aaspai-authx 0.1.5 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/dist/express/index.cjs +70 -15
  2. package/dist/express/index.cjs.map +1 -1
  3. package/dist/express/index.js +73 -18
  4. package/dist/express/index.js.map +1 -1
  5. package/dist/index.cjs +70 -15
  6. package/dist/index.cjs.map +1 -1
  7. package/dist/index.d.cts +1 -1
  8. package/dist/index.d.ts +1 -1
  9. package/dist/index.js +73 -18
  10. package/dist/index.js.map +1 -1
  11. package/dist/nest/index.cjs +70 -15
  12. package/dist/nest/index.cjs.map +1 -1
  13. package/dist/nest/index.js +73 -18
  14. package/dist/nest/index.js.map +1 -1
  15. package/package.json +1 -1
package/dist/nest/index.cjs CHANGED
@@ -57,8 +57,8 @@ function loadConfig() {
57
57
  cookies: {
58
58
  domain: process.env.COOKIE_DOMAIN,
59
59
  secure: (process.env.COOKIE_SECURE || "true") === "true",
60
- accessTtlMs: 24 * 60 * 60 * 1e3,
61
- refreshTtlMs: 7 * 24 * 60 * 60 * 1e3
60
+ accessTtlMs: 7 * 24 * 60 * 60 * 1e3,
61
+ refreshTtlMs: 30 * 24 * 60 * 60 * 1e3
62
62
  },
63
63
  oidc: {
64
64
  jwtSecret: process.env.JWT_SECRET
@@ -573,11 +573,11 @@ var AuthAdminService = class {
573
573
  system: true
574
574
  };
575
575
  const accessToken = import_jsonwebtoken2.default.sign(payload, process.env.JWT_SECRET, {
576
- expiresIn: "1h"
576
+ expiresIn: "1d"
577
577
  });
578
578
  this.token = {
579
579
  accessToken,
580
- exp: now + 3600
580
+ exp: now + 84800
581
581
  };
582
582
  return this.token.accessToken;
583
583
  }
@@ -602,7 +602,7 @@ var EmailService = class {
602
602
  }
603
603
  });
604
604
  }
605
- sign(payload, ttlSec = 60 * 60 * 24) {
605
+ sign(payload, ttlSec = 60 * 60 * 24 * 30) {
606
606
  return import_jsonwebtoken3.default.sign(payload, process.env.EMAIL_JWT_SECRET, {
607
607
  expiresIn: ttlSec
608
608
  });
@@ -610,10 +610,10 @@ var EmailService = class {
610
610
  verify(token) {
611
611
  return import_jsonwebtoken3.default.verify(token, process.env.EMAIL_JWT_SECRET);
612
612
  }
613
- async send(to, subject, html) {
613
+ async send(to, subject, html, from) {
614
614
  try {
615
615
  const info = await this.transporter.sendMail({
616
- from: process.env.EMAIL_FROM,
616
+ from: from ? `${from} ` + process.env.EMAIL_FROM : process.env.EMAIL_FROM,
617
617
  to,
618
618
  subject,
619
619
  html
@@ -1052,7 +1052,7 @@ function createAuthRouter(options = {}) {
1052
1052
  // default: secure in prod
1053
1053
  domain: options.cookie?.domain ?? void 0,
1054
1054
  path: options.cookie?.path ?? "/",
1055
- maxAgeMs: options.cookie?.maxAgeMs ?? 24 * 60 * 60 * 1e3
1055
+ maxAgeMs: options.cookie?.maxAgeMs ?? 30 * 24 * 60 * 60 * 1e3
1056
1056
  };
1057
1057
  r.use(import_express.default.json());
1058
1058
  r.use(import_express.default.urlencoded({ extended: true }));
@@ -1109,6 +1109,7 @@ function createAuthRouter(options = {}) {
1109
1109
  projectId,
1110
1110
  metadata
1111
1111
  } = req.body || {};
1112
+ const COMPANY_NAME = process.env.COMPANY_NAME;
1112
1113
  try {
1113
1114
  const kcUser = await authAdmin.createUserInRealm({
1114
1115
  username: emailAddress,
@@ -1150,7 +1151,8 @@ function createAuthRouter(options = {}) {
1150
1151
  }
1151
1152
  )}`,
1152
1153
  expiresIn: "1 hour"
1153
- })
1154
+ }),
1155
+ from: COMPANY_NAME
1154
1156
  });
1155
1157
  if (emailResult.rateLimited) {
1156
1158
  return res.status(429).json({
@@ -1215,6 +1217,7 @@ function createAuthRouter(options = {}) {
1215
1217
  "/resend-verification-email",
1216
1218
  validateResendEmail,
1217
1219
  async (req, res) => {
1220
+ const COMPANY_NAME = process.env.COMPANY_NAME;
1218
1221
  const user = await OrgUser.findOne({ email: req.body.email });
1219
1222
  if (!user)
1220
1223
  return res.status(404).json({ ok: false, error: "User not found" });
@@ -1240,7 +1243,8 @@ function createAuthRouter(options = {}) {
1240
1243
  }
1241
1244
