Importing the Auth Module
You should add the AuthModule in your AppModule to enable it globally.
There are a few different components that you should configure:
-
Validation of requests, to ensure JWTs are correctly signed
-
Extracting various details from JWTs to enable decorators and basic authentication flows
-
Creating ACL objects for more complex authorization usage
You may choose to omit the ACL configuration if you are not using it.
src/app.module.tsimport { AuthModule } from "@formulaic/auth-module";
// ... existing imports
import { abilityFor, AclUser } from "acl";
import { JWTPayload } from "./user/dto/jwt-payload";
@Module({
imports: [
// ... existing imports
AuthModule.forRootAsync({
global: true,
imports: [], (1)
inject: [],
useFactory: () => ({
secretOrPublicKey: "test",
defaultPolicy: "allow",
payload: JWTPayload, (2)
userId: ({ sub }) => sub, (3)
getUserById: id => null, (4)
getRoles: ({ roles }) => roles, (5)
getAcl: (payload) => { (6)
if(!payload) {
return abilityFor();
}
const { sub, roles } = payload;
const user: AclUser = {
kind: "AclUser",
id: sub,
roles,
};
return abilityFor(user);
}
}),
}),
],
})
export class AppModule {}| 1 | You may wish to import a configuration module |
| 2 | If you have defined the JWT payload structure using class-validator, requests will be validated to ensure they match the expected structure. |
| 3 | Provide a function to extract the user ID from a JWT |
| 4 | Most requests can use the JWT payload without querying the database, however you may wish to fetch the entire object if a request needs it. |
| 5 | Extract the list of roles from the JWT payload. |
| 6 | If you are using an authorization library (like CASL), you can construct data for each request. |