ecrs-auth-core 1.0.43 → 1.0.45

package/README.md

@@ -0,0 +1,263 @@
+# ECRS Auth Core
+
+A centralized authentication and authorization module for NestJS applications, providing JWT-based authentication, role-based access control, and feature-level permissions.
+
+## Features
+
+- 🔐 JWT-based authentication
+- 👥 Role-based access control (RBAC)
+- 🎯 Feature-level permissions
+- 🛡️ Route-level security guards
+- 📊 Module and screen permissions
+- 🔧 Easy integration with TypeORM
+- 📦 Fully typed with TypeScript
+
+## Installation
+
+```bash
+npm install ecrs-auth-core
+```
+
+## Peer Dependencies
+
+Make sure you have the following peer dependencies installed:
+
+```bash
+npm install @nestjs/common @nestjs/core @nestjs/passport @nestjs/typeorm bcrypt passport passport-jwt typeorm
+```
+
+## Quick Start
+
+### 1. Import the Auth Module
+
+```typescript
+import { Module } from '@nestjs/common';
+import { TypeOrmModule } from '@nestjs/typeorm';
+import { AuthCoreModule } from 'ecrs-auth-core';
+
+@Module({
+  imports: [
+    TypeOrmModule.forRoot({
+      // your database configuration
+    }),
+    AuthCoreModule.forRoot({
+      jwtSecret: 'your-jwt-secret',
+      jwtExpiresIn: '1h',
+    }),
+  ],
+})
+export class AppModule {}
+```
+
+### 2. Include Entities in TypeORM
+
+```typescript
+import {
+  User,
+  Role,
+  Module as AuthModule,
+  Feature,
+  ModuleRoute,
+  UserFeatureAccess,
+  UserModuleAccess,
+  ModuleScreenPermission,
+} from 'ecrs-auth-core';
+
+TypeOrmModule.forRoot({
+  // ... other config
+  entities: [
+    User,
+    Role,
+    AuthModule,
+    Feature,
+    ModuleRoute,
+    UserFeatureAccess,
+    UserModuleAccess,
+    ModuleScreenPermission,
+  ],
+});
+```
+
+### 3. Use Guards and Decorators
+
+```typescript
+import { Controller, Get, Post, UseGuards } from '@nestjs/common';
+import { 
+  JwtAuthGuard, 
+  RolesGuard, 
+  FeatureGuard,
+  Roles, 
+  Feature, 
+  CurrentUser,
+  User 
+} from 'ecrs-auth-core';
+
+@Controller('protected')
+@UseGuards(JwtAuthGuard)
+export class ProtectedController {
+  
+  @Get('admin-only')
+  @UseGuards(RolesGuard)
+  @Roles('admin')
+  adminOnlyEndpoint(@CurrentUser() user: User) {
+    return { message: 'Admin access granted', user: user.username };
+  }
+
+  @Get('feature-protected')
+  @UseGuards(FeatureGuard)
+  @Feature('user-management')
+  featureProtectedEndpoint(@CurrentUser() user: User) {
+    return { message: 'Feature access granted' };
+  }
+}
+```
+
+## Available Decorators
+
+### @CurrentUser()
+Get the current authenticated user in your controller methods.
+
+```typescript
+@Get('profile')
+getProfile(@CurrentUser() user: User) {
+  return user;
+}
+```
+
+### @Roles()
+Restrict access based on user roles.
+
+```typescript
+@Roles('admin', 'manager')
+@UseGuards(RolesGuard)
+adminEndpoint() {
+  // Only admin and manager roles can access
+}
+```
+
+### @Feature()
+Restrict access based on feature permissions.
+
+```typescript
+@Feature('user-management')
+@UseGuards(FeatureGuard)
+userManagementEndpoint() {
+  // Only users with user-management feature access
+}
+```
+
+### @HasPermission()
+Check for specific permissions.
+
+```typescript
+@HasPermission('CREATE_USER')
+@UseGuards(PermissionGuard)
+createUserEndpoint() {
+  // Only users with CREATE_USER permission
+}
+```
+
+### @RoutePermission()
+Route-level permission checking.
+
+```typescript
+@RoutePermission('users', 'create')
+@UseGuards(RouteGuard)
+createUser() {
+  // Route-specific permission checking
+}
+```
+
+## Available Guards
+
+- **JwtAuthGuard**: JWT token validation
+- **RolesGuard**: Role-based access control
+- **FeatureGuard**: Feature-based access control  
+- **PermissionGuard**: Permission-based access control
+- **RouteGuard**: Route-level access control
+- **ModuleGuard**: Module-based access control
+
+## Authentication Service
+
+The `AuthService` provides methods for user authentication and token management:
+
+```typescript
+import { AuthService } from 'ecrs-auth-core';
+
+@Injectable()
+export class MyService {
+  constructor(private authService: AuthService) {}
+
+  async login(username: string, password: string) {
+    return this.authService.validateUser(username, password);
+  }
+
+  async generateToken(user: User) {
+    return this.authService.generateToken(user);
+  }
+}
+```
+
+## Database Entities
+
+The package includes the following TypeORM entities:
+
+- **User**: User account information
+- **Role**: User roles (admin, user, etc.)
+- **Module**: Application modules
+- **Feature**: Feature definitions
+- **ModuleRoute**: Module route mappings
+- **UserFeatureAccess**: User-feature access permissions
+- **UserModuleAccess**: User-module access permissions  
+- **ModuleScreenPermission**: Screen-level permissions
+
+## Configuration Options
+
+```typescript
+interface AuthCoreOptions {
+  jwtSecret: string;
+  jwtExpiresIn?: string;
+  bcryptRounds?: number;
+  // ... other options
+}
+```
+
+## Examples
+
+### Basic Setup with Custom Configuration
+
+```typescript
+AuthCoreModule.forRoot({
+  jwtSecret: process.env.JWT_SECRET,
+  jwtExpiresIn: '24h',
+  bcryptRounds: 12,
+})
+```
+
+### Using Multiple Guards
+
+```typescript
+@UseGuards(JwtAuthGuard, RolesGuard, FeatureGuard)
+@Roles('admin')
+@Feature('advanced-settings')
+@Get('advanced-admin')
+advancedAdminEndpoint() {
+  return { message: 'Multi-level security passed' };
+}
+```
+
+## License
+
+MIT
+
+## Author
+
+Chetan Yadnik
+
+## Contributing
+
+Contributions are welcome! Please feel free to submit a Pull Request.
+
+## Support
+
+For questions and support, please open an issue on GitHub.

