feat: Creating the first user

2026-04-25 02:05:11 +02:00 · 2024-06-02 02:59:38 +03:00
parent 052ea44548
commit db21aef3f3
12 changed files with 141 additions and 44 deletions
--- a/backend/src/auth/auth.controller.ts
+++ b/backend/src/auth/auth.controller.ts
@@ -8,11 +8,7 @@ import {
 } from '@nestjs/common';
 import { AuthService } from './auth.service';
 import { SignInDto } from '../user/user.dto';
-import {
-  ApiOkResponse,
-  ApiProperty,
-  ApiUnauthorizedResponse,
-} from '@nestjs/swagger';
+import { ApiOkResponse, ApiProperty } from '@nestjs/swagger';
 import { ApiException } from '@nanogiants/nestjs-swagger-api-exception-decorator';

 export class SignInResponse {
--- a/backend/src/auth/auth.guard.ts
+++ b/backend/src/auth/auth.guard.ts
@@ -18,6 +18,12 @@ export const GetUser = createParamDecorator(
  },
 );

+function extractTokenFromHeader(request: Request): string | undefined {
+  const [type, token] =
+    (request.headers as any).authorization?.split(' ') ?? [];
+  return type === 'Bearer' ? token : undefined;
+}
+
@Injectable()
 export class AuthGuard implements CanActivate {
  constructor(
@@ -27,7 +33,7 @@ export class AuthGuard implements CanActivate {

  async canActivate(context: ExecutionContext): Promise<boolean> {
    const request = context.switchToHttp().getRequest();
-    const token = this.extractTokenFromHeader(request);
+    const token = extractTokenFromHeader(request);
    if (!token) {
      throw new UnauthorizedException();
    }
@@ -46,10 +52,34 @@ export class AuthGuard implements CanActivate {
    }
    return true;
  }
+}

-  private extractTokenFromHeader(request: Request): string | undefined {
-    const [type, token] =
-      (request.headers as any).authorization?.split(' ') ?? [];
-    return type === 'Bearer' ? token : undefined;
+@Injectable()
+export class OptionalAuthGuard implements CanActivate {
+  constructor(
+    private jwtService: JwtService,
+    private userService: UserService,
+  ) {}
+
+  async canActivate(context: ExecutionContext): Promise<boolean> {
+    const request = context.switchToHttp().getRequest();
+    const token = extractTokenFromHeader(request);
+    if (!token) {
+      return true;
+    }
+    try {
+      const payload: AccessTokenPayload = await this.jwtService.verifyAsync(
+        token,
+        {
+          secret: JWT_SECRET,
+        },
+      );
+      if (payload.sub) {
+        request['user'] = await this.userService.findOne(payload.sub);
+      }
+    } catch {
+      return true;
+    }
+    return true;
  }
 }
--- a/backend/src/auth/auth.module.ts
+++ b/backend/src/auth/auth.module.ts
@@ -11,7 +11,7 @@ import { JWT_SECRET } from '../consts';
    JwtModule.register({
      global: true,
      secret: JWT_SECRET,
-      signOptions: { expiresIn: '1d' },
+      signOptions: { expiresIn: '1y' },
    }),
  ],
  controllers: [AuthController],
--- a/backend/src/auth/auth.service.ts
+++ b/backend/src/auth/auth.service.ts
@@ -1,6 +1,7 @@
 import { Injectable, UnauthorizedException } from '@nestjs/common';
 import { UserService } from '../user/user.service';
 import { JwtService } from '@nestjs/jwt';
+import { User } from '../user/user.entity';

 export interface AccessTokenPayload {
  sub: string;
@@ -19,7 +20,9 @@ export class AuthService {
  ): Promise<{
    token: string;
  }> {
-    const user = await this.userService.findOneByName(name);
+    let user = await this.userService.findOneByName(name);
+    if (!user && (await this.userService.noPreviousAdmins()))
+      user = await this.userService.create(name, password, true);

    if (!(user && user.password === password)) {
      throw new UnauthorizedException();