diff options
| author | Joseph Ditton <jditton.atomic@gmail.com> | 2021-12-01 20:18:26 -0700 |
|---|---|---|
| committer | Joseph Ditton <jditton.atomic@gmail.com> | 2021-12-01 20:18:26 -0700 |
| commit | 84b45cd6b11347e66437cd92dc20372d0abd6eb9 (patch) | |
| tree | 6e42b5861278485c67159dc57c225983e3fd69f8 /server/controllers/users.controller.ts | |
| parent | d803aaaf1be441f55fe674c3b0c6793e77a9203f (diff) | |
| download | locchat-84b45cd6b11347e66437cd92dc20372d0abd6eb9.tar.gz locchat-84b45cd6b11347e66437cd92dc20372d0abd6eb9.zip | |
adds roles
Diffstat (limited to 'server/controllers/users.controller.ts')
| -rw-r--r-- | server/controllers/users.controller.ts | 25 |
1 files changed, 22 insertions, 3 deletions
diff --git a/server/controllers/users.controller.ts b/server/controllers/users.controller.ts index f9aba90..fda71b3 100644 --- a/server/controllers/users.controller.ts +++ b/server/controllers/users.controller.ts @@ -2,36 +2,53 @@ import { Body, Controller, Get, HttpException, HttpStatus, Post, Res, UseGuards import * as bcrypt from 'bcrypt'; import { Response } from 'express'; import { JwtBody } from 'server/decorators/jwt_body.decorator'; +import { Roles } from 'server/decorators/roles.decorator'; +import { Skip } from 'server/decorators/skip.decorator'; import { CreateUserDto } from 'server/dto/create_user.dto'; import { JwtBodyDto } from 'server/dto/jwt_body.dto'; import { RefreshToken } from 'server/entities/refresh_token.entity'; +import { RoleKey } from 'server/entities/role.entity'; import { User } from 'server/entities/user.entity'; +import { UserRole } from 'server/entities/user_role.entity'; import { AuthGuard } from 'server/providers/guards/auth.guard'; import { JwtService } from 'server/providers/services/jwt.service'; import { RefreshTokensService } from 'server/providers/services/refresh_tokens.service'; +import { RolesService } from 'server/providers/services/roles.service'; import { UsersService } from 'server/providers/services/users.service'; @Controller() export class UsersController { constructor( private usersService: UsersService, + private rolesService: RolesService, private jwtService: JwtService, private refreshTokenService: RefreshTokensService, ) {} + @Get('/users') + @Roles(RoleKey.ADMIN) + async index() { + const users = await this.usersService.findAll(); + return { users }; + } + @Get('/users/me') - @UseGuards(AuthGuard) async getCurrentUser(@JwtBody() jwtBody: JwtBodyDto) { const user = await this.usersService.find(jwtBody.userId); return { user }; } @Post('/users') + @Skip(AuthGuard) async create(@Body() userPayload: CreateUserDto, @Res({ passthrough: true }) res: Response) { const newUser = new User(); newUser.email = userPayload.email; newUser.name = userPayload.name; newUser.passwordHash = await bcrypt.hash(userPayload.password, 10); + const [role] = await this.rolesService.findByKey(RoleKey.USER); + const userRole = new UserRole(); + userRole.role = role; + newUser.userRoles = [userRole]; try { const user = await this.usersService.create(newUser); @@ -39,9 +56,11 @@ export class UsersController { const newRefreshToken = new RefreshToken(); newRefreshToken.user = user; const refreshToken = await this.refreshTokenService.create(newRefreshToken); - // issue jwt and refreshJwtToken - const token = this.jwtService.issueToken({ userId: user.id }); + // note the roles hard coded to just USER. + // If you want to allow users to sign up as different roles then + // you will need to update this here. + const token = this.jwtService.issueToken({ userId: user.id, roles: [RoleKey.USER] }); const refreshJwtToken = this.jwtService.issueRefreshToken({ id: refreshToken.id, userId: user.id }); // only refresh token should go in the cookie |