aaspai-authx 0.1.5 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/dist/express/index.cjs +70 -15
  2. package/dist/express/index.cjs.map +1 -1
  3. package/dist/express/index.js +73 -18
  4. package/dist/express/index.js.map +1 -1
  5. package/dist/index.cjs +70 -15
  6. package/dist/index.cjs.map +1 -1
  7. package/dist/index.d.cts +1 -1
  8. package/dist/index.d.ts +1 -1
  9. package/dist/index.js +73 -18
  10. package/dist/index.js.map +1 -1
  11. package/dist/nest/index.cjs +70 -15
  12. package/dist/nest/index.cjs.map +1 -1
  13. package/dist/nest/index.js +73 -18
  14. package/dist/nest/index.js.map +1 -1
  15. package/package.json +1 -1
package/dist/index.cjs CHANGED
@@ -100,8 +100,8 @@ function loadConfig() {
100
100
  cookies: {
101
101
  domain: process.env.COOKIE_DOMAIN,
102
102
  secure: (process.env.COOKIE_SECURE || "true") === "true",
103
- accessTtlMs: 24 * 60 * 60 * 1e3,
104
- refreshTtlMs: 7 * 24 * 60 * 60 * 1e3
103
+ accessTtlMs: 7 * 24 * 60 * 60 * 1e3,
104
+ refreshTtlMs: 30 * 24 * 60 * 60 * 1e3
105
105
  },
106
106
  oidc: {
107
107
  jwtSecret: process.env.JWT_SECRET
@@ -657,11 +657,11 @@ var AuthAdminService = class {
657
657
  system: true
658
658
  };
659
659
  const accessToken = import_jsonwebtoken2.default.sign(payload, process.env.JWT_SECRET, {
660
- expiresIn: "1h"
660
+ expiresIn: "1d"
661
661
  });
662
662
  this.token = {
663
663
  accessToken,
664
- exp: now + 3600
664
+ exp: now + 84800
665
665
  };
666
666
  return this.token.accessToken;
667
667
  }
@@ -686,7 +686,7 @@ var EmailService = class {
686
686
  }
687
687
  });
688
688
  }
689
- sign(payload, ttlSec = 60 * 60 * 24) {
689
+ sign(payload, ttlSec = 60 * 60 * 24 * 30) {
690
690
  return import_jsonwebtoken3.default.sign(payload, process.env.EMAIL_JWT_SECRET, {
691
691
  expiresIn: ttlSec
692
692
  });
@@ -694,10 +694,10 @@ var EmailService = class {
694
694
  verify(token) {
695
695
  return import_jsonwebtoken3.default.verify(token, process.env.EMAIL_JWT_SECRET);
696
696
  }
697
- async send(to, subject, html) {
697
+ async send(to, subject, html, from) {
698
698
  try {
699
699
  const info = await this.transporter.sendMail({
700
- from: process.env.EMAIL_FROM,
700
+ from: from ? `${from} ` + process.env.EMAIL_FROM : process.env.EMAIL_FROM,
701
701
  to,
702
702
  subject,
703
703
  html
@@ -1136,7 +1136,7 @@ function createAuthRouter(options = {}) {
1136
1136
  // default: secure in prod
1137
1137
  domain: options.cookie?.domain ?? void 0,
1138
1138
  path: options.cookie?.path ?? "/",
1139
- maxAgeMs: options.cookie?.maxAgeMs ?? 24 * 60 * 60 * 1e3
1139
+ maxAgeMs: options.cookie?.maxAgeMs ?? 30 * 24 * 60 * 60 * 1e3
1140
1140
  };
1141
1141
  r.use(import_express.default.json());
1142
1142
  r.use(import_express.default.urlencoded({ extended: true }));
@@ -1193,6 +1193,7 @@ function createAuthRouter(options = {}) {
1193
1193
  projectId,
1194
1194
  metadata
1195
1195
  } = req.body || {};
1196
+ const COMPANY_NAME = process.env.COMPANY_NAME;
1196
1197
  try {
1197
1198
  const kcUser = await authAdmin.createUserInRealm({
1198
1199
  username: emailAddress,
@@ -1234,7 +1235,8 @@ function createAuthRouter(options = {}) {
1234
1235
  }
1235
1236
  )}`,
1236
1237
  expiresIn: "1 hour"
1237
- })
1238
+ }),
1239
+ from: COMPANY_NAME
1238
1240
  });
1239
1241
  if (emailResult.rateLimited) {
1240
1242
  return res.status(429).json({
@@ -1299,6 +1301,7 @@ function createAuthRouter(options = {}) {
1299
1301
  "/resend-verification-email",
1300
1302
  validateResendEmail,
1301
1303
  async (req, res) => {
1304
+ const COMPANY_NAME = process.env.COMPANY_NAME;
1302
1305
  const user = await OrgUser.findOne({ email: req.body.email });
1303
1306
  if (!user)
1304
1307
  return res.status(404).json({ ok: false, error: "User not found" });
@@ -1324,7 +1327,8 @@ function createAuthRouter(options = {}) {
1324
1327
  }
1325
