fix: token auth and base curl event name

2022-04-10 17:44:36 +08:00
parent 413160f511
commit 01079097fe
11 changed files with 48 additions and 26 deletions
--- a/src/common/decorator/auth.decorator.ts
+++ b/src/common/decorator/auth.decorator.ts
@@ -3,13 +3,13 @@ import { ApiBearerAuth, ApiUnauthorizedResponse } from '@nestjs/swagger'

 import { SECURITY } from '~/app.config'

-import { JWTAuthGuard } from '../guard/auth.guard'
+import { AuthGuard } from '../guard/auth.guard'

 export function Auth() {
  const decorators: (ClassDecorator | PropertyDecorator | MethodDecorator)[] =
    []
  if (!SECURITY.skipAuth) {
-    decorators.push(UseGuards(JWTAuthGuard))
+    decorators.push(UseGuards(AuthGuard))
  }
  decorators.push(
    ApiBearerAuth(),
--- a/src/common/guard/auth.guard.ts
+++ b/src/common/guard/auth.guard.ts
@@ -1,8 +1,17 @@
-import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common'
+import { Observable } from 'rxjs'
+
+import {
+  CanActivate,
+  ExecutionContext,
+  Inject,
+  Injectable,
+} from '@nestjs/common'
 import { AuthGuard as _AuthGuard } from '@nestjs/passport'

 import { isTest } from '~/global/env.global'
 import { mockUser1 } from '~/mock/user.mock'
+import { AuthService } from '~/modules/auth/auth.service'
+import { UserService } from '~/modules/user/user.service'
 import { getNestExecutionContextRequest } from '~/transformers/get-req.transformer'

 /**
@@ -10,8 +19,8 @@ import { getNestExecutionContextRequest } from '~/transformers/get-req.transform
 */

@Injectable()
-export class JWTAuthGuard extends _AuthGuard('jwt') implements CanActivate {
-  canActivate(context: ExecutionContext) {
+export class AuthGuard extends _AuthGuard('jwt') implements CanActivate {
+  override async canActivate(context: ExecutionContext): Promise<any> {
    const request = this.getRequest(context)

    if (typeof request.user !== 'undefined') {
@@ -24,7 +33,7 @@ export class JWTAuthGuard extends _AuthGuard('jwt') implements CanActivate {
      return true
    }

-    return super.canActivate(context)
+    return super.canActivate(context) as any
  }

  getRequest(context: ExecutionContext) {
--- a/src/common/guard/roles.guard.ts
+++ b/src/common/guard/roles.guard.ts
@@ -9,6 +9,7 @@
 import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common'
 import { AuthGuard } from '@nestjs/passport'

+import { AuthService } from '~/modules/auth/auth.service'
 import { getNestExecutionContextRequest } from '~/transformers/get-req.transformer'

 /**
@@ -17,15 +18,28 @@ import { getNestExecutionContextRequest } from '~/transformers/get-req.transform

@Injectable()
 export class RolesGuard extends AuthGuard('jwt') implements CanActivate {
+  constructor(private readonly authService: AuthService) {
+    super(authService)
+  }
  async canActivate(context: ExecutionContext): Promise<boolean> {
    let isMaster = false
    const request = this.getRequest(context)
-
-    if (request.headers['authorization']) {
+    const authorization = request.headers.authorization
+    if (authorization) {
      try {
        isMaster = (await super.canActivate(context)) as boolean
      } catch {}
+      if (!isMaster) {
+        const [isValidToken, userModel] =
+          await this.authService.verifyCustomToken(authorization as string)
+        if (isValidToken) {
+          request.user = userModel!
+          isMaster = true
+          return true
+        }
+      }
    }
+
    request.isGuest = !isMaster
    request.isMaster = isMaster
    return true
--- a/src/modules/auth/auth.controller.ts
+++ b/src/modules/auth/auth.controller.ts
@@ -64,7 +64,9 @@ export class AuthController {
    @Query('id') id?: string,
  ) {
    if (typeof token === 'string') {
-      return await this.authService.verifyCustomToken(token)
+      return await this.authService
+        .verifyCustomToken(token)
+        .then(([isValid, user]) => isValid)
    }
    if (id && typeof id === 'string' && isMongoId(id)) {
      return await this.authService.getTokenSecret(id)
--- a/src/modules/auth/auth.service.ts
+++ b/src/modules/auth/auth.service.ts
@@ -4,13 +4,14 @@ import { customAlphabet } from 'nanoid/async'

 import { Injectable } from '@nestjs/common'
 import { JwtService } from '@nestjs/jwt'
-import { DocumentType, ReturnModelType } from '@typegoose/typegoose'
+import { ReturnModelType } from '@typegoose/typegoose'

 import { MasterLostException } from '~/common/exceptions/master-lost.exception'
 import {
  TokenModel,
  UserModel as User,
  UserDocument,
+  UserModel,
 } from '~/modules/user/user.model'
 import { InjectModel } from '~/transformers/model.transformer'

