lbx-jwt/dist/lbx-jwt.component.js

Provides JWT authentication for loopback applications. Includes storing roles inside tokens and handling refreshing. Built-in reuse detection.

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.LbxJwtComponent = void 0;
const tslib_1 = require("tslib");
const authentication_1 = require("@loopback/authentication");
const core_1 = require("@loopback/core");
const keys_1 = require("./keys");
const repositories_1 = require("./repositories");
const password_reset_token_repository_1 = require("./repositories/password-reset-token.repository");
const services_1 = require("./services");
const access_token_service_1 = require("./services/access-token.service");
const jwt_auth_strategy_1 = require("./services/jwt.auth.strategy");
const security_spec_enhancer_1 = require("./services/security.spec.enhancer");
/**
 * Provides out of the box jwt functionality.
 * Includes roles inside the token and provides refresh and reuse detection.
 */
let LbxJwtComponent = class LbxJwtComponent {
    constructor(app) {
        this.app = app;
        // eslint-disable-next-line jsdoc/require-jsdoc
        this.bindings = [
            // access token bindings
            core_1.Binding.bind(keys_1.LbxJwtBindings.ACCESS_TOKEN_EXPIRES_IN_MS).to(keys_1.LbxJwtDefaultValues.ACCESS_TOKEN_EXPIRES_IN_MS),
            core_1.Binding.bind(keys_1.LbxJwtBindings.ACCESS_TOKEN_SERVICE).toClass(access_token_service_1.AccessTokenService),
            // user bindings
            core_1.Binding.bind(keys_1.LbxJwtBindings.BASE_USER_SERVICE).toClass(services_1.BaseUserService),
            core_1.Binding.bind(keys_1.LbxJwtBindings.BASE_USER_REPOSITORY).toClass(repositories_1.BaseUserRepository),
            core_1.Binding.bind(keys_1.LbxJwtBindings.CREDENTIALS_REPOSITORY).toClass(repositories_1.CredentialsRepository),
            core_1.Binding.bind(keys_1.LbxJwtBindings.BIOMETRIC_CREDENTIALS_REPOSITORY).toClass(repositories_1.BiometricCredentialsRepository),
            // refresh token bindings
            core_1.Binding.bind(keys_1.LbxJwtBindings.REFRESH_TOKEN_SERVICE).toClass(services_1.RefreshTokenService),
            core_1.Binding.bind(keys_1.LbxJwtBindings.REFRESH_TOKEN_EXPIRES_IN_MS).to(keys_1.LbxJwtDefaultValues.REFRESH_TOKEN_EXPIRES_IN_MS),
            core_1.Binding.bind(keys_1.LbxJwtBindings.REFRESH_TOKEN_ISSUER).to(keys_1.LbxJwtDefaultValues.REFRESH_TOKEN_ISSUER),
            core_1.Binding.bind(keys_1.LbxJwtBindings.REFRESH_TOKEN_REPOSITORY).toClass(repositories_1.RefreshTokenRepository),
            // password reset token bindings
            core_1.Binding.bind(keys_1.LbxJwtBindings.PASSWORD_RESET_TOKEN_EXPIRES_IN_MS).to(keys_1.LbxJwtDefaultValues.PASSWORD_RESET_TOKEN_EXPIRES_IN_MS),
            core_1.Binding.bind(keys_1.LbxJwtBindings.PASSWORD_RESET_TOKEN_REPOSITORY).toClass(password_reset_token_repository_1.PasswordResetTokenRepository),
            // two factor authentication bindings
            core_1.Binding.bind(keys_1.LbxJwtBindings.FORCE_TWO_FACTOR).to(false),
            core_1.Binding.bind(keys_1.LbxJwtBindings.FORCE_TWO_FACTOR_ALLOWED_ROUTES).to(['login']),
            core_1.Binding.bind(keys_1.LbxJwtBindings.TWO_FACTOR_HEADER).to('X-Authorization-2FA'),
            core_1.Binding.bind(keys_1.LbxJwtBindings.TWO_FACTOR_SERVICE).toClass(services_1.TwoFactorService),
            // OpenApi
            (0, core_1.createBindingFromClass)(security_spec_enhancer_1.SecuritySpecEnhancer)
        ];
        (0, authentication_1.registerAuthenticationStrategy)(app, jwt_auth_strategy_1.JwtAuthenticationStrategy);
    }
};
exports.LbxJwtComponent = LbxJwtComponent;
exports.LbxJwtComponent = LbxJwtComponent = tslib_1.__decorate([
    tslib_1.__param(0, (0, core_1.inject)(core_1.CoreBindings.APPLICATION_INSTANCE)),
    tslib_1.__metadata("design:paramtypes", [core_1.Application])
], LbxJwtComponent);
//# sourceMappingURL=lbx-jwt.component.js.map