1328
  )}`,
1326
1329
  expiresIn: "1 hour"
1327
- })
1330
+ }),
1331
+ from: COMPANY_NAME
1328
1332
  });
1329
1333
  if (resendResult.rateLimited) {
1330
1334
  return res.status(429).json({
@@ -1337,6 +1341,7 @@ function createAuthRouter(options = {}) {
1337
1341
  }
1338
1342
  );
1339
1343
  r.post("/forgot-password", validateResendEmail, async (req, res) => {
1344
+ const COMPANY_NAME = process.env.COMPANY_NAME;
1340
1345
  const user = await OrgUser.findOne({ email: req.body.email });
1341
1346
  if (!user)
1342
1347
  return res.status(404).json({ ok: false, error: "User not found" });
@@ -1363,7 +1368,8 @@ function createAuthRouter(options = {}) {
1363
1368
  }
1364
1369
  )}`,
1365
1370
  expiresIn: "1 hour"
1366
- })
1371
+ }),
1372
+ from: COMPANY_NAME
1367
1373
  });
1368
1374
  if (resetResult.rateLimited) {
1369
1375
  return res.status(429).json({
@@ -1787,13 +1793,14 @@ async function sendRateLimitedEmail({
1787
1793
  emailService,
1788
1794
  user,
1789
1795
  subject,
1790
- html
1796
+ html,
1797
+ from
1791
1798
  }) {
1792
1799
  const can = emailService.canSend(user?.lastEmailSent || []);
1793
1800
  if (!can.ok) {
1794
1801
  return { rateLimited: true, waitMs: can.waitMs };
1795
1802
  }
1796
- await emailService.send(user.email, subject, html);
1803
+ await emailService.send(user.email, subject, html, from);
1797
1804
  user.lastEmailSent = [...user.lastEmailSent || [], /* @__PURE__ */ new Date()];
1798
1805
  await user.save();
1799
1806
  return { rateLimited: false };
@@ -1814,7 +1821,7 @@ function generateTokens(user) {
1814
1821
  type: "user"
1815
1822
  };
1816
1823
  const accessToken = import_jsonwebtoken4.default.sign(accessPayload, process.env.JWT_SECRET, {
1817
- expiresIn: "1h"
1824
+ expiresIn: "1d"
1818
1825
  });
1819
1826
  const refreshToken = import_jsonwebtoken4.default.sign(
1820
1827
  { sub: user._id.toString() },
@@ -1850,13 +1857,61 @@ function createDashboardRouter(options) {
1850
1857
  }
1851
1858
 
1852
1859
  // src/express/email.routes.ts
1853
- var import_express3 = require("express");
1860
+ var import_express3 = __toESM(require("express"), 1);
1854
1861
  function createEmailRouter(options) {
1855
1862
  const r = (0, import_express3.Router)();
1863
+ const emailService = new EmailService();
1864
+ r.use(import_express3.default.json());
1865
+ r.use(import_express3.default.urlencoded({ extended: true }));
1856
1866
  r.get(
1857
1867
  "/verify",
1858
1868
  (req, res) => res.json({ ok: true, token: req.query.token })
1859
1869
  );
1870
+ r.post("/send", async (req, res) => {
1871
+ try {
1872
+ const { userId, to, subject, html, from } = req.body ?? {};
1873
+ if (!to || !subject || !html) {
1874
+ return res.status(400).json({
1875
+ ok: false,
1876
+ error: "BAD_REQUEST",
1877
+ message: "`to`, `subject`, and `html` are required."
1878
+ });
1879
+ }
1880
+ if (userId) {
1881
+ const user = await OrgUser.findOne({ id: userId }).lean();
1882
+ if (!user) {
1883
+ return res.status(404).json({
1884
+ ok: false,
1885
+ error: "NOT_FOUND",
1886
+ message: "User not found."
1887
+ });
1888
+ }
1889
+ const can = emailService.canSend(user?.lastEmailSent || []);
1890
+ if (!can.ok) {
1891
+ return res.status(429).json({
1892
+ ok: false,
1893
+ error: can.reason,
1894
+ waitMs: can.waitMs,
1895
+ message: "Too many emails sent recently. Please retry later."
1896
+ });
1897
+ }
1898
+ }
1899
+ await emailService.send(to, subject, html, from);
1900
+ if (userId) {
1901
+ await OrgUser.updateOne(
1902
+ { id: userId },
1903
+ { $push: { lastEmailSent: /* @__PURE__ */ new Date() } }
1904
+ );
1905
+ }
1906
+ return res.json({ ok: true });
1907
+ } catch (err) {
1908
+ return res.status(500).json({
1909
+ ok: false,
1910
+ error: "INTERNAL",
1911
+ message: err?.message ?? "Error"
1912
+ });
1913
+ }
1914
+ });
1860
1915
  return r;
1861
1916
  }
1862
1917