ammar/backend
1
0
Fork 0
mirror of https://github.com/SyncrowIOT/backend.git synced 2025-07-15 10:25:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add platform type to user login and enforce access restrictions

Browse Source
This commit is contained in:
faris Aljohari
2025-01-28 19:41:03 -06:00
parent 65eac98270
commit dc23cce89a
4 changed files with 22 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
libs/common/src/auth/services/auth.service.ts
View File

@ -11,6 +11,8 @@ import { UserSessionRepository } from '../../../../common/src/modules/session/re
import { UserSessionEntity } from '../../../../common/src/modules/session/entities'; import { UserSessionEntity } from '../../../../common/src/modules/session/entities';
import { ConfigService } from '@nestjs/config'; import { ConfigService } from '@nestjs/config';
import { OAuth2Client } from 'google-auth-library'; import { OAuth2Client } from 'google-auth-library';
import { PlatformType } from '@app/common/constants/platform-type.enum';
import { RoleType } from '@app/common/constants/role.type.enum';
@Injectable() @Injectable()
export class AuthService { export class AuthService {
@ -29,6 +31,7 @@ export class AuthService {
email: string, email: string,
pass: string, pass: string,
regionUuid?: string, regionUuid?: string,
platform?: PlatformType,
): Promise<any> { ): Promise<any> {
const user = await this.userRepository.findOne({ const user = await this.userRepository.findOne({
where: { where: {
@ -37,7 +40,13 @@ export class AuthService {
}, },
relations: ['roleType'], relations: ['roleType'],
}); });
if (
platform === PlatformType.WEB &&
(user.roleType.type === RoleType.SPACE_OWNER ||
user.roleType.type === RoleType.SPACE_MEMBER)
) {
throw new UnauthorizedException('Access denied for web platform');
}
if (!user) { if (!user) {
throw new BadRequestException('Invalid credentials'); throw new BadRequestException('Invalid credentials');
} }

4
libs/common/src/constants/platform-type.enum.ts Normal file
View File

@ -0,0 +1,4 @@
export enum PlatformType {
WEB = 'web',
MOBILE = 'mobile',
}

8
src/auth/dtos/user-login.dto.ts
View File

@ -1,5 +1,6 @@
import { PlatformType } from '@app/common/constants/platform-type.enum';
import { ApiProperty } from '@nestjs/swagger'; import { ApiProperty } from '@nestjs/swagger';
import { IsEmail, IsOptional, IsString } from 'class-validator'; import { IsEmail, IsEnum, IsOptional, IsString } from 'class-validator';
export class UserLoginDto { export class UserLoginDto {
@ApiProperty() @ApiProperty()
@ -20,4 +21,9 @@ export class UserLoginDto {
@IsOptional() @IsOptional()
@IsString() @IsString()
googleCode?: string; googleCode?: string;
@ApiProperty()
@IsOptional()
@IsEnum(PlatformType)
platform?: PlatformType;
} }

1
src/auth/services/user-auth.service.ts
View File

@ -132,6 +132,7 @@ export class UserAuthService {
data.email, data.email,
data.password, data.password,
data.regionUuid, data.regionUuid,
data.platform,
); );
} }
const session = await Promise.all([ const session = await Promise.all([