@skyapp-labs/blueprint-backend-core 1.0.9

package/dist/modules/auth/providers/native/native.auth-provider.js

@@ -0,0 +1,159 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+var NativeAuthProvider_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NativeAuthProvider = void 0;
+const common_1 = require("@nestjs/common");
+const argon2 = __importStar(require("argon2"));
+const users_service_1 = require("../../../users/services/users.service");
+const jobs_1 = require("../../../../jobs");
+let NativeAuthProvider = NativeAuthProvider_1 = class NativeAuthProvider {
+    constructor(usersService, jobsQueue) {
+        this.usersService = usersService;
+        this.jobsQueue = jobsQueue;
+        this.name = 'native';
+        this.logger = new common_1.Logger(NativeAuthProvider_1.name);
+    }
+    async verifyEmailCredentials(email, password) {
+        const user = await this.usersService.findByEmailWithPassword(email);
+        if (!user || !user.passwordHash) {
+            throw new common_1.UnauthorizedException('Invalid email or password');
+        }
+        if (!user.isActive)
+            throw new common_1.UnauthorizedException('Your account is deactivated');
+        const valid = await argon2.verify(user.passwordHash, password);
+        if (!valid)
+            throw new common_1.UnauthorizedException('Invalid email or password');
+        return {
+            identity: {
+                ...user,
+                externalUid: undefined,
+                email,
+            },
+        };
+    }
+    async validateSession(_providerRefreshToken) {
+        return { valid: true };
+    }
+    async createUser(email, password, profile) {
+        const passwordHash = await argon2.hash(password);
+        try {
+            await this.jobsQueue?.addSendEmail({
+                to: email,
+                subject: 'Welcome to our app',
+                template: 'welcome',
+                data: {
+                    html: `
+						<p>Hi ${profile.firstName ?? ''},</p>
+						<p>Your account has been created successfully. Welcome!</p>
+						<p>If you did not create this account, please contact support immediately.</p>
+					`.trim(),
+                    text: `Hi ${profile.firstName ?? ''},\n\nYour account has been created successfully. Welcome!\n\nIf you did not create this account, please contact support immediately.`,
+                },
+            });
+        }
+        catch {
+            this.logger.warn('JobsQueue is not available - confirmation email will not be sent');
+        }
+        return {
+            externalUid: undefined,
+            email,
+            isEmailVerified: false,
+            firstName: profile.firstName,
+            lastName: profile.lastName,
+            countryCode: profile.countryCode,
+            phone: profile.phone,
+            photoUrl: profile.photoUrl,
+            passwordHash,
+        };
+    }
+    async acceptInvite(email, password, profile) {
+        const passwordHash = password?.trim() ? await argon2.hash(password) : undefined;
+        return {
+            externalUid: undefined,
+            email,
+            isEmailVerified: false,
+            firstName: profile.firstName,
+            lastName: profile.lastName,
+            countryCode: profile.countryCode,
+            phone: profile.phone,
+            photoUrl: profile.photoUrl,
+            passwordHash,
+        };
+    }
+    initiatePasswordReset(_email) {
+        return Promise.resolve();
+    }
+    resetPassword(_token, _newPassword) {
+        return Promise.resolve();
+    }
+    async changePassword(userId, currentPassword, newPassword) {
+        const user = await this.usersService.findByIdWithPassword(userId);
+        if (!user)
+            throw new common_1.NotFoundException('User not found');
+        if (!user.passwordHash)
+            throw new common_1.BadRequestException('Account has no password. Use phone OTP to reset.');
+        if (!currentPassword)
+            throw new common_1.BadRequestException('currentPassword is required');
+        const valid = await argon2.verify(user.passwordHash, currentPassword);
+        if (!valid)
+            throw new common_1.UnauthorizedException('Current password is incorrect');
+        await this.usersService.setPasswordHash(userId, await argon2.hash(newPassword));
+    }
+    deleteUser(_externalUid) {
+        return Promise.resolve();
+    }
+};
+exports.NativeAuthProvider = NativeAuthProvider;
+exports.NativeAuthProvider = NativeAuthProvider = NativeAuthProvider_1 = __decorate([
+    (0, common_1.Injectable)(),
+    __param(0, (0, common_1.Inject)(users_service_1.UsersService)),
+    __param(1, (0, common_1.Optional)()),
+    __param(1, (0, common_1.Inject)(jobs_1.JobsQueue)),
+    __metadata("design:paramtypes", [users_service_1.UsersService, Object])
+], NativeAuthProvider);
+//# sourceMappingURL=native.auth-provider.js.map

