1.1.0 • Published 1 month ago

@webundsoehne/nestjs-auth0-guard v1.1.0

Weekly downloads
1
License
ISC
Repository
-
Last release
1 month ago

@webundsoehne/nestjs-auth0-guard

Version Downloads/week

Description

This is an Auth0 guard, which covers the whole integration for you.

Implementation

Module: ./module.ts

  import { Module, NestModule } from '@nestjs/common'
  import { Auth0Module } from '@webundsoehne/nestjs-auth0-guard'
  import TestController from './controller'

  @Module({
    imports: [
      Auth0Module.register({
        domain: 'customer-domain.auth0.com',
        clientId: 'auth0-client-identifier',
        clientSecret: 'auth0-client-secret',
        audience: 'https://customer-domain.com',
        namespace: 'https://customer-domain.com'
      })
    ],
    controller: [
      TestController
    ]
  })
  export class Server implements NestModule {}

Controller: ./controller.ts

  import { Controller, Get, Post, UseGuards } from '@nestjs/common'
  import { AuthGuard, Auth0TokenUser, Permissions, User } from '@webundsoehne/nestjs-auth0-guard'

  @Controller('test')
  @UseGuards(AuthGuard.withPermissions(['read:test', 'save:test', 'remove:test']))
  export class TestController {
    @Permissions('read:test')
    @Get()
    getTest () {}

    @Permissions('save:test')
    @Post()
    getTest (@User() user: Auth0TokenUser) {}
  }

Auth0Module

The Auth0Module.register(options) has to be imported once in your main NestModule. It requires the configuration for communicating with Auth0.

Options:

NameTypeRequiredDescription
domainStringtrueThe Auth0 domain of your account's tenant
clientIdStringtrueThe identifier of the Auth0 client
clientSecretStringtrueThe secret key of the used Auth0 client
audienceStringfalseThe configured audience you want to login (Fallback: http://localhost:3000)
namespaceStringfalseThe namespace of the JWT property names, which should be extracted to the user's object (Fallback: audience)

AuthGuard

If you want to enable the guard for a controller or method, you have to use the AutheGuard. You may use the jumper AuthGuard.withPermissions(permissions: string | string[]), which allows you to tell the guard which permissions are allowed without using the decorator.

Permissions

The Permissions(permissions: string | string[]) decorator restricts, the access to an method, to one of the set permission values.

User

The User(key?: string) decorator allows you to fetch user specific information out of the JWT payload.

Publishing

On each Git tag commit to this repo, the source-code will be automatically transpiled and published to NPM.

Stay in touch

nestjsauth0guard
auth0jwks-rsapassportpassport-jwtreflect-metadata
@everything-registry/sub-chunk-1009@infinitebrahmanuniverse/nolb-_webu
2.1.0-beta.14

1 month ago

2.1.0-beta.13

1 month ago

2.1.0-beta.1

12 months ago

1.1.0

1 year ago

2.1.0-beta.3

12 months ago

2.1.0-beta.2

12 months ago

2.1.0-beta.5

12 months ago

2.1.0-beta.4

12 months ago

2.1.0-beta.12

11 months ago

2.1.0-beta.7

12 months ago

2.1.0-beta.11

11 months ago

2.1.0-beta.6

12 months ago

2.1.0-beta.10

11 months ago

2.1.0-beta.9

11 months ago

2.0.1-beta.2

12 months ago

2.1.0-beta.8

12 months ago

2.0.1-beta.3

12 months ago

2.0.1-beta.1

12 months ago

2.0.1-beta.6

12 months ago

2.0.1-beta.4

12 months ago

2.0.1-beta.5

12 months ago

1.0.0

4 years ago

0.0.2

4 years ago

0.0.1

4 years ago