npm - arkos - Versions diffs - 1.3.2-canary.3 → 1.3.3-beta - Mend

arkos 1.3.2-canary.3 → 1.3.3-beta

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (301) hide show

package/dist/cjs/modules/auth/auth.controller.js CHANGED Viewed

@@ -1 +1,247 @@
-"use strict";var __importDefault=this&&this.__importDefault||function(r){return r&&r.__esModule?r:{default:r}};Object.defineProperty(exports,"__esModule",{value:!0}),exports.authControllerFactory=exports.defaultExcludedUserFields=void 0;const catch_async_1=__importDefault(require("../error-handler/utils/catch-async")),app_error_1=__importDefault(require("../error-handler/utils/app-error")),auth_service_1=__importDefault(require("./auth.service")),base_service_1=require("../base/base.service"),arkos_env_1=__importDefault(require("../../utils/arkos-env")),server_1=require("../../server"),auth_controller_helpers_1=require("./utils/helpers/auth.controller.helpers"),auth_action_service_1=__importDefault(require("./utils/services/auth-action.service"));exports.defaultExcludedUserFields={password:!1};const authControllerFactory=async(r={})=>{const u=new base_service_1.BaseService("user");return{getMe:(0,catch_async_1.default)(async(e,o,a)=>{const s=await u.findOne({id:e.user.id},e.prismaQueryOptions||{});if(Object.keys(exports.defaultExcludedUserFields).forEach(t=>{s&&delete s[t]}),r?.afterGetMe)return e.responseData={data:s},e.responseStatus=200,a();o.status(200).json({data:s})}),updateMe:(0,catch_async_1.default)(async(e,o,a)=>{if("password"in e.body)throw new app_error_1.default("In order to update password use the update-password endpoint.",400,{},"InvalidFieldPassword");const s=await u.updateOne({id:e.user.id},e.body,e.prismaQueryOptions||{});if(Object.keys(exports.defaultExcludedUserFields).forEach(t=>{s&&delete s[t]}),r?.afterUpdateMe)return e.responseData={data:s},e.responseStatus=200,a();o.status(200).json({data:s})}),logout:(0,catch_async_1.default)(async(e,o,a)=>{if(o.cookie("arkos_access_token","no-token",{expires:new Date(Date.now()+10*1e3),httpOnly:!0}),r?.afterLogout)return e.responseData=null,e.responseStatus=204,a();o.status(204).json()}),login:(0,catch_async_1.default)(async(e,o,a)=>{const s=(0,server_1.getArkosConfig)()?.authentication,t=(0,auth_controller_helpers_1.determineUsernameField)(e),n=t.split(".")[t.split(".").length-1],c=e.body[n],{password:d}=e.body;if(!c||!d)return a(new app_error_1.default(`Please provide both ${n} and password`,400));let i;if(t?.includes?.(".")){const p=(0,auth_controller_helpers_1.getNestedValue)(e.body,t);if(p===void 0)return a(new app_error_1.default(`Invalid ${t} provided`,400));i=(0,auth_controller_helpers_1.createPrismaWhereClause)(t,p)}else i={[t]:c};const l=await u.findOne(i,e.prismaQueryOptions||{});if(!l||!await auth_service_1.default.isCorrectPassword(d,l.password))return a(new app_error_1.default(`Incorrect ${n} or password`,401));const f=auth_service_1.default.signJwtToken(l.id),h={expires:new Date(Date.now()+Number((0,auth_controller_helpers_1.toMs)(s?.jwt?.expiresIn||process.env.JWT_EXPIRES_IN||arkos_env_1.default.JWT_EXPIRES_IN))),httpOnly:s?.jwt?.cookie?.httpOnly||process.env.JWT_COOKIE_HTTP_ONLY==="true"||!0,secure:s?.jwt?.cookie?.secure||process.env.JWT_COOKIE_SECURE==="true"||e.secure||e.headers["x-forwarded-proto"]==="https",sameSite:s?.jwt?.cookie?.sameSite||process.env.JWT_COOKIE_SAME_SITE||(process.env.NODE_ENV==="production"?"none":"lax")};if((s?.login?.sendAccessTokenThrough==="response-only"||s?.login?.sendAccessTokenThrough==="both"||!s?.login?.sendAccessTokenThrough)&&(e.responseData={accessToken:f}),(s?.login?.sendAccessTokenThrough==="cookie-only"||s?.login?.sendAccessTokenThrough==="both"||!s?.login?.sendAccessTokenThrough)&&o.cookie("arkos_access_token",f,h),e.accessToken=f,r?.afterLogin)return e.additionalData={user:l},e.responseStatus=200,a();s?.login?.sendAccessTokenThrough==="response-only"||s?.login?.sendAccessTokenThrough==="both"||!s?.login?.sendAccessTokenThrough?o.status(200).json(e.responseData):(s?.login?.sendAccessTokenThrough==="cookie-only"||s?.login?.sendAccessTokenThrough==="both"||!s?.login?.sendAccessTokenThrough)&&o.status(200).send()}),signup:(0,catch_async_1.default)(async(e,o,a)=>{const s=await u.createOne(e.body,e.prismaQueryOptions||{});if(r?.afterSignup)return e.responseData={data:s},e.responseStatus=201,a();Object.keys(exports.defaultExcludedUserFields).forEach(t=>{delete s[t]}),o.status(201).json({data:s})}),deleteMe:(0,catch_async_1.default)(async(e,o,a)=>{const s=e.user.id,t=await u.updateOne({id:s},{deletedSelfAccountAt:new Date().toISOString()},e.prismaQueryOptions||{});if(r?.afterDeleteMe)return e.responseData={data:t},e.responseStatus=200,a();Object.keys(exports.defaultExcludedUserFields).forEach(n=>{delete t[n]}),o.status(200).json({message:"Account deleted successfully"})}),updatePassword:(0,catch_async_1.default)(async(e,o,a)=>{const{currentPassword:s,newPassword:t}=e.body;if(!s||!t)return a(new app_error_1.default("currentPassword and newPassword are required",400));const n=e.user;if(!n||n?.isActive===!1||n?.deletedSelfAccountAt)return a(new app_error_1.default("User not found!",404));const c=await auth_service_1.default.isCorrectPassword(String(s),String(n.password)),d=(0,server_1.getArkosConfig)(),i=d?.authentication;if(!c)return a(new app_error_1.default("Current password is incorrect.",400));if(!auth_service_1.default.isPasswordStrong(String(t))&&!d?.validation)return a(new app_error_1.default(i?.passwordValidation?.message||"The new password must contain at least one uppercase letter, one lowercase letter, and one number",400));if(await u.updateOne({id:n.id},{password:await auth_service_1.default.hashPassword(t),passwordChangedAt:new Date(Date.now())}),r?.afterUpdatePassword)return e.additionalData={user:n},e.responseData={status:"success",message:"Password updated successfully!"},e.responseStatus=200,a();o.status(200).json({status:"success",message:"Password updated successfully!"})}),findManyAuthAction:(0,catch_async_1.default)(async(e,o)=>{const a=(0,server_1.getArkosConfig)(),s=auth_action_service_1.default.getAll()?.map(t=>(a?.authentication?.mode==="dynamic"&&delete t?.roles,t));o.json({total:s.length,results:s.length,data:s})}),findOneAuthAction:(0,catch_async_1.default)(async(e,o)=>{const a=(0,server_1.getArkosConfig)(),s=e.params?.resourceName;if(!s)throw new app_error_1.default("Please provide a resoureName",400);const t=auth_action_service_1.default.getByResource(e.params?.resourceName)?.map(n=>(a?.authentication?.mode==="dynamic"&&delete n?.roles,n));if(!t)throw new app_error_1.default(`No auth action with resource name ${s}`,404);o.json({total:t.length,results:t.length,data:t})})}};exports.authControllerFactory=authControllerFactory;
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.authControllerFactory = exports.defaultExcludedUserFields = void 0;
+const catch_async_1 = __importDefault(require("../error-handler/utils/catch-async"));
+const app_error_1 = __importDefault(require("../error-handler/utils/app-error"));
+const auth_service_1 = __importDefault(require("./auth.service"));
+const base_service_1 = require("../base/base.service");
+const arkos_env_1 = __importDefault(require("../../utils/arkos-env"));
+const server_1 = require("../../server");
+const auth_controller_helpers_1 = require("./utils/helpers/auth.controller.helpers");
+const auth_action_service_1 = __importDefault(require("./utils/services/auth-action.service"));
+exports.defaultExcludedUserFields = {
+    password: false,
+};
+const authControllerFactory = async (interceptors = {}) => {
+    const userService = new base_service_1.BaseService("user");
+    return {
+        getMe: (0, catch_async_1.default)(async (req, res, next) => {
+            const user = (await userService.findOne({ id: req.user.id }, req.prismaQueryOptions || {}));
+            Object.keys(exports.defaultExcludedUserFields).forEach((key) => {
+                if (user)
+                    delete user[key];
+            });
+            if (interceptors?.afterGetMe) {
+                req.responseData = { data: user };
+                res.locals.data = { data: user };
+                req.responseStatus = 200;
+                res.locals.status = 200;
+                return next();
+            }
+            res.status(200).json({ data: user });
+        }),
+        updateMe: (0, catch_async_1.default)(async (req, res, next) => {
+            if ("password" in req.body)
+                throw new app_error_1.default("In order to update password use the update-password endpoint.", 400, {}, "InvalidFieldPassword");
+            const user = (await userService.updateOne({ id: req.user.id }, req.body, req.prismaQueryOptions || {}));
+            Object.keys(exports.defaultExcludedUserFields).forEach((key) => {
+                if (user)
+                    delete user[key];
+            });
+            if (interceptors?.afterUpdateMe) {
+                req.responseData = { data: user };
+                res.locals.data = { data: user };
+                req.responseStatus = 200;
+                res.locals.status = 200;
+                return next();
+            }
+            res.status(200).json({ data: user });
+        }),
+        logout: (0, catch_async_1.default)(async (req, res, next) => {
+            res.cookie("arkos_access_token", "no-token", {
+                expires: new Date(Date.now() + 10 * 1000),
+                httpOnly: true,
+            });
+            if (interceptors?.afterLogout) {
+                req.responseData = null;
