{"id":34571438,"url":"https://github.com/devdogukan/nestjs-auth-app","last_synced_at":"2026-05-30T05:31:26.404Z","repository":{"id":321208873,"uuid":"1084187900","full_name":"devdogukan/nestjs-auth-app","owner":"devdogukan","description":null,"archived":false,"fork":false,"pushed_at":"2025-10-28T11:19:05.000Z","size":128,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-10-28T13:17:06.648Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/devdogukan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-10-27T10:47:31.000Z","updated_at":"2025-10-28T11:19:09.000Z","dependencies_parsed_at":"2025-10-28T13:18:33.476Z","dependency_job_id":"fc59cde6-2ced-4bdd-98cb-c13f28fe1251","html_url":"https://github.com/devdogukan/nestjs-auth-app","commit_stats":null,"previous_names":["devdogukan/nestjs-auth-app"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/devdogukan/nestjs-auth-app","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devdogukan%2Fnestjs-auth-app","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devdogukan%2Fnestjs-auth-app/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devdogukan%2Fnestjs-auth-app/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devdogukan%2Fnestjs-auth-app/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/devdogukan","download_url":"https://codeload.github.com/devdogukan/nestjs-auth-app/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devdogukan%2Fnestjs-auth-app/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33681809,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-05-30T02:00:06.278Z","response_time":92,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-12-24T09:36:58.632Z","updated_at":"2026-05-30T05:31:26.398Z","avatar_url":"https://github.com/devdogukan.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# 🚀 NestJS Authentication System - Complete Feature List\n\n## ✨ Completed Features\n\n### 🔐 Authentication\n- ✅ **JWT Access Token** (15 minutes lifetime)\n- ✅ **JWT Refresh Token** (7 days lifetime)\n- ✅ **Register** - New user registration\n- ✅ **Login** - User login\n- ✅ **Logout** - Secure logout (refresh token cleanup)\n- ✅ **Token Refresh** - Automatic token renewal\n- ✅ **Bcrypt** password hashing\n\n### 📧 Email Verification\n- ✅ **Email Verification** - Post-registration email verification\n- ✅ **Resend Verification** - Resend verification email\n- ✅ **Welcome Email** - Welcome email after successful verification\n- ✅ **Email Templates** - HTML email templates\n- ✅ **Nodemailer** integration\n\n### 🔑 Password Reset\n- ✅ **Forgot Password** - Password recovery\n- ✅ **Reset Password** - Token-based password reset\n- ✅ **Token Expiration** - 1-hour token lifetime\n- ✅ **One-time Token** - Single-use tokens\n\n### 🗄️ Database Integration (PostgreSQL)\n- ✅ **TypeORM** integration\n- ✅ **PostgreSQL** database\n- ✅ **Docker Compose** setup\n- ✅ **Auto-sync** (for development)\n- ✅ **UUID** primary keys\n- ✅ **Timestamps** (createdAt, updatedAt)\n\n### 👥 Role-Based Access Control (RBAC)\n- ✅ **4 Different Roles:**\n  - `USER` - Regular user\n  - `MODERATOR` - Moderator\n  - `ADMIN` - Administrator\n  - `SUPER_ADMIN` - Super Administrator\n- ✅ **@Roles() Decorator** - Endpoint-based authorization\n- ✅ **RolesGuard** - Automatic role checking\n- ✅ **Multiple role support** - A user can have multiple roles\n\n### ⚡ Rate Limiting\n- ✅ **Global Rate Limiting** - For all endpoints (via ThrottlerModule)\n- ✅ **Configurable Limits** - TTL and limit settings via .env\n- ✅ **ThrottlerGuard** - Global rate limiting protection\n- ✅ **Custom Decorators:**\n  - `@SkipThrottle()` - Skip rate limiting (from @nestjs/throttler)\n  - `@Throttle()` - Custom rate limits per endpoint\n\n### 🛡️ Security Features\n- ✅ **Password Hashing** - Bcrypt (10 rounds)\n- ✅ **JWT Signed Tokens** - Secret key signing\n- ✅ **Refresh Token Rotation** - New token on each refresh\n- ✅ **Email Case Insensitive** - Lowercase emails\n- ✅ **User Deactivation** - Users can be deactivated\n- ✅ **Token Invalidation** - Token invalidation on logout\n\n### 📝 Validation \u0026 Error Handling\n- ✅ **Class Validator** - DTO validation\n- ✅ **Class Transformer** - Automatic