Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
private validation(query: AuthzQuery): void {
// must call init() before the module being used
if (!this.inited) throw new InvalidState("must call init() first");
// query.data must not contain reserved keywords
const reservedKeywordMatch = _.intersection(_.keys(query.data), AuthorizationService.ReservedKeywords);
if (!_.isEmpty(reservedKeywordMatch)) {
throw new UnauthorizedException(`query.input contained reserved keyword(s): ${reservedKeywordMatch.join(", ")}`);
}
}
async callback(@Query() payload, @Res() res) {
Logger.log('wechat code callback', payload);
if (isEmpty(payload.code)) throw new UnauthorizedException('่ทๅ code ้่ฏฏ');
const accessInfo = await Wechat.getAccessToken(payload.code);
Logger.log('wechat accessInfo', accessInfo);
if (isEmpty(accessInfo)) throw new UnauthorizedException('่ฎฟ้ฎไปค็้่ฏฏ');
// ้่ฟ openid ๆฅ่ฏข็จๆทๆฏๅฆๅญๅจ๏ผๅญๅจๅ็ดๆฅ็ป้
let user = await this.userService.findOne({ wechatOpenid: accessInfo['openid'] });
Logger.log('find user', user);
if (isEmpty(user)) {
const userInfo = await Wechat.getUserInfo(accessInfo['access_token'], accessInfo['openid']);
Logger.log('wechat userInfo', userInfo);
private handleError(error: Error & { code?: number; statusCode?: number }) {
const message = error.message || 'unknown error';
const statusCode = error.statusCode || error.code || HttpStatus.I_AM_A_TEAPOT;
console.log(message, statusCode);
switch (statusCode) {
case HttpStatus.CONFLICT:
throw new ConflictException(error.message);
case HttpStatus.UNAUTHORIZED:
throw new UnauthorizedException(error.message);
case HttpStatus.NOT_FOUND:
throw new NotFoundException(error.message);
case HttpStatus.BAD_REQUEST:
throw new BadRequestException(error.message);
default:
throw new HttpException(message, statusCode);
}
}
}
async validate(payload: JwtPayload) {
const user = await this.authService.validateUser(payload);
if (!user) {
throw new UnauthorizedException();
}
return user;
}
}
switch (info.message) {
case 'No auth token':
case 'invalid signature':
case 'jwt malformed':
case 'invalid token':
case 'invalid signature':
message = 'You must provide a valid authenticated access token';
break;
case 'jwt expired':
message = 'Your session has expired';
break;
default:
message = info.message;
break;
}
throw new UnauthorizedException(message);
}
return user;
};
public async login(@Args() args: AuthDto) {
const auth = await this.authService.findOne({ username: args.username });
if (auth) {
if (auth.password === md5Decode(args.password)) {
const token = createToken({ username: args.username });
return { token, lifeTime: Math.floor(Date.now() / 1000) + 60 * 60 * 24 * 7 };
} else {
throw new UnauthorizedException('Password wrong');
}
} else {
throw new UnauthorizedException('Account does not exist');
}
}
.catch(err => Promise.reject(new UnauthorizedException("Invalid Authorization")))
}
public async refreshToken(
@Body(new ValidationPipe())
body: RefreshTokenDto,
) {
const account = await this.accountRepository.findOne({
where: body,
});
if (!account) {
throw new UnauthorizedException();
}
return {
accessToken: await this.tokenService.createAccessToken(account),
};
}
}
async validate(payload: JwtPayload, done: any) {
const user = await this.authService.validate(payload);
if (!user) {
return done(
new UnauthorizedException(AUTH_ERRORS.UNAUTHORIZED_ERR),
false,
);
}
done(null, user);
}
}