lapeeh 1.0.11 → 1.0.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (76) hide show
  1. package/dist/lib/bootstrap.d.ts +3 -0
  2. package/dist/lib/bootstrap.d.ts.map +1 -0
  3. package/dist/lib/bootstrap.js +184 -0
  4. package/dist/lib/core/realtime.d.ts +3 -0
  5. package/dist/lib/core/realtime.d.ts.map +1 -0
  6. package/dist/lib/core/realtime.js +36 -0
  7. package/dist/lib/core/redis.d.ts +9 -0
  8. package/dist/lib/core/redis.d.ts.map +1 -0
  9. package/dist/lib/core/redis.js +133 -0
  10. package/dist/lib/core/serializer.d.ts +43 -0
  11. package/dist/lib/core/serializer.d.ts.map +1 -0
  12. package/dist/lib/core/serializer.js +66 -0
  13. package/dist/lib/core/server.d.ts +2 -0
  14. package/dist/lib/core/server.d.ts.map +1 -0
  15. package/dist/lib/core/server.js +60 -0
  16. package/dist/lib/core/store.d.ts +55 -0
  17. package/dist/lib/core/store.d.ts.map +1 -0
  18. package/dist/lib/core/store.js +66 -0
  19. package/dist/lib/middleware/auth.d.ts +4 -0
  20. package/dist/lib/middleware/auth.d.ts.map +1 -0
  21. package/dist/lib/middleware/auth.js +55 -0
  22. package/dist/lib/middleware/error.d.ts +3 -0
  23. package/dist/lib/middleware/error.d.ts.map +1 -0
  24. package/dist/lib/middleware/error.js +41 -0
  25. package/dist/lib/middleware/multipart.d.ts +4 -0
  26. package/dist/lib/middleware/multipart.d.ts.map +1 -0
  27. package/dist/lib/middleware/multipart.js +17 -0
  28. package/dist/lib/middleware/rateLimit.d.ts +2 -0
  29. package/dist/lib/middleware/rateLimit.d.ts.map +1 -0
  30. package/dist/lib/middleware/rateLimit.js +19 -0
  31. package/dist/lib/middleware/requestLogger.d.ts +3 -0
  32. package/dist/lib/middleware/requestLogger.d.ts.map +1 -0
  33. package/dist/lib/middleware/requestLogger.js +22 -0
  34. package/dist/lib/middleware/visitor.d.ts +3 -0
  35. package/dist/lib/middleware/visitor.d.ts.map +1 -0
  36. package/dist/lib/middleware/visitor.js +144 -0
  37. package/dist/lib/utils/logger.d.ts +11 -0
  38. package/dist/lib/utils/logger.d.ts.map +1 -0
  39. package/dist/lib/utils/logger.js +81 -0
  40. package/dist/lib/utils/pagination.d.ts +19 -0
  41. package/dist/lib/utils/pagination.d.ts.map +1 -0
  42. package/dist/lib/utils/pagination.js +34 -0
  43. package/dist/lib/utils/response.d.ts +11 -0
  44. package/dist/lib/utils/response.d.ts.map +1 -0
  45. package/dist/lib/utils/response.js +57 -0
  46. package/dist/lib/utils/validator.d.ts +38 -0
  47. package/dist/lib/utils/validator.d.ts.map +1 -0
  48. package/dist/lib/utils/validator.js +346 -0
  49. package/dist/src/config/app.d.ts +10 -0
  50. package/dist/src/config/app.d.ts.map +1 -0
  51. package/dist/src/config/app.js +12 -0
  52. package/dist/src/config/cors.d.ts +6 -0
  53. package/dist/src/config/cors.d.ts.map +1 -0
  54. package/dist/src/config/cors.js +8 -0
  55. package/dist/src/modules/Auth/auth.controller.d.ts +11 -0
  56. package/dist/src/modules/Auth/auth.controller.d.ts.map +1 -0
  57. package/dist/src/modules/Auth/auth.controller.js +427 -0
  58. package/dist/src/modules/Auth/auth.routes.d.ts +2 -0
  59. package/dist/src/modules/Auth/auth.routes.d.ts.map +1 -0
  60. package/dist/src/modules/Auth/auth.routes.js +45 -0
  61. package/dist/src/modules/Auth/auth.service.d.ts +3 -0
  62. package/dist/src/modules/Auth/auth.service.d.ts.map +1 -0
