aaspai-authx 0.0.7 → 0.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/express/index.cjs +43 -27
- package/dist/express/index.cjs.map +1 -1
- package/dist/express/index.js +46 -28
- package/dist/express/index.js.map +1 -1
- package/dist/index.cjs +69 -53
- package/dist/index.cjs.map +1 -1
- package/dist/index.js +72 -54
- package/dist/index.js.map +1 -1
- package/dist/nest/index.cjs +43 -27
- package/dist/nest/index.cjs.map +1 -1
- package/dist/nest/index.js +46 -28
- package/dist/nest/index.js.map +1 -1
- package/package.json +2 -2
package/dist/index.cjs
CHANGED
|
@@ -83,6 +83,50 @@ var import_crypto = require("crypto");
|
|
|
83
83
|
var import_express = __toESM(require("express"), 1);
|
|
84
84
|
var import_jsonwebtoken4 = __toESM(require("jsonwebtoken"), 1);
|
|
85
85
|
|
|
86
|
+
// src/core/utils.ts
|
|
87
|
+
function hasRole(session, role) {
|
|
88
|
+
if (!session || !session.roles) return false;
|
|
89
|
+
return session.roles.includes(role);
|
|
90
|
+
}
|
|
91
|
+
function baseProjectCookieOptionsFrom(cookie) {
|
|
92
|
+
const base = {
|
|
93
|
+
secure: cookie.secure ?? false,
|
|
94
|
+
sameSite: cookie.sameSite ?? "lax",
|
|
95
|
+
path: cookie.path ?? "/",
|
|
96
|
+
maxAge: cookie.maxAgeMs
|
|
97
|
+
};
|
|
98
|
+
if (cookie.domain) base.domain = cookie.domain;
|
|
99
|
+
return base;
|
|
100
|
+
}
|
|
101
|
+
function hasAnyRole(session, roles) {
|
|
102
|
+
if (!session || !session.roles || !Array.isArray(roles) || roles.length === 0) {
|
|
103
|
+
return false;
|
|
104
|
+
}
|
|
105
|
+
return roles.some((role) => session.roles.includes(role));
|
|
106
|
+
}
|
|
107
|
+
function hasAllRoles(session, roles) {
|
|
108
|
+
if (!session || !session.roles || !Array.isArray(roles) || roles.length === 0) {
|
|
109
|
+
return false;
|
|
110
|
+
}
|
|
111
|
+
return roles.every((role) => session.roles.includes(role));
|
|
112
|
+
}
|
|
113
|
+
function hasPermission(session, permission) {
|
|
114
|
+
if (!session || !session.permissions) return false;
|
|
115
|
+
return session.permissions.includes(permission);
|
|
116
|
+
}
|
|
117
|
+
function hasAnyPermission(session, permissions) {
|
|
118
|
+
if (!session || !session.permissions || !Array.isArray(permissions) || permissions.length === 0) {
|
|
119
|
+
return false;
|
|
120
|
+
}
|
|
121
|
+
return permissions.some((perm) => session.permissions.includes(perm));
|
|
122
|
+
}
|
|
123
|
+
function hasAllPermissions(session, permissions) {
|
|
124
|
+
if (!session || !session.permissions || !Array.isArray(permissions) || permissions.length === 0) {
|
|
125
|
+
return false;
|
|
126
|
+
}
|
|
127
|
+
return permissions.every((perm) => session.permissions.includes(perm));
|
|
128
|
+
}
|
|
129
|
+
|
|
86
130
|
// src/config/loadConfig.ts
|
|
87
131
|
function loadConfig() {
|
|
88
132
|
return {
|
|
@@ -675,6 +719,16 @@ function createAuthRouter(options = {}) {
|
|
|
675
719
|
const r = (0, import_express.Router)();
|
|
676
720
|
const email = new EmailService();
|
|
677
721
|
const authAdmin = new AuthAdminService();
|
|
722
|
+
const isProdEnv = process.env.NODE_ENV === "production";
|
|
723
|
+
const cookieConfig = {
|
|
724
|
+
sameSite: options.cookie?.sameSite ?? (isProdEnv ? "none" : "lax"),
|
|
725
|
+
// default if not provided
|
|
726
|
+
secure: options.cookie?.secure ?? isProdEnv,
|
|
727
|
+
// default: secure in prod
|
|
728
|
+
domain: options.cookie?.domain ?? void 0,
|
|
729
|
+
path: options.cookie?.path ?? "/",
|
|
730
|
+
maxAgeMs: options.cookie?.maxAgeMs ?? 24 * 60 * 60 * 1e3
|
|
731
|
+
};
|
|
678
732
|
r.use(import_express.default.json());
|
|
679
733
|
r.use(import_express.default.urlencoded({ extended: true }));
|
|
680
734
|
r.get(
|
|
@@ -705,10 +759,10 @@ function createAuthRouter(options = {}) {
|
|
|
705
759
|
});
|
|
706
760
|
}
|
|
707
761
|
const tokens = generateTokens(user);
|
|
708
|
-
setAuthCookies(res, tokens);
|
|
762
|
+
setAuthCookies(res, tokens, cookieConfig);
|
|
709
763
|
if (user.projectId) {
|
|
710
764
|
res.cookie(options.projectCookieName || "projectId", user.projectId, {
|
|
711
|
-
...
