43 lines
1.1 KiB
TypeScript
Executable File
43 lines
1.1 KiB
TypeScript
Executable File
import { Injectable } from "@nestjs/common";
|
|
import { PassportStrategy } from "@nestjs/passport";
|
|
import { ExtractJwt, Strategy } from "passport-jwt";
|
|
import { ConfigService } from "@nestjs/config";
|
|
import { AuthService, JwtPayload } from "../auth.service";
|
|
import { normalizeRole } from "../../../common/constants/roles";
|
|
|
|
@Injectable()
|
|
export class JwtStrategy extends PassportStrategy(Strategy) {
|
|
constructor(
|
|
private readonly configService: ConfigService,
|
|
private readonly authService: AuthService,
|
|
) {
|
|
const secret = configService.get<string>("JWT_SECRET");
|
|
if (!secret) {
|
|
throw new Error("JWT_SECRET is not defined");
|
|
}
|
|
|
|
super({
|
|
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
|
|
ignoreExpiration: false,
|
|
secretOrKey: secret,
|
|
});
|
|
}
|
|
|
|
async validate(payload: JwtPayload) {
|
|
const user = await this.authService.validateUser(payload.sub);
|
|
|
|
if (!user) {
|
|
return null;
|
|
}
|
|
|
|
const normalizedRole = normalizeRole(payload.role);
|
|
|
|
return {
|
|
...user,
|
|
role: normalizedRole,
|
|
roles: normalizedRole ? [normalizedRole] : [],
|
|
permissions: [],
|
|
};
|
|
}
|
|
}
|