feat: ✨ Auth module

2024-02-27 16:45:22 +01:00 · 2024-02-27 16:45:22 +01:00 · 577d96d68c
commit 577d96d68c
parent 73ee4e2894
2 changed files with 59 additions and 18 deletions
--- a/src/auth/auth.controller.ts
+++ b/src/auth/auth.controller.ts
@ -4,17 +4,15 @@ import { AuthDto } from "./dto";

@Controller('auth')
 export class AuthController {
-    constructor(private authService: AuthService) {}
+  constructor(private authService: AuthService) {}

-    @Post('signup')
-    signup(@Body() dto: AuthDto) {
-        console.log({dto});
-        return this.authService.signup()
-    }
+  @Post("register")
+  async signup(@Body() dto: AuthDto) {
+    return await this.authService.register(dto);
+  }

-    @Post('signin')
-    signin(@Body() dto: AuthDto) {
-        console.log({dto});
-        return this.authService.signin()
-    }
+  @Post("login")
+  async signin(@Body() dto: AuthDto) {
+    return await this.authService.login(dto);
+  }
 }
--- a/src/auth/auth.service.ts
+++ b/src/auth/auth.service.ts
@ -1,17 +1,60 @@
-import { Injectable } from "@nestjs/common";
+import { ForbiddenException, Injectable } from "@nestjs/common";
 import { PrismaService } from "src/prisma/prisma.service";
+import { AuthDto } from "./dto";
+import * as argon from "argon2";
+import { PrismaClientKnownRequestError } from "@prisma/client/runtime/library";

@Injectable({})
 export class AuthService {
-    constructor(private prisma: PrismaService) {
+  constructor(private prisma: PrismaService) {}

+  async login(dto: AuthDto) {
+    const User = await this.prisma.user.findUnique({
+      where: {
+        email: dto.email,
+      },
+    });
+    if (!User) {
+      console.warn(`ACCESS: Refused login for "${dto.email}" (email not used)`);
+      throw new ForbiddenException("Credential(s) invalid.");
    }

-    signin() {
-        return {response: "Sign IN"}
+    const pwMatches = await argon.verify(User.hash, dto.password);
+    if (!pwMatches) {
+      console.warn(
+        `ACCESS: Refused login for "${dto.email}" (invalid password)`,
+      );
+      throw new ForbiddenException("Credential(s) invalid.");
    }

-    signup() {
-        return {response: "Sign UP"}
+    delete User.hash;
+    console.info(`ACCESS: Granted login for "${dto.email}"`);
+    return User;
+  }
+
+  async register(dto: AuthDto) {
+    const userPasswordHash = await argon.hash(dto.password);
+    try {
+      const User = await this.prisma.user.create({
+        data: {
+          email: dto.email,
+          hash: userPasswordHash,
+        },
+        select: {
+          id: true,
+          email: true,
+          firstName: true,
+          lastName: true,
+        },
+      });
+      //delete User.hash;
+      return User;
+    } catch (error) {
+      if (error instanceof PrismaClientKnownRequestError) {
+        if (error.code === "P2002") {
+          throw new ForbiddenException("Credential(s) taken.");
+        }
+      }
    }
+  }
 }