Security News
cURL Project and Go Security Teams Reject CVSS as Broken
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
@synap/nest-changelog-module
Advanced tools
Authentication, authorization and user/account management built with [@nestjs](https://www.nestjs.com). This module takes care of session storage/management using mongo-store and connect-session (Express/MongoDb), account login/logout, password resets and
Authentication, authorization and user/account management built with @nestjs. This module takes care of session storage/management using mongo-store and connect-session (Express/MongoDb), account login/logout, password resets and registration.
You'll need to apply some configuration options when bootstrapping your server:
import { NestFactory } from '@nestjs/core';
import { CoreModule } from './core/core.module';
import { expressConfig } from '@synap/nest-users-module';
async function bootstrap()
{
const app = await NestFactory.create(CoreModule);
// This allows the SynapNestUsersModule to set up passport middleware and session persistence
expressConfig(app, {
// Without passing corsOpts, you won't be able to make use of this module's API
corsOpts: { origin: [/localhost/], credentials: true },
dbConnectionUrl: 'mongodb://localhost:27017/my-db'
});
app.listen(9000);
}
bootstrap().catch(e => Logger.log(
`Error bootstrapping app: ${e.stack || e.message || e}`,
'Bootstrap')
);
See auth.interfaces for further available options the expressConfig
method accepts.
Now you can use the module in your application:
import { Module } from '@nestjs/common';
import { SynapNestUsersModule } from '@synap/nest-users-module';
@Module({
imports: [SynapNestUsersModule.forRoot()]
})
export class CoreModule
{
}
This module provides a base user schema that looks like this:
import * as moment from 'moment';
export const BaseSchema = {
createdAt: { type: Date, required: true, default: moment(new Date(Date.now())).toDate() },
deleted: { type: Boolean, required: true, default: false },
email: { type: String, required: true, index: { unique: true } },
enabled: { type: Boolean, required: true, default: true },
firstName: { type: String, required: true },
lastLoggedIn: { type: Date, required: false },
lastName: { type: String, required: true },
password: { type: String, required: true },
registrationToken: { type: String, required: false },
resetPasswordToken: { type: String, required: false },
roles: { type: [String], required: true, default: ['user'] },
tokenExpires: { type: Date, required: false },
updatedAt: { type: Date, required: true, default: moment(new Date(Date.now())).toDate() }
};
If you don't need any other properties on your users, then you can skip ahead. If you do require additional properties,
you can pass them in the forRoot
method when importing the module:
SynapNestUsersModule.forRoot({
extraSchemaFields: {
img: { type: String, required: true, default: 'assets/images/stock-user.png' },
displayName: { type: String, required: true, default: function()
{
if (!(this.firstName && this.lastName))
return 'awesome.user';
return `${this.firstName.toLowerCase()}.${this.lastName.toLowerCase()}`;
}}
}
})
FAQs
# TODO
We found that @synap/nest-changelog-module demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
Security News
Bun 1.2 enhances its JavaScript runtime with 90% Node.js compatibility, built-in S3 and Postgres support, HTML Imports, and faster, cloud-first performance.
Security News
Biden's executive order pushes for AI-driven cybersecurity, software supply chain transparency, and stronger protections for federal and open source systems.