+                res.locals.data = null;
+                req.responseStatus = 204;
+                res.locals.status = 204;
+                return next();
+            }
+            res.status(204).json();
+        }),
+        login: (0, catch_async_1.default)(async (req, res, next) => {
+            const authConfigs = (0, server_1.getArkosConfig)()?.authentication;
+            const usernameField = (0, auth_controller_helpers_1.determineUsernameField)(req);
+            const lastField = usernameField.split(".")[usernameField.split(".").length - 1];
+            const usernameValue = req.body[lastField];
+            const { password } = req.body;
+            if (!usernameValue || !password)
+                return next(new app_error_1.default(`Please provide both ${lastField} and password`, 400));
+            let whereClause;
+            if (usernameField?.includes?.(".")) {
+                const valueToFind = (0, auth_controller_helpers_1.getNestedValue)(req.body, usernameField);
+                if (valueToFind === undefined) {
+                    return next(new app_error_1.default(`Invalid ${usernameField} provided`, 400));
+                }
+                whereClause = (0, auth_controller_helpers_1.createPrismaWhereClause)(usernameField, valueToFind);
+            }
+            else {
+                whereClause = { [usernameField]: usernameValue };
+            }
+            const user = (await userService.findOne(whereClause, req.prismaQueryOptions || {}));
+            if (!user ||
+                !(await auth_service_1.default.isCorrectPassword(password, user.password))) {
+                return next(new app_error_1.default(`Incorrect ${lastField} or password`, 401));
+            }
+            const token = auth_service_1.default.signJwtToken(user.id);
+            const cookieOptions = {
+                expires: new Date(Date.now() +
+                    Number((0, auth_controller_helpers_1.toMs)(authConfigs?.jwt?.expiresIn ||
+                        process.env.JWT_EXPIRES_IN ||
+                        arkos_env_1.default.JWT_EXPIRES_IN))),
+                httpOnly: authConfigs?.jwt?.cookie?.httpOnly ||
+                    process.env.JWT_COOKIE_HTTP_ONLY === "true" ||
+                    true,
+                secure: authConfigs?.jwt?.cookie?.secure ||
+                    process.env.JWT_COOKIE_SECURE === "true" ||
+                    req.secure ||
+                    req.headers["x-forwarded-proto"] === "https",
+                sameSite: authConfigs?.jwt?.cookie?.sameSite ||
+                    process.env.JWT_COOKIE_SAME_SITE ||
+                    (process.env.NODE_ENV === "production" ? "none" : "lax"),
+            };
+            if (authConfigs?.login?.sendAccessTokenThrough === "response-only" ||
+                authConfigs?.login?.sendAccessTokenThrough === "both" ||
+                !authConfigs?.login?.sendAccessTokenThrough) {
+                req.responseData = { accessToken: token };
+                res.locals.data = { accessToken: token };
+            }
+            if (authConfigs?.login?.sendAccessTokenThrough === "cookie-only" ||
+                authConfigs?.login?.sendAccessTokenThrough === "both" ||
+                !authConfigs?.login?.sendAccessTokenThrough)
+                res.cookie("arkos_access_token", token, cookieOptions);
+            req.accessToken = token;
+            if (interceptors?.afterLogin) {
+                req.additionalData = { user };
+                res.locals.additional = { user };
+                req.responseStatus = 200;
+                res.locals.status = 200;
+                return next();
+            }
+            if (authConfigs?.login?.sendAccessTokenThrough === "response-only" ||
+                authConfigs?.login?.sendAccessTokenThrough === "both" ||
+                !authConfigs?.login?.sendAccessTokenThrough) {
+                res.status(200).json(req.responseData);
+            }
+            else if (authConfigs?.login?.sendAccessTokenThrough === "cookie-only" ||
+                authConfigs?.login?.sendAccessTokenThrough === "both" ||
+                !authConfigs?.login?.sendAccessTokenThrough)
+                res.status(200).send();
+        }),
+        signup: (0, catch_async_1.default)(async (req, res, next) => {
+            const user = (await userService.createOne(req.body, req.prismaQueryOptions || {}));
+            if (interceptors?.afterSignup) {
+                req.responseData = { data: user };
+                res.locals.data = { data: user };
+                req.responseStatus = 201;
+                res.locals.status = 201;
+                return next();
+            }
+            Object.keys(exports.defaultExcludedUserFields).forEach((key) => {
+                delete user[key];
+            });
+            res.status(201).json({ data: user });
+        }),
+        deleteMe: (0, catch_async_1.default)(async (req, res, next) => {
+            const userId = req.user.id;
+            const updatedUser = (await userService.updateOne({ id: userId }, {
+                deletedSelfAccountAt: new Date().toISOString(),
+            }, req.prismaQueryOptions || {}));
+            if (interceptors?.afterDeleteMe) {
+                req.responseData = { data: updatedUser };
+                res.locals.data = { data: updatedUser };
+                req.responseStatus = 200;
+                res.locals.status = 200;
+                return next();
+            }
+            Object.keys(exports.defaultExcludedUserFields).forEach((key) => {
+                delete updatedUser[key];
+            });
+            res.status(200).json({
+                message: "Account deleted successfully",
+            });
+        }),
+        updatePassword: (0, catch_async_1.default)(async (req, res, next) => {
+            const { currentPassword, newPassword } = req.body;
+            if (!currentPassword || !newPassword)
+                return next(new app_error_1.default("currentPassword and newPassword are required", 400));
+            const user = req.user;
+            if (!user || user?.isActive === false || user?.deletedSelfAccountAt)
+                return next(new app_error_1.default("User not found!", 404));
+            const isPasswordCorrect = await auth_service_1.default.isCorrectPassword(String(currentPassword), String(user.password));
+            const configs = (0, server_1.getArkosConfig)();
+            const initAuthConfigs = configs?.authentication;
+            if (!isPasswordCorrect)
+                return next(new app_error_1.default("Current password is incorrect.", 400));
+            if (!auth_service_1.default.isPasswordStrong(String(newPassword)) &&
+                !configs?.validation) {
+                return next(new app_error_1.default(initAuthConfigs?.passwordValidation?.message ||
+                    "The new password must contain at least one uppercase letter, one lowercase letter, and one number", 400));
+            }
+            await userService.updateOne({ id: user.id }, {
+                password: await auth_service_1.default.hashPassword(newPassword),
+                passwordChangedAt: new Date(Date.now()),
+            });
+            if (interceptors?.afterUpdatePassword) {
+                req.additionalData = {
+                    user,
+                };
+                req.responseData = {
+                    status: "success",
+                    message: "Password updated successfully!",
+                };
+                res.locals.data = {
+                    status: "success",
+                    message: "Password updated successfully!",
+                };
+                req.responseStatus = 200;
+                res.locals.status = 200;
+                return next();
+            }
+            res.status(200).json({
+                status: "success",
+                message: "Password updated successfully!",
+            });
+        }),
+        findManyAuthAction: (0, catch_async_1.default)(async (_, res) => {
+            const arkosConfig = (0, server_1.getArkosConfig)();
+            const authActions = auth_action_service_1.default.getAll()?.map((authAction) => {
+                if (arkosConfig?.authentication?.mode === "dynamic")
+                    delete authAction?.roles;
+                return authAction;
+            });
+            res.json({
+                total: authActions.length,
+                results: authActions.length,
+                data: authActions,
+            });
+        }),
+        findOneAuthAction: (0, catch_async_1.default)(async (req, res) => {
+            const arkosConfig = (0, server_1.getArkosConfig)();
+            const resourceName = req.params?.resourceName;
+            if (!resourceName)
+                throw new app_error_1.default(`Please provide a resoureName`, 400);
+            const authActions = auth_action_service_1.default
+                .getByResource(req.params?.resourceName)
+                ?.map((authAction) => {
+                if (arkosConfig?.authentication?.mode === "dynamic")
+                    delete authAction?.roles;
+                return authAction;
+            });
+            if (!authActions)
+                throw new app_error_1.default(`No auth action with resource name ${resourceName}`, 404);
+            res.json({
+                total: authActions.length,
+                results: authActions.length,
+                data: authActions,
+            });
+        }),
+    };
+};
