Add credential management service and module

Introduced `CredentialsService` for handling password hashing, verification, and JWT token operations. Added `CredentialsModule` to register `CredentialsService` and integrate it with the ConfigModule.
This commit is contained in:
Mathis H (Avnyr) 2024-09-02 14:57:36 +02:00
parent c0a61cde3b
commit b4c4151550
No known key found for this signature in database
GPG Key ID: FF69BF8BF95CDD58
2 changed files with 67 additions and 0 deletions

View File

@ -0,0 +1,10 @@
import { Module } from "@nestjs/common";
import { ConfigModule } from "@nestjs/config";
import { CredentialsService } from "./credentials.service";
@Module({
imports: [ConfigModule],
providers: [CredentialsService],
exports: [CredentialsService],
})
export class CredentialsModule {}

View File

@ -0,0 +1,57 @@
import { BadRequestException, Injectable } from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import * as argon from "argon2";
import * as jose from "jose";
import { JWTPayload, generateSecret } from "jose";
@Injectable()
export class CredentialsService {
constructor(private readonly configService: ConfigService) {}
async hash(plaintextPassword: string) {
console.log(plaintextPassword);
if (plaintextPassword.length < 6)
throw new BadRequestException("Password is not strong enough !");
return argon.hash(plaintextPassword, {
secret: Buffer.from(this.configService.get("APP_HASH_SECRET")),
});
}
async check(plaintextPassword: string, hashedPassword: string) {
return argon.verify(hashedPassword, plaintextPassword, {
secret: Buffer.from(this.configService.get("APP_HASH_SECRET")),
});
}
async verifyAuthToken(token: string) {
try {
const result = await jose.jwtVerify(
token,
Uint8Array.from(this.configService.get("APP_TOKEN_SECRET")),
{
audience: "auth:user",
issuer: "FabLab",
},
);
console.log(result);
return result;
} catch (error) {
console.log(error)
throw new BadRequestException("Invalid token");
}
}
async signAuthToken(payload: JWTPayload) {
console.log(this.configService.get("APP_TOKEN_SECRET"));
const token = new jose.SignJWT(payload)
.setProtectedHeader({ alg: "HS512", enc: "A128CBC-HS512" })
.setIssuedAt()
.setExpirationTime("5 day")
.setIssuer("FabLab")
.setAudience("auth:user");
console.log(token);
return await token.sign(
Uint8Array.from(this.configService.get("APP_TOKEN_SECRET")),
);
}
}