Merge pull request #14 from Brints/jwt-config

feat: jwt config

brints-estate-api/src/auth/auth.module.ts

@@ -1,17 +1,22 @@
 import { forwardRef, Module } from '@nestjs/common';
+import { ConfigModule, ConfigService } from '@nestjs/config';
+import { JwtModule } from '@nestjs/jwt';
+
 import { AuthController } from './auth.controller';
 import { AuthService } from './providers/auth.service';
 import { UsersModule } from 'src/users/users.module';
 import { HashingProvider } from './providers/hashing.provider';
 import { BcryptProvider } from './providers/bcrypt.provider';
 import { CreateUserProvider } from './providers/create-user.provider';
-import { UserHelper } from 'src/utils/userHelper.lib';
-import { GenerateTokenHelper } from 'src/utils/generate-token.lib';
+import { UserHelper } from '../utils/userHelper.lib';
+import { GenerateTokenHelper } from '../utils/generate-token.lib';
 import { LoginUserProvider } from './providers/login-user.provider';
+import jwtConfig from './config/jwt.config';
 
 @Module({
   controllers: [AuthController],
   providers: [
+    ConfigService,
     AuthService,
     CreateUserProvider,
     LoginUserProvider,
@@ -22,7 +27,11 @@ import { LoginUserProvider } from './providers/login-user.provider';
       useClass: BcryptProvider,
     },
   ],
-  imports: [forwardRef(() => UsersModule)],
+  imports: [
+    forwardRef(() => UsersModule),
+    ConfigModule.forFeature(jwtConfig),
+    JwtModule.registerAsync(jwtConfig.asProvider()),
+  ],
   exports: [AuthService, HashingProvider],
 })
 export class AuthModule {}

brints-estate-api/src/auth/config/jwt.config.ts

@@ -0,0 +1,10 @@
+import { registerAs } from '@nestjs/config';
+
+export default registerAs('jwt', () => {
+  return {
+    secret: process.env.JWT_SECRET,
+    expiresIn: parseInt(process.env.JWT_ACCESS_TOKEN_TTL ?? '3600', 10),
+    audience: process.env.JWT_TOKEN_AUDIENCE,
+    issuer: process.env.JWT_TOKEN_ISSUER,
+  };
+});

brints-estate-api/src/auth/guards/access-token/access-token.guard.ts

@@ -0,0 +1,11 @@
+import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common';
+import { Observable } from 'rxjs';
+
+@Injectable()
+export class AccessTokenGuard implements CanActivate {
+  canActivate(
+    context: ExecutionContext,
+  ): boolean | Promise<boolean> | Observable<boolean> {
+    return true;
+  }
+}

brints-estate-api/src/auth/providers/login-user.provider.ts

@@ -1,11 +1,15 @@
 import { forwardRef, HttpStatus, Inject, Injectable } from '@nestjs/common';
 import { Repository } from 'typeorm';
 import { InjectRepository } from '@nestjs/typeorm';
+import { JwtService } from '@nestjs/jwt';
+import { ConfigType } from '@nestjs/config';
 
 import { User } from 'src/users/entities/user.entity';
 import { HashingProvider } from './hashing.provider';
 import { LoginUserDto } from '../dto/login.dto';
 import { CustomException } from 'src/exceptions/custom.exception';
+import jwtConfig from '../config/jwt.config';
+import { JwtPayload } from 'src/types/jwt.interface';
 
 @Injectable()
 export class LoginUserProvider {
@@ -15,9 +19,16 @@ export class LoginUserProvider {
 
     @Inject(forwardRef(() => HashingProvider))
     private readonly hashingProvider: HashingProvider,
+
+    private readonly jwtService: JwtService,
+
+    @Inject(jwtConfig.KEY)
+    private readonly jwtConfiguration: ConfigType<typeof jwtConfig>,
   ) {}
 
-  public async loginUser(loginUserDto: LoginUserDto): Promise<User> {
+  public async loginUser(
+    loginUserDto: LoginUserDto,
+  ): Promise<{ access_token: string }> {
     const user = await this.userRepository.findOne({
       where: { email: loginUserDto.email },
     });
@@ -38,6 +49,29 @@ export class LoginUserProvider {
       );
     }
 
-    return user;
+    if (!user.isVerified) {
+      throw new CustomException(
+        HttpStatus.BAD_REQUEST,
+        'User account not verified',
+      );
+    }
+
+    const payload: JwtPayload = {
+      sub: user.id,
+      first_name: user.first_name,
+      last_name: user.last_name,
+      email: user.email,
+      role: user.role,
+      verified: user.isVerified,
+    };
+
+    const access_token = await this.jwtService.signAsync(payload, {
+      secret: this.jwtConfiguration.secret,
+      expiresIn: this.jwtConfiguration.expiresIn,
+      audience: this.jwtConfiguration.audience,
+      issuer: this.jwtConfiguration.issuer,
+    });
+
+    return { access_token };
   }
 }

brints-estate-api/src/config/config.service.ts

@@ -17,6 +17,16 @@ export class AppConfigService {
       app: {
         port: this.configService.get<number>('APP_PORT') as number,
       },
+      jwt: {
+        secret: this.configService.get<string>('JWT_SECRET') as string,
+        expiresIn: this.configService.get<number>(
+          'JWT_ACCESS_TOKEN_TTL',
+        ) as number,
+        audience: this.configService.get<string>(
+          'JWT_TOKEN_AUDIENCE',
+        ) as string,
+        issuer: this.configService.get<string>('JWT_TOKEN_ISSUER') as string,
+      },
     };
   }
 }

brints-estate-api/src/main.ts

@@ -4,6 +4,7 @@ import { Logger, ValidationPipe } from '@nestjs/common';
 
 import { AppModule } from './app.module';
 import { swaggerInitializer } from './config/config.swagger';
+import { HttpExceptionFilter } from './exceptions/http-exception.filter';
 
 async function bootstrap() {
   const app = await NestFactory.create(AppModule);
@@ -14,6 +15,8 @@ async function bootstrap() {
     }),
   );
 
+  app.useGlobalFilters(new HttpExceptionFilter());
+
   const configService = new ConfigService();
 
   const port = configService.get('APP_PORT');

brints-estate-api/src/types/jwt.interface.ts

@@ -0,0 +1,10 @@
+export interface JwtPayload {
+  sub: string;
+  first_name: string;
+  last_name: string;
+  email: string;
+  role: string;
+  verified: boolean;
+  iat?: number;
+  exp?: number;
+}

brints-estate-api/tsconfig.build.json

@@ -1,4 +1,5 @@
 {
   "extends": "./tsconfig.json",
+  "include": ["src/**/*.ts", "src/**/*.d.ts"],
   "exclude": ["node_modules", "test", "dist", "**/*spec.ts"]
 }