| import { CanActivate, ExecutionContext, Injectable, UnauthorizedException } from '@nestjs/common'; |
| import { Observable } from 'rxjs'; |
|
|
| @Injectable() |
| export class AdminAuthGuard implements CanActivate { |
| private readonly expectedToken = process.env.ADMIN_TOKEN || 'admin-token'; |
|
|
| canActivate( |
| context: ExecutionContext, |
| ): boolean | Promise<boolean> | Observable<boolean> { |
| const request = context.switchToHttp().getRequest(); |
| const headerToken = request.headers['x-admin-token'] || request.headers['authorization']; |
| const token = typeof headerToken === 'string' && headerToken.startsWith('Bearer ') |
| ? headerToken.slice(7) |
| : headerToken; |
|
|
| if (token === this.expectedToken) { |
| return true; |
| } |
|
|
| throw new UnauthorizedException('Invalid admin token'); |
| } |
| } |
|
|
