前面获取到token 加入校验
此时需要从token中解析用户信息 CURD携带实现数据隔离
interceptor/request.ts
import { Injectable, CanActivate, ExecutionContext } from '@nestjs/common';
import { JwtService } from '@nestjs/jwt';
import { jwtConstants } from "./../auth/constants";
@Injectable()
export class TokenGuard implements CanActivate {
constructor(private readonly jwtService: JwtService) { }
async canActivate(
context: ExecutionContext,
): Promise<any> {
const req = context.switchToHttp().getRequest();
const token = req.headers.authorization.split(' ')[1];
const user = await this.jwtService.verifyAsync(token, { secret: jwtConstants.secret })
req.query.userId = user.userId
req.body.userId = user.userId
return true;
}
}
使用 TokenGuard 将解析到的当前用户信息注入到req,res
@UseGuards(AuthGuard("jwt"))
@UseGuards(TokenGuard)
