The ultimate NestJS Authentication guide
Ғылым және технология
This ultimate guide to NestJS authentication covers everything you need to know about implementing secure user authentication with PassportJS. Master Auth in NestJS now!
00:00 Authetication Flow Overview
02:14 User Login
07:27 Generate Token
12:55 Access Control
19:50 Passport Authentication
29:12 Passport Access Control
Пікірлер: 14
Is it possible to make a tutorial on how to integrate NestJS with supabase for Auth ? Or how to connect nextjs with NestJS and supabase ? That would be awesome! Keep up the awesome work.
Implement it with database and also do authorization and 2fa as well. Thank you 💚
Man, first video I watch from your channel and you have such a great content, keep it up, you deserve to grow here
@TechVisionExplained
16 күн бұрын
Thanks a lot @amaury_permer. This really means a lot to me to know that you are enjoying the content on this channel
How a great tutorial!!!
@TechVisionExplained
8 күн бұрын
Thanks so much
clean video nice editing skill and also informative keep uploading
@TechVisionExplained
14 күн бұрын
Thank you so much @omarsalah4252 for showing your support, it means a lot to me. I've been enjoying making these videos, and I have a lot more coming :)
You’ve got a great smile 😬
@TechVisionExplained
20 күн бұрын
Thank you for your comment @ajalasegun1
Beginner question: is it safe to send the password in a request? Is it possible to catch that package in the middle? I know the hash is used for it, but implementing a hash on the client side and sending it to compare hashes on the server side sounds the same. Will it be safe? How to make bulletproof secure auth?
@TechVisionExplained
12 күн бұрын
Hello @spamcolector TLDR; If you use HTTPS then it's safe. Is it "bulletproof"; No Every auth solutions has downsides and risks associated. Most of the time you would choose a solution based on the risk, effort and requirement of your product. There are many solutions to choose from and some of them don't even involve a password. For example Magic links. But that would mean sending emails to users handling links expiration etc... Is the added complexity worth it? If you use HTTPs there isn't really a point hashing the password on the client side, because the data transferred is encrypted anyway. The reason why you don't want to store the password in clear is to prevent anyone with access to the database to have access to the user password and you don't want that password to also appear in logs and other code traces. hope that answers your question
Nice tutorial