cca-auth-module 0.1.82 → 0.1.83
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/domain/interfaces/ApiResponse.d.ts +18 -0
- package/dist/index.d.mts +7 -5
- package/dist/index.d.ts +7 -5
- package/dist/index.js +83 -66
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +83 -66
- package/dist/index.mjs.map +1 -1
- package/dist/presentation/controller/AuthController.d.ts +7 -5
- package/package.json +1 -1
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
export interface ApiResponse<T = any> {
|
|
2
|
+
success: boolean;
|
|
3
|
+
message: string;
|
|
4
|
+
data?: T;
|
|
5
|
+
meta?: {
|
|
6
|
+
timestamp: string;
|
|
7
|
+
nextStep?: string;
|
|
8
|
+
redirectTo?: string;
|
|
9
|
+
recommendation?: string;
|
|
10
|
+
securityNote?: string;
|
|
11
|
+
};
|
|
12
|
+
}
|
|
13
|
+
export interface AuthData {
|
|
14
|
+
hasAccessToken: boolean;
|
|
15
|
+
enable: boolean;
|
|
16
|
+
verified?: boolean;
|
|
17
|
+
status: string;
|
|
18
|
+
}
|
package/dist/index.d.mts
CHANGED
|
@@ -227,16 +227,18 @@ declare class AuthController {
|
|
|
227
227
|
private readonly logoutUseCase;
|
|
228
228
|
private readonly registerUseCase;
|
|
229
229
|
private readonly refreshTokenUseCase;
|
|
230
|
-
private twoFactorSetupUseCase;
|
|
231
|
-
private twoFactorEnableUseCase;
|
|
232
|
-
private twoFactorVerifyUseCase;
|
|
233
|
-
private twoFactorDisableUseCase;
|
|
230
|
+
private readonly twoFactorSetupUseCase;
|
|
231
|
+
private readonly twoFactorEnableUseCase;
|
|
232
|
+
private readonly twoFactorVerifyUseCase;
|
|
233
|
+
private readonly twoFactorDisableUseCase;
|
|
234
234
|
constructor(loginUseCase: LoginUseCase, adminLoginUseCase: LoginAdminUseCase, logoutUseCase: LogoutUseCase, registerUseCase: RegisterUseCase, refreshTokenUseCase: RefreshTokenUseCase, twoFactorSetupUseCase: TwoFactorSetupUseCase, twoFactorEnableUseCase: TwoFactorEnableUseCase, twoFactorVerifyUseCase: TwoFactorVerifyUseCase, twoFactorDisableUseCase: TwoFactorDisableUseCase);
|
|
235
|
+
private createSuccessResponse;
|
|
236
|
+
private createAuthData;
|
|
235
237
|
login: (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
|
236
238
|
adminLogin: (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
|
237
239
|
logout: (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
|
238
240
|
register: (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
|
239
|
-
refreshToken: (req: Request, res: Response) => Promise<void>;
|
|
241
|
+
refreshToken: (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
|
240
242
|
setup2FA: (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
|
241
243
|
enable2FA: (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
|
242
244
|
verify2FA: (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
package/dist/index.d.ts
CHANGED
|
@@ -227,16 +227,18 @@ declare class AuthController {
|
|
|
227
227
|
private readonly logoutUseCase;
|
|
228
228
|
private readonly registerUseCase;
|
|
229
229
|
private readonly refreshTokenUseCase;
|
|
230
|
-
private twoFactorSetupUseCase;
|
|
231
|
-
private twoFactorEnableUseCase;
|
|
232
|
-
private twoFactorVerifyUseCase;
|
|
233
|
-
private twoFactorDisableUseCase;
|
|
230
|
+
private readonly twoFactorSetupUseCase;
|
|
231
|
+
private readonly twoFactorEnableUseCase;
