├── .env.example
├── .gitignore
├── .prettierrc
├── .vscode
    └── settings.json
├── CONTRIBUTING.md
├── Dockerfile
├── README.md
├── docker-compose.yml
├── nest-cli.json
├── nodemon-debug.json
├── nodemon.json
├── package.json
├── src
    ├── app.controller.spec.ts
    ├── app.controller.ts
    ├── app.module.ts
    ├── app.service.ts
    ├── auth
    │   ├── auth.module.ts
    │   ├── controller
    │   │   └── auth
    │   │   │   ├── auth.controller.spec.ts
    │   │   │   └── auth.controller.ts
    │   ├── dto
    │   │   ├── login-credential.dto.ts
    │   │   ├── refresh-token.dto.ts
    │   │   └── token.dto.ts
    │   └── service
    │   │   ├── auth.service.spec.ts
    │   │   └── auth.service.ts
    ├── logger.ts
    ├── main.ts
    ├── migrations
    │   └── 1567653805565-createUsers.ts
    ├── orm.config.ts
    ├── shared
    │   └── shared.module.ts
    ├── user
    │   ├── controller
    │   │   └── user
    │   │   │   ├── user.controller.spec.ts
    │   │   │   └── user.controller.ts
    │   ├── dto
    │   │   └── create-user.dto.ts
    │   ├── entity
    │   │   └── user.entity.ts
    │   ├── index.ts
    │   ├── repository
    │   │   └── user.repository.ts
    │   ├── service
    │   │   ├── user.service.spec.ts
    │   │   └── user.service.ts
    │   └── user.module.ts
    └── utils
    │   ├── decorator
    │       ├── auth-user.decorator.spec.ts
    │       ├── auth-user.decorator.ts
    │       └── roles.decorator.ts
    │   ├── guard
    │       ├── is-role-user
    │       │   └── is-role-user.guard.ts
    │       └── is-user
    │       │   └── is-user.guard.ts
    │   ├── index.ts
    │   ├── interceptor
    │       ├── logger.interceptor.spec.ts
    │       └── logger.interceptor.ts
    │   ├── interface
    │       └── user.ts
    │   ├── middleware
    │       ├── jwt-token.middleware.spec.ts
    │       └── jwt-token.middleware.ts
    │   └── utils.module.ts
├── test
    ├── app.e2e-spec.ts
    └── jest-e2e.json
├── tsconfig.build.json
├── tsconfig.json
├── tslint.json
└── yarn.lock


/.env.example:
--------------------------------------------------------------------------------
 1 | NODE_ENV=development
 2 | 
 3 | DB_NAME=nestjs-starter-db
 4 | DB_HOST=db
 5 | DB_USER=root
 6 | DB_PASS=example
 7 | 
 8 | # Number of iteration for password encription
 9 | ENCRIPTION_SALT=10
10 | #JWT Secret hash
11 | JWT_SECRET=M6[n0@u0t[O$Q1(
12 | # JWT issuer
13 | JWT_KEY_ISSUER=nest-starter
14 | # Intendent token user
15 | JWT_KEY_AUDIENCE=example.com


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | node_modules
2 | yarn-error.log
3 | keys/
4 | documentation/
5 | coverage/
6 | .env


--------------------------------------------------------------------------------
/.prettierrc:
--------------------------------------------------------------------------------
1 | {
2 |   "singleQuote": true,
3 |   "trailingComma": "all"
4 | }


--------------------------------------------------------------------------------
/.vscode/settings.json:
--------------------------------------------------------------------------------
1 | {
2 |   "deno.enable": false
3 | }
4 | 


--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
  1 | # Contributing to nest jwt auth
  2 | 
  3 | ### <a name="submit-pr"></a> Submitting a Pull Request (PR)
  4 | Before you submit your Pull Request (PR) consider the following guidelines:
  5 | 
  6 | * Fork this repo in your github account
  7 | 
  8 | * Make your changes in a new git branch:
  9 | 
 10 |      ```shell
 11 |      git checkout -b my-fix-branch develop
 12 |      ```
 13 | 
 14 | * Follow the [Coding Rules](#rules).
 15 | * Run follwoing command to generate documendation. Ensure 100% documendation coverage.
 16 |      ```shell
 17 |      yarn run start:api-doc
 18 |      ```
 19 | 
 20 | * Run the project with `yarn run start:prod` to make sure build is ok with production mode
 21 | * Commit your changes using a descriptive commit message that follows our
 22 |   [commit message conventions](#commit). Adherence to these conventions
 23 |   is necessary because release notes are automatically generated from these messages.
 24 | 
 25 |      ```shell
 26 |      git commit -a
 27 |      ```
 28 |   Note: the optional commit `-a` command line option will automatically "add" and "rm" edited files.
 29 | 
 30 | * Push your branch to GitHub:
 31 | 
 32 |     ```shell
 33 |     git push my-remote my-fix-branch
 34 |     ```
 35 | 
 36 | * In GitHub, send a pull request to `develop`.
 37 | * If we suggest changes then:
 38 |   * Make the required updates.
 39 |   * Re-run the build to ensure things are still ok
 40 |   * Rebase your branch and force push to your GitHub repository
 41 | That's it! Thank you for your contribution!
 42 | 
 43 | 
 44 | ## <a name="rules"></a> Coding Rules
 45 | To ensure consistency throughout the source code, keep these rules in mind as you are working:
 46 | 
 47 | * All public API methods **must be documented**.
 48 | * follow code commending guideline https://compodoc.app/guides/comments.html
 49 | * Use https://atom.io/packages/linter-tslint while coding  
 50 | * We follow [Google's JavaScript Style Guide][js-style-guide]
 51 | * Check your code formatting using
 52 |   ```shell
 53 |   yarn run lint
 54 |   ```
 55 | 
 56 | ## <a name="commit"></a> Commit Message Guidelines
 57 | 
 58 | We have very precise rules over how our git commit messages can be formatted.  This leads to **more
 59 | readable messages** that are easy to follow when looking through the **project history**.  But also,
 60 | we use the git commit messages to **generate the change log**.
 61 | 
 62 | ### Commit Message Format
 63 | Each commit message consists of a **header**, a **body** and a **footer**.  The header has a special
 64 | format that includes a **type**, a **scope** and a **subject**:
 65 | 
 66 | ```
 67 | <type>(<scope>): <subject>
 68 | <BLANK LINE>
 69 | <body>
 70 | <BLANK LINE>
 71 | <footer>
 72 | ```
 73 | 
 74 | The **header** is mandatory and the **scope** of the header is optional.
 75 | 
 76 | Any line of the commit message cannot be longer 74 characters! This allows the message to be easier
 77 | to read on GitHub as well as in various git tools.
 78 | 
 79 | ### Revert
 80 | If the commit reverts a previous commit, it should begin with `revert: `, followed by the header of the reverted commit. In the body it should say: `This reverts commit <hash>.`, where the hash is the SHA of the commit being reverted.
 81 | 
 82 | ### Type
 83 | Must be one of the following:
 84 | 
 85 | * **feat**: A new feature
 86 | * **fix**: A bug fix
 87 | * **docs**: Documentation only changes
 88 | * **style**: Changes that do not affect the meaning of the code (white-space, formatting, missing
 89 |   semi-colons, etc)
 90 | * **refactor**: A code change that neither fixes a bug nor adds a feature
 91 | * **perf**: A code change that improves performance
 92 | * **test**: Adding missing tests or correcting existing tests
 93 | * **build**: Changes that affect the build system, CI configuration or external dependencies (example scopes: gulp, broccoli, npm)
 94 | * **ci**: Any changes to our CI configuration files and scripts (Travis, Circle CI, BrowserStack, SauceLabs)
 95 | * **chore**: Other changes that don't modify `src` or `test` files
 96 | 
 97 | ### Scope
 98 | The scope could be anything specifying place of the commit change. For example
 99 | `Compiler`, `ElementInjector`, etc.
100 | 
101 | ### Subject
102 | The subject contains succinct description of the change:
103 | 
104 | * use the imperative, present tense: "change" not "changed" nor "changes"
105 | * don't capitalize first letter
106 | * no dot (.) at the end
107 | 
108 | ### Body
109 | Just as in the **subject**, use the imperative, present tense: "change" not "changed" nor "changes".
110 | The body should include the motivation for the change and contrast this with previous behavior.
111 | 
112 | ### Footer
113 | The footer should contain any information about **Breaking Changes** and is also the place to
114 | reference GitHub issues that this commit **Closes**.
115 | 
116 | **Breaking Changes** should start with the word `BREAKING CHANGE:` with a space or two newlines. The rest of the commit message is then used for this.
117 | 
118 | [js-style-guide]: http://google-styleguide.googlecode.com/svn/trunk/javascriptguide.xml
119 | 


--------------------------------------------------------------------------------
/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM node:12-alpine
2 | RUN mkdir -p /usr/src/app
3 | WORKDIR /usr/src/app
4 | COPY yarn.lock package.json ./
5 | RUN yarn install
6 | COPY . .
7 | EXPOSE 3000
8 | CMD [ "yarn", "run", "start:dev" ]


