feat(auth): implement complete Google OAuth authentication system
- Add authentication module with Google OAuth 2.0 and JWT strategies - Create secure user management with email hashing (SHA-256) - Implement rate limiting (10 requests/minute) for auth endpoints - Add CSRF protection and security middleware - Create user registration with Basic plan (50 quota default) - Add JWT-based session management with secure cookies - Implement protected routes with authentication guards - Add comprehensive API documentation with Swagger - Configure environment variables for OAuth and security - Add user profile management and quota tracking Resolves authentication requirements §18-20: - §18: Google OAuth 2.0 with email scope only - §19: Auto-create User record on first OAuth callback - §20: Store only Google UID, display name, and email hash 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
parent
e7e09d5e2c
commit
9514a2d0a3
20 changed files with 1833 additions and 41 deletions
42
packages/api/src/app.module.ts
Normal file
42
packages/api/src/app.module.ts
Normal file
|
@ -0,0 +1,42 @@
|
|||
import { Module, NestModule, MiddlewareConsumer } from '@nestjs/common';
|
||||
import { ConfigModule } from '@nestjs/config';
|
||||
import { APP_GUARD } from '@nestjs/core';
|
||||
|
||||
import { DatabaseModule } from './database/database.module';
|
||||
import { AuthModule } from './auth/auth.module';
|
||||
import { UsersModule } from './users/users.module';
|
||||
import { JwtAuthGuard } from './auth/auth.guard';
|
||||
import { RateLimitMiddleware } from './common/middleware/rate-limit.middleware';
|
||||
import { SecurityMiddleware } from './common/middleware/security.middleware';
|
||||
|
||||
@Module({
|
||||
imports: [
|
||||
ConfigModule.forRoot({
|
||||
isGlobal: true,
|
||||
envFilePath: ['.env.local', '.env'],
|
||||
cache: true,
|
||||
}),
|
||||
DatabaseModule,
|
||||
AuthModule,
|
||||
UsersModule,
|
||||
],
|
||||
providers: [
|
||||
{
|
||||
provide: APP_GUARD,
|
||||
useClass: JwtAuthGuard,
|
||||
},
|
||||
],
|
||||
})
|
||||
export class AppModule implements NestModule {
|
||||
configure(consumer: MiddlewareConsumer) {
|
||||
// Apply security middleware to all routes
|
||||
consumer
|
||||
.apply(SecurityMiddleware)
|
||||
.forRoutes('*');
|
||||
|
||||
// Apply rate limiting to authentication routes
|
||||
consumer
|
||||
.apply(RateLimitMiddleware)
|
||||
.forRoutes('auth/*');
|
||||
}
|
||||
}
|
Loading…
Add table
Add a link
Reference in a new issue