|
|
232
|
+
private readonly twoFactorVerifyUseCase;
|
|
233
|
+
private readonly twoFactorDisableUseCase;
|
|
234
234
|
constructor(loginUseCase: LoginUseCase, adminLoginUseCase: LoginAdminUseCase, logoutUseCase: LogoutUseCase, registerUseCase: RegisterUseCase, refreshTokenUseCase: RefreshTokenUseCase, twoFactorSetupUseCase: TwoFactorSetupUseCase, twoFactorEnableUseCase: TwoFactorEnableUseCase, twoFactorVerifyUseCase: TwoFactorVerifyUseCase, twoFactorDisableUseCase: TwoFactorDisableUseCase);
|
|
235
|
+
private createSuccessResponse;
|
|
236
|
+
private createAuthData;
|
|
235
237
|
login: (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
|
236
238
|
adminLogin: (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
|
237
239
|
logout: (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
|
238
240
|
register: (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
|
239
|
-
refreshToken: (req: Request, res: Response) => Promise<void>;
|
|
241
|
+
refreshToken: (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
|
240
242
|
setup2FA: (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
|
241
243
|
enable2FA: (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
|
242
244
|
verify2FA: (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
package/dist/index.js
CHANGED
|
@@ -739,16 +739,19 @@ var _AuthController = class _AuthController {
|
|
|
739
739
|
try {
|
|
740
740
|
const loginDTO = req.body;
|
|
741
741
|
const result = await this.loginUseCase.execute(loginDTO);
|
|
742
|
-
|
|
743
|
-
|
|
744
|
-
|
|
745
|
-
data: {
|
|
742
|
+
const response = this.createSuccessResponse(
|
|
743
|
+
"Login successful",
|
|
744
|
+
{
|
|
746
745
|
accessToken: result.accessToken,
|
|
747
746
|
userId: result.id,
|
|
748
747
|
expiresAt: result.expiresAt,
|
|
749
748
|
enabled: result.enabled
|
|
749
|
+
},
|
|
750
|
+
{
|
|
751
|
+
status: "success"
|
|
750
752
|
}
|
|
751
|
-
|
|
753
|
+
);
|
|
754
|
+
res.status(200).json(response);
|
|
752
755
|
} catch (error) {
|
|
753
756
|
next(error);
|
|
754
757
|
}
|
|
@@ -760,7 +763,11 @@ var _AuthController = class _AuthController {
|
|
|
760
763
|
throw new ForbiddenError("Admin password is required");
|
|
761
764
|
}
|
|
762
765
|
const result = await this.adminLoginUseCase.execute(loginDTO, adminPassword);
|
|
763
|
-
|
|
766
|
+
const response = this.createSuccessResponse(
|
|
767
|
+
"Admin login successful",
|
|
768
|
+
result
|
|
769
|
+
);
|
|
770
|
+
res.status(201).json(response);
|
|
764
771
|
} catch (error) {
|
|
765
772
|
next(error);
|
|
766
773
|
}
|
|
@@ -768,10 +775,8 @@ var _AuthController = class _AuthController {
|
|
|
768
775
|
this.logout = /* @__PURE__ */ __name(async (req, res, next) => {
|
|
769
776
|
try {
|
|
770
777
|
await this.logoutUseCase.execute(req.body.id);
|
|
771
|
-
|
|
772
|
-
|
|
773
|
-
message: "Logged out successfully"
|
|
774
|
-
});
|
|
778
|
+
const response = this.createSuccessResponse("Logged out successfully");
|
|
779
|
+
res.status(200).json(response);
|
|
775
780
|
} catch (error) {
|
|
776
781
|
next(error);
|
|
777
782
|
}
|
|
@@ -780,37 +785,47 @@ var _AuthController = class _AuthController {
|
|
|
780
785
|
try {
|
|
781
786
|
const { email, name, password, role, adminPassword } = req.body;
