# @cv/auth

Authentication and authorization package for the CV Generator monorepo.

## Overview

This package provides reusable authentication and authorization infrastructure that can be used across multiple applications in the monorepo. It includes user management, token handling, guards, policies, and identity provider system.

## Package Structure

```
src/
├── auth.module.ts           # Main module (global)
├── user/                    # User domain entities and services
│   ├── user.entity.ts
│   ├── user.service.ts
│   ├── user.mapper.ts
│   ├── credentials.entity.ts
│   ├── credentials.service.ts
│   └── credentials.mapper.ts
├── token/                   # Token management
│   ├── token.service.ts
│   ├── refresh-token.service.ts
│   ├── auth-cookie.service.ts
│   └── token-expiry.config.ts
├── guards/                  # Authentication guards
│   ├── jwt-auth.guard.ts
│   └── verified-scope.guard.ts
├── authorization/           # Authorization system
│   ├── authorization.service.ts
│   ├── policy-registry.service.ts
│   ├── policy.interface.ts
│   └── *-resource.policy.ts
├── providers/               # Identity providers
│   └── password/
│       ├── password-identity-provider.ts
│       ├── password-authentication.service.ts
│       └── credentials/     # Email templates and listeners
├── config/                  # Configuration services
├── cookie/                  # Cookie utilities
├── metadata/                # Device and location services
├── request/                 # Request decorators
├── jwt/                     # JWT utilities
└── errors/                  # Authentication/authorization errors
```

## Usage

### Installation

This package is part of the monorepo and is automatically available to other packages via npm workspaces.

### Importing

```typescript
import { AuthModule, JwtAuthGuard, UserService } from "@cv/auth";
```

### Global Module

`AuthModule` is marked as `@Global()`, which means once imported in the root module, all its exports are available throughout the application without needing to import it in every module.

### Key Exports

- **Modules**: `AuthModule`, `UserModule`, `TokenModule`, `AuthorizationModule`, `PasswordProviderModule`
- **Services**: `UserService`, `TokenService`, `AuthorizationService`, `PasswordAuthenticationService`
- **Guards**: `JwtAuthGuard`, `VerifiedScopeGuard`
- **Entities**: `User`, `Credentials`, `RefreshToken`
- **Utilities**: `RequestMetadata`, `CookieService`, `AuthCookieService`

## Dependencies

- **Peer Dependencies**: `@cv/system`, `@nestjs/common`, `@nestjs/core`, `@nestjs/jwt`, `@nestjs/config`
- **Internal Dependencies**: Only `@cv/system` (infrastructure layer)

## Architecture

This package follows the three-layer architecture:
- **Domain Layer**: Entities (`User`, `Credentials`, `RefreshToken`)
- **Service Layer**: Business logic services
- **Guard/Policy Layer**: NestJS guards and authorization policies

All entities are domain entities that contain business logic and rules, not Prisma models.