npm - create-forgeon - Versions diffs - 0.3.16 → 0.3.17 - Mend

create-forgeon 0.3.16 → 0.3.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (107) hide show

package/templates/module-presets/jwt-auth/apps/api/prisma/migrations/0002_auth_refresh_token_hash/migration.sql DELETED Viewed

@@ -1,3 +0,0 @@
--- AlterTable
-ALTER TABLE "User"
-ADD COLUMN "refreshTokenHash" TEXT;

package/templates/module-presets/jwt-auth/apps/api/src/auth/prisma-auth-refresh-token.store.ts DELETED Viewed

@@ -1,36 +0,0 @@
-import {
-  AuthRefreshTokenStore,
-} from '@forgeon/auth-api';
-import { PrismaService } from '@forgeon/db-prisma';
-import { Injectable } from '@nestjs/common';
-@Injectable()
-export class PrismaAuthRefreshTokenStore implements AuthRefreshTokenStore {
-  readonly kind = 'prisma';
-  constructor(private readonly prisma: PrismaService) {}
-  async saveRefreshTokenHash(subject: string, hash: string): Promise<void> {
-    await this.prisma.user.upsert({
-      where: { email: subject },
-      create: { email: subject, refreshTokenHash: hash },
-      update: { refreshTokenHash: hash },
-      select: { id: true },
-    });
-  }
-  async getRefreshTokenHash(subject: string): Promise<string | null> {
-    const user = await this.prisma.user.findUnique({
-      where: { email: subject },
-      select: { refreshTokenHash: true },
-    });
-    return user?.refreshTokenHash ?? null;
-  }
-  async removeRefreshTokenHash(subject: string): Promise<void> {
-    await this.prisma.user.updateMany({
-      where: { email: subject },
-      data: { refreshTokenHash: null },
-    });
-  }
-}

package/templates/module-presets/jwt-auth/packages/auth-api/src/auth-refresh-token.store.ts DELETED Viewed

@@ -1,23 +0,0 @@
-import { Injectable } from '@nestjs/common';
-export const AUTH_REFRESH_TOKEN_STORE = Symbol('AUTH_REFRESH_TOKEN_STORE');
-export interface AuthRefreshTokenStore {
-  readonly kind: string;
-  saveRefreshTokenHash(subject: string, hash: string): Promise<void>;
-  getRefreshTokenHash(subject: string): Promise<string | null>;
-  removeRefreshTokenHash(subject: string): Promise<void>;
-}
-@Injectable()
-export class NoopAuthRefreshTokenStore implements AuthRefreshTokenStore {
-  readonly kind = 'none';
-  async saveRefreshTokenHash(): Promise<void> {}
-  async getRefreshTokenHash(): Promise<string | null> {
-    return null;
-  }
-  async removeRefreshTokenHash(): Promise<void> {}
-}

package/templates/module-presets/jwt-auth/packages/auth-api/src/auth.controller.ts DELETED Viewed

@@ -1,71 +0,0 @@
-import type { AuthUser } from '@forgeon/auth-contracts';
-import {
-  Body,
-  Controller,
-  Get,
-  Post,
-  Req,
-  UseGuards,
-} from '@nestjs/common';
-import { AuthService } from './auth.service';
-import { LoginDto, RefreshDto } from './dto';
-import { JwtAuthGuard } from './jwt-auth.guard';
-import { AuthJwtPayload } from './auth.types';
-type RequestWithUser = { user?: AuthJwtPayload };
-@Controller('auth')
-export class AuthController {
-  constructor(private readonly authService: AuthService) {}
-  @Post('login')
-  login(@Body() body: LoginDto) {
-    return this.authService.login(body);
-  }
-  @Post('refresh')
-  refresh(@Body() body: RefreshDto) {
-    return this.authService.refresh(body);
-  }
-  @UseGuards(JwtAuthGuard)
-  @Post('logout')
-  async logout(@Req() request: RequestWithUser) {
-    const user = this.getRequestUser(request);
-    await this.authService.logout(user);
-    return {
-      status: 'ok',
-      tokenStore: this.authService.getTokenStoreKind(),
-    };
-  }
-  @UseGuards(JwtAuthGuard)
-  @Get('me')
-  me(@Req() request: RequestWithUser) {
-    const user = this.getRequestUser(request);
-    return {
-      user: this.toAuthUser(user),
-      tokenStore: this.authService.getTokenStoreKind(),
-    };
-  }
-  private getRequestUser(request: RequestWithUser): AuthJwtPayload {
-    const user = request.user;
-    if (!user || typeof user.sub !== 'string' || typeof user.email !== 'string') {
-      return {
-        sub: 'unknown',
-        email: 'unknown@invalid.local',
-        roles: ['user'],
-      };
-    }
-    return user;
-  }
-  private toAuthUser(payload: AuthJwtPayload): AuthUser {
-    return {
-      sub: payload.sub,
-      email: payload.email,
-      roles: Array.isArray(payload.roles) ? payload.roles : ['user'],
-    };
-  }
-}

