Technologies Saved Contribute

Technologies Saved Contribute

Question Loading...

Authentication and Authorization

1. What is Passport.js and how does it integrate with NestJS?

Level: Expert | Frequency: High

2. How do you implement a local (username/password) Passport strategy in NestJS?

Level: Expert | Frequency: High

3. How does the validate() method in a Passport strategy relate to the NestJS request lifecycle?

Level: Expert | Frequency: High

4. How do you implement JWT authentication in NestJS with access and refresh tokens?

Level: Expert | Frequency: High

5. What should and should not go inside a JWT payload?

Level: Expert | Frequency: High

6. How do you implement JWT refresh token rotation with secure storage in NestJS?

Level: Expert | Frequency: High

7. How do you implement JWT token revocation (blacklisting) without a database lookup on every request in NestJS?

Level: Expert | Frequency: High

8. What is the difference between AuthGuard('jwt') from Passport and writing a custom JwtAuthGuard in NestJS?

Level: Expert | Frequency: High

9. How do you register a global JWT guard so all routes are protected by default in NestJS?

Level: Expert | Frequency: High

10. What is RBAC and how do you implement a basic roles guard in NestJS?

Level: Expert | Frequency: High

11. What is the difference between RBAC and ABAC and when would you use each in NestJS?

Level: Expert | Frequency: High

12. How do you implement ABAC with CASL in a NestJS application?

Level: Expert | Frequency: High

13. How do you implement row-level (resource-level) authorization to ensure users can only access their own records in NestJS?

Level: Expert | Frequency: High

14. How does the OAuth2 authorization code flow work and how do you implement it with Passport in NestJS?

Level: Expert | Frequency: High

15. What is PKCE and when is it required in OAuth2 flows in NestJS?

Level: Expert | Frequency: High

16. How do you implement an OAuth2 Authorization Server in NestJS?

Level: Expert | Frequency: High

17. How do you implement session-based authentication in NestJS?

Level: Expert | Frequency: High

18. What is the difference between JWT and session-based authentication and when do you choose each in NestJS?

Level: Expert | Frequency: High

19. How do you secure session cookies against common attacks (CSRF, XSS, session fixation) in NestJS?

Level: Expert | Frequency: High

20. How do you implement two-factor authentication (2FA) with TOTP in NestJS?

Level: Expert | Frequency: High

21. How do you implement API key authentication as an alternative to JWT in NestJS?

Level: Expert | Frequency: High

22. How do you implement permission-based authorization at the field level in a GraphQL resolver in NestJS?

Level: Expert | Frequency: High

23. How do you implement multi-tenant authentication where each tenant has its own JWT secret in NestJS?

Level: Expert | Frequency: High

24. How do you test authentication guards and strategies in NestJS?

Level: Expert | Frequency: High

25. How do you implement brute force protection on the login endpoint in NestJS?

Level: Expert | Frequency: High

All Topics

BasicsModulesDecoratorsControllersDependency InjectionProvidersArchitectureRequest LifecycleMiddlewareGuardsInterceptorsPipesFiltersException HandlingAPI DesignGraphQLDatabase and ORMMicroservicesAuthentication and AuthorizationInterceptors