Loading backend/src/auth/user/authUser.guard.ts +3 −0 Original line number Diff line number Diff line Loading @@ -14,7 +14,10 @@ export class AuthUserGuard implements CanActivate { if (!authorization) throw new UnauthorizedException('session expired! Please sign In'); authorization = authorization.split(' ')[1]; const jwtPayload = await this.authUserService.validateToken(authorization); if (!jwtPayload) throw new UnauthorizedException('session expired! Please sign In'); const user = await this.userService.findOne(jwtPayload.email); if (!user) throw new UnauthorizedException('session expired! Please sign In'); request.user = { ...user }; return true; } Loading backend/src/auth/user/authUsercontroller.ts +3 −3 Original line number Diff line number Diff line Loading @@ -6,6 +6,7 @@ import { LoginUserDto } from './dto/login-user.dto'; import { UserSigninResDto } from './dto/user-signin-res.dto'; import { AuthUserGuard } from './authUser.guard'; import { CustomUserRequest } from './interface/customUserReq'; import { UpdatePwdDto } from './dto/update-pwd.dto'; @Controller('') @ApiTags('Create user account and sign in as user') Loading Loading @@ -44,8 +45,7 @@ export class AuthUserController { @UseGuards(AuthUserGuard) @ApiBearerAuth('jwt') @Patch('user/change-password') async changePassword(@Req() req: CustomUserRequest) { console.log({ user: req.user }); return true; async changePassword(@Req() req: CustomUserRequest, @Body() updatePwdDto: UpdatePwdDto) { return this.authUserService.changePassword(req.user.email, updatePwdDto); } } backend/src/auth/user/authUserservice.ts +12 −0 Original line number Diff line number Diff line Loading @@ -9,6 +9,7 @@ import { CreateUserDto } from 'src/user/dto/create-user.dto'; import { LoginUserDto } from './dto/login-user.dto'; import { ALL_ROLES } from 'src/shared/enum/admin-role.enum'; import { PayloadJwtDto } from 'src/shared/dto/payload-jwt.dto'; import { UpdatePwdDto } from './dto/update-pwd.dto'; @Injectable() export class AuthUserService { Loading Loading @@ -64,4 +65,15 @@ export class AuthUserService { throw new UnauthorizedException('Invalid token'); } } async changePassword(email: string, updatePwdDto: UpdatePwdDto) { const user: User = await this.userService.findOne(email); const prevPwdHashed = user.password; const validPwd: boolean = await this.encryptionService.comparePassword(updatePwdDto.prevPassword, prevPwdHashed); if (!validPwd) throw new UnauthorizedException('Invalid password'); const newPwdHashed = await this.encryptionService.hashPassword(updatePwdDto.newPassword); await this.userService.updatePassword(email, newPwdHashed); } } backend/src/user/user.service.ts +4 −0 Original line number Diff line number Diff line Loading @@ -24,4 +24,8 @@ export class UserService { if (user) return true; else return false; } async updatePassword(email: string, password: string) { await this.userRepository.update({ email }, { password }); } } Loading
backend/src/auth/user/authUser.guard.ts +3 −0 Original line number Diff line number Diff line Loading @@ -14,7 +14,10 @@ export class AuthUserGuard implements CanActivate { if (!authorization) throw new UnauthorizedException('session expired! Please sign In'); authorization = authorization.split(' ')[1]; const jwtPayload = await this.authUserService.validateToken(authorization); if (!jwtPayload) throw new UnauthorizedException('session expired! Please sign In'); const user = await this.userService.findOne(jwtPayload.email); if (!user) throw new UnauthorizedException('session expired! Please sign In'); request.user = { ...user }; return true; } Loading
backend/src/auth/user/authUsercontroller.ts +3 −3 Original line number Diff line number Diff line Loading @@ -6,6 +6,7 @@ import { LoginUserDto } from './dto/login-user.dto'; import { UserSigninResDto } from './dto/user-signin-res.dto'; import { AuthUserGuard } from './authUser.guard'; import { CustomUserRequest } from './interface/customUserReq'; import { UpdatePwdDto } from './dto/update-pwd.dto'; @Controller('') @ApiTags('Create user account and sign in as user') Loading Loading @@ -44,8 +45,7 @@ export class AuthUserController { @UseGuards(AuthUserGuard) @ApiBearerAuth('jwt') @Patch('user/change-password') async changePassword(@Req() req: CustomUserRequest) { console.log({ user: req.user }); return true; async changePassword(@Req() req: CustomUserRequest, @Body() updatePwdDto: UpdatePwdDto) { return this.authUserService.changePassword(req.user.email, updatePwdDto); } }
backend/src/auth/user/authUserservice.ts +12 −0 Original line number Diff line number Diff line Loading @@ -9,6 +9,7 @@ import { CreateUserDto } from 'src/user/dto/create-user.dto'; import { LoginUserDto } from './dto/login-user.dto'; import { ALL_ROLES } from 'src/shared/enum/admin-role.enum'; import { PayloadJwtDto } from 'src/shared/dto/payload-jwt.dto'; import { UpdatePwdDto } from './dto/update-pwd.dto'; @Injectable() export class AuthUserService { Loading Loading @@ -64,4 +65,15 @@ export class AuthUserService { throw new UnauthorizedException('Invalid token'); } } async changePassword(email: string, updatePwdDto: UpdatePwdDto) { const user: User = await this.userService.findOne(email); const prevPwdHashed = user.password; const validPwd: boolean = await this.encryptionService.comparePassword(updatePwdDto.prevPassword, prevPwdHashed); if (!validPwd) throw new UnauthorizedException('Invalid password'); const newPwdHashed = await this.encryptionService.hashPassword(updatePwdDto.newPassword); await this.userService.updatePassword(email, newPwdHashed); } }
backend/src/user/user.service.ts +4 −0 Original line number Diff line number Diff line Loading @@ -24,4 +24,8 @@ export class UserService { if (user) return true; else return false; } async updatePassword(email: string, password: string) { await this.userRepository.update({ email }, { password }); } }
