@volontariapp/auth 1.0.0 → 2.0.0-next.20260407111312
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth.module.d.ts.map +1 -1
- package/dist/auth.module.js +5 -1
- package/dist/auth.module.js.map +1 -1
- package/dist/decorators/roles.decorator.d.ts +3 -0
- package/dist/decorators/roles.decorator.d.ts.map +1 -0
- package/dist/decorators/roles.decorator.js +4 -0
- package/dist/decorators/roles.decorator.js.map +1 -0
- package/dist/errors/auth.errors.d.ts +13 -0
- package/dist/errors/auth.errors.d.ts.map +1 -0
- package/dist/errors/auth.errors.js +19 -0
- package/dist/errors/auth.errors.js.map +1 -0
- package/dist/errors/index.d.ts +2 -0
- package/dist/errors/index.d.ts.map +1 -0
- package/dist/errors/index.js +2 -0
- package/dist/errors/index.js.map +1 -0
- package/dist/guards/access-token.guard.d.ts +8 -0
- package/dist/guards/access-token.guard.d.ts.map +1 -0
- package/dist/guards/access-token.guard.js +39 -0
- package/dist/guards/access-token.guard.js.map +1 -0
- package/dist/guards/grpc-internal.guard.d.ts +1 -2
- package/dist/guards/grpc-internal.guard.d.ts.map +1 -1
- package/dist/guards/grpc-internal.guard.js +13 -22
- package/dist/guards/grpc-internal.guard.js.map +1 -1
- package/dist/guards/refresh-token.guard.d.ts +8 -0
- package/dist/guards/refresh-token.guard.d.ts.map +1 -0
- package/dist/guards/refresh-token.guard.js +39 -0
- package/dist/guards/refresh-token.guard.js.map +1 -0
- package/dist/guards/roles.guard.d.ts +8 -0
- package/dist/guards/roles.guard.d.ts.map +1 -0
- package/dist/guards/roles.guard.js +42 -0
- package/dist/guards/roles.guard.js.map +1 -0
- package/dist/index.d.ts +7 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +7 -0
- package/dist/index.js.map +1 -1
- package/dist/interceptors/grpc-internal.interceptor.d.ts +1 -1
- package/dist/interceptors/grpc-internal.interceptor.d.ts.map +1 -1
- package/dist/interceptors/grpc-internal.interceptor.js +5 -2
- package/dist/interceptors/grpc-internal.interceptor.js.map +1 -1
- package/dist/interfaces/auth-config.interface.d.ts +9 -4
- package/dist/interfaces/auth-config.interface.d.ts.map +1 -1
- package/dist/interfaces/auth-user.interface.d.ts +1 -0
- package/dist/interfaces/auth-user.interface.d.ts.map +1 -1
- package/dist/middlewares/access-token.middleware.d.ts +5 -0
- package/dist/middlewares/access-token.middleware.d.ts.map +1 -0
- package/dist/middlewares/access-token.middleware.js +34 -0
- package/dist/middlewares/access-token.middleware.js.map +1 -0
- package/dist/middlewares/refresh-token.middleware.d.ts +5 -0
- package/dist/middlewares/refresh-token.middleware.d.ts.map +1 -0
- package/dist/middlewares/refresh-token.middleware.js +29 -0
- package/dist/middlewares/refresh-token.middleware.js.map +1 -0
- package/dist/services/grpc-metadata.helper.js +1 -1
- package/dist/services/jwt.service.d.ts +20 -3
- package/dist/services/jwt.service.d.ts.map +1 -1
- package/dist/services/jwt.service.js +150 -51
- package/dist/services/jwt.service.js.map +1 -1
- package/dist/test/example/auth-test.controller.d.ts +17 -0
- package/dist/test/example/auth-test.controller.d.ts.map +1 -0
- package/dist/test/example/auth-test.controller.js +70 -0
- package/dist/test/example/auth-test.controller.js.map +1 -0
- package/dist/test/example/test.controller.d.ts +11 -0
- package/dist/test/example/test.controller.d.ts.map +1 -0
- package/dist/test/example/test.controller.js +42 -0
- package/dist/test/example/test.controller.js.map +1 -0
- package/dist/test/factories/auth-user.factory.d.ts +3 -0
- package/dist/test/factories/auth-user.factory.d.ts.map +1 -0
- package/dist/test/factories/auth-user.factory.js +6 -0
- package/dist/test/factories/auth-user.factory.js.map +1 -0
- package/dist/test/helpers/context.helper.d.ts +4 -0
- package/dist/test/helpers/context.helper.d.ts.map +1 -0
- package/dist/test/helpers/context.helper.js +18 -0
- package/dist/test/helpers/context.helper.js.map +1 -0
- package/dist/test/integration/full-auth-flow.int.spec.d.ts +2 -0
- package/dist/test/integration/full-auth-flow.int.spec.d.ts.map +1 -0
- package/dist/test/integration/full-auth-flow.int.spec.js +124 -0
- package/dist/test/integration/full-auth-flow.int.spec.js.map +1 -0
- package/dist/test/integration/grpc-internal.guard.int.spec.d.ts +2 -0
- package/dist/test/integration/grpc-internal.guard.int.spec.d.ts.map +1 -0
- package/dist/test/integration/grpc-internal.guard.int.spec.js +82 -0
- package/dist/test/integration/grpc-internal.guard.int.spec.js.map +1 -0
- package/dist/test/setup.d.ts +2 -0
- package/dist/test/setup.d.ts.map +1 -0
- package/dist/test/setup.js +2 -0
- package/dist/test/setup.js.map +1 -0
- package/dist/test/unit/current-user.decorator.unit.spec.d.ts +2 -0
- package/dist/test/unit/current-user.decorator.unit.spec.d.ts.map +1 -0
- package/dist/test/unit/current-user.decorator.unit.spec.js +41 -0
- package/dist/test/unit/current-user.decorator.unit.spec.js.map +1 -0
- package/dist/test/unit/grpc-internal.guard.unit.spec.d.ts +2 -0
- package/dist/test/unit/grpc-internal.guard.unit.spec.d.ts.map +1 -0
- package/dist/test/unit/grpc-internal.guard.unit.spec.js +56 -0
- package/dist/test/unit/grpc-internal.guard.unit.spec.js.map +1 -0
- package/dist/test/unit/grpc-internal.interceptor.unit.spec.d.ts +2 -0
- package/dist/test/unit/grpc-internal.interceptor.unit.spec.d.ts.map +1 -0
