@vnodes/auth 0.0.5 → 0.0.11

package/dist/auth.controller.d.ts

@@ -1,5 +1,7 @@
+import { CanActivateDto } from './dto/can-activate.dto.js';
 import { ForgotPasswordDto } from './dto/forgot-password.dto.js';
 import { LoginDto } from './dto/login.dto.js';
+import { UpdatePasswordDto } from './dto/update-password.dto.js';
 import { AuthService } from './services/auth.service.js';
 export declare class AuthController {
     protected readonly authService: AuthService;
@@ -7,5 +9,8 @@ export declare class AuthController {
     login(body: LoginDto): Promise<import("./index.js").AccessTokenDto>;
     logout(accessToken: string): import("./index.js").MessageDto;
     forgotPassword(body: ForgotPasswordDto): import("./index.js").MessageDto;
+    updatePassword(uuid: string, body: UpdatePasswordDto): Promise<import("./index.js").MessageDto>;
+    profile(uuid: string): import("./index.js").UserManager;
+    canActivate(username: string, body: CanActivateDto): Promise<import("./index.js").CanActivateResponseDto>;
 }
 //# sourceMappingURL=auth.controller.d.ts.map

package/dist/auth.controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth.controller.d.ts","sourceRoot":"","sources":["../src/auth.controller.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AAEzD,qBAEa,cAAc;IACX,SAAS,CAAC,QAAQ,CAAC,WAAW,EAAE,WAAW;gBAAxB,WAAW,EAAE,WAAW;IAIvD,KAAK,CAAS,IAAI,EAAE,QAAQ;IAK5B,MAAM,CAAgB,WAAW,EAAE,MAAM;IAMzC,cAAc,CAAS,IAAI,EAAE,iBAAiB;CAGjD"}
+{"version":3,"file":"auth.controller.d.ts","sourceRoot":"","sources":["../src/auth.controller.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAC3D,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AAEzD,qBAKa,cAAc;IACX,SAAS,CAAC,QAAQ,CAAC,WAAW,EAAE,WAAW;gBAAxB,WAAW,EAAE,WAAW;IAIvD,KAAK,CAAS,IAAI,EAAE,QAAQ;IAK5B,MAAM,CAAgB,WAAW,EAAE,MAAM;IAMzC,cAAc,CAAS,IAAI,EAAE,iBAAiB;IAK9C,cAAc,CAAa,IAAI,EAAE,MAAM,EAAU,IAAI,EAAE,iBAAiB;IAKxE,OAAO,CAAa,IAAI,EAAE,MAAM;IAKhC,WAAW,CAAiB,QAAQ,EAAE,MAAM,EAAU,IAAI,EAAE,cAAc;CAG7E"}

package/dist/auth.controller.js

@@ -1,10 +1,13 @@
 import { __decorate, __metadata, __param } from "tslib";
-import { Body, Controller, Post } from '@nestjs/common';
+import { Body, Controller, Get, Post } from '@nestjs/common';
+import { ApiBearerAuth } from '@nestjs/swagger';
 import { Throttle } from '@nestjs/throttler';
-import { Public } from '@vnodes/metadata';
-import { AccessToken } from './context/context.js';
+import { ByPassAutorization, Public, ResourceName } from '@vnodes/metadata';
+import { AccessToken, UserUsername, UserUuid } from './context/context.js';
+import { CanActivateDto } from './dto/can-activate.dto.js';
 import { ForgotPasswordDto } from './dto/forgot-password.dto.js';
 import { LoginDto } from './dto/login.dto.js';
+import { UpdatePasswordDto } from './dto/update-password.dto.js';
 import { AuthService } from './services/auth.service.js';
 let AuthController = class AuthController {
     authService;
@@ -20,6 +23,15 @@ let AuthController = class AuthController {
     forgotPassword(body) {
         return this.authService.forgotPassword(body);
     }
+    updatePassword(uuid, body) {
+        return this.authService.updatePassword(uuid, body);
+    }
+    profile(uuid) {
+        return this.authService.profile(uuid);
+    }
+    canActivate(username, body) {
+        return this.authService.canActivate(username, body);
+    }
 };
 __decorate([
     Public(),
@@ -44,8 +56,34 @@ __decorate([
     __metadata("design:paramtypes", [ForgotPasswordDto]),
     __metadata("design:returntype", void 0)
 ], AuthController.prototype, "forgotPassword", null);
+__decorate([
+    Post('update-password'),
+    __param(0, UserUuid()),
+    __param(1, Body()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [String, UpdatePasswordDto]),
+    __metadata("design:returntype", void 0)
+], AuthController.prototype, "updatePassword", null);
+__decorate([
+    Get('profile'),
+    __param(0, UserUuid()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [String]),
+    __metadata("design:returntype", void 0)
+], AuthController.prototype, "profile", null);
+__decorate([
+    Post('can-activate'),
+    __param(0, UserUsername()),
+    __param(1, Body()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [String, CanActivateDto]),
+    __metadata("design:returntype", void 0)
+], AuthController.prototype, "canActivate", null);
 AuthController = __decorate([
+    ByPassAutorization(),
     Throttle({ default: { limit: 6, ttl: 30_000 } }),
+    ResourceName('Auth'),
+    ApiBearerAuth(),
     Controller('auth'),
     __metadata("design:paramtypes", [AuthService])
 ], AuthController);

