@zorionapp/gg-core 4.14.0

package/src/gg-auth/guards/auth.guard.js

@@ -0,0 +1,175 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthGuard = void 0;
+const tslib_1 = require("tslib");
+const dto_1 = require("@zorionapp/gg-toolkit/dto");
+const enum_1 = require("@zorionapp/gg-toolkit/enum");
+const common_1 = require("@nestjs/common");
+const core_1 = require("@nestjs/core");
+const lodash_1 = require("lodash");
+const nestjs_cls_1 = require("nestjs-cls");
+const nestjs_pino_1 = require("nestjs-pino");
+const merchant_ip_mismatch_exception_1 = require("../exceptions/merchant-ip-mismatch.exception");
+const user_blocked_exception_1 = require("../exceptions/user-blocked.exception");
+const user_inactive_exception_1 = require("../exceptions/user-inactive.exception");
+const user_otp_blocked_exception_1 = require("../exceptions/user-otp-blocked.exception");
+const user_password_blocked_exception_1 = require("../exceptions/user-password-blocked.exception");
+const user_password_recovery_blocked_exception_1 = require("../exceptions/user-password-recovery-blocked.exception");
+const gg_auth_module_options_1 = require("../gg-auth.module-options");
+const authorized_merchant_1 = require("../injectable-proxy/authorized-merchant");
+const authorized_user_1 = require("../injectable-proxy/authorized-user");
+const get_rpc_user_util_1 = require("../utils/get-rpc-user.util");
+let AuthGuard = class AuthGuard {
+    constructor(ggAuthMerchantService, ggAuthBearerService, reflector, user, merchant, logger, cls) {
+        this.ggAuthMerchantService = ggAuthMerchantService;
+        this.ggAuthBearerService = ggAuthBearerService;
+        this.reflector = reflector;
+        this.user = user;
+        this.merchant = merchant;
+        this.logger = logger;
+        this.cls = cls;
+        this.userStatusExceptionMap = {
+            [enum_1.User.Status.Blocked]: user_blocked_exception_1.UserBlockedException,
+            [enum_1.User.Status.InActive]: user_inactive_exception_1.UserInactiveException,
+            [enum_1.User.Status.IncorrectOtpBlocked]: user_otp_blocked_exception_1.UserOtpBlockedException,
+            [enum_1.User.Status.IncorrectPasswordBlocked]: user_password_blocked_exception_1.UserPasswordBlockedException,
+            [enum_1.User.Status.PasswordRecoveryBlocked]: user_password_recovery_blocked_exception_1.UserPasswordRecoveryBlockedException,
+        };
+    }
+    /**
+     * Check if user is authorized to access endpoint
+     *
+     * @param context
+     */
+    async canActivate(context) {
+        if (context.getType() === 'http')
+            return this.handleHttp(context);
+        if (context.getType() === 'rpc')
+            return this.handleRpc(context);
+    }
+    /**
+     * Check user status and throw exception if user is blocked
+     */
+    checkUserStatus(allowedUserStatuses = []) {
+        const whitelistedStatuses = [enum_1.User.Status.Active, ...allowedUserStatuses];
+        if (whitelistedStatuses.includes(this.user.dto.status))
+            return true;
+        if (this.userStatusExceptionMap[this.user.dto.status]) {
+            throw new this.userStatusExceptionMap[this.user.dto.status]();
+        }
+    }
+    /**
+     * Check merchant allowed IPs and throw exception if it's not allowed
+     */
+    checkMerchantIP() {
+        const allowedIps = this.merchant?.dto?.allowedIps;
+        if (!allowedIps || allowedIps.length === 0 || allowedIps[0] === '')
+            return;
+        if (!allowedIps.includes(this.user.ip)) {
+            throw new merchant_ip_mismatch_exception_1.MerchantIpMismatchException({ merchantId: this.merchant.dto.id });
+        }
+    }
+    async handleRpc(context) {
+        this.user.dto = (0, get_rpc_user_util_1.getRpcUser)(context.switchToRpc().getContext());
+        return true;
+    }
+    async handleHttp(context) {
+        const contextTargets = [context.getHandler(), context.getClass()];
+        const roles = this.getRoles(contextTargets);
+        const authType = this.getAuthType(contextTargets);
+        const allowedUserStatuses = this.getAllowedUserStatuses(contextTargets);
+        await this.authAttempt(authType);
