@toeichust/common 1.0.1 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +8 -1
- package/dist/index.js +8 -1
- package/dist/index.js.map +1 -1
- package/dist/modules/auth/auth.module.d.ts +2 -0
- package/dist/modules/auth/auth.module.js +23 -0
- package/dist/modules/auth/auth.module.js.map +1 -0
- package/dist/modules/auth/constants/auth.constant.d.ts +2 -0
- package/dist/modules/auth/constants/auth.constant.js +6 -0
- package/dist/modules/auth/constants/auth.constant.js.map +1 -0
- package/dist/modules/auth/decorators/auth.decorator.d.ts +5 -0
- package/dist/modules/auth/decorators/auth.decorator.js +15 -0
- package/dist/modules/auth/decorators/auth.decorator.js.map +1 -0
- package/dist/modules/auth/decorators/current-user.decorator.d.ts +1 -0
- package/dist/modules/auth/decorators/current-user.decorator.js +9 -0
- package/dist/modules/auth/decorators/current-user.decorator.js.map +1 -0
- package/dist/modules/auth/enums/user-role.enum.d.ts +4 -0
- package/dist/modules/auth/enums/user-role.enum.js +9 -0
- package/dist/modules/auth/enums/user-role.enum.js.map +1 -0
- package/dist/modules/auth/guards/jwt-auth.guard.d.ts +9 -0
- package/dist/modules/auth/guards/jwt-auth.guard.js +38 -0
- package/dist/modules/auth/guards/jwt-auth.guard.js.map +1 -0
- package/dist/modules/auth/guards/roles.guard.d.ts +7 -0
- package/dist/modules/auth/guards/roles.guard.js +34 -0
- package/dist/modules/auth/guards/roles.guard.js.map +1 -0
- package/dist/modules/auth/strategies/jwt.strategy.d.ts +11 -0
- package/dist/modules/auth/strategies/jwt.strategy.js +51 -0
- package/dist/modules/auth/strategies/jwt.strategy.js.map +1 -0
- package/dist/modules/vault/vault.service.js +1 -1
- package/dist/modules/vault/vault.service.js.map +1 -1
- package/dist/tsconfig.build.tsbuildinfo +1 -1
- package/package.json +6 -2
- package/dist/modules/vault/vault.service.spec.d.ts +0 -1
- package/dist/modules/vault/vault.service.spec.js +0 -300
- package/dist/modules/vault/vault.service.spec.js.map +0 -1
package/dist/index.d.ts
CHANGED
|
@@ -2,6 +2,13 @@ export * from './constants/swagger.constant';
|
|
|
2
2
|
export * from './helpers/bootstrap.helper';
|
|
3
3
|
export * from './helpers/swagger.helper';
|
|
4
4
|
export * from './middlewares/logger.middleware';
|
|
5
|
+
export * from './modules/auth/auth.module';
|
|
6
|
+
export * from './modules/auth/constants/auth.constant';
|
|
7
|
+
export * from './modules/auth/decorators/auth.decorator';
|
|
8
|
+
export * from './modules/auth/decorators/current-user.decorator';
|
|
9
|
+
export * from './modules/auth/enums/user-role.enum';
|
|
10
|
+
export * from './modules/auth/guards/jwt-auth.guard';
|
|
11
|
+
export * from './modules/auth/guards/roles.guard';
|
|
12
|
+
export * from './modules/auth/strategies/jwt.strategy';
|
|
5
13
|
export * from './modules/vault/vault.module';
|
|
6
|
-
export * from './modules/vault/vault.service.spec';
|
|
7
14
|