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | ## Description
 2 | 
 3 | NestJS JWT authentication service using NestJS, Docker and MySQL. It can be used as a JWT Auth Microservice or can be used as starter repository for an API project.
 4 | 
 5 | 
 6 | ## Setup
 7 | - **Pre-Requisite**
 8 |   - For dockerized environment we need 
 9 |     - `docker`, 
10 |     - `docker-compose` installed.
11 |   - To run API server without Docker we need
12 |     - `Node.js` (>= 10.13.0) installed,
13 |     - Dependency manager `yarn` installed,
14 |     - Nestjs CLI `nest` installed ([follow here](https://docs.nestjs.com/first-steps)) and
15 |     - MySQL server running
16 | - **Configuration**
17 |     - In application root, create `.env` copying form example env file `env.example`.
18 |     - An example env file contains 
19 |       - MySQL credentials for the dockerized environment. For non-docker setup, **update MySQL credentials** here.
20 |       - Password encription salt and JWT secret key values. Change them with some secret values.
21 | - **Run API**
22 |     - **For Docker**: Up docker-compose, this will create a docker container with the database with the given name in env. 
23 |     ``` 
24 |     $ docker-compose up --build
25 |     ```
26 | 
27 |     - For non-docker run install dependencies and run nodejs API server
28 |     ```
29 |     $ yarn
30 |     $ yarn run start
31 |     ```
32 | - **API Documentation**
33 |     - To get API documentation run following command & browse at [http://127.0.0.1:8089/](http://127.0.0.1:8089/)
34 |     ```
35 |     $ yarn run start:api-doc
36 |     ```
37 | - **API** 
38 |   With above steps done, API should be up and running
39 |     - Browse `API` at [http://localhost:3000](http://localhost:3000)
40 |     - Browse `Swagger Open API` Doc at [http://localhost:3000/api](http://localhost:3000/api)
41 |     - Browse (for Docker only) DB `Adminer` at [http://localhost:8080](http://localhost:8080)
42 | 
43 | ## Migration
44 | 
45 | - `TypeORM CLI` used to manage DB migration. ORM configurations are available in the `orm.config.ts` file.
46 | - Migration auto-synchronization is set to `true` in `development` environment, and `false` in other environments.
47 | - To create a new empty migration file, use `migration:create` command.
48 | ```
49 | $ yarn migration:create -n createUsers
50 | ```
51 | - TypeORM can generate a migration file from changed entity files comparing with the database. To generate a populated migration file from entity files, use `migration:generate` command
52 | ```
53 | $ yarn migration:generate -n createUsers
54 | ```
55 | - To run DB migration:
56 | ```
57 | $ yarn migration:run
58 | ```
59 | - To rollback migration:
60 | ```
61 | $ yarn migration:revert
62 | ```
63 | 
64 | Read more about TypeORM migration [here][https://typeorm.io/#/migrations]
65 | 
66 | ## Running Test
67 | 
68 | `yarn test` or `npm run test`
69 | 
70 | ## Contribution Guidelines
71 | 
72 | Feel free to submit issues or PRs. You can checkout the coding style guide before submitting the PRs. Link is [here](https://github.com/basarat/typescript-book/blob/master/docs/styleguide/styleguide.md).
73 | 
74 | ## Stay in touch
75 | 
76 | - Author - S M Asad Rahman
77 | - Twitter - [@asad_rahman](https://twitter.com/asad_rahman)
78 | 


--------------------------------------------------------------------------------
/docker-compose.yml:
--------------------------------------------------------------------------------
 1 | version: "3"
 2 | 
 3 | services:
 4 |   web:
 5 |     build: .
 6 |     env_file:
 7 |       - .env
 8 |     ports:
 9 |       - 3000:3000
10 |     volumes:
11 |       - .:/usr/src/app
12 |       - /usr/src/app/node_modules
13 | 
14 | 
15 |   db:
16 |     image: mysql
17 |     command: --default-authentication-plugin=mysql_native_password
18 |     env_file:
19 |       - .env
20 |     environment:
21 |       MYSQL_ROOT_PASSWORD: ${DB_PASS}
22 |       MYSQL_DATABASE: ${DB_NAME}
23 |     ports:
24 |       - 3306:3306
25 | 
26 |   adminer:
27 |     image: adminer
28 |     ports:
29 |       - 8080:8080
30 | 


--------------------------------------------------------------------------------
/nest-cli.json:
--------------------------------------------------------------------------------
1 | {
2 |   "language": "ts",
3 |   "collection": "@nestjs/schematics",
4 |   "sourceRoot": "src"
5 | }
6 | 


--------------------------------------------------------------------------------
/nodemon-debug.json:
--------------------------------------------------------------------------------
1 | {
2 |   "watch": ["src"],
3 |   "ext": "ts",
4 |   "ignore": ["src/**/*.spec.ts"],
5 |   "exec": "node --inspect-brk -r ts-node/register -r tsconfig-paths/register src/main.ts"
6 | }
7 | 


--------------------------------------------------------------------------------
/nodemon.json:
--------------------------------------------------------------------------------
1 | {
2 |   "watch": ["src"],
3 |   "ext": "ts",
4 |   "ignore": ["src/**/*.spec.ts"],
5 |   "exec": "ts-node -r tsconfig-paths/register src/main.ts"
6 | }
7 | 


--------------------------------------------------------------------------------
/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "jwt-auth",
 3 |   "version": "0.0.1",
 4 |   "description": "",
 5 |   "author": "",
 6 |   "license": "MIT",
 7 |   "scripts": {
 8 |     "build": "tsc -p tsconfig.build.json",
 9 |     "format": "prettier --write \"src/**/*.ts\"",
10 |     "start": "ts-node -r tsconfig-paths/register src/main.ts",
11 |     "start:dev": "nodemon",
12 |     "start:debug": "nodemon --config nodemon-debug.json",
13 |     "prestart:prod": "rimraf dist && npm run build",
14 |     "start:prod": "node dist/main.js",
15 |     "start:api-doc": "npx compodoc -p tsconfig.json -w -s -r 8089",
16 |     "lint": "tslint -p tsconfig.json -c tslint.json --fix",
17 |     "test": "jest",
18 |     "test:watch": "jest --watch",
19 |     "test:cov": "jest --coverage",
20 |     "test:debug": "node --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand",
21 |     "test:e2e": "jest --config ./test/jest-e2e.json",
22 |     "migration:create": "ts-node node_modules/.bin/typeorm migration:create  --config src/orm.config.ts",
23 |     "migration:generate": "ts-node node_modules/.bin/typeorm migration:generate  --config src/orm.config.ts",
24 |     "migration:run": "ts-node node_modules/.bin/typeorm migration:run  --config src/orm.config.ts",
25 |     "migration:revert": "ts-node node_modules/.bin/typeorm migration:revert --config src/orm.config.ts"
26 |   },
27 |   "dependencies": {
28 |     "@compodoc/compodoc": "^1.1.10",
29 |     "@nestjs/common": "^6.0.0",
30 |     "@nestjs/core": "^6.0.0",
31 |     "@nestjs/jwt": "^6.1.1",
32 |     "@nestjs/platform-express": "^6.0.0",
33 |     "@nestjs/swagger": "^3.1.0",
34 |     "@nestjs/typeorm": "^6.1.3",
35 |     "@types/bcryptjs": "^2.4.2",
36 |     "bcryptjs": "^2.4.3",
37 |     "class-transformer": "^0.2.3",
38 |     "class-validator": "^0.9.1",
39 |     "fs": "^0.0.1-security",
40 |     "jsonwebtoken": "^8.5.1",
41 |     "mem": "^4.0.0",
42 |     "mysql": "^2.17.1",
43 |     "nest-winston": "^1.1.2",
44 |     "reflect-metadata": "^0.1.12",
45 |     "rimraf": "^2.6.2",
46 |     "rxjs": "^6.3.3",
47 |     "swagger-ui-express": "^4.0.7",
48 |     "typeorm": "^0.2.18",
49 |     "winston": "^3.2.1"
50 |   },
51 |   "devDependencies": {
52 |     "@nestjs/testing": "^6.0.0",
53 |     "@types/express": "^4.16.0",
54 |     "@types/jest": "^23.3.13",
55 |     "@types/node": "^10.12.18",
56 |     "@types/supertest": "^2.0.7",
57 |     "jest": "^23.6.0",
58 |     "nodemon": "^1.18.9",
59 |     "prettier": "^1.15.3",
60 |     "supertest": "^3.4.1",
61 |     "ts-jest": "^23.10.5",
62 |     "ts-node": "^7.0.1",
63 |     "tsconfig-paths": "^3.7.0",
64 |     "tslint": "5.12.1",
65 |     "typescript": "^3.2.4"
66 |   },
67 |   "jest": {
68 |     "moduleFileExtensions": [
69 |       "js",
70 |       "json",
71 |       "ts"
72 |     ],
73 |     "rootDir": "src",
74 |     "testRegex": ".spec.ts$",
75 |     "transform": {
76 |       "^.+\\.(t|j)s$": "ts-jest"
77 |     },
78 |     "coverageDirectory": "../coverage",
79 |     "testEnvironment": "node"
80 |   }
81 | }