  63. package/dist/src/modules/Auth/auth.service.js +8 -0
  64. package/dist/src/modules/Rbac/rbac.controller.d.ts +16 -0
  65. package/dist/src/modules/Rbac/rbac.controller.d.ts.map +1 -0
  66. package/dist/src/modules/Rbac/rbac.controller.js +438 -0
  67. package/dist/src/modules/Rbac/rbac.routes.d.ts +2 -0
  68. package/dist/src/modules/Rbac/rbac.routes.d.ts.map +1 -0
  69. package/dist/src/modules/Rbac/rbac.routes.js +23 -0
  70. package/dist/src/modules/Rbac/rbac.service.d.ts +3 -0
  71. package/dist/src/modules/Rbac/rbac.service.d.ts.map +1 -0
  72. package/dist/src/modules/Rbac/rbac.service.js +8 -0
  73. package/dist/src/routes/index.d.ts +2 -0
  74. package/dist/src/routes/index.d.ts.map +1 -0
  75. package/dist/src/routes/index.js +9 -0
  76. package/package.json +23 -1
@@ -0,0 +1,427 @@
1
+ "use strict";
2
+ var __importDefault = (this && this.__importDefault) || function (mod) {
3
+ return (mod && mod.__esModule) ? mod : { "default": mod };
4
+ };
5
+ Object.defineProperty(exports, "__esModule", { value: true });
6
+ exports.ACCESS_TOKEN_EXPIRES_IN_SECONDS = void 0;
7
+ exports.register = register;
8
+ exports.login = login;
9
+ exports.me = me;
10
+ exports.logout = logout;
11
+ exports.refreshToken = refreshToken;
12
+ exports.updateAvatar = updateAvatar;
13
+ exports.updatePassword = updatePassword;
14
+ exports.updateProfile = updateProfile;
15
+ const bcryptjs_1 = __importDefault(require("bcryptjs"));
16
+ const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
17
+ const uuid_1 = require("uuid");
18
+ const response_1 = require("../../../lib/utils/response");
19
+ const validator_1 = require("../../../lib/utils/validator");
20
+ const serializer_1 = require("../../../lib/core/serializer");
21
+ const store_1 = require("../../../lib/core/store");
22
+ const redis_1 = require("../../../lib/core/redis");
23
+ exports.ACCESS_TOKEN_EXPIRES_IN_SECONDS = 7 * 24 * 60 * 60;
24
+ // --- Serializers ---
25
+ const registerSchema = {
26
+ type: "object",
27
+ properties: {
28
+ id: { type: "string" },
29
+ email: { type: "string" },
30
+ name: { type: "string" },
31
+ role: { type: "string" },
32
+ },
33
+ };
34
+ const loginSchema = {
35
+ type: "object",
36
+ properties: {
37
+ token: { type: "string" },
38
+ refreshToken: { type: "string" },
39
+ expiresIn: { type: "integer" },
40
+ expiresAt: { type: "string" },
41
+ name: { type: "string" },
42
+ role: { type: "string" },
43
+ },
44
+ };
45
+ const userProfileSchema = {
46
+ type: "object",
47
+ properties: {
48
+ id: { type: "string" },
49
+ name: { type: "string" },
50
+ email: { type: "string" },
51
+ role: { type: "string" },
52
+ avatar: { type: "string", nullable: true },
53
+ avatar_url: { type: "string", nullable: true },
54
+ email_verified_at: { type: "string", format: "date-time", nullable: true },
55
+ created_at: { type: "string", format: "date-time", nullable: true },
56
+ updated_at: { type: "string", format: "date-time", nullable: true },
57
+ },
58
+ };
59
+ const refreshTokenSchema = {
60
+ type: "object",
61
+ properties: {
62
+ token: { type: "string" },
63
+ expiresIn: { type: "integer" },
64
+ expiresAt: { type: "string" },
65
+ name: { type: "string" },
66
+ role: { type: "string" },
67
+ },
68
+ };
69
