Merge pull request #69 from teacoder-team/dev

Dev

Author: TeaCoder52

package.json

@@ -28,6 +28,8 @@
 	},
 	"dependencies": {
 		"@aws-sdk/client-s3": "^3.693.0",
+		"@fingerprintjs/fingerprintjs-pro-server-api": "^6.10.0",
+		"@minilibs/ip2geo": "^0.0.6",
 		"@nest-lab/throttler-storage-redis": "^1.1.0",
 		"@nestjs-modules/mailer": "^2.0.2",
 		"@nestjs/axios": "^4.0.0",
@@ -55,12 +57,14 @@
 		"ejs": "^3.1.10",
 		"form-data": "4.0.4",
 		"geoip-country": "^5.0.202412202341",
+		"geoip-lite": "^1.4.10",
 		"handlebars": "^4.7.8",
 		"helmet": "^8.0.0",
 		"hi-base32": "^0.5.1",
 		"ioredis": "^5.4.1",
 		"ip-cidr": "^4.0.2",
 		"liquidjs": "^10.23.0",
+		"location-from-ip": "^1.0.1",
 		"mjml": "^4.16.1",
 		"nalog.ru": "^1.0.1",
 		"nestjs-cloudflare-captcha": "^0.0.10",

src/api/api.module.ts

@@ -5,7 +5,12 @@ import { ScheduleModule } from '@nestjs/schedule'
 import { ThrottlerModule } from '@nestjs/throttler'
 import { TurnstileModule } from 'nestjs-cloudflare-captcha'
 
-import { getThrottlerConfig, getTurnstileConfig } from '@/config'
+import {
+	getFingerprintConfig,
+	getThrottlerConfig,
+	getTurnstileConfig
+} from '@/config'
+import { FingerprintModule } from '@/libs/fingerprint/fingerprint.module'
 import { EnhancedThrottlerGuard } from '@/shared/guards'
 
 import { AccountModule } from './auth/account/account.module'
@@ -32,6 +37,11 @@ import { UsersModule } from './users/users.module'
 			useFactory: getTurnstileConfig,
 			inject: [ConfigService]
 		}),
+		FingerprintModule.forRootAsync({
+			imports: [ConfigModule],
+			useFactory: getFingerprintConfig,
+			inject: [ConfigService]
+		}),
 		ScheduleModule.forRoot(),
 		AccountModule,
 		SsoModule,

src/api/auth/account/account.service.ts

@@ -66,7 +66,7 @@ export class AccountService {
 	}
 
 	public async create(dto: CreateUserRequest, ip: string, userAgent: string) {
-		const { name, email, password } = dto
+		const { name, email, password, visitorId, requestId } = dto
 
 		// const { valid } = await validate(email)
 
@@ -93,11 +93,12 @@ export class AccountService {
 			}
 		})
 
-		const session = await this.redisService.createSession(
-			user,
+		const session = await this.redisService.createSession(user, {
 			ip,
-			userAgent
-		)
+			userAgent,
+			visitorId: visitorId ?? null,
+			requestId: requestId ?? null
+		})
 
 		const userSession = await this.redisService.getUserSession(session.id)
 

src/api/auth/account/dto/create-user.dto.ts

@@ -2,6 +2,7 @@ import { ApiProperty } from '@nestjs/swagger'
 import {
 	IsEmail,
 	IsNotEmpty,
+	IsOptional,
 	IsString,
 	MaxLength,
 	MinLength
@@ -51,6 +52,24 @@ export class CreateUserRequest {
 	@IsString({ message: 'Капча должна быть строкой' })
 	@IsNotEmpty({ message: 'Капча обязательна' })
 	public captcha: string
+
+	@ApiProperty({
+		description: 'Fingerprint visitor ID',
+		example: 'g8GhE1JtVZ9xYkLm',
+		required: false
+	})
+	@IsString({ message: 'visitorId должен быть строкой' })
+	@IsOptional()
+	public visitorId?: string
+
+	@ApiProperty({
+		description: 'Fingerprint request ID',
+		example: 'dbe7b3b8-22f4-4b89-9db9-f8e3798a2b1e',
+		required: false
+	})
+	@IsString({ message: 'requestId должен быть строкой' })
+	@IsOptional()
+	public requestId?: string
 }
 
 export class CreateUserResponse extends LoginSessionResponse {}

src/api/auth/mfa/mfa.service.ts

@@ -299,11 +299,12 @@ export class MfaService {
 			)
 		}
 
-		const session = await this.redisService.createSession(
-			user,
+		const session = await this.redisService.createSession(user, {
 			ip,
-			userAgent
-		)
+			userAgent,
+			visitorId: ticket.visitorId ?? null,
+			requestId: ticket.requestId ?? null
+		})
 
 		await this.redisService.del(`mfa_tickets:${dto.ticket}`)
 

