cca-auth-module 0.1.91 → 0.1.92
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/application/useCase/LoginUseCase.d.ts +1 -1
- package/dist/application/validators/authValidation.d.ts +2 -2
- package/dist/domain/interfaces/IAuthService.d.ts +3 -4
- package/dist/index.d.mts +7 -9
- package/dist/index.d.ts +7 -9
- package/dist/index.js +16 -38
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +16 -38
- package/dist/index.mjs.map +1 -1
- package/dist/infrastructure/repository/AuthRepository.d.ts +1 -1
- package/dist/infrastructure/services/JwtAuthService.d.ts +3 -4
- package/package.json +2 -2
|
@@ -7,7 +7,7 @@ export declare class LoginUseCase implements IBaseService {
|
|
|
7
7
|
private readonly jwtService;
|
|
8
8
|
constructor(repository: AuthRepository, jwtService: JwtAuthService);
|
|
9
9
|
initialize(): Promise<void>;
|
|
10
|
-
execute(loginDTO: LoginDTO, providedAdminPassword
|
|
10
|
+
execute(loginDTO: LoginDTO, providedAdminPassword?: string): Promise<{
|
|
11
11
|
id: string;
|
|
12
12
|
accessToken: string;
|
|
13
13
|
expiresAt: number;
|
|
@@ -2,9 +2,9 @@ import { AuthEntity } from "cca-entities";
|
|
|
2
2
|
import { AuthRepository } from "../../infrastructure/repository/AuthRepository";
|
|
3
3
|
import { RegisterDTO } from "../dtos/RegisterDTO";
|
|
4
4
|
import { LoginDTO } from "../dtos/LoginDTO";
|
|
5
|
-
export declare const validateEmail: (email: string, repository: AuthRepository) => Promise<AuthEntity>;
|
|
5
|
+
export declare const validateEmail: (email: string, repository: AuthRepository, isAdmin: boolean) => Promise<AuthEntity>;
|
|
6
6
|
export declare const validatePassword: (password?: string) => Promise<void>;
|
|
7
7
|
export declare const validateEmailUniqueness: (repository: AuthRepository, email: string, excludeUserId?: string) => Promise<void>;
|
|
8
8
|
export declare const validateRegisterDTO: (auth: RegisterDTO, repository: AuthRepository) => Promise<void>;
|
|
9
|
-
export declare const validateLoginDTO: (data: LoginDTO, repository: AuthRepository) => Promise<AuthEntity>;
|
|
9
|
+
export declare const validateLoginDTO: (data: LoginDTO, repository: AuthRepository, isAdmin: boolean) => Promise<AuthEntity>;
|
|
10
10
|
export declare const validateAdminSecret: (secretPassword?: string) => Promise<void>;
|
|
@@ -1,9 +1,8 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { AdminEntity, UserEntity, UserRole } from "cca-entities";
|
|
2
2
|
import { IDecodedToken } from "./IDecodedToken";
|
|
3
3
|
export interface IAuthService {
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
generateRefreshToken(user: UserEntity): string;
|
|
4
|
+
generateAccessToken(user: UserEntity | AdminEntity, role: UserRole): string;
|
|
5
|
+
generateRefreshToken(user: UserEntity | AdminEntity): string;
|
|
7
6
|
verifyAccessToken(token: string): Promise<IDecodedToken>;
|
|
8
7
|
verifyRefreshToken(token: string): IDecodedToken;
|
|
9
8
|
}
|
package/dist/index.d.mts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { BaseRepository, IExtendedBaseRepository, IBaseService, BaseDatabase, BaseContainer } from 'cca-core';
|
|
2
2
|
import { Request, Response, NextFunction } from 'express';
|
|
3
|
-
import { AuthEntity, UserRole, UserEntity } from 'cca-entities';
|
|
3
|
+
import { AuthEntity, UserRole, UserEntity, AdminEntity } from 'cca-entities';
|
|
4
4
|
import { Repository } from 'typeorm';