package/dist/modules/auth/providers/native/native.auth-provider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"native.auth-provider.js","sourceRoot":"","sources":["../../../../../modules/auth/providers/native/native.auth-provider.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAQwB;AACxB,+CAAiC;AAQjC,yEAAqE;AAErE,2CAA6C;AAGtC,IAAM,kBAAkB,0BAAxB,MAAM,kBAAkB;IAK9B,YAEC,YAA2C,EAG3C,SAA4C;QAH3B,iBAAY,GAAZ,YAAY,CAAc;QAG1B,cAAS,GAAT,SAAS,CAAkB;QATpC,SAAI,GAAG,QAAiB,CAAC;QAEjB,WAAM,GAAG,IAAI,eAAM,CAAC,oBAAkB,CAAC,IAAI,CAAC,CAAC;IAQ3D,CAAC;IAEJ,KAAK,CAAC,sBAAsB,CAC3B,KAAa,EACb,QAAgB;QAEhB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,uBAAuB,CAAC,KAAK,CAAC,CAAC;QAEpE,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACjC,MAAM,IAAI,8BAAqB,CAAC,2BAA2B,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,8BAAqB,CAAC,6BAA6B,CAAC,CAAC;QAEnF,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;QAE/D,IAAI,CAAC,KAAK;YAAE,MAAM,IAAI,8BAAqB,CAAC,2BAA2B,CAAC,CAAC;QAEzE,OAAO;YACN,QAAQ,EAAE;gBACT,GAAI,IAAa;gBACjB,WAAW,EAAE,SAAS;gBACtB,KAAK;aACL;SACD,CAAC;IACH,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,qBAA8B;QAEnD,OAAO,EAAE,KAAK,EAAE,IAAI,EAA2B,CAAC;IACjD,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,KAAa,EAAE,QAAgB,EAAE,OAAoB;QACrE,MAAM,YAAY,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAEjD,IAAI,CAAC;YACJ,MAAM,IAAI,CAAC,SAAS,EAAE,YAAY,CAAC;gBAClC,EAAE,EAAE,KAAK;gBACT,OAAO,EAAE,oBAAoB;gBAC7B,QAAQ,EAAE,SAAS;gBACnB,IAAI,EAAE;oBACL,IAAI,EAAE;cACG,OAAO,CAAC,SAAS,IAAI,EAAE;;;MAG/B,CAAC,IAAI,EAAE;oBACR,IAAI,EAAE,MAAM,OAAO,CAAC,SAAS,IAAI,EAAE,sIAAsI;iBACzK;aACD,CAAC,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACR,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kEAAkE,CAAC,CAAC;QACtF,CAAC;QAED,OAAO;YACN,WAAW,EAAE,SAAS;YACtB,KAAK;YACL,eAAe,EAAE,KAAK;YACtB,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,YAAY;SACI,CAAC;IACnB,CAAC;IAED,KAAK,CAAC,YAAY,CACjB,KAAa,EACb,QAAgB,EAChB,OAAoB;QAEpB,MAAM,YAAY,GAAG,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,MAAM,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAEhF,OAAO;YACN,WAAW,EAAE,SAAS;YACtB,KAAK;YACL,eAAe,EAAE,KAAK;YACtB,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,YAAY;SACI,CAAC;IACnB,CAAC;IAED,qBAAqB,CAAC,MAAc;QAGnC,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC1B,CAAC;IAED,aAAa,CAAC,MAAc,EAAE,YAAoB;QAEjD,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC1B,CAAC;IAED,KAAK,CAAC,cAAc,CACnB,MAAc,EACd,eAAmC,EACnC,WAAmB;QAEnB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;QAElE,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,0BAAiB,CAAC,gBAAgB,CAAC,CAAC;QACzD,IAAI,CAAC,IAAI,CAAC,YAAY;YACrB,MAAM,IAAI,4BAAmB,CAAC,kDAAkD,CAAC,CAAC;QACnF,IAAI,CAAC,eAAe;YAAE,MAAM,IAAI,4BAAmB,CAAC,6BAA6B,CAAC,CAAC;QAEnF,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;QAEtE,IAAI,CAAC,KAAK;YAAE,MAAM,IAAI,8BAAqB,CAAC,+BAA+B,CAAC,CAAC;QAE7E,MAAM,IAAI,CAAC,YAAY,CAAC,eAAe,CAAC,MAAM,EAAE,MAAM,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;IACjF,CAAC;IAED,UAAU,CAAC,YAAgC;QAC1C,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC1B,CAAC;CACD,CAAA;AAlIY,gDAAkB;6BAAlB,kBAAkB;IAD9B,IAAA,mBAAU,GAAE;IAOV,WAAA,IAAA,eAAM,EAAC,4BAAY,CAAC,CAAA;IAEpB,WAAA,IAAA,iBAAQ,GAAE,CAAA;IACV,WAAA,IAAA,eAAM,EAAC,gBAAS,CAAC,CAAA;qCAFa,4BAAY;GAPhC,kBAAkB,CAkI9B"}

