Getting User Data by using Guards (Roles, JWT)











up vote
1
down vote

favorite












The documentation is kinda thin here so I ran into a problem. I try to use Guards to secure Controller or it's Actions, so I gonna ask for the role of authenticated requests (by JWT). In my auth.guard.ts I ask for "request.user" but it's empty, so I can't check the users role. I don't know how to define "request.user". Here is my auth module and it's imports.



auth.controller.ts



import { Controller, Get, UseGuards } from '@nestjs/common';
import { AuthGuard } from '@nestjs/passport';
import { AuthService } from './auth.service';
import { RolesGuard } from './auth.guard';

@Controller('auth')
export class AuthController {
constructor(private readonly authService: AuthService) {}

@Get('token')
async createToken(): Promise<any> {
return await this.authService.signIn();
}

@Get('data')
@UseGuards(RolesGuard)
findAll() {
return { message: 'authed!' };
}
}


roles.guard.ts



Here user.request is empty, because I never define it. The documentation doesn't show how or where.



import { Injectable, CanActivate, ExecutionContext } from '@nestjs/common';
import { Reflector } from '@nestjs/core';

@Injectable()
export class RolesGuard implements CanActivate {
constructor(private readonly reflector: Reflector) {}

canActivate(context: ExecutionContext): boolean {
const roles = this.reflector.get<string>('roles', context.getHandler());
if (!roles) {
return true;
}
const request = context.switchToHttp().getRequest();
const user = request.user; // it's undefined
const hasRole = () =>
user.roles.some(role => !!roles.find(item => item === role));
return user && user.roles && hasRole();
}
}


auth.module.ts



import { Module } from '@nestjs/common';
import { AuthService } from './auth.service';
import { HttpStrategy } from './http.strategy';
import { UserModule } from './../user/user.module';
import { AuthController } from './auth.controller';
import { JwtStrategy } from './jwt.strategy';
import { PassportModule } from '@nestjs/passport';
import { JwtModule } from '@nestjs/jwt';

@Module({
imports: [
PassportModule.register({ defaultStrategy: 'jwt' }),
JwtModule.register({
secretOrPrivateKey: 'secretKey',
signOptions: {
expiresIn: 3600,
},
}),
UserModule,
],
providers: [AuthService, HttpStrategy],
controllers: [AuthController],
})
export class AuthModule {}


auth.service.ts



import { Injectable } from '@nestjs/common';
import { UserService } from '../user/user.service';
import { JwtService } from '@nestjs/jwt';

@Injectable()
export class AuthService {
constructor(
private readonly userService: UserService,
private readonly jwtService: JwtService,
) {}

async signIn(): Promise<object> {
// In the real-world app you shouldn't expose this method publicly
// instead, return a token once you verify user credentials
const user: any = { email: 'user@email.com' };
const token: string = this.jwtService.sign(user);
return { token };
}

async validateUser(payload: any): Promise<any> {
// Validate if token passed along with HTTP request
// is associated with any registered account in the database
return await this.userService.findOneByEmail(payload.email);
}
}


jwt.strategy.ts



import { ExtractJwt, Strategy } from 'passport-jwt';
import { AuthService } from './auth.service';
import { PassportStrategy } from '@nestjs/passport';
import { Injectable, UnauthorizedException } from '@nestjs/common';

@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy) {
constructor(private readonly authService: AuthService) {
super({
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
secretOrKey: 'secretKey',
});
}

async validate(payload: any) {
const user = await this.authService.validateUser(payload);
if (!user) {
throw new UnauthorizedException();
}
return user;
}
}


Documentation: https://docs.nestjs.com/guards



Thanks for any help.










share|improve this question




























    up vote
    1
    down vote

    favorite












    The documentation is kinda thin here so I ran into a problem. I try to use Guards to secure Controller or it's Actions, so I gonna ask for the role of authenticated requests (by JWT). In my auth.guard.ts I ask for "request.user" but it's empty, so I can't check the users role. I don't know how to define "request.user". Here is my auth module and it's imports.



