodAware)()
+], LoginDto);
+//# sourceMappingURL=login.dto.js.map

package/dist/modules/auth/dto/login.dto.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.dto.js","sourceRoot":"","sources":["../../../../modules/auth/dto/login.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,qDAAwF;AACxF,6CAAsD;AACtD,wGAAyF;AAGlF,IAAM,QAAQ,GAAd,MAAM,QAAQ;CAsBpB,CAAA;AAtBY,4BAAQ;AAEpB;IADC,IAAA,4BAAU,GAAE;;6CACmB;AAQhC;IANC,IAAA,6BAAmB,EAAC;QACpB,WAAW,EAAE,6DAA6D;KAC1E,CAAC;IACD,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,EAAC,CAAC,CAAW,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,OAAO,CAAC;IACtD,IAAA,4BAAU,GAAE;;mDACc;AAK3B;IAHC,IAAA,6BAAmB,EAAC,EAAE,OAAO,EAAE,kBAAkB,EAAE,WAAW,EAAE,0BAA0B,EAAE,CAAC;IAC7F,IAAA,4BAAU,EAAC,CAAC,CAAW,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,OAAO,CAAC;IACtD,IAAA,yBAAO,GAAE;;uCACK;AAMf;IAJC,IAAA,6BAAmB,EAAC,EAAE,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,kBAAkB,EAAE,CAAC;IAC9E,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,EAAC,CAAC,CAAW,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,OAAO,CAAC;IACtD,IAAA,4BAAU,GAAE;;0CACK;mBArBN,QAAQ;IADpB,IAAA,6CAAe,GAAE;GACL,QAAQ,CAsBpB"}

package/dist/modules/auth/dto/otp.dto.d.ts

@@ -0,0 +1,15 @@
+export declare function resolveChannel(o: SendOtpDto): 'sms' | 'email';
+export declare class SendOtpDto {
+    _authMethod?: 'phone' | 'email';
+    channel?: 'sms' | 'email';
+    phone?: string;
+    email?: string;
+}
+export declare class VerifyOtpDto {
+    verificationId: string;
+    otp: string;
+}
+export declare class ResendOtpDto {
+    verificationId: string;
+}
+//# sourceMappingURL=otp.dto.d.ts.map

package/dist/modules/auth/dto/otp.dto.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"otp.dto.d.ts","sourceRoot":"","sources":["../../../../modules/auth/dto/otp.dto.ts"],"names":[],"mappings":"AAqBA,wBAAgB,cAAc,CAAC,CAAC,EAAE,UAAU,GAAG,KAAK,GAAG,OAAO,CAI7D;AAED,qBACa,UAAU;IAGtB,WAAW,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC;IAUhC,OAAO,CAAC,EAAE,KAAK,GAAG,OAAO,CAAC;IAQ1B,KAAK,CAAC,EAAE,MAAM,CAAC;IAQf,KAAK,CAAC,EAAE,MAAM,CAAC;CACf;AAED,qBAAa,YAAY;IAGxB,cAAc,EAAG,MAAM,CAAC;IAIxB,GAAG,EAAG,MAAM,CAAC;CACb;AAED,qBAAa,YAAY;IAGxB,cAAc,EAAG,MAAM,CAAC;CACxB"}