implement jwt auth

2025-11-25 01:41:12 +10:00 · 2023-08-05 16:58:34 +01:00
parent cebad0e0a5
commit 6e3ba20fcf
21 changed files with 744 additions and 46 deletions
--- a/server/src/core/user/dto/create-user.dto.ts
+++ b/server/src/core/user/dto/create-user.dto.ts
@ -1 +1,23 @@
-export class CreateUserDto {}
+import {
+  IsEmail,
+  IsNotEmpty,
+  IsOptional,
+  IsString,
+  MinLength,
+} from 'class-validator';
+
+export class CreateUserDto {
+  @IsOptional()
+  @MinLength(3)
+  @IsString()
+  name: string;
+
+  @IsNotEmpty()
+  @IsEmail()
+  email: string;
+
+  @IsNotEmpty()
+  @MinLength(8)
+  @IsString()
+  password: string;
+}
--- a/server/src/core/user/entities/user.entity.ts
+++ b/server/src/core/user/entities/user.entity.ts
@ -1,10 +1,12 @@
 import {
+  BeforeInsert,
  Column,
  CreateDateColumn,
  Entity,
  PrimaryGeneratedColumn,
  UpdateDateColumn,
 } from 'typeorm';
+import * as bcrypt from 'bcrypt';

@Entity('users')
 export class User {
@ -46,4 +48,15 @@ export class User {

  @UpdateDateColumn()
  updatedAt: Date;
+
+  toJSON() {
+    delete this.password;
+    return this;
+  }
+
+  @BeforeInsert()
+  async hashPassword() {
+    const saltRounds = 12;
+    this.password = await bcrypt.hash(this.password, saltRounds);
+  }
 }
--- a/server/src/core/user/repositories/user.repository.ts
+++ b/server/src/core/user/repositories/user.repository.ts
@ -1,4 +1,17 @@
-import { Repository } from 'typeorm';
+import { DataSource, Repository } from 'typeorm';
 import { User } from '../entities/user.entity';
+import { Injectable } from '@nestjs/common';

-export class UserRepository extends Repository<User> {}
+@Injectable()
+export class UserRepository extends Repository<User> {
+  constructor(private dataSource: DataSource) {
+    super(User, dataSource.createEntityManager());
+  }
+  async findByEmail(email: string) {
+    return this.findOneBy({ email: email });
+  }
+
+  async findById(userId: string) {
+    return this.findOneBy({ id: userId });
+  }
+}
--- a/server/src/core/user/user.controller.ts
+++ b/server/src/core/user/user.controller.ts
@ -6,32 +6,33 @@ import {
  Patch,
  Param,
  Delete,
+  UseGuards,
+  HttpCode,
+  HttpStatus,
+  Req, UnauthorizedException,
 } from '@nestjs/common';
 import { UserService } from './user.service';
 import { CreateUserDto } from './dto/create-user.dto';
 import { UpdateUserDto } from './dto/update-user.dto';
+import { JwtGuard } from '../auth/guards/JwtGuard';
+import { FastifyRequest } from 'fastify';
+import { User } from './entities/user.entity';

+@UseGuards(JwtGuard)
@Controller('user')
 export class UserController {
  constructor(private readonly userService: UserService) {}

-  @Post()
-  create(@Body() createUserDto: CreateUserDto) {
-    return this.userService.create(createUserDto);
-  }
+  @HttpCode(HttpStatus.OK)
+  @Get('me')
+  async getUser(@Req() req: FastifyRequest) {
+    const jwtPayload = req['user'];
+    const user: User = await this.userService.findById(jwtPayload.sub);

-  @Get(':id')
-  findOne(@Param('id') id: string) {
-    return this.userService.findOne(+id);
-  }
+    if (!user) {
+      throw new UnauthorizedException('Invalid user');
+    }

-  @Patch(':id')
-  update(@Param('id') id: string, @Body() updateUserDto: UpdateUserDto) {
-    return this.userService.update(+id, updateUserDto);
-  }
-
-  @Delete(':id')
-  remove(@Param('id') id: string) {
-    return this.userService.remove(+id);
+    return { user };
  }
 }
--- a/server/src/core/user/user.module.ts
+++ b/server/src/core/user/user.module.ts
@ -3,10 +3,12 @@ import { UserService } from './user.service';
 import { UserController } from './user.controller';
 import { TypeOrmModule } from '@nestjs/typeorm';
 import { User } from './entities/user.entity';
+import { UserRepository } from './repositories/user.repository';
+import { AuthModule } from '../auth/auth.module';

@Module({
-  imports: [TypeOrmModule.forFeature([User])],
+  imports: [TypeOrmModule.forFeature([User]), AuthModule],
  controllers: [UserController],
-  providers: [UserService],
+  providers: [UserService, UserRepository],
 })
 export class UserModule {}
--- a/server/src/core/user/user.service.ts
+++ b/server/src/core/user/user.service.ts
@ -1,30 +1,44 @@
-import { Injectable } from '@nestjs/common';
+import { BadRequestException, Injectable } from '@nestjs/common';
 import { CreateUserDto } from './dto/create-user.dto';
 import { UpdateUserDto } from './dto/update-user.dto';
-import { InjectRepository } from '@nestjs/typeorm';
 import { User } from './entities/user.entity';
 import { UserRepository } from './repositories/user.repository';
+import { plainToClass } from 'class-transformer';
+import * as bcrypt from 'bcrypt';

@Injectable()
 export class UserService {
-  constructor(@InjectRepository(User) private userRepository: UserRepository) {}
-  create(createUserDto: CreateUserDto) {
-    return 'This action adds a new user';
+  constructor(private userRepository: UserRepository) {}
+  async create(createUserDto: CreateUserDto): Promise<User> {
+    const existingUser: User = await this.findByEmail(createUserDto.email);
+
+    if (existingUser) {
+      throw new BadRequestException('A user with this email already exists');
+    }
+
+    const user: User = plainToClass(User, createUserDto);
+    user.locale = 'en';
+    user.lastLoginAt = new Date();
+
+    return this.userRepository.save(user);
  }

-  findAll() {
-    return `This action returns all user`;
+  findById(userId: string) {
+    return this.userRepository.findById(userId);
  }

-  findOne(id: number) {
-    return `This action returns a #${id} user`;
+  async findByEmail(email: string) {
+    return this.userRepository.findByEmail(email);
  }

  update(id: number, updateUserDto: UpdateUserDto) {
    return `This action updates a #${id} user`;
  }

-  remove(id: number) {
-    return `This action removes a #${id} user`;
+  async compareHash(
+    plainPassword: string,
+    passwordHash: string,
+  ): Promise<boolean> {
+    return await bcrypt.compare(plainPassword, passwordHash);
  }
 }