"use strict"; var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; return c > 3 && r && Object.defineProperty(target, key, r), r; }; var __metadata = (this && this.__metadata) || function (k, v) { if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v); }; Object.defineProperty(exports, "__esModule", { value: true }); exports.AuthGuard = void 0; const common_1 = require("@nestjs/common"); const auth_service_1 = require("./services/auth.service"); let AuthGuard = class AuthGuard { constructor(authService) { this.authService = authService; } canActivate(context) { const request = context.switchToHttp().getRequest(); // Allow the admin UI endpoints to be accessed without authentication. // The UI is served from /admin and calls /api/admin/modules. if (request.method === 'GET' && request.url?.startsWith('/api/admin')) { return true; } const authHeader = request.headers['authorization'] || ''; const token = Array.isArray(authHeader) ? authHeader[0] : authHeader; if (!token) { throw new common_1.UnauthorizedException(); } const payload = this.authService.verify(token.replace(/^Bearer\s+/i, '')); if (!payload) { throw new common_1.UnauthorizedException(); } request.user = payload; return true; } }; exports.AuthGuard = AuthGuard; exports.AuthGuard = AuthGuard = __decorate([ (0, common_1.Injectable)(), __metadata("design:paramtypes", [auth_service_1.AuthService]) ], AuthGuard);