JWT Authentication in Nest.js

Подписаться 860

Просмотров 17 тыс.

50% 1

This tutorial will help you create a fully working JWT authenticated server using Nest.js. Then we'll go further by adding refresh tokens to the application so that you can easily refresh your access tokens.
Code Repo: github.com/gabrielmcreynolds/...
Written Article: www.dev-influence.com/article...
For more articles visit: www.dev-influence.com/
Contents of this video:
0:00 - Intro
0:15 - JWT Auth Flow
0:55 - Project Setup
1:48 - Setting up Users
3:11 - AuthService
12:00 - Authentication Endpoints
13:23 - Setting up Passport.js
16:07 - Adding Authenticated Endpoints
17:00 - Run in Postman
18:35 - Conclustion

Опубликовано:

3 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 10

@AliAliOxenFree Год назад

holy crap there is a LOT to unpack here. at first i was like what the heck how is this dude gonna cover all the material in under 20 min.. then i hit play. earned yourself an impressed new subscriber!

@geelemo 2 года назад

This tutorial is of high quality. Well done

@justinnoor4915 2 года назад

Thanks for this. A lot of videos are just copying the documentation but you showed originality.

@dipeshchaulagain984 2 года назад

Great video

@permanar_ 2 года назад

Dude, this actually an awesome content. Keep it up! Interested to made some other videos? Maybe you could do something like a short crash course that could covered this with an actual DB (something like mySQL or PostgreSQL), with Prisma/TypeOrm and real-time or something! Just a rough idea. Anyway, keep up the good work mate 👍

@AbdullahAlSalem_abood 9 месяцев назад

how to get User Informtion by angular?

@warpmonkey 2 года назад

C - L - I, good video :)

@daakii 2 года назад

Hi, first of all: Awesome Video. Much more detailed than other Auth Tutorials. I have one question though: For what do you add the ip-adress and user-agent to the refresh-token? I would have guessed that that makes it harder to refresh an access-token when the refresh token is stolen, but I see no verification that the caller of the refresh endpoint has the same user-agent and ip-adress as claimed in the refresh JWT. Did you just leave it out for simplicity or should we implement mentioned checks in our production code? Thank you very much.

@devinfluence 2 года назад

I just have it in there so if you ever want to send a verification email on a sign in you can add that data to the email.

@daakii 2 года назад

@@devinfluence ooh I didnt even consider that! Thank you very much.