feat: add admin login auth flow (#112)

OsmosysSoftware · Jan 17, 2024 · fa1f339 · fa1f339
1 parent f65ff07
commit fa1f339
Show file tree

Hide file tree

Showing 14 changed files with 217 additions and 1 deletion.
diff --git a/apps/api/.env.example b/apps/api/.env.example
@@ -2,6 +2,10 @@
 SERVER_PORT=
 SERVER_API_KEY= # Add your API Key
 
+# Portal Credentials
+ADMIN_USERNAME=admin
+ADMIN_PASSWORD=admin@123
+
 # Node env
 NODE_ENV= # Use "development" for graphql playground to work
 

diff --git a/apps/api/package-lock.json b/apps/api/package-lock.json
diff --git a/apps/api/package.json b/apps/api/package.json
@@ -36,6 +36,7 @@
     "@nestjs/config": "^3.0.0",
     "@nestjs/core": "^10.0.0",
     "@nestjs/graphql": "^12.0.11",
+    "@nestjs/passport": "^10.0.3",
     "@nestjs/platform-express": "^10.0.0",
     "@nestjs/schedule": "^3.0.3",
     "@nestjs/typeorm": "^10.0.0",
@@ -49,6 +50,8 @@
     "mysql2": "^3.6.0",
     "nest-winston": "^1.9.4",
     "nodemailer": "^6.9.4",
+    "passport": "^0.7.0",
+    "passport-local": "^1.0.0",
     "reflect-metadata": "^0.1.13",
     "rxjs": "^7.8.1",
     "twilio": "^5.0.0-rc.1",

diff --git a/apps/api/src/app.module.ts b/apps/api/src/app.module.ts
@@ -9,6 +9,7 @@ import { DatabaseModule } from './database/database.module';
 import { GraphQLModule } from '@nestjs/graphql';
 import { ApolloDriver, ApolloDriverConfig } from '@nestjs/apollo';
 import { join } from 'path';
+import { AuthModule } from './modules/auth/auth.module';
 
 const configService = new ConfigService();
 @Module({
@@ -33,6 +34,7 @@ const configService = new ConfigService();
       sortSchema: true,
       playground: configService.getOrThrow('NODE_ENV') === 'development',
     }),
+    AuthModule,
   ],
   controllers: [AppController],
   providers: [AppService],

