UNPKG

nestjs-appwrite

Version:

Easier Appwrite integration for your NestJS application.

70 lines (69 loc) 3.63 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
"use strict"; var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; return c > 3 && r && Object.defineProperty(target, key, r), r; }; var __metadata = (this && this.__metadata) || function (k, v) { if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v); }; var __param = (this && this.__param) || function (paramIndex, decorator) { return function (target, key) { decorator(target, key, paramIndex); } }; var AccessTokenGuard_1; Object.defineProperty(exports, "__esModule", { value: true }); exports.AccessTokenGuard = void 0; const common_1 = require("@nestjs/common"); const jwt = require("jsonwebtoken"); const node_appwrite_1 = require("node-appwrite"); const appwrite_unauthorized_exception_1 = require("../exceptions/appwrite-unauthorized.exception"); const appwrite_constants_1 = require("../appwrite.constants"); const secret_store_service_1 = require("../service/secret-store.service"); const JWT_SECRET = 'jwt_secret'; const BEARER_PREFIX = 'Bearer '; let AccessTokenGuard = AccessTokenGuard_1 = class AccessTokenGuard { constructor(storeService, config) { this.storeService = storeService; this.config = config; this.logger = new common_1.Logger(AccessTokenGuard_1.name); } async onApplicationBootstrap() { this.jwtSecret = await this.storeService.getSecretString(JWT_SECRET); } async canActivate(context) { if (!this.jwtSecret) { this.logger.error(`Secret ${JWT_SECRET} is undefined, unable to verify tokens`); throw new appwrite_unauthorized_exception_1.AppwriteUnauthorizedException(appwrite_constants_1.INVALID_TOKEN, 'Unable to validate the token'); } const req = context.switchToHttp().getRequest(); const { authorization } = req.headers; if (!authorization) { throw new appwrite_unauthorized_exception_1.AppwriteUnauthorizedException(appwrite_constants_1.INVALID_TOKEN, 'Missing authorization header'); } const formattedToken = authorization?.replace(BEARER_PREFIX, '') ?? ''; try { const decodedToken = jwt.verify(formattedToken, this.jwtSecret); const client = new node_appwrite_1.Client() .setEndpoint(this.config.APPWRITE_ENDPOINT) .setProject(this.config.APPWRITE_PROJECT_ID) .setJWT(formattedToken); client.decodedToken = decodedToken; if (!req.body) { req.body = {}; } req.body.client = client; return true; } catch (err) { this.logger.error(err); throw new appwrite_unauthorized_exception_1.AppwriteUnauthorizedException(appwrite_constants_1.INVALID_TOKEN, 'Invalid authorization token'); } } }; exports.AccessTokenGuard = AccessTokenGuard; exports.AccessTokenGuard = AccessTokenGuard = AccessTokenGuard_1 = __decorate([ (0, common_1.Injectable)(), __param(1, (0, common_1.Inject)(appwrite_constants_1.CONFIG_PROVIDER_NAME)), __metadata("design:paramtypes", [secret_store_service_1.SecretStoreService, Object]) ], AccessTokenGuard);