📣 Wristband NestJS Auth SDK 1.0.0 Release 🎉

Release v1.0.0

Initial major release of Wristband NestJS authentication SDK with dynamic modules, authentication guards (SESSION and JWT strategies), encrypted session management, and complete OAuth 2.1/OIDC flow support. Wraps @wristband/express-auth with NestJS patterns.

Features

🏗️ NestJS Module System

Dynamic Modules:

• WristbandExpressAuthModule - Authentication service with DI
• WristbandExpressSessionModule - Session management with middleware
• Multi-instance support via custom DI tokens
• forRootAsync() pattern with ConfigService integration

🔐 Authentication Guards

Guard factory createWristbandAuthGuard() supports multiple authentication strategies:

Supported Strategies:

• SESSION - Cookie-based session authentication with automatic token refresh
• JWT - Bearer token authentication with JWKS validation

Features:

• Apply with @UseGuards() decorator at route or controller level
• Automatic access token refresh for expired tokens (SESSION strategy)
• Optional CSRF token validation (SESSION strategy)
• Rolling session windows (SESSION strategy)
• Configurable JWKS caching (JWT strategy)

🍪 Session Management

Encrypted cookie-based sessions powered by @wristband/typescript-session.

Features:

• AES-256-GCM encryption
• TypeScript declaration merging for custom session fields
• CSRF protection with dual-cookie approach
• Session API: fromCallback(), save(), destroy(), getSessionResponse(), getTokenResponse()

🔄 OAuth 2.1 / OIDC Workflows

• Login flow with tenant resolution (subdomains and custom domains)
• OAuth callback handling with redirect edge cases
• Logout flow with token revocation
• Session and token endpoints for frontend SDKs

🛠️ SDK Features

• Full TypeScript support
• CommonJS and ES Module support
• SDK auto-configuration endpoint
• Comprehensive NestJS-specific documentation

For full documentation, see the README.