diff --git a/src/credentials/credentials.module.ts b/src/credentials/credentials.module.ts index d655932..589578a 100644 --- a/src/credentials/credentials.module.ts +++ b/src/credentials/credentials.module.ts @@ -1,10 +1,10 @@ import { Module } from "@nestjs/common"; -import { CredentialsService } from "./credentials.service"; import { ConfigModule } from "@nestjs/config"; +import { CredentialsService } from "./credentials.service"; @Module({ imports: [ConfigModule], providers: [CredentialsService], - exports: [CredentialsService] + exports: [CredentialsService], }) export class CredentialsModule {} diff --git a/src/credentials/credentials.service.ts b/src/credentials/credentials.service.ts index b9d2534..1ee5e21 100644 --- a/src/credentials/credentials.service.ts +++ b/src/credentials/credentials.service.ts @@ -1,44 +1,49 @@ import { BadRequestException, Injectable } from "@nestjs/common"; -import * as argon from "argon2"; -import * as jose from "jose" -// biome-ignore lint/style/useImportType: used by Next.js import { ConfigService } from "@nestjs/config"; +import * as argon from "argon2"; +import * as jose from "jose"; +import { generateSecret, JWTPayload } from "jose"; @Injectable() export class CredentialsService { - - constructor(private configService: ConfigService) { - } + constructor( + private readonly configService: ConfigService, + ) {} async hash(plaintextPassword: string) { - if (plaintextPassword.length < 6) throw new BadRequestException("Password is not strong enough !") - return argon.hash(Buffer.from(plaintextPassword), { - secret: this.configService.get("APP_HASH_SECRET"), - }) + console.log(plaintextPassword); + if (plaintextPassword.length < 6) + throw new BadRequestException("Password is not strong enough !"); + return argon.hash(plaintextPassword, { + secret: Buffer.from(this.configService.get("APP_HASH_SECRET")), + }); } async check(plaintextPassword: string, hashedPassword: string) { - return argon.verify(hashedPassword, Buffer.from(plaintextPassword), { - secret: this.configService.get("APP_HASH_SECRET"), - }) + return argon.verify(hashedPassword, plaintextPassword, { + secret: Buffer.from(this.configService.get("APP_HASH_SECRET")), + }); } - async verifyAuthToken(token: string) { - const verifyRes = await jose.jwtVerify(token, Uint8Array.from(this.configService.get("APP_TOKEN_SECRET")), { - subject: "auth", - audience: "user", - issuer: "ShouldStick" - }) + return await jose.jwtVerify( + token, + Uint8Array.from(this.configService.get("APP_TOKEN_SECRET")), + { + audience: "auth:user", + issuer: "ShouldStick", + }, + ); } - async signAuthToken() { - return new jose.SignJWT({}) - .setProtectedHeader({ alg: 'dir', enc: 'A128CBC-HS256' }) + async signAuthToken(payload: JWTPayload) { + console.log(this.configService.get("APP_TOKEN_SECRET")) + const token = new jose.SignJWT(payload) + .setProtectedHeader({ alg: "HS512", enc: "A128CBC-HS512" }) .setIssuedAt() - .setExpirationTime('3 day') + .setExpirationTime("3 day") .setIssuer("ShouldStick") - .setAudience("user") - .setSubject("auth") - .sign(Uint8Array.from(this.configService.get("APP_TOKEN_SECRET"))) + .setAudience("auth:user") + console.log(token) + return await token.sign(Uint8Array.from(this.configService.get("APP_TOKEN_SECRET"))); } -} +} \ No newline at end of file