npm - aaspai-authx - Versions diffs - 0.1.1 → 0.1.3 - Mend

aaspai-authx 0.1.1 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/dist/express/index.cjs +97 -16
package/dist/express/index.cjs.map +1 -1
package/dist/express/index.js +97 -16
package/dist/express/index.js.map +1 -1
package/dist/index.cjs +97 -16
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +71 -70
package/dist/index.d.ts +71 -70
package/dist/index.js +97 -16
package/dist/index.js.map +1 -1
package/dist/nest/index.cjs +97 -16
package/dist/nest/index.cjs.map +1 -1
package/dist/nest/index.js +97 -16
package/dist/nest/index.js.map +1 -1
package/package.json +2 -2

package/dist/index.cjs CHANGED Viewed

@@ -247,10 +247,14 @@ function buildSession(payload) {
     roles: normalizedRoles,
     permissions
   };
+  if (payload?.firstName) session.firstName = payload.firstName;
+  if (payload?.lastName) session.lastName = payload.lastName;
   if (payload?.projectId) session.projectId = payload.projectId;
   if (payload?.orgId) session.orgId = payload.orgId;
   if (payload?.org_id) session.org_id = payload.org_id;
   if (payload?.authType) session.authType = payload.authType;
+  if (payload?.createdAt) session.createdAt = payload.createdAt;
+  if (payload?.metadata) session.metadata = payload.metadata;
   Object.keys(payload || {}).forEach((key) => {
     if (![
       "sub",
@@ -424,10 +428,14 @@ function requireAuth() {
         const session = buildSession({
           sub: user.id.toString(),
           email: user.email,
+          firstName: user.firstName,
+          lastName: user.lastName,
+          metadata: user.metadata || [],
           roles: user.roles || [],
           orgId: user.orgId,
           org_id: user.orgId,
-          projectId: user.projectId
+          projectId: user.projectId,
+          createdAt: user.createdAt
         });
         session.authType = "api-key";
         session.projectId = readProjectId(req) || user.projectId || void 0;
@@ -539,7 +547,6 @@ var Invite = import_mongoose3.default.model("Invite", InviteSchema);
 // src/services/auth-admin.service.ts
 var import_bcrypt = __toESM(require("bcrypt"), 1);
 var import_jsonwebtoken2 = __toESM(require("jsonwebtoken"), 1);
-var import_uuid2 = require("uuid");
 // src/models/client.model.ts
 var import_mongoose4 = __toESM(require("mongoose"), 1);
@@ -609,7 +616,7 @@ var AuthAdminService = class {
   async createUserInRealm(payload) {
     const hashedPassword = payload.credentials?.[0]?.value ? await import_bcrypt.default.hash(payload.credentials[0].value, 10) : void 0;
     const user = await OrgUser.create({
-      id: (0, import_uuid2.v4)(),
+      id: crypto.randomUUID(),
       email: payload.email,
       firstName: payload.firstName,
       lastName: payload.lastName,
@@ -673,24 +680,61 @@ var EmailService = class {
       host: process.env.EMAIL_HOST || "smtp.postmarkapp.com",
       port: process.env.EMAIL_PORT ? Number(process.env.EMAIL_PORT) : 587,
       secure: (process.env.EMAIL_SECURE || "false") === "true",
-      auth: { user: process.env.EMAIL_USER, pass: process.env.EMAIL_PASSWORD }
+      auth: {
+        user: process.env.EMAIL_USER,
+        pass: process.env.EMAIL_PASSWORD
+      }
     });
   }
   sign(payload, ttlSec = 60 * 60 * 24) {
-    return import_jsonwebtoken3.default.sign(payload, process.env.EMAIL_JWT_SECRET, { expiresIn: ttlSec });
+    return import_jsonwebtoken3.default.sign(payload, process.env.EMAIL_JWT_SECRET, {
+      expiresIn: ttlSec
+    });
   }
   verify(token) {
     return import_jsonwebtoken3.default.verify(token, process.env.EMAIL_JWT_SECRET);
   }
   async send(to, subject, html) {
-    await this.transporter.sendMail({
-      from: process.env.EMAIL_FROM,
-      to,
-      subject,
-      html
-    });
+    console.log("[EmailService] Attempting to send:", { to, subject });
+    try {
+      const info = await this.transporter.sendMail({
+        from: process.env.EMAIL_FROM,
+        to,
+        subject,
+        html
+      });
+      console.log("[EmailService] \u2705 Email sent successfully:", {
+        messageId: info.messageId,
+        response: info.response,
+        accepted: info.accepted,
+        rejected: info.rejected
+      });
+      return info;
+    } catch (error) {
+      console.error("[EmailService] \u274C Failed to send email:", {
+        message: error.message,
+        code: error.code,
+        command: error.command,
+        responseCode: error.responseCode,
+        response: error.response,
+        stack: error.stack
+      });
+      throw error;
+    }
   }
   canSend(lastEmailSent) {
+    console.log(
+      process.env.EMAIL_PASSWORD,
