6abc0e6071
* feat: restart cmd added in aio service * feat: nestjs config package added * test: fix all broken test case * feat: infra config module add with get-update-reset functionality * test: fix test case failure * feat: update infra configs mutation added * feat: utilise ConfigService in util functions * chore: remove saml stuff * feat: removed saml stuffs * fix: config service precedence * fix: mailer module init with right env value * feat: added mutations and query * feat: add query infra-configs * fix: mailer module init issue * chore: smtp url validation added * fix: all sso disabling is handled * fix: pnpm i without db connection * fix: allowedAuthProviders and enableAndDisableSSO * fix: validateSMTPUrl check * feat: get api added for fetch provider list * feat: feedback resolve * chore: update code comments * fix: uppercase issue of VITE_ALLOWED_AUTH_PROVIDERS * chore: update lockfile * fix: add validation checks for MAILER_ADDRESS_FROM * test: fix test case * chore: feedback resolve * chore: renamed an enum * chore: app shutdown way changed --------- Co-authored-by: Andrew Bastin <andrewbastin.k@gmail.com>
51 lines
1.4 KiB
TypeScript
51 lines
1.4 KiB
TypeScript
import { ExtractJwt, Strategy } from 'passport-jwt';
|
|
import { PassportStrategy } from '@nestjs/passport';
|
|
import {
|
|
Injectable,
|
|
ForbiddenException,
|
|
UnauthorizedException,
|
|
} from '@nestjs/common';
|
|
import { AccessTokenPayload } from 'src/types/AuthTokens';
|
|
import { UserService } from 'src/user/user.service';
|
|
import { AuthService } from '../auth.service';
|
|
import { Request } from 'express';
|
|
import * as O from 'fp-ts/Option';
|
|
import {
|
|
COOKIES_NOT_FOUND,
|
|
INVALID_ACCESS_TOKEN,
|
|
USER_NOT_FOUND,
|
|
} from 'src/errors';
|
|
import { ConfigService } from '@nestjs/config';
|
|
|
|
@Injectable()
|
|
export class JwtStrategy extends PassportStrategy(Strategy, 'jwt') {
|
|
constructor(
|
|
private usersService: UserService,
|
|
private configService: ConfigService,
|
|
) {
|
|
super({
|
|
jwtFromRequest: ExtractJwt.fromExtractors([
|
|
(request: Request) => {
|
|
const ATCookie = request.cookies['access_token'];
|
|
if (!ATCookie) {
|
|
throw new ForbiddenException(COOKIES_NOT_FOUND);
|
|
}
|
|
return ATCookie;
|
|
},
|
|
]),
|
|
secretOrKey: configService.get('JWT_SECRET'),
|
|
});
|
|
}
|
|
|
|
async validate(payload: AccessTokenPayload) {
|
|
if (!payload) throw new ForbiddenException(INVALID_ACCESS_TOKEN);
|
|
|
|
const user = await this.usersService.findUserById(payload.sub);
|
|
if (O.isNone(user)) {
|
|
throw new UnauthorizedException(USER_NOT_FOUND);
|
|
}
|
|
|
|
return user.value;
|
|
}
|
|
}
|