arkos 1.4.0-canary.76 → 1.4.0-canary.79

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (38) hide show
  1. package/dist/cjs/modules/auth/auth.router.js +1 -1
  2. package/dist/cjs/modules/auth/auth.router.js.map +1 -1
  3. package/dist/cjs/modules/auth/auth.service.js +1 -1
  4. package/dist/cjs/modules/auth/auth.service.js.map +1 -1
  5. package/dist/cjs/modules/base/base.middlewares.js +1 -1
  6. package/dist/cjs/modules/base/base.middlewares.js.map +1 -1
  7. package/dist/cjs/types/arkos-config.js.map +1 -1
  8. package/dist/cjs/types/auth.js.map +1 -1
  9. package/dist/cjs/types/new-arkos-config.js.map +1 -1
  10. package/dist/cjs/types/router-config.js.map +1 -1
  11. package/dist/cjs/utils/arkos-router/index.js +1 -1
  12. package/dist/cjs/utils/arkos-router/index.js.map +1 -1
  13. package/dist/cjs/utils/arkos-router/types/index.js.map +1 -1
  14. package/dist/cjs/utils/cli/utils/cli.helpers.js +1 -1
  15. package/dist/cjs/utils/dynamic-loader.js +1 -1
  16. package/dist/cjs/utils/dynamic-loader.js.map +1 -1
  17. package/dist/esm/modules/auth/auth.router.js +1 -1
  18. package/dist/esm/modules/auth/auth.router.js.map +1 -1
  19. package/dist/esm/modules/auth/auth.service.js +1 -1
  20. package/dist/esm/modules/auth/auth.service.js.map +1 -1
  21. package/dist/esm/modules/base/base.middlewares.js +1 -1
  22. package/dist/esm/modules/base/base.middlewares.js.map +1 -1
  23. package/dist/esm/types/arkos-config.js.map +1 -1
  24. package/dist/esm/types/auth.js.map +1 -1
  25. package/dist/esm/types/new-arkos-config.js.map +1 -1
  26. package/dist/esm/types/router-config.js.map +1 -1
  27. package/dist/esm/utils/arkos-router/index.js +1 -1
  28. package/dist/esm/utils/arkos-router/index.js.map +1 -1
  29. package/dist/esm/utils/arkos-router/types/index.js.map +1 -1
  30. package/dist/esm/utils/cli/utils/cli.helpers.js +1 -1
  31. package/dist/esm/utils/dynamic-loader.js +1 -1
  32. package/dist/esm/utils/dynamic-loader.js.map +1 -1
  33. package/dist/types/types/arkos-config.d.ts +1 -1
  34. package/dist/types/types/auth.d.ts +1 -1
  35. package/dist/types/types/new-arkos-config.d.ts +3 -3
  36. package/dist/types/types/router-config.d.ts +3 -3
  37. package/dist/types/utils/arkos-router/types/index.d.ts +1 -1
  38. package/package.json +1 -1
package/dist/cjs/modules/auth/auth.router.js CHANGED
@@ -60,7 +60,7 @@ function getAuthRouter(arkosConfigs) {
60
60
  message: "Too many requests, please try again later",
61
61
  });
62
62
  },
63
- }, arkosConfigs?.authentication?.requestRateLimitOptions || {})));
63
+ }, arkosConfigs?.authentication?.rateLimit || {})));
64
64
  }
65
65
  if (!(0, base_router_helpers_1.isEndpointDisabled)(routerConfig, "login")) {
66
66
  router.post((0, routers_helpers_1.createRouteConfig)("login", "auth", "/login", routerConfig, "auth", false, getValidationSchemaOrDto("login")), (0, base_middlewares_1.addPrismaQueryOptionsToRequest)(prismaQueryOptions, "login"), ...(0, routers_helpers_1.processMiddleware)(interceptors?.beforeLogin), authController.login, ...(0, routers_helpers_1.processMiddleware)(interceptors?.afterLogin), base_middlewares_1.sendResponse, ...(0, routers_helpers_1.processMiddleware)(interceptors?.onLoginError, { type: "error" }));
package/dist/cjs/modules/auth/auth.router.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth.router.js","sourceRoot":"","sources":["../../../../src/modules/auth/auth.router.ts"],"names":[],"mappings":";;;;;AAuBA,sCAiQC;AAvRD,uDAA0D;AAC1D,4EAA2C;AAC3C,+DAAiE;AACjE,+DAGkC;AAElC,4FAA6D;AAE7D,yEAG6C;AAC7C,mFAA+E;AAC/E,oFAA2D;AAC3D,sFAA6D;AAC7D,+DAAsE;AACtE,4EAAmD;AAEnD,MAAM,MAAM,GAAG,IAAA,sBAAW,GAAE,CAAC;AAE7B,SAAgB,aAAa,CAAC,YAAyB;IACrD,MAAM,EACJ,YAAY,EACZ,IAAI,EACJ,OAAO,EACP,kBAAkB,EAClB,MAAM,EAAE,kBAAkB,EAC1B,WAAW,GACZ,GAAG,IAAA,oCAAmB,EAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IAEtC,MAAM,YAAY,GAAG,kBAAkB,EAAE,MAAM,IAAI,EAAE,CAAC;IACtD,MAAM,YAAY,GAAG,kBAAkB,EAAE,OAAiB,CAAC;IAE3D,IAAI,YAAY,IAAI,kBAAkB,EAAE,CAAC;QACvC,IAAI,0BAAe,CAAC,eAAe,CAAC,YAAY,CAAC;YAC/C,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;;YAElC,MAAM,KAAK,CACT,yDAAyD,IAAA,iCAAoB,GAAE,0CAA0C,CAC1H,CAAC;IACN,CAAC;IAED,MAAM,cAAc,GAAG,IAAA,uCAAqB,EAAC,YAAY,CAAC,CAAC;IAE3D,IAAI,YAAY,EAAE,OAAO,KAAK,IAAI;QAAE,OAAO,MAAM,CAAC;IAElD,MAAM,wBAAwB,GAAG,CAC/B,GAAuD,EACvD,EAAE;QACF,MAAM,iBAAiB,GAAG,YAAY,EAAE,UAAU,CAAC;QACnD,IAAI,iBAAiB,EAAE,QAAQ,KAAK,iBAAiB;YAAE,OAAO,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC;aACrE,IAAI,iBAAiB,EAAE,QAAQ,KAAK,KAAK;YAAE,OAAO,OAAO,EAAE,CAAC,GAAG,CAAC,CAAC;QAEtE,OAAO,SAAS,CAAC;IACnB,CAAC,CAAC;IAGF,IAAI,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,OAAO,CAAC,EAAE,CAAC;QAC/C,MAAM,CAAC,GAAG,CACR,IAAA,mCAAiB,EAAC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,IAAI,CAAC,EACtE,IAAA,iDAA8B,EAC5B,kBAAiD,EACjD,OAAO,CACR,EACD,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,WAAW,CAAC,EAC/C,cAAc,CAAC,KAAK,EACpB,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,UAAU,CAAC,EAC9C,+BAAY,EACZ,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,YAAY,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CACpE,CAAC;IACJ,CAAC;IAGD,IAAI,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,UAAU,CAAC,EAAE,CAAC;QAClD,MAAM,CAAC,KAAK,CACV,IAAA,mCAAiB,EACf,UAAU,EACV,OAAO,EACP,KAAK,EACL,YAAY,EACZ,MAAM,EACN,IAAI,EACJ,wBAAwB,CAAC,UAAU,CAAC,CACrC,EACD,IAAA,iDAA8B,EAC5B,kBAAiD,EACjD,UAAU,CACX,EACD,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,cAAc,CAAC,EAClD,cAAc,CAAC,QAAQ,EACvB,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,aAAa,CAAC,EACjD,+BAAY,EACZ,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,eAAe,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CACvE,CAAC;IACJ,CAAC;IAGD,IAAI,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,UAAU,CAAC,EAAE,CAAC;QAClD,MAAM,CAAC,MAAM,CACX,IAAA,mCAAiB,EAAC,UAAU,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,IAAI,CAAC,EACzE,IAAA,iDAA8B,EAC5B,kBAAiD,EACjD,UAAU,CACX,EACD,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,cAAc,CAAC,EAClD,cAAc,CAAC,QAAQ,EACvB,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,aAAa,CAAC,EACjD,+BAAY,EACZ,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,eAAe,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CACvE,CAAC;IACJ,CAAC;IAGD,IACE,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,OAAO,CAAC;QAC1C,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,QAAQ,CAAC;QAC3C,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,QAAQ,CAAC;QAC3C,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,gBAAgB,CAAC,EACnD,CAAC;QACD,MAAM,CAAC,GAAG,CACR,OAAO,EACP,IAAA,4BAAS,EACP,IAAA,0BAAS,EACP;YACE,QAAQ,EAAE,IAAI;YACd,KAAK,EAAE,EAAE;YACT,eAAe,EAAE,SAAS;YAC1B,aAAa,EAAE,KAAK;YACpB,OAAO,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE;gBAClB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,OAAO,EAAE,2CAA2C;iBACrD,CAAC,CAAC;YACL,CAAC;SACF,EACD,YAAY,EAAE,cAAc,EAAE,uBAAuB,IAAI,EAAE,CAC5D,CACF,CACF,CAAC;IACJ,CAAC;IAGD,IAAI,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,OAAO,CAAC,EAAE,CAAC;QAC/C,MAAM,CAAC,IAAI,CACT,IAAA,mCAAiB,EACf,OAAO,EACP,MAAM,EACN,QAAQ,EACR,YAAY,EACZ,MAAM,EACN,KAAK,EACL,wBAAwB,CAAC,OAAO,CAAC,CAClC,EACD,IAAA,iDAA8B,EAC5B,kBAAiD,EACjD,OAAO,CACR,EACD,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,WAAW,CAAC,EAC/C,cAAc,CAAC,KAAK,EACpB,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,UAAU,CAAC,EAC9C,+BAAY,EACZ,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,YAAY,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CACpE,CAAC;IACJ,CAAC;IAGD,IAAI,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,QAAQ,CAAC,EAAE,CAAC;QAChD,MAAM,CAAC,MAAM,CACX,IAAA,mCAAiB,EACf,QAAQ,EACR,MAAM,EACN,SAAS,EACT,YAAY,EACZ,MAAM,EACN,IAAI,CACL,EACD,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,YAAY,CAAC,EAChD,cAAc,CAAC,MAAM,EACrB,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,WAAW,CAAC,EAC/C,+BAAY,EACZ,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CACrE,CAAC;IACJ,CAAC;IAGD,IAAI,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,QAAQ,CAAC,EAAE,CAAC;QAChD,MAAM,CAAC,IAAI,CACT,IAAA,mCAAiB,EACf,QAAQ,EACR,MAAM,EACN,SAAS,EACT,YAAY,EACZ,MAAM,EACN,KAAK,EACL,wBAAwB,CAAC,QAAQ,CAAC,CACnC,EACD,IAAA,iDAA8B,EAC5B,kBAAiD,EACjD,QAAQ,CACT,EACD,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,YAAY,CAAC,EAChD,cAAc,CAAC,MAAM,EACrB,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,WAAW,CAAC,EAC/C,+BAAY,EACZ,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CACrE,CAAC;IACJ,CAAC;IAGD,IAAI,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,gBAAgB,CAAC,EAAE,CAAC;QACxD,MAAM,CAAC,IAAI,CACT,IAAA,mCAAiB,EACf,gBAAgB,EAChB,MAAM,EACN,kBAAkB,EAClB,YAAY,EACZ,MAAM,EACN,IAAI,EACJ,wBAAwB,CAAC,gBAAgB,CAAC,CAC3C,EACD,IAAA,iDAA8B,EAC5B,kBAAiD,EACjD,gBAAgB,CACjB,EACD,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,oBAAoB,CAAC,EACxD,cAAc,CAAC,cAAc,EAC7B,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,mBAAmB,CAAC,EACvD,+BAAY,EACZ,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,qBAAqB,EAAE;YACxD,IAAI,EAAE,OAAO;SACd,CAAC,CACH,CAAC;IACJ,CAAC;IAGD,IAAI,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,oBAAoB,CAAC,EAAE,CAAC;QAC5D,MAAM,CAAC,GAAG,CACR,IAAA,mCAAiB,EACf,oBAAoB,EACpB,cAAc,EACd,EAAE,EACF,YAAY,EACZ,MAAM,EACN,WAAW,CACZ,EACD,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,wBAAwB,CAAC,EAC5D,cAAc,CAAC,kBAAkB,EACjC,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,uBAAuB,CAAC,EAC3D,+BAAY,EACZ,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,yBAAyB,EAAE;YAC5D,IAAI,EAAE,OAAO;SACd,CAAC,CACH,CAAC;IACJ,CAAC;IAGD,IAAI,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,mBAAmB,CAAC,EAAE,CAAC;QAC3D,MAAM,CAAC,GAAG,CACR,IAAA,mCAAiB,EACf,mBAAmB,EACnB,cAAc,EACd,gBAAgB,EAChB,YAAY,EACZ,MAAM,EACN,WAAW,CACZ,EACD,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,uBAAuB,CAAC,EAC3D,cAAc,CAAC,iBAAiB,EAChC,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,sBAAsB,CAAC,EAC1D,+BAAY,EACZ,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,wBAAwB,EAAE;YAC3D,IAAI,EAAE,OAAO;SACd,CAAC,CACH,CAAC;IACJ,CAAC;IAED,0BAAe,CAAC,oBAAoB,CAAC,MAAM,EAAE,MAAa,CAAC,CAAC;IAC5D,OAAO,MAAM,CAAC;AAChB,CAAC","sourcesContent":["import { Router } from \"express\";\nimport { authControllerFactory } from \"./auth.controller\";\nimport rateLimit from \"express-rate-limit\";\nimport { getModuleComponents } from \"../../utils/dynamic-loader\";\nimport {\n addPrismaQueryOptionsToRequest,\n sendResponse,\n} from \"../base/base.middlewares\";\nimport { ArkosConfig } from \"../../types/new-arkos-config\";\nimport deepmerge from \"../../utils/helpers/deepmerge.helper\";\nimport { AuthPrismaQueryOptions } from \"../../types\";\nimport {\n processMiddleware,\n createRouteConfig,\n} from \"../../utils/helpers/routers.helpers\";\nimport { isEndpointDisabled } from \"../base/utils/helpers/base.router.helpers\";\nimport debuggerService from \"../debugger/debugger.service\";\nimport routerValidator from \"../base/utils/router-validator\";\nimport { getUserFileExtension } from \"../../utils/helpers/fs.helpers\";\nimport ArkosRouter from \"../../utils/arkos-router\";\n\nconst router = ArkosRouter();\n\nexport function getAuthRouter(arkosConfigs: ArkosConfig) {\n const {\n interceptors,\n dtos,\n schemas,\n prismaQueryOptions,\n router: customRouterModule,\n authConfigs,\n } = getModuleComponents(\"auth\") || {};\n\n const routerConfig = customRouterModule?.config || {};\n const customRouter = customRouterModule?.default as Router;\n\n if (customRouter && customRouterModule) {\n if (routerValidator.isExpressRouter(customRouter))\n router.use(`/auth`, customRouter);\n else\n throw Error(\n `ValidationError: The exported router from auth.router.${getUserFileExtension()} is not a valid express or arkos Router.`\n );\n }\n\n const authController = authControllerFactory(interceptors);\n\n if (routerConfig?.disable === true) return router;\n\n const getValidationSchemaOrDto = (\n key: \"updateMe\" | \"updatePassword\" | \"login\" | \"signup\"\n ) => {\n const validationConfigs = arkosConfigs?.validation;\n if (validationConfigs?.resolver === \"class-validator\") return dtos?.[key];\n else if (validationConfigs?.resolver === \"zod\") return schemas?.[key];\n\n return undefined;\n };\n\n // GET /users/me - Get current user\n if (!isEndpointDisabled(routerConfig, \"getMe\")) {\n router.get(\n createRouteConfig(\"getMe\", \"users\", \"/me\", routerConfig, \"auth\", true),\n addPrismaQueryOptionsToRequest<any>(\n prismaQueryOptions as AuthPrismaQueryOptions<any>,\n \"getMe\"\n ),\n ...processMiddleware(interceptors?.beforeGetMe),\n authController.getMe,\n ...processMiddleware(interceptors?.afterGetMe),\n sendResponse,\n ...processMiddleware(interceptors?.onGetMeError, { type: \"error\" })\n );\n }\n\n // PATCH /users/me - Update current user\n if (!isEndpointDisabled(routerConfig, \"updateMe\")) {\n router.patch(\n createRouteConfig(\n \"updateMe\",\n \"users\",\n \"/me\",\n routerConfig,\n \"auth\",\n true,\n getValidationSchemaOrDto(\"updateMe\")\n ),\n addPrismaQueryOptionsToRequest<any>(\n prismaQueryOptions as AuthPrismaQueryOptions<any>,\n \"updateMe\"\n ),\n ...processMiddleware(interceptors?.beforeUpdateMe),\n authController.updateMe,\n ...processMiddleware(interceptors?.afterUpdateMe),\n sendResponse,\n ...processMiddleware(interceptors?.onUpdateMeError, { type: \"error\" })\n );\n }\n\n // DELETE /users/me - Delete current user\n if (!isEndpointDisabled(routerConfig, \"deleteMe\")) {\n router.delete(\n createRouteConfig(\"deleteMe\", \"users\", \"/me\", routerConfig, \"auth\", true),\n addPrismaQueryOptionsToRequest<any>(\n prismaQueryOptions as AuthPrismaQueryOptions<any>,\n \"deleteMe\"\n ),\n ...processMiddleware(interceptors?.beforeDeleteMe),\n authController.deleteMe,\n ...processMiddleware(interceptors?.afterDeleteMe),\n sendResponse,\n ...processMiddleware(interceptors?.onDeleteMeError, { type: \"error\" })\n );\n }\n\n // Apply rate limiting to auth routes\n if (\n !isEndpointDisabled(routerConfig, \"login\") ||\n !isEndpointDisabled(routerConfig, \"logout\") ||\n !isEndpointDisabled(routerConfig, \"signup\") ||\n !isEndpointDisabled(routerConfig, \"updatePassword\")\n ) {\n router.use(\n \"/auth\",\n rateLimit(\n deepmerge(\n {\n windowMs: 5000,\n limit: 10,\n standardHeaders: \"draft-7\",\n legacyHeaders: false,\n handler: (_, res) => {\n res.status(429).json({\n message: \"Too many requests, please try again later\",\n });\n },\n },\n arkosConfigs?.authentication?.requestRateLimitOptions || {}\n )\n )\n );\n }\n\n // POST /auth/login - Login\n if (!isEndpointDisabled(routerConfig, \"login\")) {\n router.post(\n createRouteConfig(\n \"login\",\n \"auth\",\n \"/login\",\n routerConfig,\n \"auth\",\n false,\n getValidationSchemaOrDto(\"login\")\n ),\n addPrismaQueryOptionsToRequest<any>(\n prismaQueryOptions as AuthPrismaQueryOptions<any>,\n \"login\"\n ),\n ...processMiddleware(interceptors?.beforeLogin),\n authController.login,\n ...processMiddleware(interceptors?.afterLogin),\n sendResponse,\n ...processMiddleware(interceptors?.onLoginError, { type: \"error\" })\n );\n }\n\n // DELETE /auth/logout - Logout\n if (!isEndpointDisabled(routerConfig, \"logout\")) {\n router.delete(\n createRouteConfig(\n \"logout\",\n \"auth\",\n \"/logout\",\n routerConfig,\n \"auth\",\n true\n ),\n ...processMiddleware(interceptors?.beforeLogout),\n authController.logout,\n ...processMiddleware(interceptors?.afterLogout),\n sendResponse,\n ...processMiddleware(interceptors?.onLogoutError, { type: \"error\" })\n );\n }\n\n // POST /auth/signup - Signup\n if (!isEndpointDisabled(routerConfig, \"signup\")) {\n router.post(\n createRouteConfig(\n \"signup\",\n \"auth\",\n \"/signup\",\n routerConfig,\n \"auth\",\n false,\n getValidationSchemaOrDto(\"signup\")\n ),\n addPrismaQueryOptionsToRequest<any>(\n prismaQueryOptions as AuthPrismaQueryOptions<any>,\n \"signup\"\n ),\n ...processMiddleware(interceptors?.beforeSignup),\n authController.signup,\n ...processMiddleware(interceptors?.afterSignup),\n sendResponse,\n ...processMiddleware(interceptors?.onSignupError, { type: \"error\" })\n );\n }\n\n // POST /auth/update-password - Update password\n if (!isEndpointDisabled(routerConfig, \"updatePassword\")) {\n router.post(\n createRouteConfig(\n \"updatePassword\",\n \"auth\",\n \"/update-password\",\n routerConfig,\n \"auth\",\n true,\n getValidationSchemaOrDto(\"updatePassword\")\n ),\n addPrismaQueryOptionsToRequest<any>(\n prismaQueryOptions as AuthPrismaQueryOptions<any>,\n \"updatePassword\"\n ),\n ...processMiddleware(interceptors?.beforeUpdatePassword),\n authController.updatePassword,\n ...processMiddleware(interceptors?.afterUpdatePassword),\n sendResponse,\n ...processMiddleware(interceptors?.onUpdatePasswordError, {\n type: \"error\",\n })\n );\n }\n\n // GET /auth-actions - Find many auth actions\n if (!isEndpointDisabled(routerConfig, \"findManyAuthAction\")) {\n router.get(\n createRouteConfig(\n \"findManyAuthAction\",\n \"auth-actions\",\n \"\",\n routerConfig,\n \"auth\",\n authConfigs\n ),\n ...processMiddleware(interceptors?.beforeFindManyAuthAction),\n authController.findManyAuthAction,\n ...processMiddleware(interceptors?.afterFindManyAuthAction),\n sendResponse,\n ...processMiddleware(interceptors?.onFindManyAuthActionError, {\n type: \"error\",\n })\n );\n }\n\n // GET /auth-actions/:resourceName - Find one auth action\n if (!isEndpointDisabled(routerConfig, \"findOneAuthAction\")) {\n router.get(\n createRouteConfig(\n \"findOneAuthAction\",\n \"auth-actions\",\n \"/:resourceName\",\n routerConfig,\n \"auth\",\n authConfigs\n ),\n ...processMiddleware(interceptors?.beforeFindOneAuthAction),\n authController.findOneAuthAction,\n ...processMiddleware(interceptors?.afterFindOneAuthAction),\n sendResponse,\n ...processMiddleware(interceptors?.onFindOneAuthActionError, {\n type: \"error\",\n })\n );\n }\n\n debuggerService.logModuleFinalRouter(\"auth\", router as any);\n return router;\n}\n"]}
1
+ {"version":3,"file":"auth.router.js","sourceRoot":"","sources":["../../../../src/modules/auth/auth.router.ts"],"names":[],"mappings":";;;;;AAuBA,sCAiQC;AAvRD,uDAA0D;AAC1D,4EAA2C;AAC3C,+DAAiE;AACjE,+DAGkC;AAElC,4FAA6D;AAE7D,yEAG6C;AAC7C,mFAA+E;AAC/E,oFAA2D;AAC3D,sFAA6D;AAC7D,+DAAsE;AACtE,4EAAmD;AAEnD,MAAM,MAAM,GAAG,IAAA,sBAAW,GAAE,CAAC;AAE7B,SAAgB,aAAa,CAAC,YAAyB;IACrD,MAAM,EACJ,YAAY,EACZ,IAAI,EACJ,OAAO,EACP,kBAAkB,EAClB,MAAM,EAAE,kBAAkB,EAC1B,WAAW,GACZ,GAAG,IAAA,oCAAmB,EAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IAEtC,MAAM,YAAY,GAAG,kBAAkB,EAAE,MAAM,IAAI,EAAE,CAAC;IACtD,MAAM,YAAY,GAAG,kBAAkB,EAAE,OAAiB,CAAC;IAE3D,IAAI,YAAY,IAAI,kBAAkB,EAAE,CAAC;QACvC,IAAI,0BAAe,CAAC,eAAe,CAAC,YAAY,CAAC;YAC/C,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;;YAElC,MAAM,KAAK,CACT,yDAAyD,IAAA,iCAAoB,GAAE,0CAA0C,CAC1H,CAAC;IACN,CAAC;IAED,MAAM,cAAc,GAAG,IAAA,uCAAqB,EAAC,YAAY,CAAC,CAAC;IAE3D,IAAI,YAAY,EAAE,OAAO,KAAK,IAAI;QAAE,OAAO,MAAM,CAAC;IAElD,MAAM,wBAAwB,GAAG,CAC/B,GAAuD,EACvD,EAAE;QACF,MAAM,iBAAiB,GAAG,YAAY,EAAE,UAAU,CAAC;QACnD,IAAI,iBAAiB,EAAE,QAAQ,KAAK,iBAAiB;YAAE,OAAO,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC;aACrE,IAAI,iBAAiB,EAAE,QAAQ,KAAK,KAAK;YAAE,OAAO,OAAO,EAAE,CAAC,GAAG,CAAC,CAAC;QAEtE,OAAO,SAAS,CAAC;IACnB,CAAC,CAAC;IAGF,IAAI,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,OAAO,CAAC,EAAE,CAAC;QAC/C,MAAM,CAAC,GAAG,CACR,IAAA,mCAAiB,EAAC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,IAAI,CAAC,EACtE,IAAA,iDAA8B,EAC5B,kBAAiD,EACjD,OAAO,CACR,EACD,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,WAAW,CAAC,EAC/C,cAAc,CAAC,KAAK,EACpB,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,UAAU,CAAC,EAC9C,+BAAY,EACZ,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,YAAY,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CACpE,CAAC;IACJ,CAAC;IAGD,IAAI,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,UAAU,CAAC,EAAE,CAAC;QAClD,MAAM,CAAC,KAAK,CACV,IAAA,mCAAiB,EACf,UAAU,EACV,OAAO,EACP,KAAK,EACL,YAAY,EACZ,MAAM,EACN,IAAI,EACJ,wBAAwB,CAAC,UAAU,CAAC,CACrC,EACD,IAAA,iDAA8B,EAC5B,kBAAiD,EACjD,UAAU,CACX,EACD,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,cAAc,CAAC,EAClD,cAAc,CAAC,QAAQ,EACvB,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,aAAa,CAAC,EACjD,+BAAY,EACZ,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,eAAe,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CACvE,CAAC;IACJ,CAAC;IAGD,IAAI,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,UAAU,CAAC,EAAE,CAAC;QAClD,MAAM,CAAC,MAAM,CACX,IAAA,mCAAiB,EAAC,UAAU,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,IAAI,CAAC,EACzE,IAAA,iDAA8B,EAC5B,kBAAiD,EACjD,UAAU,CACX,EACD,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,cAAc,CAAC,EAClD,cAAc,CAAC,QAAQ,EACvB,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,aAAa,CAAC,EACjD,+BAAY,EACZ,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,eAAe,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CACvE,CAAC;IACJ,CAAC;IAGD,IACE,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,OAAO,CAAC;QAC1C,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,QAAQ,CAAC;QAC3C,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,QAAQ,CAAC;QAC3C,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,gBAAgB,CAAC,EACnD,CAAC;QACD,MAAM,CAAC,GAAG,CACR,OAAO,EACP,IAAA,4BAAS,EACP,IAAA,0BAAS,EACP;YACE,QAAQ,EAAE,IAAI;YACd,KAAK,EAAE,EAAE;YACT,eAAe,EAAE,SAAS;YAC1B,aAAa,EAAE,KAAK;YACpB,OAAO,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE;gBAClB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,OAAO,EAAE,2CAA2C;iBACrD,CAAC,CAAC;YACL,CAAC;SACF,EACD,YAAY,EAAE,cAAc,EAAE,SAAS,IAAI,EAAE,CAC9C,CACF,CACF,CAAC;IACJ,CAAC;IAGD,IAAI,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,OAAO,CAAC,EAAE,CAAC;QAC/C,MAAM,CAAC,IAAI,CACT,IAAA,mCAAiB,EACf,OAAO,EACP,MAAM,EACN,QAAQ,EACR,YAAY,EACZ,MAAM,EACN,KAAK,EACL,wBAAwB,CAAC,OAAO,CAAC,CAClC,EACD,IAAA,iDAA8B,EAC5B,kBAAiD,EACjD,OAAO,CACR,EACD,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,WAAW,CAAC,EAC/C,cAAc,CAAC,KAAK,EACpB,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,UAAU,CAAC,EAC9C,+BAAY,EACZ,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,YAAY,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CACpE,CAAC;IACJ,CAAC;IAGD,IAAI,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,QAAQ,CAAC,EAAE,CAAC;QAChD,MAAM,CAAC,MAAM,CACX,IAAA,mCAAiB,EACf,QAAQ,EACR,MAAM,EACN,SAAS,EACT,YAAY,EACZ,MAAM,EACN,IAAI,CACL,EACD,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,YAAY,CAAC,EAChD,cAAc,CAAC,MAAM,EACrB,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,WAAW,CAAC,EAC/C,+BAAY,EACZ,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CACrE,CAAC;IACJ,CAAC;IAGD,IAAI,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,QAAQ,CAAC,EAAE,CAAC;QAChD,MAAM,CAAC,IAAI,CACT,IAAA,mCAAiB,EACf,QAAQ,EACR,MAAM,EACN,SAAS,EACT,YAAY,EACZ,MAAM,EACN,KAAK,EACL,wBAAwB,CAAC,QAAQ,CAAC,CACnC,EACD,IAAA,iDAA8B,EAC5B,kBAAiD,EACjD,QAAQ,CACT,EACD,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,YAAY,CAAC,EAChD,cAAc,CAAC,MAAM,EACrB,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,WAAW,CAAC,EAC/C,+BAAY,EACZ,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CACrE,CAAC;IACJ,CAAC;IAGD,IAAI,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,gBAAgB,CAAC,EAAE,CAAC;QACxD,MAAM,CAAC,IAAI,CACT,IAAA,mCAAiB,EACf,gBAAgB,EAChB,MAAM,EACN,kBAAkB,EAClB,YAAY,EACZ,MAAM,EACN,IAAI,EACJ,wBAAwB,CAAC,gBAAgB,CAAC,CAC3C,EACD,IAAA,iDAA8B,EAC5B,kBAAiD,EACjD,gBAAgB,CACjB,EACD,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,oBAAoB,CAAC,EACxD,cAAc,CAAC,cAAc,EAC7B,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,mBAAmB,CAAC,EACvD,+BAAY,EACZ,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,qBAAqB,EAAE;YACxD,IAAI,EAAE,OAAO;SACd,CAAC,CACH,CAAC;IACJ,CAAC;IAGD,IAAI,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,oBAAoB,CAAC,EAAE,CAAC;QAC5D,MAAM,CAAC,GAAG,CACR,IAAA,mCAAiB,EACf,oBAAoB,EACpB,cAAc,EACd,EAAE,EACF,YAAY,EACZ,MAAM,EACN,WAAW,CACZ,EACD,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,wBAAwB,CAAC,EAC5D,cAAc,CAAC,kBAAkB,EACjC,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,uBAAuB,CAAC,EAC3D,+BAAY,EACZ,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,yBAAyB,EAAE;YAC5D,IAAI,EAAE,OAAO;SACd,CAAC,CACH,CAAC;IACJ,CAAC;IAGD,IAAI,CAAC,IAAA,wCAAkB,EAAC,YAAY,EAAE,mBAAmB,CAAC,EAAE,CAAC;QAC3D,MAAM,CAAC,GAAG,CACR,IAAA,mCAAiB,EACf,mBAAmB,EACnB,cAAc,EACd,gBAAgB,EAChB,YAAY,EACZ,MAAM,EACN,WAAW,CACZ,EACD,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,uBAAuB,CAAC,EAC3D,cAAc,CAAC,iBAAiB,EAChC,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,sBAAsB,CAAC,EAC1D,+BAAY,EACZ,GAAG,IAAA,mCAAiB,EAAC,YAAY,EAAE,wBAAwB,EAAE;YAC3D,IAAI,EAAE,OAAO;SACd,CAAC,CACH,CAAC;IACJ,CAAC;IAED,0BAAe,CAAC,oBAAoB,CAAC,MAAM,EAAE,MAAa,CAAC,CAAC;IAC5D,OAAO,MAAM,CAAC;AAChB,CAAC","sourcesContent":["import { Router } from \"express\";\nimport { authControllerFactory } from \"./auth.controller\";\nimport rateLimit from \"express-rate-limit\";\nimport { getModuleComponents } from \"../../utils/dynamic-loader\";\nimport {\n addPrismaQueryOptionsToRequest,\n sendResponse,\n} from \"../base/base.middlewares\";\nimport { ArkosConfig } from \"../../types/new-arkos-config\";\nimport deepmerge from \"../../utils/helpers/deepmerge.helper\";\nimport { AuthPrismaQueryOptions } from \"../../types\";\nimport {\n processMiddleware,\n createRouteConfig,\n} from \"../../utils/helpers/routers.helpers\";\nimport { isEndpointDisabled } from \"../base/utils/helpers/base.router.helpers\";\nimport debuggerService from \"../debugger/debugger.service\";\nimport routerValidator from \"../base/utils/router-validator\";\nimport { getUserFileExtension } from \"../../utils/helpers/fs.helpers\";\nimport ArkosRouter from \"../../utils/arkos-router\";\n\nconst router = ArkosRouter();\n\nexport function getAuthRouter(arkosConfigs: ArkosConfig) {\n const {\n interceptors,\n dtos,\n schemas,\n prismaQueryOptions,\n router: customRouterModule,\n authConfigs,\n } = getModuleComponents(\"auth\") || {};\n\n const routerConfig = customRouterModule?.config || {};\n const customRouter = customRouterModule?.default as Router;\n\n if (customRouter && customRouterModule) {\n if (routerValidator.isExpressRouter(customRouter))\n router.use(`/auth`, customRouter);\n else\n throw Error(\n `ValidationError: The exported router from auth.router.