I would like to provide an example implementation for Nest.js - Auth0 integration with a detailed guide for setting the system up.
- Nest.js application (link).
- Auth0 subscription (link).
- Regular Web Application is set up in Auth0.
npm i nestjs-auth0 @nestjs/passport rxjs
The project has additional peer dependencies that are assumed to be covered by the host Nest.js application.
Environment variable | Description |
---|---|
AUTH0_CLIENT_ID | |
AUTH0_ISSUER | <YOUR_DOMAIN>.auth0.com |
@Module({
imports: [Auth0Module, PassportModule.register({ defaultStrategy: "bearer" })],
providers: [Auth0PermissionsGuard],
exports: [Auth0Module, PassportModule],
})
export class AppModule {}
Annotate endpont with @UseGuards
to request authentication (see at Nest.js documentation for authentication).
@UseGuards(AuthGuard())
@Get("items")
getItems(): any[] {
// Some code
}
Generate a permission decorator.
nest generate decorator permissions
Add Auth0PermissionsGuard
as parameter to @UseGuards
in order to evaluate user permissions provided by Auth0.
Add the @Permission
decorator to declare expected route permissions.
@UseGuards(AuthGuard(), Auth0PermissionsGuard)
@Post("items")
@Permissions("write:items")
add(): void {
// Some code
}
Create a decorator with the following content:
export const User = createParamDecorator(
(_data: unknown, ctx: ExecutionContext) => {
const request = ctx.switchToHttp().getRequest();
return request.user;
},
);
The decorator passes the user object to the annotated method.
@Get("/user")
@UseGuards(AuthGuard())
getUser(@User() user: any): any {
// Some code
}
The use object is fetched from Auth0's Authentication API by the provided HttpStrategy.
const profile = await this.authenticationClient.getProfile(token);
TBD