ecrs-auth-core 1.0.55 → 1.0.57

package/dist/auth.controller.d.ts

@@ -1,26 +1,26 @@
-import { AuthService } from './auth.service';
-import { LoginDto } from './dtos/login.dto';
-export declare class AuthController {
-    private readonly authService;
-    constructor(authService: AuthService);
-    login(body: LoginDto): Promise<{
-        status: boolean;
-        message: string;
-        data: {
-            user: {
-                id: number;
-                email: string;
-                roleId: number;
-                roleName: string | null;
-                moduleId: number;
-                name: string;
-                firstName: string;
-                lastName: string;
-                mobileNo: number;
-                userImage: string;
-                employeeId: number;
-            };
-        };
-        access_token: string;
-    }>;
-}
+import { AuthService } from './auth.service';
+import { LoginDto } from './dtos/login.dto';
+export declare class AuthController {
+    private readonly authService;
+    constructor(authService: AuthService);
+    login(body: LoginDto): Promise<{
+        status: boolean;
+        message: string;
+        data: {
+            user: {
+                id: number;
+                email: string;
+                roleId: number;
+                roleName: string | null;
+                moduleId: number;
+                name: string;
+                firstName: string;
+                lastName: string;
+                mobileNo: number;
+                userImage: string;
+                employeeId: number;
+            };
+        };
+        access_token: string;
+    }>;
+}

package/dist/auth.controller.js

@@ -1,41 +1,99 @@
-"use strict";
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var __metadata = (this && this.__metadata) || function (k, v) {
-    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-};
-var __param = (this && this.__param) || function (paramIndex, decorator) {
-    return function (target, key) { decorator(target, key, paramIndex); }
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.AuthController = void 0;
-const common_1 = require("@nestjs/common");
-const auth_service_1 = require("./auth.service");
-const login_dto_1 = require("./dtos/login.dto");
-let AuthController = class AuthController {
-    constructor(authService) {
-        this.authService = authService;
-    }
-    async login(body) {
-        const user = await this.authService.validateUser(body.email, body.password);
-        if (!user)
-            throw new common_1.UnauthorizedException('Invalid credentials');
-        return this.authService.login(user);
-    }
-};
-exports.AuthController = AuthController;
-__decorate([
-    (0, common_1.Post)('login'),
-    __param(0, (0, common_1.Body)()),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [login_dto_1.LoginDto]),
-    __metadata("design:returntype", Promise)
-], AuthController.prototype, "login", null);
-exports.AuthController = AuthController = __decorate([
-    (0, common_1.Controller)('auth'),
-    __metadata("design:paramtypes", [auth_service_1.AuthService])
-], AuthController);
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthController = void 0;
+const common_1 = require("@nestjs/common");
+const auth_service_1 = require("./auth.service");
+const login_dto_1 = require("./dtos/login.dto");
+const login_response_dto_1 = require("./dtos/login-response.dto");
+const swagger_1 = require("@nestjs/swagger");
+let AuthController = class AuthController {
+    constructor(authService) {
+        this.authService = authService;
+    }
+    async login(body) {
+        const user = await this.authService.validateUser(body.email, body.password);
+        if (!user)
+            throw new common_1.UnauthorizedException('Invalid credentials');
+        const requestedModuleId = Number(body.moduleId);
+        if (!Number.isFinite(requestedModuleId)) {
+            throw new common_1.UnauthorizedException('You are not authorized to access this module');
+        }
+        const allowedDb = await this.authService.hasModuleAccess(user.id, requestedModuleId);
+        if (!allowedDb) {
+            throw new common_1.UnauthorizedException('You are not authorized to access this module');
+        }
+        // Double-check against computed permissions tree to avoid edge cases
+        const perms = await this.authService.getPermissions(user.id);
+        if (!Array.isArray(perms.modules) || !perms.modules.includes(requestedModuleId)) {
+            throw new common_1.UnauthorizedException('You are not authorized to access this module');
+        }
+        return this.authService.login(user, requestedModuleId);
+    }
+};
+exports.AuthController = AuthController;
+__decorate([
+    (0, common_1.Post)('login'),
+    (0, common_1.HttpCode)(200),
+    (0, swagger_1.ApiBody)({
+        required: true,
+        description: 'Credentials required for authentication',
+        schema: {
+            $ref: (0, swagger_1.getSchemaPath)(login_dto_1.LoginDto),
+            example: { email: 'user@example.com', password: 'StrongP@ssw0rd', moduleId: '3' },
+        },
+    }),
+    (0, swagger_1.ApiOperation)({
+        summary: 'User login',
+        description: 'Authenticate user and return access token'
+    }),
+    (0, swagger_1.ApiOkResponse)({
+        description: 'Login successful',
+        schema: {
+            $ref: (0, swagger_1.getSchemaPath)(login_response_dto_1.LoginResponseDto),
+            example: {
+                status: true,
+                message: 'Login successful',
+                data: {
+                    user: {
+                        id: 1,
+                        email: 'user@example.com',
+                        roleId: 2,
+                        roleName: 'Admin',
+                        moduleId: 3,
+                        name: 'John Doe',
+                        firstName: 'John',
+                        lastName: 'Doe',
+                        mobileNo: 9876543210,
+                        userImage: 'https://cdn.example.com/avatar.png',
+                        employeeId: 1001
+                    }
+                },
+                access_token: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...'
+            }
+        }
+    }),
+    (0, swagger_1.ApiUnauthorizedResponse)({ description: 'Invalid credentials' }),
+    __param(0, (0, common_1.Body)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [login_dto_1.LoginDto]),
+    __metadata("design:returntype", Promise)
+], AuthController.prototype, "login", null);
+exports.AuthController = AuthController = __decorate([
+    (0, swagger_1.ApiTags)('auth'),
+    (0, swagger_1.ApiBearerAuth)(),
+    (0, swagger_1.ApiExtraModels)(login_dto_1.LoginDto, login_response_dto_1.LoginResponseDto),
+    (0, common_1.Controller)('auth'),
+    __metadata("design:paramtypes", [auth_service_1.AuthService])
+], AuthController);