export * from './modules/vault/vault.service';
|
package/dist/index.js
CHANGED
|
@@ -18,7 +18,14 @@ __exportStar(require("./constants/swagger.constant"), exports);
|
|
|
18
18
|
__exportStar(require("./helpers/bootstrap.helper"), exports);
|
|
19
19
|
__exportStar(require("./helpers/swagger.helper"), exports);
|
|
20
20
|
__exportStar(require("./middlewares/logger.middleware"), exports);
|
|
21
|
+
__exportStar(require("./modules/auth/auth.module"), exports);
|
|
22
|
+
__exportStar(require("./modules/auth/constants/auth.constant"), exports);
|
|
23
|
+
__exportStar(require("./modules/auth/decorators/auth.decorator"), exports);
|
|
24
|
+
__exportStar(require("./modules/auth/decorators/current-user.decorator"), exports);
|
|
25
|
+
__exportStar(require("./modules/auth/enums/user-role.enum"), exports);
|
|
26
|
+
__exportStar(require("./modules/auth/guards/jwt-auth.guard"), exports);
|
|
27
|
+
__exportStar(require("./modules/auth/guards/roles.guard"), exports);
|
|
28
|
+
__exportStar(require("./modules/auth/strategies/jwt.strategy"), exports);
|
|
21
29
|
__exportStar(require("./modules/vault/vault.module"), exports);
|
|
22
|
-
__exportStar(require("./modules/vault/vault.service.spec"), exports);
|
|
23
30
|
__exportStar(require("./modules/vault/vault.service"), exports);
|
|
24
31
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAIA,+DAA6C;AAC7C,6DAA2C;AAC3C,2DAAyC;AACzC,kEAAgD;AAChD,+DAA6C;AAC7C,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAIA,+DAA6C;AAC7C,6DAA2C;AAC3C,2DAAyC;AACzC,kEAAgD;AAChD,6DAA2C;AAC3C,yEAAuD;AACvD,2EAAyD;AACzD,mFAAiE;AACjE,sEAAoD;AACpD,uEAAqD;AACrD,oEAAkD;AAClD,yEAAuD;AACvD,+DAA6C;AAC7C,gEAA8C"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
+
exports.AuthModule = void 0;
|
|
10
|
+
const common_1 = require("@nestjs/common");
|
|
11
|
+
const passport_1 = require("@nestjs/passport");
|
|
12
|
+
const jwt_strategy_1 = require("./strategies/jwt.strategy");
|
|
13
|
+
let AuthModule = class AuthModule {
|
|
14
|
+
};
|
|
15
|
+
exports.AuthModule = AuthModule;
|
|
16
|
+
exports.AuthModule = AuthModule = __decorate([
|
|
17
|
+
(0, common_1.Module)({
|
|
18
|
+
imports: [passport_1.PassportModule.register({ defaultStrategy: 'jwt' })],
|
|
19
|
+
providers: [jwt_strategy_1.JwtStrategy],
|
|
20
|
+
exports: [passport_1.PassportModule],
|
|
21
|
+
})
|
|
22
|
+
], AuthModule);
|
|
23
|
+
//# sourceMappingURL=auth.module.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.module.js","sourceRoot":"","sources":["../../../src/modules/auth/auth.module.ts"],"names":[],"mappings":";;;;;;;;;AAAA,2CAAwC;AACxC,+CAAkD;AAClD,4DAAwD;AAOjD,IAAM,UAAU,GAAhB,MAAM,UAAU;CAAG,CAAA;AAAb,gCAAU;qBAAV,UAAU;IALtB,IAAA,eAAM,EAAC;QACN,OAAO,EAAE,CAAC,yBAAc,CAAC,QAAQ,CAAC,EAAE,eAAe,EAAE,KAAK,EAAE,CAAC,CAAC;QAC9D,SAAS,EAAE,CAAC,0BAAW,CAAC;QACxB,OAAO,EAAE,CAAC,yBAAc,CAAC;KAC1B,CAAC;GACW,UAAU,CAAG"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.constant.js","sourceRoot":"","sources":["../../../../src/modules/auth/constants/auth.constant.ts"],"names":[],"mappings":";;;AAAa,QAAA,aAAa,GAAG,UAAU,CAAC;AAC3B,QAAA,SAAS,GAAG,OAAO,CAAC"}