|
|
5
5
|
import * as jwt from 'jsonwebtoken';
|
|
6
6
|
import { JwtPayload } from 'jsonwebtoken';
|
|
@@ -22,7 +22,7 @@ declare const authConfig: (configSource: ConfigSource) => void;
|
|
|
22
22
|
|
|
23
23
|
declare class AuthRepository extends BaseRepository<AuthEntity> implements IExtendedBaseRepository<AuthEntity> {
|
|
24
24
|
constructor(repository: Repository<AuthEntity>);
|
|
25
|
-
findByEmail(email: string): Promise<AuthEntity | null>;
|
|
25
|
+
findByEmail(email: string, isAdmin?: boolean): Promise<AuthEntity | null>;
|
|
26
26
|
create(entity: Omit<AuthEntity, "createdAt">): Promise<AuthEntity>;
|
|
27
27
|
findByUserId(userId: string): Promise<AuthEntity | null>;
|
|
28
28
|
findByUseAdminId(userId: string, isAdmin?: boolean): Promise<AuthEntity | null>;
|
|
@@ -67,9 +67,8 @@ interface IDecodedToken extends JwtPayload {
|
|
|
67
67
|
}
|
|
68
68
|
|
|
69
69
|
interface IAuthService {
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
generateRefreshToken(user: UserEntity): string;
|
|
70
|
+
generateAccessToken(user: UserEntity | AdminEntity, role: UserRole): string;
|
|
71
|
+
generateRefreshToken(user: UserEntity | AdminEntity): string;
|
|
73
72
|
verifyAccessToken(token: string): Promise<IDecodedToken>;
|
|
74
73
|
verifyRefreshToken(token: string): IDecodedToken;
|
|
75
74
|
}
|
|
@@ -81,10 +80,9 @@ declare class JwtAuthService implements IBaseService, IAuthService {
|
|
|
81
80
|
private loadConfig;
|
|
82
81
|
initialize(): Promise<void>;
|
|
83
82
|
private validateConfiguration;
|
|
84
|
-
validateUser(email: string, password: string): Promise<AuthEntity | null>;
|
|
85
83
|
private verifyJwtConfig;
|
|
86
|
-
generateAccessToken(user: UserEntity, role: UserRole): string;
|
|
87
|
-
generateRefreshToken(user: UserEntity): string;
|
|
84
|
+
generateAccessToken(user: UserEntity | AdminEntity, role: UserRole): string;
|
|
85
|
+
generateRefreshToken(user: UserEntity | AdminEntity): string;
|
|
88
86
|
verifyToken(token: string, secret: string): Promise<IDecodedToken>;
|
|
89
87
|
verifyAccessToken(token: string): Promise<IDecodedToken>;
|
|
90
88
|
verifyRefreshToken(token: string): Promise<IDecodedToken>;
|
|
@@ -95,7 +93,7 @@ declare class LoginUseCase implements IBaseService {
|
|
|
95
93
|
private readonly jwtService;
|
|
96
94
|
constructor(repository: AuthRepository, jwtService: JwtAuthService);
|
|
97
95
|
initialize(): Promise<void>;
|
|
98
|
-
execute(loginDTO: LoginDTO, providedAdminPassword
|
|
96
|
+
execute(loginDTO: LoginDTO, providedAdminPassword?: string): Promise<{
|
|
99
97
|
id: string;
|
|
100
98
|
accessToken: string;
|
|
101
99
|
expiresAt: number;
|
package/dist/index.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { BaseRepository, IExtendedBaseRepository, IBaseService, BaseDatabase, BaseContainer } from 'cca-core';
|
|
2
2
|
import { Request, Response, NextFunction } from 'express';
|
|
3
|
-
import { AuthEntity, UserRole, UserEntity } from 'cca-entities';
|
|
3
|
+
import { AuthEntity, UserRole, UserEntity, AdminEntity } from 'cca-entities';
|
|
4
4
|
import { Repository } from 'typeorm';
|
|
5
5
|
import * as jwt from 'jsonwebtoken';
|
|
6
6
|
import { JwtPayload } from 'jsonwebtoken';
|
|
@@ -22,7 +22,7 @@ declare const authConfig: (configSource: ConfigSource) => void;
|
|
|
22
22
|
|
|
23
23
|
declare class AuthRepository extends BaseRepository<AuthEntity> implements IExtendedBaseRepository<AuthEntity> {