+ const registerSerializer = (0, serializer_1.getSerializer)("auth-register", (0, serializer_1.createResponseSchema)(registerSchema));
70
+ const loginSerializer = (0, serializer_1.getSerializer)("auth-login", (0, serializer_1.createResponseSchema)(loginSchema));
71
+ const userProfileSerializer = (0, serializer_1.getSerializer)("auth-profile", (0, serializer_1.createResponseSchema)(userProfileSchema));
72
+ const refreshTokenSerializer = (0, serializer_1.getSerializer)("auth-refresh", (0, serializer_1.createResponseSchema)(refreshTokenSchema));
73
+ const voidSerializer = (0, serializer_1.getSerializer)("void", (0, serializer_1.createResponseSchema)({ type: "null" }));
74
+ // --- Controllers ---
75
+ async function register(req, res) {
76
+ const validator = validator_1.Validator.make(req.body || {}, {
77
+ email: "required|email|unique:users,email",
78
+ name: "required|min:1",
79
+ password: "required|min:4",
80
+ confirmPassword: "required|min:4|same:password",
81
+ });
82
+ if (await validator.fails()) {
83
+ (0, response_1.sendError)(res, 422, "Validation error", validator.errors());
84
+ return;
85
+ }
86
+ const { email, name, password } = await validator.validated();
87
+ // Manual unique check (In-Memory)
88
+ if (store_1.users.find((u) => u.email === email)) {
89
+ (0, response_1.sendError)(res, 422, "Validation error", { email: "Email already taken" });
90
+ return;
91
+ }
92
+ const hash = await bcryptjs_1.default.hash(password, 10);
93
+ const newUser = {
94
+ id: (store_1.users.length + 1).toString(), // Simple ID generation
95
+ email,
96
+ name,
97
+ password: hash,
98
+ uuid: (0, uuid_1.v4)(),
99
+ created_at: new Date(),
100
+ updated_at: new Date(),
101
+ avatar: null,
102
+ avatar_url: null,
103
+ email_verified_at: null,
104
+ remember_token: null,
105
+ };
106
+ store_1.users.push(newUser);
107
+ const defaultRole = store_1.roles.find((r) => r.slug === "user");
108
+ if (defaultRole) {
109
+ store_1.user_roles.push({
110
+ id: (store_1.user_roles.length + 1).toString(),
111
+ user_id: newUser.id,
112
+ role_id: defaultRole.id,
113
+ created_at: new Date(),
114
+ });
115
+ }
116
+ (0, store_1.saveStore)();
117
+ (0, response_1.sendFastSuccess)(res, 201, registerSerializer, {
118
+ status: "success",
119
+ message: "Registration successful. You can now login.",
120
+ data: {
121
+ id: newUser.id.toString(),
122
+ email: newUser.email,
123
+ name: newUser.name,
124
+ role: defaultRole ? defaultRole.slug : "user",
125
+ },
126
+ });
127
+ }
128
+ async function login(req, res) {
129
+ const validator = validator_1.Validator.make(req.body || {}, {
130
+ email: "required|email",
131
+ password: "required|min:4",
132
+ });
133
+ if (await validator.fails()) {
134
+ (0, response_1.sendError)(res, 422, "Validation error", validator.errors());
135
+ return;
136
+ }
137
+ const { email, password } = await validator.validated();
138
+ const user = store_1.users.find((u) => u.email === email);
139
+ if (!user) {
140
+ (0, response_1.sendError)(res, 401, "Email not registered", {
141
+ field: "email",
142
+ message: "Email is not registered, please register first",
143
+ });
144
+ return;
145
+ }
146
+ const ok = await bcryptjs_1.default.compare(password, user.password || "");
147
+ if (!ok) {
148
+ (0, response_1.sendError)(res, 401, "Invalid credentials", {
149
