ecrs-auth-core 1.0.103 → 1.0.105

package/dist/auth-customer.controller.d.ts

@@ -0,0 +1,46 @@
+import { Request } from "express";
+import { JwtService } from "@nestjs/jwt";
+import { AuthCustomerService } from "./auth-customer.service";
+import { LoginCustomerDto } from "./dtos/login-customer.dto";
+export declare class AuthCustomerController {
+    private readonly authCustomerService;
+    private readonly jwtService;
+    constructor(authCustomerService: AuthCustomerService, jwtService: JwtService);
+    login(request: Request, body: LoginCustomerDto): Promise<{
+        status: boolean;
+        message: string;
+        data: {
+            user: {
+                id: number;
+                email: string;
+                roleId: number;
+                roleName: string | null;
+                tokenVersion: number;
+                name: string;
+                firstName: string;
+                lastName: string;
+                mobileNo: number;
+                userImage: string;
+                referenceId: number;
+                parentId: number;
+                lastLoginTime: Date | null;
+                is_reset_password: number;
+                profile_photo_url: string;
+            };
+        };
+        access_token: string;
+    }>;
+    logout(request: any): Promise<{
+        status: boolean;
+        message: string;
+        data: {
+            user: {
+                id: any;
+                logoutTime: string;
+            };
+        };
+    }>;
+    private extractClientData;
+    private parseUserAgent;
+    private getClientIp;
+}