package/dist/modules/auth/providers/native/native.auth-provider.module.d.ts

@@ -0,0 +1,3 @@
+export declare class NativeAuthProviderModule {
+}
+//# sourceMappingURL=native.auth-provider.module.d.ts.map

package/dist/modules/auth/providers/native/native.auth-provider.module.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"native.auth-provider.module.d.ts","sourceRoot":"","sources":["../../../../../modules/auth/providers/native/native.auth-provider.module.ts"],"names":[],"mappings":"AAKA,qBAKa,wBAAwB;CAAG"}

package/dist/modules/auth/providers/native/native.auth-provider.module.js

@@ -0,0 +1,24 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NativeAuthProviderModule = void 0;
+const common_1 = require("@nestjs/common");
+const native_auth_provider_1 = require("./native.auth-provider");
+const users_module_1 = require("../../../users/users.module");
+const jobs_1 = require("../../../../jobs");
+let NativeAuthProviderModule = class NativeAuthProviderModule {
+};
+exports.NativeAuthProviderModule = NativeAuthProviderModule;
+exports.NativeAuthProviderModule = NativeAuthProviderModule = __decorate([
+    (0, common_1.Module)({
+        imports: [users_module_1.UsersModule, jobs_1.JobsModule.register()],
+        providers: [native_auth_provider_1.NativeAuthProvider],
+        exports: [native_auth_provider_1.NativeAuthProvider],
+    })
+], NativeAuthProviderModule);
+//# sourceMappingURL=native.auth-provider.module.js.map

package/dist/modules/auth/providers/native/native.auth-provider.module.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"native.auth-provider.module.js","sourceRoot":"","sources":["../../../../../modules/auth/providers/native/native.auth-provider.module.ts"],"names":[],"mappings":";;;;;;;;;AAAA,2CAAwC;AACxC,iEAA4D;AAC5D,8DAA0D;AAC1D,2CAA8C;AAOvC,IAAM,wBAAwB,GAA9B,MAAM,wBAAwB;CAAG,CAAA;AAA3B,4DAAwB;mCAAxB,wBAAwB;IALpC,IAAA,eAAM,EAAC;QACP,OAAO,EAAE,CAAC,0BAAW,EAAE,iBAAU,CAAC,QAAQ,EAAE,CAAC;QAC7C,SAAS,EAAE,CAAC,yCAAkB,CAAC;QAC/B,OAAO,EAAE,CAAC,yCAAkB,CAAC;KAC7B,CAAC;GACW,wBAAwB,CAAG"}

package/dist/modules/auth/providers/provider.registry.d.ts

@@ -0,0 +1,14 @@
+import { SettingsService } from '../../settings/services/settings.service';
+import type { IAuthProvider } from './interfaces/auth-provider.interface';
+import { NativeAuthProvider } from './native/native.auth-provider';
+import { KeycloakAuthProvider } from './keycloak/keycloak.auth-provider';
+export declare class AuthProviderRegistry {
+    private readonly settingsService;
+    private readonly nativeProvider;
+    private readonly keycloakProvider;
+    private readonly logger;
+    private readonly providers;
+    constructor(settingsService: SettingsService, nativeProvider: NativeAuthProvider, keycloakProvider: KeycloakAuthProvider | null);
+    getActiveProvider(): IAuthProvider;
+}
+//# sourceMappingURL=provider.registry.d.ts.map

package/dist/modules/auth/providers/provider.registry.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider.registry.d.ts","sourceRoot":"","sources":["../../../../modules/auth/providers/provider.registry.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,0CAA0C,CAAC;AAE3E,OAAO,KAAK,EAAE,aAAa,EAAoB,MAAM,sCAAsC,CAAC;AAC5F,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,mCAAmC,CAAC;AAEzE,qBACa,oBAAoB;IAK/B,OAAO,CAAC,QAAQ,CAAC,eAAe;IAChC,OAAO,CAAC,QAAQ,CAAC,cAAc;IACnB,OAAO,CAAC,QAAQ,CAAC,gBAAgB;IAN9C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAyC;IAChE,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAuC;gBAG/C,eAAe,EAAE,eAAe,EAChC,cAAc,EAAE,kBAAkB,EACtB,gBAAgB,EAAE,oBAAoB,GAAG,IAAI;IAO3E,iBAAiB,IAAI,aAAa;CAalC"}

