Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

A simple implementation of a Node.js REST API built with Restify, using restify-oauth2 for authentication with a MongoDB backend

branch: master
README.md

node-restify-oauth2-mongodb

A simple implementation of a Node.js REST API built with Restify, using restify-oauth2 for authentication with a MongoDB backend

Installation

  • Install redis, MongoDB, node.js and npm.
  • Clone the repository to your computer.
  • Install dependancies: npm install
  • Start redis: redis-server
  • Start MongoDB: mongod
  • Insert a Client Key into the mongoDB wit the format:
{
  _id: ObjectId("51c6e846ede91c0b8600005e"),
  clientName: "Test Client",
  client: "test",
  secret: "password"
}
  • Start the server: node web
  • You are now ready to register a user.

User Registration

  • To register a new user perform a Post to http://localhost:8090/register
curl --data "name=Test&email=test@test.com&username=tester1&password=testing27&vPassword=testing27&role=Admin" http://localhost:8090/register
  • If everything went as planned the response should be:
{
  "__v":0,
  "name":"Test",
  "email":"test@test.com",
  "username":"tester1",
  "hashed_password":"$2a$10$3uwD9IiKVlkQJvdQXqm07uQnfcXae3AGjDh.zil8.8CgtlQ2MuACK",
  "_id":"520774753472d74e2c000001",
  "role":"Admin"
}
  • You are now ready to authenticate with the server

Login/Authentication

  • To login with the details from above POST to http://localhost:8090/token
curl --user test:password --data grant_type=password --data username=tester1 --data password=testing27 http://localhost:8090/token
  • If everything went as planned the response should be:
{
  "access_token":"Your-Bearer-Token",
  "token_type":"Bearer"
}
  • Your-Bearer-Token must be remembered and used in every subsequent request to the server
  • You are now Authenticated and ready to acces /secret

Accessing Protected Routes

  • To access the /secret rout you must GET http://localhost:8090/secret
  • You must set a header: Authorization:Bearer Your-Bearer-Token
  • Remember to leave a space between Bearer and Your-Bearer-Token.
curl -H "Authorization:Bearer Your-Bearer-Token" http://localhost:8090/secret
  • If everything went as planned the response should be:
{
  "message":"Success"
}
Something went wrong with that request. Please try again.