A lightweight, secure, and efficient user authentication system built with Nest.js. This project showcases the usage of JSON Web Tokens (JWT) for maintaining user sessions, rate limiting to prevent potential abuse, and built-in data validation for user inputs with a focus on security and simplicity.
This project was built using Node.js v20.5.1.
- User Registration and Authentication
- JWT Sessions
- Data Validation
- Rate Limiting
- Database usage with typeorm
- Environment-Specific .env Files
- Added logging support
- CSRF Protection
Research is underway to identify the best modern package for CSRF protection and how to effectively implement it.
v1.2.0 - 11.09.2023:
- Environment-Specific .env Files
- User Service Update and Increase
- Added logging support
- Rate Limiting
- Clone the repository:
git clone https://github.com/Da4ndo/NestAuthFlow- Install the dependencies:
cd NestAuthFlow
yarn install- Configure your environment variables:
Open .env and change 'YOUR_SECRET' to your own secret:
JWT_SECRET = 'YOUR_SECRET';- Start the development server:
yarn devYour server should now be running at http://localhost:4000.
Here are some example endpoints that you can try:
-
Register a new user: Send a POST request to http://localhost:4000/user/register with a JSON body containing the username and password.
-
Login: Send a POST request to http://localhost:4000/auth/login with a JSON body containing your username and password. You will receive a JWT in response.
-
Access Protected Route: Send a GET request to http://localhost:4000/administration with the JWT token you received in the Authorization header.
To test calls to my api, I personally use the Thunder Client vscode plugin.
To learn more about Nest.js, visit Nest.js documentation.
This project is licensed under the MIT License. See the LICENSE file for details.
Contributions are welcome! Please feel free to submit a Pull Request.