package/dist/auth.controller.d.ts

@@ -1,19 +1,26 @@
-import { AuthService } from './auth.service';
-import { LoginDto } from './dtos/login.dto';
-export declare class AuthController {
-    private readonly authService;
-    constructor(authService: AuthService);
-    login(body: LoginDto): Promise<{
-        status: boolean;
-        message: string;
-        data: {
-            user: {
-                id: number;
-                email: string;
-                roleId: number;
-                moduleId: number;
-            };
-        };
-        access_token: string;
-    }>;
-}
+import { AuthService } from './auth.service';
+import { LoginDto } from './dtos/login.dto';
+export declare class AuthController {
+    private readonly authService;
+    constructor(authService: AuthService);
+    login(body: LoginDto): Promise<{
+        status: boolean;
+        message: string;
+        data: {
+            user: {
+                id: number;
+                email: string;
+                roleId: number;
+                roleName: string | null;
+                moduleId: number;
+                name: string;
+                firstName: string;
+                lastName: string;
+                mobileNo: number;
+                userImage: string;
+                employeeId: number;
+            };
+        };
+        access_token: string;
+    }>;
+}

package/dist/auth.controller.js

@@ -1,41 +1,41 @@
-"use strict";
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var __metadata = (this && this.__metadata) || function (k, v) {
-    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-};
-var __param = (this && this.__param) || function (paramIndex, decorator) {
-    return function (target, key) { decorator(target, key, paramIndex); }
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.AuthController = void 0;
-const common_1 = require("@nestjs/common");
-const auth_service_1 = require("./auth.service");
-const login_dto_1 = require("./dtos/login.dto");
-let AuthController = class AuthController {
-    constructor(authService) {
-        this.authService = authService;
-    }
-    async login(body) {
-        const user = await this.authService.validateUser(body.email, body.password);
-        if (!user)
-            throw new common_1.UnauthorizedException('Invalid credentials');
-        return this.authService.login(user);
-    }
-};
-exports.AuthController = AuthController;
-__decorate([
-    (0, common_1.Post)('login'),
-    __param(0, (0, common_1.Body)()),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [login_dto_1.LoginDto]),
-    __metadata("design:returntype", Promise)
-], AuthController.prototype, "login", null);
-exports.AuthController = AuthController = __decorate([
-    (0, common_1.Controller)('auth'),
-    __metadata("design:paramtypes", [auth_service_1.AuthService])
-], AuthController);
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthController = void 0;
+const common_1 = require("@nestjs/common");
+const auth_service_1 = require("./auth.service");
+const login_dto_1 = require("./dtos/login.dto");
+let AuthController = class AuthController {
+    constructor(authService) {
+        this.authService = authService;
+    }
+    async login(body) {
+        const user = await this.authService.validateUser(body.email, body.password);
+        if (!user)
+            throw new common_1.UnauthorizedException('Invalid credentials');
+        return this.authService.login(user);
+    }
+};
+exports.AuthController = AuthController;
+__decorate([
+    (0, common_1.Post)('login'),
+    __param(0, (0, common_1.Body)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [login_dto_1.LoginDto]),
+    __metadata("design:returntype", Promise)
+], AuthController.prototype, "login", null);
+exports.AuthController = AuthController = __decorate([
+    (0, common_1.Controller)('auth'),
+    __metadata("design:paramtypes", [auth_service_1.AuthService])
+], AuthController);

package/dist/auth.module.d.ts

@@ -1,9 +1,9 @@
-import { DynamicModule } from '@nestjs/common';
-import { AuthCoreOptions } from './interfaces/auth-core-options.interface';
-export declare const AUTH_CORE_OPTIONS = "AUTH_CORE_OPTIONS";
-export declare class AuthCoreModule {
-    static registerAsync(options: {
-        inject: any[];
-        useFactory: (...args: any[]) => Promise<AuthCoreOptions>;
-    }): DynamicModule;
-}
+import { DynamicModule } from '@nestjs/common';
+import { AuthCoreOptions } from './interfaces/auth-core-options.interface';
+export declare const AUTH_CORE_OPTIONS = "AUTH_CORE_OPTIONS";
+export declare class AuthCoreModule {
+    static registerAsync(options: {
+        inject: any[];
+        useFactory: (...args: any[]) => Promise<AuthCoreOptions>;
+    }): DynamicModule;
+}