Skip to content

Commit 432bea0

Browse files
committed
Mettre à jour les types de données dans SecurityPartDTO et SecurityPartSchema
1 parent 08a2cfe commit 432bea0

File tree

6 files changed

+20
-23
lines changed

6 files changed

+20
-23
lines changed

src/core/agents/_dto/parts/security.part.dto.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ export class SecurityPartDTO {
2929
@ApiProperty()
3030
public changePwdAtNextLogin: boolean;
3131

32-
@IsBoolean()
32+
@IsString()
3333
@IsOptional()
3434
@ApiProperty()
3535
public secretKey?: string;

src/core/agents/_schemas/_parts/security.part.schema.ts

Lines changed: 2 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -31,17 +31,9 @@ export class SecurityPart extends Document {
3131
public changePwdAtNextLogin: boolean;
3232

3333
@Prop({
34-
type: Boolean,
34+
type: String,
3535
})
3636
public secretKey: string;
3737
}
3838

39-
export const SecurityPartSchema = SchemaFactory.createForClass(SecurityPart).pre(
40-
'save',
41-
function (this: SecurityPart, next: () => void): void {
42-
if (this.isNew) {
43-
this.secretKey = Math.random().toString(36).slice(-8); //TODO: use crypto lib
44-
}
45-
next();
46-
},
47-
);
39+
export const SecurityPartSchema = SchemaFactory.createForClass(SecurityPart);

src/core/agents/_schemas/agents.schema.ts

Lines changed: 1 addition & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -70,12 +70,4 @@ export class Agents extends AbstractSchema {
7070
public customFields?: { [key: string]: MixedValue };
7171
}
7272

73-
export const AgentsSchema = SchemaFactory.createForClass(Agents).pre(
74-
'save',
75-
function (this: Agents, next: () => void): void {
76-
if (this.isNew) {
77-
this.displayName = this.displayName || this.username;
78-
}
79-
next();
80-
},
81-
);
73+
export const AgentsSchema = SchemaFactory.createForClass(Agents);

src/core/agents/agents.service.ts

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,8 @@ import { Document, Model, ModifyResult, Query, QueryOptions, SaveOptions, Types,
55
import { AbstractServiceSchema } from '~/_common/abstracts/abstract.service.schema';
66
import { AgentsCreateDto } from './_dto/agents.dto';
77
import { hash } from 'argon2';
8+
import { randomBytes } from 'node:crypto';
9+
import { SecurityPartDTO } from './_dto/parts/security.part.dto';
810

911
@Injectable()
1012
export class AgentsService extends AbstractServiceSchema {
@@ -17,6 +19,8 @@ export class AgentsService extends AbstractServiceSchema {
1719
options?: SaveOptions,
1820
): Promise<Document<T, any, T>> {
1921
data.password = await hash(data.password);
22+
data.security = (data.security || {}) as SecurityPartDTO;
23+
data.security.secretKey = randomBytes(32).toString('hex');
2024
return await super.create(data, options);
2125
}
2226

src/core/auth/_strategies/jwt.strategy.ts

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,7 @@ export class JwtStrategy extends PassportStrategy(Strategy, 'jwt') {
3030
Logger.debug(`Atempt to authenticate with JTI: <${payload.jti}>`, 'JwtStrategy');
3131
if (!payload?.identity) return done(new UnauthorizedException(), false);
3232
const user = await this.auth.verifyIdentity(payload);
33+
3334
if (!user) return done(new ForbiddenException(), false);
3435
return done(null, payload?.identity);
3536
}

src/core/auth/auth.service.ts

Lines changed: 11 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -81,7 +81,7 @@ export class AuthService extends AbstractService implements OnModuleInit {
8181
}
8282

8383
// eslint-disable-next-line
84-
public async verifyIdentity(payload: any & { identity: AgentType & {token: string} }): Promise<any> {
84+
public async verifyIdentity(payload: any & { identity: AgentType & { token: string } }): Promise<any> {
8585
if (payload.scopes.includes('offline')) {
8686
return payload.identity;
8787
}
@@ -100,9 +100,17 @@ export class AuthService extends AbstractService implements OnModuleInit {
100100
try {
101101
const identity = await this.redis.get([this.ACCESS_TOKEN_PREFIX, payload.jti].join(':'));
102102
if (identity) {
103-
return JSON.parse(identity);
103+
const data = JSON.parse(identity);
104+
const success = await this.agentsService.model.countDocuments({
105+
_id: payload.identity._id,
106+
'security.secretKey': data.identity?.security?.secretKey,
107+
});
108+
109+
return success ? data : null;
104110
}
105-
} catch (e) {}
111+
} catch (e) {
112+
this.logger.warn('Invalid jwt session', e);
113+
}
106114
return null;
107115
}
108116

0 commit comments

Comments
 (0)