feat: jwt authentication setup (#253)

Author: Guzbyte-tech

apps/backend/docker-compose.yml

@@ -9,7 +9,7 @@ services:
       POSTGRES_USER: ${POSTGRES_USER:-safeswap_user}
       POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-safeswap_password}
     ports:
-      - "${POSTGRES_PORT:-5432}:5432"
+      - "${POSTGRES_PORT:-5433}:5432"
     volumes:
       - safeswap_data:/var/lib/postgresql/data
     restart: unless-stopped

apps/backend/src/auth/auth.controller.ts

@@ -0,0 +1,37 @@
+import {
+	Body,
+	Controller,
+	Get,
+	Post,
+	Request,
+	UseGuards,
+} from "@nestjs/common";
+import { AuthService } from "./auth.service";
+import { JwtAuthGuard } from "./guards/jwt-auth.guard";
+
+@Controller("auth")
+export class AuthController {
+	constructor(private readonly authService: AuthService) {}
+
+	@Post("token")
+	getToken(@Body() body: { userId: string; walletAddress?: string }) {
+		// This is a simplified version for testing only
+		// In a real application, you'd validate the user or wallet signature
+		const token = this.authService.signJwt({
+			sub: body.userId,
+			walletAddress: body.walletAddress,
+		});
+
+		return { token };
+	}
+
+	@UseGuards(JwtAuthGuard)
+	@Get("profile")
+	getProfile(@Request() req) {
+		// The JWT payload is attached to the request by the JwtStrategy
+		return {
+			message: "You have successfully accessed a protected route!",
+			user: req.user,
+		};
+	}
+}

apps/backend/src/auth/auth.module.ts

@@ -0,0 +1,27 @@
+import { Module } from "@nestjs/common";
+import { ConfigModule, ConfigService } from "@nestjs/config";
+import { JwtModule } from "@nestjs/jwt";
+import { PassportModule } from "@nestjs/passport";
+import { AuthController } from "./auth.controller";
+import { AuthService } from "./auth.service";
+import { JwtStrategy } from "./strategies/jwt.strategy";
+
+@Module({
+	imports: [
+		ConfigModule,
+		PassportModule.register({ defaultStrategy: "jwt" }),
+		JwtModule.registerAsync({
+			imports: [ConfigModule],
+			inject: [ConfigService],
+			useFactory: async (configService: ConfigService) => ({
+				secret: configService.get<string>("JWT_SECRET"),
+				signOptions: {
+					expiresIn: configService.get<string>("JWT_EXPIRATION") || "1h", // Default to 1 hour if not set,
+				},
+			}),
+		}),
+	],
+	controllers: [AuthController],
+	providers: [AuthService, JwtStrategy],
+})
+export class AuthModule {}

apps/backend/src/auth/auth.service.ts

@@ -0,0 +1,31 @@
+import { Injectable } from "@nestjs/common";
+import { ConfigService } from "@nestjs/config";
+import { JwtService } from "@nestjs/jwt";
+
+interface JwtPayload {
+	sub: string;
+	walletAddress?: string;
+}
+
+@Injectable()
+export class AuthService {
+	constructor(
+		private jwtService: JwtService,
+		private configService: ConfigService,
+	) {}
+
+	/**
+	 * Signs a JWT token with the provided payload
+	 * @param payload Data to include in the JWT
+	 * @returns Signed JWT token
+	 */
+
+	signJwt(payload: JwtPayload): string {
+		return this.jwtService.sign(payload, {
+			secret: this.configService.get<string>("JWT_SECRET"),
+			expiresIn: this.configService.get<string>("JWT_EXPIRATION"),
+		});
+	}
+
+	// Future methods for wallet authentication will go here
+}

apps/backend/src/auth/guards/jwt-auth.guard.ts

@@ -0,0 +1,5 @@
+import { Injectable, UnauthorizedException } from "@nestjs/common";
+import { AuthGuard } from "@nestjs/passport";
+
+@Injectable()
+export class JwtAuthGuard extends AuthGuard("jwt") {}

apps/backend/src/auth/interfaces/jwt-payload.interface.ts

@@ -0,0 +1,4 @@
+export interface JwtPayload {
+	sub: string; // User ID
+	walletAddress?: string; // For future wallet integration
+}

apps/backend/src/auth/strategies/jwt.strategy.ts

@@ -0,0 +1,27 @@
+import { Injectable } from "@nestjs/common";
+import { ConfigService } from "@nestjs/config";
+import { PassportStrategy } from "@nestjs/passport";
+import { ExtractJwt, Strategy } from "passport-jwt";
+
+interface JwtPayload {
+	sub: string;
+	walletAddress?: string;
+}
+
+@Injectable()
+export class JwtStrategy extends PassportStrategy(Strategy) {
+	constructor(private configService: ConfigService) {
+		super({
+			jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
+			ignoreExpiration: false,
+			secretOrKey: configService.get<string>("JWT_SECRET"),
+		});
+	}
+
+	// This method will be called for each request with a valid JWT token
+	async validate(payload: JwtPayload) {
+		// This is a placeholder for future wallet validation logic
+		// For now, simply return the payload which will be attached to the request object
+		return payload;
+	}
+}

apps/backend/src/core/core.module.ts

@@ -11,8 +11,10 @@ import { IS_DEV_ENV } from "src/shared/utils/is-dev.util";
 import { getGraphQLConfig } from "./config/graphql.config";
 import { PrismaModule } from "./prisma/prisma.module";
 
+import { AuthModule } from "src/auth/auth.module";
 @Module({
 	imports: [
+		AuthModule,
 		ConfigModule.forRoot({
 			ignoreEnvFile: !IS_DEV_ENV,
 			isGlobal: true,