package/templates/module-presets/jwt-auth/packages/auth-api/src/auth.service.ts DELETED Viewed

@@ -1,175 +0,0 @@
-import type {
-  AuthErrorCode,
-  AuthUser,
-  LoginResponse,
-  RefreshResponse,
-  TokenPair,
-} from '@forgeon/auth-contracts';
-import { Inject, Injectable, UnauthorizedException } from '@nestjs/common';
-import { JwtService } from '@nestjs/jwt';
-import type { JwtSignOptions } from '@nestjs/jwt';
-import { compare, hash } from 'bcryptjs';
-import {
-  AUTH_REFRESH_TOKEN_STORE,
-  AuthRefreshTokenStore,
-} from './auth-refresh-token.store';
-import { AuthConfigService } from './auth-config.service';
-import { LoginDto, RefreshDto } from './dto';
-import { AuthJwtPayload } from './auth.types';
-type JwtExpiresIn = NonNullable<JwtSignOptions['expiresIn']>;
-const AUTH_ERROR_CODES: Record<
-  'invalidCredentials' | 'tokenExpired' | 'refreshInvalid',
-  AuthErrorCode
-> = {
-  invalidCredentials: 'AUTH_INVALID_CREDENTIALS',
-  tokenExpired: 'AUTH_TOKEN_EXPIRED',
-  refreshInvalid: 'AUTH_REFRESH_INVALID',
-};
-@Injectable()
-export class AuthService {
-  constructor(
-    private readonly jwtService: JwtService,
-    private readonly configService: AuthConfigService,
-    @Inject(AUTH_REFRESH_TOKEN_STORE)
-    private readonly refreshTokenStore: AuthRefreshTokenStore,
-  ) {}
-  getTokenStoreKind(): string {
-    return this.refreshTokenStore.kind;
-  }
-  async login(input: LoginDto): Promise<LoginResponse> {
-    const email = input.email.trim().toLowerCase();
-    if (email !== this.configService.demoEmail || input.password !== this.configService.demoPassword) {
-      throw new UnauthorizedException({
-        message: 'Invalid credentials',
-        details: { code: AUTH_ERROR_CODES.invalidCredentials },
-      });
-    }
-    const user: AuthUser = {
-      sub: email,
-      email,
-      roles: ['user'],
-    };
-    const tokens = await this.issueTokens(user);
-    return {
-      ...tokens,
-      user,
-      tokenStore: this.refreshTokenStore.kind,
-    };
-  }
-  async refresh(input: RefreshDto): Promise<RefreshResponse> {
-    let payload: AuthJwtPayload;
-    try {
-      payload = await this.jwtService.verifyAsync<AuthJwtPayload>(input.refreshToken, {
-        secret: this.configService.refreshSecret,
-      });
-    } catch (error) {
-      const code =
-        error instanceof Error && error.name === 'TokenExpiredError'
-          ? AUTH_ERROR_CODES.tokenExpired
-          : AUTH_ERROR_CODES.refreshInvalid;
-      throw new UnauthorizedException({
-        message: 'Refresh token is invalid or expired',
-        details: { code },
-      });
-    }
-    if (this.refreshTokenStore.kind !== 'none') {
-      const storedHash = await this.refreshTokenStore.getRefreshTokenHash(payload.sub);
-      if (!storedHash) {
-        throw new UnauthorizedException({
-          message: 'Refresh token is invalid or expired',
-          details: { code: AUTH_ERROR_CODES.refreshInvalid },