${getUserFileExtension()} is not a valid express or arkos Router.`\n );\n }\n\n const authController = authControllerFactory(interceptors);\n\n if (routerConfig?.disable === true) return router;\n\n const getValidationSchemaOrDto = (\n key: \"updateMe\" | \"updatePassword\" | \"login\" | \"signup\"\n ) => {\n const validationConfigs = arkosConfigs?.validation;\n if (validationConfigs?.resolver === \"class-validator\") return dtos?.[key];\n else if (validationConfigs?.resolver === \"zod\") return schemas?.[key];\n\n return undefined;\n };\n\n // GET /users/me - Get current user\n if (!isEndpointDisabled(routerConfig, \"getMe\")) {\n router.get(\n createRouteConfig(\"getMe\", \"users\", \"/me\", routerConfig, \"auth\", true),\n addPrismaQueryOptionsToRequest<any>(\n prismaQueryOptions as AuthPrismaQueryOptions<any>,\n \"getMe\"\n ),\n ...processMiddleware(interceptors?.beforeGetMe),\n authController.getMe,\n ...processMiddleware(interceptors?.afterGetMe),\n sendResponse,\n ...processMiddleware(interceptors?.onGetMeError, { type: \"error\" })\n );\n }\n\n // PATCH /users/me - Update current user\n if (!isEndpointDisabled(routerConfig, \"updateMe\")) {\n router.patch(\n createRouteConfig(\n \"updateMe\",\n \"users\",\n \"/me\",\n routerConfig,\n \"auth\",\n true,\n getValidationSchemaOrDto(\"updateMe\")\n ),\n addPrismaQueryOptionsToRequest<any>(\n prismaQueryOptions as AuthPrismaQueryOptions<any>,\n \"updateMe\"\n ),\n ...processMiddleware(interceptors?.beforeUpdateMe),\n authController.updateMe,\n ...processMiddleware(interceptors?.afterUpdateMe),\n sendResponse,\n ...processMiddleware(interceptors?.onUpdateMeError, { type: \"error\" })\n );\n }\n\n // DELETE /users/me - Delete current user\n if (!isEndpointDisabled(routerConfig, \"deleteMe\")) {\n router.delete(\n createRouteConfig(\"deleteMe\", \"users\", \"/me\", routerConfig, \"auth\", true),\n addPrismaQueryOptionsToRequest<any>(\n prismaQueryOptions as AuthPrismaQueryOptions<any>,\n \"deleteMe\"\n ),\n ...processMiddleware(interceptors?.beforeDeleteMe),\n authController.deleteMe,\n ...processMiddleware(interceptors?.afterDeleteMe),\n sendResponse,\n ...processMiddleware(interceptors?.onDeleteMeError, { type: \"error\" })\n );\n }\n\n // Apply rate limiting to auth routes\n if (\n !isEndpointDisabled(routerConfig, \"login\") ||\n !isEndpointDisabled(routerConfig, \"logout\") ||\n !isEndpointDisabled(routerConfig, \"signup\") ||\n !isEndpointDisabled(routerConfig, \"updatePassword\")\n ) {\n router.use(\n \"/auth\",\n rateLimit(\n deepmerge(\n {\n windowMs: 5000,\n limit: 10,\n standardHeaders: \"draft-7\",\n legacyHeaders: false,\n handler: (_, res) => {\n res.status(429).json({\n message: \"Too many requests, please try again later\",\n });\n },\n },\n arkosConfigs?.authentication?.rateLimit || {}\n )\n )\n );\n }\n\n // POST /auth/login - Login\n if (!isEndpointDisabled(routerConfig, \"login\")) {\n router.post(\n createRouteConfig(\n \"login\",\n \"auth\",\n \"/login\",\n routerConfig,\n \"auth\",\n false,\n getValidationSchemaOrDto(\"login\")\n ),\n addPrismaQueryOptionsToRequest<any>(\n prismaQueryOptions as AuthPrismaQueryOptions<any>,\n \"login\"\n ),\n ...processMiddleware(interceptors?.beforeLogin),\n authController.login,\n ...processMiddleware(interceptors?.afterLogin),\n sendResponse,\n ...processMiddleware(interceptors?.onLoginError, { type: \"error\" })\n );\n }\n\n // DELETE /auth/logout - Logout\n if (!isEndpointDisabled(routerConfig, \"logout\")) {\n router.delete(\n createRouteConfig(\n \"logout\",\n \"auth\",\n \"/logout\",\n routerConfig,\n \"auth\",\n true\n ),\n ...processMiddleware(interceptors?.beforeLogout),\n authController.logout,\n ...processMiddleware(interceptors?.afterLogout),\n sendResponse,\n ...processMiddleware(interceptors?.onLogoutError, { type: \"error\" })\n );\n }\n\n // POST /auth/signup - Signup\n if (!isEndpointDisabled(routerConfig, \"signup\")) {\n router.post(\n createRouteConfig(\n \"signup\",\n \"auth\",\n \"/signup\",\n routerConfig,\n \"auth\",\n false,\n getValidationSchemaOrDto(\"signup\")\n ),\n addPrismaQueryOptionsToRequest<any>(\n prismaQueryOptions as AuthPrismaQueryOptions<any>,\n \"signup\"\n ),\n ...processMiddleware(interceptors?.beforeSignup),\n authController.signup,\n ...processMiddleware(interceptors?.afterSignup),\n sendResponse,\n ...processMiddleware(interceptors?.onSignupError, { type: \"error\" })\n );\n }\n\n // POST /auth/update-password - Update password\n if (!isEndpointDisabled(routerConfig, \"updatePassword\")) {\n router.post(\n createRouteConfig(\n \"updatePassword\",\n \"auth\",\n \"/update-password\",\n routerConfig,\n \"auth\",\n true,\n getValidationSchemaOrDto(\"updatePassword\")\n ),\n addPrismaQueryOptionsToRequest<any>(\n prismaQueryOptions as AuthPrismaQueryOptions<any>,\n \"updatePassword\"\n ),\n ...processMiddleware(interceptors?.beforeUpdatePassword),\n authController.updatePassword,\n ...processMiddleware(interceptors?.afterUpdatePassword),\n sendResponse,\n ...processMiddleware(interceptors?.onUpdatePasswordError, {\n type: \"error\",\n })\n );\n }\n\n // GET /auth-actions - Find many auth actions\n if (!isEndpointDisabled(routerConfig, \"findManyAuthAction\")) {\n router.get(\n createRouteConfig(\n \"findManyAuthAction\",\n \"auth-actions\",\n \"\",\n routerConfig,\n \"auth\",\n authConfigs\n ),\n ...processMiddleware(interceptors?.beforeFindManyAuthAction),\n authController.findManyAuthAction,\n ...processMiddleware(interceptors?.afterFindManyAuthAction),\n sendResponse,\n ...processMiddleware(interceptors?.onFindManyAuthActionError, {\n type: \"error\",\n })\n );\n }\n\n // GET /auth-actions/:resourceName - Find one auth action\n if (!isEndpointDisabled(routerConfig, \"findOneAuthAction\")) {\n router.get(\n createRouteConfig(\n \"findOneAuthAction\",\n \"auth-actions\",\n \"/:resourceName\",\n routerConfig,\n \"auth\",\n authConfigs\n ),\n ...processMiddleware(interceptors?.beforeFindOneAuthAction),\n authController.findOneAuthAction,\n ...processMiddleware(interceptors?.afterFindOneAuthAction),\n sendResponse,\n ...processMiddleware(interceptors?.onFindOneAuthActionError, {\n type: \"error\",\n })\n );\n }\n\n debuggerService.logModuleFinalRouter(\"auth\", router as any);\n return router;\n}\n"]}
package/dist/cjs/modules/auth/auth.service.js CHANGED
@@ -123,7 +123,7 @@ class AuthService {
123
123
  else if (accessControl[action])
124
124
  authorizedRoles = Array.isArray(accessControl[action])
125
125
  ? accessControl[action]
126
- : accessControl[action].roles;
126
+ : accessControl[action].roles || [];
127
127
  const userRoles = Array.isArray(user?.roles) ? user.roles : [user.role];
128
128
  return !!userRoles.some((role) => authorizedRoles.includes(role));
129
129
  }
package/dist/cjs/modules/auth/auth.service.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../../../src/modules/auth/auth.service.ts"],"names":[],"mappings":";;;;;;AAAA,gEAAgD;AAChD,wDAA8B;AAE9B,qFAA4D;AAC5D,iFAAwD;AACxD,+DAAoD;AACpD,yCAA8C;AAC9C,sEAA6C;AAC7C,uEAAuE;AAavE,qFAA2E;AAC3E,+DAA6E;AAC7E,+CAAgD;AAChD,mEAGoC;AACpC,+FAAqE;AACrE,mFAAmF;AAKnF,MAAa,WAAW;IAAxB;QAIE,uBAAkB,GAAgC,EAAE,CAAC;QA4arD,iBAAY,GAAG,IAAA,qBAAU,EACvB,KAAK,EAAE,GAAiB,EAAE,CAAgB,EAAE,IAAuB,EAAE,EAAE;YACrE,IAAI,IAAA,8CAAuB,GAAE;gBAC3B,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAS,CAAC;YAC5D,IAAI,EAAE,CAAC;QACT,CAAC,CACF,CAAC;IAqFJ,CAAC;IA7fC,YAAY,CACV,EAAmB,EACnB,SAA+B,EAC/B,MAAe;QAEf,MAAM,EAAE,cAAc,EAAE,OAAO,EAAE,GAAG,IAAA,uBAAc,GAAE,CAAC;QAErD,IACE,OAAO,CAAC,GAAG,CAAC,WAAW,KAAK,MAAM;YAClC,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU;YACvB,CAAC,OAAO,EAAE,GAAG,EAAE,MAAM;YAErB,MAAM,IAAI,mBAAQ,CAChB,mCAAmC,EACnC,GAAG,EACH,wBAAwB,CACzB,CAAC;QAEJ,MAAM;YACJ,MAAM;gBACN,OAAO,EAAE,GAAG,EAAE,MAAM;gBACpB,OAAO,CAAC,GAAG,CAAC,UAAU;gBACtB,mBAAQ,CAAC,UAAU,CAAC;QAEtB,SAAS,GAAG,CAAC,SAAS;YACpB,OAAO,EAAE,GAAG,EAAE,SAAS;YACvB,OAAO,CAAC,GAAG,CAAC,cAAc;YAC1B,mBAAQ,CAAC,cAAc,CAAmC,CAAC;QAE7D,OAAO,sBAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE;YAC9B,SAAS,EAAE,SAAuB;SACnC,CAAC,CAAC;IACL,CAAC;IAoBD,mBAAmB,CAAC,GAAiB;QACnC,MAAM,WAAW,GAAG,IAAA,uBAAc,GAAE,CAAC;QACrC,MAAM,WAAW,GAAG,WAAW,EAAE,cAAc,CAAC;QAEhD,IAAI,CAAC,GAAG;YACN,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;QAExE,MAAM,QAAQ,GACZ,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,QAAQ;YACjC,OAAO,CAAC,GAAG,CAAC,oBAIC;YACd,KAAK,CAAC;QAER,OAAO;YACL,OAAO,EAAE,IAAI,IAAI,CACf,IAAI,CAAC,GAAG,EAAE;gBACR,MAAM,CACJ,IAAA,8BAAI,EACF,WAAW,EAAE,GAAG,EAAE,SAAS;oBACxB,OAAO,CAAC,GAAG,CAAC,cAA6B;oBACzC,mBAAQ,CAAC,cAA6B,CAC1C,CACF,CACJ;YACD,QAAQ,EACN,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,QAAQ;gBAClC,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,KAAK,SAAS;oBAC7C,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,KAAK,MAAM;oBAC7C,CAAC,CAAC,SAAS,CAAC;gBACd,IAAI;YACN,MAAM,EACJ,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM;gBAChC,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,KAAK,MAAM;oBACvC,GAAG,CAAC,MAAM;oBACV,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,KAAK,OAAO;oBAC5C,QAAQ,KAAK,MAAM,CAAC;YACxB,QAAQ;SACT,CAAC;IACJ,CAAC;IAaD,gBAAgB,CAAC,QAAgB;QAC/B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,kBAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;IACvD,CAAC;IASD,KAAK,CAAC,iBAAiB,CACrB,iBAAyB,EACzB,YAAoB;QAEpB,OAAO,MAAM,kBAAM,CAAC,OAAO,CAAC,iBAAiB,EAAE,YAAY,CAAC,CAAC;IAC/D,CAAC;IAQD,KAAK,CAAC,YAAY,CAAC,QAAgB;QACjC,OAAO,MAAM,kBAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;IACzC,CAAC;IAmBM,gBAAgB,CAAC,QAAgB;QACtC,MAAM,eAAe,GAAG,IAAA,uBAAc,GAAE,EAAE,cAAc,CAAC;QAEzD,MAAM,mBAAmB,GACvB,eAAe,EAAE,kBAAkB,EAAE,KAAK;YAC1C,oCAAoC,CAAC;QACvC,OAAO,mBAAmB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC5C,CAAC;IASD,wBAAwB,CAAC,IAAU,EAAE,YAAoB;QACvD,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC3B,MAAM,kBAAkB,GAAG,QAAQ,CACjC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,EAC/C,EAAE,CACH,CAAC;YAEF,OAAO,YAAY,GAAG,kBAAkB,CAAC;QAC3C,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAUD,KAAK,CAAC,cAAc,CAClB,KAAa,EACb,MAAe;QAEf,MAAM,EAAE,cAAc,EAAE,OAAO,EAAE,GAAG,IAAA,uBAAc,GAAE,CAAC;QAErD,IACE,OAAO,CAAC,GAAG,CAAC,WAAW,KAAK,MAAM;YAClC,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU;YACvB,CAAC,OAAO,EAAE,GAAG,EAAE,MAAM;YAErB,MAAM,IAAI,mBAAQ,CAChB,kCAAkC,EAClC,GAAG,EACH,8BAA8B,CAC/B,CAAC;QAEJ,MAAM;YACJ,MAAM;gBACN,OAAO,EAAE,GAAG,EAAE,MAAM;gBACpB,OAAO,CAAC,GAAG,CAAC,UAAU;gBACtB,mBAAQ,CAAC,UAAU,CAAC;QAEtB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,sBAAG,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE;gBACzC,IAAI,GAAG;oBAAE,MAAM,CAAC,GAAG,CAAC,CAAC;;oBAChB,OAAO,CAAC,OAAyB,CAAC,CAAC;YAC1C,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAYS,wBAAwB,CAChC,IAAU,EACV,MAAc,EACd,aAAkC;QAElC,IAAI,CAAC,IAAI,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK;YAC5B,MAAM,KAAK,CACT,qHAAqH,CACtH,CAAC;QAEJ,IAAI,eAAe,GAAa,EAAE,CAAC;QAEnC,IAAI,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC;YAAE,eAAe,GAAG,aAAa,CAAC;aAC7D,IAAI,aAAa,CAAC,MAAM,CAAC;YAC5B,eAAe,GAAG,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;gBACpD,CAAC,CAAC,aAAa,CAAC,MAAM,CAAC;gBACvB,CAAC,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC;QAElC,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAExE,OAAO,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,IAAY,EAAE,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IAC5E,CAAC;IAWS,KAAK,CAAC,yBAAyB,CACvC,MAAc,EACd,MAAc,EACd,QAAgB;QAEhB,MAAM,MAAM,GAAG,IAAA,kCAAiB,GAAE,CAAC;QACnC,OAAO,CAAC,CAAC,CAAC,MAAM,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC;YACxC,KAAK,EAAE;gBACL,MAAM;gBACN,IAAI,EAAE;oBACJ,WAAW,EAAE;wBACX,IAAI,EAAE;4BACJ,QAAQ;4BACR,MAAM;yBACP;qBACF;iBACF;aACF;YACD,MAAM,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE;SACrB,CAAC,CAAC,CAAC;IACN,CAAC;IAUD,mBAAmB,CACjB,MAAoB,EACpB,QAAgB,EAChB,aAAmC;QAEnC,IACE,CAAC,aAAa;YACd,2BAAU,CAAC,IAAI,CACb,CAAC,SAAS,EAAE,EAAE,CAAC,IAAA,iBAAS,EAAC,SAAS,CAAC,KAAK,IAAA,iBAAS,EAAC,QAAQ,CAAC,CAC5D;YAED,aAAa,GAAG,IAAA,oCAAmB,EAAC,QAAQ,CAAC,EAAE,WAAW,EAAE,aAAa,CAAC;QAE5E,6BAAiB,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAC;QAEvD,OAAO,IAAA,qBAAU,EACf,KAAK,EAAE,GAAiB,EAAE,CAAgB,EAAE,IAAuB,EAAE,EAAE;YACrE,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;gBACb,MAAM,IAAI,GAAG,GAAG,CAAC,IAAY,CAAC;gBAC9B,MAAM,OAAO,GAAG,IAAA,uBAAc,GAAE,CAAC;gBAEjC,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;oBACrB,IAAI,EAAE,CAAC;oBACP,OAAO;gBACT,CAAC;gBAED,MAAM,yBAAyB,GAAG,IAAI,mBAAQ,CAC5C,kDAAkD,EAClD,GAAG,EACH,EAAE,EACF,sBAAsB,CACvB,CAAC;gBAEF,IAAI,OAAO,EAAE,cAAc,EAAE,IAAI,KAAK,SAAS,EAAE,CAAC;oBAChD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,yBAAyB,CACxD,IAAI,CAAC,EAAE,EACP,MAAM,EACN,QAAQ,CACT,CAAC;oBAEF,IAAI,CAAC,aAAa;wBAAE,OAAO,IAAI,CAAC,yBAAyB,CAAC,CAAC;gBAC7D,CAAC;qBAAM,IAAI,OAAO,EAAE,cAAc,EAAE,IAAI,KAAK,QAAQ,EAAE,CAAC;oBACtD,IAAI,CAAC,aAAa;wBAAE,OAAO,IAAI,CAAC,yBAAyB,CAAC,CAAC;oBAE3D,MAAM,aAAa,GAAG,IAAI,CAAC,wBAAwB,CACjD,IAAI,EACJ,MAAM,EACN,aAAa,CACd,CAAC;oBAEF,IAAI,CAAC,aAAa;wBAAE,OAAO,IAAI,CAAC,yBAAyB,CAAC,CAAC;gBAC7D,CAAC;YACH,CAAC;YAED,IAAI,EAAE,CAAC;QACT,CAAC,CACF,CAAC;IACJ,CAAC;IAQD,KAAK,CAAC,oBAAoB,CAAC,GAAiB;QAC1C,MAAM,WAAW,GAAG,IAAA,uBAAc,GAAE,CAAC;QACrC,IAAI,CAAC,WAAW,EAAE,cAAc;YAAE,OAAO,IAAI,CAAC;QAE9C,MAAM,MAAM,GAAG,IAAA,kCAAiB,GAAE,CAAC;QAEnC,IAAI,KAAyB,CAAC;QAE9B,IACE,GAAG,EAAE,OAAO,EAAE,aAAa;YAC3B,GAAG,EAAE,OAAO,EAAE,aAAa,CAAC,UAAU,CAAC,QAAQ,CAAC,EAChD,CAAC;YACD,KAAK,GAAG,GAAG,EAAE,OAAO,EAAE,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACpD,CAAC;aAAM,IAAI,GAAG,EAAE,OAAO,EAAE,kBAAkB,KAAK,UAAU,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;YAC1E,KAAK,GAAG,GAAG,EAAE,OAAO,EAAE,kBAAkB,CAAC;QAC3C,CAAC;QAED,IAAI,CAAC,KAAK;YAAE,MAAM,uCAAkB,CAAC;QAErC,IAAI,OAAmC,CAAC;QAExC,IAAI,CAAC;YACH,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;QAC7C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,yCAAoB,CAAC;QAC7B,CAAC;QAED,IAAI,CAAC,OAAO,EAAE,EAAE;YAAE,MAAM,yCAAoB,CAAC;QAC7C,MAAM,IAAI,GAAe,MAAO,MAAc,CAAC,IAAI,CAAC,UAAU,CAAC;YAC7D,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE;SAClC,CAAC,CAAC;QAEH,IAAI,CAAC,IAAI;YACP,MAAM,IAAI,mBAAQ,CAChB,wDAAwD,EACxD,GAAG,EACH,EAAE,EACF,oBAAoB,CACrB,CAAC;QAEJ,IACE,IAAI,CAAC,wBAAwB,CAAC,IAAI,EAAE,OAAO,CAAC,GAAI,CAAC;YACjD,CAAC,GAAG,CAAC,IAAI,EAAE,QAAQ,EAAE,CAAC,QAAQ,CAAC;YAE/B,MAAM,IAAI,mBAAQ,CAChB,sDAAsD,EACtD,GAAG,EACH,EAAE,EACF,iBAAiB,CAClB,CAAC;QAEJ,GAAG,CAAC,WAAW,GAAG,KAAK,CAAC;QACxB,OAAO,IAAI,CAAC;IACd,CAAC;IAyBD,2BAA2B,CACzB,MAAoB,EACpB,qBAA+D;QAE/D,IAAI,qBAAqB,IAAI,OAAO,qBAAqB,KAAK,QAAQ,EAAE,CAAC;YACvE,IAAI,qBAAqB,CAAC,MAAM,CAAC,KAAK,KAAK;gBAAE,OAAO,2BAAQ,CAAC;iBACxD,IAAI,qBAAqB,CAAC,MAAM,CAAC,KAAK,IAAI;gBAAE,OAAO,IAAI,CAAC,YAAY,CAAC;QAC5E,CAAC;;YAAM,OAAO,IAAI,CAAC,YAAY,CAAC;QAEhC,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAyBD,UAAU,CACR,MAAc,EACd,QAAgB,EAChB,aAAmC;QAGnC,MAAM,KAAK,GAAG,IAAI,KAAK,EAAE,CAAC,KAAK,CAAC;QAEhC,IAAI,KAAK,EAAE,QAAQ,CAAC,0CAA0C,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,oFAAoF,CACrF,CAAC;QAEJ,6BAAiB,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAC;QAEvD,OAAO,KAAK,EAAE,IAAyB,EAAoB,EAAE;YAE3D,MAAM,OAAO,GAAG,IAAA,uBAAc,GAAE,CAAC;YACjC,IAAI,CAAC,OAAO,EAAE,cAAc;gBAC1B,MAAM,KAAK,CACT,2FAA2F,CAC5F,CAAC;YAEJ,IAAI,CAAC,IAAI;gBAAE,MAAM,uCAAkB,CAAC;YACpC,IAAI,IAAI,CAAC,WAAW;gBAAE,OAAO,IAAI,CAAC;YAElC,IAAI,OAAO,EAAE,cAAc,EAAE,IAAI,KAAK,SAAS,EAAE,CAAC;gBAChD,OAAO,MAAM,IAAI,CAAC,yBAAyB,CAAC,IAAI,EAAE,EAAE,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;YAC1E,CAAC;iBAAM,IAAI,OAAO,EAAE,cAAc,EAAE,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACtD,IAAI,CAAC,aAAa,IAAI,2BAAU,CAAC,QAAQ,CAAC,IAAA,iBAAS,EAAC,QAAQ,CAAC,CAAC;oBAC5D,aAAa,GAAG,IAAA,oCAAmB,EAAC,IAAA,iBAAS,EAAC,QAAQ,CAAC,CAAC,EAAE,WAAW;wBACnE,EAAE,aAAa,CAAC;gBAEpB,OAAO,CACL,CAAC,CAAC,aAAa;oBACf,IAAI,CAAC,wBAAwB,CAAC,IAAW,EAAE,MAAM,EAAE,aAAa,CAAC,CAClE,CAAC;YACJ,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;IACJ,CAAC;CACF;AA3gBD,kCA2gBC;AAKD,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC;AAEtC,kBAAe,WAAW,CAAC","sourcesContent":["import jwt, { SignOptions } from \"jsonwebtoken\";\nimport bcrypt from \"bcryptjs\";\nimport { User } from \"../../types\";\nimport catchAsync from \"../error-handler/utils/catch-async\";\nimport AppError from \"../error-handler/utils/app-error\";\nimport { callNext } from \"../base/base.middlewares\";\nimport { getArkosConfig } from \"../../server\";\nimport arkosEnv from \"../../utils/arkos-env\";\nimport { getPrismaInstance } from \"../../utils/helpers/prisma.helpers\";\nimport {\n ArkosRequest,\n ArkosResponse,\n ArkosNextFunction,\n ArkosRequestHandler,\n} from \"../../types\";\nimport {\n AuthJwtPayload,\n AccessAction,\n AccessControlConfig,\n AuthenticationControlConfig,\n} from \"../../types/auth\";\nimport { MsDuration, toMs } from \"./utils/helpers/auth.controller.helpers\";\nimport { appModules, getModuleComponents } from \"../../utils/dynamic-loader\";\nimport { kebabCase } from \"../../exports/utils\";\nimport {\n invaliAuthTokenError,\n loginRequiredError,\n} from \"./utils/auth-error-objects\";\nimport authActionService from \"./utils/services/auth-action.service\";\nimport { isAuthenticationEnabled } from \"../../utils/helpers/arkos-config.helpers\";\n\n/**\n * Handles various authentication-related tasks such as JWT signing, password hashing, and verifying user credentials.\n */\nexport class AuthService {\n /**\n * Object containing a combination of actions per resource, tracked by each set of calls of `authService.handleAccessControl`, this can be accessed through the `authService` object or through the endpoint\n */\n actionsPerResource: Record<string, Set<string>> = {};\n\n /**\n * Signs a JWT token for the user.\n *\n * @param {number | string} id - The unique identifier of the user to generate the token for.\n * @param {string | number} [expiresIn] - The expiration time for the token. Defaults to environment variable `JWT_EXPIRES_IN`.\n * @param {string} [secret] - The secret key used to sign the token. Defaults to environment variable `JWT_SECRET`.\n * @returns {string} The signed JWT token.\n */\n signJwtToken(\n id: number | string,\n expiresIn?: MsDuration | number,\n secret?: string\n ): string {\n const { authentication: configs } = getArkosConfig();\n\n if (\n process.env.ARKOS_BUILD === \"true\" &&\n !process.env.JWT_SECRET &&\n !configs?.jwt?.secret\n )\n throw new AppError(\n \"Missing JWT secret on production!\",\n 500,\n \"MissingJWTOnProduction\"\n );\n\n secret =\n secret ||\n configs?.jwt?.secret ||\n process.env.JWT_SECRET ||\n arkosEnv.JWT_SECRET;\n\n expiresIn = (expiresIn ||\n configs?.jwt?.expiresIn ||\n process.env.JWT_EXPIRES_IN ||\n arkosEnv.JWT_EXPIRES_IN) as keyof SignOptions[\"expiresIn\"];\n\n return jwt.sign({ id }, secret, {\n expiresIn: expiresIn as MsDuration,\n });\n }\n\n /**\n * Retrieves cookie configuration options for JWT authentication.\n *\n * Merges configuration from multiple sources in order of precedence:\n * 1. Arkos configuration file\n * 2. Environment variables\n * 3. Request properties (for secure flag)\n * 4. Default fallback values\n *\n * @param req - ArkosRequest object used to determine if the connection is secure\n * @returns Cookie options object with expires, httpOnly, secure, and sameSite properties\n *\n * @example\n * ```typescript\n * const cookieOptions = authService.getJwtCookieOptions(req);\n * res.cookie('jwt', token, cookieOptions);\n * ```\n */\n getJwtCookieOptions(req: ArkosRequest) {\n const arkosConfig = getArkosConfig();\n const authConfigs = arkosConfig?.authentication;\n\n if (!req)\n throw new Error(\"Missing req object in order get jwt cookie options\");\n\n const sameSite =\n authConfigs?.jwt?.cookie?.sameSite ||\n (process.env.JWT_COOKIE_SAME_SITE as\n | \"none\"\n | \"lax\"\n | \"strict\"\n | undefined) ||\n \"lax\";\n\n return {\n expires: new Date(\n Date.now() +\n Number(\n toMs(\n authConfigs?.jwt?.expiresIn ||\n (process.env.JWT_EXPIRES_IN as MsDuration) ||\n (arkosEnv.JWT_EXPIRES_IN as MsDuration)\n )\n )\n ),\n httpOnly:\n authConfigs?.jwt?.cookie?.httpOnly ??\n (process.env.JWT_COOKIE_HTTP_ONLY !== undefined\n ? process.env.JWT_COOKIE_HTTP_ONLY === \"true\"\n : undefined) ??\n true,\n secure:\n authConfigs?.jwt?.cookie?.secure ??\n (process.env.JWT_COOKIE_SECURE === \"true\" ||\n req.secure ||\n req.headers[\"x-forwarded-proto\"] === \"https\" ||\n sameSite === \"none\"),\n sameSite,\n };\n }\n\n /**\n * Is used by default internally by Arkos under `BaseService` class to check if the password is already hashed.\n *\n * This was just added to prevent unwanted errors when someone just forgets that the `BaseService` class will automatically hash the password field using `authService.hashPassword` by default.\n *\n * So now before `BaseService` hashes it will test it.\n *\n *\n * @param password The password to be tested if is hashed\n * @returns\n */\n isPasswordHashed(password: string) {\n return !Number.isNaN(bcrypt.getRounds(password) * 1);\n }\n\n /**\n * Compares a candidate password with the stored user password to check if they match.\n *\n * @param {string} candidatePassword - The password provided by the user during login.\n * @param {string} userPassword - The password stored in the database.\n * @returns {Promise<boolean>} Returns true if the passwords match, otherwise false.\n */\n async isCorrectPassword(\n candidatePassword: string,\n userPassword: string\n ): Promise<boolean> {\n return await bcrypt.compare(candidatePassword, userPassword);\n }\n\n /**\n * Hashes a plain text password using bcrypt.\n *\n * @param {string} password - The password to be hashed.\n * @returns {Promise<string>} Returns the hashed password.