+exports.authControllerFactory = authControllerFactory;
+//# sourceMappingURL=auth.controller.js.map

package/dist/cjs/modules/auth/auth.controller.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"auth.controller.js","sourceRoot":"","sources":["../../../../src/modules/auth/auth.controller.ts"],"names":[],"mappings":";;;;;;AAAA,qFAA4D;AAC5D,iFAAwD;AAGxD,kEAAyC;AACzC,uDAAmD;AAEnD,sEAA6C;AAC7C,yCAA8C;AAC9C,qFAMiD;AACjD,+FAAqE;AAKxD,QAAA,yBAAyB,GAAG;IACvC,QAAQ,EAAE,KAAK;CAChB,CAAC;AAQK,MAAM,qBAAqB,GAAG,KAAK,EAAE,eAAoB,EAAE,EAAE,EAAE;IACpE,MAAM,WAAW,GAAG,IAAI,0BAAW,CAAC,MAAM,CAAC,CAAC;IAE5C,OAAO;QAIL,KAAK,EAAE,IAAA,qBAAU,EACf,KAAK,EACH,GAAiB,EACjB,GAAkB,EAClB,IAAuB,EACvB,EAAE;YACF,MAAM,IAAI,GAAG,CAAC,MAAM,WAAW,CAAC,OAAO,CACrC,EAAE,EAAE,EAAE,GAAG,CAAC,IAAK,CAAC,EAAE,EAAE,EACpB,GAAG,CAAC,kBAAkB,IAAI,EAAE,CAC7B,CAAwB,CAAC;YAE1B,MAAM,CAAC,IAAI,CAAC,iCAAyB,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;gBACrD,IAAI,IAAI;oBAAE,OAAO,IAAI,CAAC,GAAiB,CAAC,CAAC;YAC3C,CAAC,CAAC,CAAC;YAEH,IAAI,YAAY,EAAE,UAAU,EAAE,CAAC;gBAC7B,GAAG,CAAC,YAAY,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;gBAClC,GAAG,CAAC,cAAc,GAAG,GAAG,CAAC;gBACzB,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC;YAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACvC,CAAC,CACF;QAKD,QAAQ,EAAE,IAAA,qBAAU,EAClB,KAAK,EACH,GAAiB,EACjB,GAAkB,EAClB,IAAuB,EACvB,EAAE;YACF,IAAI,UAAU,IAAI,GAAG,CAAC,IAAI;gBACxB,MAAM,IAAI,mBAAQ,CAChB,+DAA+D,EAC/D,GAAG,EACH,EAAE,EACF,sBAAsB,CACvB,CAAC;YAEJ,MAAM,IAAI,GAAG,CAAC,MAAM,WAAW,CAAC,SAAS,CACvC,EAAE,EAAE,EAAE,GAAG,CAAC,IAAK,CAAC,EAAE,EAAE,EACpB,GAAG,CAAC,IAAI,EACR,GAAG,CAAC,kBAAkB,IAAI,EAAE,CAC7B,CAAwB,CAAC;YAE1B,MAAM,CAAC,IAAI,CAAC,iCAAyB,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;gBACrD,IAAI,IAAI;oBAAE,OAAO,IAAI,CAAC,GAAiB,CAAC,CAAC;YAC3C,CAAC,CAAC,CAAC;YAEH,IAAI,YAAY,EAAE,aAAa,EAAE,CAAC;gBAChC,GAAG,CAAC,YAAY,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;gBAClC,GAAG,CAAC,cAAc,GAAG,GAAG,CAAC;gBACzB,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC;YAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACvC,CAAC,CACF;QAKD,MAAM,EAAE,IAAA,qBAAU,EAChB,KAAK,EACH,GAAiB,EACjB,GAAkB,EAClB,IAAuB,EACvB,EAAE;YACF,GAAG,CAAC,MAAM,CAAC,oBAAoB,EAAE,UAAU,EAAE;gBAC3C,OAAO,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;gBACzC,QAAQ,EAAE,IAAI;aACf,CAAC,CAAC;YAEH,IAAI,YAAY,EAAE,WAAW,EAAE,CAAC;gBAC9B,GAAG,CAAC,YAAY,GAAG,IAAI,CAAC;gBACxB,GAAG,CAAC,cAAc,GAAG,GAAG,CAAC;gBACzB,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC;YAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;QACzB,CAAC,CACF;QAQD,KAAK,EAAE,IAAA,qBAAU,EACf,KAAK,EACH,GAAiB,EACjB,GAAkB,EAClB,IAAuB,EACvB,EAAE;YACF,MAAM,WAAW,GAAG,IAAA,uBAAc,GAAE,EAAE,cAAc,CAAC;YAErD,MAAM,aAAa,GAAG,IAAA,gDAAsB,EAAC,GAAG,CAAC,CAAC;YAGlD,MAAM,SAAS,GACb,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAEhE,MAAM,aAAa,GAAG,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAE1C,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;YAE9B,IAAI,CAAC,aAAa,IAAI,CAAC,QAAQ;gBAC7B,OAAO,IAAI,CACT,IAAI,mBAAQ,CAAC,uBAAuB,SAAS,eAAe,EAAE,GAAG,CAAC,CACnE,CAAC;YAGJ,IAAI,WAAgC,CAAC;YAErC,IAAI,aAAa,EAAE,QAAQ,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;gBAEnC,MAAM,WAAW,GAAG,IAAA,wCAAc,EAAC,GAAG,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;gBAC5D,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;oBAC9B,OAAO,IAAI,CAAC,IAAI,mBAAQ,CAAC,WAAW,aAAa,WAAW,EAAE,GAAG,CAAC,CAAC,CAAC;gBACtE,CAAC;gBACD,WAAW,GAAG,IAAA,iDAAuB,EAAC,aAAa,EAAE,WAAW,CAAC,CAAC;YACpE,CAAC;iBAAM,CAAC;gBAEN,WAAW,GAAG,EAAE,CAAC,aAAa,CAAC,EAAE,aAAa,EAAE,CAAC;YACnD,CAAC;YAGD,MAAM,IAAI,GAAG,CAAC,MAAM,WAAW,CAAC,OAAO,CACrC,WAAW,EACX,GAAG,CAAC,kBAAkB,IAAI,EAAE,CAC7B,CAAwB,CAAC;YAE1B,IACE,CAAC,IAAI;gBACL,CAAC,CAAC,MAAM,sBAAW,CAAC,iBAAiB,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,EAC/D,CAAC;gBACD,OAAO,IAAI,CAAC,IAAI,mBAAQ,CAAC,aAAa,SAAS,cAAc,EAAE,GAAG,CAAC,CAAC,CAAC;YACvE,CAAC;YAED,MAAM,KAAK,GAAG,sBAAW,CAAC,YAAY,CAAC,IAAI,CAAC,EAAG,CAAC,CAAC;YAEjD,MAAM,aAAa,GAAkB;gBACnC,OAAO,EAAE,IAAI,IAAI,CACf,IAAI,CAAC,GAAG,EAAE;oBACR,MAAM,CACJ,IAAA,8BAAI,EACF,WAAW,EAAE,GAAG,EAAE,SAAS;wBACxB,OAAO,CAAC,GAAG,CAAC,cAA6B;wBACzC,mBAAQ,CAAC,cAA6B,CAC1C,CACF,CACJ;gBACD,QAAQ,EACN,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,QAAQ;oBAClC,OAAO,CAAC,GAAG,CAAC,oBAAoB,KAAK,MAAM;oBAC3C,IAAI;gBACN,MAAM,EACJ,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM;oBAChC,OAAO,CAAC,GAAG,CAAC,iBAAiB,KAAK,MAAM;oBACxC,GAAG,CAAC,MAAM;oBACV,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,KAAK,OAAO;gBAC9C,QAAQ,EACN,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,QAAQ;oBACjC,OAAO,CAAC,GAAG,CAAC,oBAIC;oBACd,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;aAC3D,CAAC;YAEF,IACE,WAAW,EAAE,KAAK,EAAE,sBAAsB,KAAK,eAAe;gBAC9D,WAAW,EAAE,KAAK,EAAE,sBAAsB,KAAK,MAAM;gBACrD,CAAC,WAAW,EAAE,KAAK,EAAE,sBAAsB,EAC3C,CAAC;gBACD,GAAG,CAAC,YAAY,GAAG,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;YAC5C,CAAC;YAED,IACE,WAAW,EAAE,KAAK,EAAE,sBAAsB,KAAK,aAAa;gBAC5D,WAAW,EAAE,KAAK,EAAE,sBAAsB,KAAK,MAAM;gBACrD,CAAC,WAAW,EAAE,KAAK,EAAE,sBAAsB;gBAE3C,GAAG,CAAC,MAAM,CAAC,oBAAoB,EAAE,KAAK,EAAE,aAAa,CAAC,CAAC;YAEzD,GAAG,CAAC,WAAW,GAAG,KAAK,CAAC;YAExB,IAAI,YAAY,EAAE,UAAU,EAAE,CAAC;gBAC7B,GAAG,CAAC,cAAc,GAAG,EAAE,IAAI,EAAE,CAAC;gBAC9B,GAAG,CAAC,cAAc,GAAG,GAAG,CAAC;gBACzB,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC;YAED,IACE,WAAW,EAAE,KAAK,EAAE,sBAAsB,KAAK,eAAe;gBAC9D,WAAW,EAAE,KAAK,EAAE,sBAAsB,KAAK,MAAM;gBACrD,CAAC,WAAW,EAAE,KAAK,EAAE,sBAAsB,EAC3C,CAAC;gBACD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;YACzC,CAAC;iBAAM,IACL,WAAW,EAAE,KAAK,EAAE,sBAAsB,KAAK,aAAa;gBAC5D,WAAW,EAAE,KAAK,EAAE,sBAAsB,KAAK,MAAM;gBACrD,CAAC,WAAW,EAAE,KAAK,EAAE,sBAAsB;gBAE3C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;QAC3B,CAAC,CACF;QAKD,MAAM,EAAE,IAAA,qBAAU,EAChB,KAAK,EACH,GAAiB,EACjB,GAAkB,EAClB,IAAuB,EACvB,EAAE;YACF,MAAM,IAAI,GAAG,CAAC,MAAM,WAAW,CAAC,SAAS,CACvC,GAAG,CAAC,IAAI,EACR,GAAG,CAAC,kBAAkB,IAAI,EAAE,CAC7B,CAAwB,CAAC;YAE1B,IAAI,YAAY,EAAE,WAAW,EAAE,CAAC;gBAC9B,GAAG,CAAC,YAAY,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;gBAClC,GAAG,CAAC,cAAc,GAAG,GAAG,CAAC;gBACzB,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC;YAED,MAAM,CAAC,IAAI,CAAC,iCAAyB,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;gBACrD,OAAO,IAAI,CAAC,GAAiB,CAAC,CAAC;YACjC,CAAC,CAAC,CAAC;YAEH,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACvC,CAAC,CACF;QAID,QAAQ,EAAE,IAAA,qBAAU,EAClB,KAAK,EACH,GAAiB,EACjB,GAAkB,EAClB,IAAuB,EACvB,EAAE;YACF,MAAM,MAAM,GAAG,GAAG,CAAC,IAAK,CAAC,EAAE,CAAC;YAE5B,MAAM,WAAW,GAAG,CAAC,MAAM,WAAW,CAAC,SAAS,CAC9C,EAAE,EAAE,EAAE,MAAM,EAAE,EACd;gBACE,oBAAoB,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aAC/C,EACD,GAAG,CAAC,kBAAkB,IAAI,EAAE,CAC7B,CAAwB,CAAC;YAE1B,IAAI,YAAY,EAAE,aAAa,EAAE,CAAC;gBAChC,GAAG,CAAC,YAAY,GAAG,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC;gBACzC,GAAG,CAAC,cAAc,GAAG,GAAG,CAAC;gBACzB,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC;YAED,MAAM,CAAC,IAAI,CAAC,iCAAyB,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;gBACrD,OAAO,WAAW,CAAC,GAAiB,CAAC,CAAC;YACxC,CAAC,CAAC,CAAC;YAEH,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,8BAA8B;aACxC,CAAC,CAAC;QACL,CAAC,CACF;QAKD,cAAc,EAAE,IAAA,qBAAU,EACxB,KAAK,EACH,GAAiB,EACjB,GAAkB,EAClB,IAAuB,EACvB,EAAE;YACF,MAAM,EAAE,eAAe,EAAE,WAAW,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;YAElD,IAAI,CAAC,eAAe,IAAI,CAAC,WAAW;gBAClC,OAAO,IAAI,CACT,IAAI,mBAAQ,CAAC,8CAA8C,EAAE,GAAG,CAAC,CAClE,CAAC;YAEJ,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC;YAEtB,IAAI,CAAC,IAAI,IAAI,IAAI,EAAE,QAAQ,KAAK,KAAK,IAAI,IAAI,EAAE,oBAAoB;gBACjE,OAAO,IAAI,CAAC,IAAI,mBAAQ,CAAC,iBAAiB,EAAE,GAAG,CAAC,CAAC,CAAC;YAGpD,MAAM,iBAAiB,GAAG,MAAM,sBAAW,CAAC,iBAAiB,CAC3D,MAAM,CAAC,eAAe,CAAC,EACvB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CACtB,CAAC;YAEF,MAAM,OAAO,GAAG,IAAA,uBAAc,GAAE,CAAC;YACjC,MAAM,eAAe,GAAG,OAAO,EAAE,cAAc,CAAC;YAEhD,IAAI,CAAC,iBAAiB;gBACpB,OAAO,IAAI,CAAC,IAAI,mBAAQ,CAAC,gCAAgC,EAAE,GAAG,CAAC,CAAC,CAAC;YAGnE,IACE,CAAC,sBAAW,CAAC,gBAAgB,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;gBAClD,CAAC,OAAO,EAAE,UAAU,EACpB,CAAC;gBACD,OAAO,IAAI,CACT,IAAI,mBAAQ,CACV,eAAe,EAAE,kBAAkB,EAAE,OAAO;oBAC1C,mGAAmG,EACrG,GAAG,CACJ,CACF,CAAC;YACJ,CAAC;YAGD,MAAM,WAAW,CAAC,SAAS,CACzB,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,EACf;gBACE,QAAQ,EAAE,MAAM,sBAAW,CAAC,YAAY,CAAC,WAAW,CAAC;gBACrD,iBAAiB,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;aACxC,CACF,CAAC;YAEF,IAAI,YAAY,EAAE,mBAAmB,EAAE,CAAC;gBACtC,GAAG,CAAC,cAAc,GAAG;oBACnB,IAAI;iBACL,CAAC;gBACF,GAAG,CAAC,YAAY,GAAG;oBACjB,MAAM,EAAE,SAAS;oBACjB,OAAO,EAAE,gCAAgC;iBAC1C,CAAC;gBACF,GAAG,CAAC,cAAc,GAAG,GAAG,CAAC;gBACzB,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC;YAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,MAAM,EAAE,SAAS;gBACjB,OAAO,EAAE,gCAAgC;aAC1C,CAAC,CAAC;QACL,CAAC,CACF;QAED,kBAAkB,EAAE,IAAA,qBAAU,EAC5B,KAAK,EAAE,CAAe,EAAE,GAAkB,EAAE,EAAE;YAC5C,MAAM,WAAW,GAAG,IAAA,uBAAc,GAAE,CAAC;YACrC,MAAM,WAAW,GAAG,6BAAiB,CAAC,MAAM,EAAE,EAAE,GAAG,CAAC,CAAC,UAAU,EAAE,EAAE;gBACjE,IAAI,WAAW,EAAE,cAAc,EAAE,IAAI,KAAK,SAAS;oBACjD,OAAQ,UAAkB,EAAE,KAAK,CAAC;gBACpC,OAAO,UAAU,CAAC;YACpB,CAAC,CAAC,CAAC;YAEH,GAAG,CAAC,IAAI,CAAC;gBACP,KAAK,EAAE,WAAW,CAAC,MAAM;gBACzB,OAAO,EAAE,WAAW,CAAC,MAAM;gBAC3B,IAAI,EAAE,WAAW;aAClB,CAAC,CAAC;QACL,CAAC,CACF;QAED,iBAAiB,EAAE,IAAA,qBAAU,EAC3B,KAAK,EAAE,GAAiB,EAAE,GAAkB,EAAE,EAAE;YAC9C,MAAM,WAAW,GAAG,IAAA,uBAAc,GAAE,CAAC;YACrC,MAAM,YAAY,GAAG,GAAG,CAAC,MAAM,EAAE,YAAY,CAAC;YAE9C,IAAI,CAAC,YAAY;gBACf,MAAM,IAAI,mBAAQ,CAAC,8BAA8B,EAAE,GAAG,CAAC,CAAC;YAE1D,MAAM,WAAW,GAAG,6BAAiB;iBAClC,aAAa,CAAC,GAAG,CAAC,MAAM,EAAE,YAAY,CAAC;gBACxC,EAAE,GAAG,CAAC,CAAC,UAAU,EAAE,EAAE;gBACnB,IAAI,WAAW,EAAE,cAAc,EAAE,IAAI,KAAK,SAAS;oBACjD,OAAQ,UAAkB,EAAE,KAAK,CAAC;gBACpC,OAAO,UAAU,CAAC;YACpB,CAAC,CAAC,CAAC;YAEL,IAAI,CAAC,WAAW;gBACd,MAAM,IAAI,mBAAQ,CAChB,qCAAqC,YAAY,EAAE,EACnD,GAAG,CACJ,CAAC;YAEJ,GAAG,CAAC,IAAI,CAAC;gBACP,KAAK,EAAE,WAAW,CAAC,MAAM;gBACzB,OAAO,EAAE,WAAW,CAAC,MAAM;gBAC3B,IAAI,EAAE,WAAW;aAClB,CAAC,CAAC;QACL,CAAC,CACF;KACF,CAAC;AACJ,CAAC,CAAC;AApZW,QAAA,qBAAqB,yBAoZhC","sourcesContent":["import catchAsync from \"../error-handler/utils/catch-async\";\nimport AppError from \"../error-handler/utils/app-error\";\nimport { CookieOptions } from \"express\";\nimport { ArkosRequest, ArkosResponse, ArkosNextFunction } from \"../../types\";\nimport authService from \"./auth.service\";\nimport { BaseService } from \"../base/base.service\";\nimport { User } from \"../../types\";\nimport arkosEnv from \"../../utils/arkos-env\";\nimport { getArkosConfig } from \"../../server\";\nimport {\n createPrismaWhereClause,\n determineUsernameField,\n getNestedValue,\n MsDuration,\n toMs,\n} from \"./utils/helpers/auth.controller.helpers\";\nimport authActionService from \"./utils/services/auth-action.service\";\n\n/*\n Default fields to exclude from user object when returning to client\n /\nexport const defaultExcludedUserFields = {\n password: false,\n};\n\n/\n Factory function to create authentication controller with configurable interceptors\n \n @param interceptors - Optional middleware functions to execute after controller actions\n * @returns An object containing all authentication controller methods\n /\nexport const authControllerFactory = async (interceptors: any = {}) => {\n const userService = new BaseService(\"user\");\n\n return {\n /\n Retrieves the current authenticated user's information\n /\n getMe: catchAsync(\n async (\n req: ArkosRequest,\n res: ArkosResponse,\n next: ArkosNextFunction\n ) => {\n const user = (await userService.findOne(\n { id: req.user!.id },\n req.prismaQueryOptions \|\| {}\n )) as Record<string, any>;\n\n Object.keys(defaultExcludedUserFields).forEach((key) => {\n if (user) delete user[key as keyof User];\n });\n\n if (interceptors?.afterGetMe) {\n req.responseData = { data: user };\n req.responseStatus = 200;\n return next();\n }\n\n res.status(200).json({ data: user });\n }\n ),\n\n /\n Updates the current authenticated user's information\n /\n updateMe: catchAsync(\n async (\n req: ArkosRequest,\n res: ArkosResponse,\n next: ArkosNextFunction\n ) => {\n if (\"password\" in req.body)\n throw new AppError(\n \"In order to update password use the update-password endpoint.\",\n 400,\n {},\n \"InvalidFieldPassword\"\n );\n\n const user = (await userService.updateOne(\n { id: req.user!.id },\n req.body,\n req.prismaQueryOptions \|\| {}\n )) as Record<string, any>;\n\n Object.keys(defaultExcludedUserFields).forEach((key) => {\n if (user) delete user[key as keyof User];\n });\n\n if (interceptors?.afterUpdateMe) {\n req.responseData = { data: user };\n req.responseStatus = 200;\n return next();\n }\n\n res.status(200).json({ data: user });\n }\n ),\n\n /\n Logs out the current user by invalidating their access token cookie\n /\n logout: catchAsync(\n async (\n req: ArkosRequest,\n res: ArkosResponse,\n next: ArkosNextFunction\n ) => {\n res.cookie(\"arkos_access_token\", \"no-token\", {\n expires: new Date(Date.now() + 10 1000),\n httpOnly: true,\n });\n\n if (interceptors?.afterLogout) {\n req.responseData = null;\n req.responseStatus = 204;\n return next();\n }\n\n res.status(204).json();\n }\n ),\n\n /*\n Authenticates a user using configurable username field and password\n * Username field can be specified in query parameter or config\n \n Supports nested fields and array queries (e.g., \"profile.nickname\", \"phones.some.number\")\n /\n login: catchAsync(\n async (\n req: ArkosRequest,\n res: ArkosResponse,\n next: ArkosNextFunction\n ) => {\n const authConfigs = getArkosConfig()?.authentication;\n\n const usernameField = determineUsernameField(req);\n\n // For the error message, we only care about the top-level field name\n const lastField =\n usernameField.split(\".\")[usernameField.split(\".\").length - 1];\n\n const usernameValue = req.body[lastField];\n\n const { password } = req.body;\n\n if (!usernameValue \|\| !password)\n return next(\n new AppError(`Please provide both ${lastField} and password`, 400)\n );\n\n // Create appropriate where clause for the query\n let whereClause: Record<string, any>;\n\n if (usernameField?.includes?.(\".\")) {\n // For nested paths, we need to extract the actual value to search for\n const valueToFind = getNestedValue(req.body, usernameField);\n if (valueToFind === undefined) {\n return next(new AppError(`Invalid ${usernameField} provided`, 400));\n }\n whereClause = createPrismaWhereClause(usernameField, valueToFind);\n } else {\n // Simple field case\n whereClause = { [usernameField]: usernameValue };\n }\n\n // Use findFirst instead of findUnique for complex queries\n const user = (await userService.findOne(\n whereClause,\n req.prismaQueryOptions \|\| {}\n )) as Record<string, any>;\n\n if (\n !user \|\|\n !(await authService.isCorrectPassword(password, user.password))\n ) {\n return next(new AppError(`Incorrect ${lastField} or password`, 401));\n }\n\n const token = authService.signJwtToken(user.id!);\n\n const cookieOptions: CookieOptions = {\n expires: new Date(\n Date.now() +\n Number(\n toMs(\n authConfigs?.jwt?.expiresIn \|\|\n (process.env.JWT_EXPIRES_IN as MsDuration) \|\|\n (arkosEnv.JWT_EXPIRES_IN as MsDuration)\n )\n )\n ),\n httpOnly:\n authConfigs?.jwt?.cookie?.httpOnly \|\|\n process.env.JWT_COOKIE_HTTP_ONLY === \"true\" \|\|\n true,\n secure:\n authConfigs?.jwt?.cookie?.secure \|\|\n process.env.JWT_COOKIE_SECURE === \"true\" \|\|\n req.secure \|\|\n req.headers[\"x-forwarded-proto\"] === \"https\",\n sameSite:\n authConfigs?.jwt?.cookie?.sameSite \|\|\n (process.env.JWT_COOKIE_SAME_SITE as\n \| \"none\"\n \| \"lax\"\n \| \"strict\"\n \| undefined) \|\|\n (process.env.NODE_ENV === \"production\" ? \"none\" : \"lax\"),\n };\n\n if (\n authConfigs?.login?.sendAccessTokenThrough === \"response-only\" \|\|\n authConfigs?.login?.sendAccessTokenThrough === \"both\" \|\|\n !authConfigs?.login?.sendAccessTokenThrough\n ) {\n req.responseData = { accessToken: token };\n }\n\n if (\n authConfigs?.login?.sendAccessTokenThrough === \"cookie-only\" \|\|\n authConfigs?.login?.sendAccessTokenThrough === \"both\" \|\|\n !authConfigs?.login?.sendAccessTokenThrough\n )\n res.cookie(\"arkos_access_token\", token, cookieOptions);\n\n req.accessToken = token;\n\n if (interceptors?.afterLogin) {\n req.additionalData = { user };\n req.responseStatus = 200;\n return next();\n }\n\n if (\n authConfigs?.login?.sendAccessTokenThrough === \"response-only\" \|\|\n authConfigs?.login?.sendAccessTokenThrough === \"both\" \|\|\n !authConfigs?.login?.sendAccessTokenThrough\n ) {\n res.status(200).json(req.responseData);\n } else if (\n authConfigs?.login?.sendAccessTokenThrough === \"cookie-only\" \|\|\n authConfigs?.login?.sendAccessTokenThrough === \"both\" \|\|\n !authConfigs?.login?.sendAccessTokenThrough\n )\n res.status(200).send();\n }\n ),\n\n /\n Creates a new user account using the userService\n /\n signup: catchAsync(\n async (\n req: ArkosRequest,\n res: ArkosResponse,\n next: ArkosNextFunction\n ) => {\n const user = (await userService.createOne(\n req.body,\n req.prismaQueryOptions \|\| {}\n )) as Record<string, any>;\n\n if (interceptors?.afterSignup) {\n req.responseData = { data: user };\n req.responseStatus = 201;\n return next();\n }\n\n Object.keys(defaultExcludedUserFields).forEach((key) => {\n delete user[key as keyof User];\n });\n\n res.status(201).json({ data: user });\n }\n ),\n /\n Marks user account as self-deleted by setting deletedSelfAccountAt timestamp\n /\n deleteMe: catchAsync(\n async (\n req: ArkosRequest,\n res: ArkosResponse,\n next: ArkosNextFunction\n ) => {\n const userId = req.user!.id; // Assuming the authenticated user's ID is available in req.user\n\n const updatedUser = (await userService.updateOne(\n { id: userId },\n {\n deletedSelfAccountAt: new Date().toISOString(),\n },\n req.prismaQueryOptions \|\| {}\n )) as Record<string, any>;\n\n if (interceptors?.afterDeleteMe) {\n req.responseData = { data: updatedUser };\n req.responseStatus = 200;\n return next();\n }\n\n Object.keys(defaultExcludedUserFields).forEach((key) => {\n delete updatedUser[key as keyof User];\n });\n\n res.status(200).json({\n message: \"Account deleted successfully\",\n });\n }\n ),\n\n /\n Updates the password of the authenticated user\n */\n updatePassword: catchAsync(\n async (\n req: ArkosRequest,\n res: ArkosResponse,\n next: ArkosNextFunction\n ) => {\n const { currentPassword, newPassword } = req.body;\n\n if (!currentPassword \|\| !newPassword)\n return next(\n new AppError(\"currentPassword and newPassword are required\", 400)\n );\n\n const user = req.user;\n\n if (!user \|\| user?.isActive === false \|\| user?.deletedSelfAccountAt)\n return next(new AppError(\"User not found!\", 404));\n\n // Check if the current password is correct\n const isPasswordCorrect = await authService.isCorrectPassword(\n String(currentPassword),\n String(user.password)\n );\n\n const configs = getArkosConfig();\n const initAuthConfigs = configs?.authentication;\n\n if (!isPasswordCorrect)\n return next(new AppError(\"Current password is incorrect.