novuhq · ChmaraX · Feb 4, 2025 · Jan 31, 2025 · Feb 1, 2025 · Feb 1, 2025
diff --git a/apps/api/src/app/auth/auth.controller.ts b/apps/api/src/app/auth/auth.controller.ts
@@ -21,14 +21,7 @@ import { MemberEntity, MemberRepository, UserRepository } from '@novu/dal';
 import { AuthGuard } from '@nestjs/passport';
 import { PasswordResetFlowEnum, UserSessionData } from '@novu/shared';
 import { ApiExcludeController, ApiTags } from '@nestjs/swagger';
-import {
-  AuthService,
-  buildOauthRedirectUrl,
-  SwitchEnvironment,
-  SwitchEnvironmentCommand,
-  SwitchOrganization,
-  SwitchOrganizationCommand,
-} from '@novu/application-generic';
+import { buildOauthRedirectUrl } from '@novu/application-generic';
 import { UserRegistrationBodyDto } from './dtos/user-registration.dto';
 import { UserRegister } from './usecases/register/user-register.usecase';
 import { UserRegisterCommand } from './usecases/register/user-register.command';
@@ -47,6 +40,11 @@ import { UpdatePasswordBodyDto } from './dtos/update-password.dto';
 import { UpdatePassword } from './usecases/update-password/update-password.usecase';
 import { UpdatePasswordCommand } from './usecases/update-password/update-password.command';
 import { UserAuthentication } from '../shared/framework/swagger/api.key.security';
+import { SwitchEnvironmentCommand } from './usecases/switch-environment/switch-environment.command';
+import { SwitchEnvironment } from './usecases/switch-environment/switch-environment.usecase';
+import { SwitchOrganizationCommand } from './usecases/switch-organization/switch-organization.command';
+import { SwitchOrganization } from './usecases/switch-organization/switch-organization.usecase';
+import { AuthService } from './services/auth.service';
 
 @ApiCommonResponses()
 @Controller('/auth')

diff --git a/apps/api/src/app/auth/community.auth.module.config.ts b/apps/api/src/app/auth/community.auth.module.config.ts
@@ -4,7 +4,6 @@ import { PassportModule } from '@nestjs/passport';
 import passport from 'passport';
 
 import { AuthProviderEnum, PassportStrategyEnum } from '@novu/shared';
-import { AuthService, RolesGuard, injectCommunityAuthProviders } from '@novu/application-generic';
 
 import { JwtStrategy } from './services/passport/jwt.strategy';
 import { AuthController } from './auth.controller';
@@ -17,6 +16,9 @@ import { EnvironmentsModuleV1 } from '../environments-v1/environments-v1.module'
 import { JwtSubscriberStrategy } from './services/passport/subscriber-jwt.strategy';
 import { RootEnvironmentGuard } from './framework/root-environment-guard.service';
 import { ApiKeyStrategy } from './services/passport/apikey.strategy';
+import { injectCommunityAuthProviders } from './inject-auth-providers';
+import { AuthService } from './services/auth.service';
+import { RolesGuard } from './framework/roles.guard';
 
 const AUTH_STRATEGIES: Provider[] = [JwtStrategy, ApiKeyStrategy, JwtSubscriberStrategy];
 

diff --git a/apps/api/src/app/auth/ee.auth.module.config.ts b/apps/api/src/app/auth/ee.auth.module.config.ts
@@ -1,17 +1,14 @@
 /* eslint-disable global-require */
-import {
-  AuthService,
-  SwitchEnvironment,
-  SwitchOrganization,
-  PlatformException,
-  cacheService,
-  RolesGuard,
-} from '@novu/application-generic';
+import { PlatformException, cacheService } from '@novu/application-generic';
 import { MiddlewareConsumer, ModuleMetadata } from '@nestjs/common';
 import { RootEnvironmentGuard } from './framework/root-environment-guard.service';
 import { ApiKeyStrategy } from './services/passport/apikey.strategy';
 import { JwtSubscriberStrategy } from './services/passport/subscriber-jwt.strategy';
 import { OrganizationModule } from '../organization/organization.module';
+import { SwitchEnvironment } from './usecases/switch-environment/switch-environment.usecase';
+import { SwitchOrganization } from './usecases/switch-organization/switch-organization.usecase';
+import { AuthService } from './services/auth.service';
+import { RolesGuard } from './framework/roles.guard';
 
