cca-auth-module 0.1.84 → 0.1.86
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.mts +2 -1
- package/dist/index.d.ts +2 -1
- package/dist/index.js +86 -85
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +86 -85
- package/dist/index.mjs.map +1 -1
- package/dist/presentation/constants/constants.d.ts +21 -0
- package/dist/presentation/controller/AuthController.d.ts +2 -1
- package/package.json +1 -1
package/dist/index.mjs
CHANGED
|
@@ -697,6 +697,29 @@ var _TwoFactorDisableUseCase = class _TwoFactorDisableUseCase {
|
|
|
697
697
|
__name(_TwoFactorDisableUseCase, "TwoFactorDisableUseCase");
|
|
698
698
|
var TwoFactorDisableUseCase = _TwoFactorDisableUseCase;
|
|
699
699
|
|
|
700
|
+
// src/presentation/constants/constants.ts
|
|
701
|
+
var HTTP_STATUS = {
|
|
702
|
+
OK: 200,
|
|
703
|
+
CREATED: 201
|
|
704
|
+
};
|
|
705
|
+
var AUTH_STATUS = {
|
|
706
|
+
BASIC_AUTH: "basic_auth",
|
|
707
|
+
NEEDS_SETUP: "needs_setup",
|
|
708
|
+
PENDING_VERIFICATION: "pending_verification",
|
|
709
|
+
FULL_AUTH: "full_auth"
|
|
710
|
+
};
|
|
711
|
+
var MESSAGES = {
|
|
712
|
+
LOGIN_SUCCESS: "Login successful",
|
|
713
|
+
ADMIN_LOGIN_SUCCESS: "Admin login successful",
|
|
714
|
+
LOGOUT_SUCCESS: "Logged out successfully",
|
|
715
|
+
REGISTER_SUCCESS: "User registered successfully",
|
|
716
|
+
TOKEN_REFRESH_SUCCESS: "Token refreshed successfully",
|
|
717
|
+
TWO_FA_SETUP_SUCCESS: "Two-factor authentication setup initiated",
|
|
718
|
+
TWO_FA_ENABLE_SUCCESS: "Two-factor authentication enabled",
|
|
719
|
+
TWO_FA_VERIFY_SUCCESS: "Two-factor authentication verified successfully",
|
|
720
|
+
TWO_FA_DISABLE_SUCCESS: "Two-factor authentication disabled"
|
|
721
|
+
};
|
|
722
|
+
|
|
700
723
|
// src/presentation/controller/AuthController.ts
|
|
701
724
|
var _AuthController = class _AuthController {
|
|
702
725
|
constructor(loginUseCase, adminLoginUseCase, logoutUseCase, registerUseCase, refreshTokenUseCase, twoFactorSetupUseCase, twoFactorEnableUseCase, twoFactorVerifyUseCase, twoFactorDisableUseCase) {
|
|
@@ -704,19 +727,13 @@ var _AuthController = class _AuthController {
|
|
|
704
727
|
try {
|
|
705
728
|
const loginDTO = req.body;
|
|
706
729
|
const result = await this.loginUseCase.execute(loginDTO);
|
|
707
|
-
const
|
|
708
|
-
|
|
709
|
-
|
|
710
|
-
|
|
711
|
-
|
|
712
|
-
|
|
713
|
-
|
|
714
|
-
},
|
|
715
|
-
{
|
|
716
|
-
status: "success"
|
|
717
|
-
}
|
|
718
|
-
);
|
|
719
|
-
res.status(200).json(response);
|
|
730
|
+
const loginData = {
|
|
731
|
+
accessToken: result.accessToken,
|
|
732
|
+
userId: result.id,
|
|
733
|
+
expiresAt: result.expiresAt,
|
|
734
|
+
enabled: result.enabled
|
|
735
|
+
};
|
|
736
|
+
this.sendResponse(res, HTTP_STATUS.OK, MESSAGES.LOGIN_SUCCESS, loginData);
|
|
720
737
|
} catch (error) {
|
|
721
738
|
next(error);
|
|
722
739
|
}
|
|
@@ -728,11 +745,7 @@ var _AuthController = class _AuthController {
|
|
|
728
745
|
throw new ForbiddenError("Admin password is required");
|
|
729
746
|
}
|
|
730
747
|
const result = await this.adminLoginUseCase.execute(loginDTO, adminPassword);
|
|
731
|
-
|
|
732
|
-
"Admin login successful",
|
|
733
|
-
result
|
|
734
|
-
);
|
|
735
|
-
res.status(201).json(response);
|
|
748
|
+
this.sendResponse(res, HTTP_STATUS.CREATED, MESSAGES.ADMIN_LOGIN_SUCCESS, result);
