on auth token

src/app.module.ts

@@ -1,6 +1,6 @@
-import {Module, NestModule, MiddlewareConsumer} from '@nestjs/common';
+import {Module, HttpModule} from '@nestjs/common';
 import {MongooseModule} from '@nestjs/mongoose';
-import {MONGO_URL, DB_NAME, DB_TEST_NAME, DB_LOGGER, COLLECTION_STORE} from './consts';
+import {MONGO_URL, DB_NAME, DB_TEST_NAME, DB_LOGGER} from './consts';
 import {StoreService} from './store/store.service';
 import {Store, StoreSchema} from './store/store.schema';
 import {StoreController} from './store/store.controller';
@@ -8,6 +8,7 @@ import {StoreController} from './store/store.controller';
 import {LogsService} from './logs/logs.service';
 import {LogsController} from './logs/logs.controller';
 import {ClientLog, ClientLogSchema, ServerLog, ServerLogSchema} from './logs/logs.schema';
+import {AuthService} from './services/auth.service';
 
 @Module({
     imports: [
@@ -30,6 +31,7 @@ import {ClientLog, ClientLogSchema, ServerLog, ServerLogSchema} from './logs/log
             {name: ClientLog.name, schema: ClientLogSchema},
             {name: ServerLog.name, schema: ServerLogSchema},
         ], DB_LOGGER),
+        HttpModule,
     ],
     controllers: [
         StoreController,
@@ -38,6 +40,7 @@ import {ClientLog, ClientLogSchema, ServerLog, ServerLogSchema} from './logs/log
     providers: [
         StoreService,
         LogsService,
+        AuthService,
     ]
 })
 export class AppModule {}

src/logs/logs.controller.ts

@@ -1,14 +1,17 @@
-import {Controller, Get, Header, Delete, Options, HttpCode} from '@nestjs/common';
+import {Controller, Get, Header, Delete, Options, HttpCode, Req} from '@nestjs/common';
 import {ApiTags, ApiResponse} from '@nestjs/swagger';
 import {LogsService} from './logs.service';
 import {ALLOW_ORIGIN_ALL, COLLECTION_LOGS, LOG_TYPE, ALLOW_METHOD, ALLOW_CREDENTIALS, CONTENT_LENGTH, ALLOW_HEADERS} from 'src/consts';
 import {ClienLogResponse, ServerLogResponse} from './logs.schema';
+import {AuthService} from 'src/services/auth.service';
+import {Request} from 'express';
 
 @Controller(COLLECTION_LOGS)
 @ApiTags(COLLECTION_LOGS)
 export class LogsController {
     constructor(
-        private readonly logsService: LogsService
+        private readonly logsService: LogsService,
+        private readonly authService: AuthService,
     ) {}
 
     @Get('/client')
@@ -19,7 +22,9 @@ export class LogsController {
         type: ClienLogResponse,
         isArray: true,
     })
-    async findAllClientLogs(): Promise<ClienLogResponse[]> {
+    async findAllClientLogs(@Req() request: Request): Promise<ClienLogResponse[]> {
+        await this.authService.checkRequest(request);
+
         return await this.logsService.findAllClientLogs();
     }
 
@@ -31,7 +36,9 @@ export class LogsController {
         type: ClienLogResponse,
         isArray: true,
     })
-    async clearAllClientLogs(): Promise<ClienLogResponse[]> {
+    async clearAllClientLogs(@Req() request: Request): Promise<ClienLogResponse[]> {
+        await this.authService.checkRequest(request);
+
         return await this.logsService.clearLogsByType(LOG_TYPE.CLIENT);
     }
 
@@ -43,7 +50,9 @@ export class LogsController {
         type: ServerLogResponse,
         isArray: true,
     })
-    async findAllServerLogs(): Promise<ServerLogResponse[]> {
+    async findAllServerLogs(@Req() request: Request): Promise<ServerLogResponse[]> {
+        await this.authService.checkRequest(request);
+
         return await this.logsService.findAllServerLogs();
     }
 
@@ -55,7 +64,9 @@ export class LogsController {
         type: ServerLogResponse,
         isArray: true,
     })
-    async clearAllServerLogs(): Promise<ServerLogResponse[]> {
+    async clearAllServerLogs(@Req() request: Request): Promise<ServerLogResponse[]> {
+        await this.authService.checkRequest(request);
+        
         return await this.logsService.clearLogsByType(LOG_TYPE.SERVER);
     }
 

src/services/auth.service.ts

@@ -0,0 +1,21 @@
+import {Injectable, UnauthorizedException, HttpService} from '@nestjs/common';
+import {Request} from 'express';
+
+@Injectable()
+export class AuthService {
+    constructor(
+        private http: HttpService
+    ) {}
+
+    async checkRequest(request: Request): Promise<boolean> {
+        const {data} = await this.http.post('http://api.auth.vigdorov.ru/auth/check', {
+            access_token: request.headers.authorization,
+            agent: request.headers['user-agent']
+        }).toPromise();
+
+        if (!data) {
+            throw new UnauthorizedException('Доступ запрещен');
+        }
+        return data;
+    }
+}

src/store/store.controller.ts

@@ -18,6 +18,7 @@ import {
   REMOVE_SUCCESS,
   REMOVE_NOT_FOUND,
 } from './store.responses';
+import {AuthService} from 'src/services/auth.service';
 
 const prepareStoreToStoreRequest = ({
     key, value, description, service_name, author
@@ -35,13 +36,17 @@ const makeApiHeader = (request: Request): string => {
 @ApiTags(COLLECTION_STORE)
 export class StoreController {
     constructor(
-        private readonly storeService: StoreService
+        private readonly storeService: StoreService,
+        private readonly authService: AuthService,
     ) {}
 
+    
     @Get()
     @Header(...ALLOW_ORIGIN_ALL)
     @ApiResponse(FIND_ALL_SUCCESS)
     async findAll(@Req() request: Request): Promise<StoreRequest[]> {
+        await this.authService.checkRequest(request);
+
         const api = makeApiHeader(request);
         const storeList = await this.storeService.findAll(api);
         return storeList.map(prepareStoreToStoreRequest);
@@ -56,6 +61,8 @@ export class StoreController {
         description: 'Ключ для поиска хранилища',
     })
     async findOne(@Req() request: Request<{key: string}>): Promise<StoreRequest> {
+        await this.authService.checkRequest(request);
+
         const {key} = request.params;
         const api = makeApiHeader(request);
         const store = await this.storeService.findOne(api, key);