src/common/auth/auth.guard.ts

import {
  CanActivate,
  ExecutionContext,
  Injectable,
  UnauthorizedException,
} from '@nestjs/common';
import { ConfigService } from '@nestjs/config';
import { Request } from 'express';
import { UsersService } from '../../users/users.service';

@Injectable()
export class AuthGuard implements CanActivate {
  constructor(
    private configService: ConfigService,
    private usersService: UsersService,
  ) {}

  async canActivate(context: ExecutionContext): Promise<boolean> {
    const request = context.switchToHttp().getRequest<Request>();

    // 检查是否启用 Basic Auth
    const enableBasicAuth =
      this.configService.get<string>('ENABLE_BASIC_AUTH') === 'true';

    if (!enableBasicAuth) {
      // 如果未启用 Basic Auth，允许所有访问
      return true;
    }

    // 解析 Authorization header
    const authHeader = request.headers['authorization'] as string;

    if (!authHeader || !authHeader.startsWith('Basic ')) {
      throw new UnauthorizedException('Missing or invalid Authorization header');
    }

    // 解码 Basic Auth
    const base64Credentials = authHeader.split(' ')[1];
    const credentials = Buffer.from(base64Credentials, 'base64').toString(
      'utf-8',
    );
    const [username, password] = credentials.split(':');

    if (!username || !password) {
      throw new UnauthorizedException('Invalid credentials format');
    }

    // 验证用户
    const user = await this.usersService.validateUser(username, password);

    if (!user) {
      throw new UnauthorizedException('Invalid username or password');
    }

    // 将用户信息附加到请求对象
    (request as any).user = user;

    return true;
  }
}
-												feat(auth): implement API key authentication and enhance request handling

- Add AuthGuard to validate API key for public access.
- Create AuthModule to provide the AuthGuard globally.
- Update API request interceptor to automatically include API key for non-localhost requests.
- Modify .env and .env.example to include API_KEY configuration.
- Enhance API request handling with improved error logging and client IP detection.

											
										
										
											2026-01-16 11:26:02 +08:00
+								import {
 								  CanActivate,
 								  ExecutionContext,
 								  Injectable,
 								  UnauthorizedException,
 								} from '@nestjs/common';
 								import { ConfigService } from '@nestjs/config';
 								import { Request } from 'express';
-												feat: 添加用户认证系统

引入基于 Basic Auth 的用户认证系统，包括用户管理、登录界面和 API 鉴权
- 新增用户实体和管理功能
- 实现前端登录界面和凭证管理
- 重构 API 鉴权为 Basic Auth 模式
- 添加用户管理脚本工具

											
										
										
											2026-01-18 12:47:16 +08:00
+								import { UsersService } from '../../users/users.service';
-												feat(auth): implement API key authentication and enhance request handling

- Add AuthGuard to validate API key for public access.
- Create AuthModule to provide the AuthGuard globally.
- Update API request interceptor to automatically include API key for non-localhost requests.
- Modify .env and .env.example to include API_KEY configuration.
- Enhance API request handling with improved error logging and client IP detection.

											
										
										
											2026-01-16 11:26:02 +08:00
 								@Injectable()
 								export class AuthGuard implements CanActivate {
-												feat: 添加用户认证系统

引入基于 Basic Auth 的用户认证系统，包括用户管理、登录界面和 API 鉴权
- 新增用户实体和管理功能
- 实现前端登录界面和凭证管理
- 重构 API 鉴权为 Basic Auth 模式
- 添加用户管理脚本工具

											
										
										
											2026-01-18 12:47:16 +08:00
+								  constructor(
 								    private configService: ConfigService,
 								    private usersService: UsersService,
 								  ) {}
-												feat(auth): implement API key authentication and enhance request handling

- Add AuthGuard to validate API key for public access.
- Create AuthModule to provide the AuthGuard globally.
- Update API request interceptor to automatically include API key for non-localhost requests.
- Modify .env and .env.example to include API_KEY configuration.
- Enhance API request handling with improved error logging and client IP detection.

											
										
										
											2026-01-16 11:26:02 +08:00
-												feat: 添加用户认证系统

引入基于 Basic Auth 的用户认证系统，包括用户管理、登录界面和 API 鉴权
- 新增用户实体和管理功能
- 实现前端登录界面和凭证管理
- 重构 API 鉴权为 Basic Auth 模式
- 添加用户管理脚本工具

											
										
										
											2026-01-18 12:47:16 +08:00
+								  async canActivate(context: ExecutionContext): Promise<boolean> {
-												feat(auth): implement API key authentication and enhance request handling

- Add AuthGuard to validate API key for public access.
- Create AuthModule to provide the AuthGuard globally.
- Update API request interceptor to automatically include API key for non-localhost requests.
- Modify .env and .env.example to include API_KEY configuration.
- Enhance API request handling with improved error logging and client IP detection.

