@teacinema-example/passport 1.0.0

package/dist/constans/index.d.ts

@@ -0,0 +1 @@
+export { PASSPORT_OPTIONS } from './passport.constans';

package/dist/constans/index.js

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PASSPORT_OPTIONS = void 0;
+var passport_constans_1 = require("./passport.constans");
+Object.defineProperty(exports, "PASSPORT_OPTIONS", { enumerable: true, get: function () { return passport_constans_1.PASSPORT_OPTIONS; } });

package/dist/constans/passport.constans.d.ts

@@ -0,0 +1 @@
+export declare const PASSPORT_OPTIONS: unique symbol;

package/dist/constans/passport.constans.js

@@ -0,0 +1,4 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PASSPORT_OPTIONS = void 0;
+exports.PASSPORT_OPTIONS = Symbol('PassportOptions');

package/dist/lib/index.d.ts

@@ -0,0 +1,3 @@
+export * from './types';
+export * from './passport.module';
+export * from './passport.service';

package/dist/lib/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./types"), exports);
+__exportStar(require("./passport.module"), exports);
+__exportStar(require("./passport.service"), exports);

package/dist/lib/passport.module.d.ts

@@ -0,0 +1,6 @@
+import { type DynamicModule } from '@nestjs/common';
+import type { PassportAsyncOptions, PassportOptions } from './types';
+export declare class PassportModule {
+    static register(options: PassportOptions): DynamicModule;
+    static registerAsync(options: PassportAsyncOptions): Promise<DynamicModule>;
+}

package/dist/lib/passport.module.js

@@ -0,0 +1,38 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var PassportModule_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PassportModule = void 0;
+const common_1 = require("@nestjs/common");
+const constans_1 = require("../constans");
+const passport_provider_1 = require("./passport.provider");
+const passport_service_1 = require("./passport.service");
+let PassportModule = PassportModule_1 = class PassportModule {
+    static register(options) {
+        const provider = (0, passport_provider_1.passportProvider)(options);
+        return {
+            module: PassportModule_1,
+            providers: [provider, passport_service_1.PassportService],
+            exports: [passport_service_1.PassportService, constans_1.PASSPORT_OPTIONS]
+        };
+    }
+    static async registerAsync(options) {
+        const provider = await (0, passport_provider_1.passportAsyncProvider)(options);
+        return {
+            module: PassportModule_1,
+            imports: options.imports ?? [],
+            providers: [provider, passport_service_1.PassportService],
+            exports: [passport_service_1.PassportService, constans_1.PASSPORT_OPTIONS]
+        };
+    }
+};
+exports.PassportModule = PassportModule;
+exports.PassportModule = PassportModule = PassportModule_1 = __decorate([
+    (0, common_1.Global)(),
+    (0, common_1.Module)({})
+], PassportModule);

package/dist/lib/passport.provider.d.ts

@@ -0,0 +1,4 @@
+import type { Provider } from '@nestjs/common';
+import type { PassportAsyncOptions, PassportOptions } from './types';
+export declare const passportProvider: (options: PassportOptions) => Provider;
+export declare const passportAsyncProvider: (options: PassportAsyncOptions) => Promise<Provider>;

package/dist/lib/passport.provider.js

@@ -0,0 +1,27 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.passportAsyncProvider = exports.passportProvider = void 0;
+const constans_1 = require("../constans");
+const passportProvider = (options) => {
+    return {
+        provide: constans_1.PASSPORT_OPTIONS,
+        useValue: Object.freeze(options)
+    };
+};
+exports.passportProvider = passportProvider;
+const passportAsyncProvider = async (options) => {
+    return {
+        provide: constans_1.PASSPORT_OPTIONS,
+        useFactory: async (...args) => {
+            const resolved = await options.useFactory(...args);
+            if (!resolved ||
+                !resolved.secretKey ||
+                typeof resolved.secretKey !== 'string') {
+                throw new Error('[PassportModule] "secretKey" is required and must be string');
+            }
+            return Object.freeze({ ...resolved });
+        },
+        inject: options.inject ?? []
+    };
+};
+exports.passportAsyncProvider = passportAsyncProvider;

