Nestjs Email Authentication

Nestjs Starter using Mongodb and Passportjs
Alternatives To Nestjs Email Authentication
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
Node Express Mongoose Demo5,0873a month ago1January 18, 20163mitJavaScript
A simple demo app using node and mongodb for beginners (with docker)
21 days ago14mitTypeScript
Build your own SaaS business with SaaS boilerplate. Productive stack: React, Material-UI, Next, MobX, WebSockets, Express, Node, Mongoose, MongoDB. Written with TypeScript.
18 days ago63mitJavaScript
Open source web application to learn JS stack: React, Material-UI, Next.js, Node.js, Express.js, Mongoose, MongoDB database.
Lad2,238234 months ago39April 27, 202212mitJavaScript
Node.js framework made by a former @expressjs TC and @koajs team member. Built for @forwardemail, @spamscanner, @breejs, @cabinjs, and @lassjs.
Nextjs Mongodb App1,164
a year ago16mitJavaScript
A Next.js and MongoDB web application, designed with simplicity for learning and real-world applicability in mind.
Ultimate Seed868
7 years ago49JavaScript
{MEAN Stack on Steroids} The ultimate full-stack AngularJS + Node.js/Express seed (batteries included!) that makes web developers insanely productive. (Angular, AngularUI, Barbeque, Bootstrap, Bower, Browserify, Docker, Express, Font Awesome, Grunt, Handlebars, jQuery, JSHint, Karma/Mocha, LESS/LESSHat, Livereload, Lodash/Underscore, Modernizr, MongoDB/Mongoose, Passport for Facebook/Google/Twitter, Redis, SocketIO, Source Maps, Uglify, Winston)
8 months agomitJavaScript
A minimal forum board application. Built on top of React-Redux frontend, ExpressJS-NodeJS backend (with PassportJS for OAuth) and MongoDB databse.
4 years ago42otherJavaScript
meanTorrent - MEAN.JS BitTorrent Private Tracker - Full-Stack JavaScript Using MongoDB, Express, AngularJS, and Node.js, A BitTorrent Private Tracker CMS with Multilingual, and IRC announce support, CloudFlare support. Demo at:
Nestjs Email Authentication375
10 months ago10mitTypeScript
Nestjs Starter using Mongodb and Passportjs
Nest Angular329
a year ago40mitTypeScript
NestJS, Angular 6, Server Side Rendering (Angular Universal), GraphQL, JWT (JSON Web Tokens) and Facebook/Twitter/Google Authentication, Mongoose, MongoDB, Webpack, TypeScript
Alternatives To Nestjs Email Authentication
Select To Compare

Alternative Project Comparisons

Nestjs email authentication starter

This project is an example of implementation of a user email authentication with Nestjs v8.4.6, MongoDB and PassportJs

It can be used as starter for a new project: it implements API for user sign-in/sign-up and features like email verification, forgotten password, reset password, update profile and settings.

Getting started

Install nodejs and mongodb in your machine.

Install dependencies with npm and run the application:

npm install
npm run start

Deploy using Docker

⚠️ Before deploy the app in a container set the right configuration as explained in the section below, and then you can run:

docker-compose up -d

It will generate 3 containers:

  • nestjs: nodejs application -> localhost:3000 (you can change the port in the docker-compose.yml)
  • mongodb: database -> expose 27017 in the container network but not reacheable from outside.
  • mongo-express: a web-based MongoDB admin interface -> localhost:8081

You can edit the config is in docker-compose.yml.
❗ Note: For security reason, remember to change the db password in docker-compose.yml and in config.ts file, and to change the mongo-express password to access the console.

Configuration File

You can find a config.ts file in the root of the project.
Before run the server set your db configuration (according you are using docker or not) and your ✉️ Nodemailer options to be able to send emails for registration:

# Docker Example #
"db": {
    "user": "root",
    "pass": "example",
    "host": "mongo",
    "port": "27017",
    "database": "testdb", 
    "authSource": "admin"

# Local nodejs Example #
"db": {
   "user": null,
   "pass": null,
   "host": "localhost",
   "port": "27017",
   "database": "testdb",
   "authSource": null


"host": {
    "url": "<server-url>",  //This link is used to redirect users to your server to confirm their email address (link via email)
    "port": "3000"


    "host": "<smtp-host>", //Nodemailer settings (go to the nodemailer documentation for further informations) - You need to set up this to make the signup api start working
    "port": "<port>",
    "secure": false,
    "user": "<username>",
    "pass": "<password>"


Server will listen on port 3000, and it expose the following APIs:

  • POST - /auth/email/register - Register a new user

    • email - string
    • password - string
    • name - string (optional)
    • surname - string (optional)
  • POST - /auth/email/login - Login user

    • email - string
    • password - string
  • GET - /auth/email/verify/:token - Validates the token sent in the email and activates the user's account

  • GET - /auth/email/resend-verification/:email - Resend verification email

  • GET - /auth/email/forgot-password/:email - Send a token via email to reset the password

  • POST - /auth/email/reset-password - Change user password

    • newPassword - string
    • newPasswordToken - string (token received by forgot-password api)
  • GET - /auth/users - Returns all users (must be logged in)

  • GET - /users/user/:email - Returns selected user info (must be logged in)

  • POST - /users/profile/update - Update user info

    • name - string
    • surname - string
    • phone - string
    • email - string
    • birthdaydate - Date
    • profilepicture - string (base64)
  • POST - /users/gallery/update - Add/Remove user photos

    • email - string
    • action - string ('add' or 'remove')
    • newPhoto - object (only for case 'add')
      • imageData - string (base64)
      • description - string
    • photoId - string (base64) (only for case 'remove')
  • POST - settings/update - Update user settings

    • email - string
    • settingsKey1 - string (Value1)
    • settingsKey2 - string (Value2)
    • ...

Passport JWT strategy

This project use JSON Web Token (JWT) Bearer Token as authentication strategy for Passport. The login API returns an access_token that you have to use to send a correct authorization header in calls that require authentication. You can find an example with postman here

Login response:

  "data": {
      "token": {
          "expires_in": "3600",
          "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...._DkYJJh4s"

Authorization header example:

 Authorization → Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...._DkYJJh4s


All request and response are logged so this can help you to debug in production. If you use pm2 as process manager, I suggest you to install pm2-logrotate in your server.


The project implements some of nodejs security techniques :

  • Helmet : can help protect your app from some well-known web vulnerabilities by setting HTTP headers appropriately
  • Express Rate Limit: to protect your applications from brute-force attacks
    • In the main.ts you can set a limit of requests in a time window (default is 100 requests in 15 minutes for all endpoints, and 3 requests in a 1 hour for sign up endpoint)


If you want to contribute to this starter, consider:

  • Reporting bugs and errors
  • Improve the documentation
  • Creating new features and pull requests

All contributions are welcome!


Licensed under the MIT license.

Popular Passport Projects
Popular Mongodb Projects
Popular Security Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Email Verification