    auth.controller.ts



    import { Controller, Get, UseGuards } from '@nestjs/common';
    import { AuthGuard } from '@nestjs/passport';
    import { AuthService } from './auth.service';
    import { RolesGuard } from './auth.guard';

    @Controller('auth')
    export class AuthController {
    constructor(private readonly authService: AuthService) {}

    @Get('token')
    async createToken(): Promise<any> {
    return await this.authService.signIn();
    }

    @Get('data')
    @UseGuards(RolesGuard)
    findAll() {
    return { message: 'authed!' };
    }
    }


    roles.guard.ts



    Here user.request is empty, because I never define it. The documentation doesn't show how or where.



    import { Injectable, CanActivate, ExecutionContext } from '@nestjs/common';
    import { Reflector } from '@nestjs/core';

    @Injectable()
    export class RolesGuard implements CanActivate {
    constructor(private readonly reflector: Reflector) {}

    canActivate(context: ExecutionContext): boolean {
    const roles = this.reflector.get<string>('roles', context.getHandler());
    if (!roles) {
    return true;
    }
    const request = context.switchToHttp().getRequest();
    const user = request.user; // it's undefined
    const hasRole = () =>
    user.roles.some(role => !!roles.find(item => item === role));
    return user && user.roles && hasRole();
    }
    }


    auth.module.ts



    import { Module } from '@nestjs/common';
    import { AuthService } from './auth.service';
    import { HttpStrategy } from './http.strategy';
    import { UserModule } from './../user/user.module';
    import { AuthController } from './auth.controller';
    import { JwtStrategy } from './jwt.strategy';
    import { PassportModule } from '@nestjs/passport';
    import { JwtModule } from '@nestjs/jwt';

    @Module({
    imports: [
    PassportModule.register({ defaultStrategy: 'jwt' }),
    JwtModule.register({
    secretOrPrivateKey: 'secretKey',
    signOptions: {
    expiresIn: 3600,
    },
    }),
    UserModule,
    ],
    providers: [AuthService, HttpStrategy],
    controllers: [AuthController],
    })
    export class AuthModule {}


    auth.service.ts



    import { Injectable } from '@nestjs/common';
    import { UserService } from '../user/user.service';
    import { JwtService } from '@nestjs/jwt';

    @Injectable()
    export class AuthService {
    constructor(
    private readonly userService: UserService,
    private readonly jwtService: JwtService,
    ) {}

    async signIn(): Promise<object> {
    // In the real-world app you shouldn't expose this method publicly
    // instead, return a token once you verify user credentials
    const user: any = { email: 'user@email.com' };
    const token: string = this.jwtService.sign(user);
    return { token };
    }

    async validateUser(payload: any): Promise<any> {
    // Validate if token passed along with HTTP request
    // is associated with any registered account in the database
    return await this.userService.findOneByEmail(payload.email);
    }
    }


    jwt.strategy.ts



    import { ExtractJwt, Strategy } from 'passport-jwt';
    import { AuthService } from './auth.service';
    import { PassportStrategy } from '@nestjs/passport';
    import { Injectable, UnauthorizedException } from '@nestjs/common';

    @Injectable()
    export class JwtStrategy extends PassportStrategy(Strategy) {
    constructor(private readonly authService: AuthService) {
    super({
    jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
    secretOrKey: 'secretKey',
    });
    }

    async validate(payload: any) {
    const user = await this.authService.validateUser(payload);
    if (!user) {
    throw new UnauthorizedException();
    }
    return user;
    }
    }


    Documentation: https://docs.nestjs.com/guards



    Thanks for any help.










    share|improve this question


























      up vote
      1
      down vote

      favorite









      up vote
      1
      down vote

      favorite











      The documentation is kinda thin here so I ran into a problem. I try to use Guards to secure Controller or it's Actions, so I gonna ask for the role of authenticated requests (by JWT). In my auth.guard.ts I ask for "request.user" but it's empty, so I can't check the users role. I don't know how to define "request.user". Here is my auth module and it's imports.



