[英]How to always validate JWT without guards decorator? (Nest.js + passport)
[英]How to pass request object through Nest.js Guards with Nest.js Passport Module and Passport Discord?
我正在使用nest.js 以及它的護照模塊和護照不和諧來處理discord oauth2 身份驗證。
但是,我想通過身份驗證保護從我的登錄路由傳遞請求 object 以供稍后在我檢查一些數據的行中使用,然后在某些情況下需要對請求 object 調用logOut()
方法。
Controller:
@Get('login')
@UseGuards(DiscordAuthGuard)
login() {
console.log('hello123');
}
警衛:
import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common';
import { AuthGuard } from '@nestjs/passport';
export class DiscordAuthGuard extends AuthGuard('discord') {
async canActivate(context: ExecutionContext) {
const activate = (await super.canActivate(context)) as boolean;
const request = context.switchToHttp().getRequest();
await super.logIn(request);
return activate;
}
}
Discord 策略:
import { Inject } from '@nestjs/common';
import { PassportStrategy } from '@nestjs/passport';
import { Profile, Strategy } from 'passport-discord';
import { IAuthService } from '../interfaces/auth';
export class DiscordStrategy extends PassportStrategy(Strategy) {
constructor(
@Inject('AUTH_SERVICE') private readonly authService: IAuthService,
) {
super({
clientID: 'REDACTED',
clientSecret: 'REDACTED',
callbackURL: 'http://localhost:4000/api/auth/redirect',
scope: ['identify'],
});
}
async validate(accessToken: string, refreshToken: string, profile: Profile) {
console.log('DiscordStrategy Validate Method');
console.log(profile);
// I WANT TO BE ABLE TO GET THE REQUEST OBJECT TO HERE, SO THAT I CAN PASS IT INTO MY AUTH SERVICE
return this.authService.validateUser({ discordId: profile.id });
}
}
知道我將如何實現這一目標嗎?
嘗試將passReqToCallback
參數傳遞給構造函數中的 super:
constructor(
@Inject('AUTH_SERVICE') private readonly authService: IAuthService,
) {
super({
clientID: 'REDACTED',
clientSecret: 'REDACTED',
callbackURL: 'http://localhost:4000/api/auth/redirect',
scope: ['identify'],
passReqToCallback: true,
});
}
並修改 validate function 以具有簽名
async validate(req: Request, accessToken: string, refreshToken: string, profile: Profile)
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.