|
|
@@ -0,0 +1,5 @@
|
|
|
1
|
+
export declare const Auth: {
|
|
2
|
+
Public: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
|
|
3
|
+
User: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
|
|
4
|
+
Admin: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
|
|
5
|
+
};
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.Auth = void 0;
|
|
4
|
+
const common_1 = require("@nestjs/common");
|
|
5
|
+
const swagger_1 = require("@nestjs/swagger");
|
|
6
|
+
const auth_constant_1 = require("../constants/auth.constant");
|
|
7
|
+
const user_role_enum_1 = require("../enums/user-role.enum");
|
|
8
|
+
const jwt_auth_guard_1 = require("../guards/jwt-auth.guard");
|
|
9
|
+
const roles_guard_1 = require("../guards/roles.guard");
|
|
10
|
+
exports.Auth = {
|
|
11
|
+
Public: () => (0, common_1.applyDecorators)((0, common_1.SetMetadata)(auth_constant_1.IS_PUBLIC_KEY, true)),
|
|
12
|
+
User: () => (0, common_1.applyDecorators)((0, common_1.UseGuards)(jwt_auth_guard_1.JwtAuthGuard), (0, swagger_1.ApiBearerAuth)(), (0, swagger_1.ApiUnauthorizedResponse)({ description: 'Unauthorized' })),
|
|
13
|
+
Admin: () => (0, common_1.applyDecorators)((0, common_1.UseGuards)(jwt_auth_guard_1.JwtAuthGuard, roles_guard_1.RolesGuard), (0, common_1.SetMetadata)(auth_constant_1.ROLES_KEY, [user_role_enum_1.UserRole.ADMIN]), (0, swagger_1.ApiBearerAuth)(), (0, swagger_1.ApiUnauthorizedResponse)({ description: 'Unauthorized' }), (0, swagger_1.ApiForbiddenResponse)({ description: 'Forbidden - Requires Admin role' })),
|
|
14
|
+
};
|
|
15
|
+
//# sourceMappingURL=auth.decorator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.decorator.js","sourceRoot":"","sources":["../../../../src/modules/auth/decorators/auth.decorator.ts"],"names":[],"mappings":";;;AAAA,2CAAyE;AACzE,6CAIyB;AACzB,8DAAsE;AACtE,4DAAmD;AACnD,6DAAwD;AACxD,uDAAmD;AAEtC,QAAA,IAAI,GAAG;IAClB,MAAM,EAAE,GAAG,EAAE,CAAC,IAAA,wBAAe,EAAC,IAAA,oBAAW,EAAC,6BAAa,EAAE,IAAI,CAAC,CAAC;IAE/D,IAAI,EAAE,GAAG,EAAE,CACT,IAAA,wBAAe,EACb,IAAA,kBAAS,EAAC,6BAAY,CAAC,EACvB,IAAA,uBAAa,GAAE,EACf,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,cAAc,EAAE,CAAC,CACzD;IAEH,KAAK,EAAE,GAAG,EAAE,CACV,IAAA,wBAAe,EACb,IAAA,kBAAS,EAAC,6BAAY,EAAE,wBAAU,CAAC,EACnC,IAAA,oBAAW,EAAC,yBAAS,EAAE,CAAC,yBAAQ,CAAC,KAAK,CAAC,CAAC,EACxC,IAAA,uBAAa,GAAE,EACf,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,cAAc,EAAE,CAAC,EACxD,IAAA,8BAAoB,EAAC,EAAE,WAAW,EAAE,iCAAiC,EAAE,CAAC,CACzE;CACJ,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare const CurrentUserId: (...dataOrPipes: unknown[]) => ParameterDecorator;
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.CurrentUserId = void 0;
|
|
4
|
+
const common_1 = require("@nestjs/common");
|
|
5
|
+
exports.CurrentUserId = (0, common_1.createParamDecorator)((_data, ctx) => {
