🚀 fix(accessGuard) : reqUser type to accessJWTpalyod

Gosrock · Aug 6, 2022 · f5f8434 · f5f8434
1 parent 8ca0572
commit f5f8434
Show file tree

Hide file tree

Showing 6 changed files with 25 additions and 14 deletions.
diff --git a/src/auth/auth.interface.ts b/src/auth/auth.interface.ts
@@ -1,3 +1,5 @@
+import { Role } from 'src/common/consts/enum';
+
 export interface RegisterJwtPayload {
   phoneNumber: string;
 }
@@ -6,4 +8,5 @@ export interface AccessJwtPayload {
   phoneNumber: string;
   name: string;
   id: number;
+  role: Role;
 }
diff --git a/src/auth/auth.service.ts b/src/auth/auth.service.ts
@@ -129,7 +129,8 @@ export class AuthService {
       const accessToken = this.accessJwtSign({
         id: user.id,
         phoneNumber: user.phoneNumber,
-        name: user.name
+        name: user.name,
+        role: user.role
       });
       //console.log(accessToken);
 
@@ -180,7 +181,8 @@ export class AuthService {
       const accessToken = this.accessJwtSign({
         id: signUser.id,
         phoneNumber: signUser.phoneNumber,
-        name: signUser.name
+        name: signUser.name,
+        role: signUser.role
       });
 
       await queryRunner.commitTransaction();
@@ -289,7 +291,8 @@ export class AuthService {
     const accessToken = this.accessJwtSign({
       id: searchUser.id,
       phoneNumber: searchUser.phoneNumber,
-      name: searchUser.name
+      name: searchUser.name,
+      role: searchUser.role
     });
     return {
       user: searchUser,
@@ -371,12 +374,13 @@ export class AuthService {
         | string
       ) &
         AccessJwtPayload;
-      const { phoneNumber, id, name } = payload;
+      const { phoneNumber, id, name, role } = payload;
 
       return {
         id,
         phoneNumber,
-        name
+        name,
+        role
       };
     } catch (e) {
       if (e.name === 'TokenExpiredError')

diff --git a/src/auth/guards/AccessToken.guard.ts b/src/auth/guards/AccessToken.guard.ts
@@ -57,7 +57,7 @@ export class AccessTokenGuard implements CanActivate {
     const payload = this.authService.verifyAccessJWT(jwtString);
 
     // const user = payload
-    const user = await this.authService.findUserById(payload.id);
+    const user = payload;
     if (!user) {
       throw new UnauthorizedException(
         AuthErrorDefine['Auth-1003'],

diff --git a/src/common/decorators/user.decorator.ts b/src/common/decorators/user.decorator.ts
@@ -1,11 +1,12 @@
 import { createParamDecorator, ExecutionContext } from '@nestjs/common';
+import { AccessJwtPayload } from 'src/auth/auth.interface';
 
 export const ReqUser = createParamDecorator(
   (data: unknown, ctx: ExecutionContext) => {
     const request = ctx.switchToHttp().getRequest();
     // //console.log('asdfasdfasd');
 
-    const userObj = request.user;
+    const userObj = request.user as AccessJwtPayload;
 
     return userObj;
   }

diff --git a/src/tickets/tickets.controller.ts b/src/tickets/tickets.controller.ts
@@ -38,6 +38,7 @@ import { NoAuth } from 'src/auth/guards/NoAuth.guard';
 import { TicketCountDto } from './dtos/ticket-count.dto';
 import { ErrorResponse } from 'src/common/decorators/ErrorResponse.decorator';
 import { TicketEntryResponseDto } from './dtos/ticket-entry-response.dto';
+import { AccessJwtPayload } from 'src/auth/auth.interface';
 
 @ApiTags('tickets')
 @ApiBearerAuth('accessToken')
@@ -155,7 +156,7 @@ export class TicketsController {
   @Patch('/status')
   updateTicketStatus(
     @Body('') updateTicketStatusDto: UpdateTicketStatusDto,
-    @ReqUser() user: User
+    @ReqUser() user: AccessJwtPayload
   ) {
     return this.ticketService.updateTicketStatus(updateTicketStatusDto, user);
   }
@@ -176,7 +177,7 @@ export class TicketsController {
   getTicketByUuid(
     @Param('uuid')
     uuid: string,
-    @ReqUser() user: User
+    @ReqUser() user: AccessJwtPayload
   ) {
     //console.log(user);
     return this.ticketService.findByUuid(uuid, user);
@@ -279,7 +280,6 @@ export class TicketsController {
     return this.ticketService.deleteTicketByUuid(ticketUuid);
   }
 
-
   // /* 테스트용 라우팅 */
   // @ApiOperation({
   //   summary: '[테스트용, 삭제예정]조건없이 모든 티켓을 불러온다'
@@ -298,7 +298,7 @@ export class TicketsController {
   // getAllTickets() {
   //   return this.ticketService.findAll();
   // }
-  
+
   // @ApiOperation({ summary: '[테스트용] 임시 티켓 생성' })
   // @ApiResponse({
   //   status: 200,

diff --git a/src/tickets/tickets.service.ts b/src/tickets/tickets.service.ts
@@ -20,6 +20,7 @@ import { CreateTicketDto } from './dtos/create-ticket.dto';
 import { TicketEntryResponseDto } from './dtos/ticket-entry-response.dto';
 import { TicketFindDto } from './dtos/ticket-find.dto';
 import { UpdateTicketStatusDto } from './dtos/update-ticket-status.dto';
+import { AccessJwtPayload } from 'src/auth/auth.interface';
 
 @Injectable()
 export class TicketsService {
@@ -42,7 +43,10 @@ export class TicketsService {
    * @param user Request User
    * @returns Ticket Promise
    */
-  async findByUuid(ticketUuid: string, user: User): Promise<Ticket | null> {
+  async findByUuid(
+    ticketUuid: string,
+    user: AccessJwtPayload
+  ): Promise<Ticket | null> {
     const ticket = await this.ticketRepository.findByUuid(ticketUuid);
 
     //어드민이거나 Ticket.user.id === user.id 일때만 리턴
@@ -124,7 +128,7 @@ export class TicketsService {
           return '입금 기한이 만료된 티켓입니다';
         } else if (status == TicketStatus.ORDERWAIT) {
           return '입금 대기중인 티켓입니다';
-        } 
+        }
         return '검증 오류';
       };
 
@@ -137,7 +141,6 @@ export class TicketsService {
 
       // 티켓 상태 오류('입장대기'가 아님)
       if (ticket.status !== TicketStatus.ENTERWAIT) {
-
         response.message = '[입장실패]' + getFailureMessage(ticket.status);
         this.socketService.emitToAll(response);
         throw new BadRequestException(getFailureMessage(ticket.status));