feat(session-management): WRK-11 Session management #6

.gitignore

@@ -49,3 +49,5 @@ infra/postgres
 .next
 out
 .yarn/install-state.gz
+.yarn
+.yarn/install-state.gz

apps/api/src/app/app.config.ts

@@ -4,7 +4,14 @@ import { ApplicationBootstrapOptions } from '../bootstrap';
 import 'dotenv/config';
 
 export default (): ApplicationBootstrapOptions => ({
-    port: parseInt(process.env[CONFIG_APP.SERVER_PORT]) || 3000,
+    port: parseInt(process.env[CONFIG_APP.SERVER_PORT]!) || 3000,
+    security: {
+        expiresIn: process.env[CONFIG_APP.SECURITY_EXPIRES_IN]!,
+        refreshIn: process.env[CONFIG_APP.SECURITY_REFRESH_IN]!,
+        bcryptSalt: process.env[CONFIG_APP.SECURITY_BCRYPT_SALT]!,
+        jwtRefreshSecret: process.env[CONFIG_APP.JWT_ACCESS_SECRET]!,
+        jwtAccessSecret: process.env[CONFIG_APP.JWT_REFRESH_SECRET]!,
+    },
     mail: {
         provider: process.env[CONFIG_APP.MAIL_INFRA] as MailInfraProvider,
         options: {
@@ -20,10 +27,10 @@ export default (): ApplicationBootstrapOptions => ({
         } as MailInfraProviderOptions,
     },
     database: {
-        host: process.env[CONFIG_APP.DB_HOST],
-        port: Number.parseInt(process.env[CONFIG_APP.DB_PORT]),
-        database: process.env[CONFIG_APP.DB_DATABASE],
-        user: process.env[CONFIG_APP.DB_USER],
-        password: process.env[CONFIG_APP.DB_PASSWORD],
+        host: process.env[CONFIG_APP.DB_HOST]!,
+        port: Number.parseInt(process.env[CONFIG_APP.DB_PORT]!),
+        database: process.env[CONFIG_APP.DB_DATABASE]!,
+        user: process.env[CONFIG_APP.DB_USER]!,
+        password: process.env[CONFIG_APP.DB_PASSWORD]!,
     },
 });

apps/api/src/app/app.module.ts

@@ -1,33 +1,73 @@
-import { Module } from '@nestjs/common';
 import { ConfigModule } from '@nestjs/config';
 import { AppController } from './app.controller';
 import { AppService } from './app.service';
 import { configSchema } from '@goran/config';
 import { ApplicationBootstrapOptions } from '../bootstrap';
 import { UsersModule } from '@goran/users';
-import { AuthenticationModule } from '@goran/security';
+import {
+    AuthenticationModule,
+    PasswordResetModule,
+    SessionsModule,
+    TokensModule,
+    PasswordModule,
+} from '@goran/security';
 import { DatabaseModule } from '@goran/drizzle-data-access';
 import { MailModule } from '@goran/mail';
+import { DeviceDetectorModule } from '@goran/device-detector';
+import { IpLocatorModule } from '@goran/ip-locator';
+import { CacheModule } from '@nestjs/cache-manager';
+import { JwtModule } from '@nestjs/jwt';
+import { CqrsModule } from '@nestjs/cqrs';
+import { LoggerModule } from 'nestjs-pino';
+import { PassportModule } from '@nestjs/passport';
 
-@Module({
-    imports: [ConfigModule],
-    controllers: [AppController],
-    providers: [AppService],
-})
 export class AppModule {
     static register(options: ApplicationBootstrapOptions) {
         return {
             module: AppModule,
+            controllers: [AppController],
+            providers: [AppService],
             imports: [
+                LoggerModule.forRoot({
+                    pinoHttp: {
+                        customProps: (req, res) => ({
+                            context: 'HTTP',
+                        }),
+                        transport: {
+                            target: 'pino-pretty',
+                            options: {
+                                singleLine: true,
+                            },
+                        },
+                    },
+                }),
+                CqrsModule.forRoot(),
                 ConfigModule.forRoot({
                     isGlobal: true,
                     envFilePath: ['.env', '.env.local'],
                     validationSchema: configSchema,
                 }),
-                UsersModule,
-                AuthenticationModule,
+                CacheModule.register({ isGlobal: true }),
                 DatabaseModule.forRoot(options.database),
                 MailModule.register(options.mail),
+                JwtModule.register({
+                    global: true,
+                    secret: options.security.jwtAccessSecret,
+                    signOptions: {
+                        expiresIn: options.security.expiresIn,
+                    },
+                }),
+                PassportModule.register({ global: true }),
+                UsersModule,
+                PasswordModule,
+                TokensModule,
+                IpLocatorModule,
+                DeviceDetectorModule,
+                SessionsModule.register({
+                    refreshIn: options.security.refreshIn,
+                }),
+                AuthenticationModule,
+                PasswordResetModule,
             ],
         };
     }

