@vynelix/nestjs-multi-auth 0.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +760 -0
- package/bin/cli.js +152 -0
- package/dist/auth/auth-type.enum.d.ts +22 -0
- package/dist/auth/auth-type.enum.js +32 -0
- package/dist/auth/auth-type.enum.js.map +1 -0
- package/dist/auth/auth.controller.d.ts +70 -0
- package/dist/auth/auth.controller.js +434 -0
- package/dist/auth/auth.controller.js.map +1 -0
- package/dist/auth/auth.module.d.ts +9 -0
- package/dist/auth/auth.module.js +193 -0
- package/dist/auth/auth.module.js.map +1 -0
- package/dist/auth/auth.service.d.ts +180 -0
- package/dist/auth/auth.service.js +695 -0
- package/dist/auth/auth.service.js.map +1 -0
- package/dist/auth/core/auth-mapper.d.ts +6 -0
- package/dist/auth/core/auth-mapper.js +17 -0
- package/dist/auth/core/auth-mapper.js.map +1 -0
- package/dist/auth/core/jwt.strategy.d.ts +13 -0
- package/dist/auth/core/jwt.strategy.js +59 -0
- package/dist/auth/core/jwt.strategy.js.map +1 -0
- package/dist/auth/core/registration.d.ts +3 -0
- package/dist/auth/core/registration.js +60 -0
- package/dist/auth/core/registration.js.map +1 -0
- package/dist/auth/current-user-interface.d.ts +4 -0
- package/dist/auth/current-user-interface.js +4 -0
- package/dist/auth/current-user-interface.js.map +1 -0
- package/dist/auth/current-user.decorator.d.ts +2 -0
- package/dist/auth/current-user.decorator.js +16 -0
- package/dist/auth/current-user.decorator.js.map +1 -0
- package/dist/auth/decorator/current-user.decorator.d.ts +2 -0
- package/dist/auth/decorator/current-user.decorator.js +13 -0
- package/dist/auth/decorator/current-user.decorator.js.map +1 -0
- package/dist/auth/decorator/email-or-phone.decorator.d.ts +2 -0
- package/dist/auth/decorator/email-or-phone.decorator.js +26 -0
- package/dist/auth/decorator/email-or-phone.decorator.js.map +1 -0
- package/dist/auth/decorator/optional.decorator.d.ts +2 -0
- package/dist/auth/decorator/optional.decorator.js +9 -0
- package/dist/auth/decorator/optional.decorator.js.map +1 -0
- package/dist/auth/decorator/public.decorator.d.ts +2 -0
- package/dist/auth/decorator/public.decorator.js +9 -0
- package/dist/auth/decorator/public.decorator.js.map +1 -0
- package/dist/auth/dto/auth-response.dto.d.ts +17 -0
- package/dist/auth/dto/auth-response.dto.js +83 -0
- package/dist/auth/dto/auth-response.dto.js.map +1 -0
- package/dist/auth/dto/identifier-response.dto.d.ts +8 -0
- package/dist/auth/dto/identifier-response.dto.js +46 -0
- package/dist/auth/dto/identifier-response.dto.js.map +1 -0
- package/dist/auth/dto/login.dto.d.ts +11 -0
- package/dist/auth/dto/login.dto.js +68 -0
- package/dist/auth/dto/login.dto.js.map +1 -0
- package/dist/auth/dto/mfa.dto.d.ts +8 -0
- package/dist/auth/dto/mfa.dto.js +51 -0
- package/dist/auth/dto/mfa.dto.js.map +1 -0
- package/dist/auth/dto/oauth-provider-response.dto.d.ts +5 -0
- package/dist/auth/dto/oauth-provider-response.dto.js +30 -0
- package/dist/auth/dto/oauth-provider-response.dto.js.map +1 -0
- package/dist/auth/dto/refresh-token.dto.d.ts +3 -0
- package/dist/auth/dto/refresh-token.dto.js +28 -0
- package/dist/auth/dto/refresh-token.dto.js.map +1 -0
- package/dist/auth/dto/requests/forgot-password.dto.d.ts +5 -0
- package/dist/auth/dto/requests/forgot-password.dto.js +36 -0
- package/dist/auth/dto/requests/forgot-password.dto.js.map +1 -0
- package/dist/auth/dto/requests/login.dto.d.ts +11 -0
- package/dist/auth/dto/requests/login.dto.js +68 -0
- package/dist/auth/dto/requests/login.dto.js.map +1 -0
- package/dist/auth/dto/requests/magic-link.dto.d.ts +6 -0
- package/dist/auth/dto/requests/magic-link.dto.js +33 -0
- package/dist/auth/dto/requests/magic-link.dto.js.map +1 -0
- package/dist/auth/dto/requests/mfa.dto.d.ts +8 -0
- package/dist/auth/dto/requests/mfa.dto.js +51 -0
- package/dist/auth/dto/requests/mfa.dto.js.map +1 -0
- package/dist/auth/dto/requests/refresh-token.dto.d.ts +3 -0
- package/dist/auth/dto/requests/refresh-token.dto.js +29 -0
- package/dist/auth/dto/requests/refresh-token.dto.js.map +1 -0
- package/dist/auth/dto/requests/reset-password.dto.d.ts +5 -0
- package/dist/auth/dto/requests/reset-password.dto.js +36 -0
- package/dist/auth/dto/requests/reset-password.dto.js.map +1 -0
- package/dist/auth/dto/requests/secure-account.dto.d.ts +3 -0
- package/dist/auth/dto/requests/secure-account.dto.js +24 -0
- package/dist/auth/dto/requests/secure-account.dto.js.map +1 -0
- package/dist/auth/dto/requests/signup.dto.d.ts +13 -0
- package/dist/auth/dto/requests/signup.dto.js +70 -0
- package/dist/auth/dto/requests/signup.dto.js.map +1 -0
- package/dist/auth/dto/requests/update-password.dto.d.ts +4 -0
- package/dist/auth/dto/requests/update-password.dto.js +30 -0
- package/dist/auth/dto/requests/update-password.dto.js.map +1 -0
- package/dist/auth/dto/requests/verify.dto.d.ts +7 -0
- package/dist/auth/dto/requests/verify.dto.js +48 -0
- package/dist/auth/dto/requests/verify.dto.js.map +1 -0
- package/dist/auth/dto/responses/auth-response.dto.d.ts +17 -0
- package/dist/auth/dto/responses/auth-response.dto.js +83 -0
- package/dist/auth/dto/responses/auth-response.dto.js.map +1 -0
- package/dist/auth/dto/responses/identifier-response.dto.d.ts +10 -0