- package/dist/test/unit/grpc-internal.interceptor.unit.spec.js +42 -0
- package/dist/test/unit/grpc-internal.interceptor.unit.spec.js.map +1 -0
- package/dist/test/unit/jwt.service.unit.spec.d.ts +2 -0
- package/dist/test/unit/jwt.service.unit.spec.d.ts.map +1 -0
- package/dist/test/unit/jwt.service.unit.spec.js +192 -0
- package/dist/test/unit/jwt.service.unit.spec.js.map +1 -0
- package/dist/test/unit/roles.guard.unit.spec.d.ts +2 -0
- package/dist/test/unit/roles.guard.unit.spec.d.ts.map +1 -0
- package/dist/test/unit/roles.guard.unit.spec.js +48 -0
- package/dist/test/unit/roles.guard.unit.spec.js.map +1 -0
- package/package.json +13 -2
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.module.d.ts","sourceRoot":"","sources":["../src/auth.module.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAIpD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAGxD,qBAEa,UAAU;IACrB,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,UAAU,GAAG,aAAa;
|
|
1
|
+
{"version":3,"file":"auth.module.d.ts","sourceRoot":"","sources":["../src/auth.module.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAIpD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAGxD,qBAEa,UAAU;IACrB,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,UAAU,GAAG,aAAa;CAkBpD"}
|
package/dist/auth.module.js
CHANGED
|
@@ -18,7 +18,11 @@ let AuthModule = AuthModule_1 = class AuthModule {
|
|
|
18
18
|
provide: AUTH_OPTIONS,
|
|
19
19
|
useValue: options,
|
|
20
20
|
},
|
|
21
|
-
|
|
21
|
+
{
|
|
22
|
+
provide: JwtService,
|
|
23
|
+
useFactory: (opts) => new JwtService(opts),
|
|
24
|
+
inject: [AUTH_OPTIONS],
|
|
25
|
+
},
|
|
22
26
|
GrpcMetadataHelper,
|
|
23
27
|
],
|
|
24
28
|
exports: [JwtService, GrpcMetadataHelper],
|
package/dist/auth.module.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.module.js","sourceRoot":"","sources":["../src/auth.module.ts"],"names":[],"mappings":";;;;;;;AACA,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAEpD,OAAO,EAAE,kBAAkB,EAAE,MAAM,oCAAoC,CAAC;AAIjE,IAAM,UAAU,kBAAhB,MAAM,UAAU;IACrB,MAAM,CAAC,QAAQ,CAAC,OAAmB;QACjC,OAAO;YACL,MAAM,EAAE,YAAU;YAClB,SAAS,EAAE;gBACT;oBACE,OAAO,EAAE,YAAY;oBACrB,QAAQ,EAAE,OAAO;iBAClB;gBACD,UAAU;
|
|
1
|
+
{"version":3,"file":"auth.module.js","sourceRoot":"","sources":["../src/auth.module.ts"],"names":[],"mappings":";;;;;;;AACA,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAEpD,OAAO,EAAE,kBAAkB,EAAE,MAAM,oCAAoC,CAAC;AAIjE,IAAM,UAAU,kBAAhB,MAAM,UAAU;IACrB,MAAM,CAAC,QAAQ,CAAC,OAAmB;QACjC,OAAO;YACL,MAAM,EAAE,YAAU;YAClB,SAAS,EAAE;gBACT;oBACE,OAAO,EAAE,YAAY;oBACrB,QAAQ,EAAE,OAAO;iBAClB;gBACD;oBACE,OAAO,EAAE,UAAU;oBACnB,UAAU,EAAE,CAAC,IAAgB,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC;oBACtD,MAAM,EAAE,CAAC,YAAY,CAAC;iBACvB;gBACD,kBAAkB;aACnB;YACD,OAAO,EAAE,CAAC,UAAU,EAAE,kBAAkB,CAAC;SAC1C,CAAC;IACJ,CAAC;CACF,CAAA;AAnBY,UAAU;IAFtB,MAAM,EAAE;IACR,MAAM,CAAC,EAAE,CAAC;GACE,UAAU,CAmBtB"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"roles.decorator.d.ts","sourceRoot":"","sources":["../../src/decorators/roles.decorator.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,SAAS,UAAU,CAAC;AACjC,eAAO,MAAM,KAAK,aAAc,MAAM,EAAE,qDAAkC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"roles.decorator.js","sourceRoot":"","sources":["../../src/decorators/roles.decorator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAE7C,MAAM,CAAC,MAAM,SAAS,GAAG,OAAO,CAAC;AACjC,MAAM,CAAC,MAAM,KAAK,GAAG,CAAC,GAAG,KAAe,EAAE,EAAE,CAAC,WAAW,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import { UnauthorizedError, ForbiddenError, InternalServerError } from '@volontariapp/errors';
|
|
2
|
+
export declare const INVALID_INTERNAL_TOKEN: (details?: string) => UnauthorizedError;
|
|
3
|
+
export declare const MISSING_INTERNAL_TOKEN: () => UnauthorizedError;
|
|
4
|
+
export declare const INVALID_ACCESS_TOKEN: (details?: string) => UnauthorizedError;
|
|
5
|
+
export declare const MISSING_ACCESS_TOKEN: () => UnauthorizedError;
|
|
6
|
+
export declare const INVALID_REFRESH_TOKEN: (details?: string) => UnauthorizedError;
|
|
7
|
+
export declare const MISSING_REFRESH_TOKEN: () => UnauthorizedError;
|
|
8
|
+
export declare const INSUFFICIENT_PERMISSIONS: () => ForbiddenError;
|
|
9
|
+
export declare const MISSING_AUTHENTICATED_USER: () => ForbiddenError;
|
|
10
|
+
export declare const CONFIG_ERROR: (message: string) => InternalServerError;
|
|
11
|
+
export declare const INVALID_TOKEN_PAYLOAD: (type: string) => InternalServerError;
|
|
12
|
+
export declare const VERIFY_TOKEN_FAILED: (type: string, details: string) => InternalServerError;
|
|
13
|
+
//# sourceMappingURL=auth.errors.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.errors.d.ts","sourceRoot":"","sources":["../../src/errors/auth.errors.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAE9F,eAAO,MAAM,sBAAsB,aAAc,MAAM,sBAKpD,CAAC;AAEJ,eAAO,MAAM,sBAAsB,yBAAwD,CAAC;AAE5F,eAAO,MAAM,oBAAoB,aAAc,MAAM,sBAKlD,CAAC;AAEJ,eAAO,MAAM,oBAAoB,yBAAsD,CAAC;AAExF,eAAO,MAAM,qBAAqB,aAAc,MAAM,sBAKnD,CAAC;AAEJ,eAAO,MAAM,qBAAqB,yBAAuD,CAAC;AAE1F,eAAO,MAAM,wBAAwB,sBACsC,CAAC;AAE5E,eAAO,MAAM,0BAA0B,sBAC2B,CAAC;AAEnE,eAAO,MAAM,YAAY,YAAa,MAAM,wBACW,CAAC;AAExD,eAAO,MAAM,qBAAqB,SAAU,MAAM,wBAC4B,CAAC;AAE/E,eAAO,MAAM,mBAAmB,SAAU,MAAM,WAAW,MAAM,wBAC0B,CAAC"}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import { UnauthorizedError, ForbiddenError, InternalServerError } from '@volontariapp/errors';
