NestJSframework~30 mins

Why guards control access in NestJS - See It in Action

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Perf

Why Guards Control Access in NestJS

📖 Scenario: You are building a simple NestJS application that needs to protect certain routes from unauthorized access. Guards in NestJS help decide if a request can continue or not.

🎯 Goal: Build a basic guard that controls access to a route by checking a simple condition.

📋 What You'll Learn

Create a guard class implementing CanActivate

Add a boolean variable isAllowed to control access

Use the guard in a controller route

Return true or false from the guard based on isAllowed

💡 Why This Matters

🌍 Real World

Guards are used in real applications to protect routes from unauthorized users, like checking login status or permissions.

💼 Career

Understanding guards is essential for backend developers working with NestJS to build secure APIs.

Progress0 / 4 steps

Create the Guard Class

Create a class called SimpleGuard that implements CanActivate from @nestjs/common. Inside it, define a method canActivate(context: ExecutionContext): boolean that returns true.

NestJS

import { CanActivate, ExecutionContext } from '@nestjs/common';

// Your code here

Need a hint?

Remember to import CanActivate and ExecutionContext from @nestjs/common.

Add Access Control Variable

Inside the SimpleGuard class, add a boolean variable called isAllowed and set it to false. Change the canActivate method to return the value of this.isAllowed.

NestJS

import { CanActivate, ExecutionContext } from '@nestjs/common';

export class SimpleGuard implements CanActivate {
  // Your code here
  canActivate(context: ExecutionContext): boolean {
    // Your code here
  }
}

Need a hint?

Use this.isAllowed inside canActivate to control access.

Apply Guard to Controller Route

Create a controller class called AppController with a method getData() that returns the string 'Protected Data'. Use the @UseGuards(SimpleGuard) decorator on the getData method. Import necessary decorators from @nestjs/common.

NestJS

import { Controller, Get, UseGuards } from '@nestjs/common';

// Your code here

Need a hint?

Use @Controller(), @Get('data'), and @UseGuards(SimpleGuard) decorators properly.

Enable Access by Changing Guard Variable

In the SimpleGuard class, change the isAllowed variable to true so the guard allows access to the route.

NestJS

import { CanActivate, ExecutionContext, Controller, Get, UseGuards } from '@nestjs/common';

export class SimpleGuard implements CanActivate {
  // Change isAllowed to true
  isAllowed = false;

  canActivate(context: ExecutionContext): boolean {
    return this.isAllowed;
  }
}

@Controller()
export class AppController {
  @Get('data')
  @UseGuards(SimpleGuard)
  getData(): string {
    return 'Protected Data';
  }
}

Need a hint?

Set isAllowed to true to allow access.