- package/dist/auth/dto/responses/identifier-response.dto.js +56 -0
- package/dist/auth/dto/responses/identifier-response.dto.js.map +1 -0
- package/dist/auth/dto/responses/oauth-provider-response.dto.d.ts +10 -0
- package/dist/auth/dto/responses/oauth-provider-response.dto.js +55 -0
- package/dist/auth/dto/responses/oauth-provider-response.dto.js.map +1 -0
- package/dist/auth/dto/signup.dto.d.ts +13 -0
- package/dist/auth/dto/signup.dto.js +70 -0
- package/dist/auth/dto/signup.dto.js.map +1 -0
- package/dist/auth/dto/verify.dto.d.ts +7 -0
- package/dist/auth/dto/verify.dto.js +48 -0
- package/dist/auth/dto/verify.dto.js.map +1 -0
- package/dist/auth/entities/auth-identify.entity.d.ts +33 -0
- package/dist/auth/entities/auth-identify.entity.js +73 -0
- package/dist/auth/entities/auth-identify.entity.js.map +1 -0
- package/dist/auth/entities/auth.entity.d.ts +45 -0
- package/dist/auth/entities/auth.entity.js +129 -0
- package/dist/auth/entities/auth.entity.js.map +1 -0
- package/dist/auth/entities/base.entity.d.ts +6 -0
- package/dist/auth/entities/base.entity.js +41 -0
- package/dist/auth/entities/base.entity.js.map +1 -0
- package/dist/auth/entities/mfa-method.entity.d.ts +23 -0
- package/dist/auth/entities/mfa-method.entity.js +69 -0
- package/dist/auth/entities/mfa-method.entity.js.map +1 -0
- package/dist/auth/entities/oauth-provider.entity.d.ts +38 -0
- package/dist/auth/entities/oauth-provider.entity.js +88 -0
- package/dist/auth/entities/oauth-provider.entity.js.map +1 -0
- package/dist/auth/entities/otp-token.entity.d.ts +22 -0
- package/dist/auth/entities/otp-token.entity.js +61 -0
- package/dist/auth/entities/otp-token.entity.js.map +1 -0
- package/dist/auth/entities/session.entity.d.ts +19 -0
- package/dist/auth/entities/session.entity.js +65 -0
- package/dist/auth/entities/session.entity.js.map +1 -0
- package/dist/auth/enums/auth-type.enum.d.ts +23 -0
- package/dist/auth/enums/auth-type.enum.js +34 -0
- package/dist/auth/enums/auth-type.enum.js.map +1 -0
- package/dist/auth/guards/jwt-auth.guard.d.ts +10 -0
- package/dist/auth/guards/jwt-auth.guard.js +68 -0
- package/dist/auth/guards/jwt-auth.guard.js.map +1 -0
- package/dist/auth/guards/optional-auth.guard.d.ts +8 -0
- package/dist/auth/guards/optional-auth.guard.js +45 -0
- package/dist/auth/guards/optional-auth.guard.js.map +1 -0
- package/dist/auth/guards/ws-jwt-auth.guard.d.ts +0 -0
- package/dist/auth/guards/ws-jwt-auth.guard.js +31 -0
- package/dist/auth/guards/ws-jwt-auth.guard.js.map +1 -0
- package/dist/auth/interfaces/auth-module-async-options.interface.d.ts +7 -0
- package/dist/auth/interfaces/auth-module-async-options.interface.js +3 -0
- package/dist/auth/interfaces/auth-module-async-options.interface.js.map +1 -0
- package/dist/auth/interfaces/auth-module-options.interface.d.ts +132 -0
- package/dist/auth/interfaces/auth-module-options.interface.js +5 -0
- package/dist/auth/interfaces/auth-module-options.interface.js.map +1 -0
- package/dist/auth/interfaces/auth-notification-provider.interface.d.ts +29 -0
- package/dist/auth/interfaces/auth-notification-provider.interface.js +5 -0
- package/dist/auth/interfaces/auth-notification-provider.interface.js.map +1 -0
- package/dist/auth/interfaces/auth-user-service.interface.d.ts +13 -0
- package/dist/auth/interfaces/auth-user-service.interface.js +7 -0
- package/dist/auth/interfaces/auth-user-service.interface.js.map +1 -0
- package/dist/auth/interfaces/current-user-interface.d.ts +4 -0
- package/dist/auth/interfaces/current-user-interface.js +4 -0
- package/dist/auth/interfaces/current-user-interface.js.map +1 -0
- package/dist/auth/interfaces/current-user.decorator.d.ts +2 -0
- package/dist/auth/interfaces/current-user.decorator.js +16 -0
- package/dist/auth/interfaces/current-user.decorator.js.map +1 -0
- package/dist/auth/interfaces/jwt-payload-interface.d.ts +4 -0
- package/dist/auth/interfaces/jwt-payload-interface.js +3 -0
- package/dist/auth/interfaces/jwt-payload-interface.js.map +1 -0
- package/dist/auth/interfaces/oauth-strategy.interface.d.ts +14 -0
- package/dist/auth/interfaces/oauth-strategy.interface.js +3 -0
- package/dist/auth/interfaces/oauth-strategy.interface.js.map +1 -0
- package/dist/auth/jwt-payload-interface.d.ts +4 -0
- package/dist/auth/jwt-payload-interface.js +3 -0
- package/dist/auth/jwt-payload-interface.js.map +1 -0
- package/dist/auth/jwt.strategy.d.ts +13 -0
- package/dist/auth/jwt.strategy.js +60 -0
- package/dist/auth/jwt.strategy.js.map +1 -0
- package/dist/auth/strategies/company.strategy.d.ts +0 -0
- package/dist/auth/strategies/company.strategy.js +1 -0
- package/dist/auth/strategies/company.strategy.js.map +1 -0
- package/dist/auth/strategies/google.strategy.d.ts +7 -0
- package/dist/auth/strategies/google.strategy.js +23 -0
- package/dist/auth/strategies/google.strategy.js.map +1 -0
- package/dist/auth/strategies/local-auth.strategy.d.ts +24 -0
- package/dist/auth/strategies/local-auth.strategy.js +244 -0
- package/dist/auth/strategies/local-auth.strategy.js.map +1 -0
- package/dist/auth/strategies/oauth/apple.strategy.d.ts +27 -0
- package/dist/auth/strategies/oauth/apple.strategy.js +176 -0
- package/dist/auth/strategies/oauth/apple.strategy.js.map +1 -0
