aaspai-authx 0.1.5 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/dist/express/index.cjs +70 -15
  2. package/dist/express/index.cjs.map +1 -1
  3. package/dist/express/index.js +73 -18
  4. package/dist/express/index.js.map +1 -1
  5. package/dist/index.cjs +70 -15
  6. package/dist/index.cjs.map +1 -1
  7. package/dist/index.d.cts +1 -1
  8. package/dist/index.d.ts +1 -1
  9. package/dist/index.js +73 -18
  10. package/dist/index.js.map +1 -1
  11. package/dist/nest/index.cjs +70 -15
  12. package/dist/nest/index.cjs.map +1 -1
  13. package/dist/nest/index.js +73 -18
  14. package/dist/nest/index.js.map +1 -1
  15. package/package.json +1 -1
package/dist/express/index.cjs CHANGED
@@ -61,8 +61,8 @@ function loadConfig() {
61
61
  cookies: {
62
62
  domain: process.env.COOKIE_DOMAIN,
63
63
  secure: (process.env.COOKIE_SECURE || "true") === "true",
64
- accessTtlMs: 24 * 60 * 60 * 1e3,
65
- refreshTtlMs: 7 * 24 * 60 * 60 * 1e3
64
+ accessTtlMs: 7 * 24 * 60 * 60 * 1e3,
65
+ refreshTtlMs: 30 * 24 * 60 * 60 * 1e3
66
66
  },
67
67
  oidc: {
68
68
  jwtSecret: process.env.JWT_SECRET
@@ -577,11 +577,11 @@ var AuthAdminService = class {
577
577
  system: true
578
578
  };
579
579
  const accessToken = import_jsonwebtoken2.default.sign(payload, process.env.JWT_SECRET, {
580
- expiresIn: "1h"
580
+ expiresIn: "1d"
581
581
  });
582
582
  this.token = {
583
583
  accessToken,
584
- exp: now + 3600
584
+ exp: now + 84800
585
585
  };
586
586
  return this.token.accessToken;
587
587
  }
@@ -606,7 +606,7 @@ var EmailService = class {
606
606
  }
607
607
  });
608
608
  }
609
- sign(payload, ttlSec = 60 * 60 * 24) {
609
+ sign(payload, ttlSec = 60 * 60 * 24 * 30) {
610
610
  return import_jsonwebtoken3.default.sign(payload, process.env.EMAIL_JWT_SECRET, {
611
611
  expiresIn: ttlSec
612
612
  });
@@ -614,10 +614,10 @@ var EmailService = class {
614
614
  verify(token) {
615
615
  return import_jsonwebtoken3.default.verify(token, process.env.EMAIL_JWT_SECRET);
616
616
  }
617
- async send(to, subject, html) {
617
+ async send(to, subject, html, from) {
618
618
  try {
619
619
  const info = await this.transporter.sendMail({
620
- from: process.env.EMAIL_FROM,
620
+ from: from ? `${from} ` + process.env.EMAIL_FROM : process.env.EMAIL_FROM,
621
621
  to,
622
622
  subject,
623
623
  html
@@ -1056,7 +1056,7 @@ function createAuthRouter(options = {}) {
1056
1056
  // default: secure in prod
1057
1057
  domain: options.cookie?.domain ?? void 0,
1058
1058
  path: options.cookie?.path ?? "/",
1059
- maxAgeMs: options.cookie?.maxAgeMs ?? 24 * 60 * 60 * 1e3
1059
+ maxAgeMs: options.cookie?.maxAgeMs ?? 30 * 24 * 60 * 60 * 1e3
1060
1060
  };
1061
1061
  r.use(import_express.default.json());
1062
1062
  r.use(import_express.default.urlencoded({ extended: true }));
@@ -1113,6 +1113,7 @@ function createAuthRouter(options = {}) {
1113
1113
  projectId,
1114
1114
  metadata
1115
1115
  } = req.body || {};
1116
+ const COMPANY_NAME = process.env.COMPANY_NAME;
1116
1117
  try {
1117
1118
  const kcUser = await authAdmin.createUserInRealm({
1118
1119
  username: emailAddress,
@@ -1154,7 +1155,8 @@ function createAuthRouter(options = {}) {
1154
1155
  }
1155
1156
  )}`,
1156
1157
  expiresIn: "1 hour"
1157
- })
1158
+ }),
1159
+ from: COMPANY_NAME
1158
1160
  });
1159
1161
  if (emailResult.rateLimited) {
1160
1162
  return res.status(429).json({
@@ -1219,6 +1221,7 @@ function createAuthRouter(options = {}) {
1219
1221
  "/resend-verification-email",
1220
1222
  validateResendEmail,
1221
1223
  async (req, res) => {
1224
+ const COMPANY_NAME = process.env.COMPANY_NAME;
1222
1225
  const user = await OrgUser.findOne({ email: req.body.email });
1223
1226
  if (!user)
1224
1227
  return res.status(404).json({ ok: false, error: "User not found" });
@@ -1244,7 +1247,8 @@ function createAuthRouter(options = {}) {
1244
1247
  }
1245
1248
