@mercury-labs/auth
Version:
Mercury framework auth library. It supports local auth, jwt with both bearer token and cookie, basic auth.
83 lines • 4.16 kB
JavaScript
;
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __metadata = (this && this.__metadata) || function (k, v) {
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
};
var __param = (this && this.__param) || function (paramIndex, decorator) {
return function (target, key) { decorator(target, key, paramIndex); }
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.JwtStrategy = exports.JWT_STRATEGY_NAME = void 0;
const common_1 = require("@nestjs/common");
const passport_1 = require("@nestjs/passport");
const passport_jwt_1 = require("passport-jwt");
const rxjs_1 = require("rxjs");
const decorators_1 = require("../decorators");
const definitions_1 = require("../definitions");
const entities_1 = require("../entities");
const helpers_1 = require("../helpers");
const repositories_1 = require("../repositories");
const services_1 = require("../services");
exports.JWT_STRATEGY_NAME = 'jwt';
const cookieExtractor = (transferTokenMethod) => (request) => {
if (transferTokenMethod === definitions_1.AuthTransferTokenMethod.BEARER_ONLY) {
return null;
}
return ((0, helpers_1.getRequestCookie)(request, 'AccessToken') || null);
};
const accessTokenHeaderExtractor = (transferTokenMethod) => (request) => {
if (transferTokenMethod === definitions_1.AuthTransferTokenMethod.COOKIE_ONLY) {
return null;
}
const authHeader = (0, helpers_1.getRequestHeader)(request, 'authorization');
if (!authHeader || typeof authHeader !== 'string') {
return null;
}
if (authHeader.toLowerCase().startsWith('bearer ')) {
return authHeader.substring('bearer '.length);
}
return authHeader;
};
let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(passport_jwt_1.Strategy, exports.JWT_STRATEGY_NAME) {
constructor(authDefinitions, authRepository, jwtService) {
super({
jwtFromRequest: passport_jwt_1.ExtractJwt.fromExtractors([
cookieExtractor(authDefinitions.transferTokenMethod),
accessTokenHeaderExtractor(authDefinitions.transferTokenMethod),
]),
ignoreExpiration: false,
secretOrKey: authDefinitions.jwt.secret,
});
this.authDefinitions = authDefinitions;
this.authRepository = authRepository;
this.jwtService = jwtService;
}
async validate(payload) {
try {
return (0, rxjs_1.lastValueFrom)((0, rxjs_1.scheduled)((0, helpers_1.validateEntity)(payload, entities_1.JwtPayload), rxjs_1.asyncScheduler).pipe((0, rxjs_1.map)((res) => this.jwtService.decodeAccessTokenFromRawDecoded(res)), (0, rxjs_1.mergeMap)((validatedPayload) => {
if (!(validatedPayload === null || validatedPayload === void 0 ? void 0 : validatedPayload.username)) {
return (0, rxjs_1.of)(undefined);
}
return this.authRepository
.getAuthUserByUsername(validatedPayload.username)
.pipe((0, rxjs_1.map)((0, helpers_1.hideRedactedFields)(this.authDefinitions.redactedFields)));
})));
}
catch (error) {
throw new common_1.UnauthorizedException();
}
}
};
JwtStrategy = __decorate([
(0, common_1.Injectable)(),
__param(0, (0, decorators_1.InjectAuthDefinitions)()),
__metadata("design:paramtypes", [Object, repositories_1.AuthRepository,
services_1.TokenService])
], JwtStrategy);
exports.JwtStrategy = JwtStrategy;
//# sourceMappingURL=jwt.strategy.js.map