nilsjohan/recipe-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: enhance CORS configuration and implement throttling for API endpoints; add admin role checks in controllers

Browse Source
This commit is contained in:
Nils-Johan Gynther
2026-04-21 08:17:44 +02:00
parent 7748ad311f
commit e370062b5c
10 changed files with 44 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/src/auth/jwt-auth.guard.ts
+1 -13
View File
@@ -10,23 +10,11 @@ export class JwtAuthGuard extends AuthGuard('jwt') {
}
canActivate(context: ExecutionContext) {
const request = context.switchToHttp().getRequest();
const authHeader = request.headers.authorization;
const path = request.path;
const method = request.method;
console.log(`[JwtAuthGuard.canActivate] ${method} ${path}`);
console.log(`[JwtAuthGuard.canActivate] Authorization header:`, authHeader ? 'YES' : 'NO');
const isPublic = this.reflector.getAllAndOverride<boolean>(IS_PUBLIC_KEY, [
context.getHandler(),
context.getClass(),
]);
console.log(`[JwtAuthGuard.canActivate] isPublic:`, isPublic);
if (isPublic) return true;
const result = super.canActivate(context);
console.log(`[JwtAuthGuard.canActivate] super.canActivate result:`, result);
return result;
return super.canActivate(context);
}
}
backend/src/auth/jwt.strategy.ts
+1 -4
View File
@@ -15,9 +15,6 @@ export class JwtStrategy extends PassportStrategy(Strategy) {
}
async validate(payload: { sub: number; username: string; role: string; isPremium: boolean }) {
console.log('[JwtStrategy.validate] Payload received:', payload);
const result = { userId: payload.sub, username: payload.username, role: payload.role ?? 'user', isPremium: payload.isPremium ?? false };
console.log('[JwtStrategy.validate] Returning user:', result);
return result;
return { userId: payload.sub, username: payload.username, role: payload.role ?? 'user', isPremium: payload.isPremium ?? false };
}
}