summaryrefslogtreecommitdiff
path: root/server/providers/guards/gatewayauth.guard.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server/providers/guards/gatewayauth.guard.ts')
-rw-r--r--server/providers/guards/gatewayauth.guard.ts27
1 files changed, 27 insertions, 0 deletions
diff --git a/server/providers/guards/gatewayauth.guard.ts b/server/providers/guards/gatewayauth.guard.ts
new file mode 100644
index 0000000..0843752
--- /dev/null
+++ b/server/providers/guards/gatewayauth.guard.ts
@@ -0,0 +1,27 @@
+import { Injectable, CanActivate, ExecutionContext } from '@nestjs/common';
+import { JwtService } from '../services/jwt.service';
+import { GuardUtil } from '../util/guard.util';
+import { Socket } from 'socket.io';
+import { WsException } from '@nestjs/websockets';
+
+@Injectable()
+export class GatewayAuthGuard implements CanActivate {
+ constructor(private guardUtil: GuardUtil, private jwtService: JwtService) {}
+
+ canActivate(context: ExecutionContext) {
+ // Handlers and Controllers can both skip this guard in the event that
+ if (this.guardUtil.shouldSkip(this, context)) {
+ return true;
+ }
+
+ const req = context.switchToHttp().getRequest() as Socket;
+ const jwt = req.handshake.auth.token;
+ if (!jwt) throw new WsException('Invalid auth token');
+ try {
+ req.handshake.auth.jwtBody = this.jwtService.parseToken(jwt);
+ } catch (e) {
+ throw new WsException('Invalid auth token');
+ }
+ return true;
+ }
+}
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-09-20 22:48:45 +0000