summaryrefslogtreecommitdiff
path: root/server/controllers/users.controller.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server/controllers/users.controller.ts')
-rw-r--r--server/controllers/users.controller.ts65
1 files changed, 36 insertions, 29 deletions
diff --git a/server/controllers/users.controller.ts b/server/controllers/users.controller.ts
index 120a2b3..f9aba90 100644
--- a/server/controllers/users.controller.ts
+++ b/server/controllers/users.controller.ts
@@ -1,50 +1,57 @@
-import {
- Body,
- Controller,
- HttpException,
- HttpStatus,
- Post,
- Res,
-} from '@nestjs/common';
+import { Body, Controller, Get, HttpException, HttpStatus, Post, Res, UseGuards } from '@nestjs/common';
import * as bcrypt from 'bcrypt';
import { Response } from 'express';
-import * as jwt from 'jsonwebtoken';
+import { JwtBody } from 'server/decorators/jwt_body.decorator';
import { CreateUserDto } from 'server/dto/create_user.dto';
+import { JwtBodyDto } from 'server/dto/jwt_body.dto';
+import { RefreshToken } from 'server/entities/refresh_token.entity';
import { User } from 'server/entities/user.entity';
+import { AuthGuard } from 'server/providers/guards/auth.guard';
+import { JwtService } from 'server/providers/services/jwt.service';
+import { RefreshTokensService } from 'server/providers/services/refresh_tokens.service';
import { UsersService } from 'server/providers/services/users.service';
@Controller()
export class UsersController {
- constructor(private usersService: UsersService) {}
+ constructor(
+ private usersService: UsersService,
+ private jwtService: JwtService,
+ private refreshTokenService: RefreshTokensService,
+ ) {}
+
+ @Get('/users/me')
+ @UseGuards(AuthGuard)
+ async getCurrentUser(@JwtBody() jwtBody: JwtBodyDto) {
+ const user = await this.usersService.find(jwtBody.userId);
+ return { user };
+ }
@Post('/users')
- async create(
- @Body() userPayload: CreateUserDto,
- @Res({ passthrough: true }) res: Response,
- ) {
+ async create(@Body() userPayload: CreateUserDto, @Res({ passthrough: true }) res: Response) {
const newUser = new User();
newUser.email = userPayload.email;
newUser.name = userPayload.name;
- newUser.password_hash = await bcrypt.hash(userPayload.password, 10);
+ newUser.passwordHash = await bcrypt.hash(userPayload.password, 10);
try {
const user = await this.usersService.create(newUser);
- // assume signup and write cookie
- // Write JWT to cookie and send with response.
- const token = jwt.sign(
- {
- user_id: user.id,
- },
- process.env.ENCRYPTION_KEY,
- { expiresIn: '1h' },
- );
- res.cookie('_token', token);
+ // create refresh token in database for user
+ const newRefreshToken = new RefreshToken();
+ newRefreshToken.user = user;
+ const refreshToken = await this.refreshTokenService.create(newRefreshToken);
+
+ // issue jwt and refreshJwtToken
+ const token = this.jwtService.issueToken({ userId: user.id });
+ const refreshJwtToken = this.jwtService.issueRefreshToken({ id: refreshToken.id, userId: user.id });
+
+ // only refresh token should go in the cookie
+ res.cookie('_refresh_token', refreshJwtToken, {
+ httpOnly: true, // prevents javascript code from accessing cookie (helps protect against XSS attacks)
+ });
+
return { user, token };
} catch (e) {
- throw new HttpException(
- `User creation failed. ${e.message}`,
- HttpStatus.BAD_REQUEST,
- );
+ throw new HttpException(`User creation failed. ${e.message}`, HttpStatus.BAD_REQUEST);
}
}
}
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-09-21 04:43:06 +0000