ecrs-auth-core 1.0.113 → 1.0.115

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -326,6 +326,7 @@ let AuthCustomerService = class AuthCustomerService {
326
326
  }
327
327
  async getCustomerIdBySubdomain(subdomain) {
328
328
  const rows = await this.userRepo.query(`SELECT customer_id FROM public.tbl_super_customer_ets_setup_details WHERE subdomain = $1 LIMIT 1`, [subdomain]);
329
+ console.log(`🔍 Subdomain "${subdomain}" → customer_id=${rows[0]?.customer_id ?? null}`);
329
330
  return rows[0]?.customer_id ?? null;
330
331
  }
331
332
  // In auth-customer.service.ts — add this new method
@@ -4,6 +4,7 @@ declare const JwtCustomerStrategy_base: new (...args: any[]) => Strategy;
4
4
  export declare class JwtCustomerStrategy extends JwtCustomerStrategy_base {
5
5
  private readonly authCustomerService;
6
6
  constructor(authCustomerService: AuthCustomerService);
7
+ private extractSubdomain;
7
8
  validate(req: any, payload: any): Promise<{
8
9
  id: number;
9
10
  email: string;
@@ -24,11 +24,23 @@ let JwtCustomerStrategy = class JwtCustomerStrategy extends (0, passport_1.Passp
24
24
  });
25
25
  this.authCustomerService = authCustomerService;
26
26
  }
27
+ extractSubdomain(url) {
28
+ if (!url)
29
+ return null;
30
+ try {
31
+ const hostname = new URL(url).hostname; // e.g. "acme.ecrs.com"
32
+ const parts = hostname.split(".");
33
+ return parts.length > 2 ? parts[0] : null;
34
+ }
35
+ catch {
36
+ return null;
37
+ }
38
+ }
27
39
  async validate(req, payload) {
28
40
  // 1. Subdomain check against tbl_super_customer_ets_setup_details
29
- const host = req.get("host") || "";
30
- const hostParts = host.split(".");
31
- const subdomain = hostParts.length > 2 ? hostParts[0] : null;
41
+ const origin = req.headers['origin'] || req.headers['referer'] || '';
42
+ const subdomain = this.extractSubdomain(origin);
43
+ console.log(`🔍 Validating JWT for subdomain: ${subdomain ?? "N/A"} (origin: ${origin || "N/A"})`);
32
44
  if (subdomain) {
33
45
  const customerId = await this.authCustomerService.getCustomerIdBySubdomain(subdomain);
34
46
  if (!customerId) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "ecrs-auth-core",
3
- "version": "1.0.113",
3
+ "version": "1.0.115",
4
4
  "description": "Centralized authentication and authorization module for ECRS apps",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",