From 6e3ba20fcf1fd9387d856daed87a6b81ad907698 Mon Sep 17 00:00:00 2001 From: Philipinho <16838612+Philipinho@users.noreply.github.com> Date: Sat, 5 Aug 2023 16:58:34 +0100 Subject: [PATCH] implement jwt auth --- server/package-lock.json | 414 +++++++++++++++++- server/package.json | 3 + server/src/app.module.ts | 2 +- server/src/core/auth/auth.controller.spec.ts | 18 + server/src/core/auth/auth.controller.ts | 26 ++ server/src/core/auth/auth.module.ts | 29 ++ server/src/core/auth/dto/login.dto.ts | 11 + server/src/core/auth/guards/JwtGuard.ts | 30 ++ .../core/auth/services/auth.service.spec.ts | 18 + server/src/core/auth/services/auth.service.ts | 44 ++ .../core/auth/services/token.service.spec.ts | 18 + .../src/core/auth/services/token.service.ts | 33 ++ server/src/core/core.module.ts | 3 +- server/src/core/user/dto/create-user.dto.ts | 24 +- server/src/core/user/entities/user.entity.ts | 13 + .../core/user/repositories/user.repository.ts | 17 +- server/src/core/user/user.controller.ts | 33 +- server/src/core/user/user.module.ts | 6 +- server/src/core/user/user.service.ts | 36 +- server/src/database/typeorm.config.ts | 4 +- server/src/main.ts | 8 + 21 files changed, 744 insertions(+), 46 deletions(-) create mode 100644 server/src/core/auth/auth.controller.spec.ts create mode 100644 server/src/core/auth/auth.controller.ts create mode 100644 server/src/core/auth/auth.module.ts create mode 100644 server/src/core/auth/dto/login.dto.ts create mode 100644 server/src/core/auth/guards/JwtGuard.ts create mode 100644 server/src/core/auth/services/auth.service.spec.ts create mode 100644 server/src/core/auth/services/auth.service.ts create mode 100644 server/src/core/auth/services/token.service.spec.ts create mode 100644 server/src/core/auth/services/token.service.ts diff --git a/server/package-lock.json b/server/package-lock.json index 1d37f10f..fae9016f 100644 --- a/server/package-lock.json +++ b/server/package-lock.json @@ -12,10 +12,12 @@ "@nestjs/common": "^10.0.0", "@nestjs/config": "^3.0.0", "@nestjs/core": "^10.0.0", + "@nestjs/jwt": "^10.1.0", "@nestjs/mapped-types": "^2.0.2", "@nestjs/platform-express": "^10.0.0", "@nestjs/platform-fastify": "^10.1.3", "@nestjs/typeorm": "^10.0.0", + "bcrypt": "^5.1.0", "class-transformer": "^0.5.1", "class-validator": "^0.14.0", "fastify": "^4.21.0", @@ -28,6 +30,7 @@ "@nestjs/cli": "^10.0.0", "@nestjs/schematics": "^10.0.0", "@nestjs/testing": "^10.0.0", + "@types/bcrypt": "^5.0.0", "@types/express": "^4.17.17", "@types/jest": "^29.5.2", "@types/node": "^20.3.1", @@ -1422,6 +1425,61 @@ "node": ">=8" } }, + "node_modules/@mapbox/node-pre-gyp": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/@mapbox/node-pre-gyp/-/node-pre-gyp-1.0.11.tgz", + "integrity": "sha512-Yhlar6v9WQgUp/He7BdgzOz8lqMQ8sU+jkCq7Wx8Myc5YFJLbEe7lgui/V7G1qB1DJykHSGwreceSaD60Y0PUQ==", + "dependencies": { + "detect-libc": "^2.0.0", + "https-proxy-agent": "^5.0.0", + "make-dir": "^3.1.0", + "node-fetch": "^2.6.7", + "nopt": "^5.0.0", + "npmlog": "^5.0.1", + "rimraf": "^3.0.2", + "semver": "^7.3.5", + "tar": "^6.1.11" + }, + "bin": { + "node-pre-gyp": "bin/node-pre-gyp" + } + }, + "node_modules/@mapbox/node-pre-gyp/node_modules/make-dir": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", + "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", + "dependencies": { + "semver": "^6.0.0" + }, + "engines": { + "node": ">=8" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/@mapbox/node-pre-gyp/node_modules/make-dir/node_modules/semver": { + "version": "6.3.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", + "bin": { + "semver": "bin/semver.js" + } + }, + "node_modules/@mapbox/node-pre-gyp/node_modules/rimraf": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", + "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", + "dependencies": { + "glob": "^7.1.3" + }, + "bin": { + "rimraf": "bin.js" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" + } + }, "node_modules/@nestjs/cli": { "version": "10.1.11", "resolved": "https://registry.npmjs.org/@nestjs/cli/-/cli-10.1.11.tgz", @@ -1608,6 +1666,18 @@ } } }, + "node_modules/@nestjs/jwt": { + "version": "10.1.0", + "resolved": "https://registry.npmjs.org/@nestjs/jwt/-/jwt-10.1.0.tgz", + "integrity": "sha512-iLwCGS25ybUxGS7i5j/Mwuyzvp/WxJftHlm8aLEBv5GV92apz6L1QVjxLdZrqXbzo++C8gdJauhzil8qitY+6w==", + "dependencies": { + "@types/jsonwebtoken": "9.0.2", + "jsonwebtoken": "9.0.0" + }, + "peerDependencies": { + "@nestjs/common": "^8.0.0 || ^9.0.0 || ^10.0.0" + } + }, "node_modules/@nestjs/mapped-types": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/@nestjs/mapped-types/-/mapped-types-2.0.2.tgz", @@ -1927,6 +1997,15 @@ "@babel/types": "^7.20.7" } }, + "node_modules/@types/bcrypt": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/@types/bcrypt/-/bcrypt-5.0.0.tgz", + "integrity": "sha512-agtcFKaruL8TmcvqbndlqHPSJgsolhf/qPWchFlgnW1gECTN/nKbFcoFnvKAQRFfKbh+BO6A3SWdJu9t+xF3Lw==", + "dev": true, + "dependencies": { + "@types/node": "*" + } + }, "node_modules/@types/body-parser": { "version": "1.19.2", "resolved": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.2.tgz", @@ -2057,6 +2136,14 @@ "integrity": "sha512-Hr5Jfhc9eYOQNPYO5WLDq/n4jqijdHNlDXjuAQkkt+mWdQR+XJToOHrsD4cPaMXpn6KO7y2+wM8AZEs8VpBLVA==", "dev": true }, + "node_modules/@types/jsonwebtoken": { + "version": "9.0.2", + "resolved": "https://registry.npmjs.org/@types/jsonwebtoken/-/jsonwebtoken-9.0.2.tgz", + "integrity": "sha512-drE6uz7QBKq1fYqqoFKTDRdFCPHd5TCub75BM+D+cMx7NU9hUz7SESLfC2fSCXVFMO5Yj8sOWHuGqPgjc+fz0Q==", + "dependencies": { + "@types/node": "*" + } + }, "node_modules/@types/mime": { "version": "1.3.2", "resolved": "https://registry.npmjs.org/@types/mime/-/mime-1.3.2.tgz", @@ -2066,8 +2153,7 @@ "node_modules/@types/node": { "version": "20.4.6", "resolved": "https://registry.npmjs.org/@types/node/-/node-20.4.6.tgz", - "integrity": "sha512-q0RkvNgMweWWIvSMDiXhflGUKMdIxBo2M2tYM/0kEGDueQByFzK4KZAgu5YHGFNxziTlppNpTIBcqHQAxlfHdA==", - "devOptional": true + "integrity": "sha512-q0RkvNgMweWWIvSMDiXhflGUKMdIxBo2M2tYM/0kEGDueQByFzK4KZAgu5YHGFNxziTlppNpTIBcqHQAxlfHdA==" }, "node_modules/@types/parse-json": { "version": "4.0.0", @@ -2505,6 +2591,11 @@ "integrity": "sha512-NuHqBY1PB/D8xU6s/thBgOAiAP7HOYDQ32+BFZILJ8ivkUkAHQnWfn6WhL79Owj1qmUnoN/YPhktdIoucipkAQ==", "dev": true }, + "node_modules/abbrev": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.1.1.tgz", + "integrity": "sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q==" + }, "node_modules/abort-controller": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/abort-controller/-/abort-controller-3.0.0.tgz", @@ -2572,6 +2663,17 @@ "node": ">=0.4.0" } }, + "node_modules/agent-base": { + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz", + "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==", + "dependencies": { + "debug": "4" + }, + "engines": { + "node": ">= 6.0.0" + } + }, "node_modules/ajv": { "version": "8.12.0", "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.12.0.tgz", @@ -2692,11 +2794,41 @@ "resolved": "https://registry.npmjs.org/append-field/-/append-field-1.0.0.tgz", "integrity": "sha512-klpgFSWLW1ZEs8svjfb7g4qWY0YS5imI82dTg+QahUvJ8YqAY0P10Uk8tTyh9ZGuYEZEMaeJYCF5BFuX552hsw==" }, + "node_modules/aproba": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/aproba/-/aproba-2.0.0.tgz", + "integrity": "sha512-lYe4Gx7QT+MKGbDsA+Z+he/Wtef0BiwDOlK/XkBrdfsh9J/jPPXbX0tE9x9cl27Tmu5gg3QUbUrQYa/y+KOHPQ==" + }, "node_modules/archy": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/archy/-/archy-1.0.0.tgz", "integrity": "sha512-Xg+9RwCg/0p32teKdGMPTPnVXKD0w3DfHnFTficozsAgsvq2XenPJq/MYpzzQ/v8zrOyJn6Ds39VA4JIDwFfqw==" }, + "node_modules/are-we-there-yet": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/are-we-there-yet/-/are-we-there-yet-2.0.0.tgz", + "integrity": "sha512-Ci/qENmwHnsYo9xKIcUJN5LeDKdJ6R1Z1j9V/J5wyq8nh/mYPEpIKJbBZXtZjG04HiK7zV/p6Vs9952MrMeUIw==", + "dependencies": { + "delegates": "^1.0.0", + "readable-stream": "^3.6.0" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/are-we-there-yet/node_modules/readable-stream": { + "version": "3.6.2", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz", + "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==", + "dependencies": { + "inherits": "^2.0.3", + "string_decoder": "^1.1.1", + "util-deprecate": "^1.0.1" + }, + "engines": { + "node": ">= 6" + } + }, "node_modules/arg": { "version": "4.1.3", "resolved": "https://registry.npmjs.org/arg/-/arg-4.1.3.tgz", @@ -2874,6 +3006,19 @@ } ] }, + "node_modules/bcrypt": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/bcrypt/-/bcrypt-5.1.0.tgz", + "integrity": "sha512-RHBS7HI5N5tEnGTmtR/pppX0mmDSBpQ4aCBsj7CEQfYXDcO74A8sIBYcJMuCsis2E81zDxeENYhv66oZwLiA+Q==", + "hasInstallScript": true, + "dependencies": { + "@mapbox/node-pre-gyp": "^1.0.10", + "node-addon-api": "^5.0.0" + }, + "engines": { + "node": ">= 10.0.0" + } + }, "node_modules/binary-extensions": { "version": "2.2.0", "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.2.0.tgz", @@ -2948,7 +3093,6 @@ "version": "1.1.11", "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, "dependencies": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" @@ -3043,6 +3187,11 @@ "ieee754": "^1.1.13" } }, + "node_modules/buffer-equal-constant-time": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz", + "integrity": "sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA==" + }, "node_modules/buffer-from": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", @@ -3182,6 +3331,14 @@ "fsevents": "~2.3.2" } }, + "node_modules/chownr": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", + "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==", + "engines": { + "node": ">=10" + } + }, "node_modules/chrome-trace-event": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/chrome-trace-event/-/chrome-trace-event-1.0.3.tgz", @@ -3384,6 +3541,14 @@ "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" }, + "node_modules/color-support": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/color-support/-/color-support-1.1.3.tgz", + "integrity": "sha512-qiBjkpbMLO/HL68y+lh4q0/O1MZFj2RX6X/KmMa3+gJD3z+WwI1ZzDHysvqHGS3mP6mznPckpXmw1nI9cJjyRg==", + "bin": { + "color-support": "bin.js" + } + }, "node_modules/combined-stream": { "version": "1.0.8", "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", @@ -3430,8 +3595,7 @@ "node_modules/concat-map": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true + "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==" }, "node_modules/concat-stream": { "version": "1.6.2", @@ -3452,6 +3616,11 @@ "resolved": "https://registry.npmjs.org/consola/-/consola-2.15.3.tgz", "integrity": "sha512-9vAdYbHj6x2fLKC4+oPH0kFzY/orMZyG2Aj+kNylHxKGJ/Ed4dpNyAQYwJOdqO4zdM7XpVHmyejQDcQHrnuXbw==" }, + "node_modules/console-control-strings": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/console-control-strings/-/console-control-strings-1.1.0.tgz", + "integrity": "sha512-ty/fTekppD2fIwRvnZAVdeOiGd1c7YXEixbgJTNzqcxJWKQnjJ/V1bNEEE6hygpM3WjwHFUVK6HTjWSzV4a8sQ==" + }, "node_modules/content-disposition": { "version": "0.5.4", "resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.4.tgz", @@ -3630,6 +3799,11 @@ "node": ">=0.4.0" } }, + "node_modules/delegates": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delegates/-/delegates-1.0.0.tgz", + "integrity": "sha512-bd2L678uiWATM6m5Z1VzNCErI3jiGzt6HGY8OVICs40JQq/HALfbyNJmp0UDakEY4pMMaN0Ly5om/B1VI/+xfQ==" + }, "node_modules/depd": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", @@ -3647,6 +3821,14 @@ "npm": "1.2.8000 || >= 1.4.16" } }, + "node_modules/detect-libc": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-2.0.2.tgz", + "integrity": "sha512-UX6sGumvvqSaXgdKGUsgZWqcUyIXZ/vZTrlRT/iobiKhGL0zL4d3osHj3uqllWJK+i+sixDS/3COVEOFbupFyw==", + "engines": { + "node": ">=8" + } + }, "node_modules/detect-newline": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", @@ -3727,6 +3909,14 @@ "node": ">=12" } }, + "node_modules/ecdsa-sig-formatter": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz", + "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==", + "dependencies": { + "safe-buffer": "^5.0.1" + } + }, "node_modules/ee-first": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz", @@ -4630,6 +4820,33 @@ "node": ">=12" } }, + "node_modules/fs-minipass": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", + "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", + "dependencies": { + "minipass": "^3.0.0" + }, + "engines": { + "node": ">= 8" + } + }, + "node_modules/fs-minipass/node_modules/minipass": { + "version": "3.3.6", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", + "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", + "dependencies": { + "yallist": "^4.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/fs-minipass/node_modules/yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" + }, "node_modules/fs-monkey": { "version": "1.0.4", "resolved": "https://registry.npmjs.org/fs-monkey/-/fs-monkey-1.0.4.tgz", @@ -4660,6 +4877,25 @@ "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==" }, + "node_modules/gauge": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/gauge/-/gauge-3.0.2.tgz", + "integrity": "sha512-+5J6MS/5XksCuXq++uFRsnUd7Ovu1XenbeuIuNRJxYWjgQbPuFhT14lAvsWfqfAmnwluf1OwMjz39HjfLPci0Q==", + "dependencies": { + "aproba": "^1.0.3 || ^2.0.0", + "color-support": "^1.1.2", + "console-control-strings": "^1.0.0", + "has-unicode": "^2.0.1", + "object-assign": "^4.1.1", + "signal-exit": "^3.0.0", + "string-width": "^4.2.3", + "strip-ansi": "^6.0.1", + "wide-align": "^1.1.2" + }, + "engines": { + "node": ">=10" + } + }, "node_modules/gensync": { "version": "1.0.0-beta.2", "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", @@ -4716,7 +4952,6 @@ "version": "7.2.3", "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "dev": true, "dependencies": { "fs.realpath": "^1.0.0", "inflight": "^1.0.4", @@ -4847,6 +5082,11 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/has-unicode": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/has-unicode/-/has-unicode-2.0.1.tgz", + "integrity": "sha512-8Rf9Y83NBReMnx0gFzA8JImQACstCYWUplepDa9xprwwtmgEZUF0h/i5xSA625zB/I37EtrswSST6OXxwaaIJQ==" + }, "node_modules/hexoid": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/hexoid/-/hexoid-1.0.0.tgz", @@ -4885,6 +5125,18 @@ "node": ">= 0.8" } }, + "node_modules/https-proxy-agent": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz", + "integrity": "sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==", + "dependencies": { + "agent-base": "6", + "debug": "4" + }, + "engines": { + "node": ">= 6" + } + }, "node_modules/human-signals": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", @@ -5907,6 +6159,40 @@ "graceful-fs": "^4.1.6" } }, + "node_modules/jsonwebtoken": { + "version": "9.0.0", + "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-9.0.0.tgz", + "integrity": "sha512-tuGfYXxkQGDPnLJ7SibiQgVgeDgfbPq2k2ICcbgqW8WxWLBAxKQM/ZCu/IT8SOSwmaYl4dpTFCW5xZv7YbbWUw==", + "dependencies": { + "jws": "^3.2.2", + "lodash": "^4.17.21", + "ms": "^2.1.1", + "semver": "^7.3.8" + }, + "engines": { + "node": ">=12", + "npm": ">=6" + } + }, + "node_modules/jwa": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz", + "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==", + "dependencies": { + "buffer-equal-constant-time": "1.0.1", + "ecdsa-sig-formatter": "1.0.11", + "safe-buffer": "^5.0.1" + } + }, + "node_modules/jws": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz", + "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==", + "dependencies": { + "jwa": "^1.4.1", + "safe-buffer": "^5.0.1" + } + }, "node_modules/kleur": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", @@ -6183,7 +6469,6 @@ "version": "3.1.2", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, "dependencies": { "brace-expansion": "^1.1.7" }, @@ -6208,6 +6493,34 @@ "node": ">=8" } }, + "node_modules/minizlib": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", + "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", + "dependencies": { + "minipass": "^3.0.0", + "yallist": "^4.0.0" + }, + "engines": { + "node": ">= 8" + } + }, + "node_modules/minizlib/node_modules/minipass": { + "version": "3.3.6", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", + "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", + "dependencies": { + "yallist": "^4.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/minizlib/node_modules/yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" + }, "node_modules/mkdirp": { "version": "0.5.6", "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.6.tgz", @@ -6297,6 +6610,11 @@ "integrity": "sha512-AGK2yQKIjRuqnc6VkX2Xj5d+QW8xZ87pa1UK6yA6ouUyuxfHuMP6umE5QK7UmTeOAymo+Zx1Fxiuw9rVx8taHQ==", "dev": true }, + "node_modules/node-addon-api": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-5.1.0.tgz", + "integrity": "sha512-eh0GgfEkpnoWDq+VY8OyvYhFEzBk6jIYbRKdIlyTiAXIVJ8PyBaKb0rp7oDtoddbdoHWhq8wwr+XZ81F1rpNdA==" + }, "node_modules/node-emoji": { "version": "1.11.0", "resolved": "https://registry.npmjs.org/node-emoji/-/node-emoji-1.11.0.tgz", @@ -6337,6 +6655,20 @@ "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", "dev": true }, + "node_modules/nopt": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/nopt/-/nopt-5.0.0.tgz", + "integrity": "sha512-Tbj67rffqceeLpcRXrT7vKAN8CwfPeIBgM7E6iBkmKLV7bEMwpGgYLGv0jACUsECaa/vuxP0IjEont6umdMgtQ==", + "dependencies": { + "abbrev": "1" + }, + "bin": { + "nopt": "bin/nopt.js" + }, + "engines": { + "node": ">=6" + } + }, "node_modules/normalize-path": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", @@ -6358,6 +6690,17 @@ "node": ">=8" } }, + "node_modules/npmlog": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/npmlog/-/npmlog-5.0.1.tgz", + "integrity": "sha512-AqZtDUWOMKs1G/8lwylVjrdYgqA4d9nu8hc+0gzRxlDb1I10+FHBGMXs6aiQHFdCUUlqH99MUMuLfzWDNDtfxw==", + "dependencies": { + "are-we-there-yet": "^2.0.0", + "console-control-strings": "^1.1.0", + "gauge": "^3.0.0", + "set-blocking": "^2.0.0" + } + }, "node_modules/object-assign": { "version": "4.1.1", "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", @@ -6596,7 +6939,6 @@ "version": "1.0.1", "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", - "dev": true, "engines": { "node": ">=0.10.0" } @@ -7643,6 +7985,11 @@ "node": ">= 0.8.0" } }, + "node_modules/set-blocking": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz", + "integrity": "sha512-KiKBS8AnWGEyLzofFfmvKwpdPzqiy16LvQfK3yv/fVH7Bj13/wl3JSR1J+rfgRE9q7xUJK4qvgS8raSOeLUehw==" + }, "node_modules/set-cookie-parser": { "version": "2.6.0", "resolved": "https://registry.npmjs.org/set-cookie-parser/-/set-cookie-parser-2.6.0.tgz", @@ -7719,8 +8066,7 @@ "node_modules/signal-exit": { "version": "3.0.7", "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", - "dev": true + "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==" }, "node_modules/sisteransi": { "version": "1.0.5", @@ -7991,6 +8337,46 @@ "node": ">=6" } }, + "node_modules/tar": { + "version": "6.1.15", + "resolved": "https://registry.npmjs.org/tar/-/tar-6.1.15.tgz", + "integrity": "sha512-/zKt9UyngnxIT/EAGYuxaMYgOIJiP81ab9ZfkILq4oNLPFX50qyYmu7jRj9qeXoxmJHjGlbH0+cm2uy1WCs10A==", + "dependencies": { + "chownr": "^2.0.0", + "fs-minipass": "^2.0.0", + "minipass": "^5.0.0", + "minizlib": "^2.1.1", + "mkdirp": "^1.0.3", + "yallist": "^4.0.0" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/tar/node_modules/minipass": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", + "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==", + "engines": { + "node": ">=8" + } + }, + "node_modules/tar/node_modules/mkdirp": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", + "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==", + "bin": { + "mkdirp": "bin/cmd.js" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/tar/node_modules/yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" + }, "node_modules/terser": { "version": "5.19.2", "resolved": "https://registry.npmjs.org/terser/-/terser-5.19.2.tgz", @@ -8865,6 +9251,14 @@ "node": ">= 8" } }, + "node_modules/wide-align": { + "version": "1.1.5", + "resolved": "https://registry.npmjs.org/wide-align/-/wide-align-1.1.5.tgz", + "integrity": "sha512-eDMORYaPNZ4sQIuuYPDHdQvf4gyCF9rEEV/yPxGfwPkRodwEgiMUUXTx/dex+Me0wxx53S+NgUHaP7y3MGlDmg==", + "dependencies": { + "string-width": "^1.0.2 || 2 || 3 || 4" + } + }, "node_modules/windows-release": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/windows-release/-/windows-release-4.0.0.tgz", diff --git a/server/package.json b/server/package.json index 294d4b8b..3a9846d1 100644 --- a/server/package.json +++ b/server/package.json @@ -30,10 +30,12 @@ "@nestjs/common": "^10.0.0", "@nestjs/config": "^3.0.0", "@nestjs/core": "^10.0.0", + "@nestjs/jwt": "^10.1.0", "@nestjs/mapped-types": "^2.0.2", "@nestjs/platform-express": "^10.0.0", "@nestjs/platform-fastify": "^10.1.3", "@nestjs/typeorm": "^10.0.0", + "bcrypt": "^5.1.0", "class-transformer": "^0.5.1", "class-validator": "^0.14.0", "fastify": "^4.21.0", @@ -46,6 +48,7 @@ "@nestjs/cli": "^10.0.0", "@nestjs/schematics": "^10.0.0", "@nestjs/testing": "^10.0.0", + "@types/bcrypt": "^5.0.0", "@types/express": "^4.17.17", "@types/jest": "^29.5.2", "@types/node": "^20.3.1", diff --git a/server/src/app.module.ts b/server/src/app.module.ts index 35c84e74..b3f0dfd2 100644 --- a/server/src/app.module.ts +++ b/server/src/app.module.ts @@ -12,7 +12,7 @@ import { AppDataSource } from './database/typeorm.config'; EnvironmentModule, TypeOrmModule.forRoot({ ...AppDataSource.options, - entities: ['dist/src/**/*.entity.ts'], + entities: ['dist/src/**/*.entity.{ts,js}'], migrations: ['dist/src/**/migrations/*.{ts,js}'], autoLoadEntities: true, }), diff --git a/server/src/core/auth/auth.controller.spec.ts b/server/src/core/auth/auth.controller.spec.ts new file mode 100644 index 00000000..27a31e61 --- /dev/null +++ b/server/src/core/auth/auth.controller.spec.ts @@ -0,0 +1,18 @@ +import { Test, TestingModule } from '@nestjs/testing'; +import { AuthController } from './auth.controller'; + +describe('AuthController', () => { + let controller: AuthController; + + beforeEach(async () => { + const module: TestingModule = await Test.createTestingModule({ + controllers: [AuthController], + }).compile(); + + controller = module.get(AuthController); + }); + + it('should be defined', () => { + expect(controller).toBeDefined(); + }); +}); diff --git a/server/src/core/auth/auth.controller.ts b/server/src/core/auth/auth.controller.ts new file mode 100644 index 00000000..23a54dd2 --- /dev/null +++ b/server/src/core/auth/auth.controller.ts @@ -0,0 +1,26 @@ +import { + Body, + Controller, + Get, + HttpCode, + HttpStatus, + Post, +} from '@nestjs/common'; +import { LoginDto } from './dto/login.dto'; +import { AuthService } from './services/auth.service'; +import { CreateUserDto } from '../user/dto/create-user.dto'; + +@Controller('auth') +export class AuthController { + constructor(private authService: AuthService) {} + @HttpCode(HttpStatus.OK) + @Post('login') + async login(@Body() loginInput: LoginDto) { + return await this.authService.login(loginInput); + } + + @Post('register') + async register(@Body() createUserDto: CreateUserDto) { + return await this.authService.register(createUserDto); + } +} diff --git a/server/src/core/auth/auth.module.ts b/server/src/core/auth/auth.module.ts new file mode 100644 index 00000000..8053a5b7 --- /dev/null +++ b/server/src/core/auth/auth.module.ts @@ -0,0 +1,29 @@ +import { Module } from '@nestjs/common'; +import { AuthController } from './auth.controller'; +import { AuthService } from './services/auth.service'; +import { JwtModule } from '@nestjs/jwt'; +import { EnvironmentService } from '../../environment/environment.service'; +import { TokenService } from './services/token.service'; +import { UserService } from '../user/user.service'; +import { UserRepository } from '../user/repositories/user.repository'; + +@Module({ + imports: [ + JwtModule.registerAsync({ + useFactory: async (environmentService: EnvironmentService) => { + return { + global: true, + secret: environmentService.getJwtSecret(), + signOptions: { + expiresIn: environmentService.getJwtTokenExpiresIn(), + }, + }; + }, + inject: [EnvironmentService], + }), + ], + exports: [TokenService], + controllers: [AuthController], + providers: [AuthService, TokenService, UserService, UserRepository], +}) +export class AuthModule {} diff --git a/server/src/core/auth/dto/login.dto.ts b/server/src/core/auth/dto/login.dto.ts new file mode 100644 index 00000000..5b23230f --- /dev/null +++ b/server/src/core/auth/dto/login.dto.ts @@ -0,0 +1,11 @@ +import { IsEmail, IsNotEmpty, IsString } from 'class-validator'; + +export class LoginDto { + @IsNotEmpty() + @IsEmail() + email: string; + + @IsNotEmpty() + @IsString() + password: string; +} diff --git a/server/src/core/auth/guards/JwtGuard.ts b/server/src/core/auth/guards/JwtGuard.ts new file mode 100644 index 00000000..e3648d25 --- /dev/null +++ b/server/src/core/auth/guards/JwtGuard.ts @@ -0,0 +1,30 @@ +import { + CanActivate, + ExecutionContext, + Injectable, + UnauthorizedException, +} from '@nestjs/common'; +import { TokenService } from '../services/token.service'; + +@Injectable() +export class JwtGuard implements CanActivate { + constructor(private tokenService: TokenService) {} + async canActivate(context: ExecutionContext): Promise { + const request = context.switchToHttp().getRequest(); + const token: string = await this.tokenService.extractTokenFromHeader( + request, + ); + + if (!token) { + throw new UnauthorizedException('Invalid jwt token'); + } + + try { + request['user'] = await this.tokenService.verifyJwt(token); + } catch (error) { + throw new UnauthorizedException('Could not verify jwt token'); + } + + return true; + } +} diff --git a/server/src/core/auth/services/auth.service.spec.ts b/server/src/core/auth/services/auth.service.spec.ts new file mode 100644 index 00000000..800ab662 --- /dev/null +++ b/server/src/core/auth/services/auth.service.spec.ts @@ -0,0 +1,18 @@ +import { Test, TestingModule } from '@nestjs/testing'; +import { AuthService } from './auth.service'; + +describe('AuthService', () => { + let service: AuthService; + + beforeEach(async () => { + const module: TestingModule = await Test.createTestingModule({ + providers: [AuthService], + }).compile(); + + service = module.get(AuthService); + }); + + it('should be defined', () => { + expect(service).toBeDefined(); + }); +}); diff --git a/server/src/core/auth/services/auth.service.ts b/server/src/core/auth/services/auth.service.ts new file mode 100644 index 00000000..6f85b60e --- /dev/null +++ b/server/src/core/auth/services/auth.service.ts @@ -0,0 +1,44 @@ +import { + BadRequestException, + Injectable, + UnauthorizedException, +} from '@nestjs/common'; +import { LoginDto } from '../dto/login.dto'; +import { User } from '../../user/entities/user.entity'; +import { CreateUserDto } from '../../user/dto/create-user.dto'; +import { UserService } from '../../user/user.service'; +import { TokenService } from './token.service'; + +@Injectable() +export class AuthService { + constructor( + private userService: UserService, + private tokenService: TokenService, + ) {} + + async login(loginDto: LoginDto) { + const user: User = await this.userService.findByEmail(loginDto.email); + const invalidCredentialsMessage = 'email or password does not match'; + + if ( + !user || + !(await this.userService.compareHash(loginDto.password, user.password)) + ) { + throw new UnauthorizedException(invalidCredentialsMessage); + } + + user.lastLoginAt = new Date(); + + const token: string = await this.tokenService.generateJwt(user); + + return { user, token }; + } + + async register(createUserDto: CreateUserDto) { + const user: User = await this.userService.create(createUserDto); + + const token: string = await this.tokenService.generateJwt(user); + + return { user, token }; + } +} diff --git a/server/src/core/auth/services/token.service.spec.ts b/server/src/core/auth/services/token.service.spec.ts new file mode 100644 index 00000000..a5f5d655 --- /dev/null +++ b/server/src/core/auth/services/token.service.spec.ts @@ -0,0 +1,18 @@ +import { Test, TestingModule } from '@nestjs/testing'; +import { TokenService } from './token.service'; + +describe('TokenService', () => { + let service: TokenService; + + beforeEach(async () => { + const module: TestingModule = await Test.createTestingModule({ + providers: [TokenService], + }).compile(); + + service = module.get(TokenService); + }); + + it('should be defined', () => { + expect(service).toBeDefined(); + }); +}); diff --git a/server/src/core/auth/services/token.service.ts b/server/src/core/auth/services/token.service.ts new file mode 100644 index 00000000..a7e8317e --- /dev/null +++ b/server/src/core/auth/services/token.service.ts @@ -0,0 +1,33 @@ +import { Injectable } from '@nestjs/common'; +import { JwtService } from '@nestjs/jwt'; +import { EnvironmentService } from '../../../environment/environment.service'; +import { User } from '../../user/entities/user.entity'; +import { FastifyRequest } from 'fastify'; + +@Injectable() +export class TokenService { + constructor( + private jwtService: JwtService, + private environmentService: EnvironmentService, + ) {} + async generateJwt(user: User): Promise { + const payload = { + sub: user.id, + email: user.email, + }; + return await this.jwtService.signAsync(payload); + } + + async verifyJwt(token: string) { + return await this.jwtService.verifyAsync(token, { + secret: this.environmentService.getJwtSecret(), + }); + } + + async extractTokenFromHeader( + request: FastifyRequest, + ): Promise { + const [type, token] = request.headers.authorization?.split(' ') ?? []; + return type === 'Bearer' ? token : undefined; + } +} diff --git a/server/src/core/core.module.ts b/server/src/core/core.module.ts index a60df1c5..ae408925 100644 --- a/server/src/core/core.module.ts +++ b/server/src/core/core.module.ts @@ -1,7 +1,8 @@ import { Module } from '@nestjs/common'; import { UserModule } from './user/user.module'; +import { AuthModule } from './auth/auth.module'; @Module({ - imports: [UserModule], + imports: [UserModule, AuthModule], }) export class CoreModule {} diff --git a/server/src/core/user/dto/create-user.dto.ts b/server/src/core/user/dto/create-user.dto.ts index 0311be13..92c1a45f 100644 --- a/server/src/core/user/dto/create-user.dto.ts +++ b/server/src/core/user/dto/create-user.dto.ts @@ -1 +1,23 @@ -export class CreateUserDto {} +import { + IsEmail, + IsNotEmpty, + IsOptional, + IsString, + MinLength, +} from 'class-validator'; + +export class CreateUserDto { + @IsOptional() + @MinLength(3) + @IsString() + name: string; + + @IsNotEmpty() + @IsEmail() + email: string; + + @IsNotEmpty() + @MinLength(8) + @IsString() + password: string; +} diff --git a/server/src/core/user/entities/user.entity.ts b/server/src/core/user/entities/user.entity.ts index 78b42fa9..7c974015 100644 --- a/server/src/core/user/entities/user.entity.ts +++ b/server/src/core/user/entities/user.entity.ts @@ -1,10 +1,12 @@ import { + BeforeInsert, Column, CreateDateColumn, Entity, PrimaryGeneratedColumn, UpdateDateColumn, } from 'typeorm'; +import * as bcrypt from 'bcrypt'; @Entity('users') export class User { @@ -46,4 +48,15 @@ export class User { @UpdateDateColumn() updatedAt: Date; + + toJSON() { + delete this.password; + return this; + } + + @BeforeInsert() + async hashPassword() { + const saltRounds = 12; + this.password = await bcrypt.hash(this.password, saltRounds); + } } diff --git a/server/src/core/user/repositories/user.repository.ts b/server/src/core/user/repositories/user.repository.ts index 03c3dce5..4d6a66c5 100644 --- a/server/src/core/user/repositories/user.repository.ts +++ b/server/src/core/user/repositories/user.repository.ts @@ -1,4 +1,17 @@ -import { Repository } from 'typeorm'; +import { DataSource, Repository } from 'typeorm'; import { User } from '../entities/user.entity'; +import { Injectable } from '@nestjs/common'; -export class UserRepository extends Repository {} +@Injectable() +export class UserRepository extends Repository { + constructor(private dataSource: DataSource) { + super(User, dataSource.createEntityManager()); + } + async findByEmail(email: string) { + return this.findOneBy({ email: email }); + } + + async findById(userId: string) { + return this.findOneBy({ id: userId }); + } +} diff --git a/server/src/core/user/user.controller.ts b/server/src/core/user/user.controller.ts index 1b03893b..f04ff3d3 100644 --- a/server/src/core/user/user.controller.ts +++ b/server/src/core/user/user.controller.ts @@ -6,32 +6,33 @@ import { Patch, Param, Delete, + UseGuards, + HttpCode, + HttpStatus, + Req, UnauthorizedException, } from '@nestjs/common'; import { UserService } from './user.service'; import { CreateUserDto } from './dto/create-user.dto'; import { UpdateUserDto } from './dto/update-user.dto'; +import { JwtGuard } from '../auth/guards/JwtGuard'; +import { FastifyRequest } from 'fastify'; +import { User } from './entities/user.entity'; +@UseGuards(JwtGuard) @Controller('user') export class UserController { constructor(private readonly userService: UserService) {} - @Post() - create(@Body() createUserDto: CreateUserDto) { - return this.userService.create(createUserDto); - } + @HttpCode(HttpStatus.OK) + @Get('me') + async getUser(@Req() req: FastifyRequest) { + const jwtPayload = req['user']; + const user: User = await this.userService.findById(jwtPayload.sub); - @Get(':id') - findOne(@Param('id') id: string) { - return this.userService.findOne(+id); - } + if (!user) { + throw new UnauthorizedException('Invalid user'); + } - @Patch(':id') - update(@Param('id') id: string, @Body() updateUserDto: UpdateUserDto) { - return this.userService.update(+id, updateUserDto); - } - - @Delete(':id') - remove(@Param('id') id: string) { - return this.userService.remove(+id); + return { user }; } } diff --git a/server/src/core/user/user.module.ts b/server/src/core/user/user.module.ts index 81b324ef..89578cba 100644 --- a/server/src/core/user/user.module.ts +++ b/server/src/core/user/user.module.ts @@ -3,10 +3,12 @@ import { UserService } from './user.service'; import { UserController } from './user.controller'; import { TypeOrmModule } from '@nestjs/typeorm'; import { User } from './entities/user.entity'; +import { UserRepository } from './repositories/user.repository'; +import { AuthModule } from '../auth/auth.module'; @Module({ - imports: [TypeOrmModule.forFeature([User])], + imports: [TypeOrmModule.forFeature([User]), AuthModule], controllers: [UserController], - providers: [UserService], + providers: [UserService, UserRepository], }) export class UserModule {} diff --git a/server/src/core/user/user.service.ts b/server/src/core/user/user.service.ts index 74707d0c..dda8bc61 100644 --- a/server/src/core/user/user.service.ts +++ b/server/src/core/user/user.service.ts @@ -1,30 +1,44 @@ -import { Injectable } from '@nestjs/common'; +import { BadRequestException, Injectable } from '@nestjs/common'; import { CreateUserDto } from './dto/create-user.dto'; import { UpdateUserDto } from './dto/update-user.dto'; -import { InjectRepository } from '@nestjs/typeorm'; import { User } from './entities/user.entity'; import { UserRepository } from './repositories/user.repository'; +import { plainToClass } from 'class-transformer'; +import * as bcrypt from 'bcrypt'; @Injectable() export class UserService { - constructor(@InjectRepository(User) private userRepository: UserRepository) {} - create(createUserDto: CreateUserDto) { - return 'This action adds a new user'; + constructor(private userRepository: UserRepository) {} + async create(createUserDto: CreateUserDto): Promise { + const existingUser: User = await this.findByEmail(createUserDto.email); + + if (existingUser) { + throw new BadRequestException('A user with this email already exists'); + } + + const user: User = plainToClass(User, createUserDto); + user.locale = 'en'; + user.lastLoginAt = new Date(); + + return this.userRepository.save(user); } - findAll() { - return `This action returns all user`; + findById(userId: string) { + return this.userRepository.findById(userId); } - findOne(id: number) { - return `This action returns a #${id} user`; + async findByEmail(email: string) { + return this.userRepository.findByEmail(email); } update(id: number, updateUserDto: UpdateUserDto) { return `This action updates a #${id} user`; } - remove(id: number) { - return `This action removes a #${id} user`; + async compareHash( + plainPassword: string, + passwordHash: string, + ): Promise { + return await bcrypt.compare(plainPassword, passwordHash); } } diff --git a/server/src/database/typeorm.config.ts b/server/src/database/typeorm.config.ts index 28f0b2f0..f7d2bc6b 100644 --- a/server/src/database/typeorm.config.ts +++ b/server/src/database/typeorm.config.ts @@ -1,12 +1,12 @@ import { DataSource } from 'typeorm'; import * as dotenv from 'dotenv'; dotenv.config(); -export const AppDataSource = new DataSource({ +export const AppDataSource: DataSource = new DataSource({ type: 'postgres', url: process.env.DATABASE_URL || 'postgresql://postgres:password@localhost:5432/dc?schema=public', - entities: ['src/**/*.entity.ts'], + entities: ['src/**/*.entity.{ts,js}'], migrations: ['src/**/migrations/*.{ts,js}'], subscribers: [], synchronize: process.env.NODE_ENV === 'development', diff --git a/server/src/main.ts b/server/src/main.ts index 9699203d..61492e15 100644 --- a/server/src/main.ts +++ b/server/src/main.ts @@ -4,6 +4,7 @@ import { FastifyAdapter, NestFastifyApplication, } from '@nestjs/platform-fastify'; +import { ValidationPipe } from '@nestjs/common'; async function bootstrap() { const app = await NestFactory.create( @@ -14,6 +15,13 @@ async function bootstrap() { }), ); + app.useGlobalPipes( + new ValidationPipe({ + whitelist: true, + stopAtFirstError: true, + }), + ); + await app.listen(3000); } bootstrap();