|
|
2
|
+
export const INVALID_INTERNAL_TOKEN = (details) => new UnauthorizedError(details !== undefined && details !== ''
|
|
3
|
+
? `Invalid internal token: ${details}`
|
|
4
|
+
: 'Invalid internal token');
|
|
5
|
+
export const MISSING_INTERNAL_TOKEN = () => new UnauthorizedError('Missing internal token');
|
|
6
|
+
export const INVALID_ACCESS_TOKEN = (details) => new UnauthorizedError(details !== undefined && details !== ''
|
|
7
|
+
? `Invalid access token: ${details}`
|
|
8
|
+
: 'Invalid access token');
|
|
9
|
+
export const MISSING_ACCESS_TOKEN = () => new UnauthorizedError('Missing access token');
|
|
10
|
+
export const INVALID_REFRESH_TOKEN = (details) => new UnauthorizedError(details !== undefined && details !== ''
|
|
11
|
+
? `Invalid refresh token: ${details}`
|
|
12
|
+
: 'Invalid refresh token');
|
|
13
|
+
export const MISSING_REFRESH_TOKEN = () => new UnauthorizedError('Missing refresh token');
|
|
14
|
+
export const INSUFFICIENT_PERMISSIONS = () => new ForbiddenError('You do not have the required role for this resource');
|
|
15
|
+
export const MISSING_AUTHENTICATED_USER = () => new ForbiddenError('No authenticated user found for role check');
|
|
16
|
+
export const CONFIG_ERROR = (message) => new InternalServerError(message, 'AUTH_CONFIG_ERROR');
|
|
17
|
+
export const INVALID_TOKEN_PAYLOAD = (type) => new InternalServerError(`Invalid ${type} token payload`, 'AUTH_TOKEN_ERROR');
|
|
18
|
+
export const VERIFY_TOKEN_FAILED = (type, details) => new InternalServerError(`Failed to verify ${type} token: ${details}`, 'AUTH_TOKEN_ERROR');
|
|
19
|
+
//# sourceMappingURL=auth.errors.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.errors.js","sourceRoot":"","sources":["../../src/errors/auth.errors.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAE9F,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,OAAgB,EAAE,EAAE,CACzD,IAAI,iBAAiB,CACnB,OAAO,KAAK,SAAS,IAAI,OAAO,KAAK,EAAE;IACrC,CAAC,CAAC,2BAA2B,OAAO,EAAE;IACtC,CAAC,CAAC,wBAAwB,CAC7B,CAAC;AAEJ,MAAM,CAAC,MAAM,sBAAsB,GAAG,GAAG,EAAE,CAAC,IAAI,iBAAiB,CAAC,wBAAwB,CAAC,CAAC;AAE5F,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,OAAgB,EAAE,EAAE,CACvD,IAAI,iBAAiB,CACnB,OAAO,KAAK,SAAS,IAAI,OAAO,KAAK,EAAE;IACrC,CAAC,CAAC,yBAAyB,OAAO,EAAE;IACpC,CAAC,CAAC,sBAAsB,CAC3B,CAAC;AAEJ,MAAM,CAAC,MAAM,oBAAoB,GAAG,GAAG,EAAE,CAAC,IAAI,iBAAiB,CAAC,sBAAsB,CAAC,CAAC;AAExF,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,OAAgB,EAAE,EAAE,CACxD,IAAI,iBAAiB,CACnB,OAAO,KAAK,SAAS,IAAI,OAAO,KAAK,EAAE;IACrC,CAAC,CAAC,0BAA0B,OAAO,EAAE;IACrC,CAAC,CAAC,uBAAuB,CAC5B,CAAC;AAEJ,MAAM,CAAC,MAAM,qBAAqB,GAAG,GAAG,EAAE,CAAC,IAAI,iBAAiB,CAAC,uBAAuB,CAAC,CAAC;AAE1F,MAAM,CAAC,MAAM,wBAAwB,GAAG,GAAG,EAAE,CAC3C,IAAI,cAAc,CAAC,qDAAqD,CAAC,CAAC;AAE5E,MAAM,CAAC,MAAM,0BAA0B,GAAG,GAAG,EAAE,CAC7C,IAAI,cAAc,CAAC,4CAA4C,CAAC,CAAC;AAEnE,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,OAAe,EAAE,EAAE,CAC9C,IAAI,mBAAmB,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAC;AAExD,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,IAAY,EAAE,EAAE,CACpD,IAAI,mBAAmB,CAAC,WAAW,IAAI,gBAAgB,EAAE,kBAAkB,CAAC,CAAC;AAE/E,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,IAAY,EAAE,OAAe,EAAE,EAAE,CACnE,IAAI,mBAAmB,CAAC,oBAAoB,IAAI,WAAW,OAAO,EAAE,EAAE,kBAAkB,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/errors/index.ts"],"names":[],"mappings":"AAAA,cAAc,kBAAkB,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/errors/index.ts"],"names":[],"mappings":"AAAA,cAAc,kBAAkB,CAAC"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import type { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
2
|
+
import { JwtService } from '../services/jwt.service.js';
|
|
3
|
+
export declare class AccessTokenGuard implements CanActivate {
|
|
4
|
+
private readonly jwtService;
|
|
5
|
+
constructor(jwtService: JwtService);
|
|
6
|
+
canActivate(context: ExecutionContext): Promise<boolean>;
|
|
7
|
+
}
|
|
8
|
+
//# sourceMappingURL=access-token.guard.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"access-token.guard.d.ts","sourceRoot":"","sources":["../../src/guards/access-token.guard.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAEpE,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAGxD,qBACa,gBAAiB,YAAW,WAAW;IACtC,OAAO,CAAC,QAAQ,CAAC,UAAU;gBAAV,UAAU,EAAE,UAAU;IAE7C,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;CAgB/D"}
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
2
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
3
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
4
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
5
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
6
|
+
};
|
|
7
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
8
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
9
|
+
};
|
|
10
|
+
import { Injectable } from '@nestjs/common';
|
|
11
|
+
import { JwtService } from '../services/jwt.service.js';
|
|
12
|
+
import { MISSING_ACCESS_TOKEN, INVALID_ACCESS_TOKEN } from '../errors/auth.errors.js';
|
|
13
|
+
let AccessTokenGuard = class AccessTokenGuard {
|
|
14
|
+
jwtService;
|
|
15
|
+
constructor(jwtService) {
|
|
16
|
+
this.jwtService = jwtService;
|
|
17
|
+
}
|
|
18
|
+
async canActivate(context) {
|
|
19
|
+
const request = context.switchToHttp().getRequest();
|
|
20
|
+
const token = request['accessToken'];
|
|
21
|
+
if (typeof token !== 'string') {