package/dist/auth-customer.controller.js

@@ -0,0 +1,249 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthCustomerController = void 0;
+const common_1 = require("@nestjs/common");
+const jwt_1 = require("@nestjs/jwt");
+const auth_customer_service_1 = require("./auth-customer.service");
+const login_customer_dto_1 = require("./dtos/login-customer.dto");
+const login_response_dto_1 = require("./dtos/login-response.dto");
+const swagger_1 = require("@nestjs/swagger");
+let AuthCustomerController = class AuthCustomerController {
+    constructor(authCustomerService, jwtService) {
+        this.authCustomerService = authCustomerService;
+        this.jwtService = jwtService;
+    }
+    async login(request, body) {
+        const clientIp = this.getClientIp(request);
+        const userAgent = request.get("user-agent") || "Unknown";
+        const additionalData = this.extractClientData(request, userAgent);
+        console.log(`📍 Customer Emplyee login attempt from IP: ${clientIp}, User-Agent: ${userAgent}`);
+        const user = await this.authCustomerService.validateUser(body.email, body.password, clientIp);
+        if (!user) {
+            await this.authCustomerService
+                .saveLastLogin({ email: body.email }, clientIp, "failed", "Invalid credentials or IP not allowed", additionalData)
+                .catch((err) => console.error("❌ Error saving failed customer login to tbl_user_last_login:", err.message));
+            await this.authCustomerService
+                .saveLoginDetailsJson({ email: body.email }, clientIp, "failed", "Invalid credentials or IP not allowed", additionalData)
+                .catch((err) => console.error("❌ Error saving failed customer login to tbl_user_login_details:", err.message));
+            throw new common_1.UnauthorizedException("Login failed: email or password not matched or IP not allowed");
+        }
+        console.log(`✅ Customer ${body.email} authenticated successfully`);
+        const loginResponse = await this.authCustomerService.login(user);
+        console.log(`✅ Customer ${body.email} logged in successfully to Customer Domain`);
+        await this.authCustomerService
+            .saveLastLogin(user, clientIp, "success", undefined, {
+            ...additionalData,
+        })
+            .catch((err) => console.error("❌ Error saving successful customer login to tbl_user_last_login:", err.message));
+        await this.authCustomerService
+            .saveLoginDetailsJson(user, clientIp, "success", undefined, {
+            ...additionalData,
+        })
+            .catch((err) => console.error("❌ Error saving successful customer login to tbl_user_login_details:", err.message));
+        return loginResponse;
+    }
+    async logout(request) {
+        const authHeader = request.headers.authorization;
+        if (!authHeader || !authHeader.startsWith("Bearer ")) {
+            throw new common_1.UnauthorizedException("Missing or invalid Authorization header. Required format: Bearer <token>");
+        }
+        const token = authHeader.substring(7);
+        try {
+            const payload = this.jwtService.verify(token);
+            const userId = payload.id;
+            if (!userId) {
+                throw new common_1.UnauthorizedException("Invalid token - no user ID found");
+            }
+            console.log(`🚪 Customer logout request for user ${userId}`);
+            await Promise.all([
+                this.authCustomerService
+                    .updateLastLoginLogout(userId)
+                    .catch((err) => console.error("❌ Error updating customer logout in tbl_user_last_login:", err.message)),
+                this.authCustomerService
+                    .updateLoginLogoutDetailsJson(userId)
+                    .catch((err) => console.error("❌ Error updating customer logout in tbl_user_login_details:", err.message)),
+            ]);
+            console.log(`✅ Customer ${userId} logged out successfully`);
+            return {
+                status: true,
+                message: "Logout successful",
+                data: { user: { id: userId, logoutTime: new Date().toISOString() } },
+            };
+        }
+        catch (error) {
+            if (error.name === "TokenExpiredError")
+                throw new common_1.UnauthorizedException("JWT token has expired");
+            if (error.name === "JsonWebTokenError")
+                throw new common_1.UnauthorizedException("Invalid JWT token");
+            console.error("❌ Error during customer logout:", error?.message || error);
+            throw new common_1.UnauthorizedException("Logout failed");
+        }
+    }
+    extractClientData(request, userAgent) {
+        const { browser, os, deviceType } = this.parseUserAgent(userAgent);
+        const ipAddressName = request.get("x-forwarded-host") || request.get("host") || "Unknown";
+        const location = request.get("cf-ipcountry") || "Unknown";
+        return {
+            browser,
+            deviceType,
+            operatingSystem: os,
+            userAgent,
+            location,
+            ipAddressName,
+        };
+    }
+    parseUserAgent(userAgent) {
+        const ua = userAgent.toLowerCase();
+        let browser = "Unknown";
+        if (ua.includes("chrome"))
