GateKeeper is responsible for handling and resolving the data from incomming requests.
GateKeeper
@GateKeeper has 2 arguments the first one is SecureContext class and the second is AuthResolver object.
@GateKeeper(AuthContext, AuthContextResolver)
export class AppModule {}SecureContext
Let's create a file src/context/auth.context.ts
import { HttpRequest } from '@heronjs/express';
import { SecureContext, SecureProperty } from '@heronjs/common';
import { Observable, of } from 'rxjs';
export class AuthContext implements SecureContext<JWTToken, SecureProperty> {
OnGuard(data: JWTToken): Observable<SecureProperty> {
//...convert <auth> data to SecureProperty object
return of(
auth || {
roles: ['admin', 'moderator'],
permissions: ['view-naughty-movies'],
}
);
}
}Now we have 2 properties roles and permissions for @Guard decorator
AuthResolver
AuthResolver will resolver and working like a interceptor on every requests.
AuthResolver is an extened interface from IResolver
AuthResolver has 2 optional variables but required in the case http and ws
| Variables | Values | Type | Description | Note |
|---|---|---|---|---|
| http | header,cookie,session | Tuple | It's a tuple type with first argument is HttpInComing and the last is a http header variables | |
| ws | handshake, header | Tuple | It's a tuple type with first argument is WebSocketInComing and the last is socket.io handshake.auth variables |
The @heronjs/common module has JWTResolver class for working with JWT
export const AuthContextResolver: AuthResolver<JWTToken> = {
http: ['header', 'authorization'],
ws: ['handshake', 'token'],
resolve: async (data?: string): Promise<Any> => {
console.log('resolver data ' + data);
return data;
},
};Guard
Guards are responsible for handling and protecting the controller access.
Protecting Resources
To protecting the api route inside a controller. We can use @Guard to define the routing access.
@GuardSupport multiple conditions checking
import { Rest } from '@heronjs/common';
@Rest('/todos')
export class TodoController {
@Get({ uri: '/'})
@Guard({ roles: ['admin'], permissions: ['add-todo'] })
public async findAll(): Promise<TodoModel> {
return ['todo1'];
}
}