feat: jwt authentication

javiruiz27 · Dec 18, 2024 · 365d68d · 365d68d
1 parent 1999934
commit 365d68d
Show file tree

Hide file tree

Showing 7 changed files with 45 additions and 37 deletions.
diff --git a/apps/auth/src/main.ts b/apps/auth/src/main.ts
@@ -1,29 +1,23 @@
 import koa from 'koa';
-import router from "./routes";
+import router from './routes';
 import bodyParser from 'koa-bodyparser';
-import cors from "koa-cors"
-import jwtMiddleware from 'koa-jwt';
-
+import cors from 'koa-cors';
 
 const host = process.env.HOST ?? 'localhost';
 const port = process.env.PORT ? Number(process.env.PORT) : 8080;
-const secretKey = 'your-secret-key';
 
 const app = new koa();
-app.use(cors({
-  origin: '*',
-  credentials: true,
-  headers: ['Content-Type', 'Authorization'],
-  methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS']
-}));
-app.use(jwtMiddleware({
-  secret: secretKey,
-  passthrough: true,
-}));
-app.use(bodyParser())
+app.use(
+  cors({
+    origin: '*',
+    credentials: true,
+    headers: ['Content-Type', 'Authorization'],
+    methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
+  })
+);
+app.use(bodyParser());
 app.use(router.routes()).use(router.allowedMethods());
 
 app.listen(port, host, () => {
   console.log(`[ ready ] http://${host}:${port}`);
 });
-
diff --git a/apps/auth/src/middlewares/index.ts b/apps/auth/src/middlewares/index.ts
@@ -0,0 +1 @@
+export * from './jwt';
diff --git a/apps/auth/src/middlewares/jwt.ts b/apps/auth/src/middlewares/jwt.ts
@@ -0,0 +1,6 @@
+import koaJwt from 'koa-jwt';
+import { jwtSecret } from '../utils';
+
+export const jwtVal = koaJwt({
+  secret: jwtSecret, // Should not be hardcoded
+});
diff --git a/apps/auth/src/routes.ts b/apps/auth/src/routes.ts
@@ -1,13 +1,19 @@
 import koaRouter from 'koa-router';
 import jwt from 'jsonwebtoken';
 import { generateOTP, sendOTPEmail } from '@onboarding/otp/feature';
+import { jwtSecret } from './utils';
+import { jwtVal } from './middlewares/index';
 
 const router = new koaRouter();
 
 router.get('hello', '/', (ctx) => {
   ctx.body = '<h1>Hello</h1>';
 });
 
+router.get('/data', jwtVal, async (ctx) => {
+  ctx.body = '<h1>hh</h1>';
+});
+
 router.post('/otp/generate', async (ctx, next) => {
   const otp = generateOTP(2);
   const { email } = ctx.request.body;
@@ -25,15 +31,14 @@ router.post('/otp/verify', async (ctx, next) => {
   const storedOtp = ctx.app.user?.otp ?? ''; // retrieve stored OTP
 
   if (userOtp === storedOtp) {
-    const token = jwt.sign({ user: email }, 'your-secret-key', {
+    const token = jwt.sign({ user: email }, jwtSecret, {
       expiresIn: '1h',
     });
     ctx.body = { token };
   } else {
     ctx.status = 401;
     ctx.body = { error: 'Invalid OTP' };
   }
-
   next();
 });
 

diff --git a/apps/auth/src/utils/config.ts b/apps/auth/src/utils/config.ts
@@ -0,0 +1 @@
+export const jwtSecret = 'n6dHKHspDp';
diff --git a/apps/auth/src/utils/index.ts b/apps/auth/src/utils/index.ts
@@ -0,0 +1 @@
+export * from './config';
diff --git a/libs/otp/feature/src/nodemailer.ts b/libs/otp/feature/src/nodemailer.ts
@@ -1,20 +1,20 @@
-import { createTransport } from "nodemailer";
+import { createTransport } from 'nodemailer';
 
 export const sendOTPEmail = async (email, otp) => {
-    const transporter = createTransport({
-      service: 'gmail',
-      auth: {
-        user: '[email protected]',
-        pass: 'tlrq fspt ecvu rcmi',
-      },
-    });
-  
-    const mailOptions = {
-      from: '[email protected]',
-      to: email,
-      subject: 'Your OTP Code',
-      text: `Your OTP code is ${otp}`,
-    };
-  
-    await transporter.sendMail(mailOptions);
-  };
+  const transporter = createTransport({
+    service: 'gmail',
+    auth: {
+      user: '[email protected]',
+      pass: '',
+    },
+  });
+
+  const mailOptions = {
+    from: '[email protected]',
+    to: email,
+    subject: 'Your OTP Code',
+    text: `Your OTP code is ${otp}`,
+  };
+
+  await transporter.sendMail(mailOptions);
+};