+        if (this.shouldSkipAuth(contextTargets))
+            return true;
+        if (this.isAuthenticated())
+            this.checkUserStatus(allowedUserStatuses);
+        if (this.merchant.isAuthenticated)
+            this.checkMerchantIP();
+        if (!roles.length)
+            return this.isAuthenticated();
+        return this.isAuthenticated() && this.user.hasRole(roles);
+    }
+    /**
+     * Try to authorize user by auth type
+     *
+     * @param authType
+     * @protected
+     */
+    async authAttempt(authType) {
+        const authServiceMap = {
+            [gg_auth_module_options_1.AuthType.Bearer]: this.ggAuthBearerService,
+            [gg_auth_module_options_1.AuthType.Merchant]: this.ggAuthMerchantService,
+        };
+        const serviceList = authType.map((t) => authServiceMap[t].authorize());
+        const responses = await Promise.allSettled(serviceList);
+        const fulfilled = responses.filter((r) => r.status !== 'rejected');
+        if (fulfilled.length === 0) {
+            this.merchant.dto = new dto_1.MerchantDto();
+            this.user.dto = new dto_1.UserDto();
+            this.user.setIp(this.cls.get(nestjs_cls_1.CLS_REQ));
+            return;
+        }
+        // get filled user if received multiple fulfills
+        const filteredUser = fulfilled.filter((f) => (0, lodash_1.get)(f, 'value.user')?.id !== null);
+        const filteredMerchant = fulfilled.filter((f) => (0, lodash_1.get)(f, 'value.merchant')?.id !== null);
+        this.merchant.dto = (0, lodash_1.get)(filteredMerchant[0], 'value.merchant', new dto_1.MerchantDto());
+        this.user.dto = (0, lodash_1.get)(filteredUser[0], 'value.user', new dto_1.UserDto());
+        this.user.setIp(this.cls.get(nestjs_cls_1.CLS_REQ));
+    }
+    /**
+     * Depends on auth type will be used different user query services
+     */
+    getAuthType(contextTargets) {
+        const types = this.reflector.getAllAndMerge(gg_auth_module_options_1.GG_AUTH_AUTH_TYPE_TOKEN, contextTargets);
+        return types.length > 0 ? types : [gg_auth_module_options_1.AuthType.Bearer];
+    }
+    /**
+     * Return active roles for currently queried user
+     */
+    getRoles(contextTargets) {
+        return this.reflector.getAllAndMerge(gg_auth_module_options_1.GG_AUTH_ROLES_TOKEN, contextTargets) ?? [];
+    }
+    /**
+     * Return allowed user statuses for currently queried user
+     */
+    getAllowedUserStatuses(contextTargets) {
+        return this.reflector.getAllAndMerge(gg_auth_module_options_1.GG_AUTH_ALLOWED_USER_STATUS_TOKEN, contextTargets) ?? [];
+    }
+    /**
+     * Skip authentication if controller hasn't @Protected decorator
+     */
+    shouldSkipAuth(contextTargets) {
+        const isEndpointProtected = this.reflector.getAllAndMerge(gg_auth_module_options_1.GG_AUTH_PROTECTED_TOKEN, contextTargets) ?? false;
+        if (!isEndpointProtected || Array.isArray(isEndpointProtected))
+            return true;
+    }
+    /**
+     * Check UserDTO for having required fields after auth queries
+     */
+    isAuthenticated() {
+        if (!this.user.isAuthenticated)
+            throw new common_1.UnauthorizedException();
+        this.setLoggerContext();
+        return this.user.isAuthenticated;
+    }
+    /**
+     * Set context in logger to track all user's requests
+     */
+    setLoggerContext() {
+        const user = (0, lodash_1.pick)(this.user.dto, ['id', 'ggId', 'uuid', 'roles']);
+        const merchant = (0, lodash_1.pick)(this.merchant.dto, ['id']);
+        this.logger.assign({ user, merchant });
+    }
+};
+exports.AuthGuard = AuthGuard;
+exports.AuthGuard = AuthGuard = tslib_1.__decorate([
+    (0, common_1.Injectable)(),
+    tslib_1.__param(0, (0, common_1.Inject)(gg_auth_module_options_1.GG_AUTH_AUTH_TYPE_MERCHANT_TOKEN)),
+    tslib_1.__param(1, (0, common_1.Inject)(gg_auth_module_options_1.GG_AUTH_AUTH_TYPE_BEARER_TOKEN)),
+    tslib_1.__metadata("design:paramtypes", [Object, Object, core_1.Reflector,
+        authorized_user_1.AuthorizedUser,
+        authorized_merchant_1.AuthorizedMerchant,
+        nestjs_pino_1.PinoLogger,
+        nestjs_cls_1.ClsService])
+], AuthGuard);
+//# sourceMappingURL=auth.guard.js.map

