aaspai-authx 0.1.2 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/express/index.cjs +82 -13
- package/dist/express/index.cjs.map +1 -1
- package/dist/express/index.js +82 -13
- package/dist/express/index.js.map +1 -1
- package/dist/index.cjs +82 -13
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +2 -1
- package/dist/index.d.ts +2 -1
- package/dist/index.js +82 -13
- package/dist/index.js.map +1 -1
- package/dist/nest/index.cjs +82 -13
- package/dist/nest/index.cjs.map +1 -1
- package/dist/nest/index.js +82 -13
- package/dist/nest/index.js.map +1 -1
- package/package.json +2 -2
package/dist/nest/index.cjs
CHANGED
|
@@ -596,24 +596,61 @@ var EmailService = class {
|
|
|
596
596
|
host: process.env.EMAIL_HOST || "smtp.postmarkapp.com",
|
|
597
597
|
port: process.env.EMAIL_PORT ? Number(process.env.EMAIL_PORT) : 587,
|
|
598
598
|
secure: (process.env.EMAIL_SECURE || "false") === "true",
|
|
599
|
-
auth: {
|
|
599
|
+
auth: {
|
|
600
|
+
user: process.env.EMAIL_USER,
|
|
601
|
+
pass: process.env.EMAIL_PASSWORD
|
|
602
|
+
}
|
|
600
603
|
});
|
|
601
604
|
}
|
|
602
605
|
sign(payload, ttlSec = 60 * 60 * 24) {
|
|
603
|
-
return import_jsonwebtoken3.default.sign(payload, process.env.EMAIL_JWT_SECRET, {
|
|
606
|
+
return import_jsonwebtoken3.default.sign(payload, process.env.EMAIL_JWT_SECRET, {
|
|
607
|
+
expiresIn: ttlSec
|
|
608
|
+
});
|
|
604
609
|
}
|
|
605
610
|
verify(token) {
|
|
606
611
|
return import_jsonwebtoken3.default.verify(token, process.env.EMAIL_JWT_SECRET);
|
|
607
612
|
}
|
|
608
613
|
async send(to, subject, html) {
|
|
609
|
-
|
|
610
|
-
|
|
611
|
-
|
|
612
|
-
|
|
613
|
-
|
|
614
|
-
|
|
614
|
+
console.log("[EmailService] Attempting to send:", { to, subject });
|
|
615
|
+
try {
|
|
616
|
+
const info = await this.transporter.sendMail({
|
|
617
|
+
from: process.env.EMAIL_FROM,
|
|
618
|
+
to,
|
|
619
|
+
subject,
|
|
620
|
+
html
|
|
621
|
+
});
|
|
622
|
+
console.log("[EmailService] \u2705 Email sent successfully:", {
|
|
623
|
+
messageId: info.messageId,
|
|
624
|
+
response: info.response,
|
|
625
|
+
accepted: info.accepted,
|
|
626
|
+
rejected: info.rejected
|
|
627
|
+
});
|
|
628
|
+
return info;
|
|
629
|
+
} catch (error) {
|
|
630
|
+
console.error("[EmailService] \u274C Failed to send email:", {
|
|
631
|
+
message: error.message,
|
|
632
|
+
code: error.code,
|
|
633
|
+
command: error.command,
|
|
634
|
+
responseCode: error.responseCode,
|
|
635
|
+
response: error.response,
|
|
636
|
+
stack: error.stack
|
|
637
|
+
});
|
|
638
|
+
throw error;
|
|
639
|
+
}
|
|
615
640
|
}
|
|
616
641
|
canSend(lastEmailSent) {
|
|
642
|
+
console.log(
|
|
643
|
+
process.env.EMAIL_PASSWORD,
|
|
644
|
+
"pssword",
|
|
645
|
+
process.env.EMAIL_USER,
|
|
646
|
+
"user",
|
|
647
|
+
process.env.EMAIL_SECURE,
|
|
648
|
+
"secure",
|
|
649
|
+
process.env.EMAIL_PORT,
|
|
650
|
+
"porat",
|
|
651
|
+
process.env.EMAIL_HOST,
|
|
652
|
+
"hosat"
|
|
653
|
+
);
|
|
617
654
|
const now = Date.now();
|
|
618
655
|
const windowStart = now - this.WINDOW_MINUTES * 60 * 1e3;
|
|
619
656
|
const emailsInWindow = (lastEmailSent || []).map((d) => new Date(d)).filter((d) => d.getTime() >= windowStart);
|
|
@@ -1005,7 +1042,11 @@ function createAuthRouter(options = {}) {
|
|
|
1005
1042
|
if (!isGoogleEnabled) {
|
|
1006
1043
|
return res.status(500).json({ error: "Google login not configured" });
|
|
1007
1044
|
}
|
|
1008
|
-
const
|
|
1045
|
+
const stateData = {
|
|
1046
|
+
redirectTo: req.query.redirectTo || "",
|
|
1047
|
+
projectId: req.query.projectId || process.env.DEFAULT_PROJECT_ID || ""
|
|
1048
|
+
};
|
|
1049
|
+
const state = encodeURIComponent(JSON.stringify(stateData));
|
|
1009
1050
|
