@zola_do/authorization 0.1.9 → 0.1.10

package/README.md

@@ -0,0 +1,121 @@
+# @zola_do/authorization
+
+JWT authentication, API key validation, guards, and strategies for NestJS.
+
+## Installation
+
+```bash
+# Install individually
+npm install @zola_do/authorization
+
+# Or via meta package
+npm install @zola_do/nestjs-shared
+```
+
+## Usage
+
+### Module Setup
+
+```typescript
+import { Module } from '@nestjs/common';
+import { AuthorizationModule } from '@zola_do/authorization';
+
+@Module({
+  imports: [AuthorizationModule],
+})
+export class AppModule {}
+```
+
+By default, `JwtGuard` is registered as a global guard. Protect routes automatically; use `@AllowAnonymous()` for public routes.
+
+### Protected Routes
+
+```typescript
+import { Controller, Get } from '@nestjs/common';
+import { CurrentUser, JwtGuard, UseGuards } from '@zola_do/authorization';
+
+@Controller('profile')
+@UseGuards(JwtGuard)
+export class ProfileController {
+  @Get()
+  getProfile(@CurrentUser() user: any) {
+    return user; // Contains JWT payload (id, email, organization, etc.)
+  }
+}
+```
+
+### Anonymous Routes
+
+```typescript
+import { AllowAnonymous } from '@zola_do/authorization';
+
+@Get('public')
+@AllowAnonymous()
+getPublicData() {
+  return { message: 'No auth required' };
+}
+```
+
+### Permission Guards
+
+Require specific permissions on routes:
+
+```typescript
+import { PermissionsGuard } from '@zola_do/authorization';
+
+@Post()
+@UseGuards(JwtGuard, PermissionsGuard('product:create'))
+createProduct(@Body() dto: CreateProductDto) {}
+```
+
+### API Key Guard
+
+Protect routes with API key validation:
+
+```typescript
+import { ApiKeyGuard } from '@zola_do/authorization';
+
+@UseGuards(ApiKeyGuard)
+@Get('api-data')
+getApiData() {}
+```
+
+### AuthHelper
+
+Generate and verify tokens:
+
+```typescript
+import { AuthHelper } from '@zola_do/authorization';
+
+@Injectable()
+export class AuthService {
+  constructor(private readonly authHelper: AuthHelper) {}
+
+  async login(user: User) {
+    return this.authHelper.generateTokens(user);
+  }
+}
+```
+
+## Environment Variables
+
+| Variable | Description |
+|----------|-------------|
+| `JWT_ACCESS_TOKEN_SECRET` | Secret for access token signing |
+| `JWT_REFRESH_TOKEN_SECRET` | Secret for refresh token signing |
+| `JWT_ACCESS_TOKEN_EXPIRES` | Access token TTL (e.g. `15m`) |
+| `JWT_REFRESH_TOKEN_EXPIRES` | Refresh token TTL (e.g. `7d`) |
+| `API_KEY` | API key for `ApiKeyGuard` validation |
+
+## Exports
+
+- **Guards:** `JwtGuard`, `JwtRefreshGuard`, `PermissionsGuard`, `ApiKeyGuard`, `VendorGuard`, `OptionalJwtGuard`, `ThrottlerBehindProxyGuard`
+- **Decorators:** `@CurrentUser()`, `@AllowAnonymous()`
+- **Strategies:** `JwtStrategy`, `JwtRefreshTokenStrategy`
+- **Helpers:** `AuthHelper`
+
+## Related Packages
+
+- [@zola_do/core](../core) — Shared types and decorators
+- [@zola_do/interceptors](../interceptors) — TenantInterceptor uses `req.user` from JWT
+- [@zola_do/crud](../crud) — Uses JwtGuard and PermissionsGuard

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zola_do/authorization",
-  "version": "0.1.9",
+  "version": "0.1.10",
   "description": "JWT auth, guards, strategies for NestJS",
   "author": "zolaDO",
   "license": "ISC",
@@ -15,7 +15,10 @@
       "default": "./dist/index.js"
     }
   },
-  "files": ["dist", "README.md"],
+  "files": [
+    "dist",
+    "README.md"
+  ],
   "scripts": {
     "build": "rimraf dist && tsc",
     "prepublishOnly": "npm run build"
@@ -33,10 +36,12 @@
     "rxjs": "^7.0.0 || ^8.0.0"
   },
   "peerDependenciesMeta": {
-    "@nestjs/throttler": { "optional": true }
+    "@nestjs/throttler": {
+      "optional": true
+    }
   },
   "dependencies": {
-    "@zola_do/core": "file:../core",
+    "@zola_do/core": "^0.1.9",
     "bcrypt": "^6.0.0",
     "jsonwebtoken": "^9.0.2"
   },