How to protect endpoints of a Nestjs application - Revisited

Two years ago, I wrote a post about protecting API endpoints of a Nestjs application. To summarize it:

  • use the declarative approach of Nestjs and protect the whole application by default behind a guard.
  • provide your project with a decorator that you can add on controllers and controllers' methods to opt out of the default guard protection.

I realized there was a nicer syntax than @SetMetadata(AUTH_GUARD_CONFIG, { disabled: true } as AuthGuardConfig). Simply create a function that does it, just with a much better name:

export const AllowUnauthorized = () => SetMetadata(AUTH_GUARD_CONFIG, { disabled: true } as AuthGuardConfig);

That's it!

Kevin Merckx

Kevin Merckx

Software Engineer, Real Full Stack Developer: from software architecture to development operations and programming.