|
|
22
|
+
throw MISSING_ACCESS_TOKEN();
|
|
23
|
+
}
|
|
24
|
+
try {
|
|
25
|
+
const user = await this.jwtService.verifyAccessToken(token);
|
|
26
|
+
request['user'] = user;
|
|
27
|
+
return true;
|
|
28
|
+
}
|
|
29
|
+
catch (error) {
|
|
30
|
+
throw INVALID_ACCESS_TOKEN(error instanceof Error ? error.message : undefined);
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
};
|
|
34
|
+
AccessTokenGuard = __decorate([
|
|
35
|
+
Injectable(),
|
|
36
|
+
__metadata("design:paramtypes", [JwtService])
|
|
37
|
+
], AccessTokenGuard);
|
|
38
|
+
export { AccessTokenGuard };
|
|
39
|
+
//# sourceMappingURL=access-token.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"access-token.guard.js","sourceRoot":"","sources":["../../src/guards/access-token.guard.ts"],"names":[],"mappings":";;;;;;;;;AACA,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAC5C,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AACxD,OAAO,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAG/E,IAAM,gBAAgB,GAAtB,MAAM,gBAAgB;IACE;IAA7B,YAA6B,UAAsB;QAAtB,eAAU,GAAV,UAAU,CAAY;IAAG,CAAC;IAEvD,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAA2B,CAAC;QAC7E,MAAM,KAAK,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;QAErC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,MAAM,oBAAoB,EAAE,CAAC;QAC/B,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;YAC5D,OAAO,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC;YACvB,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,oBAAoB,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QACjF,CAAC;IACH,CAAC;CACF,CAAA;AAnBY,gBAAgB;IAD5B,UAAU,EAAE;qCAE8B,UAAU;GADxC,gBAAgB,CAmB5B"}
|
|
@@ -1,8 +1,7 @@
|
|
|
1
1
|
import type { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
2
|
-
import
|
|
2
|
+
import { JwtService } from '../services/jwt.service.js';
|
|
3
3
|
export declare class GrpcInternalGuard implements CanActivate {
|
|
4
4
|
private readonly jwtService;
|
|
5
|
-
private readonly logger;
|
|
6
5
|
constructor(jwtService: JwtService);
|
|
7
6
|
canActivate(context: ExecutionContext): Promise<boolean>;
|
|
8
7
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"grpc-internal.guard.d.ts","sourceRoot":"","sources":["../../src/guards/grpc-internal.guard.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"grpc-internal.guard.d.ts","sourceRoot":"","sources":["../../src/guards/grpc-internal.guard.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAEpE,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAKxD,qBACa,iBAAkB,YAAW,WAAW;IACvC,OAAO,CAAC,QAAQ,CAAC,UAAU;gBAAV,UAAU,EAAE,UAAU;IAE7C,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;CAiB/D"}
|
|
@@ -7,44 +7,35 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
|
|
|
7
7
|
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
8
8
|
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
9
9
|
};
|
|
10
|
-
|
|
11
|
-
import {
|
|
12
|
-
import { UnauthorizedError } from '@volontariapp/errors';
|
|
10
|
+
import { Injectable } from '@nestjs/common';
|
|
11
|
+
import { JwtService } from '../services/jwt.service.js';
|
|
13
12
|
import { INTERNAL_TOKEN_METADATA_KEY } from '../constants/index.js';
|
|
14
|
-
|
|
13
|
+
import { MISSING_INTERNAL_TOKEN, INVALID_INTERNAL_TOKEN } from '../errors/auth.errors.js';
|
|
14
|
+
let GrpcInternalGuard = class GrpcInternalGuard {
|
|
15
15
|
jwtService;
|
|
16
|
-
logger = new Logger(GrpcInternalGuard_1.name);
|
|
17
16
|
constructor(jwtService) {
|
|
18
17
|
this.jwtService = jwtService;
|
|
19
18
|
}
|
|
20
19
|
async canActivate(context) {
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
}
|
|
24
|
-
const rpcArgumentsHost = context.switchToRpc();
|
|
25
|
-
const metadata = rpcArgumentsHost.getContext();
|
|
26
|
-
const tokens = metadata.get(INTERNAL_TOKEN_METADATA_KEY);
|
|
27
|
-
if (tokens.length === 0) {
|
|
28
|
-
this.logger.warn(`Missing ${INTERNAL_TOKEN_METADATA_KEY} in metadata`);
|
|
29
|
-
throw new UnauthorizedError('Missing internal token');
|
|
30
|
-
}
|
|
20
|
+
const rpcContext = context.switchToRpc().getContext();
|
|
21
|
+
const tokens = rpcContext.get(INTERNAL_TOKEN_METADATA_KEY);
|
|
31
22
|
const token = tokens[0];
|
|
23
|
+
if (typeof token !== 'string') {
|
|
24
|
+
throw MISSING_INTERNAL_TOKEN();
|
|
25
|
+
}
|
|
32
26
|
try {
|
|
33
27
|
const user = await this.jwtService.verifyInternal(token);
|
|
34
|
-
|
|
35
|
-
rpcContext.user = user;
|
|
28
|
+
rpcContext['user'] = user;
|
|
36
29
|
return true;
|
|
37
30
|
}
|
|
38
31
|
catch (error) {
|
|
39
|
-
|
|
40
|
-
this.logger.error(`Invalid internal token: ${message}`);
|
|
41
|
-
throw new UnauthorizedError('Invalid internal token');
|
|
32
|
+
throw INVALID_INTERNAL_TOKEN(error instanceof Error ? error.message : undefined);
|
|
42
33
|
}
|
|
43
34
|
}
|
|
44
35
|
};
|
|
45
|
-
GrpcInternalGuard =
|
|
36
|
+
GrpcInternalGuard = __decorate([
|
|
46
37
|
Injectable(),
|
|
47
|
-
__metadata("design:paramtypes", [
|
|
38
|
+
__metadata("design:paramtypes", [JwtService])
|
|
48
39
|
], GrpcInternalGuard);
|
|
49
40
|
export { GrpcInternalGuard };
|
|
50
41
|
