auth

apps/api/src/domain/auth/ProductionGuard.ts

@@ -0,0 +1,18 @@
+import { CanActivate, ExecutionContext, Injectable, ForbiddenException } from '@nestjs/common';
+
+@Injectable()
+export class ProductionGuard implements CanActivate {
+  async canActivate(context: ExecutionContext): Promise<boolean> {
+    const request = context.switchToHttp().getRequest();
+    const path = request.path;
+    
+    // Block demo login in production
+    if (path === '/auth/demo-login' || path === '/api/auth/demo-login') {
+      if (process.env.NODE_ENV === 'production') {
+        throw new ForbiddenException('Demo login is not available in production');
+      }
+    }
+    
+    return true;
+  }
+}