--------------------------------------------------------------------------------
/src/app.controller.spec.ts:
--------------------------------------------------------------------------------
 1 | import { Test, TestingModule } from '@nestjs/testing';
 2 | import { AppController } from './app.controller';
 3 | import { AppService } from './app.service';
 4 | 
 5 | describe('AppController', () => {
 6 |   let appController: AppController;
 7 | 
 8 |   beforeEach(async () => {
 9 |     const app: TestingModule = await Test.createTestingModule({
10 |       controllers: [AppController],
11 |       providers: [AppService],
12 |     }).compile();
13 | 
14 |     appController = app.get<AppController>(AppController);
15 |   });
16 | 
17 |   describe('root', () => {
18 |     it('should return "Hello World!"', () => {
19 |       expect(appController.getHello()).toBe('Hello World!');
20 |     });
21 |   });
22 | });
23 | 


--------------------------------------------------------------------------------
/src/app.controller.ts:
--------------------------------------------------------------------------------
 1 | import { Controller, Get } from '@nestjs/common';
 2 | import { AppService } from './app.service';
 3 | 
 4 | /**
 5 |  * App controller
 6 |  */
 7 | 
 8 | @Controller()
 9 | export class AppController {
10 |   /**
11 |    * @ignore
12 |    */
13 |   constructor(private readonly appService: AppService) {}
14 | 
15 |   /**
16 |    * Health check api
17 |    */
18 |   @Get()
19 |   getHello(): string {
20 |     return this.appService.getHello();
21 |   }
22 | }
23 | 


--------------------------------------------------------------------------------
/src/app.module.ts:
--------------------------------------------------------------------------------
 1 | import { Module, MiddlewareConsumer, RequestMethod } from '@nestjs/common';
 2 | import { JwtModule } from '@nestjs/jwt';
 3 | import { TypeOrmModule } from '@nestjs/typeorm';
 4 | 
 5 | import { WinstonModule } from 'nest-winston';
 6 | import { loggerConf } from './logger';
 7 | import { APP_INTERCEPTOR } from '@nestjs/core';
 8 | 
 9 | import { SharedModule } from './shared/shared.module';
10 | import { UtilsModule } from './utils/utils.module';
11 | import { AuthModule } from './auth/auth.module';
12 | import { UserModule } from './user/user.module';
13 | 
14 | import { JwtTokenMiddleware, LoggerInterceptor } from './utils';
15 | 
16 | import { AppController } from './app.controller';
17 | import { AppService } from './app.service';
18 | import * as ormConfig from './orm.config';
19 | 
20 | @Module({
21 |   imports: [
22 |     TypeOrmModule.forRoot(ormConfig),
23 |     JwtModule.register({
24 |       secret: process.env.JWT_SECRET,
25 |       signOptions: { expiresIn: '60s' },
26 |     }),
27 |     WinstonModule.forRoot(loggerConf),
28 |     AuthModule,
29 |     UserModule,
30 |     SharedModule,
31 |     UtilsModule,
32 |   ],
33 |   controllers: [AppController],
34 |   providers: [
35 |     AppService,
36 |     {
37 |       provide: APP_INTERCEPTOR,
38 |       useClass: LoggerInterceptor,
39 |     },
40 |   ],
41 | })
42 | export class AppModule {
43 |   configure(consumer: MiddlewareConsumer) {
44 |     consumer
45 |       .apply(JwtTokenMiddleware)
46 |       .forRoutes({ path: '*', method: RequestMethod.ALL });
47 |   }
48 | }
49 | 


--------------------------------------------------------------------------------
/src/app.service.ts:
--------------------------------------------------------------------------------
 1 | import { Injectable } from '@nestjs/common';
 2 | 
 3 | /**
 4 |  * App service
 5 |  */
 6 | @Injectable()
 7 | export class AppService {
 8 |   /**
 9 |    * Returns static "hello world"
10 |    */
11 |   getHello(): string {
12 |     return 'Hello World!';
13 |   }
14 | }
15 | 


--------------------------------------------------------------------------------
/src/auth/auth.module.ts:
--------------------------------------------------------------------------------
 1 | import { Module, forwardRef } from '@nestjs/common';
 2 | import { UserModule } from './../user/user.module';
 3 | import { AuthService } from './service/auth.service';
 4 | import { AuthController } from './controller/auth/auth.controller';
 5 | import { SharedModule } from './../shared/shared.module';
 6 | 
 7 | @Module({
 8 |   imports: [
 9 |     forwardRef(() => UserModule),
10 |     forwardRef(() => SharedModule),
11 |   ],
12 |   providers: [
13 |     AuthService,
14 |   ],
15 |   controllers: [
16 |     AuthController,
17 |   ],
18 | })
19 | export class AuthModule {}
20 | 


--------------------------------------------------------------------------------
/src/auth/controller/auth/auth.controller.spec.ts:
--------------------------------------------------------------------------------
  1 | import { Test, TestingModule } from '@nestjs/testing';
  2 | import { HttpStatus } from '@nestjs/common';
  3 | 
  4 | import { AuthController } from './auth.controller';
  5 | import { AuthService } from './../../service/auth.service';
  6 | 
  7 | import { CreateUserDto } from '../../../user';
  8 | import { LoginCredential } from './../../dto/login-credential.dto';
  9 | 
 10 | describe('Auth Controller', () => {
 11 |   let controller: AuthController;
 12 | 
 13 |   /**
 14 |    * Prepare mock data set
 15 |    */
 16 |   const mockUserData: CreateUserDto = {
 17 |     name: 'Joe',
 18 |     email: 'joe@example.com',
 19 |     password: '123456',
 20 |   };
 21 | 
 22 |   const mockCredential: LoginCredential = {
 23 |     email: mockUserData.email,
 24 |     password: mockUserData.password,
 25 |   };
 26 | 
 27 |   const mockUser = {
 28 |     id: 1,
 29 |     ...mockUserData,
 30 |   };
 31 | 
 32 |   const mockToken = {
 33 |     accessToken: 'bla bla',
 34 |   };
 35 | 
 36 |   const mockAuthService = {
 37 |     registerUser: () => {
 38 |       return Promise.resolve(mockUser);
 39 |     },
 40 | 
 41 |     login: () => {
 42 |       return Promise.resolve(mockToken);
 43 |     },
 44 |   };
 45 | 
 46 |   beforeEach(async () => {
 47 |     const module: TestingModule = await Test.createTestingModule({
 48 |       controllers: [AuthController],
 49 |       providers: [
 50 |         {
 51 |           provide: AuthService,
 52 |           useValue: mockAuthService,
 53 |         },
 54 |       ],
 55 |     }).compile();
 56 | 
 57 |     controller = module.get<AuthController>(AuthController);
 58 |   });
 59 | 
 60 |   it('should be defined', () => {
 61 |     expect(controller).toBeDefined();
 62 |   });
 63 | 
 64 |   describe('Register user', () => {
 65 | 
 66 |     afterEach(() => {
 67 |       jest.restoreAllMocks();
 68 |     });
 69 | 
 70 |     it('Should call registerUser service with right parameters', async () => {
 71 |       jest.spyOn(mockAuthService, 'registerUser');
 72 |       const user = await controller.register(mockUserData);
 73 |       expect(mockAuthService.registerUser).toBeCalledWith(mockUserData);
 74 |       expect(user).toEqual(mockUser);
 75 |     });
 76 | 
 77 |     it('Should handle service layer exception', async () => {
 78 | 
 79 |       jest.spyOn(mockAuthService, 'registerUser').mockImplementation(() => {
 80 |         throw new Error('Test error');
 81 |       });
 82 | 
 83 |       try {
 84 |         await controller.register(mockUserData);
 85 |         expect(true).toBeFalsy();
 86 |       } catch (error) {
 87 |         expect(error.message).toBe('Test error');
 88 |         expect(error.status).toBe(HttpStatus.BAD_REQUEST);
 89 |       }
 90 |     });
 91 |   });
 92 | 
 93 |   describe('Login user', () => {
 94 | 
 95 |     afterEach(() => {
 96 |       jest.restoreAllMocks();
 97 |     });
 98 | 
 99 |     it('Should call login service with right parameters', async () => {
100 |       jest.spyOn(mockAuthService, 'login');
101 |       const response = await controller.login(mockCredential);
102 |       expect(mockAuthService.login).toBeCalledWith(mockCredential);
103 |       expect(response).toEqual(mockToken);
104 |     });
105 | 
106 |     it('Should handle service layer exception', async () => {
107 | 
108 |       jest.spyOn(mockAuthService, 'login').mockImplementation(() => {
109 |         throw new Error('Test error');
110 |       });
111 | 
112 |       try {
113 |         await controller.login(mockCredential);
114 |         expect(true).toBeFalsy();
115 |       } catch (error) {
116 |         expect(error.message).toBe('Test error');
117 |         expect(error.status).toBe(HttpStatus.BAD_REQUEST);
118 |       }
119 |     });
120 |   });
121 | });
122 | 