|
|
782
787
|
await this.registerUseCase.execute(email, name, password, role, adminPassword);
|
|
783
|
-
|
|
788
|
+
const response = this.createSuccessResponse(
|
|
789
|
+
"User registered successfully",
|
|
790
|
+
null,
|
|
791
|
+
{ status: "success" }
|
|
792
|
+
);
|
|
793
|
+
res.status(200).json(response);
|
|
784
794
|
} catch (error) {
|
|
785
795
|
next(error);
|
|
786
796
|
}
|
|
787
797
|
}, "register");
|
|
788
|
-
this.refreshToken = /* @__PURE__ */ __name(async (req, res) => {
|
|
789
|
-
|
|
790
|
-
|
|
791
|
-
|
|
798
|
+
this.refreshToken = /* @__PURE__ */ __name(async (req, res, next) => {
|
|
799
|
+
try {
|
|
800
|
+
const { refreshToken } = req.body;
|
|
801
|
+
const result = await this.refreshTokenUseCase.execute(refreshToken);
|
|
802
|
+
const response = this.createSuccessResponse(
|
|
803
|
+
"Token refreshed successfully",
|
|
804
|
+
result
|
|
805
|
+
);
|
|
806
|
+
res.json(response);
|
|
807
|
+
} catch (error) {
|
|
808
|
+
next(error);
|
|
809
|
+
}
|
|
792
810
|
}, "refreshToken");
|
|
793
811
|
this.setup2FA = /* @__PURE__ */ __name(async (req, res, next) => {
|
|
794
812
|
try {
|
|
795
|
-
if (!req.auth?.id)
|
|
813
|
+
if (!req.auth?.id) {
|
|
814
|
+
throw new ForbiddenError("User authentication required");
|
|
815
|
+
}
|
|
796
816
|
const result = await this.twoFactorSetupUseCase.execute(req.auth.id);
|
|
797
|
-
|
|
798
|
-
|
|
799
|
-
|
|
800
|
-
data: {
|
|
817
|
+
const response = this.createSuccessResponse(
|
|
818
|
+
"Two-factor authentication setup initiated",
|
|
819
|
+
{
|
|
801
820
|
qrCode: result.qrCodeUrl,
|
|
802
|
-
auth:
|
|
803
|
-
hasAccessToken: true,
|
|
804
|
-
enable: false,
|
|
805
|
-
status: "needs_setup"
|
|
806
|
-
}
|
|
821
|
+
auth: this.createAuthData(true, false, "needs_setup")
|
|
807
822
|
},
|
|
808
|
-
|
|
809
|
-
timestamp: (/* @__PURE__ */ new Date()).toISOString(),
|
|
823
|
+
{
|
|
810
824
|
nextStep: "Scan the QR code and enter your first code to verify",
|
|
811
825
|
redirectTo: "/2fa-setup"
|
|
812
826
|
}
|
|
813
|
-
|
|
827
|
+
);
|
|
828
|
+
res.status(200).json(response);
|
|
814
829
|
} catch (error) {
|
|
815
830
|
next(error);
|
|
816
831
|
}
|
|
@@ -819,24 +834,19 @@ var _AuthController = class _AuthController {
|
|
|
819
834
|
try {
|
|
820
835
|
const dto = { ...req.body, userId: req.auth?.id };
|
|
821
836
|
await this.twoFactorEnableUseCase.execute(dto);
|
|
822
|
-
|
|
823
|
-
|
|
824
|
-
|
|
825
|
-
data: {
|
|
837
|
+
const response = this.createSuccessResponse(
|
|
838
|
+
"Two-factor authentication enabled",
|
|
839
|
+
{
|
|
826
840
|
isEnabled: true,
|
|
827
841
|
enabledAt: (/* @__PURE__ */ new Date()).toISOString(),
|
|
828
|
-
auth:
|
|
829
|
-
hasAccessToken: true,
|
|
830
|
-
enable: true,
|
|
831
|
-
status: "pending_verification"
|
|
832
|
-
}
|
|
842
|
+
auth: this.createAuthData(true, true, "pending_verification")
|
|
833
843
|
},
|
|
834
|
-
|
|
835
|
-
timestamp: (/* @__PURE__ */ new Date()).toISOString(),
|
|
844
|
+
{
|
|
836
845
|
nextStep: "Proceed to verify with a valid 2FA token",
|
|
837
846
|
redirectTo: "/verify-2fa"
|
|
838
847
|
}
|
|
839
|
-
|
|
848
|
+
);
|
|
849
|
+
res.status(200).json(response);
|
|
840
850
|
} catch (error) {
|
|
841
851
|
next(error);
|
|
842
