aaspai-authx 0.1.2 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/express/index.cjs +82 -13
- package/dist/express/index.cjs.map +1 -1
- package/dist/express/index.js +82 -13
- package/dist/express/index.js.map +1 -1
- package/dist/index.cjs +82 -13
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +2 -1
- package/dist/index.d.ts +2 -1
- package/dist/index.js +82 -13
- package/dist/index.js.map +1 -1
- package/dist/nest/index.cjs +82 -13
- package/dist/nest/index.cjs.map +1 -1
- package/dist/nest/index.js +82 -13
- package/dist/nest/index.js.map +1 -1
- package/package.json +2 -2
package/dist/express/index.cjs
CHANGED
|
@@ -600,24 +600,61 @@ var EmailService = class {
|
|
|
600
600
|
host: process.env.EMAIL_HOST || "smtp.postmarkapp.com",
|
|
601
601
|
port: process.env.EMAIL_PORT ? Number(process.env.EMAIL_PORT) : 587,
|
|
602
602
|
secure: (process.env.EMAIL_SECURE || "false") === "true",
|
|
603
|
-
auth: {
|
|
603
|
+
auth: {
|
|
604
|
+
user: process.env.EMAIL_USER,
|
|
605
|
+
pass: process.env.EMAIL_PASSWORD
|
|
606
|
+
}
|
|
604
607
|
});
|
|
605
608
|
}
|
|
606
609
|
sign(payload, ttlSec = 60 * 60 * 24) {
|
|
607
|
-
return import_jsonwebtoken3.default.sign(payload, process.env.EMAIL_JWT_SECRET, {
|
|
610
|
+
return import_jsonwebtoken3.default.sign(payload, process.env.EMAIL_JWT_SECRET, {
|
|
611
|
+
expiresIn: ttlSec
|
|
612
|
+
});
|
|
608
613
|
}
|
|
609
614
|
verify(token) {
|
|
610
615
|
return import_jsonwebtoken3.default.verify(token, process.env.EMAIL_JWT_SECRET);
|
|
611
616
|
}
|
|
612
617
|
async send(to, subject, html) {
|
|
613
|
-
|
|
614
|
-
|
|
615
|
-
|
|
616
|
-
|
|
617
|
-
|
|
618
|
-
|
|
618
|
+
console.log("[EmailService] Attempting to send:", { to, subject });
|
|
619
|
+
try {
|
|
620
|
+
const info = await this.transporter.sendMail({
|
|
621
|
+
from: process.env.EMAIL_FROM,
|
|
622
|
+
to,
|
|
623
|
+
subject,
|
|
624
|
+
html
|
|
625
|
+
});
|
|
626
|
+
console.log("[EmailService] \u2705 Email sent successfully:", {
|
|
627
|
+
messageId: info.messageId,
|
|
628
|
+
response: info.response,
|
|
629
|
+
accepted: info.accepted,
|
|
630
|
+
rejected: info.rejected
|
|
631
|
+
});
|
|
632
|
+
return info;
|
|
633
|
+
} catch (error) {
|
|
634
|
+
console.error("[EmailService] \u274C Failed to send email:", {
|
|
635
|
+
message: error.message,
|
|
636
|
+
code: error.code,
|
|
637
|
+
command: error.command,
|
|
638
|
+
responseCode: error.responseCode,
|
|
639
|
+
response: error.response,
|
|
640
|
+
stack: error.stack
|
|
641
|
+
});
|
|
642
|
+
throw error;
|
|
643
|
+
}
|
|
619
644
|
}
|
|
620
645
|
canSend(lastEmailSent) {
|
|
646
|
+
console.log(
|
|
647
|
+
process.env.EMAIL_PASSWORD,
|
|
648
|
+
"pssword",
|
|
649
|
+
process.env.EMAIL_USER,
|
|
650
|
+
"user",
|
|
651
|
+
process.env.EMAIL_SECURE,
|
|
652
|
+
"secure",
|
|
653
|
+
process.env.EMAIL_PORT,
|
|
654
|
+
"porat",
|
|
655
|
+
process.env.EMAIL_HOST,
|
|
656
|
+
"hosat"
|
|
657
|
+
);
|
|
621
658
|
const now = Date.now();
|
|
622
659
|
const windowStart = now - this.WINDOW_MINUTES * 60 * 1e3;
|
|
623
660
|
const emailsInWindow = (lastEmailSent || []).map((d) => new Date(d)).filter((d) => d.getTime() >= windowStart);
|
|
@@ -1009,7 +1046,11 @@ function createAuthRouter(options = {}) {
|
|
|
1009
1046
|
if (!isGoogleEnabled) {
|
|
1010
1047
|
return res.status(500).json({ error: "Google login not configured" });
|
|
1011
1048
|
}
|
|
1012
|
-
const
|
|
1049
|
+
const stateData = {
|
|
1050
|
+
redirectTo: req.query.redirectTo || "",
|
|
1051
|
+
projectId: req.query.projectId || process.env.DEFAULT_PROJECT_ID || ""
|
|
1052
|
+
};
|
|
1053
|
+
const state = encodeURIComponent(JSON.stringify(stateData));
|
|
1013
1054
|