- package/dist/auth/strategies/oauth/facebook.strategy.d.ts +24 -0
- package/dist/auth/strategies/oauth/facebook.strategy.js +150 -0
- package/dist/auth/strategies/oauth/facebook.strategy.js.map +1 -0
- package/dist/auth/strategies/oauth/google.strategy.d.ts +25 -0
- package/dist/auth/strategies/oauth/google.strategy.js +225 -0
- package/dist/auth/strategies/oauth/google.strategy.js.map +1 -0
- package/dist/auth/strategies/oauth/oauth-strategy.interface.d.ts +14 -0
- package/dist/auth/strategies/oauth/oauth-strategy.interface.js +3 -0
- package/dist/auth/strategies/oauth/oauth-strategy.interface.js.map +1 -0
- package/dist/auth/strategies/oauth/oauth.strategy.d.ts +25 -0
- package/dist/auth/strategies/oauth/oauth.strategy.js +70 -0
- package/dist/auth/strategies/oauth/oauth.strategy.js.map +1 -0
- package/dist/auth/strategies/otp.strategy.d.ts +7 -0
- package/dist/auth/strategies/otp.strategy.js +23 -0
- package/dist/auth/strategies/otp.strategy.js.map +1 -0
- package/dist/auth/strategies/password.strategy.d.ts +14 -0
- package/dist/auth/strategies/password.strategy.js +130 -0
- package/dist/auth/strategies/password.strategy.js.map +1 -0
- package/dist/auth/utils/duration.util.d.ts +8 -0
- package/dist/auth/utils/duration.util.js +29 -0
- package/dist/auth/utils/duration.util.js.map +1 -0
- package/dist/index.d.ts +21 -0
- package/dist/index.js +39 -0
- package/dist/index.js.map +1 -0
- package/dist/migrations/auth-entities.d.ts +7 -0
- package/dist/migrations/auth-entities.js +18 -0
- package/dist/migrations/auth-entities.js.map +1 -0
- package/dist/migrations/auth-schema.initializer.d.ts +9 -0
- package/dist/migrations/auth-schema.initializer.js +36 -0
- package/dist/migrations/auth-schema.initializer.js.map +1 -0
- package/dist/migrations/auth.migration.v1.d.ts +12 -0
- package/dist/migrations/auth.migration.v1.js +157 -0
- package/dist/migrations/auth.migration.v1.js.map +1 -0
- package/dist/migrations/auth.migration.v2.d.ts +8 -0
- package/dist/migrations/auth.migration.v2.js +39 -0
- package/dist/migrations/auth.migration.v2.js.map +1 -0
- package/dist/migrations/auth.migrations.d.ts +2 -0
- package/dist/migrations/auth.migrations.js +8 -0
- package/dist/migrations/auth.migrations.js.map +1 -0
- package/dist/migrations/migration.runner.d.ts +9 -0
- package/dist/migrations/migration.runner.js +67 -0
- package/dist/migrations/migration.runner.js.map +1 -0
- package/dist/migrations/migration.service.d.ts +9 -0
- package/dist/migrations/migration.service.js +71 -0
- package/dist/migrations/migration.service.js.map +1 -0
- package/dist/tsconfig.tsbuildinfo +1 -0
- package/package.json +82 -0
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.Session = void 0;
|
|
13
|
+
const typeorm_1 = require("typeorm");
|
|
14
|
+
let Session = class Session {
|
|
15
|
+
toMap() {
|
|
16
|
+
return {
|
|
17
|
+
id: this.id,
|
|
18
|
+
uid: this.uid,
|
|
19
|
+
userAgent: this.userAgent,
|
|
20
|
+
deviceFingerprint: this.deviceFingerprint,
|
|
21
|
+
ipAddress: this.ipAddress,
|
|
22
|
+
expiresAt: this.expiresAt,
|
|
23
|
+
createdAt: this.createdAt,
|
|
24
|
+
};
|
|
25
|
+
}
|
|
26
|
+
};
|
|
27
|
+
exports.Session = Session;
|
|
28
|
+
__decorate([
|
|
29
|
+
(0, typeorm_1.PrimaryGeneratedColumn)('uuid'),
|
|
30
|
+
__metadata("design:type", String)
|
|
31
|
+
], Session.prototype, "id", void 0);
|
|
32
|
+
__decorate([
|
|
33
|
+
(0, typeorm_1.Column)(),
|
|
34
|
+
(0, typeorm_1.Index)(),
|
|
35
|
+
__metadata("design:type", String)
|
|
36
|
+
], Session.prototype, "uid", void 0);
|
|
37
|
+
__decorate([
|
|
38
|
+
(0, typeorm_1.Column)({ select: false }) // Do not return in standard queries
|
|
39
|
+
,
|
|
40
|
+
__metadata("design:type", String)
|
|
41
|
+
], Session.prototype, "refreshTokenHash", void 0);
|
|
42
|
+
__decorate([
|
|
43
|
+
(0, typeorm_1.Column)({ nullable: true }),
|
|
44
|
+
__metadata("design:type", String)
|
|
45
|
+
], Session.prototype, "userAgent", void 0);
|
|
46
|
+
__decorate([
|
|
47
|
+
(0, typeorm_1.Column)({ nullable: true }),
|
|
48
|
+
__metadata("design:type", String)
|
|
49
|
+
], Session.prototype, "deviceFingerprint", void 0);
|
|
50
|
+
__decorate([
|
|
51
|
+
(0, typeorm_1.Column)({ nullable: true }),
|
|
52
|
+
__metadata("design:type", String)
|
|
53
|
+
], Session.prototype, "ipAddress", void 0);
|
|
54
|
+
__decorate([
|
|
55
|
+
(0, typeorm_1.Column)(),
|
|
56
|
+
__metadata("design:type", Date)
|
|
57
|
+
], Session.prototype, "expiresAt", void 0);
|
|
58
|
+
__decorate([
|
|
59
|
+
(0, typeorm_1.CreateDateColumn)(),
|
|
60
|
+
__metadata("design:type", Date)
|
|
61
|
+
], Session.prototype, "createdAt", void 0);
|
|
62
|
+
exports.Session = Session = __decorate([
|
|
63
|
+
(0, typeorm_1.Entity)('sessions')
|
|
64
|
+
], Session);
|
|
65
|
+
