0
0
NestJSframework~5 mins

JWT strategy in NestJS - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Recall & Review
beginner
What is the purpose of a JWT strategy in NestJS?
A JWT strategy in NestJS is used to authenticate users by verifying JSON Web Tokens sent with requests. It helps secure routes by checking if the token is valid and extracting user information from it.
Click to reveal answer
beginner
Which NestJS package provides the tools to implement a JWT strategy?
The @nestjs/passport package along with passport-jwt is used to implement JWT strategies in NestJS. @nestjs/passport integrates Passport.js with NestJS, and passport-jwt handles JWT validation.
Click to reveal answer
intermediate
In a JWT strategy, what is the role of the validate() method?
The validate() method checks the decoded JWT payload and returns user data if valid. This data is then attached to the request object, allowing access to user info in protected routes.
Click to reveal answer
intermediate
How does the JWT strategy extract the token from incoming requests?
The JWT strategy uses an extractor function, commonly JwtFromRequest.ExtractJwt.fromAuthHeaderAsBearerToken(), which looks for the token in the Authorization header as a Bearer token.
Click to reveal answer
beginner
Why is it important to keep the JWT secret key safe in a NestJS application?
The JWT secret key signs and verifies tokens. If exposed, attackers can create fake tokens and access protected resources. Keeping it safe ensures token integrity and application security.
Click to reveal answer
What does the JWT strategy primarily verify in a request?
AThe validity of the JSON Web Token
BThe user's password
CThe request's IP address
DThe request's HTTP method
Which header usually contains the JWT in a request?
AUser-Agent
BContent-Type
CAccept
DAuthorization
In NestJS, which method inside the JWT strategy returns user info after token validation?
Asign()
Bauthenticate()
Cvalidate()
Ddecode()
Which package is NOT required to implement JWT strategy in NestJS?
A@nestjs/passport
Bexpress-session
Cpassport-jwt
Djsonwebtoken
What happens if the JWT secret key is leaked?
AAttackers can forge tokens and access protected routes
BTokens expire immediately
CUsers get logged out automatically
DThe application crashes
Explain how a JWT strategy works in NestJS to protect routes.
Think about how the token is checked and how user info becomes available in your app.
You got /4 concepts.
    Describe the steps to set up a JWT strategy in a NestJS application.
    Focus on packages, class setup, and how validation is done.
    You got /5 concepts.