transformation\n- ✅ **Custom Error Messages** - Descriptive error messages\n- ✅ **HTTP Status Codes** - Proper status codes\n- ✅ **Global Validation Pipe** - For all endpoints\n\n### 🎨 Custom Decorators\n- ✅ `@CurrentUser()` - Active user information\n- ✅ `@Roles(Role.ADMIN)` - Role checking\n- ✅ `@Public()` - Public endpoint\n- ✅ `@SkipThrottle()` - Skip rate limit (from @nestjs/throttler)\n\n### 👤 User Management\n- ✅ **Get All Users** - List all users (ADMIN)\n- ✅ **Get User by ID** - User details (ADMIN)\n- ✅ **Get My Profile** - My profile (USER)\n- ✅ **Update Roles** - Role update (SUPER_ADMIN)\n- ✅ **Activate/Deactivate** - User activation/deactivation (ADMIN)\n- ✅ **Delete User** - Delete user (SUPER_ADMIN)\n\n---\n\n## 📁 Project Structure\n\n```\nsrc/\n├── auth/\n│   ├── decorators/\n│   │   ├── current-user.decorator.ts    # @CurrentUser() decorator\n│   │   ├── public.decorator.ts          # @Public() decorator\n│   │   └── roles.decorator.ts           # @Roles() decorator\n│   ├── dto/\n│   │   ├── forgot-password.dto.ts       # Forgot password DTO\n│   │   ├── login.dto.ts                 # Login DTO\n│   │   ├── refresh-token.dto.ts         # Refresh token DTO\n│   │   ├── register.dto.ts              # Register DTO\n│   │   ├── resend-vertification.dto.ts  # Resend verification DTO\n│   │   ├── reset-password.dto.ts        # Reset password DTO\n│   │   ├── update-roles.dto.ts          # Update roles DTO\n│   │   └── verify-email.dto.ts          # Verify email DTO\n│   ├── enums/\n│   │   └── role.enum.ts                 # Role definitions\n│   ├── guards/\n│   │   ├── jwt-auth.guard.ts            # JWT authentication guard\n│   │   ├── jwt-refresh.guard.ts         # JWT refresh token guard\n│   │   └── roles.guard.ts               # Role-based authorization guard\n│   ├── strategies/\n│   │   ├── jwt.strategy.ts              # JWT authentication strategy\n│   │   └── jwt-refresh.strategy.ts      # JWT refresh strategy\n│   ├── auth.controller.spec.ts          # Auth controller tests\n│   ├── auth.controller.ts               # Auth endpoints\n│   ├── auth.service.spec.ts             # Auth service tests\n│   ├── auth.service.ts                  # Auth business logic\n│   └── auth.module.ts                   # Auth module\n│\n├── users/\n│   ├── entities/\n│   │   └── user.entity.ts               # User database entity\n│   ├── users.controller.spec.ts         # Users controller tests\n│   ├── users.controller.ts              # User management endpoints\n│   ├── users.service.spec.ts            # Users service tests\n│   ├── users.service.ts                 # User CRUD operations\n│   └── users.module.ts                  # Users module\n│\n├── email/\n│   ├── email.service.spec.ts            # Email service tests\n│   ├── email.service.ts                 # Email sending service\n│   └── email.module.ts                  # Email module\n│\n├── app.module.ts                         # Main application module\n└── main.ts                               # Application bootstrap\n\ntest/\n├── app.e2e-spec.ts                       # E2E tests\n└── jest-e2e.json                         # Jest E2E configuration\n```\n\n---\n\n## 🔧 Environment Variables\n\n```env\n# JWT Configuration\nJWT_SECRET=your-super-secret-jwt-key\nJWT_EXPIRES_IN=15m\nJWT_REFRESH_SECRET=your-super-secret-refresh-key\nJWT_REFRESH_EXPIRES_IN=7d\n\n# Database Configuration\nDATABASE_HOST=localhost\nDATABASE_PORT=5432\nDATABASE_USER=postgres\nDATABASE_PASSWORD=postgres\nDATABASE_NAME=nestjs_auth\nDATABASE_SYNC=true\n\n# Email Configuration\nEMAIL_HOST=smtp.gmail.com\nEMAIL_PORT=587\nEMAIL_USER=your-email@gmail.com\nEMAIL_PASSWORD=your-app-password\nEMAIL_FROM=noreply@yourapp.com\n\n# Application Configuration\nAPP_NAME=NestJS Auth App\nFRONTEND_URL=http://localhost:3001\nPORT=3000\n\n# Rate Limiting (Global - applies to all endpoints)\nTHROTTLER_TTL=60        # Time window in seconds\nTHROTTLER_LIMIT=10      # Maximum requests per time window\n```\n\n---\n\n## 🎯 API Endpoints\n\n### Authentication\n| Method | Endpoint | Auth | Description |\n|--------|----------|------|-------------|\n| POST | `/auth/register` | ❌ | User registration |\n| POST | `/auth/verify-email` | ❌ | Email verification |\n| POST | `/auth/resend-verification` | ❌ | Resend verification email |\n| POST | `/auth/login` | ❌ | Login |\n| POST | `/auth/forgot-password` | ❌ | Forgot password |\n| POST | `/auth/reset-password` | ❌ | Reset password |\n| POST | `/auth/refresh` | 🔄 Refresh | Refresh token |\n| POST | `/auth/logout` | ✅ JWT | Logout |\n| GET | `/auth/profile` | ✅ JWT | My profile |\n\n### User Management\n| Method | Endpoint | Auth | Role | Description |\n|--------|----------|------|------|-------------|\n| GET | `/users` | ✅ JWT | ADMIN+ | Get all users |\n| GET | `/users/me` | ✅ JWT | USER | Get my profile |\n| GET | `/users/:id` | ✅ JWT | ADMIN+ | Get user details |\n| PATCH | `/users/:id/roles` | ✅ JWT | SUPER_ADMIN | Update roles |\n| PATCH | `/users/:id/activate` | ✅ JWT | ADMIN+ | Activate user |\n| PATCH | `/users/:id/deactivate` | ✅ JWT | ADMIN+ | Deactivate user |\n| DELETE | `/users/:id` | ✅ JWT | SUPER_ADMIN | Delete user |\n\n---\n\n## 📊 Rate Limit Configuration\n\nRate limiting is configured globally in `app.module.ts` using `@nestjs/throttler`:\n\n```typescript\n// app.module.ts - ThrottlerModule Configuration\nThrottlerModule.forRootAsync({\n  imports: [ConfigModule],\n  inject: [ConfigService],\n  useFactory: (configService: ConfigService) =\u003e [\n    {\n      name: \"default\",\n      ttl: Number(configService.getOrThrow\u003cstring\u003e(\"THROTTLER_TTL\")) * 1000, // milliseconds\n      limit: Number(configService.getOrThrow\u003cstring\u003e(\"THROTTLER_LIMIT\")),\n    },\n  ],\n}),\n```\n\n**Environment Variables:**\n```env\nTHROTTLER_TTL=60        # Time window in seconds (converted to ms)\nTHROTTLER_LIMIT=10      # Max requests per time window\n```\n\n**Usage Examples:**\n\n```typescript\n// Skip throttling for specific endpoint\nimport { SkipThrottle } from '@nestjs/throttler';\n\n@SkipThrottle()\n@Get('unlimited')\nasync unlimitedEndpoint() { ... }\n\n// Custom throttle for specific endpoint\nimport { Throttle } from '@nestjs/throttler';\n\n@Throttle({ default: { limit: 3, ttl: 60000 } }) // 3 requests per minute\n@Post('limited')\nasync limitedEndpoint() { ... }\n```\n\n---\n\n## 🚀 Quick Start\n\n### 1. Installation\n```bash\nnpm install\n```\n\n### 2. Start Database\n```bash\ndocker-compose up -d\n```\n\n### 3. Setup Environment\n```bash\ncp .env.example .env\n# Edit .env file\n```\n\n### 4. Run Application\n```bash\nnpm run start:dev\n```\n\n### 5. Create First Admin\n```sql\nINSERT INTO users (id, email, password, name, roles, \"isEmailVerified\", \"isActive\")\nVALUES (\n  gen_random_uuid(),\n  'admin@admin.com',\n  '$2b$10$rG8Hq5HxYqGkL3BvUqKxaO5wKJYyGEzJL8Q7oPpZO8EEpN1x2LZfm',\n  'Super Admin',\n  '{super_admin,admin,user}',\n  true,\n  true\n);\n```\n\n---\n\n## 💡 Important Notes\n\n### Production Preparation\n1. ✅ Set `DATABASE_SYNC=false`\n2. ✅ Create migrations\n3. ✅ Strengthen secret keys\n4. ✅ Configure CORS settings\n5. ✅ Add Helmet middleware\n6. ✅ Configure rate limiting\n7. ✅ Set up logging system\n8. ✅ Add health check endpoint\n\n### Security Checklist\n- ✅ Passwords are hashed (bcrypt)\n- ✅ JWT tokens are signed\n- ✅ Refresh token rotation active\n- ✅ Rate limiting working\n- ✅ Email verification required\n- ✅ RBAC system active\n- ✅ User deactivation available\n- ✅ Validation on all endpoints\n\n### Performance Improvements\n- 🔄 Redis caching (TODO)\n- 🔄 Redis for token blacklist (TODO)\n- 🔄 Email queue system (TODO)\n- 🔄 Database indexes (TODO)\n\n---\n\n## 📝 Next Steps (Optional)\n\n1. **Social Login** - Google, GitHub, Facebook OAuth\n2. **Two-Factor Authentication (2FA)** - With TOTP\n3. **Session Management** - View/terminate active sessions\n4. **Audit Logging** - Log all operations\n5. **Email Templates Engine** - Dynamic emails with Handlebars\n6. **Unit \u0026 E2E Tests** - Test coverage\n7. **Monitoring** - Sentry, DataDog etc.\n\n---","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevdogukan%2Fnestjs-auth-app","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdevdogukan%2Fnestjs-auth-app","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevdogukan%2Fnestjs-auth-app/lists"}