win-portal-auth-sdk 1.3.0 → 1.4.0

package/dist/client/auth-client.js

@@ -14,6 +14,17 @@ exports.AuthClient = void 0;
 const axios_1 = __importDefault(require("axios"));
 const api_1 = require("./api");
 const token_utils_1 = require("../utils/token-utils");
+const logger_1 = require("../utils/logger");
+// Constants - Default values
+const DEFAULT_INACTIVITY_TIMEOUT_SECONDS = 30 * 60; // 30 minutes
+const DEFAULT_WARNING_SECONDS = 5 * 60; // 5 minutes
+const DEFAULT_SESSION_CHECK_INTERVAL_SECONDS = 30; // 30 seconds
+// Internal constants - Rate limiting (ไม่ควรให้ customize)
+const REFRESH_COOLDOWN_MS = 30 * 1000; // 30 seconds - rate limiting for refresh
+const WARNING_COOLDOWN_MS = 60 * 1000; // 1 minute - rate limiting for warnings
+// Internal constants - Performance tuning (สามารถ customize ได้ผ่าน advanced config)
+const DEFAULT_ACTIVITY_THROTTLE_MS = 1000; // 1 second - throttle activity handler
+const DEFAULT_REFRESH_TIMEOUT_MS = 5000; // 5 seconds - refresh timeout
 class AuthClient {
     constructor(config) {
         this.token = null;
@@ -25,21 +36,38 @@ class AuthClient {
         this.automaticRefreshEnabled = null;
         this.lastRefreshAttempt = 0;
         this.refreshPromise = null;
-        this.REFRESH_COOLDOWN_MS = 30 * 1000; // 30 seconds cooldown
         // Session expiration monitoring
         this.sessionExpirationCallbacks = null;
         this.sessionManagementConfig = null;
         this.sessionManagementConfigPromise = null;
         this.sessionExpirationCheckInterval = null;
-        this.sessionExpirationCheckIntervalSeconds = 30;
+        this.sessionExpirationCheckIntervalSeconds = DEFAULT_SESSION_CHECK_INTERVAL_SECONDS;
         this.lastWarningTime = 0;
-        this.WARNING_COOLDOWN_MS = 60 * 1000; // 1 minute cooldown between warnings
+        // Inactivity detection
+        this.inactivityCallbacks = null;
+        this.inactivityTimeout = null;
+        this.inactivityWarningTimeout = null;
+        this.lastActivityTime = 0;
+        this.inactivityDetectionEnabled = false;
+        this.inactivityTimeoutSeconds = 0;
+        this.inactivityWarningSeconds = 0;
+        this.activityEvents = [];
+        this.activityHandler = null;
+        this.activityThrottleTimeout = null;
+        this.activityThrottleMs = DEFAULT_ACTIVITY_THROTTLE_MS;
+        this.refreshTimeoutMs = DEFAULT_REFRESH_TIMEOUT_MS;
         this.apiKey = config.apiKey;
         this.apiKeyHeader = config.apiKeyHeader || 'X-API-Key';
-        console.log('[AuthClient] Initializing with config:', {
+        // Apply advanced config if provided
+        if (config.advanced) {
+            this.activityThrottleMs = config.advanced.activityThrottleMs ?? DEFAULT_ACTIVITY_THROTTLE_MS;
+            this.refreshTimeoutMs = config.advanced.refreshTimeoutMs ?? DEFAULT_REFRESH_TIMEOUT_MS;
+        }
+        logger_1.logger.debug('Initializing with config:', {
             baseURL: config.baseURL,
             timeout: config.timeout,
             apiKeyHeader: this.apiKeyHeader,
+            advanced: config.advanced,
         });
         this.client = axios_1.default.create({
             baseURL: config.baseURL,
@@ -67,29 +95,28 @@ class AuthClient {
                             const isCritical = remainingMinutes !== null && remainingMinutes <= 1;
                             const now = Date.now();
                             const timeSinceLastRefresh = now - this.lastRefreshAttempt;
-                            if (timeSinceLastRefresh >= this.REFRESH_COOLDOWN_MS &&
-                                !this.refreshPromise) {
-                                console.log(`[AuthClient] Token near expiration (${remainingMinutes} min remaining), refreshing...`);
+                            if (timeSinceLastRefresh >= REFRESH_COOLDOWN_MS && !this.refreshPromise) {
+                                logger_1.logger.debug(`Token near expiration (${remainingMinutes} min remaining), refreshing...`);
                                 this.lastRefreshAttempt = now;
                                 if (isCritical) {
                                     // Critical: await refresh
                                     try {
                                         const newToken = await Promise.race([
                                             this.performRefresh(),
-                                            new Promise((_, reject) => setTimeout(() => reject(new Error('Refresh timeout')), 5000)),
+                                            new Promise((_, reject) => setTimeout(() => reject(new Error('Refresh timeout')), this.refreshTimeoutMs)),