|
|
6
|
+
const request = ctx.switchToHttp().getRequest();
|
|
7
|
+
return request.user?.userId;
|
|
8
|
+
});
|
|
9
|
+
//# sourceMappingURL=current-user.decorator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"current-user.decorator.js","sourceRoot":"","sources":["../../../../src/modules/auth/decorators/current-user.decorator.ts"],"names":[],"mappings":";;;AAAA,2CAAwE;AAE3D,QAAA,aAAa,GAAG,IAAA,6BAAoB,EAC/C,CAAC,KAAc,EAAE,GAAqB,EAAE,EAAE;IACxC,MAAM,OAAO,GAAG,GAAG,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;IAChD,OAAO,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;AAC9B,CAAC,CACF,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.UserRole = void 0;
|
|
4
|
+
var UserRole;
|
|
5
|
+
(function (UserRole) {
|
|
6
|
+
UserRole["ADMIN"] = "admin";
|
|
7
|
+
UserRole["USER"] = "authenticated";
|
|
8
|
+
})(UserRole || (exports.UserRole = UserRole = {}));
|
|
9
|
+
//# sourceMappingURL=user-role.enum.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"user-role.enum.js","sourceRoot":"","sources":["../../../../src/modules/auth/enums/user-role.enum.ts"],"names":[],"mappings":";;;AAAA,IAAY,QAGX;AAHD,WAAY,QAAQ;IAClB,2BAAe,CAAA;IACf,kCAAsB,CAAA;AACxB,CAAC,EAHW,QAAQ,wBAAR,QAAQ,QAGnB"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { ExecutionContext } from '@nestjs/common';
|
|
2
|
+
import { Reflector } from '@nestjs/core';
|
|
3
|
+
declare const JwtAuthGuard_base: import("@nestjs/passport").Type<import("@nestjs/passport").IAuthGuard>;
|
|
4
|
+
export declare class JwtAuthGuard extends JwtAuthGuard_base {
|
|
5
|
+
private reflector;
|
|
6
|
+
constructor(reflector: Reflector);
|
|
7
|
+
canActivate(context: ExecutionContext): boolean | Promise<boolean> | import("rxjs").Observable<boolean>;
|
|
8
|
+
}
|
|
9
|
+
export {};
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.JwtAuthGuard = void 0;
|
|
13
|
+
const common_1 = require("@nestjs/common");
|
|
14
|
+
const core_1 = require("@nestjs/core");
|
|
15
|
+
const passport_1 = require("@nestjs/passport");
|
|
16
|
+
const auth_constant_1 = require("../constants/auth.constant");
|
|
17
|
+
let JwtAuthGuard = class JwtAuthGuard extends (0, passport_1.AuthGuard)('jwt') {
|
|
18
|
+
reflector;
|
|
19
|
+
constructor(reflector) {
|
|
20
|
+
super();
|
|
21
|
+
this.reflector = reflector;
|
|
22
|
+
}
|
|
23
|
+
canActivate(context) {
|
|
24
|
+
const isPublic = this.reflector.getAllAndOverride(auth_constant_1.IS_PUBLIC_KEY, [
|
|
25
|
+
context.getHandler(),
|
|
26
|
+
context.getClass(),
|
|
27
|
+
]);
|
|
28
|
+
if (isPublic)
|
|
29
|
+
return true;
|
|
30
|
+
return super.canActivate(context);
|
|
31
|
+
}
|
|
32
|
+
};
|
|
33
|
+
exports.JwtAuthGuard = JwtAuthGuard;
|
|
34
|
+
exports.JwtAuthGuard = JwtAuthGuard = __decorate([
|
|
35
|
+
(0, common_1.Injectable)(),
|
|
36
|
+
__metadata("design:paramtypes", [core_1.Reflector])
|
|
37
|
+
], JwtAuthGuard);
|
|
38
|
+