package/dist/auth.module.d.ts

@@ -1,9 +1,9 @@
-import { DynamicModule } from '@nestjs/common';
-import { AuthCoreOptions } from './interfaces/auth-core-options.interface';
-export declare const AUTH_CORE_OPTIONS = "AUTH_CORE_OPTIONS";
-export declare class AuthCoreModule {
-    static registerAsync(options: {
-        inject: any[];
-        useFactory: (...args: any[]) => Promise<AuthCoreOptions>;
-    }): DynamicModule;
-}
+import { DynamicModule } from '@nestjs/common';
+import { AuthCoreOptions } from './interfaces/auth-core-options.interface';
+export declare const AUTH_CORE_OPTIONS = "AUTH_CORE_OPTIONS";
+export declare class AuthCoreModule {
+    static registerAsync(options: {
+        inject: any[];
+        useFactory: (...args: any[]) => Promise<AuthCoreOptions>;
+    }): DynamicModule;
+}

package/dist/auth.module.js

@@ -1,143 +1,143 @@
-"use strict";
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var AuthCoreModule_1;
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.AuthCoreModule = exports.AUTH_CORE_OPTIONS = void 0;
-const common_1 = require("@nestjs/common");
-const jwt_1 = require("@nestjs/jwt");
-const auth_service_1 = require("./auth.service");
-const auth_controller_1 = require("./auth.controller");
-const jwt_strategy_1 = require("./jwt/jwt.strategy");
-const jwt_guard_1 = require("./jwt/jwt.guard");
-const module_guard_1 = require("./guards/module.guard");
-const roles_guard_1 = require("./guards/roles.guard");
-const feature_guard_1 = require("./guards/feature.guard");
-const route_guard_1 = require("./guards/route.guard");
-const permission_guard_1 = require("./guards/permission.guard");
-exports.AUTH_CORE_OPTIONS = 'AUTH_CORE_OPTIONS';
-// @Global()
-// @Module({})
-// export class AuthCoreModule {
-//   static registerAsync(options: {
-//     inject: any[];
-//     useFactory: (...args: any[]) => Promise<AuthCoreOptions>;
-//   }): DynamicModule {
-//     const asyncProvider = {
-//       provide: AUTH_CORE_OPTIONS,
-//       inject: options.inject,
-//       useFactory: options.useFactory,
-//     };
-//     return {
-//       module: AuthCoreModule,
-//       imports: [
-//         JwtModule.registerAsync({
-//           inject: options.inject,
-//           useFactory: async (...args: any[]) => {
-//             const config = await options.useFactory(...args);
-//             console.log("🔐 JWT Secret from AUTH_CORE_OPTIONS:", config.jwtSecret);
-//             console.log("⏳ JWT Expiry:", config.jwtExpiresIn);
-//             return {
-//               secret: config.jwtSecret,
-//               signOptions: { expiresIn: config.jwtExpiresIn },
-//             };
-//           },
-//         }),
-//       ],
-//       providers: [
-//         asyncProvider,
-//         {
-//           provide: 'MODULE_CONFIG',
-//           useFactory: (options: AuthCoreOptions) => options.moduleConfig || {},
-//           inject: [AUTH_CORE_OPTIONS],
-//         },
-//         AuthService,
-//         JwtStrategy,
-//         JwtAuthGuard,
-//         ModuleGuard,
-//         RolesGuard,
-//         FeatureGuard,
-//         RouteGuard,
-//         PermissionGuard,
-//       ],
-//       controllers: [AuthController],
-//       exports: [
-//         AuthService,
-//         JwtStrategy,
-//         JwtAuthGuard,
-//         ModuleGuard,
-//         RolesGuard,
-//         FeatureGuard,
-//         RouteGuard,
-//         PermissionGuard,
-//         JwtModule,
-//       ],
-//     };
-//   }
-// }
-let AuthCoreModule = AuthCoreModule_1 = class AuthCoreModule {
-    static registerAsync(options) {
-        const asyncProvider = {
-            provide: exports.AUTH_CORE_OPTIONS,
-            inject: options.inject,
