Class: CheckAccessTokenGuard
util/CheckAccessTokenGuard.CheckAccessTokenGuard
Base class for guards for checking the presence of an access token in the request. If needed, checks for admin permissions of the user. Required scope can be configured using the requiredScope property.
The access token is expected in the "Authorization" header, prefixed with "Bearer ". Not providing a token, a token without prefix or an invalid token will result in a 401 Unauthorized response.
Once access token (and admin permission) were verified sucessfully, the logged in user is written to the request state object
Hierarchy
CheckAccessTokenGuard
Implements
CanActivate
Constructors
constructor
• new CheckAccessTokenGuard(tokenService, reflector, backendUserService, requiredScope)
Parameters
| Name | Type |
|---|---|
tokenService | TokenService |
reflector | Reflector |
backendUserService | BackendUserService |
requiredScope | TokenScope |
Defined in
gropius-login-service/backend/src/util/CheckAccessTokenGuard.ts:23
Properties
backendUserService
• Private Readonly backendUserService: BackendUserService
Defined in
gropius-login-service/backend/src/util/CheckAccessTokenGuard.ts:26
logger
• Private Readonly logger: Logger
Defined in
gropius-login-service/backend/src/util/CheckAccessTokenGuard.ts:22
reflector
• Private Readonly reflector: Reflector
Defined in
gropius-login-service/backend/src/util/CheckAccessTokenGuard.ts:25
requiredScope
• Private Readonly requiredScope: TokenScope
Defined in
gropius-login-service/backend/src/util/CheckAccessTokenGuard.ts:27
tokenService
• Private Readonly tokenService: TokenService
Defined in
gropius-login-service/backend/src/util/CheckAccessTokenGuard.ts:24
Methods
canActivate
▸ canActivate(context): Promise<boolean>
Parameters
| Name | Type |
|---|---|
context | ExecutionContext |
Returns
Promise<boolean>
Implementation of
CanActivate.canActivate
Defined in
gropius-login-service/backend/src/util/CheckAccessTokenGuard.ts:30