fiberx-backend-toolkit 0.0.43 → 0.0.45

package/dist/code_templates/sequelize_code_template.js

@@ -390,7 +390,7 @@ const seqelize_connector = SequelizeConnector.getInstance();
 // -------------------------
 // Model class list
 // -------------------------
-const modelClasses = [
+const model_classes = [
     ${model_array}
 ];
 
@@ -401,7 +401,7 @@ const associationMethods: (() => void)[] = [];
 // -------------------------
 // Initialize all models first
 // -------------------------
-for (const ModelClass of modelClasses) {
+for (const ModelClass of model_classes) {
     const connection_name = ModelClass.schema_def?.connection_name || "default";
     const sequelize = seqelize_connector.connectNamedSync(connection_name);
 

package/dist/middle_ware/authentication_middle_ware.d.ts

@@ -0,0 +1,23 @@
+import { Model } from "sequelize";
+import { Request, Response, NextFunction, RequestHandler } from "express";
+import { AuthenticatorOptions, DefaultRequestInfo, DefaultAccessTokenPayload, DefaultRefreshTokenPayload } from "../types/middle_ware_type";
+declare class AuthenicationMiddleWare {
+    private name;
+    private logger;
+    private readonly options;
+    constructor(options: AuthenticatorOptions);
+    /** Extract tokens + device info from request */
+    protected extractRequestInfo(req: Request): Promise<DefaultRequestInfo | null>;
+    protected validateAccessToken(access_token: string, request_info?: DefaultRequestInfo): Promise<DefaultAccessTokenPayload | null>;
+    protected validateRefreshToken(refresh_token: string, request_info?: DefaultRequestInfo): Promise<DefaultRefreshTokenPayload | null>;
+    protected LoadActor(actor_type: string, actor_id: number | string, request_info?: DefaultRequestInfo): Promise<Model | null>;
+    protected loadMemberSession(member_id: number | string, session_id: number | string, request_info?: DefaultRequestInfo, is_2fa_validated?: boolean): Promise<Model | null>;
+    protected loadMemberLoginChallenge(member_id: number | string, challenge_id: number | string, request_info?: DefaultRequestInfo, is_2fa_validated?: boolean): Promise<Model | null>;
+    protected getActorPermissions(actor_id: number | string, role_ids: (number | string)[]): Promise<string[]>;
+    protected validateHasPermission(request_info: DefaultRequestInfo): Promise<boolean>;
+    setPermissionName(permission_name: string): RequestHandler;
+    requireNoAuth(req: Request, res: Response, next: NextFunction): Promise<void | Response>;
+    requirePartialAuth(req: Request, res: Response, next: NextFunction): Promise<void | Response>;
+    requireFullAuth(req: Request, res: Response, next: NextFunction): Promise<void | Response>;
+}
+export default AuthenicationMiddleWare;

