• Index
• Search by APIs
• Search by Words
• Project Search

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• nestjs-rest-sample-master
  • .github
    • ISSUE_TEMPLATE
      • bug_report.md
    • dependabot.yml
    • workflows
      • greetings.yml
      • dependabot-automerge.yml
      • build.yml
      • e2e.yml
      • stale.yml
      • dockerize.yml
  • src
    • database
      • user.model.ts
      • database-connection.providers.spec.ts
      • post.model.ts
      • database.constants.ts
      • user.mdoel.spec.ts
      • comment.model.ts
      • database.module.ts
      • database-models.providers.spec.ts
      • database-models.providers.ts
      • database-connection.providers.ts
    • user
      • register.dto.spec.ts
      • user.controller.ts
      • user.dto.ts
      • register.dto.ts
      • user.controller.spec.ts
      • register.controller.ts
      • register.controller.spec.ts
      • profile.controller.ts
      • user-data-initializer.service.ts
      • user.service.ts
      • profile.controller.spec.ts
      • user.module.ts
      • user.service.spec.ts
    • post
      • create-comment.dto.ts
      • post.service.ts
      • create-post.dto.ts
      • update-post.dto.ts
      • post.service.stub.ts
      • post.service.spec.ts
      • post-data-initializer.service.ts
      • post.module.ts
      • post.controller.ts
      • post.controller.spec.ts
    • app.module.ts
    • app.service.ts
    • config
      • mongodb.config.spec.ts
      • mongodb.config.ts
      • jwt.config.spec.ts
      • sendgrid.config.ts
      • sendgrid.config.spec.ts
      • jwt.config.ts
    • app.controller.spec.ts
    • main.ts
    • app.controller.ts
    • auth
      • auth.controller.ts
      • auth.service.spec.ts
      • interface
        • jwt-payload.interface.ts
        • access-token.interface.ts
        • user-principal.interface.ts
        • authenticated-request.interface.ts
      • auth.service.ts
      • auth.constants.ts
      • auth.controller.spec.ts
      • guard
        • jwt-auth.guard.ts
        • jwt-auth.guard.spec.ts
        • local-auth.guard.spec.ts
        • roles.guard.spec.ts
        • local-auth.guard.ts
        • has-roles.decorator.ts
        • roles.guard.ts
      • strategy
        • local.strategy.spec.ts
        • local.strategy.ts
        • jwt.strategy.ts
        • jwt.strategy.spec.ts
      • auth.module.ts
    • logger
      • logger.decorator.ts
      • logger.providers.ts
      • logger.module.ts
      • logger.service.ts
      • logger.service.spec.ts
    • shared
      • enum
        • role-type.enum.ts
      • pipe
        • parse-object-id.pipe.ts
        • parse-object-id.pipe.spec.ts
    • app.service.spec.ts
    • sendgrid
      • sendgrid.service.ts
      • sendgrid.providers.spec.ts
      • sendgrid.service.spec.ts
      • sendgrid.providers.ts
      • sendgrid.constants.ts
      • sendgrid.module.ts
  • .husky
    • commit-msg
    • pre-commit
    • .gitignore
  • .prettierrc
  • codecov.yml
  • LICENSE
  • test
    • app.e2e-spec.ts
    • jest-e2e.json
  • commitlint.config.js
  • tsconfig.build.json
  • README.md
  • package.json
  • Dockerfile
  • .eslintrc.js
  • tsconfig.json
  • .mergify.yml
  • .gitignore
  • docs
    • config.md
    • model.md
    • _config.yml
    • auth.md
    • index.md
    • mongo.md
    • api.md
    • user.md
    • testing.md
    • guide.md
  • .vscode
    • launch.json
  • docker-compose.yml
  • nest-cli.json

import { Injectable, UnauthorizedException } from '@nestjs/common';
import { PassportStrategy } from '@nestjs/passport';
import { Strategy } from 'passport-local';
import { lastValueFrom } from 'rxjs';
import { AuthService } from '../auth.service';
import { UserPrincipal } from '../interface/user-principal.interface';

@Injectable()
export class LocalStrategy extends PassportStrategy(Strategy) {
  constructor(private authService: AuthService) {
    super({
      usernameField: 'username',
      passwordField: 'password',
    });
  }

  // When using Observable as return type, the exeption in the pipeline is ignored.
  // In our case, the `UnauthorizedException` is **NOT** caught and handled as expected.
  // The flow is NOT prevented by the exception and continue to send a `Observable` to
  // the next step aka calling `this.authService.login` in `AppController#login` method.
  // Then the jwt token is generated in any case(eg. wrong username or wrong password),
  // the authenticatoin worflow does not work as expected.
  //
  // The solution is customizing `PassportSerializer`.
  // Example: https://github.com/jmcdo29/zeldaPlay/blob/master/apps/api/src/app/auth/session.serializer.ts
  //
  // validate(username: string, password: string): Observable<any> {
  //   return this.authService
  //     .validateUser(username, password)
  //     .pipe(throwIfEmpty(() => new UnauthorizedException()));
  // }

  async validate(username: string, password: string): Promise<UserPrincipal> {
    const user: UserPrincipal = await lastValueFrom(
      this.authService.validateUser(username, password),
    );

    if (!user) {
      throw new UnauthorizedException();
    }

    return user;
  }
}