 function getEEAuthProviders() {
   const eeAuthPackage = require('@novu/ee-auth');

diff --git a/...ervices/auth/community.user.auth.guard.ts → ...th/framework/community.user.auth.guard.ts b/...ervices/auth/community.user.auth.guard.ts → ...th/framework/community.user.auth.guard.ts
@@ -1,27 +1,14 @@
-import {
-  ExecutionContext,
-  Injectable,
-  UnauthorizedException,
-} from '@nestjs/common';
+import { ExecutionContext, Injectable, UnauthorizedException } from '@nestjs/common';
 import { AuthGuard, IAuthModuleOptions } from '@nestjs/passport';
 import { Reflector } from '@nestjs/core';
-import {
-  ApiAuthSchemeEnum,
-  IJwtClaims,
-  PassportStrategyEnum,
-  HandledUser,
-  NONE_AUTH_SCHEME,
-} from '@novu/shared';
-import { PinoLogger } from '../../logging';
+import { ApiAuthSchemeEnum, IJwtClaims, PassportStrategyEnum, HandledUser, NONE_AUTH_SCHEME } from '@novu/shared';
+import { PinoLogger } from '@novu/application-generic';
 
 @Injectable()
-export class CommunityUserAuthGuard extends AuthGuard([
-  PassportStrategyEnum.JWT,
-  PassportStrategyEnum.HEADER_API_KEY,
-]) {
+export class CommunityUserAuthGuard extends AuthGuard([PassportStrategyEnum.JWT, PassportStrategyEnum.HEADER_API_KEY]) {
   constructor(
     private readonly reflector: Reflector,
-    private readonly logger: PinoLogger,
+    private readonly logger: PinoLogger
   ) {
     super();
   }
@@ -42,12 +29,8 @@ export class CommunityUserAuthGuard extends AuthGuard([
           defaultStrategy: PassportStrategyEnum.JWT,
         };
       case ApiAuthSchemeEnum.API_KEY: {
-        const apiEnabled = this.reflector.get<boolean>(
-          'external_api_accessible',
-          context.getHandler(),
-        );
-        if (!apiEnabled)
-          throw new UnauthorizedException('API endpoint not available');
+        const apiEnabled = this.reflector.get<boolean>('external_api_accessible', context.getHandler());
+        if (!apiEnabled) throw new UnauthorizedException('API endpoint not available');
 
         return {
           session: false,
@@ -57,9 +40,7 @@ export class CommunityUserAuthGuard extends AuthGuard([
       case NONE_AUTH_SCHEME:
         throw new UnauthorizedException('Missing authorization header');
       default:
-        throw new UnauthorizedException(
-          `Invalid authentication scheme: "${authScheme}"`,
-        );
+        throw new UnauthorizedException(`Invalid authentication scheme: "${authScheme}"`);
     }
   }
 
@@ -68,9 +49,10 @@ export class CommunityUserAuthGuard extends AuthGuard([
     user: IJwtClaims | false,
     info: any,
     context: ExecutionContext,
-    status?: any,
+    status?: any
   ): TUser {
     let handledUser: HandledUser;
+
     if (typeof user === 'object') {
       /**
        * This helps with sentry and other tools that need to know who the user is based on `id` property.
@@ -79,7 +61,7 @@ export class CommunityUserAuthGuard extends AuthGuard([
         ...user,
         id: user._id,
         username: (user.firstName || '').trim(),
-        domain: user.email?.split('@')[1],
+        domain: user.email?.split('@')[1] || '',
       };
     } else {
       handledUser = user;

