Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ivanvs/nest-zitadel

Nest.js module that setup authentication with Zitadel for Nest.js application
https://github.com/ivanvs/nest-zitadel

nest nest-zitadel nestjs passport passportjs zitadel

Last synced: 2 months ago
JSON representation

Nest.js module that setup authentication with Zitadel for Nest.js application

Host: GitHub
URL: https://github.com/ivanvs/nest-zitadel
Owner: ivanvs
License: mit
Created: 2024-02-26T00:02:10.000Z (10 months ago)
Default Branch: main
Last Pushed: 2024-03-11T21:33:44.000Z (10 months ago)
Last Synced: 2024-09-29T01:41:20.235Z (3 months ago)
Topics: nest, nest-zitadel, nestjs, passport, passportjs, zitadel
Language: TypeScript
Homepage:
Size: 474 KB
Stars: 4
Watchers: 2
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # nest-zitadel

![GitHub](https://img.shields.io/github/license/ivanvs/nest-zitadel)

![npm](https://img.shields.io/npm/v/nest-zitadel)

![npm](https://img.shields.io/npm/dw/nest-zitadel)

![npm](https://img.shields.io/npm/dt/nest-zitadel)

> Nest.js module that setup authentication with Zitadel for Nest.js application

This library is higly inspired by [https://github.com/ehwplus/zitadel-nodejs-nestjs](https://github.com/ehwplus/zitadel-nodejs-nestjs)

## Installation

```bash

npm install --save passport-zitadel nest-zitadel @nestjs/passport

```

## Getting Started

Registering the module:

```typescript

ZitadelAuthModule.forRoot({

        authority: 'http://localhost:8080',

        authorization: {

        type: 'jwt-profile',

        profile: {

            type: 'application',

            keyId: 'key-id',

            key: 'key',

            appId: 'app-id',

            clientId: 'client-id',

        },

        },

    }),

```

Registering the module with configuration from `ConfigurationService`:

```typescript

ZitadelAuthModule.forRootAsync({

      imports: [ConfigModule],

      inject: [ConfigService],

      useFactory: (configService: ConfigService) => {

        return {

          authority: configService.getOrThrow('ZITADEL_AUTHORITY'),

          authorization: {

            type: 'jwt-profile',

            profile: {

              type: 'application',

              keyId: configService.getOrThrow('ZITADEL_KEY_ID'),

              key: configService.getOrThrow('ZITADEL_KEY'),

              appId: configService.getOrThrow('ZITADEL_APP_ID'),

              clientId: configService.getOrThrow('ZITADEL_CLIENT_ID'),

            },

          },

        };

      },

    }),

```

## Guards

Register any of the guards either globally, or scoped in your controller.

### ZitadelAuthGuard

By default, it will throw a 401 unauthorized when it is unable to verify the JWT token or Bearer header is missing.

```typescript

@Controller('cats')

@UseGuards(ZitadelAuthGuard)

export class CatsController {}

```

### RolesGuard

Check if user has role that is put in `@Roles` decorator

```typescript

@Roles('super-user')

@Get('protected/roles')

@UseGuards(ZitadelAuthGuard, RolesGuard)

getProtectedHelloWithRoles(): string {

  this.logger.log('Requesting role protected hello');

  return this.appService.getHello();

}

```

## Decorators

### ZitadelAuthGuard

Retrieves the current Zitadel logged-in user.

```typescript

@Controller('users')

@UseGuards(ZitadelAuthGuard)

export class UsersController {

  @Get()

  getCurrentUser(@AuthenticatedUser() user: ZitadelUser) {

    return user;

  }

}

```

# License

nest-zitadel is released under [MIT License](https://opensource.org/licenses/MIT).