|
|
24
24
|
constructor(repository: Repository<AuthEntity>);
|
|
25
|
-
findByEmail(email: string): Promise<AuthEntity | null>;
|
|
25
|
+
findByEmail(email: string, isAdmin?: boolean): Promise<AuthEntity | null>;
|
|
26
26
|
create(entity: Omit<AuthEntity, "createdAt">): Promise<AuthEntity>;
|
|
27
27
|
findByUserId(userId: string): Promise<AuthEntity | null>;
|
|
28
28
|
findByUseAdminId(userId: string, isAdmin?: boolean): Promise<AuthEntity | null>;
|
|
@@ -67,9 +67,8 @@ interface IDecodedToken extends JwtPayload {
|
|
|
67
67
|
}
|
|
68
68
|
|
|
69
69
|
interface IAuthService {
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
generateRefreshToken(user: UserEntity): string;
|
|
70
|
+
generateAccessToken(user: UserEntity | AdminEntity, role: UserRole): string;
|
|
71
|
+
generateRefreshToken(user: UserEntity | AdminEntity): string;
|
|
73
72
|
verifyAccessToken(token: string): Promise<IDecodedToken>;
|
|
74
73
|
verifyRefreshToken(token: string): IDecodedToken;
|
|
75
74
|
}
|
|
@@ -81,10 +80,9 @@ declare class JwtAuthService implements IBaseService, IAuthService {
|
|
|
81
80
|
private loadConfig;
|
|
82
81
|
initialize(): Promise<void>;
|
|
83
82
|
private validateConfiguration;
|
|
84
|
-
validateUser(email: string, password: string): Promise<AuthEntity | null>;
|
|
85
83
|
private verifyJwtConfig;
|
|
86
|
-
generateAccessToken(user: UserEntity, role: UserRole): string;
|
|
87
|
-
generateRefreshToken(user: UserEntity): string;
|
|
84
|
+
generateAccessToken(user: UserEntity | AdminEntity, role: UserRole): string;
|
|
85
|
+
generateRefreshToken(user: UserEntity | AdminEntity): string;
|
|
88
86
|
verifyToken(token: string, secret: string): Promise<IDecodedToken>;
|
|
89
87
|
verifyAccessToken(token: string): Promise<IDecodedToken>;
|
|
90
88
|
verifyRefreshToken(token: string): Promise<IDecodedToken>;
|
|
@@ -95,7 +93,7 @@ declare class LoginUseCase implements IBaseService {
|
|
|
95
93
|
private readonly jwtService;
|
|
96
94
|
constructor(repository: AuthRepository, jwtService: JwtAuthService);
|
|
97
95
|
initialize(): Promise<void>;
|
|
98
|
-
execute(loginDTO: LoginDTO, providedAdminPassword
|
|
96
|
+
execute(loginDTO: LoginDTO, providedAdminPassword?: string): Promise<{
|
|
99
97
|
id: string;
|
|
100
98
|
accessToken: string;
|
|
101
99
|
expiresAt: number;
|
package/dist/index.js
CHANGED
|
@@ -184,10 +184,10 @@ var schemas = {
|
|
|
184
184
|
),
|
|
185
185
|
role: yup.string().oneOf(Object.values(import_cca_entities.UserRole), "Invalid role specified")
|
|
186
186
|
};
|
|
187
|
-
var validateEmail = /* @__PURE__ */ __name(async (email, repository) => {
|
|
187
|
+
var validateEmail = /* @__PURE__ */ __name(async (email, repository, isAdmin) => {
|
|
188
188
|
try {
|
|
189
189
|
await schemas.email.validate(email?.trim().toLowerCase());
|
|
190
|
-
const user = await repository.findByEmail(email);
|
|
190
|
+
const user = await repository.findByEmail(email, isAdmin);
|
|
191
191
|
if (!user) {
|
|
192
192
|
throw new NotFoundError(
|
|
193
193
|
"The email address or password is incorrect. Please retry"
|
|
@@ -230,13 +230,13 @@ var validateRegisterDTO = /* @__PURE__ */ __name(async (auth, repository) => {
|
|
|
230
230
|
validatePassword(password)
|
|
231
231
|
]);
|
|
232
232
|
}, "validateRegisterDTO");
|
|
233
|
-
