♻️ 校验token通过后，不再去数据库查询用户是否存在，避免每次请求都去查询数据库

2023-02-17 11:49:16 +08:00 · 2023-02-17 11:49:16 +08:00 · b166294b6b
commit b166294b6b
parent 57a41e30b6
7 changed files with 33 additions and 35 deletions
--- a/src/auth/auth.controller.ts
+++ b/src/auth/auth.controller.ts
@ -3,14 +3,17 @@ import { AuthService } from './auth.service'
 import { CreateUserDto } from 'src/users/dto/create-user.dto'
 import { ApiTags } from '@nestjs/swagger'
 import { LoginInputDto } from './dto/login-input.dto'
-import { UserEntity } from 'src/users/entities/user.entity'
+import { Token } from 'src/common/decorators/token.decorator'
 import { User } from 'src/common/decorators/user.decorator'
 import { NeedAuth } from 'src/common/decorators/need-auth.decorator'
 import { UsersService } from 'src/users/users.service'
@ApiTags('auth')
@Controller()
 export class AuthController {
-  constructor(private readonly authService: AuthService) {}
+  constructor(
    private readonly authService: AuthService,
    private readonly userService: UsersService,
  ) {}
  @Post('api/register')
  async register(@Body() userData: CreateUserDto) {
@ -24,7 +27,8 @@ export class AuthController {
  @NeedAuth()
  @Get('api/profile')
-  async getUserInfo(@User() user: UserEntity) {
+  async getUserInfo(@Token('userId') userId: string) {
    const user = await this.userService.findUser({ id: userId })
    return user
  }
 }
--- a/src/auth/auth.service.ts
+++ b/src/auth/auth.service.ts
@ -1,6 +1,6 @@
 import { Injectable, BadRequestException } from '@nestjs/common'
 import { PasswordService } from 'src/users/password.service'
-import { Token } from './dto/token.dto'
+import { Token, TokenPayload } from './dto/token.dto'
 import { JwtService } from '@nestjs/jwt'
 import { ConfigService } from '@nestjs/config'
 import { UsersService } from 'src/users/users.service'
@ -34,7 +34,7 @@ export class AuthService {
    return this.generateTokens({ userId: user.id })
  }
-  private generateTokens(payload: { userId: string }): Token {
+  private generateTokens(payload: TokenPayload): Token {
    const accessToken = this.jwtService.sign(payload, {
      secret: this.configService.get<string>(
        'JWT_ACCESS_SECRET',
--- a/src/auth/dto/token.dto.ts
+++ b/src/auth/dto/token.dto.ts
@ -7,3 +7,7 @@ export class Token {
  @ApiProperty()
  refreshToken: string
 }
 export class TokenPayload {
  userId: string
 }
--- a/src/auth/strategies/jwt.strategy.ts
+++ b/src/auth/strategies/jwt.strategy.ts
@ -1,29 +1,19 @@
 import { Strategy, ExtractJwt } from 'passport-jwt'
 import { PassportStrategy } from '@nestjs/passport'
-import { Injectable, UnauthorizedException } from '@nestjs/common'
+import { Injectable } from '@nestjs/common'
 import { ConfigService } from '@nestjs/config'
-import { User } from '@prisma/client'
+import { TokenPayload } from '../dto/token.dto'
 import { PrismaService } from 'nestjs-prisma'
@Injectable()
 export class JwtStrategy extends PassportStrategy(Strategy) {
-  constructor(
+  constructor(readonly configService: ConfigService) {
    private prismaService: PrismaService,
    readonly configService: ConfigService,
  ) {
    super({
      jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
      secretOrKey: configService.get('JWT_ACCESS_SECRET', 'JWT_ACCESS_SECRET'),
    })
  }
-  async validate(payload: { userId: string }): Promise<User> {
+  async validate(payload: TokenPayload) {
-    const user = await this.prismaService.user.findUnique({
+    return payload
      where: { id: payload.userId },
    })
    if (!user) {
      throw new UnauthorizedException()
    }
    return user
  }
 }
--- a/src/common/decorators/token.decorator.ts
+++ b/src/common/decorators/token.decorator.ts
@ -0,0 +1,12 @@
 import { createParamDecorator, ExecutionContext } from '@nestjs/common'
 import { type Request } from 'express'
 import { TokenPayload } from 'src/auth/dto/token.dto'
 export const Token = createParamDecorator(
  (key: keyof TokenPayload, ctx: ExecutionContext) => {
    const request = ctx.switchToHttp().getRequest<Request>()
    const token = request.user as TokenPayload
    return key ? token?.[key] : token
  },
 )
--- a/src/common/decorators/user.decorator.ts
+++ b/src/common/decorators/user.decorator.ts
@ -1,12 +0,0 @@
 import { createParamDecorator, ExecutionContext } from '@nestjs/common'
 import { type Request } from 'express'
 import { UserEntity } from 'src/users/entities/user.entity'
 export const User = createParamDecorator(
  (key: string, ctx: ExecutionContext) => {
    const request = ctx.switchToHttp().getRequest<Request>()
    const user = request.user as UserEntity
    return key ? user?.[key] : user
  },
 )
--- a/src/common/guards/jwt-auth.guard.ts
+++ b/src/common/guards/jwt-auth.guard.ts
@ -15,11 +15,11 @@ export class JwtAuthGuard extends AuthGuard('jwt') {
  }
  canActivate(context: ExecutionContext) {
-    const isPublic = this.reflector.getAllAndOverride<boolean>(SKIP_AUTH_KEY, [
+    const skipAuth = this.reflector.getAllAndOverride<boolean>(SKIP_AUTH_KEY, [
      context.getHandler(),
      context.getClass(),
    ])
-    if (isPublic) {
+    if (skipAuth) {
      return true
    }
    return super.canActivate(context)