NestJS JWT Authentication: A Step-by-Step Guide

Implementing JWT User Authentication in NestJS

Authentication is a crucial aspect of any application, ensuring the security and integrity of user data. In this article, we will explore how to implement JWT (JSON Web Token) user authentication in a NestJS application.

What is NestJS?

NestJS is a server-side application framework for Node.js that enables the creation of scalable and efficient applications. It provides a robust architecture for building backend applications, with support for object-oriented programming, functional programming, and functional reactive programming.

Prerequisites

Before proceeding with this tutorial, ensure you have the following installed:

• Node.js v14 or later
• MongoDB
• Yarn (installed globally)

Setting up the Project

To set up the project, install the Nest CLI globally using the following command:

npm install -g @nestjs/cli

Create a new project using the following command:

nest new jwt-authentication

Choose Yarn as the package manager and wait for the dependencies to be installed.

Configuring MongoDB

Install the Mongoose package and the NestJS wrapper using the following command:

yarn add mongoose @nestjs/mongoose

Update the app.module.ts file to configure Mongoose:
“`typescript
import { Module } from ‘@nestjs/common’;
import { AppController } from ‘./app.controller’;
import { AppService } from ‘./app.service’;
import { MongooseModule } from ‘@nestjs/mongoose’;

@Module({
imports: [
MongooseModule.forRoot(‘mongodb://localhost:27017/jwt-authentication’),
],
controllers: [AppController],
providers: [AppService],
})
export class AppModule {}
“`
Creating the User Module

Create a new module for users using the following command:

nest g module users

This will create a new folder called users with a users.module.ts file.

Creating the User Schema

Create a new file called users.model.ts in the users folder:
“`typescript
import { Prop, Schema, SchemaFactory } from ‘@nestjs/mongoose’;
import { Document } from ‘mongoose’;

@Schema()
export class User {
@Prop()
username: string;

@Prop()
password: string;
}

export const UserSchema = SchemaFactory.createForClass(User);
“`
Creating the User Service

Create a new file called users.service.ts in the users folder:
“`typescript
import { Injectable } from ‘@nestjs/common’;
import { InjectModel } from ‘@nestjs/mongoose’;
import { Model } from ‘mongoose’;
import { User, UserSchema } from ‘./users.model’;

@Injectable()
export class UsersService {
constructor(@InjectModel(User.name) private userModel: Model) {}

async createUser(user: User): Promise {
return this.userModel.create(user);
}

async findOne(username: string): Promise {
return this.userModel.findOne({ username });
}
}
“`
Creating the Auth Module

Create a new module for authentication using the following command:

nest g module auth

This will create a new folder called auth with an auth.module.ts file.

Configuring JWT

Install the required packages for JWT using the following command:

yarn add passport-jwt @nestjs/passport

Create a new file called local.auth.ts in the auth folder:
“`typescript
import { Injectable } from ‘@nestjs/common’;
import { PassportStrategy } from ‘@nestjs/passport’;
import { Strategy } from ‘passport-local’;
import { UsersService } from ‘../users/users.service’;

@Injectable()
export class LocalStrategy extends PassportStrategy(Strategy) {
constructor(private usersService: UsersService) {
super();
}

async validate(username: string, password: string): Promise {
const user = await this.usersService.findOne(username);
if (!user) {
return null;
}
if (user.password !== password) {
return null;
}
return user;
}
}
“`
Creating the Auth Service

Create a new file called auth.service.ts in the auth folder:
“`typescript
import { Injectable } from ‘@nestjs/common’;
import { UsersService } from ‘../users/users.service’;
import { JwtService } from ‘@nestjs/jwt’;

@Injectable()
export class AuthService {
constructor(
private usersService: UsersService,
private jwtService: JwtService,
) {}

async login(user: any): Promise {
const payload = { sub: user._id, username: user.username };
return this.jwtService.sign(payload);
}
}
“`
Testing the Application

Start the application using the following command:

yarn start

Use Postman to test the application. Send a POST request to http://localhost:3000/auth/login with the following body:
json
{
"username": "test",
"password": "test"
}

This should return a JWT token. Use this token to access protected routes.

That’s it! You now have a NestJS application with JWT user authentication.