diff --git a/back/src/album/album.controller.ts b/back/src/album/album.controller.ts index 99bae1e..83b29af 100644 --- a/back/src/album/album.controller.ts +++ b/back/src/album/album.controller.ts @@ -23,10 +23,11 @@ import { FilterQuery } from "src/utils/filter.pipe"; import { Album as _Album } from "src/_gen/prisma-class/album"; import { IncludeMap, mapInclude } from "src/utils/include"; import { AuthGuard } from "@nestjs/passport"; +import { ChromaAuthGuard } from "src/auth/chroma-auth.guard"; @Controller("album") @ApiTags("album") -@UseGuards(AuthGuard(["jwt", "api-key"])) +@UseGuards(ChromaAuthGuard) export class AlbumController { static filterableFields: string[] = ["+id", "name", "+artistId"]; static includableFields: IncludeMap = { diff --git a/back/src/artist/artist.controller.ts b/back/src/artist/artist.controller.ts index 283d905..50d17cc 100644 --- a/back/src/artist/artist.controller.ts +++ b/back/src/artist/artist.controller.ts @@ -32,10 +32,11 @@ import { Artist as _Artist } from "src/_gen/prisma-class/artist"; import { IncludeMap, mapInclude } from "src/utils/include"; import { Public } from "src/auth/public"; import { AuthGuard } from "@nestjs/passport"; +import { ChromaAuthGuard } from "src/auth/chroma-auth.guard"; @Controller("artist") @ApiTags("artist") -@UseGuards(AuthGuard(["jwt", "api-key"])) +@UseGuards(ChromaAuthGuard) export class ArtistController { static filterableFields = ["+id", "name"]; static includableFields: IncludeMap = { diff --git a/back/src/auth/auth.controller.ts b/back/src/auth/auth.controller.ts index 2174037..d4c5e92 100644 --- a/back/src/auth/auth.controller.ts +++ b/back/src/auth/auth.controller.ts @@ -50,6 +50,7 @@ import { writeFile } from "fs"; import { PasswordResetDto } from "./dto/password_reset.dto "; import { mapInclude } from "src/utils/include"; import { SongController } from "src/song/song.controller"; +import { ChromaAuthGuard } from "./chroma-auth.guard"; @ApiTags("auth") @Controller("auth") @@ -167,7 +168,7 @@ export class AuthController { return this.authService.login(user); } - @UseGuards(AuthGuard(["jwt", "api-key"])) + @UseGuards(ChromaAuthGuard) @ApiBearerAuth() @ApiOperation({ description: "Get the profile picture of connected user" }) @ApiOkResponse({ description: "The user profile picture" }) @@ -177,7 +178,7 @@ export class AuthController { return await this.usersService.getProfilePicture(req.user.id, res); } - @UseGuards(AuthGuard(["jwt", "api-key"])) + @UseGuards(ChromaAuthGuard) @ApiBearerAuth() @ApiOkResponse({ description: "The user profile picture" }) @ApiUnauthorizedResponse({ description: "Invalid token" }) @@ -215,7 +216,7 @@ export class AuthController { return user; } - @UseGuards(AuthGuard(["jwt", "api-key"])) + @UseGuards(ChromaAuthGuard) @ApiBearerAuth() @ApiOkResponse({ description: "Successfully edited profile", type: User }) @ApiUnauthorizedResponse({ description: "Invalid token" }) diff --git a/back/src/auth/chroma-auth.guard.ts b/back/src/auth/chroma-auth.guard.ts new file mode 100644 index 0000000..40a1c70 --- /dev/null +++ b/back/src/auth/chroma-auth.guard.ts @@ -0,0 +1,22 @@ +import { ExecutionContext, Injectable } from "@nestjs/common"; +import { Reflector } from "@nestjs/core"; +import { AuthGuard } from "@nestjs/passport"; +import { IS_PUBLIC_KEY } from "./public"; + +@Injectable() +export class ChromaAuthGuard extends AuthGuard(["jwt", "api-key"]) { + constructor(private reflector: Reflector) { + super(); + } + + canActivate(context: ExecutionContext) { + const isPublic = this.reflector.getAllAndOverride(IS_PUBLIC_KEY, [ + context.getHandler(), + context.getClass(), + ]); + if (isPublic) { + return true; + } + return super.canActivate(context); + } +} diff --git a/back/src/genre/genre.controller.ts b/back/src/genre/genre.controller.ts index 24779e5..d2bd818 100644 --- a/back/src/genre/genre.controller.ts +++ b/back/src/genre/genre.controller.ts @@ -27,10 +27,11 @@ import { Genre as _Genre } from "src/_gen/prisma-class/genre"; import { IncludeMap, mapInclude } from "src/utils/include"; import { Public } from "src/auth/public"; import { AuthGuard } from "@nestjs/passport"; +import { ChromaAuthGuard } from "src/auth/chroma-auth.guard"; @Controller("genre") @ApiTags("genre") -@UseGuards(AuthGuard(["jwt", "api-key"])) +@UseGuards(ChromaAuthGuard) export class GenreController { static filterableFields: string[] = ["+id", "name"]; static includableFields: IncludeMap = { diff --git a/back/src/lesson/lesson.controller.ts b/back/src/lesson/lesson.controller.ts index 97ce9c2..d18ec3b 100644 --- a/back/src/lesson/lesson.controller.ts +++ b/back/src/lesson/lesson.controller.ts @@ -22,6 +22,7 @@ import { Lesson as _Lesson } from "src/_gen/prisma-class/lesson"; import { IncludeMap, mapInclude } from "src/utils/include"; import { Request } from "express"; import { AuthGuard } from "@nestjs/passport"; +import { ChromaAuthGuard } from "src/auth/chroma-auth.guard"; export class Lesson { @ApiProperty() @@ -38,7 +39,7 @@ export class Lesson { @ApiTags("lessons") @Controller("lesson") -@UseGuards(AuthGuard(["jwt", "api-key"])) +@UseGuards(ChromaAuthGuard) export class LessonController { static filterableFields: string[] = [ "+id", diff --git a/back/src/song/song.controller.ts b/back/src/song/song.controller.ts index 18e3af5..e51131e 100644 --- a/back/src/song/song.controller.ts +++ b/back/src/song/song.controller.ts @@ -39,6 +39,7 @@ import { SongHistory } from "src/_gen/prisma-class/song_history"; import { IncludeMap, mapInclude } from "src/utils/include"; import { Public } from "src/auth/public"; import { AuthGuard } from "@nestjs/passport"; +import { ChromaAuthGuard } from "src/auth/chroma-auth.guard"; class SongHistoryResult { @ApiProperty() best: number; @@ -48,7 +49,7 @@ class SongHistoryResult { @Controller("song") @ApiTags("song") -@UseGuards(AuthGuard(["jwt", "api-key"])) +@UseGuards(ChromaAuthGuard) export class SongController { static filterableFields: string[] = [ "+id",