+            browser = "Chrome";
+        else if (ua.includes("firefox"))
+            browser = "Firefox";
+        else if (ua.includes("safari"))
+            browser = "Safari";
+        else if (ua.includes("edg/"))
+            browser = "Edge";
+        else if (ua.includes("opera") || ua.includes("opr/"))
+            browser = "Opera";
+        else if (ua.includes("trident"))
+            browser = "Internet Explorer";
+        let os = "Unknown";
+        if (ua.includes("windows"))
+            os = "Windows";
+        else if (ua.includes("mac"))
+            os = "macOS";
+        else if (ua.includes("linux"))
+            os = "Linux";
+        else if (ua.includes("iphone") || ua.includes("ipad"))
+            os = "iOS";
+        else if (ua.includes("android"))
+            os = "Android";
+        let deviceType = "Desktop";
+        if (ua.includes("mobile") ||
+            ua.includes("android") ||
+            ua.includes("iphone"))
+            deviceType = "Mobile";
+        else if (ua.includes("tablet") || ua.includes("ipad"))
+            deviceType = "Tablet";
+        return { browser, os, deviceType };
+    }
+    getClientIp(request) {
+        let ip = "";
+        const xForwardedFor = request.headers["x-forwarded-for"];
+        if (xForwardedFor) {
+            const ips = Array.isArray(xForwardedFor)
+                ? xForwardedFor
+                : xForwardedFor.split(",");
+            ip = ips[0].trim();
+        }
+        else if (request.headers["x-real-ip"]) {
+            const xRealIp = request.headers["x-real-ip"];
+            ip = Array.isArray(xRealIp) ? xRealIp[0] : xRealIp;
+        }
+        else if (request.headers["cf-connecting-ip"]) {
+            const cfIp = request.headers["cf-connecting-ip"];
+            ip = Array.isArray(cfIp) ? cfIp[0] : cfIp;
+        }
+        else if (request.ip) {
+            ip = request.ip;
+        }
+        else if (request.socket.remoteAddress) {
+            ip = request.socket.remoteAddress;
+        }
+        if (ip.startsWith("::ffff:"))
+            ip = ip.substring(7);
+        return ip || "Unknown";
+    }
+};
+exports.AuthCustomerController = AuthCustomerController;
+__decorate([
+    (0, common_1.Post)("login"),
+    (0, common_1.HttpCode)(200),
+    (0, swagger_1.ApiBody)({
+        required: true,
+        description: "Credentials required for customer authentication",
+        schema: {
+            $ref: (0, swagger_1.getSchemaPath)(login_customer_dto_1.LoginCustomerDto),
+            example: {
+                email: "customer@example.com",
+                password: "StrongP@ssw0rd",
+            },
+        },
+    }),
+    (0, swagger_1.ApiOperation)({
+        summary: "Customer login",
+        description: "Authenticate customer user from tbl_users_customer and return access token",
+    }),
+    (0, swagger_1.ApiOkResponse)({
+        description: "Login successful",
+        schema: {
+            $ref: (0, swagger_1.getSchemaPath)(login_response_dto_1.LoginResponseDto),
+            example: {
+                status: true,
+                message: "Login successful",
+                data: {
+                    user: {
+                        id: 1,
+                        email: "customer@example.com",
+                        roleId: 5,
+                        roleName: "CUSTOMER_BOOKER",
+                        moduleId: 7,
+                        name: "Jane Doe",
+                    },
+                },
+                access_token: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
+            },
+        },
+    }),
+    (0, swagger_1.ApiUnauthorizedResponse)({
+        description: "Invalid credentials or IP not allowed",
+    }),
+    __param(0, (0, common_1.Req)()),
+    __param(1, (0, common_1.Body)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object, login_customer_dto_1.LoginCustomerDto]),
+    __metadata("design:returntype", Promise)
+], AuthCustomerController.prototype, "login", null);
+__decorate([
+    (0, common_1.Post)("logout"),
+    (0, common_1.HttpCode)(200),
+    (0, swagger_1.ApiOperation)({
+        summary: "Customer logout",
+        description: "Logout customer user and update session end time.",
+    }),
+    (0, swagger_1.ApiOkResponse)({
+        description: "Logout successful",
+        example: {
+            status: true,
+            message: "Logout successful",
+            data: { user: { id: 1, logoutTime: "2026-01-28T10:30:00.000Z" } },
+        },
+    }),
+    (0, swagger_1.ApiUnauthorizedResponse)({
+        description: "Unauthorized - Invalid or missing JWT token",
+    }),
+    __param(0, (0, common_1.Req)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object]),
+    __metadata("design:returntype", Promise)
+], AuthCustomerController.prototype, "logout", null);
+exports.AuthCustomerController = AuthCustomerController = __decorate([
+    (0, swagger_1.ApiTags)("auth-customer"),
+    (0, swagger_1.ApiBearerAuth)(),
+    (0, swagger_1.ApiExtraModels)(login_customer_dto_1.LoginCustomerDto, login_response_dto_1.LoginResponseDto),
+    (0, common_1.Controller)("auth-customer"),
+    __metadata("design:paramtypes", [auth_customer_service_1.AuthCustomerService,
+        jwt_1.JwtService])
+], AuthCustomerController);