//# sourceMappingURL=session.entity.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"session.entity.js","sourceRoot":"","sources":["../../../src/auth/entities/session.entity.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,qCAMiB;AAGV,IAAM,OAAO,GAAb,MAAM,OAAO;IA+BlB,KAAK;QACH,OAAO;YACL,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,iBAAiB,EAAE,IAAI,CAAC,iBAAiB;YACzC,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC;IACJ,CAAC;CACF,CAAA;AA1CY,0BAAO;AAElB;IADC,IAAA,gCAAsB,EAAC,MAAM,CAAC;;mCACpB;AAKX;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,GAAE;;oCACI;AAKZ;IADC,IAAA,gBAAM,EAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC,oCAAoC;;;iDACtC;AAIzB;IADC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;0CACT;AAIlB;IADC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;kDACD;AAG1B;IADC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;0CACT;AAGlB;IADC,IAAA,gBAAM,GAAE;8BACE,IAAI;0CAAC;AAGhB;IADC,IAAA,0BAAgB,GAAE;8BACR,IAAI;0CAAC;kBA7BL,OAAO;IADnB,IAAA,gBAAM,EAAC,UAAU,CAAC;GACN,OAAO,CA0CnB"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
export declare enum AuthStrategy {
|
|
2
|
+
EMAIL = "EMAIL",
|
|
3
|
+
PHONE = "PHONE",
|
|
4
|
+
USERNAME = "USERNAME",
|
|
5
|
+
GOOGLE = "GOOGLE",
|
|
6
|
+
FACEBOOK = "FACEBOOK",
|
|
7
|
+
APPLE = "APPLE",
|
|
8
|
+
/** @deprecated Use granular types instead */
|
|
9
|
+
LOCAL = "LOCAL",
|
|
10
|
+
/** @deprecated Use granular types instead */
|
|
11
|
+
OAUTH = "OAUTH",
|
|
12
|
+
MAGIC_LINK = "MAGIC_LINK"
|
|
13
|
+
}
|
|
14
|
+
export declare enum OAuthProviderType {
|
|
15
|
+
GOOGLE = "GOOGLE",
|
|
16
|
+
FACEBOOK = "FACEBOOK",
|
|
17
|
+
APPLE = "APPLE"
|
|
18
|
+
}
|
|
19
|
+
export declare enum AuthTransport {
|
|
20
|
+
COOKIE = "cookie",
|
|
21
|
+
BEARER = "bearer",
|
|
22
|
+
BOTH = "both"
|
|
23
|
+
}
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
// src/auth/enums/auth-types.enum.ts
|
|
3
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
4
|
+
exports.AuthTransport = exports.OAuthProviderType = exports.AuthStrategy = void 0;
|
|
5
|
+
var AuthStrategy;
|
|
6
|
+
(function (AuthStrategy) {
|
|
7
|
+
// Local / Password-based
|
|
8
|
+
AuthStrategy["EMAIL"] = "EMAIL";
|
|
9
|
+
AuthStrategy["PHONE"] = "PHONE";
|
|
10
|
+
AuthStrategy["USERNAME"] = "USERNAME";
|
|
11
|
+
// Social / OAuth
|
|
12
|
+
AuthStrategy["GOOGLE"] = "GOOGLE";
|
|
13
|
+
AuthStrategy["FACEBOOK"] = "FACEBOOK";
|
|
14
|
+
AuthStrategy["APPLE"] = "APPLE";
|
|
15
|
+
/** @deprecated Use granular types instead */
|
|
16
|
+
AuthStrategy["LOCAL"] = "LOCAL";
|
|
17
|
+
/** @deprecated Use granular types instead */
|
|
18
|
+
AuthStrategy["OAUTH"] = "OAUTH";
|
|
19
|
+
// Authentication Extension
|
|
20
|
+
AuthStrategy["MAGIC_LINK"] = "MAGIC_LINK";
|
|
21
|
+
})(AuthStrategy || (exports.AuthStrategy = AuthStrategy = {}));
|
|
22
|
+
var OAuthProviderType;
|
|
23
|
+
(function (OAuthProviderType) {
|
|
24
|
+
OAuthProviderType["GOOGLE"] = "GOOGLE";
|
|
25
|
+
OAuthProviderType["FACEBOOK"] = "FACEBOOK";
|
|
26
|
+
OAuthProviderType["APPLE"] = "APPLE";
|
|
27
|
+
})(OAuthProviderType || (exports.OAuthProviderType = OAuthProviderType = {}));
|
|
28
|
+
var AuthTransport;
|
|
29
|
+
(function (AuthTransport) {
|
|
30
|
+
AuthTransport["COOKIE"] = "cookie";
|
|
31
|
+
AuthTransport["BEARER"] = "bearer";
|
|
32
|
+
AuthTransport["BOTH"] = "both";
|
|
33
|
+
})(AuthTransport || (exports.AuthTransport = AuthTransport = {}));
|
|
34
|
+
//# sourceMappingURL=auth-type.enum.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth-type.enum.js","sourceRoot":"","sources":["../../../src/auth/enums/auth-type.enum.ts"],"names":[],"mappings":";AAAA,oCAAoC;;;AAEpC,IAAY,YAkBX;AAlBD,WAAY,YAAY;IACtB,yBAAyB;IACzB,+BAAe,CAAA;IACf,+BAAe,CAAA;IACf,qCAAqB,CAAA;IAErB,iBAAiB;IACjB,iCAAiB,CAAA;IACjB,qCAAqB,CAAA;IACrB,+BAAe,CAAA;IAEf,6CAA6C;IAC7C,+BAAe,CAAA;IACf,6CAA6C;IAC7C,+BAAe,CAAA;IAEf,2BAA2B;IAC3B,yCAAyB,CAAA;AAC3B,CAAC,EAlBW,YAAY,4BAAZ,YAAY,QAkBvB;AAED,IAAY,iBAIX;AAJD,WAAY,iBAAiB;IAC3B,sCAAiB,CAAA;IACjB,0CAAqB,CAAA;IACrB,oCAAe,CAAA;AACjB,CAAC,EAJW,iBAAiB,iCAAjB,iBAAiB,QAI5B;AAED,IAAY,aAIX;AAJD,WAAY,aAAa;IACvB,kCAAiB,CAAA;IACjB,kCAAiB,CAAA;IACjB,8BAAa,CAAA;AACf,CAAC,EAJW,aAAa,6BAAb,aAAa,QAIxB"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { ExecutionContext } from '@nestjs/common';
|
|
2
|
+
import { Reflector } from '@nestjs/core';
|
|
3
|
+
declare const JwtAuthGuard_base: import("@nestjs/passport").Type<import("@nestjs/passport").IAuthGuard>;
|
|
4
|
+
export declare class JwtAuthGuard extends JwtAuthGuard_base {
|
|
5
|
+
private reflector;
|
|
6
|
+
constructor(reflector: Reflector);
|
|
7
|
+
canActivate(context: ExecutionContext): Promise<boolean>;
|
|
8
|
+
handleRequest(err: any, user: any, info: any, context: ExecutionContext): any;
|
|
9
|
+
}
|
|
10
|
+
export {};
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.JwtAuthGuard = void 0;
|
|
13
|
+
// src/auth/jwt-auth.guard.ts
|
|
14
|
+
const common_1 = require("@nestjs/common");
|
|
15
|
+
const core_1 = require("@nestjs/core");
|
|
16
|
+
const passport_1 = require("@nestjs/passport");
|
|
17
|
+
const public_decorator_1 = require("../decorator/public.decorator");
|
|
18
|
+
const optional_decorator_1 = require("../decorator/optional.decorator");
|
|
19
|
+
let JwtAuthGuard = class JwtAuthGuard extends (0, passport_1.AuthGuard)('jwt') {
|
|
20
|
+
constructor(reflector) {
|
|
21
|
+
super();
|
|
22
|
+
this.reflector = reflector;
|
|
23
|
+
}
|
|
24
|
+
async canActivate(context) {
|
|
25
|
+
const isPublic = this.reflector.getAllAndOverride(public_decorator_1.IS_PUBLIC_KEY, [
|
|
26
|
+
context.getHandler(),
|
|