package/dist/auth.module.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth.module.d.ts","sourceRoot":"","sources":["../src/auth.module.ts"],"names":[],"mappings":"AAQA,qBAqBa,UAAU;CAAG"}
+{"version":3,"file":"auth.module.d.ts","sourceRoot":"","sources":["../src/auth.module.ts"],"names":[],"mappings":"AAWA,qBAsBa,UAAU;CAAG"}

package/dist/auth.module.js

@@ -1,11 +1,14 @@
 import { __decorate } from "tslib";
 import { Module } from '@nestjs/common';
 import { ConfigModule, ConfigService } from '@nestjs/config';
+import { APP_GUARD } from '@nestjs/core';
 import { EventEmitterModule } from '@nestjs/event-emitter';
 import { JwtModule } from '@nestjs/jwt';
+import { Env } from '@vnodes/metadata';
 import { AuthController } from './auth.controller.js';
+import { AuthGuard } from './guards/auth.guard.js';
 import { AuthService } from './services/auth.service.js';
-import { UserService } from './services/user.service.js';
+import { AuthUserService } from './services/auth-user.service.js';
 let AuthModule = class AuthModule {
 };
 AuthModule = __decorate([
@@ -16,8 +19,8 @@ AuthModule = __decorate([
                 imports: [ConfigModule],
                 inject: [ConfigService],
                 useFactory(config) {
-                    const secret = config.getOrThrow('JWT_SECRET');
-                    const expiresIn = config.getOrThrow('JWT_EXPIRES_IN');
+                    const secret = config.getOrThrow(Env.JWT_SECRET);
+                    const expiresIn = config.getOrThrow(Env.JWT_EXPIRES_IN);
                     return {
                         secret,
                         signOptions: {
@@ -28,7 +31,8 @@ AuthModule = __decorate([
             }),
         ],
         controllers: [AuthController],
-        providers: [UserService, AuthService],
+        providers: [AuthUserService, AuthService, { provide: APP_GUARD, useClass: AuthGuard }],
+        exports: [AuthUserService],
     })
 ], AuthModule);
 export { AuthModule };

package/dist/client/auth-client.module.d.ts

@@ -0,0 +1,3 @@
+export declare class AuthClientModule {
+}
+//# sourceMappingURL=auth-client.module.d.ts.map

package/dist/client/auth-client.module.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-client.module.d.ts","sourceRoot":"","sources":["../../src/client/auth-client.module.ts"],"names":[],"mappings":"AAMA,qBAUa,gBAAgB;CAAG"}

package/dist/client/auth-client.module.js

@@ -0,0 +1,21 @@
+import { __decorate } from "tslib";
+import { Module } from '@nestjs/common';
+import { ConfigModule } from '@nestjs/config';
+import { APP_GUARD } from '@nestjs/core';
+import { AuthClientGuard } from '../guards/auth-client.guard.js';
+import { provideAuthClientOptions } from '../providers/auth-client-options.provider.js';
+let AuthClientModule = class AuthClientModule {
+};
+AuthClientModule = __decorate([
+    Module({
+        imports: [ConfigModule],
+        providers: [
+            provideAuthClientOptions(),
+            {
+                provide: APP_GUARD,
+                useClass: AuthClientGuard,
+            },
+        ],
+    })
+], AuthClientModule);
+export { AuthClientModule };