var validateLoginDTO = /* @__PURE__ */ __name(async (data, repository) => {
|
|
233
|
+
var validateLoginDTO = /* @__PURE__ */ __name(async (data, repository, isAdmin) => {
|
|
234
234
|
const { email, role, password } = data;
|
|
235
235
|
if (role) {
|
|
236
236
|
await schemas.role.validate(role);
|
|
237
237
|
}
|
|
238
238
|
await schemas.password.validate(password);
|
|
239
|
-
const auth = await validateEmail(email, repository);
|
|
239
|
+
const auth = await validateEmail(email, repository, isAdmin);
|
|
240
240
|
if (!auth || !auth.password) {
|
|
241
241
|
throw new NotFoundError("Invalid credentials");
|
|
242
242
|
}
|
|
@@ -275,11 +275,12 @@ var _LoginUseCase = class _LoginUseCase {
|
|
|
275
275
|
async initialize() {
|
|
276
276
|
await (0, import_cca_core.validateRepository)(this.repository, (repo) => repo.getAll());
|
|
277
277
|
}
|
|
278
|
-
async execute(loginDTO, providedAdminPassword
|
|
279
|
-
if (
|
|
278
|
+
async execute(loginDTO, providedAdminPassword) {
|
|
279
|
+
if (providedAdminPassword) {
|
|
280
280
|
await validateAdminSecret(providedAdminPassword);
|
|
281
281
|
}
|
|
282
|
-
const
|
|
282
|
+
const isAdmin = !!providedAdminPassword;
|
|
283
|
+
const auth = await validateLoginDTO(loginDTO, this.repository, isAdmin);
|
|
283
284
|
const accessToken = this.jwtService.generateAccessToken(auth.user, auth.role);
|
|
284
285
|
const expiresAt = (0, import_jwt_decode.jwtDecode)(accessToken).exp;
|
|
285
286
|
return { id: auth.user.id, accessToken, expiresAt, enabled: auth.twoFactorEnabled };
|
|
@@ -473,11 +474,7 @@ var _RegisterUseCase = class _RegisterUseCase {
|
|
|
473
474
|
const authEntity = mapper.map(dto, RegisterDTO, import_cca_entities3.AuthEntity);
|
|
474
475
|
const userOrAdminEntity = isAdmin ? mapper.map(dto, RegisterDTO, import_cca_entities3.AdminEntity) : mapper.map(dto, RegisterDTO, import_cca_entities3.UserEntity);
|
|
475
476
|
userOrAdminEntity.updatedAt = void 0;
|
|
476
|
-
|
|
477
|
-
authEntity.admin = userOrAdminEntity;
|
|
478
|
-
} else {
|
|
479
|
-
authEntity.user = userOrAdminEntity;
|
|
480
|
-
}
|
|
477
|
+
authEntity.user = userOrAdminEntity;
|
|
481
478
|
authEntity.password = hashedPassword;
|
|
482
479
|
authEntity.refreshToken = "";
|
|
483
480
|
return authEntity;
|
|
@@ -509,7 +506,7 @@ var _RefreshTokenUseCase = class _RefreshTokenUseCase {
|
|
|
509
506
|
if (!authEntity) {
|
|
510
507
|
return null;
|
|
511
508
|
}
|
|
512
|
-
const user = authEntity.
|
|
509
|
+
const user = authEntity.user;
|
|
513
510
|
const accessToken = this.service.generateAccessToken(user, authEntity.role);
|
|
514
511
|
const newRefreshToken = this.service.generateRefreshToken(user);
|
|
515
512
|
await this.repository.update(authEntity.id, {
|
|
@@ -640,18 +637,11 @@ var _TwoFactorVerifyUseCase = class _TwoFactorVerifyUseCase {
|
|
|
640
637
|
const tokenPair = this.generateTokens(auth);
|
|
641
638
|
await this.updateUserStatus(auth);
|
|
642
639
|
await this.updateUserRefreshToken(auth, tokenPair.refreshToken);
|
|
643
|
-
if (auth.admin) {
|
|
644
|
-
return {
|
|
645
|
-
token: tokenPair.accessToken,
|
|
646
|
-
refreshToken: tokenPair.refreshToken,
|
|
647
|
-
data: this.mapAdminToDTO(auth.admin)
|
|
648
|
-
};
|
|
649
|
-
}
|
|
650
640
|
if (auth.user) {
|
|
651
641
|
return {
|
|
652
642
|
token: tokenPair.accessToken,
|
|
653
643
|
refreshToken: tokenPair.refreshToken,
|
|
654
|
-
data: this.