--------------------------------------------------------------------------------
/src/auth/controller/auth/auth.controller.ts:
--------------------------------------------------------------------------------
 1 | import { Inject,  Controller, Post, Body, HttpStatus, HttpException, UseInterceptors, ClassSerializerInterceptor } from '@nestjs/common';
 2 | import { AuthService } from './../../service/auth.service';
 3 | import { CreateUserDto, User } from '../../../user';
 4 | import { LoginCredential } from './../../dto/login-credential.dto';
 5 | import { TokenDto } from './../../dto/token.dto';
 6 | import { RefreshTokenDto } from './../../dto/refresh-token.dto';
 7 | import { Logger } from 'winston';
 8 | 
 9 | /**
10 |  * Auth controller
11 |  */
12 | @Controller()
13 | export class AuthController {
14 | 
15 |   /**
16 |    * @ignore
17 |    */
18 |   constructor(
19 |     @Inject('winston')
20 |     private readonly logger: Logger,
21 |     private readonly service: AuthService,
22 |   ) { }
23 | 
24 |   /**
25 |    * Create new user
26 |    */
27 |   @Post('register')
28 |   @UseInterceptors(ClassSerializerInterceptor)
29 |   async register(
30 |     @Body() userDto: CreateUserDto,
31 |   ): Promise<User> {
32 |     try {
33 |       return await this.service.registerUser(userDto);
34 |     } catch (error) {
35 |       throw new HttpException(error.message, HttpStatus.BAD_REQUEST);
36 |     }
37 |   }
38 | 
39 |   /**
40 |    * Login users
41 |    */
42 |   @Post('login')
43 |   async login(
44 |     @Body() credential: LoginCredential,
45 |   ): Promise<TokenDto> {
46 |     try {
47 |       return await this.service.login(credential);
48 |     } catch (error) {
49 |       this.logger.warn('Login attempt failed', credential);
50 |       throw new HttpException(error.message, HttpStatus.BAD_REQUEST);
51 |     }
52 |   }
53 | 
54 |   /**
55 |    * Access token generation using refresh token
56 |    */
57 |   @Post('refresh-token')
58 |   async refreshToken(
59 |     @Body() token: RefreshTokenDto,
60 |   ): Promise<TokenDto> {
61 |     try {
62 |       return this.service.refreshToken(token);
63 |     } catch (error) {
64 |       this.logger.warn('Refresh token attempt failed', token);
65 |       throw new HttpException(error.message, HttpStatus.BAD_REQUEST);
66 |     }
67 |   }
68 | }
69 | 


--------------------------------------------------------------------------------
/src/auth/dto/login-credential.dto.ts:
--------------------------------------------------------------------------------
 1 | import {
 2 |   IsEmail,
 3 |   IsNotEmpty,
 4 |   MinLength,
 5 |   MaxLength,
 6 | } from 'class-validator';
 7 | import { ApiModelProperty } from '@nestjs/swagger';
 8 | 
 9 | /**
10 |  * Login credential body
11 |  */
12 | export class LoginCredential {
13 | 
14 |   /**
15 |    * User email
16 |    */
17 |   @IsEmail()
18 |   @IsNotEmpty()
19 |   @ApiModelProperty()
20 |   readonly email: string;
21 | 
22 |   /**
23 |    * 4-12 char long password
24 |    */
25 |   @MinLength(4)
26 |   @MaxLength(12)
27 |   @ApiModelProperty()
28 |   readonly password: string;
29 | }
30 | 


--------------------------------------------------------------------------------
/src/auth/dto/refresh-token.dto.ts:
--------------------------------------------------------------------------------
 1 | import { ApiModelProperty } from '@nestjs/swagger';
 2 | 
 3 | /**
 4 |  * RefreshToken dto
 5 |  */
 6 | export class RefreshTokenDto {
 7 |   /**
 8 |    * access token
 9 |    */
10 |   @ApiModelProperty()
11 |   readonly refreshToken: string;
12 | }
13 | 


--------------------------------------------------------------------------------
/src/auth/dto/token.dto.ts:
--------------------------------------------------------------------------------
 1 | 
 2 | /**
 3 |  * Login response dto
 4 |  */
 5 | export class TokenDto {
 6 |   /**
 7 |    * access token
 8 |    */
 9 |   readonly accessToken: string;
10 | 
11 |   /**
12 |    * refresh token
13 |    */
14 |   readonly refreshToken: string;
15 | }
16 | 


--------------------------------------------------------------------------------
/src/auth/service/auth.service.spec.ts:
--------------------------------------------------------------------------------
  1 | import { Test, TestingModule } from '@nestjs/testing';
  2 | import { AuthService } from './auth.service';
  3 | import { CreateUserDto, UserService } from '../../user';
  4 | import { LoginCredential } from './../dto/login-credential.dto';
  5 | 
  6 | import { JwtService } from '@nestjs/jwt';
  7 | import { HttpStatus } from '@nestjs/common';
  8 | 
  9 | describe('AuthService', () => {
 10 |   let service: AuthService;
 11 | 
 12 |   const mockUserData: CreateUserDto = {
 13 |     name: 'Joe',
 14 |     email: 'joe@example.com',
 15 |     password: '123456',
 16 |   };
 17 | 
 18 |   const mockCredential: LoginCredential = {
 19 |     email: mockUserData.email,
 20 |     password: mockUserData.password,
 21 |   };
 22 | 
 23 |   const mockUser = {
 24 |     id: 1,
 25 |     isActive: true,
 26 |     roles: ['user'],
 27 |     ...mockUserData,
 28 |   };
 29 | 
 30 |   const mockToken = {
 31 |     accessToken: 'bla bla',
 32 |   };
 33 | 
 34 |   const mockUserService = {
 35 |     createUser: () => Promise.resolve(mockUser),
 36 |     getUserByEmail: () => Promise.resolve(mockUser),
 37 |     checkPassword: () => Promise.resolve(true),
 38 |   };
 39 | 
 40 |   const mockJwtService = {
 41 |     sign: () => mockToken.accessToken,
 42 |   };
 43 | 
 44 |   beforeEach(async () => {
 45 |     const module: TestingModule = await Test.createTestingModule({
 46 |       providers: [
 47 |         AuthService,
 48 |         {
 49 |           provide: UserService,
 50 |           useValue: mockUserService,
 51 |         },
 52 |         {
 53 |           provide: JwtService,
 54 |           useValue: mockJwtService,
 55 |         },
 56 |       ],
 57 |     }).compile();
 58 | 
 59 |     service = module.get<AuthService>(AuthService);
 60 |   });
 61 | 
 62 |   it('should be defined', () => {
 63 |     expect(service).toBeDefined();
 64 |   });
 65 | 
 66 |   describe('Register user', () => {
 67 | 
 68 |     it('should call user service createUser', async () => {
 69 | 
 70 |       jest.spyOn(mockUserService, 'createUser');
 71 |       const user = await service.registerUser(mockUserData);
 72 | 
 73 |       expect(mockUserService.createUser).toBeCalledWith(mockUserData);
 74 |       expect(user).toEqual(mockUser);
 75 |     });
 76 |   });
 77 | 
 78 |   describe('Login user', () => {
 79 | 
 80 |     afterEach(() => {
 81 |       jest.restoreAllMocks();
 82 |     });
 83 | 
 84 |     it('should call user service getUserByEmail, checkPassword', async () => {
 85 | 
 86 |       jest.spyOn(mockUserService, 'getUserByEmail');
 87 |       jest.spyOn(mockUserService, 'checkPassword');
 88 | 
 89 |       const response = await service.login(mockCredential);
 90 | 
 91 |       expect(mockUserService.getUserByEmail).toBeCalledWith(mockCredential.email);
 92 |       expect(mockUserService.checkPassword).toBeCalledWith(mockUser, mockCredential.password);
 93 |     });
 94 | 
 95 |     it('should throw error when user not found', async () => {
 96 | 
 97 |       jest.spyOn(mockUserService, 'getUserByEmail')
 98 |         .mockImplementation(() => Promise.resolve(undefined));
 99 | 
100 |       try {
101 |         await service.login(mockCredential);
102 |         expect(true).toBeFalsy();
103 |       } catch (error) {
104 |         expect(error.message).toBe('Invalid credentials');
105 |         expect(error.status).toBe(HttpStatus.UNAUTHORIZED);
106 |       }
107 |     });
108 | 
109 |     it('should throw error when password mismatch', async () => {
110 | 
111 |       jest.spyOn(mockUserService, 'checkPassword')
112 |         .mockImplementation(() => Promise.resolve(false));
113 | 
114 |       try {
115 |         await service.login(mockCredential);
116 |         expect(true).toBeFalsy();
117 |       } catch (error) {
118 |         expect(error.message).toBe('Invalid credentials');
119 |         expect(error.status).toBe(HttpStatus.UNAUTHORIZED);
120 |       }
121 |     });
122 | 
123 |     it('should throw error when user is inactive', async () => {
124 | 
125 |       jest.spyOn(mockUserService, 'getUserByEmail')
126 |         .mockImplementation(() => Promise.resolve({
127 |           ...mockUser,
128 |           isActive: false,
129 |         }));
130 | 
131 |       try {
132 |         await service.login(mockCredential);
133 |         expect(true).toBeFalsy();
134 |       } catch (error) {
135 |         expect(error.message).toBe('Inactive user');
136 |         expect(error.status).toBe(HttpStatus.UNAUTHORIZED);
137 |       }
138 |     });
139 | 
140 |     it('should call jwt sign with right params', async () => {
141 | 
142 |       jest.spyOn(mockJwtService, 'sign');
143 |       await service.login(mockCredential);
144 | 
145 |       expect(mockJwtService.sign).toHaveBeenCalledWith(expect.objectContaining({
146 |         email  : mockUser.email,
147 |         roles  : mockUser.roles,
148 |         userId : mockUser.id,
149 |       }));
150 |     });
151 |   });
152 | });
153 | 