package/dist/lib/passport.service.d.ts

@@ -0,0 +1,21 @@
+import type { PassportOptions } from './types';
+export declare class PassportService {
+    private readonly options;
+    private readonly SECRET_KEY;
+    private static readonly HMAC_DOMAIN;
+    private static readonly INTERNAL_SEPARATOR;
+    constructor(options: PassportOptions);
+    private now;
+    private serialize;
+    private computedHMAC;
+    generate: (userId: string, ttl: number) => string;
+    verify: (secretKey: string, token: string) => {
+        valid: boolean;
+        reason: string;
+        userId?: undefined;
+    } | {
+        valid: boolean;
+        userId: string;
+        reason?: undefined;
+    };
+}

package/dist/lib/passport.service.js

@@ -0,0 +1,72 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+var PassportService_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PassportService = void 0;
+const common_1 = require("@nestjs/common");
+const node_crypto_1 = require("node:crypto");
+const constans_1 = require("../constans");
+const utils_1 = require("./utils");
+let PassportService = class PassportService {
+    static { PassportService_1 = this; }
+    options;
+    SECRET_KEY;
+    static HMAC_DOMAIN = 'PassportTokenAuth/v1';
+    static INTERNAL_SEPARATOR = '|';
+    constructor(options) {
+        this.options = options;
+        this.SECRET_KEY = options.secretKey;
+    }
+    now = () => Math.floor(Date.now() / 1000);
+    serialize = (user, iat, exp) => {
+        return [PassportService_1.HMAC_DOMAIN, user, iat, exp].join(PassportService_1.INTERNAL_SEPARATOR);
+    };
+    computedHMAC = (payload) => {
+        return (0, node_crypto_1.createHmac)('sha256', this.SECRET_KEY)
+            .update(payload)
+            .digest('base64');
+    };
+    generate = (userId, ttl) => {
+        const iat = this.now();
+        const exp = iat + ttl;
+        const userPart = (0, utils_1.base64UrlEncode)(userId);
+        const iatPart = (0, utils_1.base64UrlEncode)(String(iat));
+        const expPart = (0, utils_1.base64UrlEncode)(String(exp));
+        const payload = this.serialize(userPart, iatPart, expPart);
+        const hmac = this.computedHMAC(payload);
+        return `${userPart}.${iatPart}.${expPart}.${hmac}`;
+    };
+    verify = (secretKey, token) => {
+        const parts = token.split('.');
+        if (parts.length !== 4)
+            return { valid: false, reason: 'Invalid format' };
+        const [userPart, iatPart, expPart, hmac] = parts;
+        const payload = this.serialize(userPart, iatPart, expPart);
+        const expectedMac = this.computedHMAC(payload);
+        if (!(0, utils_1.constantTimeEqual)(expectedMac, hmac))
+            return { valid: false, reason: 'Invalid signature' };
+        const expNumber = Number((0, utils_1.base64UrlDecode)(expPart));
+        if (!Number.isFinite(expNumber))
+            return { valid: false, reason: 'Error' };
+        if (this.now() >= expNumber)
+            return { valid: false, reason: 'Expired' };
+        return { valid: true, userId: (0, utils_1.base64UrlDecode)(userPart) };
+    };
+};
+exports.PassportService = PassportService;
+exports.PassportService = PassportService = PassportService_1 = __decorate([
+    (0, common_1.Injectable)(),
+    __param(0, (0, common_1.Inject)(constans_1.PASSPORT_OPTIONS)),
+    __metadata("design:paramtypes", [Object])
+], PassportService);

package/dist/lib/types/index.d.ts

@@ -0,0 +1,3 @@
+export type { TokenPayload, VerifyResult } from './token.type';
+export type { PassportAsyncOptions } from './passport-async-options.type';
+export type { PassportOptions } from './passport-options.type';

package/dist/lib/types/index.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/lib/types/passport-async-options.type.d.ts

@@ -0,0 +1,6 @@
+import type { FactoryProvider, ModuleMetadata } from '@nestjs/common';
+import type { PassportOptions } from './passport-options.type';
+export type PassportAsyncOptions = Pick<ModuleMetadata, 'imports'> & {
+    useFactory: (...args: any[]) => Promise<PassportOptions> | PassportOptions;
+    inject?: FactoryProvider['inject'];
+};

package/dist/lib/types/passport-async-options.type.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/lib/types/passport-options.type.d.ts

