{"id":25238089,"url":"https://github.com/andoniat/auth_jwt_nodejs","last_synced_at":"2026-04-19T19:32:21.326Z","repository":{"id":267533153,"uuid":"901406288","full_name":"AndoniAT/Auth_JWT_NodeJs","owner":"AndoniAT","description":"Implementing authentication and JWT in node js. Node.js application designed as a foundation for any project requiring authentication and user role management on the server side. This project provides a robust and scalable structure with ready-to-use features.","archived":false,"fork":false,"pushed_at":"2025-02-11T00:58:24.000Z","size":400,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-02-11T01:32:15.544Z","etag":null,"topics":["api","api-rest","application","authentication","backend","chai","javascript","jwt","jwt-authentication","jwt-token","mocha","nodejs","security","test"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/AndoniAT.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-12-10T15:46:06.000Z","updated_at":"2025-02-11T00:58:27.000Z","dependencies_parsed_at":"2025-01-13T20:25:31.583Z","dependency_job_id":"73c9f019-66d0-4f83-bef6-85b530353002","html_url":"https://github.com/AndoniAT/Auth_JWT_NodeJs","commit_stats":null,"previous_names":["andoniat/auth_jwt_nodejs"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AndoniAT%2FAuth_JWT_NodeJs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AndoniAT%2FAuth_JWT_NodeJs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AndoniAT%2FAuth_JWT_NodeJs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AndoniAT%2FAuth_JWT_NodeJs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/AndoniAT","download_url":"https://codeload.github.com/AndoniAT/Auth_JWT_NodeJs/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247385630,"owners_count":20930599,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","api-rest","application","authentication","backend","chai","javascript","jwt","jwt-authentication","jwt-token","mocha","nodejs","security","test"],"created_at":"2025-02-11T16:44:20.821Z","updated_at":"2026-04-19T19:32:21.278Z","avatar_url":"https://github.com/AndoniAT.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ch1 class=\"text-center\" style=\"background-color: rgb(226 232 240 / var(--tw-bg-opacity, 1));\n padding: 5px;\"\u003e Authentication JWT Login in NodeJs\n \u003cbr/\u003e\n \u003cimg src=\"./src/nodejs.png\" height=\"60px\"/\u003e\n \u003c/h1\u003e\n\u003ch4\u003eAuthor : Andoni ALONSO TORT\u003c/h4\u003e\nImplementing authentication and JWT in node js.\n\nNode.js application designed as a foundation for any project requiring authentication and user role management on the server side. This project provides a robust and scalable structure with ready-to-use features.\n\n- ✅ User authentication via JWT (JSON Web Tokens) for secure sessions.\n- ✅ A role management system to define specific permissions and access.\n- ✅ A RESTful architecture for creating, reading, updating, and deleting users and their roles.\n- ✅ Error handling with clear responses for unauthorized or invalid actions.\n- ✅ Integration with a database for secure storage of user information (password hashing with bcrypt).\n- ✅ A modular and extensible structure to easily integrate new features.\n\nThis back-end is designed to work seamlessly with the [React front-end project](https://github.com/AndoniAT/Auth_Login_React), offering a complete and secure solution for any application requiring authentication and role management.\n\n\u003cb\u003eStart Node.js project :\u003c/b\u003e\n\u003e npm init\n\n\u003cb\u003eSetting eslint config :\u003c/b\u003e\n\u003e npm init @eslint/config\n\neslint.config.mjs has been generated \n\nSee [eslint page](https://eslint.org/docs/latest/) for more information.