package/src/gg-auth/guards/auth.guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.guard.js","sourceRoot":"","sources":["../../../../../../libs/gg-core/src/gg-auth/guards/auth.guard.ts"],"names":[],"mappings":";;;;AAAA,mDAAiE;AACjE,qDAAkD;AAClD,2CAA0G;AAC1G,uCAAyC;AACzC,mCAAmC;AACnC,2CAAiD;AACjD,6CAAyC;AACzC,iGAA2F;AAC3F,iFAA4E;AAC5E,mFAA8E;AAC9E,yFAAmF;AACnF,mGAA6F;AAC7F,qHAA8G;AAC9G,sEAQmC;AACnC,iFAA6E;AAC7E,yEAAqE;AAErE,kEAAwD;AAKjD,IAAM,SAAS,GAAf,MAAM,SAAS;IASpB,YAC4C,qBAAmD,EACrD,mBAAiD,EACxE,SAAoB,EACpB,IAAoB,EACpB,QAA4B,EAC5B,MAAkB,EAClB,GAAe;QAN2B,0BAAqB,GAArB,qBAAqB,CAAa;QACpC,wBAAmB,GAAnB,mBAAmB,CAAa;QACxE,cAAS,GAAT,SAAS,CAAW;QACpB,SAAI,GAAJ,IAAI,CAAgB;QACpB,aAAQ,GAAR,QAAQ,CAAoB;QAC5B,WAAM,GAAN,MAAM,CAAY;QAClB,QAAG,GAAH,GAAG,CAAY;QAf1B,2BAAsB,GAAG;YAC/B,CAAC,WAAI,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,6CAAoB;YAC3C,CAAC,WAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,+CAAqB;YAC7C,CAAC,WAAI,CAAC,MAAM,CAAC,mBAAmB,CAAC,EAAE,oDAAuB;YAC1D,CAAC,WAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,EAAE,8DAA4B;YACpE,CAAC,WAAI,CAAC,MAAM,CAAC,uBAAuB,CAAC,EAAE,+EAAoC;SAC5E,CAAC;IAUC,CAAC;IAEJ;;;;OAIG;IACI,KAAK,CAAC,WAAW,CAAC,OAAyB;QAChD,IAAI,OAAO,CAAC,OAAO,EAAE,KAAK,MAAM;YAAE,OAAO,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAClE,IAAI,OAAO,CAAC,OAAO,EAAE,KAAK,KAAK;YAAE,OAAO,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IAClE,CAAC;IAED;;OAEG;IACI,eAAe,CAAC,sBAAqC,EAAE;QAC5D,MAAM,mBAAmB,GAAG,CAAC,WAAI,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,mBAAmB,CAAC,CAAC;QACzE,IAAI,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC;YAAE,OAAO,IAAI,CAAC;QAEpE,IAAI,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YACtD,MAAM,IAAI,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;QAChE,CAAC;IACH,CAAC;IAED;;OAEG;IACI,eAAe;QACpB,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,EAAE,GAAG,EAAE,UAAU,CAAC;QAElD,IAAI,CAAC,UAAU,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,KAAK,EAAE;YAAE,OAAO;QAE3E,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,4DAA2B,CAAC,EAAE,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAC9E,CAAC;IACH,CAAC;IAES,KAAK,CAAC,SAAS,CAAC,OAAyB;QACjD,IAAI,CAAC,IAAI,CAAC,GAAG,GAAG,IAAA,8BAAU,EAAC,OAAO,CAAC,WAAW,EAAE,CAAC,UAAU,EAAE,CAAC,CAAC;QAE/D,OAAO,IAAI,CAAC;IACd,CAAC;IAES,KAAK,CAAC,UAAU,CAAC,OAAyB;QAClD,MAAM,cAAc,GAAG,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;QAElE,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;QAC5C,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;QAClD,MAAM,mBAAmB,GAAG,IAAI,CAAC,sBAAsB,CAAC,cAAc,CAAC,CAAC;QAExE,MAAM,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;QAEjC,IAAI,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC;YAAE,OAAO,IAAI,CAAC;QAErD,IAAI,IAAI,CAAC,eAAe,EAAE;YAAE,IAAI,CAAC,eAAe,CAAC,mBAAmB,CAAC,CAAC;QAEtE,IAAI,IAAI,CAAC,QAAQ,CAAC,eAAe;YAAE,IAAI,CAAC,eAAe,EAAE,CAAC;QAE1D,IAAI,CAAC,KAAK,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC,eAAe,EAAE,CAAC;QAEjD,OAAO,IAAI,CAAC,eAAe,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAC5D,CAAC;IAED;;;;;OAKG;IACO,KAAK,CAAC,WAAW,CAAC,QAAoB;QAC9C,MAAM,cAAc,GAAG;YACrB,CAAC,iCAAQ,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,mBAAmB;YAC3C,CAAC,iCAAQ,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,qBAAqB;SAChD,CAAC;QAEF,MAAM,WAAW,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;QACvE,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QACxD,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,UAAU,CAAC,CAAC;QAEnE,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3B,IAAI,CAAC,QAAQ,CAAC,GAAG,GAAG,IAAI,iBAAW,EAAE,CAAC;YACtC,IAAI,CAAC,IAAI,CAAC,GAAG,GAAG,IAAI,aAAO,EAAE,CAAC;YAC9B,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,oBAAO,CAAC,CAAC,CAAC;YAEvC,OAAO;QACT,CAAC;QAED,gDAAgD;QAChD,MAAM,YAAY,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAE,IAAA,YAAG,EAAC,CAAC,EAAE,YAAY,CAAa,EAAE,EAAE,KAAK,IAAI,CAAC,CAAC;QAC7F,MAAM,gBAAgB,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAE,IAAA,YAAG,EAAC,CAAC,EAAE,gBAAgB,CAAiB,EAAE,EAAE,KAAK,IAAI,CAAC,CAAC;QAEzG,IAAI,CAAC,QAAQ,CAAC,GAAG,GAAG,IAAA,YAAG,EAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,IAAI,iBAAW,EAAE,CAAC,CAAC;QAClF,IAAI,CAAC,IAAI,CAAC,GAAG,GAAG,IAAA,YAAG,EAAC,YAAY,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,IAAI,aAAO,EAAE,CAAC,CAAC;QAClE,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,oBAAO,CAAC,CAAC,CAAC;IACzC,CAAC;IAED;;OAEG;IACO,WAAW,CAAC,cAA8B;QAClD,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,cAAc,CAAa,gDAAuB,EAAE,cAAc,CAAC,CAAC;QAEjG,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,iCAAQ,CAAC,MAAM,CAAC,CAAC;IACtD,CAAC;IAED;;OAEG;IACO,QAAQ,CAAC,cAA8B;QAC/C,OAAO,IAAI,CAAC,SAAS,CAAC,cAAc,CAAc,4CAAmB,EAAE,cAAc,CAAC,IAAI,EAAE,CAAC;IAC/F,CAAC;IAED;;OAEG;IACO,sBAAsB,CAAC,cAA8B;QAC7D,OAAO,IAAI,CAAC,SAAS,CAAC,cAAc,CAAgB,0DAAiC,EAAE,cAAc,CAAC,IAAI,EAAE,CAAC;IAC/G,CAAC;IAED;;OAEG;IACO,cAAc,CAAC,cAA8B;QACrD,MAAM,mBAAmB,GAAG,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,gDAAuB,EAAE,cAAc,CAAC,IAAI,KAAK,CAAC;QAE5G,IAAI,CAAC,mBAAmB,IAAI,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAC;YAAE,OAAO,IAAI,CAAC;IAC9E,CAAC;IAED;;OAEG;IACO,eAAe;QACvB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe;YAAE,MAAM,IAAI,8BAAqB,EAAE,CAAC;QAElE,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAExB,OAAO,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC;IACnC,CAAC;IAED;;OAEG;IACO,gBAAgB;QACxB,MAAM,IAAI,GAAG,IAAA,aAAI,EAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;QAClE,MAAM,QAAQ,GAAG,IAAA,aAAI,EAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;QAEjD,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;IACzC,CAAC;CACF,CAAA;AArKY,8BAAS;oBAAT,SAAS;IADrB,IAAA,mBAAU,GAAE;IAWR,mBAAA,IAAA,eAAM,EAAC,yDAAgC,CAAC,CAAA;IACxC,mBAAA,IAAA,eAAM,EAAC,uDAA8B,CAAC,CAAA;6DACX,gBAAS;QACd,gCAAc;QACV,wCAAkB;QACpB,wBAAU;QACb,uBAAU;GAhBvB,SAAS,CAqKrB"}