package/dist/modules/auth/providers/provider.registry.js

@@ -0,0 +1,49 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+var AuthProviderRegistry_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthProviderRegistry = void 0;
+const common_1 = require("@nestjs/common");
+const settings_service_1 = require("../../settings/services/settings.service");
+const settings_keys_1 = require("../../settings/constants/settings.keys");
+const native_auth_provider_1 = require("./native/native.auth-provider");
+let AuthProviderRegistry = AuthProviderRegistry_1 = class AuthProviderRegistry {
+    constructor(settingsService, nativeProvider, keycloakProvider) {
+        this.settingsService = settingsService;
+        this.nativeProvider = nativeProvider;
+        this.keycloakProvider = keycloakProvider;
+        this.logger = new common_1.Logger(AuthProviderRegistry_1.name);
+        this.providers = new Map();
+        this.providers.set('native', nativeProvider);
+        if (keycloakProvider)
+            this.providers.set('keycloak', keycloakProvider);
+    }
+    getActiveProvider() {
+        const requested = this.settingsService.get(settings_keys_1.SETTING_KEYS.AUTH_PROVIDER);
+        const provider = this.providers.get(requested);
+        if (!provider) {
+            this.logger.warn(`Invalid auth provider "${requested}", falling back to native`);
+            return this.nativeProvider;
+        }
+        return provider;
+    }
+};
+exports.AuthProviderRegistry = AuthProviderRegistry;
+exports.AuthProviderRegistry = AuthProviderRegistry = AuthProviderRegistry_1 = __decorate([
+    (0, common_1.Injectable)(),
+    __param(2, (0, common_1.Optional)()),
+    __metadata("design:paramtypes", [settings_service_1.SettingsService,
+        native_auth_provider_1.NativeAuthProvider, Object])
+], AuthProviderRegistry);
+//# sourceMappingURL=provider.registry.js.map

package/dist/modules/auth/providers/provider.registry.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider.registry.js","sourceRoot":"","sources":["../../../../modules/auth/providers/provider.registry.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAA8D;AAC9D,+EAA2E;AAC3E,0EAAsE;AAEtE,wEAAmE;AAI5D,IAAM,oBAAoB,4BAA1B,MAAM,oBAAoB;IAIhC,YACkB,eAAgC,EAChC,cAAkC,EACvC,gBAA8D;QAFzD,oBAAe,GAAf,eAAe,CAAiB;QAChC,mBAAc,GAAd,cAAc,CAAoB;QACtB,qBAAgB,GAAhB,gBAAgB,CAA6B;QAN1D,WAAM,GAAG,IAAI,eAAM,CAAC,sBAAoB,CAAC,IAAI,CAAC,CAAC;QAQ/D,IAAI,CAAC,SAAS,GAAG,IAAI,GAAG,EAAmC,CAAC;QAC5D,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;QAC7C,IAAI,gBAAgB;YAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,UAAU,EAAE,gBAAgB,CAAC,CAAC;IACxE,CAAC;IAED,iBAAiB;QAChB,MAAM,SAAS,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CACzC,4BAAY,CAAC,aAAa,CACN,CAAC;QACtB,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAE/C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0BAA0B,SAAS,2BAA2B,CAAC,CAAC;YACjF,OAAO,IAAI,CAAC,cAAc,CAAC;QAC5B,CAAC;QAED,OAAO,QAAQ,CAAC;IACjB,CAAC;CACD,CAAA;AA3BY,oDAAoB;+BAApB,oBAAoB;IADhC,IAAA,mBAAU,GAAE;IAQV,WAAA,IAAA,iBAAQ,GAAE,CAAA;qCAFuB,kCAAe;QAChB,yCAAkB;GANxC,oBAAoB,CA2BhC"}

package/dist/modules/auth/services/account.service.d.ts

@@ -0,0 +1,40 @@
+import { TokenService } from '../../sessions/services/token.service';
+import { UsersService } from '../../users/services/users.service';
+import { RefreshToken } from '../../sessions/entities/refresh-token.entity';
+import { AuthProviderRegistry } from '../providers/provider.registry';
+import { OtpAuthService } from './otp-auth.service';
+import { DeleteAccountConfirmDto } from '../dto/password.dto';
+export declare class AccountService {
+    private readonly tokenService;
+    private readonly usersService;
+    private readonly otpAuthService;
+    private readonly providerRegistry;
+    private readonly logger;
+    constructor(tokenService: TokenService, usersService: UsersService, otpAuthService: OtpAuthService, providerRegistry: AuthProviderRegistry);
+    verifyEmail(userId: string, verificationToken: string): Promise<{
+        message: string;
+    }>;
+    logout(userId: string): Promise<{
+        message: string;
+    }>;
+    revokeSession(sessionId: string, requestingUserId: string): Promise<{
+        message: string;
+    }>;
+    getActiveSessions(userId: string): Promise<RefreshToken[]>;
+    requestDeletion(userId: string): Promise<{
+        message: string;
+        requiresPassword: boolean;
+        verificationId?: undefined;
+        expiresAt?: undefined;
+    } | {
+        message: string;
+        verificationId: string;
+        expiresAt: number;
+        requiresPassword?: undefined;
+    }>;
+    confirmDeletion(userId: string, dto: DeleteAccountConfirmDto): Promise<{
+        message: string;
+    }>;
+    private verifyDeletionChallenge;
+}
+//# sourceMappingURL=account.service.d.ts.map

