Merge pull request #202 from boostcampwm2023/BE-setGuard-#200

[BE/#200] Guard 인가 구현
boostcampwm2023 · Nov 28, 2023 · 4fd8af6 · 4fd8af6
2 parents 0c523e3 + 9ec7f63
commit 4fd8af6
Show file tree

Hide file tree

Showing 12 changed files with 67 additions and 8 deletions.
diff --git a/BE/src/login/login.controller.ts b/BE/src/login/login.controller.ts
@@ -1,8 +1,16 @@
-import { Body, Controller, HttpException, Post } from '@nestjs/common';
+import {
+  Body,
+  Controller,
+  HttpException,
+  Post,
+  UseGuards,
+} from '@nestjs/common';
 import { LoginService, SocialProperties } from './login.service';
 import { AppleLoginDto } from './appleLoginDto';
+import { AuthGuard } from 'src/utils/auth.guard';
 
 @Controller('login')
+@UseGuards(AuthGuard)
 export class LoginController {
   constructor(private readonly loginService: LoginService) {}
 

diff --git a/BE/src/login/login.module.ts b/BE/src/login/login.module.ts
@@ -5,13 +5,14 @@ import { JwtModule } from '@nestjs/jwt';
 import { JwtConfig } from '../config/jwt.config';
 import { TypeOrmModule } from '@nestjs/typeorm';
 import { UserEntity } from '../entities/user.entity';
+import { AuthGuard } from 'src/utils/auth.guard';
 
 @Module({
   imports: [
     JwtModule.registerAsync({ useClass: JwtConfig }),
     TypeOrmModule.forFeature([UserEntity]),
   ],
   controllers: [LoginController],
-  providers: [LoginService],
+  providers: [LoginService, AuthGuard],
 })
 export class LoginModule {}
diff --git a/BE/src/main.ts b/BE/src/main.ts
@@ -6,6 +6,7 @@ import { dailyOption, winstonOptions } from './config/winston.config';
 import * as winstonDaily from 'winston-daily-rotate-file';
 import { ValidationPipe } from '@nestjs/common';
 import { HttpLoggerInterceptor } from './utils/httpLogger.interceptor';
+import { AuthGuard } from './utils/auth.guard';
 
 async function bootstrap() {
   const app = await NestFactory.create(AppModule, {
@@ -19,6 +20,7 @@ async function bootstrap() {
   });
   // app.useGlobalInterceptors(new HttpLoggerInterceptor());
   app.useLogger(app.get(WINSTON_MODULE_NEST_PROVIDER));
+  app.useGlobalGuards(new AuthGuard());
   app.useGlobalPipes(
     new ValidationPipe({
       transform: true,

diff --git a/BE/src/post/post.controller.ts b/BE/src/post/post.controller.ts
@@ -9,6 +9,7 @@ import {
   Post,
   Query,
   UploadedFiles,
+  UseGuards,
   UseInterceptors,
   ValidationPipe,
 } from '@nestjs/common';
@@ -19,9 +20,11 @@ import { FilesInterceptor } from '@nestjs/platform-express';
 import { PostCreateDto } from './dto/postCreate.dto';
 import { MultiPartBody } from '../utils/multiPartBody.decorator';
 import { PostListDto } from './dto/postList.dto';
+import { AuthGuard } from 'src/utils/auth.guard';
 
 @Controller('posts')
 @ApiTags('posts')
+@UseGuards(AuthGuard)
 export class PostController {
   constructor(private readonly postService: PostService) {}
 

diff --git a/BE/src/post/post.module.ts b/BE/src/post/post.module.ts
@@ -8,6 +8,7 @@ import { UserEntity } from '../entities/user.entity';
 import { PostImageEntity } from '../entities/postImage.entity';
 import { BlockUserEntity } from '../entities/blockUser.entity';
 import { BlockPostEntity } from '../entities/blockPost.entity';
+import { AuthGuard } from 'src/utils/auth.guard';
 
 @Module({
   imports: [
@@ -20,6 +21,6 @@ import { BlockPostEntity } from '../entities/blockPost.entity';
     ]),
   ],
   controllers: [PostController],
-  providers: [PostService, S3Handler],
+  providers: [PostService, S3Handler, AuthGuard],
 })
 export class PostModule {}
diff --git a/BE/src/posts-block/posts-block.controller.ts b/BE/src/posts-block/posts-block.controller.ts
@@ -1,7 +1,16 @@
-import { Controller, Delete, Get, Param, Post } from '@nestjs/common';
+import {
+  Controller,
+  Delete,
+  Get,
+  Param,
+  Post,
+  UseGuards,
+} from '@nestjs/common';
 import { PostsBlockService } from './posts-block.service';
+import { AuthGuard } from 'src/utils/auth.guard';
 
