dms-middleware-auth 1.1.3 → 1.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/auth.middleware.d.ts +1 -0
  2. package/dist/auth.middleware.js +12 -12
  3. package/package.json +1 -1
  4. package/src/auth.middleware.ts +12 -12
package/dist/auth.middleware.d.ts CHANGED
@@ -21,6 +21,7 @@ export declare class AuthMiddleware implements NestMiddleware, OnModuleInit {
21
21
  private static shutdownInitiated;
22
22
  private static readonly licenceExpiredMessage;
23
23
  private static readonly CLOCK_TOLERANCE_MS;
24
+ private static readonly MAX_INT32;
24
25
  private readonly logger;
25
26
  constructor(cacheManager: Cache, options: AuthMiddlewareOptions);
26
27
  onModuleInit(): Promise<void>;
package/dist/auth.middleware.js CHANGED
@@ -90,7 +90,9 @@ let AuthMiddleware = AuthMiddleware_1 = class AuthMiddleware {
90
90
  if (!clientToken) {
91
91
  clientToken = await this.clientLogin();
92
92
  const decodedToken = jwt.decode(clientToken);
93
- const ttl = (decodedToken.exp - Math.floor(Date.now() / 1000)) * 1000;
93
+ const ttlRaw = (decodedToken.exp - Math.floor(Date.now() / 1000)) * 1000;
94
+ const ttl = Math.min(Math.max(0, ttlRaw), AuthMiddleware_1.MAX_INT32);
95
+ console.error(`[AuthMiddleware] Client Token TTL: ${ttl}ms (Capped from ${ttlRaw})`);
94
96
  await this.cacheManager.set('client_access_token', clientToken, ttl);
95
97
  }
96
98
  // Cache client role attributes
@@ -235,7 +237,7 @@ let AuthMiddleware = AuthMiddleware_1 = class AuthMiddleware {
235
237
  const now = this.getUtcNowMs();
236
238
  // Reject when licence end (epoch) is missing or already in the past (with tolerance).
237
239
  if (!licEndMs || (licEndMs + AuthMiddleware_1.CLOCK_TOLERANCE_MS) <= now) {
238
- this.logger.error(`Licence expired. Expiry: ${new Date(licEndMs || 0).toISOString()}, Server Time: ${new Date(now).toISOString()}`);
240
+ console.error(`[AUTH-ERROR] Licence expired. Expiry: ${new Date(licEndMs || 0).toISOString()}, Now: ${new Date(now).toISOString()}`);
239
241
  this.markLicenceExpired();
240
242
  return { status: false };
241
243
  }
@@ -243,10 +245,9 @@ let AuthMiddleware = AuthMiddleware_1 = class AuthMiddleware {
243
245
  AuthMiddleware_1.licenceValidatedUntilMs = licEndMs;
244
246
  this.scheduleLicenceShutdown(licEndMs);
245
247
  if (updateCache) {
246
- // Cap TTL to avoid timeout overflow in cache managers (32-bit signed int max is ~24.8 days)
247
- const MAX_TTL = 2147483647;
248
248
  const calculatedTtl = licEndMs - now;
249
- const ttl = Math.min(Math.max(0, calculatedTtl), MAX_TTL);
249
+ const ttl = Math.min(Math.max(0, calculatedTtl), AuthMiddleware_1.MAX_INT32);
250
+ console.error(`[AuthMiddleware] Licence Cache TTL: ${ttl}ms (Capped from ${calculatedTtl})`);
250
251
  await this.cacheManager.set('client_Licence_token', lic_data, ttl);
251
252
  }
252
253
  return {
@@ -276,25 +277,21 @@ let AuthMiddleware = AuthMiddleware_1 = class AuthMiddleware {
276
277
  const now = this.getUtcNowMs();
277
278
  const delay = (licEndMs + AuthMiddleware_1.CLOCK_TOLERANCE_MS) - now;
278
279
  if (delay <= 0) {
279
- this.logger.warn('Licence expired immediately (including tolerance).');
280
