@wristband/nestjs-auth
Version:
SDK for integrating your NestJS application with Wristband. Handles user authentication, session management, and token management.
102 lines (101 loc) • 4.38 kB
JavaScript
;
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __metadata = (this && this.__metadata) || function (k, v) {
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
};
var __param = (this && this.__param) || function (paramIndex, decorator) {
return function (target, key) { decorator(target, key, paramIndex); }
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.WristbandExpressSessionMiddleware = void 0;
const common_1 = require("@nestjs/common");
const session_1 = require("@wristband/express-auth/session");
const constants_1 = require("../constants");
/**
* NestJS middleware for Wristband session management.
*
* This middleware wraps the Wristband express-auth session middleware to provide session
* functionality in NestJS applications. It handles session creation, persistence, and
* management using secure, encrypted cookies.
*
* The middleware automatically:
* - Creates and manages encrypted session cookies
* - Handles session lifecycle (creation, updates, destruction)
* - Supports CSRF protection when enabled
* - Provides session data access via `req.session`
*
* NOTE: Importing this middleware automatically augments `Express.Request` with the `session` property.
*
* @remarks
* This middleware should be applied globally in your application to ensure sessions are
* available to all routes. It is typically configured through `WristbandExpressSessionModule`.
*
* @see {@link WristbandExpressSessionModule} for module configuration
* @see {@link SessionOptions} for available session configuration options
*
* @example
* ```typescript
* // Apply globally in AppModule
* export class AppModule implements NestModule {
* configure(consumer: MiddlewareConsumer) {
* consumer
* .apply(WristbandExpressSessionMiddleware)
* .forRoutes('*');
* }
* }
* ```
*
* @example
* ```typescript
* // Access session in a controller
* import '@wristband/nestjs-auth/session'; // Enable req.session typing
*
* @Controller('api')
* export class MyController {
* @Get('user')
* getUser(@Req() req: Request) {
* const userId = req.session.userId;
* return { userId };
* }
* }
* ```
*/
let WristbandExpressSessionMiddleware = class WristbandExpressSessionMiddleware {
/**
* Creates an instance of WristbandExpressSessionMiddleware.
*
* The session middleware is created once during construction and reused for all requests,
* ensuring optimal performance and consistent session behavior.
*
* @param sessionOptions - Configuration options for session management, injected via SESSION_OPTIONS_TOKEN
*/
constructor(sessionOptions) {
this.sessionMiddleware = (0, session_1.createWristbandSession)(sessionOptions);
}
/**
* Middleware handler that processes session for each request.
*
* This method is called for every request that passes through this middleware.
* It delegates to the underlying Wristband session middleware to handle session
* creation, retrieval, and persistence.
*
* @param req - Express request object
* @param res - Express response object
* @param next - Express next function to pass control to the next middleware
* @returns Promise that resolves when session processing is complete
*/
async use(req, res, next) {
return this.sessionMiddleware(req, res, next);
}
};
exports.WristbandExpressSessionMiddleware = WristbandExpressSessionMiddleware;
exports.WristbandExpressSessionMiddleware = WristbandExpressSessionMiddleware = __decorate([
(0, common_1.Injectable)(),
__param(0, (0, common_1.Inject)(constants_1.SESSION_OPTIONS_TOKEN)),
__metadata("design:paramtypes", [Object])
], WristbandExpressSessionMiddleware);