package/src/gg-auth/index.d.ts

@@ -0,0 +1,8 @@
+export * from './decorators/protected.decorator';
+export { AuthType } from './gg-auth.module-options';
+export * from './injectable-proxy/authorized-merchant';
+export * from './injectable-proxy/authorized-user';
+export * from './interfaces/authorized.interface';
+export { AuthService } from './services/auth-service.interface';
+export * from './services/gg-bearer-auth.service';
+export * from './utils/get-rpc-user.util';

package/src/gg-auth/index.js

@@ -0,0 +1,13 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthType = void 0;
+const tslib_1 = require("tslib");
+tslib_1.__exportStar(require("./decorators/protected.decorator"), exports);
+var gg_auth_module_options_1 = require("./gg-auth.module-options");
+Object.defineProperty(exports, "AuthType", { enumerable: true, get: function () { return gg_auth_module_options_1.AuthType; } });
+tslib_1.__exportStar(require("./injectable-proxy/authorized-merchant"), exports);
+tslib_1.__exportStar(require("./injectable-proxy/authorized-user"), exports);
+tslib_1.__exportStar(require("./interfaces/authorized.interface"), exports);
+tslib_1.__exportStar(require("./services/gg-bearer-auth.service"), exports);
+tslib_1.__exportStar(require("./utils/get-rpc-user.util"), exports);
+//# sourceMappingURL=index.js.map

package/src/gg-auth/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../libs/gg-core/src/gg-auth/index.ts"],"names":[],"mappings":";;;;AAAA,2EAAiD;AACjD,mEAAoD;AAA3C,kHAAA,QAAQ,OAAA;AACjB,iFAAuD;AACvD,6EAAmD;AACnD,4EAAkD;AAElD,4EAAkD;AAClD,oEAA0C"}

package/src/gg-auth/injectable-proxy/authorized-merchant.d.ts

@@ -0,0 +1,10 @@
+import { MerchantDto, WalletDto } from '@zorionapp/gg-toolkit/dto';
+/**
+ * Injectable Merchant Wallet instance with auto-bootstrapping by gg-auth-service
+ */
+export declare class AuthorizedMerchant {
+    dto: MerchantDto;
+    get merchant(): MerchantDto;
+    get wallet(): WalletDto;
+    get isAuthenticated(): boolean;
+}

package/src/gg-auth/injectable-proxy/authorized-merchant.js

@@ -0,0 +1,28 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthorizedMerchant = void 0;
+const tslib_1 = require("tslib");
+const dto_1 = require("@zorionapp/gg-toolkit/dto");
+const nestjs_cls_1 = require("nestjs-cls");
+/**
+ * Injectable Merchant Wallet instance with auto-bootstrapping by gg-auth-service
+ */
+let AuthorizedMerchant = class AuthorizedMerchant {
+    constructor() {
+        this.dto = new dto_1.MerchantDto();
+    }
+    get merchant() {
+        return this.dto ?? null;
+    }
+    get wallet() {
+        return this.dto?.wallet ?? null;
+    }
+    get isAuthenticated() {
+        return this.dto.id !== null;
+    }
+};
+exports.AuthorizedMerchant = AuthorizedMerchant;
+exports.AuthorizedMerchant = AuthorizedMerchant = tslib_1.__decorate([
+    (0, nestjs_cls_1.InjectableProxy)()
+], AuthorizedMerchant);
+//# sourceMappingURL=authorized-merchant.js.map

package/src/gg-auth/injectable-proxy/authorized-merchant.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"authorized-merchant.js","sourceRoot":"","sources":["../../../../../../libs/gg-core/src/gg-auth/injectable-proxy/authorized-merchant.ts"],"names":[],"mappings":";;;;AAAA,mDAAmE;AACnE,2CAA6C;AAE7C;;GAEG;AAEI,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;IAAxB;QACE,QAAG,GAAgB,IAAI,iBAAW,EAAE,CAAC;IAa9C,CAAC;IAXC,IAAW,QAAQ;QACjB,OAAO,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC;IAC1B,CAAC;IAED,IAAW,MAAM;QACf,OAAO,IAAI,CAAC,GAAG,EAAE,MAAM,IAAI,IAAI,CAAC;IAClC,CAAC;IAED,IAAW,eAAe;QACxB,OAAO,IAAI,CAAC,GAAG,CAAC,EAAE,KAAK,IAAI,CAAC;IAC9B,CAAC;CACF,CAAA;AAdY,gDAAkB;6BAAlB,kBAAkB;IAD9B,IAAA,4BAAe,GAAE;GACL,kBAAkB,CAc9B"}

package/src/gg-auth/injectable-proxy/authorized-user.d.ts

@@ -0,0 +1,24 @@
+import { UserDto } from '@zorionapp/gg-toolkit/dto';
+import { User } from '@zorionapp/gg-toolkit/enum';
+import { Request } from 'express';
+/**
+ * Injectable User instance with auto-bootstrapping by gg-auth-service
+ * todo: probably can be changed to something like AppCtx
+ *
+ * @example
+ * class SomeService {
+ *   public constructor(private user: AuthorizedUser) {
+ *     this.user.isAuthenticated() // true/false
+ *   }
+ * }
+ */
+export declare class AuthorizedUser {
+    dto: UserDto;
+    ip: string;
+    get isAuthenticated(): boolean;
+    setIp(req: Request): void;
+    hasRole(roles: User.Role[] | User.Role): boolean;
+    isOwnerOf(entity: {
+        userId: string | number;
+    }): boolean;
+}

package/src/gg-auth/injectable-proxy/authorized-user.js

@@ -0,0 +1,56 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthorizedUser = void 0;
+const tslib_1 = require("tslib");
+const dto_1 = require("@zorionapp/gg-toolkit/dto");
+const nestjs_cls_1 = require("nestjs-cls");
+/**
+ * Injectable User instance with auto-bootstrapping by gg-auth-service
+ * todo: probably can be changed to something like AppCtx
+ *
+ * @example
+ * class SomeService {
+ *   public constructor(private user: AuthorizedUser) {
+ *     this.user.isAuthenticated() // true/false
+ *   }
+ * }
+ */
+let AuthorizedUser = class AuthorizedUser {
+    constructor() {
+        this.dto = new dto_1.UserDto();
+    }
+    get isAuthenticated() {
+        return this.dto.id !== null;
+    }
+    setIp(req) {
+        {
+            let cfHeader = req.headers['cf-connecting-ip'];
+            let xForwardedHeader = req.headers['x-forwarded-for'];
+            if (cfHeader !== undefined && Array.isArray(cfHeader)) {
+                cfHeader = cfHeader[0];
+            }
+            if (xForwardedHeader !== undefined && Array.isArray(xForwardedHeader)) {
+                xForwardedHeader = xForwardedHeader[0];
+            }
+            this.ip = cfHeader || xForwardedHeader || req.socket.remoteAddress;
+            this.dto.ip = this.ip;
+        }
+    }
+    hasRole(roles) {
+        if (!this.dto.roles)
+            return false;
+        if (Array.isArray(roles))
+            return roles.some((role) => this.dto.roles.includes(role));
+        return this.dto.roles.includes(roles);
+    }
+    isOwnerOf(entity) {
+        if (!entity.userId)
+            return false;
+        return this.dto.uuid === entity.userId || this.dto.id === entity.userId;
+    }
+};
+exports.AuthorizedUser = AuthorizedUser;
+exports.AuthorizedUser = AuthorizedUser = tslib_1.__decorate([
+    (0, nestjs_cls_1.InjectableProxy)()
+], AuthorizedUser);
+//# sourceMappingURL=authorized-user.js.map

