0.0.1 • Published 8 months ago

iammmmmm v0.0.1

Weekly downloads
-
License
Oxinus.io
Repository
gitlab
Last release
8 months ago

OXINUS IAM Module

The OXINUS IAM Module is a npm package designed to streamline JWT validation, HMAC authentication, authorization guards, and policy handlers for routes in your application. This module automatically validates tokens and HMAC authentication and authorizes policies based on token information for any routes.

Installation

To install the IAM Module, use npm:

npm install @oxinus-io/iam

Usage

App Module Configuration

After installing the package, import it into your app.module.ts and configure it using IamModule.forRoot with a ConfigService instance:

import { Module } from '@nestjs/common';
import { IamModule } from '@oxinus-io/iam';
import { ConfigService } from '@nestjs/config';

@Module({
  imports: [
    IamModule.forRoot(new ConfigService())
  ],
})
export class AppModule {}

Feature Module Configuration

In your feature modules, you can import JWT or HMAC guards as needed:

import { Module } from '@nestjs/common';
import { JwtAuthGuard, HmacMiddleware } from '@oxinus-io/iam';

@Module({
  providers: [JwtAuthGuard, HmacMiddleware],
})
export class FeatureModule {}

Controller and Method Level Guards

To use guards at the controller or method level, utilize the @UseGuards decorator:

import { Controller, Get, UseGuards } from '@nestjs/common';
import { AuthGuard, PoliciesGuard } from '@oxinus-io/iam';

@Controller('example')
export class ExampleController {
  
  @Get()
  @UseGuards(AuthGuard, PoliciesGuard)
  findAll() {
    // Your logic here
  }
}

Policy Checking

To check policies at the method level, use the @CheckPolicies decorator. The first parameter is the scope, the second is the action, and the last optional parameter is the specific parameter:

import { Controller, Get, Param } from '@nestjs/common';
import { CheckPolicies } from '@oxinus-io/iam';

@Controller('users')
export class UserController {
  
  @Get(':id')
  @CheckPolicies(new PolicyHandler('User', 'getOne', 'id'))
  findOne(@Param('id') id: string) {
    // Your logic here
  }
}

Google Cloud Pub/Sub Publisher

Installation

Import and configure the module in your app.module.ts:

import { Module } from '@nestjs/common';
import { ConfigModule, ConfigService } from '@nestjs/config';
import { PubSubSubscriberModule } from '@oxinus-io/iam';

@Module({
  imports: [
    ConfigModule.forRoot({
      isGlobal: true,
    }),
      PublisherModule.forRootAsync({
          imports: [ConfigModule],
          useFactory: async (configService: ConfigService) => ({
              projectId: configService.get<string>('GOOGLE_CLOUD_PROJECT_ID'),
              defaultTopic: configService.get<string>('PUBSUB_TOPIC_NAME'),
              credentials: JSON.parse(
                  configService.get<string>('GOOGLE_AUTH_CREDENTIALS'),
              ),
          }),
          inject: [ConfigService],
      }),
  ],
})
export class AppModule {}

You can now publish events using the EventEmitter service:

import { Injectable } from '@nestjs/common';

@Injectable()
export class UsersService {
    constructor(private readonly publisherService: PublisherService) {}
  async handleUserCreated(userData: any) {
      await this.publisherService.publish('USER_CREATED', { userData });
    // Handle user creation event
  }
}

Google Cloud Pub/Sub Subscriber

Installation

Import and configure the module in your app.module.ts:

import { Module } from '@nestjs/common';
import { ConfigModule, ConfigService } from '@nestjs/config';
import { PubSubSubscriberModule } from '@oxinus-io/iam';

@Module({
  imports: [
    ConfigModule.forRoot({
      isGlobal: true,
    }),
    PubSubSubscriberModule.forRootAsync({
      imports: [ConfigModule],
      inject: [ConfigService],
      useFactory: (configService: ConfigService) => ({
        projectId: configService.get<string>('GOOGLE_CLOUD_PROJECT_ID'),
        keyFilename: configService.get<string>('GOOGLE_CLOUD_KEY_FILE'),
        topicName: configService.get<string>('PUBSUB_TOPIC_NAME'),
        subscriptionPrefix: configService.get<string>('PUBSUB_SUBSCRIPTION_PREFIX'),
      }),
    }),
  ],
})
export class AppModule {}

Create event handlers in your services:

import { Injectable } from '@nestjs/common';
import { OnEvent } from '@nestjs/event-emitter';

@Injectable()
export class UsersSyncService {
  @OnEvent('USER_CREATED')
  handleUserCreated(userData: any) {
    console.log('New user created:', userData);
    // Handle user creation event
  }
}

Summary

The OXINUS IAM Module provides a comprehensive solution for JWT validation, HMAC authentication, authorization guards, and policy handling. By following the configuration steps, you can ensure secure and organized access control in your application.

iam
@casl/ability@nestjs/config@nestjs/jwt@nestjs/passport@nestjs/platform-fastifyaxiosioredispassportpassport-jwttypeorm
0.0.1

8 months ago