                                         ]);
                                         this.token = newToken;
                                         requestConfig.headers['Authorization'] = `Bearer ${newToken}`;
-                                        console.log('[AuthClient] Token refreshed successfully (critical)');
+                                        logger_1.logger.info('Token refreshed successfully (critical)');
                                     }
                                     catch (error) {
-                                        console.error('[AuthClient] Critical token refresh failed:', error);
+                                        logger_1.logger.error('Critical token refresh failed:', error);
                                     }
                                 }
                                 else {
                                     // Background refresh
                                     this.performRefresh().catch((error) => {
-                                        console.error('[AuthClient] Background token refresh failed:', error);
+                                        logger_1.logger.error('Background token refresh failed:', error);
                                     });
                                 }
                             }
@@ -107,7 +134,7 @@ class AuthClient {
             // Handle 401 errors - try refresh token before failing
             if (error.response?.status === 401 && originalRequest && this.refreshTokenCallbacks) {
                 if (originalRequest._retry) {
-                    console.warn('[AuthClient] 401 Unauthorized after retry - refresh failed');
+                    logger_1.logger.warn('401 Unauthorized after retry - refresh failed');
                     if (this.refreshTokenCallbacks.onRefreshFailure) {
                         await this.refreshTokenCallbacks.onRefreshFailure();
                     }
@@ -115,7 +142,7 @@ class AuthClient {
                 }
                 // Skip refresh for refresh endpoint itself
                 if (originalRequest.url?.includes('/auth/refresh') || originalRequest.url?.includes('/auth/refresh-token')) {
-                    console.error('[AuthClient] Refresh endpoint failed - session expired');
+                    logger_1.logger.error('Refresh endpoint failed - session expired');
                     if (this.refreshTokenCallbacks.onRefreshFailure) {
                         await this.refreshTokenCallbacks.onRefreshFailure();
                     }
@@ -124,15 +151,15 @@ class AuthClient {
                 // Try to refresh token
                 try {
                     originalRequest._retry = true;
-                    console.log('[AuthClient] 401 detected, attempting token refresh...');
+                    logger_1.logger.debug('401 detected, attempting token refresh...');
                     const newToken = await this.performRefresh();
                     originalRequest.headers = originalRequest.headers || {};
                     originalRequest.headers.Authorization = `Bearer ${newToken}`;
-                    console.log('[AuthClient] Token refreshed, retrying original request...');
+                    logger_1.logger.debug('Token refreshed, retrying original request...');
                     return this.client(originalRequest);
                 }
                 catch (refreshError) {
-                    console.error('[AuthClient] Token refresh failed:', refreshError);
+                    logger_1.logger.error('Token refresh failed:', refreshError);
                     if (this.refreshTokenCallbacks.onRefreshFailure) {
                         await this.refreshTokenCallbacks.onRefreshFailure();
                     }
@@ -141,10 +168,10 @@ class AuthClient {
             }
             // Handle other errors
             if (error.response?.status === 401) {
-                console.error('[AuthClient] API Key authentication failed');
+                logger_1.logger.error('API Key authentication failed');
             }
             else if (error.response?.status === 429) {
-                console.error('[AuthClient] Rate limit exceeded');
+                logger_1.logger.error('Rate limit exceeded');
             }
             return Promise.reject(error);
         });
@@ -170,7 +197,7 @@ class AuthClient {
      * ```
      */
     initializeOAuth(config) {
-        console.log('[AuthClient] Initializing OAuth with:', {
+        logger_1.logger.debug('Initializing OAuth with:', {
             clientId: config.clientId,
             redirectUri: config.redirectUri,
             scope: config.scope,