											
										
										
											2026-01-16 11:26:02 +08:00
+								    const request = context.switchToHttp().getRequest<Request>();
-												feat: 添加用户认证系统

引入基于 Basic Auth 的用户认证系统，包括用户管理、登录界面和 API 鉴权
- 新增用户实体和管理功能
- 实现前端登录界面和凭证管理
- 重构 API 鉴权为 Basic Auth 模式
- 添加用户管理脚本工具

											
										
										
											2026-01-18 12:47:16 +08:00
+								    // 检查是否启用 Basic Auth
 								    const enableBasicAuth =
 								      this.configService.get<string>('ENABLE_BASIC_AUTH') === 'true';
-												feat(auth): implement API key authentication and enhance request handling

- Add AuthGuard to validate API key for public access.
- Create AuthModule to provide the AuthGuard globally.
- Update API request interceptor to automatically include API key for non-localhost requests.
- Modify .env and .env.example to include API_KEY configuration.
- Enhance API request handling with improved error logging and client IP detection.

											
										
										
											2026-01-16 11:26:02 +08:00
-												feat: 添加用户认证系统

引入基于 Basic Auth 的用户认证系统，包括用户管理、登录界面和 API 鉴权
- 新增用户实体和管理功能
- 实现前端登录界面和凭证管理
- 重构 API 鉴权为 Basic Auth 模式
- 添加用户管理脚本工具

											
										
										
											2026-01-18 12:47:16 +08:00
+								    if (!enableBasicAuth) {
 								      // 如果未启用 Basic Auth，允许所有访问
-												feat(auth): implement API key authentication and enhance request handling

- Add AuthGuard to validate API key for public access.
- Create AuthModule to provide the AuthGuard globally.
- Update API request interceptor to automatically include API key for non-localhost requests.
- Modify .env and .env.example to include API_KEY configuration.
- Enhance API request handling with improved error logging and client IP detection.

											
										
										
											2026-01-16 11:26:02 +08:00
+								      return true;
 								    }
-												feat: 添加用户认证系统

引入基于 Basic Auth 的用户认证系统，包括用户管理、登录界面和 API 鉴权
- 新增用户实体和管理功能
- 实现前端登录界面和凭证管理
- 重构 API 鉴权为 Basic Auth 模式
- 添加用户管理脚本工具

											
										
										
											2026-01-18 12:47:16 +08:00
+								    // 解析 Authorization header
 								    const authHeader = request.headers['authorization'] as string;
 								    if (!authHeader || !authHeader.startsWith('Basic ')) {
 								      throw new UnauthorizedException('Missing or invalid Authorization header');
-												feat(auth): implement API key authentication and enhance request handling

- Add AuthGuard to validate API key for public access.
- Create AuthModule to provide the AuthGuard globally.
- Update API request interceptor to automatically include API key for non-localhost requests.
- Modify .env and .env.example to include API_KEY configuration.
- Enhance API request handling with improved error logging and client IP detection.

											
										
										
											2026-01-16 11:26:02 +08:00
+								    }
-												feat: 添加用户认证系统

引入基于 Basic Auth 的用户认证系统，包括用户管理、登录界面和 API 鉴权
- 新增用户实体和管理功能
- 实现前端登录界面和凭证管理
- 重构 API 鉴权为 Basic Auth 模式
- 添加用户管理脚本工具

											
										
										
											2026-01-18 12:47:16 +08:00
+								    // 解码 Basic Auth
 								    const base64Credentials = authHeader.split(' ')[1];
 								    const credentials = Buffer.from(base64Credentials, 'base64').toString(
 								      'utf-8',
 								    );
 								    const [username, password] = credentials.split(':');
 								    if (!username || !password) {
 								      throw new UnauthorizedException('Invalid credentials format');
 								    }
 								    // 验证用户
 								    const user = await this.usersService.validateUser(username, password);
 								    if (!user) {
 								      throw new UnauthorizedException('Invalid username or password');
 								    }
 								    // 将用户信息附加到请求对象
 								    (request as any).user = user;
-												feat(auth): implement API key authentication and enhance request handling

- Add AuthGuard to validate API key for public access.
- Create AuthModule to provide the AuthGuard globally.
- Update API request interceptor to automatically include API key for non-localhost requests.
- Modify .env and .env.example to include API_KEY configuration.
- Enhance API request handling with improved error logging and client IP detection.

											
										
										
											2026-01-16 11:26:02 +08:00
+								    return true;
 								  }
 								}