diff --git a/backend/src/decorators/authenticated.ts b/backend/src/decorators/authenticated.ts new file mode 100644 index 0000000..5430f7f --- /dev/null +++ b/backend/src/decorators/authenticated.ts @@ -0,0 +1,10 @@ +import { CanActivate, UseGuards } from '@nestjs/common'; +import { AdminGuard } from '../managers/auth/guards/admin.guard'; +import { JwtAuthGuard } from '../managers/auth/guards/jwt.guard'; + +export const Authenticated = (adminOnly: boolean = false) => { + const guards: (Function | CanActivate)[] = [JwtAuthGuard]; + if (adminOnly) guards.push(AdminGuard); + + return UseGuards(...guards); +}; diff --git a/backend/src/routes/api/auth/auth.controller.ts b/backend/src/routes/api/auth/auth.controller.ts index c8d65cd..fa7e212 100644 --- a/backend/src/routes/api/auth/auth.controller.ts +++ b/backend/src/routes/api/auth/auth.controller.ts @@ -1,5 +1,11 @@ import { - Body, Controller, Get, InternalServerErrorException, Post, Request, UseGuards + Body, + Controller, + Get, + InternalServerErrorException, + Post, + Request, + UseGuards } from '@nestjs/common'; import { AuthDeleteRequest, @@ -8,9 +14,8 @@ import { AuthRegisterRequest } from 'picsur-shared/dist/dto/auth.dto'; import { HasFailed } from 'picsur-shared/dist/types'; +import { Authenticated } from '../../../decorators/authenticated'; import { AuthManagerService } from '../../../managers/auth/auth.service'; -import { AdminGuard } from '../../../managers/auth/guards/admin.guard'; -import { JwtAuthGuard } from '../../../managers/auth/guards/jwt.guard'; import { LocalAuthGuard } from '../../../managers/auth/guards/localauth.guard'; import AuthFasityRequest from '../../../models/dto/authrequest.dto'; @@ -18,8 +23,8 @@ import AuthFasityRequest from '../../../models/dto/authrequest.dto'; export class AuthController { constructor(private authService: AuthManagerService) {} - @UseGuards(LocalAuthGuard) @Post('login') + @UseGuards(LocalAuthGuard) async login(@Request() req: AuthFasityRequest) { const response: AuthLoginResponse = { jwt_token: await this.authService.createToken(req.user), @@ -28,8 +33,8 @@ export class AuthController { return response; } - @UseGuards(JwtAuthGuard, AdminGuard) @Post('create') + @Authenticated(true) async register( @Request() req: AuthFasityRequest, @Body() register: AuthRegisterRequest, @@ -50,8 +55,8 @@ export class AuthController { return user; } - @UseGuards(JwtAuthGuard, AdminGuard) @Post('delete') + @Authenticated(true) async delete( @Request() req: AuthFasityRequest, @Body() deleteData: AuthDeleteRequest, @@ -65,8 +70,8 @@ export class AuthController { return user; } - @UseGuards(JwtAuthGuard, AdminGuard) @Get('list') + @Authenticated(true) async listUsers(@Request() req: AuthFasityRequest) { const users = this.authService.listUsers(); if (HasFailed(users)) { @@ -77,8 +82,8 @@ export class AuthController { return users; } - @UseGuards(JwtAuthGuard) @Get('me') + @Authenticated() async me(@Request() req: AuthFasityRequest) { const meResponse: AuthMeResponse = new AuthMeResponse(); meResponse.user = req.user; diff --git a/backend/src/routes/api/pref/pref.controller.ts b/backend/src/routes/api/pref/pref.controller.ts index 90db5c5..58b4c42 100644 --- a/backend/src/routes/api/pref/pref.controller.ts +++ b/backend/src/routes/api/pref/pref.controller.ts @@ -2,9 +2,9 @@ import { Body, Controller, Get, - InternalServerErrorException, Param, - Post, - UseGuards + InternalServerErrorException, + Param, + Post } from '@nestjs/common'; import { SysPreferences, @@ -12,11 +12,10 @@ import { } from 'picsur-shared/dist/dto/syspreferences.dto'; import { HasFailed } from 'picsur-shared/dist/types'; import { SysPreferenceService } from '../../../collections/syspreferencesdb/syspreferencedb.service'; -import { AdminGuard } from '../../../managers/auth/guards/admin.guard'; -import { JwtAuthGuard } from '../../../managers/auth/guards/jwt.guard'; +import { Authenticated } from '../../../decorators/authenticated'; -@UseGuards(JwtAuthGuard, AdminGuard) @Controller('api/pref') +@Authenticated(true) export class PrefController { constructor(private prefService: SysPreferenceService) {}