production-evyos-systems-and-services-4/ServicesApi/src/middleware/access-control.guard.ts

import {
  CanActivate,
  ExecutionContext,
  Injectable,
  ForbiddenException,
} from '@nestjs/common';
import { RedisHandlers } from '@/src/utils/auth/redis_handlers';

const getAccessTokenFromHeader = (req: Request): string => {
  console.log(req.headers);
  const token = req.headers['acs'];
  if (!token) {
    throw new ForbiddenException('Access token header is missing');
  }
  return token;
};

const getSelectTokenFromHeader = (req: Request): string => {
  const token = req.headers['slc'];
  if (!token) {
    throw new ForbiddenException('Select token header is missing');
  }
  return token;
};

@Injectable()
export class AuthControlGuard implements CanActivate {
  constructor(private cacheService: RedisHandlers) {}

  async canActivate(context: ExecutionContext): Promise<boolean> {
    const req = context.switchToHttp().getRequest();
    const accessToken = getAccessTokenFromHeader(req);
    console.log('AuthControlGuard', accessToken);
    // const hasAccess = accessObject.permissions?.some(
    //   (p: any) => p.method === method && p.url === path,
    // );

    // if (!hasAccess) {
    //   throw new ForbiddenException('Access denied to this route');
    // }

    return true;
  }
}

@Injectable()
export class EndpointControlGuard implements CanActivate {
  constructor(private cacheService: RedisHandlers) {}

  async canActivate(context: ExecutionContext): Promise<boolean> {
    const req = context.switchToHttp().getRequest();
    const selectToken = getSelectTokenFromHeader(req);
    const method = req.method;
    const path = req.route?.path;
    console.log('EndpointControlGuard', selectToken, method, path);
    // const hasAccess = accessObject.permissions?.some(
    //   (p: any) => p.method === method && p.url === path,
    // );

    // if (!hasAccess) {
    //   throw new ForbiddenException('Access denied to this route');
    // }

    return true;
  }
}