Integrating GitHub Social Login with NestJS
In this article, we’ll explore how to integrate GitHub social login into a NestJS application. We’ll learn how to authenticate with GitHub, implement a specific strategy using Passport, and set up a JWT strategy for securing private routes.
Prerequisites
To follow along with this article, you’ll need:
- A basic understanding of Node.js
- Node.js and the Node Package Manager installed
- A GitHub account
Setting up Our NestJS Project
First, let’s set up our NestJS project. We’ll use the NestJS CLI to create a new project.
bash
npm install -g @nestjs/cli
nest new nestjs-github-login
Next, we’ll install the necessary packages.
bash
npm install @nestjs/passport passport-github
Registering an OAuth Application with GitHub
To register an OAuth application with GitHub, follow these steps:
- Go to the GitHub Developer settings page.
- Click on “New OAuth App”.
- Fill in the required information, including the Authorization callback URL.
- Click on “Register application”.
Note down the Client ID and Client secret. We’ll need these later.
Implementing GitHub Social Login
Now, let’s implement GitHub social login. We’ll create a separate module for authentication.
bash
nest generate module auth
Create a file called auth.strategy.ts in the auth folder.
“`typescript
import { Injectable } from ‘@nestjs/common’;
import { PassportStrategy } from ‘@nestjs/passport’;
import { Strategy } from ‘passport-github’;
@Injectable()
export class GithubStrategy extends PassportStrategy(Strategy) {
constructor() {
super({
clientID: process.env.GITHUBCLIENTID,
clientSecret: process.env.GITHUBCLIENTSECRET,
callbackURL: ‘http://localhost:3000/auth/callback’,
});
}
async validate(token: string, tokenSecret: string, profile: any): Promise
return profile;
}
}
“`
Creating Authentication Routes
Next, we’ll create authentication routes.
bash
nest generate controller auth
In the auth.controller.ts file, add the following code:
“`typescript
import { Controller, Get, UseGuards } from ‘@nestjs/common’;
import { AuthGuard } from ‘@nestjs/passport’;
@Controller(‘auth’)
export class AuthController {
@Get()
@UseGuards(AuthGuard(‘github’))
async login(): Promise
return ‘Login with GitHub’;
}
@Get(‘callback’)
@UseGuards(AuthGuard(‘github’))
async callback(@Req() req: any): Promise
return req.user;
}
}
“`
Setting up JWT Token Strategy
To secure private routes, we’ll set up a JWT token strategy.
bash
npm install @nestjs/jwt
Create a file called jwt.strategy.ts in the auth folder.
“`typescript
import { Injectable } from ‘@nestjs/common’;
import { PassportStrategy } from ‘@nestjs/passport’;
import { ExtractJwt, Strategy } from ‘passport-jwt’;
@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy) {
constructor() {
super({
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
ignoreExpiration: false,
secretOrKey: process.env.JWT_SECRET,
});
}
async validate(payload: any): Promise
return payload;
}
}
“`
Using JWT Tokens to Protect Private Routes
Finally, we’ll use JWT tokens to protect private routes.
“`