refactor: 完成项目整体目录重构与路径别名配置
1. 重构项目文件结构,统一文件存放位置与命名规则 2. 配置tsconfig路径别名,替换原有相对路径导入 3. 迁移drama-status枚举到dramas.types统一管理 4. 新增全局配置文件与工具类,补充完整注释与文档 5. 修复所有导入路径与依赖引用问题
This commit is contained in:
@@ -1,53 +1,51 @@
|
||||
import {
|
||||
CanActivate,
|
||||
ExecutionContext,
|
||||
Injectable,
|
||||
UnauthorizedException,
|
||||
} from '@nestjs/common';
|
||||
import { JwtService } from '@nestjs/jwt';
|
||||
import { Request } from 'express';
|
||||
import { AdminUserRecord } from '../interfaces/admin-records.interface';
|
||||
import { AdminService } from '../admin.service';
|
||||
/**
|
||||
* AdminJwtAuth guard.
|
||||
* @file 管理端 JWT 认证守卫
|
||||
* @module guards/admin-jwt-auth.guard
|
||||
* @author zhxiao1124
|
||||
*/
|
||||
|
||||
import { CanActivate, ExecutionContext, Injectable, UnauthorizedException } from "@nestjs/common";
|
||||
import { JwtService } from "@nestjs/jwt";
|
||||
import { Request } from "express";
|
||||
import { AdminUserRecord } from "@src/admin/admin.types";
|
||||
import { AdminService } from "@src/admin/admin.service";
|
||||
|
||||
@Injectable()
|
||||
export class AdminJwtAuthGuard implements CanActivate {
|
||||
constructor(
|
||||
private readonly jwtService: JwtService,
|
||||
private readonly adminService: AdminService,
|
||||
) {}
|
||||
constructor(
|
||||
private readonly jwtService: JwtService,
|
||||
private readonly adminService: AdminService,
|
||||
) {}
|
||||
|
||||
async canActivate(context: ExecutionContext): Promise<boolean> {
|
||||
const request = context
|
||||
.switchToHttp()
|
||||
.getRequest<Request & { adminUser?: AdminUserRecord; adminId?: number }>();
|
||||
const authHeader = request.get('authorization');
|
||||
const token = authHeader?.startsWith('Bearer ')
|
||||
? authHeader.slice('Bearer '.length)
|
||||
: undefined;
|
||||
async canActivate(context: ExecutionContext): Promise<boolean> {
|
||||
const request = context.switchToHttp().getRequest<Request & { adminUser?: AdminUserRecord; adminId?: number }>();
|
||||
const authHeader = request.get("authorization");
|
||||
const token = authHeader?.startsWith("Bearer ") ? authHeader.slice("Bearer ".length) : undefined;
|
||||
|
||||
if (!token) {
|
||||
throw new UnauthorizedException('Admin not authenticated');
|
||||
if (!token) {
|
||||
throw new UnauthorizedException("Admin not authenticated");
|
||||
}
|
||||
|
||||
try {
|
||||
const payload = await this.jwtService.verifyAsync<{
|
||||
sub: number;
|
||||
type: string;
|
||||
}>(token);
|
||||
if (payload.type !== "admin") {
|
||||
throw new UnauthorizedException("Admin not authenticated");
|
||||
}
|
||||
|
||||
const adminUser = await this.adminService.findAdminById(payload.sub);
|
||||
if (!adminUser || adminUser.status !== "active") {
|
||||
throw new UnauthorizedException("Admin not authenticated");
|
||||
}
|
||||
|
||||
request.adminUser = adminUser;
|
||||
request.adminId = adminUser.id;
|
||||
return true;
|
||||
} catch {
|
||||
throw new UnauthorizedException("Admin not authenticated");
|
||||
}
|
||||
}
|
||||
|
||||
try {
|
||||
const payload = await this.jwtService.verifyAsync<{
|
||||
sub: number;
|
||||
type: string;
|
||||
}>(token);
|
||||
if (payload.type !== 'admin') {
|
||||
throw new UnauthorizedException('Admin not authenticated');
|
||||
}
|
||||
|
||||
const adminUser = await this.adminService.findAdminById(payload.sub);
|
||||
if (!adminUser || adminUser.status !== 'active') {
|
||||
throw new UnauthorizedException('Admin not authenticated');
|
||||
}
|
||||
|
||||
request.adminUser = adminUser;
|
||||
request.adminId = adminUser.id;
|
||||
return true;
|
||||
} catch {
|
||||
throw new UnauthorizedException('Admin not authenticated');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,42 +1,42 @@
|
||||
import {
|
||||
CanActivate,
|
||||
ExecutionContext,
|
||||
Injectable,
|
||||
UnauthorizedException,
|
||||
} from '@nestjs/common';
|
||||
import { JwtService } from '@nestjs/jwt';
|
||||
import { Request } from 'express';
|
||||
import { UsersService } from '../../users/users.service';
|
||||
/**
|
||||
* JwtAuth guard.