//# sourceMappingURL=jwt-auth.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"jwt-auth.guard.js","sourceRoot":"","sources":["../../../../src/modules/auth/guards/jwt-auth.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAA8D;AAC9D,uCAAyC;AACzC,+CAA6C;AAC7C,8DAA2D;AAGpD,IAAM,YAAY,GAAlB,MAAM,YAAa,SAAQ,IAAA,oBAAS,EAAC,KAAK,CAAC;IAC5B;IAApB,YAAoB,SAAoB;QACtC,KAAK,EAAE,CAAC;QADU,cAAS,GAAT,SAAS,CAAW;IAExC,CAAC;IAED,WAAW,CAAC,OAAyB;QACnC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,6BAAa,EAAE;YACxE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,QAAQ;YAAE,OAAO,IAAI,CAAC;QAC1B,OAAO,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;IACpC,CAAC;CACF,CAAA;AAdY,oCAAY;uBAAZ,YAAY;IADxB,IAAA,mBAAU,GAAE;qCAEoB,gBAAS;GAD7B,YAAY,CAcxB"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
2
|
+
import { Reflector } from '@nestjs/core';
|
|
3
|
+
export declare class RolesGuard implements CanActivate {
|
|
4
|
+
private reflector;
|
|
5
|
+
constructor(reflector: Reflector);
|
|
6
|
+
canActivate(context: ExecutionContext): boolean;
|
|
7
|
+
}
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.RolesGuard = void 0;
|
|
13
|
+
const common_1 = require("@nestjs/common");
|
|
14
|
+
const core_1 = require("@nestjs/core");
|
|
15
|
+
const auth_constant_1 = require("../constants/auth.constant");
|
|
16
|
+
let RolesGuard = class RolesGuard {
|
|
17
|
+
reflector;
|
|
18
|
+
constructor(reflector) {
|
|
19
|
+
this.reflector = reflector;
|
|
20
|
+
}
|
|
21
|
+
canActivate(context) {
|
|
22
|
+
const requiredRoles = this.reflector.getAllAndOverride(auth_constant_1.ROLES_KEY, [context.getHandler(), context.getClass()]);
|
|
23
|
+
if (!requiredRoles)
|
|
24
|
+
return true;
|
|
25
|
+
const { user } = context.switchToHttp().getRequest();
|
|
26
|
+
return requiredRoles.some((role) => user.role === role);
|
|
27
|
+
}
|
|
28
|
+
};
|
|
29
|
+
exports.RolesGuard = RolesGuard;
|
|
30
|
+
exports.RolesGuard = RolesGuard = __decorate([
|
|
31
|
+
(0, common_1.Injectable)(),
|
|
32
|
+
__metadata("design:paramtypes", [core_1.Reflector])
|
|
33
|
+
], RolesGuard);
|
|
34
|
+
//# sourceMappingURL=roles.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"roles.guard.js","sourceRoot":"","sources":["../../../../src/modules/auth/guards/roles.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAA2E;AAC3E,uCAAyC;AACzC,8DAAuD;AAIhD,IAAM,UAAU,GAAhB,MAAM,UAAU;IACD;IAApB,YAAoB,SAAoB;QAApB,cAAS,GAAT,SAAS,CAAW;IAAG,CAAC;IAE5C,WAAW,CAAC,OAAyB;QACnC,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CACpD,yBAAS,EACT,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAC3C,CAAC;QAEF,IAAI,CAAC,aAAa;YAAE,OAAO,IAAI,CAAC;QAEhC,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QACrD,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;IAC1D,CAAC;CACF,CAAA;AAdY,gCAAU;qBAAV,UAAU;IADtB,IAAA,mBAAU,GAAE;qCAEoB,gBAAS;GAD7B,UAAU,CActB"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { VaultService } from '../../vault/vault.service';