  )}`,
1242
1245
  expiresIn: "1 hour"
1243
- })
1246
+ }),
1247
+ from: COMPANY_NAME
1244
1248
  });
1245
1249
  if (resendResult.rateLimited) {
1246
1250
  return res.status(429).json({
@@ -1253,6 +1257,7 @@ function createAuthRouter(options = {}) {
1253
1257
  }
1254
1258
  );
1255
1259
  r.post("/forgot-password", validateResendEmail, async (req, res) => {
1260
+ const COMPANY_NAME = process.env.COMPANY_NAME;
1256
1261
  const user = await OrgUser.findOne({ email: req.body.email });
1257
1262
  if (!user)
1258
1263
  return res.status(404).json({ ok: false, error: "User not found" });
@@ -1279,7 +1284,8 @@ function createAuthRouter(options = {}) {
1279
1284
  }
1280
1285
  )}`,
1281
1286
  expiresIn: "1 hour"
1282
- })
1287
+ }),
1288
+ from: COMPANY_NAME
1283
1289
  });
1284
1290
  if (resetResult.rateLimited) {
1285
1291
  return res.status(429).json({
@@ -1703,13 +1709,14 @@ async function sendRateLimitedEmail({
1703
1709
  emailService,
1704
1710
  user,
1705
1711
  subject,
1706
- html
1712
+ html,
1713
+ from
1707
1714
  }) {
1708
1715
  const can = emailService.canSend(user?.lastEmailSent || []);
1709
1716
  if (!can.ok) {
1710
1717
  return { rateLimited: true, waitMs: can.waitMs };
1711
1718
  }
1712
- await emailService.send(user.email, subject, html);
1719
+ await emailService.send(user.email, subject, html, from);
1713
1720
  user.lastEmailSent = [...user.lastEmailSent || [], /* @__PURE__ */ new Date()];
1714
1721
  await user.save();
1715
1722
  return { rateLimited: false };
@@ -1730,7 +1737,7 @@ function generateTokens(user) {
1730
1737
  type: "user"
1731
1738
  };
1732
1739
  const accessToken = import_jsonwebtoken4.default.sign(accessPayload, process.env.JWT_SECRET, {
1733
- expiresIn: "1h"
1740
+ expiresIn: "1d"
1734
1741
  });
1735
1742
  const refreshToken = import_jsonwebtoken4.default.sign(
1736
1743
  { sub: user._id.toString() },
@@ -1766,13 +1773,61 @@ function createDashboardRouter(options) {
1766
1773
  }
1767
1774
 
1768
1775
  // src/express/email.routes.ts
1769
- var import_express3 = require("express");
1776
+ var import_express3 = __toESM(require("express"), 1);
1770
1777
  function createEmailRouter(options) {
1771
1778
  const r = (0, import_express3.Router)();
1779
+ const emailService = new EmailService();
1780
+ r.use(import_express3.default.json());
1781
+ r.use(import_express3.default.urlencoded({ extended: true }));
1772
1782
  r.get(
1773
1783
  "/verify",
1774
1784
  (req, res) => res.json({ ok: true, token: req.query.token })
1775
1785
  );
1786
+ r.post("/send", async (req, res) => {
1787
+ try {
1788
+ const { userId, to, subject, html, from } = req.body ?? {};
1789
+ if (!to || !subject || !html) {
1790
+ return res.status(400).json({
1791
+ ok: false,
1792
+ error: "BAD_REQUEST",
1793
+ message: "`to`, `subject`, and `html` are required."
1794
+ });
1795
+ }
1796
+ if (userId) {
1797
+ const user = await OrgUser.findOne({ id: userId }).lean();
1798
+ if (!user) {
1799
+ return res.status(404).json({
1800
+ ok: false,
1801
+ error: "NOT_FOUND",
1802
+ message: "User not found."
1803
+ });
1804
+ }
1805
+ const can = emailService.canSend(user?.lastEmailSent || []);
1806
+ if (!can.ok) {
1807
+ return res.status(429).json({
1808
+ ok: false,
1809
+ error: can.reason,
1810
+ waitMs: can.waitMs,
1811
+ message: "Too many emails sent recently. Please retry later."
1812
+ });
1813
+ }
1814
+ }
1815
+ await emailService.send(to, subject, html, from);
1816
+ if (userId) {
1817
+ await OrgUser.updateOne(
1818
+ { id: userId },
1819
+ { $push: { lastEmailSent: /* @__PURE__ */ new Date() } }
1820
+ );
1821
+ }
1822
+ return res.json({ ok: true });
1823
+ } catch (err) {
1824
+ return res.status(500).json({
1825
+ ok: false,
1826
+ error: "INTERNAL",
1827
+ message: err?.message ?? "Error"
1828
+ });
1829
+ }
1830
+ });
1776
1831
  return r;
1777
1832
  }
1778
1833