fix db

EsraDoerksen · Oct 29, 2023 · dec8398 · dec8398
1 parent ff8376f
commit dec8398
Show file tree

Hide file tree

Showing 10 changed files with 329 additions and 30 deletions.
diff --git a/dev-portal/backend/.env.dev b/dev-portal/backend/.env.dev
@@ -1,4 +1,8 @@
 DB_USER=devportaldb
 DB_PWD=bi72-Daiu3g
 DB_NAME=devportaldb
-DB_HOST=localhost
+DB_HOST=localhost
+
+
+
+JWK_URI=https://dev-o8lopd1x78xgb35o.us.auth0.com/.well-known/jwks.json
diff --git a/dev-portal/backend/package-lock.json b/dev-portal/backend/package-lock.json
diff --git a/dev-portal/backend/package.json b/dev-portal/backend/package.json
@@ -23,11 +23,15 @@
     "@nestjs/common": "^10.0.0",
     "@nestjs/config": "^3.1.1",
     "@nestjs/core": "^10.0.0",
+    "@nestjs/passport": "^10.0.2",
     "@nestjs/platform-express": "^10.0.0",
     "@nestjs/serve-static": "^4.0.0",
     "@nestjs/typeorm": "^10.0.0",
     "cross-env": "^7.0.3",
+    "jwks-rsa": "^3.1.0",
     "mysql": "^2.18.1",
+    "passport": "^0.6.0",
+    "passport-jwt": "^4.0.1",
     "reflect-metadata": "^0.1.13",
     "rxjs": "^7.8.1",
     "typeorm": "^0.3.17"
@@ -41,6 +45,7 @@
     "@types/express": "^4.17.17",
     "@types/jest": "^29.5.2",
     "@types/node": "^20.3.1",
+    "@types/passport-jwt": "^3.0.12",
     "@types/supertest": "^2.0.12",
     "@typescript-eslint/eslint-plugin": "^5.59.11",
     "@typescript-eslint/parser": "^5.59.11",

diff --git a/dev-portal/backend/public/apps/2/index.html b/dev-portal/backend/public/apps/2/index.html
@@ -5,7 +5,7 @@ <h1>App2-1</h1>
     <script src="/allinlib.js"></script>
     <script>
       async function machen() {
-        const dbSachen = JSON.stringify(await account());
+        const dbSachen = JSON.stringify(await listDb());
         document.getElementById('frame').innerText = dbSachen;
         console.log('123' + dbSachen);
       }

diff --git a/dev-portal/backend/public/index.html b/dev-portal/backend/public/index.html
@@ -48,6 +48,7 @@
             headers: {
               Accept: 'application/json',
               'Content-Type': 'application/json',
+              Authorization: `Bearer ${id_token}`,
             },
             body: JSON.stringify({ appId, key: data.key, value: data.value }),
           });
@@ -60,6 +61,7 @@
             headers: {
               Accept: 'application/json',
               'Content-Type': 'application/json',
+              Authorization: `Bearer ${id_token}`,
             },
             body: JSON.stringify({ appId }),
           });
@@ -70,10 +72,12 @@
           console.log('return messae: ' + returnMessage);
           event.source.postMessage(returnMessage, event.origin);
         } else if (data.operation === 'user') {
+          console.log('idtokene    ' + id_token);
           const result = await fetch('http://localhost:3001/user', {
             method: 'get',
             headers: {
               Accept: 'application/json',
+              Authorization: `Bearer ${id_token}`,
             },
           });
           const returnMessage = JSON.stringify({
@@ -87,6 +91,7 @@
             method: 'get',
             headers: {
               Accept: 'application/json',
+              Authorization: `Bearer ${id_token}`,
             },
           });
           const returnMessage = JSON.stringify({

diff --git a/dev-portal/backend/src/app.controller.ts b/dev-portal/backend/src/app.controller.ts
@@ -1,7 +1,9 @@
-import { Body, Controller, Get, Post } from '@nestjs/common';
+import { Body, Controller, Get, Post, UseGuards } from '@nestjs/common';
 import { AppService } from './app.service';
 import { HttpService } from '@nestjs/axios';
 import { firstValueFrom } from 'rxjs';
+import { AuthGuard } from '@nestjs/passport';
+import { JwtUser } from './jwt-user.decorator';
 
 @Controller()
 export class AppController {
@@ -15,29 +17,33 @@ export class AppController {
     return this.appService.listApps();
   }
 