+ field: "password",
150
+ message: "The password you entered is incorrect",
151
+ });
152
+ return;
153
+ }
154
+ const secret = process.env.JWT_SECRET;
155
+ if (!secret) {
156
+ (0, response_1.sendError)(res, 500, "Server misconfigured");
157
+ return;
158
+ }
159
+ // Find user roles
160
+ const userRoleLinks = store_1.user_roles.filter((ur) => ur.user_id === user.id);
161
+ const userRoleObjects = userRoleLinks
162
+ .map((ur) => store_1.roles.find((r) => r.id === ur.role_id))
163
+ .filter((r) => r);
164
+ const primaryUserRole = userRoleObjects.length > 0 && userRoleObjects[0]
165
+ ? userRoleObjects[0].slug
166
+ : "user";
167
+ const accessExpiresInSeconds = exports.ACCESS_TOKEN_EXPIRES_IN_SECONDS;
168
+ const accessExpiresAt = new Date(Date.now() + accessExpiresInSeconds * 1000).toISOString();
169
+ const token = jsonwebtoken_1.default.sign({ userId: user.id.toString(), role: primaryUserRole }, secret, { expiresIn: accessExpiresInSeconds });
170
+ const refreshExpiresInSeconds = 30 * 24 * 60 * 60;
171
+ const refreshToken = jsonwebtoken_1.default.sign({
172
+ userId: user.id.toString(),
173
+ role: primaryUserRole,
174
+ tokenType: "refresh",
175
+ }, secret, { expiresIn: refreshExpiresInSeconds });
176
+ (0, response_1.sendFastSuccess)(res, 200, loginSerializer, {
177
+ status: "success",
178
+ message: "Login successful",
179
+ data: {
180
+ token,
181
+ refreshToken,
182
+ expiresIn: accessExpiresInSeconds,
183
+ expiresAt: accessExpiresAt,
184
+ name: user.name,
185
+ role: primaryUserRole,
186
+ },
187
+ });
188
+ }
189
+ async function me(req, res) {
190
+ const payload = req.user;
191
+ if (!payload || !payload.userId) {
192
+ (0, response_1.sendError)(res, 401, "Unauthorized");
193
+ return;
194
+ }
195
+ // Try to get from Redis
196
+ const cachedUser = await redis_1.redis.get(`user:${payload.userId}`);
197
+ if (cachedUser) {
198
+ const user = JSON.parse(cachedUser);
199
+ (0, response_1.sendFastSuccess)(res, 200, userProfileSerializer, {
200
+ status: "success",
201
+ message: "User profile (cached)",
202
+ data: user,
203
+ });
204
+ return;
205
+ }
206
+ const user = store_1.users.find((u) => u.id === payload.userId);
207
+ if (!user) {
208
+ (0, response_1.sendError)(res, 404, "User not found");
209
+ return;
210
+ }
211
+ // Find user roles
212
+ const userRoleLinks = store_1.user_roles.filter((ur) => ur.user_id === user.id);
213
+ const userRoleObjects = userRoleLinks
214
+ .map((ur) => store_1.roles.find((r) => r.id === ur.role_id))
215
+ .filter((r) => r);
216
+ const primaryRoleSlug = userRoleObjects.length > 0 ? userRoleObjects[0]?.slug : "user";
217
+ const { password, ...rest } = user;
218
+ const userData = {
219
+ ...rest,
220
+ id: user.id.toString(),
221
+ role: primaryRoleSlug,
222
+ };
223
+ // Cache in Redis for 1 hour
224
+ await redis_1.redis.set(`user:${payload.userId}`, JSON.stringify(userData), "EX", 3600);
225
+ (0, response_1.sendFastSuccess)(res, 200, userProfileSerializer, {
226
+ status: "success",
227
+ message: "User profile",
228
+ data: userData,
229
+ });
230
+ }
231
+ async function logout(_req, res) {
232
+ // In a stateless JWT setup, logout is client-side (delete token).
233
+ // If using a whitelist/blacklist in Redis, invalidate the token here.
234
+ // For now, just return success.