\n */\n async hashPassword(password: string): Promise<string> {\n return await bcrypt.hash(password, 12);\n }\n\n /**\n * Checks if a password is strong, requiring uppercase, lowercase, and numeric characters as the default.\n *\n * **NB**: You must pay attention when using custom validation with zod or class-validator, try to use the same regex always.\n *\n * **Note**: You can define it when calling arkos.init()\n * ```ts\n * arkos.init({\n * authentication: {\n * passwordValidation:{ regex: /your-desired-regex/, message: 'password must contain...'}\n * }\n * })\n * ```\n *\n * @param {string} password - The password to check.\n * @returns {boolean} Returns true if the password meets the strength criteria, otherwise false.\n */\n public isPasswordStrong(password: string): boolean {\n const initAuthConfigs = getArkosConfig()?.authentication;\n\n const strongPasswordRegex =\n initAuthConfigs?.passwordValidation?.regex ||\n /^(?=.*[A-Z])(?=.*[a-z])(?=.*\\d).+$/;\n return strongPasswordRegex.test(password);\n }\n\n /**\n * Checks if a user has changed their password after the JWT was issued.\n *\n * @param {User} user - The user object containing the passwordChangedAt field.\n * @param {number} JWTTimestamp - The timestamp when the JWT was issued.\n * @returns {boolean} Returns true if the user changed their password after the JWT was issued, otherwise false.\n */\n userChangedPasswordAfter(user: User, JWTTimestamp: number): boolean {\n if (user.passwordChangedAt) {\n const convertedTimestamp = parseInt(\n String(user.passwordChangedAt.getTime() / 1000),\n 10\n );\n\n return JWTTimestamp < convertedTimestamp;\n }\n return false;\n }\n\n /**\n * Verifies the authenticity of a JWT token.\n *\n * @param {string} token - The JWT token to verify.\n * @param {string} [secret] - The secret key used to verify the token. Defaults to environment variable `JWT_SECRET`.\n * @returns {Promise<AuthJwtPayload>} Returns the decoded JWT payload if the token is valid.\n * @throws {Error} Throws an error if the token is invalid or expired.\n */\n async verifyJwtToken(\n token: string,\n secret?: string\n ): Promise<AuthJwtPayload> {\n const { authentication: configs } = getArkosConfig();\n\n if (\n process.env.ARKOS_BUILD === \"true\" &&\n !process.env.JWT_SECRET &&\n !configs?.jwt?.secret\n )\n throw new AppError(\n \"Missing JWT secret in production\",\n 500,\n \"MissingJWTSecretInProduction\"\n );\n\n secret =\n secret ||\n configs?.jwt?.secret ||\n process.env.JWT_SECRET ||\n arkosEnv.JWT_SECRET;\n\n return new Promise((resolve, reject) => {\n jwt.verify(token, secret, (err, decoded) => {\n if (err) reject(err);\n else resolve(decoded as AuthJwtPayload);\n });\n });\n }\n\n /**\n * Checks if a user has permission for a specific action using static access control rules.\n * Validates user roles against predefined access control configuration.\n *\n * @param user - The user object containing role or roles field\n * @param action - The action being performed\n * @param accessControl - Access control configuration (array of roles or object with action-role mappings)\n * @returns True if user has permission, false otherwise\n * @throws Error if user doesn't have role/roles field\n */\n protected checkStaticAccessControl(\n user: User,\n action: string,\n accessControl: AccessControlConfig\n ) {\n if (!user?.role && !user.roles)\n throw Error(\n \"Validation Error: In order to use static authentication user needs at least role field or roles for multiple roles.\"\n );\n\n let authorizedRoles: string[] = [];\n\n if (Array.isArray(accessControl)) authorizedRoles = accessControl;\n else if (accessControl[action])\n authorizedRoles = Array.isArray(accessControl[action])\n ? accessControl[action]\n : accessControl[action].roles;\n\n const userRoles = Array.isArray(user?.roles) ? user.roles : [user.role];\n\n return !!userRoles.some((role: string) => authorizedRoles.includes(role));\n }\n\n /**\n * Checks if a user has permission for a specific action and resource using dynamic access control.\n * Queries the database to verify user's role permissions.\n *\n * @param userId - The unique identifier of the user\n * @param action - The action being performed\n * @param resource - The resource being accessed\n * @returns Promise resolving to true if user has permission, false otherwise\n */\n protected async checkDynamicAccessControl(\n userId: string,\n action: string,\n resource: string\n ) {\n const prisma = getPrismaInstance();\n return !!(await prisma.userRole.findFirst({\n where: {\n userId,\n role: {\n permissions: {\n some: {\n resource,\n action,\n },\n },\n },\n },\n select: { id: true },\n }));\n }\n\n /**\n * Middleware function to handle access control based on user roles and permissions.\n *\n * @param {AccessAction} action - The action being performed (e.g., create, update, delete, view).\n * @param {string} resource - The resource name that the action is being performed on (e.g., \"User\", \"Post\").\n * @param {AccessControlConfig} accessControl - The access control configuration.\n * @returns {ArkosRequestHandler} The middleware function that checks if the user has permission to perform the action.\n */\n handleAccessControl(\n action: AccessAction,\n resource: string,\n accessControl?: AccessControlConfig\n ): ArkosRequestHandler {\n if (\n !accessControl &&\n appModules.some(\n (appModule) => kebabCase(appModule) === kebabCase(resource)\n )\n )\n accessControl = getModuleComponents(resource)?.authConfigs?.accessControl;\n\n authActionService.add(action, resource, accessControl);\n\n return catchAsync(\n async (req: ArkosRequest, _: ArkosResponse, next: ArkosNextFunction) => {\n if (req.user) {\n const user = req.user as User;\n const configs = getArkosConfig();\n\n if (user.isSuperUser) {\n next();\n return;\n }\n\n const notEnoughPermissionsError = new AppError(\n \"You do not have permission to perfom this action\",\n 403,\n {},\n \"NotEnoughPermissions\"\n );\n\n if (configs?.authentication?.mode === \"dynamic\") {\n const hasPermission = await this.checkDynamicAccessControl(\n user.id,\n action,\n resource\n );\n\n if (!hasPermission) return next(notEnoughPermissionsError);\n } else if (configs?.authentication?.mode === \"static\") {\n if (!accessControl) return next(notEnoughPermissionsError);\n\n const hasPermission = this.checkStaticAccessControl(\n user,\n action,\n accessControl\n );\n\n if (!hasPermission) return next(notEnoughPermissionsError);\n }\n }\n\n next();\n }\n );\n }\n\n /**\n * Processes the cookies or authoriation token and returns the user.\n * @param req\n * @returns {Promise<User | null>} - if authentication is turned off in arkosConfig it returns null\n * @throws {AppError} Throws an error if the token is invalid or the user is not logged in.\n */\n async getAuthenticatedUser(req: ArkosRequest): Promise<User | null> {\n const arkosConfig = getArkosConfig();\n if (!arkosConfig?.authentication) return null;\n\n const prisma = getPrismaInstance();\n\n let token: string | undefined;\n\n if (\n req?.headers?.authorization &&\n req?.headers?.authorization.startsWith(\"Bearer\")\n ) {\n token = req?.headers?.authorization.split(\" \")[1];\n } else if (req?.cookies?.arkos_access_token !== \"no-token\" && req.cookies) {\n token = req?.cookies?.arkos_access_token;\n }\n\n if (!token) throw loginRequiredError;\n\n let decoded: AuthJwtPayload | undefined;\n\n try {\n decoded = await this.verifyJwtToken(token);\n } catch (err) {\n throw invaliAuthTokenError;\n }\n\n if (!decoded?.id) throw invaliAuthTokenError;\n const user: any | null = await (prisma as any).user.findUnique({\n where: { id: String(decoded.id) },\n });\n\n if (!user)\n throw new AppError(\n \"The user belonging to this token does no longer exists\",\n 401,\n {},\n \"UserNoLongerExists\"\n );\n\n if (\n this.userChangedPasswordAfter(user, decoded.iat!) &&\n !req.path?.includes?.(\"logout\")\n )\n throw new AppError(\n \"User recently changed password! Please log in again.\",\n 401,\n {},\n \"PasswordChanged\"\n );\n\n req.accessToken = token;\n return user;\n }\n\n /**\n * Middleware function to authenticate the user based on the JWT token.\n *\n * @param {ArkosRequest} req - The request object.\n * @param {ArkosResponse} res - The response object.\n * @param {ArkosNextFunction} next - The next middleware function to be called.\n * @returns {void}\n */\n authenticate = catchAsync(\n async (req: ArkosRequest, _: ArkosResponse, next: ArkosNextFunction) => {\n if (isAuthenticationEnabled())\n req.user = (await this.getAuthenticatedUser(req)) as User;\n next();\n }\n );\n\n /**\n * Handles authentication control by checking the `authenticationControl` configuration in the `authConfigs`.\n *\n * @param {ControllerActions} action - The action being performed (e.g., create, update, delete, view).\n * @param {AuthenticationControlConfig} authenticationControl - The authentication configuration object.\n * @returns {ArkosRequestHandler} The middleware function that checks if authentication is required.\n */\n handleAuthenticationControl(\n action: AccessAction,\n authenticationControl?: AuthenticationControlConfig | undefined\n ): ArkosRequestHandler {\n if (authenticationControl && typeof authenticationControl === \"object\") {\n if (authenticationControl[action] === false) return callNext;\n else if (authenticationControl[action] === true) return this.authenticate;\n } else return this.authenticate;\n\n return this.authenticate;\n }\n\n /**\n * Creates a permission checker function for a specific action and resource.\n *\n * PS: This method should be called during application initialization to build permission validators.\n *\n * @see {@link https://www.arkosjs.com/docs/advanced-guide/fine-grained-access-control}\n *\n * @param action - The action to check permission for (e.g., 'View', 'Create', 'Delete')\n * @param resource - The resource being accessed, must be in kebabCase (e.g., 'user', 'cart-item', 'order')\n * @param accessControl - Access control rules (required for static authentication mode), and it is automatically loaded for known modules such as all prisma models, auth and file-upload.\n * @returns A function that takes a user object and returns a boolean indicating permission status\n *\n * @example\n * ```typescript\n * const hasViewProductPermission = await authService.permission('View', 'product');\n *\n * // Later in handler:\n * const canAccess = await hasViewProductPermission(user);\n * if (canAccess) {\n * // User has permission\n * }\n * ```\n */\n permission(\n action: string,\n resource: string,\n accessControl?: AccessControlConfig\n ) {\n // Check if called during request handling (deep call stack indicates handler execution)\n const stack = new Error().stack;\n\n if (stack?.includes(\"node_modules/express/lib/router/index.js\"))\n throw new Error(\n \"authService.permission() should be called during application initialization level.\"\n );\n\n authActionService.add(action, resource, accessControl);\n\n return async (user: Record<string, any>): Promise<boolean> => {\n // getArkosConfig must not be called the same time as arkos.init()\n const configs = getArkosConfig();\n if (!configs?.authentication)\n throw Error(\n \"Validation Error: Trying to use authService.permission without setting up authentication.\"\n );\n\n if (!user) throw loginRequiredError;\n if (user.isSuperUser) return true;\n\n if (configs?.authentication?.mode === \"dynamic\") {\n return await this.checkDynamicAccessControl(user?.id, action, resource);\n } else if (configs?.authentication?.mode === \"static\") {\n if (!accessControl && appModules.includes(kebabCase(resource)))\n accessControl = getModuleComponents(kebabCase(resource))?.authConfigs\n ?.accessControl;\n\n return (\n !!accessControl &&\n this.checkStaticAccessControl(user as any, action, accessControl)\n );\n }\n return false;\n };\n }\n}\n\n/**\n * Handles various authentication-related tasks such as JWT signing, password hashing, and verifying user credentials.\n */\nconst authService = new AuthService();\n\nexport default authService;\n"]}
1
+ {"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../../../src/modules/auth/auth.service.ts"],"names":[],"mappings":";;;;;;AAAA,gEAAgD;AAChD,wDAA8B;AAE9B,qFAA4D;AAC5D,iFAAwD;AACxD,+DAAoD;AACpD,yCAA8C;AAC9C,sEAA6C;AAC7C,uEAAuE;AAavE,qFAA2E;AAC3E,+DAA6E;AAC7E,+CAAgD;AAChD,mEAGoC;AACpC,+FAAqE;AACrE,mFAAmF;AAKnF,MAAa,WAAW;IAAxB;QAIE,uBAAkB,GAAgC,EAAE,CAAC;QA4arD,iBAAY,GAAG,IAAA,qBAAU,EACvB,KAAK,EAAE,GAAiB,EAAE,CAAgB,EAAE,IAAuB,EAAE,EAAE;YACrE,IAAI,IAAA,8CAAuB,GAAE;gBAC3B,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAS,CAAC;YAC5D,IAAI,EAAE,CAAC;QACT,CAAC,CACF,CAAC;IAqFJ,CAAC;IA7fC,YAAY,CACV,EAAmB,EACnB,SAA+B,EAC/B,MAAe;QAEf,MAAM,EAAE,cAAc,EAAE,OAAO,EAAE,GAAG,IAAA,uBAAc,GAAE,CAAC;QAErD,IACE,OAAO,CAAC,GAAG,CAAC,WAAW,KAAK,MAAM;YAClC,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU;YACvB,CAAC,OAAO,EAAE,GAAG,EAAE,MAAM;YAErB,MAAM,IAAI,mBAAQ,CAChB,mCAAmC,EACnC,GAAG,EACH,wBAAwB,CACzB,CAAC;QAEJ,MAAM;YACJ,MAAM;gBACN,OAAO,EAAE,GAAG,EAAE,MAAM;gBACpB,OAAO,CAAC,GAAG,CAAC,UAAU;gBACtB,mBAAQ,CAAC,UAAU,CAAC;QAEtB,SAAS,GAAG,CAAC,SAAS;YACpB,OAAO,EAAE,GAAG,EAAE,SAAS;YACvB,OAAO,CAAC,GAAG,CAAC,cAAc;YAC1B,mBAAQ,CAAC,cAAc,CAAmC,CAAC;QAE7D,OAAO,sBAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE;YAC9B,SAAS,EAAE,SAAuB;SACnC,CAAC,CAAC;IACL,CAAC;IAoBD,mBAAmB,CAAC,GAAiB;QACnC,MAAM,WAAW,GAAG,IAAA,uBAAc,GAAE,CAAC;QACrC,MAAM,WAAW,GAAG,WAAW,EAAE,cAAc,CAAC;QAEhD,IAAI,CAAC,GAAG;YACN,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;QAExE,MAAM,QAAQ,GACZ,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,QAAQ;YACjC,OAAO,CAAC,GAAG,CAAC,oBAIC;YACd,KAAK,CAAC;QAER,OAAO;YACL,OAAO,EAAE,IAAI,IAAI,CACf,IAAI,CAAC,GAAG,EAAE;gBACR,MAAM,CACJ,IAAA,8BAAI,EACF,WAAW,EAAE,GAAG,EAAE,SAAS;oBACxB,OAAO,CAAC,GAAG,CAAC,cAA6B;oBACzC,mBAAQ,CAAC,cAA6B,CAC1C,CACF,CACJ;YACD,QAAQ,EACN,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,QAAQ;gBAClC,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,KAAK,SAAS;oBAC7C,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,KAAK,MAAM;oBAC7C,CAAC,CAAC,SAAS,CAAC;gBACd,IAAI;YACN,MAAM,EACJ,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM;gBAChC,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,KAAK,MAAM;oBACvC,GAAG,CAAC,MAAM;oBACV,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,KAAK,OAAO;oBAC5C,QAAQ,KAAK,MAAM,CAAC;YACxB,QAAQ;SACT,CAAC;IACJ,CAAC;IAaD,gBAAgB,CAAC,QAAgB;QAC/B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,kBAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;IACvD,CAAC;IASD,KAAK,CAAC,iBAAiB,CACrB,iBAAyB,EACzB,YAAoB;QAEpB,OAAO,MAAM,kBAAM,CAAC,OAAO,CAAC,iBAAiB,EAAE,YAAY,CAAC,CAAC;IAC/D,CAAC;IAQD,KAAK,CAAC,YAAY,CAAC,QAAgB;QACjC,OAAO,MAAM,kBAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;IACzC,CAAC;IAmBM,gBAAgB,CAAC,QAAgB;QACtC,MAAM,eAAe,GAAG,IAAA,uBAAc,GAAE,EAAE,cAAc,CAAC;QAEzD,MAAM,mBAAmB,GACvB,eAAe,EAAE,kBAAkB,EAAE,KAAK;YAC1C,oCAAoC,CAAC;QACvC,OAAO,mBAAmB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC5C,CAAC;IASD,wBAAwB,CAAC,IAAU,EAAE,YAAoB;QACvD,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC3B,MAAM,kBAAkB,GAAG,QAAQ,CACjC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,EAC/C,EAAE,CACH,CAAC;YAEF,OAAO,YAAY,GAAG,kBAAkB,CAAC;QAC3C,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAUD,KAAK,CAAC,cAAc,CAClB,KAAa,EACb,MAAe;QAEf,MAAM,EAAE,cAAc,EAAE,OAAO,EAAE,GAAG,IAAA,uBAAc,GAAE,CAAC;QAErD,IACE,OAAO,CAAC,GAAG,CAAC,WAAW,KAAK,MAAM;YAClC,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU;YACvB,CAAC,OAAO,EAAE,GAAG,EAAE,MAAM;YAErB,MAAM,IAAI,mBAAQ,CAChB,kCAAkC,EAClC,GAAG,EACH,8BAA8B,CAC/B,CAAC;QAEJ,MAAM;YACJ,MAAM;gBACN,OAAO,EAAE,GAAG,EAAE,MAAM;gBACpB,OAAO,CAAC,GAAG,CAAC,UAAU;gBACtB,mBAAQ,CAAC,UAAU,CAAC;QAEtB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,sBAAG,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE;gBACzC,IAAI,GAAG;oBAAE,MAAM,CAAC,GAAG,CAAC,CAAC;;oBAChB,OAAO,CAAC,OAAyB,CAAC,CAAC;YAC1C,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAYS,wBAAwB,CAChC,IAAU,EACV,MAAc,EACd,aAAkC;QAElC,IAAI,CAAC,IAAI,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK;YAC5B,MAAM,KAAK,CACT,qHAAqH,CACtH,CAAC;QAEJ,IAAI,eAAe,GAAa,EAAE,CAAC;QAEnC,IAAI,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC;YAAE,eAAe,GAAG,aAAa,CAAC;aAC7D,IAAI,aAAa,CAAC,MAAM,CAAC;YAC5B,eAAe,GAAG,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;gBACpD,CAAC,CAAC,aAAa,CAAC,MAAM,CAAC;gBACvB,CAAC,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAExC,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAExE,OAAO,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,IAAY,EAAE,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IAC5E,CAAC;IAWS,KAAK,CAAC,yBAAyB,CACvC,MAAc,EACd,MAAc,EACd,QAAgB;QAEhB,MAAM,MAAM,GAAG,IAAA,kCAAiB,GAAE,CAAC;QACnC,OAAO,CAAC,CAAC,CAAC,MAAM,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC;YACxC,KAAK,EAAE;gBACL,MAAM;gBACN,IAAI,EAAE;oBACJ,WAAW,EAAE;wBACX,IAAI,EAAE;4BACJ,QAAQ;4BACR,MAAM;yBACP;qBACF;iBACF;aACF;YACD,MAAM,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE;SACrB,CAAC,CAAC,CAAC;IACN,CAAC;IAUD,mBAAmB,CACjB,MAAoB,EACpB,QAAgB,EAChB,aAAmC;QAEnC,IACE,CAAC,aAAa;YACd,2BAAU,CAAC,IAAI,CACb,CAAC,SAAS,EAAE,EAAE,CAAC,IAAA,iBAAS,EAAC,SAAS,CAAC,KAAK,IAAA,iBAAS,EAAC,QAAQ,CAAC,CAC5D;YAED,aAAa,GAAG,IAAA,oCAAmB,EAAC,QAAQ,CAAC,EAAE,WAAW,EAAE,aAAa,CAAC;QAE5E,6BAAiB,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAC;QAEvD,OAAO,IAAA,qBAAU,EACf,KAAK,EAAE,GAAiB,EAAE,CAAgB,EAAE,IAAuB,EAAE,EAAE;YACrE,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;gBACb,MAAM,IAAI,GAAG,GAAG,CAAC,IAAY,CAAC;gBAC9B,MAAM,OAAO,GAAG,IAAA,uBAAc,GAAE,CAAC;gBAEjC,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;oBACrB,IAAI,EAAE,CAAC;oBACP,OAAO;gBACT,CAAC;gBAED,MAAM,yBAAyB,GAAG,IAAI,mBAAQ,CAC5C,kDAAkD,EAClD,GAAG,EACH,EAAE,EACF,sBAAsB,CACvB,CAAC;gBAEF,IAAI,OAAO,EAAE,cAAc,EAAE,IAAI,KAAK,SAAS,EAAE,CAAC;oBAChD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,yBAAyB,CACxD,IAAI,CAAC,EAAE,EACP,MAAM,EACN,QAAQ,CACT,CAAC;oBAEF,IAAI,CAAC,aAAa;wBAAE,OAAO,IAAI,CAAC,yBAAyB,CAAC,CAAC;gBAC7D,CAAC;qBAAM,IAAI,OAAO,EAAE,cAAc,EAAE,IAAI,KAAK,QAAQ,EAAE,CAAC;oBACtD,IAAI,CAAC,aAAa;wBAAE,OAAO,IAAI,CAAC,yBAAyB,CAAC,CAAC;oBAE3D,MAAM,aAAa,GAAG,IAAI,CAAC,wBAAwB,CACjD,IAAI,EACJ,MAAM,EACN,aAAa,CACd,CAAC;oBAEF,IAAI,CAAC,aAAa;wBAAE,OAAO,IAAI,CAAC,yBAAyB,CAAC,CAAC;gBAC7D,CAAC;YACH,CAAC;YAED,IAAI,EAAE,CAAC;QACT,CAAC,CACF,CAAC;IACJ,CAAC;IAQD,KAAK,CAAC,oBAAoB,CAAC,GAAiB;QAC1C,MAAM,WAAW,GAAG,IAAA,uBAAc,GAAE,CAAC;QACrC,IAAI,CAAC,WAAW,EAAE,cAAc;YAAE,OAAO,IAAI,CAAC;QAE9C,MAAM,MAAM,GAAG,IAAA,kCAAiB,GAAE,CAAC;QAEnC,IAAI,KAAyB,CAAC;QAE9B,IACE,GAAG,EAAE,OAAO,EAAE,aAAa;YAC3B,GAAG,EAAE,OAAO,EAAE,aAAa,CAAC,UAAU,CAAC,QAAQ,CAAC,EAChD,CAAC;YACD,KAAK,GAAG,GAAG,EAAE,OAAO,EAAE,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACpD,CAAC;aAAM,IAAI,GAAG,EAAE,OAAO,EAAE,kBAAkB,KAAK,UAAU,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;YAC1E,KAAK,GAAG,GAAG,EAAE,OAAO,EAAE,kBAAkB,CAAC;QAC3C,CAAC;QAED,IAAI,CAAC,KAAK;YAAE,MAAM,uCAAkB,CAAC;QAErC,IAAI,OAAmC,CAAC;QAExC,IAAI,CAAC;YACH,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;QAC7C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,yCAAoB,CAAC;QAC7B,CAAC;QAED,IAAI,CAAC,OAAO,EAAE,EAAE;YAAE,MAAM,yCAAoB,CAAC;QAC7C,MAAM,IAAI,GAAe,MAAO,MAAc,CAAC,IAAI,CAAC,UAAU,CAAC;YAC7D,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE;SAClC,CAAC,CAAC;QAEH,IAAI,CAAC,IAAI;YACP,MAAM,IAAI,mBAAQ,CAChB,wDAAwD,EACxD,GAAG,EACH,EAAE,EACF,oBAAoB,CACrB,CAAC;QAEJ,IACE,IAAI,CAAC,wBAAwB,CAAC,IAAI,EAAE,OAAO,CAAC,GAAI,CAAC;YACjD,CAAC,GAAG,CAAC,IAAI,EAAE,QAAQ,EAAE,CAAC,QAAQ,CAAC;YAE/B,MAAM,IAAI,mBAAQ,CAChB,sDAAsD,EACtD,GAAG,EACH,EAAE,EACF,iBAAiB,CAClB,CAAC;QAEJ,GAAG,CAAC,WAAW,GAAG,KAAK,CAAC;QACxB,OAAO,IAAI,CAAC;IACd,CAAC;IAyBD,2BAA2B,CACzB,MAAoB,EACpB,qBAA+D;QAE/D,IAAI,qBAAqB,IAAI,OAAO,qBAAqB,KAAK,QAAQ,EAAE,CAAC;YACvE,IAAI,qBAAqB,CAAC,MAAM,CAAC,KAAK,KAAK;gBAAE,OAAO,2BAAQ,CAAC;iBACxD,IAAI,qBAAqB,CAAC,MAAM,CAAC,KAAK,IAAI;gBAAE,OAAO,IAAI,CAAC,YAAY,CAAC;QAC5E,CAAC;;YAAM,OAAO,IAAI,CAAC,YAAY,CAAC;QAEhC,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAyBD,UAAU,CACR,MAAc,EACd,QAAgB,EAChB,aAAmC;QAGnC,MAAM,KAAK,GAAG,IAAI,KAAK,EAAE,CAAC,KAAK,CAAC;QAEhC,IAAI,KAAK,EAAE,QAAQ,CAAC,0CAA0C,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,oFAAoF,CACrF,CAAC;QAEJ,6BAAiB,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAC;QAEvD,OAAO,KAAK,EAAE,IAAyB,EAAoB,EAAE;YAE3D,MAAM,OAAO,GAAG,IAAA,uBAAc,GAAE,CAAC;YACjC,IAAI,CAAC,OAAO,EAAE,cAAc;gBAC1B,MAAM,KAAK,CACT,2FAA2F,CAC5F,CAAC;YAEJ,IAAI,CAAC,IAAI;gBAAE,MAAM,uCAAkB,CAAC;YACpC,IAAI,IAAI,CAAC,WAAW;gBAAE,OAAO,IAAI,CAAC;YAElC,IAAI,OAAO,EAAE,cAAc,EAAE,IAAI,KAAK,SAAS,EAAE,CAAC;gBAChD,OAAO,MAAM,IAAI,CAAC,yBAAyB,CAAC,IAAI,EAAE,EAAE,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;YAC1E,CAAC;iBAAM,IAAI,OAAO,EAAE,cAAc,EAAE,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACtD,IAAI,CAAC,aAAa,IAAI,2BAAU,CAAC,QAAQ,CAAC,IAAA,iBAAS,EAAC,QAAQ,CAAC,CAAC;oBAC5D,aAAa,GAAG,IAAA,oCAAmB,EAAC,IAAA,iBAAS,EAAC,QAAQ,CAAC,CAAC,EAAE,WAAW;wBACnE,EAAE,aAAa,CAAC;gBAEpB,OAAO,CACL,CAAC,CAAC,aAAa;oBACf,IAAI,CAAC,wBAAwB,CAAC,IAAW,EAAE,MAAM,EAAE,aAAa,CAAC,CAClE,CAAC;YACJ,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;IACJ,CAAC;CACF;AA3gBD,kCA2gBC;AAKD,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC;AAEtC,kBAAe,WAAW,CAAC","sourcesContent":["import jwt, { SignOptions } from \"jsonwebtoken\";\nimport bcrypt from \"bcryptjs\";\nimport { User } from \"../../types\";\nimport catchAsync from \"../error-handler/utils/catch-async\";\nimport AppError from \"../error-handler/utils/app-error\";\nimport { callNext } from \"../base/base.middlewares\";\nimport { getArkosConfig } from \"../../server\";\nimport arkosEnv from \"../../utils/arkos-env\";\nimport { getPrismaInstance } from \"../../utils/helpers/prisma.helpers\";\nimport {\n ArkosRequest,\n ArkosResponse,\n ArkosNextFunction,\n ArkosRequestHandler,\n} from \"../../types\";\nimport {\n AuthJwtPayload,\n AccessAction,\n AccessControlConfig,\n AuthenticationControlConfig,\n} from \"../../types/auth\";\nimport { MsDuration, toMs } from \"./utils/helpers/auth.controller.helpers\";\nimport { appModules, getModuleComponents } from \"../../utils/dynamic-loader\";\nimport { kebabCase } from \"../../exports/utils\";\nimport {\n invaliAuthTokenError,\n loginRequiredError,\n} from \"./utils/auth-error-objects\";\nimport authActionService from \"./utils/services/auth-action.service\";\nimport { isAuthenticationEnabled } from \"../../utils/helpers/arkos-config.helpers\";\n\n/**\n * Handles various authentication-related tasks such as JWT signing, password hashing, and verifying user credentials.\n */\nexport class AuthService {\n /**\n * Object containing a combination of actions per resource, tracked by each set of calls of `authService.handleAccessControl`, this can be accessed through the `authService` object or through the endpoint\n */\n actionsPerResource: Record<string, Set<string>> = {};\n\n /**\n * Signs a JWT token for the user.\n *\n * @param {number | string} id - The unique identifier of the user to generate the token for.\n * @param {string | number} [expiresIn] - The expiration time for the token. Defaults to environment variable `JWT_EXPIRES_IN`.\n * @param {string} [secret] - The secret key used to sign the token. Defaults to environment variable `JWT_SECRET`.\n * @returns {string} The signed JWT token.\n */\n signJwtToken(\n id: number | string,\n expiresIn?: MsDuration | number,\n secret?: string\n ): string {\n const { authentication: configs } = getArkosConfig();\n\n if (\n process.env.ARKOS_BUILD === \"true\" &&\n !process.env.JWT_SECRET &&\n !configs?.jwt?.secret\n )\n throw new AppError(\n \"Missing JWT secret on production!\",\n 500,\n \"MissingJWTOnProduction\"\n );\n\n secret =\n secret ||\n configs?.jwt?.secret ||\n process.env.JWT_SECRET ||\n arkosEnv.JWT_SECRET;\n\n expiresIn = (expiresIn ||\n configs?.jwt?.expiresIn ||\n process.env.JWT_EXPIRES_IN ||\n arkosEnv.JWT_EXPIRES_IN) as keyof SignOptions[\"expiresIn\"];\n\n return jwt.sign({ id }, secret, {\n expiresIn: expiresIn as MsDuration,\n });\n }\n\n /**\n * Retrieves cookie configuration options for JWT authentication.