@wristband/nestjs-auth
Version:
SDK for integrating your NestJS application with Wristband. Handles user authentication, session management, and token management.
145 lines (144 loc) • 5.91 kB
JavaScript
;
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var WristbandExpressSessionModule_1;
Object.defineProperty(exports, "__esModule", { value: true });
exports.WristbandExpressSessionModule = void 0;
const common_1 = require("@nestjs/common");
const session_middleware_1 = require("./session.middleware");
const constants_1 = require("../constants");
/**
* The WristbandExpressSessionModule is a dynamic NestJS module that provides session management
* for NestJS/Express-based applications using Wristband's secure session handling.
*
* This module configures and provides the `WristbandExpressSessionMiddleware`, which handles:
* - Encrypted session cookie creation and management
* - Session lifecycle (creation, updates, destruction)
* - Optional CSRF protection
* - Automatic session persistence
*
* The module is designed to be globally available, ensuring session functionality is accessible
* across all routes in your application.
*
* NOTE: Importing session-related components from '@wristband/nestjs-auth/session' automatically
* augments `Express.Request` with the `session` property for type safety.
*
* @remarks
* This module should typically be imported once in your root AppModule and applied globally
* via middleware configuration.
*
* @example
* ```typescript
* // Import and configure in AppModule
* import { Module } from '@nestjs/common';
* import { ConfigModule, ConfigService } from '@nestjs/config';
* import { WristbandExpressSessionModule } from '@wristband/nestjs-auth/session';
*
* @Module({
* imports: [
* ConfigModule.forRoot(),
* WristbandExpressSessionModule.forRootAsync({
* imports: [ConfigModule],
* useFactory: (configService: ConfigService) => ({
* secrets: configService.get('SESSION_SECRET'),
* secure: true,
* enableCsrfProtection: true,
* }),
* inject: [ConfigService],
* }),
* ],
* })
* export class AppModule implements NestModule {
* configure(consumer: MiddlewareConsumer) {
* consumer
* .apply(WristbandExpressSessionMiddleware)
* .forRoutes('*');
* }
* }
* ```
*
* @example
* ```typescript
* // Static configuration (not recommended for production)
* WristbandExpressSessionModule.forRootAsync({
* useFactory: () => ({
* secrets: 'your-session-secret',
* secure: false, // Only for development
* enableCsrfProtection: true,
* }),
* });
* ```
*
* @example
* ```typescript
* // Access session in controllers
* import '@wristband/nestjs-auth/session'; // Enable req.session typing
* import { Controller, Get, Req } from '@nestjs/common';
* import { Request } from 'express';
*
* @Controller('api')
* export class UserController {
* @Get('profile')
* getProfile(@Req() req: Request) {
* const { userId, tenantId } = req.session;
* return { userId, tenantId };
* }
* }
* ```
*/
let WristbandExpressSessionModule = WristbandExpressSessionModule_1 = class WristbandExpressSessionModule {
/**
* Configures and initializes the WristbandExpressSessionModule with async configuration.
*
* This method allows you to configure session options asynchronously, typically by injecting
* other services like ConfigService to read configuration from environment variables or
* configuration files.
*
* The module is registered globally, making the session middleware and configuration available
* throughout your application without needing to import it in every module.
*
* @param options - Async configuration options including useFactory, inject, and imports
* @param options.useFactory - Factory function that returns SessionOptions (sync or async)
* @param options.inject - Optional array of dependencies to inject into the factory function
* @param options.imports - Optional array of modules to import (e.g., ConfigModule)
* @returns A NestJS DynamicModule that provides and exports the session middleware and configuration
*
* @example
* ```typescript
* WristbandExpressSessionModule.forRootAsync({
* imports: [ConfigModule],
* useFactory: async (configService: ConfigService) => ({
* secrets: configService.get('SESSION_SECRET'),
* cookieName: 'my-session',
* secure: configService.get('NODE_ENV') === 'production',
* enableCsrfProtection: true,
* }),
* inject: [ConfigService],
* });
* ```
*/
static forRootAsync(options) {
return {
module: WristbandExpressSessionModule_1,
global: true,
imports: options.imports || [],
providers: [
{
provide: constants_1.SESSION_OPTIONS_TOKEN,
useFactory: options.useFactory,
inject: options.inject || [],
},
session_middleware_1.WristbandExpressSessionMiddleware,
],
exports: [constants_1.SESSION_OPTIONS_TOKEN, session_middleware_1.WristbandExpressSessionMiddleware],
};
}
};
exports.WristbandExpressSessionModule = WristbandExpressSessionModule;
exports.WristbandExpressSessionModule = WristbandExpressSessionModule = WristbandExpressSessionModule_1 = __decorate([
(0, common_1.Module)({})
], WristbandExpressSessionModule);