Skip to content
This repository has been archived by the owner on Aug 31, 2023. It is now read-only.

nik-55/auth-using-nodejs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits

controllers

controllers

 
 

db

db

 
 

middleware

middleware

 
 

.gitignore

.gitignore

 
 

Readme.md

Readme.md

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

routes.js

routes.js

 
 

server.js

server.js

 
 

Repository files navigation

Auth using Node js

Hello , Myself Nikhil Mahajan studying at iit roorkee.

Many time while developing we require to authorize users. Writing from scratch the whole auth can be trouble.
This repo is just a simple template creating simple api end points :

/register
/login
/profile
/logout

Setup

After downloading the repo code open your editor and in the terminal :

npm install

This will install all dependencies required.

Database

Go to Mongo Db Atlas and setup your database and copy the URL required to connect your server to database.

Environment Variable

Create a .env file in root folder and also add .env to .gitignore.
In .env :

MONGO_DB=<url copied above>
PORT=<Any port number like 8000>
SECRET_KEY_JWT=<Secret key for generating and verifing jwt tokens>
ALLOWED_ORIGINS=http://localhost:3000,http://127.0.0.1:3000

Starting the server

Open terminal in root folder and run the following command to start the server

node ./server.js

Api End Points

/register

  • This takes email and password from request and first validate that email and password requested are correct input or not.
  • Then if correct it hashes the password.
  • User information is then stored in your mongo db.
  • Email need to be unique otherwise it will response with error.

/login

  • This also takes email and password from request and validate them as correct input.
  • Then if correct it query the database to check if user exist.
  • If exist it validate that whether password is correct or not.
  • If correct it response with a jwt token whose expiration time is 1 hour.
  • Payload of token conatin email.

/profile

  • Request body header should contain a valid jwt token in Authorization Field otherwise it will response with error.
  • Then if jwt token is verified it decodes the payload and query on database using email to find more user information.

/logout

  • When user logged in , jwt token is saved in database.
  • This api end point delete this saved jwt token from database.
  • In Auth middleware , even if jwt is verified but if this jwt token is not present on database then this request is considered to be unauthorized.

Customization

  • One can modify user schemma to create more fields or can use auth middleware to authorize the request.

  • Create more api end points in routes.js and write the function in controllers folder.

Frontend Template

Message

It will be nice if you report bugs or contribute to improve the code and security.

Thanks !!
Happy Hacking...

- nikhil

About

frontend : https://github.com/nik-55/auth-frontend

Topics

nodejs jwt

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages