Nest: JWT: How to access it after using UseGuards?

Created on 13 May 2018  路  7Comments  路  Source: nestjs/nest

I'm submitting a...


[ ] Regression 
[ ] Bug report
[ ] Feature request
[ x ] Documentation issue or request
[ ] Support request => Please do not submit support request here, instead post your question on Stack Overflow.

Current behavior

I have no idea how to access a JWT token and it's missing in doc/github example.

Let's take this one: https://github.com/nestjs/nest/blob/master/sample/19-auth/src/auth/auth.controller.ts#L16

Here, we're securing the route:

  @Get('data')
  @UseGuards(AuthGuard('jwt'))
  findAll() {
    // this route is restricted
  }

But how can we have access to the current JWT (to retrieve user id or email for example).

Environment


Nest version: 5.0.0

For Tooling issues:
- Node version: 8.9.4
- Platform:  Linux
picture maxime1992

Most helpful comment

If you don鈥檛 pass any options to auth guard, you should have access to the user by calling req.user

picture adrien2p on 13 May 2018
👍5 🎉2 😄2 👀1 🚀11 😕1

All 7 comments

If you don鈥檛 pass any options to auth guard, you should have access to the user by calling req.user

adrien2p picture adrien2p on 13 May 2018
👍5 🎉2 😄2 👀1 🚀11 😕1

Oh it's done automagically, no need to do that ourselves! Cool, thanks @adrien2p.

maxime1992 picture maxime1992 on 14 May 2018

@maxime1992
Hi, can you help me give an example of how to configure, I have been confused for a long time here

zhmushan picture zhmushan on 5 Jun 2018

Sure thing. I've made a demo app and you should be able to find what you need in there:

https://gitlab.com/maxime1992/emails-app/blob/master/backend/src/emails/emails.controller.ts

Let me know if you need more help but I think you should manage to find what you want with that project :)

maxime1992 picture maxime1992 on 5 Jun 2018
👍1

Thanks @maxime1992 .
Everything suddenly understood, after seeing export const Usr = createParamDecorator((data,req)=> req.user);
This is a huge help for me, thanks again.

zhmushan picture zhmushan on 6 Jun 2018
👍5

I think this should go in the docs. Was looking for the same.
Plain AuthGuard without being able to use the token for further verification (chained guards) is pretty useless.

This post helped me a lot.

cloakedch picture cloakedch on 2 Aug 2018
👍1

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

lock[bot] picture lock[bot] on 24 Sep 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

menme95 picture menme95  路  3Comments
yanshuf0 picture yanshuf0  路  3Comments
rlesniak picture rlesniak  路  3Comments
JulianBiermann picture JulianBiermann  路  3Comments
breitsmiley picture breitsmiley  路  3Comments