UNPKG

@mercury-labs/auth

Version:

Mercury framework auth library. It supports local auth, jwt with both bearer token and cookie, basic auth.

84 lines 4.15 kB
"use strict"; var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; return c > 3 && r && Object.defineProperty(target, key, r), r; }; var __metadata = (this && this.__metadata) || function (k, v) { if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v); }; var __param = (this && this.__param) || function (paramIndex, decorator) { return function (target, key) { decorator(target, key, paramIndex); } }; var __importDefault = (this && this.__importDefault) || function (mod) { return (mod && mod.__esModule) ? mod : { "default": mod }; }; Object.defineProperty(exports, "__esModule", { value: true }); exports.RefreshTokenStrategy = exports.REFRESH_TOKEN_STRATEGY_NAME = void 0; const common_1 = require("@nestjs/common"); const passport_1 = require("@nestjs/passport"); const moment_1 = __importDefault(require("moment")); const passport_jwt_1 = require("passport-jwt"); const passport_strategy_1 = require("passport-strategy"); const rxjs_1 = require("rxjs"); const __1 = require(".."); const decorators_1 = require("../decorators"); const repositories_1 = require("../repositories"); const services_1 = require("../services"); exports.REFRESH_TOKEN_STRATEGY_NAME = 'mercury-refresh-token'; const cookieExtractor = (transferTokenMethod) => (request) => { if (transferTokenMethod === __1.AuthTransferTokenMethod.BEARER_ONLY) { return null; } return ((0, __1.getRequestCookie)(request, 'RefreshToken') || null); }; const refreshTokenHeaderExtractor = (transferTokenMethod) => (request) => { if (transferTokenMethod === __1.AuthTransferTokenMethod.COOKIE_ONLY) { return null; } return ((0, __1.getRequestHeader)(request, 'refresh-token') || null); }; let RefreshTokenStrategy = class RefreshTokenStrategy extends (0, passport_1.PassportStrategy)(passport_strategy_1.Strategy, exports.REFRESH_TOKEN_STRATEGY_NAME) { constructor(authDefinitions, authRepository, jwtService) { super(); this.authDefinitions = authDefinitions; this.authRepository = authRepository; this.jwtService = jwtService; this.jwtFromRequest = passport_jwt_1.ExtractJwt.fromExtractors([ cookieExtractor(authDefinitions.transferTokenMethod), refreshTokenHeaderExtractor(authDefinitions.transferTokenMethod), ]); } async authenticate(req, options) { const token = this.jwtFromRequest(req); const jwtPayload = token ? this.jwtService.decodeRefreshToken(token) : undefined; const user = jwtPayload ? await this.validate(jwtPayload) : undefined; if (!jwtPayload || !user) { this.fail(common_1.HttpStatus.UNAUTHORIZED); } else { this.success(user); } } async validate(payload) { return (0, rxjs_1.lastValueFrom)((0, rxjs_1.of)(payload).pipe((0, rxjs_1.mergeMap)((res) => { if ((0, moment_1.default)().isAfter((0, moment_1.default)(payload.exp * 1000).toDate())) { return (0, rxjs_1.of)(undefined); } return this.authRepository .getAuthUserByUsername(res.username) .pipe((0, rxjs_1.map)((0, __1.hideRedactedFields)(this.authDefinitions.redactedFields))); }))); } }; RefreshTokenStrategy = __decorate([ (0, common_1.Injectable)(), __param(0, (0, decorators_1.InjectAuthDefinitions)()), __metadata("design:paramtypes", [Object, repositories_1.AuthRepository, services_1.TokenService]) ], RefreshTokenStrategy); exports.RefreshTokenStrategy = RefreshTokenStrategy; //# sourceMappingURL=refresh-token.strategy.js.map