@@ -244,7 +271,7 @@ class AuthClient {
     setToken(token, type = 'jwt') {
         this.token = token;
         this.authType = type;
-        console.log(`[AuthClient] Token set with type: ${type}`);
+        logger_1.logger.debug(`Token set with type: ${type}`);
         // Reset warning time when token changes
         this.lastWarningTime = 0;
         // If session expiration monitoring is enabled, check immediately
@@ -265,7 +292,7 @@ class AuthClient {
      */
     setAuthType(type) {
         this.authType = type;
-        console.log(`[AuthClient] Auth type changed to: ${type}`);
+        logger_1.logger.debug(`Auth type changed to: ${type}`);
     }
     /**
      * Get current token (masked)
@@ -379,10 +406,10 @@ class AuthClient {
             const config = await this.systemConfig.getSecurityJwtConfig();
             this.refreshThresholdMinutes = config.refresh_threshold_minutes;
             this.automaticRefreshEnabled = config.automatic_refresh ?? true;
-            console.log(`[AuthClient] JWT config loaded: refresh_threshold_minutes=${this.refreshThresholdMinutes} minutes, automatic_refresh=${this.automaticRefreshEnabled}`);
+            logger_1.logger.debug(`JWT config loaded: refresh_threshold_minutes=${this.refreshThresholdMinutes} minutes, automatic_refresh=${this.automaticRefreshEnabled}`);
         }
         catch (error) {
-            console.error('[AuthClient] Failed to load JWT config:', error);
+            logger_1.logger.error('Failed to load JWT config:', error);
             // Reset to allow retry
             this.jwtConfigPromise = null;
             throw error;
@@ -429,7 +456,7 @@ class AuthClient {
             if (session.refresh_token) {
                 await this.refreshTokenCallbacks.setRefreshToken(session.refresh_token);
             }
-            console.log('[AuthClient] Token refreshed successfully');
+            logger_1.logger.debug('Token refreshed successfully');
             return newAccessToken;
         }
         catch (error) {
@@ -442,11 +469,11 @@ class AuthClient {
                     if (tokens.refresh_token) {
                         await this.refreshTokenCallbacks.setRefreshToken(tokens.refresh_token);
                     }
-                    console.log('[AuthClient] Token refreshed successfully (fallback)');
+                    logger_1.logger.debug('Token refreshed successfully (fallback)');
                     return newAccessToken;
                 }
                 catch (fallbackError) {
-                    console.error('[AuthClient] Fallback refresh also failed:', fallbackError);
+                    logger_1.logger.error('Fallback refresh also failed:', fallbackError);
                     throw fallbackError;
                 }
             }
@@ -487,7 +514,7 @@ class AuthClient {
      */
     async enableSessionExpirationMonitoring(options) {
         this.sessionExpirationCallbacks = options.callbacks;
-        this.sessionExpirationCheckIntervalSeconds = options.checkIntervalSeconds ?? 30;
+        this.sessionExpirationCheckIntervalSeconds = options.checkIntervalSeconds ?? DEFAULT_SESSION_CHECK_INTERVAL_SECONDS;
         // Load session management config
         await this.loadSessionManagementConfig();
         // Start monitoring
@@ -519,7 +546,7 @@ class AuthClient {
         try {
             const config = await this.systemConfig.getSessionManagement();
             this.sessionManagementConfig = config;
-            console.log('[AuthClient] Session management config loaded:', {
+            logger_1.logger.debug('Session management config loaded:', {
                 inactivityEnabled: config.inactivity.enabled,
                 inactivityTimeout: `${config.inactivity.timeout_duration} ${config.inactivity.timeout_unit}`,
                 inactivityWarningMinutes: config.inactivity.warning_minutes,
@@ -528,7 +555,7 @@ class AuthClient {
             });
         }
         catch (error) {
-            console.error('[AuthClient] Failed to load session management config:', error);
+            logger_1.logger.error('Failed to load session management config:', error);
             // Reset to allow retry
             this.sessionManagementConfigPromise = null;
             throw error;
@@ -628,7 +655,7 @@ class AuthClient {
         // Check cooldown to avoid spam
         const now = Date.now();
         const timeSinceLastWarning = now - this.lastWarningTime;
-        if (timeSinceLastWarning >= this.WARNING_COOLDOWN_MS) {
+        if (timeSinceLastWarning >= WARNING_COOLDOWN_MS) {
             this.lastWarningTime = now;