\n *\n * Merges configuration from multiple sources in order of precedence:\n * 1. Arkos configuration file\n * 2. Environment variables\n * 3. Request properties (for secure flag)\n * 4. Default fallback values\n *\n * @param req - ArkosRequest object used to determine if the connection is secure\n * @returns Cookie options object with expires, httpOnly, secure, and sameSite properties\n *\n * @example\n * ```typescript\n * const cookieOptions = authService.getJwtCookieOptions(req);\n * res.cookie('jwt', token, cookieOptions);\n * ```\n */\n getJwtCookieOptions(req: ArkosRequest) {\n const arkosConfig = getArkosConfig();\n const authConfigs = arkosConfig?.authentication;\n\n if (!req)\n throw new Error(\"Missing req object in order get jwt cookie options\");\n\n const sameSite =\n authConfigs?.jwt?.cookie?.sameSite ||\n (process.env.JWT_COOKIE_SAME_SITE as\n | \"none\"\n | \"lax\"\n | \"strict\"\n | undefined) ||\n \"lax\";\n\n return {\n expires: new Date(\n Date.now() +\n Number(\n toMs(\n authConfigs?.jwt?.expiresIn ||\n (process.env.JWT_EXPIRES_IN as MsDuration) ||\n (arkosEnv.JWT_EXPIRES_IN as MsDuration)\n )\n )\n ),\n httpOnly:\n authConfigs?.jwt?.cookie?.httpOnly ??\n (process.env.JWT_COOKIE_HTTP_ONLY !== undefined\n ? process.env.JWT_COOKIE_HTTP_ONLY === \"true\"\n : undefined) ??\n true,\n secure:\n authConfigs?.jwt?.cookie?.secure ??\n (process.env.JWT_COOKIE_SECURE === \"true\" ||\n req.secure ||\n req.headers[\"x-forwarded-proto\"] === \"https\" ||\n sameSite === \"none\"),\n sameSite,\n };\n }\n\n /**\n * Is used by default internally by Arkos under `BaseService` class to check if the password is already hashed.\n *\n * This was just added to prevent unwanted errors when someone just forgets that the `BaseService` class will automatically hash the password field using `authService.hashPassword` by default.\n *\n * So now before `BaseService` hashes it will test it.\n *\n *\n * @param password The password to be tested if is hashed\n * @returns\n */\n isPasswordHashed(password: string) {\n return !Number.isNaN(bcrypt.getRounds(password) * 1);\n }\n\n /**\n * Compares a candidate password with the stored user password to check if they match.\n *\n * @param {string} candidatePassword - The password provided by the user during login.\n * @param {string} userPassword - The password stored in the database.\n * @returns {Promise<boolean>} Returns true if the passwords match, otherwise false.\n */\n async isCorrectPassword(\n candidatePassword: string,\n userPassword: string\n ): Promise<boolean> {\n return await bcrypt.compare(candidatePassword, userPassword);\n }\n\n /**\n * Hashes a plain text password using bcrypt.\n *\n * @param {string} password - The password to be hashed.\n * @returns {Promise<string>} Returns the hashed password.\n */\n async hashPassword(password: string): Promise<string> {\n return await bcrypt.hash(password, 12);\n }\n\n /**\n * Checks if a password is strong, requiring uppercase, lowercase, and numeric characters as the default.\n *\n * **NB**: You must pay attention when using custom validation with zod or class-validator, try to use the same regex always.\n *\n * **Note**: You can define it when calling arkos.init()\n * ```ts\n * arkos.init({\n * authentication: {\n * passwordValidation:{ regex: /your-desired-regex/, message: 'password must contain...'}\n * }\n * })\n * ```\n *\n * @param {string} password - The password to check.\n * @returns {boolean} Returns true if the password meets the strength criteria, otherwise false.\n */\n public isPasswordStrong(password: string): boolean {\n const initAuthConfigs = getArkosConfig()?.authentication;\n\n const strongPasswordRegex =\n initAuthConfigs?.passwordValidation?.regex ||\n /^(?=.*[A-Z])(?=.*[a-z])(?=.*\\d).+$/;\n return strongPasswordRegex.test(password);\n }\n\n /**\n * Checks if a user has changed their password after the JWT was issued.\n *\n * @param {User} user - The user object containing the passwordChangedAt field.\n * @param {number} JWTTimestamp - The timestamp when the JWT was issued.\n * @returns {boolean} Returns true if the user changed their password after the JWT was issued, otherwise false.\n */\n userChangedPasswordAfter(user: User, JWTTimestamp: number): boolean {\n if (user.passwordChangedAt) {\n const convertedTimestamp = parseInt(\n String(user.passwordChangedAt.getTime() / 1000),\n 10\n );\n\n return JWTTimestamp < convertedTimestamp;\n }\n return false;\n }\n\n /**\n * Verifies the authenticity of a JWT token.\n *\n * @param {string} token - The JWT token to verify.\n * @param {string} [secret] - The secret key used to verify the token. Defaults to environment variable `JWT_SECRET`.\n * @returns {Promise<AuthJwtPayload>} Returns the decoded JWT payload if the token is valid.\n * @throws {Error} Throws an error if the token is invalid or expired.\n */\n async verifyJwtToken(\n token: string,\n secret?: string\n ): Promise<AuthJwtPayload> {\n const { authentication: configs } = getArkosConfig();\n\n if (\n process.env.ARKOS_BUILD === \"true\" &&\n !process.env.JWT_SECRET &&\n !configs?.jwt?.secret\n )\n throw new AppError(\n \"Missing JWT secret in production\",\n 500,\n \"MissingJWTSecretInProduction\"\n );\n\n secret =\n secret ||\n configs?.jwt?.secret ||\n process.env.JWT_SECRET ||\n arkosEnv.JWT_SECRET;\n\n return new Promise((resolve, reject) => {\n jwt.verify(token, secret, (err, decoded) => {\n if (err) reject(err);\n else resolve(decoded as AuthJwtPayload);\n });\n });\n }\n\n /**\n * Checks if a user has permission for a specific action using static access control rules.\n * Validates user roles against predefined access control configuration.\n *\n * @param user - The user object containing role or roles field\n * @param action - The action being performed\n * @param accessControl - Access control configuration (array of roles or object with action-role mappings)\n * @returns True if user has permission, false otherwise\n * @throws Error if user doesn't have role/roles field\n */\n protected checkStaticAccessControl(\n user: User,\n action: string,\n accessControl: AccessControlConfig\n ) {\n if (!user?.role && !user.roles)\n throw Error(\n \"Validation Error: In order to use static authentication user needs at least role field or roles for multiple roles.\"\n );\n\n let authorizedRoles: string[] = [];\n\n if (Array.isArray(accessControl)) authorizedRoles = accessControl;\n else if (accessControl[action])\n authorizedRoles = Array.isArray(accessControl[action])\n ? accessControl[action]\n : accessControl[action].roles || [];\n\n const userRoles = Array.isArray(user?.roles) ? user.roles : [user.role];\n\n return !!userRoles.some((role: string) => authorizedRoles.includes(role));\n }\n\n /**\n * Checks if a user has permission for a specific action and resource using dynamic access control.\n * Queries the database to verify user's role permissions.\n *\n * @param userId - The unique identifier of the user\n * @param action - The action being performed\n * @param resource - The resource being accessed\n * @returns Promise resolving to true if user has permission, false otherwise\n */\n protected async checkDynamicAccessControl(\n userId: string,\n action: string,\n resource: string\n ) {\n const prisma = getPrismaInstance();\n return !!(await prisma.userRole.findFirst({\n where: {\n userId,\n role: {\n permissions: {\n some: {\n resource,\n action,\n },\n },\n },\n },\n select: { id: true },\n }));\n }\n\n /**\n * Middleware function to handle access control based on user roles and permissions.\n *\n * @param {AccessAction} action - The action being performed (e.g., create, update, delete, view).\n * @param {string} resource - The resource name that the action is being performed on (e.g., \"User\", \"Post\").\n * @param {AccessControlConfig} accessControl - The access control configuration.\n * @returns {ArkosRequestHandler} The middleware function that checks if the user has permission to perform the action.\n */\n handleAccessControl(\n action: AccessAction,\n resource: string,\n accessControl?: AccessControlConfig\n ): ArkosRequestHandler {\n if (\n !accessControl &&\n appModules.some(\n (appModule) => kebabCase(appModule) === kebabCase(resource)\n )\n )\n accessControl = getModuleComponents(resource)?.authConfigs?.accessControl;\n\n authActionService.add(action, resource, accessControl);\n\n return catchAsync(\n async (req: ArkosRequest, _: ArkosResponse, next: ArkosNextFunction) => {\n if (req.user) {\n const user = req.user as User;\n const configs = getArkosConfig();\n\n if (user.isSuperUser) {\n next();\n return;\n }\n\n const notEnoughPermissionsError = new AppError(\n \"You do not have permission to perfom this action\",\n 403,\n {},\n \"NotEnoughPermissions\"\n );\n\n if (configs?.authentication?.mode === \"dynamic\") {\n const hasPermission = await this.checkDynamicAccessControl(\n user.id,\n action,\n resource\n );\n\n if (!hasPermission) return next(notEnoughPermissionsError);\n } else if (configs?.authentication?.mode === \"static\") {\n if (!accessControl) return next(notEnoughPermissionsError);\n\n const hasPermission = this.checkStaticAccessControl(\n user,\n action,\n accessControl\n );\n\n if (!hasPermission) return next(notEnoughPermissionsError);\n }\n }\n\n next();\n }\n );\n }\n\n /**\n * Processes the cookies or authoriation token and returns the user.\n * @param req\n * @returns {Promise<User | null>} - if authentication is turned off in arkosConfig it returns null\n * @throws {AppError} Throws an error if the token is invalid or the user is not logged in.\n */\n async getAuthenticatedUser(req: ArkosRequest): Promise<User | null> {\n const arkosConfig = getArkosConfig();\n if (!arkosConfig?.authentication) return null;\n\n const prisma = getPrismaInstance();\n\n let token: string | undefined;\n\n if (\n req?.headers?.authorization &&\n req?.headers?.authorization.startsWith(\"Bearer\")\n ) {\n token = req?.headers?.authorization.split(\" \")[1];\n } else if (req?.cookies?.arkos_access_token !== \"no-token\" && req.cookies) {\n token = req?.cookies?.arkos_access_token;\n }\n\n if (!token) throw loginRequiredError;\n\n let decoded: AuthJwtPayload | undefined;\n\n try {\n decoded = await this.verifyJwtToken(token);\n } catch (err) {\n throw invaliAuthTokenError;\n }\n\n if (!decoded?.id) throw invaliAuthTokenError;\n const user: any | null = await (prisma as any).user.findUnique({\n where: { id: String(decoded.id) },\n });\n\n if (!user)\n throw new AppError(\n \"The user belonging to this token does no longer exists\",\n 401,\n {},\n \"UserNoLongerExists\"\n );\n\n if (\n this.userChangedPasswordAfter(user, decoded.iat!) &&\n !req.path?.includes?.(\"logout\")\n )\n throw new AppError(\n \"User recently changed password! Please log in again.\",\n 401,\n {},\n \"PasswordChanged\"\n );\n\n req.accessToken = token;\n return user;\n }\n\n /**\n * Middleware function to authenticate the user based on the JWT token.\n *\n * @param {ArkosRequest} req - The request object.\n * @param {ArkosResponse} res - The response object.\n * @param {ArkosNextFunction} next - The next middleware function to be called.\n * @returns {void}\n */\n authenticate = catchAsync(\n async (req: ArkosRequest, _: ArkosResponse, next: ArkosNextFunction) => {\n if (isAuthenticationEnabled())\n req.user = (await this.getAuthenticatedUser(req)) as User;\n next();\n }\n );\n\n /**\n * Handles authentication control by checking the `authenticationControl` configuration in the `authConfigs`.\n *\n * @param {ControllerActions} action - The action being performed (e.g., create, update, delete, view).\n * @param {AuthenticationControlConfig} authenticationControl - The authentication configuration object.\n * @returns {ArkosRequestHandler} The middleware function that checks if authentication is required.\n */\n handleAuthenticationControl(\n action: AccessAction,\n authenticationControl?: AuthenticationControlConfig | undefined\n ): ArkosRequestHandler {\n if (authenticationControl && typeof authenticationControl === \"object\") {\n if (authenticationControl[action] === false) return callNext;\n else if (authenticationControl[action] === true) return this.authenticate;\n } else return this.authenticate;\n\n return this.authenticate;\n }\n\n /**\n * Creates a permission checker function for a specific action and resource.\n *\n * PS: This method should be called during application initialization to build permission validators.\n *\n * @see {@link https://www.arkosjs.com/docs/advanced-guide/fine-grained-access-control}\n *\n * @param action - The action to check permission for (e.g., 'View', 'Create', 'Delete')\n * @param resource - The resource being accessed, must be in kebabCase (e.g., 'user', 'cart-item', 'order')\n * @param accessControl - Access control rules (required for static authentication mode), and it is automatically loaded for known modules such as all prisma models, auth and file-upload.\n * @returns A function that takes a user object and returns a boolean indicating permission status\n *\n * @example\n * ```typescript\n * const hasViewProductPermission = await authService.permission('View', 'product');\n *\n * // Later in handler:\n * const canAccess = await hasViewProductPermission(user);\n * if (canAccess) {\n * // User has permission\n * }\n * ```\n */\n permission(\n action: string,\n resource: string,\n accessControl?: AccessControlConfig\n ) {\n // Check if called during request handling (deep call stack indicates handler execution)\n const stack = new Error().stack;\n\n if (stack?.includes(\"node_modules/express/lib/router/index.js\"))\n throw new Error(\n \"authService.permission() should be called during application initialization level.\"\n );\n\n authActionService.add(action, resource, accessControl);\n\n return async (user: Record<string, any>): Promise<boolean> => {\n // getArkosConfig must not be called the same time as arkos.init()\n const configs = getArkosConfig();\n if (!configs?.authentication)\n throw Error(\n \"Validation Error: Trying to use authService.permission without setting up authentication.\"\n );\n\n if (!user) throw loginRequiredError;\n if (user.isSuperUser) return true;\n\n if (configs?.authentication?.mode === \"dynamic\") {\n return await this.checkDynamicAccessControl(user?.id, action, resource);\n } else if (configs?.authentication?.mode === \"static\") {\n if (!accessControl && appModules.includes(kebabCase(resource)))\n accessControl = getModuleComponents(kebabCase(resource))?.authConfigs\n ?.accessControl;\n\n return (\n !!accessControl &&\n this.checkStaticAccessControl(user as any, action, accessControl)\n );\n }\n return false;\n };\n }\n}\n\n/**\n * Handles various authentication-related tasks such as JWT signing, password hashing, and verifying user credentials.\n */\nconst authService = new AuthService();\n\nexport default authService;\n"]}
package/dist/cjs/modules/base/base.middlewares.js CHANGED
@@ -196,7 +196,7 @@ function validateRequestInputs(routeConfig) {
196
196
  if (key in validators &&
197
197
  validators?.[key] !== undefined &&
198
198
  !isValidValidator(validators[key]))
199
- throw Error(`Your validation resolver is set to ${arkosConfig.validation.resolver}, please provide a valid ${validatorName} in order to use in { validation: { ${key}: ${validatorNameType} } } under route ${routeConfig.route}`);
199
+ throw Error(`Your validation resolver is set to ${arkosConfig.validation.resolver}, please provide a valid ${validatorName} in order to use in { validation: { ${key}: ${validatorNameType} } } under route ${routeConfig.path}`);
200
200
  });
201
201
  return (0, error_handler_1.catchAsync)(async (req, _, next) => {
202
202
  for (const key of validatorsKey) {
package/dist/cjs/modules/base/base.middlewares.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"base.middlewares.js","sourceRoot":"","sources":["../../../../src/modules/base/base.middlewares.ts"],"names":[],"mappings":";;;;;AAsBA,4BAEC;AA4BD,oCA4DC;AAkBD,wEAqBC;AAMD,8CA6CC;AASD,oGA2BC;AAED,sDAkHC;AAzVD,yCAA8C;AAC9C,4FAA6D;AAC7D,+DAAmE;AACnE,4EAAmD;AACnD,kFAAyD;AAIzD,uFAAqF;AAErF,mEAA8D;AAC9D,+DAAkE;AAElE,SAAgB,QAAQ,CAAC,CAAU,EAAE,EAAY,EAAE,IAAkB;IACnE,IAAI,EAAE,CAAC;AACT,CAAC;AAKD,SAAS,SAAS,CAAC,CAAM,EAAE,CAAM;IAC/B,IAAI,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACzB,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,IAAI;QAAE,OAAO,KAAK,CAAC;IACzC,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,OAAO,CAAC,KAAK,QAAQ;QAAE,OAAO,CAAC,KAAK,CAAC,CAAC;IAEnE,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC7B,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAE7B,IAAI,KAAK,CAAC,MAAM,KAAK,KAAK,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAEhD,KAAK,MAAM,GAAG,IAAI,KAAK,EAAE,CAAC;QACxB,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QACvC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;IAC/C,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAOD,SAAgB,YAAY,CAAC,GAAiB,EAAE,GAAkB;IAChE,IAAI,YAAY,CAAC;IACjB,IAAI,cAAc,CAAC;IAEnB,MAAM,YAAY,GAAI,GAAW,CAAC,YAAY,CAAC;IAC/C,MAAM,cAAc,GAAI,GAAW,CAAC,cAAc,CAAC;IAEnD,MAAM,cAAc,GAAG,GAAG,CAAC,YAAY,CAAC;IACxC,MAAM,gBAAgB,GAAG,GAAG,CAAC,cAAc,CAAC;IAC5C,MAAM,iBAAiB,GAAG,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC;IAC3C,MAAM,mBAAmB,GAAG,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC;IAE/C,IACE,cAAc,KAAK,SAAS;QAC5B,CAAC,SAAS,CAAC,cAAc,EAAE,YAAY,CAAC,EACxC,CAAC;QACD,YAAY,GAAG,cAAc,CAAC;IAChC,CAAC;SAAM,IACL,iBAAiB,KAAK,SAAS;QAC/B,CAAC,SAAS,CAAC,iBAAiB,EAAE,YAAY,CAAC,EAC3C,CAAC;QACD,YAAY,GAAG,iBAAiB,CAAC;IACnC,CAAC;SAAM,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;QACtC,YAAY,GAAG,YAAY,CAAC;IAC9B,CAAC;SAAM,CAAC;QACN,YAAY,GAAG,cAAc,IAAI,iBAAiB,CAAC;IACrD,CAAC;IAED,IAAI,gBAAgB,KAAK,SAAS,IAAI,gBAAgB,KAAK,cAAc,EAAE,CAAC;QAC1E,cAAc,GAAG,gBAAgB,CAAC;IACpC,CAAC;SAAM,IACL,mBAAmB,KAAK,SAAS;QACjC,mBAAmB,KAAK,cAAc,EACtC,CAAC;QACD,cAAc,GAAG,mBAAmB,CAAC;IACvC,CAAC;SAAM,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;QACxC,cAAc,GAAG,cAAc,CAAC;IAClC,CAAC;SAAM,CAAC;QACN,cAAc,GAAG,gBAAgB,IAAI,mBAAmB,CAAC;IAC3D,CAAC;IAID,IAAI,MAAM,CAAC,cAAc,CAAC,KAAK,GAAG,EAAE,CAAC;QACnC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAC5C,CAAC;SAAM,IACL,CAAC,YAAY,KAAK,SAAS,IAAI,YAAY,KAAK,IAAI,CAAC;QACrD,cAAc,EACd,CAAC;QACD,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACxD,CAAC;SAAM,IACL,MAAM,CAAC,cAAc,CAAC;QACtB,CAAC,YAAY,KAAK,SAAS,IAAI,YAAY,KAAK,IAAI,CAAC,EACrD,CAAC;QACD,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAC5C,CAAC;SAAM,CAAC;QACN,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,4CAA4C;SACtD,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAkBD,SAAgB,8BAA8B,CAC5C,kBAAqE,EACrE,MAAyB;IAEzB,OAAO,CAAC,GAAiB,EAAE,CAAgB,EAAE,IAAkB,EAAE,EAAE;QACjE,MAAM,OAAO,GAAG,IAAA,uBAAc,GAAE,CAAC;QAEjC,MAAM,eAAe,GAAG,IAAA,oDAAyB,EAC/C,kBAAkB,EAClB,MAAM,CACP,CAAC;QAEF,MAAM,mBAAmB,GAAG,OAAO,EAAE,OAAO,EAAE,UAAU;YACtD,EAAE,gCAAgC;YAClC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAE,GAAG,CAAC,KAAK,EAAE,kBAA6B,IAAI,IAAI,CAAC;YAC/D,CAAC,CAAC,EAAE,CAAC;QAEP,GAAG,CAAC,kBAAkB,GAAG,IAAA,0BAAS,EAAC,eAAe,EAAE,mBAAmB,CAAC,CAAC;QAEzE,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC;AAMD,SAAgB,iBAAiB,CAC/B,GAAY,EACZ,GAAa,EACb,IAAkB;IAElB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,MAAM,YAAY,GAAG;QACnB,GAAG,EAAE,UAAU;QACf,IAAI,EAAE,UAAU;QAChB,GAAG,EAAE,UAAU;QACf,KAAK,EAAE,UAAU;QACjB,MAAM,EAAE,UAAU;QAClB,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,UAAU;KACpB,CAAC;IAEF,MAAM,cAAc,GAAG,CAAC,UAAkB,EAAE,EAAE;QAC5C,IAAI,UAAU,IAAI,GAAG,IAAI,UAAU,GAAG,GAAG;YAAE,OAAO,UAAU,CAAC;QAC7D,IAAI,UAAU,IAAI,GAAG,IAAI,UAAU,GAAG,GAAG;YAAE,OAAO,UAAU,CAAC;QAC7D,IAAI,UAAU,IAAI,GAAG,IAAI,UAAU,GAAG,GAAG;YAAE,OAAO,UAAU,CAAC;QAC7D,IAAI,UAAU,IAAI,GAAG;YAAE,OAAO,UAAU,CAAC;QACzC,OAAO,SAAS,CAAC;IACnB,CAAC,CAAC;IAEF,GAAG,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE;QACpB,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;QAExC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAE9C,MAAM,WAAW,GACf,YAAY,CAAC,GAAG,CAAC,MAAmC,CAAC,IAAI,SAAS,CAAC;QACrE,MAAM,WAAW,GAAG,cAAc,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAEnD,OAAO,CAAC,IAAI,CACV,iCAAiC,IAAI,WAAW,WAAW,GACzD,GAAG,CAAC,MACN,WAAW,kBAAkB,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,WAAW,GAC3D,GAAG,CAAC,UACN,mBAAmB,QAAQ,WAAW,CACvC,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,IAAI,EAAE,CAAC;AACT,CAAC;AASD,SAAgB,4CAA4C,CAC1D,gBAAqD,EACrD,+BAAkD;IAElD,OAAO,IAAA,0BAAU,EACf,KAAK,EAAE,GAAiB,EAAE,CAAgB,EAAE,IAAuB,EAAE,EAAE;QACrE,MAAM,iBAAiB,GAAG,IAAA,uBAAc,GAAE,EAAE,UAAU,CAAC;QACvD,IAAI,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC;QAEpB,IAAI,iBAAiB,EAAE,QAAQ,KAAK,iBAAiB,IAAI,gBAAgB;YACvE,GAAG,CAAC,IAAI,GAAG,MAAM,IAAA,sBAAW,EAC1B,gBAAuC,EACvC,IAAI,EACJ,IAAA,0BAAS,EACP;gBACE,SAAS,EAAE,IAAI;gBACf,GAAG,+BAA+B;aACnC,EACD,iBAAiB,EAAE,iBAAiB,IAAI,EAAE,CAC3C,CACF,CAAC;aACC,IAAI,iBAAiB,EAAE,QAAQ,KAAK,KAAK,IAAI,gBAAgB;YAChE,GAAG,CAAC,IAAI,GAAG,MAAM,IAAA,yBAAc,EAAC,gBAAgC,EAAE,IAAI,CAAC,CAAC;QAE1E,IAAI,EAAE,CAAC;IACT,CAAC,CACF,CAAC;AACJ,CAAC;AAED,SAAgB,qBAAqB,CAAC,WAA6B;IACjE,MAAM,WAAW,GAAG,IAAA,uBAAc,GAAE,CAAC;IACrC,MAAM,gBAAgB,GAAG,WAAW,CAAC,UAAU,CAAC;IAChD,MAAM,gBAAgB,GAAG,gBAAgB,EAAE,MAAM,CAAC;IAClD,MAAM,UAAU,GAAG,WAAW,EAAE,UAAU,CAAC;IAC3C,MAAM,OAAO,GAAG,WAAW,EAAE,YAAY,EAAE,OAAO,CAAC;IAEnD,MAAM,4BAA4B,GAAG;QACnC,KAAK,EAAE,OAAO;QACd,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,QAAQ;QACjB,OAAO,EAAE,QAAQ;KAClB,CAAC;IAEF,IAAI,CAAC,gBAAgB,EAAE,QAAQ,IAAI,UAAU;QAC3C,MAAM,KAAK,CACT,6IAA6I,CAC9I,CAAC;IAEJ,IAAK,UAAkB,KAAK,IAAI;QAC9B,MAAM,KAAK,CACT,iBAAiB,UAAU,+FAA+F,CAC3H,CAAC;IAEJ,MAAM,WAAW,GACf,gBAAgB,EAAE,QAAQ,IAAI,KAAK,CAAC,CAAC,CAAC,yBAAc,CAAC,CAAC,CAAC,sBAAW,CAAC;IACrE,MAAM,aAAa,GAAoC;QACrD,MAAM;QACN,OAAO;QACP,QAAQ;KACT,CAAC;IAEF,MAAM,gBAAgB,GACpB,gBAAgB,EAAE,QAAQ,IAAI,KAAK,CAAC,CAAC,CAAC,4BAAW,CAAC,CAAC,CAAC,wBAAO,CAAC;IAC9D,MAAM,aAAa,GACjB,gBAAgB,EAAE,QAAQ,IAAI,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,qBAAqB,CAAC;IAC7E,MAAM,iBAAiB,GACrB,gBAAgB,EAAE,QAAQ,IAAI,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC;IAEzD,IAAI,OAAO,UAAU,KAAK,QAAQ;QAChC,aAAa,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;YAC5B,IACE,OAAO;gBACP,OAAO,OAAO,KAAK,QAAQ;gBAC3B,GAAG,IAAI,MAAM;gBACb,OAAO,CAAC,UAAU,EAAE,IAAI,CACtB,CAAC,SAAc,EAAE,EAAE,CAAC,SAAS,CAAC,EAAE,KAAK,4BAA4B,CAAC,GAAG,CAAC,CACvE;gBACD,UAAU,CAAC,GAAG,CAAC,EACf,CAAC;gBACD,MAAM,KAAK,CACT,yBAAyB,GAAG,oFAAoF,GAAG,gBAAgB,aAAa,gCAAgC,GAAG,mIAAmI,GAAG,GAAG,CAC7T,CAAC;YACJ,CAAC;YAED,IACE,OAAO;gBACP,OAAO,OAAO,KAAK,QAAQ;gBAC3B,OAAO,CAAC,WAAW;gBACnB,UAAU,CAAC,GAAG,CAAC;gBACf,GAAG,KAAK,MAAM,EACd,CAAC;gBACD,MAAM,KAAK,CACT,yBAAyB,GAAG,uFAAuF,GAAG,iBAAiB,aAAa,gCAAgC,GAAG,oIAAoI,GAAG,GAAG,CAClU,CAAC;YACJ,CAAC;YAED,IAAI,gBAAgB,IAAI,CAAC,CAAC,GAAG,IAAI,UAAU,CAAC;gBAC1C,MAAM,KAAK,CACT,sBAAsB,GAAG,KAAK,iBAAiB,sFAAsF,GAAG,iCAAiC,GAAG,SAAS,CACtL,CAAC;YAEJ,IACE,GAAG,IAAI,UAAU;gBACjB,UAAU,EAAE,CAAC,GAAG,CAAC,KAAK,SAAS;gBAC/B,CAAC,gBAAgB,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;gBAElC,MAAM,KAAK,CACT,sCAAsC,WAAW,CAAC,UAAW,CAAC,QAAQ,4BAA4B,aAAa,uCAAuC,GAAG,KAAK,iBAAiB,oBAAoB,WAAW,CAAC,KAAK,EAAE,CACvN,CAAC;QACN,CAAC,CAAC,CAAC;IAEL,OAAO,IAAA,0BAAU,EACf,KAAK,EAAE,GAAiB,EAAE,CAAgB,EAAE,IAAuB,EAAE,EAAE;QACrE,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;YAChC,IAAI,OAAO,UAAU,KAAK,SAAS,IAAI,UAAU,KAAK,KAAK;gBACzD,MAAM,IAAI,wBAAQ,CAChB,cAAc,GAAG,2BAA2B,EAC5C,GAAG,EACH,YAAY,IAAA,yBAAU,EAAC,GAAG,CAAC,SAAS,EACpC,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CACpB,CAAC;YAEJ,MAAM,SAAS,GAAG,UAAU,EAAE,CAAC,GAAG,CAAC,CAAC;YAEpC,IAAI,gBAAgB,IAAI,CAAC,SAAS,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC;gBACpE,MAAM,IAAI,wBAAQ,CAChB,cAAc,GAAG,2BAA2B,EAC5C,GAAG,EACH,YAAY,IAAA,yBAAU,EAAC,GAAG,CAAC,SAAS,EACpC,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CACpB,CAAC;YAEJ,IAAI,SAAS;gBACX,GAAG,CAAC,GAAG,CAAC,GAAG,MAAM,WAAW,CAC1B,SAAS,EACT,GAAG,CAAC,GAAG,CAAC,EACR,WAAW,CAAC,UAAU,EAAE,iBAAiB,CAC1C,CAAC;QACN,CAAC;QAED,IAAI,EAAE,CAAC;IACT,CAAC,CACF,CAAC;AACJ,CAAC","sourcesContent":["import { NextFunction, Request, Response } from \"express\";\nimport {\n PrismaQueryOptions,\n ArkosNextFunction,\n ArkosRequest,\n ArkosRequestHandler,\n ArkosResponse,\n AuthPrismaQueryOptions,\n} from \"../../types\";\nimport { getArkosConfig } from \"../../server\";\nimport deepmerge from \"../../utils/helpers/deepmerge.helper\";\nimport { AppError, catchAsync } from \"../../exports/error-handler\";\nimport validateDto from \"../../utils/validate-dto\";\nimport validateSchema from \"../../utils/validate-schema\";\nimport { ZodSchema } from \"zod\";\nimport { ClassConstructor } from \"class-transformer\";\nimport { ValidatorOptions } from \"class-validator\";\nimport { resolvePrismaQueryOptions } from \"./utils/helpers/base.middlewares.helpers\";\nimport { ArkosRouteConfig } from \"../../utils/arkos-router/types\";\nimport { capitalize } from \"../../utils/helpers/text.helpers\";\nimport { isClass, isZodSchema } from \"../../utils/dynamic-loader\";\n\nexport function callNext(_: Request, _1: Response, next: NextFunction) {\n next();\n}\n\n/**\n * Deep comparison helper for objects\n */\nfunction deepEqual(a: any, b: any): boolean {\n if (a === b) return true;\n if (a == null || b == null) return false;\n if (typeof a !