51cfc0d82c
* feat: nested casl abilities * fix: remove unused packages * Fixes * Fix createMany broken * Fix lint * Fix lint * Fix lint * Fix lint * Fixes * Fix CommentThread * Fix bugs * Fix lint * Fix bugs * Fixed auto routing * Fixed app path --------- Co-authored-by: Charles Bochet <charles@twenty.com> Co-authored-by: Lucas Bordeau <bordeau.lucas@gmail.com>
47 lines
1.4 KiB
TypeScript
47 lines
1.4 KiB
TypeScript
import { PassportStrategy } from '@nestjs/passport';
|
|
import { Injectable, UnauthorizedException } from '@nestjs/common';
|
|
|
|
import { Strategy, ExtractJwt } from 'passport-jwt';
|
|
import { User, Workspace } from '@prisma/client';
|
|
|
|
import { PrismaService } from 'src/database/prisma.service';
|
|
import { EnvironmentService } from 'src/integrations/environment/environment.service';
|
|
|
|
export type JwtPayload = { sub: string; workspaceId: string };
|
|
export type PassportUser = { user: User; workspace: Workspace };
|
|
|
|
@Injectable()
|
|
export class JwtAuthStrategy extends PassportStrategy(Strategy, 'jwt') {
|
|
constructor(
|
|
private readonly environmentService: EnvironmentService,
|
|
private readonly prismaService: PrismaService,
|
|
) {
|
|
super({
|
|
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
|
|
ignoreExpiration: false,
|
|
secretOrKey: environmentService.getAccessTokenSecret(),
|
|
});
|
|
}
|
|
|
|
async validate(payload: JwtPayload): Promise<PassportUser> {
|
|
const user = await this.prismaService.client.user.findUniqueOrThrow({
|
|
where: { id: payload.sub },
|
|
});
|
|
|
|
if (!user) {
|
|
throw new UnauthorizedException();
|
|
}
|
|
|
|
const workspace =
|
|
await this.prismaService.client.workspace.findUniqueOrThrow({
|
|
where: { id: payload.workspaceId },
|
|
});
|
|
|
|
if (!workspace) {
|
|
throw new UnauthorizedException();
|
|
}
|
|
|
|
return { user, workspace };
|
|
}
|
|
}
|