deletee host
This commit is contained in:
vigdorov
@ -42,9 +42,8 @@ export class AuthController {
|
|||||||
description: 'Объект с логином и паролем пользователя для авторизации'
|
description: 'Объект с логином и паролем пользователя для авторизации'
|
||||||
})
|
})
|
||||||
async authUser(@Req() request: Request<null, AuthRequest>): Promise<TokenResponse> {
|
async authUser(@Req() request: Request<null, AuthRequest>): Promise<TokenResponse> {
|
||||||
const host = request.headers.host;
|
|
||||||
const agent = request.headers['user-agent'];
|
const agent = request.headers['user-agent'];
|
||||||
return await this.userService.authUser(request.body.login, request.body.password, host, agent);
|
return await this.userService.authUser(request.body.login, request.body.password, agent);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post('refresh')
|
@Post('refresh')
|
||||||
@ -56,10 +55,9 @@ export class AuthController {
|
|||||||
description: 'Токен для сброса токенов'
|
description: 'Токен для сброса токенов'
|
||||||
})
|
})
|
||||||
async refreshAuth(@Req() request: Request<null, RefreshAuthRequest>): Promise<TokenResponse> {
|
async refreshAuth(@Req() request: Request<null, RefreshAuthRequest>): Promise<TokenResponse> {
|
||||||
const host = request.headers.host;
|
|
||||||
const agent = request.headers['user-agent'];
|
const agent = request.headers['user-agent'];
|
||||||
const refresh_token = request.body.refresh_token;
|
const refresh_token = request.body.refresh_token;
|
||||||
return await this.userService.refreshAuth(refresh_token, host, agent);
|
return await this.userService.refreshAuth(refresh_token, agent);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post('check')
|
@Post('check')
|
||||||
@ -69,8 +67,8 @@ export class AuthController {
|
|||||||
description: 'Токен для проверки',
|
description: 'Токен для проверки',
|
||||||
})
|
})
|
||||||
async checkAccessToken(@Req() request: Request<null, CheckAuthTokenRequest>): Promise<boolean> {
|
async checkAccessToken(@Req() request: Request<null, CheckAuthTokenRequest>): Promise<boolean> {
|
||||||
const {access_token, host, agent} = request.body;
|
const {access_token, agent} = request.body;
|
||||||
return this.userService.checkAccessToken(access_token, host, agent);
|
return this.userService.checkAccessToken(access_token, agent);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Options([
|
@Options([
|
||||||
|
|||||||
@ -58,9 +58,6 @@ export class CheckAuthTokenRequest {
|
|||||||
@ApiProperty()
|
@ApiProperty()
|
||||||
access_token: string;
|
access_token: string;
|
||||||
|
|
||||||
@ApiProperty()
|
|
||||||
host: string;
|
|
||||||
|
|
||||||
@ApiProperty()
|
@ApiProperty()
|
||||||
agent: string;
|
agent: string;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -8,7 +8,6 @@ import * as jwt from 'jsonwebtoken';
|
|||||||
|
|
||||||
interface Token {
|
interface Token {
|
||||||
login: string;
|
login: string;
|
||||||
host: string;
|
|
||||||
agent: string;
|
agent: string;
|
||||||
iat: number;
|
iat: number;
|
||||||
exp: number;
|
exp: number;
|
||||||
@ -143,17 +142,15 @@ export class UserService {
|
|||||||
return bcrypt.compare(password, hash);
|
return bcrypt.compare(password, hash);
|
||||||
}
|
}
|
||||||
|
|
||||||
generateTokens(login: string, host: string, agent: string): TokenResponse {
|
generateTokens(login: string, agent: string): TokenResponse {
|
||||||
const access_token = jwt.sign({
|
const access_token = jwt.sign({
|
||||||
login,
|
login,
|
||||||
host,
|
|
||||||
agent,
|
agent,
|
||||||
iat: Math.floor(Date.now() / 1000),
|
iat: Math.floor(Date.now() / 1000),
|
||||||