\", 400));\n\n // Check password strength (optional but recommended)\n if (\n !authService.isPasswordStrong(String(newPassword)) &&\n !configs?.validation\n ) {\n return next(\n new AppError(\n initAuthConfigs?.passwordValidation?.message \|\|\n \"The new password must contain at least one uppercase letter, one lowercase letter, and one number\",\n 400\n )\n );\n }\n\n // Update the password\n await userService.updateOne(\n { id: user.id },\n {\n password: await authService.hashPassword(newPassword),\n passwordChangedAt: new Date(Date.now()),\n }\n );\n\n if (interceptors?.afterUpdatePassword) {\n req.additionalData = {\n user,\n };\n req.responseData = {\n status: \"success\",\n message: \"Password updated successfully!\",\n };\n req.responseStatus = 200;\n return next();\n }\n\n res.status(200).json({\n status: \"success\",\n message: \"Password updated successfully!\",\n });\n }\n ),\n\n findManyAuthAction: catchAsync(\n async (_: ArkosRequest, res: ArkosResponse) => {\n const arkosConfig = getArkosConfig();\n const authActions = authActionService.getAll()?.map((authAction) => {\n if (arkosConfig?.authentication?.mode === \"dynamic\")\n delete (authAction as any)?.roles;\n return authAction;\n });\n\n res.json({\n total: authActions.length,\n results: authActions.length,\n data: authActions,\n });\n }\n ),\n\n findOneAuthAction: catchAsync(\n async (req: ArkosRequest, res: ArkosResponse) => {\n const arkosConfig = getArkosConfig();\n const resourceName = req.params?.resourceName;\n\n if (!resourceName)\n throw new AppError(`Please provide a resoureName`, 400);\n\n const authActions = authActionService\n .getByResource(req.params?.resourceName)\n ?.map((authAction) => {\n if (arkosConfig?.authentication?.mode === \"dynamic\")\n delete (authAction as any)?.roles;\n return authAction;\n });\n\n if (!authActions)\n throw new AppError(\n `No auth action with resource name ${resourceName}`,\n 404\n );\n\n res.json({\n total: authActions.length,\n results: authActions.length,\n data: authActions,\n });\n }\n ),\n };\n};\n"]}
1	+ {"version":3,"file":"auth.controller.js","sourceRoot":"","sources":["../../../../src/modules/auth/auth.controller.ts"],"names":[],"mappings":";;;;;;AAAA,qFAA4D;AAC5D,iFAAwD;AAGxD,kEAAyC;AACzC,uDAAmD;AAEnD,sEAA6C;AAC7C,yCAA8C;AAC9C,qFAMiD;AACjD,+FAAqE;AAKxD,QAAA,yBAAyB,GAAG;IACvC,QAAQ,EAAE,KAAK;CAChB,CAAC;AAQK,MAAM,qBAAqB,GAAG,KAAK,EAAE,eAAoB,EAAE,EAAE,EAAE;IACpE,MAAM,WAAW,GAAG,IAAI,0BAAW,CAAC,MAAM,CAAC,CAAC;IAE5C,OAAO;QAIL,KAAK,EAAE,IAAA,qBAAU,EACf,KAAK,EACH,GAAiB,EACjB,GAAkB,EAClB,IAAuB,EACvB,EAAE;YACF,MAAM,IAAI,GAAG,CAAC,MAAM,WAAW,CAAC,OAAO,CACrC,EAAE,EAAE,EAAE,GAAG,CAAC,IAAK,CAAC,EAAE,EAAE,EACpB,GAAG,CAAC,kBAAkB,IAAI,EAAE,CAC7B,CAAwB,CAAC;YAE1B,MAAM,CAAC,IAAI,CAAC,iCAAyB,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;gBACrD,IAAI,IAAI;oBAAE,OAAO,IAAI,CAAC,GAAiB,CAAC,CAAC;YAC3C,CAAC,CAAC,CAAC;YAEH,IAAI,YAAY,EAAE,UAAU,EAAE,CAAC;gBAC7B,GAAG,CAAC,YAAY,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;gBAClC,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;gBACjC,GAAG,CAAC,cAAc,GAAG,GAAG,CAAC;gBACzB,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,GAAG,CAAC;gBACxB,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC;YAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACvC,CAAC,CACF;QAKD,QAAQ,EAAE,IAAA,qBAAU,EAClB,KAAK,EACH,GAAiB,EACjB,GAAkB,EAClB,IAAuB,EACvB,EAAE;YACF,IAAI,UAAU,IAAI,GAAG,CAAC,IAAI;gBACxB,MAAM,IAAI,mBAAQ,CAChB,+DAA+D,EAC/D,GAAG,EACH,EAAE,EACF,sBAAsB,CACvB,CAAC;YAEJ,MAAM,IAAI,GAAG,CAAC,MAAM,WAAW,CAAC,SAAS,CACvC,EAAE,EAAE,EAAE,GAAG,CAAC,IAAK,CAAC,EAAE,EAAE,EACpB,GAAG,CAAC,IAAI,EACR,GAAG,CAAC,kBAAkB,IAAI,EAAE,CAC7B,CAAwB,CAAC;YAE1B,MAAM,CAAC,IAAI,CAAC,iCAAyB,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;gBACrD,IAAI,IAAI;oBAAE,OAAO,IAAI,CAAC,GAAiB,CAAC,CAAC;YAC3C,CAAC,CAAC,CAAC;YAEH,IAAI,YAAY,EAAE,aAAa,EAAE,CAAC;gBAChC,GAAG,CAAC,YAAY,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;gBAClC,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;gBACjC,GAAG,CAAC,cAAc,GAAG,GAAG,CAAC;gBACzB,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,GAAG,CAAC;gBACxB,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC;YAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACvC,CAAC,CACF;QAKD,MAAM,EAAE,IAAA,qBAAU,EAChB,KAAK,EACH,GAAiB,EACjB,GAAkB,EAClB,IAAuB,EACvB,EAAE;YACF,GAAG,CAAC,MAAM,CAAC,oBAAoB,EAAE,UAAU,EAAE;gBAC3C,OAAO,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;gBACzC,QAAQ,EAAE,IAAI;aACf,CAAC,CAAC;YAEH,IAAI,YAAY,EAAE,WAAW,EAAE,CAAC;gBAC9B,GAAG,CAAC,YAAY,GAAG,IAAI,CAAC;gBACxB,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG,IAAI,CAAC;gBACvB,GAAG,CAAC,cAAc,GAAG,GAAG,CAAC;gBACzB,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,GAAG,CAAC;gBACxB,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC;YAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;QACzB,CAAC,CACF;QAQD,KAAK,EAAE,IAAA,qBAAU,EACf,KAAK,EACH,GAAiB,EACjB,GAAkB,EAClB,IAAuB,EACvB,EAAE;YACF,MAAM,WAAW,GAAG,IAAA,uBAAc,GAAE,EAAE,cAAc,CAAC;YAErD,MAAM,aAAa,GAAG,IAAA,gDAAsB,EAAC,GAAG,CAAC,CAAC;YAGlD,MAAM,SAAS,GACb,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAEhE,MAAM,aAAa,GAAG,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAE1C,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;YAE9B,IAAI,CAAC,aAAa,IAAI,CAAC,QAAQ;gBAC7B,OAAO,IAAI,CACT,IAAI,mBAAQ,CAAC,uBAAuB,SAAS,eAAe,EAAE,GAAG,CAAC,CACnE,CAAC;YAGJ,IAAI,WAAgC,CAAC;YAErC,IAAI,aAAa,EAAE,QAAQ,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;gBAEnC,MAAM,WAAW,GAAG,IAAA,wCAAc,EAAC,GAAG,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;gBAC5D,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;oBAC9B,OAAO,IAAI,CAAC,IAAI,mBAAQ,CAAC,WAAW,aAAa,WAAW,EAAE,GAAG,CAAC,CAAC,CAAC;gBACtE,CAAC;gBACD,WAAW,GAAG,IAAA,iDAAuB,EAAC,aAAa,EAAE,WAAW,CAAC,CAAC;YACpE,CAAC;iBAAM,CAAC;gBAEN,WAAW,GAAG,EAAE,CAAC,aAAa,CAAC,EAAE,aAAa,EAAE,CAAC;YACnD,CAAC;YAGD,MAAM,IAAI,GAAG,CAAC,MAAM,WAAW,CAAC,OAAO,CACrC,WAAW,EACX,GAAG,CAAC,kBAAkB,IAAI,EAAE,CAC7B,CAAwB,CAAC;YAE1B,IACE,CAAC,IAAI;gBACL,CAAC,CAAC,MAAM,sBAAW,CAAC,iBAAiB,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,EAC/D,CAAC;gBACD,OAAO,IAAI,CAAC,IAAI,mBAAQ,CAAC,aAAa,SAAS,cAAc,EAAE,GAAG,CAAC,CAAC,CAAC;YACvE,CAAC;YAED,MAAM,KAAK,GAAG,sBAAW,CAAC,YAAY,CAAC,IAAI,CAAC,EAAG,CAAC,CAAC;YAEjD,MAAM,aAAa,GAAkB;gBACnC,OAAO,EAAE,IAAI,IAAI,CACf,IAAI,CAAC,GAAG,EAAE;oBACR,MAAM,CACJ,IAAA,8BAAI,EACF,WAAW,EAAE,GAAG,EAAE,SAAS;wBACxB,OAAO,CAAC,GAAG,CAAC,cAA6B;wBACzC,mBAAQ,CAAC,cAA6B,CAC1C,CACF,CACJ;gBACD,QAAQ,EACN,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,QAAQ;oBAClC,OAAO,CAAC,GAAG,CAAC,oBAAoB,KAAK,MAAM;oBAC3C,IAAI;gBACN,MAAM,EACJ,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM;oBAChC,OAAO,CAAC,GAAG,CAAC,iBAAiB,KAAK,MAAM;oBACxC,GAAG,CAAC,MAAM;oBACV,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,KAAK,OAAO;gBAC9C,QAAQ,EACN,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,QAAQ;oBACjC,OAAO,CAAC,GAAG,CAAC,oBAIC;oBACd,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;aAC3D,CAAC;YAEF,IACE,WAAW,EAAE,KAAK,EAAE,sBAAsB,KAAK,eAAe;gBAC9D,WAAW,EAAE,KAAK,EAAE,sBAAsB,KAAK,MAAM;gBACrD,CAAC,WAAW,EAAE,KAAK,EAAE,sBAAsB,EAC3C,CAAC;gBACD,GAAG,CAAC,YAAY,GAAG,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;gBAC1C,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;YAC3C,CAAC;YAED,IACE,WAAW,EAAE,KAAK,EAAE,sBAAsB,KAAK,aAAa;gBAC5D,WAAW,EAAE,KAAK,EAAE,sBAAsB,KAAK,MAAM;gBACrD,CAAC,WAAW,EAAE,KAAK,EAAE,sBAAsB;gBAE3C,GAAG,CAAC,MAAM,CAAC,oBAAoB,EAAE,KAAK,EAAE,aAAa,CAAC,CAAC;YAEzD,GAAG,CAAC,WAAW,GAAG,KAAK,CAAC;YAExB,IAAI,YAAY,EAAE,UAAU,EAAE,CAAC;gBAC7B,GAAG,CAAC,cAAc,GAAG,EAAE,IAAI,EAAE,CAAC;gBAC9B,GAAG,CAAC,MAAM,CAAC,UAAU,GAAG,EAAE,IAAI,EAAE,CAAC;gBACjC,GAAG,CAAC,cAAc,GAAG,GAAG,CAAC;gBACzB,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,GAAG,CAAC;gBACxB,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC;YAED,IACE,WAAW,EAAE,KAAK,EAAE,sBAAsB,KAAK,eAAe;gBAC9D,WAAW,EAAE,KAAK,EAAE,sBAAsB,KAAK,MAAM;gBACrD,CAAC,WAAW,EAAE,KAAK,EAAE,sBAAsB,EAC3C,CAAC;gBACD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;YACzC,CAAC;iBAAM,IACL,WAAW,EAAE,KAAK,EAAE,sBAAsB,KAAK,aAAa;gBAC5D,WAAW,EAAE,KAAK,EAAE,sBAAsB,KAAK,MAAM;gBACrD,CAAC,WAAW,EAAE,KAAK,EAAE,sBAAsB;gBAE3C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;QAC3B,CAAC,CACF;QAKD,MAAM,EAAE,IAAA,qBAAU,EAChB,KAAK,EACH,GAAiB,EACjB,GAAkB,EAClB,IAAuB,EACvB,EAAE;YACF,MAAM,IAAI,GAAG,CAAC,MAAM,WAAW,CAAC,SAAS,CACvC,GAAG,CAAC,IAAI,EACR,GAAG,CAAC,kBAAkB,IAAI,EAAE,CAC7B,CAAwB,CAAC;YAE1B,IAAI,YAAY,EAAE,WAAW,EAAE,CAAC;gBAC9B,GAAG,CAAC,YAAY,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;gBAClC,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;gBACjC,GAAG,CAAC,cAAc,GAAG,GAAG,CAAC;gBACzB,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,GAAG,CAAC;gBACxB,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC;YAED,MAAM,CAAC,IAAI,CAAC,iCAAyB,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;gBACrD,OAAO,IAAI,CAAC,GAAiB,CAAC,CAAC;YACjC,CAAC,CAAC,CAAC;YAEH,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACvC,CAAC,CACF;QAID,QAAQ,EAAE,IAAA,qBAAU,EAClB,KAAK,EACH,GAAiB,EACjB,GAAkB,EAClB,IAAuB,EACvB,EAAE;YACF,MAAM,MAAM,GAAG,GAAG,CAAC,IAAK,CAAC,EAAE,CAAC;YAE5B,MAAM,WAAW,GAAG,CAAC,MAAM,WAAW,CAAC,SAAS,CAC9C,EAAE,EAAE,EAAE,MAAM,EAAE,EACd;gBACE,oBAAoB,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aAC/C,EACD,GAAG,CAAC,kBAAkB,IAAI,EAAE,CAC7B,CAAwB,CAAC;YAE1B,IAAI,YAAY,EAAE,aAAa,EAAE,CAAC;gBAChC,GAAG,CAAC,YAAY,GAAG,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC;gBACzC,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC;gBACxC,GAAG,CAAC,cAAc,GAAG,GAAG,CAAC;gBACzB,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,GAAG,CAAC;gBACxB,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC;YAED,MAAM,CAAC,IAAI,CAAC,iCAAyB,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;gBACrD,OAAO,WAAW,CAAC,GAAiB,CAAC,CAAC;YACxC,CAAC,CAAC,CAAC;YAEH,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,8BAA8B;aACxC,CAAC,CAAC;QACL,CAAC,CACF;QAKD,cAAc,EAAE,IAAA,qBAAU,EACxB,KAAK,EACH,GAAiB,EACjB,GAAkB,EAClB,IAAuB,EACvB,EAAE;YACF,MAAM,EAAE,eAAe,EAAE,WAAW,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;YAElD,IAAI,CAAC,eAAe,IAAI,CAAC,WAAW;gBAClC,OAAO,IAAI,CACT,IAAI,mBAAQ,CAAC,8CAA8C,EAAE,GAAG,CAAC,CAClE,CAAC;YAEJ,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC;YAEtB,IAAI,CAAC,IAAI,IAAI,IAAI,EAAE,QAAQ,KAAK,KAAK,IAAI,IAAI,EAAE,oBAAoB;gBACjE,OAAO,IAAI,CAAC,IAAI,mBAAQ,CAAC,iBAAiB,EAAE,GAAG,CAAC,CAAC,CAAC;YAGpD,MAAM,iBAAiB,GAAG,MAAM,sBAAW,CAAC,iBAAiB,CAC3D,MAAM,CAAC,eAAe,CAAC,EACvB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CACtB,CAAC;YAEF,MAAM,OAAO,GAAG,IAAA,uBAAc,GAAE,CAAC;YACjC,MAAM,eAAe,GAAG,OAAO,EAAE,cAAc,CAAC;YAEhD,IAAI,CAAC,iBAAiB;gBACpB,OAAO,IAAI,CAAC,IAAI,mBAAQ,CAAC,gCAAgC,EAAE,GAAG,CAAC,CAAC,CAAC;YAGnE,IACE,CAAC,sBAAW,CAAC,gBAAgB,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;gBAClD,CAAC,OAAO,EAAE,UAAU,EACpB,CAAC;gBACD,OAAO,IAAI,CACT,IAAI,mBAAQ,CACV,eAAe,EAAE,kBAAkB,EAAE,OAAO;oBAC1C,mGAAmG,EACrG,GAAG,CACJ,CACF,CAAC;YACJ,CAAC;YAGD,MAAM,WAAW,CAAC,SAAS,CACzB,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,EACf;gBACE,QAAQ,EAAE,MAAM,sBAAW,CAAC,YAAY,CAAC,WAAW,CAAC;gBACrD,iBAAiB,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;aACxC,CACF,CAAC;YAEF,IAAI,YAAY,EAAE,mBAAmB,EAAE,CAAC;gBACtC,GAAG,CAAC,cAAc,GAAG;oBACnB,IAAI;iBACL,CAAC;gBACF,GAAG,CAAC,YAAY,GAAG;oBACjB,MAAM,EAAE,SAAS;oBACjB,OAAO,EAAE,gCAAgC;iBAC1C,CAAC;gBACF,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG;oBAChB,MAAM,EAAE,SAAS;oBACjB,OAAO,EAAE,gCAAgC;iBAC1C,CAAC;gBACF,GAAG,CAAC,cAAc,GAAG,GAAG,CAAC;gBACzB,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,GAAG,CAAC;gBACxB,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC;YAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,MAAM,EAAE,SAAS;gBACjB,OAAO,EAAE,gCAAgC;aAC1C,CAAC,CAAC;QACL,CAAC,CACF;QAED,kBAAkB,EAAE,IAAA,qBAAU,EAC5B,KAAK,EAAE,CAAe,EAAE,GAAkB,EAAE,EAAE;YAC5C,MAAM,WAAW,GAAG,IAAA,uBAAc,GAAE,CAAC;YACrC,MAAM,WAAW,GAAG,6BAAiB,CAAC,MAAM,EAAE,EAAE,GAAG,CAAC,CAAC,UAAU,EAAE,EAAE;gBACjE,IAAI,WAAW,EAAE,cAAc,EAAE,IAAI,KAAK,SAAS;oBACjD,OAAQ,UAAkB,EAAE,KAAK,CAAC;gBACpC,OAAO,UAAU,CAAC;YACpB,CAAC,CAAC,CAAC;YAEH,GAAG,CAAC,IAAI,CAAC;gBACP,KAAK,EAAE,WAAW,CAAC,MAAM;gBACzB,OAAO,EAAE,WAAW,CAAC,MAAM;gBAC3B,IAAI,EAAE,WAAW;aAClB,CAAC,CAAC;QACL,CAAC,CACF;QAED,iBAAiB,EAAE,IAAA,qBAAU,EAC3B,KAAK,EAAE,GAAiB,EAAE,GAAkB,EAAE,EAAE;YAC9C,MAAM,WAAW,GAAG,IAAA,uBAAc,GAAE,CAAC;YACrC,MAAM,YAAY,GAAG,GAAG,CAAC,MAAM,EAAE,YAAY,CAAC;YAE9C,IAAI,CAAC,YAAY;gBACf,MAAM,IAAI,mBAAQ,CAAC,8BAA8B,EAAE,GAAG,CAAC,CAAC;YAE1D,MAAM,WAAW,GAAG,6BAAiB;iBAClC,aAAa,CAAC,GAAG,CAAC,MAAM,EAAE,YAAY,CAAC;gBACxC,EAAE,GAAG,CAAC,CAAC,UAAU,EAAE,EAAE;gBACnB,IAAI,WAAW,EAAE,cAAc,EAAE,IAAI,KAAK,SAAS;oBACjD,OAAQ,UAAkB,EAAE,KAAK,CAAC;gBACpC,OAAO,UAAU,CAAC;YACpB,CAAC,CAAC,CAAC;YAEL,IAAI,CAAC,WAAW;gBACd,MAAM,IAAI,mBAAQ,CAChB,qCAAqC,YAAY,EAAE,EACnD,GAAG,CACJ,CAAC;YAEJ,GAAG,CAAC,IAAI,CAAC;gBACP,KAAK,EAAE,WAAW,CAAC,MAAM;gBACzB,OAAO,EAAE,WAAW,CAAC,MAAM;gBAC3B,IAAI,EAAE,WAAW;aAClB,CAAC,CAAC;QACL,CAAC,CACF;KACF,CAAC;AACJ,CAAC,CAAC;AAtaW,QAAA,qBAAqB,yBAsahC","sourcesContent":["import catchAsync from \"../error-handler/utils/catch-async\";\nimport AppError from \"../error-handler/utils/app-error\";\nimport { CookieOptions } from \"express\";\nimport { ArkosRequest, ArkosResponse, ArkosNextFunction } from \"../../types\";\nimport authService from \"./auth.service\";\nimport { BaseService } from \"../base/base.service\";\nimport { User } from \"../../types\";\nimport arkosEnv from \"../../utils/arkos-env\";\nimport { getArkosConfig } from \"../../server\";\nimport {\n createPrismaWhereClause,\n determineUsernameField,\n getNestedValue,\n MsDuration,\n toMs,\n} from \"./utils/helpers/auth.controller.helpers\";\nimport authActionService from \"./utils/services/auth-action.service\";\n\n/*\n Default fields to exclude from user object when returning to client\n /\nexport const defaultExcludedUserFields = {\n password: false,\n};\n\n/\n Factory function to create authentication controller with configurable interceptors\n \n @param interceptors - Optional middleware functions to execute after controller actions\n * @returns An object containing all authentication controller methods\n /\nexport const authControllerFactory = async (interceptors: any = {}) => {\n const userService = new BaseService(\"user\");\n\n return {\n /\n Retrieves the current authenticated user's information\n /\n getMe: catchAsync(\n async (\n req: ArkosRequest,\n res: ArkosResponse,\n next: ArkosNextFunction\n ) => {\n const user = (await userService.findOne(\n { id: req.user!.id },\n req.prismaQueryOptions \|\| {}\n )) as Record<string, any>;\n\n Object.keys(defaultExcludedUserFields).forEach((key) => {\n if (user) delete user[key as keyof User];\n });\n\n if (interceptors?.afterGetMe) {\n req.responseData = { data: user };\n res.locals.data = { data: user };\n req.responseStatus = 200;\n res.locals.status = 200;\n return next();\n }\n\n res.status(200).json({ data: user });\n }\n ),\n\n /\n Updates the current authenticated user's information\n /\n updateMe: catchAsync(\n async (\n req: ArkosRequest,\n res: ArkosResponse,\n next: ArkosNextFunction\n ) => {\n if (\"password\" in req.body)\n throw new AppError(\n \"In order to update password use the update-password endpoint.\",\n 400,\n {},\n \"InvalidFieldPassword\"\n );\n\n const user = (await userService.updateOne(\n { id: req.user!.id },\n req.body,\n req.prismaQueryOptions \|\| {}\n )) as Record<string, any>;\n\n Object.keys(defaultExcludedUserFields).forEach((key) => {\n if (user) delete user[key as keyof User];\n });\n\n if (interceptors?.afterUpdateMe) {\n req.responseData = { data: user };\n res.locals.data = { data: user };\n req.responseStatus = 200;\n res.locals.status = 200;\n return next();\n }\n\n res.status(200).json({ data: user });\n }\n ),\n\n /\n Logs out the current user by invalidating their access token cookie\n /\n logout: catchAsync(\n async (\n req: ArkosRequest,\n res: ArkosResponse,\n next: ArkosNextFunction\n ) => {\n res.cookie(\"arkos_access_token\", \"no-token\", {\n expires: new Date(Date.now() + 10 1000),\n httpOnly: true,\n });\n\n if (interceptors?.afterLogout) {\n req.responseData = null;\n res.locals.data = null;\n req.responseStatus = 204;\n res.locals.status = 204;\n return next();\n }\n\n res.status(204).json();\n }\n ),\n\n /*\n Authenticates a user using configurable username field and password\n * Username field can be specified in query parameter or config\n \n Supports nested fields and array queries (e.g., \"profile.nickname\", \"phones.some.number\")\n /\n login: catchAsync(\n async (\n req: ArkosRequest,\n res: ArkosResponse,\n next: ArkosNextFunction\n ) => {\n const authConfigs = getArkosConfig()?.authentication;\n\n const usernameField = determineUsernameField(req);\n\n // For the error message, we only care about the top-level field name\n const lastField =\n usernameField.split(\".\")[usernameField.split(\".\").length - 1];\n\n const usernameValue = req.body[lastField];\n\n const { password } = req.body;\n\n if (!usernameValue \|\| !password)\n return next(\n new AppError(`Please provide both ${lastField} and password`, 400)\n );\n\n // Create appropriate where clause for the query\n let whereClause: Record<string, any>;\n\n if (usernameField?.includes?.(\".\")) {\n // For nested paths, we need to extract the actual value to search for\n const valueToFind = getNestedValue(req.body, usernameField);\n if (valueToFind === undefined) {\n return next(new AppError(`Invalid ${usernameField} provided`, 400));\n }\n whereClause = createPrismaWhereClause(usernameField, valueToFind);\n } else {\n // Simple field case\n whereClause = { [usernameField]: usernameValue };\n }\n\n // Use findFirst instead of findUnique for complex queries\n const user = (await userService.findOne(\n whereClause,\n req.prismaQueryOptions \|\| {}\n )) as Record<string, any>;\n\n if (\n !user \|\|\n !