Tudor
Tudor
PostsComments
KKinde
Created by iamaman on 4/15/2024 in #💻┃support
How to validate an access token in Python?
// src/auth/jwt-auth.guard.ts 
import {
  Injectable,
  CanActivate,
  ExecutionContext,
  UnauthorizedException,
} from '@nestjs/common';
import * as jwt from 'jsonwebtoken';

@Injectable()
export class JwtAuthGuard implements CanActivate {
  private readonly secret =
    'my_client_secret';
  canActivate(context: ExecutionContext): boolean {
    const request = context.switchToHttp().getRequest();
    const authHeader = request.headers.authorization;

    if (!authHeader) {
      throw new UnauthorizedException('Authorization header is missing.');
    }

    const token = authHeader.split(' ')[1];

    try {
      console.log('token', token);
      const decoded = jwt.verify(token, this.secret, {
        algorithms: ['RS256'],
      });
      console.log('Decoded JWT:', decoded);
      request.user = decoded;
      return true;
    } catch (error) {
      console.error('Error:', error);
      throw new UnauthorizedException('Invalid token.');
    }
  }
}
import {
  Injectable,
  CanActivate,
  ExecutionContext,
  UnauthorizedException,
} from '@nestjs/common';
import * as jwt from 'jsonwebtoken';

@Injectable()
export class JwtAuthGuard implements CanActivate {
  private readonly secret =
    'my_client_secret';
  canActivate(context: ExecutionContext): boolean {
    const request = context.switchToHttp().getRequest();
    const authHeader = request.headers.authorization;

    if (!authHeader) {
      throw new UnauthorizedException('Authorization header is missing.');
    }

    const token = authHeader.split(' ')[1];

    try {
      console.log('token', token);
      const decoded = jwt.verify(token, this.secret, {
        algorithms: ['RS256'],
      });
      console.log('Decoded JWT:', decoded);
      request.user = decoded;
      return true;
    } catch (error) {
      console.error('Error:', error);
      throw new UnauthorizedException('Invalid token.');
    }
  }
}
15 replies
KKinde
Created by iamaman on 4/15/2024 in #💻┃support
How to validate an access token in Python?
i m trying to validate it but i get this error: secretOrPublicKey must be an asymmetric key when using RS256
15 replies
KKinde
Created by AlexanderO on 4/18/2024 in #💻┃support
How to protect APIs for SaaS with API-first approach?
what is the solution? i dont have slack 😄
7 replies
KKinde
Created by AlexanderO on 4/18/2024 in #💻┃support
How to protect APIs for SaaS with API-first approach?
same problem here
7 replies
KKinde
Created by iamaman on 4/15/2024 in #💻┃support
How to validate an access token in Python?
same problem here but with nestjs i don t get it how i can t verify the token in external backend
15 replies