const params = new URLSearchParams({
|
|
1014
1055
|
client_id: googleClientId,
|
|
1015
1056
|
redirect_uri: googleRedirectUri,
|
|
@@ -1020,6 +1061,7 @@ function createAuthRouter(options = {}) {
|
|
|
1020
1061
|
state
|
|
1021
1062
|
});
|
|
1022
1063
|
const url = `https://accounts.google.com/o/oauth2/v2/auth?${params.toString()}`;
|
|
1064
|
+
console.log(url, "url");
|
|
1023
1065
|
res.redirect(url);
|
|
1024
1066
|
});
|
|
1025
1067
|
r.get("/google/callback", async (req, res) => {
|
|
@@ -1027,7 +1069,21 @@ function createAuthRouter(options = {}) {
|
|
|
1027
1069
|
return res.status(500).json({ error: "Google login not configured" });
|
|
1028
1070
|
}
|
|
1029
1071
|
const code = String(req.query.code || "");
|
|
1030
|
-
|
|
1072
|
+
let stateData = { redirectTo: "", projectId: "" };
|
|
1073
|
+
try {
|
|
1074
|
+
if (req.query.state) {
|
|
1075
|
+
stateData = JSON.parse(decodeURIComponent(String(req.query.state)));
|
|
1076
|
+
}
|
|
1077
|
+
} catch (err) {
|
|
1078
|
+
console.error("Failed to parse state:", err);
|
|
1079
|
+
}
|
|
1080
|
+
const { redirectTo, projectId } = stateData;
|
|
1081
|
+
console.log(
|
|
1082
|
+
"Parsed state - redirectTo:",
|
|
1083
|
+
redirectTo,
|
|
1084
|
+
"projectId:",
|
|
1085
|
+
projectId
|
|
1086
|
+
);
|
|
1031
1087
|
if (!code) {
|
|
1032
1088
|
return res.status(400).json({ ok: false, error: "Missing authorization code" });
|
|
1033
1089
|
}
|
|
@@ -1062,13 +1118,19 @@ function createAuthRouter(options = {}) {
|
|
|
1062
1118
|
const lastName = decoded.family_name || "";
|
|
1063
1119
|
let user = await OrgUser.findOne({ email: email2 }).lean();
|
|
1064
1120
|
if (!user) {
|
|
1121
|
+
const finalProjectId = projectId || process.env.DEFAULT_PROJECT_ID;
|
|
1122
|
+
if (!finalProjectId) {
|
|
1123
|
+
console.error("No projectId available for new user");
|
|
1124
|
+
const errorRedirect = (redirectTo || googleDefaultRedirect) + (redirectTo?.includes("?") ? "&" : "?") + "error=missing_project_id";
|
|
1125
|
+
return res.redirect(errorRedirect);
|
|
1126
|
+
}
|
|
1065
1127
|
const created = await OrgUser.create({
|
|
1066
1128
|
email: email2,
|
|
1067
1129
|
firstName,
|
|
1068
1130
|
lastName,
|
|
1069
1131
|
emailVerified,
|
|
1070
1132
|
roles: ["platform_user"],
|
|
1071
|
-
projectId:
|
|
1133
|
+
projectId: finalProjectId,
|
|
1072
1134
|
metadata: []
|
|
1073
1135
|
// you can also store googleId: decoded.sub
|
|
1074
1136
|
});
|
|
@@ -1076,8 +1138,14 @@ function createAuthRouter(options = {}) {
|
|
|
1076
1138
|
}
|
|
1077
1139
|
const tokens = generateTokens(user);
|
|
1078
1140
|
setAuthCookies(res, tokens, cookieConfig);
|
|
1079
|
-
|
|
1080
|
-
|
|
1141
|
+
if (user.projectId) {
|
|
1142
|
+
res.cookie(options.projectCookieName || "projectId", user.projectId, {
|
|
1143
|
+
...baseProjectCookieOptionsFrom(cookieConfig),
|
|
1144
|
+
httpOnly: true
|
|
1145
|
+
});
|
|
1146
|
+
}
|
|
1147
|
+
const finalRedirect = redirectTo || googleDefaultRedirect;
|
|
1148
|
+
res.redirect(finalRedirect);
|
|
1081
1149
|
} catch (err) {
|
|
1082
1150
|
console.error("Google callback error", err);
|
|
1083
1151
|
const redirectError = googleDefaultRedirect.includes("?") ? `${googleDefaultRedirect}&error=google_login_failed` : `${googleDefaultRedirect}?error=google_login_failed`;
|
|
@@ -1249,6 +1317,7 @@ async function sendRateLimitedEmail({
|
|
|
1249
1317
|
if (!can.ok) {
|
|
1250
1318
|
return { rateLimited: true, waitMs: can.waitMs };
|
|
1251
1319
|
}
|
|
1320
|
+
console.log(can, "can");
|
|
1252
1321
|
await emailService.send(user.email, subject, html);
|
|
1253
1322
|
user.lastEmailSent = [...user.lastEmailSent || [], /* @__PURE__ */ new Date()];
|
|
1254
1323
|
await user.save();
|