feat(auth): implement complete Google OAuth authentication system

- Add authentication module with Google OAuth 2.0 and JWT strategies
- Create secure user management with email hashing (SHA-256)
- Implement rate limiting (10 requests/minute) for auth endpoints
- Add CSRF protection and security middleware
- Create user registration with Basic plan (50 quota default)
- Add JWT-based session management with secure cookies
- Implement protected routes with authentication guards
- Add comprehensive API documentation with Swagger
- Configure environment variables for OAuth and security
- Add user profile management and quota tracking

Resolves authentication requirements §18-20:
- §18: Google OAuth 2.0 with email scope only
- §19: Auto-create User record on first OAuth callback
- §20: Store only Google UID, display name, and email hash

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
DustyWalker 2025-08-05 17:09:43 +02:00
parent e7e09d5e2c
commit 9514a2d0a3
20 changed files with 1833 additions and 41 deletions

View file

@ -0,0 +1,33 @@
import { Module } from '@nestjs/common';
import { JwtModule } from '@nestjs/jwt';
import { PassportModule } from '@nestjs/passport';
import { ConfigModule, ConfigService } from '@nestjs/config';
import { AuthController } from './auth.controller';
import { AuthService } from './auth.service';
import { GoogleStrategy } from './google.strategy';
import { JwtStrategy } from './jwt.strategy';
import { DatabaseModule } from '../database/database.module';
@Module({
imports: [
DatabaseModule,
PassportModule.register({ defaultStrategy: 'jwt' }),
JwtModule.registerAsync({
imports: [ConfigModule],
useFactory: async (configService: ConfigService) => ({
secret: configService.get<string>('JWT_SECRET'),
signOptions: {
expiresIn: configService.get<string>('JWT_EXPIRES_IN', '7d'),
issuer: 'seo-image-renamer',
audience: 'seo-image-renamer-users',
},
}),
inject: [ConfigService],
}),
],
controllers: [AuthController],
providers: [AuthService, GoogleStrategy, JwtStrategy],
exports: [AuthService, JwtModule],
})
export class AuthModule {}