package/dist/modules/auth/services/account.service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"account.service.d.ts","sourceRoot":"","sources":["../../../../modules/auth/services/account.service.ts"],"names":[],"mappings":"AAUA,OAAO,EAAE,YAAY,EAAE,MAAM,uCAAuC,CAAC;AACrE,OAAO,EAAE,YAAY,EAAE,MAAM,oCAAoC,CAAC;AAClE,OAAO,EAAgB,YAAY,EAAE,MAAM,8CAA8C,CAAC;AAC1F,OAAO,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AACtE,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AAE9D,qBACa,cAAc;IAIzB,OAAO,CAAC,QAAQ,CAAC,YAAY;IAC7B,OAAO,CAAC,QAAQ,CAAC,YAAY;IAC7B,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,gBAAgB;IANlC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAmC;gBAGxC,YAAY,EAAE,YAAY,EAC1B,YAAY,EAAE,YAAY,EAC1B,cAAc,EAAE,cAAc,EAC9B,gBAAgB,EAAE,oBAAoB;IAYlD,WAAW,CAAC,MAAM,EAAE,MAAM,EAAE,iBAAiB,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;IA6BpF,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;IAMpD,aAAa,CAAC,SAAS,EAAE,MAAM,EAAE,gBAAgB,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;IAQxF,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC;IAY1D,eAAe,CAAC,MAAM,EAAE,MAAM;;;;;;;;;;;IA8B9B,eAAe,CACpB,MAAM,EAAE,MAAM,EACd,GAAG,EAAE,uBAAuB,GAC1B,OAAO,CAAC;QAAE,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;YAsCjB,uBAAuB;CAgCrC"}

package/dist/modules/auth/services/account.service.js

@@ -0,0 +1,165 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var AccountService_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AccountService = void 0;
+const common_1 = require("@nestjs/common");
+const argon2 = __importStar(require("argon2"));
+const token_service_1 = require("../../sessions/services/token.service");
+const users_service_1 = require("../../users/services/users.service");
+const refresh_token_entity_1 = require("../../sessions/entities/refresh-token.entity");
+const provider_registry_1 = require("../providers/provider.registry");
+const otp_auth_service_1 = require("./otp-auth.service");
+let AccountService = AccountService_1 = class AccountService {
+    constructor(tokenService, usersService, otpAuthService, providerRegistry) {
+        this.tokenService = tokenService;
+        this.usersService = usersService;
+        this.otpAuthService = otpAuthService;
+        this.providerRegistry = providerRegistry;
+        this.logger = new common_1.Logger(AccountService_1.name);
+    }
+    async verifyEmail(userId, verificationToken) {
+        const user = await this.usersService.findById(userId);
+        if (!user)
+            throw new common_1.UnauthorizedException('User not found.');
+        if (!user.email) {
+            throw new common_1.BadRequestException('Your account has no email address to verify.');
+        }
+        if (user.isEmailVerified) {
+            throw new common_1.ConflictException('Email address is already verified.');
+        }
+        const verifiedEmail = await this.tokenService.verifyEmailVerifiedToken(verificationToken);
+        if (verifiedEmail.toLowerCase() !== user.email.toLowerCase()) {
+            throw new common_1.UnauthorizedException('Verification token does not match your account email address.');
+        }
+        await this.usersService.verifyEmail(userId);
+        this.logger.log({ event: 'EMAIL_VERIFIED', userId });
+        return { message: 'Email verified successfully.' };
+    }
+    async logout(userId) {
+        await this.tokenService.revokeAllUserTokens(userId, refresh_token_entity_1.RevokeReason.LOGOUT);
+        this.logger.log({ event: 'LOGOUT', userId });
+        return { message: 'Logged out successfully' };
+    }
+    async revokeSession(sessionId, requestingUserId) {
+        const token = await this.tokenService.getRefreshTokenById(sessionId);
+        if (!token)
+            throw new common_1.NotFoundException('Session not found');
+        if (token.userId !== requestingUserId)
+            throw new common_1.ForbiddenException('Access denied');
+        await this.tokenService.revokeRefreshToken(sessionId, refresh_token_entity_1.RevokeReason.LOGOUT);
+        return { message: 'Session revoked successfully' };
+    }
+    async getActiveSessions(userId) {
+        return this.tokenService.getUserActiveSessions(userId);
+    }
+    async requestDeletion(userId) {
+        const user = await this.usersService.findByIdOrFail(userId);
+        if (!user.phoneNumber || !user.isPhoneVerified) {
+            return {
+                message: 'Your account has no verified phone. Confirm deletion with your password instead.',
+                requiresPassword: true,
+            };
+        }
+        const result = await this.otpAuthService.sendOtp(user.phoneNumber, 'sms');
+        this.logger.log({ event: 'DELETE_ACCOUNT_REQUESTED', userId });
+        return {
+            message: 'A confirmation code has been sent to your phone. Use it to confirm account deletion.',
+            verificationId: result.data.verificationId,
+            expiresAt: result.data.expiresAt,
+        };
+    }
+    async confirmDeletion(userId, dto) {
+        const user = await this.usersService.findByIdOrFail(userId);
+        await this.verifyDeletionChallenge(userId, dto);
+        await this.tokenService.revokeAllUserTokens(userId, refresh_token_entity_1.RevokeReason.LOGOUT);
+        const provider = this.providerRegistry.getActiveProvider();
+        await provider.deleteUser(user.uid).catch((err) => {
+            this.logger.error({
+                event: 'DELETE_ACCOUNT_PROVIDER_FAILED',
+                userId,
+                provider: provider.name,
+                error: err?.message,
+            });
+        });
+        await this.usersService.delete(userId);
+        this.logger.log({
+            event: 'DELETE_ACCOUNT_COMPLETED',
+            userId,
+            provider: provider.name,
+        });
+        return { message: 'Your account has been deleted.' };
+    }
+    async verifyDeletionChallenge(userId, dto) {
+        const hasPhonePath = !!(dto.verificationId && dto.otp);
+        const hasEmailPath = !!dto.password;
+        if (!hasPhonePath && !hasEmailPath) {
+            throw new common_1.BadRequestException('Provide either { verificationId, otp } (phone confirmation) or { password } (email confirmation).');
+        }
+        if (hasPhonePath && hasEmailPath) {
+            throw new common_1.BadRequestException('Provide only one confirmation method: either { verificationId, otp } or { password }, not both.');
+        }
+        if (hasPhonePath) {
+            await this.otpAuthService.verifyOtpChallenge(dto.verificationId, dto.otp);
+        }
+        else {
+            const userWithPassword = await this.usersService.findByIdWithPassword(userId);
+            if (!userWithPassword?.passwordHash) {
+                throw new common_1.BadRequestException('This account has no password. Use the phone OTP confirmation instead.');
+            }
+            const valid = await argon2.verify(userWithPassword.passwordHash, dto.password);
+            if (!valid)
+                throw new common_1.UnauthorizedException('Incorrect password.');
+        }
+    }
+};
+exports.AccountService = AccountService;
+exports.AccountService = AccountService = AccountService_1 = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [token_service_1.TokenService,
+        users_service_1.UsersService,
+        otp_auth_service_1.OtpAuthService,
+        provider_registry_1.AuthProviderRegistry])
+], AccountService);
+//# sourceMappingURL=account.service.js.map