== \"object\" || typeof b !== \"object\") return a === b;\n\n const keysA = Object.keys(a);\n const keysB = Object.keys(b);\n\n if (keysA.length !== keysB.length) return false;\n\n for (const key of keysA) {\n if (!keysB.includes(key)) return false;\n if (!deepEqual(a[key], b[key])) return false;\n }\n\n return true;\n}\n\n/**\n * Sends response with backward compatibility support\n * Compares current values against original values to detect middleware changes\n * If values were modified by subsequent middleware, use the modified version\n */\nexport function sendResponse(req: ArkosRequest, res: ArkosResponse) {\n let responseData;\n let responseStatus;\n\n const originalData = (res as any).originalData;\n const originalStatus = (res as any).originalStatus;\n\n const currentReqData = req.responseData;\n const currentReqStatus = req.responseStatus;\n const currentLocalsData = res.locals?.data;\n const currentLocalsStatus = res.locals?.status;\n\n if (\n currentReqData !== undefined &&\n !deepEqual(currentReqData, originalData)\n ) {\n responseData = currentReqData;\n } else if (\n currentLocalsData !== undefined &&\n !deepEqual(currentLocalsData, originalData)\n ) {\n responseData = currentLocalsData;\n } else if (originalData !== undefined) {\n responseData = originalData;\n } else {\n responseData = currentReqData ?? currentLocalsData;\n }\n\n if (currentReqStatus !== undefined && currentReqStatus !== originalStatus) {\n responseStatus = currentReqStatus;\n } else if (\n currentLocalsStatus !== undefined &&\n currentLocalsStatus !== originalStatus\n ) {\n responseStatus = currentLocalsStatus;\n } else if (originalStatus !== undefined) {\n responseStatus = originalStatus;\n } else {\n responseStatus = currentReqStatus ?? currentLocalsStatus;\n }\n\n // Send response\n\n if (Number(responseStatus) === 204) {\n res.status(Number(responseStatus)).send();\n } else if (\n (responseData !== undefined || responseData !== null) &&\n responseStatus\n ) {\n res.status(Number(responseStatus)).json(responseData);\n } else if (\n Number(responseStatus) &&\n (responseData === undefined || responseData === null)\n ) {\n res.status(Number(responseStatus)).send();\n } else {\n res.status(500).json({\n message: \"No status or data attached to the response\",\n });\n }\n}\n\n/**\n * Type representing all possible actions that can be performed on a controller\n * Combines both standard CRUD operations and auth-specific operations\n */\nexport type ControllerActions =\n | keyof PrismaQueryOptions<any>\n | keyof Omit<AuthPrismaQueryOptions<any>, keyof PrismaQueryOptions<any>>;\n\n/**\n * Middleware to add Prisma query options to the request's query parameters.\n *\n * @template T - The type of the Prisma model.\n * @param {PrismaQueryOptions<T> | AuthPrismaQueryOptions<T>} prismaQueryOptions - The Prisma query options to attach.\n * @param {ControllerActions} action - The controller action to apply.\n * @returns A middleware function that attaches the query options to the request.\n */\nexport function addPrismaQueryOptionsToRequest<T extends Record<string, any>>(\n prismaQueryOptions: PrismaQueryOptions<T> | AuthPrismaQueryOptions<T>,\n action: ControllerActions\n) {\n return (req: ArkosRequest, _: ArkosResponse, next: NextFunction) => {\n const configs = getArkosConfig();\n\n const resolvedOptions = resolvePrismaQueryOptions(\n prismaQueryOptions,\n action\n );\n\n const requestQueryOptions = configs?.request?.parameters\n ?.allowDangerousPrismaQueryOptions\n ? JSON.parse((req.query?.prismaQueryOptions as string) || \"{}\")\n : {};\n\n req.prismaQueryOptions = deepmerge(resolvedOptions, requestQueryOptions);\n\n next();\n };\n}\n\n/**\n * Logs request events with colored text such as errors, requests responses.\n *\n */\nexport function handleRequestLogs(\n req: Request,\n res: Response,\n next: NextFunction\n) {\n const startTime = Date.now();\n\n const methodColors = {\n GET: \"\\x1b[36m\", // Cyan\n POST: \"\\x1b[32m\", // Green\n PUT: \"\\x1b[33m\", // Orange/Yellow\n PATCH: \"\\x1b[33m\", // Orange/Yellow\n DELETE: \"\\x1b[31m\", // Red\n HEAD: \"\\x1b[34m\", // Blue\n OPTIONS: \"\\x1b[34m\", // Blue\n };\n\n const getStatusColor = (statusCode: number) => {\n if (statusCode >= 200 && statusCode < 300) return \"\\x1b[32m\";\n if (statusCode >= 300 && statusCode < 400) return \"\\x1b[33m\";\n if (statusCode >= 400 && statusCode < 500) return \"\\x1b[33m\";\n if (statusCode >= 500) return \"\\x1b[31m\";\n return \"\\x1b[0m\";\n };\n\n res.on(\"finish\", () => {\n const duration = Date.now() - startTime;\n\n const now = new Date();\n const time = now.toTimeString().split(\" \")[0];\n\n const methodColor =\n methodColors[req.method as keyof typeof methodColors] || \"\\x1b[0m\";\n const statusColor = getStatusColor(res.statusCode);\n\n console.info(\n `[\\x1b[36mInfo\\x1b[0m] \\x1b[90m${time}\\x1b[0m ${methodColor}${\n req.method\n }\\x1b[0m ${decodeURIComponent(req.originalUrl)} ${statusColor}${\n res.statusCode\n }\\x1b[0m \\x1b[35m${duration}ms\\x1b[0m`\n );\n });\n\n next();\n}\n\nexport function handleRequestBodyValidationAndTransformation<T extends object>(\n schemaOrDtoClass?: ClassConstructor<T>,\n classValidatorValidationOptions?: ValidatorOptions\n): ArkosRequestHandler;\nexport function handleRequestBodyValidationAndTransformation<T extends object>(\n schemaOrDtoClass?: ZodSchema<T>\n): ArkosRequestHandler;\nexport function handleRequestBodyValidationAndTransformation<T extends object>(\n schemaOrDtoClass?: ZodSchema<T> | ClassConstructor<T>,\n classValidatorValidationOptions?: ValidatorOptions\n) {\n return catchAsync(\n async (req: ArkosRequest, _: ArkosResponse, next: ArkosNextFunction) => {\n const validationConfigs = getArkosConfig()?.validation;\n let body = req.body;\n\n if (validationConfigs?.resolver === \"class-validator\" && schemaOrDtoClass)\n req.body = await validateDto(\n schemaOrDtoClass as ClassConstructor<T>,\n body,\n deepmerge(\n {\n whitelist: true,\n ...classValidatorValidationOptions,\n },\n validationConfigs?.validationOptions || {}\n )\n );\n else if (validationConfigs?.resolver === \"zod\" && schemaOrDtoClass)\n req.body = await validateSchema(schemaOrDtoClass as ZodSchema<T>, body);\n\n next();\n }\n );\n}\n\nexport function validateRequestInputs(routeConfig: ArkosRouteConfig) {\n const arkosConfig = getArkosConfig();\n const validationConfig = arkosConfig.validation;\n const strictValidation = validationConfig?.strict;\n const validators = routeConfig?.validation;\n const openapi = routeConfig?.experimental?.openapi;\n\n const validationToParameterMapping = {\n query: \"query\",\n params: \"path\",\n headers: \"header\",\n cookies: \"cookie\",\n };\n\n if (!validationConfig?.resolver && validators)\n throw Error(\n \"Trying to pass validators into route config validation option without choosing a validation resolver under arkos config { validation: {} }.\"\n );\n\n if ((validators as any) === true)\n throw Error(\n `Invalid value ${validators} passed to validation option, it can only receive false or object of { query, body, params }.`\n );\n\n const validatorFn: (validator: any, data: any, options: any) => Promise<any> =\n validationConfig?.resolver == \"zod\" ? validateSchema : validateDto;\n const validatorsKey: (\"body\" | \"query\" | \"params\")[] = [\n \"body\",\n \"query\",\n \"params\",\n ];\n\n const isValidValidator =\n validationConfig?.resolver == \"zod\" ? isZodSchema : isClass;\n const validatorName =\n validationConfig?.resolver == \"zod\" ? \"zod schema\" : \"class-validator dto\";\n const validatorNameType =\n validationConfig?.resolver == \"zod\" ? \"Schema\" : \"Dto\";\n\n if (typeof validators === \"object\")\n validatorsKey.forEach((key) => {\n if (\n openapi &&\n typeof openapi === \"object\" &&\n key != \"body\" &&\n openapi.parameters?.some(\n (parameter: any) => parameter.in === validationToParameterMapping[key]\n ) &&\n validators[key]\n ) {\n throw Error(\n `When usign validation.${key} you must not define parameters under openapi.parameters as documentation of req.${key} because the ${validatorName} you passed under validation.${key} will be added as jsonSchema into the api documenation, if you wish to define documenation by yourself do not define validation.${key}.`\n );\n }\n\n if (\n openapi &&\n typeof openapi === \"object\" &&\n openapi.requestBody &&\n validators[key] &&\n key === \"body\"\n ) {\n throw Error(\n `When usign validation.${key} you must not define json-schema under openapi.requestBody as documentation for req.${key}, because the ${validatorName} you passed under validation.${key} will be added as json-schema into the api documenation, if you wish to define documenation by yourself do not define validation.${key}.`\n );\n }\n\n if (strictValidation && !(key in validators))\n throw Error(\n `No { validation: { ${key}: ${validatorNameType} } } was found, while using strict validation you will need to pass undefined into ${key} in order to deny any request ${key} input.`\n );\n\n if (\n key in validators &&\n validators?.[key] !== undefined &&\n !isValidValidator(validators[key])\n )\n throw Error(\n `Your validation resolver is set to ${arkosConfig.validation!.resolver}, please provide a valid ${validatorName} in order to use in { validation: { ${key}: ${validatorNameType} } } under route ${routeConfig.route}`\n );\n });\n\n return catchAsync(\n async (req: ArkosRequest, _: ArkosResponse, next: ArkosNextFunction) => {\n for (const key of validatorsKey) {\n if (typeof validators === \"boolean\" && validators === false)\n throw new AppError(\n `No request ${key} is allowed on this route`,\n 400,\n `NoRequest${capitalize(key)}Allowed`,\n { [key]: req[key] }\n );\n\n const validator = validators?.[key];\n\n if (strictValidation && !validator && Object.keys(req[key]).length > 0)\n throw new AppError(\n `No request ${key} is allowed on this route`,\n 400,\n `NoRequest${capitalize(key)}Allowed`,\n { [key]: req[key] }\n );\n\n if (validator)\n req[key] = await validatorFn(\n validator,\n req[key],\n arkosConfig.validation?.validationOptions\n );\n }\n\n next();\n }\n );\n}\n"]}
1
+ {"version":3,"file":"base.middlewares.js","sourceRoot":"","sources":["../../../../src/modules/base/base.middlewares.ts"],"names":[],"mappings":";;;;;AAsBA,4BAEC;AA4BD,oCA4DC;AAkBD,wEAqBC;AAMD,8CA6CC;AASD,oGA2BC;AAED,sDAkHC;AAzVD,yCAA8C;AAC9C,4FAA6D;AAC7D,+DAAmE;AACnE,4EAAmD;AACnD,kFAAyD;AAIzD,uFAAqF;AAErF,mEAA8D;AAC9D,+DAAkE;AAElE,SAAgB,QAAQ,CAAC,CAAU,EAAE,EAAY,EAAE,IAAkB;IACnE,IAAI,EAAE,CAAC;AACT,CAAC;AAKD,SAAS,SAAS,CAAC,CAAM,EAAE,CAAM;IAC/B,IAAI,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACzB,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,IAAI;QAAE,OAAO,KAAK,CAAC;IACzC,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,OAAO,CAAC,KAAK,QAAQ;QAAE,OAAO,CAAC,KAAK,CAAC,CAAC;IAEnE,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC7B,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAE7B,IAAI,KAAK,CAAC,MAAM,KAAK,KAAK,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAEhD,KAAK,MAAM,GAAG,IAAI,KAAK,EAAE,CAAC;QACxB,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QACvC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;IAC/C,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAOD,SAAgB,YAAY,CAAC,GAAiB,EAAE,GAAkB;IAChE,IAAI,YAAY,CAAC;IACjB,IAAI,cAAc,CAAC;IAEnB,MAAM,YAAY,GAAI,GAAW,CAAC,YAAY,CAAC;IAC/C,MAAM,cAAc,GAAI,GAAW,CAAC,cAAc,CAAC;IAEnD,MAAM,cAAc,GAAG,GAAG,CAAC,YAAY,CAAC;IACxC,MAAM,gBAAgB,GAAG,GAAG,CAAC,cAAc,CAAC;IAC5C,MAAM,iBAAiB,GAAG,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC;IAC3C,MAAM,mBAAmB,GAAG,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC;IAE/C,IACE,cAAc,KAAK,SAAS;QAC5B,CAAC,SAAS,CAAC,cAAc,EAAE,YAAY,CAAC,EACxC,CAAC;QACD,YAAY,GAAG,cAAc,CAAC;IAChC,CAAC;SAAM,IACL,iBAAiB,KAAK,SAAS;QAC/B,CAAC,SAAS,CAAC,iBAAiB,EAAE,YAAY,CAAC,EAC3C,CAAC;QACD,YAAY,GAAG,iBAAiB,CAAC;IACnC,CAAC;SAAM,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;QACtC,YAAY,GAAG,YAAY,CAAC;IAC9B,CAAC;SAAM,CAAC;QACN,YAAY,GAAG,cAAc,IAAI,iBAAiB,CAAC;IACrD,CAAC;IAED,IAAI,gBAAgB,KAAK,SAAS,IAAI,gBAAgB,KAAK,cAAc,EAAE,CAAC;QAC1E,cAAc,GAAG,gBAAgB,CAAC;IACpC,CAAC;SAAM,IACL,mBAAmB,KAAK,SAAS;QACjC,mBAAmB,KAAK,cAAc,EACtC,CAAC;QACD,cAAc,GAAG,mBAAmB,CAAC;IACvC,CAAC;SAAM,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;QACxC,cAAc,GAAG,cAAc,CAAC;IAClC,CAAC;SAAM,CAAC;QACN,cAAc,GAAG,gBAAgB,IAAI,mBAAmB,CAAC;IAC3D,CAAC;IAID,IAAI,MAAM,CAAC,cAAc,CAAC,KAAK,GAAG,EAAE,CAAC;QACnC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAC5C,CAAC;SAAM,IACL,CAAC,YAAY,KAAK,SAAS,IAAI,YAAY,KAAK,IAAI,CAAC;QACrD,cAAc,EACd,CAAC;QACD,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACxD,CAAC;SAAM,IACL,MAAM,CAAC,cAAc,CAAC;QACtB,CAAC,YAAY,KAAK,SAAS,IAAI,YAAY,KAAK,IAAI,CAAC,EACrD,CAAC;QACD,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAC5C,CAAC;SAAM,CAAC;QACN,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,4CAA4C;SACtD,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAkBD,SAAgB,8BAA8B,CAC5C,kBAAqE,EACrE,MAAyB;IAEzB,OAAO,CAAC,GAAiB,EAAE,CAAgB,EAAE,IAAkB,EAAE,EAAE;QACjE,MAAM,OAAO,GAAG,IAAA,uBAAc,GAAE,CAAC;QAEjC,MAAM,eAAe,GAAG,IAAA,oDAAyB,EAC/C,kBAAkB,EAClB,MAAM,CACP,CAAC;QAEF,MAAM,mBAAmB,GAAG,OAAO,EAAE,OAAO,EAAE,UAAU;YACtD,EAAE,gCAAgC;YAClC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAE,GAAG,CAAC,KAAK,EAAE,kBAA6B,IAAI,IAAI,CAAC;YAC/D,CAAC,CAAC,EAAE,CAAC;QAEP,GAAG,CAAC,kBAAkB,GAAG,IAAA,0BAAS,EAAC,eAAe,EAAE,mBAAmB,CAAC,CAAC;QAEzE,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC;AAMD,SAAgB,iBAAiB,CAC/B,GAAY,EACZ,GAAa,EACb,IAAkB;IAElB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,MAAM,YAAY,GAAG;QACnB,GAAG,EAAE,UAAU;QACf,IAAI,EAAE,UAAU;QAChB,GAAG,EAAE,UAAU;QACf,KAAK,EAAE,UAAU;QACjB,MAAM,EAAE,UAAU;QAClB,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,UAAU;KACpB,CAAC;IAEF,MAAM,cAAc,GAAG,CAAC,UAAkB,EAAE,EAAE;QAC5C,IAAI,UAAU,IAAI,GAAG,IAAI,UAAU,GAAG,GAAG;YAAE,OAAO,UAAU,CAAC;QAC7D,IAAI,UAAU,IAAI,GAAG,IAAI,UAAU,GAAG,GAAG;YAAE,OAAO,UAAU,CAAC;QAC7D,IAAI,UAAU,IAAI,GAAG,IAAI,UAAU,GAAG,GAAG;YAAE,OAAO,UAAU,CAAC;QAC7D,IAAI,UAAU,IAAI,GAAG;YAAE,OAAO,UAAU,CAAC;QACzC,OAAO,SAAS,CAAC;IACnB,CAAC,CAAC;IAEF,GAAG,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE;QACpB,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;QAExC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAE9C,MAAM,WAAW,GACf,YAAY,CAAC,GAAG,CAAC,MAAmC,CAAC,IAAI,SAAS,CAAC;QACrE,MAAM,WAAW,GAAG,cAAc,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAEnD,OAAO,CAAC,IAAI,CACV,iCAAiC,IAAI,WAAW,WAAW,GACzD,GAAG,CAAC,MACN,WAAW,kBAAkB,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,WAAW,GAC3D,GAAG,CAAC,UACN,mBAAmB,QAAQ,WAAW,CACvC,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,IAAI,EAAE,CAAC;AACT,CAAC;AASD,SAAgB,4CAA4C,CAC1D,gBAAqD,EACrD,+BAAkD;IAElD,OAAO,IAAA,0BAAU,EACf,KAAK,EAAE,GAAiB,EAAE,CAAgB,EAAE,IAAuB,EAAE,EAAE;QACrE,MAAM,iBAAiB,GAAG,IAAA,uBAAc,GAAE,EAAE,UAAU,CAAC;QACvD,IAAI,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC;QAEpB,IAAI,iBAAiB,EAAE,QAAQ,KAAK,iBAAiB,IAAI,gBAAgB;YACvE,GAAG,CAAC,IAAI,GAAG,MAAM,IAAA,sBAAW,EAC1B,gBAAuC,EACvC,IAAI,EACJ,IAAA,0BAAS,EACP;gBACE,SAAS,EAAE,IAAI;gBACf,GAAG,+BAA+B;aACnC,EACD,iBAAiB,EAAE,iBAAiB,IAAI,EAAE,CAC3C,CACF,CAAC;aACC,IAAI,iBAAiB,EAAE,QAAQ,KAAK,KAAK,IAAI,gBAAgB;YAChE,GAAG,CAAC,IAAI,GAAG,MAAM,IAAA,yBAAc,EAAC,gBAAgC,EAAE,IAAI,CAAC,CAAC;QAE1E,IAAI,EAAE,CAAC;IACT,CAAC,CACF,CAAC;AACJ,CAAC;AAED,SAAgB,qBAAqB,CAAC,WAA6B;IACjE,MAAM,WAAW,GAAG,IAAA,uBAAc,GAAE,CAAC;IACrC,MAAM,gBAAgB,GAAG,WAAW,CAAC,UAAU,CAAC;IAChD,MAAM,gBAAgB,GAAG,gBAAgB,EAAE,MAAM,CAAC;IAClD,MAAM,UAAU,GAAG,WAAW,EAAE,UAAU,CAAC;IAC3C,MAAM,OAAO,GAAG,WAAW,EAAE,YAAY,EAAE,OAAO,CAAC;IAEnD,MAAM,4BAA4B,GAAG;QACnC,KAAK,EAAE,OAAO;QACd,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,QAAQ;QACjB,OAAO,EAAE,QAAQ;KAClB,CAAC;IAEF,IAAI,CAAC,gBAAgB,EAAE,QAAQ,IAAI,UAAU;QAC3C,MAAM,KAAK,CACT,6IAA6I,CAC9I,CAAC;IAEJ,IAAK,UAAkB,KAAK,IAAI;QAC9B,MAAM,KAAK,CACT,iBAAiB,UAAU,+FAA+F,CAC3H,CAAC;IAEJ,MAAM,WAAW,GACf,gBAAgB,EAAE,QAAQ,IAAI,KAAK,CAAC,CAAC,CAAC,yBAAc,CAAC,CAAC,CAAC,sBAAW,CAAC;IACrE,MAAM,aAAa,GAAoC;QACrD,MAAM;QACN,OAAO;QACP,QAAQ;KACT,CAAC;IAEF,MAAM,gBAAgB,GACpB,gBAAgB,EAAE,QAAQ,IAAI,KAAK,CAAC,CAAC,CAAC,4BAAW,CAAC,CAAC,CAAC,wBAAO,CAAC;IAC9D,MAAM,aAAa,GACjB,gBAAgB,EAAE,QAAQ,IAAI,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,qBAAqB,CAAC;IAC7E,MAAM,iBAAiB,GACrB,gBAAgB,EAAE,QAAQ,IAAI,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC;IAEzD,IAAI,OAAO,UAAU,KAAK,QAAQ;QAChC,aAAa,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;YAC5B,IACE,OAAO;gBACP,OAAO,OAAO,KAAK,QAAQ;gBAC3B,GAAG,IAAI,MAAM;gBACb,OAAO,CAAC,UAAU,EAAE,IAAI,CACtB,CAAC,SAAc,EAAE,EAAE,CAAC,SAAS,CAAC,EAAE,KAAK,4BAA4B,CAAC,GAAG,CAAC,CACvE;gBACD,UAAU,CAAC,GAAG,CAAC,EACf,CAAC;gBACD,MAAM,KAAK,CACT,yBAAyB,GAAG,oFAAoF,GAAG,gBAAgB,aAAa,gCAAgC,GAAG,mIAAmI,GAAG,GAAG,CAC7T,CAAC;YACJ,CAAC;YAED,IACE,OAAO;gBACP,OAAO,OAAO,KAAK,QAAQ;gBAC3B,OAAO,CAAC,WAAW;gBACnB,UAAU,CAAC,GAAG,CAAC;gBACf,GAAG,KAAK,MAAM,EACd,CAAC;gBACD,MAAM,KAAK,CACT,yBAAyB,GAAG,uFAAuF,GAAG,iBAAiB,aAAa,gCAAgC,GAAG,oIAAoI,GAAG,GAAG,CAClU,CAAC;YACJ,CAAC;YAED,IAAI,gBAAgB,IAAI,CAAC,CAAC,GAAG,IAAI,UAAU,CAAC;gBAC1C,MAAM,KAAK,CACT,sBAAsB,GAAG,KAAK,iBAAiB,sFAAsF,GAAG,iCAAiC,GAAG,SAAS,CACtL,CAAC;YAEJ,IACE,GAAG,IAAI,UAAU;gBACjB,UAAU,EAAE,CAAC,GAAG,CAAC,KAAK,SAAS;gBAC/B,CAAC,gBAAgB,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;gBAElC,MAAM,KAAK,CACT,sCAAsC,WAAW,CAAC,UAAW,CAAC,QAAQ,4BAA4B,aAAa,uCAAuC,GAAG,KAAK,iBAAiB,oBAAoB,WAAW,CAAC,IAAI,EAAE,CACtN,CAAC;QACN,CAAC,CAAC,CAAC;IAEL,OAAO,IAAA,0BAAU,EACf,KAAK,EAAE,GAAiB,EAAE,CAAgB,EAAE,IAAuB,EAAE,EAAE;QACrE,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;YAChC,IAAI,OAAO,UAAU,KAAK,SAAS,IAAI,UAAU,KAAK,KAAK;gBACzD,MAAM,IAAI,wBAAQ,CAChB,cAAc,GAAG,2BAA2B,EAC5C,GAAG,EACH,YAAY,IAAA,yBAAU,EAAC,GAAG,CAAC,SAAS,EACpC,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CACpB,CAAC;YAEJ,MAAM,SAAS,GAAG,UAAU,EAAE,CAAC,GAAG,CAAC,CAAC;YAEpC,IAAI,gBAAgB,IAAI,CAAC,SAAS,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC;gBACpE,MAAM,IAAI,wBAAQ,CAChB,cAAc,GAAG,2BAA2B,EAC5C,GAAG,EACH,YAAY,IAAA,yBAAU,EAAC,GAAG,CAAC,SAAS,EACpC,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CACpB,CAAC;YAEJ,IAAI,SAAS;gBACX,GAAG,CAAC,GAAG,CAAC,GAAG,MAAM,WAAW,CAC1B,SAAS,EACT,GAAG,CAAC,GAAG,CAAC,EACR,WAAW,CAAC,UAAU,EAAE,iBAAiB,CAC1C,CAAC;QACN,CAAC;QAED,IAAI,EAAE,CAAC;IACT,CAAC,CACF,CAAC;AACJ,CAAC","sourcesContent":["import { NextFunction, Request, Response } from \"express\";\nimport {\n PrismaQueryOptions,\n ArkosNextFunction,\n ArkosRequest,\n ArkosRequestHandler,\n ArkosResponse,\n AuthPrismaQueryOptions,\n} from \"../../types\";\nimport { getArkosConfig } from \"../../server\";\nimport deepmerge from \"../../utils/helpers/deepmerge.helper\";\nimport { AppError, catchAsync } from \"../../exports/error-handler\";\nimport validateDto from \"../../utils/validate-dto\";\nimport validateSchema from \"../../utils/validate-schema\";\nimport { ZodSchema } from \"zod\";\nimport { ClassConstructor } from \"class-transformer\";\nimport { ValidatorOptions } from \"class-validator\";\nimport { resolvePrismaQueryOptions } from \"./utils/helpers/base.middlewares.helpers\";\nimport { ArkosRouteConfig } from \"../../utils/arkos-router/types\";\nimport { capitalize } from \"../../utils/helpers/text.helpers\";\nimport { isClass, isZodSchema } from \"../../utils/dynamic-loader\";\n\nexport function callNext(_: Request, _1: Response, next: NextFunction) {\n next();\n}\n\n/**\n * Deep comparison helper for objects\n */\nfunction deepEqual(a: any, b: any): boolean {\n if (a === b) return true;\n if (a == null || b == null) return false;\n if (typeof a !== \"object\" || typeof b !== \"object\") return a === b;\n\n const keysA = Object.keys(a);\n const keysB = Object.keys(b);\n\n if (keysA.length !== keysB.length) return false;\n\n for (const key of keysA) {\n if (!keysB.includes(key)) return false;\n if (!deepEqual(a[key], b[key])) return false;\n }\n\n return true;\n}\n\n/**\n * Sends response with backward compatibility support\n * Compares current values against original values to detect middleware changes\n * If values were modified by subsequent middleware, use the modified version\n */\nexport function sendResponse(req: ArkosRequest, res: ArkosResponse) {\n let responseData;\n let responseStatus;\n\n const originalData = (res as any).originalData;\n const originalStatus = (res as any).originalStatus;\n\n const currentReqData = req.responseData;\n const currentReqStatus = req.responseStatus;\n const currentLocalsData = res.locals?.data;\n const currentLocalsStatus = res.locals?.status;\n\n if (\n currentReqData !== undefined &&\n !deepEqual(currentReqData, originalData)\n ) {\n responseData = currentReqData;\n } else if (\n currentLocalsData !== undefined &&\n !deepEqual(currentLocalsData, originalData)\n ) {\n responseData = currentLocalsData;\n } else if (originalData !== undefined) {\n responseData = originalData;\n } else {\n responseData = currentReqData ?? currentLocalsData;\n }\n\n if (currentReqStatus !== undefined && currentReqStatus !== originalStatus) {\n responseStatus = currentReqStatus;\n } else if (\n currentLocalsStatus !== undefined &&\n currentLocalsStatus !== originalStatus\n ) {\n responseStatus = currentLocalsStatus;\n } else if (originalStatus !== undefined) {\n responseStatus = originalStatus;\n } else {\n responseStatus = currentReqStatus ?? currentLocalsStatus;\n }\n\n // Send response\n\n if (Number(responseStatus) === 204) {\n res.status(Number(responseStatus)).send();\n } else if (\n (responseData !== undefined || responseData !== null) &&\n responseStatus\n ) {\n res.status(Number(responseStatus)).json(responseData);\n } else if (\n Number(responseStatus) &&\n (responseData === undefined || responseData === null)\n ) {\n res.status(Number(responseStatus)).send();\n } else {\n res.status(500).json({\n message: \"No status or data attached to the response\",\n });\n }\n}\n\n/**\n * Type representing all possible actions that can be performed on a controller\n * Combines both standard CRUD operations and auth-specific operations\n */\nexport type ControllerActions =\n | keyof PrismaQueryOptions<any>\n | keyof Omit<AuthPrismaQueryOptions<any>, keyof PrismaQueryOptions<any>>;\n\n/**\n * Middleware to add Prisma query options to the request's query parameters.\n *\n * @template T - The type of the Prisma model.\n * @param {PrismaQueryOptions<T> | AuthPrismaQueryOptions<T>} prismaQueryOptions - The Prisma query options to attach.\n * @param {ControllerActions} action - The controller action to apply.