najm-auth 1.1.11 → 1.1.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/dist/index.js +13 -3
  2. package/package.json +10 -10
package/dist/index.js CHANGED
@@ -1690,6 +1690,16 @@ var __param3 = function(paramIndex, decorator) {
1690
1690
  };
1691
1691
  };
1692
1692
  var _a8;
1693
+ var ipAndEmail = /* @__PURE__ */ __name(async (ctx) => {
1694
+ const ip = ctx.req.header("x-forwarded-for")?.split(",")[0]?.trim() ?? ctx.req.header("x-real-ip") ?? "unknown";
1695
+ try {
1696
+ const body = await ctx.req.json();
1697
+ if (body?.email)
1698
+ return `${ip}:${body.email}`;
1699
+ } catch {
1700
+ }
1701
+ return ip;
1702
+ }, "ipAndEmail");
1693
1703
  var AuthController = class AuthController2 {
1694
1704
  static {
1695
1705
  __name(this, "AuthController");
@@ -1722,7 +1732,7 @@ var AuthController = class AuthController2 {
1722
1732
  };
1723
1733
  __decorate13([
1724
1734
  Post("/register"),
1725
- RateLimit({ limit: 5, window: "15m", key: "ip" }),
1735
+ RateLimit({ limit: 5, window: "15m", key: ipAndEmail }),
1726
1736
  Validate(createUserDto),
1727
1737
  ResMsg("auth.success.register"),
1728
1738
  __param3(0, Body()),
@@ -1732,7 +1742,7 @@ __decorate13([
1732
1742
  ], AuthController.prototype, "registerUser", null);
1733
1743
  __decorate13([
1734
1744
  Post("/login"),
1735
- RateLimit({ limit: 5, window: "15m", key: "ip", message: "Too many login attempts. Please try again later." }),
1745
+ RateLimit({ limit: 5, window: "15m", key: ipAndEmail, message: "Too many login attempts. Please try again later." }),
1736
1746
  Validate(loginDto),
1737
1747
  ResMsg("auth.success.login"),
1738
1748
  __param3(0, Body()),
@@ -1770,7 +1780,7 @@ __decorate13([
1770
1780
  ], AuthController.prototype, "userProfile", null);
1771
1781
  __decorate13([
1772
1782
  Post("/forgot-password"),
1773
- RateLimit({ limit: 3, window: "15m", key: "ip", message: "Too many password reset requests. Please try again later." }),
1783
+ RateLimit({ limit: 3, window: "15m", key: ipAndEmail, message: "Too many password reset requests. Please try again later." }),
1774
1784
  Validate(resetPasswordDto),
1775
1785
  ResMsg("auth.success.passwordResetSent"),
1776
1786
  __param3(0, Body()),
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "najm-auth",
3
- "version": "1.1.11",
3
+ "version": "1.1.13",
4
4
  "description": "Authentication and authorization library for najm framework",
5
5
  "type": "module",
6
6
  "files": [
@@ -58,15 +58,15 @@
58
58
  "typescript": "^5.9.3"
59
59
  },
60
60
  "dependencies": {
61
- "najm-cookies": "workspace:*",
62
- "najm-core": "workspace:*",
63
- "najm-database": "workspace:*",
64
- "najm-guard": "workspace:*",
65
- "najm-i18n": "workspace:*",
66
- "najm-cache": "workspace:*",
67
- "najm-email": "workspace:*",
68
- "najm-rate": "workspace:*",
69
- "najm-validation": "workspace:*",
61
+ "najm-cookies": "^1.1.4",
62
+ "najm-core": "^1.2.1",
63
+ "najm-database": "^1.1.5",
64
+ "najm-guard": "^1.1.4",
65
+ "najm-i18n": "^1.1.4",
66
+ "najm-cache": "^1.2.1",
67
+ "najm-email": "^1.1.4",
68
+ "najm-rate": "^1.1.4",
69
+ "najm-validation": "^1.1.4",
70
70
  "bcryptjs": "^3.0.3",
71
71
  "hono": "^4.0.0",
72
72
  "jsonwebtoken": "^9.0.3",