//# sourceMappingURL=grpc-internal.guard.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"grpc-internal.guard.js","sourceRoot":"","sources":["../../src/guards/grpc-internal.guard.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"grpc-internal.guard.js","sourceRoot":"","sources":["../../src/guards/grpc-internal.guard.ts"],"names":[],"mappings":";;;;;;;;;AACA,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAC5C,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AACxD,OAAO,EAAE,2BAA2B,EAAE,MAAM,uBAAuB,CAAC;AACpE,OAAO,EAAE,sBAAsB,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAInF,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IACC;IAA7B,YAA6B,UAAsB;QAAtB,eAAU,GAAV,UAAU,CAAY;IAAG,CAAC;IAEvD,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,MAAM,UAAU,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC,UAAU,EAAY,CAAC;QAChE,MAAM,MAAM,GAAG,UAAU,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;QAC3D,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QAExB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,MAAM,sBAAsB,EAAE,CAAC;QACjC,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;YACxD,UAAiD,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC;YAClE,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,sBAAsB,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QACnF,CAAC;IACH,CAAC;CACF,CAAA;AApBY,iBAAiB;IAD7B,UAAU,EAAE;qCAE8B,UAAU;GADxC,iBAAiB,CAoB7B"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import type { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
2
|
+
import { JwtService } from '../services/jwt.service.js';
|
|
3
|
+
export declare class RefreshTokenGuard implements CanActivate {
|
|
4
|
+
private readonly jwtService;
|
|
5
|
+
constructor(jwtService: JwtService);
|
|
6
|
+
canActivate(context: ExecutionContext): Promise<boolean>;
|
|
7
|
+
}
|
|
8
|
+
//# sourceMappingURL=refresh-token.guard.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"refresh-token.guard.d.ts","sourceRoot":"","sources":["../../src/guards/refresh-token.guard.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAEpE,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAGxD,qBACa,iBAAkB,YAAW,WAAW;IACvC,OAAO,CAAC,QAAQ,CAAC,UAAU;gBAAV,UAAU,EAAE,UAAU;IAE7C,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;CAgB/D"}
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
2
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
3
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
4
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
5
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
6
|
+
};
|
|
7
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
8
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
9
|
+
};
|
|
10
|
+
import { Injectable } from '@nestjs/common';
|
|
11
|
+
import { JwtService } from '../services/jwt.service.js';
|
|
12
|
+
import { MISSING_REFRESH_TOKEN, INVALID_REFRESH_TOKEN } from '../errors/auth.errors.js';
|
|
13
|
+
let RefreshTokenGuard = class RefreshTokenGuard {
|
|
14
|
+
jwtService;
|
|
15
|
+
constructor(jwtService) {
|
|
16
|
+
this.jwtService = jwtService;
|
|
17
|
+
}
|
|
18
|
+
async canActivate(context) {
|
|
19
|
+
const request = context.switchToHttp().getRequest();
|
|
20
|
+
const token = request['refreshToken'];
|
|
21
|
+
if (typeof token !== 'string') {
|
|
22
|
+
throw MISSING_REFRESH_TOKEN();
|
|
23
|
+
}
|
|
24
|
+
try {
|
|
25
|
+
const user = await this.jwtService.verifyRefreshToken(token);
|
|
26
|
+
request['user'] = user;
|
|
27
|
+
return true;
|
|
28
|
+
}
|
|
29
|
+
catch (error) {
|
|
30
|
+
throw INVALID_REFRESH_TOKEN(error instanceof Error ? error.message : undefined);
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
};
|
|
34
|
+
RefreshTokenGuard = __decorate([
|
|
35
|
+
Injectable(),
|
|
36
|
+
__metadata("design:paramtypes", [JwtService])
|
|
37
|
+
], RefreshTokenGuard);
|
|
38
|
+
export { RefreshTokenGuard };
|
|
39
|
+
//# sourceMappingURL=refresh-token.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"refresh-token.guard.js","sourceRoot":"","sources":["../../src/guards/refresh-token.guard.ts"],"names":[],"mappings":";;;;;;;;;AACA,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAC5C,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AACxD,OAAO,EAAE,qBAAqB,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AAGjF,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IACC;IAA7B,YAA6B,UAAsB;QAAtB,eAAU,GAAV,UAAU,CAAY;IAAG,CAAC;IAEvD,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAA2B,CAAC;QAC7E,MAAM,KAAK,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;QAEtC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,MAAM,qBAAqB,EAAE,CAAC;QAChC,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAC7D,OAAO,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC;YACvB,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,qBAAqB,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QAClF,CAAC;IACH,CAAC;CACF,CAAA;AAnBY,iBAAiB;IAD7B,UAAU,EAAE;qCAE8B,UAAU;GADxC,iBAAiB,CAmB7B"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import type { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
2
|
+
import { Reflector } from '@nestjs/core';
|
|
3
|
+
export declare class RolesGuard implements CanActivate {
|
|
4
|
+
private readonly reflector;
|
|
5
|
+
constructor(reflector: Reflector);
|
|
6
|
+
canActivate(context: ExecutionContext): boolean;
|
|
7
|
+
}
|
|
8
|
+
//# sourceMappingURL=roles.guard.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"roles.guard.d.ts","sourceRoot":"","sources":["../../src/guards/roles.guard.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAEpE,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAKzC,qBACa,UAAW,YAAW,WAAW;IAChC,OAAO,CAAC,QAAQ,CAAC,SAAS;gBAAT,SAAS,EAAE,SAAS;IAEjD,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO;CAsBhD"}
