nest-supabase-guard
Version:
Auth guard for NestJS using supabase
86 lines • 4.4 kB
JavaScript
;
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __metadata = (this && this.__metadata) || function (k, v) {
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
};
var __param = (this && this.__param) || function (paramIndex, decorator) {
return function (target, key) { decorator(target, key, paramIndex); }
};
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
var SupabaseAuthGuard_1;
Object.defineProperty(exports, "__esModule", { value: true });
exports.SupabaseAuthGuard = void 0;
const common_1 = require("@nestjs/common");
const supabase_js_1 = require("@supabase/supabase-js");
let SupabaseAuthGuard = SupabaseAuthGuard_1 = class SupabaseAuthGuard {
constructor(client) {
this.logger = new common_1.Logger(SupabaseAuthGuard_1.name);
this.supabaseClient = client || this.initializeSupabaseClient();
}
initializeSupabaseClient() {
this.logger.debug("Supabase auth guard initializing new Supabase client.");
if (!process.env.SUPABASE_URL) {
throw new Error("Supabase Auth environment variable: SUPABASE_URL is not set.");
}
if (!process.env.SUPABASE_ANON_KEY) {
throw new Error("Supabase Auth environment variable: SUPABASE_ANON_KEY is not set.");
}
return (0, supabase_js_1.createClient)(process.env.SUPABASE_URL, process.env.SUPABASE_ANON_KEY);
}
canActivate(context) {
return __awaiter(this, void 0, void 0, function* () {
const request = context.switchToHttp().getRequest();
const user = yield this.authenticateRequest(request);
request.authUser = user;
return true;
});
}
authenticateRequest(request) {
return __awaiter(this, void 0, void 0, function* () {
const token = this.extractTokenFromHeader(request);
if (!token) {
throw new common_1.UnauthorizedException(`No token provided`);
}
const user = yield this.getUserFromJWT(token);
if (!user) {
throw new common_1.UnauthorizedException(`Invalid token`);
}
return user;
});
}
extractTokenFromHeader(request) {
var _a, _b;
const [type, token] = (_b = (_a = request.headers.authorization) === null || _a === void 0 ? void 0 : _a.split(" ")) !== null && _b !== void 0 ? _b : [];
return type === "Bearer" && token != "undefined" ? token : undefined;
}
getUserFromJWT(token) {
return __awaiter(this, void 0, void 0, function* () {
const response = yield this.supabaseClient.auth.getUser(token);
if (!response.data.user) {
return undefined;
}
return response.data.user;
});
}
};
exports.SupabaseAuthGuard = SupabaseAuthGuard;
exports.SupabaseAuthGuard = SupabaseAuthGuard = SupabaseAuthGuard_1 = __decorate([
(0, common_1.Injectable)(),
__param(0, (0, common_1.Optional)()),
__param(0, (0, common_1.Inject)("SUPABASE_CLIENT")),
__metadata("design:paramtypes", [supabase_js_1.SupabaseClient])
], SupabaseAuthGuard);
//# sourceMappingURL=supabase-auth.guard.js.map