A template for using Auth0 with the Nest framework. To start, either fork this repository or run
$ git clone --depth 1 https://github.com/jajaperson/nestjs-auth0.gitYou'll need to populate a .env file with Auth0 configuration environemt
details. This file should never be committed for obvious reasons (hence the
reason it's .gitignore-d).
AUTH0_DOMAIN={your Auth0 domain}
AUTH0_CLIENT_ID={the Auth0 client ID for your app}
AUTH0_CLIENT_SECRET={the Auth0 client secret for your app}
AUTH0_AUDIENCE={http://localhost:3000 or your production domain accordingly}A template .env file can be found at .env.example.
You may also like to remove all the irrelevant metadata from the package.json,
suck as the repository, homepage, bugs, and description fields.
$ npm install# development
$ npm run start
# watch mode
$ npm run start:dev
# production mode
$ npm run start:prod# unit tests
$ npm run test
# e2e tests
$ npm run test:e2e
# test coverage
$ npm run test:covThis template nest app uses the jwks-rsa package
along with passport-jwt and
@nestjs/passport for authentication. All
authentication logic is in the /src/auth/ submodule.
src/auth/
├── auth.module.ts
├── interfaces
│ └── jwt-payload.interface.ts
├── jwt.strategy.spec.ts
└── jwt.strategy.ts
The JwtStrategy injectable contains all the core
functionality, where the constructor sets up core token validation using the
jwks-rsa library. All the Auth0 configuration for this
is done in the .env file using
@nestjs/config (see above). On any
request with authentication, the decoded JSON web token (which should follow
JwtPayload) is passed to the
validate, which checks the token for the required scopes.
The AuthModule itself exports both PassportModule
and the JwtStrategy injectable, and registers JwtStrategy as default.
AuthModule is imported by AppModule, and protected
routes are decorated with @UseGuards(AuthGuard()) in
AppController.
See the Nest documentation.
This project is MIT licensed.