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
2
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
3
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
4
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
5
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
6
|
+
};
|
|
7
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
8
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
9
|
+
};
|
|
10
|
+
import { Injectable } from '@nestjs/common';
|
|
11
|
+
import { Reflector } from '@nestjs/core';
|
|
12
|
+
import { ROLES_KEY } from '../decorators/roles.decorator.js';
|
|
13
|
+
import { INSUFFICIENT_PERMISSIONS, MISSING_AUTHENTICATED_USER } from '../errors/auth.errors.js';
|
|
14
|
+
let RolesGuard = class RolesGuard {
|
|
15
|
+
reflector;
|
|
16
|
+
constructor(reflector) {
|
|
17
|
+
this.reflector = reflector;
|
|
18
|
+
}
|
|
19
|
+
canActivate(context) {
|
|
20
|
+
const requiredRoles = this.reflector.getAllAndOverride(ROLES_KEY, [
|
|
21
|
+
context.getHandler(),
|
|
22
|
+
context.getClass(),
|
|
23
|
+
]);
|
|
24
|
+
if (requiredRoles.length === 0) {
|
|
25
|
+
return true;
|
|
26
|
+
}
|
|
27
|
+
const { user } = context.switchToHttp().getRequest();
|
|
28
|
+
if (!user) {
|
|
29
|
+
throw MISSING_AUTHENTICATED_USER();
|
|
30
|
+
}
|
|
31
|
+
if (!requiredRoles.includes(user.role)) {
|
|
32
|
+
throw INSUFFICIENT_PERMISSIONS();
|
|
33
|
+
}
|
|
34
|
+
return true;
|
|
35
|
+
}
|
|
36
|
+
};
|
|
37
|
+
RolesGuard = __decorate([
|
|
38
|
+
Injectable(),
|
|
39
|
+
__metadata("design:paramtypes", [Reflector])
|
|
40
|
+
], RolesGuard);
|
|
41
|
+
export { RolesGuard };
|
|
42
|
+
//# sourceMappingURL=roles.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"roles.guard.js","sourceRoot":"","sources":["../../src/guards/roles.guard.ts"],"names":[],"mappings":";;;;;;;;;AACA,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,SAAS,EAAE,MAAM,kCAAkC,CAAC;AAC7D,OAAO,EAAE,wBAAwB,EAAE,0BAA0B,EAAE,MAAM,0BAA0B,CAAC;AAIzF,IAAM,UAAU,GAAhB,MAAM,UAAU;IACQ;IAA7B,YAA6B,SAAoB;QAApB,cAAS,GAAT,SAAS,CAAW;IAAG,CAAC;IAErD,WAAW,CAAC,OAAyB;QACnC,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAW,SAAS,EAAE;YAC1E,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC/B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAuB,CAAC;QAE1E,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,0BAA0B,EAAE,CAAC;QACrC,CAAC;QAED,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACvC,MAAM,wBAAwB,EAAE,CAAC;QACnC,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AAzBY,UAAU;IADtB,UAAU,EAAE;qCAE6B,SAAS;GADtC,UAAU,CAyBtB"}
|
package/dist/index.d.ts
CHANGED
|
@@ -1,10 +1,17 @@
|
|
|
1
1
|
import 'reflect-metadata';
|
|
2
2
|
export * from './constants/index.js';
|
|
3
3
|
export * from './interfaces/index.js';
|
|
4
|
+
export * from './errors/index.js';
|
|
4
5
|
export * from './services/jwt.service.js';
|
|
5
6
|
export * from './services/grpc-metadata.helper.js';
|
|
6
7
|
export * from './auth.module.js';
|
|
7
8
|
export * from './guards/grpc-internal.guard.js';
|
|
9
|
+
export * from './guards/access-token.guard.js';
|
|
10
|
+
export * from './guards/refresh-token.guard.js';
|
|
11
|
+
export * from './guards/roles.guard.js';
|
|
12
|
+
export * from './middlewares/access-token.middleware.js';
|
|
13
|
+
export * from './middlewares/refresh-token.middleware.js';
|
|
8
14
|
export * from './decorators/current-user.decorator.js';
|
|
15
|
+
export * from './decorators/roles.decorator.js';
|
|
9
16
|
export * from './interceptors/grpc-internal.interceptor.js';
|
|
10
17
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,kBAAkB,CAAC;AAE1B,cAAc,sBAAsB,CAAC;AACrC,cAAc,uBAAuB,CAAC;AACtC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,oCAAoC,CAAC;AACnD,cAAc,kBAAkB,CAAC;AACjC,cAAc,iCAAiC,CAAC;AAChD,cAAc,wCAAwC,CAAC;AACvD,cAAc,6CAA6C,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,kBAAkB,CAAC;AAE1B,cAAc,sBAAsB,CAAC;AACrC,cAAc,uBAAuB,CAAC;AACtC,cAAc,mBAAmB,CAAC;AAClC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,oCAAoC,CAAC;AACnD,cAAc,kBAAkB,CAAC;AACjC,cAAc,iCAAiC,CAAC;AAChD,cAAc,gCAAgC,CAAC;AAC/C,cAAc,iCAAiC,CAAC;AAChD,cAAc,yBAAyB,CAAC;AACxC,cAAc,0CAA0C,CAAC;AACzD,cAAc,2CAA2C,CAAC;AAC1D,cAAc,wCAAwC,CAAC;AACvD,cAAc,iCAAiC,CAAC;AAChD,cAAc,6CAA6C,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -1,10 +1,17 @@
|
|
|
1
1
|
import 'reflect-metadata';
|
|
2
2
|
export * from './constants/index.js';
|
|
3
3
|
export * from './interfaces/index.js';
|
|
4
|
+
export * from './errors/index.js';
|
|
4
5
|
export * from './services/jwt.service.js';
|
|
5
6
|
export * from './services/grpc-metadata.helper.js';
|
|
6
7
|
export * from './auth.module.js';
|
|
7
8
|
export * from './guards/grpc-internal.guard.js';
|
|
9
|
+
export * from './guards/access-token.guard.js';
|
|
10
|
+
export * from './guards/refresh-token.guard.js';
|
|
11
|
+
export * from './guards/roles.guard.js';
|
|
12
|
+
export * from './middlewares/access-token.middleware.js';
|
|
13
|
+
export * from './middlewares/refresh-token.middleware.js';
|
|
8
14
|
export * from './decorators/current-user.decorator.js';
|
|
15
|
+
export * from './decorators/roles.decorator.js';
|
|
9
16
|
