CODEWITHSUNDEEP
jwtnestjspassport.js
Adebowale Mujeeb
Adebowale Mujeeb

Reputation: 21

How do i get the access token in validate method before passport callback decodes?

export class JwtStrategy extends PassportStrategy(Strategy) {
    
    constructor(private readonly accountService: AccountService,
        @InjectRepository(BlacklistRepository) private blacklistRepository: BlacklistRepository,
        private readonly customerService: CustomerService,
    ) {
        super({
            jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
            // ignoreExpiration: true,
            secretOrKey: config['jhipster.security.authentication.jwt.base64-secret'],
        });
    }

    async validate(payload: Payload, done: VerifiedCallback): Promise<any> {
        
        console.log(accessToken) // i need it here as 'Bearer e*****.....'
     
        if (!user) {
            return done(new UnauthorizedException({ message: 'user does not exist' }), false);
        }
        return done(null, user);
    }
}

I need to get the access token in validate method to check for revoked token in database.

Upvotes: 1

Views: 1623

Answers (1)

Jay McDoniel
Jay McDoniel

Reputation: 70510

There's no way to get to validate without passport first decoding the token and validating it. However you can add passReqToCallback: true to the super options in the constructor and then req will be the first parameter of the validate method and you can do const authHeader = req.headers['authorization'] to get the raw bearer token

@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy) {

  constructor(private readonly accountService: AccountService,
    @InjectRepository(BlacklistRepository) private blacklistRepository: BlacklistRepository,
    private readonly customerService: CustomerService,
) {
    super({
        jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
        // ignoreExpiration: true,
        secretOrKey: config['jhipster.security.authentication.jwt.base64-secret'],
        passReqToCallback: true
    });
  }

  async validate(req: express.Request, payload: Payload, done: VerifiedCallback): Promise<any> {
    const accessToken = req.headers['authorization'];
    console.log(accessToken) // i need it here as 'Bearer e*****.....'
 
    if (!user) {
        return done(new UnauthorizedException({ message: 'user does not exist' }), false);
    }
    return done(null, user);
  }

}

Upvotes: 5

Related Questions