UNPKG

@mercury-labs/nest-auth

Version:

Mercury framework auth library. It supports local auth, jwt with both bearer token and cookie, basic auth.

github.com/duysolo/mercury-auth

duysolo/mercury-auth

101 lines 5.55 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
"use strict"; var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; return c > 3 && r && Object.defineProperty(target, key, r), r; }; var __metadata = (this && this.__metadata) || function (k, v) { if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v); }; var __param = (this && this.__param) || function (paramIndex, decorator) { return function (target, key) { decorator(target, key, paramIndex); } }; Object.defineProperty(exports, "__esModule", { value: true }); exports.AuthGlobalGuard = exports.IS_REFRESH_TOKEN_KEY = exports.IS_API_KEY = exports.IS_PUBLIC_WITH_OPTIONAL_USER_KEY = exports.IS_PUBLIC_KEY = exports.IS_INTERNAL_ONLY = void 0; const common_1 = require("@nestjs/common"); const core_1 = require("@nestjs/core"); const rxjs_1 = require("rxjs"); const decorators_1 = require("../decorators"); const index_1 = require("../index"); const auth_basic_guard_1 = require("./auth.basic.guard"); const auth_jwt_guard_1 = require("./auth.jwt.guard"); const auth_refresh_token_guard_1 = require("./auth.refresh-token.guard"); exports.IS_INTERNAL_ONLY = 'isInternalOnly'; exports.IS_PUBLIC_KEY = 'isPublic'; exports.IS_PUBLIC_WITH_OPTIONAL_USER_KEY = 'isPublicWithOptionalUser'; exports.IS_API_KEY = 'isApiKey'; exports.IS_REFRESH_TOKEN_KEY = 'isRefreshToken'; let AuthGlobalGuard = exports.AuthGlobalGuard = class AuthGlobalGuard { constructor(_reflector, _authJwtGuard, _basicAuthGuard, _authApiKeyGuard, _refreshTokenGuard, _graphqlAuthJwtGuard, _graphqlAuthRefreshTokenGuard, _options) { this._reflector = _reflector; this._authJwtGuard = _authJwtGuard; this._basicAuthGuard = _basicAuthGuard; this._authApiKeyGuard = _authApiKeyGuard; this._refreshTokenGuard = _refreshTokenGuard; this._graphqlAuthJwtGuard = _graphqlAuthJwtGuard; this._graphqlAuthRefreshTokenGuard = _graphqlAuthRefreshTokenGuard; this._options = _options; } canActivate(context) { var _a, _b, _c; const isPublic = this._reflector.getAllAndOverride(exports.IS_PUBLIC_KEY, [ context.getHandler(), context.getClass(), ]); const req = context.switchToHttp().getRequest(); if (isPublic || ((_a = this._options.ignoredRoutes) === null || _a === void 0 ? void 0 : _a.includes((_b = req === null || req === void 0 ? void 0 : req.raw) === null || _b === void 0 ? void 0 : _b.originalUrl))) { return true; } const contextType = context.getType(); const isInternalOnly = this._reflector.getAllAndOverride(exports.IS_INTERNAL_ONLY, [context.getHandler(), context.getClass()]); if (isInternalOnly) { return this._basicAuthGuard.canActivate(context); } const isApiKey = this._reflector.getAllAndOverride(exports.IS_API_KEY, [context.getHandler(), context.getClass()]); if (isApiKey) { return this._authApiKeyGuard.canActivate(context); } if (!((_c = this._options) === null || _c === void 0 ? void 0 : _c.jwt)) { return true; } const isRefreshToken = this._reflector.getAllAndOverride(exports.IS_REFRESH_TOKEN_KEY, [context.getHandler(), context.getClass()]); if (isRefreshToken) { if (contextType === 'graphql') { return this._graphqlAuthRefreshTokenGuard.canActivate(context); } return this._refreshTokenGuard.canActivate(context); } const isPublicWithOptionalUser = this._reflector.getAllAndOverride(exports.IS_PUBLIC_WITH_OPTIONAL_USER_KEY, [context.getHandler(), context.getClass()]); if (contextType === 'graphql') { return this.handleJwtRequestWithOptionalUser(this._graphqlAuthJwtGuard, context, isPublicWithOptionalUser); } return this.handleJwtRequestWithOptionalUser(this._authJwtGuard, context, isPublicWithOptionalUser); } handleJwtRequestWithOptionalUser(handler, context, isPublicWithOptionalUser) { return handleJwtRequest(handler, context).pipe((0, rxjs_1.map)((res) => { return isPublicWithOptionalUser ? true : res; }), (0, rxjs_1.catchError)((error) => { if (isPublicWithOptionalUser) { return (0, rxjs_1.of)(true); } return (0, rxjs_1.throwError)(() => error); })); } }; exports.AuthGlobalGuard = AuthGlobalGuard = __decorate([ (0, common_1.Injectable)(), __param(7, (0, decorators_1.InjectAuthDefinitions)()), __metadata("design:paramtypes", [core_1.Reflector, auth_jwt_guard_1.AuthJwtGuard, auth_basic_guard_1.AuthBasicGuard, index_1.AuthApiKeyGuard, auth_refresh_token_guard_1.AuthRefreshTokenGuard, index_1.GraphqlAuthJwtGuard, index_1.GraphqlAuthRefreshTokenGuard, Object]) ], AuthGlobalGuard); function handleJwtRequest(handler, context) { return (0, rxjs_1.forkJoin)([handler.canActivate(context)]).pipe((0, rxjs_1.map)(([res]) => res)); } //# sourceMappingURL=auth.global.guard.js.map