In this video we’ll discuss the fundamentals of adding authentication to your NestJS API. We’ll talk about utilizing passport to use different types of authentication strategies. Specifically we will try the passport-local strategy as a basic login with username and password example. Next, we’ll take a look at potentially using sessions to store user information and persist their login state. Finally we will also take a look at a state-less approach with JSON Web Tokens (JWTs). We’ll create our own JWTs and I’ll show you how you can use that to protect your API routes!

  • 00:00 - Intro
  • 03:35 - Initial routes
  • 04:41 - UsersService
  • 07:50 - AuthService
  • 10:40 - Implementing passport-local strategy (username/password login)
  • 18:08 - AuthGuards
  • 23:25 - Summary of local login flow
  • 29:02 - Guard to check if user is authenticated
  • 31:41 - Setting up sessions
  • 40:37 - Summary of login with sessions flow
  • 44:25 - Setting up JWT strategy, signing and validating
  • 1:00:25 - Summary of JWT strategy flow
  • 1:04:22 - Conclusion
  • 1:05:20 - Outro

#nestjs #nest #node #nodejs #security

NestJS Authentication: JWTs, Sessions, Logins, and More! | NestJS PassportJS Tutorial
7.40 GEEK