UNPKG

@mercury-labs/auth

Version:

Mercury framework auth library. It supports local auth, jwt with both bearer token and cookie, basic auth.

83 lines 4.16 kB
"use strict"; var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; return c > 3 && r && Object.defineProperty(target, key, r), r; }; var __metadata = (this && this.__metadata) || function (k, v) { if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v); }; var __param = (this && this.__param) || function (paramIndex, decorator) { return function (target, key) { decorator(target, key, paramIndex); } }; Object.defineProperty(exports, "__esModule", { value: true }); exports.JwtStrategy = exports.JWT_STRATEGY_NAME = void 0; const common_1 = require("@nestjs/common"); const passport_1 = require("@nestjs/passport"); const passport_jwt_1 = require("passport-jwt"); const rxjs_1 = require("rxjs"); const decorators_1 = require("../decorators"); const definitions_1 = require("../definitions"); const entities_1 = require("../entities"); const helpers_1 = require("../helpers"); const repositories_1 = require("../repositories"); const services_1 = require("../services"); exports.JWT_STRATEGY_NAME = 'jwt'; const cookieExtractor = (transferTokenMethod) => (request) => { if (transferTokenMethod === definitions_1.AuthTransferTokenMethod.BEARER_ONLY) { return null; } return ((0, helpers_1.getRequestCookie)(request, 'AccessToken') || null); }; const accessTokenHeaderExtractor = (transferTokenMethod) => (request) => { if (transferTokenMethod === definitions_1.AuthTransferTokenMethod.COOKIE_ONLY) { return null; } const authHeader = (0, helpers_1.getRequestHeader)(request, 'authorization'); if (!authHeader || typeof authHeader !== 'string') { return null; } if (authHeader.toLowerCase().startsWith('bearer ')) { return authHeader.substring('bearer '.length); } return authHeader; }; let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(passport_jwt_1.Strategy, exports.JWT_STRATEGY_NAME) { constructor(authDefinitions, authRepository, jwtService) { super({ jwtFromRequest: passport_jwt_1.ExtractJwt.fromExtractors([ cookieExtractor(authDefinitions.transferTokenMethod), accessTokenHeaderExtractor(authDefinitions.transferTokenMethod), ]), ignoreExpiration: false, secretOrKey: authDefinitions.jwt.secret, }); this.authDefinitions = authDefinitions; this.authRepository = authRepository; this.jwtService = jwtService; } async validate(payload) { try { return (0, rxjs_1.lastValueFrom)((0, rxjs_1.scheduled)((0, helpers_1.validateEntity)(payload, entities_1.JwtPayload), rxjs_1.asyncScheduler).pipe((0, rxjs_1.map)((res) => this.jwtService.decodeAccessTokenFromRawDecoded(res)), (0, rxjs_1.mergeMap)((validatedPayload) => { if (!(validatedPayload === null || validatedPayload === void 0 ? void 0 : validatedPayload.username)) { return (0, rxjs_1.of)(undefined); } return this.authRepository .getAuthUserByUsername(validatedPayload.username) .pipe((0, rxjs_1.map)((0, helpers_1.hideRedactedFields)(this.authDefinitions.redactedFields))); }))); } catch (error) { throw new common_1.UnauthorizedException(); } } }; JwtStrategy = __decorate([ (0, common_1.Injectable)(), __param(0, (0, decorators_1.InjectAuthDefinitions)()), __metadata("design:paramtypes", [Object, repositories_1.AuthRepository, services_1.TokenService]) ], JwtStrategy); exports.JwtStrategy = JwtStrategy; //# sourceMappingURL=jwt.strategy.js.map