-            useFactory: options.useFactory,
-        };
-        return {
-            module: AuthCoreModule_1,
-            imports: [
-                jwt_1.JwtModule.registerAsync({
-                    inject: options.inject,
-                    useFactory: async (...args) => {
-                        const config = await options.useFactory(...args);
-                        console.log('🔐 JWT Secret from AUTH_CORE_OPTIONS:', config.jwtSecret);
-                        console.log('⏳ JWT Expiry:', config.jwtExpiresIn);
-                        return {
-                            secret: config.jwtSecret,
-                            signOptions: { expiresIn: config.jwtExpiresIn },
-                        };
-                    },
-                }),
-            ],
-            providers: [
-                asyncProvider,
-                {
-                    provide: 'MODULE_CONFIG',
-                    useFactory: (opts) => opts.moduleConfig || {},
-                    inject: [exports.AUTH_CORE_OPTIONS],
-                },
-                auth_service_1.AuthService,
-                jwt_strategy_1.JwtStrategy,
-                jwt_guard_1.JwtAuthGuard,
-                module_guard_1.ModuleGuard,
-                roles_guard_1.RolesGuard,
-                feature_guard_1.FeatureGuard,
-                route_guard_1.RouteGuard,
-                permission_guard_1.PermissionGuard,
-            ],
-            controllers: [auth_controller_1.AuthController],
-            exports: [
-                // ⬇️ export these so Superadmin can resolve guard deps
-                exports.AUTH_CORE_OPTIONS,
-                'MODULE_CONFIG',
-                jwt_1.JwtModule,
-                auth_service_1.AuthService,
-                jwt_strategy_1.JwtStrategy,
-                jwt_guard_1.JwtAuthGuard,
-                module_guard_1.ModuleGuard,
-                roles_guard_1.RolesGuard,
-                feature_guard_1.FeatureGuard,
-                route_guard_1.RouteGuard,
-                permission_guard_1.PermissionGuard,
-            ],
-        };
-    }
-};
-exports.AuthCoreModule = AuthCoreModule;
-exports.AuthCoreModule = AuthCoreModule = AuthCoreModule_1 = __decorate([
-    (0, common_1.Global)(),
-    (0, common_1.Module)({})
-], AuthCoreModule);
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var AuthCoreModule_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthCoreModule = exports.AUTH_CORE_OPTIONS = void 0;
+const common_1 = require("@nestjs/common");
+const jwt_1 = require("@nestjs/jwt");
+const auth_service_1 = require("./auth.service");
+const auth_controller_1 = require("./auth.controller");
+const jwt_strategy_1 = require("./jwt/jwt.strategy");
+const jwt_guard_1 = require("./jwt/jwt.guard");
+const module_guard_1 = require("./guards/module.guard");
+const roles_guard_1 = require("./guards/roles.guard");
+const feature_guard_1 = require("./guards/feature.guard");
+const route_guard_1 = require("./guards/route.guard");
+const permission_guard_1 = require("./guards/permission.guard");
+exports.AUTH_CORE_OPTIONS = 'AUTH_CORE_OPTIONS';
+// @Global()
+// @Module({})
+// export class AuthCoreModule {
+//   static registerAsync(options: {
+//     inject: any[];
+//     useFactory: (...args: any[]) => Promise<AuthCoreOptions>;
+//   }): DynamicModule {
+//     const asyncProvider = {
+//       provide: AUTH_CORE_OPTIONS,
+//       inject: options.inject,
+//       useFactory: options.useFactory,
+//     };
+//     return {
+//       module: AuthCoreModule,
+//       imports: [
+//         JwtModule.registerAsync({
+//           inject: options.inject,
+//           useFactory: async (...args: any[]) => {
