{"id":20748837,"url":"https://github.com/nest4it/api-key","last_synced_at":"2025-05-11T05:32:54.149Z","repository":{"id":253649207,"uuid":"844104361","full_name":"nest4it/api-key","owner":"nest4it","description":"NestJS module to generate and validate api keys.","archived":false,"fork":false,"pushed_at":"2024-08-21T14:36:28.000Z","size":135,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2024-11-06T16:09:23.175Z","etag":null,"topics":["api-key-authentication","n4it","nestjs","nestjs-boilerplate"],"latest_commit_sha":null,"homepage":"https://n4it.nl","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nest4it.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-08-18T11:55:47.000Z","updated_at":"2024-09-23T12:41:37.000Z","dependencies_parsed_at":"2024-08-21T16:24:26.179Z","dependency_job_id":null,"html_url":"https://github.com/nest4it/api-key","commit_stats":null,"previous_names":["nest4it/api-key"],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nest4it%2Fapi-key","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nest4it%2Fapi-key/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nest4it%2Fapi-key/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nest4it%2Fapi-key/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nest4it","download_url":"https://codeload.github.com/nest4it/api-key/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225014762,"owners_count":17407288,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api-key-authentication","n4it","nestjs","nestjs-boilerplate"],"created_at":"2024-11-17T08:18:46.634Z","updated_at":"2024-11-17T08:18:48.426Z","avatar_url":"https://github.com/nest4it.png","language":"TypeScript","readme":"# @n4it/api-key\nA NestJS module for creating and validating API keys effortlessly, leveraging JWT tokens and customizable policies.\n\n## Installation\nTo install the module, use npm:\n\n```bash\nnpm install @n4it/api-key\n```\n\n## Usage\n\n### Importing and Configuring the Module\nFirst, import the ApiKeyModule into your NestJS module and configure it using the `register` method. This method requires a secret for signing the JWT tokens and an apiKeyHeader for identifying the API key in requests.\n\n```typescript\nimport { ApiKeyModule } from \"@n4it/api-key\";\nimport { Module } from \"@nestjs/common\";\n\n@Module({\n  imports: [\n    ApiKeyModule.register({\n      secret: \"your-secret-key\",  // Replace with your actual secret\n      apiKeyHeader: \"x-api-key\",  // The header to look for the API key\n      expiresIn: 60 * 60, // the time the API Keys will expire\n    }),\n  ],\n})\nexport class AppModule {}\n```\n\n### Generating API Tokens\nTo generate an API token, inject the ApiKeyService into your service and use the createApiKey method. This method allows you to associate policies with the generated token.\n\n```typescript\nimport { ApiKeyService } from \"@n4it/api-key\";\nimport { Injectable } from \"@nestjs/common\";\n\n@Injectable()\nexport class AppService {\n  constructor(private readonly apiKeyService: ApiKeyService) {}\n\n  public createToken() {\n    return this.apiKeyService.createApiKey({\n      policies: [\"user:manage\"],  // Define your custom claims here\n      role: \"admin\"\n    });\n  }\n}\n```\n\n### Using the API Key Strategy in Guards\nTo protect routes using the generated API keys, you can use the `API_KEY_MODULE_STRATEGY` with NestJS's AuthGuard. This guard will automatically validate incoming requests against the configured API key strategy.\n\n```typescript\nimport { Injectable, ExecutionContext } from \"@nestjs/common\";\nimport { AuthGuard as PassportAuthGuard } from \"@nestjs/passport\";\nimport { API_KEY_MODULE_STRATEGY } from \"@n4it/api-key\";\n\n@Injectable()\nexport class AuthGuard extends PassportAuthGuard([\n  API_KEY_MODULE_STRATEGY,  // inject the strategy in a passport auth guard\n  // other auth mechanisms can be added here as well...\n]) {\n  canActivate(context: ExecutionContext) {\n    return super.canActivate(context);\n  }\n}\n```\n\n### Using the ApiKeyClient Decorator\nThe module also provides a convenient `ApiKeyClient` decorator. This decorator can be used in your controllers to directly inject the parsed JWT token as an `AuthenticatedClient` object. This makes it easy to access the details of the authenticated client in your route handlers.\n\nYou can import both `ApiKeyClient` and `AuthenticatedClient`:\n\n```typescript\nimport { Controller, Get } from \"@nestjs/common\";\nimport { ApiKeyClient, AuthenticatedClient } from \"@n4it/api-key\";\n\n@Controller('user')\nexport class UserController {\n  @Get('profile')\n  getUserProfile(@ApiKeyClient() client: AuthenticatedClient) {\n    // Access client details from the parsed JWT token\n    // possibly validate the policies\n    return {\n      userId: client.userId,\n      policies: client.policies,\n    };\n  }\n}\n```\n\n### Example Guard Usage\nOnce you've created the AuthGuard, you can apply it to your controllers or specific routes to enforce API key validation.\n\n```typescript\nimport { Controller, Get, UseGuards } from \"@nestjs/common\";\nimport { AuthGuard } from \"./auth.guard\";\n\n@Controller('protected')\nexport class ProtectedController {\n  @Get()\n  @UseGuards(AuthGuard)\n  getProtectedResource() {\n    return \"This is a protected resource\";\n  }\n}\n```\n\n## License\nThis project is licensed under the GNU General Public License v3.0 - see the LICENSE file for details.\n\n## Contributing\nContributions are welcome! Please feel free to submit a Pull Request or open an issue on GitHub.\n\n## Support\nIf you have any questions or need support, you can contact us at [info@n4it.nl](mailto:info@n4it.nl).\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnest4it%2Fapi-key","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnest4it%2Fapi-key","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnest4it%2Fapi-key/lists"}