@nxtoai/jwtette/dist/auth.middleware.js

JWT authentication package for NxtoAI microservices

"use strict";
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
    return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __metadata = (this && this.__metadata) || function (k, v) {
    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.AuthMiddleware = void 0;
const common_1 = require("@nestjs/common");
const config_1 = require("@nestjs/config");
const jwt_helper_1 = require("./jwt.helper");
const aag_1 = require("@nxtoai/aag");
const jwt_service_1 = require("./jwt.service");
let AuthMiddleware = class AuthMiddleware {
    constructor(configService, jwtService, jwtHelper, aag) {
        this.configService = configService;
        this.jwtService = jwtService;
        this.jwtHelper = jwtHelper;
        this.aag = aag;
    }
    async use(req, res, next) {
        const skipJwtEndpoints = this.configService.get('JWTETTE_MODULE_OPTIONS.skipJwtEndpoints') || [];
        const path = req.path;
        const method = req.method;
        const endpoint = `${method}:${path}`;
        if (skipJwtEndpoints.includes(path) || skipJwtEndpoints.includes(endpoint)) {
            this.aag.debug(`Skipping JWT validation for endpoint: ${endpoint}`);
            return next();
        }
        const authHeader = req.headers.authorization;
        if (!authHeader) {
            this.aag.warn(`No authorization header found for endpoint: ${endpoint}`);
            throw new common_1.UnauthorizedException('No authorization header');
        }
        const [type, token] = authHeader.split(' ');
        if (type !== 'Bearer' || !token) {
            this.aag.warn(`Invalid authorization header format for endpoint: ${endpoint}`);
            throw new common_1.UnauthorizedException('Invalid authorization header format');
        }
        try {
            const payload = this.jwtService.verify(token);
            const isBlacklisted = await this.jwtHelper.isTokenBlacklisted(token);
            if (isBlacklisted) {
                this.aag.warn(`Blacklisted token used for endpoint: ${endpoint}`);
                throw new common_1.UnauthorizedException('Token has been invalidated');
            }
            req['user'] = payload;
            this.aag.debug(`JWT validation successful for endpoint: ${endpoint}`);
            next();
        }
        catch (error) {
            this.aag.error(`JWT validation failed for endpoint: ${endpoint}`, error.stack);
            throw new common_1.UnauthorizedException('Invalid token');
        }
    }
};
exports.AuthMiddleware = AuthMiddleware;
exports.AuthMiddleware = AuthMiddleware = __decorate([
    (0, common_1.Injectable)(),
    __metadata("design:paramtypes", [config_1.ConfigService,
        jwt_service_1.JwtService,
        jwt_helper_1.JwtHelper,
        aag_1.AagService])
], AuthMiddleware);
//# sourceMappingURL=auth.middleware.js.map