+//             const config = await options.useFactory(...args);
+//             console.log("🔐 JWT Secret from AUTH_CORE_OPTIONS:", config.jwtSecret);
+//             console.log("⏳ JWT Expiry:", config.jwtExpiresIn);
+//             return {
+//               secret: config.jwtSecret,
+//               signOptions: { expiresIn: config.jwtExpiresIn },
+//             };
+//           },
+//         }),
+//       ],
+//       providers: [
+//         asyncProvider,
+//         {
+//           provide: 'MODULE_CONFIG',
+//           useFactory: (options: AuthCoreOptions) => options.moduleConfig || {},
+//           inject: [AUTH_CORE_OPTIONS],
+//         },
+//         AuthService,
+//         JwtStrategy,
+//         JwtAuthGuard,
+//         ModuleGuard,
+//         RolesGuard,
+//         FeatureGuard,
+//         RouteGuard,
+//         PermissionGuard,
+//       ],
+//       controllers: [AuthController],
+//       exports: [
+//         AuthService,
+//         JwtStrategy,
+//         JwtAuthGuard,
+//         ModuleGuard,
+//         RolesGuard,
+//         FeatureGuard,
+//         RouteGuard,
+//         PermissionGuard,
+//         JwtModule,
+//       ],
+//     };
+//   }
+// }
+let AuthCoreModule = AuthCoreModule_1 = class AuthCoreModule {
+    static registerAsync(options) {
+        const asyncProvider = {
+            provide: exports.AUTH_CORE_OPTIONS,
+            inject: options.inject,
+            useFactory: options.useFactory,
+        };
+        return {
+            module: AuthCoreModule_1,
+            imports: [
+                jwt_1.JwtModule.registerAsync({
+                    inject: options.inject,
+                    useFactory: async (...args) => {
+                        const config = await options.useFactory(...args);
+                        console.log('🔐 JWT Secret from AUTH_CORE_OPTIONS:', config.jwtSecret);
+                        console.log('⏳ JWT Expiry:', config.jwtExpiresIn);
+                        return {
+                            secret: config.jwtSecret,
+                            signOptions: { expiresIn: config.jwtExpiresIn },
+                        };
+                    },
+                }),
+            ],
+            providers: [
+                asyncProvider,
+                {
+                    provide: 'MODULE_CONFIG',
+                    useFactory: (opts) => opts.moduleConfig || {},
+                    inject: [exports.AUTH_CORE_OPTIONS],
+                },
+                auth_service_1.AuthService,
+                jwt_strategy_1.JwtStrategy,
+                jwt_guard_1.JwtAuthGuard,
+                module_guard_1.ModuleGuard,
+                roles_guard_1.RolesGuard,
+                feature_guard_1.FeatureGuard,
+                route_guard_1.RouteGuard,
+                permission_guard_1.PermissionGuard,
+            ],
+            controllers: [auth_controller_1.AuthController],
+            exports: [
+                // ⬇️ export these so Superadmin can resolve guard deps
+                exports.AUTH_CORE_OPTIONS,
+                'MODULE_CONFIG',
+                jwt_1.JwtModule,
+                auth_service_1.AuthService,
+                jwt_strategy_1.JwtStrategy,
+                jwt_guard_1.JwtAuthGuard,
+                module_guard_1.ModuleGuard,
+                roles_guard_1.RolesGuard,
+                feature_guard_1.FeatureGuard,
+                route_guard_1.RouteGuard,
+                permission_guard_1.PermissionGuard,
+            ],
+        };
+    }
+};
+exports.AuthCoreModule = AuthCoreModule;
+exports.AuthCoreModule = AuthCoreModule = AuthCoreModule_1 = __decorate([
+    (0, common_1.Global)(),
+    (0, common_1.Module)({})
+], AuthCoreModule);

