feat: add admin guard and JWT role support
- Create AdminGuard to check user role - Update JWT strategy to include role in payload - Update auth service to include role in token generation - Prepare admin module structure - TypeScript will resolve lint errors after server restart
This commit is contained in:
dwindown
28
apps/api/dist/admin/guards/admin.guard.js
vendored
Normal file
28
apps/api/dist/admin/guards/admin.guard.js
vendored
Normal file
@@ -0,0 +1,28 @@
|
||||
"use strict";
|
||||
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
||||
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
||||
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
||||
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
||||
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
||||
};
|
||||
Object.defineProperty(exports, "__esModule", { value: true });
|
||||
exports.AdminGuard = void 0;
|
||||
const common_1 = require("@nestjs/common");
|
||||
let AdminGuard = class AdminGuard {
|
||||
canActivate(context) {
|
||||
const request = context.switchToHttp().getRequest();
|
||||
const user = request.user;
|
||||
if (!user) {
|
||||
throw new common_1.ForbiddenException('Authentication required');
|
||||
}
|
||||
if (user.role !== 'admin') {
|
||||
throw new common_1.ForbiddenException('Admin access required');
|
||||
}
|
||||
return true;
|
||||
}
|
||||
};
|
||||
exports.AdminGuard = AdminGuard;
|
||||
exports.AdminGuard = AdminGuard = __decorate([
|
||||
(0, common_1.Injectable)()
|
||||
], AdminGuard);
|
||||
//# sourceMappingURL=admin.guard.js.map
|
||||
Reference in New Issue
Block a user