#How to validate dto with class-validator before passing to passportjs AuthGuard

1 messages · Page 1 of 1 (latest)

fading dirge
#

It would be nice if Nest had a pipe like ValidationPipe for Guards

For example, in the second parameter of UseGuards you would pass a specific validation, a data, etc. What do you think about this?

#

And taking advantage of the momentum,

I lose the body configurations that swagger makes when I configure via passport and not simple authguard

my controller is like this

# 
import {
  Controller,
  Get,
  HttpCode,
  HttpStatus,
  Post,
  Request,
  UseGuards,
  UsePipes,
  ValidationPipe,
} from "@nestjs/common";
import {
  ApiBearerAuth,
  ApiOkResponse,
  ApiResponse,
  ApiTags,
} from "@nestjs/swagger";
import { errorResponsePatternStructure } from "src/swagger.config";

import { AuthService } from "./auth.service";
import { JwtAuthGuard } from "./jwt-auth.guard";
import { LocalAuthGuard } from "./local-auth.guard";
import { getProfileApiOkResponse, signInApiOkResponse } from "./swagger.config";
import { ReqAuthUser } from "./types/Req";

@Controller("auth")
@UsePipes(ValidationPipe)
@ApiTags("Auth")
export class AuthController {
  constructor(private readonly authService: AuthService) {}

  @Post("login")
  @UseGuards(LocalAuthGuard)
  @HttpCode(HttpStatus.OK)
  @ApiOkResponse(signInApiOkResponse)
  @ApiResponse(errorResponsePatternStructure)
  async signIn(@Request() req: ReqAuthUser): Promise<{
    accessToken: string;
    userId: number;
    username: string;
  }> {
    return await this.authService.signIn(req.user);
  }

  // :bulb: This route is protected by the AuthGuard
  @Get("test")
  @UseGuards(JwtAuthGuard)
  @ApiBearerAuth("defaultBearerAuth")
  @ApiOkResponse(getProfileApiOkResponse)
  @ApiResponse(errorResponsePatternStructure)
  getProfile(
    @Request()
    req: {
      user: {
        sub: number;
        username: string;
      };
    },
  ): {
    sub: number;
    username: string;
  } {
    return {
      sub: req.user.sub,
      username: req.user.username,
    };
  }
}
#

But in my swagger, I no longer have the DTO or the necessary request body.

fading dirge
#

Well, according to the tests I did here, I came to the conclusion that using passport-local is the biggest waste of time possible that someone can have, besides being unnecessary, it gets in the way. But I'll leave these messages here, others may have similar doubts.