Class: JwtStrategy
Defined in: packages/web-backend/src/auth/strategies/jwt.strategy.ts:48
- The JWT Strategy (AuthGuard('jwt')) is going to extract the 'Authorization' property from the request header. The Authorization property has the format: 'JWT <token>'. This <token> is extracted and then the expiration is checked (the token expires 24 hours after it is generated). The encrypted information (the User object) from the token is decrypted using a 'secret key' known by the user only. The secret key is set as an environment variable ('UNSAFE_JWT_SECRET_KEY'). For dev envs, find it in '.develop.env'.
- After decrypting the User object, it is sent to the validate function where the User data (userID, username, email) is separated.
Extends
Strategy<this> &PassportStrategyMixin<unknown,this>
Constructors
Constructor
new JwtStrategy(
configService):JwtStrategy
Defined in: packages/web-backend/src/auth/strategies/jwt.strategy.ts:53
Configure the JWT Passport strategy from configuration.
Parameters
configService
ConfigService
Nest configuration provider used to read JWT secret sources.
Returns
JwtStrategy
Overrides
PassportStrategy(Strategy, "jwt").constructor
Methods
validate()
validate(
payload):object
Defined in: packages/web-backend/src/auth/strategies/jwt.strategy.ts:67
Validate decoded JWT payload and coerce types.
Parameters
payload
JwtPayload
Decoded JWT claims.
Returns
object
Minimal user object with id, username, and email.
email
email:
string
user_id
user_id:
number
username
username:
string
Overrides
PassportStrategy(Strategy, "jwt").validate