27
|
+
context.getClass(),
|
|
28
|
+
]);
|
|
29
|
+
const isOptional = this.reflector.getAllAndOverride(optional_decorator_1.IS_OPTIONAL_KEY, [context.getHandler(), context.getClass()]);
|
|
30
|
+
if (isOptional || isPublic) {
|
|
31
|
+
// Try JWT, but don’t throw if missing/invalid
|
|
32
|
+
try {
|
|
33
|
+
return (await super.canActivate(context));
|
|
34
|
+
}
|
|
35
|
+
catch {
|
|
36
|
+
const request = context.switchToHttp().getRequest();
|
|
37
|
+
request.user = null;
|
|
38
|
+
return true;
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
// Default = strict JWT required
|
|
42
|
+
return (await super.canActivate(context));
|
|
43
|
+
}
|
|
44
|
+
handleRequest(err, user, info, context) {
|
|
45
|
+
// Check if this is an optional or public route
|
|
46
|
+
const isPublic = this.reflector.getAllAndOverride(public_decorator_1.IS_PUBLIC_KEY, [
|
|
47
|
+
context.getHandler(),
|
|
48
|
+
context.getClass(),
|
|
49
|
+
]);
|
|
50
|
+
const isOptional = this.reflector.getAllAndOverride(optional_decorator_1.IS_OPTIONAL_KEY, [context.getHandler(), context.getClass()]);
|
|
51
|
+
// console.log('Auth user', user);
|
|
52
|
+
// For optional/public routes, allow null user
|
|
53
|
+
if (isOptional || isPublic) {
|
|
54
|
+
return user || null;
|
|
55
|
+
}
|
|
56
|
+
// For protected routes, throw error if no valid user
|
|
57
|
+
if (err || !user) {
|
|
58
|
+
throw err || new common_1.UnauthorizedException('Authentication required');
|
|
59
|
+
}
|
|
60
|
+
return user;
|
|
61
|
+
}
|
|
62
|
+
};
|
|
63
|
+
exports.JwtAuthGuard = JwtAuthGuard;
|
|
64
|
+
exports.JwtAuthGuard = JwtAuthGuard = __decorate([
|
|
65
|
+
(0, common_1.Injectable)(),
|
|
66
|
+
__metadata("design:paramtypes", [core_1.Reflector])
|
|
67
|
+
], JwtAuthGuard);
|
|
68
|
+
//# sourceMappingURL=jwt-auth.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"jwt-auth.guard.js","sourceRoot":"","sources":["../../../src/auth/guards/jwt-auth.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,6BAA6B;AAC7B,2CAIwB;AACxB,uCAAyC;AACzC,+CAA6C;AAC7C,oEAA8D;AAC9D,wEAAkE;AAG3D,IAAM,YAAY,GAAlB,MAAM,YAAa,SAAQ,IAAA,oBAAS,EAAC,KAAK,CAAC;IAChD,YAAoB,SAAoB;QACtC,KAAK,EAAE,CAAC;QADU,cAAS,GAAT,SAAS,CAAW;IAExC,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,gCAAa,EAAE;YACxE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CACjD,oCAAe,EACf,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAC3C,CAAC;QAEF,IAAI,UAAU,IAAI,QAAQ,EAAE,CAAC;YAC3B,8CAA8C;YAC9C,IAAI,CAAC;gBACH,OAAO,CAAC,MAAM,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAY,CAAC;YACvD,CAAC;YAAC,MAAM,CAAC;gBACP,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;gBACpD,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;gBACpB,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,gCAAgC;QAChC,OAAO,CAAC,MAAM,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAY,CAAC;IACvD,CAAC;IAED,aAAa,CAAC,GAAQ,EAAE,IAAS,EAAE,IAAS,EAAE,OAAyB;QACrE,+CAA+C;QAC/C,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,gCAAa,EAAE;YACxE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CACjD,oCAAe,EACf,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAC3C,CAAC;QAEF,kCAAkC;QAElC,8CAA8C;QAC9C,IAAI,UAAU,IAAI,QAAQ,EAAE,CAAC;YAC3B,OAAO,IAAI,IAAI,IAAI,CAAC;QACtB,CAAC;QAED,qDAAqD;QACrD,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;YACjB,MAAM,GAAG,IAAI,IAAI,8BAAqB,CAAC,yBAAyB,CAAC,CAAC;QACpE,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AAzDY,oCAAY;uBAAZ,YAAY;IADxB,IAAA,mBAAU,GAAE;qCAEoB,gBAAS;GAD7B,YAAY,CAyDxB"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { ExecutionContext } from '@nestjs/common';
|
|
2
|
+
declare const OptionalAuthGuard_base: import("@nestjs/passport").Type<import("@nestjs/passport").IAuthGuard>;
|
|
3
|
+
export declare class OptionalAuthGuard extends OptionalAuthGuard_base {
|
|
4
|
+
private readonly logger;
|
|
5
|
+
canActivate(context: ExecutionContext): Promise<boolean>;
|
|
6
|
+
handleRequest(err: any, user: any, info: any): any;
|
|
7
|
+
}
|
|
8
|
+
export {};
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var OptionalAuthGuard_1;
|
|
9
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
10
|
+
exports.OptionalAuthGuard = void 0;
|
|
11
|
+
// src/auth/optional-auth.guard.ts
|
|
12
|
+
const common_1 = require("@nestjs/common");
|
|
13
|
+
const passport_1 = require("@nestjs/passport");
|
|
14
|
+
let OptionalAuthGuard = OptionalAuthGuard_1 = class OptionalAuthGuard extends (0, passport_1.AuthGuard)('jwt') {
|
|
15
|
+
constructor() {
|
|
16
|
+
super(...arguments);
|
|
17
|
+
this.logger = new common_1.Logger(OptionalAuthGuard_1.name);
|
|
18
|
+
}
|
|
19
|
+
async canActivate(context) {
|
|
20
|
+
const req = context.switchToHttp().getRequest();
|
|
21
|
+
const authHeader = req.headers['authorization'];
|
|
22
|
+
this.logger.debug(`Authorization header: ${authHeader || 'none'}`);
|
|
23
|
+
if (!authHeader) {
|
|
24
|
+
this.logger.debug('No authorization header, skipping JWT check');
|
|
25
|
+
req.user = null; // 👈 set anonymous user
|
|
26
|
+
return true;
|
|
27
|
+
}
|
|
28
|
+
// fallback to normal AuthGuard behavior
|
|
29
|
+
return (await super.canActivate(context));
|
|
30
|
+
}
|
|
31
|
+
handleRequest(err, user, info) {