235
+ (0, response_1.sendFastSuccess)(res, 200, voidSerializer, {
236
+ status: "success",
237
+ message: "Logout successful",
238
+ data: null,
239
+ });
240
+ }
241
+ async function refreshToken(req, res) {
242
+ const validator = validator_1.Validator.make(req.body || {}, {
243
+ refreshToken: "required|min:1",
244
+ });
245
+ if (await validator.fails()) {
246
+ (0, response_1.sendError)(res, 422, "Validation error", validator.errors());
247
+ return;
248
+ }
249
+ const secret = process.env.JWT_SECRET;
250
+ if (!secret) {
251
+ (0, response_1.sendError)(res, 500, "Server misconfigured");
252
+ return;
253
+ }
254
+ try {
255
+ const validatedData = await validator.validated();
256
+ const decoded = jsonwebtoken_1.default.verify(validatedData.refreshToken, secret);
257
+ if (decoded.tokenType !== "refresh") {
258
+ (0, response_1.sendError)(res, 401, "Invalid refresh token");
259
+ return;
260
+ }
261
+ const user = store_1.users.find((u) => u.id === decoded.userId);
262
+ if (!user) {
263
+ (0, response_1.sendError)(res, 401, "Invalid refresh token");
264
+ return;
265
+ }
266
+ // Find user roles
267
+ const userRoleLinks = store_1.user_roles.filter((ur) => ur.user_id === user.id);
268
+ const userRoleObjects = userRoleLinks
269
+ .map((ur) => store_1.roles.find((r) => r.id === ur.role_id))
270
+ .filter((r) => r);
271
+ const primaryUserRole = userRoleObjects.length > 0 && userRoleObjects[0]
272
+ ? userRoleObjects[0].slug
273
+ : "user";
274
+ const accessExpiresInSeconds = exports.ACCESS_TOKEN_EXPIRES_IN_SECONDS;
275
+ const accessExpiresAt = new Date(Date.now() + accessExpiresInSeconds * 1000).toISOString();
276
+ const token = jsonwebtoken_1.default.sign({ userId: user.id.toString(), role: primaryUserRole }, secret, { expiresIn: accessExpiresInSeconds });
277
+ (0, response_1.sendFastSuccess)(res, 200, refreshTokenSerializer, {
278
+ status: "success",
279
+ message: "Token refreshed",
280
+ data: {
281
+ token,
282
+ expiresIn: accessExpiresInSeconds,
283
+ expiresAt: accessExpiresAt,
284
+ name: user.name,
285
+ role: primaryUserRole,
286
+ },
287
+ });
288
+ }
289
+ catch {
290
+ (0, response_1.sendError)(res, 401, "Invalid refresh token");
291
+ }
292
+ }
293
+ async function updateAvatar(req, res) {
294
+ const payload = req.user;
295
+ if (!payload || !payload.userId) {
296
+ (0, response_1.sendError)(res, 401, "Unauthorized");
297
+ return;
298
+ }
299
+ const data = {
300
+ avatar: req.file,
301
+ };
302
+ const validator = validator_1.Validator.make(data, {
303
+ avatar: "nullable|image|mimes:jpeg,png,jpg,gif|max:2048",
304
+ });
305
+ if (await validator.fails()) {
306
+ (0, response_1.sendError)(res, 422, "Validation error", validator.errors());
307
+ return;
308
+ }
309
+ const { avatar: file } = await validator.validated();
310
+ if (!file) {
311
+ (0, response_1.sendError)(res, 400, "Avatar file is required");
312
+ return;
313
+ }
314
+ const userId = payload.userId;
315
+ const avatar = file.filename;
316
+ const avatar_url = process.env.AVATAR_BASE_URL || `/uploads/avatars/${file.filename}`;
317
+ const userIndex = store_1.users.findIndex((u) => u.id === userId);
318
+ if (userIndex === -1) {
319
+ (0, response_1.sendError)(res, 404, "User not found");
320
+ return;
321
+ }
322
+ store_1.users[userIndex] = {
323
+ ...store_1.users[userIndex],
324
+ avatar,
325
+ avatar_url,
326
+ updated_at: new Date(),
327
+ };
328
+ const updated = store_1.users[userIndex];
329
+ const { password, ...rest } = updated;
330
+ (0, response_1.sendFastSuccess)(res, 200, userProfileSerializer, {
331
+ status: "success",
332
+ message: "Avatar updated successfully",
333
+ data: {
334
+ ...rest,
335
+ id: updated.id.toString(),
336
+ role: payload.role, // Use role from JWT payload as it shouldn't change here
337
+ },
338
+ });
339
+ }
340
+ async function updatePassword(req, res) {
341
+ const payload = req.user;
342
+ if (!payload || !payload.userId) {
343
+ (0, response_1.sendError)(res, 401, "Unauthorized");
344
+ return;
345
+ }
346
+ const validator = validator_1.Validator.make(req.body || {}, {
347
+ currentPassword: "required|min:4",
348
+ newPassword: "required|min:4",
349
+ confirmPassword: "required|min:4|same:newPassword",
350
+ });
351
+ if (await validator.fails()) {
352
