@zola_do/authorization 0.1.9 → 0.1.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +121 -0
- package/package.json +9 -4
package/README.md
ADDED
|
@@ -0,0 +1,121 @@
|
|
|
1
|
+
# @zola_do/authorization
|
|
2
|
+
|
|
3
|
+
JWT authentication, API key validation, guards, and strategies for NestJS.
|
|
4
|
+
|
|
5
|
+
## Installation
|
|
6
|
+
|
|
7
|
+
```bash
|
|
8
|
+
# Install individually
|
|
9
|
+
npm install @zola_do/authorization
|
|
10
|
+
|
|
11
|
+
# Or via meta package
|
|
12
|
+
npm install @zola_do/nestjs-shared
|
|
13
|
+
```
|
|
14
|
+
|
|
15
|
+
## Usage
|
|
16
|
+
|
|
17
|
+
### Module Setup
|
|
18
|
+
|
|
19
|
+
```typescript
|
|
20
|
+
import { Module } from '@nestjs/common';
|
|
21
|
+
import { AuthorizationModule } from '@zola_do/authorization';
|
|
22
|
+
|
|
23
|
+
@Module({
|
|
24
|
+
imports: [AuthorizationModule],
|
|
25
|
+
})
|
|
26
|
+
export class AppModule {}
|
|
27
|
+
```
|
|
28
|
+
|
|
29
|
+
By default, `JwtGuard` is registered as a global guard. Protect routes automatically; use `@AllowAnonymous()` for public routes.
|
|
30
|
+
|
|
31
|
+
### Protected Routes
|
|
32
|
+
|
|
33
|
+
```typescript
|
|
34
|
+
import { Controller, Get } from '@nestjs/common';
|
|
35
|
+
import { CurrentUser, JwtGuard, UseGuards } from '@zola_do/authorization';
|
|
36
|
+
|
|
37
|
+
@Controller('profile')
|
|
38
|
+
@UseGuards(JwtGuard)
|
|
39
|
+
export class ProfileController {
|
|
40
|
+
@Get()
|
|
41
|
+
getProfile(@CurrentUser() user: any) {
|
|
42
|
+
return user; // Contains JWT payload (id, email, organization, etc.)
|
|
43
|
+
}
|
|
44
|
+
}
|
|
45
|
+
```
|
|
46
|
+
|
|
47
|
+
### Anonymous Routes
|
|
48
|
+
|
|
49
|
+
```typescript
|
|
50
|
+
import { AllowAnonymous } from '@zola_do/authorization';
|
|
51
|
+
|
|
52
|
+
@Get('public')
|
|
53
|
+
@AllowAnonymous()
|
|
54
|
+
getPublicData() {
|
|
55
|
+
return { message: 'No auth required' };
|
|
56
|
+
}
|
|
57
|
+
```
|
|
58
|
+
|
|
59
|
+
### Permission Guards
|
|
60
|
+
|
|
61
|
+
Require specific permissions on routes:
|
|
62
|
+
|
|
63
|
+
```typescript
|
|
64
|
+
import { PermissionsGuard } from '@zola_do/authorization';
|
|
65
|
+
|
|
66
|
+
@Post()
|
|
67
|
+
@UseGuards(JwtGuard, PermissionsGuard('product:create'))
|
|
68
|
+
createProduct(@Body() dto: CreateProductDto) {}
|
|
69
|
+
```
|
|
70
|
+
|
|
71
|
+
### API Key Guard
|
|
72
|
+
|
|
73
|
+
Protect routes with API key validation:
|
|
74
|
+
|
|
75
|
+
```typescript
|
|
76
|
+
import { ApiKeyGuard } from '@zola_do/authorization';
|
|
77
|
+
|
|
78
|
+
@UseGuards(ApiKeyGuard)
|
|
79
|
+
@Get('api-data')
|
|
80
|
+
getApiData() {}
|
|
81
|
+
```
|
|
82
|
+
|
