{"library":"nestjs-supabase-auth","title":"NestJS Supabase Auth Passport Strategy","description":"nestjs-supabase-auth is a NestJS Passport strategy designed to integrate Supabase authentication into NestJS applications. It leverages `passport-jwt` to validate JWTs issued by Supabase, allowing developers to secure their API routes and GraphQL resolvers. The package is currently at version 1.0.9 and generally maintains a stable release cadence, with updates primarily focused on bug fixes or adapting to changes in Supabase Auth, rather than frequent major breaking changes. Its key differentiator is providing a pre-built, opinionated integration for Supabase's JWT-based authentication within the established NestJS Passport ecosystem, simplifying the process of securing backends compared to implementing a generic JWT strategy and handling Supabase-specific claims manually. Users must extend the provided `SupabaseAuthStrategy` to configure their specific Supabase instance details and JWT secret, enabling flexible environment variable integration and custom user payload validation.","language":"javascript","status":"active","last_verified":"Wed Apr 22","install":{"commands":["npm install nestjs-supabase-auth"],"cli":null},"imports":["import { SupabaseAuthStrategy } from 'nestjs-supabase-auth';","import { PassportStrategy } from '@nestjs/passport';","import { ExtractJwt } from 'passport-jwt';","import { AuthGuard } from '@nestjs/passport';"],"auth":{"required":false,"env_vars":[]},"quickstart":{"code":"import { Injectable, Module } from '@nestjs/common';\nimport { PassportStrategy, AuthGuard } from '@nestjs/passport';\nimport { ExtractJwt } from 'passport-jwt';\nimport { SupabaseAuthStrategy } from 'nestjs-supabase-auth';\nimport { PassportModule } from '@nestjs/passport';\nimport { Controller, Get, UseGuards, Request } from '@nestjs/common';\n\n// --- Strategy Definition (supabase.strategy.ts) ---\n@Injectable()\nexport class SupabaseJwtStrategy extends PassportStrategy(\n  SupabaseAuthStrategy,\n  'supabase',\n) {\n  public constructor() {\n    super({\n      supabaseUrl: process.env.SUPABASE_URL ?? 'https://your-project-ref.supabase.co',\n      supabaseKey: process.env.SUPABASE_KEY ?? 'YOUR_SUPABASE_ANON_KEY',\n      supabaseOptions: {},\n      supabaseJwtSecret: process.env.SUPABASE_JWT_SECRET ?? 'YOUR_SUPABASE_JWT_SECRET',\n      extractor: ExtractJwt.fromAuthHeaderAsBearerToken(),\n    });\n  }\n\n  async validate(payload: any): Promise<any> {\n    // This method is called after JWT verification. 'payload' contains the decoded JWT.\n    // You can perform additional user validation or data fetching here.\n    // Ensure the `sub` claim (user ID) is present.\n    if (!payload || !payload.sub) {\n      throw new Error('Invalid JWT payload: Missing user ID.');\n    }\n    // IMPORTANT: Call super.validate(payload) if you need the base strategy's validation logic\n    // or omit it if you fully override the validation.\n    // super.validate(payload); // Base validation might be empty or specific to the original strategy.\n\n    // Return the validated user payload. NestJS will attach this to req.user.\n    return { userId: payload.sub, email: payload.email, ...payload };\n  }\n\n  authenticate(req: Request) {\n    // This method can be overridden for custom authentication logic before validation.\n    // In most cases, the default Passport.js flow is sufficient.\n    super.authenticate(req);\n  }\n}\n\n// --- Auth Module (auth.module.ts) ---\n@Module({\n  imports: [PassportModule],\n  providers: [SupabaseJwtStrategy],\n  exports: [SupabaseJwtStrategy, PassportModule], // Export PassportModule if other modules need it\n})\nexport class AuthModule {}\n\n// --- Protected Controller (user.controller.ts) ---\nconst SUPABASE_AUTH_GUARD = 'supabase'; // Define the guard name consistently\n\n@Controller('user')\nexport class UserController {\n  @UseGuards(AuthGuard(SUPABASE_AUTH_GUARD))\n  @Get('profile')\n  getProfile(@Request() req) {\n    // req.user will contain the object returned by the validate method\n    return req.user;\n  }\n}\n\n// --- Main Application (main.ts or app.module.ts, simplified for quickstart) ---\n// This setup assumes AuthModule is imported into AppModule.\n// You would also need to configure your NestJS application to load environment variables.\n// Example App Module might look like:\n// @Module({\n//   imports: [AuthModule],\n//   controllers: [UserController],\n// })\n// export class AppModule {}\n\n// To run this, you'd typically have a NestJS app initialized with `nest new`,\n// then add these files and configure environment variables:\n// SUPABASE_URL=https://<your-project-ref>.supabase.co\n// SUPABASE_KEY=<your-anon-public-key>\n// SUPABASE_JWT_SECRET=<your-jwt-secret-from-supabase-settings>\n","lang":"typescript","description":"This quickstart demonstrates how to define and register a custom Supabase Passport strategy, apply it to a NestJS route using a guard, and access the validated user payload from the request. It includes environment variable placeholders for setup.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}