npm - ecrs-auth-core - Versions diffs - 1.0.75 → 1.0.78 - Mend

ecrs-auth-core 1.0.75 → 1.0.78

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/auth.controller.d.ts CHANGED Viewed

@@ -42,7 +42,7 @@ export declare class AuthController {
      */
     private parseUserAgent;
     /**
-     * Extract client IP from request
+     * Extract client IP from request and clean IPv6-mapped IPv4 format
      * Priority:
      * 1. X-Forwarded-For header (proxy)
      * 2. X-Real-IP header (nginx)

package/dist/auth.controller.js CHANGED Viewed

@@ -34,8 +34,12 @@ let AuthController = class AuthController {
         console.log(`🔐 User validation result for ${body.email}: ${user ? 'Success' : 'Failed'}`);
         if (!user) {
             // Save failed login attempt to both tables
-            await this.authService.saveLastLogin({ email: body.email }, clientIp, 'failed', 'Invalid credentials or IP not allowed', additionalData).catch(() => { }); // Ignore errors
-            await this.authService.saveLoginDetailsJson({ email: body.email }, clientIp, 'failed', 'Invalid credentials or IP not allowed', additionalData).catch(() => { }); // Ignore errors
+            await this.authService.saveLastLogin({ email: body.email }, clientIp, 'failed', 'Invalid credentials or IP not allowed', additionalData).catch((err) => {
+                console.error('❌ Error saving failed login to tbl_user_last_login:', err.message);
+            }); // Log errors for debugging
+            await this.authService.saveLoginDetailsJson({ email: body.email }, clientIp, 'failed', 'Invalid credentials or IP not allowed', additionalData).catch((err) => {
+                console.error('❌ Error saving failed login to tbl_user_login_details:', err.message);
+            }); // Log errors for debugging
             throw new common_1.UnauthorizedException('Login failed: email or password not matched or IP not allowed');
         }
         const requestedModuleId = Number(body.moduleId);
@@ -56,12 +60,16 @@ let AuthController = class AuthController {
         await this.authService.saveLastLogin(user, clientIp, 'success', undefined, {
             ...additionalData,
             moduleId: requestedModuleId,
-        }).catch(() => { }); // Ignore errors - don't block login
+        }).catch((err) => {
+            console.error('❌ Error saving successful login to tbl_user_last_login:', err.message);
+        }); // Log errors for debugging
         // Save to JSON-based login details table
         await this.authService.saveLoginDetailsJson(user, clientIp, 'success', undefined, {
             ...additionalData,
             moduleId: requestedModuleId,
-        }).catch(() => { }); // Ignore errors - don't block login
+        }).catch((err) => {
+            console.error('❌ Error saving successful login to tbl_user_login_details:', err.message);
+        }); // Log errors for debugging
         return loginResponse;
     }
     /**
@@ -120,7 +128,7 @@ let AuthController = class AuthController {
         return { browser, os, deviceType };
     }
     /**
-     * Extract client IP from request
+     * Extract client IP from request and clean IPv6-mapped IPv4 format
      * Priority:
      * 1. X-Forwarded-For header (proxy)
      * 2. X-Real-IP header (nginx)
@@ -129,36 +137,38 @@ let AuthController = class AuthController {
      * 5. socket.remoteAddress (direct connection)
      */
     getClientIp(request) {
+        let ip = '';
         // Check X-Forwarded-For header (most common with proxies)
         const xForwardedFor = request.headers['x-forwarded-for'];
-        console.log('X-Forwarded-For header:', xForwardedFor);
-        console.log('Request IP:', request.ip);
-        console.log('Socket Remote Address:', request.socket.remoteAddress);
-        console.log('X-Real-IP header:', request.headers['x-real-ip']);
-        console.log('CF-Connecting-IP header:', request.headers['cf-connecting-ip']);
         if (xForwardedFor) {
             const ips = Array.isArray(xForwardedFor)
                 ? xForwardedFor
                 : xForwardedFor.split(',');
-            return ips[0].trim();
+            ip = ips[0].trim();
         }
         // Check X-Real-IP header (nginx)
-        const xRealIp = request.headers['x-real-ip'];
-        if (xRealIp) {
-            return Array.isArray(xRealIp) ? xRealIp[0] : xRealIp;
+        else if (request.headers['x-real-ip']) {
+            const xRealIp = request.headers['x-real-ip'];
+            ip = Array.isArray(xRealIp) ? xRealIp[0] : xRealIp;
         }
         // Check CF-Connecting-IP (Cloudflare)
-        const cfIp = request.headers['cf-connecting-ip'];
-        if (cfIp) {
-            return Array.isArray(cfIp) ? cfIp[0] : cfIp;
+        else if (request.headers['cf-connecting-ip']) {
+            const cfIp = request.headers['cf-connecting-ip'];
+            ip = Array.isArray(cfIp) ? cfIp[0] : cfIp;
         }
         // Use Express native request.ip (handles proxies if trust proxy is set)
-        if (request.ip) {
-            return request.ip;
+        else if (request.ip) {
+            ip = request.ip;
         }
         // Fallback to socket remote address
-        const socketIp = (request.socket.remoteAddress || '').replace(/^.*:/, '');
-        return socketIp || 'unknown';
+        else if (request.socket.remoteAddress) {
+            ip = request.socket.remoteAddress;
+        }
+        // Clean IPv6-mapped IPv4 format (::ffff:192.168.0.166 -> 192.168.0.166)
+        if (ip.startsWith('::ffff:')) {
+            ip = ip.substring(7);
+        }
+        return ip || 'Unknown';
     }
 };
 exports.AuthController = AuthController;

package/dist/auth.service.js CHANGED Viewed

@@ -178,6 +178,7 @@ let AuthService = class AuthService {
     async saveLastLogin(user, clientIp, loginStatus = 'success', failureReason, additionalData) {
         if (!this.userLastLoginRepo) {
             // Last login tracking not configured
+            console.warn('⚠️ userLastLoginRepo not configured. Add loginDetailsRepo to AuthCoreModule repositories.');
             return;
         }
         try {
@@ -231,6 +232,7 @@ let AuthService = class AuthService {
     async saveLoginDetailsJson(user, clientIp, loginStatus = 'success', failureReason, additionalData) {
         if (!this.loginDetailsRepo) {
             // Login details tracking not configured
+            console.warn('⚠️ loginDetailsRepo not configured. Add loginDetailsRepo to AuthCoreModule repositories.');
             return;
         }
         try {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "ecrs-auth-core",
-  "version": "1.0.75",
+  "version": "1.0.78",
   "description": "Centralized authentication and authorization module for ECRS apps",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",