852
|
}
|
|
@@ -845,10 +855,9 @@ var _AuthController = class _AuthController {
|
|
|
845
855
|
try {
|
|
846
856
|
const dto = req.body;
|
|
847
857
|
const result = await this.twoFactorVerifyUseCase.execute(dto);
|
|
848
|
-
|
|
849
|
-
|
|
850
|
-
|
|
851
|
-
data: {
|
|
858
|
+
const response = this.createSuccessResponse(
|
|
859
|
+
"Two-factor authentication verified successfully",
|
|
860
|
+
{
|
|
852
861
|
token: result?.token,
|
|
853
862
|
refreshToken: result?.refreshToken,
|
|
854
863
|
user: {
|
|
@@ -857,19 +866,14 @@ var _AuthController = class _AuthController {
|
|
|
857
866
|
name: result?.data?.name,
|
|
858
867
|
role: result?.data?.role
|
|
859
868
|
},
|
|
860
|
-
auth:
|
|
861
|
-
hasAccessToken: true,
|
|
862
|
-
enable: true,
|
|
863
|
-
verified: true,
|
|
864
|
-
status: "full_auth"
|
|
865
|
-
}
|
|
869
|
+
auth: this.createAuthData(true, true, "full_auth", true)
|
|
866
870
|
},
|
|
867
|
-
|
|
868
|
-
timestamp: (/* @__PURE__ */ new Date()).toISOString(),
|
|
871
|
+
{
|
|
869
872
|
recommendation: "You're fully authenticated",
|
|
870
873
|
redirectTo: "/"
|
|
871
874
|
}
|
|
872
|
-
|
|
875
|
+
);
|
|
876
|
+
res.status(200).json(response);
|
|
873
877
|
} catch (error) {
|
|
874
878
|
next(error);
|
|
875
879
|
}
|
|
@@ -879,24 +883,18 @@ var _AuthController = class _AuthController {
|
|
|
879
883
|
const userId = req.auth.id;
|
|
880
884
|
const dto = req.body;
|
|
881
885
|
await this.twoFactorDisableUseCase.execute(userId, dto);
|
|
882
|
-
|
|
883
|
-
|
|
884
|
-
|
|
885
|
-
data: {
|
|
886
|
+
const response = this.createSuccessResponse(
|
|
887
|
+
"Two-factor authentication disabled",
|
|
888
|
+
{
|
|
886
889
|
disabledAt: (/* @__PURE__ */ new Date()).toISOString(),
|
|
887
|
-
auth:
|
|
888
|
-
hasAccessToken: true,
|
|
889
|
-
enable: false,
|
|
890
|
-
verified: false,
|
|
891
|
-
status: "basic_auth"
|
|
892
|
-
}
|
|
890
|
+
auth: this.createAuthData(true, false, "basic_auth", false)
|
|
893
891
|
},
|
|
894
|
-
|
|
895
|
-
timestamp: (/* @__PURE__ */ new Date()).toISOString(),
|
|
892
|
+
{
|
|
896
893
|
securityNote: "Account now relies only on password. Re-enable 2FA for better security.",
|
|
897
894
|
redirectTo: "/login"
|
|
898
895
|
}
|
|
899
|
-
|
|
896
|
+
);
|
|
897
|
+
res.status(200).json(response);
|
|
900
898
|
} catch (error) {
|
|
901
899
|
next(error);
|
|
902
900
|
}
|
|
@@ -911,6 +909,25 @@ var _AuthController = class _AuthController {
|
|
|
911
909
|
this.twoFactorVerifyUseCase = twoFactorVerifyUseCase;
|
|
912
910
|
this.twoFactorDisableUseCase = twoFactorDisableUseCase;
|
|
913
911
|
}
|
|
912
|
+
createSuccessResponse(message, data, meta) {
|
|
913
|
+
return {
|
|
914
|
+
success: true,
|
|
915
|
+
message,
|
|
916
|
+
data,
|
|
917
|
+
meta: {
|
|
918
|
+
timestamp: (/* @__PURE__ */ new Date()).toISOString(),
|
|
919
|
+
...meta
|
|
920
|
+
}
|
|
921
|
+
};
|
|
922
|
+
}
|
|
923
|
+
createAuthData(hasAccessToken, enable, status, verified) {
|
|
924
|
+
return {
|
|
925
|
+
hasAccessToken,
|
|
926
|
+
enable,
|
|
927
|
+
status,
|
|
928
|
+
...verified !== void 0 && { verified }
|
|
929
|
+
};
|
|
930
|
+
}
|
|
914
931
|
};
|
|
915
932
|
__name(_AuthController, "AuthController");
|
|
916
933
|
var AuthController = _AuthController;
|