apps/api/src/bootstrap/application-bootstrap-options.interface.ts

@@ -1,8 +1,10 @@
 import { DatabaseOptions } from '@goran/drizzle-data-access';
 import { MailOptions } from '@goran/mail';
+import { SecurityOptions } from '@goran/security';
 
 export interface ApplicationBootstrapOptions {
     port: number;
+    security: SecurityOptions;
     mail: MailOptions;
     database: DatabaseOptions;
 }

apps/api/src/bootstrap/globals.ts

@@ -5,22 +5,25 @@ import {
 } from '@nestjs/common';
 import { Reflector } from '@nestjs/core';
 import cookieParser from 'cookie-parser';
+import { Logger, LoggerErrorInterceptor } from 'nestjs-pino';
 
 /**
  * Registers global pipes and interceptors, plus server conifguration
  *
  * @param app - Nestjs application object
  * @returns Modified and configured nestjs application object and certain parameters
  */
-export async function registerGlobals(app: INestApplication) {
-    const globalPrefix = 'api';
+export async function registerGlobals(
+    app: INestApplication,
+    globalPrefix: string
+) {
     app.enableCors();
     app.setGlobalPrefix(globalPrefix);
     app.use(cookieParser());
     app.useGlobalPipes(new ValidationPipe());
+    app.useLogger(app.get(Logger));
+    app.useGlobalInterceptors(new LoggerErrorInterceptor());
     app.useGlobalInterceptors(
         new ClassSerializerInterceptor(app.get(Reflector))
     );
-
-    return { app, globalPrefix };
 }

apps/api/src/main.ts

@@ -8,23 +8,24 @@ import appConfig from './app/app.config';
 
 async function bootstrap() {
     const logger = new Logger('BOOTSTRAP');
-
-    logger.log(goranBanner);
-
-    const config = appConfig();
-    const app = await NestFactory.create(AppModule.register(config));
+    const globalPrefix = 'api';
     const port = process.env[CONFIG_APP.SERVER_PORT] || 3000;
-    const { globalPrefix } = await registerGlobals(app);
-
-    setupSwagger(app);
+    const config = appConfig();
 
     logger.log(
-        `  Application is running on: http://localhost:${config.port}/${globalPrefix}`
-    );
-    logger.log(
-        `  Documentation is running on: http://localhost:${config.port}/docs`
+        goranBanner({
+            appLink: `http://localhost:${config.port}/${globalPrefix}`,
+            docsLink: `http://localhost:${config.port}/docs`,
+        })
     );
 
+    const app = await NestFactory.create(AppModule.register(config), {
+        bufferLogs: true,
+    });
+    await registerGlobals(app, globalPrefix);
+
+    setupSwagger(app);
+
     await app.listen(port);
 }
 

libs/core/security/README.md

@@ -1,6 +1,9 @@
-# security
+# @goran/security
 
-This library was generated with [Nx](https://nx.dev).
+-   Session Management
+-   SecurityMetrics
+-   Password Reset
+-   Authentication
 
 ## Running unit tests
 

libs/core/security/src/lib/authentication/application/commands/index.ts

@@ -1,5 +1,3 @@
-export * from './request-password-reset';
-export * from './verify-password-reset-attempt';
-export * from './reset-password';
-export * from './signup';
-export * from './signin';
+export * from './sign-up';
+export * from './sign-in';
+export * from './sign-out';

libs/core/security/src/lib/authentication/application/commands/sign-in/index.ts

@@ -0,0 +1,2 @@
+export * from './sign-in.command-handler';
+export * from './sign-in.command';