package/dist/middle_ware/authentication_middle_ware.js

@@ -0,0 +1,188 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const main_1 = require("../utils/main");
+class AuthenicationMiddleWare {
+    name = "authentication_middle_ware";
+    logger = new main_1.LoggerUtil(this.name);
+    options;
+    constructor(options) {
+        this.options = options;
+        main_1.SafeExecuteUtil.setNamedInstance(this.name, this);
+    }
+    /** Extract tokens + device info from request */
+    async extractRequestInfo(req) {
+        if (!this.options?.extractRequestInfoMethod) {
+            return null;
+        }
+        return this.options?.extractRequestInfoMethod(req);
+    }
+    // Method to validate access token payload
+    async validateAccessToken(access_token, request_info) {
+        if (!this.options?.validateAccessTokenMethod) {
+            return null;
+        }
+        return this.options?.validateAccessTokenMethod(access_token, request_info);
+    }
+    // Method to validate refresh token payload
+    async validateRefreshToken(refresh_token, request_info) {
+        if (!this.options?.validateRefreshTokenMethod) {
+            return null;
+        }
+        return this.options?.validateRefreshTokenMethod(refresh_token, request_info);
+    }
+    // Method to fetch member session history record
+    async LoadActor(actor_type, actor_id, request_info) {
+        if (!this.options?.loadActorMethod) {
+            return null;
+        }
+        return this.options?.loadActorMethod(actor_type, actor_id, request_info);
+    }
+    // Method to fetch member session history record
+    async loadMemberSession(member_id, session_id, request_info, is_2fa_validated = true) {
+        if (!this.options?.loadMemberSessionMethod) {
+            return null;
+        }
+        return this.options?.loadMemberSessionMethod(member_id, session_id, request_info, is_2fa_validated);
+    }
+    // Method to load member login challenge
+    async loadMemberLoginChallenge(member_id, challenge_id, request_info, is_2fa_validated = true) {
+        if (!this.options?.loadMemberLoginChallenegeMethod) {
+            return null;
+        }
+        return this.options?.loadMemberLoginChallenegeMethod(member_id, challenge_id, request_info, is_2fa_validated);
+    }
+    // Method to load member login challenge
+    async getActorPermissions(actor_id, role_ids) {
+        if (!this.options?.getActorPermissionsMethod) {
+            return [];
+        }
+        return this.options?.getActorPermissionsMethod(actor_id, role_ids);
+    }
+    // Method to validate refresh token payload
+    async validateHasPermission(request_info) {
+        if (!this.options?.validateActorHasPermissionMethod) {
+            return false;
+        }
+        return this.options?.validateActorHasPermissionMethod(request_info);
+    }
+    // -----------------------------------
+    // GENERIC MIDDLEWARES
+    // -----------------------------------
+    setPermissionName(permission_name) {
+        return async (req, res, next) => {
+            req.permission_name = permission_name;
+            this.logger.info(`[${this.name}] 🔐 Route permission set as ${permission_name} for request ${req.request_id}`);
+            const request_info = await this.extractRequestInfo(req) || req;
+            const has_permission = await this.validateHasPermission(request_info);
+            if (!has_permission) {
+                this.logger.info(`[${this.name}] ⛔ Permission denied for request ${req.request_id} with required permission ${permission_name}`);
+                return res.errResponse(403, "unauthorized_access_permission");
+            }
+            this.logger.success(`[${this.name}] ✅ Permission granted for request ${req.request_id} with required permission ${permission_name}`);
+            next();
+        };
+    }
+    async requireNoAuth(req, res, next) {
+        if (!this.options?.requireNoAuthMiddleWareMethod) {
+            return next();
+        }
+        return this.options?.requireNoAuthMiddleWareMethod(req, res, next);
+    }
+    ;
+    async requirePartialAuth(req, res, next) {
+        if (!this.options?.requirePartialAuthMiddleWareMethod) {
+            return next();
+        }
+        return this.options?.requirePartialAuthMiddleWareMethod(req, res, next);
+    }
+    ;
+    async requireFullAuth(req, res, next) {
+        if (!this.options?.requireFullAuthMiddleWareMethod) {
+            return next();
+        }
+        return this.options?.requireFullAuthMiddleWareMethod(req, res, next);
+    }
+    ;
+}
+__decorate([
+    main_1.SafeExecuteUtil.safeExecuteReturn("authentication_middle_ware", null),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object]),
+    __metadata("design:returntype", Promise)
+], AuthenicationMiddleWare.prototype, "extractRequestInfo", null);
+__decorate([
+    main_1.SafeExecuteUtil.safeExecuteReturn("authentication_middle_ware", null),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [String, Object]),
+    __metadata("design:returntype", Promise)
+], AuthenicationMiddleWare.prototype, "validateAccessToken", null);
+__decorate([
+    main_1.SafeExecuteUtil.safeExecuteReturn("authentication_middle_ware", null),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [String, Object]),
+    __metadata("design:returntype", Promise)
+], AuthenicationMiddleWare.prototype, "validateRefreshToken", null);
+__decorate([
+    main_1.SafeExecuteUtil.safeExecuteReturn("authentication_middle_ware", null),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [String, Object, Object]),
+    __metadata("design:returntype", Promise)
+], AuthenicationMiddleWare.prototype, "LoadActor", null);
+__decorate([
+    main_1.SafeExecuteUtil.safeExecuteReturn("authentication_middle_ware", null),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object, Object, Object, Boolean]),
+    __metadata("design:returntype", Promise)
+], AuthenicationMiddleWare.prototype, "loadMemberSession", null);
+__decorate([
+    main_1.SafeExecuteUtil.safeExecuteReturn("authentication_middle_ware", null),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object, Object, Object, Boolean]),
+    __metadata("design:returntype", Promise)
+], AuthenicationMiddleWare.prototype, "loadMemberLoginChallenge", null);
+__decorate([
+    main_1.SafeExecuteUtil.safeExecuteReturn("authentication_middle_ware", []),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object, Array]),
+    __metadata("design:returntype", Promise)
+], AuthenicationMiddleWare.prototype, "getActorPermissions", null);
+__decorate([
+    main_1.SafeExecuteUtil.safeExecuteReturn("authentication_middle_ware", false),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object]),
+    __metadata("design:returntype", Promise)
+], AuthenicationMiddleWare.prototype, "validateHasPermission", null);
+__decorate([
+    main_1.SafeExecuteUtil.safeExecuteThrow("authentication_middle_ware"),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [String]),
+    __metadata("design:returntype", Function)
+], AuthenicationMiddleWare.prototype, "setPermissionName", null);
+__decorate([
+    main_1.SafeExecuteUtil.safeExecuteThrow("authentication_middle_ware"),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object, Object, Function]),
+    __metadata("design:returntype", Promise)
+], AuthenicationMiddleWare.prototype, "requireNoAuth", null);
+__decorate([
+    main_1.SafeExecuteUtil.safeExecuteThrow("authentication_middle_ware"),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object, Object, Function]),
+    __metadata("design:returntype", Promise)
+], AuthenicationMiddleWare.prototype, "requirePartialAuth", null);
+__decorate([
+    main_1.SafeExecuteUtil.safeExecuteThrow("authentication_middle_ware"),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object, Object, Function]),
+    __metadata("design:returntype", Promise)
+], AuthenicationMiddleWare.prototype, "requireFullAuth", null);
+exports.default = AuthenicationMiddleWare;

