added AuthGuard to CUD pages and gateways

Author: mehmetsefabalik

src/gateway/gateway.gateway.ts

@@ -5,6 +5,8 @@ import {
 import { Socket, Server } from 'socket.io';
 import { Gateway } from './gateway.interface';
 import { GatewayService } from './gateway.service';
+import { UseGuards } from '@nestjs/common';
+import { AuthGuard } from '../guards/auth.guard';
 
 @WebSocketGateway()
 export class GatewayGateway implements OnGatewayInit, OnGatewayConnection, OnGatewayDisconnect {
@@ -17,6 +19,7 @@ export class GatewayGateway implements OnGatewayInit, OnGatewayConnection, OnGat
     return { event: 'panel.gateways', data: gateways };
   }
 
+  @UseGuards(AuthGuard)
   @SubscribeMessage('panel.gateways.delete')
   async deleteForPanel(@MessageBody() body: {name: string}) {
     const deletionSuccessful = await this.gatewayService.delete(body.name);
@@ -26,15 +29,19 @@ export class GatewayGateway implements OnGatewayInit, OnGatewayConnection, OnGat
     this.server.emit('gateway.delete', body.name);
   }
 
+  @UseGuards(AuthGuard)
   @SubscribeMessage('panel.gateways.add')
   async addForPanel(@MessageBody() gateway: Gateway) {
+    delete (gateway as any).auth;
     await this.gatewayService.add(gateway);
     this.server.emit('panel.gateways', await this.gatewayService.get());
     this.server.emit('gateway.add', gateway);
   }
 
+  @UseGuards(AuthGuard)
   @SubscribeMessage('panel.gateways.update')
   async updateForPanel(@MessageBody() gateway: Gateway) {
+    delete (gateway as any).auth;
     const updateSuccessful = await this.gatewayService.update(gateway);
     if (!updateSuccessful) return;
     this.server.emit('panel.gateways', await this.gatewayService.get());

src/guards/auth.guard.spec.ts

@@ -0,0 +1,7 @@
+import { AuthGuard } from './auth.guard';
+
+describe('AuthGuard', () => {
+  it('should be defined', () => {
+    expect(new AuthGuard()).toBeDefined();
+  });
+});

src/guards/auth.guard.ts

@@ -0,0 +1,12 @@
+import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common';
+
+@Injectable()
+export class AuthGuard implements CanActivate {
+  canActivate(
+    context: ExecutionContext,
+  ): boolean {
+    const data = context.switchToWs().getData();
+    const allowed = data.auth && data.auth === process.env.AUTH_SECRET;
+    return allowed;
+  }
+}

src/page/page.gateway.ts

@@ -5,6 +5,8 @@ import {
 import { Server, Socket } from 'socket.io';
 import { Page } from './page.interface';
 import { PageService } from './page.service';
+import { UseGuards } from '@nestjs/common';
+import { AuthGuard } from '../guards/auth.guard';
 
 @WebSocketGateway()
 export class PageGateway implements OnGatewayInit, OnGatewayConnection, OnGatewayDisconnect {
@@ -17,6 +19,7 @@ export class PageGateway implements OnGatewayInit, OnGatewayConnection, OnGatewa
     return { event: 'panel.pages', data: pages };
   }
 
+  @UseGuards(AuthGuard)
   @SubscribeMessage('panel.pages.delete')
   async deleteForPanel(@MessageBody() body: { name: string }) {
     if (!body.name) return;
@@ -27,16 +30,20 @@ export class PageGateway implements OnGatewayInit, OnGatewayConnection, OnGatewa
     this.server.emit('page.delete', body.name);
   }
 
+  @UseGuards(AuthGuard)
   @SubscribeMessage('panel.pages.add')
   async addForPanel(@MessageBody() page: Page) {
+    delete (page as any).auth;
     if (!page.name) return;
     await this.pageService.add(page);
     this.server.emit('panel.pages', await this.pageService.get());
     this.server.emit('page.update', page);
   }
 
+  @UseGuards(AuthGuard)
   @SubscribeMessage('panel.pages.update')
   async updateForPanel(@MessageBody() page: Page) {
+    delete (page as any).auth;
     if (!page.name) return;
     const updateSuccessful = await this.pageService.update(page);
     if (!updateSuccessful) return;