diff --git a/src/auth/auth.controller.ts b/src/auth/auth.controller.ts index ca5e6f6..0b55f1e 100644 --- a/src/auth/auth.controller.ts +++ b/src/auth/auth.controller.ts @@ -3,14 +3,17 @@ import { AuthService } from './auth.service' import { CreateUserDto } from 'src/users/dto/create-user.dto' import { ApiTags } from '@nestjs/swagger' import { LoginInputDto } from './dto/login-input.dto' -import { UserEntity } from 'src/users/entities/user.entity' -import { User } from 'src/common/decorators/user.decorator' +import { Token } from 'src/common/decorators/token.decorator' import { NeedAuth } from 'src/common/decorators/need-auth.decorator' +import { UsersService } from 'src/users/users.service' @ApiTags('auth') @Controller() export class AuthController { - constructor(private readonly authService: AuthService) {} + constructor( + private readonly authService: AuthService, + private readonly userService: UsersService, + ) {} @Post('api/register') async register(@Body() userData: CreateUserDto) { @@ -24,7 +27,8 @@ export class AuthController { @NeedAuth() @Get('api/profile') - async getUserInfo(@User() user: UserEntity) { + async getUserInfo(@Token('userId') userId: string) { + const user = await this.userService.findUser({ id: userId }) return user } } diff --git a/src/auth/auth.service.ts b/src/auth/auth.service.ts index d3201ff..03bff76 100644 --- a/src/auth/auth.service.ts +++ b/src/auth/auth.service.ts @@ -1,6 +1,6 @@ import { Injectable, BadRequestException } from '@nestjs/common' import { PasswordService } from 'src/users/password.service' -import { Token } from './dto/token.dto' +import { Token, TokenPayload } from './dto/token.dto' import { JwtService } from '@nestjs/jwt' import { ConfigService } from '@nestjs/config' import { UsersService } from 'src/users/users.service' @@ -34,7 +34,7 @@ export class AuthService { return this.generateTokens({ userId: user.id }) } - private generateTokens(payload: { userId: string }): Token { + private generateTokens(payload: TokenPayload): Token { const accessToken = this.jwtService.sign(payload, { secret: this.configService.get( 'JWT_ACCESS_SECRET', diff --git a/src/auth/dto/token.dto.ts b/src/auth/dto/token.dto.ts index 5f3fd81..d414886 100644 --- a/src/auth/dto/token.dto.ts +++ b/src/auth/dto/token.dto.ts @@ -7,3 +7,7 @@ export class Token { @ApiProperty() refreshToken: string } + +export class TokenPayload { + userId: string +} diff --git a/src/auth/strategies/jwt.strategy.ts b/src/auth/strategies/jwt.strategy.ts index 3c2702e..fa4ffe6 100644 --- a/src/auth/strategies/jwt.strategy.ts +++ b/src/auth/strategies/jwt.strategy.ts @@ -1,29 +1,19 @@ import { Strategy, ExtractJwt } from 'passport-jwt' import { PassportStrategy } from '@nestjs/passport' -import { Injectable, UnauthorizedException } from '@nestjs/common' +import { Injectable } from '@nestjs/common' import { ConfigService } from '@nestjs/config' -import { User } from '@prisma/client' -import { PrismaService } from 'nestjs-prisma' +import { TokenPayload } from '../dto/token.dto' @Injectable() export class JwtStrategy extends PassportStrategy(Strategy) { - constructor( - private prismaService: PrismaService, - readonly configService: ConfigService, - ) { + constructor(readonly configService: ConfigService) { super({ jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(), secretOrKey: configService.get('JWT_ACCESS_SECRET', 'JWT_ACCESS_SECRET'), }) } - async validate(payload: { userId: string }): Promise { - const user = await this.prismaService.user.findUnique({ - where: { id: payload.userId }, - }) - if (!user) { - throw new UnauthorizedException() - } - return user + async validate(payload: TokenPayload) { + return payload } } diff --git a/src/common/decorators/token.decorator.ts b/src/common/decorators/token.decorator.ts new file mode 100644 index 0000000..7c7ffdb --- /dev/null +++ b/src/common/decorators/token.decorator.ts @@ -0,0 +1,12 @@ +import { createParamDecorator, ExecutionContext } from '@nestjs/common' +import { type Request } from 'express' +import { TokenPayload } from 'src/auth/dto/token.dto' + +export const Token = createParamDecorator( + (key: keyof TokenPayload, ctx: ExecutionContext) => { + const request = ctx.switchToHttp().getRequest() + const token = request.user as TokenPayload + + return key ? token?.[key] : token + }, +) diff --git a/src/common/decorators/user.decorator.ts b/src/common/decorators/user.decorator.ts deleted file mode 100644 index d18ebab..0000000 --- a/src/common/decorators/user.decorator.ts +++ /dev/null @@ -1,12 +0,0 @@ -import { createParamDecorator, ExecutionContext } from '@nestjs/common' -import { type Request } from 'express' -import { UserEntity } from 'src/users/entities/user.entity' - -export const User = createParamDecorator( - (key: string, ctx: ExecutionContext) => { - const request = ctx.switchToHttp().getRequest() - const user = request.user as UserEntity - - return key ? user?.[key] : user - }, -) diff --git a/src/common/guards/jwt-auth.guard.ts b/src/common/guards/jwt-auth.guard.ts index 8e43db7..3121df7 100644 --- a/src/common/guards/jwt-auth.guard.ts +++ b/src/common/guards/jwt-auth.guard.ts @@ -15,11 +15,11 @@ export class JwtAuthGuard extends AuthGuard('jwt') { } canActivate(context: ExecutionContext) { - const isPublic = this.reflector.getAllAndOverride(SKIP_AUTH_KEY, [ + const skipAuth = this.reflector.getAllAndOverride(SKIP_AUTH_KEY, [ context.getHandler(), context.getClass(), ]) - if (isPublic) { + if (skipAuth) { return true } return super.canActivate(context)