Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mabuonomo/nestjs-guard-grpc
GrpcAuthGuard is an agnostic guard for NestJS optimized for grpc scope
https://github.com/mabuonomo/nestjs-guard-grpc
authentication decorators guard jwt nestjs
Last synced: 2 days ago
JSON representation
GrpcAuthGuard is an agnostic guard for NestJS optimized for grpc scope
- Host: GitHub
- URL: https://github.com/mabuonomo/nestjs-guard-grpc
- Owner: mabuonomo
- Created: 2020-04-09T19:23:12.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2023-07-18T21:40:49.000Z (over 1 year ago)
- Last Synced: 2024-10-13T23:47:10.793Z (about 1 month ago)
- Topics: authentication, decorators, guard, jwt, nestjs
- Language: TypeScript
- Homepage:
- Size: 440 KB
- Stars: 11
- Watchers: 2
- Forks: 4
- Open Issues: 12
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Nestjs - GrpcAuthGuard
GrpcAuthGuard is an agnostic guard for NestJS optimized for grpc scope. You can inject you personalized auth service to customize it. This guard read from metadatas on a grpc call.
The library contains also a decorator, called GRPCUser, that inject the user loaded into your service.
## Installation
```sh
npm i --save nestjs-guard-grpc
```
## Usage
On you controller use the guard _GrpcAuthGuard_
```ts
@Controller()
export class UserController {
@UseGuards(GrpcAuthGuard)
@GrpcMethod('UserService', 'FindAll')
findAll(@Payload() data: any, metadata: any, @GRPCUser() user: User) {
console.log('User injected', user);
return [];
}
}
```
_@GRPCUser()_ is a decorator that inject the user loaded from the authentication.
_@Payload()_ is a official NestJS mandatory decorator, necessary if you use a custom decorator like _@GRPCUser()_
Now you need to build your own auth service that implement the IAuthService interface. For example if you want to use a jwt token you can use the follow service:
```ts
import { Injectable } from '@nestjs/common';
import { UserInterface, IAuthService } from 'nestjs-guard-grpc';
import * as jwt from 'jsonwebtoken';
import { ConfigService } from '@nestjs/config';
const jwksClient = require('jwks-rsa');
@Injectable()
export class GrpcJwtService implements IAuthService {
client: any;
constructor(private configService: ConfigService) {
this.client = jwksClient({
jwksUri: configService.get('auth.jwks_uri'),
issuer: configService.get('auth.iss'),
audience: configService.get('auth.aud'),
});
}
async verify(params: any): Promise {
let token = params;
let self = this;
return new Promise(function (resolve, reject) {
jwt.verify(token, getKey, {}, (err, decoded) => {
if (err) reject(err);
resolve(decoded);
});
}).then((user) => user);
function getKey(header, callback) {
self.client.getSigningKey(header.kid, function (err, key) {
var signingKey = key.publicKey || key.rsaPublicKey;
callback(null, signingKey);
});
}
}
}
```
Finally inject your own service into _GrpcAuthGuard_
```ts
@Module({
controllers: [UserController],
providers: [
GrpcJwtService,
{
provide: 'IAuthService',
useClass: GrpcJwtService,
},
],
})
export class UsersModule {}
```
## Testing
The following code is a base grpc client. How you can see the token jwt is part of the metadata field.
```ts
const echoService = new UserServiceClient('http://localhost:8080', null, null);
const request = new Empty();
let jwt = '{your_jwt_token}';
const call = echoService.findAll(
request,
{ Authorization: 'Bearer ' + jwt },
(err: grpcWeb.Error, response: UserList) => {
console.log(err);
console.log(response);
},
);
call.on('status', (status: grpcWeb.Status) => {
console.log('Status', status);
});
```
## References