LocChat/server/controllers/sessions.controller.ts
2021-11-20 18:18:58 -07:00

49 lines
1.1 KiB
TypeScript

import {
Body,
Controller,
HttpException,
HttpStatus,
Post,
Res,
} from '@nestjs/common';
import { Response } from 'express';
import * as jwt from 'jsonwebtoken';
import { UsersService } from 'server/providers/services/users.service';
import { SignInDto } from 'server/dto/sign_in.dto';
// this is kind of a misnomer because we are doing token based auth
// instead of session based auth
@Controller()
export class SessionsController {
constructor(private usersService: UsersService) {}
@Post('/sign_in')
async signIn(
@Body() body: SignInDto,
@Res({ passthrough: true }) res: Response,
) {
const { verified, user } = await this.usersService.verify(
body.username,
body.password,
);
if (!verified) {
throw new HttpException(
'Invalid email or password.',
HttpStatus.BAD_REQUEST,
);
}
// Write JWT to cookie and send with response.
const token = jwt.sign(
{
user_id: user.id,
},
process.env.ENCRYPTION_KEY,
{ expiresIn: '1h' },
);
res.cookie('_token', token);
return { token };
}
}