Implementing GitHub Social Login with NestJS: A Step-by-Step Guide

Integrating GitHub Social Login with NestJS

In this article, we’ll explore how to integrate GitHub social login into a NestJS application. We’ll learn how to authenticate with GitHub, implement a specific strategy using Passport, and set up a JWT strategy for securing private routes.

Prerequisites

To follow along with this article, you’ll need:

• A basic understanding of Node.js
• Node.js and the Node Package Manager installed
• A GitHub account

Setting up Our NestJS Project

First, let’s set up our NestJS project. We’ll use the NestJS CLI to create a new project.

bash
npm install -g @nestjs/cli
nest new nestjs-github-login


Next, we’ll install the necessary packages.

bash
npm install @nestjs/passport passport-github


Registering an OAuth Application with GitHub

To register an OAuth application with GitHub, follow these steps:

1. Go to the GitHub Developer settings page.
2. Click on “New OAuth App”.
3. Fill in the required information, including the Authorization callback URL.
4. Click on “Register application”.

Note down the Client ID and Client secret. We’ll need these later.

Implementing GitHub Social Login

Now, let’s implement GitHub social login. We’ll create a separate module for authentication.

bash
nest generate module auth


Create a file called auth.strategy.ts in the auth folder.

“`typescript
import { Injectable } from ‘@nestjs/common’;
import { PassportStrategy } from ‘@nestjs/passport’;
import { Strategy } from ‘passport-github’;

@Injectable()
export class GithubStrategy extends PassportStrategy(Strategy) {
constructor() {
super({
clientID: process.env.GITHUBCLIENTID,
clientSecret: process.env.GITHUBCLIENTSECRET,
callbackURL: ‘http://localhost:3000/auth/callback’,
});
}

async validate(token: string, tokenSecret: string, profile: any): Promise {
return profile;
}
}
“`

Creating Authentication Routes

Next, we’ll create authentication routes.

bash
nest generate controller auth


In the auth.controller.ts file, add the following code:

“`typescript
import { Controller, Get, UseGuards } from ‘@nestjs/common’;
import { AuthGuard } from ‘@nestjs/passport’;

@Controller(‘auth’)
export class AuthController {
@Get()
@UseGuards(AuthGuard(‘github’))
async login(): Promise {
return ‘Login with GitHub’;
}

@Get(‘callback’)
@UseGuards(AuthGuard(‘github’))
async callback(@Req() req: any): Promise {
return req.user;
}
}
“`

Setting up JWT Token Strategy

To secure private routes, we’ll set up a JWT token strategy.

bash
npm install @nestjs/jwt


Create a file called jwt.strategy.ts in the auth folder.

“`typescript
import { Injectable } from ‘@nestjs/common’;
import { PassportStrategy } from ‘@nestjs/passport’;
import { ExtractJwt, Strategy } from ‘passport-jwt’;

@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy) {
constructor() {
super({
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
ignoreExpiration: false,
secretOrKey: process.env.JWT_SECRET,
});
}

async validate(payload: any): Promise {
return payload;
}
}
“`

Using JWT Tokens to Protect Private Routes

Finally, we’ll use JWT tokens to protect private routes.

“`