feat: use cookie to authentication

This commit is contained in:
fantasticit 2022-05-22 23:40:22 +08:00
parent b28b4df011
commit 132c8ccd04
9 changed files with 49 additions and 32 deletions

View File

@ -36,6 +36,7 @@
"class-transformer": "^0.5.1",
"class-validator": "^0.13.2",
"compression": "^1.7.4",
"cookie-parser": "^1.4.6",
"date-fns": "^2.28.0",
"express": "^4.17.2",
"express-rate-limit": "^6.2.0",
@ -64,6 +65,7 @@
"@nestjs/cli": "^8.0.0",
"@nestjs/schematics": "^8.0.0",
"@nestjs/testing": "^8.0.0",
"@types/cookie-parser": "^1.4.3",
"@types/cron": "^2.0.0",
"@types/express": "^4.17.13",
"@types/jest": "27.0.2",

View File

@ -12,10 +12,13 @@ import {
Patch,
Post,
Request,
Res,
UseGuards,
UseInterceptors,
} from '@nestjs/common';
import { UserService } from '@services/user.service';
import { wrapResponse } from '@transforms/http-response.transform';
import { Response as ExpressResponse } from 'express';
@Controller('user')
export class UserController {
@ -31,9 +34,16 @@ export class UserController {
@UseInterceptors(ClassSerializerInterceptor)
@Post('login')
@HttpCode(HttpStatus.OK)
async login(@Body() user: LoginUserDto) {
const res = await this.userService.login(user);
return res;
async login(@Body() user: LoginUserDto, @Res({ passthrough: true }) response: ExpressResponse) {
const { user: data, token } = await this.userService.login(user);
response.cookie('token', token, { httpOnly: true, sameSite: 'none', secure: true });
return response.send(wrapResponse({ data: { ...data, token }, statusCode: HttpStatus.OK }));
}
@Get('logout')
async logout(@Res({ passthrough: true }) response: ExpressResponse) {
response.cookie('token', '', { expires: new Date() });
return;
}
@UseInterceptors(ClassSerializerInterceptor)

View File

@ -253,6 +253,10 @@ export class WikiController {
@UseGuards(WikiUserRoleGuard)
@UseGuards(JwtGuard)
async getWikiTocs(@Request() req, @Param('id') wikiId) {
const sleep = (v) => {
return new Promise((r) => setTimeout(r, v * 1000));
};
await sleep(4);
return await this.wikiService.getWikiTocs(req.user, wikiId);
}

View File

@ -23,13 +23,7 @@ export class DocumentAuthorityGuard implements CanActivate {
}
const request = context.switchToHttp().getRequest();
let token = request.headers.authorization;
if (/Bearer/.test(token)) {
token = token.split(' ').pop();
}
const token = request?.cookies['token'];
const user = this.jwtService.decode(token) as IUser;
const { params, query, body } = request;
const documentId = params?.id || params?.documentId || query?.id || query?.documentId || body?.documentId;

View File

@ -23,15 +23,8 @@ export class WikiUserRoleGuard implements CanActivate {
async canActivate(context: ExecutionContext): Promise<boolean> {
const targetUserRole = this.reflector.get<WikiUserRole | null>(KEY, context.getHandler());
const request = context.switchToHttp().getRequest();
let token = request.headers.authorization;
if (/Bearer/.test(token)) {
token = token.split(' ').pop();
}
const token = request?.cookies['token'];
const user = this.jwtService.decode(token) as IUser;
if (!user) {

View File

@ -5,6 +5,7 @@ import { NestFactory } from '@nestjs/core';
import { ValidationPipe } from '@pipes/validation.pipe';
import { HttpResponseTransformInterceptor } from '@transforms/http-response.transform';
import * as compression from 'compression';
import * as cookieParser from 'cookie-parser';
import * as express from 'express';
import helmet from 'helmet';
@ -18,7 +19,13 @@ async function bootstrap() {
const config = app.get(ConfigService);
const port = config.get('server.port') || 5002;
app.enableCors();
app.enableCors({
// TODO: fixme
origin: 'http://localhost:5001',
methods: 'GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS',
credentials: true,
});
app.use(cookieParser());
app.use(compression());
app.use(helmet());
app.use(express.json());

View File

@ -10,6 +10,7 @@ import { PassportModule, PassportStrategy } from '@nestjs/passport';
import { TypeOrmModule } from '@nestjs/typeorm';
import { UserService } from '@services/user.service';
import { getConfig } from '@think/config';
import { Request as RequestType } from 'express';
import { ExtractJwt, Strategy } from 'passport-jwt';
const config = getConfig();
@ -25,8 +26,14 @@ export class JwtStrategy extends PassportStrategy(Strategy) {
private readonly userService: UserService
) {
super({
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
ignoreExpiration: false,
secretOrKey: jwtConfig.secretkey,
jwtFromRequest: ExtractJwt.fromExtractors([
(request: RequestType) => {
const token = request?.cookies['token'];
return token;
},
]),
});
}

View File

@ -111,7 +111,7 @@ export class UserService {
* @param user
* @returns
*/
async login(user: LoginUserDto): Promise<OutUser & { token: string }> {
async login(user: LoginUserDto): Promise<{ user: OutUser; token: string }> {
const { name, password } = user;
const existUser = await this.userRepo.findOne({ where: { name } });
@ -125,7 +125,7 @@ export class UserService {
const res = instanceToPlain(existUser) as OutUser;
const token = this.jwtService.sign(res);
return Object.assign(res, { token });
return { user: res, token };
}
async validateUser(user: UserEntity) {

View File

@ -6,6 +6,15 @@ interface Response<T> {
data: T;
}
export function wrapResponse({ statusCode, data }) {
return {
statusCode,
message: null,
success: true,
data,
};
}
@Injectable()
export class HttpResponseTransformInterceptor<T> implements NestInterceptor<T, Response<T>> {
intercept(context: ExecutionContext, next: CallHandler<T>): Observable<Response<T>> {
@ -13,17 +22,8 @@ export class HttpResponseTransformInterceptor<T> implements NestInterceptor<T, R
map((data) => {
const ctx = context.switchToHttp();
const response = ctx.getResponse();
// const request = ctx.getRequest();
// const url = request.originalUrl;
const statusCode = response.statusCode;
const res = {
statusCode,
message: null,
success: true,
data,
};
// console.info(url, res);
return res;
return wrapResponse({ data, statusCode });
})
);
}