nestjs_auth init..

2022-09-09 14:03:10 +09:00 · 2022-09-09 14:03:10 +09:00 · 0d260d6849
commit 0d260d6849
parent 0135d94b55
14 changed files with 38 additions and 29 deletions
--- a/.env
+++ b/.env
@ -8,9 +8,15 @@ DATABASE_URL="mysql://root:@localhost:3306/test"
 CORS_ALLOW_ORIGINS = ['http://localhost:8080']
 CORS_ALLOW_METHOD = "GET,PUT,POST,DELETE,PATCH,OPTIONS"

-JWT_SECURITY_KEY = "security_key"
-JWT_EXPIRE_MAX = "600s"
 AUTH_USERNAME_FIELD="email"

+JWT_REFRESH_TOKEN_SECRET = "security_key"
+JWT_REFRESH_TOKEN_EXPIREIN = "14d"
+JWT_REFRESH_TOKEN_ISSUER = "idcjp"
+
+JWT_ACCESS_TOKEN_SECRET = "security_key"
+JWT_ACCESS_TOKEN_EXPIREIN = "60s"
+JWT_ACCESS_TOKEN_ISSUER = "idcjp"
+
 DEFAULT_TABLE_PERPAGE = 10
 DEFAULT_TABLE_PAGE = 1
--- a/src/auth/auth.controller.ts
+++ b/src/auth/auth.controller.ts
@ -3,8 +3,8 @@ import { Body, Controller, Get, Post, Request, UseGuards } from '@nestjs/common'
 import { User } from '@prisma/client'
 import { UserDTO } from 'src/user/dtos/user.dto'
 import { AuthService } from './auth.service'
-import { JwtAuthGuard } from './guards/jwt.authguard'
-import { LocalAuthGuard } from './guards/local-auth.guard'
+import { JwtAuthGuard } from './guards/jwt.auth.guard'
+import { LocalAuthGuard } from './guards/local.auth.guard'

@Controller('auth')
 export class AuthController {
@ -13,17 +13,16 @@ export class AuthController {
  //local.strategy.ts 사용
  // @UseGuards(AuthGuard('local'))
  // @UseGuards(LocalAuthGuard)
-  // @Post('login')
+  // @Post('/local/login')
  // async login(@Request() req) {
  //   return req.user
  // }

  //Login용
-  //local-auth.guard.ts 사용
  @UseGuards(LocalAuthGuard)
  @Post('login')
  async login(@Request() req) {
-    console.log(req.user)
+    //console.log(req.user)
    const response = this.authService.login(req.user)
    console.log(response)
    return response
--- a/src/auth/auth.module.ts
+++ b/src/auth/auth.module.ts
@ -6,7 +6,7 @@ import { Module } from '@nestjs/common'
 import { PassportModule } from '@nestjs/passport'
 import { AuthService } from './auth.service'
 import { JwtModule } from '@nestjs/jwt'
-import { jwtConstants } from './guards/constants'
+import { jwtAcceesTokenTypes } from './guards/jwt.constants'
 import { AuthController } from './auth.controller'
 import { LocalStrategy } from './guards/local.strategy'
 import { JwtStrategy } from './guards/jwt.strategy'
@ -17,8 +17,8 @@ import { UsersModule } from '../user/user.module'
    UsersModule,
    PassportModule,
    JwtModule.register({
-      secret: jwtConstants.secret,
-      signOptions: { expiresIn: jwtConstants.expiresIn }
+      secret: jwtAcceesTokenTypes.secret,
+      signOptions: { expiresIn: jwtAcceesTokenTypes.expiresIn }
    })
  ],
  controllers: [AuthController],
--- a/src/auth/auth.service.ts
+++ b/src/auth/auth.service.ts
@ -29,10 +29,12 @@ export class AuthService {
    //console.log(user)
    const payload = {
      email: user.email,
-      name: user.name
+      name: user.name,
+      role: user.role,
+      access_token: this.jwtService.sign(payload)
    }
    // console.log(payload)
-    return { access_token: this.jwtService.sign(payload) }
+    return {  }
  }

  async register(data: UserDTO): Promise<User> {
--- a/src/auth/decorators/role.enum.ts
+++ b/src/auth/decorators/role.enum.ts
--- a/src/auth/decorators/roles.decorator.ts
+++ b/src/auth/decorators/roles.decorator.ts
@ -1,5 +1,5 @@
 import { SetMetadata } from '@nestjs/common'
-import { Role } from '../guards/role.enum'
+import { Role } from './role.enum'