(await authService.isCorrectPassword(password, user.password))\n ) {\n return next(new AppError(`Incorrect ${lastField} or password`, 401));\n }\n\n const token = authService.signJwtToken(user.id!);\n\n const cookieOptions: CookieOptions = {\n expires: new Date(\n Date.now() +\n Number(\n toMs(\n authConfigs?.jwt?.expiresIn \|\|\n (process.env.JWT_EXPIRES_IN as MsDuration) \|\|\n (arkosEnv.JWT_EXPIRES_IN as MsDuration)\n )\n )\n ),\n httpOnly:\n authConfigs?.jwt?.cookie?.httpOnly \|\|\n process.env.JWT_COOKIE_HTTP_ONLY === \"true\" \|\|\n true,\n secure:\n authConfigs?.jwt?.cookie?.secure \|\|\n process.env.JWT_COOKIE_SECURE === \"true\" \|\|\n req.secure \|\|\n req.headers[\"x-forwarded-proto\"] === \"https\",\n sameSite:\n authConfigs?.jwt?.cookie?.sameSite \|\|\n (process.env.JWT_COOKIE_SAME_SITE as\n \| \"none\"\n \| \"lax\"\n \| \"strict\"\n \| undefined) \|\|\n (process.env.NODE_ENV === \"production\" ? \"none\" : \"lax\"),\n };\n\n if (\n authConfigs?.login?.sendAccessTokenThrough === \"response-only\" \|\|\n authConfigs?.login?.sendAccessTokenThrough === \"both\" \|\|\n !authConfigs?.login?.sendAccessTokenThrough\n ) {\n req.responseData = { accessToken: token };\n res.locals.data = { accessToken: token };\n }\n\n if (\n authConfigs?.login?.sendAccessTokenThrough === \"cookie-only\" \|\|\n authConfigs?.login?.sendAccessTokenThrough === \"both\" \|\|\n !authConfigs?.login?.sendAccessTokenThrough\n )\n res.cookie(\"arkos_access_token\", token, cookieOptions);\n\n req.accessToken = token;\n\n if (interceptors?.afterLogin) {\n req.additionalData = { user };\n res.locals.additional = { user };\n req.responseStatus = 200;\n res.locals.status = 200;\n return next();\n }\n\n if (\n authConfigs?.login?.sendAccessTokenThrough === \"response-only\" \|\|\n authConfigs?.login?.sendAccessTokenThrough === \"both\" \|\|\n !authConfigs?.login?.sendAccessTokenThrough\n ) {\n res.status(200).json(req.responseData);\n } else if (\n authConfigs?.login?.sendAccessTokenThrough === \"cookie-only\" \|\|\n authConfigs?.login?.sendAccessTokenThrough === \"both\" \|\|\n !authConfigs?.login?.sendAccessTokenThrough\n )\n res.status(200).send();\n }\n ),\n\n /\n Creates a new user account using the userService\n /\n signup: catchAsync(\n async (\n req: ArkosRequest,\n res: ArkosResponse,\n next: ArkosNextFunction\n ) => {\n const user = (await userService.createOne(\n req.body,\n req.prismaQueryOptions \|\| {}\n )) as Record<string, any>;\n\n if (interceptors?.afterSignup) {\n req.responseData = { data: user };\n res.locals.data = { data: user };\n req.responseStatus = 201;\n res.locals.status = 201;\n return next();\n }\n\n Object.keys(defaultExcludedUserFields).forEach((key) => {\n delete user[key as keyof User];\n });\n\n res.status(201).json({ data: user });\n }\n ),\n /\n Marks user account as self-deleted by setting deletedSelfAccountAt timestamp\n /\n deleteMe: catchAsync(\n async (\n req: ArkosRequest,\n res: ArkosResponse,\n next: ArkosNextFunction\n ) => {\n const userId = req.user!.id; // Assuming the authenticated user's ID is available in req.user\n\n const updatedUser = (await userService.updateOne(\n { id: userId },\n {\n deletedSelfAccountAt: new Date().toISOString(),\n },\n req.prismaQueryOptions \|\| {}\n )) as Record<string, any>;\n\n if (interceptors?.afterDeleteMe) {\n req.responseData = { data: updatedUser };\n res.locals.data = { data: updatedUser };\n req.responseStatus = 200;\n res.locals.status = 200;\n return next();\n }\n\n Object.keys(defaultExcludedUserFields).forEach((key) => {\n delete updatedUser[key as keyof User];\n });\n\n res.status(200).json({\n message: \"Account deleted successfully\",\n });\n }\n ),\n\n /\n Updates the password of the authenticated user\n */\n updatePassword: catchAsync(\n async (\n req: ArkosRequest,\n res: ArkosResponse,\n next: ArkosNextFunction\n ) => {\n const { currentPassword, newPassword } = req.body;\n\n if (!currentPassword \|\| !newPassword)\n return next(\n new AppError(\"currentPassword and newPassword are required\", 400)\n );\n\n const user = req.user;\n\n if (!user \|\| user?.isActive === false \|\| user?.deletedSelfAccountAt)\n return next(new AppError(\"User not found!\", 404));\n\n // Check if the current password is correct\n const isPasswordCorrect = await authService.isCorrectPassword(\n String(currentPassword),\n String(user.password)\n );\n\n const configs = getArkosConfig();\n const initAuthConfigs = configs?.authentication;\n\n if (!isPasswordCorrect)\n return next(new AppError(\"Current password is incorrect.\", 400));\n\n // Check password strength (optional but recommended)\n if (\n !authService.isPasswordStrong(String(newPassword)) &&\n !configs?.validation\n ) {\n return next(\n new AppError(\n initAuthConfigs?.passwordValidation?.message \|\|\n \"The new password must contain at least one uppercase letter, one lowercase letter, and one number\",\n 400\n )\n );\n }\n\n // Update the password\n await userService.updateOne(\n { id: user.id },\n {\n password: await authService.hashPassword(newPassword),\n passwordChangedAt: new Date(Date.now()),\n }\n );\n\n if (interceptors?.afterUpdatePassword) {\n req.additionalData = {\n user,\n };\n req.responseData = {\n status: \"success\",\n message: \"Password updated successfully!\",\n };\n res.locals.data = {\n status: \"success\",\n message: \"Password updated successfully!\",\n };\n req.responseStatus = 200;\n res.locals.status = 200;\n return next();\n }\n\n res.status(200).json({\n status: \"success\",\n message: \"Password updated successfully!\",\n });\n }\n ),\n\n findManyAuthAction: catchAsync(\n async (_: ArkosRequest, res: ArkosResponse) => {\n const arkosConfig = getArkosConfig();\n const authActions = authActionService.getAll()?.map((authAction) => {\n if (arkosConfig?.authentication?.mode === \"dynamic\")\n delete (authAction as any)?.roles;\n return authAction;\n });\n\n res.json({\n total: authActions.length,\n results: authActions.length,\n data: authActions,\n });\n }\n ),\n\n findOneAuthAction: catchAsync(\n async (req: ArkosRequest, res: ArkosResponse) => {\n const arkosConfig = getArkosConfig();\n const resourceName = req.params?.resourceName;\n\n if (!resourceName)\n throw new AppError(`Please provide a resoureName`, 400);\n\n const authActions = authActionService\n .getByResource(req.params?.resourceName)\n ?.map((authAction) => {\n if (arkosConfig?.authentication?.mode === \"dynamic\")\n delete (authAction as any)?.roles;\n return authAction;\n });\n\n if (!authActions)\n throw new AppError(\n `No auth action with resource name ${resourceName}`,\n 404\n );\n\n res.json({\n total: authActions.length,\n results: authActions.length,\n data: authActions,\n });\n }\n ),\n };\n};\n"]}

package/dist/cjs/modules/auth/auth.router.js CHANGED Viewed

@@ -1 +1,82 @@
-"use strict";var __importDefault=this&&this.__importDefault||function(s){return s&&s.__esModule?s:{default:s}};Object.defineProperty(exports,"__esModule",{value:!0}),exports.getAuthRouter=getAuthRouter;const express_1=require("express"),auth_controller_1=require("./auth.controller"),auth_service_1=__importDefault(require("./auth.service")),express_rate_limit_1=__importDefault(require("express-rate-limit")),dynamic_loader_1=require("../../utils/dynamic-loader"),base_middlewares_1=require("../base/base.middlewares"),deepmerge_helper_1=__importDefault(require("../../utils/helpers/deepmerge.helper")),routers_helpers_1=require("../../utils/helpers/routers.helpers"),base_router_helpers_1=require("../base/utils/helpers/base.router.helpers"),router=(0,express_1.Router)();async function getAuthRouter(s){const{interceptors:e,dtos:n,schemas:u,prismaQueryOptions:o,router:l}=(0,dynamic_loader_1.getModuleComponents)("auth")||{},r=l?.config||{},t=await(0,auth_controller_1.authControllerFactory)(e);if(r?.disable===!0)return router;const a=d=>{const i=s?.validation;if(i?.resolver==="class-validator")return n?.[d];if(i?.resolver==="zod")return u?.[d]};return(0,base_router_helpers_1.isEndpointDisabled)(r,"getMe")||router.get("/users/me",auth_service_1.default.authenticate,(0,base_middlewares_1.addPrismaQueryOptionsToRequest)(o,"getMe"),...(0,routers_helpers_1.processMiddleware)(e?.beforeGetMe),t.getMe,...(0,routers_helpers_1.processMiddleware)(e?.afterGetMe),base_middlewares_1.sendResponse,...(0,routers_helpers_1.processMiddleware)(e?.onGetMeError,{type:"error"})),(0,base_router_helpers_1.isEndpointDisabled)(r,"updateMe")||router.patch("/users/me",auth_service_1.default.authenticate,(0,base_middlewares_1.handleRequestBodyValidationAndTransformation)(a("updateMe")),(0,base_middlewares_1.addPrismaQueryOptionsToRequest)(o,"updateMe"),...(0,routers_helpers_1.processMiddleware)(e?.beforeUpdateMe),t.updateMe,...(0,routers_helpers_1.processMiddleware)(e?.afterUpdateMe),base_middlewares_1.sendResponse,...(0,routers_helpers_1.processMiddleware)(e?.onUpdateMeError,{type:"error"})),(0,base_router_helpers_1.isEndpointDisabled)(r,"deleteMe")||router.delete("/users/me",auth_service_1.default.authenticate,(0,base_middlewares_1.addPrismaQueryOptionsToRequest)(o,"deleteMe"),...(0,routers_helpers_1.processMiddleware)(e?.beforeDeleteMe),t.deleteMe,...(0,routers_helpers_1.processMiddleware)(e?.afterDeleteMe),base_middlewares_1.sendResponse,...(0,routers_helpers_1.processMiddleware)(e?.onDeleteMeError,{type:"error"})),(!(0,base_router_helpers_1.isEndpointDisabled)(r,"login")||!(0,base_router_helpers_1.isEndpointDisabled)(r,"logout")||!(0,base_router_helpers_1.isEndpointDisabled)(r,"signup")||!(0,base_router_helpers_1.isEndpointDisabled)(r,"updatePassword"))&&router.use("/auth",(0,express_rate_limit_1.default)((0,deepmerge_helper_1.default)({windowMs:5e3,limit:10,standardHeaders:"draft-7",legacyHeaders:!1,handler:(d,i)=>{i.status(429).json({message:"Too many requests, please try again later"})}},s?.authentication?.requestRateLimitOptions||{}))),(0,base_router_helpers_1.isEndpointDisabled)(r,"login")||router.post("/auth/login",(0,base_middlewares_1.handleRequestBodyValidationAndTransformation)(a("login")),(0,base_middlewares_1.addPrismaQueryOptionsToRequest)(o,"login"),...(0,routers_helpers_1.processMiddleware)(e?.beforeLogin),t.login,...(0,routers_helpers_1.processMiddleware)(e?.afterLogin),base_middlewares_1.sendResponse,...(0,routers_helpers_1.processMiddleware)(e?.onLoginError,{type:"error"})),(0,base_router_helpers_1.isEndpointDisabled)(r,"logout")||router.delete("/auth/logout",auth_service_1.default.authenticate,...(0,routers_helpers_1.processMiddleware)(e?.beforeLogout),t.logout,...(0,routers_helpers_1.processMiddleware)(e?.afterLogout),base_middlewares_1.sendResponse,...(0,routers_helpers_1.processMiddleware)(e?.onLogoutError,{type:"error"})),(0,base_router_helpers_1.isEndpointDisabled)(r,"signup")||router.post("/auth/signup",(0,base_middlewares_1.handleRequestBodyValidationAndTransformation)(a("signup")),(0,base_middlewares_1.addPrismaQueryOptionsToRequest)(o,"signup"),...(0,routers_helpers_1.processMiddleware)(e?.beforeSignup),t.signup,...