ecrs-auth-core 1.0.113 → 1.0.115
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -326,6 +326,7 @@ let AuthCustomerService = class AuthCustomerService {
|
|
|
326
326
|
}
|
|
327
327
|
async getCustomerIdBySubdomain(subdomain) {
|
|
328
328
|
const rows = await this.userRepo.query(`SELECT customer_id FROM public.tbl_super_customer_ets_setup_details WHERE subdomain = $1 LIMIT 1`, [subdomain]);
|
|
329
|
+
console.log(`🔍 Subdomain "${subdomain}" → customer_id=${rows[0]?.customer_id ?? null}`);
|
|
329
330
|
return rows[0]?.customer_id ?? null;
|
|
330
331
|
}
|
|
331
332
|
// In auth-customer.service.ts — add this new method
|
|
@@ -4,6 +4,7 @@ declare const JwtCustomerStrategy_base: new (...args: any[]) => Strategy;
|
|
|
4
4
|
export declare class JwtCustomerStrategy extends JwtCustomerStrategy_base {
|
|
5
5
|
private readonly authCustomerService;
|
|
6
6
|
constructor(authCustomerService: AuthCustomerService);
|
|
7
|
+
private extractSubdomain;
|
|
7
8
|
validate(req: any, payload: any): Promise<{
|
|
8
9
|
id: number;
|
|
9
10
|
email: string;
|
|
@@ -24,11 +24,23 @@ let JwtCustomerStrategy = class JwtCustomerStrategy extends (0, passport_1.Passp
|
|
|
24
24
|
});
|
|
25
25
|
this.authCustomerService = authCustomerService;
|
|
26
26
|
}
|
|
27
|
+
extractSubdomain(url) {
|
|
28
|
+
if (!url)
|
|
29
|
+
return null;
|
|
30
|
+
try {
|
|
31
|
+
const hostname = new URL(url).hostname; // e.g. "acme.ecrs.com"
|
|
32
|
+
const parts = hostname.split(".");
|
|
33
|
+
return parts.length > 2 ? parts[0] : null;
|
|
34
|
+
}
|
|
35
|
+
catch {
|
|
36
|
+
return null;
|
|
37
|
+
}
|
|
38
|
+
}
|
|
27
39
|
async validate(req, payload) {
|
|
28
40
|
// 1. Subdomain check against tbl_super_customer_ets_setup_details
|
|
29
|
-
const
|
|
30
|
-
const
|
|
31
|
-
|
|
41
|
+
const origin = req.headers['origin'] || req.headers['referer'] || '';
|
|
42
|
+
const subdomain = this.extractSubdomain(origin);
|
|
43
|
+
console.log(`🔍 Validating JWT for subdomain: ${subdomain ?? "N/A"} (origin: ${origin || "N/A"})`);
|
|
32
44
|
if (subdomain) {
|
|
33
45
|
const customerId = await this.authCustomerService.getCustomerIdBySubdomain(subdomain);
|
|
34
46
|
if (!customerId) {
|