+  @UseGuards(AuthGuard('jwt'))
   @Post('sharedDBUpsert')
   upsertSharedDb(@Body() body: { appId: string; key: string; value: any }) {
     console.log('dfdfdfd');
     this.appService.saveSharedDb(body.appId, body.key, body.value);
   }
 
+  @UseGuards(AuthGuard('jwt'))
   @Post('sharedDBList')
   listSharedDb(@Body() body: { appId: string }) {
     return this.appService.listSharedDb(body.appId);
   }
 
+  @UseGuards(AuthGuard('jwt'))
   @Get('user')
-  async getUser() {
-    const userId = 'auth0|653d2616b40aed8716e454dc';
+  async getUser(@JwtUser() u: { userId: string }) {
+    const userId = u.userId;
     const user = await firstValueFrom(
       this.httpService.get(`http://localhost:3000/userdev/${userId}`),
     );
     return user.data;
   }
 
+  @UseGuards(AuthGuard('jwt'))
   @Get('account')
-  async getAccount() {
-    const userId = 'auth0|653d2616b40aed8716e454dc';
+  async getAccount(@JwtUser() u: { userId: string }) {
+    const userId = u.userId;
     const account = await firstValueFrom(
       this.httpService.get(`http://localhost:3000/accountdev/${userId}`),
     );

diff --git a/dev-portal/backend/src/app.module.ts b/dev-portal/backend/src/app.module.ts
@@ -9,10 +9,14 @@ import { ServeStaticModule } from '@nestjs/serve-static';
 import { join } from 'path';
 import { SharedDb } from './entity/shared-db.entity';
 import { HttpModule } from '@nestjs/axios';
+import { PassportModule } from '@nestjs/passport';
+import { JwtStrategy } from './jwt.strategy';
 
 @Module({
   imports: [
     HttpModule,
+    PassportModule,
+    ConfigurationModule,
     ServeStaticModule.forRoot({
       rootPath: join(__dirname, '..', 'public'),
     }),
@@ -25,6 +29,6 @@ import { HttpModule } from '@nestjs/axios';
     TypeOrmModule.forFeature([App, SharedDb]),
   ],
   controllers: [AppController],
-  providers: [AppService],
+  providers: [AppService, JwtStrategy],
 })
 export class AppModule {}
diff --git a/dev-portal/backend/src/config/configuration.service.ts b/dev-portal/backend/src/config/configuration.service.ts
@@ -6,6 +6,10 @@ import { TypeOrmModuleOptions } from '@nestjs/typeorm';
 export class ConfigurationService {
   constructor(private readonly configService: ConfigService) {}
 
+  get jwkUri(): string {
+    return this.configService.get('JWK_URI');
+  }
+
   get typeOrmConfig(): TypeOrmModuleOptions {
     return {
       type: 'mariadb',

diff --git a/dev-portal/backend/src/jwt-user.decorator.ts b/dev-portal/backend/src/jwt-user.decorator.ts
@@ -0,0 +1,8 @@
+import { createParamDecorator, ExecutionContext } from '@nestjs/common';
+
+export const JwtUser = createParamDecorator(
+  (data: unknown, ctx: ExecutionContext) => {
+    const request = ctx.switchToHttp().getRequest();
+    return request.user;
+  },
+);
diff --git a/dev-portal/backend/src/jwt.strategy.ts b/dev-portal/backend/src/jwt.strategy.ts
@@ -0,0 +1,42 @@
+import { ExtractJwt, Strategy } from 'passport-jwt';
+import { PassportStrategy } from '@nestjs/passport';
+import { Injectable } from '@nestjs/common';
+import { passportJwtSecret } from 'jwks-rsa';
+import { ConfigurationService } from './config/configuration.service';
+
+@Injectable()
+export class JwtStrategy extends PassportStrategy(Strategy) {
+  constructor(configurationService: ConfigurationService) {
+    super({
+      jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
+      secretOrKeyProvider: passportJwtSecret({
+        jwksUri: configurationService.jwkUri,
+        handleSigningKeyError: (err, cb) => {
+          console.log(err);
+          cb(err);
+        },
+      }),
+      issuer: 'https://dev-o8lopd1x78xgb35o.us.auth0.com/',
+      audience: 'rL40HzJrA34p4CdhcQjgF65Z4mfwjZ40',
+    });
+  }
+
+  async validate(payload: Payload) {
+    return { userId: payload.sub };
+  }
+}
+
+type Payload = {
+  nickname: string;
+  name: string;
+  picture: string;
+  updated_at: string;
+  email: string;
+  email_verified: boolean;
+  iss: string;
+  aud: string;
+  iat: number;
+  exp: number;
+  sub: string;
+  sid: string;
+};