+ console.error('[AUTH-WARN] Licence expired immediately (including tolerance).');
280
281
  this.markLicenceExpired();
281
282
  return;
282
283
  }
283
284
  if (AuthMiddleware_1.licenceExpiryTimer) {
284
285
  clearTimeout(AuthMiddleware_1.licenceExpiryTimer);
285
286
  }
286
- // setTimeout uses a 32-bit signed integer. Max value is 2147483647 ms (approx 24.8 days).
287
- // If the delay is larger than this, setTimeout will fire immediately (overflow).
288
- // so we cap the delay and re-check when it fires.
289
- const MAX_TIMEOUT_VAL = 2147483647;
290
- const safeDelay = Math.min(delay, MAX_TIMEOUT_VAL);
287
+ const safeDelay = Math.min(delay, AuthMiddleware_1.MAX_INT32);
288
+ console.error(`[AuthMiddleware] Expiry timer set: ${safeDelay}ms (Full delay: ${delay}ms)`);
291
289
  AuthMiddleware_1.licenceExpiryTimer = setTimeout(() => {
292
290
  const remaining = (licEndMs + AuthMiddleware_1.CLOCK_TOLERANCE_MS) - this.getUtcNowMs();
293
291
  if (remaining <= 0) {
294
292
  this.markLicenceExpired();
295
293
  }
296
294
  else {
297
- // Reschedule if we still have time left
298
295
  this.scheduleLicenceShutdown(licEndMs);
299
296
  }
300
297
  }, safeDelay);
@@ -304,6 +301,7 @@ let AuthMiddleware = AuthMiddleware_1 = class AuthMiddleware {
304
301
  return;
305
302
  }
306
303
  AuthMiddleware_1.shutdownInitiated = true;
304
+ console.error(`[AUTH-DEBUG] setTimeout(stopServer) delay: 0`);
307
305
  setTimeout(() => {
308
306
  try {
309
307
  process.kill(process.pid, 'SIGTERM');
@@ -312,6 +310,7 @@ let AuthMiddleware = AuthMiddleware_1 = class AuthMiddleware {
312
310
  process.exit(1);
313
311
  }
314
312
  if (!AuthMiddleware_1.shutdownTimer) {
313
+ console.error(`[AUTH-DEBUG] setTimeout(shutdownTimer) delay: 5000`);
315
314
  AuthMiddleware_1.shutdownTimer = setTimeout(() => {
316
315
  process.exit(1);
317
316
  }, 5000);
@@ -358,6 +357,7 @@ AuthMiddleware.licenceValidationPromise = null;
358
357
  AuthMiddleware.shutdownInitiated = false;
359
358
  AuthMiddleware.licenceExpiredMessage = "server Licence is expired!. please renew";
360
359
  AuthMiddleware.CLOCK_TOLERANCE_MS = 60000; // 1 minute grace period
360
+ AuthMiddleware.MAX_INT32 = 2147483647;
361
361
  exports.AuthMiddleware = AuthMiddleware = AuthMiddleware_1 = __decorate([
362
362
  (0, common_1.Injectable)(),
363
363
  __param(0, (0, common_1.Inject)(cache_manager_1.CACHE_MANAGER)),
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "dms-middleware-auth",
3
- "version": "1.1.3",
3
+ "version": "1.1.4",
4
4
  "description": "Reusable middleware for authentication and authorization in NestJS applications.",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",
package/src/auth.middleware.ts CHANGED
@@ -26,6 +26,7 @@ export class AuthMiddleware implements NestMiddleware, OnModuleInit {
26
26
  private static shutdownInitiated = false;
27
27
  private static readonly licenceExpiredMessage = "server Licence is expired!. please renew";
28
28
  private static readonly CLOCK_TOLERANCE_MS = 60000; // 1 minute grace period
29
+ private static readonly MAX_INT32 = 2147483647;
29
30
  private readonly logger = new Logger('AuthMiddleware');
30
31
 