  )}`,
1246
1249
  expiresIn: "1 hour"
1247
- })
1250
+ }),
1251
+ from: COMPANY_NAME
1248
1252
  });
1249
1253
  if (resendResult.rateLimited) {
1250
1254
  return res.status(429).json({
@@ -1257,6 +1261,7 @@ function createAuthRouter(options = {}) {
1257
1261
  }
1258
1262
  );
1259
1263
  r.post("/forgot-password", validateResendEmail, async (req, res) => {
1264
+ const COMPANY_NAME = process.env.COMPANY_NAME;
1260
1265
  const user = await OrgUser.findOne({ email: req.body.email });
1261
1266
  if (!user)
1262
1267
  return res.status(404).json({ ok: false, error: "User not found" });
@@ -1283,7 +1288,8 @@ function createAuthRouter(options = {}) {
1283
1288
  }
1284
1289
  )}`,
1285
1290
  expiresIn: "1 hour"
1286
- })
1291
+ }),
1292
+ from: COMPANY_NAME
1287
1293
  });
1288
1294
  if (resetResult.rateLimited) {
1289
1295
  return res.status(429).json({
@@ -1707,13 +1713,14 @@ async function sendRateLimitedEmail({
1707
1713
  emailService,
1708
1714
  user,
1709
1715
  subject,
1710
- html
1716
+ html,
1717
+ from
1711
1718
  }) {
1712
1719
  const can = emailService.canSend(user?.lastEmailSent || []);
1713
1720
  if (!can.ok) {
1714
1721
  return { rateLimited: true, waitMs: can.waitMs };
1715
1722
  }
1716
- await emailService.send(user.email, subject, html);
1723
+ await emailService.send(user.email, subject, html, from);
1717
1724
  user.lastEmailSent = [...user.lastEmailSent || [], /* @__PURE__ */ new Date()];
1718
1725
  await user.save();
1719
1726
  return { rateLimited: false };
@@ -1734,7 +1741,7 @@ function generateTokens(user) {
1734
1741
  type: "user"
1735
1742
  };
1736
1743
  const accessToken = import_jsonwebtoken4.default.sign(accessPayload, process.env.JWT_SECRET, {
1737
- expiresIn: "1h"
1744
+ expiresIn: "1d"
1738
1745
  });
1739
1746
  const refreshToken = import_jsonwebtoken4.default.sign(
1740
1747
  { sub: user._id.toString() },
@@ -1770,13 +1777,61 @@ function createDashboardRouter(options) {
1770
1777
  }
1771
1778
 
1772
1779
  // src/express/email.routes.ts
1773
- var import_express3 = require("express");
1780
+ var import_express3 = __toESM(require("express"), 1);
1774
1781
  function createEmailRouter(options) {
1775
1782
  const r = (0, import_express3.Router)();
1783
+ const emailService = new EmailService();
1784
+ r.use(import_express3.default.json());
1785
+ r.use(import_express3.default.urlencoded({ extended: true }));
1776
1786
  r.get(
1777
1787
  "/verify",
1778
1788
  (req, res) => res.json({ ok: true, token: req.query.token })
1779
1789
  );
1790
+ r.post("/send", async (req, res) => {
1791
+ try {
1792
+ const { userId, to, subject, html, from } = req.body ?? {};
1793
+ if (!to || !subject || !html) {
1794
+ return res.status(400).json({
1795
+ ok: false,
1796
+ error: "BAD_REQUEST",
1797
+ message: "`to`, `subject`, and `html` are required."
1798
+ });
1799
+ }
1800
+ if (userId) {
1801
+ const user = await OrgUser.findOne({ id: userId }).lean();
1802
+ if (!user) {
1803
+ return res.status(404).json({
1804
+ ok: false,
1805
+ error: "NOT_FOUND",
1806
+ message: "User not found."
1807
+ });
1808
+ }
1809
+ const can = emailService.canSend(user?.lastEmailSent || []);
1810
+ if (!can.ok) {
1811
+ return res.status(429).json({
1812
+ ok: false,
1813
+ error: can.reason,
1814
+ waitMs: can.waitMs,
1815
+ message: "Too many emails sent recently. Please retry later."
1816
+ });
1817
+ }
1818
+ }
1819
+ await emailService.send(to, subject, html, from);
1820
+ if (userId) {
1821
+ await OrgUser.updateOne(
1822
+ { id: userId },
1823
+ { $push: { lastEmailSent: /* @__PURE__ */ new Date() } }
1824
+ );
1825
+ }
1826
+ return res.json({ ok: true });
1827
+ } catch (err) {
1828
+ return res.status(500).json({
1829
+ ok: false,
1830
+ error: "INTERNAL",
1831
+ message: err?.message ?? "Error"
1832
+ });
1833
+ }
1834
+ });
1780
1835
  return r;
1781
1836
  }
1782
1837