|
|
736
749
|
} catch (error) {
|
|
737
750
|
next(error);
|
|
738
751
|
}
|
|
@@ -740,8 +753,7 @@ var _AuthController = class _AuthController {
|
|
|
740
753
|
this.logout = /* @__PURE__ */ __name(async (req, res, next) => {
|
|
741
754
|
try {
|
|
742
755
|
await this.logoutUseCase.execute(req.body.id);
|
|
743
|
-
|
|
744
|
-
res.status(200).json(response);
|
|
756
|
+
this.sendResponse(res, HTTP_STATUS.OK, MESSAGES.LOGOUT_SUCCESS);
|
|
745
757
|
} catch (error) {
|
|
746
758
|
next(error);
|
|
747
759
|
}
|
|
@@ -750,12 +762,13 @@ var _AuthController = class _AuthController {
|
|
|
750
762
|
try {
|
|
751
763
|
const { email, name, password, role, adminPassword } = req.body;
|
|
752
764
|
await this.registerUseCase.execute(email, name, password, role, adminPassword);
|
|
753
|
-
|
|
754
|
-
|
|
765
|
+
this.sendResponse(
|
|
766
|
+
res,
|
|
767
|
+
HTTP_STATUS.OK,
|
|
768
|
+
MESSAGES.REGISTER_SUCCESS,
|
|
755
769
|
null,
|
|
756
|
-
{ status:
|
|
770
|
+
{ status: true }
|
|
757
771
|
);
|
|
758
|
-
res.status(200).json(response);
|
|
759
772
|
} catch (error) {
|
|
760
773
|
next(error);
|
|
761
774
|
}
|
|
@@ -764,11 +777,7 @@ var _AuthController = class _AuthController {
|
|
|
764
777
|
try {
|
|
765
778
|
const { refreshToken } = req.body;
|
|
766
779
|
const result = await this.refreshTokenUseCase.execute(refreshToken);
|
|
767
|
-
|
|
768
|
-
"Token refreshed successfully",
|
|
769
|
-
result
|
|
770
|
-
);
|
|
771
|
-
res.json(response);
|
|
780
|
+
this.sendResponse(res, HTTP_STATUS.OK, MESSAGES.TOKEN_REFRESH_SUCCESS, result);
|
|
772
781
|
} catch (error) {
|
|
773
782
|
next(error);
|
|
774
783
|
}
|
|
@@ -779,18 +788,15 @@ var _AuthController = class _AuthController {
|
|
|
779
788
|
throw new ForbiddenError("User authentication required");
|
|
780
789
|
}
|
|
781
790
|
const result = await this.twoFactorSetupUseCase.execute(req.auth.id);
|
|
782
|
-
const
|
|
783
|
-
|
|
784
|
-
|
|
785
|
-
|
|
786
|
-
|
|
787
|
-
|
|
788
|
-
|
|
789
|
-
|
|
790
|
-
|
|
791
|
-
}
|
|
792
|
-
);
|
|
793
|
-
res.status(200).json(response);
|
|
791
|
+
const setupData = {
|
|
792
|
+
qrCode: result.qrCodeUrl,
|
|
793
|
+
auth: this.createAuthData(true, false, AUTH_STATUS.NEEDS_SETUP)
|
|
794
|
+
};
|
|
795
|
+
const meta = {
|
|
796
|
+
nextStep: "Scan the QR code and enter your first code to verify",
|
|
797
|
+
redirectTo: "/2fa-enable"
|
|
798
|
+
};
|
|
799
|
+
this.sendResponse(res, HTTP_STATUS.OK, MESSAGES.TWO_FA_SETUP_SUCCESS, setupData, meta);
|
|
794
800
|
} catch (error) {
|
|
795
801
|
next(error);
|
|
796
802
|
}
|
|
@@ -799,19 +805,16 @@ var _AuthController = class _AuthController {
|
|
|
799
805
|
try {
|
|
800
806
|
const dto = { ...req.body, userId: req.auth?.id };
|
|
801
807
|
await this.twoFactorEnableUseCase.execute(dto);
|
|
802
|
-
const
|
|
803
|
-
|
|
804
|
-
|
|
805
|
-
|
|
806
|
-
|
|
807
|
-
|
|
808
|
-
|
|
809
|
-
|
|
810
|
-
|
|
811
|
-
|
|
812
|
-
}
|
|
813
|
-
);
|
|
814
|
-
res.status(200).json(response);
|
|
808
|
+
const enableData = {
|
|
809
|
+
isEnabled: true,
|
|
810
|
+
enabledAt: (/* @__PURE__ */ new Date()).toISOString(),
|
|
811
|
+
auth: this.createAuthData(true, true, AUTH_STATUS.PENDING_VERIFICATION)
|
|
812
|
+
};
|
|
813
|
+
const meta = {
|
|
814
|
+
nextStep: "Proceed to verify with a valid 2FA token",