\n * @returns A middleware function that attaches the query options to the request.\n */\nexport function addPrismaQueryOptionsToRequest<T extends Record<string, any>>(\n prismaQueryOptions: PrismaQueryOptions<T> | AuthPrismaQueryOptions<T>,\n action: ControllerActions\n) {\n return (req: ArkosRequest, _: ArkosResponse, next: NextFunction) => {\n const configs = getArkosConfig();\n\n const resolvedOptions = resolvePrismaQueryOptions(\n prismaQueryOptions,\n action\n );\n\n const requestQueryOptions = configs?.request?.parameters\n ?.allowDangerousPrismaQueryOptions\n ? JSON.parse((req.query?.prismaQueryOptions as string) || \"{}\")\n : {};\n\n req.prismaQueryOptions = deepmerge(resolvedOptions, requestQueryOptions);\n\n next();\n };\n}\n\n/**\n * Logs request events with colored text such as errors, requests responses.\n *\n */\nexport function handleRequestLogs(\n req: Request,\n res: Response,\n next: NextFunction\n) {\n const startTime = Date.now();\n\n const methodColors = {\n GET: \"\\x1b[36m\", // Cyan\n POST: \"\\x1b[32m\", // Green\n PUT: \"\\x1b[33m\", // Orange/Yellow\n PATCH: \"\\x1b[33m\", // Orange/Yellow\n DELETE: \"\\x1b[31m\", // Red\n HEAD: \"\\x1b[34m\", // Blue\n OPTIONS: \"\\x1b[34m\", // Blue\n };\n\n const getStatusColor = (statusCode: number) => {\n if (statusCode >= 200 && statusCode < 300) return \"\\x1b[32m\";\n if (statusCode >= 300 && statusCode < 400) return \"\\x1b[33m\";\n if (statusCode >= 400 && statusCode < 500) return \"\\x1b[33m\";\n if (statusCode >= 500) return \"\\x1b[31m\";\n return \"\\x1b[0m\";\n };\n\n res.on(\"finish\", () => {\n const duration = Date.now() - startTime;\n\n const now = new Date();\n const time = now.toTimeString().split(\" \")[0];\n\n const methodColor =\n methodColors[req.method as keyof typeof methodColors] || \"\\x1b[0m\";\n const statusColor = getStatusColor(res.statusCode);\n\n console.info(\n `[\\x1b[36mInfo\\x1b[0m] \\x1b[90m${time}\\x1b[0m ${methodColor}${\n req.method\n }\\x1b[0m ${decodeURIComponent(req.originalUrl)} ${statusColor}${\n res.statusCode\n }\\x1b[0m \\x1b[35m${duration}ms\\x1b[0m`\n );\n });\n\n next();\n}\n\nexport function handleRequestBodyValidationAndTransformation<T extends object>(\n schemaOrDtoClass?: ClassConstructor<T>,\n classValidatorValidationOptions?: ValidatorOptions\n): ArkosRequestHandler;\nexport function handleRequestBodyValidationAndTransformation<T extends object>(\n schemaOrDtoClass?: ZodSchema<T>\n): ArkosRequestHandler;\nexport function handleRequestBodyValidationAndTransformation<T extends object>(\n schemaOrDtoClass?: ZodSchema<T> | ClassConstructor<T>,\n classValidatorValidationOptions?: ValidatorOptions\n) {\n return catchAsync(\n async (req: ArkosRequest, _: ArkosResponse, next: ArkosNextFunction) => {\n const validationConfigs = getArkosConfig()?.validation;\n let body = req.body;\n\n if (validationConfigs?.resolver === \"class-validator\" && schemaOrDtoClass)\n req.body = await validateDto(\n schemaOrDtoClass as ClassConstructor<T>,\n body,\n deepmerge(\n {\n whitelist: true,\n ...classValidatorValidationOptions,\n },\n validationConfigs?.validationOptions || {}\n )\n );\n else if (validationConfigs?.resolver === \"zod\" && schemaOrDtoClass)\n req.body = await validateSchema(schemaOrDtoClass as ZodSchema<T>, body);\n\n next();\n }\n );\n}\n\nexport function validateRequestInputs(routeConfig: ArkosRouteConfig) {\n const arkosConfig = getArkosConfig();\n const validationConfig = arkosConfig.validation;\n const strictValidation = validationConfig?.strict;\n const validators = routeConfig?.validation;\n const openapi = routeConfig?.experimental?.openapi;\n\n const validationToParameterMapping = {\n query: \"query\",\n params: \"path\",\n headers: \"header\",\n cookies: \"cookie\",\n };\n\n if (!validationConfig?.resolver && validators)\n throw Error(\n \"Trying to pass validators into route config validation option without choosing a validation resolver under arkos config { validation: {} }.\"\n );\n\n if ((validators as any) === true)\n throw Error(\n `Invalid value ${validators} passed to validation option, it can only receive false or object of { query, body, params }.`\n );\n\n const validatorFn: (validator: any, data: any, options: any) => Promise<any> =\n validationConfig?.resolver == \"zod\" ? validateSchema : validateDto;\n const validatorsKey: (\"body\" | \"query\" | \"params\")[] = [\n \"body\",\n \"query\",\n \"params\",\n ];\n\n const isValidValidator =\n validationConfig?.resolver == \"zod\" ? isZodSchema : isClass;\n const validatorName =\n validationConfig?.resolver == \"zod\" ? \"zod schema\" : \"class-validator dto\";\n const validatorNameType =\n validationConfig?.resolver == \"zod\" ? \"Schema\" : \"Dto\";\n\n if (typeof validators === \"object\")\n validatorsKey.forEach((key) => {\n if (\n openapi &&\n typeof openapi === \"object\" &&\n key != \"body\" &&\n openapi.parameters?.some(\n (parameter: any) => parameter.in === validationToParameterMapping[key]\n ) &&\n validators[key]\n ) {\n throw Error(\n `When usign validation.${key} you must not define parameters under openapi.parameters as documentation of req.${key} because the ${validatorName} you passed under validation.${key} will be added as jsonSchema into the api documenation, if you wish to define documenation by yourself do not define validation.${key}.`\n );\n }\n\n if (\n openapi &&\n typeof openapi === \"object\" &&\n openapi.requestBody &&\n validators[key] &&\n key === \"body\"\n ) {\n throw Error(\n `When usign validation.${key} you must not define json-schema under openapi.requestBody as documentation for req.${key}, because the ${validatorName} you passed under validation.${key} will be added as json-schema into the api documenation, if you wish to define documenation by yourself do not define validation.${key}.`\n );\n }\n\n if (strictValidation && !(key in validators))\n throw Error(\n `No { validation: { ${key}: ${validatorNameType} } } was found, while using strict validation you will need to pass undefined into ${key} in order to deny any request ${key} input.`\n );\n\n if (\n key in validators &&\n validators?.[key] !== undefined &&\n !isValidValidator(validators[key])\n )\n throw Error(\n `Your validation resolver is set to ${arkosConfig.validation!.resolver}, please provide a valid ${validatorName} in order to use in { validation: { ${key}: ${validatorNameType} } } under route ${routeConfig.path}`\n );\n });\n\n return catchAsync(\n async (req: ArkosRequest, _: ArkosResponse, next: ArkosNextFunction) => {\n for (const key of validatorsKey) {\n if (typeof validators === \"boolean\" && validators === false)\n throw new AppError(\n `No request ${key} is allowed on this route`,\n 400,\n `NoRequest${capitalize(key)}Allowed`,\n { [key]: req[key] }\n );\n\n const validator = validators?.[key];\n\n if (strictValidation && !validator && Object.keys(req[key]).length > 0)\n throw new AppError(\n `No request ${key} is allowed on this route`,\n 400,\n `NoRequest${capitalize(key)}Allowed`,\n { [key]: req[key] }\n );\n\n if (validator)\n req[key] = await validatorFn(\n validator,\n req[key],\n arkosConfig.validation?.validationOptions\n );\n }\n\n next();\n }\n );\n}\n"]}
package/dist/cjs/types/arkos-config.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"arkos-config.js","sourceRoot":"","sources":["../../../src/types/arkos-config.ts"],"names":[],"mappings":"","sourcesContent":["import http from \"http\";\nimport express from \"express\";\nimport { IArkosRouter } from \"../utils/arkos-router/types\";\nimport { ArkosErrorRequestHandler, ArkosRequestHandler } from \".\";\n\n/**\n * Defines the initial configs of the api to be loaded at startup when arkos.init() is called.\n */\nexport type ArkosInitConfig = {\n /**\n * Allows to add an array of custom express routers/middlewares into the default middleware/routers stack.\n *\n * **Tip**: If you would like to acess the express app before everthing use `configureApp` and pass a function.\n *\n * **Where will these be placed?**: see [www.arkosjs.com/docs/advanced-guide/replace-or-disable-built-in-middlewares#middleware-execution-order](https://www.arkosjs.com/docs/advanced-guide/replace-or-disable-built-in-middlewares#middleware-execution-order)\n *\n * **Note**: If you want to use custom global error handler middleware use `middlewares.replace.globalErrorHandler`.\n *\n * Read more about The Arkos Middleware Stack at [www.arkosjs.com/docs/the-middleware-stack](https://www.arkosjs.com/docs/the-middleware-stack) for in-depth details.\n */\n use?: IArkosRouter[] | ArkosRequestHandler[] | ArkosErrorRequestHandler[];\n /**\n * Gives acess to the underlying express app so that you can add custom configurations beyong **Arkos** customization capabilities\n *\n * **Note**: In the end **Arkos** will call `app.listen` for you.\n *\n * If you want to call `app.listen` by yourself pass port as `undefined` and then use the return app from `arkos.init()`.\n *\n * See how to call `app.listen` correctly [www.arkosjs.com/docs/guide/accessing-the-express-app#calling-applisten-by-yourself](https://www.arkosjs.com/docs/guide/accessing-the-express-app#calling-applisten-by-yourself)\n *\n * See [www.arkosjs.com/docs/guide/accessing-the-express-app](https://www.arkosjs.com/docs/guide/accessing-the-express-app) for further details on the method configureApp.\n *\n * @param {express.Express} app\n * @returns {any}\n */\n configureApp?: (app: express.Express) => Promise<any> | any;\n /**\n * Gives access to the underlying HTTP server so that you can add custom configurations beyond **Arkos** customization capabilities\n *\n * **Note**: In the end **Arkos** will call `server.listen` for you.\n *\n * If you want to call `server.listen` by yourself pass port as `undefined` and then use the return server from `arkos.init()`.\n *\n * See how to call `server.listen` correctly [www.arkosjs.com/docs/guide/accessing-the-express-app#creating-your-own-http-server](https://www.arkosjs.com/docs/guide/accessing-the-express-app#creating-your-own-http-server)\n *\n * See [www.arkosjs.com/docs/guide/accessing-the-express-app#accessing-the-http-server](https://www.arkosjs.com/docs/guide/accessing-the-express-app#accessing-the-http-server) for further details on the method configureServer.\n *\n * @param {http.Server} server - The HTTP server instance\n * @returns {any}\n */\n configureServer?: (server: http.Server) => Promise<any> | any;\n};\n"]}
1
+ {"version":3,"file":"arkos-config.js","sourceRoot":"","sources":["../../../src/types/arkos-config.ts"],"names":[],"mappings":"","sourcesContent":["import http from \"http\";\nimport express from \"express\";\nimport { IArkosRouter } from \"../utils/arkos-router/types\";\nimport { ArkosErrorRequestHandler, ArkosRequestHandler } from \".\";\n\n/**\n * Defines the initial configs of the api to be loaded at startup when arkos.init() is called.\n */\nexport type ArkosInitConfig = {\n /**\n * Allows to add an array of custom express routers/middlewares into the default middleware/routers stack.\n *\n * **Tip**: If you would like to acess the express app before everthing use `configureApp` and pass a function.\n *\n * **Where will these be placed?**: see [www.arkosjs.com/docs/advanced-guide/replace-or-disable-built-in-middlewares#middleware-execution-order](https://www.arkosjs.com/docs/advanced-guide/replace-or-disable-built-in-middlewares#middleware-execution-order)\n *\n * **Note**: If you want to use custom global error handler middleware use `middlewares.replace.globalErrorHandler`.\n *\n * Read more about The Arkos Middleware Stack at [www.arkosjs.com/docs/the-middleware-stack](https://www.arkosjs.com/docs/the-middleware-stack) for in-depth details.\n */\n use?:\n | express.Router[]\n | IArkosRouter[]\n | ArkosRequestHandler[]\n | ArkosErrorRequestHandler[];\n /**\n * Gives acess to the underlying express app so that you can add custom configurations beyong **Arkos** customization capabilities\n *\n * **Note**: In the end **Arkos** will call `app.listen` for you.\n *\n * If you want to call `app.listen` by yourself pass port as `undefined` and then use the return app from `arkos.init()`.\n *\n * See how to call `app.listen` correctly [www.arkosjs.com/docs/guide/accessing-the-express-app#calling-applisten-by-yourself](https://www.arkosjs.com/docs/guide/accessing-the-express-app#calling-applisten-by-yourself)\n *\n * See [www.arkosjs.com/docs/guide/accessing-the-express-app](https://www.arkosjs.com/docs/guide/accessing-the-express-app) for further details on the method configureApp.\n *\n * @param {express.Express} app\n * @returns {any}\n */\n configureApp?: (app: express.Express) => Promise<any> | any;\n /**\n * Gives access to the underlying HTTP server so that you can add custom configurations beyond **Arkos** customization capabilities\n *\n * **Note**: In the end **Arkos** will call `server.listen` for you.\n *\n * If you want to call `server.listen` by yourself pass port as `undefined` and then use the return server from `arkos.init()`.\n *\n * See how to call `server.listen` correctly [www.arkosjs.com/docs/guide/accessing-the-express-app#creating-your-own-http-server](https://www.arkosjs.com/docs/guide/accessing-the-express-app#creating-your-own-http-server)\n *\n * See [www.arkosjs.com/docs/guide/accessing-the-express-app#accessing-the-http-server](https://www.arkosjs.com/docs/guide/accessing-the-express-app#accessing-the-http-server) for further details on the method configureServer.\n *\n * @param {http.Server} server - The HTTP server instance\n * @returns {any}\n */\n configureServer?: (server: http.Server) => Promise<any> | any;\n};\n"]}
package/dist/cjs/types/auth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/types/auth.ts"],"names":[],"mappings":"","sourcesContent":["import { JwtPayload } from \"jsonwebtoken\";\n\n/**\n * Base set of controller actions available to all controllers.\n *\n * @example\n * const action: AccessAction = \"Create\";\n * const customAction: AccessAction = \"export\"; // Custom action\n */\nexport type AccessAction = \"Create\" | \"Update\" | \"Delete\" | \"View\" | string;\n\nexport type DetailedAccessControlRule = {\n /** Array of role names that have permission for this action */\n roles: string[];\n /** Human-readable name for this permission (optional) */\n name?: string;\n /** Detailed description of what this permission allows (optional) */\n description?: string;\n /** Detailed error message of what must be returned on forbidden response (optional)\n *\n * Note: not yet implemented\n * */\n errorMessage?: string;\n};\n\n/**\n * Rules defining access control for different controller actions.\n * The array contains role names that are allowed to perform the action.\n *\n * @see {@link https://www.arkosjs.com/docs/core-concepts/authentication-system#using-auth-config-to-customize-endpoint-behavior}\n * @example\n *\n * const rules: AccessControlRules = {\n * Create: {\n * roles: [\"Admin\", \"Manager\"],\n * name: \"Create a new user\",\n * description: \"Allows to create a new user\"\n * },\n * Update: [\"Admin\"],\n * Delete: [\"Admin\"],\n * View: [\"Admin\", \"User\", \"Guest\"]\n * };\n *\n */\nexport type AccessControlRules = {\n [key in AccessAction]: string[] | DetailedAccessControlRule;\n};\n\n/**\n * Rules defining authentication requirements for different controller actions.\n *\n * @see {@link https://www.arkosjs.com/docs/core-concepts/authentication-system#using-auth-config-to-customize-endpoint-behavior}\n * @example\n * const authRules: AuthenticationControlRules = {\n * Create: true,\n * Update: true,\n * Delete: true,\n * View: false // Public access\n * };\n */\nexport type AuthenticationControlRules = {\n [key in AccessAction]: boolean;\n};\n\n/**\n * Configuration for authentication control.\n *\n * @example\n * // All actions require authentication\n * const config1: AuthenticationControlConfig = true;\n *\n * // Specific rules per action\n * const config2: AuthenticationControlConfig = {\n * Create: true,\n * View: false\n * };\n */\nexport type AuthenticationControlConfig =\n | boolean\n | Partial<AuthenticationControlRules>;\n\n/**\n * Configuration for access control.\n *\n * @see {@link https://www.arkosjs.com/docs/core-concepts/authentication-system#auth-config-files---static-rbac}\n * @example\n * // All actions allowed for these roles\n * const config1: AccessControlConfig = [\"Admin\", \"Manager\"];\n *\n * // Specific rules per action\n * const config2: AccessControlConfig = {\n * Create: [\"Admin\"],\n * View: [\"User\", \"Admin\"]\n * };\n */\nexport type AccessControlConfig = string[] | Partial<AccessControlRules>;\n\n/**\n * Configuration for authentication and access control.\n *\n * @see {@link https://www.arkosjs.com/docs/core-concepts/authentication-system#using-auth-config-to-customize-endpoint-behavior}\n * @example\n * export const authConfig: AuthConfigs = {\n * authenticationControl: {\n * Create: true,\n * View: false\n * },\n * accessControl: {\n * Create: [\"Admin\"],\n * View: [\"User\", \"Admin\"]\n * }\n * };\n */\nexport type AuthConfigs = {\n authenticationControl?: AuthenticationControlConfig;\n accessControl?: AccessControlConfig;\n};\n\n/**\n * Payload structure for JWT-based authentication, extending the standard `JwtPayload`.\n *\n * @example\n * const payload: AuthJwtPayload = {\n * id: 123,\n * roles: [\"Admin\"],\n * email: \"user@example.com\"\n * };\n */\nexport interface AuthJwtPayload extends JwtPayload {\n id?: number | string;\n [x: string]: any;\n}\n"]}
1
+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/types/auth.ts"],"names":[],"mappings":"","sourcesContent":["import { JwtPayload } from \"jsonwebtoken\";\n\n/**\n * Base set of controller actions available to all controllers.\n *\n * @example\n * const action: AccessAction = \"Create\";\n * const customAction: AccessAction = \"export\"; // Custom action\n */\nexport type AccessAction = \"Create\" | \"Update\" | \"Delete\" | \"View\" | string;\n\nexport type DetailedAccessControlRule = {\n /** Array of role names that have permission for this action */\n roles?: string[];\n /** Human-readable name for this permission (optional) */\n name?: string;\n /** Detailed description of what this permission allows (optional) */\n description?: string;\n /** Detailed error message of what must be returned on forbidden response (optional)\n *\n * Note: not yet implemented\n * */\n errorMessage?: string;\n};\n\n/**\n * Rules defining access control for different controller actions.\n * The array contains role names that are allowed to perform the action.\n *\n * @see {@link https://www.arkosjs.com/docs/core-concepts/authentication-system#using-auth-config-to-customize-endpoint-behavior}\n * @example\n *\n * const rules: AccessControlRules = {\n * Create: {\n * roles: [\"Admin\", \"Manager\"],\n * name: \"Create a new user\",\n * description: \"Allows to create a new user\"\n * },\n * Update: [\"Admin\"],\n * Delete: [\"Admin\"],\n * View: [\"Admin\", \"User\", \"Guest\"]\n * };\n *\n */\nexport type AccessControlRules = {\n [key in AccessAction]: string[] | DetailedAccessControlRule;\n};\n\n/**\n * Rules defining authentication requirements for different controller actions.\n *\n * @see {@link https://www.arkosjs.com/docs/core-concepts/authentication-system#using-auth-config-to-customize-endpoint-behavior}\n * @example\n * const authRules: AuthenticationControlRules = {\n * Create: true,\n * Update: true,\n * Delete: true,\n * View: false // Public access\n * };\n */\nexport type AuthenticationControlRules = {\n [key in AccessAction]: boolean;\n};\n\n/**\n * Configuration for authentication control.\n *\n * @example\n * // All actions require authentication\n * const config1: AuthenticationControlConfig = true;\n *\n * // Specific rules per action\n * const config2: AuthenticationControlConfig = {\n * Create: true,\n * View: false\n * };\n */\nexport type AuthenticationControlConfig =\n | boolean\n | Partial<AuthenticationControlRules>;\n\n/**\n * Configuration for access control.\n *\n * @see {@link https://www.arkosjs.com/docs/core-concepts/authentication-system#auth-config-files---static-rbac}\n * @example\n * // All actions allowed for these roles\n * const config1: AccessControlConfig = [\"Admin\", \"Manager\"];\n *\n * // Specific rules per action\n * const config2: AccessControlConfig = {\n * Create: [\"Admin\"],\n * View: [\"User\", \"Admin\"]\n * };\n */\nexport type AccessControlConfig = string[] | Partial<AccessControlRules>;\n\n/**\n * Configuration for authentication and access control.\n *\n * @see {@link https://www.arkosjs.com/docs/core-concepts/authentication-system#using-auth-config-to-customize-endpoint-behavior}\n * @example\n * export const authConfig: AuthConfigs = {\n * authenticationControl: {\n * Create: true,\n * View: false\n * },\n * accessControl: {\n * Create: [\"Admin\"],\n * View: [\"User\", \"Admin\"]\n * }\n * };\n */\nexport type AuthConfigs = {\n authenticationControl?: AuthenticationControlConfig;\n accessControl?: AccessControlConfig;\n};\n\n/**\n * Payload structure for JWT-based authentication, extending the standard `JwtPayload`.\n *\n * @example\n * const payload: AuthJwtPayload = {\n * id: 123,\n * roles: [\"Admin\"],\n * email: \"user@example.com\"\n * };\n */\nexport interface AuthJwtPayload extends JwtPayload {\n id?: number | string;\n [x: string]: any;\n}\n"]}
