@arcjet/nest

Arcjet helps developers protect their apps in just a few lines of code. Implement rate limiting, bot protection, email verification, and defense against common attacks.

This is the Arcjet SDK for NestJS.

Looking for our Next.js framework SDK? Check out the @arcjet/next package.

Getting started

Visit the quick start guide to get started.

Example app

Try an Arcjet protected app live at https://example.arcjet.com (source code).

Installation

npm install -S @arcjet/nest

Shield example

Arcjet Shield protects your application against common attacks, including the OWASP Top 10. You can run Shield on every request with negligible performance impact.

import { Module } from "@nestjs/common";
import { NestFactory, APP_GUARD } from "@nestjs/core";
import { ConfigModule } from "@nestjs/config";
import { ArcjetModule, ArcjetGuard, shield } from "@arcjet/nest";

@Module({
  imports: [
    ConfigModule.forRoot({
      isGlobal: true,
      envFilePath: ".env.local",
    }),
    ArcjetModule.forRoot({
      isGlobal: true,
      key: process.env.ARCJET_KEY!,
      rules: [shield({ mode: "LIVE" })],
    }),
  ],
  controllers: [],
  providers: [
    // You can enable ArcjetGuard globally on every route using the `APP_GUARD`
    // token; however, this is generally NOT recommended. If you need to inject
    // the ArcjetNest client, you want to make sure you aren't also running
    // ArcjetGuard on the handlers calling `protect()` to avoid making multiple
    // requests to Arcjet and you can't opt-out of this global Guard.
    {
      provide: APP_GUARD,
      useClass: ArcjetGuard,
    },
  ],
})
class AppModule {}

async function bootstrap() {
  const app = await NestFactory.create(AppModule);
  await app.listen(3000);
}
bootstrap();

License

Licensed under the Apache License, Version 2.0.