+      "pssword",
+      process.env.EMAIL_USER,
+      "user",
+      process.env.EMAIL_SECURE,
+      "secure",
+      process.env.EMAIL_PORT,
+      "porat",
+      process.env.EMAIL_HOST,
+      "hosat"
+    );
     const now = Date.now();
     const windowStart = now - this.WINDOW_MINUTES * 60 * 1e3;
     const emailsInWindow = (lastEmailSent || []).map((d) => new Date(d)).filter((d) => d.getTime() >= windowStart);
@@ -1082,7 +1126,11 @@ function createAuthRouter(options = {}) {
     if (!isGoogleEnabled) {
       return res.status(500).json({ error: "Google login not configured" });
     }
-    const state = req.query.redirectTo ? encodeURIComponent(String(req.query.redirectTo)) : "";
+    const stateData = {
+      redirectTo: req.query.redirectTo || "",
+      projectId: req.query.projectId || process.env.DEFAULT_PROJECT_ID || ""
+    };
+    const state = encodeURIComponent(JSON.stringify(stateData));
     const params = new URLSearchParams({
       client_id: googleClientId,
       redirect_uri: googleRedirectUri,
@@ -1093,6 +1141,7 @@ function createAuthRouter(options = {}) {
       state
     });
     const url = `https://accounts.google.com/o/oauth2/v2/auth?${params.toString()}`;
+    console.log(url, "url");
     res.redirect(url);
   });
   r.get("/google/callback", async (req, res) => {
@@ -1100,7 +1149,21 @@ function createAuthRouter(options = {}) {
       return res.status(500).json({ error: "Google login not configured" });
     }
     const code = String(req.query.code || "");
-    const state = req.query.state ? String(req.query.state) : "";
+    let stateData = { redirectTo: "", projectId: "" };
+    try {
+      if (req.query.state) {
+        stateData = JSON.parse(decodeURIComponent(String(req.query.state)));
+      }
+    } catch (err) {
+      console.error("Failed to parse state:", err);
+    }
+    const { redirectTo, projectId } = stateData;
+    console.log(
+      "Parsed state - redirectTo:",
+      redirectTo,
+      "projectId:",
+      projectId
+    );
     if (!code) {
       return res.status(400).json({ ok: false, error: "Missing authorization code" });
     }
@@ -1135,13 +1198,19 @@ function createAuthRouter(options = {}) {
       const lastName = decoded.family_name || "";
       let user = await OrgUser.findOne({ email: email2 }).lean();
       if (!user) {
+        const finalProjectId = projectId || process.env.DEFAULT_PROJECT_ID;
+        if (!finalProjectId) {
+          console.error("No projectId available for new user");
+          const errorRedirect = (redirectTo || googleDefaultRedirect) + (redirectTo?.includes("?") ? "&" : "?") + "error=missing_project_id";
+          return res.redirect(errorRedirect);
+        }
         const created = await OrgUser.create({
           email: email2,
           firstName,
           lastName,
           emailVerified,
           roles: ["platform_user"],
-          projectId: null,
+          projectId: finalProjectId,
           metadata: []
           // you can also store googleId: decoded.sub
         });
@@ -1149,8 +1218,14 @@ function createAuthRouter(options = {}) {
       }
       const tokens = generateTokens(user);
       setAuthCookies(res, tokens, cookieConfig);
-      const redirectTo = state ? decodeURIComponent(state) : googleDefaultRedirect;
-      res.redirect(redirectTo);
+      if (user.projectId) {
+        res.cookie(options.projectCookieName || "projectId", user.projectId, {
+          ...baseProjectCookieOptionsFrom(cookieConfig),
+          httpOnly: true
+        });
+      }
+      const finalRedirect = redirectTo || googleDefaultRedirect;
+      res.redirect(finalRedirect);
     } catch (err) {
       console.error("Google callback error", err);
       const redirectError = googleDefaultRedirect.includes("?") ? `${googleDefaultRedirect}&error=google_login_failed` : `${googleDefaultRedirect}?error=google_login_failed`;
@@ -1322,6 +1397,7 @@ async function sendRateLimitedEmail({
   if (!can.ok) {
     return { rateLimited: true, waitMs: can.waitMs };
   }
+  console.log(can, "can");
   await emailService.send(user.email, subject, html);
   user.lastEmailSent = [...user.lastEmailSent || [], /* @__PURE__ */ new Date()];
   await user.save();
@@ -1335,6 +1411,11 @@ function generateTokens(user) {
     orgId: user.orgId || null,
     org_id: user.orgId || null,
     projectId: user.projectId || null,
+    firstName: user.firstName,
+    lastName: user.lastName,
+    emailVerified: user.emailVerified,
+    createdAt: user.createdAt,
+    metadata: user.metadata,
     type: "user"
   };
   const accessToken = import_jsonwebtoken4.default.sign(accessPayload, process.env.JWT_SECRET, {