Transfer repository from Gitlab

server/src/api-v1/auth/auth.controller.ts

@@ -0,0 +1,29 @@
+import { Body, Controller, Post, UseGuards, ValidationPipe } from '@nestjs/common';
+import { AuthUserDto, GetAuthUser } from '../../decorators/auth-user.decorator';
+import { JwtAuthGuard } from '../../modules/immich-jwt/guards/jwt-auth.guard';
+import { AuthService } from './auth.service';
+import { LoginCredentialDto } from './dto/login-credential.dto';
+import { SignUpDto } from './dto/sign-up.dto';
+
+@Controller('auth')
+export class AuthController {
+  constructor(private readonly authService: AuthService) {}
+
+  @Post('/login')
+  async login(@Body(ValidationPipe) loginCredential: LoginCredentialDto) {
+    return await this.authService.login(loginCredential);
+  }
+
+  @Post('/signUp')
+  async signUp(@Body(ValidationPipe) signUpCrendential: SignUpDto) {
+    return await this.authService.signUp(signUpCrendential);
+  }
+
+  @UseGuards(JwtAuthGuard)
+  @Post('/validateToken')
+  async validateToken(@GetAuthUser() authUser: AuthUserDto) {
+    return {
+      authStatus: true,
+    };
+  }
+}

server/src/api-v1/auth/auth.module.ts

@@ -0,0 +1,16 @@
+import { Module } from '@nestjs/common';
+import { AuthService } from './auth.service';
+import { AuthController } from './auth.controller';
+import { TypeOrmModule } from '@nestjs/typeorm';
+import { UserEntity } from '../user/entities/user.entity';
+import { ImmichJwtService } from '../../modules/immich-jwt/immich-jwt.service';
+import { ImmichJwtModule } from '../../modules/immich-jwt/immich-jwt.module';
+import { JwtModule } from '@nestjs/jwt';
+import { jwtConfig } from '../../config/jwt.config';
+
+@Module({
+  imports: [TypeOrmModule.forFeature([UserEntity]), ImmichJwtModule, JwtModule.register(jwtConfig)],
+  controllers: [AuthController],
+  providers: [AuthService, ImmichJwtService],
+})
+export class AuthModule {}

server/src/api-v1/auth/auth.service.ts

@@ -0,0 +1,84 @@
+import { BadRequestException, Injectable, InternalServerErrorException, Logger } from '@nestjs/common';
+import { InjectRepository } from '@nestjs/typeorm';
+import { Repository } from 'typeorm';
+import { UserEntity } from '../user/entities/user.entity';
+import { LoginCredentialDto } from './dto/login-credential.dto';
+import { ImmichJwtService } from '../../modules/immich-jwt/immich-jwt.service';
+import { JwtPayloadDto } from './dto/jwt-payload.dto';
+import { SignUpDto } from './dto/sign-up.dto';
+import * as bcrypt from 'bcrypt';
+
+@Injectable()
+export class AuthService {
+  constructor(
+    @InjectRepository(UserEntity)
+    private userRepository: Repository<UserEntity>,
+    private immichJwtService: ImmichJwtService,
+  ) {}
+
+  private async validateUser(loginCredential: LoginCredentialDto): Promise<UserEntity> {
+    const user = await this.userRepository.findOne(
+      { email: loginCredential.email },
+      { select: ['id', 'email', 'password', 'salt'] },
+    );
+
+    const isAuthenticated = await this.validatePassword(user.password, loginCredential.password, user.salt);
+
+    if (user && isAuthenticated) {
+      return user;
+    }
+
+    return null;
+  }
+
+  public async login(loginCredential: LoginCredentialDto) {
+    const validatedUser = await this.validateUser(loginCredential);
+
+    if (!validatedUser) {
+      throw new BadRequestException('Incorrect email or password');
+    }
+
+    const payload = new JwtPayloadDto(validatedUser.id, validatedUser.email);
+
+    return {
+      accessToken: await this.immichJwtService.generateToken(payload),
+      userId: validatedUser.id,
+      userEmail: validatedUser.email,
+    };
+  }
+
+  public async signUp(signUpCrendential: SignUpDto) {
+    const registerUser = await this.userRepository.findOne({ email: signUpCrendential.email });
+
+    if (registerUser) {
+      throw new BadRequestException('User exist');
+    }
+
+    const newUser = new UserEntity();
+    newUser.email = signUpCrendential.email;
+    newUser.salt = await bcrypt.genSalt();
+    newUser.password = await this.hashPassword(signUpCrendential.password, newUser.salt);
+
+    try {
+      const savedUser = await this.userRepository.save(newUser);
+
+      return {
+        id: savedUser.id,
+        email: savedUser.email,
+        createdAt: savedUser.createdAt,
+      };
+    } catch (e) {
+      Logger.error('e', 'signUp');
+      throw new InternalServerErrorException('Failed to register new user');
+    }
+  }
+
+  private async hashPassword(password: string, salt: string): Promise<string> {
+    return bcrypt.hash(password, salt);
+  }
+
+  private async validatePassword(hasedPassword: string, inputPassword: string, salt: string): Promise<boolean> {
+    const hash = await bcrypt.hash(inputPassword, salt);
+    return hash === hasedPassword;
+  }
+}

server/src/api-v1/auth/dto/jwt-payload.dto.ts

@@ -0,0 +1,9 @@
+export class JwtPayloadDto {
+  constructor(userId: string, email: string) {
+    this.userId = userId;
+    this.email = email;
+  }
+
+  userId: string;
+  email: string;
+}

server/src/api-v1/auth/dto/login-credential.dto.ts

@@ -0,0 +1,9 @@
+import { IsNotEmpty } from 'class-validator';
+
+export class LoginCredentialDto {
+  @IsNotEmpty()
+  email: string;
+
+  @IsNotEmpty()
+  password: string;
+}

server/src/api-v1/auth/dto/sign-up.dto.ts

@@ -0,0 +1,9 @@
+import { IsNotEmpty } from 'class-validator';
+
+export class SignUpDto {
+  @IsNotEmpty()
+  email: string;
+
+  @IsNotEmpty()
+  password: string;
+}