nest-project/src/auth/auth.service.ts

import {
  Inject,
  Injectable,
  BadRequestException,
  UnauthorizedException,
} from '@nestjs/common'
import { PasswordService } from 'src/users/password.service'
import { Token, TokenPayload } from './dto/token.dto'
import { JwtService } from '@nestjs/jwt'
import { securityConfig, SecurityConfig } from 'src/common/configs'
import { UsersService } from 'src/users/users.service'
import { CreateUserDto } from 'src/users/dto/create-user.dto'
@Injectable()
export class AuthService {
  constructor(
    private passwordService: PasswordService,
    private jwtService: JwtService,
    private userService: UsersService,
    @Inject(securityConfig.KEY)
    private secureConfig: SecurityConfig,
  ) {}

  async register(payload: CreateUserDto) {
    const user = await this.userService.createUser(payload)
    return this.generateTokens({ userId: user.id })
  }

  async login(email: string, password: string) {
    const user = await this.userService.findUser({ email })

    const passwordValid = await this.passwordService.validatePassword(
      password,
      user.password,
    )

    if (!passwordValid) {
      throw new BadRequestException('Invalid password')
    }

    return this.generateTokens({ userId: user.id })
  }

  async refreshToken(token: string) {
    try {
      const { userId } = this.jwtService.verify(token, {
        secret: this.secureConfig.jwt_refresh_secret,
      })
      return this.generateTokens({ userId })
    } catch (e) {
      console.error(e)
      throw new UnauthorizedException(e.message)
    }
  }

  private generateTokens(payload: TokenPayload): Token {
    const accessToken = this.jwtService.sign(payload, {
      secret: this.secureConfig.jwt_access_secret,
      expiresIn: this.secureConfig.expiresIn,
    })
    const refreshToken = this.jwtService.sign(payload, {
      secret: this.secureConfig.jwt_refresh_secret,
      expiresIn: this.secureConfig.refreshIn,
    })

    return { accessToken, refreshToken }
  }
}
refreshToken 2023-02-17 15:56:35 +08:00			`import {`
update config 2023-02-21 11:13:21 +08:00			`Inject,`
refreshToken 2023-02-17 15:56:35 +08:00			`Injectable,`
			`BadRequestException,`
			`UnauthorizedException,`
			`} from '@nestjs/common'`
login & register 2023-02-16 10:40:03 +08:00			`import { PasswordService } from 'src/users/password.service'`
♻️ 校验token通过后，不再去数据库查询用户是否存在，避免每次请求都去查询数据库 2023-02-17 11:49:16 +08:00			`import { Token, TokenPayload } from './dto/token.dto'`
✨ login & signup 2023-02-16 01:18:55 +08:00			`import { JwtService } from '@nestjs/jwt'`
update config 2023-02-21 11:13:21 +08:00			`import { securityConfig, SecurityConfig } from 'src/common/configs'`
login & register 2023-02-16 10:40:03 +08:00			`import { UsersService } from 'src/users/users.service'`
			`import { CreateUserDto } from 'src/users/dto/create-user.dto'`
✨ login & signup 2023-02-16 01:18:55 +08:00			`@Injectable()`
			`export class AuthService {`
			`constructor(`
			`private passwordService: PasswordService,`
			`private jwtService: JwtService,`
login & register 2023-02-16 10:40:03 +08:00			`private userService: UsersService,`
update config 2023-02-21 11:13:21 +08:00			`@Inject(securityConfig.KEY)`
			`private secureConfig: SecurityConfig,`
✨ login & signup 2023-02-16 01:18:55 +08:00			`) {}`

login & register 2023-02-16 10:40:03 +08:00			`async register(payload: CreateUserDto) {`
			`const user = await this.userService.createUser(payload)`
			`return this.generateTokens({ userId: user.id })`
✨ login & signup 2023-02-16 01:18:55 +08:00			`}`

login & register 2023-02-16 10:40:03 +08:00			`async login(email: string, password: string) {`
			`const user = await this.userService.findUser({ email })`
✨ login & signup 2023-02-16 01:18:55 +08:00
			`const passwordValid = await this.passwordService.validatePassword(`
			`password,`
			`user.password,`
			`)`

			`if (!passwordValid) {`
			`throw new BadRequestException('Invalid password')`
			`}`

login & register 2023-02-16 10:40:03 +08:00			`return this.generateTokens({ userId: user.id })`
✨ login & signup 2023-02-16 01:18:55 +08:00			`}`

refreshToken 2023-02-17 15:56:35 +08:00			`async refreshToken(token: string) {`
			`try {`
			`const { userId } = this.jwtService.verify(token, {`
update config 2023-02-21 11:13:21 +08:00			`secret: this.secureConfig.jwt_refresh_secret,`
refreshToken 2023-02-17 15:56:35 +08:00			`})`
			`return this.generateTokens({ userId })`
			`} catch (e) {`
			`console.error(e)`
			`throw new UnauthorizedException(e.message)`
			`}`
			`}`

♻️ 校验token通过后，不再去数据库查询用户是否存在，避免每次请求都去查询数据库 2023-02-17 11:49:16 +08:00			`private generateTokens(payload: TokenPayload): Token {`
✨ login & signup 2023-02-16 01:18:55 +08:00			`const accessToken = this.jwtService.sign(payload, {`
update config 2023-02-21 11:13:21 +08:00			`secret: this.secureConfig.jwt_access_secret,`
			`expiresIn: this.secureConfig.expiresIn,`
✨ login & signup 2023-02-16 01:18:55 +08:00			`})`
			`const refreshToken = this.jwtService.sign(payload, {`
update config 2023-02-21 11:13:21 +08:00			`secret: this.secureConfig.jwt_refresh_secret,`
			`expiresIn: this.secureConfig.refreshIn,`
✨ login & signup 2023-02-16 01:18:55 +08:00			`})`

			`return { accessToken, refreshToken }`
			`}`
			`}`