package/dist/context/context.d.ts

@@ -1,8 +1,10 @@
-import { User } from '../services/user-manager.js';
+import { User } from '../types/user.js';
 /**
  * Get the user info {@link UserInfo} of the current session from the request
  */
 export declare const UserInfo: (...dataOrPipes: (User | import("@nestjs/common").PipeTransform<any, any> | import("@nestjs/common").Type<import("@nestjs/common").PipeTransform<any, any>>)[]) => ParameterDecorator;
+export declare const UserUuid: (...dataOrPipes: (User | import("@nestjs/common").PipeTransform<any, any> | import("@nestjs/common").Type<import("@nestjs/common").PipeTransform<any, any>>)[]) => ParameterDecorator;
+export declare const UserUsername: (...dataOrPipes: (User | import("@nestjs/common").PipeTransform<any, any> | import("@nestjs/common").Type<import("@nestjs/common").PipeTransform<any, any>>)[]) => ParameterDecorator;
 /**
  * Get the access token of the current session from the request
  */

package/dist/context/context.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../../src/context/context.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,6BAA6B,CAAC;AAGnD;;GAEG;AACH,eAAO,MAAM,QAAQ,uLAEnB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,WAAW,yLAEtB,CAAC"}
+{"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../../src/context/context.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AACxC;;GAEG;AACH,eAAO,MAAM,QAAQ,uLAEnB,CAAC;AAEH,eAAO,MAAM,QAAQ,uLAEnB,CAAC;AAEH,eAAO,MAAM,YAAY,uLAEvB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,WAAW,yLAEtB,CAAC"}

package/dist/context/context.js

@@ -5,6 +5,12 @@ import { createParamDecorator } from '@nestjs/common';
 export const UserInfo = createParamDecorator((_, context) => {
     return context.switchToHttp().getRequest().user;
 });
+export const UserUuid = createParamDecorator((_, context) => {
+    return context.switchToHttp().getRequest().user.uuid;
+});
+export const UserUsername = createParamDecorator((_, context) => {
+    return context.switchToHttp().getRequest().user.username;
+});
 /**
  * Get the access token of the current session from the request
  */

package/dist/dto/can-activate-response-dto.d.ts

@@ -0,0 +1,5 @@
+export declare class CanActivateResponseDto {
+    canActivate: boolean;
+    constructor(data: CanActivateResponseDto);
+}
+//# sourceMappingURL=can-activate-response-dto.d.ts.map

package/dist/dto/can-activate-response-dto.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"can-activate-response-dto.d.ts","sourceRoot":"","sources":["../../src/dto/can-activate-response-dto.ts"],"names":[],"mappings":"AAEA,qBAAa,sBAAsB;IACvB,WAAW,EAAE,OAAO,CAAC;gBAEjB,IAAI,EAAE,sBAAsB;CAG3C"}

package/dist/dto/can-activate-response-dto.js

@@ -0,0 +1,12 @@
+import { __decorate, __metadata } from "tslib";
+import { Prop } from '@vnodes/property';
+export class CanActivateResponseDto {
+    canActivate;
+    constructor(data) {
+        Object.assign(this, data);
+    }
+}
+__decorate([
+    Prop(),
+    __metadata("design:type", Boolean)
+], CanActivateResponseDto.prototype, "canActivate", void 0);

package/dist/dto/can-activate.dto.d.ts

@@ -0,0 +1,6 @@
+export declare class CanActivateDto {
+    requiredRoles?: string[];
+    requiredPermissions?: string[];
+    constructor(data: CanActivateDto);
+}
+//# sourceMappingURL=can-activate.dto.d.ts.map

package/dist/dto/can-activate.dto.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"can-activate.dto.d.ts","sourceRoot":"","sources":["../../src/dto/can-activate.dto.ts"],"names":[],"mappings":"AAEA,qBAAa,cAAc;IACG,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;gBAC7C,IAAI,EAAE,cAAc;CAGnC"}

