DEV Community

Kevin Merckx
Kevin Merckx

Posted on • Originally published at blog.merckx.fr on

How to protect endpoints of a Nestjs application - Revisited

How to protect endpoints of a Nestjs application - Revisited

Two years ago, I wrote a post about protecting API endpoints of a Nestjs application. To summarize it:

  • use the declarative approach of Nestjs and protect the whole application by default behind a guard.
  • provide your project with a decorator that you can add on controllers and controllers' methods to opt out of the default guard protection.

I realized there was a nicer syntax than @SetMetadata(AUTH_GUARD_CONFIG, { disabled: true } as AuthGuardConfig). Simply create a function that does it, just with a much better name:

export const AllowUnauthorized = () => SetMetadata(AUTH_GUARD_CONFIG, { disabled: true } as AuthGuardConfig);
Enter fullscreen mode Exit fullscreen mode

That's it!

Top comments (0)