We now make use of the @nestjs/passport package so we can use AuthGuard for invoking the JWT strategy at route level - perfect for graphql resolvers, for example

Author: bojidaryovchev

package.json

@@ -89,6 +89,7 @@
     "@nestjs/core": "5.0.1",
     "@nestjs/graphql": "2.0.0",
     "@nestjs/microservices": "5.0.1",
+    "@nestjs/passport": "1.1.0",
     "@nestjs/testing": "5.0.1",
     "@nestjs/websockets": "5.0.1",
     "@nguniversal/express-engine": "6.0.0",

src/server/modules/auth/auth.controller.ts

@@ -1,7 +1,8 @@
-import { Controller, Post, Get, Req } from '@nestjs/common';
+import { Controller, Post, Get, Req, UseGuards } from '@nestjs/common';
 import { AuthService } from './auth.service';
 import { IToken } from './interfaces/token.interface';
 import { Request } from 'express';
+import { AuthGuard } from '@nestjs/passport';
 
 @Controller('api/auth')
 export class AuthController {
@@ -63,6 +64,7 @@ export class AuthController {
   }
 
   @Get('authorized')
+  @UseGuards(AuthGuard('jwt'))
   public async authorized() {
     console.log('Authorized route...');
   }

src/server/modules/auth/auth.module.ts

@@ -60,9 +60,5 @@ export class AuthModule implements NestModule {
     consumer
       .apply(authenticate('google', { session: false }))
       .forRoutes('api/auth/google/token');
-
-    consumer
-      .apply(authenticate('jwt', { session: false }))
-      .forRoutes('api/auth/authorized');
   }
 }

src/server/modules/auth/passport/jwt.strategy.ts

@@ -1,33 +1,26 @@
 import { Injectable, UnauthorizedException } from '@nestjs/common';
-import { Request } from 'express';
-import { use } from 'passport';
+import { PassportStrategy } from '@nestjs/passport';
 import { ExtractJwt, Strategy } from 'passport-jwt';
 
 import { AuthService } from '../auth.service';
-import { SERVER_CONFIG, MESSAGES } from '../../../server.constants';
+import { SERVER_CONFIG } from '../../../server.constants';
 import { IUser } from '../../user/interfaces/user.interface';
 import { IJwtPayload } from '../interfaces/jwt-payload.interface';
 
 @Injectable()
-export class JwtStrategy extends Strategy {
+export class JwtStrategy extends PassportStrategy(Strategy) {
   constructor(private readonly authService: AuthService) {
-    super(
-      {
-        jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
-        passReqToCallback: true,
-        secretOrKey: SERVER_CONFIG.jwtSecret,
-      },
-      async (req: Request, payload: IJwtPayload, next: Function) =>
-        await this.verify(payload, next)
-    );
-    use('jwt', this);
+    super({
+      jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
+      secretOrKey: SERVER_CONFIG.jwtSecret
+    });
   }
 
-  public async verify(payload: IJwtPayload, done: Function) {
+  public async validate(payload: IJwtPayload, done: Function) {
     const user: IUser = await this.authService.findUserById(payload.sub);
 
     if (!user) {
-      return done(new UnauthorizedException(MESSAGES.UNAUTHORIZED_UNRECOGNIZED_BEARER), false);
+      return done(new UnauthorizedException(), false);
     }
 
     done(null, user);

tsconfig.json

@@ -6,7 +6,7 @@
     "noImplicitAny": true,
     "removeComments": true,
     "sourceMap": true,
-    "target": "es5",
+    "target": "es6",
     "module": "commonjs",
     "moduleResolution": "node",
     "typeRoots": [