aaspai-authx 0.1.2 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/express/index.cjs +82 -13
- package/dist/express/index.cjs.map +1 -1
- package/dist/express/index.js +82 -13
- package/dist/express/index.js.map +1 -1
- package/dist/index.cjs +82 -13
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +2 -1
- package/dist/index.d.ts +2 -1
- package/dist/index.js +82 -13
- package/dist/index.js.map +1 -1
- package/dist/nest/index.cjs +82 -13
- package/dist/nest/index.cjs.map +1 -1
- package/dist/nest/index.js +82 -13
- package/dist/nest/index.js.map +1 -1
- package/package.json +2 -2
package/dist/index.cjs
CHANGED
|
@@ -680,24 +680,61 @@ var EmailService = class {
|
|
|
680
680
|
host: process.env.EMAIL_HOST || "smtp.postmarkapp.com",
|
|
681
681
|
port: process.env.EMAIL_PORT ? Number(process.env.EMAIL_PORT) : 587,
|
|
682
682
|
secure: (process.env.EMAIL_SECURE || "false") === "true",
|
|
683
|
-
auth: {
|
|
683
|
+
auth: {
|
|
684
|
+
user: process.env.EMAIL_USER,
|
|
685
|
+
pass: process.env.EMAIL_PASSWORD
|
|
686
|
+
}
|
|
684
687
|
});
|
|
685
688
|
}
|
|
686
689
|
sign(payload, ttlSec = 60 * 60 * 24) {
|
|
687
|
-
return import_jsonwebtoken3.default.sign(payload, process.env.EMAIL_JWT_SECRET, {
|
|
690
|
+
return import_jsonwebtoken3.default.sign(payload, process.env.EMAIL_JWT_SECRET, {
|
|
691
|
+
expiresIn: ttlSec
|
|
692
|
+
});
|
|
688
693
|
}
|
|
689
694
|
verify(token) {
|
|
690
695
|
return import_jsonwebtoken3.default.verify(token, process.env.EMAIL_JWT_SECRET);
|
|
691
696
|
}
|
|
692
697
|
async send(to, subject, html) {
|
|
693
|
-
|
|
694
|
-
|
|
695
|
-
|
|
696
|
-
|
|
697
|
-
|
|
698
|
-
|
|
698
|
+
console.log("[EmailService] Attempting to send:", { to, subject });
|
|
699
|
+
try {
|
|
700
|
+
const info = await this.transporter.sendMail({
|
|
701
|
+
from: process.env.EMAIL_FROM,
|
|
702
|
+
to,
|
|
703
|
+
subject,
|
|
704
|
+
html
|
|
705
|
+
});
|
|
706
|
+
console.log("[EmailService] \u2705 Email sent successfully:", {
|
|
707
|
+
messageId: info.messageId,
|
|
708
|
+
response: info.response,
|
|
709
|
+
accepted: info.accepted,
|
|
710
|
+
rejected: info.rejected
|
|
711
|
+
});
|
|
712
|
+
return info;
|
|
713
|
+
} catch (error) {
|
|
714
|
+
console.error("[EmailService] \u274C Failed to send email:", {
|
|
715
|
+
message: error.message,
|
|
716
|
+
code: error.code,
|
|
717
|
+
command: error.command,
|
|
718
|
+
responseCode: error.responseCode,
|
|
719
|
+
response: error.response,
|
|
720
|
+
stack: error.stack
|
|
721
|
+
});
|
|
722
|
+
throw error;
|
|
723
|
+
}
|
|
699
724
|
}
|
|
700
725
|
canSend(lastEmailSent) {
|
|
726
|
+
console.log(
|
|
727
|
+
process.env.EMAIL_PASSWORD,
|
|
728
|
+
"pssword",
|
|
729
|
+
process.env.EMAIL_USER,
|
|
730
|
+
"user",
|
|
731
|
+
process.env.EMAIL_SECURE,
|
|
732
|
+
"secure",
|
|
733
|
+
process.env.EMAIL_PORT,
|
|
734
|
+
"porat",
|
|
735
|
+
process.env.EMAIL_HOST,
|
|
736
|
+
"hosat"
|
|
737
|
+
);
|
|
701
738
|
const now = Date.now();
|
|
702
739
|
const windowStart = now - this.WINDOW_MINUTES * 60 * 1e3;
|
|
703
740
|
const emailsInWindow = (lastEmailSent || []).map((d) => new Date(d)).filter((d) => d.getTime() >= windowStart);
|
|
@@ -1089,7 +1126,11 @@ function createAuthRouter(options = {}) {
|
|
|
1089
1126
|
if (!isGoogleEnabled) {
|
|
1090
1127
|
return res.status(500).json({ error: "Google login not configured" });
|
|
1091
1128
|
}
|
|
1092
|
-
const
|
|
1129
|
+
const stateData = {
|
|
1130
|
+
redirectTo: req.query.redirectTo || "",
|
|
1131
|
+
projectId: req.query.projectId || process.env.DEFAULT_PROJECT_ID || ""
|
|
1132
|
+
};
|
|
1133
|
+
const state = encodeURIComponent(JSON.stringify(stateData));
|
|
1093
1134
|
