jeezft/msgr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
de9dd05308d0c1638bd09001eb4c811f73356892
msgr/messenger-server/src/common/guards/auth.guard.ts
jeezft de9dd05308 Track client and server sources 
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-23 12:04:01 +03:00

48 lines
1.6 KiB
TypeScript
Raw Blame History

import { Injectable, CanActivate, ExecutionContext, UnauthorizedException } from '@nestjs/common'
import { SessionsService } from 'src/modules/sessions/sessions.service'
import { JwtAuthService } from 'src/modules/security/jwt.service'
import { TokenPayload } from '../types/token-payload.type'
@Injectable()
export class AuthGuard implements CanActivate {
constructor(
private readonly sessionService: SessionsService,
private readonly jwtService: JwtAuthService
) { }
async canActivate(context: ExecutionContext) {
const request = context.switchToHttp().getRequest()
let token = request.token
if (!token) {
const authHeader = request.headers['authorization'] || request.headers['Authorization']
if (!authHeader || typeof authHeader !== 'string' || !authHeader.startsWith('Bearer ')) {
throw new UnauthorizedException('Authorization header is missing or invalid')
}
token = authHeader.slice(7).trim()
if (!token) {
throw new UnauthorizedException('Token is missing')
}
}
let payload: TokenPayload
try {
payload = this.jwtService.verifyToken(token)
} catch (err) {
throw new UnauthorizedException('Invalid or expired token')
}
const session = await this.sessionService.findByTokenAndUserId(token, payload.userId)
if (!session) {
throw new UnauthorizedException('Invalid token')
}
request.user = { id: payload.userId, token: token }
return true
}
}
Reference in New Issue View Git Blame Copy Permalink