package/dist/cjs/types/new-arkos-config.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"new-arkos-config.js","sourceRoot":"","sources":["../../../src/types/new-arkos-config.ts"],"names":[],"mappings":"","sourcesContent":["import cors from \"cors\";\nimport express from \"express\";\nimport { Options as RateLimitOptions } from \"express-rate-limit\";\nimport cookieParser from \"cookie-parser\";\nimport compression from \"compression\";\nimport { Options as QueryParserOptions } from \"../utils/helpers/query-parser.helpers\";\nimport { ValidatorOptions } from \"class-validator\";\nimport { MsDuration } from \"../modules/auth/utils/helpers/auth.controller.helpers\";\nimport { OpenAPIV3 } from \"openapi-types\";\nimport type { ApiReferenceConfiguration } from \"@scalar/express-api-reference\" with { \"resolution-mode\": \"import\" };\nimport nodemailer from \"nodemailer\";\nimport { ModuleComponents } from \"../utils/dynamic-loader\";\nimport { ArkosRequestHandler } from \".\";\n\n/**\n * Defines the initial configs of the api to be loaded at startup when arkos.init() is called.\n */\nexport type ArkosConfig = {\n /**\n * Allows to configure request configs\n */\n request?: {\n /**\n * Allows to configure request parameters\n */\n parameters?: {\n /**\n * Toggles allowing `VERY DANGEROUS` request paramateres under `req.query` for passing prisma query options.\n *\n * See more\n */\n allowDangerousPrismaQueryOptions?: boolean;\n };\n };\n /** Message you would like to send, as Json and 200 response when\n * ```curl\n * GET /api\n * ```\n *\n * ```json\n * { \"message\": \"Welcome to YourAppName\" }\n * ```\n *\n * default message is: Welcome to our Rest API generated by Arkos, find more about Arkos at www.arkosjs.com.\n *\n *\n * */\n welcomeMessage?: string;\n /**\n * Port where the application will run, can be set in 3 ways:\n *\n * 1. default is 8000\n * 2. PORT under environment variables (Lower precedence)\n * 3. this config option (Higher precedence)\n */\n port?: number | undefined;\n /**\n * Allows to listen on a different host than localhost only\n */\n host?: string;\n /**\n * Defines authentication related configurations, by default is undefined.\n *\n * See [www.arkosjs.com/docs/core-concepts/authentication-system](https://www.arkosjs.com/docs/core-concepts/authentication-system) for details.\n */\n authentication?: {\n enabled?: boolean;\n /**\n * Defines whether to use Static or Dynamic Role-Based Acess Control\n *\n * Visit [www.arkosjs.com/docs/core-concepts/authentication-system](https://www.arkosjs.com/docs/core-concepts/authentication-system) for more details.\n */\n mode: \"static\" | \"dynamic\";\n /**\n * Defines auth login related configurations to customize the api.\n */\n login?: {\n /**\n * Defines the field that will be used as username by the built-in auth system, by default arkos will look for the field \"username\" in your model User, hence when making login for example you must send:\n *\n * ```json\n * {\n * \"username\": \"johndoe\",\n * \"password\": \"somePassword123\"\n * }\n * ```\n *\n * **Note:** You can also modify the usernameField on the fly by passing it to the request query parameters. example:\n *\n * ```curl\n * POST /api/auth/login?usernameField=email\n * ```\n *\n * See more at [www.arkosjs.com/docs/core-concepts/authentication-system#login-with-different-fileds](https://www.arkosjs.com/docs/core-concepts/authentication-system#login-with-different-fileds)\n *\n * By specifing here another field for username, for example passing \"email\", \"companyCode\" or something else your json will be like:\n *\n * **Example with email**\n *\n * ```json\n * {\n * \"email\": \"john.doe@example.com\",\n * \"password\": \"somePassword123\"\n * }\n * ```\n */\n allowedUsernames?: string[];\n /** Defines wether to send the access token in response after login or only send as cookie, defeault is both.*/\n sendAccessTokenThrough?: \"cookie-only\" | \"response-only\" | \"both\";\n };\n /**\n * Specifies the regex pattern used by the authentication system to enforce password strength requirements.\n *\n * **Important**: If using validation libraries like Zod or class-validator, this will be completely overwritten.\n *\n * **Default**: ```/^(?=.*[A-Z])(?=.*[a-z])(?=.*\\d).+$/``` - Ensures the password contains at least one uppercase letter, one lowercase letter, and one numeric digit.\n *\n * **message**: (Optional) A custom error message to display when the password does not meet the required strength criteria.\n */\n passwordValidation?: { regex: RegExp; message?: string };\n /**\n * Allows to specify the request rate limit for all authentication endpoints but `/api/users/me`.\n * \n * #### Default\n *{\n windowMs: 5000,\n limit: 10,\n standardHeaders: \"draft-7\",\n legacyHeaders: false,\n }\n * \n * Passing an object not overriding all the default options will only\n * cause it to be deepmerged and not actually replace with empty fields\n * \n *@see This is are the options used on the `express-rate-limit` npm package used on epxress. read more about [https://www.npmjs.com/package/express-rate-limit](https://www.npmjs.com/package/express-rate-limit)\n */\n requestRateLimitOptions?: Partial<RateLimitOptions>;\n /**\n * JWT (JSON Web Token) authentication configuration.\n *\n * You can override these values directly in code, or use environment variables:\n *\n * - `JWT_SECRET`: Secret used to sign and verify JWT tokens.\n * - `JWT_EXPIRES_IN`: Duration string or number indicating when the token should expire (e.g. \"30d\", 3600).\n * - `JWT_COOKIE_SECURE`: Whether the cookie is sent only over HTTPS. Default: `true` in production.\n * - `JWT_COOKIE_HTTP_ONLY`: Whether the cookie is HTTP-only. Default: `true`.\n * - `JWT_COOKIE_SAME_SITE`: Can be \"lax\", \"strict\", or \"none\". Defaults to \"lax\" in dev, \"none\" in prod.\n *\n * ⚠️ Values passed here take precedence over environment variables.\n */\n jwt?: {\n /** Secret key used for signing and verifying JWT tokens */\n secret?: string;\n /**\n * Duration after which the JWT token expires.\n * Accepts either a duration string (e.g. \"30d\", \"1h\") or a number in milliseconds.\n * Defaults to \"30d\" if not provided.\n */\n expiresIn?: MsDuration | number;\n\n /**\n * Configuration for the JWT cookie sent to the client\n */\n cookie?: {\n /**\n * Whether the cookie should be marked as secure (sent only over HTTPS).\n * Defaults to `true` in production and `false` in development.\n */\n secure?: boolean;\n\n /**\n * Whether the cookie should be marked as HTTP-only.\n * Default is `true` to prevent access via JavaScript.\n */\n httpOnly?: boolean;\n\n /**\n * Controls the SameSite attribute of the cookie.\n * Defaults to \"none\" in production and \"lax\" in development.\n * Options: \"lax\" | \"strict\" | \"none\"\n */\n sameSite?: \"lax\" | \"strict\" | \"none\";\n };\n };\n };\n /** Allows to customize and toggle the built-in validation, by default it is set to `false`. If true is passed it will use validation with the default resolver set to `class-validator` if you intend to change the resolver to `zod` do the following:\n *\n *```ts\n * // src/app.ts\n * import arkos from 'arkos'\n *\n * arkos.init({\n * validation: {\n * resolver: \"zod\"\n * }\n * })\n * ```\n *\n * @See [www.arkosjs.com/docs/core-concepts/request-data-validation](https://www.arkosjs.com/docs/core-concepts/request-data-validation) for more details.\n */\n validation?: {\n /**\n * Defines whether to use strict request validation, it means in every request using `ArkosRouter()` you must pass the validation options with all options (e.g: query, params, body, etc.).\n *\n * **How It Works:**\n * - If it is true, Arkos will require all the options a stated above on the routes and if you don't pass it will throw an error.\n * **What if you don't want to pass a validator to some options?**\n * - You will need to pass `undefined` to the validator option (see example below), this way Arkos will throw an error if something is passed to `req.query` if you passed undefined as validator into `validation.query`\n *\n * ```ts\n * import { ArkosRouter } from \"arkos\"\n *\n * const router = ArkosRouter()\n *\n * router.get({\n * route: \"/api/posts\",\n * validation: {\n * query: undefined\n * }\n * })\n *\n * ```\n */\n strict?: boolean;\n } & (\n | {\n resolver?: \"class-validator\";\n /**\n * ValidatorOptions to used while validating request data.\n *\n * **Default**:\n * ```ts\n * {\n * whitelist: true\n * }\n * ```\n */\n validationOptions?: ValidatorOptions;\n }\n | {\n resolver?: \"zod\";\n validationOptions?: Record<string, any>;\n }\n );\n /**\n * Defines file upload configurations\n *\n * See [www.arkosjs.com/docs/core-concepts/file-upload#costum-configurations](https://www.arkosjs.com/docs/core-concepts/file-upload#costum-configurations)\n */\n fileUpload?: {\n /**\n * Defiens the base file upload directory, default is set to /uploads (on root directory)\n *\n * When setting up a path dir always now that root directory will be the starting reference.\n *\n * #### Example\n * passing `../my-arkos-uploaded-files`\n *\n * Will save uploaded files one level outside the root dir inside `my-arkos-uploaded-files`\n *\n * NB: You must be aware of permissions on your server to acess files outside your project directory.\n *\n */\n baseUploadDir?: string;\n /**\n * Changes the default `/api/uploads` base route for accessing file upload route.\n *\n * #### IMPORTANT\n * Changing this will not affect the `baseUploadDir` folder. You can\n * pass here `/api/files/my-user-files` and `baseUploadDir` be `/uploaded-files`.\n *\n */\n baseRoute?: string;\n /**\n * Defines options for `express.static(somePath, someOptions)`\n *\n * #### Default:\n *\n * ```ts\n *{\n maxAge: \"1y\",\n etag: true,\n lastModified: true,\n dotfiles: \"ignore\",\n fallthrough: true,\n index: false,\n cacheControl: true,\n }\n * ```\n * \n * By passing your custom options have in mind that it\n * will be deepmerged with the default.\n * \n * Visit [https://expressjs.com/en/4x/api.html#express.static](https://expressjs.com/en/4x/api.html#express.static) for more understanding.\n * \n */\n expressStatic?: Parameters<typeof express.static>[1];\n /**\n * Defines upload restrictions for each file type: image, video, document or other.\n *\n * #### Important:\n * Passing an object without overriding everything will only cause it\n * to be deepmerged with the default options.\n *\n * See [www.arkosjs.com/docs/api-reference/default-supported-upload-files](https://www.arkosjs.com/docs/api-reference/default-supported-upload-files) for detailed explanation about default values.\n * ```\n */\n restrictions?: {\n images?: {\n maxCount?: number;\n maxSize?: number;\n supportedFilesRegex?: RegExp;\n };\n videos?: {\n maxCount?: number;\n maxSize?: number;\n supportedFilesRegex?: RegExp;\n };\n documents?: {\n maxCount?: number;\n maxSize?: number;\n supportedFilesRegex?: RegExp;\n };\n files?: {\n maxCount?: number;\n maxSize?: number;\n supportedFilesRegex?: RegExp;\n };\n };\n };\n /**\n * Defines express middlewares configurations\n */\n middlewares?: {\n /**\n * Allows to define options for npm package compression\n * Nothing is passed by default.\n *\n * See [www.npmjs.com/package/compression](https://www.npmjs.com/package/compression) for further details.\n */\n compression?: false | compression.CompressionOptions | ArkosRequestHandler;\n /**\n * Allows to specify the request rate limit for all endpoints.\n * \n * #### Default\n *```ts\n *{\n windowMs: 60 * 1000,\n limit: 1000,\n standardHeaders: \"draft-7\",\n legacyHeaders: false,\n }\n ```\n * \n * Passing an object not overriding all the default options will only\n * cause it to be deepmerged and not actually replace with empty fields\n * \n * This is are the options used on the `express-rate-limit` npm package used on epxress. read more about [https://www.npmjs.com/package/express-rate-limit](https://www.npmjs.com/package/express-rate-limit)\n */\n rateLimit?: false | Partial<RateLimitOptions> | ArkosRequestHandler;\n /**\n * Configuration for CORS (Cross-Origin Resource Sharing).\n *\n * @property {string | string[] | \"all\"} [allowedOrigins] - List of allowed origins. If set to `\"all\"`, all origins are accepted.\n * @property {import('cors').CorsOptions} [options] - Additional CORS options passed directly to the `cors` middleware.\n * @property {import('cors').CorsOptionsDelegate} [customHandler] - A custom middleware function that overrides the default behavior.\n *\n * @remarks\n * If `customHandler` is provided, both `allowedOrigins` and `options` will be ignored in favor of the custom logic.\n *\n * See https://www.npmjs.com/package/cors\n */\n cors?:\n | false\n | {\n /**\n * Defines allowed origins to acess the API.\n */\n allowedOrigins?: string | string[] | \"*\";\n options?: cors.CorsOptions;\n /**\n * If you would like to override the entire middleware\n *\n * see\n */\n customHandler?: cors.CorsOptionsDelegate;\n }\n | ArkosRequestHandler;\n /**\n * Defines options for the built-in express.json() middleware\n * Nothing is passed by default.\n */\n expressJson?:\n | false\n | Parameters<typeof express.json>[0]\n | ArkosRequestHandler;\n /**\n * Allows to pass paremeters to cookieParser from npm package cookie-parser\n * Nothing is passed by default.\n *\n * See [www.npmjs.com/package/cookie-parser](https://www.npmjs.com/package/cookie-parser) for further details.\n */\n cookieParser?:\n | false\n | Parameters<typeof cookieParser>\n | ArkosRequestHandler;\n /**\n * Options to define how query must be parsed.\n *\n * #### for example:\n * ```\n * GET /api/product?saleId=null\n * ```\n *\n * Normally would parsed to { saleId: \"null\" } so query parser\n * trough setting option `parseNull` will transform { saleId: null }\n * \n * #### Default:\n * \n * {\n parseNull: true,\n parseUndefined: true,\n parseBoolean: true,\n parseNumber: true,\n }\n * \n * parseNumber may convert fields that are string but you only passed\n * numbers to query pay attention to this.\n * \n * Soon a feature to converted the query to the end prisma type will be added.\n */\n queryParser?: false | QueryParserOptions | ArkosRequestHandler;\n /**\n * Configuration for request logger middleware.\n *\n * Logs incoming HTTP requests with details such as method, URL, status code, and response time.\n * Useful for debugging and monitoring API traffic.\n */\n requestLogger?: false | ArkosRequestHandler;\n /**\n * Configuration for global error handler middleware.\n *\n * Catches and processes errors thrown in route handlers and other middlewares.\n * Provides a centralized way to format error responses and log errors.\n */\n errorHandler?: false | express.ErrorRequestHandler;\n };\n /**\n * Defines express/arkos routers configurations\n */\n routers?: {\n /**\n * Strict mode configuration for routing security\n *\n * @default false\n * - all CRUD + Auth (if using auth) endpoits are enabled and avialable by default.\n *\n * When enabled:\n * - If `true`: All CRUD endpoints start disabled and must be explicitly enabled\n * in each model's router configuration\n * - If `'no-bulk'`: Bulk operations (createMany, updateMany, deleteMany) are disabled\n * by default, while individual operations can be enabled per model\n *\n * This provides enhanced security by ensuring no routes are accidentally exposed.\n * Use this in production environments to follow the principle of least privilege.\n *\n * See documentation: https://www.arkosjs.com/docs/guide/security#strict-mode\n */\n strict?: boolean | \"no-bulk\";\n /**\n * Replace the default welcome endpoint handler\n * @param req Express request object\n * @param res Express response object\n * @param next Express next function\n */\n welcomeRoute?: false | ArkosRequestHandler;\n };\n /**\n * Allows to configure email configurations for sending emails through `emailService`\n *\n * See [www.arkosjs.com/docs/core-concepts/sending-emails](https://www.arkosjs.com/docs/core-concepts/sending-emails)\n */\n email?: {\n /**\n * Email name to used like:\n *\n * John Doe\\<john.doe@gmail.com>\n */\n name?: string;\n /**\n * Your email provider url\n */\n host: string;\n /**\n * Email provider SMTP port, Default is `465`\n */\n port?: number;\n /**\n * If smtp connection must be secure, Default is `true`\n */\n secure?: boolean;\n /**\n * Used to authenticate in your smtp server\n */\n auth: {\n /**\n * Email used for auth as well as sending emails\n */\n user: string;\n /**\n * Your SMTP password\n */\n pass: string;\n };\n } & Parameters<typeof nodemailer.createTransport>[0];\n /**\n * Defines Swagger and OpenApi specifications for auto generating swagger documentation UI using whether it is Prisma Schemas, Class-validator DTOs, Zod Schemas or JSON-Schemas.\n *\n * **Important**: Is worth mentioning that this works alongside `@scalar/express-api-reference` npm package, you define it's ApiReferenceConfiguration under ``. also consider checking the package documentation at []\n *\n * **Usage**\n *\n * ```ts\n * // src/app.ts\n *\n * import arkos from \"arkos\"\n *\n * arkos.init({\n * // other configs\n * swagger: {\n * mode: \"zod\",\n * options: {\n * defintion: {\n * info: {\n * openapi: \"3.0.0\",\n * title: \"API Generated By Arkos.js\",\n * description: \"This API was automatically generated by Arkos.js read more about at www.arkosjs.com\"\n * }\n * }\n * }\n * }\n * })\n * ```\n * @see {@link https://www.arkosjs.com/docs/core-concepts/swagger-api-documentation}\n */\n swagger?: {\n /**\n * By default Arkos will disable API Documentation when the project is built `npm run build`, it does not matter what node environment is set. If you want to use it even after the `arkos build` command just set this to `true`.\n * */\n enableAfterBuild?: boolean;\n /**\n * Endpoint where the Swagger UI will be available.\n *\n * @default \"/api/api-docs\"\n */\n endpoint?: string;\n /**\n * Determines how your API schemas should be generated.\n *\n * - \"prisma\": Generates schemas based on Prisma models\n * - \"class-validator\": Uses class-validator and class-transformer DTO classes\n * - \"zod\": Uses OpenAPI-compliant schemas directly\n */\n mode: \"prisma\" | \"class-validator\" | \"zod\";\n /**\n * Allows `Arkos.js` to fallback to prisma schema and use them as json schema for defining request body and response data\n * when a given zod Schema or class-validator Class is not found to be transformed to json schema.\n *\n * @default false\n */\n strict?: boolean;\n /**\n * Defines your swagger configurations\n */\n options?: {\n /**\n * Swagger definition according to OpenAPI Specification.\n */\n definition?: {\n /**\n * OpenAPI version.\n *\n * @default \"3.0.0\"\n */\n openapi?: string;\n\n /**\n * Information about your API.\n */\n info?: {\n /**\n * Title of the API documentation.\n *\n *\n * @example \"My API\"\n *\n * @default \"API Generated By Arkos.js\"\n */\n title?: string;\n\n /**\n * Version of the API.\n *\n * @example \"1.0.0\"\n */\n version?: string;\n\n /**\n * Description of the API.\n *\n * @default \"This API was automatically generated by Arkos.js read more about at www.arkosjs.com\"\n */\n description?: string;\n };\n\n /**\n * Server configurations for the API.\n *\n * @default [{ url: \"http://localhost:8000\", description: \"Development server\" }]\n *\n * This can be overridden automatically by Arkos based on CLI, .env, or `arkos.init()`.\n */\n servers?: {\n /**\n * Base URL of the server.\n *\n * @example \"http://localhost:8000\"\n */\n url: string;\n\n /**\n * Human-readable description of the server.\n *\n * @example \"Development Server\"\n */\n description?: string;\n }[];\n /**\n * Allows adding more paths for your OpenAPI documentation\n *\n * */\n paths?: OpenAPIV3.PathsObject;\n /**\n * (Optional) Additional metadata such as terms of service, contact, or license.\n *\n * See: https://swagger.io/specification/#infoObject\n */\n termsOfService?: string;\n contact?: {\n name?: string;\n url?: string;\n email?: string;\n };\n license?: {\n name: string;\n url?: string;\n };\n\n /**\n * Tags to group and describe endpoints.\n */\n tags?: {\n name: string;\n description?: string;\n }[];\n\n /**\n * Security definitions (e.g., Bearer Auth).\n */\n components?: {\n securitySchemes?: Record<string, any>;\n schemas?: Record<string, any>;\n };\n\n /**\n * Global security requirements.\n */\n security?: Array<Record<string, string[]>>;\n };\n\n /**\n * Glob patterns defining where Swagger should look for API route definitions and comments.\n *\n * @default \n * ```ts\n * [\"./src/routers/*.router.{ts,js}\", \"./src/modules/**\\/*.router.{ts,js}\"]\n ```\n *\n * Adjust depending on TypeScript or JavaScript usage.\n */\n apis?: string[];\n\n /**\n * Enables deep linking in the Swagger UI.\n *\n * @default true\n */\n deepLinking?: boolean;\n\n /**\n * Enable/disable the \"Try it out\" button globally.\n *\n * @default true\n */\n tryItOutEnabled?: boolean;\n\n /**\n * Whether to persist authorization data across page reloads.\n *\n * @default false\n */\n persistAuthorization?: boolean;\n };\n /**\n * Custom `@scalar/express-api-reference` package options.\n *\n * @see {@link https://guides.scalar.com/scalar/scalar-api-references/integrations/express}\n */\n scalarApiReferenceConfiguration?: Partial<ApiReferenceConfiguration>;\n };\n /**\n * Helps in debugging some of the variables values that are used inside arkos from dynamic loaded components towhat is used into the generated api.\n *\n */\n debugging?: {\n /**\n * Controls debugging over HTTP request level\n */\n requests?: {\n level?: 0 | 1 | 2 | 3;\n filter?: (\n | \"Query\"\n | \"Body\"\n | \"Params\"\n | \"TransformedQuery\"\n | \"ServiceArgs\"\n | \"FinalPrismaQueryArgs\"\n )[];\n };\n /**\n * Controls debugging over the dynamic loaded modules and it's components on app starting\n */\n dynamicLoader?: {\n /**\n * Adjusts logging details\n *\n * 1 - Loaded modules and list of it's components files\n * 2 - All from 1 and detailed inspection per module component\n * 3 - All from 1 and 2, plus the final router component after merged with autho generated router.\n */\n level?: 0 | 1 | 2 | 3;\n filters?: {\n /**\n * Allows filtering by specific modules.\n *\n * Supports only searching for the starting parts of the module name, e.g: If there is`user-profile`, `user`, `posts`, passing `[\"user\"]` will match both `user-profile` and `user`.\n */\n modules?: string[];\n /**\n * Allows filtering by component's names\n */\n components?: keyof ModuleComponents[];\n };\n };\n };\n};\n"]}
1
+ {"version":3,"file":"new-arkos-config.js","sourceRoot":"","sources":["../../../src/types/new-arkos-config.ts"],"names":[],"mappings":"","sourcesContent":["import cors from \"cors\";\nimport express from \"express\";\nimport { Options as RateLimitOptions } from \"express-rate-limit\";\nimport cookieParser from \"cookie-parser\";\nimport compression from \"compression\";\nimport { Options as QueryParserOptions } from \"../utils/helpers/query-parser.helpers\";\nimport { ValidatorOptions } from \"class-validator\";\nimport { MsDuration } from \"../modules/auth/utils/helpers/auth.controller.helpers\";\nimport { OpenAPIV3 } from \"openapi-types\";\nimport type { ApiReferenceConfiguration } from \"@scalar/express-api-reference\" with { \"resolution-mode\": \"import\" };\nimport nodemailer from \"nodemailer\";\nimport { ModuleComponents } from \"../utils/dynamic-loader\";\nimport { ArkosRequestHandler } from \".\";\n\n/**\n * Defines the initial configs of the api to be loaded at startup when arkos.init() is called.\n */\nexport type ArkosConfig = {\n /**\n * Allows to configure request configs\n */\n request?: {\n /**\n * Allows to configure request parameters\n */\n parameters?: {\n /**\n * Toggles allowing `VERY DANGEROUS` request paramateres under `req.query` for passing prisma query options.\n *\n * See more\n */\n allowDangerousPrismaQueryOptions?: boolean;\n };\n };\n /** Message you would like to send, as Json and 200 response when\n * ```curl\n * GET /api\n * ```\n *\n * ```json\n * { \"message\": \"Welcome to YourAppName\" }\n * ```\n *\n * default message is: Welcome to our Rest API generated by Arkos, find more about Arkos at www.arkosjs.com.\n *\n *\n * */\n welcomeMessage?: string;\n /**\n * Port where the application will run, can be set in 3 ways:\n *\n * 1. default is 8000\n * 2. PORT under environment variables (Lower precedence)\n * 3. this config option (Higher precedence)\n */\n port?: number | undefined;\n /**\n * Allows to listen on a different host than localhost only\n */\n host?: string;\n /**\n * Defines authentication related configurations, by default is undefined.\n *\n * See [www.arkosjs.com/docs/core-concepts/authentication-system](https://www.arkosjs.com/docs/core-concepts/authentication-system) for details.\n */\n authentication?: {\n enabled?: boolean;\n /**\n * Defines whether to use Static or Dynamic Role-Based Acess Control\n *\n * Visit [www.arkosjs.com/docs/core-concepts/authentication-system](https://www.arkosjs.com/docs/core-concepts/authentication-system) for more details.\n */\n mode: \"static\" | \"dynamic\";\n /**\n * Defines auth login related configurations to customize the api.\n */\n login?: {\n /**\n * Defines the field that will be used as username by the built-in auth system, by default arkos will look for the field \"username\" in your model User, hence when making login for example you must send:\n *\n * ```json\n * {\n * \"username\": \"johndoe\",\n * \"password\": \"somePassword123\"\n * }\n * ```\n *\n * **Note:** You can also modify the usernameField on the fly by passing it to the request query parameters. example:\n *\n * ```curl\n * POST /api/auth/login?usernameField=email\n * ```\n *\n * See more at [www.arkosjs.com/docs/core-concepts/authentication-system#login-with-different-fileds](https://www.arkosjs.com/docs/core-concepts/authentication-system#login-with-different-fileds)\n *\n * By specifing here another field for username, for example passing \"email\", \"companyCode\" or something else your json will be like:\n *\n * **Example with email**\n *\n * ```json\n * {\n * \"email\": \"john.doe@example.com\",\n * \"password\": \"somePassword123\"\n * }\n * ```\n */\n allowedUsernames?: string[];\n /** Defines wether to send the access token in response after login or only send as cookie, defeault is both.