      auth.controller.ts



      import { Controller, Get, UseGuards } from '@nestjs/common';
      import { AuthGuard } from '@nestjs/passport';
      import { AuthService } from './auth.service';
      import { RolesGuard } from './auth.guard';

      @Controller('auth')
      export class AuthController {
      constructor(private readonly authService: AuthService) {}

      @Get('token')
      async createToken(): Promise<any> {
      return await this.authService.signIn();
      }

      @Get('data')
      @UseGuards(RolesGuard)
      findAll() {
      return { message: 'authed!' };
      }
      }


      roles.guard.ts



      Here user.request is empty, because I never define it. The documentation doesn't show how or where.



      import { Injectable, CanActivate, ExecutionContext } from '@nestjs/common';
      import { Reflector } from '@nestjs/core';

      @Injectable()
      export class RolesGuard implements CanActivate {
      constructor(private readonly reflector: Reflector) {}

      canActivate(context: ExecutionContext): boolean {
      const roles = this.reflector.get<string>('roles', context.getHandler());
      if (!roles) {
      return true;
      }
      const request = context.switchToHttp().getRequest();
      const user = request.user; // it's undefined
      const hasRole = () =>
      user.roles.some(role => !!roles.find(item => item === role));
      return user && user.roles && hasRole();
      }
      }


      auth.module.ts



      import { Module } from '@nestjs/common';
      import { AuthService } from './auth.service';
      import { HttpStrategy } from './http.strategy';
      import { UserModule } from './../user/user.module';
      import { AuthController } from './auth.controller';
      import { JwtStrategy } from './jwt.strategy';
      import { PassportModule } from '@nestjs/passport';
      import { JwtModule } from '@nestjs/jwt';

      @Module({
      imports: [
      PassportModule.register({ defaultStrategy: 'jwt' }),
      JwtModule.register({
      secretOrPrivateKey: 'secretKey',
      signOptions: {
      expiresIn: 3600,
      },
      }),
      UserModule,
      ],
      providers: [AuthService, HttpStrategy],
      controllers: [AuthController],
      })
      export class AuthModule {}


      auth.service.ts



      import { Injectable } from '@nestjs/common';
      import { UserService } from '../user/user.service';
      import { JwtService } from '@nestjs/jwt';

      @Injectable()
      export class AuthService {
      constructor(
      private readonly userService: UserService,
      private readonly jwtService: JwtService,
      ) {}

      async signIn(): Promise<object> {
      // In the real-world app you shouldn't expose this method publicly
      // instead, return a token once you verify user credentials
      const user: any = { email: 'user@email.com' };
      const token: string = this.jwtService.sign(user);
      return { token };
      }

      async validateUser(payload: any): Promise<any> {
      // Validate if token passed along with HTTP request
      // is associated with any registered account in the database
      return await this.userService.findOneByEmail(payload.email);
      }
      }


      jwt.strategy.ts



      import { ExtractJwt, Strategy } from 'passport-jwt';
      import { AuthService } from './auth.service';
      import { PassportStrategy } from '@nestjs/passport';
      import { Injectable, UnauthorizedException } from '@nestjs/common';

      @Injectable()
      export class JwtStrategy extends PassportStrategy(Strategy) {
      constructor(private readonly authService: AuthService) {
      super({
      jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
      secretOrKey: 'secretKey',
      });
      }

      async validate(payload: any) {
      const user = await this.authService.validateUser(payload);
      if (!user) {
      throw new UnauthorizedException();
      }
      return user;
      }
      }


      Documentation: https://docs.nestjs.com/guards



      Thanks for any help.