|
|
32
|
+
if (err) {
|
|
33
|
+
this.logger.warn(`JWT error: ${err.message}`);
|
|
34
|
+
}
|
|
35
|
+
if (info) {
|
|
36
|
+
this.logger.debug(`JWT info: ${JSON.stringify(info)}`);
|
|
37
|
+
}
|
|
38
|
+
return user || null;
|
|
39
|
+
}
|
|
40
|
+
};
|
|
41
|
+
exports.OptionalAuthGuard = OptionalAuthGuard;
|
|
42
|
+
exports.OptionalAuthGuard = OptionalAuthGuard = OptionalAuthGuard_1 = __decorate([
|
|
43
|
+
(0, common_1.Injectable)()
|
|
44
|
+
], OptionalAuthGuard);
|
|
45
|
+
//# sourceMappingURL=optional-auth.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"optional-auth.guard.js","sourceRoot":"","sources":["../../../src/auth/guards/optional-auth.guard.ts"],"names":[],"mappings":";;;;;;;;;;AAAA,kCAAkC;AAClC,2CAAsE;AACtE,+CAA6C;AAGtC,IAAM,iBAAiB,yBAAvB,MAAM,iBAAkB,SAAQ,IAAA,oBAAS,EAAC,KAAK,CAAC;IAAhD;;QACY,WAAM,GAAG,IAAI,eAAM,CAAC,mBAAiB,CAAC,IAAI,CAAC,CAAC;IA4B/D,CAAC;IA1BC,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,MAAM,GAAG,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QAChD,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;QAEhD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,UAAU,IAAI,MAAM,EAAE,CAAC,CAAC;QAEnE,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;YACjE,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC,wBAAwB;YACzC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,wCAAwC;QACxC,OAAO,CAAC,MAAM,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAY,CAAC;IACvD,CAAC;IAED,aAAa,CAAC,GAAQ,EAAE,IAAS,EAAE,IAAS;QAC1C,IAAI,GAAG,EAAE,CAAC;YACR,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QAChD,CAAC;QACD,IAAI,IAAI,EAAE,CAAC;YACT,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,aAAa,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACzD,CAAC;QAED,OAAO,IAAI,IAAI,IAAI,CAAC;IACtB,CAAC;CACF,CAAA;AA7BY,8CAAiB;4BAAjB,iBAAiB;IAD7B,IAAA,mBAAU,GAAE;GACA,iBAAiB,CA6B7B"}
|
|
File without changes
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
// /* eslint-disable prettier/prettier */
|
|
2
|
+
// import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common';
|
|
3
|
+
// import { WsException } from '@nestjs/websockets';
|
|
4
|
+
// import { Socket } from 'socket.io';
|
|
5
|
+
// import { JwtService } from '@nestjs/jwt';
|
|
6
|
+
// @Injectable()
|
|
7
|
+
// export class WsJwtAuthGuard implements CanActivate {
|
|
8
|
+
// constructor(private jwtService: JwtService) { }
|
|
9
|
+
// async canActivate(context: ExecutionContext): Promise<boolean> {
|
|
10
|
+
// try {
|
|
11
|
+
// const client: Socket = context.switchToWs().getClient();
|
|
12
|
+
// const token = this.extractTokenFromHeader(client);
|
|
13
|
+
// if (!token) {
|
|
14
|
+
// throw new WsException('Unauthorized access');
|
|
15
|
+
// }
|
|
16
|
+
// const payload = await this.jwtService.verifyAsync(token);
|
|
17
|
+
// // Attach user to socket
|
|
18
|
+
// client['user'] = payload;
|
|
19
|
+
// return true;
|
|
20
|
+
// } catch {
|
|
21
|
+
// throw new WsException('Unauthorized access');
|
|
22
|
+
// }
|
|
23
|
+
// }
|
|
24
|
+
// private extractTokenFromHeader(client: Socket): string | undefined {
|
|
25
|
+
// const auth = (client.handshake?.headers as any)?.authorization;
|
|
26
|
+
// if (!auth) return undefined;
|
|
27
|
+
// const [type, token] = auth.split(' ');
|
|
28
|
+
// return type === 'Bearer' ? token : (undefined as string | undefined);
|
|
29
|
+
// }
|
|
30
|
+
// }
|
|
31
|
+
//# sourceMappingURL=ws-jwt-auth.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ws-jwt-auth.guard.js","sourceRoot":"","sources":["../../../src/auth/guards/ws-jwt-auth.guard.ts"],"names":[],"mappings":"AAAA,yCAAyC;AACzC,8EAA8E;AAC9E,oDAAoD;AACpD,sCAAsC;AACtC,4CAA4C;AAE5C,gBAAgB;AAChB,uDAAuD;AACvD,sDAAsD;AAEtD,uEAAuE;AACvE,gBAAgB;AAChB,uEAAuE;AACvE,iEAAiE;AAEjE,4BAA4B;AAC5B,gEAAgE;AAChE,gBAAgB;AAEhB,wEAAwE;AACxE,uCAAuC;AACvC,wCAAwC;AAExC,2BAA2B;AAC3B,oBAAoB;AACpB,4DAA4D;AAC5D,YAAY;AACZ,QAAQ;AAER,2EAA2E;AAC3E,0EAA0E;AAC1E,uCAAuC;AAEvC,iDAAiD;AACjD,gFAAgF;AAChF,QAAQ;AACR,IAAI"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth-module-async-options.interface.js","sourceRoot":"","sources":["../../../src/auth/interfaces/auth-module-async-options.interface.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,132 @@
|
|
|
1
|
+
import { Type } from '@nestjs/common';
|
|
2
|
+
import { AuthTransport, AuthStrategy } from '../enums/auth-type.enum';
|
|
3
|
+
import { AuthNotificationProvider } from './auth-notification-provider.interface';
|
|
4
|
+
export declare const AUTH_MODULE_OPTIONS = "AUTH_MODULE_OPTIONS";
|
|
5
|
+
export interface AuthModuleOptions {
|
|
6
|
+
/**
|
|
7
|
+
* Secret key for signing Access Tokens
|
|
8
|
+
*/
|
|
9
|
+
jwtSecret: string;
|
|
10
|
+
/**
|
|
11
|
+
* Secret key for signing Refresh Tokens
|
|
12
|
+
*/
|
|
13
|
+
jwtRefreshSecret: string;
|
|
14
|
+
/**
|
|
15
|
+
* Optional: Custom expiration for Access Tokens (e.g., '15m')
|
|
16
|
+
*/
|
|
17
|
+
accessTokenExpiresIn?: string;
|
|
18
|
+
/**
|
|
19
|
+
* Optional: Custom expiration for Refresh Tokens (e.g., '7d')
|
|
20
|
+
*/
|
|
21
|
+
refreshTokenExpiresIn?: string;
|
|
22
|
+
/**
|
|
23
|
+
* If true, the library will NOT automatically register the global JwtAuthGuard.
