[Nest.js] Life Cycle - 2 Guards

1. What is Guards?

Guards are for protecting our server based on our rules "internally".
What I mean is that we have to set up its own conditions, such as permissions, roles, etc.., in our project.
Guards works on here for Authentication/Authorization !! 

 

Guard is designed to return True or False only.

Why?, because there are no options need for authentication and authorization.

 

2. What Guards do ?

1. excuted after each middleware and before interceptors or pipes
2. Authentification
3. Authorization

Let's see more for how we can set up internal security barriers.

 

3. Why is Nest.js Guards different from other components?

Guards is literally guarding a request whether user is validated or user has a permission.
We can make a barrier for a secure purpose via Guards.

Registration
Controller-scoped : @UseGuards(XXX)
Method-scoped : @UseGuards(XXX)
Global-scoped : app.useGlobalGuards(XXX) in main.ts

Examples
JWT, Passport, JwtStrategy, AuthGuard()

Conclusion
Guards component specific for authorization and authentification of a request.
send back a 403 if the component returns false

More details
look at my previous contents from 9 ~ 12 for more details
Authentification - https://docs.nestjs.com/security/authenticationAuthorization - https://docs.nestjs.com/security/authorization

---

Guards Implementation