till/managarten
1
0
Fork 0
mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-14 20:41:09 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

debug(auth): add detailed logging to JwtAuthGuard

Browse source 
Add console.log statements to JwtAuthGuard to diagnose
401 errors on /api/v1/settings endpoint.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Wuesteon 2025-12-08 22:52:59 +01:00
parent 66bc3e9586
commit 6db875355c
1 changed files with 10 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

12
services/mana-core-auth/src/common/guards/jwt-auth.guard.ts
View file

@ -5,7 +5,7 @@ import {
UnauthorizedException,
} from '@nestjs/common';
import { ConfigService } from '@nestjs/config';
import { jwtVerify, createRemoteJWKSet, type JWTPayload } from 'jose';
import { jwtVerify, createRemoteJWKSet } from 'jose';
/**
* JWT Auth Guard using JWKS (Better Auth compatible)
@ -23,7 +23,10 @@ export class JwtAuthGuard implements CanActivate {
const request = context.switchToHttp().getRequest();
const token = this.extractTokenFromHeader(request);
console.log('[JwtAuthGuard] Token (first 50 chars):', token?.substring(0, 50));
if (!token) {
console.log('[JwtAuthGuard] No token provided');
throw new UnauthorizedException('No token provided');
}
@ -32,17 +35,22 @@ export class JwtAuthGuard implements CanActivate {
if (!this.jwks) {
const baseUrl = this.configService.get<string>('BASE_URL') || 'http://localhost:3001';
const jwksUrl = new URL('/api/v1/auth/jwks', baseUrl);
console.log('[JwtAuthGuard] Initializing JWKS from:', jwksUrl.toString());
this.jwks = createRemoteJWKSet(jwksUrl);
}
const issuer = this.configService.get<string>('jwt.issuer') || 'manacore';
const audience = this.configService.get<string>('jwt.audience') || 'manacore';
console.log('[JwtAuthGuard] Verifying with issuer:', issuer, 'audience:', audience);
const { payload } = await jwtVerify(token, this.jwks, {
issuer,
audience,
});
console.log('[JwtAuthGuard] Verification SUCCESS, user:', payload.sub);
// Attach user to request
request.user = {
userId: payload.sub,
@ -52,7 +60,7 @@ export class JwtAuthGuard implements CanActivate {
return true;
} catch (error) {
console.debug('[JwtAuthGuard] Token verification failed:', error);
console.error('[JwtAuthGuard] Token verification FAILED:', error);
throw new UnauthorizedException('Invalid token');
}
}