반드시 cookie-parser 설치할것
import { Injectable } from '@nestjs/common';
import { PassportStrategy } from '@nestjs/passport';
import { ExtractJwt, Strategy } from 'passport-jwt';
@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy, 'jwt') {
constructor() {
super({
//Request에서 JWT 토큰을 추출하는 방법을 설정 -> Authorization에서 Bearer Token에 JWT 토큰을 담아 전송해야한다.
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
//true로 설정하면 Passport에 토큰 검증을 위임하지 않고 직접 검증, false는 Passport에 검증 위임
ignoreExpiration: false,
//검증 비밀 값(유출 주의)
secretOrKey: process.env.JWT_ACCESS_TOKEN_SECRET,
// passReqToCallback: true,
});
}
/**
* @description 클라이언트가 전송한 Jwt 토큰 정보
*
* @param payload 토큰 전송 내용
*/
async validate(payload: any): Promise<any> {
return { email: payload.email };
}
}
import { Injectable } from '@nestjs/common';
import { ConfigService } from '@nestjs/config';
import { PassportStrategy } from '@nestjs/passport';
import { Request } from 'express';
import { ExtractJwt, Strategy } from 'passport-jwt';
import { AuthService } from '../auth.service';
@Injectable()
export class JwtRefreshStrategy extends PassportStrategy(
Strategy,
'jwt-refresh-token',
) {
constructor(
private authService: AuthService,
private configService: ConfigService,
) {
super({
jwtFromRequest: ExtractJwt.fromExtractors([
(request: any) => {
return request?.cookies['Refresh'].split(' ')[1];
},
]),
// 공식문서
// jwtFromRequest: ExtractJwt.fromExtractors([
// (request: any) => {
// let token = null;
// if (request && request.cookies) {
// token = request.cookies['Refresh'].split(' ')[1];
// }
// return token;
// },
// ]),
ignoreExpiration: false,
secretOrKey: configService.get('JWT_REFRESH_TOKEN_SECRET'),
passReqToCallback: true,
});
}
async validate(req: any, payload: any): Promise<any> {
const refreshToken = req.cookies['Refresh'].split(' ')[1];
return this.authService.getUserIfRefreshTokenMatches(
refreshToken,
payload.email,
);
}
}
http://www.passportjs.org/packages/passport-jwt/
위 코드 주석에 나와있다.
import { Injectable } from '@nestjs/common';
import { ConfigService } from '@nestjs/config';
import { PassportStrategy } from '@nestjs/passport';
import { Request } from 'express';
import { ExtractJwt, Strategy } from 'passport-jwt';
import { AuthService } from '../auth.service';
@Injectable()
export class JwtRefreshStrategy extends PassportStrategy(
Strategy,
'jwt-refresh-token',
) {
constructor(
private authService: AuthService,
private configService: ConfigService,
) {
super({
// 공식문서
jwtFromRequest: ExtractJwt.fromExtractors([
(request: any) => {
let token = null;
if (request && request.cookies) {
token = request.cookies['Refresh'].split(' ')[1];
}
return token;
},
]),
ignoreExpiration: false,
secretOrKey: configService.get('JWT_REFRESH_TOKEN_SECRET'),
passReqToCallback: true,
});
}
async validate(req: any, payload: any): Promise<any> {
const refreshToken = req.cookies['Refresh'].split(' ')[1];
return this.authService.getUserIfRefreshTokenMatches(
refreshToken,
payload.email,
);
}
}