|
|
765
|
+
...baseProjectCookieOptionsFrom(cookieConfig),
|
|
712
766
|
httpOnly: true
|
|
713
767
|
});
|
|
714
768
|
}
|
|
@@ -1040,26 +1094,22 @@ function createAuthRouter(options = {}) {
|
|
|
1040
1094
|
});
|
|
1041
1095
|
return r;
|
|
1042
1096
|
}
|
|
1043
|
-
function setAuthCookies(res, tokens) {
|
|
1097
|
+
function setAuthCookies(res, tokens, cookie) {
|
|
1098
|
+
const base = {
|
|
1099
|
+
httpOnly: true,
|
|
1100
|
+
secure: cookie.secure ?? false,
|
|
1101
|
+
sameSite: cookie.sameSite ?? "lax",
|
|
1102
|
+
path: cookie.path ?? "/",
|
|
1103
|
+
maxAge: cookie.maxAgeMs
|
|
1104
|
+
};
|
|
1105
|
+
if (cookie.domain) {
|
|
1106
|
+
base.domain = cookie.domain;
|
|
1107
|
+
}
|
|
1044
1108
|
if (tokens?.access_token) {
|
|
1045
|
-
res.cookie("access_token", tokens.access_token,
|
|
1046
|
-
httpOnly: true,
|
|
1047
|
-
secure: false,
|
|
1048
|
-
sameSite: "lax",
|
|
1049
|
-
maxAge: 24 * 60 * 60 * 1e3,
|
|
1050
|
-
// 24 hours
|
|
1051
|
-
path: "/"
|
|
1052
|
-
});
|
|
1109
|
+
res.cookie("access_token", tokens.access_token, base);
|
|
1053
1110
|
}
|
|
1054
1111
|
if (tokens?.refresh_token) {
|
|
1055
|
-
res.cookie("refresh_token", tokens.refresh_token,
|
|
1056
|
-
httpOnly: true,
|
|
1057
|
-
secure: false,
|
|
1058
|
-
sameSite: "lax",
|
|
1059
|
-
maxAge: 24 * 60 * 60 * 1e3,
|
|
1060
|
-
// 24 hours
|
|
1061
|
-
path: "/"
|
|
1062
|
-
});
|
|
1112
|
+
res.cookie("refresh_token", tokens.refresh_token, base);
|
|
1063
1113
|
}
|
|
1064
1114
|
}
|
|
1065
1115
|
function toUserResponse(user) {
|
|
@@ -1268,40 +1318,6 @@ var import_bcryptjs2 = __toESM(require("bcryptjs"), 1);
|
|
|
1268
1318
|
var import_crypto3 = require("crypto");
|
|
1269
1319
|
var import_express5 = __toESM(require("express"), 1);
|
|
1270
1320
|
|
|
1271
|
-
// src/core/utils.ts
|
|
1272
|
-
function hasRole(session, role) {
|
|
1273
|
-
if (!session || !session.roles) return false;
|
|
1274
|
-
return session.roles.includes(role);
|
|
1275
|
-
}
|
|
1276
|
-
function hasAnyRole(session, roles) {
|
|
1277
|
-
if (!session || !session.roles || !Array.isArray(roles) || roles.length === 0) {
|
|
1278
|
-
return false;
|
|
1279
|
-
}
|
|
1280
|
-
return roles.some((role) => session.roles.includes(role));
|
|
1281
|
-
}
|
|
1282
|
-
function hasAllRoles(session, roles) {
|
|
1283
|
-
if (!session || !session.roles || !Array.isArray(roles) || roles.length === 0) {
|
|
1284
|
-
return false;
|
|
1285
|
-
}
|
|
1286
|
-
return roles.every((role) => session.roles.includes(role));
|
|
1287
|
-
}
|
|
1288
|
-
function hasPermission(session, permission) {
|
|
1289
|
-
if (!session || !session.permissions) return false;
|
|
1290
|
-
return session.permissions.includes(permission);
|
|
1291
|
-
}
|
|
1292
|
-
function hasAnyPermission(session, permissions) {
|
|
1293
|
-
if (!session || !session.permissions || !Array.isArray(permissions) || permissions.length === 0) {
|
|
1294
|
-
return false;
|
|
1295
|
-
}
|
|
1296
|
-
return permissions.some((perm) => session.permissions.includes(perm));
|
|
1297
|
-
}
|
|
1298
|
-
function hasAllPermissions(session, permissions) {
|
|
1299
|
-
if (!session || !session.permissions || !Array.isArray(permissions) || permissions.length === 0) {
|
|
1300
|
-
return false;
|
|
1301
|
-
}
|
|
1302
|
-
return permissions.every((perm) => session.permissions.includes(perm));
|
|
1303
|
-
}
|
|
1304
|
-
|
|
1305
1321
|
// src/middlewares/requireRole.ts
|
|
1306
1322
|
function requireRole(...roles) {
|
|
1307
1323
|
return (req, res, next) => {
|