src/api/auth/session/dto/login.dto.ts

@@ -2,6 +2,7 @@ import { ApiExtraModels, ApiProperty, getSchemaPath } from '@nestjs/swagger'
 import {
 	IsEmail,
 	IsNotEmpty,
+	IsOptional,
 	IsString,
 	MaxLength,
 	MinLength
@@ -42,6 +43,24 @@ export class LoginRequest {
 	@IsString({ message: 'Капча должна быть строкой' })
 	@IsNotEmpty({ message: 'Капча обязательна' })
 	public captcha: string
+
+	@ApiProperty({
+		description: 'Fingerprint visitor ID',
+		example: 'g8GhE1JtVZ9xYkLm',
+		required: false
+	})
+	@IsString({ message: 'visitorId должен быть строкой' })
+	@IsOptional()
+	public visitorId?: string
+
+	@ApiProperty({
+		description: 'Fingerprint request ID',
+		example: 'dbe7b3b8-22f4-4b89-9db9-f8e3798a2b1e',
+		required: false
+	})
+	@IsString({ message: 'requestId должен быть строкой' })
+	@IsOptional()
+	public requestId?: string
 }
 
 export class LoginSessionResponse implements Session {

src/api/auth/session/session.service.ts

@@ -17,12 +17,11 @@ import { LoginRequest } from './dto'
 export class SessionService {
 	public constructor(
 		private readonly prismaService: PrismaService,
-		private readonly redisService: RedisService,
-		private readonly configService: ConfigService
+		private readonly redisService: RedisService
 	) {}
 
 	public async login(dto: LoginRequest, ip: string, userAgent: string) {
-		const { email, password } = dto
+		const { email, password, requestId, visitorId } = dto
 
 		const user = await this.prismaService.user.findFirst({
 			where: {
@@ -64,17 +63,22 @@ export class SessionService {
 
 			const ticket = await this.redisService.createMfaTicket(
 				user.id,
-				allowedMethods
+				allowedMethods,
+				{
+					visitorId,
+					requestId
+				}
 			)
 
 			return ticket
 		}
 
-		const session = await this.redisService.createSession(
-			user,
+		const session = await this.redisService.createSession(user, {
 			ip,
-			userAgent
-		)
+			userAgent,
+			visitorId: visitorId ?? null,
+			requestId: requestId ?? null
+		})
 
 		return session
 	}
@@ -123,11 +127,10 @@ export class SessionService {
 			return ticket
 		}
 
-		const session = await this.redisService.createSession(
-			admin,
+		const session = await this.redisService.createSession(admin, {
 			ip,
 			userAgent
-		)
+		})
 
 		return session
 	}
@@ -232,8 +235,8 @@ export class SessionService {
 			return {
 				id: session.id,
 				createdAt: userSession.createdAt,
-				country: userSession.geo.name,
-				city: userSession.geo.capital,
+				country: userSession.geo.country,
+				city: userSession.geo.city,
 				browser: userSession.browser.name,
 				os: userSession.os.name
 			}

src/api/auth/sso/dto/index.ts

@@ -1,3 +1,4 @@
 export * from './sso-connect.dto'
+export * from './sso-login.dto'
 export * from './sso-status.dto'
 export * from './telegram-auth.dto'

src/api/auth/sso/dto/sso-login.dto.ts

@@ -0,0 +1,30 @@
+import { ApiProperty } from '@nestjs/swagger'
+import { IsOptional, IsString } from 'class-validator'
+
+export class SsoLoginRequest {
+	@ApiProperty({
+		description: 'Visitor fingerprint ID',
+		example: 'visitor-123456'
+	})
+	@IsOptional()
+	@IsString()
+	public visitorId?: string
+
+	@ApiProperty({
+		description: 'Request ID for fingerprint tracking',
+		example: 'req-987654'
+	})
+	@IsOptional()
+	@IsString()
+	public requestId?: string
+}
+
+export class SsoLoginResponse {
+	@ApiProperty({
+		description:
+			'The URL for authorization via the external provider (e.g., Google, GitHub)',
+		example:
+			'https://auth.example.com/oauth/authorize?client_id=xyz123&redirect_uri=https://example.com/callback'
+	})
+	public url: string
+}

src/api/auth/sso/dto/telegram-auth.dto.ts

@@ -59,6 +59,22 @@ export class TelegramAuthRequest {
 	})
 	@IsString()
 	public hash: string
+
+	@ApiProperty({
+		description: 'Visitor fingerprint ID',
+		example: 'visitor-123456'
+	})
+	@IsOptional()
+	@IsString()
+	public visitorId?: string
+
+	@ApiProperty({
+		description: 'Request ID for fingerprint tracking',
+		example: 'req-987654'
+	})
+	@IsOptional()
+	@IsString()
+	public requestId?: string
 }
 
 export class TelegramAuthResponse extends LoginSessionResponse {}