diff --git a/...-generic/src/services/auth/roles.guard.ts → ...api/src/app/auth/framework/roles.guard.ts b/...-generic/src/services/auth/roles.guard.ts → ...api/src/app/auth/framework/roles.guard.ts
diff --git a/apps/api/src/app/auth/framework/root-environment-guard.service.ts b/apps/api/src/app/auth/framework/root-environment-guard.service.ts
@@ -1,9 +1,9 @@
-import { CanActivate, ExecutionContext, forwardRef, Inject, Injectable, UnauthorizedException } from '@nestjs/common';
-import { AuthService } from '@novu/application-generic';
+import { CanActivate, ExecutionContext, Injectable, UnauthorizedException } from '@nestjs/common';
+import { AuthService } from '../services/auth.service';
 
 @Injectable()
 export class RootEnvironmentGuard implements CanActivate {
-  constructor(@Inject(forwardRef(() => AuthService)) private authService: AuthService) {}
+  constructor(private authService: AuthService) {}
 
   async canActivate(context: ExecutionContext) {
     const request = context.switchToHttp().getRequest();

diff --git a/apps/api/src/app/auth/framework/user.auth.guard.ts b/apps/api/src/app/auth/framework/user.auth.guard.ts
@@ -1,3 +1,29 @@
-import { UserAuthGuard } from '@novu/application-generic';
+import { Injectable, ExecutionContext, Inject } from '@nestjs/common';
+import { IAuthGuard } from '@nestjs/passport';
+import { Observable } from 'rxjs';
+import { UserSessionData } from '@novu/shared';
+import { Instrument } from '@novu/application-generic';
 
-export { UserAuthGuard };
+@Injectable()
+export class UserAuthGuard {
+  constructor(@Inject('USER_AUTH_GUARD') private authGuard: IAuthGuard) {}
+
+  @Instrument()
+  canActivate(context: ExecutionContext): boolean | Promise<boolean> | Observable<boolean> {
+    return this.authGuard.canActivate(context);
+  }
+
+  getAuthenticateOptions(context: ExecutionContext) {
+    return this.authGuard.getAuthenticateOptions(context);
+  }
+
+  handleRequest<TUser = UserSessionData>(
+    err: any,
+    user: UserSessionData | false,
+    info: any,
+    context: ExecutionContext,
+    status?: any
+  ): TUser {
+    return this.authGuard.handleRequest(err, user, info, context, status);
+  }
+}
diff --git a/...eneric/src/utils/inject-auth-providers.ts → ...api/src/app/auth/inject-auth-providers.ts b/...eneric/src/utils/inject-auth-providers.ts → ...api/src/app/auth/inject-auth-providers.ts
@@ -10,14 +10,10 @@ import {
   MemberRepository,
   OrganizationRepository,
 } from '@novu/dal';
-import { PinoLogger } from '../logging';
-import {
-  AnalyticsService,
-  CommunityAuthService,
-  CommunityUserAuthGuard,
-} from '../services';
-import { CreateUser, SwitchOrganization } from '../usecases';
-
+import { PinoLogger, CreateUser, AnalyticsService } from '@novu/application-generic';
+import { CommunityUserAuthGuard } from './framework/community.user.auth.guard';
+import { SwitchOrganization } from './usecases/switch-organization/switch-organization.usecase';
+import { CommunityAuthService } from './services/community.auth.service';
 /**
  * Injects community auth providers, or providers handling user management (services, repositories, guards ...) into the application.
  * This function is closely related to its enterprise counterpart:
@@ -28,7 +24,7 @@ import { CreateUser, SwitchOrganization } from '../usecases';
 export function injectCommunityAuthProviders(
   { repositoriesOnly }: { repositoriesOnly?: boolean } = {
     repositoriesOnly: true,
-  },
+  }
 ) {
   const userRepositoryProvider = {
     provide: 'USER_REPOSITORY',
@@ -56,7 +52,7 @@ export function injectCommunityAuthProviders(
       organizationRepository: OrganizationRepository,
       environmentRepository: EnvironmentRepository,
       memberRepository: MemberRepository,
-      switchOrganizationUsecase: SwitchOrganization,
+      switchOrganizationUsecase: SwitchOrganization
     ) => {
       return new CommunityAuthService(
         userRepository,
@@ -67,7 +63,7 @@ export function injectCommunityAuthProviders(
         organizationRepository,
         environmentRepository,
         memberRepository,
-        switchOrganizationUsecase,
+        switchOrganizationUsecase
       );
     },
     inject: [
@@ -92,11 +88,7 @@ export function injectCommunityAuthProviders(
   };
 