const params = new URLSearchParams({
|
|
1010
1051
|
client_id: googleClientId,
|
|
1011
1052
|
redirect_uri: googleRedirectUri,
|
|
@@ -1016,6 +1057,7 @@ function createAuthRouter(options = {}) {
|
|
|
1016
1057
|
state
|
|
1017
1058
|
});
|
|
1018
1059
|
const url = `https://accounts.google.com/o/oauth2/v2/auth?${params.toString()}`;
|
|
1060
|
+
console.log(url, "url");
|
|
1019
1061
|
res.redirect(url);
|
|
1020
1062
|
});
|
|
1021
1063
|
r.get("/google/callback", async (req, res) => {
|
|
@@ -1023,7 +1065,21 @@ function createAuthRouter(options = {}) {
|
|
|
1023
1065
|
return res.status(500).json({ error: "Google login not configured" });
|
|
1024
1066
|
}
|
|
1025
1067
|
const code = String(req.query.code || "");
|
|
1026
|
-
|
|
1068
|
+
let stateData = { redirectTo: "", projectId: "" };
|
|
1069
|
+
try {
|
|
1070
|
+
if (req.query.state) {
|
|
1071
|
+
stateData = JSON.parse(decodeURIComponent(String(req.query.state)));
|
|
1072
|
+
}
|
|
1073
|
+
} catch (err) {
|
|
1074
|
+
console.error("Failed to parse state:", err);
|
|
1075
|
+
}
|
|
1076
|
+
const { redirectTo, projectId } = stateData;
|
|
1077
|
+
console.log(
|
|
1078
|
+
"Parsed state - redirectTo:",
|
|
1079
|
+
redirectTo,
|
|
1080
|
+
"projectId:",
|
|
1081
|
+
projectId
|
|
1082
|
+
);
|
|
1027
1083
|
if (!code) {
|
|
1028
1084
|
return res.status(400).json({ ok: false, error: "Missing authorization code" });
|
|
1029
1085
|
}
|
|
@@ -1058,13 +1114,19 @@ function createAuthRouter(options = {}) {
|
|
|
1058
1114
|
const lastName = decoded.family_name || "";
|
|
1059
1115
|
let user = await OrgUser.findOne({ email: email2 }).lean();
|
|
1060
1116
|
if (!user) {
|
|
1117
|
+
const finalProjectId = projectId || process.env.DEFAULT_PROJECT_ID;
|
|
1118
|
+
if (!finalProjectId) {
|
|
1119
|
+
console.error("No projectId available for new user");
|
|
1120
|
+
const errorRedirect = (redirectTo || googleDefaultRedirect) + (redirectTo?.includes("?") ? "&" : "?") + "error=missing_project_id";
|
|
1121
|
+
return res.redirect(errorRedirect);
|
|
1122
|
+
}
|
|
1061
1123
|
const created = await OrgUser.create({
|
|
1062
1124
|
email: email2,
|
|
1063
1125
|
firstName,
|
|
1064
1126
|
lastName,
|
|
1065
1127
|
emailVerified,
|
|
1066
1128
|
roles: ["platform_user"],
|
|
1067
|
-
projectId:
|
|
1129
|
+
projectId: finalProjectId,
|
|
1068
1130
|
metadata: []
|
|
1069
1131
|
// you can also store googleId: decoded.sub
|
|
1070
1132
|
});
|
|
@@ -1072,8 +1134,14 @@ function createAuthRouter(options = {}) {
|
|
|
1072
1134
|
}
|
|
1073
1135
|
const tokens = generateTokens(user);
|
|
1074
1136
|
setAuthCookies(res, tokens, cookieConfig);
|
|
1075
|
-
|
|
1076
|
-
|
|
1137
|
+
if (user.projectId) {
|
|
1138
|
+
res.cookie(options.projectCookieName || "projectId", user.projectId, {
|
|
1139
|
+
...baseProjectCookieOptionsFrom(cookieConfig),
|
|
1140
|
+
httpOnly: true
|
|
1141
|
+
});
|
|
1142
|
+
}
|
|
1143
|
+
const finalRedirect = redirectTo || googleDefaultRedirect;
|
|
1144
|
+
res.redirect(finalRedirect);
|
|
1077
1145
|
} catch (err) {
|
|
1078
1146
|
console.error("Google callback error", err);
|
|
1079
1147
|
const redirectError = googleDefaultRedirect.includes("?") ? `${googleDefaultRedirect}&error=google_login_failed` : `${googleDefaultRedirect}?error=google_login_failed`;
|
|
@@ -1245,6 +1313,7 @@ async function sendRateLimitedEmail({
|
|
|
1245
1313
|
if (!can.ok) {
|
|
1246
1314
|
return { rateLimited: true, waitMs: can.waitMs };
|
|
1247
1315
|
}
|
|
1316
|
+
console.log(can, "can");
|
|
1248
1317
|
await emailService.send(user.email, subject, html);
|
|
1249
1318
|
user.lastEmailSent = [...user.lastEmailSent || [], /* @__PURE__ */ new Date()];
|
|
1250
1319
|
await user.save();
|