package/src/gg-auth/injectable-proxy/authorized-user.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"authorized-user.js","sourceRoot":"","sources":["../../../../../../libs/gg-core/src/gg-auth/injectable-proxy/authorized-user.ts"],"names":[],"mappings":";;;;AAAA,mDAAoD;AAGpD,2CAA6C;AAE7C;;;;;;;;;;GAUG;AAEI,IAAM,cAAc,GAApB,MAAM,cAAc;IAApB;QACE,QAAG,GAAY,IAAI,aAAO,EAAE,CAAC;IAsCtC,CAAC;IAnCC,IAAW,eAAe;QACxB,OAAO,IAAI,CAAC,GAAG,CAAC,EAAE,KAAK,IAAI,CAAC;IAC9B,CAAC;IAEM,KAAK,CAAC,GAAY;QACvB,CAAC;YACC,IAAI,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;YAC/C,IAAI,gBAAgB,GAAG,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;YAEtD,IAAI,QAAQ,KAAK,SAAS,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACtD,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;YACzB,CAAC;YAED,IAAI,gBAAgB,KAAK,SAAS,IAAI,KAAK,CAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE,CAAC;gBACtE,gBAAgB,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC;YACzC,CAAC;YAED,IAAI,CAAC,EAAE,GAAI,QAAmB,IAAK,gBAA2B,IAAI,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC;YAC3F,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QACxB,CAAC;IACH,CAAC;IAEM,OAAO,CAAC,KAA8B;QAC3C,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK;YAAE,OAAO,KAAK,CAAC;QAElC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;QAErF,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACxC,CAAC;IAEM,SAAS,CAAC,MAAmC;QAClD,IAAI,CAAC,MAAM,CAAC,MAAM;YAAE,OAAO,KAAK,CAAC;QAEjC,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,KAAK,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,GAAG,CAAC,EAAE,KAAK,MAAM,CAAC,MAAM,CAAC;IAC1E,CAAC;CACF,CAAA;AAvCY,wCAAc;yBAAd,cAAc;IAD1B,IAAA,4BAAe,GAAE;GACL,cAAc,CAuC1B"}

package/src/gg-auth/interfaces/authorized.interface.d.ts

@@ -0,0 +1,5 @@
+import { MerchantDto, UserDto } from '@zorionapp/gg-toolkit/dto';
+export interface Authorized {
+    user?: UserDto;
+    merchant?: MerchantDto;
+}

package/src/gg-auth/interfaces/authorized.interface.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=authorized.interface.js.map

package/src/gg-auth/interfaces/authorized.interface.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"authorized.interface.js","sourceRoot":"","sources":["../../../../../../libs/gg-core/src/gg-auth/interfaces/authorized.interface.ts"],"names":[],"mappings":""}

package/src/gg-auth/services/auth-service.interface.d.ts

@@ -0,0 +1,4 @@
+import { Authorized } from '../interfaces/authorized.interface';
+export interface AuthService {
+    authorize(): Promise<Authorized>;
+}

package/src/gg-auth/services/auth-service.interface.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=auth-service.interface.js.map

package/src/gg-auth/services/auth-service.interface.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-service.interface.js","sourceRoot":"","sources":["../../../../../../libs/gg-core/src/gg-auth/services/auth-service.interface.ts"],"names":[],"mappings":""}

package/src/gg-auth/services/gg-bearer-auth.service.d.ts

@@ -0,0 +1,39 @@
+/// <reference types="node" />
+/// <reference types="node/http" />
+/// <reference types="pino-http" />
+import { UserDto } from '@zorionapp/gg-toolkit/dto';
+import { HttpService } from '@nestjs/axios';
+import { Request } from 'express';
+import { IncomingHttpHeaders } from 'http';
+import { GgCacheService } from '../../gg-cache';
+import { GgAuthOptions } from '../gg-auth.module-options';
+import { Authorized } from '../interfaces/authorized.interface';
+import { AuthService } from './auth-service.interface';
+export declare class GgBearerAuthService implements AuthService {
+    private readonly options;
+    private readonly request;
+    private readonly http;
+    private readonly ggCache;
+    private readonly baseUrl;
+    private readonly logger;
+    constructor(options: GgAuthOptions, request: Request, http: HttpService, ggCache: GgCacheService);
+    /**
+     * @param accessToken
+     */
+    authorize(accessToken?: string): Promise<Authorized>;
+    /**
+     * Extract JWT token from given headers
+     * Actual only for AuthType.Bearer
+     */
+    protected getJWTHeader(headers: IncomingHttpHeaders): string | null;
+    private getCacheKey;
+    /**
+     * Caches UserDto in case if error between 400 & 500 codes
+     * Skip caching in other cases
+     *
+     * @param accessToken
+     * @param cacheKey
+     * @protected
+     */
+    protected fetchAndCacheUserDto(accessToken: string, cacheKey: string): Promise<UserDto>;
+}