   if (repositoriesOnly) {
-    return [
-      userRepositoryProvider,
-      memberRepositoryProvider,
-      organizationRepositoryProvider,
-    ];
+    return [userRepositoryProvider, memberRepositoryProvider, organizationRepositoryProvider];
   }
 
   return [

diff --git a/...generic/src/services/auth/auth.service.ts → ...api/src/app/auth/services/auth.service.ts b/...generic/src/services/auth/auth.service.ts → ...api/src/app/auth/services/auth.service.ts
@@ -1,12 +1,7 @@
 import { Inject, Injectable } from '@nestjs/common';
 import { MemberEntity, SubscriberEntity, UserEntity } from '@novu/dal';
-import {
-  AuthProviderEnum,
-  AuthenticateContext,
-  ISubscriberJwt,
-  UserSessionData,
-} from '@novu/shared';
-import { IAuthService } from './auth.service.interface';
+import { AuthProviderEnum, AuthenticateContext, ISubscriberJwt, UserSessionData } from '@novu/shared';
+import { IAuthService } from '@novu/application-generic';
 
 @Injectable()
 export class AuthService implements IAuthService {
@@ -24,30 +19,17 @@ export class AuthService implements IAuthService {
       id: string;
     },
     distinctId: string,
-    authContext: AuthenticateContext = {},
+    authContext: AuthenticateContext = {}
   ): Promise<{ newUser: boolean; token: string }> {
-    return this.authService.authenticate(
-      authProvider,
-      accessToken,
-      refreshToken,
-      profile,
-      distinctId,
-      authContext,
-    );
+    return this.authService.authenticate(authProvider, accessToken, refreshToken, profile, distinctId, authContext);
   }
 
   refreshToken(userId: string): Promise<string> {
     return this.authService.refreshToken(userId);
   }
 
-  isAuthenticatedForOrganization(
-    userId: string,
-    organizationId: string,
-  ): Promise<boolean> {
-    return this.authService.isAuthenticatedForOrganization(
-      userId,
-      organizationId,
-    );
+  isAuthenticatedForOrganization(userId: string, organizationId: string): Promise<boolean> {
+    return this.authService.isAuthenticatedForOrganization(userId, organizationId);
   }
 
   getUserByApiKey(apiKey: string): Promise<UserSessionData> {
@@ -66,21 +48,16 @@ export class AuthService implements IAuthService {
     user: UserEntity,
     organizationId?: string,
     member?: MemberEntity,
-    environmentId?: string,
+    environmentId?: string
   ): Promise<string> {
-    return this.authService.getSignedToken(
-      user,
-      organizationId,
-      member,
-      environmentId,
-    );
+    return this.authService.getSignedToken(user, organizationId, member, environmentId);
   }
 
   validateUser(payload: UserSessionData): Promise<UserEntity> {
     return this.authService.validateUser(payload);
   }
 
-  validateSubscriber(payload: ISubscriberJwt): Promise<SubscriberEntity> {
+  validateSubscriber(payload: ISubscriberJwt): Promise<SubscriberEntity | null> {
     return this.authService.validateSubscriber(payload);
   }