|
|
815
|
+
redirectTo: "/verify-2fa"
|
|
816
|
+
};
|
|
817
|
+
this.sendResponse(res, HTTP_STATUS.OK, MESSAGES.TWO_FA_ENABLE_SUCCESS, enableData, meta);
|
|
815
818
|
} catch (error) {
|
|
816
819
|
next(error);
|
|
817
820
|
}
|
|
@@ -820,25 +823,22 @@ var _AuthController = class _AuthController {
|
|
|
820
823
|
try {
|
|
821
824
|
const dto = req.body;
|
|
822
825
|
const result = await this.twoFactorVerifyUseCase.execute(dto);
|
|
823
|
-
const
|
|
824
|
-
|
|
825
|
-
|
|
826
|
-
|
|
827
|
-
|
|
828
|
-
|
|
829
|
-
|
|
830
|
-
|
|
831
|
-
name: result?.data?.name,
|
|
832
|
-
role: result?.data?.role
|
|
833
|
-
},
|
|
834
|
-
auth: this.createAuthData(true, true, "full_auth", true)
|
|
826
|
+
const verifyData = {
|
|
827
|
+
token: result?.token,
|
|
828
|
+
refreshToken: result?.refreshToken,
|
|
829
|
+
user: {
|
|
830
|
+
id: result?.data?.id,
|
|
831
|
+
email: result?.data?.email,
|
|
832
|
+
name: result?.data?.name,
|
|
833
|
+
role: result?.data?.role
|
|
835
834
|
},
|
|
836
|
-
|
|
837
|
-
|
|
838
|
-
|
|
839
|
-
|
|
840
|
-
|
|
841
|
-
|
|
835
|
+
auth: this.createAuthData(true, true, AUTH_STATUS.FULL_AUTH, true)
|
|
836
|
+
};
|
|
837
|
+
const meta = {
|
|
838
|
+
recommendation: "You're fully authenticated",
|
|
839
|
+
redirectTo: "/"
|
|
840
|
+
};
|
|
841
|
+
this.sendResponse(res, HTTP_STATUS.OK, MESSAGES.TWO_FA_VERIFY_SUCCESS, verifyData, meta);
|
|
842
842
|
} catch (error) {
|
|
843
843
|
next(error);
|
|
844
844
|
}
|
|
@@ -848,18 +848,15 @@ var _AuthController = class _AuthController {
|
|
|
848
848
|
const userId = req.auth.id;
|
|
849
849
|
const dto = req.body;
|
|
850
850
|
await this.twoFactorDisableUseCase.execute(userId, dto);
|
|
851
|
-
const
|
|
852
|
-
|
|
853
|
-
|
|
854
|
-
|
|
855
|
-
|
|
856
|
-
|
|
857
|
-
|
|
858
|
-
|
|
859
|
-
|
|
860
|
-
}
|
|
861
|
-
);
|
|
862
|
-
res.status(200).json(response);
|
|
851
|
+
const disableData = {
|
|
852
|
+
disabledAt: (/* @__PURE__ */ new Date()).toISOString(),
|
|
853
|
+
auth: this.createAuthData(true, false, AUTH_STATUS.BASIC_AUTH, false)
|
|
854
|
+
};
|
|
855
|
+
const meta = {
|
|
856
|
+
securityNote: "Account now relies only on password. Re-enable 2FA for better security.",
|
|
857
|
+
redirectTo: "/login"
|
|
858
|
+
};
|
|
859
|
+
this.sendResponse(res, HTTP_STATUS.OK, MESSAGES.TWO_FA_DISABLE_SUCCESS, disableData, meta);
|
|
863
860
|
} catch (error) {
|
|
864
861
|
next(error);
|
|
865
862
|
}
|
|
@@ -874,7 +871,7 @@ var _AuthController = class _AuthController {
|
|
|
874
871
|
this.twoFactorVerifyUseCase = twoFactorVerifyUseCase;
|
|
875
872
|
this.twoFactorDisableUseCase = twoFactorDisableUseCase;
|
|
876
873
|
}
|
|
877
|
-
|
|
874
|
+
createResponse(message, data, meta) {
|
|
878
875
|
return {
|
|
879
876
|
success: true,
|
|
880
877
|
message,
|
|
@@ -893,6 +890,10 @@ var _AuthController = class _AuthController {
|
|
|
893
890
|
...verified !== void 0 && { verified }
|
|
894
891
|
};
|
|
895
892
|
}
|
|
893
|
+
sendResponse(res, statusCode, message, data, meta) {
|
|
894
|
+
const response = this.createResponse(message, data, meta);
|
|
895
|
+
res.status(statusCode).json(response);
|
|
896
|
+
}
|
|
896
897
|
};
|
|
897
898
|
__name(_AuthController, "AuthController");
|
|
898
899
|
var AuthController = _AuthController;
|