package/dist/dto/can-activate.dto.js

@@ -0,0 +1,17 @@
+import { __decorate, __metadata } from "tslib";
+import { Prop } from '@vnodes/property';
+export class CanActivateDto {
+    requiredRoles;
+    requiredPermissions;
+    constructor(data) {
+        Object.assign(this, data);
+    }
+}
+__decorate([
+    Prop({ type: [String] }),
+    __metadata("design:type", Array)
+], CanActivateDto.prototype, "requiredRoles", void 0);
+__decorate([
+    Prop({ type: [String] }),
+    __metadata("design:type", Array)
+], CanActivateDto.prototype, "requiredPermissions", void 0);

package/dist/dto/email-otp-event.dto.d.ts

@@ -0,0 +1,6 @@
+export declare class EmailOtpEventDto {
+    username: string;
+    otp: string;
+    constructor(data: EmailOtpEventDto);
+}
+//# sourceMappingURL=email-otp-event.dto.d.ts.map

package/dist/dto/email-otp-event.dto.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"email-otp-event.dto.d.ts","sourceRoot":"","sources":["../../src/dto/email-otp-event.dto.ts"],"names":[],"mappings":"AAEA,qBAAa,gBAAgB;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,EAAE,MAAM,CAAC;gBACR,IAAI,EAAE,gBAAgB;CAGrC"}

package/dist/dto/email-otp-event.dto.js

@@ -0,0 +1,17 @@
+import { __decorate, __metadata } from "tslib";
+import { Prop } from '@vnodes/property';
+export class EmailOtpEventDto {
+    username;
+    otp;
+    constructor(data) {
+        Object.assign(this, data);
+    }
+}
+__decorate([
+    Prop(),
+    __metadata("design:type", String)
+], EmailOtpEventDto.prototype, "username", void 0);
+__decorate([
+    Prop(),
+    __metadata("design:type", String)
+], EmailOtpEventDto.prototype, "otp", void 0);

package/dist/dto/forgot-password.dto.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"forgot-password.dto.d.ts","sourceRoot":"","sources":["../../src/dto/forgot-password.dto.ts"],"names":[],"mappings":"AAEA,qBAAa,iBAAiB;IACiB,QAAQ,EAAE,MAAM,CAAC;CAC/D"}
+{"version":3,"file":"forgot-password.dto.d.ts","sourceRoot":"","sources":["../../src/dto/forgot-password.dto.ts"],"names":[],"mappings":"AAEA,qBAAa,iBAAiB;IACA,QAAQ,EAAE,MAAM,CAAC;CAC9C"}

package/dist/dto/forgot-password.dto.js

@@ -4,6 +4,6 @@ export class ForgotPasswordDto {
     username;
 }
 __decorate([
-    Prop({ required: true, format: 'email' }),
+    Prop({ required: true }),
     __metadata("design:type", String)
 ], ForgotPasswordDto.prototype, "username", void 0);

package/dist/dto/login-with-otp.dto.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"login-with-otp.dto.d.ts","sourceRoot":"","sources":["../../src/dto/login-with-otp.dto.ts"],"names":[],"mappings":"AAEA,qBAAa,eAAe;IACmB,QAAQ,EAAE,MAAM,CAAC;IACpB,GAAG,EAAE,MAAM,CAAC;CACvD"}
+{"version":3,"file":"login-with-otp.dto.d.ts","sourceRoot":"","sources":["../../src/dto/login-with-otp.dto.ts"],"names":[],"mappings":"AAEA,qBAAa,eAAe;IACE,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,EAAE,MAAM,CAAC;CACzC"}

package/dist/dto/login-with-otp.dto.js

@@ -5,10 +5,10 @@ export class LoginWithOtpDto {
     otp;
 }
 __decorate([
-    Prop({ required: true, format: 'email' }),
+    Prop({ required: true }),
     __metadata("design:type", String)
 ], LoginWithOtpDto.prototype, "username", void 0);
 __decorate([
-    Prop({ required: true, minLength: 6 }),
+    Prop({ required: true }),
     __metadata("design:type", String)
 ], LoginWithOtpDto.prototype, "otp", void 0);

package/dist/dto/login.dto.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"login.dto.d.ts","sourceRoot":"","sources":["../../src/dto/login.dto.ts"],"names":[],"mappings":"AAEA,qBAAa,QAAQ;IAC0B,QAAQ,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;CAClE"}
+{"version":3,"file":"login.dto.d.ts","sourceRoot":"","sources":["../../src/dto/login.dto.ts"],"names":[],"mappings":"AAEA,qBAAa,QAAQ;IACS,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;CAC9C"}