exp: Math.floor(Date.now() / 1000) + (20), // секунды * минуты // выставить 60 * 2
|
exp: Math.floor(Date.now() / 1000) + (20), // секунды * минуты // выставить 60 * 2
|
||||||
}, SECRET_JWT_ACCESS_KEY);
|
}, SECRET_JWT_ACCESS_KEY);
|
||||||
const refresh_token = jwt.sign({
|
const refresh_token = jwt.sign({
|
||||||
login,
|
login,
|
||||||
host,
|
|
||||||
agent,
|
agent,
|
||||||
iat: Math.floor(Date.now() / 1000),
|
iat: Math.floor(Date.now() / 1000),
|
||||||
exp: Math.floor(Date.now() / 1000) + (60 * 5), // секунды * минуты * часы * дни // потом выставить 60 * 60 * 24 * 1
|
exp: Math.floor(Date.now() / 1000) + (60 * 5), // секунды * минуты * часы * дни // потом выставить 60 * 60 * 24 * 1
|
||||||
@ -164,10 +161,10 @@ export class UserService {
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
async authUser(login: string, password: string, host: string, agent: string): Promise<TokenResponse> {
|
async authUser(login: string, password: string, agent: string): Promise<TokenResponse> {
|
||||||
const searchUser = await this.findUser(login);
|
const searchUser = await this.findUser(login);
|
||||||
if (searchUser && await this.checkPassword(password, searchUser.password)) {
|
if (searchUser && await this.checkPassword(password, searchUser.password)) {
|
||||||
return this.generateTokens(login, host, agent);
|
return this.generateTokens(login, agent);
|
||||||
}
|
}
|
||||||
|
|
||||||
throw new BadRequestException('Не верный логин или пароль');
|
throw new BadRequestException('Не верный логин или пароль');
|
||||||
@ -181,21 +178,21 @@ export class UserService {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
checkToken(token: Token, host: string, agent: string): boolean {
|
checkToken(token: Token, agent: string): boolean {
|
||||||
return token.host === host && token.agent === agent;
|
return token.agent === agent;
|
||||||
}
|
}
|
||||||
|
|
||||||
async refreshAuth(refresh_token: string, host: string, agent: string): Promise<TokenResponse> {
|
async refreshAuth(refresh_token: string, agent: string): Promise<TokenResponse> {
|
||||||
this.verifyToken(refresh_token, SECRET_JWT_REFRESH_KEY);
|
this.verifyToken(refresh_token, SECRET_JWT_REFRESH_KEY);
|
||||||
const token = jwt.decode(refresh_token) as Token;
|
const token = jwt.decode(refresh_token) as Token;
|
||||||
const searchUser = await this.findUser(token.login);
|
const searchUser = await this.findUser(token.login);
|
||||||
if (searchUser && this.checkToken(token, host, agent)) {
|
if (searchUser && this.checkToken(token, agent)) {
|
||||||
return this.generateTokens(token.login, host, agent);
|
return this.generateTokens(token.login, agent);
|
||||||
}
|
}
|
||||||
throw new BadRequestException('Unauthorized request');
|
throw new BadRequestException('Unauthorized request');
|
||||||
}
|
}
|
||||||
|
|
||||||
async checkAccessToken(access_token: string, host: string, agent: string): Promise<boolean> {
|
async checkAccessToken(access_token: string, agent: string): Promise<boolean> {
|
||||||
try {
|
try {
|
||||||
this.verifyToken(access_token, SECRET_JWT_ACCESS_KEY);
|
this.verifyToken(access_token, SECRET_JWT_ACCESS_KEY);
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
@ -204,6 +201,6 @@ export class UserService {
|
|||||||
|
|
||||||
const token = jwt.decode(access_token) as Token;
|
const token = jwt.decode(access_token) as Token;
|
||||||
const searchUser = await this.findUser(token.login);
|
const searchUser = await this.findUser(token.login);
|
||||||
return searchUser && this.checkToken(token, host, agent);
|
return searchUser && this.checkToken(token, agent);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Reference in New Issue
Block a user