@@ -84,16 +85,18 @@ export class AuthService {
    return await ap()
  }

-  async verifyCustomToken(token: string): Promise<boolean> {
+  async verifyCustomToken(
+    token: string,
+  ): Promise<Readonly<[boolean, UserModel | null]>> {
    const user = await this.userModel.findOne({}).lean().select('+apiToken')
    if (!user) {
-      return false
+      return [false, null] as const
    }
    const tokens = user.apiToken
    if (!tokens || !Array.isArray(tokens)) {
-      return false
+      return [false, null] as const
    }
-    return tokens.some((doc) => {
+    const valid = tokens.some((doc) => {
      if (doc.token === token) {
        if (typeof doc.expired === 'undefined') {
          return true
@@ -104,6 +107,8 @@ export class AuthService {
      }
      return false
    })
+
+    return valid ? [true, await this.userModel.findOne().lean()] : [false, null]
  }

  async saveToken(model: TokenDto & { token: string }) {
--- a/src/modules/comment/comment.model.ts
+++ b/src/modules/comment/comment.model.ts
@@ -53,7 +53,7 @@ export class CommentModel extends BaseModel {
  @prop({ refPath: 'refType' })
  ref: Ref<PostModel | NoteModel | PageModel>

-  @prop({ required: true, default: 'PostModel', enum: CommentRefTypes })
+  @prop({ required: true, default: 'Post', enum: CommentRefTypes })
  refType: CommentRefTypes

  @prop({ trim: true, required: true })
--- a/src/modules/post/post.controller.ts
+++ b/src/modules/post/post.controller.ts
@@ -61,7 +61,7 @@ export class PostController {
  @VisitDocument('Post')
  async getById(@Param() params: MongoIdDto) {
    const { id } = params
-    const doc = await this.postService.model.findById(id)
+    const doc = await this.postService.model.findById(id).populate('category')
    if (!doc) {
      throw new CannotFindException()
    }
--- a/src/modules/recently/recently.controller.ts
+++ b/src/modules/recently/recently.controller.ts
@@ -4,8 +4,6 @@ import {
  Controller,
  Delete,
  Get,
-  HttpCode,
-  HttpStatus,
  Param,
  Post,
  Query,
--- a/src/processors/gateway/shared/auth.gateway.ts
+++ b/src/processors/gateway/shared/auth.gateway.ts
@@ -55,7 +55,7 @@ export const createAuthGateway = (
        return false
      }
      const validCustomToken = async () => {
-        const verifyCustomToken = await this.authService.verifyCustomToken(
+        const [verifyCustomToken] = await this.authService.verifyCustomToken(
          token,
        )
        if (verifyCustomToken) {
--- a/src/processors/gateway/system/events.gateway.ts
+++ b/src/processors/gateway/system/events.gateway.ts
@@ -1,5 +1,3 @@
-import SocketIO from 'socket.io'
-
 import { JwtService } from '@nestjs/jwt'
 import {
  GatewayMetadata,
@@ -30,8 +28,4 @@ export class SystemEventsGateway
  ) {
    super(jwtService, authService, cacheService)
  }
-
-  handleDisconnect(client: SocketIO.Socket) {
-    super.handleDisconnect(client)
-  }
 }
--- a/src/transformers/crud-factor.transformer.ts
+++ b/src/transformers/crud-factor.transformer.ts
@@ -36,7 +36,7 @@ export function BaseCrudFactory<
  const tagPrefix =
    pluralizeName.charAt(0).toUpperCase() + pluralizeName.slice(1)

-  const eventNamePrefix = `${pluralizeName.toUpperCase()}_`
+  const eventNamePrefix = `${prefix.toUpperCase()}_`

  class PDto extends PartialType(model as any) {}