package/dist/auth-customer.module.d.ts

@@ -0,0 +1,8 @@
+import { DynamicModule } from '@nestjs/common';
+import { AuthCustomerCoreOptions } from './interfaces/auth-customer-options.interface';
+export declare class AuthCustomerCoreModule {
+    static registerAsync(options: {
+        inject: any[];
+        useFactory: (...args: any[]) => Promise<AuthCustomerCoreOptions>;
+    }): DynamicModule;
+}

package/dist/auth-customer.module.js

@@ -0,0 +1,62 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var AuthCustomerCoreModule_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthCustomerCoreModule = void 0;
+const common_1 = require("@nestjs/common");
+const jwt_1 = require("@nestjs/jwt");
+const auth_customer_service_1 = require("./auth-customer.service");
+const auth_customer_controller_1 = require("./auth-customer.controller");
+const jwt_customer_strategy_1 = require("./jwt/jwt-customer.strategy");
+const jwt_customer_guard_1 = require("./jwt/jwt-customer.guard");
+const constants_1 = require("./constants/constants");
+let AuthCustomerCoreModule = AuthCustomerCoreModule_1 = class AuthCustomerCoreModule {
+    static registerAsync(options) {
+        const asyncProvider = {
+            provide: constants_1.AUTH_CUSTOMER_CORE_OPTIONS,
+            inject: options.inject,
+            useFactory: options.useFactory,
+        };
+        return {
+            module: AuthCustomerCoreModule_1,
+            imports: [
+                jwt_1.JwtModule.registerAsync({
+                    inject: options.inject,
+                    useFactory: async (...args) => {
+                        const config = await options.useFactory(...args);
+                        console.log('🔐 JWT Secret from AUTH_CUSTOMER_CORE_OPTIONS:', config.jwtSecret);
+                        console.log('⏳ JWT Expiry:', config.jwtExpiresIn);
+                        return {
+                            secret: config.jwtSecret,
+                            signOptions: { expiresIn: config.jwtExpiresIn },
+                        };
+                    },
+                }),
+            ],
+            providers: [
+                asyncProvider,
+                auth_customer_service_1.AuthCustomerService,
+                jwt_customer_strategy_1.JwtCustomerStrategy,
+                jwt_customer_guard_1.JwtCustomerAuthGuard,
+            ],
+            controllers: [auth_customer_controller_1.AuthCustomerController],
+            exports: [
+                constants_1.AUTH_CUSTOMER_CORE_OPTIONS,
+                jwt_1.JwtModule,
+                auth_customer_service_1.AuthCustomerService,
+                jwt_customer_strategy_1.JwtCustomerStrategy,
+                jwt_customer_guard_1.JwtCustomerAuthGuard,
+            ],
+        };
+    }
+};
+exports.AuthCustomerCoreModule = AuthCustomerCoreModule;
+exports.AuthCustomerCoreModule = AuthCustomerCoreModule = AuthCustomerCoreModule_1 = __decorate([
+    (0, common_1.Global)(),
+    (0, common_1.Module)({})
+], AuthCustomerCoreModule);

package/dist/auth-customer.service.d.ts

@@ -0,0 +1,64 @@
+import { JwtService } from "@nestjs/jwt";
+import { AuthCustomerCoreOptions } from "./interfaces/auth-customer-options.interface";
+import { UserCustomer } from "./entities/user-customer.entity";
+export declare class AuthCustomerService {
+    private readonly jwtService;
+    private readonly options;
+    private readonly userRepo;
+    private readonly roleRepo;
+    private readonly moduleAccessRepo;
+    private readonly userLastLoginRepo;
+    private readonly loginDetailsRepo;
+    private readonly employeeWorkProfileRepo;
+    private uploadPhotoDir;
+    constructor(jwtService: JwtService, options: AuthCustomerCoreOptions);
+    validateUser(email: string, password: string, clientIp?: string): Promise<UserCustomer>;
+    hasModuleAccess(userId: number, moduleId: number): Promise<boolean>;
+    saveLastLogin(user: UserCustomer, clientIp: string, loginStatus?: "success" | "failed" | "blocked", failureReason?: string, additionalData?: {
+        browser?: string;
+        deviceType?: string;
+        operatingSystem?: string;
+        userAgent?: string;
+        location?: string;
+        moduleId?: number;
+        ipAddressName?: string;
+        metadata?: Record<string, any>;
+    }): Promise<void>;
+    saveLoginDetailsJson(user: UserCustomer, clientIp: string, loginStatus?: "success" | "failed" | "blocked", failureReason?: string, additionalData?: {
+        browser?: string;
+        deviceType?: string;
+        operatingSystem?: string;
+        userAgent?: string;
+        location?: string;
+        moduleId?: number;
+        ipAddressName?: string;
+        metadata?: Record<string, any>;
+    }): Promise<void>;
+    updateLoginLogoutDetailsJson(userId: number): Promise<void>;
+    updateLastLoginLogout(userId: number): Promise<void>;
+    login(user: UserCustomer): Promise<{
+        status: boolean;
+        message: string;
+        data: {
+            user: {
+                id: number;
+                email: string;
+                roleId: number;
+                roleName: string | null;
+                tokenVersion: number;
+                name: string;
+                firstName: string;
+                lastName: string;
+                mobileNo: number;
+                userImage: string;
+                referenceId: number;
+                parentId: number;
+                lastLoginTime: Date | null;
+                is_reset_password: number;
+                profile_photo_url: string;
+            };
+        };
+        access_token: string;
+    }>;
+    findUserById(id: number): Promise<UserCustomer | null>;
+}