package/src/gg-auth/services/gg-bearer-auth.service.js

@@ -0,0 +1,84 @@
+"use strict";
+var GgBearerAuthService_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GgBearerAuthService = void 0;
+const tslib_1 = require("tslib");
+const dto_1 = require("@zorionapp/gg-toolkit/dto");
+const axios_1 = require("@nestjs/axios");
+const common_1 = require("@nestjs/common");
+const class_transformer_1 = require("class-transformer");
+const class_validator_1 = require("class-validator");
+const nestjs_cls_1 = require("nestjs-cls");
+const rxjs_1 = require("rxjs");
+const gg_cache_1 = require("../../gg-cache");
+const gg_auth_module_options_1 = require("../gg-auth.module-options");
+let GgBearerAuthService = GgBearerAuthService_1 = class GgBearerAuthService {
+    constructor(options, request, http, ggCache) {
+        this.options = options;
+        this.request = request;
+        this.http = http;
+        this.ggCache = ggCache;
+        this.logger = new common_1.Logger(GgBearerAuthService_1.name);
+        this.baseUrl = `http://${this.options.ggUsersHost}/users/api/v1`;
+    }
+    /**
+     * @param accessToken
+     */
+    async authorize(accessToken = this.getJWTHeader(this.request.headers)) {
+        const cacheKey = this.getCacheKey(accessToken);
+        const cachedDto = await this.ggCache.get(cacheKey, false);
+        if (cachedDto)
+            return { user: cachedDto };
+        const user = await this.fetchAndCacheUserDto(accessToken, cacheKey);
+        return { user };
+    }
+    /**
+     * Extract JWT token from given headers
+     * Actual only for AuthType.Bearer
+     */
+    getJWTHeader(headers) {
+        const jwt = headers['authorization']?.replace('Bearer ', '');
+        return (0, class_validator_1.isJWT)(jwt) ? jwt : null;
+    }
+    getCacheKey(accessToken) {
+        return `auth:${accessToken}`;
+    }
+    /**
+     * Caches UserDto in case if error between 400 & 500 codes
+     * Skip caching in other cases
+     *
+     * @param accessToken
+     * @param cacheKey
+     * @protected
+     */
+    fetchAndCacheUserDto(accessToken, cacheKey) {
+        const onSuccess = async (value) => {
+            this.logger.log({ msg: `User queried successfully`, userId: value.data.user.ggId });
+            await this.ggCache.set(cacheKey, value.data.user, { namespaced: false });
+        };
+        const onError = async (error) => {
+            if (error.code === 'ECONNREFUSED') {
+                this.logger.error(`User service response fail: ${error}. Check your network connection or port mapping`);
+                return error;
+            }
+            if (error.code === 'ERR_BAD_REQUEST') {
+                this.logger.warn({ msg: `User authentication declined with given JWT`, error: error.message });
+                await this.ggCache.set(cacheKey, new dto_1.UserDto(), { namespaced: false });
+                return error;
+            }
+            this.logger.error({ msg: `Internal server error`, error });
+        };
+        return (0, rxjs_1.firstValueFrom)(this.http.post(`${this.baseUrl}/jwt/check`, { accessToken }).pipe((0, rxjs_1.tap)({ next: onSuccess, error: onError }), (0, rxjs_1.map)((res) => (0, class_transformer_1.plainToInstance)(dto_1.UserDto, res.data.user))));
+    }
+};
+exports.GgBearerAuthService = GgBearerAuthService;
+exports.GgBearerAuthService = GgBearerAuthService = GgBearerAuthService_1 = tslib_1.__decorate([
+    (0, common_1.Injectable)()
+    // todo: move to RPC call to users service
+    ,
+    tslib_1.__param(0, (0, common_1.Inject)(gg_auth_module_options_1.GG_AUTH_MODULE_OPTIONS_TOKEN)),
+    tslib_1.__param(1, (0, common_1.Inject)(nestjs_cls_1.CLS_REQ)),
+    tslib_1.__metadata("design:paramtypes", [Object, Object, axios_1.HttpService,
+        gg_cache_1.GgCacheService])
+], GgBearerAuthService);
+//# sourceMappingURL=gg-bearer-auth.service.js.map

package/src/gg-auth/services/gg-bearer-auth.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"gg-bearer-auth.service.js","sourceRoot":"","sources":["../../../../../../libs/gg-core/src/gg-auth/services/gg-bearer-auth.service.ts"],"names":[],"mappings":";;;;;AAAA,mDAAoD;AACpD,yCAA4C;AAC5C,2CAA4D;AAE5D,yDAAoD;AACpD,qDAAwC;AAGxC,2CAAqC;AACrC,+BAAgD;AAChD,6CAAgD;AAChD,sEAAwF;AAMjF,IAAM,mBAAmB,2BAAzB,MAAM,mBAAmB;IAI9B,YACwC,OAAuC,EAC5D,OAAiC,EACjC,IAAiB,EACjB,OAAuB;QAHe,YAAO,GAAP,OAAO,CAAe;QAC3C,YAAO,GAAP,OAAO,CAAS;QACjC,SAAI,GAAJ,IAAI,CAAa;QACjB,YAAO,GAAP,OAAO,CAAgB;QANzB,WAAM,GAAG,IAAI,eAAM,CAAC,qBAAmB,CAAC,IAAI,CAAC,CAAC;QAQ7D,IAAI,CAAC,OAAO,GAAG,UAAU,IAAI,CAAC,OAAO,CAAC,WAAW,eAAe,CAAC;IACnE,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,SAAS,CAAC,cAAsB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC;QAClF,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;QAE/C,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAU,QAAQ,EAAE,KAAK,CAAC,CAAC;QAEnE,IAAI,SAAS;YAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC;QAE1C,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;QAEpE,OAAO,EAAE,IAAI,EAAE,CAAC;IAClB,CAAC;IAED;;;OAGG;IACO,YAAY,CAAC,OAA4B;QACjD,MAAM,GAAG,GAAG,OAAO,CAAC,eAAe,CAAC,EAAE,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAE7D,OAAO,IAAA,uBAAK,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;IACjC,CAAC;IAEO,WAAW,CAAC,WAAmB;QACrC,OAAO,QAAQ,WAAW,EAAE,CAAC;IAC/B,CAAC;IAED;;;;;;;OAOG;IACO,oBAAoB,CAAC,WAAmB,EAAE,QAAgB;QAClE,MAAM,SAAS,GAAG,KAAK,EAAE,KAAuC,EAAE,EAAE;YAClE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,2BAA2B,EAAE,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;YAEpF,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC;QAC3E,CAAC,CAAC;QAEF,MAAM,OAAO,GAAG,KAAK,EAAE,KAAiB,EAAE,EAAE;YAC1C,IAAI,KAAK,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;gBAClC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,+BAA+B,KAAK,iDAAiD,CAAC,CAAC;gBAEzG,OAAO,KAAK,CAAC;YACf,CAAC;YAED,IAAI,KAAK,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;gBACrC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,6CAA6C,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;gBAE/F,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,aAAO,EAAE,EAAE,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC;gBAEvE,OAAO,KAAK,CAAC;YACf,CAAC;YAED,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,uBAAuB,EAAE,KAAK,EAAE,CAAC,CAAC;QAC7D,CAAC,CAAC;QAEF,OAAO,IAAA,qBAAc,EACnB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAoB,GAAG,IAAI,CAAC,OAAO,YAAY,EAAE,EAAE,WAAW,EAAE,CAAC,CAAC,IAAI,CAClF,IAAA,UAAG,EAAC,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,EACxC,IAAA,UAAG,EAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAA,mCAAe,EAAC,aAAO,EAAE,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CACtD,CACF,CAAC;IACJ,CAAC;CACF,CAAA;AAlFY,kDAAmB;8BAAnB,mBAAmB;IAF/B,IAAA,mBAAU,GAAE;IACb,0CAA0C;;IAMrC,mBAAA,IAAA,eAAM,EAAC,qDAA4B,CAAC,CAAA;IACpC,mBAAA,IAAA,eAAM,EAAC,oBAAO,CAAC,CAAA;6DACO,mBAAW;QACR,yBAAc;GAR/B,mBAAmB,CAkF/B"}

