Merge branch 'master' into dependabot/npm_and_yarn/vm2-3.9.16

SciCatProject · Apr 13, 2023 · 99e6e17 · 99e6e17
2 parents 28ef80d + d670a7a
commit 99e6e17
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 3 deletions.
diff --git a/src/users/dto/create-custom-jwt.dto.ts b/src/users/dto/create-custom-jwt.dto.ts
@@ -0,0 +1,16 @@
+import { JwtSignOptions } from "@nestjs/jwt";
+import { ApiProperty } from "@nestjs/swagger";
+import { Type } from "class-transformer";
+import { IsOptional, IsString } from "class-validator";
+
+export class CreateCustomJwt implements JwtSignOptions {
+  @ApiProperty({
+    required: false,
+    description:
+      "When the token is going to expire. It can be expressed as the number of ms or as a string according to the documentation available at https://github.com/auth0/node-jsonwebtoken#readme",
+  })
+  @IsOptional()
+  @Type(() => String)
+  @IsString()
+  readonly expiresIn?: string;
+}
diff --git a/src/users/users.controller.ts b/src/users/users.controller.ts
@@ -42,6 +42,7 @@ import { LocalAuthGuard } from "src/auth/guards/local-auth.guard";
 import { DatasetClass } from "src/datasets/schemas/dataset.schema";
 import { JwtAuthGuard } from "src/auth/guards/jwt-auth.guard";
 import { JwtSignOptions } from "@nestjs/jwt";
+import { CreateCustomJwt } from "./dto/create-custom-jwt.dto";
 //import { AuthController } from "src/auth/auth.controller";
 
 @ApiBearerAuth()
@@ -286,6 +287,7 @@ export class UsersController {
     description:
       "It creates a new jwt token for the user specified. Only users in admin groups can create use this endpoint. Token expiration can be custom. Use 'expiresIn: never' for tokens that have no expiration.",
   })
+  @ApiBody({ type: CreateCustomJwt })
   @ApiResponse({
     status: 201,
     type: CreateUserJWT,
@@ -295,12 +297,15 @@ export class UsersController {
   async createCustomJWT(
     @Req() request: Request,
     @Param("id") id: string,
-    @Body() jwtProperties: JwtSignOptions,
+    @Body() jwtProperties: CreateCustomJwt,
   ): Promise<CreateUserJWT | null> {
     const viewedUser = (await this.usersService.findById2JWTUser(
       id,
     )) as JWTUser;
 
-    return this.usersService.createCustomJWT(viewedUser, jwtProperties);
+    return this.usersService.createCustomJWT(
+      viewedUser,
+      jwtProperties as JwtSignOptions,
+    );
   }
 }
diff --git a/src/users/users.service.ts b/src/users/users.service.ts
@@ -293,9 +293,17 @@ export class UsersService implements OnModuleInit {
     user: JWTUser,
     jwtProperties: JwtSignOptions,
   ): Promise<CreateUserJWT | null> {
-    const signAndVerifyOptions = { ...jwtProperties };
+    const signAndVerifyOptions: JwtSignOptions = {
+      ...jwtProperties,
+    } as JwtSignOptions;
     if (signAndVerifyOptions.expiresIn == "never") {
       delete signAndVerifyOptions.expiresIn;
+    } else if (
+      typeof signAndVerifyOptions.expiresIn === "string" &&
+      signAndVerifyOptions.expiresIn &&
+      !isNaN(+signAndVerifyOptions.expiresIn)
+    ) {
+      signAndVerifyOptions.expiresIn = parseInt(signAndVerifyOptions.expiresIn);
     }
     signAndVerifyOptions.secret = this.configService.get<string>("jwt.secret");
     const payload = {