--------------------------------------------------------------------------------
/src/auth/service/auth.service.ts:
--------------------------------------------------------------------------------
  1 | import { Injectable, Inject, forwardRef, HttpException, HttpStatus } from '@nestjs/common';
  2 | import { User, CreateUserDto, UserService } from '../../user';
  3 | import { LoginCredential } from '../dto/login-credential.dto';
  4 | import { TokenDto } from './../dto/token.dto';
  5 | import { RefreshTokenDto } from './../dto/refresh-token.dto';
  6 | import { JwtService } from '@nestjs/jwt';
  7 | 
  8 | /**
  9 |  * Auth service
 10 |  */
 11 | @Injectable()
 12 | export class AuthService {
 13 | 
 14 |   /**
 15 |    * @ignore
 16 |    */
 17 |   constructor(
 18 |     @Inject(forwardRef(() => UserService))
 19 |     private readonly userService: UserService,
 20 | 
 21 |     private readonly jwtService: JwtService,
 22 |   ) { }
 23 | 
 24 |   /**
 25 |    * register user
 26 |    */
 27 |   async registerUser(userData: CreateUserDto): Promise<User> {
 28 |     return this.userService.createUser(userData);
 29 |   }
 30 | 
 31 |   /**
 32 |    * login user
 33 |    */
 34 |   async login(credential: LoginCredential): Promise<TokenDto> {
 35 | 
 36 |     const user = await this.userService.getUserByEmail(credential.email);
 37 | 
 38 |     if (!user) {
 39 |       throw new Error('Invalid credentials');
 40 |     }
 41 | 
 42 |     const isMatched = await this.userService.checkPassword(user, credential.password);
 43 | 
 44 |     if (!isMatched) {
 45 |       throw new Error('Invalid credentials');
 46 |     }
 47 | 
 48 |     if (!user.isActive) {
 49 |       throw new Error('Inactive user');
 50 |     }
 51 | 
 52 |     const authToken: TokenDto = this.generateAuthToken(user);
 53 |     return Promise.resolve(authToken);
 54 |   }
 55 | 
 56 |   /**
 57 |    * refresh token
 58 |    */
 59 |   async refreshToken(token: RefreshTokenDto): Promise<TokenDto> {
 60 | 
 61 |     let payload: any;
 62 | 
 63 |     try {
 64 |       payload = this.jwtService.verify(token.refreshToken);
 65 |     } catch (error) {
 66 |       throw new Error('Invalid refresh token');
 67 |     }
 68 | 
 69 |     const { userId, type } = payload;
 70 | 
 71 |     if (type !== 'refresh') {
 72 |       throw new Error('Wrong token type');
 73 |     }
 74 | 
 75 |     const user = await this.userService.getUserById(userId);
 76 | 
 77 |     if (!user) {
 78 |       throw new Error('Invalid user');
 79 |     }
 80 | 
 81 |     if (!user.isActive) {
 82 |       throw new Error('Inactive user');
 83 |     }
 84 | 
 85 |     const authToken = this.generateAuthToken(user);
 86 |     return Promise.resolve(authToken);
 87 |   }
 88 | 
 89 |   /**
 90 |    * Generate Auth Token
 91 |    * @param user
 92 |    */
 93 |   private generateAuthToken(user: User): TokenDto {
 94 | 
 95 |     const accessToken = this.jwtService.sign({
 96 |       sub: () => user.email,
 97 |       type: 'access',
 98 |       email: user.email,
 99 |       roles: user.roles,
100 |       userId: user.id,
101 |     });
102 | 
103 |     const refreshToken = this.jwtService.sign({
104 |       sub: () => user.email,
105 |       type: 'refresh',
106 |       userId: user.id,
107 |     });
108 | 
109 |     return { accessToken, refreshToken };
110 |   }
111 | }
112 | 


--------------------------------------------------------------------------------
/src/logger.ts:
--------------------------------------------------------------------------------
 1 | import * as winston from 'winston';
 2 | 
 3 | const NODE_ENV = process.env.NODE_ENV || 'development';
 4 | 
 5 | export const loggerConf = {
 6 |   format: winston.format.prettyPrint({
 7 |     colorize: true,
 8 |     depth: 2,
 9 |   }),
10 |   transports: [
11 |     new winston.transports.Console({
12 |       consoleWarnLevels: ['info', 'warn', 'error'],
13 |     }),
14 |   ],
15 | };
16 | 


--------------------------------------------------------------------------------
/src/main.ts:
--------------------------------------------------------------------------------
 1 | import { NestFactory } from '@nestjs/core';
 2 | import { AppModule } from './app.module';
 3 | import { ValidationPipe } from '@nestjs/common';
 4 | import { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';
 5 | 
 6 | /**
 7 |  * @ignore
 8 |  */
 9 | async function bootstrap() {
10 |   const app = await NestFactory.create(AppModule);
11 | 
12 |   const options = new DocumentBuilder()
13 |     .setTitle('Nest jwt starte')
14 |     .setDescription('Jwt project started with nest js')
15 |     .setVersion('1.0')
16 |     .addBearerAuth('Authorization', 'header')
17 |     .addTag('jwt')
18 |     .build();
19 | 
20 |   const document = SwaggerModule.createDocument(app, options);
21 |   SwaggerModule.setup('api', app, document);
22 | 
23 |   const logger = app.get('NestWinston');
24 |   app.useLogger(logger);
25 | 
26 |   /**
27 |    * Validation pipe transform json body
28 |    * to dto class & checks validity
29 |    */
30 |   app.useGlobalPipes(new ValidationPipe({ transform: true }));
31 |   await app.listen(3000);
32 | }
33 | bootstrap();
34 | 


--------------------------------------------------------------------------------
/src/migrations/1567653805565-createUsers.ts:
--------------------------------------------------------------------------------
 1 | import {MigrationInterface, QueryRunner} from "typeorm";
 2 | 
 3 | export class createUsers1567653805565 implements MigrationInterface {
 4 | 
 5 |     public async up(queryRunner: QueryRunner): Promise<any> {
 6 |         await queryRunner.query("CREATE TABLE `user` (`id` int NOT NULL AUTO_INCREMENT, `name` varchar(100) NOT NULL, `email` varchar(320) NOT NULL, `password` varchar(100) NOT NULL, `is_active` tinyint NOT NULL, `roles` text NOT NULL, `created_at` datetime(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6), `updated_at` datetime(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6), UNIQUE INDEX `email` (`email`), PRIMARY KEY (`id`)) ENGINE=InnoDB");
 7 |     }
 8 | 
 9 |     public async down(queryRunner: QueryRunner): Promise<any> {
10 |         await queryRunner.query("DROP INDEX `email` ON `user`");
11 |         await queryRunner.query("DROP TABLE `user`");
12 |     }
13 | 
14 | }
15 | 


--------------------------------------------------------------------------------
/src/orm.config.ts:
--------------------------------------------------------------------------------
 1 | import { ConnectionOptions } from 'typeorm';
 2 | 
 3 | const config: ConnectionOptions = {
 4 |   type: 'mysql',
 5 |   host: process.env.DB_HOST,
 6 |   port: process.env.DB_PORT ? parseInt(process.env.DB_PORT, 10) : null,
 7 |   username: process.env.DB_USER,
 8 |   password: process.env.DB_PASS,
 9 |   database: process.env.DB_NAME,
10 |   entities: [__dirname + '/**/**/*.entity{.ts,.js}'],
11 |   migrations: [__dirname + '/migrations/**/*{.ts,.js}'],
12 |   migrationsTableName: 'migrations',
13 |   migrationsRun: false,
14 |   cli: {
15 |     entitiesDir: 'src',
16 |     migrationsDir: 'src/migrations',
17 |   },
18 |   synchronize: process.env.NODE_ENV === 'development' ? true: false,
19 |   debug: true,
20 | };
21 | 
22 | export = config;
23 | 


--------------------------------------------------------------------------------
/src/shared/shared.module.ts:
--------------------------------------------------------------------------------
 1 | import { Module } from '@nestjs/common';
 2 | import { JwtModule } from '@nestjs/jwt';
 3 | 
 4 | @Module({
 5 |   imports: [
 6 |     JwtModule.register({
 7 |       secret: process.env.JWT_SECRET,
 8 |       signOptions: { expiresIn: '60m' },
 9 |     }),
10 |   ],
11 |   exports: [
12 |     JwtModule,
13 |   ],
14 | })
15 | export class SharedModule {}
16 | 


--------------------------------------------------------------------------------
/src/user/controller/user/user.controller.spec.ts:
--------------------------------------------------------------------------------
 1 | import { Test, TestingModule } from '@nestjs/testing';
 2 | import { UserController } from './user.controller';
 3 | import { UserService } from './../../service/user.service';
 4 | 
 5 | describe('User Controller', () => {
 6 |   let controller: UserController;
 7 | 
 8 |   beforeEach(async () => {
 9 |     const module: TestingModule = await Test.createTestingModule({
10 |       controllers: [UserController],
11 |       providers: [
12 |         {
13 |           provide: UserService,
14 |           useValue: {},
15 |         },
16 |       ],
17 |     }).compile();
18 | 
19 |     controller = module.get<UserController>(UserController);
20 |   });
21 | 
22 |   it('should be defined', () => {
23 |     expect(controller).toBeDefined();
24 |   });
25 | });
26 | 