package/dist/dto/login.dto.js

@@ -5,10 +5,10 @@ export class LoginDto {
     password;
 }
 __decorate([
-    Prop({ required: true, format: 'email' }),
+    Prop({ required: true }),
     __metadata("design:type", String)
 ], LoginDto.prototype, "username", void 0);
 __decorate([
-    Prop({ required: true, format: 'password' }),
+    Prop({ required: true }),
     __metadata("design:type", String)
 ], LoginDto.prototype, "password", void 0);

package/dist/dto/update-password-event.dto.d.ts

@@ -0,0 +1,5 @@
+export declare class UpdatePasswordEventDto {
+    uuid: string;
+    password: string;
+}
+//# sourceMappingURL=update-password-event.dto.d.ts.map

package/dist/dto/update-password-event.dto.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"update-password-event.dto.d.ts","sourceRoot":"","sources":["../../src/dto/update-password-event.dto.ts"],"names":[],"mappings":"AAEA,qBAAa,sBAAsB;IACL,IAAI,EAAE,MAAM,CAAC;IACO,QAAQ,EAAE,MAAM,CAAC;CAClE"}

package/dist/dto/update-password-event.dto.js

@@ -0,0 +1,14 @@
+import { __decorate, __metadata } from "tslib";
+import { Prop } from '@vnodes/property';
+export class UpdatePasswordEventDto {
+    uuid;
+    password;
+}
+__decorate([
+    Prop({ required: true }),
+    __metadata("design:type", String)
+], UpdatePasswordEventDto.prototype, "uuid", void 0);
+__decorate([
+    Prop({ required: true, format: 'password' }),
+    __metadata("design:type", String)
+], UpdatePasswordEventDto.prototype, "password", void 0);

package/dist/guards/auth-client.guard.d.ts

@@ -0,0 +1,14 @@
+import { CanActivate, ExecutionContext } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
+import { Reflector } from '@nestjs/core';
+import { AuthClientOptions } from '../types/auth-client-options.js';
+import { AuthRequest } from '../types/auth-request.js';
+export declare class AuthClientGuard implements CanActivate {
+    protected readonly reflector: Reflector;
+    protected readonly config: ConfigService;
+    protected readonly serviceOptions: AuthClientOptions;
+    constructor(reflector: Reflector, config: ConfigService, serviceOptions: AuthClientOptions);
+    canActivate(context: ExecutionContext): Promise<boolean>;
+    extractToken(request: AuthRequest): string;
+}
+//# sourceMappingURL=auth-client.guard.d.ts.map

package/dist/guards/auth-client.guard.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-client.guard.d.ts","sourceRoot":"","sources":["../../src/guards/auth-client.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,gBAAgB,EAAqC,MAAM,gBAAgB,CAAC;AAClG,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAIzC,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AACpE,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAEvD,qBACa,eAAgB,YAAW,WAAW;IAE3C,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS;IACvC,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,aAAa;IACb,SAAS,CAAC,QAAQ,CAAC,cAAc,EAAE,iBAAiB;gBAF5D,SAAS,EAAE,SAAS,EACpB,MAAM,EAAE,aAAa,EACM,cAAc,EAAE,iBAAiB;IAG7E,WAAW,CAAC,OAAO,EAAE,gBAAgB;IAwC3C,YAAY,CAAC,OAAO,EAAE,WAAW;CAYpC"}