export * from './interceptors/grpc-internal.interceptor.js';
|
|
10
17
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,kBAAkB,CAAC;AAE1B,cAAc,sBAAsB,CAAC;AACrC,cAAc,uBAAuB,CAAC;AACtC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,oCAAoC,CAAC;AACnD,cAAc,kBAAkB,CAAC;AACjC,cAAc,iCAAiC,CAAC;AAChD,cAAc,wCAAwC,CAAC;AACvD,cAAc,6CAA6C,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,kBAAkB,CAAC;AAE1B,cAAc,sBAAsB,CAAC;AACrC,cAAc,uBAAuB,CAAC;AACtC,cAAc,mBAAmB,CAAC;AAClC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,oCAAoC,CAAC;AACnD,cAAc,kBAAkB,CAAC;AACjC,cAAc,iCAAiC,CAAC;AAChD,cAAc,gCAAgC,CAAC;AAC/C,cAAc,iCAAiC,CAAC;AAChD,cAAc,yBAAyB,CAAC;AACxC,cAAc,0CAA0C,CAAC;AACzD,cAAc,2CAA2C,CAAC;AAC1D,cAAc,wCAAwC,CAAC;AACvD,cAAc,iCAAiC,CAAC;AAChD,cAAc,6CAA6C,CAAC"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import type { CallHandler, ExecutionContext, NestInterceptor } from '@nestjs/common';
|
|
2
2
|
import type { Observable } from 'rxjs';
|
|
3
|
-
import
|
|
3
|
+
import { JwtService } from '../services/jwt.service.js';
|
|
4
4
|
export declare class GrpcInternalInterceptor implements NestInterceptor {
|
|
5
5
|
private readonly jwtService;
|
|
6
6
|
constructor(jwtService: JwtService);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"grpc-internal.interceptor.d.ts","sourceRoot":"","sources":["../../src/interceptors/grpc-internal.interceptor.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAErF,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAGvC,OAAO,
|
|
1
|
+
{"version":3,"file":"grpc-internal.interceptor.d.ts","sourceRoot":"","sources":["../../src/interceptors/grpc-internal.interceptor.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAErF,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAGvC,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAGxD,qBACa,uBAAwB,YAAW,eAAe;IACjD,OAAO,CAAC,QAAQ,CAAC,UAAU;gBAAV,UAAU,EAAE,UAAU;IAEnD,SAAS,CAAC,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,WAAW,GAAG,UAAU,CAAC,OAAO,CAAC;CAgB7E"}
|
|
@@ -10,6 +10,7 @@ var __metadata = (this && this.__metadata) || function (k, v) {
|
|
|
10
10
|
import { Injectable } from '@nestjs/common';
|
|
11
11
|
import { from } from 'rxjs';
|
|
12
12
|
import { switchMap } from 'rxjs/operators';
|
|
13
|
+
import { JwtService } from '../services/jwt.service.js';
|
|
13
14
|
let GrpcInternalInterceptor = class GrpcInternalInterceptor {
|
|
14
15
|
jwtService;
|
|
15
16
|
constructor(jwtService) {
|
|
@@ -21,14 +22,16 @@ let GrpcInternalInterceptor = class GrpcInternalInterceptor {
|
|
|
21
22
|
if (!user) {
|
|
22
23
|
return next.handle();
|
|
23
24
|
}
|
|
24
|
-
return from(this.jwtService.signInternal(user)).pipe(switchMap((
|
|
25
|
+
return from(this.jwtService.signInternal(user)).pipe(switchMap((token) => {
|
|
26
|
+
const req = httpRequest;
|
|
27
|
+
req['internalToken'] = token;
|
|
25
28
|
return next.handle();
|
|
26
29
|
}));
|
|
27
30
|
}
|
|
28
31
|
};
|
|
29
32
|
GrpcInternalInterceptor = __decorate([
|
|
30
33
|
Injectable(),
|
|
31
|
-
__metadata("design:paramtypes", [
|
|
34
|
+
__metadata("design:paramtypes", [JwtService])
|
|
32
35
|
], GrpcInternalInterceptor);
|
|
33
36
|
export { GrpcInternalInterceptor };
|
|
34
37
|
//# sourceMappingURL=grpc-internal.interceptor.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"grpc-internal.interceptor.js","sourceRoot":"","sources":["../../src/interceptors/grpc-internal.interceptor.ts"],"names":[],"mappings":";;;;;;;;;AACA,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAE5C,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"grpc-internal.interceptor.js","sourceRoot":"","sources":["../../src/interceptors/grpc-internal.interceptor.ts"],"names":[],"mappings":";;;;;;;;;AACA,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAE5C,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAIjD,IAAM,uBAAuB,GAA7B,MAAM,uBAAuB;IACL;IAA7B,YAA6B,UAAsB;QAAtB,eAAU,GAAV,UAAU,CAAY;IAAG,CAAC;IAEvD,SAAS,CAAC,OAAyB,EAAE,IAAiB;QACpD,MAAM,WAAW,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAuB,CAAC;QAC7E,MAAM,IAAI,GAAG,WAAW,CAAC,IAAI,CAAC;QAE9B,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;QACvB,CAAC;QAED,OAAO,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAClD,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE;YAClB,MAAM,GAAG,GAAG,WAAiD,CAAC;YAC9D,GAAG,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC;YAC7B,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;QACvB,CAAC,CAAC,CACH,CAAC;IACJ,CAAC;CACF,CAAA;AAnBY,uBAAuB;IADnC,UAAU,EAAE;qCAE8B,UAAU;GADxC,uBAAuB,CAmBnC"}
|
|
@@ -1,7 +1,12 @@
|
|
|
1
1
|
export interface AuthConfig {
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
2
|
+
internalPrivateKeyPath?: string;
|
|
3
|
+
internalPublicKeyPath?: string;
|
|
4
|
+
accessTokenPrivateKeyPath?: string;
|
|
5
|
+
accessTokenPublicKeyPath?: string;
|
|
6
|
+
refreshTokenPrivateKeyPath?: string;
|
|
7
|
+
refreshTokenPublicKeyPath?: string;
|
|
8
|
+
readonly internalExpiresIn?: string | number;
|
|
9
|
+
readonly accessTokenExpiresIn?: string | number;
|
|
10
|
+
readonly refreshTokenExpiresIn?: string | number;
|
|
6
11
|
}
|
|
7
12
|
//# sourceMappingURL=auth-config.interface.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-config.interface.d.ts","sourceRoot":"","sources":["../../src/interfaces/auth-config.interface.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,UAAU;IACzB,
|
