From 1add1e573f3ee0bc77faeff04f13dd55498c5863 Mon Sep 17 00:00:00 2001 From: Igor Propisnov Date: Mon, 16 Sep 2024 23:04:46 +0200 Subject: [PATCH] added new guard for protected routes, fix tooltip for sidemenu --- backend/src/modules/auth-module/guard/index.ts | 1 + .../guard/is-authenticated.guard.ts | 9 +++++++++ .../models/dto/signin-response.dto.ts | 17 +++++++++-------- .../auth-module/services/auth.service.ts | 5 +++-- .../layout/main-layout/layout.component.html | 18 ++++++++++-------- 5 files changed, 32 insertions(+), 18 deletions(-) create mode 100644 backend/src/modules/auth-module/guard/is-authenticated.guard.ts diff --git a/backend/src/modules/auth-module/guard/index.ts b/backend/src/modules/auth-module/guard/index.ts index cbc8888..520934f 100644 --- a/backend/src/modules/auth-module/guard/index.ts +++ b/backend/src/modules/auth-module/guard/index.ts @@ -1 +1,2 @@ export * from './local.auth.guard'; +export * from './is-authenticated.guard'; diff --git a/backend/src/modules/auth-module/guard/is-authenticated.guard.ts b/backend/src/modules/auth-module/guard/is-authenticated.guard.ts new file mode 100644 index 0000000..cdabdc7 --- /dev/null +++ b/backend/src/modules/auth-module/guard/is-authenticated.guard.ts @@ -0,0 +1,9 @@ +import { CanActivate, ExecutionContext } from '@nestjs/common'; + +export class IsAuthenticatedGuard implements CanActivate { + public canActivate(context: ExecutionContext): boolean { + const request = context.switchToHttp().getRequest(); + + return request.isAuthenticated(); + } +} diff --git a/backend/src/modules/auth-module/models/dto/signin-response.dto.ts b/backend/src/modules/auth-module/models/dto/signin-response.dto.ts index ea21c77..6e4b5c7 100644 --- a/backend/src/modules/auth-module/models/dto/signin-response.dto.ts +++ b/backend/src/modules/auth-module/models/dto/signin-response.dto.ts @@ -12,12 +12,13 @@ export class SigninResponseDto { @IsEmail() public email: string; - @ApiProperty({ - title: 'User ID', - description: 'User ID', - }) - @IsNotEmpty() - @IsString() - @IsEmail() - public id: string; + // TODO: ID is saved in the session, so it is not needed here + // @ApiProperty({ + // title: 'User ID', + // description: 'User ID', + // }) + // @IsNotEmpty() + // @IsString() + // @IsEmail() + // public id: string; } diff --git a/backend/src/modules/auth-module/services/auth.service.ts b/backend/src/modules/auth-module/services/auth.service.ts index 23886fb..45f7400 100644 --- a/backend/src/modules/auth-module/services/auth.service.ts +++ b/backend/src/modules/auth-module/services/auth.service.ts @@ -49,6 +49,7 @@ export class AuthService { existingUser.id ); + // TODO: Add OTP or 2FA here as an additional security measure await this.passwordConfirmationMailService.sendLoginLinkEmail( magiclink.email, token @@ -202,8 +203,8 @@ export class AuthService { public getLoginResponse( user: SigninResponseDto & { userAgent: string } ): SigninResponseDto { - const { id, email }: SigninResponseDto = user; - const responseData: SigninResponseDto = { id, email }; + const { email }: SigninResponseDto = user; + const responseData: SigninResponseDto = { email }; return responseData; } diff --git a/frontend/src/app/layout/main-layout/layout.component.html b/frontend/src/app/layout/main-layout/layout.component.html index dd915ab..ba8cda2 100644 --- a/frontend/src/app/layout/main-layout/layout.component.html +++ b/frontend/src/app/layout/main-layout/layout.component.html @@ -114,7 +114,7 @@ ? 'compact' : 'closed' " - class="h-full overflow-hidden transition-transform duration-300 ease-in-out bg-primary text-primary-content flex flex-col lg:translate-x-0" + class="h-full transition-transform duration-300 ease-in-out bg-primary text-primary-content flex flex-col lg:translate-x-0" [ngClass]="{ 'w-16': isCompact && !isDrawerOpen, 'w-64': isDrawerOpen, @@ -383,13 +383,15 @@ (keydown.space)="toggleDrawer()"> -
-
-
-
- -
-
+
+
+