125 lines
3.2 KiB
TypeScript
125 lines
3.2 KiB
TypeScript
import {
|
|
BadRequestException,
|
|
HttpStatus,
|
|
Injectable,
|
|
Res,
|
|
UnauthorizedException,
|
|
} from '@nestjs/common';
|
|
import { JwtService } from '@nestjs/jwt';
|
|
import * as bcrypt from 'bcrypt';
|
|
import { AdminsService } from '../admins/services/admins.service';
|
|
import Admin from '../admins/entities/admin.entity';
|
|
import { plainToClass } from 'class-transformer';
|
|
import { Request, Response } from 'express';
|
|
import { Constant } from './ultils/constant';
|
|
import { ChangePasswordDto } from './dto/change-password.dto';
|
|
import AppResponse from '@/response/app-response';
|
|
import { GenerateKeysService } from '../admins/services/generate-key.service';
|
|
|
|
@Injectable()
|
|
export class AuthService {
|
|
constructor(
|
|
private jwtService: JwtService,
|
|
private readonly adminService: AdminsService,
|
|
private readonly generateKeyService: GenerateKeysService,
|
|
) {}
|
|
|
|
async validateAdmin(
|
|
username: string,
|
|
password: string,
|
|
message = 'Username or Password is cornet',
|
|
) {
|
|
const user = await this.adminService.adminRepo.findOne({
|
|
where: { username },
|
|
});
|
|
|
|
if (!user || !(await bcrypt.compare(password, user.password))) {
|
|
throw new UnauthorizedException(
|
|
AppResponse.toResponse(null, {
|
|
message,
|
|
status_code: HttpStatus.UNAUTHORIZED,
|
|
}),
|
|
);
|
|
}
|
|
|
|
return user;
|
|
}
|
|
|
|
async login(user: Admin, response: Response) {
|
|
const payload = { _id: user.id };
|
|
const accessToken = this.jwtService.sign(payload, { expiresIn: '15m' });
|
|
const refreshToken = this.jwtService.sign(
|
|
{ refresh_key: true, ...payload },
|
|
{ expiresIn: '7d' },
|
|
);
|
|
|
|
response.cookie(Constant.ACCESS_TOKEN, accessToken, {
|
|
httpOnly: true,
|
|
maxAge: 15 * 60 * 1000,
|
|
sameSite: 'lax',
|
|
});
|
|
|
|
response.cookie(Constant.REFRESH_TOKEN, refreshToken, {
|
|
httpOnly: true,
|
|
maxAge: 7 * 24 * 60 * 60 * 1000,
|
|
sameSite: 'lax',
|
|
});
|
|
|
|
return AppResponse.toResponse(true, { message: 'Login Success' });
|
|
}
|
|
|
|
async logout(@Res() response: Response) {
|
|
response.cookie(Constant.ACCESS_TOKEN, '', {
|
|
httpOnly: true,
|
|
maxAge: 0,
|
|
sameSite: 'lax',
|
|
});
|
|
|
|
response.cookie(Constant.REFRESH_TOKEN, '', {
|
|
httpOnly: true,
|
|
maxAge: 0,
|
|
sameSite: 'lax',
|
|
});
|
|
|
|
return AppResponse.toResponse(true, { message: 'Logout Success' });
|
|
}
|
|
|
|
async changePassword(
|
|
data: ChangePasswordDto,
|
|
request: Request,
|
|
response: Response,
|
|
) {
|
|
const admin = request['admin'];
|
|
|
|
if (!admin) throw new UnauthorizedException(AppResponse.toResponse(false));
|
|
|
|
await this.validateAdmin(
|
|
admin.username,
|
|
data.password,
|
|
'Password is invalid !',
|
|
);
|
|
|
|
const newPassword = await bcrypt.hash(data.newPassword, 10);
|
|
const result = await this.adminService.adminRepo.update(admin.id, {
|
|
password: newPassword,
|
|
});
|
|
|
|
if (!result.affected)
|
|
throw new BadRequestException(AppResponse.toResponse(false));
|
|
|
|
await this.logout(response);
|
|
|
|
return AppResponse.toResponse(true, {
|
|
message: 'Change password success. Please re-login !',
|
|
});
|
|
}
|
|
|
|
async me(request: Request) {
|
|
const admin = request['admin'];
|
|
|
|
if (!admin) throw new UnauthorizedException(AppResponse.toResponse(null));
|
|
|
|
return AppResponse.toResponse(admin);
|
|
}
|
|
}
|