|
|
2
|
+
declare const JwtStrategy_base: new (...args: any) => any;
|
|
3
|
+
export declare class JwtStrategy extends JwtStrategy_base {
|
|
4
|
+
constructor(vaultService: VaultService);
|
|
5
|
+
validate(payload: any): Promise<{
|
|
6
|
+
userId: any;
|
|
7
|
+
email: any;
|
|
8
|
+
role: any;
|
|
9
|
+
}>;
|
|
10
|
+
}
|
|
11
|
+
export {};
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.JwtStrategy = void 0;
|
|
13
|
+
const common_1 = require("@nestjs/common");
|
|
14
|
+
const passport_1 = require("@nestjs/passport");
|
|
15
|
+
const jwks_rsa_1 = require("jwks-rsa");
|
|
16
|
+
const passport_jwt_1 = require("passport-jwt");
|
|
17
|
+
const vault_service_1 = require("../../vault/vault.service");
|
|
18
|
+
let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(passport_jwt_1.Strategy) {
|
|
19
|
+
constructor(vaultService) {
|
|
20
|
+
const supabaseUrl = vaultService.get('SUPABASE_URL');
|
|
21
|
+
if (!supabaseUrl) {
|
|
22
|
+
throw new Error('SUPABASE_URL not defined in Vault');
|
|
23
|
+
}
|
|
24
|
+
super({
|
|
25
|
+
jwtFromRequest: passport_jwt_1.ExtractJwt.fromAuthHeaderAsBearerToken(),
|
|
26
|
+
ignoreExpiration: false,
|
|
27
|
+
audience: 'authenticated',
|
|
28
|
+
issuer: `${supabaseUrl}/auth/v1`,
|
|
29
|
+
algorithms: ['RS256', 'ES256'],
|
|
30
|
+
secretOrKeyProvider: (0, jwks_rsa_1.passportJwtSecret)({
|
|
31
|
+
cache: true,
|
|
32
|
+
rateLimit: true,
|
|
33
|
+
jwksRequestsPerMinute: 5,
|
|
34
|
+
jwksUri: `${supabaseUrl}/auth/v1/.well-known/jwks.json`,
|
|
35
|
+
}),
|
|
36
|
+
});
|
|
37
|
+
}
|
|
38
|
+
async validate(payload) {
|
|
39
|
+
return {
|
|
40
|
+
userId: payload.sub,
|
|
41
|
+
email: payload.email,
|
|
42
|
+
role: payload.app_metadata?.role || payload.role,
|
|
43
|
+
};
|
|
44
|
+
}
|
|
45
|
+
};
|
|
46
|
+
exports.JwtStrategy = JwtStrategy;
|
|
47
|
+
exports.JwtStrategy = JwtStrategy = __decorate([
|
|
48
|
+
(0, common_1.Injectable)(),
|
|
49
|
+
__metadata("design:paramtypes", [vault_service_1.VaultService])
|
|
50
|
+
], JwtStrategy);
|
|
51
|
+
//# sourceMappingURL=jwt.strategy.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"jwt.strategy.js","sourceRoot":"","sources":["../../../../src/modules/auth/strategies/jwt.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAA4C;AAC5C,+CAAoD;AACpD,uCAA6C;AAC7C,+CAAoD;AACpD,6DAAyD;AAGlD,IAAM,WAAW,GAAjB,MAAM,WAAY,SAAQ,IAAA,2BAAgB,EAAC,uBAAQ,CAAC;IACzD,YAAY,YAA0B;QACpC,MAAM,WAAW,GAAG,YAAY,CAAC,GAAG,CAAS,cAAc,CAAC,CAAC;QAE7D,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QACvD,CAAC;QAED,KAAK,CAAC;YACJ,cAAc,EAAE,yBAAU,CAAC,2BAA2B,EAAE;YACxD,gBAAgB,EAAE,KAAK;YACvB,QAAQ,EAAE,eAAe;YACzB,MAAM,EAAE,GAAG,WAAW,UAAU;YAChC,UAAU,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC;YAE9B,mBAAmB,EAAE,IAAA,4BAAiB,EAAC;gBACrC,KAAK,EAAE,IAAI;gBACX,SAAS,EAAE,IAAI;gBACf,qBAAqB,EAAE,CAAC;gBACxB,OAAO,EAAE,GAAG,WAAW,gCAAgC;aACxD,CAAC;SACH,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,OAAY;QACzB,OAAO;YACL,MAAM,EAAE,OAAO,CAAC,GAAG;YACnB,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,IAAI,EAAE,OAAO,CAAC,YAAY,EAAE,IAAI,IAAI,OAAO,CAAC,IAAI;SACjD,CAAC;IACJ,CAAC;CACF,CAAA;AA/BY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;qCAEe,4BAAY;GAD3B,WAAW,CA+BvB"}