package/dist/guards/auth-client.guard.js

@@ -0,0 +1,64 @@
+import { __decorate, __metadata, __param } from "tslib";
+import { Injectable, UnauthorizedException } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
+import { Reflector } from '@nestjs/core';
+import { getOperationName, getPermissions, getRoles, isPublic } from '@vnodes/metadata';
+import { CanActivateDto } from '../dto/can-activate.dto.js';
+import { InjectAutoClientOptions } from '../providers/auth-client-options.provider.js';
+import { AuthClientOptions } from '../types/auth-client-options.js';
+let AuthClientGuard = class AuthClientGuard {
+    reflector;
+    config;
+    serviceOptions;
+    constructor(reflector, config, serviceOptions) {
+        this.reflector = reflector;
+        this.config = config;
+        this.serviceOptions = serviceOptions;
+    }
+    async canActivate(context) {
+        const req = context.switchToHttp().getRequest();
+        if (isPublic(this.reflector, context)) {
+            return true;
+        }
+        const headers = new Headers();
+        const resourceName = getOperationName(this.reflector, context);
+        const operationName = getOperationName(this.reflector, context);
+        const permit = `${this.serviceOptions.appId}.${resourceName}.${operationName}`;
+        const customPermissions = getPermissions(this.reflector, context) ?? [];
+        const customRoles = getRoles(this.reflector, context) ?? [];
+        const token = this.extractToken(req);
+        headers.set('authorization', token);
+        const policy = new CanActivateDto({
+            requiredRoles: [...customRoles],
+            requiredPermissions: [permit, ...customPermissions],
+        });
+        const bodyAsString = JSON.stringify(policy);
+        const res = await fetch(this.serviceOptions.authServiceUrl, {
+            method: 'POST',
+            headers,
+            body: bodyAsString,
+        });
+        if (res.status > 200 && res.status < 300) {
+            return true;
+        }
+        return false;
+    }
+    extractToken(request) {
+        const rawToken = request.headers.authorization;
+        if (!rawToken) {
+            throw new UnauthorizedException('No token');
+        }
+        const [type, token] = rawToken.split(' ');
+        if (type === 'Bearer' && token)
+            return token;
+        throw new UnauthorizedException('Invalid token ');
+    }
+};
+AuthClientGuard = __decorate([
+    Injectable(),
+    __param(2, InjectAutoClientOptions()),
+    __metadata("design:paramtypes", [Reflector,
+        ConfigService,
+        AuthClientOptions])
+], AuthClientGuard);
+export { AuthClientGuard };

package/dist/guards/auth.guard.d.ts

@@ -1,12 +1,16 @@
 import { CanActivate, ExecutionContext } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
 import { Reflector } from '@nestjs/core';
-import { UserService } from '../services/user.service.js';
+import { UserManager } from 'src/types/user-manager.js';
+import { AuthUserService } from '../services/auth-user.service.js';
 import { AuthRequest } from '../types/auth-request.js';
 export declare class AuthGuard implements CanActivate {
+    protected readonly config: ConfigService;
     protected readonly reflector: Reflector;
-    protected readonly userService: UserService;
-    constructor(reflector: Reflector, userService: UserService);
+    protected readonly authUserService: AuthUserService;
+    constructor(config: ConfigService, reflector: Reflector, authUserService: AuthUserService);
     canActivate(context: ExecutionContext): Promise<boolean>;
+    protected isAutorized(context: ExecutionContext, user: UserManager): boolean;
     extractToken(request: AuthRequest): string;
 }
 //# sourceMappingURL=auth.guard.d.ts.map

package/dist/guards/auth.guard.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth.guard.d.ts","sourceRoot":"","sources":["../../src/guards/auth.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,gBAAgB,EAAqC,MAAM,gBAAgB,CAAC;AAClG,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,OAAO,EAAE,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAC1D,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAEvD,qBACa,SAAU,YAAW,WAAW;IAErC,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS;IACvC,SAAS,CAAC,QAAQ,CAAC,WAAW,EAAE,WAAW;gBADxB,SAAS,EAAE,SAAS,EACpB,WAAW,EAAE,WAAW;IAGzC,WAAW,CAAC,OAAO,EAAE,gBAAgB;IAqC3C,YAAY,CAAC,OAAO,EAAE,WAAW;CAYpC"}
+{"version":3,"file":"auth.guard.d.ts","sourceRoot":"","sources":["../../src/guards/auth.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,gBAAgB,EAAqC,MAAM,gBAAgB,CAAC;AAClG,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AASzC,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,kCAAkC,CAAC;AACnE,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAEvD,qBACa,SAAU,YAAW,WAAW;IAErC,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,aAAa;IACxC,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS;IACvC,SAAS,CAAC,QAAQ,CAAC,eAAe,EAAE,eAAe;gBAFhC,MAAM,EAAE,aAAa,EACrB,SAAS,EAAE,SAAS,EACpB,eAAe,EAAE,eAAe;IAGjD,WAAW,CAAC,OAAO,EAAE,gBAAgB;IAgB3C,SAAS,CAAC,WAAW,CAAC,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,WAAW;IAgClE,YAAY,CAAC,OAAO,EAAE,WAAW;CAYpC"}