      share|improve this question















      The documentation is kinda thin here so I ran into a problem. I try to use Guards to secure Controller or it's Actions, so I gonna ask for the role of authenticated requests (by JWT). In my auth.guard.ts I ask for "request.user" but it's empty, so I can't check the users role. I don't know how to define "request.user". Here is my auth module and it's imports.



      auth.controller.ts



      import { Controller, Get, UseGuards } from '@nestjs/common';
      import { AuthGuard } from '@nestjs/passport';
      import { AuthService } from './auth.service';
      import { RolesGuard } from './auth.guard';

      @Controller('auth')
      export class AuthController {
      constructor(private readonly authService: AuthService) {}

      @Get('token')
      async createToken(): Promise<any> {
      return await this.authService.signIn();
      }

      @Get('data')
      @UseGuards(RolesGuard)
      findAll() {
      return { message: 'authed!' };
      }
      }


      roles.guard.ts



      Here user.request is empty, because I never define it. The documentation doesn't show how or where.



      import { Injectable, CanActivate, ExecutionContext } from '@nestjs/common';
      import { Reflector } from '@nestjs/core';

      @Injectable()
      export class RolesGuard implements CanActivate {
      constructor(private readonly reflector: Reflector) {}

      canActivate(context: ExecutionContext): boolean {
      const roles = this.reflector.get<string>('roles', context.getHandler());
      if (!roles) {
      return true;
      }
      const request = context.switchToHttp().getRequest();
      const user = request.user; // it's undefined
      const hasRole = () =>
      user.roles.some(role => !!roles.find(item => item === role));
      return user && user.roles && hasRole();
      }
      }


      auth.module.ts



      import { Module } from '@nestjs/common';
      import { AuthService } from './auth.service';
      import { HttpStrategy } from './http.strategy';
      import { UserModule } from './../user/user.module';
      import { AuthController } from './auth.controller';
      import { JwtStrategy } from './jwt.strategy';
      import { PassportModule } from '@nestjs/passport';
      import { JwtModule } from '@nestjs/jwt';

      @Module({
      imports: [
      PassportModule.register({ defaultStrategy: 'jwt' }),
      JwtModule.register({
      secretOrPrivateKey: 'secretKey',
      signOptions: {
      expiresIn: 3600,
      },
      }),
      UserModule,
      ],
      providers: [AuthService, HttpStrategy],
      controllers: [AuthController],
      })
      export class AuthModule {}


      auth.service.ts



      import { Injectable } from '@nestjs/common';
      import { UserService } from '../user/user.service';
      import { JwtService } from '@nestjs/jwt';

      @Injectable()
      export class AuthService {
      constructor(
      private readonly userService: UserService,
      private readonly jwtService: JwtService,
      ) {}

      async signIn(): Promise<object> {
      // In the real-world app you shouldn't expose this method publicly
      // instead, return a token once you verify user credentials
      const user: any = { email: 'user@email.com' };
      const token: string = this.jwtService.sign(user);
      return { token };
      }

      async validateUser(payload: any): Promise<any> {
      // Validate if token passed along with HTTP request
      // is associated with any registered account in the database
      return await this.userService.findOneByEmail(payload.email);
      }
      }


      jwt.strategy.ts



      import { ExtractJwt, Strategy } from 'passport-jwt';
      import { AuthService } from './auth.service';
      import { PassportStrategy } from '@nestjs/passport';
      import { Injectable, UnauthorizedException } from '@nestjs/common';

      @Injectable()
      export class JwtStrategy extends PassportStrategy(Strategy) {
      constructor(private readonly authService: AuthService) {
      super({
      jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
      secretOrKey: 'secretKey',
      });
      }

      async validate(payload: any) {
      const user = await this.authService.validateUser(payload);
      if (!user) {
      throw new UnauthorizedException();
      }
      return user;
      }
      }


      Documentation: https://docs.nestjs.com/guards



      Thanks for any help.







      javascript node.js typescript nestjs






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Nov 22 at 11:30









      Kim Kern

      7,36922344




      7,36922344










      asked Nov 22 at 7:44









      bonblow

      97310




      97310
























          2 Answers
          2






          active

          oldest

          votes

















          up vote
          0
          down vote



          accepted










          Additionally to your RolesGuard you need to use an AuthGuard.



