Draft Mode inkl. Token implementiert

bizmatch-server/src/jwt.strategy.ts

@@ -1,11 +1,14 @@
 import { Injectable, UnauthorizedException } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
 import { PassportStrategy } from '@nestjs/passport';
 import { passportJwtSecret } from 'jwks-rsa';
 import { ExtractJwt, Strategy } from 'passport-jwt';
+import { JwtUser } from './models/main.model';
 
 @Injectable()
 export class JwtStrategy extends PassportStrategy(Strategy) {
-  constructor() {
+  constructor(configService: ConfigService) {
+    const realm = configService.get<string>('REALM');
     super({
       jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
       ignoreExpiration: false,
@@ -13,15 +16,16 @@ export class JwtStrategy extends PassportStrategy(Strategy) {
         cache: true,
         rateLimit: true,
         jwksRequestsPerMinute: 5,
-        jwksUri: 'https://auth.bizmatch.net/realms/dev/protocol/openid-connect/certs',
+        jwksUri: `https://auth.bizmatch.net/realms/${realm}/protocol/openid-connect/certs`,
       }),
       audience: 'account', // Keycloak Client ID
-      issuer: 'https://auth.bizmatch.net/realms/dev',
+      authorize: '',
+      issuer: `https://auth.bizmatch.net/realms/${realm}`,
       algorithms: ['RS256'],
     });
   }
 
-  async validate(payload: any) {
+  async validate(payload: any): Promise<JwtUser> {
     console.log('JWT Payload:', payload); // Debugging: JWT Payload anzeigen
     if (!payload) {
       console.error('Invalid payload');