|
|
import { CanActivate, ExecutionContext, Injectable, UnauthorizedException } from '@nestjs/common'; |
|
|
import { Observable } from 'rxjs'; |
|
|
|
|
|
@Injectable() |
|
|
export class AdminAuthGuard implements CanActivate { |
|
|
private readonly expectedToken = process.env.ADMIN_TOKEN || 'admin-token'; |
|
|
|
|
|
canActivate( |
|
|
context: ExecutionContext, |
|
|
): boolean | Promise<boolean> | Observable<boolean> { |
|
|
const request = context.switchToHttp().getRequest(); |
|
|
const headerToken = request.headers['x-admin-token'] || request.headers['authorization']; |
|
|
const token = typeof headerToken === 'string' && headerToken.startsWith('Bearer ') |
|
|
? headerToken.slice(7) |
|
|
: headerToken; |
|
|
|
|
|
if (token === this.expectedToken) { |
|
|
return true; |
|
|
} |
|
|
|
|
|
throw new UnauthorizedException('Invalid admin token'); |
|
|
} |
|
|
} |
|
|
|