@@ -0,0 +1,3 @@
+export type PassportOptions = {
+    secretKey: string;
+};

package/dist/lib/types/passport-options.type.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/lib/types/token.type.d.ts

@@ -0,0 +1,13 @@
+export type TokenPayload = {
+    sub: number | string;
+};
+type VerifySusses = {
+    valid: true;
+    userId: string;
+};
+type VerifyError = {
+    valid: false;
+    reason: string;
+};
+export type VerifyResult = VerifySusses | VerifyError;
+export {};

package/dist/lib/types/token.type.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/lib/utils/base64.d.ts

@@ -0,0 +1,2 @@
+export declare const base64UrlEncode: (buf: Buffer | string) => string;
+export declare const base64UrlDecode: (str: string) => string;

package/dist/lib/utils/base64.js

@@ -0,0 +1,19 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.base64UrlDecode = exports.base64UrlEncode = void 0;
+const base64UrlEncode = (buf) => {
+    const s = typeof buf === 'string' ? Buffer.from(buf) : buf;
+    return s
+        .toString('base64')
+        .replace(/\+/g, '-')
+        .replace(/\//g, '_')
+        .replace(/=+$/, '');
+};
+exports.base64UrlEncode = base64UrlEncode;
+const base64UrlDecode = (str) => {
+    str = str.replace(/-/g, '+').replace(/_/g, '/');
+    while (str.length % 4)
+        str += '=';
+    return Buffer.from(str, 'base64').toString();
+};
+exports.base64UrlDecode = base64UrlDecode;

package/dist/lib/utils/crypto.d.ts

@@ -0,0 +1 @@
+export declare const constantTimeEqual: (a: string, b: string) => boolean;

package/dist/lib/utils/crypto.js

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.constantTimeEqual = void 0;
+const node_crypto_1 = require("node:crypto");
+const constantTimeEqual = (a, b) => {
+    const bufA = Buffer.from(a);
+    const bufB = Buffer.from(b);
+    if (bufA.length !== bufB.length)
+        return false;
+    return (0, node_crypto_1.timingSafeEqual)(bufA, bufB);
+};
+exports.constantTimeEqual = constantTimeEqual;

package/dist/lib/utils/index.d.ts

@@ -0,0 +1,2 @@
+export { base64UrlEncode, base64UrlDecode } from './base64';
+export { constantTimeEqual } from './crypto';

package/dist/lib/utils/index.js

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.constantTimeEqual = exports.base64UrlDecode = exports.base64UrlEncode = void 0;
+var base64_1 = require("./base64");
+Object.defineProperty(exports, "base64UrlEncode", { enumerable: true, get: function () { return base64_1.base64UrlEncode; } });
+Object.defineProperty(exports, "base64UrlDecode", { enumerable: true, get: function () { return base64_1.base64UrlDecode; } });
+var crypto_1 = require("./crypto");
+Object.defineProperty(exports, "constantTimeEqual", { enumerable: true, get: function () { return crypto_1.constantTimeEqual; } });

package/package.json

@@ -0,0 +1,31 @@
+{
+  "name": "@teacinema-example/passport",
+  "version": "1.0.0",
+  "description": "Lightweight Teacinema authentication library",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "files": ["dist"],
+  "publishConfig": {
+    "access": "public"
+  },
+  "scripts": {
+    "build": "tsc -p tsconfig.build.json",
+    "format": "prettier --write \"lib/**/*.ts\""
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC",
+  "type": "commonjs",
+  "devDependencies": {
+    "@teacinema-example/core": "^1.0.3",
+    "@types/node": "^25.3.0",
+    "prettier": "^3.8.1",
+    "typescript": "^5.9.3"
+  },
+  "dependencies": {
+    "@nestjs/common": "^11.1.14",
+    "@nestjs/core": "^11.1.14",
+    "reflect-metadata": "^0.2.2",
+    "rxjs": "^7.8.2"
+  }
+}