@sustaina/iam-middleware 1.0.1

package/dist/infrastructure/RedisClient.js

@@ -0,0 +1,69 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RedisClient = void 0;
+const redis_1 = require("redis");
+const pino_1 = __importDefault(require("pino"));
+class RedisClient {
+    static async getInstance() {
+        if (!RedisClient.instance) {
+            await RedisClient.createInstance();
+        }
+        return RedisClient.instance;
+    }
+    static async duplicate() {
+        if (!RedisClient.instance) {
+            await RedisClient.createInstance();
+        }
+        const dupInstance = RedisClient.instance.duplicate();
+        await dupInstance.connect();
+        return dupInstance;
+    }
+    static async createInstance() {
+        const redisUrl = process.env.IAM_REDIS_URL || "redis://localhost:6379";
+        RedisClient.instance = (0, redis_1.createClient)({
+            url: redisUrl,
+            socket: process.env.NODE_ENV !== "local" ? { tls: true, rejectUnauthorized: false } : undefined,
+        });
+        RedisClient.instance.on("error", (err) => {
+            RedisClient.logger.error(err, "Redis client error");
+        });
+        RedisClient.instance.on("connect", () => {
+            RedisClient.logger.info("Redis client connected");
+        });
+        RedisClient.instance.on("disconnect", () => {
+            RedisClient.logger.info("Redis client disconnected");
+        });
+        await RedisClient.instance.connect();
+    }
+    static async disconnect() {
+        if (RedisClient.instance) {
+            await RedisClient.instance.disconnect();
+        }
+    }
+    static async set(key, value, ttlSeconds) {
+        const client = await RedisClient.getInstance();
+        if (ttlSeconds) {
+            await client.setEx(key, ttlSeconds, value);
+        }
+        else {
+            await client.set(key, value);
+        }
+    }
+    static async get(key) {
+        const client = await RedisClient.getInstance();
+        return client.get(key);
+    }
+    static async del(key) {
+        const client = await RedisClient.getInstance();
+        await client.del(key);
+    }
+    static generateKey(prefix, ...parts) {
+        return `${prefix}:${parts.join(":")}`;
+    }
+}
+exports.RedisClient = RedisClient;
+RedisClient.logger = (0, pino_1.default)({ name: "IAM-middleware:RedisClient" });
+//# sourceMappingURL=RedisClient.js.map

package/dist/infrastructure/RedisClient.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"RedisClient.js","sourceRoot":"","sources":["../../src/infrastructure/RedisClient.ts"],"names":[],"mappings":";;;;;;AAAA,iCAAsD;AACtD,gDAAwB;AAExB,MAAa,WAAW;IAItB,MAAM,CAAC,KAAK,CAAC,WAAW;QACtB,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;YAC1B,MAAM,WAAW,CAAC,cAAc,EAAE,CAAC;QACrC,CAAC;QACD,OAAO,WAAW,CAAC,QAAQ,CAAC;IAC9B,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,SAAS;QACpB,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;YAC1B,MAAM,WAAW,CAAC,cAAc,EAAE,CAAC;QACrC,CAAC;QACD,MAAM,WAAW,GAAG,WAAW,CAAC,QAAQ,CAAC,SAAS,EAAE,CAAC;QACrD,MAAM,WAAW,CAAC,OAAO,EAAE,CAAC;QAC5B,OAAO,WAAW,CAAC;IACrB,CAAC;IAEO,MAAM,CAAC,KAAK,CAAC,cAAc;QACjC,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,wBAAwB,CAAC;QAEvE,WAAW,CAAC,QAAQ,GAAG,IAAA,oBAAY,EAAC;YAClC,GAAG,EAAE,QAAQ;YACb,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,kBAAkB,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS;SAChG,CAAC,CAAC;QAEH,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;YACvC,WAAW,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,oBAAoB,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;QAEH,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE;YACtC,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;QAEH,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC,YAAY,EAAE,GAAG,EAAE;YACzC,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;QACvD,CAAC,CAAC,CAAC;QAEH,MAAM,WAAW,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;IACvC,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,UAAU;QACrB,IAAI,WAAW,CAAC,QAAQ,EAAE,CAAC;YACzB,MAAM,WAAW,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC;QAC1C,CAAC;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,KAAa,EAAE,UAAmB;QAC9D,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,WAAW,EAAE,CAAC;QAC/C,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,CAAC,CAAC;QAC7C,CAAC;aAAM,CAAC;YACN,MAAM,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAW;QAC1B,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,WAAW,EAAE,CAAC;QAC/C,OAAO,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAW;QAC1B,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,WAAW,EAAE,CAAC;QAC/C,MAAM,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACxB,CAAC;IAED,MAAM,CAAC,WAAW,CAAC,MAAc,EAAE,GAAG,KAAe;QACnD,OAAO,GAAG,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;IACxC,CAAC;;AAtEH,kCAuEC;AArEgB,kBAAM,GAAG,IAAA,cAAI,EAAC,EAAE,IAAI,EAAE,4BAA4B,EAAE,CAAC,CAAC"}