*/\n sendAccessTokenThrough?: \"cookie-only\" | \"response-only\" | \"both\";\n };\n /**\n * Specifies the regex pattern used by the authentication system to enforce password strength requirements.\n *\n * **Important**: If using validation libraries like Zod or class-validator, this will be completely overwritten.\n *\n * **Default**: ```/^(?=.*[A-Z])(?=.*[a-z])(?=.*\\d).+$/``` - Ensures the password contains at least one uppercase letter, one lowercase letter, and one numeric digit.\n *\n * **message**: (Optional) A custom error message to display when the password does not meet the required strength criteria.\n */\n passwordValidation?: { regex: RegExp; message?: string };\n /**\n * Allows to specify the request rate limit for all authentication endpoints but `/api/users/me`.\n * \n * #### Default\n *{\n windowMs: 5000,\n limit: 10,\n standardHeaders: \"draft-7\",\n legacyHeaders: false,\n }\n * \n * Passing an object not overriding all the default options will only\n * cause it to be deepmerged and not actually replace with empty fields\n * \n *@see This is are the options used on the `express-rate-limit` npm package used on epxress. read more about [https://www.npmjs.com/package/express-rate-limit](https://www.npmjs.com/package/express-rate-limit)\n */\n rateLimit?: Partial<RateLimitOptions>;\n /**\n * JWT (JSON Web Token) authentication configuration.\n *\n * You can override these values directly in code, or use environment variables:\n *\n * - `JWT_SECRET`: Secret used to sign and verify JWT tokens.\n * - `JWT_EXPIRES_IN`: Duration string or number indicating when the token should expire (e.g. \"30d\", 3600).\n * - `JWT_COOKIE_SECURE`: Whether the cookie is sent only over HTTPS. Default: `true` in production.\n * - `JWT_COOKIE_HTTP_ONLY`: Whether the cookie is HTTP-only. Default: `true`.\n * - `JWT_COOKIE_SAME_SITE`: Can be \"lax\", \"strict\", or \"none\". Defaults to \"lax\" in dev, \"none\" in prod.\n *\n * ⚠️ Values passed here take precedence over environment variables.\n */\n jwt?: {\n /** Secret key used for signing and verifying JWT tokens */\n secret?: string;\n /**\n * Duration after which the JWT token expires.\n * Accepts either a duration string (e.g. \"30d\", \"1h\") or a number in milliseconds.\n * Defaults to \"30d\" if not provided.\n */\n expiresIn?: MsDuration | number;\n\n /**\n * Configuration for the JWT cookie sent to the client\n */\n cookie?: {\n /**\n * Whether the cookie should be marked as secure (sent only over HTTPS).\n * Defaults to `true` in production and `false` in development.\n */\n secure?: boolean;\n\n /**\n * Whether the cookie should be marked as HTTP-only.\n * Default is `true` to prevent access via JavaScript.\n */\n httpOnly?: boolean;\n\n /**\n * Controls the SameSite attribute of the cookie.\n * Defaults to \"none\" in production and \"lax\" in development.\n * Options: \"lax\" | \"strict\" | \"none\"\n */\n sameSite?: \"lax\" | \"strict\" | \"none\";\n };\n };\n };\n /** Allows to customize and toggle the built-in validation, by default it is set to `false`. If true is passed it will use validation with the default resolver set to `class-validator` if you intend to change the resolver to `zod` do the following:\n *\n *```ts\n * // src/app.ts\n * import arkos from 'arkos'\n *\n * arkos.init({\n * validation: {\n * resolver: \"zod\"\n * }\n * })\n * ```\n *\n * @See [www.arkosjs.com/docs/core-concepts/request-data-validation](https://www.arkosjs.com/docs/core-concepts/request-data-validation) for more details.\n */\n validation?: {\n /**\n * Defines whether to use strict request validation, it means in every request using `ArkosRouter()` you must pass the validation options with all options (e.g: query, params, body, etc.).\n *\n * **How It Works:**\n * - If it is true, Arkos will require all the options a stated above on the routes and if you don't pass it will throw an error.\n * **What if you don't want to pass a validator to some options?**\n * - You will need to pass `undefined` to the validator option (see example below), this way Arkos will throw an error if something is passed to `req.query` if you passed undefined as validator into `validation.query`\n *\n * ```ts\n * import { ArkosRouter } from \"arkos\"\n *\n * const router = ArkosRouter()\n *\n * router.get({\n * route: \"/api/posts\",\n * validation: {\n * query: undefined\n * }\n * })\n *\n * ```\n */\n strict?: boolean;\n } & (\n | {\n resolver: \"class-validator\";\n /**\n * ValidatorOptions to used while validating request data.\n *\n * **Default**:\n * ```ts\n * {\n * whitelist: true\n * }\n * ```\n */\n validationOptions?: ValidatorOptions;\n }\n | {\n resolver: \"zod\";\n validationOptions?: Record<string, any>;\n }\n );\n /**\n * Defines file upload configurations\n *\n * See [www.arkosjs.com/docs/core-concepts/file-upload#costum-configurations](https://www.arkosjs.com/docs/core-concepts/file-upload#costum-configurations)\n */\n fileUpload?: {\n /**\n * Defiens the base file upload directory, default is set to /uploads (on root directory)\n *\n * When setting up a path dir always now that root directory will be the starting reference.\n *\n * #### Example\n * passing `../my-arkos-uploaded-files`\n *\n * Will save uploaded files one level outside the root dir inside `my-arkos-uploaded-files`\n *\n * NB: You must be aware of permissions on your server to acess files outside your project directory.\n *\n */\n baseUploadDir?: string;\n /**\n * Changes the default `/api/uploads` base route for accessing file upload route.\n *\n * #### IMPORTANT\n * Changing this will not affect the `baseUploadDir` folder. You can\n * pass here `/api/files/my-user-files` and `baseUploadDir` be `/uploaded-files`.\n *\n */\n baseRoute?: string;\n /**\n * Defines options for `express.static(somePath, someOptions)`\n *\n * #### Default:\n *\n * ```ts\n *{\n maxAge: \"1y\",\n etag: true,\n lastModified: true,\n dotfiles: \"ignore\",\n fallthrough: true,\n index: false,\n cacheControl: true,\n }\n * ```\n * \n * By passing your custom options have in mind that it\n * will be deepmerged with the default.\n * \n * Visit [https://expressjs.com/en/4x/api.html#express.static](https://expressjs.com/en/4x/api.html#express.static) for more understanding.\n * \n */\n expressStatic?: Parameters<typeof express.static>[1];\n /**\n * Defines upload restrictions for each file type: image, video, document or other.\n *\n * #### Important:\n * Passing an object without overriding everything will only cause it\n * to be deepmerged with the default options.\n *\n * See [www.arkosjs.com/docs/api-reference/default-supported-upload-files](https://www.arkosjs.com/docs/api-reference/default-supported-upload-files) for detailed explanation about default values.\n * ```\n */\n restrictions?: {\n images?: {\n maxCount?: number;\n maxSize?: number;\n supportedFilesRegex?: RegExp;\n };\n videos?: {\n maxCount?: number;\n maxSize?: number;\n supportedFilesRegex?: RegExp;\n };\n documents?: {\n maxCount?: number;\n maxSize?: number;\n supportedFilesRegex?: RegExp;\n };\n files?: {\n maxCount?: number;\n maxSize?: number;\n supportedFilesRegex?: RegExp;\n };\n };\n };\n /**\n * Defines express middlewares configurations\n */\n middlewares?: {\n /**\n * Allows to define options for npm package compression\n * Nothing is passed by default.\n *\n * See [www.npmjs.com/package/compression](https://www.npmjs.com/package/compression) for further details.\n */\n compression?: false | compression.CompressionOptions | ArkosRequestHandler;\n /**\n * Allows to specify the request rate limit for all endpoints.\n * \n * #### Default\n *```ts\n *{\n windowMs: 60 * 1000,\n limit: 1000,\n standardHeaders: \"draft-7\",\n legacyHeaders: false,\n }\n ```\n * \n * Passing an object not overriding all the default options will only\n * cause it to be deepmerged and not actually replace with empty fields\n * \n * This is are the options used on the `express-rate-limit` npm package used on epxress. read more about [https://www.npmjs.com/package/express-rate-limit](https://www.npmjs.com/package/express-rate-limit)\n */\n rateLimit?: false | Partial<RateLimitOptions> | ArkosRequestHandler;\n /**\n * Configuration for CORS (Cross-Origin Resource Sharing).\n *\n * @property {string | string[] | \"all\"} [allowedOrigins] - List of allowed origins. If set to `\"all\"`, all origins are accepted.\n * @property {import('cors').CorsOptions} [options] - Additional CORS options passed directly to the `cors` middleware.\n * @property {import('cors').CorsOptionsDelegate} [customHandler] - A custom middleware function that overrides the default behavior.\n *\n * @remarks\n * If `customHandler` is provided, both `allowedOrigins` and `options` will be ignored in favor of the custom logic.\n *\n * See https://www.npmjs.com/package/cors\n */\n cors?:\n | false\n | {\n /**\n * Defines allowed origins to acess the API.\n */\n allowedOrigins?: string | string[] | \"*\";\n options?: cors.CorsOptions;\n /**\n * If you would like to override the entire middleware\n *\n * see\n */\n customHandler?: cors.CorsOptionsDelegate;\n }\n | ArkosRequestHandler;\n /**\n * Defines options for the built-in express.json() middleware\n * Nothing is passed by default.\n */\n expressJson?:\n | false\n | Parameters<typeof express.json>[0]\n | ArkosRequestHandler;\n /**\n * Allows to pass paremeters to cookieParser from npm package cookie-parser\n * Nothing is passed by default.\n *\n * See [www.npmjs.com/package/cookie-parser](https://www.npmjs.com/package/cookie-parser) for further details.\n */\n cookieParser?:\n | false\n | Parameters<typeof cookieParser>\n | ArkosRequestHandler;\n /**\n * Options to define how query must be parsed.\n *\n * #### for example:\n * ```\n * GET /api/product?saleId=null\n * ```\n *\n * Normally would parsed to { saleId: \"null\" } so query parser\n * trough setting option `parseNull` will transform { saleId: null }\n * \n * #### Default:\n * \n * {\n parseNull: true,\n parseUndefined: true,\n parseBoolean: true,\n parseNumber: true,\n }\n * \n * parseNumber may convert fields that are string but you only passed\n * numbers to query pay attention to this.\n * \n * Soon a feature to converted the query to the end prisma type will be added.\n */\n queryParser?: false | QueryParserOptions | ArkosRequestHandler;\n /**\n * Configuration for request logger middleware.\n *\n * Logs incoming HTTP requests with details such as method, URL, status code, and response time.\n * Useful for debugging and monitoring API traffic.\n */\n requestLogger?: false | ArkosRequestHandler;\n /**\n * Configuration for global error handler middleware.\n *\n * Catches and processes errors thrown in route handlers and other middlewares.\n * Provides a centralized way to format error responses and log errors.\n */\n errorHandler?: false | express.ErrorRequestHandler;\n };\n /**\n * Defines express/arkos routers configurations\n */\n routers?: {\n /**\n * Strict mode configuration for routing security\n *\n * @default false\n * - all CRUD + Auth (if using auth) endpoits are enabled and avialable by default.\n *\n * When enabled:\n * - If `true`: All CRUD endpoints start disabled and must be explicitly enabled\n * in each model's router configuration\n * - If `'no-bulk'`: Bulk operations (createMany, updateMany, deleteMany) are disabled\n * by default, while individual operations can be enabled per model\n *\n * This provides enhanced security by ensuring no routes are accidentally exposed.\n * Use this in production environments to follow the principle of least privilege.\n *\n * See documentation: https://www.arkosjs.com/docs/guide/security#strict-mode\n */\n strict?: boolean | \"no-bulk\";\n /**\n * Replace the default welcome endpoint handler\n * @param req Express request object\n * @param res Express response object\n * @param next Express next function\n */\n welcomeRoute?: false | ArkosRequestHandler;\n };\n /**\n * Allows to configure email configurations for sending emails through `emailService`\n *\n * See [www.arkosjs.com/docs/core-concepts/sending-emails](https://www.arkosjs.com/docs/core-concepts/sending-emails)\n */\n email?: {\n /**\n * Email name to used like:\n *\n * John Doe\\<john.doe@gmail.com>\n */\n name?: string;\n /**\n * Your email provider url\n */\n host: string;\n /**\n * Email provider SMTP port, Default is `465`\n */\n port?: number;\n /**\n * If smtp connection must be secure, Default is `true`\n */\n secure?: boolean;\n /**\n * Used to authenticate in your smtp server\n */\n auth: {\n /**\n * Email used for auth as well as sending emails\n */\n user: string;\n /**\n * Your SMTP password\n */\n pass: string;\n };\n } & Parameters<typeof nodemailer.createTransport>[0];\n /**\n * Defines Swagger and OpenApi specifications for auto generating swagger documentation UI using whether it is Prisma Schemas, Class-validator DTOs, Zod Schemas or JSON-Schemas.\n *\n * **Important**: Is worth mentioning that this works alongside `@scalar/express-api-reference` npm package, you define it's ApiReferenceConfiguration under ``. also consider checking the package documentation at []\n *\n * **Usage**\n *\n * ```ts\n * // src/app.ts\n *\n * import arkos from \"arkos\"\n *\n * arkos.init({\n * // other configs\n * swagger: {\n * mode: \"zod\",\n * options: {\n * defintion: {\n * info: {\n * openapi: \"3.0.0\",\n * title: \"API Generated By Arkos.js\",\n * description: \"This API was automatically generated by Arkos.js read more about at www.arkosjs.com\"\n * }\n * }\n * }\n * }\n * })\n * ```\n * @see {@link https://www.arkosjs.com/docs/core-concepts/swagger-api-documentation}\n */\n swagger?: {\n /**\n * By default Arkos will disable API Documentation when the project is built `npm run build`, it does not matter what node environment is set. If you want to use it even after the `arkos build` command just set this to `true`.\n * */\n enableAfterBuild?: boolean;\n /**\n * Endpoint where the Swagger UI will be available.\n *\n * @default \"/api/api-docs\"\n */\n endpoint?: string;\n /**\n * Determines how your API schemas should be generated.\n *\n * - \"prisma\": Generates schemas based on Prisma models\n * - \"class-validator\": Uses class-validator and class-transformer DTO classes\n * - \"zod\": Uses OpenAPI-compliant schemas directly\n */\n mode: \"prisma\" | \"class-validator\" | \"zod\";\n /**\n * Allows `Arkos.js` to fallback to prisma schema and use them as json schema for defining request body and response data\n * when a given zod Schema or class-validator Class is not found to be transformed to json schema.\n *\n * @default false\n */\n strict?: boolean;\n /**\n * Defines your swagger configurations\n */\n options?: {\n /**\n * Swagger definition according to OpenAPI Specification.\n */\n definition?: {\n /**\n * OpenAPI version.\n *\n * @default \"3.0.0\"\n */\n openapi?: string;\n\n /**\n * Information about your API.\n */\n info?: {\n /**\n * Title of the API documentation.\n *\n *\n * @example \"My API\"\n *\n * @default \"API Generated By Arkos.js\"\n */\n title?: string;\n\n /**\n * Version of the API.\n *\n * @example \"1.0.0\"\n */\n version?: string;\n\n /**\n * Description of the API.\n *\n * @default \"This API was automatically generated by Arkos.js read more about at www.arkosjs.com\"\n */\n description?: string;\n };\n\n /**\n * Server configurations for the API.\n *\n * @default [{ url: \"http://localhost:8000\", description: \"Development server\" }]\n *\n * This can be overridden automatically by Arkos based on CLI, .env, or `arkos.init()`.\n */\n servers?: {\n /**\n * Base URL of the server.\n *\n * @example \"http://localhost:8000\"\n */\n url: string;\n\n /**\n * Human-readable description of the server.\n *\n * @example \"Development Server\"\n */\n description?: string;\n }[];\n /**\n * Allows adding more paths for your OpenAPI documentation\n *\n * */\n paths?: OpenAPIV3.PathsObject;\n /**\n * (Optional) Additional metadata such as terms of service, contact, or license.\n *\n * See: https://swagger.io/specification/#infoObject\n */\n termsOfService?: string;\n contact?: {\n name?: string;\n url?: string;\n email?: string;\n };\n license?: {\n name: string;\n url?: string;\n };\n\n /**\n * Tags to group and describe endpoints.\n */\n tags?: {\n name: string;\n description?: string;\n }[];\n\n /**\n * Security definitions (e.g., Bearer Auth).\n */\n components?: {\n securitySchemes?: Record<string, any>;\n schemas?: Record<string, any>;\n };\n\n /**\n * Global security requirements.\n */\n security?: Array<Record<string, string[]>>;\n };\n\n /**\n * Glob patterns defining where Swagger should look for API route definitions and comments.\n *\n * @default \n * ```ts\n * [\"./src/routers/*.router.{ts,js}\", \"./src/modules/**\\/*.router.{ts,js}\"]\n ```\n *\n * Adjust depending on TypeScript or JavaScript usage.\n */\n apis?: string[];\n\n /**\n * Enables deep linking in the Swagger UI.\n *\n * @default true\n */\n deepLinking?: boolean;\n\n /**\n * Enable/disable the \"Try it out\" button globally.\n *\n * @default true\n */\n tryItOutEnabled?: boolean;\n\n /**\n * Whether to persist authorization data across page reloads.\n *\n * @default false\n */\n persistAuthorization?: boolean;\n };\n /**\n * Custom `@scalar/express-api-reference` package options.\n *\n * @see {@link https://guides.scalar.com/scalar/scalar-api-references/integrations/express}\n */\n scalarApiReferenceConfiguration?: Partial<ApiReferenceConfiguration>;\n };\n /**\n * Helps in debugging some of the variables values that are used inside arkos from dynamic loaded components towhat is used into the generated api.\n *\n */\n debugging?: {\n /**\n * Controls debugging over HTTP request level\n */\n requests?: {\n level?: 0 | 1 | 2 | 3;\n filter?: (\n | \"Query\"\n | \"Body\"\n | \"Params\"\n | \"TransformedQuery\"\n | \"ServiceArgs\"\n | \"FinalPrismaQueryArgs\"\n )[];\n };\n /**\n * Controls debugging over the dynamic loaded modules and it's components on app starting\n */\n dynamicLoader?: {\n /**\n * Adjusts logging details\n *\n * 1 - Loaded modules and list of it's components files\n * 2 - All from 1 and detailed inspection per module component\n * 3 - All from 1 and 2, plus the final router component after merged with autho generated router.\n */\n level?: 0 | 1 | 2 | 3;\n filters?: {\n /**\n * Allows filtering by specific modules.\n *\n * Supports only searching for the starting parts of the module name, e.g: If there is`user-profile`, `user`, `posts`, passing `[\"user\"]` will match both `user-profile` and `user`.\n */\n modules?: string[];\n /**\n * Allows filtering by component's names\n */\n components?: keyof ModuleComponents[];\n };\n };\n };\n};\n"]}
package/dist/cjs/types/router-config.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"router-config.js","sourceRoot":"","sources":["../../../src/types/router-config.ts"],"names":[],"mappings":"","sourcesContent":["import { ArkosRouteConfig } from \"../exports\";\n\nexport type RouterEndpoint =\n | \"createOne\"\n | \"findOne\"\n | \"updateOne\"\n | \"deleteOne\"\n | \"findMany\"\n | \"createMany\"\n | \"updateMany\"\n | \"deleteMany\";\n\nexport type AuthRouterEndpoint =\n | \"getMe\"\n | \"updateMe\"\n | \"deleteMe\"\n | \"login\"\n | \"logout\"\n | \"signup\"\n | \"updatePassword\"\n | \"findManyAuthAction\"\n | \"findOneAuthAction\";\n\nexport type FileUploadRouterEndpoint =\n | \"findFile\"\n | \"uploadFile\"\n | \"updateFile\"\n | \"deleteFile\";\n\ninterface PrismaBaseRouterConfig {\n parent?: {\n model?: string;\n foreignKeyField?: string;\n endpoints?: \"*\" | RouterEndpoint[];\n };\n}\n\ntype BaseRouterConfig = PrismaBaseRouterConfig & {\n /**\n * Backward compatibility (prior 1.4.0-beta) - disables/enables endpoints\n *\n * prefer to rather to use the following:\n *\n * ```ts\n * export const config = {\n * findMany: {\n * disabled: true\n * }\n * }\n * ```\n */\n disable?:\n | boolean\n | {\n [K in RouterEndpoint]?: boolean;\n };\n} & {\n [K in RouterEndpoint]?: Omit<ArkosRouteConfig, \"route\">;\n};\n\ntype AuthRouterConfig = {\n /**\n * Backward compatibility (prior 1.4.0-beta) - disables/enables endpoints\n *\n * prefer to rather to use the following:\n *\n * ```ts\n * export const config = {\n * getMe: {\n * disabled: true\n * }\n * }\n * ```\n */\n disable?:\n | boolean\n | {\n [K in AuthRouterEndpoint]?: boolean;\n };\n} & {\n [K in AuthRouterEndpoint]?: Omit<ArkosRouteConfig, \"route\">;\n};\n\ntype FileUploadRouterConfig = {\n /**\n * Backward compatibility (prior 1.4.0-beta) - disables/enables endpoints\n *\n * prefer to rather to use the following:\n *\n * ```ts\n * export const config = {\n * deleteFile: {\n * disabled: true\n * }\n * }\n * ```\n */\n disable?:\n | boolean\n | {\n [K in FileUploadRouterEndpoint]?: boolean;\n };\n} & {\n [K in FileUploadRouterEndpoint]?: Omit<ArkosRouteConfig, \"route\" | \"uploads\">;\n};\n\nexport type RouterConfig<T extends string = string> = T extends \"auth\"\n ? AuthRouterConfig\n : T extends \"file-upload\"\n ? FileUploadRouterConfig\n : BaseRouterConfig;\n"]}
1
+ {"version":3,"file":"router-config.js","sourceRoot":"","sources":["../../../src/types/router-config.ts"],"names":[],"mappings":"","sourcesContent":["import { ArkosRouteConfig } from \"../exports\";\n\nexport type RouterEndpoint =\n | \"createOne\"\n | \"findOne\"\n | \"updateOne\"\n | \"deleteOne\"\n | \"findMany\"\n | \"createMany\"\n | \"updateMany\"\n | \"deleteMany\";\n\nexport type AuthRouterEndpoint =\n | \"getMe\"\n | \"updateMe\"\n | \"deleteMe\"\n | \"login\"\n | \"logout\"\n | \"signup\"\n | \"updatePassword\"\n | \"findManyAuthAction\"\n | \"findOneAuthAction\";\n\nexport type FileUploadRouterEndpoint =\n | \"findFile\"\n | \"uploadFile\"\n | \"updateFile\"\n | \"deleteFile\";\n\ninterface PrismaBaseRouterConfig {\n parent?: {\n model?: string;\n foreignKeyField?: string;\n endpoints?: \"*\" | RouterEndpoint[];\n };\n}\n\ntype BaseRouterConfig = PrismaBaseRouterConfig & {\n /**\n * Backward compatibility (prior 1.4.0-beta) - disables/enables endpoints\n *\n * prefer to rather to use the following:\n *\n * ```ts\n * export const config = {\n * findMany: {\n * disabled: true\n * }\n * }\n * ```\n */\n disable?:\n | boolean\n | {\n [K in RouterEndpoint]?: boolean;\n };\n} & {\n [K in RouterEndpoint]?: Omit<ArkosRouteConfig, \"path\">;\n};\n\ntype AuthRouterConfig = {\n /**\n * Backward compatibility (prior 1.4.0-beta) - disables/enables endpoints\n *\n * prefer to rather to use the following:\n *\n * ```ts\n * export const config = {\n * getMe: {\n * disabled: true\n * }\n * }\n * ```\n */\n disable?:\n | boolean\n | {\n [K in AuthRouterEndpoint]?: boolean;\n };\n} & {\n [K in AuthRouterEndpoint]?: Omit<ArkosRouteConfig, \"path\">;\n};\n\ntype FileUploadRouterConfig = {\n /**\n * Backward compatibility (prior 1.4.0-beta) - disables/enables endpoints\n *\n * prefer to rather to use the following:\n *\n * ```ts\n * export const config = {\n * deleteFile: {\n * disabled: true\n * }\n * }\n * ```\n */\n disable?:\n | boolean\n | {\n [K in FileUploadRouterEndpoint]?: boolean;\n };\n} & {\n [K in FileUploadRouterEndpoint]?: Omit<ArkosRouteConfig, \"path\" | \"uploads\">;\n};\n\nexport type RouterConfig<T extends string = string> = T extends \"auth\"\n ? AuthRouterConfig\n : T extends \"file-upload\"\n ? FileUploadRouterConfig\n : BaseRouterConfig;\n"]}
package/dist/cjs/utils/arkos-router/index.js CHANGED
@@ -35,7 +35,7 @@ function ArkosRouter() {
35
35
  return function (config, ...handlers) {
36
36
  if (config.disabled)
37
37
  return;
38
- const route = config.route;
38
+ const route = config.path;
39
39
  if (!route_config_validator_1.default.isArkosRouteConfig(config))
40
40
  throw Error(`First argument of ArkosRouter().${prop}() must be a valid ArkosRouteConfig but recevied ${config}`);
41
41
  const method = prop;