-        });
-      }
-      const matched = await compare(input.refreshToken, storedHash);
-      if (!matched) {
-        throw new UnauthorizedException({
-          message: 'Refresh token is invalid or expired',
-          details: { code: AUTH_ERROR_CODES.refreshInvalid },
-        });
-      }
-    }
-    const user = this.toAuthUser(payload);
-    const tokens = await this.issueTokens(user);
-    return {
-      ...tokens,
-      user,
-      tokenStore: this.refreshTokenStore.kind,
-    };
-  }
-  async logout(user: AuthJwtPayload): Promise<void> {
-    if (this.refreshTokenStore.kind === 'none') {
-      return;
-    }
-    await this.refreshTokenStore.removeRefreshTokenHash(user.sub);
-  }
-  getProbeStatus() {
-    return {
-      status: 'ok',
-      feature: 'jwt-auth',
-      tokenStore: this.refreshTokenStore.kind,
-      demoEmail: this.configService.demoEmail,
-    };
-  }
-  private async issueTokens(user: AuthUser): Promise<TokenPair> {
-    const payload: AuthJwtPayload = {
-      sub: user.sub,
-      email: user.email,
-      roles: user.roles,
-    };
-    const [accessToken, refreshToken] = await Promise.all([
-      this.jwtService.signAsync(payload, {
-        secret: this.configService.accessSecret,
-        expiresIn: this.toJwtExpiresIn(this.configService.accessExpiresIn),
-      }),
-      this.jwtService.signAsync(payload, {
-        secret: this.configService.refreshSecret,
-        expiresIn: this.toJwtExpiresIn(this.configService.refreshExpiresIn),
-      }),
-    ]);
-    if (this.refreshTokenStore.kind !== 'none') {
-      const tokenHash = await hash(refreshToken, this.configService.bcryptRounds);
-      await this.refreshTokenStore.saveRefreshTokenHash(user.sub, tokenHash);
-    }
-    return {
-      accessToken,
-      refreshToken,
-      tokenType: 'Bearer',
-      accessTtl: this.configService.accessExpiresIn,
-      refreshTtl: this.configService.refreshExpiresIn,
-    };
-  }
-  private toAuthUser(payload: AuthJwtPayload): AuthUser {
-    return {
-      sub: payload.sub,
-      email: payload.email,
-      roles: Array.isArray(payload.roles) ? payload.roles : ['user'],
-    };
-  }
-  private toJwtExpiresIn(value: string): JwtExpiresIn {
-    const trimmed = value.trim();
-    if (/^\d+$/.test(trimmed)) {
-      return Number(trimmed);
-    }
-    return trimmed as JwtExpiresIn;
-  }
-}

package/templates/module-presets/jwt-auth/packages/auth-api/src/auth.types.ts DELETED Viewed

@@ -1,6 +0,0 @@
-import type { AuthUser } from '@forgeon/auth-contracts';
-export interface AuthJwtPayload extends AuthUser {
-  iat?: number;
-  exp?: number;
-}

package/templates/module-presets/jwt-auth/packages/auth-api/src/dto/index.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- export * from './login.dto';
2	- export * from './refresh.dto';

package/templates/module-presets/jwt-auth/packages/auth-api/src/forgeon-auth.module.ts DELETED Viewed

