#How to access response headers during Strategy validate?

Actually i need to set a header fater jwt strategy validate, anyone know how do i do that? (bellow is my jwt.strategy.ts)

import { ExecutionContext, ForbiddenException, Injectable, UnauthorizedException } from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { PassportStrategy } from "@nestjs/passport";
import { ExtractJwt, Strategy } from "passport-jwt";

import { AuthService } from "../auth.service";
import { jwtConstants } from "../constants";
import { JwtAuthDto } from "src/dtos";
import { HttpArgumentsHost } from "@nestjs/common/interfaces";


@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy){

    constructor(private authService:AuthService){
        super({
            jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
            ignoreExpiration:false,
            secretOrKey: jwtConstants.secret
        });
    }
    
    async validate(payload:JwtAuthDto){
        const isValid = await this.authService.validateUserByInformationsInPayload(payload);
        
        //*** I need to set a response header HERE ***//
        if (isValid)
            return payload;
        else
            throw new UnauthorizedException();
    }
}

passReqToCallback: true in super() call. The request object will then be the first parameter of the validate method

but how can i set the response header there? @worldly flame

Oh, reponse, sorry I got mistaken.

Hm, I don't think there's an easy way. What is the use-case?

after all authorized requests i need to send a new jwt token in 'refreshed-token' header

i saw that i can use canActive in jwt guard, but i need to set after jwt validation

canActivate is executed before passport validation

You need to do this in every request? This is usually implemented via a 'refresh' endpoint, where the client can obtain a new access token.

yes, in this application i need to do after all authorized request :/

Can you do it with an interceptor instead?

Or does it need to happen in the strategy?

One way would be to dump passport altogether (it does not do much other than confuse people) and implement your own jwt guard from scratch. There you can access the response from the context just fine

https://trilon.io/blog/nestjs-authentication-without-passport

I thought in that possibility, but how can i guarantee the request was authorized in interceptor?

import { ExecutionContext, Injectable } from "@nestjs/common";
import { HttpArgumentsHost } from "@nestjs/common/interfaces";
import { AuthGuard } from "@nestjs/passport";
import { Observable } from "rxjs";


@Injectable()
export class JwtAuthGuard extends AuthGuard('jwt'){

    canActivate(context: ExecutionContext): boolean | Promise<boolean> | Observable<boolean> {
        const test:HttpArgumentsHost = context.switchToHttp()
        test.getResponse().setHeader('aaa','aaa')
        return super.canActivate(context)
    }

}

i was thinking in something like that

Well, if the guard rejects the request, it does not even make it into the interceptor

ooooh, if guard reject the request, dont execute the interceptor?

Yep. Check out this: https://docs.nestjs.com/faq/request-lifecycle#summary

i was thinking that the interceptor is executed even after be rejected by the guard

so the interceptor is the best solution for this case

thanks for the time brother!

other doubt @worldly flame , do you know some way to get the user informations in interceptor to create the jwt?

ooh, i found a way to do that