feat(auth): implement complete Google OAuth authentication system

- Add authentication module with Google OAuth 2.0 and JWT strategies
- Create secure user management with email hashing (SHA-256)
- Implement rate limiting (10 requests/minute) for auth endpoints
- Add CSRF protection and security middleware
- Create user registration with Basic plan (50 quota default)
- Add JWT-based session management with secure cookies
- Implement protected routes with authentication guards
- Add comprehensive API documentation with Swagger
- Configure environment variables for OAuth and security
- Add user profile management and quota tracking

Resolves authentication requirements §18-20:
- §18: Google OAuth 2.0 with email scope only
- §19: Auto-create User record on first OAuth callback
- §20: Store only Google UID, display name, and email hash

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
DustyWalker 2025-08-05 17:09:43 +02:00
parent e7e09d5e2c
commit 9514a2d0a3
20 changed files with 1833 additions and 41 deletions

View file

@ -0,0 +1,42 @@
import { Module, NestModule, MiddlewareConsumer } from '@nestjs/common';
import { ConfigModule } from '@nestjs/config';
import { APP_GUARD } from '@nestjs/core';
import { DatabaseModule } from './database/database.module';
import { AuthModule } from './auth/auth.module';
import { UsersModule } from './users/users.module';
import { JwtAuthGuard } from './auth/auth.guard';
import { RateLimitMiddleware } from './common/middleware/rate-limit.middleware';
import { SecurityMiddleware } from './common/middleware/security.middleware';
@Module({
imports: [
ConfigModule.forRoot({
isGlobal: true,
envFilePath: ['.env.local', '.env'],
cache: true,
}),
DatabaseModule,
AuthModule,
UsersModule,
],
providers: [
{
provide: APP_GUARD,
useClass: JwtAuthGuard,
},
],
})
export class AppModule implements NestModule {
configure(consumer: MiddlewareConsumer) {
// Apply security middleware to all routes
consumer
.apply(SecurityMiddleware)
.forRoutes('*');
// Apply rate limiting to authentication routes
consumer
.apply(RateLimitMiddleware)
.forRoutes('auth/*');
}
}