@@ -1,47 +0,0 @@
-import {
-  DynamicModule,
-  Module,
-  ModuleMetadata,
-  Provider,
-} from '@nestjs/common';
-import { JwtModule } from '@nestjs/jwt';
-import { PassportModule } from '@nestjs/passport';
-import {
-  AUTH_REFRESH_TOKEN_STORE,
-  NoopAuthRefreshTokenStore,
-} from './auth-refresh-token.store';
-import { AuthConfigModule } from './auth-config.module';
-import { AuthController } from './auth.controller';
-import { AuthService } from './auth.service';
-import { JwtAuthGuard } from './jwt-auth.guard';
-import { JwtStrategy } from './jwt.strategy';
-export interface ForgeonAuthModuleOptions {
-  imports?: ModuleMetadata['imports'];
-  refreshTokenStoreProvider?: Provider;
-}
-@Module({})
-export class ForgeonAuthModule {
-  static register(options: ForgeonAuthModuleOptions = {}): DynamicModule {
-    const refreshTokenStoreProvider =
-      options.refreshTokenStoreProvider ??
-      ({
-        provide: AUTH_REFRESH_TOKEN_STORE,
-        useClass: NoopAuthRefreshTokenStore,
-      } satisfies Provider);
-    return {
-      module: ForgeonAuthModule,
-      imports: [
-        AuthConfigModule,
-        PassportModule.register({ defaultStrategy: 'jwt' }),
-        JwtModule.register({}),
-        ...(options.imports ?? []),
-      ],
-      controllers: [AuthController],
-      providers: [AuthService, JwtStrategy, JwtAuthGuard, refreshTokenStoreProvider],
-      exports: [AuthConfigModule, AuthService, JwtAuthGuard, AUTH_REFRESH_TOKEN_STORE],
-    };
-  }
-}

package/templates/module-presets/jwt-auth/packages/auth-api/src/index.ts DELETED Viewed

@@ -1,12 +0,0 @@
-export * from './auth-env.schema';
-export * from './auth-config.loader';
-export * from './auth-config.module';
-export * from './auth-config.service';
-export * from './auth-refresh-token.store';
-export * from './auth.controller';
-export * from './auth.service';
-export * from './auth.types';
-export * from './dto';
-export * from './forgeon-auth.module';
-export * from './jwt-auth.guard';
-export * from './jwt.strategy';

package/templates/module-presets/jwt-auth/packages/auth-contracts/src/index.ts DELETED Viewed

@@ -1,47 +0,0 @@
-export const AUTH_API_ROUTES = {
-  login: '/api/auth/login',
-  refresh: '/api/auth/refresh',
-  logout: '/api/auth/logout',
-  me: '/api/auth/me',
-} as const;
-export const AUTH_ERROR_CODES = {
-  invalidCredentials: 'AUTH_INVALID_CREDENTIALS',
-  tokenExpired: 'AUTH_TOKEN_EXPIRED',
-  refreshInvalid: 'AUTH_REFRESH_INVALID',
-} as const;
-export type AuthErrorCode = (typeof AUTH_ERROR_CODES)[keyof typeof AUTH_ERROR_CODES];
-export interface AuthUser {
-  sub: string;
-  email: string;
-  roles: string[];
-}
-export interface LoginRequest {
-  email: string;
-  password: string;
-}
-export interface RefreshRequest {
-  refreshToken: string;
-}
-export interface TokenPair {
-  accessToken: string;
-  refreshToken: string;
-  tokenType: 'Bearer';
-  accessTtl: string;
-  refreshTtl: string;
-}
-export interface LoginResponse extends TokenPair {
-  user: AuthUser;
-  tokenStore: string;
-}
-export interface RefreshResponse extends TokenPair {
-  user: AuthUser;
-  tokenStore: string;
-}

/package/templates/module-presets/{jwt-auth/packages/auth-api/src/jwt-auth.guard.ts → accounts/packages/accounts-api/src/access-token.guard.ts} RENAMED Viewed

File without changes

/package/templates/module-presets/{jwt-auth/packages/auth-api → accounts/packages/accounts-api}/src/auth-config.module.ts RENAMED Viewed

File without changes

/package/templates/module-presets/{jwt-auth/packages/auth-api → accounts/packages/accounts-api}/tsconfig.json RENAMED Viewed

File without changes

/package/templates/module-presets/{jwt-auth/packages/auth-contracts → accounts/packages/accounts-contracts}/tsconfig.json RENAMED Viewed

File without changes