@payk/nestjs-private-api-guard
TypeScript icon, indicating that this package has built-in type declarations

1.1.0 • Public • Published

@payk/nestjs-private-api-guard

API Protection for NestJS

Build Status

Installation

npm install @payk/nestjs-private-api-guard

What does it do?

Quick Start

Add a Global Guard in the main.ts after the app creation

  app.useGlobalGuards(new PrivateApiGuard(app.get(Reflector)));

Public End-Point

Each call coming from outside the internal network will carry a header stating it came from the public. Add a decorator on top of your api end point you wish to expose through the Gateway

@PublicApi()
@Get()
getAllUsers() {
  return [];
}

Any end-point without the @PublicApi decorator won't be accessible through the gateway.

The header being used is by default X-Public-Api and is true when coming from the public domain.

You can choose a different header key name by passing the PrivateApiGuard another parameter:

  app.useGlobalGuards(new PrivateApiGuard(app.get(Reflector), 'X-My-Cool-Public'));

Consumer Group End-Point (ACL)

Each OAuth2 consumer has groups defined on him. We can use those groups in order to define access to specific end-point - for example, only the BackOffice can access that end-point, not the mobile (it's not per user, it's per consumer) Add a decorator on top of your api end point you wish to expose through the Gateway to a list of groups

@AllowedConsumerGroups('backoffice', 'admins')
@Get()
getAllUsers() {
  return [];
}

Package Sidebar

Install

npm i @payk/nestjs-private-api-guard

Weekly Downloads

5

Version

1.1.0

License

ISC

Unpacked Size

18.4 kB

Total Files

20

Last publish

Collaborators

  • dankopayk
  • danpayk
  • one_eye_jackei
  • oromano