const params = new URLSearchParams({
|
|
1094
1135
|
client_id: googleClientId,
|
|
1095
1136
|
redirect_uri: googleRedirectUri,
|
|
@@ -1100,6 +1141,7 @@ function createAuthRouter(options = {}) {
|
|
|
1100
1141
|
state
|
|
1101
1142
|
});
|
|
1102
1143
|
const url = `https://accounts.google.com/o/oauth2/v2/auth?${params.toString()}`;
|
|
1144
|
+
console.log(url, "url");
|
|
1103
1145
|
res.redirect(url);
|
|
1104
1146
|
});
|
|
1105
1147
|
r.get("/google/callback", async (req, res) => {
|
|
@@ -1107,7 +1149,21 @@ function createAuthRouter(options = {}) {
|
|
|
1107
1149
|
return res.status(500).json({ error: "Google login not configured" });
|
|
1108
1150
|
}
|
|
1109
1151
|
const code = String(req.query.code || "");
|
|
1110
|
-
|
|
1152
|
+
let stateData = { redirectTo: "", projectId: "" };
|
|
1153
|
+
try {
|
|
1154
|
+
if (req.query.state) {
|
|
1155
|
+
stateData = JSON.parse(decodeURIComponent(String(req.query.state)));
|
|
1156
|
+
}
|
|
1157
|
+
} catch (err) {
|
|
1158
|
+
console.error("Failed to parse state:", err);
|
|
1159
|
+
}
|
|
1160
|
+
const { redirectTo, projectId } = stateData;
|
|
1161
|
+
console.log(
|
|
1162
|
+
"Parsed state - redirectTo:",
|
|
1163
|
+
redirectTo,
|
|
1164
|
+
"projectId:",
|
|
1165
|
+
projectId
|
|
1166
|
+
);
|
|
1111
1167
|
if (!code) {
|
|
1112
1168
|
return res.status(400).json({ ok: false, error: "Missing authorization code" });
|
|
1113
1169
|
}
|
|
@@ -1142,13 +1198,19 @@ function createAuthRouter(options = {}) {
|
|
|
1142
1198
|
const lastName = decoded.family_name || "";
|
|
1143
1199
|
let user = await OrgUser.findOne({ email: email2 }).lean();
|
|
1144
1200
|
if (!user) {
|
|
1201
|
+
const finalProjectId = projectId || process.env.DEFAULT_PROJECT_ID;
|
|
1202
|
+
if (!finalProjectId) {
|
|
1203
|
+
console.error("No projectId available for new user");
|
|
1204
|
+
const errorRedirect = (redirectTo || googleDefaultRedirect) + (redirectTo?.includes("?") ? "&" : "?") + "error=missing_project_id";
|
|
1205
|
+
return res.redirect(errorRedirect);
|
|
1206
|
+
}
|
|
1145
1207
|
const created = await OrgUser.create({
|
|
1146
1208
|
email: email2,
|
|
1147
1209
|
firstName,
|
|
1148
1210
|
lastName,
|
|
1149
1211
|
emailVerified,
|
|
1150
1212
|
roles: ["platform_user"],
|
|
1151
|
-
projectId:
|
|
1213
|
+
projectId: finalProjectId,
|
|
1152
1214
|
metadata: []
|
|
1153
1215
|
// you can also store googleId: decoded.sub
|
|
1154
1216
|
});
|
|
@@ -1156,8 +1218,14 @@ function createAuthRouter(options = {}) {
|
|
|
1156
1218
|
}
|
|
1157
1219
|
const tokens = generateTokens(user);
|
|
1158
1220
|
setAuthCookies(res, tokens, cookieConfig);
|
|
1159
|
-
|
|
1160
|
-
|
|
1221
|
+
if (user.projectId) {
|
|
1222
|
+
res.cookie(options.projectCookieName || "projectId", user.projectId, {
|
|
1223
|
+
...baseProjectCookieOptionsFrom(cookieConfig),
|
|
1224
|
+
httpOnly: true
|
|
1225
|
+
});
|
|
1226
|
+
}
|
|
1227
|
+
const finalRedirect = redirectTo || googleDefaultRedirect;
|
|
1228
|
+
res.redirect(finalRedirect);
|
|
1161
1229
|
} catch (err) {
|
|
1162
1230
|
console.error("Google callback error", err);
|
|
1163
1231
|
const redirectError = googleDefaultRedirect.includes("?") ? `${googleDefaultRedirect}&error=google_login_failed` : `${googleDefaultRedirect}?error=google_login_failed`;
|
|
@@ -1329,6 +1397,7 @@ async function sendRateLimitedEmail({
|
|
|
1329
1397
|
if (!can.ok) {
|
|
1330
1398
|
return { rateLimited: true, waitMs: can.waitMs };
|
|
1331
1399
|
}
|
|
1400
|
+
console.log(can, "can");
|
|
1332
1401
|
await emailService.send(user.email, subject, html);
|
|
1333
1402
|
user.lastEmailSent = [...user.lastEmailSent || [], /* @__PURE__ */ new Date()];
|
|
1334
1403
|
await user.save();
|