NOTE: this is still a draft, so it's subject to changes. This alert will be removed as soon as final version will be available
Official WebsiteWeb3 App

πŸ”‘@hsuite/auth - Authentication & User Management Module

πŸ” Comprehensive NestJS authentication module providing unified Web2 & Web3 authentication, user management, and API key authentication

A robust, enterprise-grade authentication module that seamlessly integrates traditional username/password authentication with cutting-edge Web3 wallet-based authentication, complete user management, and API key authentication system, designed specifically for the HSuite ecosystem.

Table of Contents

Quick Start

Installation

npm install @hsuite/auth

Basic Setup

Protect Your Routes

Architecture

Core Components

πŸ›‘οΈ Guards

  • JwtAuthGuard - JWT-based route protection

  • RedisAuthGuard - Redis session authentication

  • ConfirmedAuthGuard - Email confirmation requirement

  • ApiKeyAuthGuard - API key authentication guard

🌐 Strategies

  • JwtStrategy - Passport JWT strategy implementation

  • RedisStrategy - Redis-based session strategy

  • Web3Strategy - Blockchain wallet authentication

  • ApiKeyStrategy - Header-based API key validation

πŸ”§ Services

  • AuthService - Core authentication logic

  • UsersService - User management operations

  • ApiKeyService - API key validation

  • AuthController - REST API endpoints

πŸ‘₯ User Management

  • UsersModule - Complete user management module

  • UsersService - User CRUD operations and business logic

  • UserModelService - Database operations with Mongoose

  • User Entity - Mongoose schema and TypeScript types

πŸ”‘ API Key Authentication

  • ApiKeyModule - API key authentication module

  • ApiKeyService - API key validation and management

  • ApiKeyAuthGuard - Route protection with API keys

  • ApiKeyStrategy - Passport strategy for API keys

Module Structure

API Reference

AuthModule

Static Methods

forRootAsync(options: AuthModuleAsyncOptions): DynamicModule

Configures the authentication module with async dependency injection.

AuthService

Core Methods

validateUser(username: string, password: string): Promise<any>

  • Validates user credentials for Web2 authentication

login(user: any): Promise<{ access_token: string }>

  • Generates JWT token for authenticated user

register(userData: CreateUserDto): Promise<User>

  • Registers new user with email confirmation

Guards Reference

JwtAuthGuard

RedisAuthGuard

ConfirmedAuthGuard

Guides

Web2 Authentication Guide

Learn how to implement traditional username/password authentication with email confirmation and 2FA. Configure user registration, login flows, password reset, and session management.

Web3 Authentication Guide

Implement blockchain wallet-based authentication with signature verification and token gating. Set up wallet connection, signature validation, and decentralized identity management.

Session Management Guide

Configure Redis-based session management for distributed applications. Implement session storage, expiration policies, and cross-service session sharing.

Guards & Strategies Guide

Deep dive into authentication guards and Passport strategies. Create custom guards, implement authorization logic, and manage authentication flows.

Examples

Complete Module Configuration

Multi-Guard Protection

Integration

Required Dependencies

Environment Variables

TypeScript Configuration

πŸ“ Note: This module requires proper configuration of external services (Redis, PostgreSQL, SMTP, Twilio) for full functionality. See individual guides for detailed setup instructions.

Built with ❀️ by the HSuite Team Copyright © 2025 HSuite. All rights reserved.

PreviousHSuite LibrariesNext@hsuite/auth-types - Authentication Type Definitions

Last updated