Extract JWT from Authorization header (#59)

vulcan-api · Nov 23, 2023 · b0e054d · b0e054d
1 parent fe48574
commit b0e054d
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 53 deletions.
diff --git a/src/auth/auth.service.ts b/src/auth/auth.service.ts
@@ -25,17 +25,22 @@ export class AuthService {
     return { msg: 'Successfully registered a new account!' };
   }
 
-  async login(dto: LoginDto): Promise<[string, string, object] | []> {
+  async login(dto: LoginDto): Promise<object> {
     const user = await this.prisma.user.findUniqueOrThrow({
       where: { email: dto.email },
     });
 
-    if (sha512(dto.password) === user.password) {
-      return this.generateAuthCookie({
-        userId: user.id,
-      });
-    }
-    throw new ForbiddenException('Wrong credentials!');
+    if (!user || !(sha512(dto.password) === user.password))
+      throw new ForbiddenException('Wrong credentials!');
+
+    const jwt = await this.generateAuthJwt({
+      userId: user.id,
+    });
+
+    return {
+      token: jwt,
+      userInfo: await this.getUserPublicInfo(dto.email),
+    };
   }
 
   async isTaken(username: string, email: string): Promise<boolean> {
@@ -51,20 +56,6 @@ export class AuthService {
     return this.jwtService.sign(payload);
   }
 
-  async generateAuthCookie(
-    payload: JwtAuthDto,
-  ): Promise<[string, string, object]> {
-    const jwt = await this.generateAuthJwt(payload);
-    return [
-      'jwt',
-      jwt,
-      {
-        secure: true,
-        sameSite: 'lax',
-      },
-    ];
-  }
-
   async getUserPublicInfo(email: string): Promise<object> {
     const { prisma } = this;
     const userPublicInfo: any = await prisma.user.findUniqueOrThrow({

diff --git a/src/auth/login/login.controller.ts b/src/auth/login/login.controller.ts
@@ -1,36 +1,14 @@
-import {
-  Body,
-  Controller,
-  HttpCode,
-  HttpStatus,
-  Post,
-  Res,
-} from '@nestjs/common';
+import { Body, Controller, HttpCode, HttpStatus, Post } from '@nestjs/common';
 import { AuthService } from '../auth.service';
 import { LoginDto } from '../dto';
-import { Response } from 'express';
 
 @Controller('auth/login')
 export class LoginController {
   constructor(private readonly authService: AuthService) {}
 
   @Post()
   @HttpCode(HttpStatus.OK)
-  async login(@Body() dto: LoginDto, @Res() res: Response) {
-    const jwt = await this.authService.login(dto);
-    if (!jwt.length) {
-      res.send({ has2FAEnabled: true });
-      return;
-    }
-    res.cookie(...jwt);
-    res.cookie(
-      'user_info',
-      JSON.stringify(await this.authService.getUserPublicInfo(dto.email)),
-      {
-        secure: true,
-        sameSite: 'lax',
-      },
-    );
-    res.send({ token: jwt[1] });
+  async login(@Body() dto: LoginDto) {
+    return await this.authService.login(dto);
   }
 }
diff --git a/src/auth/strategy/jwt.strategy.ts b/src/auth/strategy/jwt.strategy.ts
@@ -1,20 +1,15 @@
 import { PassportStrategy } from '@nestjs/passport';
-import { Strategy } from 'passport-jwt';
+import { ExtractJwt, Strategy } from 'passport-jwt';
 import { Injectable } from '@nestjs/common';
 import { JwtAuthDto } from '../dto/jwt-auth.dto';
 
 const { SECRET = 'secret' } = process.env;
 
-const extractFromCookie = (req: any): string | null => {
-  if (req && req.cookies) return req.cookies['jwt'];
-  return null;
-};
-
 @Injectable()
 export class JwtStrategy extends PassportStrategy(Strategy) {
   constructor() {
     super({
-      jwtFromRequest: extractFromCookie,
+      jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
       secretOrKey: SECRET,
     });
   }