Skip to content

Nest.js module that setup authentication with Zitadel for Nest.js application

License

Notifications You must be signed in to change notification settings

ivanvs/nest-zitadel

Repository files navigation

nest-zitadel

GitHub npm npm npm

Nest.js module that setup authentication with Zitadel for Nest.js application

This library is higly inspired by https://github.com/ehwplus/zitadel-nodejs-nestjs

Installation

npm install --save passport-zitadel nest-zitadel @nestjs/passport

Getting Started

Registering the module:

ZitadelAuthModule.forRoot({
        authority: 'http://localhost:8080',
        authorization: {
        type: 'jwt-profile',
        profile: {
            type: 'application',
            keyId: 'key-id',
            key: 'key',
            appId: 'app-id',
            clientId: 'client-id',
        },
        },
    }),

Registering the module with configuration from ConfigurationService:

ZitadelAuthModule.forRootAsync({
      imports: [ConfigModule],
      inject: [ConfigService],
      useFactory: (configService: ConfigService) => {
        return {
          authority: configService.getOrThrow('ZITADEL_AUTHORITY'),
          authorization: {
            type: 'jwt-profile',
            profile: {
              type: 'application',
              keyId: configService.getOrThrow('ZITADEL_KEY_ID'),
              key: configService.getOrThrow('ZITADEL_KEY'),
              appId: configService.getOrThrow('ZITADEL_APP_ID'),
              clientId: configService.getOrThrow('ZITADEL_CLIENT_ID'),
            },
          },
        };
      },
    }),

Guards

Register any of the guards either globally, or scoped in your controller.

ZitadelAuthGuard

By default, it will throw a 401 unauthorized when it is unable to verify the JWT token or Bearer header is missing.

@Controller('cats')
@UseGuards(ZitadelAuthGuard)
export class CatsController {}

RolesGuard

Check if user has role that is put in @Roles decorator

@Roles('super-user')
@Get('protected/roles')
@UseGuards(ZitadelAuthGuard, RolesGuard)
getProtectedHelloWithRoles(): string {
  this.logger.log('Requesting role protected hello');
  return this.appService.getHello();
}

Decorators

ZitadelAuthGuard

Retrieves the current Zitadel logged-in user.

@Controller('users')
@UseGuards(ZitadelAuthGuard)
export class UsersController {
  @Get()
  getCurrentUser(@AuthenticatedUser() user: ZitadelUser) {
    return user;
  }
}

License

nest-zitadel is released under MIT License.

About

Nest.js module that setup authentication with Zitadel for Nest.js application

Topics

Resources

License

Stars

Watchers

Forks