Jwt

.env.example

@@ -6,6 +6,8 @@ NODE_ENV=development
 SALT_DATA_HASH=[string]
 SALT_DATA_PASS=[string]
 
+SECRET=[string]
+
 MAIL_API_KEY=[string]
 MAIL_FROM=[string]
 MAIL_TEST_DELIVERED=[string]

package.json

@@ -27,9 +27,10 @@
  "@nestjs/common": "10.0.0",
  "@nestjs/config": "3.1.1",
  "@nestjs/core": "10.0.0",
+ "@nestjs/jwt": "^10.1.1",
  "@nestjs/platform-express": "10.0.0",
  "@nestjs/swagger": "7.1.8",
- "@prisma/client": "5.2.0",
+ "@prisma/client": "^5.3.1",
  "bcrypt": "5.1.1",
  "class-transformer": "0.5.1",
  "class-validator": "0.14.0",

src/app.module.ts

@@ -1,8 +1,9 @@
 import { Module } from '@nestjs/common';
 
 import { AccountModule } from './modules';
+import { AuthModule } from './modules/jwtModule/account.auth.module';
 
 @Module({
- imports: [AccountModule],
+ imports: [AccountModule, AuthModule],
 })
 export class AppModule {}

src/main.ts

@@ -13,6 +13,7 @@ async function bootstrap() {
  app.use(helmet());
  app.enableCors(corsOptionsConfig);
  app.useGlobalPipes(new ValidationPipe());
+
 
  const document = SwaggerModule.createDocument(app, swaggerDocumentConfig);
  SwaggerModule.setup('', app, document);

src/modules/account/account.service.ts

@@ -31,6 +31,7 @@ export class AccountService {
  salt: process.env.SALT_DATA_HASH,
  });
 
+
  if (!hashed) {
  throw new TryingHashException();
  }

src/modules/jwtModule/account.auth.controller.ts

@@ -0,0 +1,19 @@
+import { Body, Controller, Post, HttpCode } from '@nestjs/common';
+
+import { ApiTags } from '@nestjs/swagger';
+
+import { AuthService } from './account.auth.service';
+import { LoginDto } from './account.auth.login.dto';
+
+@Controller('/auth')
+export class AuthController {
+ constructor(private readonly authService: AuthService) {}
+
+ @ApiTags()
+ @Post('/login')
+ @HttpCode(200)
+ async login(@Body() { email, password }: LoginDto) {
+ const token = await this.authService.login(email, password);
+ return { token, message: 'Login efetuado com sucesso' };
+ }
+}

src/modules/jwtModule/account.auth.login.dto.ts

@@ -0,0 +1,7 @@
+import { PickType } from '@nestjs/swagger';
+import { CreateAccountDto } from '../account/account.dto';
+
+export class LoginDto extends PickType(CreateAccountDto, [
+ 'email',
+ 'password',
+]) {}

src/modules/jwtModule/account.auth.module.ts

@@ -0,0 +1,23 @@
+import { Module } from '@nestjs/common';
+import { JwtModule } from '@nestjs/jwt';
+import { AuthController } from './account.auth.controller';
+
+import { PrismaModule } from 'src/prisma/prisma.module';
+import { AccountModule } from '../account/account.module';
+import { AuthService } from './account.auth.service';
+import { AccountService } from '../account/account.service';
+import { AccountRepository } from '../account/account.repository';
+
+@Module({
+ imports: [
+ JwtModule.register({
+ secret: process.env.SECRET,
+ }),
+ AccountModule,
+ PrismaModule,
+ AuthModule,
+ ],
+ controllers: [AuthController],
+ providers: [AuthService, AccountService, AccountRepository],
+})
+export class AuthModule {}

src/modules/jwtModule/account.auth.service.ts

@@ -0,0 +1,65 @@
+import { BadRequestException, Injectable } from '@nestjs/common';
+import { JwtService } from '@nestjs/jwt';
+import { PrismaService } from 'src/prisma/prisma.service';
+import { Credential } from '@prisma/client';
+import * as bcrypt from 'bcrypt';
+import { hashDataAsync } from '../../globals/utils';
+
+@Injectable()
+export class AuthService {
+ constructor(
+ private readonly jwtService: JwtService,
+ private readonly prisma: PrismaService,
+ ) {}
+
+ async createToken(user: Credential) {
+ const token = {
+ accessToken: this.jwtService.sign(
+ {
+ id: user.id,
+ },
+ {
+ expiresIn: '1 h',
+ subject: String(user.id),
+ },
+ ),
+
+ refreshToken: this.jwtService.sign(
+ {
+ id: user.id,
+ },
+ {
+ expiresIn: '3 h',
+ subject: String(user.id),
+ },
+ ),
+ };
+
+ return token;
+ }
+
+ async login(email: string, password: string) {
+ const hashedEmail = await hashDataAsync({
+ unhashedData: email,
+ salt: process.env.SALT_DATA_HASH,
+ });
+
+ const user = await this.prisma.credential.findUnique({
+ where: {
+ email: hashedEmail,
+ },
+ });
+
+ if (!user) {
+ throw new BadRequestException('Usuário não encontrado.');
+ }
+
+ const comparePassword = await bcrypt.compare(password, user.password);
+
+ if (!comparePassword) {
+ throw new BadRequestException('A senha está incorreta.');
+ }
+
+ return this.createToken(user);
+ }
+}