          Standard



          You can use the standard AuthGuard implementation which attaches the user object to the request. It throws a 401 error, when the user is unauthenticated.



          @UseGuards(AuthGuard('jwt'))


          Extension



          If you need to write your own guard because you need different behavior, extend the original AuthGuard and override the methods you need to change (handleRequest in the example):



          @Injectable()
          export class MyAuthGuard extends AuthGuard('jwt') {

          handleRequest(err, user, info: Error) {
          // don't throw 401 error when unauthenticated
          return user;
          }

          }




          Why do this?



          If you look at the source code of the AuthGuard you can see that it attaches the user to the request as a callback to the passport method. If you don't want to use/extend the AuthGuard, you will have to implement/copy the relevant parts.



          const user = await passportFn(
          type || this.options.defaultStrategy,
          options,
          // This is the callback passed to passport. handleRequest returns the user.
          (err, info, user) => this.handleRequest(err, info, user)
          );
          // Then the user object is attached to the request
          // under the default property 'user' which you can change by configuration.
          request[options.property || defaultOptions.property] = user;





          share|improve this answer





















          • It works since I use @UseGuards(AuthGuard('jwt'), RolesGuard) as decorator. I extending AuthGuard for my RolesGuard and overwriting the functions, but it's seems they don't get called.
            – bonblow
            Nov 22 at 16:32










          • I'm glad it's working now. :-) I think from a single responsibility perspective it makes sense to have them separate. If you still wanted to extend in your case, you would probably want to override canActivate(...) and then call super.canActivate(...) from within.
            – Kim Kern
            Nov 22 at 17:48


















          up vote
          0
          down vote













          Does it work if you use req.authInfo?



          As long as you don't provide a custom callback to passport.authenticate method, the user data should be attached to the request object like this.



          req.authInfo should be the object you returned in your validate method






          share|improve this answer





















            Your Answer






            StackExchange.ifUsing("editor", function () {
            StackExchange.using("externalEditor", function () {
            StackExchange.using("snippets", function () {
            StackExchange.snippets.init();
            });
            });
            }, "code-snippets");

            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "1"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53426069%2fgetting-user-data-by-using-guards-roles-jwt%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            2 Answers
            2






            active

            oldest

            votes








            2 Answers
            2






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes








            up vote
            0
            down vote



            accepted










            Additionally to your RolesGuard you need to use an AuthGuard.



            Standard



            You can use the standard AuthGuard implementation which attaches the user object to the request. It throws a 401 error, when the user is unauthenticated.



            @UseGuards(AuthGuard('jwt'))


            Extension



            If you need to write your own guard because you need different behavior, extend the original AuthGuard and override the methods you need to change (handleRequest in the example):



            @Injectable()
            export class MyAuthGuard extends AuthGuard('jwt') {

            handleRequest(err, user, info: Error) {
            // don't throw 401 error when unauthenticated
            return user;
            }

            }




            Why do this?



            If you look at the source code of the AuthGuard you can see that it attaches the user to the request as a callback to the passport method. If you don't want to use/extend the AuthGuard, you will have to implement/copy the relevant parts.



            const user = await passportFn(
            type || this.options.defaultStrategy,
            options,
            // This is the callback passed to passport. handleRequest returns the user.
            (err, info, user) => this.handleRequest(err, info, user)
            );
            // Then the user object is attached to the request
            // under the default property 'user' which you can change by configuration.
            request[options.property || defaultOptions.property] = user;





            share|improve this answer





















            • It works since I use @UseGuards(AuthGuard('jwt'), RolesGuard) as decorator. I extending AuthGuard for my RolesGuard and overwriting the functions, but it's seems they don't get called.
              – bonblow
              Nov 22 at 16:32










            • I'm glad it's working now. :-) I think from a single responsibility perspective it makes sense to have them separate. If you still wanted to extend in your case, you would probably want to override canActivate(...) and then call super.canActivate(...) from within.
              – Kim Kern
              Nov 22 at 17:48















            up vote
            0
            down vote



            accepted










            Additionally to your RolesGuard you need to use an AuthGuard.



