Tudor
Tudor
KKinde
Created by iamaman on 4/15/2024 in #💻┃support
How to validate an access token in Python?
// src/auth/jwt-auth.guard.ts
import {
Injectable,
CanActivate,
ExecutionContext,
UnauthorizedException,
} from '@nestjs/common';
import * as jwt from 'jsonwebtoken';

@Injectable()
export class JwtAuthGuard implements CanActivate {
private readonly secret =
'my_client_secret';
canActivate(context: ExecutionContext): boolean {
const request = context.switchToHttp().getRequest();
const authHeader = request.headers.authorization;

if (!authHeader) {
throw new UnauthorizedException('Authorization header is missing.');
}

const token = authHeader.split(' ')[1];

try {
console.log('token', token);
const decoded = jwt.verify(token, this.secret, {
algorithms: ['RS256'],
});
console.log('Decoded JWT:', decoded);
request.user = decoded;
return true;
} catch (error) {
console.error('Error:', error);
throw new UnauthorizedException('Invalid token.');
}
}
}
import {
Injectable,
CanActivate,
ExecutionContext,
UnauthorizedException,
} from '@nestjs/common';
import * as jwt from 'jsonwebtoken';

@Injectable()
export class JwtAuthGuard implements CanActivate {
private readonly secret =
'my_client_secret';
canActivate(context: ExecutionContext): boolean {
const request = context.switchToHttp().getRequest();
const authHeader = request.headers.authorization;

if (!authHeader) {
throw new UnauthorizedException('Authorization header is missing.');
}

const token = authHeader.split(' ')[1];

try {
console.log('token', token);
const decoded = jwt.verify(token, this.secret, {
algorithms: ['RS256'],
});
console.log('Decoded JWT:', decoded);
request.user = decoded;
return true;
} catch (error) {
console.error('Error:', error);
throw new UnauthorizedException('Invalid token.');
}
}
}
15 replies
KKinde
Created by iamaman on 4/15/2024 in #💻┃support
How to validate an access token in Python?
i m trying to validate it but i get this error: secretOrPublicKey must be an asymmetric key when using RS256
15 replies
KKinde
Created by AlexanderO on 4/18/2024 in #💻┃support
How to protect APIs for SaaS with API-first approach?
what is the solution? i dont have slack 😄
7 replies
KKinde
Created by AlexanderO on 4/18/2024 in #💻┃support
How to protect APIs for SaaS with API-first approach?
same problem here
7 replies
KKinde
Created by iamaman on 4/15/2024 in #💻┃support
How to validate an access token in Python?
same problem here but with nestjs i don t get it how i can t verify the token in external backend
15 replies