UNPKG

mongodb-dynamic-api

Version:

Auto generated CRUD API for MongoDB using NestJS

mikedev75015.github.io

MikeDev75015/mongodb-dynamic-api

70 lines 2.81 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.JwtSocketGuard = void 0; const jwt_1 = require("@nestjs/jwt"); const websockets_1 = require("@nestjs/websockets"); const lodash_1 = require("lodash"); const dynamic_api_module_1 = require("../dynamic-api.module"); const logger_1 = require("../logger"); class JwtSocketGuard { constructor(isPublic = false) { this.isPublic = isPublic; this.logger = new logger_1.MongoDBDynamicApiLogger(JwtSocketGuard.name); } async canActivate(context) { const [socket] = context.getArgs(); this.logger.debug('canActivate', { isPublic: this.isPublic, socketId: socket?.id, }); if (!this.isPublic) { this.logger.debug('Checking user from socket query'); const user = await this.getUserFromSocket(socket); if ((0, lodash_1.isEmpty)(user)) { this.logger.warn('No user data'); throw new websockets_1.WsException('Unauthorized'); } socket.user = user; } return true; } async getUserFromSocket(socket) { const accessToken = this.getAccessTokenFromSocketQuery(socket); return this.extractUserFromToken(accessToken); } getAccessTokenFromSocketQuery(socket) { const accessToken = socket.handshake.query.accessToken; this.logger.debug('getAccessTokenFromSocketQuery', { accessToken: !!accessToken, }); if (!accessToken) { this.logger.warn('No access token provided in socket query'); throw new websockets_1.WsException('Unauthorized'); } return accessToken; } async extractUserFromToken(accessToken) { this.logger.debug('extractUserFromToken', { accessToken: !!accessToken }); const jwtService = new jwt_1.JwtService({ secret: dynamic_api_module_1.DynamicApiModule.state.get('jwtSecret'), signOptions: { expiresIn: dynamic_api_module_1.DynamicApiModule.state.get('jwtExpirationTime'), }, }); try { const { iat, exp, ...user } = await jwtService.verifyAsync(accessToken, { secret: dynamic_api_module_1.DynamicApiModule.state.get('jwtSecret'), ignoreExpiration: false, }); this.logger.debug('User extracted from token', { userEmail: user?.email }); return user; } catch (e) { this.logger.warn('extractUserFromToken jwtService.verify error'); this.logger.warn(e.message); throw new websockets_1.WsException('Unauthorized'); } } } exports.JwtSocketGuard = JwtSocketGuard; //# sourceMappingURL=jwt-socket.guard.js.map