|
1
|
+
{"version":3,"file":"auth-config.interface.d.ts","sourceRoot":"","sources":["../../src/interfaces/auth-config.interface.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,UAAU;IACzB,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,yBAAyB,CAAC,EAAE,MAAM,CAAC;IACnC,wBAAwB,CAAC,EAAE,MAAM,CAAC;IAClC,0BAA0B,CAAC,EAAE,MAAM,CAAC;IACpC,yBAAyB,CAAC,EAAE,MAAM,CAAC;IACnC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAC7C,QAAQ,CAAC,oBAAoB,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAChD,QAAQ,CAAC,qBAAqB,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;CAClD"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-user.interface.d.ts","sourceRoot":"","sources":["../../src/interfaces/auth-user.interface.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"auth-user.interface.d.ts","sourceRoot":"","sources":["../../src/interfaces/auth-user.interface.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"access-token.middleware.d.ts","sourceRoot":"","sources":["../../src/middlewares/access-token.middleware.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAGrD,qBACa,qBAAsB,YAAW,cAAc;IAC1D,GAAG,CAAC,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,GAAG,IAAI;CAuBtD"}
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
2
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
3
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
4
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
5
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
6
|
+
};
|
|
7
|
+
import { Injectable } from '@nestjs/common';
|
|
8
|
+
let AccessTokenMiddleware = class AccessTokenMiddleware {
|
|
9
|
+
use(req, _res, next) {
|
|
10
|
+
const request = req;
|
|
11
|
+
const nextFn = next;
|
|
12
|
+
const headers = (request['headers'] ?? {});
|
|
13
|
+
const authHeader = headers['authorization'];
|
|
14
|
+
let token;
|
|
15
|
+
if (typeof authHeader === 'string' && authHeader.startsWith('Bearer ')) {
|
|
16
|
+
token = authHeader.split(' ')[1];
|
|
17
|
+
}
|
|
18
|
+
else if (request['cookies'] !== undefined &&
|
|
19
|
+
typeof request['cookies'] === 'object' &&
|
|
20
|
+
request['cookies'] !== null) {
|
|
21
|
+
const cookies = request['cookies'];
|
|
22
|
+
token = cookies['accessToken'] ?? cookies['access_token'];
|
|
23
|
+
}
|
|
24
|
+
if (typeof token === 'string' && token !== '') {
|
|
25
|
+
request['accessToken'] = token;
|
|
26
|
+
}
|
|
27
|
+
nextFn();
|
|
28
|
+
}
|
|
29
|
+
};
|
|
30
|
+
AccessTokenMiddleware = __decorate([
|
|
31
|
+
Injectable()
|
|
32
|
+
], AccessTokenMiddleware);
|
|
33
|
+
export { AccessTokenMiddleware };
|
|
34
|
+
//# sourceMappingURL=access-token.middleware.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"access-token.middleware.js","sourceRoot":"","sources":["../../src/middlewares/access-token.middleware.ts"],"names":[],"mappings":";;;;;;AACA,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAGrC,IAAM,qBAAqB,GAA3B,MAAM,qBAAqB;IAChC,GAAG,CAAC,GAAY,EAAE,IAAa,EAAE,IAAa;QAC5C,MAAM,OAAO,GAAG,GAA8B,CAAC;QAC/C,MAAM,MAAM,GAAG,IAAkB,CAAC;QAClC,MAAM,OAAO,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,EAAE,CAA4B,CAAC;QACtE,MAAM,UAAU,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;QAC5C,IAAI,KAAyB,CAAC;QAE9B,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YACvE,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACnC,CAAC;aAAM,IACL,OAAO,CAAC,SAAS,CAAC,KAAK,SAAS;YAChC,OAAO,OAAO,CAAC,SAAS,CAAC,KAAK,QAAQ;YACtC,OAAO,CAAC,SAAS,CAAC,KAAK,IAAI,EAC3B,CAAC;YACD,MAAM,OAAO,GAAG,OAAO,CAAC,SAAS,CAAuC,CAAC;YACzE,KAAK,GAAG,OAAO,CAAC,aAAa,CAAC,IAAI,OAAO,CAAC,cAAc,CAAC,CAAC;QAC5D,CAAC;QAED,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,EAAE,EAAE,CAAC;YAC9C,OAAO,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC;QACjC,CAAC;QACD,MAAM,EAAE,CAAC;IACX,CAAC;CACF,CAAA;AAxBY,qBAAqB;IADjC,UAAU,EAAE;GACA,qBAAqB,CAwBjC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"refresh-token.middleware.d.ts","sourceRoot":"","sources":["../../src/middlewares/refresh-token.middleware.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAGrD,qBACa,sBAAuB,YAAW,cAAc;IAC3D,GAAG,CAAC,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,GAAG,IAAI;CAmBtD"}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
2
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
3
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
4
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
5
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
6
|
+
};
|
|
7
|
+
import { Injectable } from '@nestjs/common';
|
|
8
|
+
let RefreshTokenMiddleware = class RefreshTokenMiddleware {
|
|
9
|
+
use(req, _res, next) {
|
|
10
|
+
const request = req;
|
|
11
|
+
const nextFn = next;
|
|
12
|
+
let token;
|
|
13
|
+
if (request['cookies'] !== undefined &&
|
|
14
|
+
typeof request['cookies'] === 'object' &&
|
|
15
|
+
request['cookies'] !== null) {
|
|
16
|
+
const cookies = request['cookies'];
|
|
17
|
+
token = cookies['refreshToken'] ?? cookies['refresh_token'];
|
|
18
|
+
}
|
|
19
|
+
if (typeof token === 'string' && token !== '') {
|
|
20
|
+
request['refreshToken'] = token;
|
|
21
|
+
}
|
|
22
|
+
nextFn();
|
|
23
|
+
}
|
|
24
|
+
};
|
|
25
|
+
RefreshTokenMiddleware = __decorate([
|
|
26
|
+
Injectable()
|
|
27
|
+
], RefreshTokenMiddleware);
|
|
28
|
+
export { RefreshTokenMiddleware };
|
|
29
|
+
//# sourceMappingURL=refresh-token.middleware.js.map
|