From 4a7b2400cb328e1cb704fe8cd0a6742032f02da7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A7=A6=E7=A7=8B=E6=97=AD?= Date: Tue, 21 Feb 2023 11:13:21 +0800 Subject: [PATCH] update config --- .env.example | 4 +++- src/app.module.ts | 7 ++++++- src/auth/auth.service.ts | 25 +++++++++---------------- src/auth/strategies/jwt.strategy.ts | 11 +++++++---- src/common/configs/index.ts | 2 ++ src/common/configs/nest.config.ts | 7 +++++++ src/common/configs/security.config.ts | 11 +++++++++++ src/main.ts | 2 +- src/users/password.service.ts | 11 +++++++---- 9 files changed, 53 insertions(+), 27 deletions(-) create mode 100644 src/common/configs/index.ts create mode 100644 src/common/configs/nest.config.ts create mode 100644 src/common/configs/security.config.ts diff --git a/.env.example b/.env.example index 7f486d5..464295d 100644 --- a/.env.example +++ b/.env.example @@ -15,4 +15,6 @@ PORT=12400 # Security JWT_ACCESS_SECRET=JWT_ACCESS_SECRET JWT_REFRESH_SECRET=JWT_REFRESH_SECRET -SALT=1 \ No newline at end of file +bcryptSaltOrRound=10 +expiresIn=30m +refreshIn=7d \ No newline at end of file diff --git a/src/app.module.ts b/src/app.module.ts index 2b780b9..f3879ff 100644 --- a/src/app.module.ts +++ b/src/app.module.ts @@ -1,12 +1,16 @@ import { Logger, Module } from '@nestjs/common' import { ConfigModule } from '@nestjs/config' +import { nestConfig, securityConfig } from 'src/common/configs' import { PrismaModule, loggingMiddleware } from 'nestjs-prisma' import { UsersModule } from './users/users.module' import { AuthModule } from './auth/auth.module' @Module({ imports: [ - ConfigModule.forRoot({ isGlobal: true }), + ConfigModule.forRoot({ + isGlobal: true, + load: [nestConfig, securityConfig], + }), PrismaModule.forRoot({ isGlobal: true, prismaServiceOptions: { @@ -18,6 +22,7 @@ import { AuthModule } from './auth/auth.module' ], }, }), + UsersModule, AuthModule, ], diff --git a/src/auth/auth.service.ts b/src/auth/auth.service.ts index 9e4baea..112de8c 100644 --- a/src/auth/auth.service.ts +++ b/src/auth/auth.service.ts @@ -1,4 +1,5 @@ import { + Inject, Injectable, BadRequestException, UnauthorizedException, @@ -6,7 +7,7 @@ import { import { PasswordService } from 'src/users/password.service' import { Token, TokenPayload } from './dto/token.dto' import { JwtService } from '@nestjs/jwt' -import { ConfigService } from '@nestjs/config' +import { securityConfig, SecurityConfig } from 'src/common/configs' import { UsersService } from 'src/users/users.service' import { CreateUserDto } from 'src/users/dto/create-user.dto' @Injectable() @@ -14,8 +15,9 @@ export class AuthService { constructor( private passwordService: PasswordService, private jwtService: JwtService, - private configService: ConfigService, private userService: UsersService, + @Inject(securityConfig.KEY) + private secureConfig: SecurityConfig, ) {} async register(payload: CreateUserDto) { @@ -41,10 +43,7 @@ export class AuthService { async refreshToken(token: string) { try { const { userId } = this.jwtService.verify(token, { - secret: this.configService.get( - 'JWT_REFRESH_SECRET', - 'JWT_REFRESH_SECRET', - ), + secret: this.secureConfig.jwt_refresh_secret, }) return this.generateTokens({ userId }) } catch (e) { @@ -55,18 +54,12 @@ export class AuthService { private generateTokens(payload: TokenPayload): Token { const accessToken = this.jwtService.sign(payload, { - secret: this.configService.get( - 'JWT_ACCESS_SECRET', - 'JWT_ACCESS_SECRET', - ), - expiresIn: '30min', + secret: this.secureConfig.jwt_access_secret, + expiresIn: this.secureConfig.expiresIn, }) const refreshToken = this.jwtService.sign(payload, { - secret: this.configService.get( - 'JWT_REFRESH_SECRET', - 'JWT_REFRESH_SECRET', - ), - expiresIn: '7d', + secret: this.secureConfig.jwt_refresh_secret, + expiresIn: this.secureConfig.refreshIn, }) return { accessToken, refreshToken } diff --git a/src/auth/strategies/jwt.strategy.ts b/src/auth/strategies/jwt.strategy.ts index fa4ffe6..c258ee6 100644 --- a/src/auth/strategies/jwt.strategy.ts +++ b/src/auth/strategies/jwt.strategy.ts @@ -1,15 +1,18 @@ import { Strategy, ExtractJwt } from 'passport-jwt' import { PassportStrategy } from '@nestjs/passport' -import { Injectable } from '@nestjs/common' -import { ConfigService } from '@nestjs/config' +import { Injectable, Inject } from '@nestjs/common' import { TokenPayload } from '../dto/token.dto' +import { securityConfig, SecurityConfig } from 'src/common/configs' @Injectable() export class JwtStrategy extends PassportStrategy(Strategy) { - constructor(readonly configService: ConfigService) { + constructor( + @Inject(securityConfig.KEY) + readonly secureConfig: SecurityConfig, + ) { super({ jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(), - secretOrKey: configService.get('JWT_ACCESS_SECRET', 'JWT_ACCESS_SECRET'), + secretOrKey: secureConfig.jwt_access_secret, }) } diff --git a/src/common/configs/index.ts b/src/common/configs/index.ts new file mode 100644 index 0000000..31b55f2 --- /dev/null +++ b/src/common/configs/index.ts @@ -0,0 +1,2 @@ +export { nestConfig, NestConfig } from './nest.config' +export { securityConfig, SecurityConfig } from './security.config' diff --git a/src/common/configs/nest.config.ts b/src/common/configs/nest.config.ts new file mode 100644 index 0000000..f0bdd9a --- /dev/null +++ b/src/common/configs/nest.config.ts @@ -0,0 +1,7 @@ +import { registerAs, ConfigType } from '@nestjs/config' + +export const nestConfig = registerAs('nest', () => ({ + port: Number(process.env.PORT) || 12400, +})) + +export type NestConfig = ConfigType diff --git a/src/common/configs/security.config.ts b/src/common/configs/security.config.ts new file mode 100644 index 0000000..f2f7275 --- /dev/null +++ b/src/common/configs/security.config.ts @@ -0,0 +1,11 @@ +import { registerAs, ConfigType } from '@nestjs/config' + +export const securityConfig = registerAs('security', () => ({ + jwt_access_secret: process.env.JWT_ACCESS_SECRET || 'JWT_ACCESS_SECRET', + jwt_refresh_secret: process.env.JWT_REFRESH_SECRET || 'JWT_REFRESH_SECRET', + expiresIn: process.env.expiresIn || '30m', + refreshIn: process.env.refreshIn || '7d', + bcryptSaltOrRound: Number(process.env.bcryptSaltOrRound) || 10, +})) + +export type SecurityConfig = ConfigType diff --git a/src/main.ts b/src/main.ts index 80a79c3..8f1ccad 100644 --- a/src/main.ts +++ b/src/main.ts @@ -30,7 +30,7 @@ async function bootstrap() { SwaggerModule.setup('api', app, document) const configService = app.get(ConfigService) - const PORT = configService.get('PORT', 12400) + const PORT = configService.get('nest.port', 12400) await app.listen(PORT) } diff --git a/src/users/password.service.ts b/src/users/password.service.ts index c6bdfae..066045d 100644 --- a/src/users/password.service.ts +++ b/src/users/password.service.ts @@ -1,13 +1,16 @@ -import { Injectable } from '@nestjs/common' -import { ConfigService } from '@nestjs/config' +import { Inject, Injectable } from '@nestjs/common' +import { securityConfig, SecurityConfig } from 'src/common/configs' import { hash, compare } from 'bcrypt' @Injectable() export class PasswordService { - constructor(private configService: ConfigService) {} + constructor( + @Inject(securityConfig.KEY) + private secureConfig: SecurityConfig, + ) {} get bcryptSaltRounds(): string | number { - const saltOrRounds = this.configService.get('SALT', '10') + const saltOrRounds = this.secureConfig.bcryptSaltOrRound return Number.isInteger(Number(saltOrRounds)) ? Number(saltOrRounds)