             this.sessionExpirationCallbacks.onSessionExpiring(remainingMinutes, expirationType);
         }
@@ -641,5 +668,224 @@ class AuthClient {
         this.sessionManagementConfig = null;
         await this.loadSessionManagementConfig();
     }
+    /**
+     * Enable inactivity detection
+     * จับ user activity (mouse/keyboard/touch/scroll) และ trigger callback เมื่อ inactivity timeout
+     *
+     * @param options - Options for inactivity detection
+     *
+     * @example
+     * ```typescript
+     * await authClient.enableInactivityDetection({
+     *   callbacks: {
+     *     onInactivityWarning: (remainingSeconds) => {
+     *       console.log(`Inactivity warning: ${remainingSeconds} seconds remaining`);
+     *       // แสดง notification หรือ dialog
+     *     },
+     *     onInactivityTimeout: () => {
+     *       console.log('Inactivity timeout');
+     *       // Redirect to login หรือ logout
+     *       authClient.clearToken();
+     *       window.location.href = '/login';
+     *     }
+     *   },
+     *   timeoutSeconds: 1800, // 30 minutes (optional, default: จาก session management config)
+     *   warningSeconds: 300, // 5 minutes warning (optional, default: จาก session management config)
+     *   events: ['mousemove', 'keydown', 'touchstart', 'scroll'] // (optional, default: ทั้งหมด)
+     * });
+     * ```
+     */
+    async enableInactivityDetection(options) {
+        // Disable existing detection if any
+        this.disableInactivityDetection();
+        this.inactivityCallbacks = options.callbacks;
+        // Load session management config if not loaded
+        if (!this.sessionManagementConfig) {
+            await this.loadSessionManagementConfig();
+        }
+        // Determine timeout and warning seconds
+        if (options.timeoutSeconds !== undefined) {
+            this.inactivityTimeoutSeconds = options.timeoutSeconds;
+        }
+        else if (this.sessionManagementConfig?.inactivity.enabled) {
+            // Use session management config
+            this.inactivityTimeoutSeconds =
+                (0, token_utils_1.convertDurationToMinutes)(this.sessionManagementConfig.inactivity.timeout_duration, this.sessionManagementConfig.inactivity.timeout_unit) * 60; // Convert to seconds
+        }
+        else {
+            // Default: 30 minutes
+            this.inactivityTimeoutSeconds = DEFAULT_INACTIVITY_TIMEOUT_SECONDS;
+        }
+        if (options.warningSeconds !== undefined) {
+            this.inactivityWarningSeconds = options.warningSeconds;
+        }
+        else if (this.sessionManagementConfig?.inactivity.warning_minutes) {
+            // Use session management config (convert minutes to seconds)
+            this.inactivityWarningSeconds = this.sessionManagementConfig.inactivity.warning_minutes * 60;
+        }
+        else {
+            // Default: 5 minutes
+            this.inactivityWarningSeconds = DEFAULT_WARNING_SECONDS;
+        }
+        // Determine events to listen
+        this.activityEvents = options.events || ['mousemove', 'keydown', 'touchstart', 'scroll'];
+        // Initialize last activity time
+        this.lastActivityTime = Date.now();
+        // Enable detection
+        this.inactivityDetectionEnabled = true;
+        // Setup event listeners
+        this.setupActivityListeners();
+        // Start timer
+        this.resetInactivityTimer();
+        logger_1.logger.debug('Inactivity detection enabled:', {
+            timeoutSeconds: this.inactivityTimeoutSeconds,
+            warningSeconds: this.inactivityWarningSeconds,
+            events: this.activityEvents,
+        });
+    }
+    /**
+     * Disable inactivity detection
+     */
+    disableInactivityDetection() {
+        this.inactivityDetectionEnabled = false;
+        // Clear throttle timeout
+        if (this.activityThrottleTimeout) {
+            clearTimeout(this.activityThrottleTimeout);
+            this.activityThrottleTimeout = null;
+        }
+        // Clear timeouts
+        this.clearInactivityTimeouts();
+        // Remove event listeners
+        this.removeActivityListeners();
+        // Reset state
+        this.inactivityCallbacks = null;
+        this.lastActivityTime = 0;
+        this.inactivityTimeoutSeconds = 0;
+        this.inactivityWarningSeconds = 0;
+        this.activityEvents = [];
+        logger_1.logger.debug('Inactivity detection disabled');
+    }
+    /**
+     * Handle user activity - reset inactivity timer with throttle
+     */
+    handleUserActivity() {
+        if (!this.inactivityDetectionEnabled) {
+            return;
+        }
+        // Throttle: reset timer สูงสุดทุก 1 วินาที เพื่อลด CPU usage
