/tech-standard-nest-auth

nestjs的身份验证模块

Primary LanguageTypeScript

NestJS Authentication Library Proof of Concept

CI

Features

  • Automatically authentication routers generation.
  • Local user register/login (email + password).
  • Social authentication (Google, Facebook, Twitter, Github, etc.).
  • JWT authentication.

Supported routers

  • POST /login
  • POST /register
  • GET /confirm
  • POST /forgot-password
  • GET /forgot-password
  • POST /change-password
  • GET /logout
  • POST /refresh
  • GET /me
  • GET /social/sign-in/:provider
  • GET /social/sign-in/:provider/callback

Usage:

import { AuthModule } from '@tech-standard-nest-auth';

@Module({
  imports: [
    createTypeOrmMOdule([UserEntity]),
    AuthModule.register<UserEntity>({
      authKey: 'auth_key_with_32_bytes_randomly_',
      typeormUserEntity: UserEntity,
    }),
  ],
})
export class AppModule { }

Examples:

Check the examples folder.

Available options:

export interface AuthModuleOptions {
  authKey: string;                            // must be at least 32 characters
  typeormUserEntity?: EntityTarget            // from typeorm;
  imports?: NestModule[];                     // from nest
  userService?: typeof UserAuthServiceType;
  config?: AuthModuleConfig;
}

// Strategy from @types/passport
export interface AuthModuleConfig {
  disableRouter?: boolean;
  enableRefreshTokenRotation?: boolean;
  passwordHashSecret?: string;
  passportStrategies?: Strategy[];
  jwt?: JwtOptions;
  recovery?: {
    tokenExpiresIn?: number;  //seconds
    tokenSecret?: string;     // must be at least 32 characters
  };
}

// JwtModuleOptions and JwtSignOptions from @nestjs/jwt
export interface JwtOptions extends JwtModuleOptions {
  jwtFromRequest?: () => JwtFromRequestFunction;
  refresh?: JwtSignOptions;
}

Documentation:

https://github.com/sun-asterisk/tech-standard-nest-auth/wiki

Roadmap

  • Base module with local strategy.
  • Refresh token.
  • Custom hash password function.
  • Avaibility to use custom user controller.
  • Add more authentication providers (Google, Facebook, Twitter, Github, etc.)
  • Add more features (Forgot password, Reset password, etc.)
  • Session authentication.
  • Customizable routers.