|
|
24
|
+
*
|
|
25
|
+
* IMPORTANT: When this is set to true, decorators like @CurrentAuth() will return
|
|
26
|
+
* undefined unless you manually apply a guard (e.g., @UseGuards(JwtAuthGuard))
|
|
27
|
+
* to the controller or route.
|
|
28
|
+
*/
|
|
29
|
+
disableGlobalGuard?: boolean;
|
|
30
|
+
/**
|
|
31
|
+
* If true, the library will NOT register the default AuthController.
|
|
32
|
+
* Useful if you want to implement your own auth endpoints using AuthService.
|
|
33
|
+
*/
|
|
34
|
+
disableController?: boolean;
|
|
35
|
+
/**
|
|
36
|
+
* Transport methods to support (COOKIE, BEARER, or BOTH)
|
|
37
|
+
*/
|
|
38
|
+
transport?: AuthTransport | AuthTransport[];
|
|
39
|
+
/**
|
|
40
|
+
* Optional: Pluggable provider for sending notifications (OTPs).
|
|
41
|
+
*/
|
|
42
|
+
notificationProvider?: Type<AuthNotificationProvider>;
|
|
43
|
+
/**
|
|
44
|
+
* If true, identities MUST be verified before they can log in.
|
|
45
|
+
* Requires a notificationProvider to be configured.
|
|
46
|
+
*/
|
|
47
|
+
verificationRequired?: boolean;
|
|
48
|
+
/**
|
|
49
|
+
* Optional: List of modules to import into the AuthModule context.
|
|
50
|
+
* Use this if your notificationProvider requires specific providers from other modules.
|
|
51
|
+
*/
|
|
52
|
+
imports?: any[];
|
|
53
|
+
/**
|
|
54
|
+
* Google OAuth Client ID for token verification
|
|
55
|
+
*/
|
|
56
|
+
googleClientId?: string;
|
|
57
|
+
/**
|
|
58
|
+
* Facebook App ID for token verification
|
|
59
|
+
*/
|
|
60
|
+
facebookAppId?: string;
|
|
61
|
+
/**
|
|
62
|
+
* Facebook App Secret for App Secret Proof security
|
|
63
|
+
*/
|
|
64
|
+
facebookAppSecret?: string;
|
|
65
|
+
/**
|
|
66
|
+
* Apple Client ID (Services ID or App ID)
|
|
67
|
+
*/
|
|
68
|
+
appleClientId?: string;
|
|
69
|
+
/**
|
|
70
|
+
* Apple Team ID (optional)
|
|
71
|
+
*/
|
|
72
|
+
appleTeamId?: string;
|
|
73
|
+
/**
|
|
74
|
+
* Optional: List of enabled authentication strategies.
|
|
75
|
+
* If not provided, all strategies are enabled by default.
|
|
76
|
+
*/
|
|
77
|
+
enabledStrategies?: AuthStrategy[];
|
|
78
|
+
/**
|
|
79
|
+
* Optional: If true, email-based authentication REQUIRES a password.
|
|
80
|
+
* Defaults to true.
|
|
81
|
+
*/
|
|
82
|
+
emailRequiresPassword?: boolean;
|
|
83
|
+
/**
|
|
84
|
+
* Optional: If true, username-based authentication REQUIRES a password.
|
|
85
|
+
* Defaults to true.
|
|
86
|
+
*/
|
|
87
|
+
usernameRequiresPassword?: boolean;
|
|
88
|
+
/**
|
|
89
|
+
* Optional: If true, phone-based authentication REQUIRES a password.
|
|
90
|
+
* Defaults to false (password-less phone auth allowed).
|
|
91
|
+
*/
|
|
92
|
+
phoneRequiresPassword?: boolean;
|
|
93
|
+
/**
|
|
94
|
+
* Optional: Duration for OTP expiration in minutes.
|
|
95
|
+
* Defaults to 15 minutes.
|
|
96
|
+
*/
|
|
97
|
+
otpExpiresIn?: number;
|
|
98
|
+
/**
|
|
99
|
+
* Optional: Minimum interval between OTP resends in seconds.
|
|
100
|
+
* Defaults to 60 seconds.
|
|
101
|
+
*/
|
|
102
|
+
otpResendInterval?: number;
|
|
103
|
+
/**
|
|
104
|
+
* Optional: Application name shown in TOTP apps (e.g., Google Authenticator)
|
|
105
|
+
*/
|
|
106
|
+
appName?: string;
|
|
107
|
+
/**
|
|
108
|
+
* Optional: Max number of requests within the ttl (default: 10)
|
|
109
|
+
*/
|
|
110
|
+
throttlerLimit?: number;
|
|
111
|
+
/**
|
|
112
|
+
* Optional: Time to live for the throttler in seconds (default: 60)
|
|
113
|
+
*/
|
|
114
|
+
throttlerTtl?: number;
|
|
115
|
+
/**
|
|
116
|
+
* Optional: If true, the built-in rate limiting is disabled.
|
|
117
|
+
*/
|
|
118
|
+
disableThrottler?: boolean;
|
|
119
|
+
/**
|
|
120
|
+
* Optional: List of allowed phone number prefixes (e.g. ['+234', '+44']).
|
|
121
|
+
* If provided, all phone-based signups and signins must match one of these prefixes.
|
|
122
|
+
*/
|
|
123
|
+
allowedPhonePrefixes?: string[];
|
|
124
|
+
/**
|
|
125
|
+
* If true, the library will automatically run migrations on startup.
|
|
126
|
+
*/
|
|
127
|
+
autoMigrate?: boolean;
|
|
128
|
+
/**
|
|
129
|
+
* The URL of the frontend application (used for Magic Links and Security Alerts).
|
|
130
|
+
*/
|
|
131
|
+
frontendUrl?: string;
|
|
132
|
+
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth-module-options.interface.js","sourceRoot":"","sources":["../../../src/auth/interfaces/auth-module-options.interface.ts"],"names":[],"mappings":";;;AAIa,QAAA,mBAAmB,GAAG,qBAAqB,CAAC"}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
export declare const AUTH_NOTIFICATION_PROVIDER = "AUTH_NOTIFICATION_PROVIDER";
|
|
2
|
+
export interface AuthNotificationProvider {
|
|
3
|
+
/**
|
|
4
|
+
* Sends a verification code to a specific destination (email or phone).