+        if (this.activityThrottleTimeout) {
+            return;
+        }
+        this.lastActivityTime = Date.now();
+        this.resetInactivityTimer();
+        this.activityThrottleTimeout = setTimeout(() => {
+            this.activityThrottleTimeout = null;
+        }, this.activityThrottleMs);
+    }
+    /**
+     * Setup activity event listeners
+     */
+    setupActivityListeners() {
+        if (typeof window === 'undefined') {
+            logger_1.logger.warn('Cannot setup activity listeners: window is undefined (SSR)');
+            return;
+        }
+        // Remove existing listeners if any
+        this.removeActivityListeners();
+        // Create handler
+        const handler = () => {
+            this.handleUserActivity();
+        };
+        this.activityHandler = handler;
+        // Setup listeners for each event type
+        this.activityEvents.forEach((eventType) => {
+            window.addEventListener(eventType, handler, { passive: true });
+        });
+        logger_1.logger.debug('Activity listeners setup:', this.activityEvents);
+    }
+    /**
+     * Remove activity event listeners
+     */
+    removeActivityListeners() {
+        if (typeof window === 'undefined' || !this.activityHandler) {
+            return;
+        }
+        const handler = this.activityHandler;
+        this.activityEvents.forEach((eventType) => {
+            window.removeEventListener(eventType, handler);
+        });
+        this.activityHandler = null;
+        logger_1.logger.debug('Activity listeners removed');
+    }
+    /**
+     * Clear inactivity timeouts (helper method)
+     */
+    clearInactivityTimeouts() {
+        if (this.inactivityWarningTimeout) {
+            clearTimeout(this.inactivityWarningTimeout);
+            this.inactivityWarningTimeout = null;
+        }
+        if (this.inactivityTimeout) {
+            clearTimeout(this.inactivityTimeout);
+            this.inactivityTimeout = null;
+        }
+    }
+    /**
+     * Reset inactivity timer
+     */
+    resetInactivityTimer() {
+        // Clear existing timeouts
+        this.clearInactivityTimeouts();
+        if (!this.inactivityDetectionEnabled || !this.inactivityCallbacks) {
+            return;
+        }
+        const now = Date.now();
+        this.lastActivityTime = now;
+        // Setup warning timeout
+        if (this.inactivityWarningSeconds > 0 && this.inactivityCallbacks.onInactivityWarning) {
+            const warningTime = this.inactivityTimeoutSeconds - this.inactivityWarningSeconds;
+            if (warningTime > 0) {
+                const timerStartTime = now; // Capture start time for this timer
+                this.inactivityWarningTimeout = setTimeout(() => {
+                    // Calculate remaining seconds based on when timer was set
+                    const elapsedSeconds = (Date.now() - timerStartTime) / 1000;
+                    const remainingSeconds = this.inactivityTimeoutSeconds - elapsedSeconds;
+                    if (this.inactivityCallbacks?.onInactivityWarning && remainingSeconds > 0) {
+                        this.inactivityCallbacks.onInactivityWarning(Math.floor(remainingSeconds));
+                    }
+                }, warningTime * 1000);
+            }
+        }
+        // Setup timeout
+        this.inactivityTimeout = setTimeout(() => {
+            if (this.inactivityCallbacks?.onInactivityTimeout) {
+                this.inactivityCallbacks.onInactivityTimeout();
+            }
+        }, this.inactivityTimeoutSeconds * 1000);
+    }
+    /**
+     * Check inactivity timeout and trigger callbacks if needed
+     */
+    checkInactivityTimeout() {
+        if (!this.inactivityDetectionEnabled || !this.inactivityCallbacks) {
+            return;
+        }
+        const now = Date.now();
+        const inactiveSeconds = (now - this.lastActivityTime) / 1000;
+        // Check if timeout reached
+        if (inactiveSeconds >= this.inactivityTimeoutSeconds) {
+            if (this.inactivityCallbacks.onInactivityTimeout) {
+                this.inactivityCallbacks.onInactivityTimeout();
+            }
+            return;
+        }
+        // Check if warning should be triggered
+        const remainingSeconds = this.inactivityTimeoutSeconds - inactiveSeconds;
+        if (remainingSeconds <= this.inactivityWarningSeconds &&
+            remainingSeconds > 0 &&
+            this.inactivityCallbacks.onInactivityWarning) {
+            this.inactivityCallbacks.onInactivityWarning(Math.floor(remainingSeconds));
+        }
+    }
 }
 exports.AuthClient = AuthClient;

