Merge pull request #5 from wafflestudio/user-api

[Server] User API 구현

Author: sangmin7b

package-lock.json

@@ -24,9 +24,12 @@
     "@nestjs/common": "^7.5.1",
     "@nestjs/config": "^0.6.3",
     "@nestjs/core": "^7.5.1",
+    "@nestjs/graphql": "^7.9.8",
     "@nestjs/jwt": "^7.2.0",
+    "@nestjs/mapped-types": "^0.3.0",
     "@nestjs/passport": "^7.1.5",
     "@nestjs/platform-express": "^7.5.1",
+    "@nestjs/swagger": "^4.7.12",
     "@nestjs/typeorm": "^7.1.5",
     "@types/bcrypt": "^3.0.0",
     "bcrypt": "^5.0.0",
@@ -46,7 +49,7 @@
     "@nestjs/cli": "^7.5.1",
     "@nestjs/schematics": "^7.1.3",
     "@nestjs/testing": "^7.5.1",
-    "@types/express": "^4.17.8",
+    "@types/express": "^4.17.11",
     "@types/jest": "^26.0.15",
     "@types/node": "^14.14.6",
     "@types/passport-jwt": "^3.0.4",
@@ -57,8 +60,10 @@
     "eslint": "^7.12.1",
     "eslint-config-prettier": "7.2.0",
     "eslint-plugin-prettier": "^3.1.4",
+    "husky": "^4.3.8",
     "jest": "^26.6.3",
-    "prettier": "^2.1.2",
+    "lint-staged": "^10.5.4",
+    "prettier": "^2.2.1",
     "supertest": "^6.0.0",
     "ts-jest": "^26.4.3",
     "ts-loader": "^8.0.8",
@@ -82,5 +87,15 @@
     ],
     "coverageDirectory": "../coverage",
     "testEnvironment": "node"
+  },
+  "husky": {
+    "hooks": {
+      "pre-commit": "lint-staged"
+    }
+  },
+  "lint-staged": {
+    "src/**/*.{js,json,ts}": [
+      "prettier --write"
+    ]
   }
 }

package.json

@@ -7,7 +7,7 @@ import { NoticeModule } from './notice/notice.module';
 import { AuthModule } from './auth/auth.module';
 import { ConfigModule } from '@nestjs/config';
 import { TypeOrmModule } from '@nestjs/typeorm';
-import { Keyword, User } from './user/user.entity';
+import { Keyword, User, UserKeyword } from './user/user.entity';
 import { UserNotice, File, Notice } from './notice/notice.entity';
 import {
   Department,
@@ -41,6 +41,7 @@ const ENV: string = process.env.NODE_ENV;
         Tag,
         Department,
         NoticeTag,
+        UserKeyword,
       ],
       //need to be set false when production
       synchronize: true,

src/app.module.ts

@@ -0,0 +1,8 @@
+import { AuthGuard } from '@nestjs/passport';
+import { Injectable } from '@nestjs/common';
+
+@Injectable()
+export class JwtAccessGuard extends AuthGuard('jwt-access') {}
+
+@Injectable()
+export class AuthTokenGuard extends AuthGuard(['local', 'jwt-refresh']) {}

src/auth/auth.guard.ts

@@ -1,7 +1,19 @@
 import { Module } from '@nestjs/common';
 import { AuthService } from './auth.service';
+import { PassportModule } from '@nestjs/passport';
+import { JwtModule } from '@nestjs/jwt';
+import { JwtAccessStrategy } from './jwt-access.strategy';
+import { JwtRefreshStrategy } from './jwt-refresh.strategy';
+import { LocalStrategy } from './local.strategy';
 
 @Module({
-  providers: [AuthService]
+  imports: [PassportModule, JwtModule.register({})],
+  providers: [
+    AuthService,
+    LocalStrategy,
+    JwtAccessStrategy,
+    JwtRefreshStrategy,
+  ],
+  exports: [AuthService],
 })
 export class AuthModule {}

src/auth/auth.module.ts

@@ -1,4 +1,40 @@
 import { Injectable } from '@nestjs/common';
+import { JwtService } from '@nestjs/jwt';
+import * as bcrypt from 'bcrypt';
+import { User } from '../user/user.entity';
+import { Payload } from '../types/custom-type';
 
 @Injectable()
-export class AuthService {}
+export class AuthService {
+  constructor(private jwtService: JwtService) {}
+
+  async validateUser(username: string, password: string): Promise<User> {
+    const user = await User.findOne({ username });
+    if (user && (await bcrypt.compare(password, user.password))) {
+      return user;
+    }
+    return null;
+  }
+
+  async login(user: User): Promise<User> {
+    const payload: Payload = { username: user.username, id: user.id };
+
+    const accessToken = this.jwtService.sign(payload, {
+      secret: process.env.ACCESS_SECRET,
+      expiresIn: process.env.ACCESS_EXPIRES_IN,
+    });
+    const refreshToken = this.jwtService.sign(payload, {
+      secret: process.env.REFRESH_SECRET,
+    });
+    user.refreshToken = await bcrypt.hash(
+      refreshToken,
+      +process.env.SALT_ROUND,
+    );
+    await User.save(user);
+    user = await User.findOneWithKeyword({ id: user.id });
+    user.access_token = accessToken;
+    user.refresh_token = refreshToken;
+
+    return user;
+  }
+}