|
83
|
+
### AuthHelper
|
|
84
|
+
|
|
85
|
+
Generate and verify tokens:
|
|
86
|
+
|
|
87
|
+
```typescript
|
|
88
|
+
import { AuthHelper } from '@zola_do/authorization';
|
|
89
|
+
|
|
90
|
+
@Injectable()
|
|
91
|
+
export class AuthService {
|
|
92
|
+
constructor(private readonly authHelper: AuthHelper) {}
|
|
93
|
+
|
|
94
|
+
async login(user: User) {
|
|
95
|
+
return this.authHelper.generateTokens(user);
|
|
96
|
+
}
|
|
97
|
+
}
|
|
98
|
+
```
|
|
99
|
+
|
|
100
|
+
## Environment Variables
|
|
101
|
+
|
|
102
|
+
| Variable | Description |
|
|
103
|
+
|----------|-------------|
|
|
104
|
+
| `JWT_ACCESS_TOKEN_SECRET` | Secret for access token signing |
|
|
105
|
+
| `JWT_REFRESH_TOKEN_SECRET` | Secret for refresh token signing |
|
|
106
|
+
| `JWT_ACCESS_TOKEN_EXPIRES` | Access token TTL (e.g. `15m`) |
|
|
107
|
+
| `JWT_REFRESH_TOKEN_EXPIRES` | Refresh token TTL (e.g. `7d`) |
|
|
108
|
+
| `API_KEY` | API key for `ApiKeyGuard` validation |
|
|
109
|
+
|
|
110
|
+
## Exports
|
|
111
|
+
|
|
112
|
+
- **Guards:** `JwtGuard`, `JwtRefreshGuard`, `PermissionsGuard`, `ApiKeyGuard`, `VendorGuard`, `OptionalJwtGuard`, `ThrottlerBehindProxyGuard`
|
|
113
|
+
- **Decorators:** `@CurrentUser()`, `@AllowAnonymous()`
|
|
114
|
+
- **Strategies:** `JwtStrategy`, `JwtRefreshTokenStrategy`
|
|
115
|
+
- **Helpers:** `AuthHelper`
|
|
116
|
+
|
|
117
|
+
## Related Packages
|
|
118
|
+
|
|
119
|
+
- [@zola_do/core](../core) — Shared types and decorators
|
|
120
|
+
- [@zola_do/interceptors](../interceptors) — TenantInterceptor uses `req.user` from JWT
|
|
121
|
+
- [@zola_do/crud](../crud) — Uses JwtGuard and PermissionsGuard
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@zola_do/authorization",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.10",
|
|
4
4
|
"description": "JWT auth, guards, strategies for NestJS",
|
|
5
5
|
"author": "zolaDO",
|
|
6
6
|
"license": "ISC",
|
|
@@ -15,7 +15,10 @@
|
|
|
15
15
|
"default": "./dist/index.js"
|
|
16
16
|
}
|
|
17
17
|
},
|
|
18
|
-
"files": [
|
|
18
|
+
"files": [
|
|
19
|
+
"dist",
|
|
20
|
+
"README.md"
|
|
21
|
+
],
|
|
19
22
|
"scripts": {
|
|
20
23
|
"build": "rimraf dist && tsc",
|
|
21
24
|
"prepublishOnly": "npm run build"
|
|
@@ -33,10 +36,12 @@
|
|
|
33
36
|
"rxjs": "^7.0.0 || ^8.0.0"
|
|
34
37
|
},
|
|
35
38
|
"peerDependenciesMeta": {
|
|
36
|
-
"@nestjs/throttler": {
|
|
39
|
+
"@nestjs/throttler": {
|
|
40
|
+
"optional": true
|
|
41
|
+
}
|
|
37
42
|
},
|
|
38
43
|
"dependencies": {
|
|
39
|
-
"@zola_do/core": "
|
|
44
|
+
"@zola_do/core": "^0.1.9",
|
|
40
45
|
"bcrypt": "^6.0.0",
|
|
41
46
|
"jsonwebtoken": "^9.0.2"
|
|
42
47
|
},
|