|
|
5
|
+
*
|
|
6
|
+
* @param to The destination identifier (email or phone number)
|
|
7
|
+
* @param code The numeric or alphanumeric verification code
|
|
8
|
+
* @param type The type of identifier ('email' | 'phone')
|
|
9
|
+
*/
|
|
10
|
+
sendVerificationCode(to: string, code: string, type: 'email' | 'phone'): Promise<void>;
|
|
11
|
+
/**
|
|
12
|
+
* Sends a notification when a password is changed, including security context.
|
|
13
|
+
*
|
|
14
|
+
* @param to The destination identifier (email or phone number)
|
|
15
|
+
* @param context The security context
|
|
16
|
+
*/
|
|
17
|
+
sendPasswordChangedNotification?(to: string, context: {
|
|
18
|
+
ip: string;
|
|
19
|
+
userAgent: string;
|
|
20
|
+
secureAccountLink: string;
|
|
21
|
+
}): Promise<void>;
|
|
22
|
+
/**
|
|
23
|
+
* Sends a magic login link.
|
|
24
|
+
*
|
|
25
|
+
* @param to The destination identifier (email or phone number)
|
|
26
|
+
* @param link The magic link
|
|
27
|
+
*/
|
|
28
|
+
sendMagicLink?(to: string, link: string): Promise<void>;
|
|
29
|
+
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth-notification-provider.interface.js","sourceRoot":"","sources":["../../../src/auth/interfaces/auth-notification-provider.interface.ts"],"names":[],"mappings":";;;AAAa,QAAA,0BAA0B,GAAG,4BAA4B,CAAC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
export declare const AUTH_USER_SERVICE = "AUTH_USER_SERVICE";
|
|
2
|
+
export declare const AUTH_MODULE_OPTIONS = "AUTH_MODULE_OPTIONS";
|
|
3
|
+
export declare const AUTH_SIGNUP_HANDLER = "AUTH_SIGNUP_HANDLER";
|
|
4
|
+
export interface AuthUserLookupService {
|
|
5
|
+
findUser(authId: string): Promise<any | null>;
|
|
6
|
+
findById?(id: string): Promise<any | null>;
|
|
7
|
+
}
|
|
8
|
+
export interface AuthSignupHandler {
|
|
9
|
+
onSignup(auth: any, dto: any): Promise<any>;
|
|
10
|
+
create?(data: any): Promise<any>;
|
|
11
|
+
}
|
|
12
|
+
export interface AuthUserService extends AuthUserLookupService, AuthSignupHandler {
|
|
13
|
+
}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.AUTH_SIGNUP_HANDLER = exports.AUTH_MODULE_OPTIONS = exports.AUTH_USER_SERVICE = void 0;
|
|
4
|
+
exports.AUTH_USER_SERVICE = 'AUTH_USER_SERVICE';
|
|
5
|
+
exports.AUTH_MODULE_OPTIONS = 'AUTH_MODULE_OPTIONS';
|
|
6
|
+
exports.AUTH_SIGNUP_HANDLER = 'AUTH_SIGNUP_HANDLER';
|
|
7
|
+
//# sourceMappingURL=auth-user-service.interface.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth-user-service.interface.js","sourceRoot":"","sources":["../../../src/auth/interfaces/auth-user-service.interface.ts"],"names":[],"mappings":";;;AAAa,QAAA,iBAAiB,GAAG,mBAAmB,CAAC;AACxC,QAAA,mBAAmB,GAAG,qBAAqB,CAAC;AAC5C,QAAA,mBAAmB,GAAG,qBAAqB,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"current-user-interface.js","sourceRoot":"","sources":["../../../src/auth/interfaces/current-user-interface.ts"],"names":[],"mappings":";AAAA,yDAAyD"}
|
|
@@ -0,0 +1,2 @@
|
|
|
1
|
+
import { AuthCredential } from './current-user-interface';
|
|
2
|
+
export declare const CurrentAuth: (...dataOrPipes: (import("@nestjs/common").PipeTransform<any, any> | import("@nestjs/common").Type<import("@nestjs/common").PipeTransform<any, any>> | keyof AuthCredential)[]) => ParameterDecorator;
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.CurrentAuth = void 0;
|
|
4
|
+
const common_1 = require("@nestjs/common");
|
|
5
|
+
// src/auth/current-user.decorator.ts
|
|
6
|
+
exports.CurrentAuth = (0, common_1.createParamDecorator)((data, ctx) => {
|
|
7
|
+
// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
|
|
8
|
+
const request = ctx.switchToHttp().getRequest();
|
|
9
|
+
const logger = new common_1.Logger('CurrentAuthDecorator');
|
|
10
|
+
// logger.log(`Request keys: ${Object.keys(request)}`)
|
|
11
|
+
// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
|
|
12
|
+
const user = request.user;
|
|
13
|
+
logger.log(`Extracted auth: ${JSON.stringify(user)}`);
|
|
14
|
+
return data ? user?.[data] : user;
|
|
15
|
+
});
|
|
16
|
+
//# sourceMappingURL=current-user.decorator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"current-user.decorator.js","sourceRoot":"","sources":["../../../src/auth/interfaces/current-user.decorator.ts"],"names":[],"mappings":";;;AAAA,2CAAgF;AAGhF,qCAAqC;AACxB,QAAA,WAAW,GAAG,IAAA,6BAAoB,EAC7C,CAAC,IAAsC,EAAE,GAAqB,EAAE,EAAE;IAChE,mEAAmE;IACnE,MAAM,OAAO,GAAG,GAAG,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;IAEhD,MAAM,MAAM,GAAG,IAAI,eAAM,CAAC,sBAAsB,CAAC,CAAC;IAClD,sDAAsD;IACtD,sEAAsE;IACtE,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAE1B,MAAM,CAAC,GAAG,CAAC,mBAAmB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEtD,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACpC,CAAC,CACF,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"jwt-payload-interface.js","sourceRoot":"","sources":["../../../src/auth/interfaces/jwt-payload-interface.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import { SignupDto } from '../dto/requests/signup.dto';
|
|
2
|
+
import { LoginDto } from '../dto/requests/login.dto';
|
|
3
|
+
import { Auth } from '../entities/auth.entity';
|
|
4
|
+
import { AuthIdentifier } from '../entities/auth-identify.entity';
|
|
5
|
+
export interface IOAuthStrategy {
|
|
6
|
+
registerCredentials(dto: SignupDto, uid?: string): Promise<{
|
|
7
|
+
auth: Auth;
|
|
8
|
+
identifier?: AuthIdentifier;
|
|
9
|
+
}>;
|
|
10
|
+
login(dto: LoginDto): Promise<{
|
|
11
|
+
auth: Auth;
|
|
12
|
+
identifier?: AuthIdentifier;
|
|
13
|
+
}>;
|
|
14
|
+
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth-strategy.interface.js","sourceRoot":"","sources":["../../../src/auth/interfaces/oauth-strategy.interface.ts"],"names":[],"mappings":""}
|