44 lines
1.2 KiB
TypeScript
44 lines
1.2 KiB
TypeScript
|
import { Injectable, CanActivate, ExecutionContext } from '@nestjs/common';
|
||
|
import { Observable } from 'rxjs';
|
||
|
import { OAuth2Service } from 'src/modules/oauth2/oauth2.service';
|
||
|
import { UserService } from 'src/modules/objects/user/user.service';
|
||
|
|
||
|
/**
|
||
|
* Injects and validates OAuth2 bearer tokens.
|
||
|
*/
|
||
|
@Injectable()
|
||
|
export class OAuth2Guard implements CanActivate {
|
||
|
constructor(private _oauth2: OAuth2Service, private _user: UserService) {}
|
||
|
|
||
|
canActivate(
|
||
|
context: ExecutionContext,
|
||
|
): boolean | Promise<boolean> | Observable<boolean> {
|
||
|
const http = context.switchToHttp();
|
||
|
const request = http.getRequest();
|
||
|
const response = http.getResponse();
|
||
|
|
||
|
return new Promise((resolve, reject) => {
|
||
|
try {
|
||
|
this._oauth2.oauth.bearer(request, response, (content) => {
|
||
|
if (content instanceof Error) {
|
||
|
return reject(content);
|
||
|
}
|
||
|
|
||
|
this._user
|
||
|
.getById(response.locals.accessToken.user_id, [
|
||
|
'picture',
|
||
|
'privileges',
|
||
|
])
|
||
|
.then((user) => {
|
||
|
request.user = user;
|
||
|
resolve(true);
|
||
|
})
|
||
|
.catch(reject);
|
||
|
});
|
||
|
} catch (e: any) {
|
||
|
reject(e);
|
||
|
}
|
||
|
});
|
||
|
}
|
||
|
}
|