admin管理员组文章数量:1344545
My app has two JWT based strategies:
- Single sign on for my organization and its members. An external provider creates a JWT for this case.
- Email/Password authenticated external users. My app creates a JWT for this case.
On any given route, I only need one of these to succeed to allow access. The problem is that if multiple guards are declared, then ALL guards must succeed.
For example, this would require both guards to succeed, but only one will ever succeed.
@UseGuards(AuthGuard('local-jwt'))
@UseGuards(AuthGuard('azure-ad'))
someRoute(
@CurrentUser currentUser: User,
) {
//...
}
On this issue, I found this snippet:
@Injectable()
export class ComposeGuard implements CanActivate {
constructor(private allowGuard: AllowGuard, private authGuard: AuthGuard, private roleGuard: RoleGuard) {
}
async canActivate(context: ExecutionContext): Promise<boolean> {
return await this.allowGuard.canActivate(context) || (await this.authGuard.canActivate(context) && await this.roleGuard.canActivate(context));
}
}
This seems to allow the custom logic I need, but I have no idea how to import the guards as dependencies. A guard does not seem to be a class, so it's valid for dependency injection. And a strategy is a class, but does not have a canActivate method.
The other option I found was to make one strategy inherit from the other. But that's an ugly semantic mess since they are parallel, and do not depend on one another at all.
My app has two JWT based strategies:
- Single sign on for my organization and its members. An external provider creates a JWT for this case.
- Email/Password authenticated external users. My app creates a JWT for this case.
On any given route, I only need one of these to succeed to allow access. The problem is that if multiple guards are declared, then ALL guards must succeed.
For example, this would require both guards to succeed, but only one will ever succeed.
@UseGuards(AuthGuard('local-jwt'))
@UseGuards(AuthGuard('azure-ad'))
someRoute(
@CurrentUser currentUser: User,
) {
//...
}
On this issue, I found this snippet:
@Injectable()
export class ComposeGuard implements CanActivate {
constructor(private allowGuard: AllowGuard, private authGuard: AuthGuard, private roleGuard: RoleGuard) {
}
async canActivate(context: ExecutionContext): Promise<boolean> {
return await this.allowGuard.canActivate(context) || (await this.authGuard.canActivate(context) && await this.roleGuard.canActivate(context));
}
}
This seems to allow the custom logic I need, but I have no idea how to import the guards as dependencies. A guard does not seem to be a class, so it's valid for dependency injection. And a strategy is a class, but does not have a canActivate method.
The other option I found was to make one strategy inherit from the other. But that's an ugly semantic mess since they are parallel, and do not depend on one another at all.
Share Improve this question asked Jan 26, 2021 at 23:46 Alex WayneAlex Wayne 187k52 gold badges328 silver badges360 bronze badges1 Answer
Reset to default 10According to this pull request you can use @UseGuards(AuthGuard(['strategy1', 'strategy2'])) passport will run through the first strategy, if that fails it will go through strategy2, up to strategyN. If there is an error running the strategy then it will fast fail.
本文标签: javascriptNest JS GuardsUse one of two strategiesStack Overflow
版权声明:本文标题:javascript - Nest JS Guards - Use one of two strategies - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1743799654a2541071.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论