I've a guard which returns false if the request doesn't have correct jwt token or has expired jwt token. But I'm not being able to send the message back to notify why the request is 403 forbidden.
here's my code
@Guard()
export class AuthGuard implements CanActivate {
canActivate(req: Request, context: ExecutionContext): Promise<boolean> {
return new Promise<boolean>((resolve, reject) => {
if (req.headers.authorization && req.headers.authorization.toString().split(' ')[0] === 'Bearer') {
const token: string = req.headers.authorization.toString().split(' ')[1];
Database.Connection.then((connection: Connection) => {
const decoded = jwt.verify(token, 'secret');
connection.getRepository(User).findOneById(decoded.data).then((user: User) => {
(req as any).user = user;
resolve(true);
});
}).catch((err) => {
resolve(false);
});
} else {
resolve(false);
}
});
}
}
nmabhinandan
All 6 comments
You could take a look at my repo's this is exactly the same problem and a use a middleware and a custom exception to handle and send back to the client
adrien2p
on 8 Oct 2017
Hi @nmabhinandan,
It's easy. Instead of returning false, just throw a HttpException.
kamilmysliwiec
on 8 Oct 2017
Also, it'd be easier to use async / await instead of resolve()
kamilmysliwiec
on 8 Oct 2017
@kamilmysliwiec can canActivate be async?
nmabhinandan
on 8 Oct 2017
@nmabhinandan of course! I see there's no example in the docs. Good point, maybe I should create one :slightly_smiling_face:
kamilmysliwiec
on 8 Oct 2017
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
![lock[bot] picture](https://avatars1.githubusercontent.com/in/6672?v=4&s=40)
lock[bot]
on 25 Sep 2019
Related issues
tronginc
路
3Comments
KamGor
路
3Comments
VRspace4
路
3Comments
artaommahe
路
3Comments
menme95
路
3Comments
Most helpful comment
@nmabhinandan of course! I see there's no example in the docs. Good point, maybe I should create one :slightly_smiling_face: