Contribute to help us improve!

Are there edge cases or problems that we didn't consider? Is there a technical pitfall that we should add? Did we miss a comma in a sentence?

If you have any input for us, we would love to hear from you and appreciate every contribution. Our goal is to learn from projects for projects such that nobody has to reinvent the wheel.

Let's collect our experiences together to make room to explore the novel!

To contribute click on Contribute to this page on the toolbar.

Auth JWT module

devon4node provides a way to generate a default authentication module using JWT (JSON Web Token). It uses the @nestjs/passport library describe here.

To generate the devon4node auth-jwt module you only need to execute the command: nest generate -c @devon4node/schematics auth-jwt. We generate this module inside the applications instead of distributing a npm package because this module is prone to be modified depending on the requirements. It also generate a basic user module.

In this page we will explain the default implementation provided by devon4node. For more information about authentication, JWT, passport and other you can see:

Auth JWT endpoints

In order to execute authentication operations, the auth-jwt module exposes the following endpoints:

  • POST /auth/login: receive an username and a password and return the token in the header if the combination of username and password is correct.

  • POST /auth/register: register a new user.

  • GET /auth/currentuser: return the user data if he is authenticated.

Protect endpoints with auth-jwt

In order to protect your endpoints with auth-jwt module you only need to add the AuthGuard() in the UseGuards decorator. Example:

@Get('currentuser')
@UseGuards(AuthGuard())
currentUser(@Request() req: UserRequest) {
  return req.user;
}

Now, all request to currentuser are protected by the AuthGuard.

Role based Access Control

The auth-jwt module provides also a way to control the access to some endpoints by using roles. For example, if you want to grant access to a endpoint only to admins, you only need to add the Roles decorator to those endpoints with the roles allowed. Example:

@Get('currentuser')
@UseGuards(AuthGuard())
@Roles(roles.ADMIN)
currentUser(@Request() req: UserRequest) {
  return req.user;
}