|
|
644
|
+
data: this.mapAdminToDTO(auth.user)
|
|
655
645
|
};
|
|
656
646
|
}
|
|
657
647
|
return null;
|
|
@@ -749,7 +739,7 @@ var _AuthController = class _AuthController {
|
|
|
749
739
|
this.login = /* @__PURE__ */ __name(async (req, res, next) => {
|
|
750
740
|
try {
|
|
751
741
|
const loginDTO = req.body;
|
|
752
|
-
const result = await this.loginUseCase.execute(loginDTO
|
|
742
|
+
const result = await this.loginUseCase.execute(loginDTO);
|
|
753
743
|
const twoFactorEnabled = result.enabled ?? false;
|
|
754
744
|
const loginData = {
|
|
755
745
|
accessToken: result.accessToken,
|
|
@@ -776,7 +766,7 @@ var _AuthController = class _AuthController {
|
|
|
776
766
|
if (!adminPassword) {
|
|
777
767
|
throw new ForbiddenError("Admin password is required");
|
|
778
768
|
}
|
|
779
|
-
const result = await this.loginUseCase.execute(loginDTO, adminPassword
|
|
769
|
+
const result = await this.loginUseCase.execute(loginDTO, adminPassword);
|
|
780
770
|
const adminLoginData = {
|
|
781
771
|
message: result,
|
|
782
772
|
auth: this.createAuthData(
|
|
@@ -1001,9 +991,9 @@ var _AuthRepository = class _AuthRepository extends import_cca_core8.BaseReposit
|
|
|
1001
991
|
constructor(repository) {
|
|
1002
992
|
super(repository);
|
|
1003
993
|
}
|
|
1004
|
-
async findByEmail(email) {
|
|
1005
|
-
const
|
|
1006
|
-
return await
|
|
994
|
+
async findByEmail(email, isAdmin) {
|
|
995
|
+
const alias = isAdmin ? "admin" : "user";
|
|
996
|
+
return await this.repository.createQueryBuilder("auth").leftJoinAndSelect("auth.user", alias).addSelect("auth.password").where("auth.email = :email", { email }).getOne();
|
|
1007
997
|
}
|
|
1008
998
|
async create(entity) {
|
|
1009
999
|
return super.create(entity);
|
|
@@ -1068,7 +1058,6 @@ var AuthRepository = _AuthRepository;
|
|
|
1068
1058
|
|
|
1069
1059
|
// src/infrastructure/services/JwtAuthService.ts
|
|
1070
1060
|
var jwt = __toESM(require("jsonwebtoken"));
|
|
1071
|
-
var bcrypt3 = __toESM(require("bcrypt"));
|
|
1072
1061
|
var import_cca_core9 = require("cca-core");
|
|
1073
1062
|
var _JwtAuthService = class _JwtAuthService {
|
|
1074
1063
|
constructor(repository, config) {
|
|
@@ -1094,17 +1083,6 @@ var _JwtAuthService = class _JwtAuthService {
|
|
|
1094
1083
|
throw new JwtError("JWT secrets required in config");
|
|
1095
1084
|
}
|
|
1096
1085
|
}
|
|
1097
|
-
async validateUser(email, password) {
|
|
1098
|
-
const user = await this.repository.findByEmail(email);
|
|
1099
|
-
if (!user) {
|
|
1100
|
-
throw new NotFoundError("Invalid credentials");
|
|
1101
|
-
}
|
|
1102
|
-
const validPassword = await bcrypt3.compare(password, user.password);
|
|
1103
|
-
if (!validPassword) {
|
|
1104
|
-
throw new ForbiddenError("Invalid credentials");
|
|
1105
|
-
}
|
|
1106
|
-
return user;
|
|
1107
|
-
}
|
|
1108
1086
|
verifyJwtConfig() {
|
|
1109
1087
|
if (!this.jwtConfig) throw new JwtError("JWT config not loaded");
|
|
1110
1088
|
}
|