@bitwild/rockets-auth
Version:
Rockets Auth - Complete authentication and authorization solution for NestJS with JWT, OAuth, OTP, role-based access control, and more
86 lines • 4.42 kB
JavaScript
;
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __metadata = (this && this.__metadata) || function (k, v) {
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
};
var __param = (this && this.__param) || function (paramIndex, decorator) {
return function (target, key) { decorator(target, key, paramIndex); }
};
var RocketsJwtAuthProvider_1;
Object.defineProperty(exports, "__esModule", { value: true });
exports.RocketsJwtAuthProvider = void 0;
const common_1 = require("@nestjs/common");
const nestjs_authentication_1 = require("@concepta/nestjs-authentication");
const nestjs_user_1 = require("@concepta/nestjs-user");
const nestjs_role_1 = require("@concepta/nestjs-role");
let RocketsJwtAuthProvider = RocketsJwtAuthProvider_1 = class RocketsJwtAuthProvider {
constructor(verifyTokenService, userModelService, roleService, roleModelService) {
this.verifyTokenService = verifyTokenService;
this.userModelService = userModelService;
this.roleService = roleService;
this.roleModelService = roleModelService;
this.logger = new common_1.Logger(RocketsJwtAuthProvider_1.name);
}
async validateToken(token) {
try {
const payload = await this.verifyTokenService.accessToken(token);
if (!payload || !payload.sub) {
this.logger.warn('Invalid token payload - missing sub claim');
throw new common_1.UnauthorizedException('Invalid token payload');
}
const user = await this.userModelService.bySubject(payload.sub);
if (!user) {
this.logger.warn(`User not found for subject: ${payload.sub}`);
throw new common_1.UnauthorizedException('User not found');
}
const assignedRoleIds = await this.roleService.getAssignedRoles({
assignment: 'user',
assignee: {
id: user.id,
},
});
let roleNames = [];
if (assignedRoleIds && assignedRoleIds.length > 0) {
const roleIds = assignedRoleIds.map((role) => role.id);
const roles = await this.roleModelService.find({
where: roleIds.map((id) => ({ id })),
});
roleNames = roles.map((role) => role.name);
}
const authorizedUser = {
id: user.id,
sub: payload.sub,
email: user.email,
userRoles: roleNames.map((name) => ({ role: { name } })),
claims: Object.assign({}, payload),
};
this.logger.log(`Successfully validated token for user: ${payload.sub}`);
return authorizedUser;
}
catch (error) {
this.logger.error(`Token validation failed: ${error || 'Unknown error'}`);
if (error instanceof common_1.UnauthorizedException) {
throw error;
}
throw new common_1.UnauthorizedException('Token validation failed');
}
}
};
exports.RocketsJwtAuthProvider = RocketsJwtAuthProvider;
exports.RocketsJwtAuthProvider = RocketsJwtAuthProvider = RocketsJwtAuthProvider_1 = __decorate([
(0, common_1.Injectable)(),
__param(0, (0, common_1.Inject)(nestjs_authentication_1.VerifyTokenService)),
__param(1, (0, common_1.Inject)(nestjs_user_1.UserModelService)),
__param(2, (0, common_1.Inject)(nestjs_role_1.RoleService)),
__param(3, (0, common_1.Inject)(nestjs_role_1.RoleModelService)),
__metadata("design:paramtypes", [nestjs_authentication_1.VerifyTokenService,
nestjs_user_1.UserModelService,
nestjs_role_1.RoleService,
nestjs_role_1.RoleModelService])
], RocketsJwtAuthProvider);
//# sourceMappingURL=rockets-jwt-auth.provider.js.map