+ (0, response_1.sendError)(res, 422, "Validation error", validator.errors());
353
+ return;
354
+ }
355
+ const { currentPassword, newPassword } = await validator.validated();
356
+ const userIndex = store_1.users.findIndex((u) => u.id === payload.userId);
357
+ if (userIndex === -1) {
358
+ (0, response_1.sendError)(res, 404, "User not found");
359
+ return;
360
+ }
361
+ const user = store_1.users[userIndex];
362
+ const ok = await bcryptjs_1.default.compare(currentPassword, user.password || "");
363
+ if (!ok) {
364
+ (0, response_1.sendError)(res, 401, "Invalid credentials", {
365
+ field: "currentPassword",
366
+ message: "Current password is incorrect",
367
+ });
368
+ return;
369
+ }
370
+ const hash = await bcryptjs_1.default.hash(newPassword, 10);
371
+ store_1.users[userIndex] = {
372
+ ...user,
373
+ password: hash,
374
+ updated_at: new Date(),
375
+ };
376
+ (0, response_1.sendFastSuccess)(res, 200, voidSerializer, {
377
+ status: "success",
378
+ message: "Password updated successfully",
379
+ data: null,
380
+ });
381
+ }
382
+ async function updateProfile(req, res) {
383
+ const payload = req.user;
384
+ if (!payload || !payload.userId) {
385
+ (0, response_1.sendError)(res, 401, "Unauthorized");
386
+ return;
387
+ }
388
+ const validator = validator_1.Validator.make(req.body || {}, {
389
+ name: "required|min:1",
390
+ email: `required|email|unique:users,email,${payload.userId}`,
391
+ });
392
+ if (await validator.fails()) {
393
+ (0, response_1.sendError)(res, 422, "Validation error", validator.errors());
394
+ return;
395
+ }
396
+ const { name, email } = await validator.validated();
397
+ const userId = payload.userId;
398
+ // Manual unique check (In-Memory)
399
+ if (store_1.users.find((u) => u.email === email && u.id !== userId)) {
400
+ (0, response_1.sendError)(res, 422, "Validation error", { email: "Email already taken" });
401
+ return;
402
+ }
403
+ const userIndex = store_1.users.findIndex((u) => u.id === userId);
404
+ if (userIndex === -1) {
405
+ (0, response_1.sendError)(res, 404, "User not found");
406
+ return;
407
+ }
408
+ store_1.users[userIndex] = {
409
+ ...store_1.users[userIndex],
410
+ name,
411
+ email,
412
+ updated_at: new Date(),
413
+ };
414
+ (0, store_1.saveStore)();
415
+ await redis_1.redis.del(`user:${userId}`);
416
+ const updated = store_1.users[userIndex];
417
+ const { password, ...rest } = updated;
418
+ (0, response_1.sendFastSuccess)(res, 200, userProfileSerializer, {
419
+ status: "success",
420
+ message: "Profile updated successfully",
421
+ data: {
422
+ ...rest,
423
+ id: updated.id.toString(),
424
+ role: payload.role, // Use role from JWT payload
425
+ },
426
+ });
427
+ }
@@ -0,0 +1,2 @@
1
+ export declare const authRouter: import("express-serve-static-core").Router;
2
+ //# sourceMappingURL=auth.routes.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"auth.routes.d.ts","sourceRoot":"","sources":["../../../../src/modules/Auth/auth.routes.ts"],"names":[],"mappings":"AAoDA,eAAO,MAAM,UAAU,4CAAW,CAAC"}
@@ -0,0 +1,45 @@
1
+ "use strict";
2
+ var __importDefault = (this && this.__importDefault) || function (mod) {
3
+ return (mod && mod.__esModule) ? mod : { "default": mod };
4
+ };
5
+ Object.defineProperty(exports, "__esModule", { value: true });
6
+ exports.authRouter = void 0;
7
+ const express_1 = require("express");
8
+ const express_rate_limit_1 = __importDefault(require("express-rate-limit"));
9
+ // eslint-disable-next-line @typescript-eslint/no-var-requires
10
+ const multer = require("multer");
11
+ const path_1 = __importDefault(require("path"));
12
+ const fs_1 = __importDefault(require("fs"));
13
+ const auth_controller_1 = require("./auth.controller");
14
+ const auth_1 = require("../../../lib/middleware/auth");
15
+ const authLimiter = (0, express_rate_limit_1.default)({
16
+ windowMs: 15 * 60 * 1000,
17
+ max: 50,
18
+ standardHeaders: true,
19
+ legacyHeaders: false,
20
+ });
21
+ const avatarUploadDir = process.env.AVATAR_UPLOAD_DIR || "uploads/avatars";
22
+ if (!fs_1.default.existsSync(avatarUploadDir)) {
23
+ fs_1.default.mkdirSync(avatarUploadDir, { recursive: true });
24
+ }
25
+ const storage = multer.diskStorage({
26
+ destination(_req, _file, cb) {
27
+ cb(null, avatarUploadDir);
28
+ },
29
+ filename(_req, file, cb) {
30
