JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 876
  • Score
    100M100P100Q96108F
  • License MIT

Centralized authentication and authorization module for ECRS apps

Package Exports

  • ecrs-auth-core
  • ecrs-auth-core/dist/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (ecrs-auth-core) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

ECRS Auth Core

A centralized authentication and authorization module for NestJS applications, providing JWT-based authentication, role-based access control, and feature-level permissions.

Features

  • 🔐 JWT-based authentication
  • 👥 Role-based access control (RBAC)
  • 🎯 Feature-level permissions
  • 🛡️ Route-level security guards
  • 📊 Module and screen permissions
  • 🔧 Easy integration with TypeORM
  • 📦 Fully typed with TypeScript

Installation

npm install ecrs-auth-core

Peer Dependencies

Make sure you have the following peer dependencies installed:

npm install @nestjs/common @nestjs/core @nestjs/passport @nestjs/typeorm bcrypt passport passport-jwt typeorm

Quick Start

1. Import the Auth Module

import { Module } from '@nestjs/common';
import { TypeOrmModule } from '@nestjs/typeorm';
import { AuthCoreModule } from 'ecrs-auth-core';

@Module({
  imports: [
    TypeOrmModule.forRoot({
      // your database configuration
    }),
    AuthCoreModule.forRoot({
      jwtSecret: 'your-jwt-secret',
      jwtExpiresIn: '1h',
    }),
  ],
})
export class AppModule {}

2. Include Entities in TypeORM

import {
  User,
  Role,
  Module as AuthModule,
  Feature,
  ModuleRoute,
  UserFeatureAccess,
  UserModuleAccess,
  ModuleScreenPermission,
} from 'ecrs-auth-core';

TypeOrmModule.forRoot({
  // ... other config
  entities: [
    User,
    Role,
    AuthModule,
    Feature,
    ModuleRoute,
    UserFeatureAccess,
    UserModuleAccess,
    ModuleScreenPermission,
  ],
});

3. Use Guards and Decorators

import { Controller, Get, Post, UseGuards } from '@nestjs/common';
import { 
  JwtAuthGuard, 
  RolesGuard, 
  FeatureGuard,
  Roles, 
  Feature, 
  CurrentUser,
  User 
} from 'ecrs-auth-core';

@Controller('protected')
@UseGuards(JwtAuthGuard)
export class ProtectedController {
  
  @Get('admin-only')
  @UseGuards(RolesGuard)
  @Roles('admin')
  adminOnlyEndpoint(@CurrentUser() user: User) {
    return { message: 'Admin access granted', user: user.username };
  }

  @Get('feature-protected')
  @UseGuards(FeatureGuard)
  @Feature('user-management')
  featureProtectedEndpoint(@CurrentUser() user: User) {
    return { message: 'Feature access granted' };
  }
}

Available Decorators

@CurrentUser()

Get the current authenticated user in your controller methods.

@Get('profile')
getProfile(@CurrentUser() user: User) {
  return user;
}

@Roles()

Restrict access based on user roles.

@Roles('admin', 'manager')
@UseGuards(RolesGuard)
adminEndpoint() {
  // Only admin and manager roles can access
}

@Feature()

Restrict access based on feature permissions.

@Feature('user-management')
@UseGuards(FeatureGuard)
userManagementEndpoint() {
  // Only users with user-management feature access
}

@HasPermission()

Check for specific permissions.

@HasPermission('CREATE_USER')
@UseGuards(PermissionGuard)
createUserEndpoint() {
  // Only users with CREATE_USER permission
}

@RoutePermission()

Route-level permission checking.

@RoutePermission('users', 'create')
@UseGuards(RouteGuard)
createUser() {
  // Route-specific permission checking
}

Available Guards

  • JwtAuthGuard: JWT token validation
  • RolesGuard: Role-based access control
  • FeatureGuard: Feature-based access control
  • PermissionGuard: Permission-based access control
  • RouteGuard: Route-level access control
  • ModuleGuard: Module-based access control

Authentication Service

The AuthService provides methods for user authentication and token management:

import { AuthService } from 'ecrs-auth-core';

@Injectable()
export class MyService {
  constructor(private authService: AuthService) {}

  async login(username: string, password: string) {
    return this.authService.validateUser(username, password);
  }

  async generateToken(user: User) {
    return this.authService.generateToken(user);
  }
}

Database Entities

The package includes the following TypeORM entities:

  • User: User account information
  • Role: User roles (admin, user, etc.)
  • Module: Application modules
  • Feature: Feature definitions
  • ModuleRoute: Module route mappings
  • UserFeatureAccess: User-feature access permissions
  • UserModuleAccess: User-module access permissions
  • ModuleScreenPermission: Screen-level permissions

Configuration Options

interface AuthCoreOptions {
  jwtSecret: string;
  jwtExpiresIn?: string;
  bcryptRounds?: number;
  // ... other options
}

Examples

Basic Setup with Custom Configuration

AuthCoreModule.forRoot({
  jwtSecret: process.env.JWT_SECRET,
  jwtExpiresIn: '24h',
  bcryptRounds: 12,
})

Using Multiple Guards

@UseGuards(JwtAuthGuard, RolesGuard, FeatureGuard)
@Roles('admin')
@Feature('advanced-settings')
@Get('advanced-admin')
advancedAdminEndpoint() {
  return { message: 'Multi-level security passed' };
}

License

MIT

Author

Chetan Yadnik

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

Support

For questions and support, please open an issue on GitHub.