            Standard



            You can use the standard AuthGuard implementation which attaches the user object to the request. It throws a 401 error, when the user is unauthenticated.



            @UseGuards(AuthGuard('jwt'))


            Extension



            If you need to write your own guard because you need different behavior, extend the original AuthGuard and override the methods you need to change (handleRequest in the example):



            @Injectable()
            export class MyAuthGuard extends AuthGuard('jwt') {

            handleRequest(err, user, info: Error) {
            // don't throw 401 error when unauthenticated
            return user;
            }

            }




            Why do this?



            If you look at the source code of the AuthGuard you can see that it attaches the user to the request as a callback to the passport method. If you don't want to use/extend the AuthGuard, you will have to implement/copy the relevant parts.



            const user = await passportFn(
            type || this.options.defaultStrategy,
            options,
            // This is the callback passed to passport. handleRequest returns the user.
            (err, info, user) => this.handleRequest(err, info, user)
            );
            // Then the user object is attached to the request
            // under the default property 'user' which you can change by configuration.
            request[options.property || defaultOptions.property] = user;





            share|improve this answer





















            • It works since I use @UseGuards(AuthGuard('jwt'), RolesGuard) as decorator. I extending AuthGuard for my RolesGuard and overwriting the functions, but it's seems they don't get called.
              – bonblow
              Nov 22 at 16:32










            • I'm glad it's working now. :-) I think from a single responsibility perspective it makes sense to have them separate. If you still wanted to extend in your case, you would probably want to override canActivate(...) and then call super.canActivate(...) from within.
              – Kim Kern
              Nov 22 at 17:48













            up vote
            0
            down vote



            accepted







            up vote
            0
            down vote



            accepted






            Additionally to your RolesGuard you need to use an AuthGuard.



            Standard



            You can use the standard AuthGuard implementation which attaches the user object to the request. It throws a 401 error, when the user is unauthenticated.



            @UseGuards(AuthGuard('jwt'))


            Extension



            If you need to write your own guard because you need different behavior, extend the original AuthGuard and override the methods you need to change (handleRequest in the example):



            @Injectable()
            export class MyAuthGuard extends AuthGuard('jwt') {

            handleRequest(err, user, info: Error) {
            // don't throw 401 error when unauthenticated
            return user;
            }

            }




            Why do this?



            If you look at the source code of the AuthGuard you can see that it attaches the user to the request as a callback to the passport method. If you don't want to use/extend the AuthGuard, you will have to implement/copy the relevant parts.



            const user = await passportFn(
            type || this.options.defaultStrategy,
            options,
            // This is the callback passed to passport. handleRequest returns the user.
            (err, info, user) => this.handleRequest(err, info, user)
            );
            // Then the user object is attached to the request
            // under the default property 'user' which you can change by configuration.
            request[options.property || defaultOptions.property] = user;





            share|improve this answer












            Additionally to your RolesGuard you need to use an AuthGuard.



            Standard



            You can use the standard AuthGuard implementation which attaches the user object to the request. It throws a 401 error, when the user is unauthenticated.



            @UseGuards(AuthGuard('jwt'))


            Extension



            If you need to write your own guard because you need different behavior, extend the original AuthGuard and override the methods you need to change (handleRequest in the example):



            @Injectable()
            export class MyAuthGuard extends AuthGuard('jwt') {

            handleRequest(err, user, info: Error) {
            // don't throw 401 error when unauthenticated
            return user;
            }

            }




            Why do this?



