set cookies in response

Author: vinodnextcoder

src/auth/auth.controller.ts

@@ -22,23 +22,32 @@ export class AuthController {
  @Public()
  @HttpCode(HttpStatus.OK)
  @Post('login')
- signIn(@Body() signInDto: Record<string, any>, @Res({ passthrough: true }) res: Response) {
- const access_token = this.authService.signIn(signInDto.email, signInDto.password);
- res.cookie('access_cookies', access_token, {
+ async signIn(@Body() signInDto: Record<string, any>, @Res({ passthrough: true }) res: Response) {
+ const token = await this.authService.signIn(signInDto.email, signInDto.password);
+
+ res.cookie('access_token',token.access_token, {
  httpOnly: true,
  expires: new Date(Date.now() + 1 * 24 * 60 * 60 * 1000),
  path: '/',
  sameSite: 'none',
  secure: true,
  });
- return access_token;
+ 
+ res.cookie('refresh_token', token.refresh_token, {
+ httpOnly: true,
+ expires: new Date(Date.now() + 1 * 24 * 60 * 60 * 1000),
+ path: '/',
+ sameSite: 'none',
+ secure: true,
+ });
+
+ return token;
  }
 
  // @Public()
  @UseGuards(AuthGuard)
  @Post('/refresh')
  @UseFilters(new HttpExceptionFilter())
- @HttpCode(HttpStatus.OK)
  async refreshTokens(
  @Res() request:Request,
  @Res() res: Response

src/auth/auth.guard.ts

@@ -29,24 +29,28 @@ export class AuthGuard implements CanActivate {
 
  const request = context.switchToHttp().getRequest();
  const token = this.extractTokenFromHeader(request);
+ console.log('@@@@@@@token',token)
  if (!token) {
  throw new UnauthorizedException();
  }
  try {
  const payload = await this.jwtService.verifyAsync(token, {
  secret: jwtConstants.secret,
  });
+ console.log(payload)
  // 💡 We're assigning the payload to the request object here
  // so that we can access it in our route handlers
  request['user'] = payload;
- } catch {
+ } catch(err) {
+ console.log(err)
  throw new UnauthorizedException();
  }
  return true;
  }
 
  private extractTokenFromHeader(request: Request): string | undefined {
  const [type, token] = request.headers.authorization?.split(' ') ?? [];
+ console.log(type, token)
  return type === 'Bearer' ? token : undefined;
  }
 }

src/auth/auth.service.ts

@@ -2,6 +2,7 @@ import { ForbiddenException, Injectable, UnauthorizedException } from '@nestjs/c
 import { UserService } from '../users/users.service';
 import { JwtService } from '@nestjs/jwt';
 import * as bcrypt from 'bcrypt';
+import { jwtConstants } from '../auth/constants';
 
 
 @Injectable()
@@ -17,10 +18,9 @@ export class AuthService {
 
  if (match) {
  const payload = { email: user.email, userId: user._id };
- const access_token = await this.jwtService.signAsync(payload);
  const tokens = await this.getTokens(user);
  return {
- access_token
+ ...tokens
  };
  }
  throw new UnauthorizedException();
@@ -48,21 +48,21 @@ export class AuthService {
  const [at, rt] = await Promise.all([
  this.jwtService.signAsync(
  {
- sub: user._id,
+ sub: user.userId,
  email: user.email,
  },
  {
- secret: 'at-secret',
+ secret: jwtConstants.secret,
  expiresIn: '24h',
  },
  ),
  this.jwtService.signAsync(
  {
- sub: user._id,
+ sub: user.userId,
  email: user.email,
  },
  {
- secret: 'rt-secret',
+ secret: jwtConstants.secret,
  expiresIn: '30d',
  },
  ),

src/users/users.controller.ts

@@ -1,4 +1,4 @@
-import { Body, Controller, Delete, Get, HttpStatus, Param, Post, Res, UseFilters, UsePipes, ValidationPipe } from '@nestjs/common';
+import { Body, Controller, Delete, Get, HttpCode, HttpStatus, Param, Post, Res, UseFilters, UseGuards, UsePipes, ValidationPipe } from '@nestjs/common';
 import { Public } from '../auth/decorators/public.decorator';
 import { UserService } from './users.service';
 import { CreateUserDto } from './dto/create-user.dto';
@@ -7,13 +7,15 @@ import { sendResponse } from '../utils';
 import {statusMessage} from '../constant/statusMessage'
 import { HttpExceptionFilter } from '../utils/http-exception.filter';
 import { responseData, userData } from '../interface/common';
+import { AuthGuard } from '../common/guards/at.guard';
+
 
 
-@Public()
 @Controller("v1/users")
 export class UserController {
  constructor(private readonly userService: UserService) {}
 
+ @Public()
  @Post()
  @UseFilters(new HttpExceptionFilter())
  @UsePipes(new ValidationPipe({ transform: true }))
@@ -22,7 +24,11 @@ export class UserController {
  return sendResponse(res,HttpStatus.CREATED,statusMessage[HttpStatus.CREATED],true,user);
  }
 // get user
+ 
+
+ @UseGuards(AuthGuard)
  @Get()
+ @UseFilters(new HttpExceptionFilter())
  async findAll(): Promise<userData[]> {
  return this.userService.findAll();
  }