package/dist/guards/auth.guard.js

@@ -1,42 +1,54 @@
 import { __decorate, __metadata } from "tslib";
 import { Injectable, UnauthorizedException } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
 import { Reflector } from '@nestjs/core';
-import { getPermissions, getRoles, isPublic } from '@vnodes/metadata';
-import { UserService } from '../services/user.service.js';
+import { getOperationName, getPermissions, getResourceName, getRoles, isByPassAuthorization, isPublic, } from '@vnodes/metadata';
+import { AuthUserService } from '../services/auth-user.service.js';
 let AuthGuard = class AuthGuard {
+    config;
     reflector;
-    userService;
-    constructor(reflector, userService) {
+    authUserService;
+    constructor(config, reflector, authUserService) {
+        this.config = config;
         this.reflector = reflector;
-        this.userService = userService;
+        this.authUserService = authUserService;
     }
     async canActivate(context) {
         if (isPublic(this.reflector, context)) {
             return true;
         }
-        const permissions = getPermissions(this.reflector, context);
-        const roles = getRoles(this.reflector, context);
-        const requiredPolicy = ((permissions || roles) && permissions.length > 0) || roles.length > 0;
-        if (!requiredPolicy) {
+        const req = context.switchToHttp().getRequest();
+        const token = this.extractToken(req);
+        const user = await this.authUserService.findByToken(token);
+        req.user = user.user;
+        if (isByPassAuthorization(this.reflector, context)) {
             return true;
         }
-        const authRequest = context.switchToHttp().getRequest();
-        const token = this.extractToken(authRequest);
-        const user = await this.userService.findByToken(token);
-        authRequest.user = user.user;
+        return this.isAutorized(context, user);
+    }
+    isAutorized(context, user) {
+        const appId = this.config.getOrThrow('APP_ID');
+        const resourceName = getResourceName(this.reflector, context);
+        const operationName = getOperationName(this.reflector, context);
+        const customPermits = getPermissions(this.reflector, context);
+        const customRoles = getRoles(this.reflector, context);
+        const permit = `${appId}.${resourceName}.${operationName}`;
         if (user.isAdmin()) {
             return true;
         }
-        if (permissions.length > 0) {
-            if (!user.hasPermissions(permissions)) {
+        if (customPermits && customPermits.length > 0) {
+            if (!user.hasAllPermissions(customPermits)) {
                 return false;
             }
         }
-        if (roles.length > 0) {
-            if (!user.hasRoles(roles)) {
+        if (customRoles && customRoles.length > 0) {
+            if (!user.hasSomeRoles(customRoles)) {
                 return false;
             }
         }
+        if (!user.hasAllPermissions([permit])) {
+            return false;
+        }
         return true;
     }
     extractToken(request) {
@@ -52,7 +64,8 @@ let AuthGuard = class AuthGuard {
 };
 AuthGuard = __decorate([
     Injectable(),
-    __metadata("design:paramtypes", [Reflector,
-        UserService])
+    __metadata("design:paramtypes", [ConfigService,
+        Reflector,
+        AuthUserService])
 ], AuthGuard);
 export { AuthGuard };