package/dist/client/index.d.ts

@@ -2,6 +2,6 @@
  * Client exports for frontend applications
  */
 export { AuthClient } from './auth-client';
-export type { RefreshTokenCallbacks, AutomaticRefreshOptions, SessionExpirationCallbacks, SessionExpirationOptions, } from './auth-client';
+export type { RefreshTokenCallbacks, AutomaticRefreshOptions, SessionExpirationCallbacks, SessionExpirationOptions, InactivityCallbacks, InactivityDetectionOptions, } from './auth-client';
 export * from './api';
 //# sourceMappingURL=index.d.ts.map

package/dist/client/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/client/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,YAAY,EACV,qBAAqB,EACrB,uBAAuB,EACvB,0BAA0B,EAC1B,wBAAwB,GACzB,MAAM,eAAe,CAAC;AACvB,cAAc,OAAO,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/client/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,YAAY,EACV,qBAAqB,EACrB,uBAAuB,EACvB,0BAA0B,EAC1B,wBAAwB,EACxB,mBAAmB,EACnB,0BAA0B,GAC3B,MAAM,eAAe,CAAC;AACvB,cAAc,OAAO,CAAC"}

package/dist/index.d.ts

@@ -3,9 +3,15 @@
  *
  * Authentication SDK for Win Portal applications
  * Provides HTTP client with automatic API key injection
+ *
+ * Core exports - ใช้ได้ทุกที่ (Frontend & Backend)
+ *
+ * สำหรับ Backend-specific features:
+ * - Express Middleware: import from 'win-portal-auth-sdk/middleware'
+ * - NestJS Components: import from 'win-portal-auth-sdk/nestjs'
  */
 export * from './types';
 export * from './client';
-export * from './middleware';
 export * from './utils/token-utils';
+export { logger } from './utils/logger';
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,cAAc,SAAS,CAAC;AAGxB,cAAc,UAAU,CAAC;AAGzB,cAAc,cAAc,CAAC;AAG7B,cAAc,qBAAqB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAGH,cAAc,SAAS,CAAC;AAGxB,cAAc,UAAU,CAAC;AAGzB,cAAc,qBAAqB,CAAC;AACpC,OAAO,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC"}

package/dist/index.js

@@ -4,6 +4,12 @@
  *
  * Authentication SDK for Win Portal applications
  * Provides HTTP client with automatic API key injection
+ *
+ * Core exports - ใช้ได้ทุกที่ (Frontend & Backend)
+ *
+ * สำหรับ Backend-specific features:
+ * - Express Middleware: import from 'win-portal-auth-sdk/middleware'
+ * - NestJS Components: import from 'win-portal-auth-sdk/nestjs'
  */
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
@@ -20,11 +26,17 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.logger = void 0;
 // Types
 __exportStar(require("./types"), exports);
 // Client (Frontend & Backend)
 __exportStar(require("./client"), exports);
-// Middleware (Backend only - Express & NestJS)
-__exportStar(require("./middleware"), exports);
 // Utils
 __exportStar(require("./utils/token-utils"), exports);
+var logger_1 = require("./utils/logger");
+Object.defineProperty(exports, "logger", { enumerable: true, get: function () { return logger_1.logger; } });
+// Note: Middleware และ NestJS components ไม่ได้ export จาก root
+// เพื่อป้องกันการ bundle backend code ใน frontend applications
+// ใช้ subpath exports แทน:
+// - 'win-portal-auth-sdk/middleware' สำหรับ Express middleware
+// - 'win-portal-auth-sdk/nestjs' สำหรับ NestJS components

