Zerone

Authentication

Authentication is an essential part of most applications. There are many different approaches and strategies to handle authentication. The approach taken for any project depends on its particular application requirements. This chapter presents several approaches to authentication that can be adapted to a variety of different requirements.

JWT introductionopen in new window

Installation

Install an Auth authentication package provided by Zerone, including JWT Strategy and Local Strategy.

yarn add @zeronejs/auth
1

Start using

Import the AuthModule into the root module.

TIP

We configure the AuthModule using forRoot(), passing in a configuration object. hereopen in new window for more details on the available configuration options.

import { AuthModule } from '@zeronejs/auth';
@Module({
    imports: [
        AuthModule.forRoot({
            secret: 'secretKey',
            signOptions: { expiresIn: '6h' },
        }),
        // ... Other modules
    ]
})
export class AppModule {}
1
2
3
4
5
6
7
8
9
10
11

DANGER

Do not expose this key publicly. We have done so here to make it clear what the code is doing, but in a production system you must protect this key using appropriate measures such as a secrets vault, environment variable, or configuration service.

The JWT Strategy is enabled globally by default. If the interface needs to skip JWT validation, use the decorator @SkipJwtAuth

    @SkipJwtAuth()
    @Post('auth/register')
    async register(@Body() createUserDto: UserCreateDto)
1
2
3

The sample

Typically, you can use this module to implement login registration

import { UseGuards } from '@nestjs/common';
import { SkipJwtAuth, AuthService, LocalAuthGuard, Request, encryptedUserPassword } from '@zeronejs/auth';

class AppController {
    constructor(
        private readonly userService: UserService,
        private readonly authService: AuthService
    ) {}
    
    @SkipJwtAuth()
    @Post('auth/register')
    async register(@Body() createUserDto: UserCreateDto) {
        const user = await this.userService.create({
            ...createUserDto,
            password: await encryptedUserPassword(createUserDto.password),
        });
        return this.authService.login(user);
    }

    @SkipJwtAuth()
    @UseGuards(LocalAuthGuard)
    @Post('auth/login')
    async login(@Req() req: Request) {
        return this.authService.login(req.user);
    }
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

TIP

To invoke the login interface(Or when you use LocalAuthGuard), you need to provide the username and passwrod fields.