|
||||
* @file 用户端 JWT 认证守卫
|
||||
* @module guards/jwt-auth.guard
|
||||
* @author zhxiao1124
|
||||
*/
|
||||
|
||||
import { CanActivate, ExecutionContext, Injectable, UnauthorizedException } from "@nestjs/common";
|
||||
import { JwtService } from "@nestjs/jwt";
|
||||
import { Request } from "express";
|
||||
import { UsersService } from "@src/users/users.service";
|
||||
|
||||
@Injectable()
|
||||
export class JwtAuthGuard implements CanActivate {
|
||||
constructor(
|
||||
private readonly jwtService: JwtService,
|
||||
private readonly usersService: UsersService,
|
||||
) {}
|
||||
constructor(
|
||||
private readonly jwtService: JwtService,
|
||||
private readonly usersService: UsersService,
|
||||
) {}
|
||||
|
||||
async canActivate(context: ExecutionContext): Promise<boolean> {
|
||||
const request = context.switchToHttp().getRequest<Request & { user?: unknown }>();
|
||||
const authHeader = request.get('authorization');
|
||||
const token = authHeader?.startsWith('Bearer ')
|
||||
? authHeader.slice('Bearer '.length)
|
||||
: undefined;
|
||||
async canActivate(context: ExecutionContext): Promise<boolean> {
|
||||
const request = context.switchToHttp().getRequest<Request & { user?: unknown }>();
|
||||
const authHeader = request.get("authorization");
|
||||
const token = authHeader?.startsWith("Bearer ") ? authHeader.slice("Bearer ".length) : undefined;
|
||||
|
||||
if (!token) {
|
||||
throw new UnauthorizedException('Not authenticated');
|
||||
if (!token) {
|
||||
throw new UnauthorizedException("Not authenticated");
|
||||
}
|
||||
|
||||
try {
|
||||
const payload = await this.jwtService.verifyAsync<{ sub: number }>(token);
|
||||
const user = await this.usersService.findById(payload.sub);
|
||||
if (!user || user.status !== "active") {
|
||||
throw new UnauthorizedException("Not authenticated");
|
||||
}
|
||||
|
||||
request.user = user;
|
||||
return true;
|
||||
} catch {
|
||||
throw new UnauthorizedException("Not authenticated");
|
||||
}
|
||||
}
|
||||
|
||||
try {
|
||||
const payload = await this.jwtService.verifyAsync<{ sub: number }>(token);
|
||||
const user = await this.usersService.findById(payload.sub);
|
||||
if (!user || user.status !== 'active') {
|
||||
throw new UnauthorizedException('Not authenticated');
|
||||
}
|
||||
|
||||
request.user = user;
|
||||
return true;
|
||||
} catch {
|
||||
throw new UnauthorizedException('Not authenticated');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,54 +1,49 @@
|
||||
import { CanActivate, ExecutionContext, ForbiddenException, Injectable } from '@nestjs/common';
|
||||
import { Reflector } from '@nestjs/core';
|
||||
import { Request } from 'express';
|
||||
import {
|
||||
REQUIRED_PERMISSIONS_METADATA,
|
||||
} from '../decorators/require-permissions.decorator';
|
||||
import { AdminUserRecord } from '../interfaces/admin-records.interface';
|
||||
import { AdminService } from '../admin.service';
|
||||
/**
|
||||
* Permissions guard.
|
||||
* @file 管理端权限校验守卫
|
||||
* @module guards/permissions.guard
|
||||
* @author zhxiao1124
|
||||
*/
|
||||
|
||||
import { CanActivate, ExecutionContext, ForbiddenException, Injectable } from "@nestjs/common";
|
||||
import { Reflector } from "@nestjs/core";
|
||||
import { Request } from "express";
|
||||
import { REQUIRED_PERMISSIONS_METADATA } from "@app/decorators/require-permissions.decorator";
|
||||
import { AdminUserRecord } from "@src/admin/admin.types";
|
||||
import { AdminService } from "@src/admin/admin.service";
|
||||
|
||||
@Injectable()
|
||||
export class PermissionsGuard implements CanActivate {
|
||||
constructor(
|
||||
private readonly reflector: Reflector,
|
||||
private readonly adminService: AdminService,
|
||||
) {}
|
||||
constructor(
|
||||
private readonly reflector: Reflector,
|
||||
private readonly adminService: AdminService,
|
||||
) {}
|
||||
|
||||
async canActivate(context: ExecutionContext): Promise<boolean> {
|
||||
const required =
|
||||
this.reflector.getAllAndOverride<string[]>(
|
||||
REQUIRED_PERMISSIONS_METADATA,
|
||||
[context.getHandler(), context.getClass()],
|
||||
) ?? [];
|
||||
async canActivate(context: ExecutionContext): Promise<boolean> {
|
||||
const required = this.reflector.getAllAndOverride<string[]>(REQUIRED_PERMISSIONS_METADATA, [context.getHandler(), context.getClass()]) ?? [];
|
||||
|
||||
if (required.length === 0) {
|
||||
return true;
|
||||
if (required.length === 0) {
|
||||
return true;
|
||||
}
|
||||
|
||||
const request = context.switchToHttp().getRequest<Request & { adminUser?: AdminUserRecord }>();
|
||||
const adminUser = request.adminUser;
|
||||
|
||||
if (!adminUser) {
|
||||
throw new ForbiddenException("No permission");
|
||||
}
|
||||
|
||||
if (adminUser.isSuperAdmin) {
|
||||
return true;
|
||||
}
|
||||
|
||||
const permissions = await this.adminService.getPermissionCodesForAdmin(adminUser.id);
|
||||
const allowed = required.every((permission) => permissions.includes(permission));
|
||||
|
||||
if (!allowed) {
|
||||
throw new ForbiddenException("No permission");
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
const request = context
|
||||
.switchToHttp()
|
||||
.getRequest<Request & { adminUser?: AdminUserRecord }>();
|
||||
const adminUser = request.adminUser;
|
||||
|
||||
if (!adminUser) {
|
||||
throw new ForbiddenException('No permission');
|
||||
}
|
||||
|
||||
if (adminUser.isSuperAdmin) {
|
||||
return true;
|
||||
}
|
||||
|
||||
const permissions = await this.adminService.getPermissionCodesForAdmin(
|
||||
adminUser.id,
|
||||
);
|
||||
const allowed = required.every((permission) =>
|
||||
permissions.includes(permission),
|
||||
);
|
||||
|
||||
if (!allowed) {
|
||||
throw new ForbiddenException('No permission');
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user