ecrs-auth-core

v1.0.59

Published

3 days ago

Centralized authentication and authorization module for ECRS apps

0High
0Medium
0Low

chetanyadnik

ashwinidhadge

nestjs auth jwt module ecrs

ECRS Auth Core

A centralized authentication and authorization module for NestJS applications, providing JWT-based authentication, role-based access control, and feature-level permissions.

Features

🔐 JWT-based authentication
👥 Role-based access control (RBAC)
🎯 Feature-level permissions
🛡️ Route-level security guards
📊 Module and screen permissions
🔧 Easy integration with TypeORM
📦 Fully typed with TypeScript

Installation

npm install ecrs-auth-core

Peer Dependencies

Make sure you have the following peer dependencies installed:

npm install @nestjs/common @nestjs/core @nestjs/passport @nestjs/typeorm bcrypt passport passport-jwt typeorm

Quick Start

1. Import the Auth Module

import { Module } from '@nestjs/common';
import { TypeOrmModule } from '@nestjs/typeorm';
import { AuthCoreModule } from 'ecrs-auth-core';

@Module({
  imports: [
    TypeOrmModule.forRoot({
      // your database configuration
    }),
    AuthCoreModule.forRoot({
      jwtSecret: 'your-jwt-secret',
      jwtExpiresIn: '1h',
    }),
  ],
})
export class AppModule {}

2. Include Entities in TypeORM

import {
  User,
  Role,
  Module as AuthModule,
  Feature,
  ModuleRoute,
  UserFeatureAccess,
  UserModuleAccess,
  ModuleScreenPermission,
} from 'ecrs-auth-core';

TypeOrmModule.forRoot({
  // ... other config
  entities: [
    User,
    Role,
    AuthModule,
    Feature,
    ModuleRoute,
    UserFeatureAccess,
    UserModuleAccess,
    ModuleScreenPermission,
  ],
});

3. Use Guards and Decorators

import { Controller, Get, Post, UseGuards } from '@nestjs/common';
import { 
  JwtAuthGuard, 
  RolesGuard, 
  FeatureGuard,
  Roles, 
  Feature, 
  CurrentUser,
  User 
} from 'ecrs-auth-core';

@Controller('protected')
@UseGuards(JwtAuthGuard)
export class ProtectedController {
  
  @Get('admin-only')
  @UseGuards(RolesGuard)
  @Roles('admin')
  adminOnlyEndpoint(@CurrentUser() user: User) {
    return { message: 'Admin access granted', user: user.username };
  }

  @Get('feature-protected')
  @UseGuards(FeatureGuard)
  @Feature('user-management')
  featureProtectedEndpoint(@CurrentUser() user: User) {
    return { message: 'Feature access granted' };
  }
}

Available Decorators

@CurrentUser()

Get the current authenticated user in your controller methods.

@Get('profile')
getProfile(@CurrentUser() user: User) {
  return user;
}

@Roles()

Restrict access based on user roles.

@Roles('admin', 'manager')
@UseGuards(RolesGuard)
adminEndpoint() {
  // Only admin and manager roles can access
}

@Feature()

Restrict access based on feature permissions.

@Feature('user-management')
@UseGuards(FeatureGuard)
userManagementEndpoint() {
  // Only users with user-management feature access
}

@HasPermission()

Check for specific permissions.

@HasPermission('CREATE_USER')
@UseGuards(PermissionGuard)
createUserEndpoint() {
  // Only users with CREATE_USER permission
}

@RoutePermission()

Route-level permission checking.

@RoutePermission('users', 'create')
@UseGuards(RouteGuard)
createUser() {
  // Route-specific permission checking
}

Available Guards

JwtAuthGuard: JWT token validation
RolesGuard: Role-based access control
FeatureGuard: Feature-based access control
PermissionGuard: Permission-based access control
RouteGuard: Route-level access control
ModuleGuard: Module-based access control

Authentication Service

The AuthService provides methods for user authentication and token management:

import { AuthService } from 'ecrs-auth-core';

@Injectable()
export class MyService {
  constructor(private authService: AuthService) {}

  async login(username: string, password: string) {
    return this.authService.validateUser(username, password);
  }

  async generateToken(user: User) {
    return this.authService.generateToken(user);
  }
}

Database Entities

The package includes the following TypeORM entities:

User: User account information
Role: User roles (admin, user, etc.)
Module: Application modules
Feature: Feature definitions
ModuleRoute: Module route mappings
UserFeatureAccess: User-feature access permissions
UserModuleAccess: User-module access permissions
ModuleScreenPermission: Screen-level permissions

Configuration Options

interface AuthCoreOptions {
  jwtSecret: string;
  jwtExpiresIn?: string;
  bcryptRounds?: number;
  // ... other options
}

Examples

Basic Setup with Custom Configuration

AuthCoreModule.forRoot({
  jwtSecret: process.env.JWT_SECRET,
  jwtExpiresIn: '24h',
  bcryptRounds: 12,
})

Using Multiple Guards

@UseGuards(JwtAuthGuard, RolesGuard, FeatureGuard)
@Roles('admin')
@Feature('advanced-settings')
@Get('advanced-admin')
advancedAdminEndpoint() {
  return { message: 'Multi-level security passed' };
}

License

MIT

Author

Chetan Yadnik

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

Support

For questions and support, please open an issue on GitHub.