|
|
@@ -67,7 +67,7 @@ let VaultService = VaultService_1 = class VaultService {
|
|
|
67
67
|
});
|
|
68
68
|
this.secrets = fetchedSecrets;
|
|
69
69
|
if (overriddenKeys.length > 0) {
|
|
70
|
-
this.logger.warn(
|
|
70
|
+
this.logger.warn(`Các biến sau đây đang sử dụng giá trị từ ENV (ghi đè Vault): ${overriddenKeys.join(', ')}`);
|
|
71
71
|
}
|
|
72
72
|
}
|
|
73
73
|
else {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"vault.service.js","sourceRoot":"","sources":["../../../src/modules/vault/vault.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAAoD;AACpD,2CAA+C;AAC/C,4DAA+B;AAGxB,IAAM,YAAY,oBAAlB,MAAM,YAAY;IACH;IAApB,YAAoB,aAA4B;QAA5B,kBAAa,GAAb,aAAa,CAAe;IAAG,CAAC;IAEnC,MAAM,GAAG,IAAI,eAAM,CAAC,cAAY,CAAC,IAAI,CAAC,CAAC;IAChD,WAAW,CAAe;IAC1B,OAAO,GAAwB,EAAE,CAAC;IAE1C,KAAK,CAAC,WAAW;QACf,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;QAE7C,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAS,UAAU,CAAC,CAAC;QAC5D,MAAM,aAAa,GAAG,QAAQ,KAAK,aAAa,CAAC;QAEjD,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAS,YAAY,CAAC,CAAC;QAChE,MAAM,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAS,eAAe,CAAC,CAAC;QACtE,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAS,iBAAiB,CAAC,CAAC;QAC1E,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAS,iBAAiB,CAAC,CAAC;QAE1E,IAAI,CAAC,UAAU,IAAI,CAAC,aAAa,IAAI,CAAC,eAAe,EAAE,CAAC;YACtD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACzE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,CAAC;QAGD,IAAI,CAAC,WAAW,GAAG,IAAA,oBAAK,EAAC;YACvB,UAAU,EAAE,IAAI;YAChB,QAAQ,EAAE,UAAU;SACrB,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC;gBACtD,OAAO,EAAE,aAAa;gBACtB,SAAS,EAAE,eAAe;aAC3B,CAAC,CAAC;YAEH,IAAI,CAAC,WAAW,CAAC,KAAK,GAAG,WAAW,CAAC,IAAI,CAAC,YAAY,CAAC;YAEvD,MAAM,SAAS,GAAG,eAAe,IAAI,mBAAmB,CAAC;YACzD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAExD,IAAI,cAAc,GAAwB,EAAE,CAAC;YAE7C,IAAI,QAAQ,CAAC,IAAI,IAAI,QAAQ,CAAC,IAAI,CAAC,IAAI,IAAI,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAClE,cAAc,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC;YACtC,CAAC;iBAAM,CAAC;gBACN,cAAc,GAAG,QAAQ,CAAC,IAAI,IAAI,EAAE,CAAC;YACvC,CAAC;YAED,IAAI,aAAa,EAAE,CAAC;gBAClB,MAAM,cAAc,GAAa,EAAE,CAAC;gBAEpC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;oBAC1C,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;oBAE7C,IAAI,QAAQ,KAAK,SAAS,IAAI,QAAQ,KAAK,IAAI,IAAI,QAAQ,KAAK,EAAE,EAAE,CAAC;wBACnE,cAAc,CAAC,GAAG,CAAC,GAAG,QAAQ,CAAC;wBAC/B,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;oBAC3B,CAAC;gBACH,CAAC,CAAC,CAAC;gBAEH,IAAI,CAAC,OAAO,GAAG,cAAc,CAAC;gBAE9B,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC9B,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,
