Typescript 在RolesGuard中使用JwtService解码JWT令牌并获取用户角色,而无需使用passport
我真的不知道该怎么解决我的问题。我尝试在控制器中为受保护的路由实现AuthGuard。我想检查roles.guard.ts中的用户角色,如果他有一个所需的角色,控制器将为他打开。我的结构看起来像:Typescript 在RolesGuard中使用JwtService解码JWT令牌并获取用户角色,而无需使用passport,typescript,jwt,nestjs,Typescript,Jwt,Nestjs,我真的不知道该怎么解决我的问题。我尝试在控制器中为受保护的路由实现AuthGuard。我想检查roles.guard.ts中的用户角色,如果他有一个所需的角色,控制器将为他打开。我的结构看起来像: - src - auth auth.controller.ts auth.service.ts auth.module.ts - roles roles.decorator.ts roles.guard.ts app.module.ts main
- src
- auth
auth.controller.ts
auth.service.ts
auth.module.ts
- roles
roles.decorator.ts
roles.guard.ts
app.module.ts
main.ts
在auth.service.ts中,我使用JwtService生成令牌并验证令牌,它也可以工作:
import { Injectable } from '@nestjs/common';
import { JwtService } from '@nestjs/jwt';
@Injectable()
export class AuthService {
constructor(
private readonly jwtService: JwtService
) {
}
findUser(id: number): string {
if (id === 0) throw new Error("User not available");
return "martin";
}
async generateToken(email: string, role: string[]): Promise<string> {
const payload = { email: email, role: role };
return this.jwtService.sign(payload, { expiresIn: '24h', secret: process.env['JWT_SECRET'] });
}
async validateToken(token: string): Promise<boolean> {
const isValidToken = await this.jwtService.verify(token, { secret: process.env['JWT_SECRET'] });
return !!isValidToken;
}
}
我的auth.module.ts没有什么特别之处,与文档中相同:
import { Module } from '@nestjs/common';
import { AuthService } from './auth.service';
import { AuthController } from './auth.controller';
import { JwtModule } from '@nestjs/jwt';
@Module({
imports: [JwtModule.register({
secret: process.env['JWT_SECRET']
})],
controllers: [AuthController],
providers: [AuthService],
})
export class AuthModule {
}
在roles.guard.ts中,它被激活以检查@roles
中的角色,我想使用JwtService解码存储在cookies中的JWT令牌,因此我编写了以下代码:
import { Injectable, CanActivate, ExecutionContext } from '@nestjs/common';
import { Reflector } from '@nestjs/core';
import { Observable } from 'rxjs';
import { JwtService } from '@nestjs/jwt';
@Injectable()
export class RolesGuard implements CanActivate {
constructor(
private readonly reflector: Reflector,
private jwtService: JwtService
) {
}
canActivate(context: ExecutionContext): boolean | Promise<boolean> | Observable<boolean> {
const roles = this.reflector.get<string[]>('roles', context.getHandler());
if (!roles) return true;
const request = context.switchToHttp().getRequest();
const user = request.headers;
if (!user.auth_token) return false;
const matchRoles = () => this.jwtService.verify(user.auth_token, { secret: process.env['JWT_SECRET'] });
console.log(matchRoles());
}
}
在myapp.module.ts的末尾:
import { Module } from '@nestjs/common';
import { TypeOrmModule } from '@nestjs/typeorm';
import { ConfigModule } from '@nestjs/config';
import { Connection } from 'typeorm';
import { APP_GUARD } from '@nestjs/core';
import { RolesGuard } from './roles/roles.guard';
import { AuthModule } from './auth/auth.module';
@Module({
imports: [
ConfigModule.forRoot({
envFilePath: ['.env.development', '.env.production'],
}),
TypeOrmModule.forRoot({
entities: [],
synchronize: true
}),
AuthModule,
RolesGuard
],
controllers: [],
providers: [
{
provide: APP_GUARD,
useClass: RolesGuard
}
],
})
export class AppModule {
constructor(private connection: Connection) {
}
}
我不知道该怎么办?另一个模块仅用于
角色.guard.ts
或什么?我真的不想使用passport并实现他的策略,而我应该(理论上)使用JwtService属性。或者我应该将角色。*
文件移动到auth
目录?RolesGuard
不应该在imports
数组中。在imports
数组中唯一应该的是。所有嵌套增强子(、、和)也存在于提供程序
数组之外,除非您将它们与各自的APP.*
常量进行全局绑定
Nest can't resolve dependencies of the RolesGuard (Reflector,?). Please make sure that the argument JwtService at index [1] is available in the RolesGuard context.
Potential solutions:
- If JwtService is a provider, is it part of the current Rol
esGuard?
- If JwtService is exported from a separate @Module, is that
module imported within RolesGuard?
@Module({
imports: [ /* the Module containing JwtService */ ]
})
import { Module } from '@nestjs/common';
import { TypeOrmModule } from '@nestjs/typeorm';
import { ConfigModule } from '@nestjs/config';
import { Connection } from 'typeorm';
import { APP_GUARD } from '@nestjs/core';
import { RolesGuard } from './roles/roles.guard';
import { AuthModule } from './auth/auth.module';
@Module({
imports: [
ConfigModule.forRoot({
envFilePath: ['.env.development', '.env.production'],
}),
TypeOrmModule.forRoot({
entities: [],
synchronize: true
}),
AuthModule,
RolesGuard
],
controllers: [],
providers: [
{
provide: APP_GUARD,
useClass: RolesGuard
}
],
})
export class AppModule {
constructor(private connection: Connection) {
}
}