package/src/gg-auth/services/gg-merchant-auth.service.d.ts

@@ -0,0 +1,8 @@
+import { GgAuthOptions } from '../gg-auth.module-options';
+import { AuthService } from './auth-service.interface';
+export declare class GgMerchantAuthService implements AuthService {
+    private readonly options;
+    private readonly logger;
+    constructor(options: GgAuthOptions);
+    authorize(): Promise<never>;
+}

package/src/gg-auth/services/gg-merchant-auth.service.js

@@ -0,0 +1,24 @@
+"use strict";
+var GgMerchantAuthService_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GgMerchantAuthService = void 0;
+const tslib_1 = require("tslib");
+const common_1 = require("@nestjs/common");
+const gg_auth_module_options_1 = require("../gg-auth.module-options");
+let GgMerchantAuthService = GgMerchantAuthService_1 = class GgMerchantAuthService {
+    constructor(options) {
+        this.options = options;
+        this.logger = new common_1.Logger(GgMerchantAuthService_1.name);
+    }
+    async authorize() {
+        this.logger.log(`Attempt to auth with "${gg_auth_module_options_1.AuthType.Merchant}" auth`);
+        throw new common_1.NotImplementedException(`Merchant auth-service not implemented. Add code here if it needed for other services (except gg-wallets) for default auth`);
+    }
+};
+exports.GgMerchantAuthService = GgMerchantAuthService;
+exports.GgMerchantAuthService = GgMerchantAuthService = GgMerchantAuthService_1 = tslib_1.__decorate([
+    (0, common_1.Injectable)(),
+    tslib_1.__param(0, (0, common_1.Inject)(gg_auth_module_options_1.GG_AUTH_MODULE_OPTIONS_TOKEN)),
+    tslib_1.__metadata("design:paramtypes", [Object])
+], GgMerchantAuthService);
+//# sourceMappingURL=gg-merchant-auth.service.js.map

package/src/gg-auth/services/gg-merchant-auth.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"gg-merchant-auth.service.js","sourceRoot":"","sources":["../../../../../../libs/gg-core/src/gg-auth/services/gg-merchant-auth.service.ts"],"names":[],"mappings":";;;;;AAAA,2CAAqF;AACrF,sEAAkG;AAI3F,IAAM,qBAAqB,6BAA3B,MAAM,qBAAqB;IAGhC,YAAyD,OAAuC;QAAtB,YAAO,GAAP,OAAO,CAAe;QAF/E,WAAM,GAAG,IAAI,eAAM,CAAC,uBAAqB,CAAC,IAAI,CAAC,CAAC;IAEkC,CAAC;IAE7F,KAAK,CAAC,SAAS;QACpB,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,yBAAyB,iCAAQ,CAAC,QAAQ,QAAQ,CAAC,CAAC;QAEpE,MAAM,IAAI,gCAAuB,CAC/B,2HAA2H,CAC5H,CAAC;IACJ,CAAC;CACF,CAAA;AAZY,sDAAqB;gCAArB,qBAAqB;IADjC,IAAA,mBAAU,GAAE;IAIS,mBAAA,IAAA,eAAM,EAAC,qDAA4B,CAAC,CAAA;;GAH7C,qBAAqB,CAYjC"}

package/src/gg-auth/utils/get-rpc-user.util.d.ts

@@ -0,0 +1,3 @@
+import { UserDto } from '@zorionapp/gg-toolkit/dto';
+import { RmqContext } from '@nestjs/microservices';
+export declare const getRpcUser: (ctx: RmqContext) => UserDto;

package/src/gg-auth/utils/get-rpc-user.util.js

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getRpcUser = void 0;
+const dto_1 = require("@zorionapp/gg-toolkit/dto");
+const class_transformer_1 = require("class-transformer");
+const lodash_1 = require("lodash");
+const getRpcUser = (ctx) => {
+    const userJson = (0, lodash_1.get)(ctx.getArgs(), `[0].properties.headers.user`, '');
+    if (!userJson)
+        return new dto_1.UserDto();
+    return (0, class_transformer_1.plainToInstance)(dto_1.UserDto, JSON.parse(userJson));
+};
+exports.getRpcUser = getRpcUser;
+//# sourceMappingURL=get-rpc-user.util.js.map

