nestjs_auth...

2022-09-10 18:48:13 +09:00 · 2022-09-10 18:48:13 +09:00 · 35a4c76477
commit 35a4c76477
parent a73e85cf45
11 changed files with 36 additions and 64 deletions
--- a/.env
+++ b/.env
@ -10,13 +10,11 @@ CORS_ALLOW_METHOD = "GET,PUT,POST,DELETE,PATCH,OPTIONS"

 AUTH_USERNAME_FIELD="email"

-JWT_REFRESH_TOKEN_SECRET = "security_key"
-JWT_REFRESH_TOKEN_EXPIREIN = "14d"
-JWT_REFRESH_TOKEN_ISSUER = "idcjp"
+JWT_CONSTANTS_SECRET = "security_key"
+JWT_CONSTANTS_EXPIRESIN ="60s"

-JWT_ACCESS_TOKEN_SECRET = "security_key"
+JWT_REFRESH_TOKEN_EXPIREIN = "14d"
 JWT_ACCESS_TOKEN_EXPIREIN = "60s"
-JWT_ACCESS_TOKEN_ISSUER = "idcjp"

 DEFAULT_TABLE_PERPAGE = 10
 DEFAULT_TABLE_PAGE = 1
--- a/src/auth/auth.controller.ts
+++ b/src/auth/auth.controller.ts
@ -18,16 +18,17 @@ import { LocalAuthGuard } from './guards/local.auth.guard'
 export class AuthController {
  constructor(private authService: AuthService) {}

-  //Login용
  @UseGuards(LocalAuthGuard)
+  //local.strategy의 validate에서 Login처리후 넘어옴
+  //결과오류시 NotFoundError: No User found라고 console log에 출력됨
  @Post('login')
-  login(@Param('email') email: string, @Param('password') password: string) {
-    //console.log(req)
-    return this.authService.login(email, password)
+  async login(@Request() req) {
+    return this.authService.getTokens(req.user)
  }

  //Profile 여부 확인용
  @UseGuards(JwtAuthGuard)
+  //jwt.strategy의 validate에서 token확인후 넘어옴
  @Get('profile')
  getProfile(@Request() req) {
    //console.log(req)
--- a/src/auth/auth.module.ts
+++ b/src/auth/auth.module.ts
@ -6,7 +6,7 @@ import { Module } from '@nestjs/common'
 import { PassportModule } from '@nestjs/passport'
 import { AuthService } from './auth.service'
 import { JwtModule } from '@nestjs/jwt'
-import { jwtAcceesTokenOptions } from './guards/jwt.constants'
+import { jwtConstants } from './guards/jwt.constants'
 import { AuthController } from './auth.controller'
 import { LocalStrategy } from './guards/local.strategy'
 import { JwtStrategy } from './guards/jwt.strategy'
@ -17,8 +17,8 @@ import { UsersModule } from '../user/user.module'
    UsersModule,
    PassportModule,
    JwtModule.register({
-      secret: jwtAcceesTokenOptions.secret,
-      signOptions: { expiresIn: jwtAcceesTokenOptions.expiresIn }
+      secret: jwtConstants.secret,
+      signOptions: { expiresIn: jwtConstants.expiresIn }
    })
  ],
  controllers: [AuthController],
--- a/src/auth/auth.service.ts
+++ b/src/auth/auth.service.ts
@ -4,11 +4,6 @@ import { JwtService } from '@nestjs/jwt'
 import { User } from '@prisma/client'
 import { UserDTO } from 'src/user/dtos/user.dto'
 import { UserService } from '../user/user.service'
-import {
-  jwtAcceesTokenOptions,
-  jwtRefreshTokenTypes
-} from './guards/jwt.constants'
-
@Injectable()
 export class AuthService {
  constructor(
@ -22,8 +17,6 @@ export class AuthService {
    if (user && user.password === password) {
      // eslint-disable-next-line @typescript-eslint/no-unused-vars
      const { password, ...result } = user
-      // result는 password 를 제외한 user의 모든 정보를 포함한다.
-      //console.log(result)
      return result
    }
    return null
@ -36,27 +29,14 @@ export class AuthService {
      name: user.name
    }
    const refresh_token_payload = {}
-    // console.log(payload)
    return {
      tokens: {
-        access_token: this.jwtService.sign(
-          access_token_payload,
-          jwtAcceesTokenOptions
-        ),
-        refresh_token: this.jwtService.sign(
-          refresh_token_payload,
-          jwtRefreshTokenTypes
-        )
+        access_token: this.jwtService.sign(access_token_payload),
+        refresh_token: this.jwtService.sign(refresh_token_payload)
      }
    }
  }

-  async login(email: string, password: string): Promise<any | null> {
-    const user = await this.validateUser(email, password)
-    if (!user) return null
-    return await this.getTokens(user)
-  }
-
  async register(data: UserDTO): Promise<any | null> {
    const user = await this.userService.add(data)
    if (!user) return null
--- a/src/auth/guards/jwt.auth.guard.ts
+++ b/src/auth/guards/jwt.auth.guard.ts
@ -13,7 +13,6 @@ export class JwtAuthGuard extends AuthGuard('jwt') {
  ): boolean | Promise<boolean> | Observable<boolean> {
    // Add your custom authentication logic here
    // for example, call super.logIn(request) to establish a session.
-    console.log(context)
    return super.canActivate(context)
  }

@ -22,7 +21,7 @@ export class JwtAuthGuard extends AuthGuard('jwt') {
    if (err || !user) {
      throw err || new UnauthorizedException()
    }
-    console.log(info)
+    console.log('JwtAuthGuard.handleRequest().info =>' + info)
    return user
  }
 }
--- a/src/auth/guards/jwt.constants.ts
+++ b/src/auth/guards/jwt.constants.ts
@ -1,11 +1,4 @@
-export const jwtAcceesTokenOptions = {
-  secret: process.env.JWT_ACCESS_TOKEN_SECRET,
-  expiresIn: process.env.JWT_ACCESS_TOKEN_EXPIREIN,
-  issuer: process.env.JWT_ACCESS_TOKEN_ISSUER
-}
-
-export const jwtRefreshTokenTypes = {
-  secret: process.env.JWT_REFRESH_TOKEN_SECRET,
-  expiresIn: process.env.JWT_REFRESH_TOKEN_EXPIREIN,
-  issuer: process.env.JWT_REFRESH_TOKEN_ISSUER
+export const jwtConstants = {
+  secret: process.env.JWT_CONSTANTS_SECRET,
+  expiresIn: process.env.JWT_CONSTANTS_EXPIRESIN
 }
--- a/src/auth/guards/jwt.strategy.ts
+++ b/src/auth/guards/jwt.strategy.ts
@ -1,7 +1,6 @@
 import { ExtractJwt, Strategy } from 'passport-jwt'
 import { PassportStrategy } from '@nestjs/passport'
 import { Injectable } from '@nestjs/common'
-import { jwtAcceesTokenOptions } from './jwt.constants'

@Injectable()
 export class JwtStrategy extends PassportStrategy(Strategy) {
@ -9,7 +8,7 @@ export class JwtStrategy extends PassportStrategy(Strategy) {
    super({
      jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
      ignoreExpiration: false,
-      secretOrKey: jwtAcceesTokenOptions.secret
+      secretOrKey: process.env.JWT_SECRET
    })
  }

--- a/src/auth/guards/local.auth.guard.ts
+++ b/src/auth/guards/local.auth.guard.ts
@ -21,7 +21,7 @@ export class LocalAuthGuard extends AuthGuard('local') {
    if (err || !user) {
      throw err || new UnauthorizedException()
    }
-    console.log(info)
+    console.log('LocalAuthGuard.handleRequest().info =>' + info)
    return user
  }
 }
--- a/src/auth/guards/local.strategy.ts
+++ b/src/auth/guards/local.strategy.ts
@ -12,6 +12,7 @@ export class LocalStrategy extends PassportStrategy(Strategy) {
    super({ usernameField: process.env.AUTH_USERNAME_FIELD })
  }

+  //Login인증용
  async validate(email: string, password: string): Promise<any> {
    const user = await this.authService.validateUser(email, password)
    if (!user) {
--- a/src/auth/guards/roles.guard.ts
+++ b/src/auth/guards/roles.guard.ts
@ -9,6 +9,7 @@ import { ROLES_KEY } from '../decorators/roles.decorator'
 export class RolesGuard implements CanActivate {
  constructor(private reflector: Reflector) {}

+  //조건 검색용
  canActivate(
    context: ExecutionContext
  ): boolean | Promise<boolean> | Observable<boolean> {
@ -16,12 +17,12 @@ export class RolesGuard implements CanActivate {
      context.getHandler(),
      context.getClass()
    ])
+    //Role조건이 없는 경우
    if (!requiredRoles) {
      return true
    }
+    //Role조건이 있는 경우 판단
    const { user } = context.switchToHttp().getRequest()
-    //console.log(requiredRoles)
-    //console.log(user)
    return requiredRoles.some((role) => user?.roles?.includes(role))
    //return true
  }
--- a/src/prisma.service.ts
+++ b/src/prisma.service.ts
@ -4,18 +4,18 @@ import { PrismaClient } from '@prisma/client'
@Injectable()
 export class PrismaService extends PrismaClient implements OnModuleInit {
  [x: string]: any
-  constructor() {
-    //SQL 로그를 출력하기위해 추가
-    super({
-      log: [
-        { emit: 'event', level: 'query' },
-        { emit: 'stdout', level: 'info' },
-        { emit: 'stdout', level: 'warn' },
-        { emit: 'stdout', level: 'error' }
-      ],
-      errorFormat: 'colorless'
-    })
-  }
+  // constructor() {
+  //   //SQL 로그를 출력하기위해 추가
+  //   super({
+  //     log: [
+  //       { emit: 'event', level: 'query' },
+  //       { emit: 'stdout', level: 'info' },
+  //       { emit: 'stdout', level: 'warn' },
+  //       { emit: 'stdout', level: 'error' }
+  //     ],
+  //     errorFormat: 'colorless'
+  //   })
+  // }

  async onModuleInit() {
    await this.$connect()
@ -24,7 +24,7 @@ export class PrismaService extends PrismaClient implements OnModuleInit {
  async enableShutdownHooks(app: INestApplication) {
    this.$on('beforeExit', async (event) => {
      //SQL 로그를 출력하기위해 추가
-      console.log(event.name)
+      //console.log(event.name)
      await app.close()
    })
  }