package/dist/logging/EventLogMiddleware.d.ts

@@ -0,0 +1,4 @@
+import { FastifyRequest, FastifyReply } from "fastify";
+import { OutboxRepository } from "../domain/repositories/OutboxRepository";
+export declare function createEventLogMiddleware(outboxRepository: OutboxRepository): (req: FastifyRequest, res: FastifyReply) => Promise<void>;
+//# sourceMappingURL=EventLogMiddleware.d.ts.map

package/dist/logging/EventLogMiddleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"EventLogMiddleware.d.ts","sourceRoot":"","sources":["../../src/logging/EventLogMiddleware.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAEvD,OAAO,EAAE,gBAAgB,EAAE,MAAM,yCAAyC,CAAC;AAE3E,wBAAgB,wBAAwB,CAAC,gBAAgB,EAAE,gBAAgB,IAC5B,KAAK,cAAc,EAAE,KAAK,YAAY,KAAG,OAAO,CAAC,IAAI,CAAC,CA2DpG"}

package/dist/logging/EventLogMiddleware.js

@@ -0,0 +1,49 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createEventLogMiddleware = createEventLogMiddleware;
+const api_1 = require("@opentelemetry/api");
+const OutboxEvent_1 = require("../domain/entities/OutboxEvent");
+function createEventLogMiddleware(outboxRepository) {
+    return async function SaveEventLogMiddleware(req, res) {
+        const activeSpan = api_1.trace.getActiveSpan();
+        if (!activeSpan) {
+            return undefined;
+        }
+        const spanContext = activeSpan.spanContext();
+        const reqHeaders = req.headers;
+        const resHeaders = res.getHeaders();
+        const filteredHeaders = Object.fromEntries(Object.entries(reqHeaders)
+            .filter(([key, value]) => !["authorization", "cookie"].includes(key.toLowerCase()) && value !== undefined)
+            .map(([key, value]) => [key, value]));
+        const filteredHeadersRes = Object.fromEntries(Object.entries(resHeaders)
+            .filter(([key, value]) => !["authorization", "cookie"].includes(key.toLowerCase()) && value !== undefined)
+            .map(([key, value]) => [key, value]));
+        const metadata = {
+            traceId: spanContext.traceId,
+            spanId: spanContext.spanId,
+            tenantId: req.tenantId ?? "",
+            correlationId: req.correlationId ?? "",
+            remoteIp: req.ip ?? "",
+            request: {
+                headers: filteredHeaders,
+                method: req.method,
+                url: req.url,
+                body: req.body || undefined,
+                endpoint: req.routeOptions?.url,
+                query: req.query,
+                params: req.params,
+            },
+            response: {
+                statusCode: res.statusCode,
+                headers: filteredHeadersRes,
+                endpoint: req.routeOptions?.url,
+                responseTime: res.elapsedTime,
+            },
+        };
+        await outboxRepository.save(OutboxEvent_1.OutboxEvent.create("event.logs", {
+            tenantId: req.tenantId ?? "",
+            user: req.user ?? "",
+        }, metadata));
+    };
+}
+//# sourceMappingURL=EventLogMiddleware.js.map

