Untitled
unknown
javascript
5 months ago
1.3 kB
6
Indexable
import { CanActivate, ExecutionContext, Injectable, UnauthorizedException, } from '@nestjs/common'; import { JwtService } from '@nestjs/jwt'; import { Request } from 'express'; import { ConfigService } from '@nestjs/config'; @Injectable() export class AuthGuard implements CanActivate { constructor( private jwtService: JwtService, private configService: ConfigService, ) {} async canActivate(context: ExecutionContext): Promise<boolean> { const request = context.switchToHttp().getRequest(); const token = this.extractTokenFromHeader(request); if (!token) { throw new UnauthorizedException(); } try { const payload = await this.jwtService.verifyAsync(token, { secret: this.configService.getOrThrow('JWT_SECRET'), }); // 💡 We're assigning the payload to the request object here // so that we can access it in our route handlers request['user'] = payload; } catch { throw new UnauthorizedException('Unauthorized access'); } return true; } private extractTokenFromHeader(request: Request): string | undefined { const [type, token] = request.headers.authorization?.split(' ') ?? []; return type === 'Bearer' ? token : undefined; } }
Editor is loading...
Leave a Comment