+ const ext = path_1.default.extname(file.originalname);
31
+ const base = path_1.default.basename(file.originalname, ext);
32
+ const unique = Date.now() + "-" + Math.round(Math.random() * 1e9);
33
+ cb(null, base + "-" + unique + ext);
34
+ },
35
+ });
36
+ const uploadAvatar = multer({ storage });
37
+ exports.authRouter = (0, express_1.Router)();
38
+ exports.authRouter.post("/register", authLimiter, auth_controller_1.register);
39
+ exports.authRouter.post("/login", authLimiter, auth_controller_1.login);
40
+ exports.authRouter.get("/me", auth_1.requireAuth, auth_controller_1.me);
41
+ exports.authRouter.post("/logout", auth_1.requireAuth, auth_controller_1.logout);
42
+ exports.authRouter.post("/refresh", authLimiter, auth_controller_1.refreshToken);
43
+ exports.authRouter.put("/password", auth_1.requireAuth, auth_controller_1.updatePassword);
44
+ exports.authRouter.put("/profile", auth_1.requireAuth, auth_controller_1.updateProfile);
45
+ exports.authRouter.post("/avatar", auth_1.requireAuth, uploadAvatar.single("avatar"), auth_controller_1.updateAvatar);
@@ -0,0 +1,3 @@
1
+ export declare class AuthService {
2
+ }
3
+ //# sourceMappingURL=auth.service.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../../../src/modules/Auth/auth.service.ts"],"names":[],"mappings":"AAGA,qBAAa,WAAW;CAEvB"}
@@ -0,0 +1,8 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.AuthService = void 0;
4
+ // Placeholder for Auth Service
5
+ // You can move business logic from controller to here in the future
6
+ class AuthService {
7
+ }
8
+ exports.AuthService = AuthService;
@@ -0,0 +1,16 @@
1
+ import { Request, Response } from "express";
2
+ export declare function createRole(req: Request, res: Response): Promise<void>;
3
+ export declare function listRoles(_req: Request, res: Response): Promise<void>;
4
+ export declare function updateRole(req: Request, res: Response): Promise<void>;
5
+ export declare function deleteRole(req: Request, res: Response): Promise<void>;
6
+ export declare function createPermission(req: Request, res: Response): Promise<void>;
7
+ export declare function listPermissions(_req: Request, res: Response): Promise<void>;
8
+ export declare function updatePermission(req: Request, res: Response): Promise<void>;
9
+ export declare function deletePermission(req: Request, res: Response): Promise<void>;
10
+ export declare function assignRoleToUser(req: Request, res: Response): Promise<void>;
11
+ export declare function removeRoleFromUser(req: Request, res: Response): Promise<void>;
12
+ export declare function assignPermissionToRole(req: Request, res: Response): Promise<void>;
13
+ export declare function removePermissionFromRole(req: Request, res: Response): Promise<void>;
14
+ export declare function assignPermissionToUser(req: Request, res: Response): Promise<void>;
15
+ export declare function removePermissionFromUser(req: Request, res: Response): Promise<void>;
16
+ //# sourceMappingURL=rbac.controller.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"rbac.controller.d.ts","sourceRoot":"","sources":["../../../../src/modules/Rbac/rbac.controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAkE5C,wBAAsB,UAAU,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,iBAoC3D;AAED,wBAAsB,SAAS,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,iBAO3D;AAED,wBAAsB,UAAU,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,iBA+C3D;AAED,wBAAsB,UAAU,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,iBA+B3D;AAED,wBAAsB,gBAAgB,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,iBAmCjE;AAED,wBAAsB,eAAe,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,iBAUjE;AAED,wBAAsB,gBAAgB,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,iBA+CjE;AAED,wBAAsB,gBAAgB,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,iBA+BjE;AAED,wBAAsB,gBAAgB,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,iBAyCjE;AAED,wBAAsB,kBAAkB,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,iBAuBnE;AAED,wBAAsB,sBAAsB,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,iBAyCvE;AAED,wBAAsB,wBAAwB,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,iBA0BzE;AAED,wBAAsB,sBAAsB,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,iBAwCvE;AAED,wBAAsB,wBAAwB,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,iBAyBzE"}