Merge pull request #311 from boostcampwm-2024/dev

[Deploy] 6주차 2차 배포

Author: ShipFriend0516

backend/package.json

@@ -38,6 +38,7 @@
     "cookie-parser": "^1.4.7",
     "dotenv": "^16.4.5",
     "ioredis": "^5.4.1",
+    "jsonwebtoken": "^9.0.2",
     "mysql2": "^3.11.4",
     "nestjs-redis-om": "^0.1.2",
     "passport": "^0.7.0",
@@ -59,6 +60,7 @@
     "@types/cookie-parser": "^1.4.7",
     "@types/express": "^5.0.0",
     "@types/jest": "^29.5.2",
+    "@types/jsonwebtoken": "^9.0.7",
     "@types/node": "^20.3.1",
     "@types/passport-github": "^1.1.12",
     "@types/passport-local": "^1.0.38",

backend/src/app.module.ts

@@ -14,7 +14,6 @@ import { createDataSource, typeOrmConfig } from "./config/typeorm.config";
 import { QuestionListModule } from "./question-list/question-list.module";
 import { RedisOmModule } from "@moozeh/nestjs-redis-om";
 import { SigServerModule } from "@/signaling-server/sig-server.module";
-import { QuestionModule } from './question/question.module';
 
 @Module({
     imports: [
@@ -30,7 +29,6 @@ import { QuestionModule } from './question/question.module';
         UserModule,
         QuestionListModule,
         SigServerModule,
-        QuestionModule,
     ],
     controllers: [AppController],
     providers: [AppService],

backend/src/auth/auth.controller.ts

@@ -1,30 +1,36 @@
-import { Controller, Get, Post, Res, UseGuards } from "@nestjs/common";
+import {
+    Controller,
+    Get,
+    InternalServerErrorException,
+    Post,
+    Res,
+    UnauthorizedException,
+    UseGuards,
+} from "@nestjs/common";
 import { AuthGuard } from "@nestjs/passport";
 import { Response } from "express";
-import { AuthService } from "./auth.service";
 import { setCookieConfig } from "@/config/cookie.config";
 import { JwtPayload, JwtTokenPair } from "./jwt/jwt.decorator";
 import { IJwtPayload, IJwtToken, IJwtTokenPair } from "./jwt/jwt.model";
 
 @Controller("auth")
 export class AuthController {
-    private static ACCESS_TOKEN = "accessToken";
-    private static REFRESH_TOKEN = "refreshToken";
-
-    constructor(private readonly authService: AuthService) {}
+    constructor() {}
 
     @Post("github")
     @UseGuards(AuthGuard("github"))
     async githubCallback(
         @Res({ passthrough: true }) res: Response,
         @JwtTokenPair() pair: IJwtTokenPair
     ) {
+        if (!pair) throw new InternalServerErrorException();
         return this.setCookie(res, pair.accessToken, pair.refreshToken);
     }
 
     @Get("whoami")
     @UseGuards(AuthGuard("jwt"))
     async handleWhoami(@JwtPayload() payload: IJwtPayload) {
+        if (!payload) throw new UnauthorizedException();
         return payload;
     }
 
@@ -34,12 +40,14 @@ export class AuthController {
         @Res({ passthrough: true }) res: Response,
         @JwtTokenPair() pair: IJwtTokenPair
     ) {
+        if (!pair) throw new UnauthorizedException();
         return this.setCookie(res, pair.accessToken);
     }
 
     @Post("login")
     @UseGuards(AuthGuard("local"))
     async login(@Res({ passthrough: true }) res: Response, @JwtTokenPair() pair: IJwtTokenPair) {
+        if (!pair) throw new UnauthorizedException();
         return this.setCookie(res, pair.accessToken, pair.refreshToken);
     }
 

backend/src/auth/jwt/jwt.decorator.ts

@@ -1,9 +1,4 @@
-import {
-    createParamDecorator,
-    ExecutionContext,
-    InternalServerErrorException,
-    UnauthorizedException,
-} from "@nestjs/common";
+import { createParamDecorator, ExecutionContext } from "@nestjs/common";
 import {
     IJwtPayload as IJwtPayload,
     IJwtToken as IJwtToken,
@@ -15,7 +10,7 @@ export const JwtPayload = createParamDecorator((data: unknown, ctx: ExecutionCon
     const payload = request.user.jwtToken;
 
     if (!isJwtTokenPayload(payload)) {
-        throw new UnauthorizedException("Invalid jwt token payload");
+        return null;
     }
 
     return payload;
@@ -26,7 +21,7 @@ export const JwtTokenPair = createParamDecorator((data: unknown, ctx: ExecutionC
     const payload = request.user.jwtToken;
 
     if (!isJwtTokenPair(payload)) {
-        throw new InternalServerErrorException("Invalid jwt token");
+        return null;
     }
 
     return payload;

backend/src/auth/jwt/strategy/access-token.strategy.ts

@@ -1,30 +1,29 @@
 import { Injectable } from "@nestjs/common";
 import { PassportStrategy } from "@nestjs/passport";
-import { Strategy } from "passport-jwt";
+import { Strategy } from "passport-custom";
 import { Request } from "express";
+import * as jwt from "jsonwebtoken";
 import "dotenv/config";
 
 @Injectable()
 export class AccessTokenStrategy extends PassportStrategy(Strategy, "jwt") {
-    constructor() {
-        super({
-            jwtFromRequest: (req: Request) => {
-                if (!req || !req.cookies) return null;
-                return req.cookies["accessToken"];
-            },
-            secretOrKey: process.env.JWT_ACCESS_TOKEN_SECRET_KEY,
-            passReqToCallback: true,
-        });
-    }
+    async validate(req: Request) {
+        try {
+            const token = req.cookies?.accessToken;
+
+            if (!token) return { jwtToken: null };
 
-    async validate(req: Request, payload: any) {
-        const { userId, username } = payload;
+            const decoded = jwt.verify(token, process.env.JWT_ACCESS_TOKEN_SECRET_KEY);
+            const { userId, username } = decoded as any;
 
-        return {
-            jwtToken: {
-                userId,
-                username,
-            },
-        };
+            return {
+                jwtToken: {
+                    userId,
+                    username,
+                },
+            };
+        } catch {
+            return { jwtToken: null };
+        }
     }
 }

backend/src/question-list/dto/question-list.dto.ts

@@ -0,0 +1,5 @@
+import { QuestionList } from "@/question-list/entity/question-list.entity";
+
+export class QuestionListDto extends QuestionList {
+    categoryNames?: string[];
+}