 @Controller('posts/block')
+@UseGuards(AuthGuard)
 export class PostsBlockController {
   constructor(private readonly postsBlockService: PostsBlockService) {}
   @Post(':id')

diff --git a/BE/src/posts-block/posts-block.module.ts b/BE/src/posts-block/posts-block.module.ts
@@ -4,10 +4,11 @@ import { PostsBlockService } from './posts-block.service';
 import { TypeOrmModule } from '@nestjs/typeorm';
 import { BlockPostEntity } from '../entities/blockPost.entity';
 import { PostEntity } from '../entities/post.entity';
+import { AuthGuard } from 'src/utils/auth.guard';
 
 @Module({
   imports: [TypeOrmModule.forFeature([BlockPostEntity, PostEntity])],
   controllers: [PostsBlockController],
-  providers: [PostsBlockService],
+  providers: [PostsBlockService, AuthGuard],
 })
 export class PostsBlockModule {}
diff --git a/BE/src/users-block/users-block.controller.ts b/BE/src/users-block/users-block.controller.ts
@@ -1,7 +1,16 @@
-import { Controller, Get, Post, Param, Delete } from '@nestjs/common';
+import {
+  Controller,
+  Get,
+  Post,
+  Param,
+  Delete,
+  UseGuards,
+} from '@nestjs/common';
 import { UsersBlockService } from './users-block.service';
+import { AuthGuard } from 'src/utils/auth.guard';
 
 @Controller('users/block')
+@UseGuards(AuthGuard)
 export class UsersBlockController {
   constructor(private readonly usersBlockService: UsersBlockService) {}
 

diff --git a/BE/src/users-block/users-block.module.ts b/BE/src/users-block/users-block.module.ts
@@ -4,10 +4,11 @@ import { UsersBlockController } from './users-block.controller';
 import { TypeOrmModule } from '@nestjs/typeorm';
 import { BlockUserEntity } from 'src/entities/blockUser.entity';
 import { UserEntity } from 'src/entities/user.entity';
+import { AuthGuard } from 'src/utils/auth.guard';
 
 @Module({
   imports: [TypeOrmModule.forFeature([BlockUserEntity, UserEntity])],
   controllers: [UsersBlockController],
-  providers: [UsersBlockService],
+  providers: [UsersBlockService, AuthGuard],
 })
 export class UsersBlockModule {}
diff --git a/BE/src/users/users.controller.ts b/BE/src/users/users.controller.ts
@@ -9,14 +9,17 @@ import {
   ValidationPipe,
   UploadedFile,
   HttpException,
+  UseGuards,
 } from '@nestjs/common';
 import { UsersService } from './users.service';
 import { CreateUserDto } from './createUser.dto';
 import { FileInterceptor } from '@nestjs/platform-express';
 import { MultiPartBody } from 'src/utils/multiPartBody.decorator';
 import { UpdateUsersDto } from './usersUpdate.dto';
+import { AuthGuard } from 'src/utils/auth.guard';
 
 @Controller('users')
+@UseGuards(AuthGuard)
 export class UsersController {
   constructor(private readonly usersService: UsersService) {}
 

diff --git a/BE/src/users/users.module.ts b/BE/src/users/users.module.ts
@@ -8,6 +8,7 @@ import { PostEntity } from '../entities/post.entity';
 import { PostImageEntity } from '../entities/postImage.entity';
 import { BlockUserEntity } from '../entities/blockUser.entity';
 import { BlockPostEntity } from '../entities/blockPost.entity';
+import { AuthGuard } from 'src/utils/auth.guard';
 
 @Module({
   imports: [
@@ -20,6 +21,6 @@ import { BlockPostEntity } from '../entities/blockPost.entity';
     ]),
   ],
   controllers: [UsersController],
-  providers: [UsersService, S3Handler],
+  providers: [UsersService, S3Handler, AuthGuard],
 })
 export class UsersModule {}
diff --git a/BE/src/utils/auth.guard.ts b/BE/src/utils/auth.guard.ts
@@ -0,0 +1,20 @@
+import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common';
+import * as jwt from 'jsonwebtoken';
+
+@Injectable()
+export class AuthGuard implements CanActivate {
+  canActivate(context: ExecutionContext): boolean {
+    const requestHeader = context.switchToHttp().getRequest().headers;
+
+    if (requestHeader) {
+      try {
+        jwt.verify(requestHeader.authorization, process.env.JWT_SECRET);
+        return true;
+      } catch (err) {
+        return false;
+      }
+    } else {
+      return false;
+    }
+  }
+}