Challenge - 5 Problems

🎖️

Local Strategy Master

Get all challenges correct to earn this badge!

Test your skills under time pressure!

❓ component_behavior

intermediate

2:00remaining

What happens when the local strategy validates a user with correct credentials?

Consider a NestJS local strategy that checks username and password. What is the output when a user provides the correct username and password?

NestJS

async validate(username: string, password: string) {
  const user = await this.authService.validateUser(username, password);
  if (!user) {
    throw new UnauthorizedException();
  }
  return user;
}

AReturns the user object to the caller for further processing

BThrows a ForbiddenException error

CReturns null without throwing an error

DLogs the user out immediately

Attempts:

2 left

📝 Syntax

intermediate

2:00remaining

Which option correctly implements the Passport local strategy constructor in NestJS?

Choose the correct constructor code snippet for a NestJS local strategy extending PassportStrategy(LocalStrategy).

NestJS

import { Strategy } from 'passport-local';
import { PassportStrategy } from '@nestjs/passport';

export class LocalStrategy extends PassportStrategy(Strategy) {
  constructor(private authService: AuthService) {
    super({ usernameField: 'email' });
  }

  async validate(username: string, password: string) {
    // validation logic
  }
}

Aconstructor(private authService: AuthService) { super({ usernameField: 'email' }); }

Bconstructor(authService: AuthService) { super({ usernameField: 'email' }); this.authService = authService; }

Cconstructor() { super({ usernameField: 'email' }); }

Dconstructor(private authService: AuthService) { super(); this.authService = authService; }

Attempts:

2 left

🔧 Debug

advanced

2:00remaining

Why does this local strategy fail to throw UnauthorizedException even with incorrect credentials?

Review the validate method below. Why does it fail to throw UnauthorizedException even when the username and password are incorrect? async validate(username: string, password: string) { const user = await this.authService.validateUser(username, password); if (user === null) { throw new UnauthorizedException(); } return user; }

NestJS

async validate(username: string, password: string) {
  const user = await this.authService.validateUser(username, password);
  if (user === null) {
    throw new UnauthorizedException();
  }
  return user;
}

AThe validate method is missing an await keyword

BauthService.validateUser returns undefined instead of null, so the condition fails

CUnauthorizedException is thrown before calling validateUser

DThe method returns user before checking if it is null

Attempts:

2 left

❓ state_output

advanced

2:00remaining

What is the value of 'user' after validate returns successfully?

Given this local strategy validate method: async validate(username: string, password: string) { const user = await this.authService.validateUser(username, password); if (!user) { throw new UnauthorizedException(); } return user; } If validateUser returns { id: 5, username: 'alice' }, what is the value of user after validate returns?

NestJS

async validate(username: string, password: string) {
  const user = await this.authService.validateUser(username, password);
  if (!user) {
    throw new UnauthorizedException();
  }
  return user;
}

AThrows UnauthorizedException

Bundefined

Cnull

D{ id: 5, username: 'alice' }

Attempts:

2 left

🧠 Conceptual

expert

2:00remaining

Which option best explains why the local strategy uses 'usernameField' option?

In NestJS local strategy, why do we pass { usernameField: 'email' } to the PassportStrategy constructor?

ATo rename the validate method parameter from username to email automatically

BTo enforce that only email addresses can be used as usernames in the database

CTo tell Passport to use the 'email' field from the request instead of the default 'username' field

DTo enable Passport to hash the email field before validation

Attempts:

2 left