--------------------------------------------------------------------------------
/src/user/controller/user/user.controller.ts:
--------------------------------------------------------------------------------
 1 | import {
 2 |   Get,
 3 |   UseGuards,
 4 |   Controller,
 5 |   HttpStatus,
 6 |   HttpException,
 7 |   UseInterceptors,
 8 |   ClassSerializerInterceptor,
 9 | } from '@nestjs/common';
10 | import { ApiBearerAuth } from '@nestjs/swagger';
11 | 
12 | import { User } from './../../entity/user.entity';
13 | import { UserService } from './../../service/user.service';
14 | import { IAuthUser, AuthUser, RolesGuard, Roles } from './../../../utils';
15 | 
16 | /**
17 |  * User controller
18 |  */
19 | @Controller('user')
20 | export class UserController {
21 | 
22 |   /**
23 |    * @ignore
24 |    */
25 |   constructor(
26 |     private readonly service: UserService,
27 |   ) {}
28 | 
29 |   /**
30 |    * logged in user's profile
31 |    */
32 |   @Get('/me')
33 |   @ApiBearerAuth()
34 |   @UseGuards(RolesGuard)
35 |   @Roles('user', 'admin')
36 |   @UseInterceptors(ClassSerializerInterceptor)
37 |   async getMe(
38 |     @AuthUser() user: IAuthUser,
39 |   ): Promise<User> {
40 |     try {
41 |       return await this.service.getUserByEmail(user.email);
42 |     } catch (error) {
43 |       throw new HttpException(error.message, HttpStatus.BAD_REQUEST);
44 |     }
45 |   }
46 | 
47 |   /**
48 |    * Get all user list
49 |    */
50 |   @Get()
51 |   @ApiBearerAuth()
52 |   @UseGuards(RolesGuard)
53 |   @Roles('admin')
54 |   @UseInterceptors(ClassSerializerInterceptor)
55 |   async getAllUser(): Promise<User[]> {
56 |     try {
57 |       return await this.service.getAllUsers();
58 |     } catch (error) {
59 |       throw new HttpException(error.message, HttpStatus.BAD_REQUEST);
60 |     }
61 |   }
62 | }
63 | 


--------------------------------------------------------------------------------
/src/user/dto/create-user.dto.ts:
--------------------------------------------------------------------------------
 1 | import {
 2 |   MaxLength,
 3 |   MinLength,
 4 |   IsEmail,
 5 |   IsNotEmpty,
 6 | } from 'class-validator';
 7 | import { ApiModelProperty } from '@nestjs/swagger';
 8 | 
 9 | /**
10 |  * User create/ registration dto
11 |  */
12 | export class CreateUserDto {
13 | 
14 |   /**
15 |    * user name
16 |    */
17 |   @IsNotEmpty()
18 |   @MaxLength(100)
19 |   @ApiModelProperty()
20 |   readonly name: string;
21 | 
22 |   /**
23 |    * user email
24 |    */
25 |   @IsEmail()
26 |   @IsNotEmpty()
27 |   @MaxLength(320)
28 |   @ApiModelProperty()
29 |   readonly email: string;
30 | 
31 |   /**
32 |    * user 4-12 char long password
33 |    */
34 |   @MinLength(4)
35 |   @MaxLength(12)
36 |   @ApiModelProperty({
37 |     minLength: 4,
38 |     maxLength: 12,
39 |   })
40 |   readonly password: string;
41 | }
42 | 


--------------------------------------------------------------------------------
/src/user/entity/user.entity.ts:
--------------------------------------------------------------------------------
 1 | import {
 2 |   Entity,
 3 |   Column,
 4 |   CreateDateColumn,
 5 |   UpdateDateColumn,
 6 |   PrimaryGeneratedColumn,
 7 |   Unique } from 'typeorm';
 8 | import { Exclude } from 'class-transformer';
 9 | 
10 | export type UserRole = 'admin' | 'user';
11 | 
12 | /**
13 |  * User entity
14 |  */
15 | @Entity()
16 | export class User {
17 | 
18 |   /**
19 |    * Primary key id
20 |    */
21 |   @PrimaryGeneratedColumn()
22 |   id: number;
23 | 
24 |   /**
25 |    * name
26 |    */
27 |   @Column({ length: 100, nullable: false })
28 |   name: string;
29 | 
30 |   /**
31 |    * email
32 |    */
33 |   @Unique('email', ['email'])
34 |   @Column({ length: 320, nullable: false })
35 |   email: string;
36 | 
37 |   /**
38 |    * password
39 |    */
40 |   @Exclude()
41 |   @Column({ length: 100, nullable: false })
42 |   password: string;
43 | 
44 |   /**
45 |    * user activation status
46 |    */
47 |   @Column({ name: 'is_active' })
48 |   isActive: boolean;
49 | 
50 |   /**
51 |    * user roles: admin, user
52 |    */
53 |   @Column('simple-array')
54 |   roles: UserRole[];
55 | 
56 |   /**
57 |    * created at
58 |    */
59 |   @Exclude()
60 |   @CreateDateColumn({ name: 'created_at' })
61 |   createdAt: Date;
62 | 
63 |   /**
64 |    * updated at
65 |    */
66 |   @Exclude()
67 |   @UpdateDateColumn({ name: 'updated_at' })
68 |   updatedAt: Date;
69 | }
70 | 


--------------------------------------------------------------------------------
/src/user/index.ts:
--------------------------------------------------------------------------------
1 | export * from './dto/create-user.dto';
2 | export * from './entity/user.entity';
3 | export * from './repository/user.repository';
4 | export * from './service/user.service';
5 | 


--------------------------------------------------------------------------------
/src/user/repository/user.repository.ts:
--------------------------------------------------------------------------------
1 | import { Repository, EntityRepository } from 'typeorm';
2 | import { User } from '../entity/user.entity';
3 | 
4 | /**
5 |  * User repository class
6 |  */
7 | @EntityRepository(User)
8 | export class UserRepository extends Repository<User> {}
9 | 


--------------------------------------------------------------------------------
/src/user/service/user.service.spec.ts:
--------------------------------------------------------------------------------
 1 | import { Test, TestingModule } from '@nestjs/testing';
 2 | import { UserService } from './user.service';
 3 | import { User } from './../entity/user.entity';
 4 | import { getRepositoryToken } from '@nestjs/typeorm';
 5 | 
 6 | describe('UserService', () => {
 7 |   let service: UserService;
 8 | 
 9 |   beforeEach(async () => {
10 |     const module: TestingModule = await Test.createTestingModule({
11 |       providers: [
12 |         UserService,
13 |         {
14 |           provide: getRepositoryToken(User),
15 |           useValue: {},
16 |         },
17 |       ],
18 |     }).compile();
19 | 
20 |     service = module.get<UserService>(UserService);
21 |   });
22 | 
23 |   it('should be defined', () => {
24 |     expect(service).toBeDefined();
25 |   });
26 | });
27 | 


--------------------------------------------------------------------------------
/src/user/service/user.service.ts:
--------------------------------------------------------------------------------
 1 | import { Injectable } from '@nestjs/common';
 2 | import { Repository } from 'typeorm';
 3 | import { InjectRepository } from '@nestjs/typeorm';
 4 | import { User } from '../entity/user.entity';
 5 | import { CreateUserDto } from '../dto/create-user.dto';
 6 | import * as bcrypt from 'bcryptjs';
 7 | 
 8 | /**
 9 |  * User service
10 |  */
11 | @Injectable()
12 | export class UserService {
13 | 
14 |   /**
15 |    * @ignore
16 |    */
17 |   constructor(
18 |     @InjectRepository(User)
19 |     private readonly userRepository: Repository<User>,
20 |   ) {}
21 | 
22 |   /**
23 |    * create user
24 |    */
25 |   async createUser(userData: CreateUserDto ): Promise<User> {
26 |     const user    = new User();
27 |     user.name     = userData.name;
28 |     user.email    = userData.email;
29 |     user.roles    = ['user'];
30 |     user.isActive = true;
31 |     user.password = await this.hashPassword(userData.password);
32 | 
33 |     try {
34 |       return this.userRepository.save(user);
35 |     } catch (error) {
36 |       // process email duplicate err msg
37 |       if (error.code === 'ER_DUP_ENTRY') {
38 |         throw new Error(`user already exists with email ${user.name}`);
39 |       }
40 | 
41 |       throw error;
42 |     }
43 |   }
44 | 
45 |   /**
46 |    * get user by id
47 |    */
48 |   getUserById(id: number): Promise<User> {
49 |     return this.userRepository.findOne(id);
50 |   }
51 | 
52 |   /**
53 |    * get user by email
54 |    */
55 |   getUserByEmail(email): Promise<User> {
56 |     return this.userRepository.findOne({ email });
57 |   }
58 | 
59 |   getAllUsers(): Promise<User[]> {
60 |     return this.userRepository.find();
61 |   }
62 | 
63 |   /**
64 |    * encrypt password
65 |    */
66 |   hashPassword(password: string): Promise<string> {
67 |     return new Promise((resolve, reject) => {
68 |       bcrypt.genSalt(10, (err, salt) => {
69 |         if (err) {
70 |           return reject(null);
71 |         }
72 | 
73 |         bcrypt.hash(password, salt, (err2, hash) => {
74 |           return err2 ? reject(null) : resolve(hash);
75 |         });
76 |       });
77 |     });
78 |   }
79 | 
80 |   /**
81 |    * compare user password hash
82 |    */
83 |   checkPassword(user: User, password: string): Promise<boolean> {
84 |     return new Promise((resolve, reject) => {
85 |       bcrypt.compare(password, user.password, (error, ok) => {
86 |         return (error || !ok) ? resolve(false) : resolve(true);
87 |       });
88 |     });
89 |   }
90 | 
91 | }
92 | 


