einbau von rollen, neue Admin Ansicht

2025-03-08 11:18:31 +01:00
parent dded8b8ca9
commit 5a56b3554d
29 changed files with 788 additions and 426 deletions
--- a/bizmatch-server/src/jwt-auth/auth.guard.ts
+++ b/bizmatch-server/src/jwt-auth/auth.guard.ts
@@ -4,53 +4,39 @@ import * as admin from 'firebase-admin';
@Injectable()
 export class AuthGuard implements CanActivate {
  constructor(
-    @Inject('FIREBASE_ADMIN')
-    private readonly firebaseAdmin: typeof admin,
+    @Inject('FIREBASE_ADMIN') private firebaseAdmin: admin.app.App,
  ) {}

  async canActivate(context: ExecutionContext): Promise<boolean> {
-    const request = context.switchToHttp().getRequest<Request>();
-    const token = this.extractTokenFromHeader(request);
+    const request = context.switchToHttp().getRequest();
+    const authHeader = request.headers.authorization;

-    if (!token) {
-      throw new UnauthorizedException('No token provided');
+    if (!authHeader || !authHeader.startsWith('Bearer ')) {
+      throw new UnauthorizedException('Missing or invalid authorization token');
    }

+    const token = authHeader.split('Bearer ')[1];
+
    try {
      const decodedToken = await this.firebaseAdmin.auth().verifyIdToken(token);
-      request['user'] = decodedToken;
+      
+      // Check if email is verified (optional but recommended)
+      if (!decodedToken.email_verified) {
+        throw new UnauthorizedException('Email not verified');
+      }
+
+      // Add the user to the request
+      request.user = {
+        uid: decodedToken.uid,
+        email: decodedToken.email,
+        role: decodedToken.role || null,
+        // Add other user info as needed
+      };
+
      return true;
    } catch (error) {
      throw new UnauthorizedException('Invalid token');
    }
  }
-
-  private extractTokenFromHeader(request: Request): string | undefined {
-    const [type, token] = request.headers['authorization']?.split(' ') ?? [];
-    return type === 'Bearer' ? token : undefined;
-  }
 }
-// @Injectable()
-// export class AuthGuard implements CanActivate {
-//   async canActivate(context: ExecutionContext): Promise<boolean> {
-//     const request = context.switchToHttp().getRequest<Request>();
-//     const token = this.extractTokenFromHeader(request);

-//     if (!token) {
-//       throw new UnauthorizedException('No token provided');
-//     }
-
-//     try {
-//       const decodedToken = await admin.auth().verifyIdToken(token);
-//       request['user'] = decodedToken; // Fügen Sie die Benutzerdaten dem Request-Objekt hinzu
-//       return true;
-//     } catch (error) {
-//       throw new UnauthorizedException('Invalid token');
-//     }
-//   }
-
-//   private extractTokenFromHeader(request: Request): string | undefined {
-//     const [type, token] = request.headers['authorization']?.split(' ') ?? [];
-//     return type === 'Bearer' ? token : undefined;
-//   }
-// }