package/dist/logging/EventLogMiddleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"EventLogMiddleware.js","sourceRoot":"","sources":["../../src/logging/EventLogMiddleware.ts"],"names":[],"mappings":";;AAKA,4DA4DC;AAjED,4CAA2C;AAE3C,gEAA6D;AAG7D,SAAgB,wBAAwB,CAAC,gBAAkC;IACzE,OAAO,KAAK,UAAU,sBAAsB,CAAC,GAAmB,EAAE,GAAiB;QACjF,MAAM,UAAU,GAAG,WAAK,CAAC,aAAa,EAAE,CAAC;QACzC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,WAAW,GAAG,UAAU,CAAC,WAAW,EAAE,CAAC;QAE7C,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC;QAC/B,MAAM,UAAU,GAAG,GAAG,CAAC,UAAU,EAAE,CAAC;QAEpC,MAAM,eAAe,GAAG,MAAM,CAAC,WAAW,CACxC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC;aACvB,MAAM,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,IAAI,KAAK,KAAK,SAAS,CAAC;aACzG,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CACvC,CAAC;QAEF,MAAM,kBAAkB,GAAG,MAAM,CAAC,WAAW,CAC3C,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC;aACvB,MAAM,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,IAAI,KAAK,KAAK,SAAS,CAAC;aACzG,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CACvC,CAAC;QAEF,MAAM,QAAQ,GAAG;YACf,OAAO,EAAE,WAAW,CAAC,OAAO;YAC5B,MAAM,EAAE,WAAW,CAAC,MAAM;YAC1B,QAAQ,EAAG,GAAW,CAAC,QAAQ,IAAI,EAAE;YACrC,aAAa,EAAG,GAAW,CAAC,aAAa,IAAI,EAAE;YAC/C,QAAQ,EAAE,GAAG,CAAC,EAAE,IAAI,EAAE;YAEtB,OAAO,EAAE;gBACP,OAAO,EAAE,eAAe;gBACxB,MAAM,EAAE,GAAG,CAAC,MAAM;gBAClB,GAAG,EAAE,GAAG,CAAC,GAAG;gBACZ,IAAI,EAAE,GAAG,CAAC,IAAI,IAAI,SAAS;gBAC3B,QAAQ,EAAE,GAAG,CAAC,YAAY,EAAE,GAAG;gBAC/B,KAAK,EAAE,GAAG,CAAC,KAAK;gBAChB,MAAM,EAAE,GAAG,CAAC,MAAM;aACnB;YAED,QAAQ,EAAE;gBACR,UAAU,EAAE,GAAG,CAAC,UAAU;gBAC1B,OAAO,EAAE,kBAAkB;gBAC3B,QAAQ,EAAE,GAAG,CAAC,YAAY,EAAE,GAAG;gBAC/B,YAAY,EAAE,GAAG,CAAC,WAAW;aAC9B;SACF,CAAC;QAEF,MAAM,gBAAgB,CAAC,IAAI,CACzB,yBAAW,CAAC,MAAM,CAChB,YAAY,EACZ;YACE,QAAQ,EAAG,GAAW,CAAC,QAAQ,IAAI,EAAE;YACrC,IAAI,EAAG,GAAW,CAAC,IAAI,IAAI,EAAE;SAC9B,EACD,QAAQ,CACT,CACF,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC"}

package/dist/shared/config.d.ts

@@ -0,0 +1,2 @@
+export declare const SERVICE_NAME = "IAM-Middleware";
+//# sourceMappingURL=config.d.ts.map

package/dist/shared/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/shared/config.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,YAAY,mBAAmB,CAAC"}

package/dist/shared/config.js

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SERVICE_NAME = void 0;
+exports.SERVICE_NAME = "IAM-Middleware";
+//# sourceMappingURL=config.js.map

package/dist/shared/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/shared/config.ts"],"names":[],"mappings":";;;AAAa,QAAA,YAAY,GAAG,gBAAgB,CAAC"}

