ohibern v1.0.32
Description
Auth: The first endpoint, which is accessible via a POST request to the /signin route, is responsible for authenticating the user and generating a JWT for the authenticated user. This endpoint is decorated with the @AuthPub() decorator, which allows it to be accessed without a JWT token. The @UseGuards(AuthGuard('local')) decorator applies the local authentication strategy defined in the Passport module to this endpoint. The @Req() decorator injects the Request object into the controller action, and the @Body() decorator injects the SigninDto object into the action. The authenticated user is extracted from the request object using the req.user property, and the JWT for this user is generated by calling the jwt() method of the AuthService. This JWT is then returned as the response of the endpoint.
The second endpoint, which is accessible via a GET request to the /djwt route, generates a JWT for the authenticated user. This endpoint is decorated with the @ApiBearerAuth() decorator, which indicates that the endpoint requires a JWT token to be included in the Authorization header of the request. The @Req() decorator injects the Request object into the controller action, which is then passed to the djwt() method of the AuthService to generate a JWT for the authenticated user. The generated JWT is returned as the response of the endpoint.
Overall, this code shows how NestJS can be used to create a secure authentication system using JWTs and the Passport module.
Rbac: The service is injected with the authorization enforcer using the AUTHORIZATION_ENFORCER token, which is defined in the rbac.token.const.ts file.
The checkPermission method of the RbacService class is an asynchronous function that takes three arguments: subject, object, and action. These arguments represent the subject who performs the action, the object on which the action is performed, and the action itself. The method calls the enforce method on the enforcer object and passes the three arguments to it. The enforce method returns a boolean value indicating whether the subject is allowed to perform the action on the object. The checkPermission method returns this boolean value.
The mappingAction method of the RbacService class is a synchronous function that takes a method string as an argument. This method maps the HTTP method string to an RbacAction enum value. The RbacAction enum defines four values: READ, CREATE, UPDATE, and DELETE. The mappingAction method returns the RbacAction enum value corresponding to the method string passed as an argument. If the method string is not recognized, the method returns RbacAction.NONE.
Overall, this RbacService class provides methods to check permissions based on a given set of authorization rules, and to map HTTP methods to corresponding authorization actions. It is designed to be used in conjunction with a NestJS application that implements role-based access control (RBAC) policies.
Rdb: A simple service that provides an interface to interact with an Oracle database using TypeORM. It has several helper methods to perform CRUD operations and logging. It also has a method to initialize the database schema.
showorm(): this function is used for debugging purposes. It logs the ORM metadata object to the console.
createByVal(): this function creates a new record in the specified table with the specified column names and values.
sql(): this function executes a SQL statement in the database. It takes a SQL string and an array of parameter values as arguments.
tran(): this function executes a transaction that consists of multiple SQL statements. It takes an array of SQL statements and an array of parameter arrays as arguments. It also takes an optional array of CreateCodeDto objects, which are used to create new records in the database.
create(): this function creates a new record in the specified table with the specified column names and values.
read(): this function retrieves records from the specified table that match the specified column names and values.
update(): this function updates records in the specified table that match the specified column names and values with the specified new values. It uses the colstmt() function to generate the SQL statement for the WHERE clause.
r2c(rs): {}: This function takes a result set rs and converts it to an object with the format { CK: CV }.
c2a(rs,col): This function takes a result set rs and a column name col as input parameters. It extracts the values of the specified column from the result set and returns them as an array.
async exorm(key: string, param: string[]): This function takes a string key and an array param as input parameters. It executes a SQL query using the sql method of the class based on the key value and the param array and returns the result.
async aorm(key: string, param: string[]): This function is a wrapper function for exorm method.
async oorm(key: string, parama: {}): This function takes an object parama and a string key as input parameters. It extracts the parameter values from the parama object and calls the exorm method with the specified key and parameters.
async xorm(parama: {}): This function takes an object parama as an input parameter. It extracts the keys from the parama object and calls the xormk method with the specified keys and parameters.
.env
Installation
$ npm installRunning the app
# development
$ npm run start
# watch mode
$ npm run start:dev
# production mode
$ npm run start:prodTest
# unit tests
$ npm run test
# e2e tests
$ npm run test:e2e
# test coverage
$ npm run test:covSupport
Nest is an MIT-licensed open source project. It can grow thanks to the sponsors and support by the amazing backers. If you'd like to join them, please read more here.
Stay in touch
- Author - Kamil Myśliwiec
- Website - https://nestjs.com
- Twitter - @nestframework
License
Nest is MIT licensed.