package/dist/index.d.ts

@@ -1,16 +1,27 @@
 export * from './auth.controller.js';
 export * from './auth.module.js';
+export * from './client/auth-client.module.js';
 export * from './context/context.js';
 export * from './dto/access-token.dto.js';
+export * from './dto/can-activate.dto.js';
+export * from './dto/can-activate-response-dto.js';
+export * from './dto/email-otp-event.dto.js';
 export * from './dto/forgot-password.dto.js';
 export * from './dto/login.dto.js';
 export * from './dto/login-with-otp.dto.js';
 export * from './dto/message.dto.js';
 export * from './dto/otp-response-dto.js';
 export * from './dto/update-password.dto.js';
+export * from './dto/update-password-event.dto.js';
 export * from './guards/auth.guard.js';
+export * from './guards/auth-client.guard.js';
+export * from './providers/auth-client-options.provider.js';
 export * from './services/auth.service.js';
-export * from './services/user.service.js';
-export * from './services/user-manager.js';
+export * from './services/auth-listener.service.js';
+export * from './services/auth-user.service.js';
+export * from './types/auth-client-options.js';
 export * from './types/auth-request.js';
+export * from './types/jwt-payload.js';
+export * from './types/user.js';
+export * from './types/user-manager.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,cAAc,sBAAsB,CAAC;AACrC,cAAc,kBAAkB,CAAC;AACjC,cAAc,sBAAsB,CAAC;AACrC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,8BAA8B,CAAC;AAC7C,cAAc,oBAAoB,CAAC;AACnC,cAAc,6BAA6B,CAAC;AAC5C,cAAc,sBAAsB,CAAC;AACrC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,8BAA8B,CAAC;AAC7C,cAAc,wBAAwB,CAAC;AACvC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,4BAA4B,CAAC;AAC3C,cAAc,4BAA4B,CAAC;AAC3C,cAAc,yBAAyB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,cAAc,sBAAsB,CAAC;AACrC,cAAc,kBAAkB,CAAC;AACjC,cAAc,gCAAgC,CAAC;AAC/C,cAAc,sBAAsB,CAAC;AACrC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,2BAA2B,CAAC;AAC1C,cAAc,oCAAoC,CAAC;AACnD,cAAc,8BAA8B,CAAC;AAC7C,cAAc,8BAA8B,CAAC;AAC7C,cAAc,oBAAoB,CAAC;AACnC,cAAc,6BAA6B,CAAC;AAC5C,cAAc,sBAAsB,CAAC;AACrC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,8BAA8B,CAAC;AAC7C,cAAc,oCAAoC,CAAC;AACnD,cAAc,wBAAwB,CAAC;AACvC,cAAc,+BAA+B,CAAC;AAC9C,cAAc,6CAA6C,CAAC;AAC5D,cAAc,4BAA4B,CAAC;AAC3C,cAAc,qCAAqC,CAAC;AACpD,cAAc,iCAAiC,CAAC;AAChD,cAAc,gCAAgC,CAAC;AAC/C,cAAc,yBAAyB,CAAC;AACxC,cAAc,wBAAwB,CAAC;AACvC,cAAc,iBAAiB,CAAC;AAChC,cAAc,yBAAyB,CAAC"}

package/dist/index.js

@@ -1,16 +1,27 @@
 // @index(['./**/*.ts', '!./**/*.spec.ts', '!./**/{main,serve,index}.ts', '!./**/prisma', '!./**/generated'], f => `export * from '${f.path}.js'`)
 export * from './auth.controller.js';
 export * from './auth.module.js';
+export * from './client/auth-client.module.js';
 export * from './context/context.js';
 export * from './dto/access-token.dto.js';
+export * from './dto/can-activate.dto.js';
+export * from './dto/can-activate-response-dto.js';
+export * from './dto/email-otp-event.dto.js';
 export * from './dto/forgot-password.dto.js';
 export * from './dto/login.dto.js';
 export * from './dto/login-with-otp.dto.js';
 export * from './dto/message.dto.js';
 export * from './dto/otp-response-dto.js';
 export * from './dto/update-password.dto.js';
+export * from './dto/update-password-event.dto.js';
 export * from './guards/auth.guard.js';
+export * from './guards/auth-client.guard.js';
+export * from './providers/auth-client-options.provider.js';
 export * from './services/auth.service.js';
-export * from './services/user.service.js';
-export * from './services/user-manager.js';
+export * from './services/auth-listener.service.js';
+export * from './services/auth-user.service.js';
+export * from './types/auth-client-options.js';
 export * from './types/auth-request.js';
+export * from './types/jwt-payload.js';
+export * from './types/user.js';
+export * from './types/user-manager.js';

package/dist/providers/auth-client-options.provider.d.ts

@@ -0,0 +1,5 @@
+import { Provider } from '@nestjs/common';
+export declare function getAuthClientOptionsToken(): string;
+export declare function provideAuthClientOptions(): Provider;
+export declare const InjectAutoClientOptions: () => PropertyDecorator & ParameterDecorator;
+//# sourceMappingURL=auth-client-options.provider.d.ts.map