authguard and roleguard applied

auth guards added
2025-08-27 14:48:18 +02:00 · 2025-08-27 14:47:35 +02:00
3 changed files with 46 additions and 1 deletions
--- a/src/common/guards/auth.guard.ts
+++ b/src/common/guards/auth.guard.ts
@ -0,0 +1,29 @@
+import { CanActivate, ExecutionContext, Injectable, UnauthorizedException } from "@nestjs/common";
+import { JwtService } from "@nestjs/jwt";
+import { Request } from 'express';
+
+
+@Injectable()
+export class AuthGuard implements CanActivate {
+    constructor(private readonly jwtService: JwtService) {}
+
+    async canActivate(context: ExecutionContext): Promise<boolean> {
+        const request = context.switchToHttp().getRequest<Request>();
+        const authHeader = request.headers['authorization'] as string | undefined;
+
+        if (!authHeader || !authHeader.startsWith('Bearer')) {
+            throw new UnauthorizedException('Token manquant ou invalide');
+        }
+
+        const token = authHeader.split(' ')[1];
+        try {
+            const payload = await this.jwtService.verifyAsync(token,
+                { secret: process.env.JWT_SECRET },
+            ); 
+            request.user = payload;
+            return true;
+        } catch (error) {
+            throw new UnauthorizedException('Token invalide ou expire');
+        }
+    }
+}
--- a/src/main.ts
+++ b/src/main.ts
@ -1,8 +1,11 @@
-import { NestFactory } from '@nestjs/core';
+import { NestFactory, Reflector } from '@nestjs/core';
 import { AppModule } from './app.module';
 import { ConfigService } from '@nestjs/config';
 import { SwaggerModule } from '@nestjs/swagger/dist/swagger-module';
 import { DocumentBuilder } from '@nestjs/swagger';
+import { AuthGuard } from './common/guards/auth.guard';
+import { JwtService } from '@nestjs/jwt';
+import { RolesGuard } from './common/guards/roles.guard';

 async function bootstrap() {
  const app = await NestFactory.create(AppModule);
@ -20,6 +23,12 @@ async function bootstrap() {
  const document = SwaggerModule.createDocument(app, config);
  SwaggerModule.setup('api/docs', app, document);

+  const reflector = app.get(Reflector);
+  app.useGlobalGuards(
+    new AuthGuard(app.get(JwtService)),
+    new RolesGuard(reflector)
+  );
+
  await app.listen(port);
  console.log(`✅ P'titsPas API is running on: ${await app.getUrl()}`);
 }
--- a/src/types/express/index.d.ts
+++ b/src/types/express/index.d.ts
@ -0,0 +1,7 @@
+import { Users } from 'src/entities/users.entity';
+
+declare module 'express-serve-static-core' {
+  interface Request {
+    user?: Users | any;
+  }
+}
Author	SHA1	Message	Date
sdraris	1dc1bc4aa3	authguard and roleguard applied	2025-08-27 14:48:18 +02:00
sdraris	6eab2613e4	auth guards added	2025-08-27 14:47:35 +02:00