diff --git a/src/app.module.ts b/src/app.module.ts index 7a8461f..cef2349 100644 --- a/src/app.module.ts +++ b/src/app.module.ts @@ -106,6 +106,7 @@ import { OtpVerificationModule } from './modules/configuration/otp-verification/ import { OtpVerificationModel } from './modules/configuration/otp-verification/data/models/otp-verification.model'; import { OtpVerifierModel } from './modules/configuration/otp-verification/data/models/otp-verifier.model'; import { RescheduleVerificationModel } from './modules/booking-online/order/data/models/reschedule-verification.model'; +import { OtpCheckerGuard } from './core/guards/domain/otp-checker.guard'; @Module({ imports: [ @@ -246,6 +247,8 @@ import { RescheduleVerificationModel } from './modules/booking-online/order/data providers: [ AuthService, PrivilegeService, + OtpCheckerGuard, + /** * By default all request from client will protect by JWT * if there is some endpoint/function that does'nt require authentication diff --git a/src/core/guards/domain/otp-checker.guard.ts b/src/core/guards/domain/otp-checker.guard.ts new file mode 100644 index 0000000..2ef4802 --- /dev/null +++ b/src/core/guards/domain/otp-checker.guard.ts @@ -0,0 +1,57 @@ +import { + CanActivate, + ExecutionContext, + Injectable, + UnprocessableEntityException, +} from '@nestjs/common'; +import { InjectDataSource } from '@nestjs/typeorm'; +import { CONNECTION_NAME } from 'src/core/strings/constants/base.constants'; +import { OtpVerificationModel } from 'src/modules/configuration/otp-verification/data/models/otp-verification.model'; +import { OtpVerificationEntity } from 'src/modules/configuration/otp-verification/domain/entities/otp-verification.entity'; +import { DataSource } from 'typeorm'; + +@Injectable() +export class OtpCheckerGuard implements CanActivate { + constructor( + @InjectDataSource(CONNECTION_NAME.DEFAULT) + protected readonly dataSource: DataSource, + ) {} + + get otpRepository() { + return this.dataSource.getRepository(OtpVerificationModel); + } + + async canActivate(context: ExecutionContext): Promise { + const request = context.switchToHttp().getRequest(); + const verificationCode = request.headers['x-verification-code']; + console.log({ verificationCode }); + + if (verificationCode) { + const decoded = Buffer.from(verificationCode, 'base64').toString('ascii'); + const [dataIdentity, otpCode] = decoded.split('|'); + + let otpData: OtpVerificationEntity; + + otpData = await this.otpRepository.findOne({ + where: { + otp_code: otpCode, + target_id: dataIdentity, + }, + }); + + if (!otpData) { + otpData = await this.otpRepository.findOne({ + where: { + otp_code: otpCode, + reference: dataIdentity, + }, + }); + } + + if (otpData && otpData?.verified_at) return true; + console.log({ dataIdentity, otpCode, otpData }); + } + + throw new UnprocessableEntityException('OTP not verified.'); + } +} diff --git a/src/modules/configuration/otp-verification/infrastructure/guards/otp-auth-guard.ts b/src/modules/configuration/otp-verification/infrastructure/guards/otp-auth.guard.ts similarity index 100% rename from src/modules/configuration/otp-verification/infrastructure/guards/otp-auth-guard.ts rename to src/modules/configuration/otp-verification/infrastructure/guards/otp-auth.guard.ts diff --git a/src/modules/configuration/otp-verification/infrastructure/otp-verification-data.controller.ts b/src/modules/configuration/otp-verification/infrastructure/otp-verification-data.controller.ts index 1d1124f..b441441 100644 --- a/src/modules/configuration/otp-verification/infrastructure/otp-verification-data.controller.ts +++ b/src/modules/configuration/otp-verification/infrastructure/otp-verification-data.controller.ts @@ -16,7 +16,7 @@ import { OtpVerifierCreateDto, OtpVerifyDto, } from './dto/otp-verification.dto'; -import { OtpAuthGuard } from './guards/otp-auth-guard'; +import { OtpAuthGuard } from './guards/otp-auth.guard'; import { OtpVerifierService } from '../data/services/otp-verifier.service'; @ApiTags(`${MODULE_NAME.OTP_VERIFICATIONS.split('-').join(' ')} - data`) diff --git a/src/modules/configuration/otp-verification/otp-verification.module.ts b/src/modules/configuration/otp-verification/otp-verification.module.ts index efdfba6..d4e933d 100644 --- a/src/modules/configuration/otp-verification/otp-verification.module.ts +++ b/src/modules/configuration/otp-verification/otp-verification.module.ts @@ -10,7 +10,7 @@ import { } from './infrastructure/otp-verification-data.controller'; import { OtpVerificationService } from './data/services/otp-verification.service'; import { OtpVerifierModel } from './data/models/otp-verifier.model'; -import { OtpAuthGuard } from './infrastructure/guards/otp-auth-guard'; +import { OtpAuthGuard } from './infrastructure/guards/otp-auth.guard'; import { JwtModule } from '@nestjs/jwt'; import { JWT_EXPIRED } from 'src/core/sessions/constants'; diff --git a/src/modules/transaction/transaction/infrastructure/transaction-data.controller.ts b/src/modules/transaction/transaction/infrastructure/transaction-data.controller.ts index 97d3e30..d2b401d 100644 --- a/src/modules/transaction/transaction/infrastructure/transaction-data.controller.ts +++ b/src/modules/transaction/transaction/infrastructure/transaction-data.controller.ts @@ -20,7 +20,7 @@ import { BatchResult } from 'src/core/response/domain/ok-response.interface'; import { BatchIdsDto } from 'src/core/modules/infrastructure/dto/base-batch.dto'; import { Public } from 'src/core/guards'; import { DownloadPdfDto } from './dto/donwload-pdf.dto'; -import { OtpAuthGuard } from 'src/modules/configuration/otp-verification/infrastructure/guards/otp-auth-guard'; +import { OtpAuthGuard } from 'src/modules/configuration/otp-verification/infrastructure/guards/otp-auth.guard'; @ApiTags(`${MODULE_NAME.TRANSACTION.split('-').join(' ')} - data`) @Controller(`v1/${MODULE_NAME.TRANSACTION}`)