package/dist/auth.service.d.ts

@@ -1,47 +1,55 @@
-import { JwtService } from '@nestjs/jwt';
-import { AuthCoreOptions } from './interfaces/auth-core-options.interface';
-import { User } from './entities/user.entity';
-export type RoutePermissionSet = {
-    view?: boolean;
-    create?: boolean;
-    update?: boolean;
-    delete?: boolean;
-    import?: boolean;
-    export?: boolean;
-};
-export declare class AuthService {
-    private readonly jwtService;
-    private readonly options;
-    private readonly userRepo;
-    private readonly roleRepo;
-    private readonly moduleRepo;
-    private readonly featureRepo;
-    private readonly routeRepo;
-    private readonly featureAccessRepo;
-    private readonly moduleAccessRepo;
-    private readonly screenPermissionRepo;
-    constructor(jwtService: JwtService, options: AuthCoreOptions);
-    validateUser(email: string, password: string): Promise<User | null>;
-    login(user: User): Promise<{
-        status: boolean;
-        message: string;
-        data: {
-            user: {
-                id: number;
-                email: string;
-                roleId: number;
-                roleName: string | null;
-                moduleId: number;
-                name: string;
-                firstName: string;
-                lastName: string;
-                mobileNo: number;
-                userImage: string;
-                employeeId: number;
-            };
-        };
-        access_token: string;
-    }>;
-    findUserById(id: number): Promise<User | null>;
-    private loadPermissions;
-}
+import { JwtService } from '@nestjs/jwt';
+import { AuthCoreOptions } from './interfaces/auth-core-options.interface';
+import { User } from './entities/user.entity';
+export type RoutePermissionSet = {
+    view?: boolean;
+    create?: boolean;
+    update?: boolean;
+    delete?: boolean;
+    import?: boolean;
+    export?: boolean;
+};
+interface PermissionsTree {
+    features: Record<string, string[]>;
+    modules: number[];
+    routes: Record<string, string[]>;
+}
+export declare class AuthService {
+    private readonly jwtService;
+    private readonly options;
+    private readonly userRepo;
+    private readonly roleRepo;
+    private readonly moduleRepo;
+    private readonly featureRepo;
+    private readonly routeRepo;
+    private readonly featureAccessRepo;
+    private readonly moduleAccessRepo;
+    private readonly screenPermissionRepo;
+    constructor(jwtService: JwtService, options: AuthCoreOptions);
+    validateUser(email: string, password: string): Promise<User | null>;
+    hasModuleAccess(userId: number, moduleId: number): Promise<boolean>;
+    getPermissions(userId: number): Promise<PermissionsTree>;
+    login(user: User, selectedModuleId?: number): Promise<{
+        status: boolean;
+        message: string;
+        data: {
+            user: {
+                id: number;
+                email: string;
+                roleId: number;
+                roleName: string | null;
+                moduleId: number;
+                name: string;
+                firstName: string;
+                lastName: string;
+                mobileNo: number;
+                userImage: string;
+                employeeId: number;
+            };
+        };
+        access_token: string;
+    }>;
+    findUserById(id: number): Promise<User | null>;
+    private loadPermissions;
+}
+export {};