package/dist/modules/auth/services/account.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"account.service.js","sourceRoot":"","sources":["../../../../modules/auth/services/account.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAQwB;AACxB,+CAAiC;AACjC,yEAAqE;AACrE,sEAAkE;AAClE,uFAA0F;AAC1F,sEAAsE;AACtE,yDAAoD;AAI7C,IAAM,cAAc,sBAApB,MAAM,cAAc;IAG1B,YACkB,YAA0B,EAC1B,YAA0B,EAC1B,cAA8B,EAC9B,gBAAsC;QAHtC,iBAAY,GAAZ,YAAY,CAAc;QAC1B,iBAAY,GAAZ,YAAY,CAAc;QAC1B,mBAAc,GAAd,cAAc,CAAgB;QAC9B,qBAAgB,GAAhB,gBAAgB,CAAsB;QANvC,WAAM,GAAG,IAAI,eAAM,CAAC,gBAAc,CAAC,IAAI,CAAC,CAAC;IAOvD,CAAC;IAWJ,KAAK,CAAC,WAAW,CAAC,MAAc,EAAE,iBAAyB;QAC1D,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QACtD,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,8BAAqB,CAAC,iBAAiB,CAAC,CAAC;QAE9D,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;YACjB,MAAM,IAAI,4BAAmB,CAAC,8CAA8C,CAAC,CAAC;QAC/E,CAAC;QAED,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YAC1B,MAAM,IAAI,0BAAiB,CAAC,oCAAoC,CAAC,CAAC;QACnE,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,wBAAwB,CAAC,iBAAiB,CAAC,CAAC;QAE1F,IAAI,aAAa,CAAC,WAAW,EAAE,KAAK,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;YAC9D,MAAM,IAAI,8BAAqB,CAC9B,+DAA+D,CAC/D,CAAC;QACH,CAAC;QAED,MAAM,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAE5C,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,gBAAgB,EAAE,MAAM,EAAE,CAAC,CAAC;QAErD,OAAO,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC;IACpD,CAAC;IAID,KAAK,CAAC,MAAM,CAAC,MAAc;QAC1B,MAAM,IAAI,CAAC,YAAY,CAAC,mBAAmB,CAAC,MAAM,EAAE,mCAAY,CAAC,MAAM,CAAC,CAAC;QACzE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QAC7C,OAAO,EAAE,OAAO,EAAE,yBAAyB,EAAE,CAAC;IAC/C,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,SAAiB,EAAE,gBAAwB;QAC9D,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC;QACrE,IAAI,CAAC,KAAK;YAAE,MAAM,IAAI,0BAAiB,CAAC,mBAAmB,CAAC,CAAC;QAC7D,IAAI,KAAK,CAAC,MAAM,KAAK,gBAAgB;YAAE,MAAM,IAAI,2BAAkB,CAAC,eAAe,CAAC,CAAC;QACrF,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,SAAS,EAAE,mCAAY,CAAC,MAAM,CAAC,CAAC;QAC3E,OAAO,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC;IACpD,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,MAAc;QACrC,OAAO,IAAI,CAAC,YAAY,CAAC,qBAAqB,CAAC,MAAM,CAAC,CAAC;IACxD,CAAC;IAUD,KAAK,CAAC,eAAe,CAAC,MAAc;QACnC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QAE5D,IAAI,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;YAChD,OAAO;gBACN,OAAO,EACN,kFAAkF;gBACnF,gBAAgB,EAAE,IAAI;aACtB,CAAC;QACH,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;QAC1E,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,0BAA0B,EAAE,MAAM,EAAE,CAAC,CAAC;QAE/D,OAAO;YACN,OAAO,EACN,sFAAsF;YACvF,cAAc,EAAE,MAAM,CAAC,IAAI,CAAC,cAAc;YAC1C,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS;SAChC,CAAC;IACH,CAAC;IAUD,KAAK,CAAC,eAAe,CACpB,MAAc,EACd,GAA4B;QAE5B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QAE5D,MAAM,IAAI,CAAC,uBAAuB,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAGhD,MAAM,IAAI,CAAC,YAAY,CAAC,mBAAmB,CAAC,MAAM,EAAE,mCAAY,CAAC,MAAM,CAAC,CAAC;QAGzE,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,iBAAiB,EAAE,CAAC;QAC3D,MAAM,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACjD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;gBACjB,KAAK,EAAE,gCAAgC;gBACvC,MAAM;gBACN,QAAQ,EAAE,QAAQ,CAAC,IAAI;gBACvB,KAAK,EAAE,GAAG,EAAE,OAAO;aACnB,CAAC,CAAC;QAGJ,CAAC,CAAC,CAAC;QAEH,MAAM,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAEvC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC;YACf,KAAK,EAAE,0BAA0B;YACjC,MAAM;YACN,QAAQ,EAAE,QAAQ,CAAC,IAAI;SACvB,CAAC,CAAC;QAEH,OAAO,EAAE,OAAO,EAAE,gCAAgC,EAAE,CAAC;IACtD,CAAC;IAQO,KAAK,CAAC,uBAAuB,CACpC,MAAc,EACd,GAA4B;QAE5B,MAAM,YAAY,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,cAAc,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QACvD,MAAM,YAAY,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC;QAEpC,IAAI,CAAC,YAAY,IAAI,CAAC,YAAY,EAAE,CAAC;YACpC,MAAM,IAAI,4BAAmB,CAC5B,mGAAmG,CACnG,CAAC;QACH,CAAC;QAED,IAAI,YAAY,IAAI,YAAY,EAAE,CAAC;YAClC,MAAM,IAAI,4BAAmB,CAC5B,iGAAiG,CACjG,CAAC;QACH,CAAC;QAED,IAAI,YAAY,EAAE,CAAC;YAClB,MAAM,IAAI,CAAC,cAAc,CAAC,kBAAkB,CAAC,GAAG,CAAC,cAAe,EAAE,GAAG,CAAC,GAAI,CAAC,CAAC;QAC7E,CAAC;aAAM,CAAC;YACP,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;YAC9E,IAAI,CAAC,gBAAgB,EAAE,YAAY,EAAE,CAAC;gBACrC,MAAM,IAAI,4BAAmB,CAC5B,uEAAuE,CACvE,CAAC;YACH,CAAC;YACD,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,gBAAgB,CAAC,YAAY,EAAE,GAAG,CAAC,QAAS,CAAC,CAAC;YAChF,IAAI,CAAC,KAAK;gBAAE,MAAM,IAAI,8BAAqB,CAAC,qBAAqB,CAAC,CAAC;QACpE,CAAC;IACF,CAAC;CACD,CAAA;AAjLY,wCAAc;yBAAd,cAAc;IAD1B,IAAA,mBAAU,GAAE;qCAKoB,4BAAY;QACZ,4BAAY;QACV,iCAAc;QACZ,wCAAoB;GAP5C,cAAc,CAiL1B"}

