fix: Prisma issue fix + Auth done
This commit is contained in:
SauravDhakal
@@ -76,10 +76,17 @@ export class AuthController {
|
||||
@IsTempToken()
|
||||
@UseGuards(AuthGuard)
|
||||
@Post('/complete-profile')
|
||||
async completeUserProfile(@Body() body: CompleteProfileSetupRequestDTO): Promise<string> {
|
||||
await this.authService.completeProfileSetup(body);
|
||||
async completeUserProfile(@Body() body: CompleteProfileSetupRequestDTO) {
|
||||
const { accessToken, refreshToken, user } = await this.authService.completeProfileSetup(body);
|
||||
|
||||
return 'Welcome';
|
||||
return {
|
||||
message: "Welcome to our app",
|
||||
data: {
|
||||
accessToken,
|
||||
refreshToken,
|
||||
user
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
logout() { }
|
||||
|
||||
@@ -4,10 +4,11 @@ import { AuthController } from './auth.controller';
|
||||
import { APP_GUARD } from '@nestjs/core';
|
||||
import { AuthGuard } from './guards/auth.guard';
|
||||
import { UserModule } from 'src/user/user.module';
|
||||
import { JwtModule } from '@nestjs/jwt';
|
||||
import { RequestContextModule } from 'core/als/request-context.module';
|
||||
import { BullModule } from '@nestjs/bullmq';
|
||||
import { PrismaModule } from 'src/prisma/prisma.module';
|
||||
import { JwtModule } from '@nestjs/jwt';
|
||||
import { ConfigModule, ConfigService } from '@nestjs/config';
|
||||
|
||||
@Global()
|
||||
@Module({
|
||||
@@ -23,8 +24,16 @@ import { PrismaModule } from 'src/prisma/prisma.module';
|
||||
BullModule.registerQueue({
|
||||
name: "mail"
|
||||
}),
|
||||
JwtModule.registerAsync({
|
||||
global: true,
|
||||
imports: [ConfigModule],
|
||||
inject: [ConfigService],
|
||||
useFactory: (config: ConfigService) => ({
|
||||
secret: config.get<string>("TOKEN_SECRET"),
|
||||
signOptions: { expiresIn: '7d' }
|
||||
})
|
||||
}),
|
||||
UserModule,
|
||||
JwtModule,
|
||||
RequestContextModule,
|
||||
PrismaModule
|
||||
],
|
||||
|
||||
@@ -83,7 +83,7 @@ export class AuthService {
|
||||
const now = Number(new Date()) / 1000;
|
||||
|
||||
if (!otpExists)
|
||||
throw new BadRequestException("No user found")
|
||||
throw new BadRequestException("No OTP request found")
|
||||
else if (otpExists.otp !== dto.otp)
|
||||
throw new BadRequestException("Invalid OTP")
|
||||
else if ((Number(otpExists.expiresAt) / 1000 < now)) {
|
||||
@@ -217,43 +217,36 @@ export class AuthService {
|
||||
|
||||
resetPassword() { }
|
||||
|
||||
// TODO: Use nest jwt
|
||||
// TODO: If remember me is there, sign for like 30d maybe
|
||||
private async genSignedTokens(token: TokenInputType) {
|
||||
const accessToken = await this.jwtService.signAsync(token, {
|
||||
secret: 'demo',
|
||||
});
|
||||
const accessToken = await this.jwtService.signAsync(token);
|
||||
|
||||
const refreshToken = await this.jwtService.signAsync(
|
||||
{
|
||||
userId: token.userId,
|
||||
},
|
||||
{
|
||||
secret: 'demo',
|
||||
},
|
||||
);
|
||||
|
||||
return { accessToken, refreshToken };
|
||||
}
|
||||
|
||||
private async genSignedTempToken(token: OTPTokenInputType) {
|
||||
const accessToken = await this.jwtService.signAsync(token, {
|
||||
secret: 'demo',
|
||||
});
|
||||
const accessToken = await this.jwtService.signAsync(token);
|
||||
|
||||
const refreshToken = await this.jwtService.signAsync(
|
||||
{
|
||||
userId: token.userId,
|
||||
},
|
||||
{
|
||||
secret: 'demo',
|
||||
},
|
||||
);
|
||||
|
||||
return { accessToken, refreshToken };
|
||||
}
|
||||
|
||||
private genOtp() {
|
||||
return 123456;
|
||||
genOtp(): number {
|
||||
const array = new Uint32Array(1);
|
||||
crypto.getRandomValues(array);
|
||||
const otp = array[0] % 900000 + 100000;
|
||||
return otp;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -13,6 +13,7 @@ import { Reflector } from '@nestjs/core';
|
||||
import { PUBLIC_KEY, TEMP_TOKEN_KEY } from 'common/keys';
|
||||
import { UserService } from 'src/user/user.service';
|
||||
import { USER_ACCOUNT_STATUS } from 'prisma/generated/prisma/enums';
|
||||
import { ConfigService } from '@nestjs/config';
|
||||
|
||||
@Injectable()
|
||||
export class AuthGuard implements CanActivate {
|
||||
@@ -21,6 +22,7 @@ export class AuthGuard implements CanActivate {
|
||||
private readonly jwtService: JwtService,
|
||||
private readonly requestContext: RequestContextService,
|
||||
private readonly userService: UserService,
|
||||
private readonly configService: ConfigService,
|
||||
) { }
|
||||
|
||||
async canActivate(context: ExecutionContext) {
|
||||
@@ -42,9 +44,12 @@ export class AuthGuard implements CanActivate {
|
||||
|
||||
try {
|
||||
const payload: JwtPayload = await this.jwtService.verifyAsync(token, {
|
||||
secret: 'demo',
|
||||
secret: this.configService.get<string>("TOKEN_SECRET"),
|
||||
});
|
||||
|
||||
if (isTempToken && payload.status !== USER_ACCOUNT_STATUS.pending)
|
||||
throw new UnauthorizedException()
|
||||
|
||||
|
||||
// TODO: Redis + Org too, blacklist token
|
||||
const userExists = await this.userService.findById(payload.userId);
|
||||
|
||||
Reference in New Issue
Block a user