vigdorov/auth-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HM-127. Доработки ручек авторизаций

Browse Source
This commit is contained in:
vigdorov
2020-09-10 22:05:09 +03:00
parent a33d901c39
commit 6e3f003cd4
5 changed files with 50 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/auth/auth.service.ts
View File

@ -1,5 +1,7 @@
import {Injectable, UnauthorizedException, HttpService} from '@nestjs/common';
import {Request} from 'express';
import * as jwt from 'jsonwebtoken';
import {Token} from 'src/users/types';
@Injectable()
export class AuthService {
@ -7,7 +9,7 @@ export class AuthService {
private http: HttpService
) {}
async checkRequest(request: Request): Promise<boolean> {
async checkRequest(request: Request): Promise<Token> {
const {data} = await this.http.post('http://api.auth.vigdorov.ru/auth/check', {
access_token: request.headers.authorization,
agent: request.headers['user-agent']
@ -16,6 +18,7 @@ export class AuthService {
if (!data) {
throw new UnauthorizedException('Доступ запрещен');
}
return data;
return jwt.decode(request.headers.authorization) as Token;
}
}

6
src/users/types.ts Normal file
View File

@ -0,0 +1,6 @@
export interface Token {
login: string;
agent: string;
iat: number;
exp: number;
}

12
src/users/users.contoller.ts
View File

@ -102,9 +102,9 @@ export class UsersController {
description: 'Объект для создания пользователя'
})
async createUser(@Req() request: Request<null, CreateUserRequest>): Promise<UserResponse> {
await this.authService.checkRequest(request);
const {login} = await this.authService.checkRequest(request);
return await this.userService.create(request.body);
return await this.userService.create(request.body, login);
}
@Put()
@ -117,9 +117,9 @@ export class UsersController {
description: 'Объект обновления данных пользователя'
})
async updateUser(@Req() request: Request<null, UpdateUserRequest>): Promise<UserResponse> {
await this.authService.checkRequest(request);
const {login} = await this.authService.checkRequest(request);
return await this.userService.update(request.body);
return await this.userService.updateUser(request.body, login);
}
@Delete(':login')
@ -131,9 +131,9 @@ export class UsersController {
description: 'Логин пользователя',
})
async removeUser(@Req() request: Request<{login: string}>): Promise<UpdateUserRequest> {
await this.authService.checkRequest(request);
const {login} = await this.authService.checkRequest(request);
return await this.userService.removeOne(request.params.login);
return await this.userService.removeOne(request.params.login, login);
}
@Post('change-password')

3
src/users/users.schema.ts
View File

@ -19,6 +19,9 @@ export class UpdateUserRequest {
@ApiProperty()
avatar: string;
@ApiProperty()
is_admin: boolean;
}
export class UpdateUserSelf {

43
src/users/users.service.ts
View File

@ -1,17 +1,11 @@
import {Model, Connection, Document} from 'mongoose';
import {Injectable, NotFoundException, BadGatewayException, ConflictException, BadRequestException} from '@nestjs/common';
import {Injectable, NotFoundException, BadGatewayException, ConflictException, BadRequestException, NotAcceptableException} from '@nestjs/common';
import {InjectConnection} from '@nestjs/mongoose';
import {DB_NAME, USERS_CONTROLLER, SECRET_JWT_ACCESS_KEY, SECRET_JWT_REFRESH_KEY} from 'src/consts';
import {User, UserSchema, CreateUserRequest, UserResponse, UserModel, UpdateUserRequest, TokenResponse, UpdateUserSelf} from './users.schema';
import * as bcrypt from 'bcrypt';
import * as jwt from 'jsonwebtoken';
interface Token {
login: string;
agent: string;
iat: number;
exp: number;
}
import {Token} from './types';
const validateModel = async (user: Document) => {
try {
@ -62,7 +56,13 @@ export class UserService {
return users.map(prepareUserToUserResponse);
}
async create(user: CreateUserRequest): Promise<UserResponse> {
async create(user: CreateUserRequest, requesterLogin: string): Promise<UserResponse> {
const requester = await this.findUser(requesterLogin);
if (!requester.is_admin) {
throw new NotAcceptableException(`Действие запрещено`);
}
const searchUser = await this.findUser(user.login);
if (searchUser) {
@ -122,15 +122,20 @@ export class UserService {
}
await searchUser.updateOne({
...{
avatar: user.avatar,
},
is_admin: user.is_admin,
avatar: user.avatar,
});
return prepareUserToUserResponse(updateUser);
}
async removeOne(login: string): Promise<UserResponse> {
async removeOne(login: string, requesterLogin: string): Promise<UserResponse> {
const requester = await this.findUser(requesterLogin);
if (!requester.is_admin) {
throw new NotAcceptableException(`Действие запрещено`);
}
if (login === 'admin') {
throw new BadRequestException('Запрещено удалять пользователя admin');
}
@ -217,11 +222,23 @@ export class UserService {
return await this.findOne(token.login);
}
async updateUser(user: UpdateUserRequest, requesterLogin: string): Promise<UserResponse> {
const requester = await this.findUser(requesterLogin);
if (!requester.is_admin) {
throw new NotAcceptableException(`Действие запрещено`);
}
return await this.update(user);
}
async updateSelf(access_token: string, {avatar}: UpdateUserSelf): Promise<UserResponse> {
const {login} = jwt.decode(access_token) as Token;
const requester = await this.findUser(login);
return await this.update({
avatar,
login,
is_admin: requester.is_admin,
});
}