package/src/gg-auth/utils/get-rpc-user.util.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-rpc-user.util.js","sourceRoot":"","sources":["../../../../../../libs/gg-core/src/gg-auth/utils/get-rpc-user.util.ts"],"names":[],"mappings":";;;AAAA,mDAAoD;AAEpD,yDAAoD;AACpD,mCAA6B;AAEtB,MAAM,UAAU,GAAG,CAAC,GAAe,EAAE,EAAE;IAC5C,MAAM,QAAQ,GAAG,IAAA,YAAG,EAAC,GAAG,CAAC,OAAO,EAAE,EAAE,6BAA6B,EAAE,EAAE,CAAC,CAAC;IAEvE,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,aAAO,EAAE,CAAC;IAEpC,OAAO,IAAA,mCAAe,EAAC,aAAO,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC;AACxD,CAAC,CAAC;AANW,QAAA,UAAU,cAMrB"}

package/src/gg-cache/gg-cache.module.d.ts

@@ -0,0 +1,4 @@
+import { DynamicModule } from '@nestjs/common';
+export declare class GgCacheModule {
+    static forRoot(): DynamicModule;
+}

package/src/gg-cache/gg-cache.module.js

@@ -0,0 +1,55 @@
+"use strict";
+var GgCacheModule_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GgCacheModule = void 0;
+const tslib_1 = require("tslib");
+const cache_manager_1 = require("@nestjs/cache-manager");
+const common_1 = require("@nestjs/common");
+const exceptions_1 = require("@nestjs/core/errors/exceptions");
+const cache_manager_redis_yet_1 = require("cache-manager-redis-yet");
+const luxon_1 = require("luxon");
+const redis_1 = require("redis");
+const gg_cache_service_1 = require("./gg-cache.service");
+const redis_config_1 = require("./redis.config");
+let GgCacheModule = GgCacheModule_1 = class GgCacheModule {
+    static forRoot() {
+        return {
+            module: GgCacheModule_1,
+            global: true,
+            providers: [gg_cache_service_1.GgCacheService],
+            exports: [gg_cache_service_1.GgCacheService],
+            imports: [
+                cache_manager_1.CacheModule.registerAsync({
+                    inject: [redis_config_1.redisConfig.KEY],
+                    isGlobal: true,
+                    useFactory: async (redisConf) => {
+                        const client = (0, redis_1.createClient)({
+                            socket: { host: redisConf.host, port: redisConf.port },
+                        });
+                        client.on('error', (err) => {
+                            console.error('Redis Client Error', err);
+                        });
+                        try {
+                            await client.connect();
+                        }
+                        catch (error) {
+                            throw new exceptions_1.RuntimeException('Error connecting to Redis');
+                        }
+                        return {
+                            socket: { host: redisConf.host, port: redisConf.port },
+                            client,
+                            store: cache_manager_redis_yet_1.redisStore,
+                            ttl: luxon_1.Duration.fromObject({ minute: 1 }).as('milliseconds'),
+                            pingInterval: luxon_1.Duration.fromObject({ second: 1 }).as('milliseconds'),
+                        };
+                    },
+                }),
+            ],
+        };
+    }
+};
+exports.GgCacheModule = GgCacheModule;
+exports.GgCacheModule = GgCacheModule = GgCacheModule_1 = tslib_1.__decorate([
+    (0, common_1.Module)({})
+], GgCacheModule);
+//# sourceMappingURL=gg-cache.module.js.map

package/src/gg-cache/gg-cache.module.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"gg-cache.module.js","sourceRoot":"","sources":["../../../../../libs/gg-core/src/gg-cache/gg-cache.module.ts"],"names":[],"mappings":";;;;;AAAA,yDAAoD;AACpD,2CAAuD;AAEvD,+DAAkE;AAClE,qEAAqD;AACrD,iCAAiC;AACjC,iCAAyD;AACzD,yDAAoD;AACpD,iDAA6C;AAGtC,IAAM,aAAa,qBAAnB,MAAM,aAAa;IACjB,MAAM,CAAC,OAAO;QACnB,OAAO;YACL,MAAM,EAAE,eAAa;YACrB,MAAM,EAAE,IAAI;YACZ,SAAS,EAAE,CAAC,iCAAc,CAAC;YAC3B,OAAO,EAAE,CAAC,iCAAc,CAAC;YACzB,OAAO,EAAE;gBACP,2BAAW,CAAC,aAAa,CAAqB;oBAC5C,MAAM,EAAE,CAAC,0BAAW,CAAC,GAAG,CAAC;oBACzB,QAAQ,EAAE,IAAI;oBACd,UAAU,EAAE,KAAK,EAAE,SAAyC,EAAE,EAAE;wBAC9D,MAAM,MAAM,GAAG,IAAA,oBAAY,EAAC;4BAC1B,MAAM,EAAE,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE;yBACvD,CAAC,CAAC;wBAEH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;4BACzB,OAAO,CAAC,KAAK,CAAC,oBAAoB,EAAE,GAAG,CAAC,CAAC;wBAC3C,CAAC,CAAC,CAAC;wBAEH,IAAI,CAAC;4BACH,MAAM,MAAM,CAAC,OAAO,EAAE,CAAC;wBACzB,CAAC;wBAAC,OAAO,KAAK,EAAE,CAAC;4BACf,MAAM,IAAI,6BAAgB,CAAC,2BAA2B,CAAC,CAAC;wBAC1D,CAAC;wBAED,OAAO;4BACL,MAAM,EAAE,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE;4BACtD,MAAM;4BACN,KAAK,EAAE,oCAAU;4BACjB,GAAG,EAAE,gBAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,cAAc,CAAC;4BAC1D,YAAY,EAAE,gBAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,cAAc,CAAC;yBACpE,CAAC;oBACJ,CAAC;iBACF,CAAC;aACH;SACF,CAAC;IACJ,CAAC;CACF,CAAA;AAtCY,sCAAa;wBAAb,aAAa;IADzB,IAAA,eAAM,EAAC,EAAE,CAAC;GACE,aAAa,CAsCzB"}