package/dist/middle_ware/main.d.ts

@@ -5,4 +5,5 @@ import HTTPSEnforcementMiddleWare from "./https_enforcement_middle_ware";
 import SecureHeadersMiddleWare from "./secure_headers_middle_ware";
 import RequestLoggerMiddleWare from "./request_logger_middle_ware";
 import ResponseFormatterMiddleWare from "./response_formatter_middle_ware";
-export { CookieManagerMiddleWare, CorsMiddleWare, RateLimiterMiddleWare, HTTPSEnforcementMiddleWare, SecureHeadersMiddleWare, RequestLoggerMiddleWare, ResponseFormatterMiddleWare };
+import AuthenicationMiddleWare from "./authentication_middle_ware";
+export { CookieManagerMiddleWare, CorsMiddleWare, RateLimiterMiddleWare, HTTPSEnforcementMiddleWare, SecureHeadersMiddleWare, RequestLoggerMiddleWare, ResponseFormatterMiddleWare, AuthenicationMiddleWare };

package/dist/middle_ware/main.js

@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.ResponseFormatterMiddleWare = exports.RequestLoggerMiddleWare = exports.SecureHeadersMiddleWare = exports.HTTPSEnforcementMiddleWare = exports.RateLimiterMiddleWare = exports.CorsMiddleWare = exports.CookieManagerMiddleWare = void 0;
+exports.AuthenicationMiddleWare = exports.ResponseFormatterMiddleWare = exports.RequestLoggerMiddleWare = exports.SecureHeadersMiddleWare = exports.HTTPSEnforcementMiddleWare = exports.RateLimiterMiddleWare = exports.CorsMiddleWare = exports.CookieManagerMiddleWare = void 0;
 const cookie_manager_middle_ware_1 = __importDefault(require("./cookie_manager_middle_ware"));
 exports.CookieManagerMiddleWare = cookie_manager_middle_ware_1.default;
 const cors_middle_ware_1 = __importDefault(require("./cors_middle_ware"));
@@ -18,3 +18,5 @@ const request_logger_middle_ware_1 = __importDefault(require("./request_logger_m
 exports.RequestLoggerMiddleWare = request_logger_middle_ware_1.default;
 const response_formatter_middle_ware_1 = __importDefault(require("./response_formatter_middle_ware"));
 exports.ResponseFormatterMiddleWare = response_formatter_middle_ware_1.default;
+const authentication_middle_ware_1 = __importDefault(require("./authentication_middle_ware"));
+exports.AuthenicationMiddleWare = authentication_middle_ware_1.default;

