nestjs-supabase-auth
nestjs-supabase-auth copied to clipboard
hiro1107
Update supabase-js to latest version -> fixed https://github.com/hiro1107/nestjs-supabase-auth/issues/7 + Code cleanup
I've updated supbabase-js to the latest version to resolve this bug (https://github.com/hiro1107/nestjs-supabase-auth/issues/7). Also I cleaned up the code, hence removed the validateSupabaseResponse function and put the code directly into the validate function.
Looks like this repo maybe stale, it's worth trying to make a fork the canonical / active version of the package. We might be able to reach out to NPM to swap owners of the library, or we could just publish it as a new package. Thoughts?
@gamedevsam Created my own guard if someone needs it:
auth.guard.ts
@Injectable()
export class GqlAuthGuard implements CanActivate {
public async canActivate(context: ExecutionContext): Promise<boolean> {
const ctx = GqlExecutionContext.create(context);
const request = ctx.getContext().req as GraphQLRequest;
const { authorization } = request.headers;
if (!authorization || authorization.trim() === '') {
throw new UnauthorizedException('Missing authorization header');
}
const jwt = authorization.replace(/bearer/gim, '').trim();
const { data, error } = await supabase.auth.getUser(jwt);
if (error) {
throw new UnauthorizedException('Invalid or expired token');
}
request.user = data.user;
return true;
}
}
auth.decorator.ts
import { createParamDecorator, ExecutionContext } from '@nestjs/common';
import { GqlExecutionContext } from '@nestjs/graphql';
export const GqlAuthUser = createParamDecorator(
(_data: unknown, context: ExecutionContext) => {
const ctx = GqlExecutionContext.create(context);
return ctx.getContext().req?.user;
},
);
fyi supabase is created in another folder Feel free to ping me if needed !
@tgirotto Thank you for creating the PR, and I'm sorry it took such a long time to review. I plan to add another maintener to this repo so the repo will be keep updated.
