8th of 25 Questions.

What is the difference between AuthGuard('jwt') from Passport and writing a custom JwtAuthGuard in NestJS?

AuthGuard('jwt') is a built-in guard that directly delegates to the JwtStrategy. A custom JwtAuthGuard extends AuthGuard('jwt') to add extra logic: checking @Public() via Reflector to skip auth on specific routes, and overriding handleRequest() to produce better error messages. The custom guard is always preferred in production.

Custom JwtAuthGuard with @Public() support

Reasons to extend AuthGuard rather than use it directly:

handleRequest() — override to convert Passport's info object into a clear error message.
Reflector access — read @Public() and other metadata to implement opt-out public routes.
Pre/post logic — add rate limiting, IP checks, or audit logging around the Passport call.
Consistent error handling — all auth failures produce the same structured error response.
The custom guard is registered once globally via APP_GUARD — no per-route annotation needed.

Question Loading...

8th of 25 Questions.

What is the difference between AuthGuard('jwt') from Passport and writing a custom JwtAuthGuard in NestJS?

Custom JwtAuthGuard with @Public() support

Reasons to extend AuthGuard rather than use it directly:

handleRequest() — override to convert Passport's info object into a clear error message.
Reflector access — read @Public() and other metadata to implement opt-out public routes.
Pre/post logic — add rate limiting, IP checks, or audit logging around the Passport call.
Consistent error handling — all auth failures produce the same structured error response.
The custom guard is registered once globally via APP_GUARD — no per-route annotation needed.