Jayden/AFFiNE-Mirror
1
0
Fork 0
mirror of https://github.com/toeverything/AFFiNE.git synced 2026-02-17 22:37:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

refactor(server): throw Unauthorized instead if user is not signed in (#5746)

Browse Source
This commit is contained in:
liuyi
2024-01-31 02:12:21 +00:00
parent 5f3c04b51e
commit db8e49b046
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
packages/backend/server/src/core/auth/guard.ts
View File

@@ -4,6 +4,7 @@ import {
Inject, Inject,
Injectable, Injectable,
SetMetadata, SetMetadata,
UnauthorizedException,
UseGuards, UseGuards,
} from '@nestjs/common'; } from '@nestjs/common';
import { Reflector } from '@nestjs/core'; import { Reflector } from '@nestjs/core';
@@ -69,6 +70,10 @@ class AuthGuard implements CanActivate {
'isPublic', 'isPublic',
context.getHandler() context.getHandler()
); );
// FIXME(@forehalo): @Publicable() is duplicated with @CurrentUser() user?: User
// ^ optional
// we can prefetch user session in each request even before this `Guard`
// api can be public, but if user is logged in, we can get user info // api can be public, but if user is logged in, we can get user info
const isPublicable = this.reflector.get<boolean>( const isPublicable = this.reflector.get<boolean>(
'isPublicable', 'isPublicable',
@@ -94,7 +99,7 @@ class AuthGuard implements CanActivate {
const { body = {}, cookies, status = 200 } = session; const { body = {}, cookies, status = 200 } = session;
if (!body && !isPublicable) { if (!body && !isPublicable) {
return false; throw new UnauthorizedException('You are not signed in.');
} }
// @ts-expect-error body is user here // @ts-expect-error body is user here