@mercury-labs/auth
Version:
Mercury framework auth library. It supports local auth, jwt with both bearer token and cookie, basic auth.
106 lines • 4.67 kB
JavaScript
;
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __metadata = (this && this.__metadata) || function (k, v) {
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
};
var __param = (this && this.__param) || function (paramIndex, decorator) {
return function (target, key) { decorator(target, key, paramIndex); }
};
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.TokenService = void 0;
const hashing_1 = require("@mercury-labs/hashing");
const common_1 = require("@nestjs/common");
const jwt_1 = require("@nestjs/jwt");
const fp_1 = __importDefault(require("lodash/fp"));
const moment_1 = __importDefault(require("moment"));
const rxjs_1 = require("rxjs");
const decorators_1 = require("../decorators");
let TokenService = class TokenService {
constructor(authDefinitions, jwtService, hashTextService) {
this.authDefinitions = authDefinitions;
this.jwtService = jwtService;
this.hashTextService = hashTextService;
}
generateTokenResponse(userInfo) {
return (0, rxjs_1.forkJoin)([
this.generateAccessToken(userInfo),
this.generateRefreshToken(userInfo),
]).pipe((0, rxjs_1.map)(([accessToken, refreshToken]) => {
const jwtPayload = this.decodeAccessToken(accessToken);
return {
accessToken,
refreshToken,
expiryDate: (0, moment_1.default)(fp_1.default.toInteger(jwtPayload.exp) * 1000).toDate(),
};
}));
}
generateJwtToken(userInfo, expiresIn) {
return (0, rxjs_1.of)({
username: this.hashTextService.encode(userInfo[this.authDefinitions.usernameField || 'username']),
sub: this.hashTextService.encode(userInfo.id),
}).pipe((0, rxjs_1.map)((payload) => this.jwtService.sign(payload, {
...(this.authDefinitions.jwt.signOptions || {}),
expiresIn,
})));
}
generateAccessToken(userInfo) {
return this.generateJwtToken(userInfo, this.authDefinitions.jwt.expiresIn);
}
decodeAccessToken(token) {
return this.decodeAccessTokenFromRawDecoded(this.jwtService.decode(token));
}
decodeAccessTokenFromRawDecoded(rawPayload) {
const username = this.hashTextService.decode(rawPayload.username);
const sub = this.hashTextService.decode(rawPayload.sub);
if (username && sub) {
return {
...rawPayload,
username,
sub,
};
}
return undefined;
}
generateRefreshToken(userInfo) {
return this.generateJwtToken(userInfo, this.authDefinitions.jwt.refreshTokenExpiresIn).pipe((0, rxjs_1.map)((res) => this.hashTextService.encode(res)));
}
decodeRefreshToken(refreshToken) {
try {
return fp_1.default.pipe([
transform((token) => this.hashTextService.decode(token)),
transform((value) => value
? this.jwtService.decode(value)
: undefined),
transform((value) => value ? this.decodeAccessTokenFromRawDecoded(value) : undefined),
transform((value) => {
if ((value === null || value === void 0 ? void 0 : value.exp) && value.exp < (0, moment_1.default)().unix()) {
return undefined;
}
return value;
}),
])(refreshToken);
}
catch {
return undefined;
}
}
};
TokenService = __decorate([
(0, common_1.Injectable)(),
__param(0, (0, decorators_1.InjectAuthDefinitions)()),
__metadata("design:paramtypes", [Object, jwt_1.JwtService,
hashing_1.HashTextService])
], TokenService);
exports.TokenService = TokenService;
function transform(iteratee) {
return (value) => iteratee(value);
}
//# sourceMappingURL=token.service.js.map