package/dist/test.d.ts

@@ -0,0 +1,4 @@
+import "dotenv/config";
+declare function createApp(): Promise<import("fastify").FastifyInstance<import("http").Server<typeof import("http").IncomingMessage, typeof import("http").ServerResponse>, import("http").IncomingMessage, import("http").ServerResponse<import("http").IncomingMessage>, import("fastify").FastifyBaseLogger, import("fastify").FastifyTypeProviderDefault>>;
+export { createApp };
+//# sourceMappingURL=test.d.ts.map

package/dist/test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"test.d.ts","sourceRoot":"","sources":["../src/test.ts"],"names":[],"mappings":"AAAA,OAAO,eAAe,CAAC;AAavB,iBAAe,SAAS,qUA4CvB;AAED,OAAO,EAAE,SAAS,EAAE,CAAC"}

package/dist/test.js

@@ -0,0 +1,80 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createApp = createApp;
+require("dotenv/config");
+const fastify_1 = __importDefault(require("fastify"));
+const pino_1 = __importDefault(require("pino"));
+const node_crypto_1 = __importDefault(require("node:crypto"));
+const AuthMiddleware_1 = require("./auth/AuthMiddleware");
+const ImplementModeMiddleware_1 = require("./auth/ImplementModeMiddleware");
+const redis_1 = require("redis");
+const logger = (0, pino_1.default)({
+    level: process.env.LOG_LEVEL || "info",
+    transport: { target: "pino-pretty", options: { colorize: true } },
+});
+async function createApp() {
+    const app = (0, fastify_1.default)({
+        logger: {
+            level: process.env.LOG_LEVEL || "info",
+            transport: { target: "pino-pretty", options: { colorize: true } },
+        },
+        genReqId: () => node_crypto_1.default.randomUUID(),
+    });
+    const redisClient = (0, redis_1.createClient)({
+        url: process.env.IAM_REDIS_URL,
+        socket: { tls: true, rejectUnauthorized: false },
+    });
+    const authMiddleware = new AuthMiddleware_1.AuthMiddleware({ redisClient, jwtSecret: process.env.IAM_JWT_SECRET });
+    const implementMode = new ImplementModeMiddleware_1.ImplementModeMiddleware({ redisClient });
+    // or through env
+    // const authMiddleware = new AuthMiddleware();
+    // const implementMode = new ImplementModeMiddleware();
+    // Register standardized routes
+    await app.register(async (appInstance) => {
+        appInstance.get("/test", {
+            preHandler: [
+                authMiddleware.authenticate.bind(authMiddleware), // required for implementMode.authorise and authMiddleware.permissionGuard
+                implementMode.authorise.bind(implementMode),
+                authMiddleware.permissionGuard([{ access: "canRead", subProgram: "test" }]).bind(authMiddleware),
+            ],
+        }, async (request, reply) => {
+            return reply.send({
+                success: true,
+            });
+        });
+    }, { prefix: "/api/v1" });
+    return app;
+}
+async function start() {
+    try {
+        const app = await createApp();
+        const port = Number(process.env.PORT) || 3000;
+        const host = "0.0.0.0";
+        await app.listen({ port, host });
+        logger.info(`Server listening on http://${host}:${port}`);
+    }
+    catch (error) {
+        logger.error(error, "Error starting server");
+        process.exit(1);
+    }
+}
+async function shutdown() {
+    logger.info("Shutting down server...");
+    try {
+        logger.info("Server shut down successfully");
+    }
+    catch (error) {
+        logger.error(error, "Error during shutdown");
+    }
+    process.exit(0);
+}
+// Handle graceful shutdown
+process.on("SIGINT", shutdown);
+process.on("SIGTERM", shutdown);
+if (require.main === module) {
+    start();
+}
+//# sourceMappingURL=test.js.map