            If you look at the source code of the AuthGuard you can see that it attaches the user to the request as a callback to the passport method. If you don't want to use/extend the AuthGuard, you will have to implement/copy the relevant parts.



            const user = await passportFn(
            type || this.options.defaultStrategy,
            options,
            // This is the callback passed to passport. handleRequest returns the user.
            (err, info, user) => this.handleRequest(err, info, user)
            );
            // Then the user object is attached to the request
            // under the default property 'user' which you can change by configuration.
            request[options.property || defaultOptions.property] = user;






            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered Nov 22 at 11:17









            Kim Kern

            7,36922344




            7,36922344












            • It works since I use @UseGuards(AuthGuard('jwt'), RolesGuard) as decorator. I extending AuthGuard for my RolesGuard and overwriting the functions, but it's seems they don't get called.
              – bonblow
              Nov 22 at 16:32










            • I'm glad it's working now. :-) I think from a single responsibility perspective it makes sense to have them separate. If you still wanted to extend in your case, you would probably want to override canActivate(...) and then call super.canActivate(...) from within.
              – Kim Kern
              Nov 22 at 17:48


















            • It works since I use @UseGuards(AuthGuard('jwt'), RolesGuard) as decorator. I extending AuthGuard for my RolesGuard and overwriting the functions, but it's seems they don't get called.
              – bonblow
              Nov 22 at 16:32










            • I'm glad it's working now. :-) I think from a single responsibility perspective it makes sense to have them separate. If you still wanted to extend in your case, you would probably want to override canActivate(...) and then call super.canActivate(...) from within.
              – Kim Kern
              Nov 22 at 17:48
















            It works since I use @UseGuards(AuthGuard('jwt'), RolesGuard) as decorator. I extending AuthGuard for my RolesGuard and overwriting the functions, but it's seems they don't get called.
            – bonblow
            Nov 22 at 16:32




            It works since I use @UseGuards(AuthGuard('jwt'), RolesGuard) as decorator. I extending AuthGuard for my RolesGuard and overwriting the functions, but it's seems they don't get called.
            – bonblow
            Nov 22 at 16:32












            I'm glad it's working now. :-) I think from a single responsibility perspective it makes sense to have them separate. If you still wanted to extend in your case, you would probably want to override canActivate(...) and then call super.canActivate(...) from within.
            – Kim Kern
            Nov 22 at 17:48




            I'm glad it's working now. :-) I think from a single responsibility perspective it makes sense to have them separate. If you still wanted to extend in your case, you would probably want to override canActivate(...) and then call super.canActivate(...) from within.
            – Kim Kern
            Nov 22 at 17:48












            up vote
            0
            down vote













            Does it work if you use req.authInfo?



            As long as you don't provide a custom callback to passport.authenticate method, the user data should be attached to the request object like this.



            req.authInfo should be the object you returned in your validate method






            share|improve this answer

























              up vote
              0
              down vote













              Does it work if you use req.authInfo?



              As long as you don't provide a custom callback to passport.authenticate method, the user data should be attached to the request object like this.



              req.authInfo should be the object you returned in your validate method






              share|improve this answer























                up vote
                0
                down vote










                up vote
                0
                down vote









                Does it work if you use req.authInfo?



                As long as you don't provide a custom callback to passport.authenticate method, the user data should be attached to the request object like this.



                req.authInfo should be the object you returned in your validate method






                share|improve this answer












                Does it work if you use req.authInfo?



                As long as you don't provide a custom callback to passport.authenticate method, the user data should be attached to the request object like this.



                req.authInfo should be the object you returned in your validate method







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Nov 22 at 9:06









                Lewsmith

                458




                458






























                    draft saved

                    draft discarded




















































                    Thanks for contributing an answer to Stack Overflow!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.





                    Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


                    Please pay close attention to the following guidance:


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53426069%2fgetting-user-data-by-using-guards-roles-jwt%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    Berounka

                    Sphinx de Gizeh

                    Different font size/position of beamer's navigation symbols template's content depending on regular/plain...