npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@siran/auth-nestjs

v0.1.0

Published

NestJS integration for Siran Auth - controllers, guards, and module setup

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

siransiran

Keywords

Readme

@siran/auth-nestjs

NestJS integration for Siran Auth - provides controllers, services, and module setup for easy authentication integration.

Features

  • AuthModule: Dynamic NestJS module with dependency injection
  • AuthController: Pre-built HTTP endpoints for login, register, logout
  • AuthService: Service wrapper for authentication logic
  • Type-safe configuration: TypeScript interfaces for all configuration
  • Framework-agnostic core: Uses @siran/auth-http under the hood
  • Extensible: Support for custom TokenProvider and SessionStore implementations

Installation

npm install @siran/auth-nestjs @siran/auth-http @siran/auth-core

Quick Start

1. Create an AuthEngine

Using Supabase adapter:

import { AuthEngine } from '@siran/auth-supabase';

const authEngine = new AuthEngine({
  supabaseUrl: process.env.SUPABASE_URL,
  supabaseKey: process.env.SUPABASE_KEY,
});

2. Create a TokenProvider (Optional)

Using JWT implementation:

import { JwtTokenProvider } from '@siran/auth-http-jwt';

const tokenProvider = new JwtTokenProvider({
  secret: process.env.JWT_SECRET,
  algorithm: 'HS256',
});

3. Setup the NestJS Module

import { Module } from '@nestjs/common';
import { AuthModule } from '@siran/auth-nestjs';
import { AuthEngine } from '@siran/auth-supabase';
import { JwtTokenProvider } from '@siran/auth-http-jwt';

@Module({
  imports: [
    AuthModule.register({
      authEngine: new AuthEngine({ ... }),
      tokenProvider: new JwtTokenProvider({ ... }),
      sessionExpiresIn: 24 * 60 * 60, // 24 hours
    }),
  ],
})
export class AppModule {}

4. Use in Your Controllers

The module automatically provides:

  • POST /auth/login - Login endpoint
  • POST /auth/register - Registration endpoint
  • POST /auth/logout - Logout endpoint

Or inject AuthService into your own controllers:

import { Controller, Post, Body } from '@nestjs/common';
import { AuthService } from '@siran/auth-nestjs';
import type { LoginRequestBody } from '@siran/auth-nestjs';

@Controller('my-auth')
export class MyAuthController {
  constructor(private authService: AuthService) {}

  @Post('login')
  async login(@Body() body: LoginRequestBody) {
    const result = await this.authService.login(body);
    return result;
  }
}

Async Configuration

For complex setups, use registerAsync:

@Module({
  imports: [
    AuthModule.registerAsync({
      useFactory: async (configService: ConfigService) => ({
        authEngine: configService.get('authEngine'),
        tokenProvider: configService.get('tokenProvider'),
      }),
      inject: [ConfigService],
    }),
  ],
})
export class AppModule {}

Request Bodies

Login/Register

{
  "type": "password",
  "identifier": "[email protected]",
  "password": "password123"
}

Supported types:

  • password - Email/username with password
  • otp - One-time password
  • magic_link - Magic link token
  • oauth - OAuth provider code

Response Format

Success Response

{
  "ok": true,
  "user": {
    "id": "user_123",
    "email": "[email protected]",
    "displayName": "John Doe"
  },
  "token": "eyJhbGc...",
  "session": {
    "id": "session_123",
    "expiresAt": "2024-01-27T14:30:00Z"
  }
}

Error Response

{
  "ok": false,
  "error": "INVALID_CREDENTIALS",
  "message": "Invalid email or password",
  "violatedPolicies": []
}

Configuration

AuthModuleConfig

interface AuthModuleConfig {
  /**
   * The AuthEngine instance (required)
   */
  authEngine: AuthEngine;

  /**
   * Token provider for JWT/token generation (optional)
   */
  tokenProvider?: TokenProvider;

  /**
   * Session store for session management (optional)
   */
  sessionStore?: SessionStore;

  /**
   * Session expiration in seconds (default: 86400)
   */
  sessionExpiresIn?: number;
}

API Endpoints

POST /auth/login

Login with various authentication methods.

Request:

{
  "type": "password",
  "identifier": "[email protected]",
  "password": "password123"
}

Response: 200 OK with AuthResponse

POST /auth/register

Register a new user.

Request:

{
  "type": "password",
  "identifier": "[email protected]",
  "password": "password123"
}

Response: 201 Created with AuthResponse

POST /auth/logout

Logout current user.

Response: 200 OK with success response

Error Handling

The module automatically maps authentication errors to HTTP status codes:

  • INVALID_CREDENTIALS → 401 Unauthorized
  • INVALID_FIELD → 400 Bad Request
  • PASSWORD_RESET_REQUIRED → 403 Forbidden
  • RATE_LIMIT_EXCEEDED → 429 Too Many Requests
  • etc.

See @siran/auth-http for complete error mapping.

Dependencies

Peer Dependencies

  • @nestjs/common ^10.0.0
  • @nestjs/core ^10.0.0

Required Dependencies

  • @siran/auth-core ^0.14.0
  • @siran/auth-http ^0.1.0

Optional Dependencies

  • @siran/auth-http-jwt - For JWT token provider
  • @siran/auth-supabase - For Supabase AuthEngine

License

MIT