package/dist/nestjs/decorators/current-token.decorator.d.ts

@@ -0,0 +1,29 @@
+/**
+ * Current Token Decorator
+ *
+ * Parameter decorator to extract the current authentication token from the request.
+ * Requires that a guard has set request.token (e.g., OAuthAuthGuard).
+ */
+/**
+ * Current Token Decorator
+ *
+ * Extracts the authentication token from request.token.
+ * Returns null if no token is available.
+ *
+ * @example
+ * ```typescript
+ * @Controller('api')
+ * @UseGuards(OAuthAuthGuard)
+ * export class ApiController {
+ *   @Get('token-info')
+ *   getTokenInfo(@CurrentToken() token: string) {
+ *     return {
+ *       token: token.substring(0, 20) + '...',
+ *       length: token.length,
+ *     };
+ *   }
+ * }
+ * ```
+ */
+export declare const CurrentToken: any;
+//# sourceMappingURL=current-token.decorator.d.ts.map

package/dist/nestjs/decorators/current-token.decorator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"current-token.decorator.d.ts","sourceRoot":"","sources":["../../../src/nestjs/decorators/current-token.decorator.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAKH;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,eAAO,MAAM,YAAY,KAGvB,CAAC"}

package/dist/nestjs/decorators/current-token.decorator.js

@@ -0,0 +1,36 @@
+"use strict";
+/**
+ * Current Token Decorator
+ *
+ * Parameter decorator to extract the current authentication token from the request.
+ * Requires that a guard has set request.token (e.g., OAuthAuthGuard).
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CurrentToken = void 0;
+// @ts-expect-error - @nestjs/common is a peer dependency, will be available at runtime in NestJS apps
+const common_1 = require("@nestjs/common");
+/**
+ * Current Token Decorator
+ *
+ * Extracts the authentication token from request.token.
+ * Returns null if no token is available.
+ *
+ * @example
+ * ```typescript
+ * @Controller('api')
+ * @UseGuards(OAuthAuthGuard)
+ * export class ApiController {
+ *   @Get('token-info')
+ *   getTokenInfo(@CurrentToken() token: string) {
+ *     return {
+ *       token: token.substring(0, 20) + '...',
+ *       length: token.length,
+ *     };
+ *   }
+ * }
+ * ```
+ */
+exports.CurrentToken = (0, common_1.createParamDecorator)((data, ctx) => {
+    const request = ctx.switchToHttp().getRequest();
+    return request.token || null;
+});

package/dist/nestjs/decorators/current-user.decorator.d.ts

@@ -0,0 +1,26 @@
+/**
+ * Current User Decorator
+ *
+ * Parameter decorator to extract the current authenticated user from the request.
+ * Requires that a guard has set request.user (e.g., OAuthAuthGuard).
+ */
+/**
+ * Current User Decorator
+ *
+ * Extracts the authenticated user from request.user.
+ * Returns null if no user is authenticated.
+ *
+ * @example
+ * ```typescript
+ * @Controller('users')
+ * @UseGuards(OAuthAuthGuard)
+ * export class UsersController {
+ *   @Get('profile')
+ *   getProfile(@CurrentUser() user: User) {
+ *     return user;
+ *   }
+ * }
+ * ```
+ */
+export declare const CurrentUser: any;
+//# sourceMappingURL=current-user.decorator.d.ts.map

package/dist/nestjs/decorators/current-user.decorator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"current-user.decorator.d.ts","sourceRoot":"","sources":["../../../src/nestjs/decorators/current-user.decorator.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAMH;;;;;;;;;;;;;;;;;GAiBG;AACH,eAAO,MAAM,WAAW,KAKvB,CAAC"}