A production-ready, secure authentication system built with NestJS, TypeORM, and PostgreSQL. Features include JWT authentication, refresh token rotation, session management, 2FA (TOTP), Google OAuth, and security hardening.
- Secure Authentication: Bcrypt password hashing and JWT-based access control.
- Token Management: Short-lived Access Tokens and secure, rotating Refresh Tokens.
- Session Tracking: Monitor and revoke active user sessions.
- User Features: Self-service Forgot/Reset Password flows (User-friendly email mock).
- Two-Factor Authentication (2FA): TOTP integration (Google Authenticator) with QR code generation.
- Federated Login: Google OAuth 2.0 integration.
- Security Hardening:
- Rate Limiting (Throttling) against brute-force attacks.
- Helmet for secure HTTP headers.
- Global Input Validation.
- Framework: NestJS
- Database: PostgreSQL (via Docker)
- ORM: TypeORM
- Caching: Redis (via Docker)
- Documentation: Swagger (OpenAPI)
- Node.js (v16+)
- Docker & Docker Compose
- Clone the repository.
- Install dependencies:
npm install
- Start Infrastructure (Postgres & Redis):
docker-compose up -d
- Start the Application:
npm run start
- API Docs (Swagger): Visit
http://localhost:3000/api - Postman Collection: Import
postman_collection.jsonfor testing.
MIT