♻️ Add ID to auth token

staart · Nov 3, 2020 · 86a456d · 86a456d
1 parent 282fcf8
commit 86a456d
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 3 deletions.
diff --git a/src/modules/auth/auth.interface.ts b/src/modules/auth/auth.interface.ts
@@ -4,6 +4,7 @@ import { Request as ExpressRequest } from 'express';
 
 export interface AccessTokenClaims {
   sub: string;
+  id: number;
   scopes: string[];
 }
 

diff --git a/src/modules/auth/auth.service.ts b/src/modules/auth/auth.service.ts
@@ -482,6 +482,7 @@ export class AuthService {
     const scopes = await this.getScopes(userId);
     const payload: AccessTokenClaims = {
       sub: LOGIN_ACCESS_TOKEN,
+      id: userId,
       scopes,
     };
     return this.jwtService.sign(payload, {

diff --git a/src/modules/auth/jwt.strategy.ts b/src/modules/auth/jwt.strategy.ts
@@ -2,6 +2,7 @@ import { ExtractJwt, Strategy } from 'passport-jwt';
 import { PassportStrategy } from '@nestjs/passport';
 import { Injectable, UnauthorizedException } from '@nestjs/common';
 import { AccessTokenClaims, AccessTokenParsed } from './auth.interface';
+import { LOGIN_ACCESS_TOKEN } from '../tokens/tokens.constants';
 
 @Injectable()
 export class JwtStrategy extends PassportStrategy(Strategy) {
@@ -14,9 +15,8 @@ export class JwtStrategy extends PassportStrategy(Strategy) {
   }
 
   async validate(payload: AccessTokenClaims): Promise<AccessTokenParsed> {
-    const { sub, scopes } = payload;
-    const id = Number(sub.replace('user', ''));
-    if (isNaN(id)) throw new UnauthorizedException();
+    const { sub, id, scopes } = payload;
+    if (sub !== LOGIN_ACCESS_TOKEN) throw new UnauthorizedException();
     return { id, scopes };
   }
 }