package/dist/types/middle_ware_type.d.ts

@@ -1,3 +1,5 @@
+import { Model } from "sequelize";
+import { Request, Response, NextFunction } from "express";
 export type CorsOriginResolver = ((origin?: string) => boolean | Promise<boolean>) | (() => Promise<string[]>);
 export interface CorsOptions {
     origins?: string[];
@@ -53,3 +55,35 @@ export interface ResponseFormatterOptions {
     default_info_message?: string;
     default_not_found_message?: string;
 }
+export interface DefaultRequestInfo {
+    access_token?: string;
+    refresh_token?: string;
+    device_id?: string;
+    origin_url?: string;
+    request_id?: string;
+}
+export interface DefaultAccessTokenPayload {
+    type: string;
+    member_id: number | string;
+    request_id: string;
+    device_id: string;
+}
+export interface DefaultRefreshTokenPayload {
+    type: "refresh";
+    member_id: number | string;
+    request_id: string;
+    device_id: string;
+}
+export interface AuthenticatorOptions<TAccessPayload extends DefaultAccessTokenPayload = DefaultAccessTokenPayload, TRequestInfo extends DefaultRequestInfo = DefaultRequestInfo, TRefreshPayload extends DefaultRefreshTokenPayload = DefaultRefreshTokenPayload, TSessionModel extends Model = Model, TLoginChallengeModel extends Model = Model, TActorModel extends Model = Model> {
+    extractRequestInfoMethod: (req: Request) => Promise<TRequestInfo | null>;
+    validateAccessTokenMethod: (access_token: string, requestInfo?: TRequestInfo) => Promise<TAccessPayload | null>;
+    validateRefreshTokenMethod: (refresh_token: string, requestInfo?: TRequestInfo) => Promise<TRefreshPayload | null>;
+    loadActorMethod(actor_type: string, actor_id: number | string, requestInfo?: TRequestInfo): Promise<TActorModel | null>;
+    loadMemberSessionMethod(member_id: number | string, session_id: number | string, request_info?: TRequestInfo, is_2fa_validated?: boolean): Promise<TSessionModel | null>;
+    loadMemberLoginChallenegeMethod(member_id: number | string, challenge_id: number | string, request_info?: TRequestInfo, is_2fa_validated?: boolean): Promise<TLoginChallengeModel | null>;
+    getActorPermissionsMethod(actor_id: number | string, role_ids: (number | string)[]): Promise<string[]>;
+    validateActorHasPermissionMethod(request_info: TRequestInfo): Promise<boolean>;
+    requireNoAuthMiddleWareMethod(req: Request, res: Response, next: NextFunction): Promise<void | Response>;
+    requirePartialAuthMiddleWareMethod(req: Request, res: Response, next: NextFunction): Promise<void | Response>;
+    requireFullAuthMiddleWareMethod(req: Request, res: Response, next: NextFunction): Promise<void | Response>;
+}

package/dist/types/middle_ware_type.js

@@ -1,3 +1,4 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 ;
+;

package/dist/utils/encryptor_decryptor_util.d.ts

@@ -21,7 +21,7 @@ declare class EncryptorDecryptorUtil {
     compressPayload<T = string>(payload: T): string;
     decompressPayload<T = string>(compressed_base64: string): T;
     dataToTimedEncryptedString<T = string>(data: T, time_in_mins?: number): string;
-    timedEncryptedStringToData<T>(encrypted_string: string, ignore_expiration?: boolean): T | string | boolean;
+    timedEncryptedStringToData<T>(encrypted_string: string, ignore_expiration?: boolean): T | null;
     hashString(input: string, algorithm?: string): string;
 }
 export default EncryptorDecryptorUtil;

package/dist/utils/encryptor_decryptor_util.js

@@ -197,22 +197,22 @@ class EncryptorDecryptorUtil {
             }
             const uncompressed_string = this.decompressPayload(encrypted_string);
             if (!uncompressed_string) {
-                return false;
+                return null;
             }
             const jwt_data = this.verifyJWT(uncompressed_string, this.jwt_secret_key, ignore_expiration);
             if (!jwt_data) {
-                return false;
+                return null;
             }
             const decompressed_data = this.decompressPayload(jwt_data?.encoded_data);
             if (!decompressed_data) {
-                return false;
+                return null;
             }
-            const decoded_data = this.decryptV2(decompressed_data);
-            return decoded_data || false;
+            const decoded_data = (this.decryptV2(decompressed_data));
+            return decoded_data || null;
         }
         catch (error) {
             this.logger.error(`[${this.name}] Failed to convert encrypted string to data`, { encrypted_string, error });
-            return false;
+            return null;
         }
     }
     // ==============================

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "fiberx-backend-toolkit",
-    "version": "0.0.43",
+    "version": "0.0.45",
     "description": "A TypeScript backend toolkit providing shared domain logic, infrastructure helpers, and utilities for FiberX server-side applications and services.",
     "type": "commonjs",
     "main": "./dist/index.js",