package/dist/test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"test.js","sourceRoot":"","sources":["../src/test.ts"],"names":[],"mappings":";;;;;AA2DS,8BAAS;AA3DlB,yBAAuB;AACvB,sDAA8B;AAC9B,gDAAwB;AACxB,8DAAiC;AACjC,0DAAuD;AACvD,4EAAyE;AACzE,iCAAqC;AAErC,MAAM,MAAM,GAAG,IAAA,cAAI,EAAC;IAClB,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,MAAM;IACtC,SAAS,EAAE,EAAE,MAAM,EAAE,aAAa,EAAE,OAAO,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE;CAClE,CAAC,CAAC;AAEH,KAAK,UAAU,SAAS;IACtB,MAAM,GAAG,GAAG,IAAA,iBAAO,EAAC;QAClB,MAAM,EAAE;YACN,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,MAAM;YACtC,SAAS,EAAE,EAAE,MAAM,EAAE,aAAa,EAAE,OAAO,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE;SAClE;QACD,QAAQ,EAAE,GAAG,EAAE,CAAC,qBAAM,CAAC,UAAU,EAAE;KACpC,CAAC,CAAC;IAEH,MAAM,WAAW,GAAG,IAAA,oBAAY,EAAC;QAC/B,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,aAAa;QAC9B,MAAM,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,kBAAkB,EAAE,KAAK,EAAE;KACjD,CAAC,CAAC;IAEH,MAAM,cAAc,GAAG,IAAI,+BAAc,CAAC,EAAE,WAAW,EAAE,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC,CAAC;IAClG,MAAM,aAAa,GAAG,IAAI,iDAAuB,CAAC,EAAE,WAAW,EAAE,CAAC,CAAC;IAEnE,iBAAiB;IACjB,+CAA+C;IAC/C,uDAAuD;IAEvD,+BAA+B;IAC/B,MAAM,GAAG,CAAC,QAAQ,CAChB,KAAK,EAAE,WAAW,EAAE,EAAE;QACpB,WAAW,CAAC,GAAG,CACb,OAAO,EACP;YACE,UAAU,EAAE;gBACV,cAAc,CAAC,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,0EAA0E;gBAC5H,aAAa,CAAC,SAAS,CAAC,IAAI,CAAC,aAAa,CAAC;gBAC3C,cAAc,CAAC,eAAe,CAAC,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;aACjG;SACF,EACD,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;YACvB,OAAO,KAAK,CAAC,IAAI,CAAC;gBAChB,OAAO,EAAE,IAAI;aACd,CAAC,CAAC;QACL,CAAC,CACF,CAAC;IACJ,CAAC,EACD,EAAE,MAAM,EAAE,SAAS,EAAE,CACtB,CAAC;IAEF,OAAO,GAAG,CAAC;AACb,CAAC;AAID,KAAK,UAAU,KAAK;IAClB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,SAAS,EAAE,CAAC;QAC9B,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC;QAC9C,MAAM,IAAI,GAAG,SAAS,CAAC;QAEvB,MAAM,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACjC,MAAM,CAAC,IAAI,CAAC,8BAA8B,IAAI,IAAI,IAAI,EAAE,CAAC,CAAC;IAC5D,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE,uBAAuB,CAAC,CAAC;QAC7C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,QAAQ;IACrB,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;IACvC,IAAI,CAAC;QACH,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;IAC/C,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE,uBAAuB,CAAC,CAAC;IAC/C,CAAC;IACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,2BAA2B;AAC3B,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;AAC/B,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;AAEhC,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;IAC5B,KAAK,EAAE,CAAC;AACV,CAAC"}

package/dist/types/AuthTypes.d.ts

@@ -0,0 +1,43 @@
+import { createClient } from "redis";
+export interface JwtPayload {
+    id: string;
+    name: string;
+    email: string;
+    tenantId: string;
+    type: string;
+    tenantLocale: string;
+    passwordPolicy: string;
+    isDenyPasswordChange?: boolean;
+    isPasswordSendEmail?: boolean;
+    username?: string;
+    [key: string]: any;
+}
+export interface UserInfo {
+    id: string;
+    name: string;
+    email: string;
+    type: string;
+}
+export type BaseOptions = ({
+    redisUrl?: string;
+} | {
+    redisClient?: ReturnType<typeof createClient>;
+}) & {
+    serviceName?: string;
+};
+export type AuthMiddlewareOptions = BaseOptions & {
+    jwtSecret?: string;
+};
+export type ImplementModeMiddlewareOptions = BaseOptions;
+export interface CheckPermissionParams {
+    userId: string;
+    subProgram: string;
+    access: "canCreate" | "canRead" | "canEdit" | "canDelete" | "canNotify" | "canCreateDraft";
+}
+export type PermissionGuardUnit = {
+    subProgram: string;
+    access: CheckPermissionParams["access"];
+};
+export type PermissionGuardArray = PermissionGuardUnit[];
+export type PermissionGuardParams = PermissionGuardUnit | PermissionGuardArray;
+//# sourceMappingURL=AuthTypes.d.ts.map

