The Authentication Module is responsible for handling user authentication, account activation, Google authentication, and password-related functionalities in a NestJS application.
$ npm install
The Authentication Module leverages Prisma as its Object-Relational Mapping (ORM) tool for seamless database interactions. Ensure you have Prisma properly configured in your NestJS application.
- npx prisma generate : This command generates TypeScript typings based on your Prisma Schema, making it easier to interact with the database in your NestJS application.
- npx prisma migrate dev --name init : This command creates a new migration with the name init and applies it to the database. Ensure that you run this command whenever there are changes to your database schema.
- npx prisma studio : Prisma Studio will open in your default web browser, providing a visual representation of your database tables and relationships.
# development
$ npm run start
# watch mode
$ npm run start:dev
- nodemailer / @nestjs-modules/mailer: Provides mail sending capabilities for sending activation and password reset emails.
- @nestjs/jwt: Handles JSON Web Token (JWT) creation and verification for user authentication.
- @nestjs/passport: Passport module for authentication in NestJS applications.
- bcrypt: Library for hashing passwords securely.
- prisma / @prisma/client: Prisma client for database interaction.
- passport-google-oauth20: Google OAuth2.0 authentication strategy for Passport.
- cookie-parser: Middleware for parsing cookies in Express.
- class-validator: Validation library for TypeScript and JavaScript.
- class-transformer: Library for transforming plain to class instances and vice versa.
- uuid: Library for generating UUIDs.
Endpoint: POST /auth/signup
Description: Creates a new user account. Checks if the user already exists, hashes the password, generates an activation token, and sends an activation email.
Request:
{
"email": "user@example.com",
"name": "John Doe",
"password": "securePassword"
}
Response:
{
"message": "User created. Activation email sent."
}
Endpoint: POST /auth/activate/:token
Description: Activates a user account using the activation token sent via email. Handles token expiration and invalid token scenarios.
Response:
{
"message": "Account activated successfully."
}
Endpoint: POST /auth/sendBackMailConfirmation
Description: Re-sends the activation email to the user for account confirmation.
Request:
{
"email": "user@example.com"
}
Response:
{
"message": "Activation email sent successfully."
}
Endpoint: POST /auth/signin
Description: Handles user login. Validates credentials, checks account activation status, and returns a JWT token.
Request:
{
"email": "user@example.com",
"password": "securePassword"
}
Response:
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}
Endpoint: POST /auth/user
Description: Verifies the JWT token and returns user information if authenticated.
Response:
{
"message": "Hello Mayssa, you are logged in."
}
Endpoint: POST /auth/signout
Description: Clears the authentication token and logs the user out.
Response:
{
"message": "Logged out successfully."
}
Endpoint: POST /auth/forgotPassword
Description: Sends a reset password email to the user.
Request:
{
"email": "user@example.com"
}
Response:
{
"message": "Mail sent successfully."
}
Endpoint: POST /auth/resetPassword/:token
Description: Resets the user's password using the provided token.
Request:
{
"password": "newSecurePassword"
}
Response:
{
"message": "Your password has been reset successfully."
}