mattburnett-repo / nestjs-api-template Goto Github PK

This looks like it depends on TypeORM making changes to the cli.

Passport / Authentication.

Roles / authorization

• CASL / RBAC

• More edge case tests are always better.
• app.e2e-spec.ts
  • reliably turn off logging output
• auth.e2e-spec.ts
  • figure out how to either attach req.user, or how to mock req.user.
    • underlying refresh / logout code expects this. Tests can't run witout @Req / req.user object.

About the req.user issue, here is a suggestion from chatGPT:

1. First, create a test case and add a cookie to the HTTP request:
   it('should return "Hello World!" with a user object', () => {
   const user = {
   name: 'John Doe',
   email: '[email protected]',
   id: '123456789',
   };

return request(app.getHttpServer())
.get('/my-route')
.set('Cookie', user=${JSON.stringify(user)})
.expect(200)
.then(response => {
expect(response.text).toBe('Hello World!');
});
});

In this example, we've added a user cookie to the HTTP request with the user object as its value. We've also converted the user object to a JSON string using JSON.stringify() to make it easier to pass it in the cookie.

2. In your controller, extract the user object from the request object using the @Req() decorator:

import { Controller, Get, Req } from '@nestjs/common';
import { Request } from 'express';

@controller()
export class MyController {
@get('/my-route')
myRoute(@Req() request: Request): string {
const user = JSON.parse(request.cookies['user']);
console.log(user); // { name: 'John Doe', email: '[email protected]', id: '123456789' }
return 'Hello World!';
}
}

In this example, we're using the @Req() decorator to inject the request object into the myRoute() method of the MyController class. We're then using JSON.parse() to convert the user cookie value back into a JavaScript object using the request.cookies object. This gives us access to the req.user object in our controller, which we can then use as needed.

Note: You can also use the set() method to set a header with the user object as its value, similar to the first example I provided. The approach you take will depend on your use case and preference.

For the 'GETs a protected endpoint when auth is provided.' test:

• mock the call to /auth/login. We don't need to call the database here. We just need to get a token from this.authService.login(data)
• refactor the loginResponse block to a BeforeAll hook, so that we can reuse it in future tests.

there is an issue with 'no empty functions' or something similar.

probably due to an eslint / prettier conflict.

figure out how to config eslint / prettier to work better together (plugins, config, etc.)

• Admin module/s
• Streaming
• File upload
• Cache management
• Router module
• Automock
• Redis
  • Where / how
• Elastic Search
  • Where / how

Implement some sort of auth token for the Swagger API doc.

More environment-aware (ie. 'dev' / 'test' / 'production

https://docs.nestjs.com/security/rate-limiting

@nestjs/throttler

Husky / github actions / ???

Conventional Commits