完成jwt鉴权
This commit is contained in:
@@ -11,7 +11,7 @@ import { PassportModule } from '@nestjs/passport';
|
||||
|
||||
@Module({
|
||||
imports: [
|
||||
ConfigModule.forRoot(),
|
||||
ConfigModule.forRoot({ isGlobal: true }),
|
||||
TypeOrmModule.forRoot({
|
||||
type: 'postgres',
|
||||
host: process.env.DATABASE_HOST,
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import { BadRequestException, Body, Controller, Post } from '@nestjs/common';
|
||||
import { BadRequestException, Body, Controller, Get, Post, Request } from '@nestjs/common';
|
||||
import { LoginDto } from './dto/login.dto';
|
||||
import { AuthService } from './auth.service';
|
||||
|
||||
|
||||
@@ -1,24 +1,40 @@
|
||||
import { Module } from '@nestjs/common';
|
||||
import { forwardRef, Module } from '@nestjs/common';
|
||||
import { AuthController } from './auth.controller';
|
||||
import { AuthService } from './auth.service';
|
||||
import { UserModule } from 'src/user/user.module';
|
||||
import { JwtModule } from '@nestjs/jwt';
|
||||
import { TypeOrmModule } from '@nestjs/typeorm';
|
||||
import { UserSession } from 'src/user/entities/user-session.entity';
|
||||
import { UserSessionService } from 'src/user/services/user-session.service';
|
||||
import { PassportModule } from '@nestjs/passport';
|
||||
import { JwtStrategy } from './strategies/jwt.strategy';
|
||||
import { ConfigModule, ConfigService } from '@nestjs/config';
|
||||
|
||||
@Module({
|
||||
imports: [
|
||||
UserModule,
|
||||
ConfigModule,
|
||||
forwardRef(() => UserModule),
|
||||
TypeOrmModule.forFeature([UserSession]),
|
||||
JwtModule.register({
|
||||
secret: process.env.JWT_SECRET || 'tone-page',
|
||||
signOptions: {
|
||||
expiresIn: process.env.EXPIRES_IN || '1d',
|
||||
}
|
||||
PassportModule.register({ defaultStrategy: 'jwt' }),
|
||||
JwtModule.registerAsync({
|
||||
imports: [ConfigModule],
|
||||
inject: [ConfigService],
|
||||
useFactory: (configService: ConfigService) => ({
|
||||
secret: configService.get<string>('JWT_SECRET', 'tone-page'),
|
||||
signOptions: {
|
||||
expiresIn: configService.get<string>('JWT_EXPIRES_IN', '1d'),
|
||||
},
|
||||
})
|
||||
})
|
||||
],
|
||||
controllers: [AuthController],
|
||||
providers: [AuthService, UserSessionService],
|
||||
providers: [
|
||||
AuthService,
|
||||
JwtStrategy,
|
||||
],
|
||||
exports: [
|
||||
PassportModule,
|
||||
JwtStrategy,
|
||||
AuthService,
|
||||
]
|
||||
})
|
||||
export class AuthModule { }
|
||||
|
||||
33
tone-page-server/src/auth/strategies/jwt.strategy.ts
Normal file
33
tone-page-server/src/auth/strategies/jwt.strategy.ts
Normal file
@@ -0,0 +1,33 @@
|
||||
import { Injectable, UnauthorizedException } from "@nestjs/common";
|
||||
import { ConfigService } from "@nestjs/config";
|
||||
import { PassportStrategy } from "@nestjs/passport";
|
||||
import { ExtractJwt, Strategy } from "passport-jwt";
|
||||
import { UserSessionService } from "src/user/services/user-session.service";
|
||||
|
||||
@Injectable()
|
||||
export class JwtStrategy extends PassportStrategy(Strategy, 'jwt') {
|
||||
constructor(
|
||||
private readonly userSessionService: UserSessionService,
|
||||
private readonly configService: ConfigService,
|
||||
) {
|
||||
super({
|
||||
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
|
||||
ignoreExpiration: false,
|
||||
secretOrKey: configService.get<string>('JWT_SECRET', 'tone-page'),
|
||||
})
|
||||
}
|
||||
|
||||
async validate(payload: any) {
|
||||
const { userId, sessionId } = payload ?? {};
|
||||
|
||||
const isValidSession = await this.userSessionService.isSessionValid(userId, sessionId);
|
||||
if (!isValidSession) {
|
||||
throw new UnauthorizedException('登录凭证已过期,请重新登录');
|
||||
}
|
||||
|
||||
return {
|
||||
userId,
|
||||
sessionId,
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -18,4 +18,16 @@ export class UserSessionService {
|
||||
});
|
||||
return await this.userSessionRepository.save(session);
|
||||
}
|
||||
|
||||
async isSessionValid(userId: string, sessionId: string): Promise<boolean> {
|
||||
const session = await this.userSessionRepository.findOne({
|
||||
where: {
|
||||
userId,
|
||||
sessionId,
|
||||
deletedAt: null,
|
||||
}
|
||||
});
|
||||
|
||||
return !!session;
|
||||
}
|
||||
}
|
||||
@@ -1,4 +1,17 @@
|
||||
import { Controller } from '@nestjs/common';
|
||||
import { Controller, Get, Injectable, UseGuards } from '@nestjs/common';
|
||||
import { UserService } from './user.service';
|
||||
import { AuthGuard } from '@nestjs/passport';
|
||||
|
||||
@Controller('user')
|
||||
export class UserController {}
|
||||
export class UserController {
|
||||
|
||||
constructor(
|
||||
private readonly userService: UserService
|
||||
) { }
|
||||
|
||||
@UseGuards(AuthGuard('jwt'))
|
||||
@Get('me')
|
||||
async getMe() {
|
||||
return 'ok';
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,14 +1,19 @@
|
||||
import { Module } from '@nestjs/common';
|
||||
import { forwardRef, Module } from '@nestjs/common';
|
||||
import { TypeOrmModule } from '@nestjs/typeorm';
|
||||
import { User } from './entities/user.entity';
|
||||
import { UserController } from './user.controller';
|
||||
import { UserService } from './user.service';
|
||||
import { UserSession } from './entities/user-session.entity';
|
||||
import { AuthModule } from 'src/auth/auth.module';
|
||||
import { UserSessionService } from './services/user-session.service';
|
||||
|
||||
@Module({
|
||||
imports: [TypeOrmModule.forFeature([User, UserSession])],
|
||||
imports: [
|
||||
TypeOrmModule.forFeature([User, UserSession]),
|
||||
forwardRef(() => AuthModule),// 解决循环依赖问题
|
||||
],
|
||||
controllers: [UserController],
|
||||
providers: [UserService],
|
||||
exports: [UserService],
|
||||
providers: [UserService, UserSessionService],
|
||||
exports: [UserService, UserSessionService],
|
||||
})
|
||||
export class UserModule { }
|
||||
|
||||
Reference in New Issue
Block a user