Skip to content
/ nestjs-typeorm-auth-template Public template

nestjs template. SQL, typescript, e2e tests, auth, swagger, jwt (access-token and refresh-token)

30 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jordicher/nestjs-typeorm-auth-template

BranchesTags

Repository files navigation

Nest Logo

Description

Nest framework TypeScript starter repository.

Installation

  1. Clone the repository:

    git clone git@github.com:jordicher/nestjs-typeorm-auth-template.git

  2. Open a terminal in the repository API folder:

    cd nestjs-typeorm-auth-template

  3. Install dependencies:

    npm install

Project configuration

  1. Copy the .env.example file to .env in the same root folder:

    cp .env.example .env

  2. As it is, it should work, but you can change these parameters:

    • ACCESS_TOKEN_EXPIRATION: expiration time of the JWT access token
    • REFRESH_TOKEN_EXPIRATION: expiration time of the JWT refresh token
    • JWT_SECRET: secret key used by JWT to encode access token
    • JWT_REFRESH_SECRET: secret key used by JWT to encode refresh token
    • DATABASE_PORT: port used by the API

Database configuration

  1. In the root of the API project, edit the file .env and configure these parameters using your Postgres configuration.

    POSTGRES_NAME=template
POSTGRES_PORT=5432
POSTGRES_PASSWORD=templateUserPass
POSTGRES_USER=templateUser
POSTGRES_HOST=localhost

  2. Start the database with docker

$ npm run infra:up

Running the app

# watch mode
$ npm run start:dev

# production mode
$ npm run start:prod

Test

# e2e tests
$ npm run test:e2e

Migrations.

To create a migration and implement changes in the db.

//run old migrations, this project by default has a user migration

$ npm run migration:run

//generate a migration

$ npm run migration:generate name_new_migration

//run the migration

$ npm run migration:run

Documentation

This template uses swagger for documentation. To see swagger, if you are using port 8080 for the api, it would be for example => localhost:8080/docs

imagen

Endpoint security

This template uses jwt tokens and refresh tokens.

To make a route public for everyone you have to add the @Public decorator above the endpoint. Example, users.controller.ts / endpoint post, /users.

We can put three types of validations on the endpoints.

  • That it has a valid token, access-token.
  • That it has a valid token and is role x, example delete user can only be done by the admin role, Roles decorator.
  • That the refresh token is valid.

How refresh tokens work

The access token has to have a short lifetime, while the refresh token has to have a longer lifetime. (you can modify the duration by modifying the project variables).

When logging in, it returns the two tokens. The refresh token is encrypted in the database, and is reset every time the user logs in or out.

When an access token expires, the endpoint will return a custom error. httpStatus = 498 message = Token expired

In this case, a request must be made to auth/refresh-token that contains the refresh token in the header. This will return a valid access token.

About

nestjs template. SQL, typescript, e2e tests, auth, swagger, jwt (access-token and refresh-token)

Topics

nodejs javascript testing jwt typescript authentication swagger e2e-tests user-management jwt-token nest jwt-authentication refresh-token nestjs nestjs-swagger

Resources

Readme
Activity

Stars

30 stars

Watchers

2 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages