A minimal, beginner-friendly authentication boilerplate for NestJS.
A simple starting point for authentication in NestJS apps including JWT auth, refresh tokens, and role checks. Built to be easy to read and extend.
- User registration and login (JWT)
- Access / refresh tokens
- Basic role-based access control
- Clear, modular structure
- Node.js v16+
- npm or yarn
- A database (Postgres, MySQL, SQLite, etc.)
git clone https://github.com/erbhuwan/nestjs-auth.git
cd nestjs-auth
cp .env.example .env # or copy manually on Windows
npm install
npm run start:devServer should start on the port in your .env (default 3000).
Copy .env.example to .env and set the values:
| Variable | Description | Example |
|---|---|---|
PORT |
App port | 3000 |
DATABASE_URL |
Database connection string | postgres://... |
JWT_SECRET |
Secret used to sign access tokens | a-very-secret |
JWT_EXPIRATION |
Access token TTL | 1h |
REFRESH_TOKEN_SECRET |
Secret for refresh tokens | another-secret |
(Only set what your app requires; keep secrets out of source control.)
Common endpoints (adjust to actual routes in the code):
POST /auth/register— register a new userPOST /auth/login— obtain access + refresh tokensPOST /auth/refresh— exchange refresh token for access token- Protected routes use an auth guard and may check roles
Example request to login:
curl -X POST http://localhost:3000/auth/login \
-H "Content-Type: application/json" \
-d '{"username":"user","password":"pass"}'Use Postman, curl, or your preferred client. Add tests later as needed.
If you want to contribute:
- Fork the repo
- Create a branch:
git checkout -b feature/short-description - Make changes, commit with a clear message
- Push and open a PR describing the change
See CONTRIBUTING.md for style and PR guidance.
This project is licensed under the MIT license (see LICENSE or http://opensource.org/licenses/MIT)
erbhuwan (check repo for contact details)