Map of content for authentication and authorization in NestJS. Auth in Nest is built on top of guards, so start there if you haven’t read it.
Recipes
- JWT strategy with Passport: login, protected route, and
@Public()opt-out.
Planned
- Guards vs middleware: when to use each.
- Role and permission checks (RBAC, CBAC).
- Refresh tokens and rotation.
- Session-based auth (when JWT is the wrong tool).