diff --git a/apps/api/src/modules/auth/auth.module.ts b/apps/api/src/modules/auth/auth.module.ts
@@ -0,0 +1,13 @@
+import { Module } from '@nestjs/common';
+import { AuthService } from './auth.service';
+import { PassportModule } from '@nestjs/passport';
+import { ConfigModule } from '@nestjs/config';
+import { LocalStrategy } from './strategies/local.strategy';
+import { AuthResolver } from './auth.resolver';
+
+@Module({
+  imports: [PassportModule, ConfigModule],
+  providers: [AuthResolver, AuthService, LocalStrategy],
+  exports: [AuthService],
+})
+export class AuthModule {}
diff --git a/apps/api/src/modules/auth/auth.resolver.spec.ts b/apps/api/src/modules/auth/auth.resolver.spec.ts
@@ -0,0 +1,18 @@
+import { Test, TestingModule } from '@nestjs/testing';
+import { AuthResolver } from './auth.resolver';
+
+describe('AuthResolver', () => {
+  let resolver: AuthResolver;
+
+  beforeEach(async () => {
+    const module: TestingModule = await Test.createTestingModule({
+      providers: [AuthResolver],
+    }).compile();
+
+    resolver = module.get<AuthResolver>(AuthResolver);
+  });
+
+  it('should be defined', () => {
+    expect(resolver).toBeDefined();
+  });
+});
diff --git a/apps/api/src/modules/auth/auth.resolver.ts b/apps/api/src/modules/auth/auth.resolver.ts
@@ -0,0 +1,17 @@
+import { AuthService } from './auth.service';
+import { Args, Mutation, Resolver } from '@nestjs/graphql';
+import { LoginResponse } from './dto/login-response';
+import { UseGuards } from '@nestjs/common';
+import { GqlLocalAuthGuard } from './guards/gql-local.guard';
+import { LoginUserInput } from './dto/login-user.input';
+
+@Resolver()
+export class AuthResolver {
+  constructor(private readonly authService: AuthService) {}
+
+  @Mutation(() => LoginResponse)
+  @UseGuards(GqlLocalAuthGuard)
+  async login(@Args('loginUserInput') loginUserInput: LoginUserInput): Promise<LoginResponse> {
+    return await this.authService.login(loginUserInput);
+  }
+}
diff --git a/apps/api/src/modules/auth/auth.service.spec.ts b/apps/api/src/modules/auth/auth.service.spec.ts
@@ -0,0 +1,18 @@
+import { Test, TestingModule } from '@nestjs/testing';
+import { AuthService } from './auth.service';
+
+describe('AuthService', () => {
+  let service: AuthService;
+
+  beforeEach(async () => {
+    const module: TestingModule = await Test.createTestingModule({
+      providers: [AuthService],
+    }).compile();
+
+    service = module.get<AuthService>(AuthService);
+  });
+
+  it('should be defined', () => {
+    expect(service).toBeDefined();
+  });
+});
diff --git a/apps/api/src/modules/auth/auth.service.ts b/apps/api/src/modules/auth/auth.service.ts
@@ -0,0 +1,27 @@
+import { Injectable } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
+import { LoginResponse } from './dto/login-response';
+
+@Injectable()
+export class AuthService {
+  constructor(private configService: ConfigService) {}
+
+  async validateUser(username: string, password: string): Promise<string> {
+    const adminUsername = this.configService.getOrThrow<string>('ADMIN_USERNAME');
+    const adminPassword = this.configService.getOrThrow<string>('ADMIN_PASSWORD');
+
+    if (username === adminUsername && password === adminPassword) {
+      return username;
+    }
+
+    return null;
+  }
+
+  async login(loginUserInput): Promise<LoginResponse> {
+    const token = this.configService.getOrThrow<string>('SERVER_API_KEY');
+    return {
+      token,
+      user: loginUserInput.username,
+    };
+  }
+}
diff --git a/apps/api/src/modules/auth/dto/login-response.ts b/apps/api/src/modules/auth/dto/login-response.ts
@@ -0,0 +1,10 @@
+import { Field, ObjectType } from '@nestjs/graphql';
+
+@ObjectType()
+export class LoginResponse {
+  @Field()
+  token: string;
+
+  @Field()
+  user: string;
+}
diff --git a/apps/api/src/modules/auth/dto/login-user.input.ts b/apps/api/src/modules/auth/dto/login-user.input.ts
@@ -0,0 +1,13 @@
+import { InputType, Field } from '@nestjs/graphql';
+import { IsNotEmpty } from 'class-validator';
+
+@InputType()
+export class LoginUserInput {
+  @Field()
+  @IsNotEmpty()
+  username: string;
+
+  @Field()
+  @IsNotEmpty()
+  password: string;
+}
diff --git a/apps/api/src/modules/auth/guards/gql-local.guard.ts b/apps/api/src/modules/auth/guards/gql-local.guard.ts
@@ -0,0 +1,14 @@
+import { Injectable, ExecutionContext } from '@nestjs/common';
+import { AuthGuard } from '@nestjs/passport';
+import { GqlExecutionContext } from '@nestjs/graphql';
+import { Request } from 'express';
+
+@Injectable()
+export class GqlLocalAuthGuard extends AuthGuard('local') {
+  getRequest(context: ExecutionContext): Request {
+    const ctx = GqlExecutionContext.create(context);
+    const request = ctx.getContext().req;
+    request.body = ctx.getArgs().loginUserInput;
+    return request;
+  }
+}
diff --git a/apps/api/src/modules/auth/strategies/local.strategy.ts b/apps/api/src/modules/auth/strategies/local.strategy.ts
@@ -0,0 +1,24 @@
+import { Strategy } from 'passport-local';
+import { PassportStrategy } from '@nestjs/passport';
+import { Injectable, UnauthorizedException } from '@nestjs/common';
+import { AuthService } from '../auth.service';
+
+@Injectable()
+export class LocalStrategy extends PassportStrategy(Strategy) {
+  constructor(private authService: AuthService) {
+    super({
+      usernameField: 'username',
+      passwordField: 'password',
+    });
+  }
+
+  async validate(username: string, password: string): Promise<string> {
+    const user = await this.authService.validateUser(username, password);
+
+    if (!user) {
+      throw new UnauthorizedException('Invalid username or password');
+    }
+
+    return user;
+  }
+}
diff --git a/apps/api/src/modules/notifications/notifications.resolver.ts b/apps/api/src/modules/notifications/notifications.resolver.ts
@@ -7,7 +7,7 @@ import { ApiKeyGuard } from 'src/common/guards/api-key/api-key.guard';
 import { UseGuards } from '@nestjs/common';
 
 @Resolver(() => Notification)
-// @UseGuards(ApiKeyGuard)
+@UseGuards(ApiKeyGuard)
 export class NotificationsResolver {
   constructor(private readonly notificationsService: NotificationsService) {}