|
|
|
## USER
|
|
|
|
|
|
|
|
User-folder follows the usual logic for the most part, containing a controller, a service, a DTO and an entity file. The exception being the user.decorator file, which is used to pass user information to services.
|
|
|
|
|
|
|
|
## user.controller.ts
|
|
|
|
|
|
|
|
Contains three routes, which are all prefixed with url `user`.
|
|
|
|
|
|
|
|
`@UsePipes(new ValidationPipe())` validates the request's body, and is located in the `shared` folder.
|
|
|
|
|
|
|
|
`@UseGuards(new AuthGuard())` validates the user's token sent in the authorization header, and is also located in the `shared` folder.
|
|
|
|
|
|
|
|
### register, POST /user/register
|
|
|
|
|
|
|
|
- Body must contain a UserDTO JSON-object as specified in `user.dto.ts`:
|
|
|
|
|
|
|
|
```
|
|
|
|
{
|
|
|
|
name: string;
|
|
|
|
password: string;
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
`name` is limited between 3 and 31 characters, while the `password` value can be up to 255 characters long.
|
|
|
|
|
|
|
|
### login, POST /user/login
|
|
|
|
|
|
|
|
- Body must contain a UserDTO JSON-object as specified in `user.dto.ts`:
|
|
|
|
|
|
|
|
```
|
|
|
|
{
|
|
|
|
name: string;
|
|
|
|
password: string;
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
`name` is limited between 3 and 31 characters, while the `password` value can be up to 255 characters long.
|
|
|
|
|
|
|
|
### token verify, GET /user/verify
|
|
|
|
|
|
|
|
- Must be sent with authorization header containing a Bearer token.
|
|
|
|
|
|
|
|
Will return true if the token is valid (passes the AuthGuard validation)
|
|
|
|
|
|
|
|
## user.service.ts
|
|
|
|
|
|
|
|
Contains two services, one for registeration and one for login.
|
|
|
|
|
|
|
|
### register(data: UserDTO)
|
|
|
|
|
|
|
|
- If a user is already created with the same username, throws an exception, which is handled by `http-error.filter.ts` located in `shared` folder.
|
|
|
|
|
|
|
|
- Else creates a new user with UserDTO information
|
|
|
|
|
|
|
|
- Returns the user's name and the JWT-token used for verifying the user's identity
|
|
|
|
|
|
|
|
### login(data: UserDTO)
|
|
|
|
|
|
|
|
- Compares the username to database, throws an exception is username is not found
|
|
|
|
|
|
|
|
- Compares the password to the database's one, throws and exception if the password is invalid
|
|
|
|
|
|
|
|
- Else returns the user's name and the JWT-token used for verifying the user's identity
|
|
|
|
|
|
|
|
## user.entity.ts
|
|
|
|
|
|
|
|
Reflects the datababse table for users. Contains the username, the hashed person and possible relations to the Game_Person table.
|
|
|
|
|
|
|
|
With `@Exclude()` decorator it's possible to exclude certain columns from the response object. You need to use `@UseInterceptors(ClassSerializerInterceptor)` decorator in the controller for it to work.
|
|
|
|
|
|
|
|
`@BeforeInsert()` decorator executes some code before the data is inserted in the database. In this case, we want to hash the password so we don't store it in plain text.
|
|
|
|
|
|
|
|
It's also possible to define functions, which can be called from services. An example here is the `tokenObject` function, which is used in register and login services to return only the user's name and the JWT-token.
|
|
|
|
|
|
|
|
## user.decorator.ts
|
|
|
|
|
|
|
|
The AuthGuard located in shared folder verifies the user's token. If the validation passes, it splits the token and stores the information from the token to the request object. This way, the data can be accessed in services. User decorator is mainly used to get the user's UUID. The decorator is called in controllers, which passes it to the services.
|
|
|
|
|
|
|
|
```
|
|
|
|
@Post('example')
|
|
|
|
@UseGuards(new AuthGuard())
|
|
|
|
async newGame(@User('id') userId, @Body() data) {
|
|
|
|
return this.exampleservice.examplefunction(person, body);
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
**Routes using the `@User` decorator MUST use the AuthGuard decorator!** |
