Adding Custom Endpoints | Angular Todos
Table of Contents
Step 1 - Creating Users
In the previous step, we applied permissions to the User entity so that only users with the User role can create entries. This is generally secure, but we want to enable new users to also create an account. Instead of modifying the endpoint for creating a user, we will build a new endpoint specifically allowing a new user to be created.
Open
server/src/auth/auth.service.tsin your IDE. In theAuthServiceclass you'll see that there already exists a method,login, that validates a user and, if it is a valid user, returns an access token.Here we will add a method to enable the users to sign up. Copy the below method after the
loginmethod, and take the time to read through the comments to get a better understanding of what this code does.async signup(credentials: Credentials): Promise<UserInfo> {
// Extract the username and password from the body of the request
const { username, password } = credentials;
// Here we attempt to create a new user
const user = await this.userService.create({
data: {
username,
password,
roles: ["todoUser"], // Here we assign every new user the `Todo User` role
},
});
// If creating a new user fails throw an error
if (!user) {
throw new UnauthorizedException("Could not create user");
}
// Create an access token for the newly created user
const accessToken = await this.tokenService.createToken({
id: user.id,
username,
password,
});
// Return the access token as well as the some details about the user
return {
accessToken,
username: user.username,
id: user.id,
roles: (user.roles as {roles: string[]}).roles,
};
}With the logic in place to create a new user, a new endpoint needs to be created in the
AuthController. Openserver/src/auth/auth.controller.tsand copy the following method into theAuthController.@Post("signup")
async signup(@Body() body: Credentials): Promise<UserInfo> {
return this.authService.signup(body);
}Something that may look different if you haven't had exposure to TypeScript is this:
@Post("signup"). The@is the annotation for a decorator. Decorators are a feature that allows certain properties or logic to be easily assigned to a class, method, property, and more. This decorator sets up thesignupmethod as aPOSTendpoint, with the path of/signup.Finally, open
server/src/auth/auth.resolver.tsand copy the following method into theAuthResolverclass.@Mutation(() => UserInfo)
async signup(@Args() args: LoginArgs): Promise<UserInfo> {
return this.authService.signup(args.credentials);
}Like above, this method also is using a decorator, specifically a
Mutationdecorator. This is used to set up thesignupmethod as a mutation in our GraphQL server.
Step 2 - Getting the Signed In User
Besides allowing for new users to be created, we also want to be able to get information about the user currently signed in.
Open
server/src/auth/token.service.ts. Here theTokenServiceclass is exported and is responsible for creating JWT tokens when a user signs in. The JWT token is the access token that authorizes our application to make requests to our backend and stores the username of the current user. We will want to be able to extract the username to find them in theUserentity. So add the following method to this class:/**
* @param bearer
* @returns the username from a jwt token
*/
decodeToken(bearer: string): string {
return this.jwtService.verify(bearer).username;
}Return to
server/src/auth/auth.service.tsand replace the imports at the top of the file with this:import {
Injectable,
UnauthorizedException,
NotFoundException,
} from "@nestjs/common";
import { UserService } from "../user/user.service";
import { Credentials } from "./Credentials";
import { PasswordService } from "./password.service";
import { TokenService } from "./token.service";
import { UserInfo } from "./UserInfo";
import { User } from "../user/base/User";Add the new
memethod to theAuthServiceclass. This method will take the authorization header of an HTTP request, decode the JWT token to get theusernameof the current user, and then fetch and return the user object belonging to the user.async me(authorization: string = ""): Promise<User> {
const bearer = authorization.replace(/^Bearer\s/, "");
const username = this.tokenService.decodeToken(bearer);
const result = await this.userService.findOne({
where: { username },
select: {
createdAt: true,
firstName: true,
id: true,
lastName: true,
roles: true,
updatedAt: true,
username: true,
},
});
if (!result) {
throw new NotFoundException(`No resource was found for ${username}`);
}
return result;
}To make this request via an HTTP call or a GraphQL query, we'll need to expose it in the
AuthControllerandAuthResolveras we did with thesignupmethod above.Open
server/src/auth/auth.controller.tsand replace the imports at the top of the file with this:import { Body, Controller, Post, Get, Req } from "@nestjs/common";
import { ApiBearerAuth, ApiOkResponse, ApiTags } from "@nestjs/swagger";
import { Request } from "express";
import { AuthService } from "./auth.service";
import { Credentials } from "./Credentials";
import { UserInfo } from "./UserInfo";
import { User } from "../user/base/User";Add the new
memethod to theAuthControllerclass.@ApiBearerAuth()
@ApiOkResponse({ type: User })
@Get("me")
async me(@Req() request: Request): Promise<User> {
return this.authService.me(request.headers.authorization);
}This method uses the
Getdecorator, meaning it's forGETrequests as it's only used to fetch data. There are two other new decorators attached to this method as well:ApiBearerAuthandApiOkResponse. While neither of them is necessary, they allow for the UI used to read our documented endpoints to show meaningful data for this endpoint. It says that a request to this endpoint must be authorized, that way we can get the JWT access token. Also, we are defining what type of object is being returned by this request; aUserobject.Open
server/src/auth/auth.resolver.tsand replace the imports at the top of the file with this:import * as common from "@nestjs/common";
import { Args, Mutation, Query, Resolver, Context } from "@nestjs/graphql";
import { Request } from "express";
import * as gqlACGuard from "../auth/gqlAC.guard";
import { AuthService } from "./auth.service";
import { GqlDefaultAuthGuard } from "./gqlDefaultAuth.guard";
import { UserData } from "./userData.decorator";
import { LoginArgs } from "./LoginArgs";
import { UserInfo } from "./UserInfo";
import { User } from "../user/base/User";Add the new
memethod to theAuthResolverclass.@Query(() => User)
async me(@Context('req') request: Request): Promise<User> {
return this.authService.me(request.headers.authorization);
}
Step 3 - Run It Again
With the necessary updates to our backend in place let's spin up the backend and explore our self-documented REST endpoints. Run the following command:
npm run start:backendOnce the backend is running, visit http://localhost:3000/api/ and scroll down to the
authsection. A newPOSTendpoint,/api/signup, will appear. The endpoint can be tested right there in the browser.Click the endpoint to show more details, then click
Try it out.Change the value of
usernameandpasswordto any string value and clickExecute.
After clicking
Execute, scroll down to see the result of the request.
Step 4 - Wrap Up
We will eventually need to make a few more changes to our backend, but now users can create an account as well as sign in with their existing account.
To view the changes for this step, visit here.