 export const ROLES_KEY = 'roles'
 export const Roles = (...roles: Role[]) => SetMetadata(ROLES_KEY, roles)
--- a/src/auth/guards/constants.ts
+++ b/src/auth/guards/constants.ts
@ -1,6 +0,0 @@
-import { env } from 'process'
-
-export const jwtConstants = {
-  secret: env.JWT_SECURITY_KEY,
-  expiresIn: env.JWT_EXPIRE_MAX
-}
--- a/src/auth/guards/jwt.auth.guard.ts
+++ b/src/auth/guards/jwt.auth.guard.ts
--- a/src/auth/guards/jwt.constants.ts
+++ b/src/auth/guards/jwt.constants.ts
@ -0,0 +1,11 @@
+export const jwtAcceesTokenTypes = {
+  secret: process.env.JWT_ACCESS_TOKEN_SECRET,
+  expiresIn: process.env.JWT_ACCESS_TOKEN_EXPIREIN,
+  issuer: process.env.JWT_ACCESS_TOKEN_ISSUER
+}
+
+export const jwtRefreshTokenTypes = {
+  secret: process.env.JWT_REFRESH_TOKEN_SECRET,
+  expiresIn: process.env.JWT_REFRESH_TOKEN_EXPIREIN,
+  issuer: process.env.JWT_REFRESH_TOKEN_ISSUER
+}
--- a/src/auth/guards/jwt.strategy.ts
+++ b/src/auth/guards/jwt.strategy.ts
@ -1,7 +1,7 @@
 import { ExtractJwt, Strategy } from 'passport-jwt'
 import { PassportStrategy } from '@nestjs/passport'
 import { Injectable } from '@nestjs/common'
-import { jwtConstants } from './constants'
+import { jwtAcceesTokenTypes } from './jwt.constants'

@Injectable()
 export class JwtStrategy extends PassportStrategy(Strategy) {
@ -9,16 +9,14 @@ export class JwtStrategy extends PassportStrategy(Strategy) {
    super({
      jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
      ignoreExpiration: false,
-      secretOrKey: jwtConstants.secret
+      secretOrKey: jwtAcceesTokenTypes.secret
    })
  }

  async validate(payload: any) {
    return {
-      id: payload.id,
      email: payload.email,
-      name: payload.name,
-      roles: payload.roles
+      name: payload.name
    }
  }
 }
--- a/src/auth/guards/local.auth.guard.ts
+++ b/src/auth/guards/local.auth.guard.ts
--- a/src/auth/guards/local.strategy.ts
+++ b/src/auth/guards/local.strategy.ts
@ -3,14 +3,13 @@ import { Strategy } from 'passport-local'
 import { PassportStrategy } from '@nestjs/passport'
 import { Injectable, UnauthorizedException } from '@nestjs/common'
 import { AuthService } from '../auth.service'
-import { env } from 'process'

@Injectable()
 export class LocalStrategy extends PassportStrategy(Strategy) {
  constructor(private authService: AuthService) {
    //super()
    //If you want to check user authenticate with custom column like 'email', try pass it.
-    super({ usernameField: env.AUTH_USERNAME_FIELD })
+    super({ usernameField: process.env.AUTH_USERNAME_FIELD })
  }

  async validate(email: string, password: string): Promise<any> {
--- a/src/auth/guards/roles.guard.ts
+++ b/src/auth/guards/roles.guard.ts
@ -2,7 +2,7 @@ import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common'
 import { Reflector } from '@nestjs/core'
 import { Observable } from 'rxjs'
 import { ROLES_KEY } from '../decorators/roles.decorator'
-import { Role } from './role.enum'
+import { Role } from '../decorators/role.enum'

 //참고: https://shpota.com/2022/07/16/role-based-authorization-with-jwt-using-nestjs.html
@Injectable()
--- a/src/user/user.controller.ts
+++ b/src/user/user.controller.ts
@ -14,8 +14,8 @@ import { User } from '@prisma/client'
 import { UserDTO } from './dtos/user.dto'
 import { UserService } from './user.service'
 import { Roles } from '../auth/decorators/roles.decorator'
-import { JwtAuthGuard } from '../auth/guards/jwt.authguard'
-import { Role } from '../auth/guards/role.enum'
+import { JwtAuthGuard } from '../auth/guards/jwt.auth.guard'
+import { Role } from '../auth/decorators/role.enum'
 import { RolesGuard } from '../auth/guards/roles.guard'

@Controller('user')