• Index
• Search by APIs
• Search by Words
• Project Search

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• nestjs-rest-sample-master
  • .github
    • ISSUE_TEMPLATE
      • bug_report.md
    • dependabot.yml
    • workflows
      • greetings.yml
      • dependabot-automerge.yml
      • build.yml
      • e2e.yml
      • stale.yml
      • dockerize.yml
  • src
    • database
      • user.model.ts
      • database-connection.providers.spec.ts
      • post.model.ts
      • database.constants.ts
      • user.mdoel.spec.ts
      • comment.model.ts
      • database.module.ts
      • database-models.providers.spec.ts
      • database-models.providers.ts
      • database-connection.providers.ts
    • user
      • register.dto.spec.ts
      • user.controller.ts
      • user.dto.ts
      • register.dto.ts
      • user.controller.spec.ts
      • register.controller.ts
      • register.controller.spec.ts
      • profile.controller.ts
      • user-data-initializer.service.ts
      • user.service.ts
      • profile.controller.spec.ts
      • user.module.ts
      • user.service.spec.ts
    • post
      • create-comment.dto.ts
      • post.service.ts
      • create-post.dto.ts
      • update-post.dto.ts
      • post.service.stub.ts
      • post.service.spec.ts
      • post-data-initializer.service.ts
      • post.module.ts
      • post.controller.ts
      • post.controller.spec.ts
    • app.module.ts
    • app.service.ts
    • config
      • mongodb.config.spec.ts
      • mongodb.config.ts
      • jwt.config.spec.ts
      • sendgrid.config.ts
      • sendgrid.config.spec.ts
      • jwt.config.ts
    • app.controller.spec.ts
    • main.ts
    • app.controller.ts
    • auth
      • auth.controller.ts
      • auth.service.spec.ts
      • interface
        • jwt-payload.interface.ts
        • access-token.interface.ts
        • user-principal.interface.ts
        • authenticated-request.interface.ts
      • auth.service.ts
      • auth.constants.ts
      • auth.controller.spec.ts
      • guard
        • jwt-auth.guard.ts
        • jwt-auth.guard.spec.ts
        • local-auth.guard.spec.ts
        • roles.guard.spec.ts
        • local-auth.guard.ts
        • has-roles.decorator.ts
        • roles.guard.ts
      • strategy
        • local.strategy.spec.ts
        • local.strategy.ts
        • jwt.strategy.ts
        • jwt.strategy.spec.ts
      • auth.module.ts
    • logger
      • logger.decorator.ts
      • logger.providers.ts
      • logger.module.ts
      • logger.service.ts
      • logger.service.spec.ts
    • shared
      • enum
        • role-type.enum.ts
      • pipe
        • parse-object-id.pipe.ts
        • parse-object-id.pipe.spec.ts
    • app.service.spec.ts
    • sendgrid
      • sendgrid.service.ts
      • sendgrid.providers.spec.ts
      • sendgrid.service.spec.ts
      • sendgrid.providers.ts
      • sendgrid.constants.ts
      • sendgrid.module.ts
  • .husky
    • commit-msg
    • pre-commit
    • .gitignore
  • .prettierrc
  • codecov.yml
  • LICENSE
  • test
    • app.e2e-spec.ts
    • jest-e2e.json
  • commitlint.config.js
  • tsconfig.build.json
  • README.md
  • package.json
  • Dockerfile
  • .eslintrc.js
  • tsconfig.json
  • .mergify.yml
  • .gitignore
  • docs
    • config.md
    • model.md
    • _config.yml
    • auth.md
    • index.md
    • mongo.md
    • api.md
    • user.md
    • testing.md
    • guide.md
  • .vscode
    • launch.json
  • docker-compose.yml
  • nest-cli.json

import { Injectable, UnauthorizedException } from '@nestjs/common';
import { JwtService } from '@nestjs/jwt';
import { EMPTY, from, Observable, of } from 'rxjs';
import { mergeMap, map, throwIfEmpty } from 'rxjs/operators';
import { UserService } from '../user/user.service';
import { AccessToken } from './interface/access-token.interface';
import { JwtPayload } from './interface/jwt-payload.interface';
import { UserPrincipal } from './interface/user-principal.interface';

@Injectable()
export class AuthService {
  constructor(
    private userService: UserService,
    private jwtService: JwtService,
  ) { }

  validateUser(username: string, pass: string): Observable<UserPrincipal> {
    return this.userService.findByUsername(username).pipe(
      //if user is not found, convert it into an EMPTY.
      mergeMap((p) => (p ? of(p) : EMPTY)),

      // Using a general message in the authentication progress is more reasonable.
      // Concise info could be considered for security.
      // Detailed info will be helpful for crackers.
      // throwIfEmpty(() => new NotFoundException(`username:${username} was not found`)),
      throwIfEmpty(() => new UnauthorizedException(`username or password is not matched`)),

      mergeMap((user) => {
        const { _id, password, username, email, roles } = user;
        return user.comparePassword(pass).pipe(map(m => {
          if (m) {
            return { id: _id, username, email, roles } as UserPrincipal;
          }else {
            // The same reason above.
            //throw new UnauthorizedException('password was not matched.')
            throw new UnauthorizedException('username or password is not matched')
          }
        }))
      })
    );
  }

  // If `LocalStrateg#validateUser` return a `Observable`, the `request.user` is
  // bound to a `Observable<UserPrincipal>`, not a `UserPrincipal`.
  //
  // I would like use the current `Promise` for this case, thus it will get
  // a `UserPrincipal` here directly.
  //
  login(user: UserPrincipal): Observable<AccessToken> {
    //console.log(user);
    const payload: JwtPayload = {
      upn: user.username, //upn is defined in Microprofile JWT spec, a human readable principal name.
      sub: user.id,
      email: user.email,
      roles: user.roles,
    };
    return from(this.jwtService.signAsync(payload)).pipe(
      map((access_token) => {
        return { access_token };
      }),
    );
  }
}