Tetardtek/TetaRdPG
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ac88cbb5abcbe6561cccc6fc08fc6d665f7bc47e
TetaRdPG/src/auth/auth.controller.ts
Tetardtek 8c6777c980
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 1m2s
Details
feat: PKCE auth + CI/CD deploy 
- Frontend: PKCE flow (oauth.ts, AuthCallback code exchange, 401 interceptor)
- Backend: token introspection via SuperOAuth (no more JWT secret)
- User model: superOauthId (unified) replaces oauthId+provider
- Cookies httpOnly session + refresh token
- POST /auth/refresh endpoint
- Gitea CI workflow (vps-runner pattern)
- DB_SYNC env var for initial schema creation
2026-03-24 13:01:14 +01:00

60 lines
1.5 KiB
TypeScript
Raw Blame History

import {
Controller,
Post,
Get,
Body,
Res,
Req,
UseGuards,
HttpCode,
HttpStatus,
UnauthorizedException,
} from '@nestjs/common';
import { Throttle } from '@nestjs/throttler';
import { Response, Request } from 'express';
import { AuthService } from './auth.service';
import { AuthGuard } from './guards/auth.guard';
import { SetSessionDto } from './dto/set-session.dto';
import { User } from '../user/user.entity';
@Controller('auth')
export class AuthController {
constructor(private readonly authService: AuthService) {}
@Post('session')
@HttpCode(HttpStatus.OK)
@Throttle({ default: { ttl: 60_000, limit: 10 } })
async setSession(
@Body() dto: SetSessionDto,
@Res({ passthrough: true }) res: Response,
) {
return this.authService.setSession(dto, res);
}
@Post('refresh')
@HttpCode(HttpStatus.OK)
@Throttle({ default: { ttl: 60_000, limit: 10 } })
async refresh(
@Req() req: Request,
@Res({ passthrough: true }) res: Response,
) {
const refreshToken = (req.signedCookies as Record<string, string>)?.refresh_token;
if (!refreshToken) {
throw new UnauthorizedException('Pas de refresh token');
}
return this.authService.refreshSession(res, refreshToken);
}
@Get('me')
@UseGuards(AuthGuard)
async getMe(@Req() req: Request & { user: User }) {
return this.authService.getMe(req.user);
}
@Post('logout')
@HttpCode(HttpStatus.NO_CONTENT)
logout(@Res({ passthrough: true }) res: Response) {
this.authService.logout(res);
}
}
Reference in New Issue View Git Blame Copy Permalink