Added auth module for future

2026-01-14 20:49:42 +03:00 · 2024-01-02 12:49:39 +03:00
parent 7f31769d0d
commit ab66f38118
10 changed files with 198 additions and 2 deletions
--- a/backend/src/app.module.ts
+++ b/backend/src/app.module.ts
@@ -4,6 +4,7 @@ import { config } from 'config';
 import { LibsModule } from 'libs/libs.module';
 import { AppController } from './app.controller';
 import { AdminModule } from './modules/admin/admin.module';
+import { AuthModule } from './modules/auth/auth.module';
 import { ImageModule } from './modules/image/image.module';
 import { AppInitService } from './modules/initialization/app.init.service';
 import { PostModule } from './modules/post/post.module';
@@ -13,6 +14,7 @@ import { UserModule } from './modules/user/user.module';

@Module({
    imports: [
+        AuthModule,
        LibsModule,
        PostModule,
        AdminModule,
@@ -23,6 +25,9 @@ import { UserModule } from './modules/user/user.module';
        TypeOrmModule.forRoot(<TypeOrmModuleOptions>config.database),
    ],
    controllers: [AppController],
-    providers: [AppInitService],
+    providers: [
+        AppInitService,
+        // { provide: APP_GUARD, useClass: AuthGuard }, // Если будет необходима авторизация
+    ],
 })
 export class AppModule {}
--- a/backend/src/modules/auth/auth.guard.ts
+++ b/backend/src/modules/auth/auth.guard.ts
@@ -0,0 +1,36 @@
+import { CanActivate, ExecutionContext, Injectable, UnauthorizedException } from '@nestjs/common';
+import { Reflector } from '@nestjs/core';
+import { AuthService } from './auth.service';
+
+@Injectable()
+export class AuthGuard implements CanActivate {
+    constructor(
+        private reflector: Reflector,
+        private readonly authService: AuthService,
+    ) {}
+
+    canActivate(context: ExecutionContext) {
+        const request = context.switchToHttp().getRequest();
+        const allowUnauthorizedRequest = this.reflector.get<boolean>('allowUnauthorizedRequest', context.getHandler());
+
+        let token = this.extractTokenFromHeader(request.headers);
+
+        if (!token) {
+            token = request.query.access_token || request.body.access_token;
+        }
+        if (allowUnauthorizedRequest || this.authService.authUserByToken(token)) return true;
+        throw new UnauthorizedException('Unathorized!');
+    }
+
+    private extractTokenFromHeader(headers: any): string | null {
+        if (headers && headers.authorization) {
+            const authHeader = headers.authorization as string;
+            const headerParts = authHeader.split(' ');
+
+            if (headerParts.length === 2 && headerParts[0].toLowerCase() === 'bearer') {
+                return headerParts[1];
+            }
+        }
+        return null;
+    }
+}
--- a/backend/src/modules/auth/auth.module.ts
+++ b/backend/src/modules/auth/auth.module.ts
@@ -0,0 +1,11 @@
+import { Module } from '@nestjs/common';
+import { PassportModule } from '@nestjs/passport';
+import { AuthService } from './auth.service';
+import { HttpBearerStrategy } from './http-bearer.strategy';
+
+@Module({
+    imports: [PassportModule.register({ defaultStrategy: 'bearer' })],
+    providers: [HttpBearerStrategy, AuthService],
+    exports: [HttpBearerStrategy, AuthService],
+})
+export class AuthModule {}
--- a/backend/src/modules/auth/auth.service.ts
+++ b/backend/src/modules/auth/auth.service.ts
@@ -0,0 +1,10 @@
+import { Injectable, Logger } from '@nestjs/common';
+import { config } from 'config';
+
+@Injectable()
+export class AuthService {
+    private readonly logger: Logger = new Logger(AuthService.name);
+    authUserByToken(token: string) {
+        return token === config.server.access_token;
+    }
+}
--- a/backend/src/modules/auth/http-bearer.strategy.ts
+++ b/backend/src/modules/auth/http-bearer.strategy.ts
@@ -0,0 +1,18 @@
+import { Injectable, UnauthorizedException } from '@nestjs/common';
+import { PassportStrategy } from '@nestjs/passport';
+import { Strategy } from 'passport-http-bearer';
+import { AuthService } from './auth.service';
+@Injectable()
+export class HttpBearerStrategy extends PassportStrategy(Strategy) {
+    constructor(private readonly authService: AuthService) {
+        super();
+    }
+
+    async validate(token: string): Promise<boolean> {
+        const user = await this.authService.authUserByToken(token);
+        if (!user) {
+            throw new UnauthorizedException();
+        }
+        return user;
+    }
+}
--- a/backend/src/modules/settings/settings.controller.ts
+++ b/backend/src/modules/settings/settings.controller.ts
@@ -3,6 +3,8 @@ import { ApiOperation, ApiTags } from '@nestjs/swagger';
 import { ICreateBotSettingsProfile, IEditBotSettingsProfile } from './settings.dto';
 import { SettingsService } from './settings.service';

+// Если нужна будет авторизация, для выключения авторизации на конкретном
+// const AllowUnathorizedRequest = () => SetMetadata('allowUnathorizedRequest', true);
@ApiTags('Settings')
@Controller('settings')
 export class SettingsController {