完成jwt鉴权

2025-05-07 14:34:49 +08:00
parent d2744689b2
commit 1246613fb1
9 changed files with 139 additions and 17 deletions
--- a/tone-page-server/src/auth/strategies/jwt.strategy.ts
+++ b/tone-page-server/src/auth/strategies/jwt.strategy.ts
@@ -0,0 +1,33 @@
+import { Injectable, UnauthorizedException } from "@nestjs/common";
+import { ConfigService } from "@nestjs/config";
+import { PassportStrategy } from "@nestjs/passport";
+import { ExtractJwt, Strategy } from "passport-jwt";
+import { UserSessionService } from "src/user/services/user-session.service";
+
+@Injectable()
+export class JwtStrategy extends PassportStrategy(Strategy, 'jwt') {
+    constructor(
+        private readonly userSessionService: UserSessionService,
+        private readonly configService: ConfigService,
+    ) {
+        super({
+            jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
+            ignoreExpiration: false,
+            secretOrKey: configService.get<string>('JWT_SECRET', 'tone-page'),
+        })
+    }
+
+    async validate(payload: any) {
+        const { userId, sessionId } = payload ?? {};
+
+        const isValidSession = await this.userSessionService.isSessionValid(userId, sessionId);
+        if (!isValidSession) {
+            throw new UnauthorizedException('登录凭证已过期，请重新登录');
+        }
+
+        return {
+            userId,
+            sessionId,
+        }
+    }
+}