Skip to content

Latest commit

 

History

History
138 lines (107 loc) · 2.75 KB

README.md

File metadata and controls

138 lines (107 loc) · 2.75 KB
Raw

NestJS Land: Auth

Authentication module for NestJS applications.

Features

  • Use custom user entity classes
  • JWT access and refresh tokens
  • AuthGuard to authenticate requests
  • AuthUser param decorator to access the session user
  • Generate recovery passwords
  • Send recovery password to users via callback function

Installation

$ npm install @nestjs-land/auth

Setup

Import the AuthModule into your application your module:

...
import { AuthModule } from '@nestjs-land/auth';
import { User } from './users/entities/user.entity';

@Module({
  imports: [
    AuthModule.forRoot({
      userEntity: User,                 // Use your own User entity class
      userIdentifierProperty: 'email',  // Specify the property in User for identity. Eg: 'username', 'email'
      userPasswordProperty: 'password', // Specify the property in User for password.
      jwtSecret: 'secret',
      accessTokenExpirationTime: '1d',
      refreshTokenExpirationTime: '1m',
    })
  ]
})
export class AppModule {}

Usage

Get access token

Request:

  • GET /auth/login

Body:

{
  "identity": "user@email.com",
  "password": "12345678"
}

Response:

{
  "accessToken": "eyJhbGciOiJ...",
  "refreshToken": "5cCI6IkpXVCJ9...",
  "identifier": "user@email.com",
  "expiresIn": 86400000,
  "expiresAt": "2021-01-03T20:02:46.401Z",
  "id": "8eee5644-c2bc-4053-a56b-14d3327eca94",
  "refreshTokenUsed": false,
  "createdAt": "2021-01-02T20:02:46.000Z"
}

Refresh access token

Request:

  • GET /auth/refresh_token

Body:

{
  "refreshToken": "5cCI6IkpXVCJ9..."
}

Response:

{
  "accessToken": "eyJhbGciOiJ...",
  "refreshToken": "5cCI6IkpXVCJ9...",
  "identifier": "user@email.com",
  "expiresIn": 86400000,
  "expiresAt": "2021-01-03T20:02:46.401Z",
  "id": "8eee5644-c2bc-4053-a56b-14d3327eca94",
  "refreshTokenUsed": false,
  "createdAt": "2021-01-02T20:02:46.000Z"
}

Protect HTTP requests with AuthGuard

@Controller('users')
export class UsersController {
  constructor(private readonly usersService: UsersService) {}

  // Use the AuthGuard on any controller method or in the controller class.
  @UseGuards(AuthGuard)
  @Get()
  findAll() {
    return this.usersService.findAll();
  }
}

Get the authenticated user with AuthUser

@Controller('users')
export class UsersController {
  constructor(private readonly usersService: UsersService) {}

  @UseGuards(AuthGuard)
  @Get('/me')
  findMe(
    // Use the AuthUser decorator to access the authenticated user.
    @AuthUser() user: User,
  ) {
    return user;
  }
}