penisularhr / src / shared / services / validator.service.ts
validator.service.ts
Raw 
import { createHmac } from 'node:crypto';

import { Injectable } from '@nestjs/common';

import { ApiConfigService } from './api-config.service';

@Injectable()
export class ValidatorService {
  constructor(private configService: ApiConfigService) {}

  public isImage(mimeType: string): boolean {
    const imageMimeTypes = ['image/jpeg', 'image/png'];

    return imageMimeTypes.includes(mimeType);
  }

  public validateSignature(data: {
    protocol: string;
    hostname: string;
    url: string;
    timestamp: number;
    signature: string;
  }) {
    const { hostname, url, signature, timestamp } = data;

    const hmac = createHmac(
      'sha256',
      // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
      this.configService.authConfig.reportSecret,
    );

    hmac.update(`https://${hostname}${url.replaceAll('%20', ' ')}${timestamp}`); // Assume all are https validated
    const generatedSignature = hmac.digest('base64');

    //If req takes 3 second to reach backend
    if (Date.now() - timestamp >= 3 * 1000) {
      return false;
    }

    return generatedSignature === signature;
  }
}
Powered by GitFront