|
|
1
|
+
{"version":3,"file":"vault.service.js","sourceRoot":"","sources":["../../../src/modules/vault/vault.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAAoD;AACpD,2CAA+C;AAC/C,4DAA+B;AAGxB,IAAM,YAAY,oBAAlB,MAAM,YAAY;IACH;IAApB,YAAoB,aAA4B;QAA5B,kBAAa,GAAb,aAAa,CAAe;IAAG,CAAC;IAEnC,MAAM,GAAG,IAAI,eAAM,CAAC,cAAY,CAAC,IAAI,CAAC,CAAC;IAChD,WAAW,CAAe;IAC1B,OAAO,GAAwB,EAAE,CAAC;IAE1C,KAAK,CAAC,WAAW;QACf,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;QAE7C,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAS,UAAU,CAAC,CAAC;QAC5D,MAAM,aAAa,GAAG,QAAQ,KAAK,aAAa,CAAC;QAEjD,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAS,YAAY,CAAC,CAAC;QAChE,MAAM,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAS,eAAe,CAAC,CAAC;QACtE,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAS,iBAAiB,CAAC,CAAC;QAC1E,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAS,iBAAiB,CAAC,CAAC;QAE1E,IAAI,CAAC,UAAU,IAAI,CAAC,aAAa,IAAI,CAAC,eAAe,EAAE,CAAC;YACtD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACzE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,CAAC;QAGD,IAAI,CAAC,WAAW,GAAG,IAAA,oBAAK,EAAC;YACvB,UAAU,EAAE,IAAI;YAChB,QAAQ,EAAE,UAAU;SACrB,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC;gBACtD,OAAO,EAAE,aAAa;gBACtB,SAAS,EAAE,eAAe;aAC3B,CAAC,CAAC;YAEH,IAAI,CAAC,WAAW,CAAC,KAAK,GAAG,WAAW,CAAC,IAAI,CAAC,YAAY,CAAC;YAEvD,MAAM,SAAS,GAAG,eAAe,IAAI,mBAAmB,CAAC;YACzD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAExD,IAAI,cAAc,GAAwB,EAAE,CAAC;YAE7C,IAAI,QAAQ,CAAC,IAAI,IAAI,QAAQ,CAAC,IAAI,CAAC,IAAI,IAAI,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAClE,cAAc,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC;YACtC,CAAC;iBAAM,CAAC;gBACN,cAAc,GAAG,QAAQ,CAAC,IAAI,IAAI,EAAE,CAAC;YACvC,CAAC;YAED,IAAI,aAAa,EAAE,CAAC;gBAClB,MAAM,cAAc,GAAa,EAAE,CAAC;gBAEpC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;oBAC1C,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;oBAE7C,IAAI,QAAQ,KAAK,SAAS,IAAI,QAAQ,KAAK,IAAI,IAAI,QAAQ,KAAK,EAAE,EAAE,CAAC;wBACnE,cAAc,CAAC,GAAG,CAAC,GAAG,QAAQ,CAAC;wBAC/B,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;oBAC3B,CAAC;gBACH,CAAC,CAAC,CAAC;gBAEH,IAAI,CAAC,OAAO,GAAG,cAAc,CAAC;gBAE9B,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC9B,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,gEAAgE,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC5F,CAAC;gBACJ,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,OAAO,GAAG,cAAc,CAAC;YAChC,CAAC;YAED,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;QACnE,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAsB,KAAK,CAAC,OAAO,EAAE,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;YACtE,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,GAAG,CAAa,GAAW;QACzB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAM,CAAC;IAChC,CAAC;CACF,CAAA;AAjFY,oCAAY;uBAAZ,YAAY;IADxB,IAAA,mBAAU,GAAE;qCAEwB,sBAAa;GADrC,YAAY,CAiFxB"}
|