(0,routers_helpers_1.processMiddleware)(e?.afterSignup),base_middlewares_1.sendResponse,...(0,routers_helpers_1.processMiddleware)(e?.onSignupError,{type:"error"})),(0,base_router_helpers_1.isEndpointDisabled)(r,"updatePassword")||router.post("/auth/update-password",auth_service_1.default.authenticate,(0,base_middlewares_1.handleRequestBodyValidationAndTransformation)(a("updatePassword")),(0,base_middlewares_1.addPrismaQueryOptionsToRequest)(o,"updatePassword"),...(0,routers_helpers_1.processMiddleware)(e?.beforeUpdatePassword),t.updatePassword,...(0,routers_helpers_1.processMiddleware)(e?.afterUpdatePassword),base_middlewares_1.sendResponse,...(0,routers_helpers_1.processMiddleware)(e?.onUpdatePasswordError,{type:"error"})),(0,base_router_helpers_1.isEndpointDisabled)(r,"findManyAuthAction")||router.get("/auth-actions",auth_service_1.default.authenticate,auth_service_1.default.handleAccessControl("View","auth-action"),...(0,routers_helpers_1.processMiddleware)(e?.beforeFindManyAuthAction),t.findManyAuthAction,...(0,routers_helpers_1.processMiddleware)(e?.afterFindManyAuthAction),base_middlewares_1.sendResponse,...(0,routers_helpers_1.processMiddleware)(e?.onFindManyAuthActionError,{type:"error"})),(0,base_router_helpers_1.isEndpointDisabled)(r,"findOneAuthAction")||router.get("/auth-actions/:resourceName",auth_service_1.default.authenticate,auth_service_1.default.handleAccessControl("View","auth-action"),...(0,routers_helpers_1.processMiddleware)(e?.beforeFindOneAuthAction),t.findOneAuthAction,...(0,routers_helpers_1.processMiddleware)(e?.afterFindOneAuthAction),base_middlewares_1.sendResponse,...(0,routers_helpers_1.processMiddleware)(e?.onFindOneAuthActionError,{type:"error"})),router}
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getAuthRouter = getAuthRouter;
+const express_1 = require("express");
+const auth_controller_1 = require("./auth.controller");
+const auth_service_1 = __importDefault(require("./auth.service"));
+const express_rate_limit_1 = __importDefault(require("express-rate-limit"));
+const dynamic_loader_1 = require("../../utils/dynamic-loader");
+const base_middlewares_1 = require("../base/base.middlewares");
+const deepmerge_helper_1 = __importDefault(require("../../utils/helpers/deepmerge.helper"));
+const routers_helpers_1 = require("../../utils/helpers/routers.helpers");
+const base_router_helpers_1 = require("../base/utils/helpers/base.router.helpers");
+const router = (0, express_1.Router)();
+async function getAuthRouter(arkosConfigs) {
+    const { interceptors, dtos, schemas, prismaQueryOptions, router: customRouterModule, } = (0, dynamic_loader_1.getModuleComponents)("auth") || {};
+    const routerConfig = customRouterModule?.config || {};
+    const authController = await (0, auth_controller_1.authControllerFactory)(interceptors);
+    if (routerConfig?.disable === true)
+        return router;
+    const getValidationSchemaOrDto = (key) => {
+        const validationConfigs = arkosConfigs?.validation;
+        if (validationConfigs?.resolver === "class-validator") {
+            return dtos?.[key];
+        }
+        else if (validationConfigs?.resolver === "zod") {
+            return schemas?.[key];
+        }
+        return undefined;
+    };
+    if (!(0, base_router_helpers_1.isEndpointDisabled)(routerConfig, "getMe")) {
+        router.get("/users/me", auth_service_1.default.authenticate, (0, base_middlewares_1.addPrismaQueryOptionsToRequest)(prismaQueryOptions, "getMe"), ...(0, routers_helpers_1.processMiddleware)(interceptors?.beforeGetMe), authController.getMe, ...(0, routers_helpers_1.processMiddleware)(interceptors?.afterGetMe), base_middlewares_1.sendResponse, ...(0, routers_helpers_1.processMiddleware)(interceptors?.onGetMeError, { type: "error" }));
+    }
+    if (!(0, base_router_helpers_1.isEndpointDisabled)(routerConfig, "updateMe")) {
+        router.patch("/users/me", auth_service_1.default.authenticate, (0, base_middlewares_1.handleRequestBodyValidationAndTransformation)(getValidationSchemaOrDto("updateMe")), (0, base_middlewares_1.addPrismaQueryOptionsToRequest)(prismaQueryOptions, "updateMe"), ...(0, routers_helpers_1.processMiddleware)(interceptors?.beforeUpdateMe), authController.updateMe, ...(0, routers_helpers_1.processMiddleware)(interceptors?.afterUpdateMe), base_middlewares_1.sendResponse, ...(0, routers_helpers_1.processMiddleware)(interceptors?.onUpdateMeError, { type: "error" }));
+    }
+    if (!(0, base_router_helpers_1.isEndpointDisabled)(routerConfig, "deleteMe")) {
+        router.delete("/users/me", auth_service_1.default.authenticate, (0, base_middlewares_1.addPrismaQueryOptionsToRequest)(prismaQueryOptions, "deleteMe"), ...(0, routers_helpers_1.processMiddleware)(interceptors?.beforeDeleteMe), authController.deleteMe, ...(0, routers_helpers_1.processMiddleware)(interceptors?.afterDeleteMe), base_middlewares_1.sendResponse, ...(0, routers_helpers_1.processMiddleware)(interceptors?.onDeleteMeError, { type: "error" }));
+    }
+    if (!(0, base_router_helpers_1.isEndpointDisabled)(routerConfig, "login") ||
+        !(0, base_router_helpers_1.isEndpointDisabled)(routerConfig, "logout") ||
+        !(0, base_router_helpers_1.isEndpointDisabled)(routerConfig, "signup") ||
+        !(0, base_router_helpers_1.isEndpointDisabled)(routerConfig, "updatePassword")) {
+        router.use("/auth", (0, express_rate_limit_1.default)((0, deepmerge_helper_1.default)({
+            windowMs: 5000,
+            limit: 10,
+            standardHeaders: "draft-7",
+            legacyHeaders: false,
+            handler: (_, res) => {
+                res.status(429).json({
+                    message: "Too many requests, please try again later",
+                });
+            },
+        }, arkosConfigs?.authentication?.requestRateLimitOptions || {})));
+    }
+    if (!(0, base_router_helpers_1.isEndpointDisabled)(routerConfig, "login")) {
+        router.post("/auth/login", (0, base_middlewares_1.handleRequestBodyValidationAndTransformation)(getValidationSchemaOrDto("login")), (0, base_middlewares_1.addPrismaQueryOptionsToRequest)(prismaQueryOptions, "login"), ...(0, routers_helpers_1.processMiddleware)(interceptors?.beforeLogin), authController.login, ...(0, routers_helpers_1.processMiddleware)(interceptors?.afterLogin), base_middlewares_1.sendResponse, ...(0, routers_helpers_1.processMiddleware)(interceptors?.onLoginError, { type: "error" }));
+    }
+    if (!(0, base_router_helpers_1.isEndpointDisabled)(routerConfig, "logout")) {
+        router.delete("/auth/logout", auth_service_1.default.authenticate, ...(0, routers_helpers_1.processMiddleware)(interceptors?.beforeLogout), authController.logout, ...(0, routers_helpers_1.processMiddleware)(interceptors?.afterLogout), base_middlewares_1.sendResponse, ...(0, routers_helpers_1.processMiddleware)(interceptors?.onLogoutError, { type: "error" }));
+    }
+    if (!(0, base_router_helpers_1.isEndpointDisabled)(routerConfig, "signup")) {
+        router.post("/auth/signup", (0, base_middlewares_1.handleRequestBodyValidationAndTransformation)(getValidationSchemaOrDto("signup")), (0, base_middlewares_1.addPrismaQueryOptionsToRequest)(prismaQueryOptions, "signup"), ...(0, routers_helpers_1.processMiddleware)(interceptors?.beforeSignup), authController.signup, ...(0, routers_helpers_1.processMiddleware)(interceptors?.afterSignup), base_middlewares_1.sendResponse, ...(0, routers_helpers_1.processMiddleware)(interceptors?.onSignupError, { type: "error" }));
+    }
+    if (!(0, base_router_helpers_1.isEndpointDisabled)(routerConfig, "updatePassword")) {
+        router.post("/auth/update-password", auth_service_1.default.authenticate, (0, base_middlewares_1.handleRequestBodyValidationAndTransformation)(getValidationSchemaOrDto("updatePassword")), (0, base_middlewares_1.addPrismaQueryOptionsToRequest)(prismaQueryOptions, "updatePassword"), ...(0, routers_helpers_1.processMiddleware)(interceptors?.beforeUpdatePassword), authController.updatePassword, ...(0, routers_helpers_1.processMiddleware)(interceptors?.afterUpdatePassword), base_middlewares_1.sendResponse, ...(0, routers_helpers_1.processMiddleware)(interceptors?.onUpdatePasswordError, {
+            type: "error",
+        }));
+    }
+    if (!(0, base_router_helpers_1.isEndpointDisabled)(routerConfig, "findManyAuthAction"))
+        router.get("/auth-actions", auth_service_1.default.authenticate, auth_service_1.default.handleAccessControl("View", "auth-action"), ...(0, routers_helpers_1.processMiddleware)(interceptors?.beforeFindManyAuthAction), authController.findManyAuthAction, ...(0, routers_helpers_1.processMiddleware)(interceptors?.afterFindManyAuthAction), base_middlewares_1.sendResponse, ...(0, routers_helpers_1.processMiddleware)(interceptors?.onFindManyAuthActionError, {
+            type: "error",
+        }));
+    if (!(0, base_router_helpers_1.isEndpointDisabled)(routerConfig, "findOneAuthAction"))
+        router.get("/auth-actions/:resourceName", auth_service_1.default.authenticate, auth_service_1.default.handleAccessControl("View", "auth-action"), ...(0, routers_helpers_1.processMiddleware)(interceptors?.beforeFindOneAuthAction), authController.findOneAuthAction, ...(0, routers_helpers_1.processMiddleware)(interceptors?.afterFindOneAuthAction), base_middlewares_1.sendResponse, ...(0, routers_helpers_1.processMiddleware)(interceptors?.onFindOneAuthActionError, {
+            type: "error",
+        }));
+    return router;
+}
+//# sourceMappingURL=auth.router.js.map