package/dist/modules/auth/services/index.d.ts

@@ -0,0 +1,6 @@
+export * from './otp-auth.service';
+export * from './login.service';
+export * from './registration.service';
+export * from './password.service';
+export * from './account.service';
+//# sourceMappingURL=index.d.ts.map

package/dist/modules/auth/services/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../modules/auth/services/index.ts"],"names":[],"mappings":"AAAA,cAAc,oBAAoB,CAAC;AACnC,cAAc,iBAAiB,CAAC;AAChC,cAAc,wBAAwB,CAAC;AACvC,cAAc,oBAAoB,CAAC;AACnC,cAAc,mBAAmB,CAAC"}

package/dist/modules/auth/services/index.js

@@ -0,0 +1,22 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./otp-auth.service"), exports);
+__exportStar(require("./login.service"), exports);
+__exportStar(require("./registration.service"), exports);
+__exportStar(require("./password.service"), exports);
+__exportStar(require("./account.service"), exports);
+//# sourceMappingURL=index.js.map

package/dist/modules/auth/services/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../modules/auth/services/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,qDAAmC;AACnC,kDAAgC;AAChC,yDAAuC;AACvC,qDAAmC;AACnC,oDAAkC"}

package/dist/modules/auth/services/login.service.d.ts

@@ -0,0 +1,28 @@
+import IORedis from 'ioredis';
+import { TokenService } from '../../sessions/services/token.service';
+import { UsersService } from '../../users/services/users.service';
+import { TokenResponse } from '../dto/token.dto';
+import { LoginDto } from '../dto/login.dto';
+import { AuthProviderRegistry } from '../providers/provider.registry';
+import { SettingsService } from '../../settings/services/settings.service';
+export declare class LoginService {
+    private readonly usersService;
+    private readonly tokenService;
+    private readonly providerRegistry;
+    private readonly redis;
+    private readonly settingsService;
+    private readonly logger;
+    constructor(usersService: UsersService, tokenService: TokenService, providerRegistry: AuthProviderRegistry, redis: IORedis | null, settingsService: SettingsService);
+    login(dto: LoginDto, deviceInfo?: string, ipAddress?: string): Promise<TokenResponse>;
+    private loginWithPhone;
+    private loginWithEmailViaProvider;
+    private assertAccountActive;
+    private logSuccess;
+    private logFailure;
+    private hashIdentity;
+    private lockoutKey;
+    private checkIdentifierLockout;
+    private recordFailedAttempt;
+    private resetFailedAttempts;
+}
+//# sourceMappingURL=login.service.d.ts.map

package/dist/modules/auth/services/login.service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.service.d.ts","sourceRoot":"","sources":["../../../../modules/auth/services/login.service.ts"],"names":[],"mappings":"AASA,OAAO,OAAO,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,YAAY,EAAE,MAAM,uCAAuC,CAAC;AACrE,OAAO,EAAE,YAAY,EAAE,MAAM,oCAAoC,CAAC;AAClE,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AAItE,OAAO,EAAE,eAAe,EAAE,MAAM,0CAA0C,CAAC;AAG3E,qBACa,YAAY;IAIvB,OAAO,CAAC,QAAQ,CAAC,YAAY;IAC7B,OAAO,CAAC,QAAQ,CAAC,YAAY;IAC7B,OAAO,CAAC,QAAQ,CAAC,gBAAgB;IAGjC,OAAO,CAAC,QAAQ,CAAC,KAAK;IACtB,OAAO,CAAC,QAAQ,CAAC,eAAe;IATjC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAiC;gBAGtC,YAAY,EAAE,YAAY,EAC1B,YAAY,EAAE,YAAY,EAC1B,gBAAgB,EAAE,oBAAoB,EAGtC,KAAK,EAAE,OAAO,GAAG,IAAI,EACrB,eAAe,EAAE,eAAe;IAG5C,KAAK,CAAC,GAAG,EAAE,QAAQ,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;YAS7E,cAAc;YAyCd,yBAAyB;IA0EvC,OAAO,CAAC,mBAAmB;IAqC3B,OAAO,CAAC,UAAU;IAiBlB,OAAO,CAAC,UAAU;IAyBlB,OAAO,CAAC,YAAY;IAQpB,OAAO,CAAC,UAAU;YAUJ,sBAAsB;YA4BtB,mBAAmB;YAsBnB,mBAAmB;CAIjC"}