--------------------------------------------------------------------------------
/src/user/user.module.ts:
--------------------------------------------------------------------------------
 1 | import { Module } from '@nestjs/common';
 2 | import { TypeOrmModule } from '@nestjs/typeorm';
 3 | import { User } from './entity/user.entity';
 4 | import { UserService } from './service/user.service';
 5 | import { UserRepository } from './repository/user.repository';
 6 | import { UserController } from './controller/user/user.controller';
 7 | 
 8 | @Module({
 9 |   imports: [
10 |     TypeOrmModule.forFeature([
11 |       User,
12 |       UserRepository,
13 |     ]),
14 |   ],
15 |   exports: [
16 |     UserService,
17 |   ],
18 |   providers: [
19 |     UserService,
20 |   ],
21 |   controllers: [UserController],
22 | })
23 | export class UserModule {}
24 | 


--------------------------------------------------------------------------------
/src/utils/decorator/auth-user.decorator.spec.ts:
--------------------------------------------------------------------------------
 1 | import { AuthUser } from './auth-user.decorator';
 2 | import { ROUTE_ARGS_METADATA } from '@nestjs/common/constants';
 3 | import { AuthUserFn } from './auth-user.decorator';
 4 | 
 5 | describe('@AuthUser', () => {
 6 | 
 7 |   it('should return request user', () => {
 8 |     const mockReq = {
 9 |       locals: {
10 |         user : {
11 |           email: 'hello@example.com',
12 |         },
13 |       },
14 |     };
15 | 
16 |     expect(AuthUserFn(null, mockReq)).toBe(mockReq.locals.user);
17 |   });
18 | 
19 |   it('should return null when request has no user', () => {
20 |     expect(AuthUserFn(null, {})).toBe(null);
21 |   });
22 | });
23 | 


--------------------------------------------------------------------------------
/src/utils/decorator/auth-user.decorator.ts:
--------------------------------------------------------------------------------
 1 | import { createParamDecorator } from '@nestjs/common';
 2 | import { IAuthUser } from '../interface/user';
 3 | 
 4 | /**
 5 |  * AuthUser decorator factory
 6 |  */
 7 | export const AuthUserFn = (_, req: any) => {
 8 |   const user = req && req.locals && req.locals.user;
 9 |   return user ? user : null;
10 | };
11 | 
12 | /**
13 |  * AuthUser decorator, returns authenticated user from request body
14 |  *
15 |  * <example-url>/controllers/UserController.html#source</example-url>
16 |  */
17 | export const AuthUser = createParamDecorator(AuthUserFn);
18 | 


--------------------------------------------------------------------------------
/src/utils/decorator/roles.decorator.ts:
--------------------------------------------------------------------------------
1 | import { SetMetadata } from '@nestjs/common';
2 | /**
3 |  * Decorator to set required user role as meta data
4 |  */
5 | export const Roles = (...roles: string[]) => SetMetadata('roles', roles);
6 | 


--------------------------------------------------------------------------------
/src/utils/guard/is-role-user/is-role-user.guard.ts:
--------------------------------------------------------------------------------
 1 | import { Injectable, CanActivate, ExecutionContext } from '@nestjs/common';
 2 | import { Reflector } from '@nestjs/core';
 3 | 
 4 | /**
 5 |  * Role based auth guard
 6 |  */
 7 | @Injectable()
 8 | export class RolesGuard implements CanActivate {
 9 | 
10 |   /**
11 |    * @ignore
12 |    */
13 |   constructor(private readonly reflector: Reflector) {}
14 | 
15 |   /**
16 |    * @ignore
17 |    */
18 |   canActivate(context: ExecutionContext): boolean {
19 |     const roles = this.reflector.get<string[]>('roles', context.getHandler());
20 | 
21 |     if (!roles) {
22 |       return true;
23 |     }
24 | 
25 |     const request = context.switchToHttp().getRequest();
26 |     const user    = request.locals.user;
27 | 
28 |     const hasRole = () => user.roles.find((role) => roles.includes(role));
29 |     return user && user.roles && hasRole();
30 |   }
31 | }
32 | 


--------------------------------------------------------------------------------
/src/utils/guard/is-user/is-user.guard.ts:
--------------------------------------------------------------------------------
 1 | import { CanActivate, ExecutionContext, Injectable, HttpStatus, HttpException } from '@nestjs/common';
 2 | 
 3 | /**
 4 |  * Auth guard for user
 5 |  */
 6 | @Injectable()
 7 | export class IsUser implements CanActivate {
 8 | 
 9 |   /**
10 |    * @ignore
11 |    */
12 |   canActivate(
13 |     context: ExecutionContext,
14 |   ): Promise<boolean> {
15 | 
16 |     const user = this.getContextUser(context);
17 | 
18 |     if (!user) {
19 |       throw new HttpException('User not found', HttpStatus.UNAUTHORIZED);
20 |     }
21 | 
22 |     return Promise.resolve(true);
23 |   }
24 | 
25 |   /**
26 |    * get context user from req
27 |    */
28 |   protected getContextUser(context: ExecutionContext) {
29 |     const request = context.switchToHttp().getRequest();
30 |     return request.locals.user;
31 |   }
32 | }
33 | 


--------------------------------------------------------------------------------
/src/utils/index.ts:
--------------------------------------------------------------------------------
1 | export * from './interface/user';
2 | export * from './middleware/jwt-token.middleware';
3 | export * from './decorator/auth-user.decorator';
4 | export * from './guard/is-role-user/is-role-user.guard';
5 | export * from './guard/is-user/is-user.guard';
6 | export * from './decorator/roles.decorator';
7 | export * from './interceptor/logger.interceptor';
8 | 


--------------------------------------------------------------------------------
/src/utils/interceptor/logger.interceptor.spec.ts:
--------------------------------------------------------------------------------
1 | import { LoggerInterceptor } from './logger.interceptor';
2 | 
3 | describe('LoggerInterceptor', () => {
4 |   it('should be defined', () => {
5 |     expect(new LoggerInterceptor()).toBeDefined();
6 |   });
7 | });
8 | 


--------------------------------------------------------------------------------
/src/utils/interceptor/logger.interceptor.ts:
--------------------------------------------------------------------------------
 1 | import {
 2 |   Inject,
 3 |   Injectable,
 4 |   CallHandler,
 5 |   NestInterceptor,
 6 |   ExecutionContext,
 7 | } from '@nestjs/common';
 8 | 
 9 | import { Logger } from 'winston';
10 | import { Observable } from 'rxjs';
11 | import { tap } from 'rxjs/operators';
12 | import { ServerResponse, IncomingMessage } from 'http';
13 | 
14 | @Injectable()
15 | export class LoggerInterceptor implements NestInterceptor {
16 | 
17 |   constructor(
18 |     @Inject('winston')
19 |     private readonly logger: Logger,
20 |   ) { }
21 | 
22 |   intercept(context: ExecutionContext, next: CallHandler): Observable<any> {
23 |     const start = Date.now();
24 |     const http = context.switchToHttp();
25 | 
26 |     const request: IncomingMessage = http.getRequest();
27 |     const response: ServerResponse = http.getResponse();
28 |     return next
29 |       .handle()
30 |       .pipe(
31 |         tap(() => {
32 |           const end = Date.now();
33 |           const metadata = {
34 |             'time': `${end - start} ms`,
35 |             'timestamp': start.toString(),
36 |             'host' : request.headers.host,
37 |             'origin': request.headers.origin,
38 |             'referer': request.headers.referer,
39 |             'user-agent' : request.headers['user-agent'],
40 |           };
41 |           this.logger.info(`req: ${request.method} ${request.url} res: ${response.statusCode}`, { metadata });
42 |         }),
43 |       );
44 |   }
45 | }
46 | 


--------------------------------------------------------------------------------
/src/utils/interface/user.ts:
--------------------------------------------------------------------------------
 1 | 
 2 | /**
 3 |  * type user roles
 4 |  */
 5 | export type UserRole =  'user' | 'admin';
 6 | 
 7 | /**
 8 |  * Auth user interface
 9 |  */
10 | export interface IAuthUser {
11 |   /**
12 |    * usre id
13 |    */
14 |   id: number;
15 | 
16 |   /**
17 |    * user email
18 |    */
19 |   email: string;
20 | 
21 |   /**
22 |    * optional user name
23 |    */
24 |   name ?: string;
25 | 
26 |   /**
27 |    * user roles array
28 |    */
29 |   roles: [UserRole];
30 | }
31 | 