src/auth/auth.service.spec.ts

@@ -0,0 +1,26 @@
+import { ExtractJwt, Strategy } from 'passport-jwt';
+import { Injectable, UnauthorizedException } from '@nestjs/common';
+import { PassportStrategy } from '@nestjs/passport';
+
+import { User } from '../user/user.entity';
+import { Payload } from '../types/custom-type';
+
+@Injectable()
+export class JwtAccessStrategy extends PassportStrategy(
+  Strategy,
+  'jwt-access',
+) {
+  constructor() {
+    super({
+      jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
+      ignoreExpiration: false,
+      secretOrKey: process.env.ACCESS_SECRET,
+    });
+  }
+
+  async validate(payload: Payload): Promise<User> {
+    const user: User = await User.findOne({ id: payload.id });
+    if (!user) throw new UnauthorizedException();
+    return user;
+  }
+}

src/auth/auth.service.ts

@@ -0,0 +1,30 @@
+import { ExtractJwt, Strategy } from 'passport-jwt';
+import { Injectable, UnauthorizedException } from '@nestjs/common';
+import { PassportStrategy } from '@nestjs/passport';
+import { Request } from 'express';
+import { User } from '../user/user.entity';
+import { Payload } from '../types/custom-type';
+
+@Injectable()
+export class JwtRefreshStrategy extends PassportStrategy(
+  Strategy,
+  'jwt-refresh',
+) {
+  constructor() {
+    super({
+      jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
+      secretOrKey: process.env.REFRESH_SECRET,
+      passReqToCallback: true,
+    });
+  }
+
+  async validate(request: Request, payload: Payload): Promise<User> {
+    const refreshToken = request.headers.authorization.replace('Bearer ', '');
+    const user: User = await User.findOneIfRefreshTokenMatches(
+      refreshToken,
+      payload.id,
+    );
+    if (!user) throw new UnauthorizedException();
+    return user;
+  }
+}

src/auth/jwt-access.strategy.ts

@@ -0,0 +1,20 @@
+import { Injectable, UnauthorizedException } from '@nestjs/common';
+import { PassportStrategy } from '@nestjs/passport';
+import { Strategy } from 'passport-local';
+import { AuthService } from './auth.service';
+import { User } from '../user/user.entity';
+
+@Injectable()
+export class LocalStrategy extends PassportStrategy(Strategy) {
+  constructor(private authService: AuthService) {
+    super();
+  }
+
+  async validate(username: string, password: string): Promise<User> {
+    const user: User = await this.authService.validateUser(username, password);
+    if (!user) {
+      throw new UnauthorizedException();
+    }
+    return user;
+  }
+}

src/auth/jwt-refresh.strategy.ts

@@ -0,0 +1,11 @@
+import { Request } from 'express';
+import { User } from '../user/user.entity';
+
+export class Payload {
+  username: string;
+  id: number;
+}
+
+export interface UserRequest extends Request {
+  user?: User;
+}

src/auth/local.strategy.ts

@@ -0,0 +1,19 @@
+import { IsIn, IsString, Validate, ValidateIf } from 'class-validator';
+import { NotDefinedValidator } from '../user.validator';
+
+export class AuthDto {
+  @IsIn(['password', 'refresh_token'])
+  grant_type: string;
+
+  @ValidateIf((o) => o.grant_type === 'refresh_token')
+  @Validate(NotDefinedValidator, {
+    message: 'only refresh_token should be given to the header, not username',
+  })
+  username: string;
+
+  @ValidateIf((o) => o.grant_type === 'refresh_token')
+  @Validate(NotDefinedValidator, {
+    message: 'only refresh_token should be given to the header, not password',
+  })
+  password: string;
+}

src/types/custom-type.ts

@@ -0,0 +1,18 @@
+import { IsString, Validate } from 'class-validator';
+import {
+  UniqueNicknameValidator,
+  UniqueUsernameValidator,
+} from '../user.validator';
+
+export class CreateUserDto {
+  @IsString()
+  @Validate(UniqueUsernameValidator)
+  readonly username: string;
+
+  @IsString()
+  readonly password: string;
+
+  @IsString()
+  @Validate(UniqueNicknameValidator)
+  readonly nickname: string;
+}

src/user/dto/auth-user.dto.ts

@@ -0,0 +1,6 @@
+import { IsString } from 'class-validator';
+
+export class KeywordDto {
+  @IsString()
+  keyword: string;
+}

src/user/dto/create-user.dto.ts

@@ -0,0 +1,15 @@
+import { CreateUserDto } from './create-user.dto';
+import { PartialType, PickType } from '@nestjs/mapped-types';
+import { IsOptional, IsString, Validate } from 'class-validator';
+import { UniqueNicknameValidator } from '../user.validator';
+
+export class UpdateUserDto {
+  @IsOptional()
+  @Validate(UniqueNicknameValidator)
+  @IsString()
+  nickname: string;
+
+  @IsOptional()
+  @IsString()
+  password: string;
+}