package/dist/types/AuthTypes.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthTypes.d.ts","sourceRoot":"","sources":["../../src/types/AuthTypes.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,OAAO,CAAC;AAErC,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,MAAM,CAAC;IACvB,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACpB;AAED,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,MAAM,WAAW,GAAG,CACtB;IACE,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,GACD;IAAE,WAAW,CAAC,EAAE,UAAU,CAAC,OAAO,YAAY,CAAC,CAAA;CAAE,CACpD,GAAG;IAAE,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAE7B,MAAM,MAAM,qBAAqB,GAAG,WAAW,GAAG;IAAE,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AACzE,MAAM,MAAM,8BAA8B,GAAG,WAAW,CAAC;AAEzD,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,WAAW,GAAG,SAAS,GAAG,SAAS,GAAG,WAAW,GAAG,WAAW,GAAG,gBAAgB,CAAC;CAC5F;AAED,MAAM,MAAM,mBAAmB,GAAG;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,qBAAqB,CAAC,QAAQ,CAAC,CAAA;CAAE,CAAC;AAClG,MAAM,MAAM,oBAAoB,GAAG,mBAAmB,EAAE,CAAC;AACzD,MAAM,MAAM,qBAAqB,GAAG,mBAAmB,GAAG,oBAAoB,CAAC"}

package/dist/types/AuthTypes.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=AuthTypes.js.map

package/dist/types/AuthTypes.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthTypes.js","sourceRoot":"","sources":["../../src/types/AuthTypes.ts"],"names":[],"mappings":""}

package/package.json

@@ -0,0 +1,62 @@
+{
+  "name": "@sustaina/iam-middleware",
+  "author": "Sustaina Team",
+  "license": "UNLICENSED",
+  "version": "1.0.1",
+  "description": "",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "publishConfig": {
+    "access": "public"
+  },
+  "files": [
+    "dist",
+    "package.json",
+    "README.md"
+  ],
+  "scripts": {
+    "build": "rimraf dist && tsc",
+    "dev": "nodemon src/test.ts",
+    "deploy:npm": "npm run build && semantic-release",
+    "lint": "eslint src/**/*.ts",
+    "lint:fix": "eslint src/**/*.ts --fix",
+    "format": "prettier --write \"src/**/*.ts\"",
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "prepare": "husky"
+  },
+  "keywords": [
+    "@sustaina",
+    "tcc"
+  ],
+  "type": "commonjs",
+  "devDependencies": {
+    "@semantic-release/git": "^10.0.1",
+    "@semantic-release/gitlab": "^13.2.9",
+    "@semantic-release/npm": "^12.0.2",
+    "@types/jsonwebtoken": "^9.0.10",
+    "@types/node": "^24.10.1",
+    "@types/redis": "^4.0.10",
+    "eslint": "^9.39.1",
+    "eslint-config-prettier": "^10.1.8",
+    "eslint-plugin-prettier": "^5.5.4",
+    "husky": "^9.1.7",
+    "nodemon": "^3.1.11",
+    "pino-pretty": "^13.1.3",
+    "prettier": "^3.7.4",
+    "rimraf": "^6.1.2",
+    "semantic-release": "^24.2.9",
+    "ts-node": "^10.9.2",
+    "typescript": "^5.9.3",
+    "typescript-eslint": "^8.48.1"
+  },
+  "peerDependencies": {
+    "fastify": "^5.4.0"
+  },
+  "dependencies": {
+    "@opentelemetry/api": "^1.9.0",
+    "dotenv": "^17.2.3",
+    "jsonwebtoken": "^9.0.2",
+    "pino": "^10.1.0",
+    "redis": "^5.10.0"
+  }
+}