--------------------------------------------------------------------------------
/src/utils/middleware/jwt-token.middleware.spec.ts:
--------------------------------------------------------------------------------
  1 | import { Test, TestingModule } from '@nestjs/testing';
  2 | import { JwtTokenMiddleware } from './jwt-token.middleware';
  3 | import { JwtService } from '@nestjs/jwt';
  4 | 
  5 | describe('JwtTokenUserMiddleware', () => {
  6 | 
  7 |   let service: JwtTokenMiddleware;
  8 |   let mockReq;
  9 |   let mockRes;
 10 |   let mockNext;
 11 | 
 12 |   beforeEach(async () => {
 13 |     const module: TestingModule = await Test.createTestingModule({
 14 |       providers: [
 15 |         JwtTokenMiddleware,
 16 |         {
 17 |           provide: JwtService,
 18 |           useValue: {},
 19 |         },
 20 |       ],
 21 |     }).compile();
 22 | 
 23 |     service = module.get<JwtTokenMiddleware>(JwtTokenMiddleware);
 24 |   });
 25 | 
 26 |   it('should be defined', () => {
 27 |     expect(service).toBeDefined();
 28 |   });
 29 | 
 30 |   describe('JwtTokenUserMiddleware.use method', () => {
 31 | 
 32 |     beforeEach(() => {
 33 |       mockReq  = {};
 34 |       mockRes  = {};
 35 |       mockNext = () => { /* do nothing */ };
 36 |     });
 37 | 
 38 |     it('should call getBearerToken with request', () => {
 39 |       const mockFn  = jest.spyOn<any, string>(service, 'getBearerToken');
 40 |       service.use(mockReq, mockRes, mockNext);
 41 |       expect(mockFn).toBeCalledWith(mockReq);
 42 |     });
 43 |   });
 44 | 
 45 |   describe('JwtTokenUserMiddleware.getBearerToken method', () => {
 46 | 
 47 |     beforeEach(() => {
 48 |       mockReq  = {};
 49 |       mockRes  = {};
 50 |       mockNext = () => { /* do nothing */ };
 51 |     });
 52 | 
 53 |     it('should fetch bearer token from request header', () => {
 54 |       mockReq = {
 55 |         headers: {
 56 |           authorization: 'bearer mock-token',
 57 |         },
 58 |       };
 59 |       const mockFn = jest.spyOn<any, string>(service, 'getBearerToken');
 60 |       service.use(mockReq, mockRes, mockNext);
 61 |       const result = mockFn.mock.results[0];
 62 |       expect(result.value).toEqual('mock-token');
 63 |     });
 64 | 
 65 |     it('should return null when token not exists in request header', () => {
 66 |       mockReq = {
 67 |         headers: {},
 68 |       };
 69 |       const mockFn = jest.spyOn<any, string>(service, 'getBearerToken');
 70 |       service.use(mockReq, mockRes, mockNext);
 71 |       const result = mockFn.mock.results[0];
 72 |       expect(result.value).toEqual(null);
 73 |     });
 74 |   });
 75 | 
 76 |   describe('JwtTokenUserMiddleware.getBearerToken method', () => {
 77 | 
 78 |     beforeEach(() => {
 79 |       mockReq  = {};
 80 |       mockRes  = {};
 81 |       mockNext = () => { /* do nothing */ };
 82 |     });
 83 | 
 84 |     it('should fetch bearer token from request header', () => {
 85 |       mockReq = {
 86 |         headers: {
 87 |           authorization: 'bearer mock-token',
 88 |         },
 89 |       };
 90 |       const mockFn = jest.spyOn<any, string>(service, 'getBearerToken');
 91 |       service.use(mockReq, mockRes, mockNext);
 92 |       const result = mockFn.mock.results[0];
 93 |       expect(result.value).toEqual('mock-token');
 94 |     });
 95 | 
 96 |     it('should return null when token not exists in request header', () => {
 97 |       mockReq = {
 98 |         headers: {},
 99 |       };
100 |       const mockFn = jest.spyOn<any, string>(service, 'getBearerToken');
101 |       service.use(mockReq, mockRes, mockNext);
102 |       const result = mockFn.mock.results[0];
103 |       expect(result.value).toEqual(null);
104 |     });
105 |   });
106 | 
107 | });
108 | 


--------------------------------------------------------------------------------
/src/utils/middleware/jwt-token.middleware.ts:
--------------------------------------------------------------------------------
 1 | import { Injectable, NestMiddleware } from '@nestjs/common';
 2 | import * as jwt from 'jsonwebtoken';
 3 | import { JwtService } from '@nestjs/jwt';
 4 | 
 5 | /**
 6 |  * JWT token middle wire
 7 |  *
 8 |  * decode & verify authorization bearer token and
 9 |  * inject as req user
10 |  */
11 | @Injectable()
12 | export class JwtTokenMiddleware implements NestMiddleware {
13 | 
14 |   /**
15 |    * @ignore
16 |    */
17 |   constructor(
18 |     protected readonly jwtService: JwtService,
19 |   ) { }
20 | 
21 |   /**
22 |    * @ignore
23 |    */
24 |   async use(req: any, res: any, next: () => void) {
25 | 
26 |     req.locals = req.locals || {};
27 |     req.locals.user = null;
28 | 
29 |     const token: string = this.getBearerToken(req);
30 |     if (token) {
31 |       const isTokenValid: boolean = this.verifyToken(token);
32 | 
33 |       if (isTokenValid) {
34 |         const payload: any = this.getTokenPayload(token);
35 |         req.locals.user = {
36 |           id    : payload.userId,
37 |           email : payload.email,
38 |           roles : payload.roles,
39 |         };
40 |       }
41 |     }
42 | 
43 |     next();
44 |   }
45 | 
46 |   /**
47 |    * Decode given jwt token and returns token payload
48 |    */
49 |   private getTokenPayload(token: string): any {
50 |     const decodedToken: any = jwt.decode(token, { complete: true });
51 |     return decodedToken.payload;
52 |   }
53 | 
54 |   /**
55 |    * verify token
56 |    */
57 |   private verifyToken(token: string): boolean {
58 |     return !!this.jwtService.verify(token);
59 |   }
60 | 
61 |   /**
62 |    * returns bearer header authorization token from request object
63 |    */
64 |   private getBearerToken(req: any): string {
65 |     try {
66 |       return req.headers.authorization.split(' ')[1];
67 |     } catch (error) {
68 |       return null;
69 |     }
70 |   }
71 | }
72 | 


--------------------------------------------------------------------------------
/src/utils/utils.module.ts:
--------------------------------------------------------------------------------
 1 | import { Module, forwardRef } from '@nestjs/common';
 2 | import { SharedModule } from './../shared/shared.module';
 3 | 
 4 | @Module({
 5 |   imports : [
 6 |     forwardRef(() => SharedModule),
 7 |   ],
 8 | })
 9 | export class UtilsModule {}
10 | 


--------------------------------------------------------------------------------
/test/app.e2e-spec.ts:
--------------------------------------------------------------------------------
 1 | import { Test, TestingModule } from '@nestjs/testing';
 2 | import * as request from 'supertest';
 3 | import { AppModule } from './../src/app.module';
 4 | 
 5 | describe('AppController (e2e)', () => {
 6 |   let app;
 7 | 
 8 |   beforeEach(async () => {
 9 |     const moduleFixture: TestingModule = await Test.createTestingModule({
10 |       imports: [AppModule],
11 |     }).compile();
12 | 
13 |     app = moduleFixture.createNestApplication();
14 |     await app.init();
15 |   });
16 | 
17 |   it('/ (GET)', () => {
18 |     return request(app.getHttpServer())
19 |       .get('/')
20 |       .expect(200)
21 |       .expect('Hello World!');
22 |   });
23 | });
24 | 


--------------------------------------------------------------------------------
/test/jest-e2e.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "moduleFileExtensions": ["js", "json", "ts"],
 3 |   "rootDir": ".",
 4 |   "testEnvironment": "node",
 5 |   "testRegex": ".e2e-spec.ts$",
 6 |   "transform": {
 7 |     "^.+\\.(t|j)s$": "ts-jest"
 8 |   }
 9 | }
10 | 


--------------------------------------------------------------------------------
/tsconfig.build.json:
--------------------------------------------------------------------------------
1 | {
2 |   "extends": "./tsconfig.json",
3 |   "exclude": ["node_modules", "test", "**/*spec.ts"]
4 | }
5 | 


--------------------------------------------------------------------------------
/tsconfig.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "compilerOptions": {
 3 |     "module": "commonjs",
 4 |     "declaration": true,
 5 |     "removeComments": true,
 6 |     "emitDecoratorMetadata": true,
 7 |     "experimentalDecorators": true,
 8 |     "target": "es6",
 9 |     "sourceMap": true,
10 |     "outDir": "./dist",
11 |     "baseUrl": "./"
12 |   },
13 |   "exclude": ["node_modules"]
14 | }
15 | 


--------------------------------------------------------------------------------
/tslint.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "defaultSeverity": "error",
 3 |   "extends": ["tslint:recommended"],
 4 |   "jsRules": {
 5 |     "no-unused-expression": true
 6 |   },
 7 |   "rules": {
 8 |     "quotemark": [true, "single"],
 9 |     "member-access": [false],
10 |     "ordered-imports": [false],
11 |     "max-line-length": [true, 150],
12 |     "member-ordering": [false],
13 |     "interface-name": [false],
14 |     "arrow-parens": false,
15 |     "object-literal-sort-keys": false,
16 |     "no-console": false
17 |   },
18 |   "rulesDirectory": []
19 | }
20 | 


--------------------------------------------------------------------------------