UNPKG

@mridang/nestjs-auth

Version:

A comprehensive Auth.js integration for NestJS applications with TypeScript support, framework-agnostic HTTP adapters, and role-based access control

github.com/mridang/nestjs-auth

mridang/nestjs-auth

111 lines 3.51 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
import { createParamDecorator, SetMetadata } from '@nestjs/common'; import { AuthSession as AuthSessionClass } from './auth.session.js'; export const IS_PUBLIC_KEY = Symbol('isPublic'); export const REQUIRED_ROLES_KEY = Symbol('requiredRoles'); /** * Marks a route as publicly accessible, bypassing authentication requirements. * * Routes decorated with `@Public()` will not require a valid session and will * be accessible to unauthenticated users. This decorator should be used sparingly * and only for endpoints that genuinely need to be public (e.g., login, health checks). * * @example * ```ts * @Controller('auth') * export class AuthController { * @Get('login') * @Public() * getLoginPage() { * return { message: 'Login page' }; * } * } * ``` * * @returns A method decorator that sets the 'isPublic' metadata to true */ export const Public = () => SetMetadata(IS_PUBLIC_KEY, true); /** * Restricts route access to users with specific roles. * * Users must have at least one of the specified roles to access the decorated route. * The roles are checked against the user's roles array in their session. If the user * has no roles or none of the required roles, access will be denied. * * @param roles - One or more role names that are allowed to access this route * * @example * ```ts * @Controller('admin') * export class AdminController { * @Get('users') * @RequireRoles('admin', 'moderator') * getUsers() { * return { users: [] }; * } * * @Delete('user/:id') * @RequireRoles('admin') * deleteUser(@Param('id') id: string) { * // Only admin role can delete users * } * } * ``` * * @returns A method decorator that sets the 'requiredRoles' metadata */ export const RequireRoles = (...roles) => SetMetadata(REQUIRED_ROLES_KEY, roles); /** * Injects the current Auth.js session into the route handler parameter. * * This decorator extracts the session object from the request and injects it * as a parameter into your route handler. The session contains user information, * expiration data, and other Auth.js session properties. * * Returns `null` if no valid session exists (user is not authenticated). * Access the user data via `session.user` and session metadata via other properties. * * @param data - Optional data parameter (not used in this implementation) * @param ctx - The execution context provided by NestJS * * @example * ```ts * @Controller('profile') * export class ProfileController { * @Get('me') * getCurrentUser(@AuthSession() session: Session | null) { * if (!session) { * throw new UnauthorizedException('Not authenticated'); * } * * return { * user: session.user, * expires: session.expires, * // Access other session properties as needed * }; * } * * @Get('dashboard') * getDashboard(@AuthSession() session: Session | null) { * const user = session?.user; * if (!user) { * throw new UnauthorizedException(); * } * * return { * welcome: `Hello, ${user.name}!`, * email: user.email, * roles: user.roles || [] * }; * } * } * ``` * * @returns The current session object or null if no session exists */ export const AuthSession = createParamDecorator((_data, ctx) => { const request = ctx .switchToHttp() .getRequest(); return (AuthSessionClass.fromCore(request.session)?.toJSON() ?? null); }); //# sourceMappingURL=auth.decorators.js.map