ecrs-auth-core 1.0.85 → 1.0.88
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth.controller.js +14 -4
- package/dist/auth.service.js +5 -0
- package/package.json +1 -1
package/dist/auth.controller.js
CHANGED
|
@@ -35,6 +35,7 @@ let AuthController = class AuthController {
|
|
|
35
35
|
const user = await this.authService.validateUser(body.email, body.password, clientIp);
|
|
36
36
|
console.log(`🔐 User validation result for ${body.email}: ${user ? 'Success' : 'Failed'}`);
|
|
37
37
|
if (!user) {
|
|
38
|
+
console.warn(`⚠️ Failed login attempt for ${body.email} from IP ${clientIp}`);
|
|
38
39
|
// Save failed login attempt to both tables
|
|
39
40
|
await this.authService.saveLastLogin({ email: body.email }, clientIp, 'failed', 'Invalid credentials or IP not allowed', additionalData).catch((err) => {
|
|
40
41
|
console.error('❌ Error saving failed login to tbl_user_last_login:', err.message);
|
|
@@ -44,18 +45,27 @@ let AuthController = class AuthController {
|
|
|
44
45
|
}); // Log errors for debugging
|
|
45
46
|
throw new common_1.UnauthorizedException('Login failed: email or password not matched or IP not allowed');
|
|
46
47
|
}
|
|
48
|
+
else {
|
|
49
|
+
console.log(`✅ User ${body.email} authenticated successfully`);
|
|
50
|
+
}
|
|
51
|
+
console.log('📊 User details:', user);
|
|
47
52
|
const requestedModuleId = Number(body.moduleId);
|
|
53
|
+
console.log(`📍 User ${body.email} requested access to module ID: ${requestedModuleId}`);
|
|
48
54
|
if (!Number.isFinite(requestedModuleId)) {
|
|
55
|
+
console.warn(`⚠️ Invalid module ID provided by user ${body.email}: ${body.moduleId}`);
|
|
49
56
|
throw new common_1.UnauthorizedException('You are not authorized to access this module');
|
|
50
57
|
}
|
|
58
|
+
console.log(`🔍 Checking module access for user ID ${user.id} and module ID ${requestedModuleId}...`);
|
|
51
59
|
const allowedDb = await this.authService.hasModuleAccess(user.id, requestedModuleId);
|
|
60
|
+
console.log(`📊 Module access check result for user ID ${user.id} and module ID ${requestedModuleId}: ${allowedDb ? 'Allowed' : 'Denied'}`);
|
|
52
61
|
if (!allowedDb) {
|
|
53
62
|
throw new common_1.UnauthorizedException('You are not authorized to access this module');
|
|
54
63
|
}
|
|
55
|
-
const perms = await this.authService.getPermissions(user.id);
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
64
|
+
// const perms = await this.authService.getPermissions(user.id);
|
|
65
|
+
// console.log(`📊 User permissions for ${body.email}:`, perms);
|
|
66
|
+
// if (!Array.isArray(perms.modules) || !perms.modules.includes(requestedModuleId)) {
|
|
67
|
+
// throw new UnauthorizedException('You are not authorized to access this module');
|
|
68
|
+
// }
|
|
59
69
|
const loginResponse = await this.authService.login(user, requestedModuleId);
|
|
60
70
|
console.log(`✅ User ${body.email} logged in successfully to module ${requestedModuleId}`);
|
|
61
71
|
// Save successful login details with additional client data to both tables
|
package/dist/auth.service.js
CHANGED
|
@@ -163,12 +163,15 @@ let AuthService = class AuthService {
|
|
|
163
163
|
async hasModuleAccess(userId, moduleId) {
|
|
164
164
|
if (!Number.isFinite(moduleId))
|
|
165
165
|
return false;
|
|
166
|
+
console.log(`🔍 Checking module access for user ID ${userId} and module ID ${moduleId}...`);
|
|
166
167
|
const access = await this.moduleAccessRepo.findOne({
|
|
167
168
|
where: { userId, moduleId, isDeleted: 0, status: 1 },
|
|
168
169
|
});
|
|
170
|
+
console.log(`📊 Module access check result for user ID ${userId} and module ID ${moduleId}: ${access ? 'Allowed' : 'Denied'}`);
|
|
169
171
|
return !!access;
|
|
170
172
|
}
|
|
171
173
|
async getPermissions(userId) {
|
|
174
|
+
console.log(`🔍 Loading permissions for user ID ${userId}...`);
|
|
172
175
|
return this.loadPermissions(userId);
|
|
173
176
|
}
|
|
174
177
|
/**
|
|
@@ -414,7 +417,9 @@ let AuthService = class AuthService {
|
|
|
414
417
|
}
|
|
415
418
|
}
|
|
416
419
|
async login(user, selectedModuleId) {
|
|
420
|
+
console.log(`🔐 Logging in user ID ${user.id} with selected module ID ${selectedModuleId}...`);
|
|
417
421
|
const permissionTree = await this.loadModulePermissions(user.id, selectedModuleId);
|
|
422
|
+
console.log(`📊 Loaded permissions for user ID ${user.id}:`, permissionTree);
|
|
418
423
|
const role = await this.roleRepo.findOne({ where: { id: user.roleId } });
|
|
419
424
|
const roleName = role?.roleName || null;
|
|
420
425
|
const effectiveModuleId = Number.isFinite(selectedModuleId) ? selectedModuleId : user.moduleId ?? null;
|