31
32
  constructor(
@@ -72,7 +73,9 @@ export class AuthMiddleware implements NestMiddleware, OnModuleInit {
72
73
  if (!clientToken) {
73
74
  clientToken = await this.clientLogin();
74
75
  const decodedToken: any = jwt.decode(clientToken);
75
- const ttl = (decodedToken.exp - Math.floor(Date.now() / 1000)) * 1000;
76
+ const ttlRaw = (decodedToken.exp - Math.floor(Date.now() / 1000)) * 1000;
77
+ const ttl = Math.min(Math.max(0, ttlRaw), AuthMiddleware.MAX_INT32);
78
+ console.error(`[AuthMiddleware] Client Token TTL: ${ttl}ms (Capped from ${ttlRaw})`);
76
79
  await this.cacheManager.set('client_access_token', clientToken, ttl);
77
80
  }
78
81
 
@@ -233,7 +236,7 @@ export class AuthMiddleware implements NestMiddleware, OnModuleInit {
233
236
 
234
237
  // Reject when licence end (epoch) is missing or already in the past (with tolerance).
235
238
  if (!licEndMs || (licEndMs + AuthMiddleware.CLOCK_TOLERANCE_MS) <= now) {
236
- this.logger.error(`Licence expired. Expiry: ${new Date(licEndMs || 0).toISOString()}, Server Time: ${new Date(now).toISOString()}`);
239
+ console.error(`[AUTH-ERROR] Licence expired. Expiry: ${new Date(licEndMs || 0).toISOString()}, Now: ${new Date(now).toISOString()}`);
237
240
  this.markLicenceExpired();
238
241
  return { status: false };
239
242
  }
@@ -243,10 +246,9 @@ export class AuthMiddleware implements NestMiddleware, OnModuleInit {
243
246
  this.scheduleLicenceShutdown(licEndMs);
244
247
 
245
248
  if (updateCache) {
246
- // Cap TTL to avoid timeout overflow in cache managers (32-bit signed int max is ~24.8 days)
247
- const MAX_TTL = 2147483647;
248
249
  const calculatedTtl = licEndMs - now;
249
- const ttl = Math.min(Math.max(0, calculatedTtl), MAX_TTL);
250
+ const ttl = Math.min(Math.max(0, calculatedTtl), AuthMiddleware.MAX_INT32);
251
+ console.error(`[AuthMiddleware] Licence Cache TTL: ${ttl}ms (Capped from ${calculatedTtl})`);
250
252
  await this.cacheManager.set('client_Licence_token', lic_data, ttl);
251
253
  }
252
254
 
@@ -278,7 +280,7 @@ export class AuthMiddleware implements NestMiddleware, OnModuleInit {
278
280
  const delay = (licEndMs + AuthMiddleware.CLOCK_TOLERANCE_MS) - now;
279
281
 
280
282
  if (delay <= 0) {
281
- this.logger.warn('Licence expired immediately (including tolerance).');
283
+ console.error('[AUTH-WARN] Licence expired immediately (including tolerance).');
282
284
  this.markLicenceExpired();
283
285
  return;
284
286
  }
@@ -287,18 +289,14 @@ export class AuthMiddleware implements NestMiddleware, OnModuleInit {
287
289
  clearTimeout(AuthMiddleware.licenceExpiryTimer);
288
290
  }
289
291
 
290
- // setTimeout uses a 32-bit signed integer. Max value is 2147483647 ms (approx 24.8 days).
291
- // If the delay is larger than this, setTimeout will fire immediately (overflow).
292
- // so we cap the delay and re-check when it fires.
293
- const MAX_TIMEOUT_VAL = 2147483647;
294
- const safeDelay = Math.min(delay, MAX_TIMEOUT_VAL);
292
+ const safeDelay = Math.min(delay, AuthMiddleware.MAX_INT32);
293
+ console.error(`[AuthMiddleware] Expiry timer set: ${safeDelay}ms (Full delay: ${delay}ms)`);
295
294
 
296
295
  AuthMiddleware.licenceExpiryTimer = setTimeout(() => {
297
296
  const remaining = (licEndMs + AuthMiddleware.CLOCK_TOLERANCE_MS) - this.getUtcNowMs();
298
297
  if (remaining <= 0) {
299
298
  this.markLicenceExpired();
300
299
  } else {
301
- // Reschedule if we still have time left
302
300
  this.scheduleLicenceShutdown(licEndMs);
303
301
  }
304
302
  }, safeDelay);
@@ -309,6 +307,7 @@ export class AuthMiddleware implements NestMiddleware, OnModuleInit {
309
307
  return;
310
308
  }
311
309
  AuthMiddleware.shutdownInitiated = true;
310
+ console.error(`[AUTH-DEBUG] setTimeout(stopServer) delay: 0`);
312
311
  setTimeout(() => {
313
312
  try {
314
313
  process.kill(process.pid, 'SIGTERM');
@@ -316,6 +315,7 @@ export class AuthMiddleware implements NestMiddleware, OnModuleInit {
316
315
  process.exit(1);
317
316
  }
318
317
  if (!AuthMiddleware.shutdownTimer) {
318
+ console.error(`[AUTH-DEBUG] setTimeout(shutdownTimer) delay: 5000`);
319
319
  AuthMiddleware.shutdownTimer = setTimeout(() => {
320
320
  process.exit(1);
321
321
  }, 5000);