update config

.env.example

@@ -15,4 +15,6 @@ PORT=12400
 # Security
 JWT_ACCESS_SECRET=JWT_ACCESS_SECRET
 JWT_REFRESH_SECRET=JWT_REFRESH_SECRET
-SALT=1
+bcryptSaltOrRound=10
+expiresIn=30m
+refreshIn=7d

src/app.module.ts

@@ -1,12 +1,16 @@
 import { Logger, Module } from '@nestjs/common'
 import { ConfigModule } from '@nestjs/config'
+import { nestConfig, securityConfig } from 'src/common/configs'
 import { PrismaModule, loggingMiddleware } from 'nestjs-prisma'
 import { UsersModule } from './users/users.module'
 import { AuthModule } from './auth/auth.module'
 
 @Module({
   imports: [
-    ConfigModule.forRoot({ isGlobal: true }),
+    ConfigModule.forRoot({
+      isGlobal: true,
+      load: [nestConfig, securityConfig],
+    }),
     PrismaModule.forRoot({
       isGlobal: true,
       prismaServiceOptions: {
@@ -18,6 +22,7 @@ import { AuthModule } from './auth/auth.module'
         ],
       },
     }),
+
     UsersModule,
     AuthModule,
   ],

src/auth/auth.service.ts

@@ -1,4 +1,5 @@
 import {
+  Inject,
   Injectable,
   BadRequestException,
   UnauthorizedException,
@@ -6,7 +7,7 @@ import {
 import { PasswordService } from 'src/users/password.service'
 import { Token, TokenPayload } from './dto/token.dto'
 import { JwtService } from '@nestjs/jwt'
-import { ConfigService } from '@nestjs/config'
+import { securityConfig, SecurityConfig } from 'src/common/configs'
 import { UsersService } from 'src/users/users.service'
 import { CreateUserDto } from 'src/users/dto/create-user.dto'
 @Injectable()
@@ -14,8 +15,9 @@ export class AuthService {
   constructor(
     private passwordService: PasswordService,
     private jwtService: JwtService,
-    private configService: ConfigService,
     private userService: UsersService,
+    @Inject(securityConfig.KEY)
+    private secureConfig: SecurityConfig,
   ) {}
 
   async register(payload: CreateUserDto) {
@@ -41,10 +43,7 @@ export class AuthService {
   async refreshToken(token: string) {
     try {
       const { userId } = this.jwtService.verify(token, {
-        secret: this.configService.get<string>(
+        secret: this.secureConfig.jwt_refresh_secret,
-          'JWT_REFRESH_SECRET',
-          'JWT_REFRESH_SECRET',
-        ),
       })
       return this.generateTokens({ userId })
     } catch (e) {
@@ -55,18 +54,12 @@ export class AuthService {
 
   private generateTokens(payload: TokenPayload): Token {
     const accessToken = this.jwtService.sign(payload, {
-      secret: this.configService.get<string>(
+      secret: this.secureConfig.jwt_access_secret,
-        'JWT_ACCESS_SECRET',
+      expiresIn: this.secureConfig.expiresIn,
-        'JWT_ACCESS_SECRET',
-      ),
-      expiresIn: '30min',
     })
     const refreshToken = this.jwtService.sign(payload, {
-      secret: this.configService.get<string>(
+      secret: this.secureConfig.jwt_refresh_secret,
-        'JWT_REFRESH_SECRET',
+      expiresIn: this.secureConfig.refreshIn,
-        'JWT_REFRESH_SECRET',
-      ),
-      expiresIn: '7d',
     })
 
     return { accessToken, refreshToken }

src/auth/strategies/jwt.strategy.ts

@@ -1,15 +1,18 @@
 import { Strategy, ExtractJwt } from 'passport-jwt'
 import { PassportStrategy } from '@nestjs/passport'
-import { Injectable } from '@nestjs/common'
+import { Injectable, Inject } from '@nestjs/common'
-import { ConfigService } from '@nestjs/config'
 import { TokenPayload } from '../dto/token.dto'
+import { securityConfig, SecurityConfig } from 'src/common/configs'
 
 @Injectable()
 export class JwtStrategy extends PassportStrategy(Strategy) {
-  constructor(readonly configService: ConfigService) {
+  constructor(
+    @Inject(securityConfig.KEY)
+    readonly secureConfig: SecurityConfig,
+  ) {
     super({
       jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
-      secretOrKey: configService.get('JWT_ACCESS_SECRET', 'JWT_ACCESS_SECRET'),
+      secretOrKey: secureConfig.jwt_access_secret,
     })
   }
 

src/common/configs/index.ts

@@ -0,0 +1,2 @@
+export { nestConfig, NestConfig } from './nest.config'
+export { securityConfig, SecurityConfig } from './security.config'

src/common/configs/nest.config.ts

@@ -0,0 +1,7 @@
+import { registerAs, ConfigType } from '@nestjs/config'
+
+export const nestConfig = registerAs('nest', () => ({
+  port: Number(process.env.PORT) || 12400,
+}))
+
+export type NestConfig = ConfigType<typeof nestConfig>

src/common/configs/security.config.ts

@@ -0,0 +1,11 @@
+import { registerAs, ConfigType } from '@nestjs/config'
+
+export const securityConfig = registerAs('security', () => ({
+  jwt_access_secret: process.env.JWT_ACCESS_SECRET || 'JWT_ACCESS_SECRET',
+  jwt_refresh_secret: process.env.JWT_REFRESH_SECRET || 'JWT_REFRESH_SECRET',
+  expiresIn: process.env.expiresIn || '30m',
+  refreshIn: process.env.refreshIn || '7d',
+  bcryptSaltOrRound: Number(process.env.bcryptSaltOrRound) || 10,
+}))
+
+export type SecurityConfig = ConfigType<typeof securityConfig>

src/main.ts

@@ -30,7 +30,7 @@ async function bootstrap() {
   SwaggerModule.setup('api', app, document)
 
   const configService = app.get(ConfigService)
-  const PORT = configService.get<number>('PORT', 12400)
+  const PORT = configService.get<number>('nest.port', 12400)
 
   await app.listen(PORT)
 }

src/users/password.service.ts

@@ -1,13 +1,16 @@
-import { Injectable } from '@nestjs/common'
+import { Inject, Injectable } from '@nestjs/common'
-import { ConfigService } from '@nestjs/config'
+import { securityConfig, SecurityConfig } from 'src/common/configs'
 import { hash, compare } from 'bcrypt'
 
 @Injectable()
 export class PasswordService {
-  constructor(private configService: ConfigService) {}
+  constructor(
+    @Inject(securityConfig.KEY)
+    private secureConfig: SecurityConfig,
+  ) {}
 
   get bcryptSaltRounds(): string | number {
-    const saltOrRounds = this.configService.get<string>('SALT', '10')
+    const saltOrRounds = this.secureConfig.bcryptSaltOrRound
 
     return Number.isInteger(Number(saltOrRounds))
       ? Number(saltOrRounds)