\n\nInstall Eslint \u0026 Error Lens packages in VS Code to highlighting of errors in files.\n\n\u003cb\u003eNodemon package has been include for running dev environnment : \u003c/b\u003e\n\u003e npm i --save-dev nodemon\n\n\u003cb\u003eTo run it, please use :\u003c/b\u003e\n\u003e npm run devStart\n\nAnother packages installed : \n- \u003ci\u003ebcrypt :\u003c/i\u003e To hash and compare paswords.\n- \u003ci\u003ejsonwebtoken :\u003c/i\u003e To generate and compare token between server \u0026 client.\n- \u003ci\u003ecookie-parser :\u003c/i\u003e Parse Cookie header and populate req.cookies with an object keyed by the cookie names.\n- \u003ci\u003emongoose :\u003c/i\u003e Mongoose is a MongoDB object modeling tool designed to work in an asynchronous environment. \n- \u003ci\u003e[mocha](https://mochajs.org) :\u003c/i\u003e Mocha is a feature-rich JavaScript test framework running on Node.js and in the browser, making asynchronous testing simple and fun. Mocha tests run serially, allowing for flexible and accurate reporting, while mapping uncaught exceptions to the correct test cases.\n- \u003ci\u003e[chai](https://www.chaijs.com) :\u003c/i\u003e Chai is a BDD / TDD assertion library for node and the browser that can be delightfully paired with any javascript testing framework.\n[See documentation](https://shouldjs.github.io/)\n- \u003ci\u003e[chai-http](https://www.chaijs.com/plugins/chai-http/) :\u003c/i\u003e Chai HTTP provides an interface for live integration testing via superagent. To do this, you must first construct a request to an application or url.\n\nUpon construction you are provided a chainable api that allows you to specify the http VERB request (get, post, etc) that you wish to invoke.\n\n\nTo generate our ACCESS_TOKEN_SECRET :\n\u003e node\n\u003e require('crypto').randomBytes(64).toString('hex')\n\ncopy this string to the ACCESS_TOKEN_SECRET key in your .env\nDo it again and put the value in REFRESH_TOKEN_SECRET key\n\n\n\u003ch6\u003e== TEST DETAILS ==\u003c/h6\u003e\nTo charge init data in database for development please run:\n\n\u003e node src/api/services/tests/users_data_test.js\n\n#### Execute tests\n- Test Helpers\n  - \u003e npm run testHelpers\n- Test Services\n  - \u003e npm run testServices\n- Test Apis\n  - \u003e npm run testApis\n\n\u003ch6\u003e== USER MODEL ==\u003c/h6\u003e\n\u003ctable\u003e\n  \u003cthead\u003e\n    \u003ctr\u003e\n      \u003cth\u003eAttribute\u003c/th\u003e\n      \u003cth\u003eRules \u0026 Info\u003c/th\u003e\n    \u003c/tr\u003e\n  \u003c/thead\u003e\n  \u003ctbody\u003e\n      \u003ctr\u003e\n        \u003ctd\u003eusername\u003c/td\u003e\n        \u003ctd\u003e\n          \u003cul\u003e\n            \u003cli\u003eType: String\u003c/li\u003e\n            \u003cli\u003eRequired\u003c/li\u003e\n            \u003cli\u003eUnique\u003c/li\u003e\n            \u003cli\u003eWithout Special Characters\u003c/li\u003e\n            \u003cli\u003eMin length: 3\u003c/li\u003e\n            \u003cli\u003eUser id to login\u003c/li\u003e\n          \u003c/ul\u003e\n        \u003c/td\u003e\n      \u003c/tr\u003e\n      \u003ctr\u003e\n        \u003ctd\u003eemail\u003c/td\u003e\n        \u003ctd\u003e\n          \u003cul\u003e\n            \u003cli\u003eType: email\u003c/li\u003e\n            \u003cli\u003eRequired\u003c/li\u003e\n            \u003cli\u003eUnique\u003c/li\u003e\n            \u003cli\u003eMin length: 10\u003c/li\u003e\n          \u003c/ul\u003e\n        \u003c/td\u003e\n      \u003c/tr\u003e\n      \u003ctr\u003e\n        \u003ctd\u003efirstname\u003c/td\u003e\n        \u003ctd\u003e\n          \u003cul\u003e\n            \u003cli\u003eType: String\u003c/li\u003e\n            \u003cli\u003eRequired\u003c/li\u003e\n            \u003cli\u003eMin length: 3\u003c/li\u003e\n          \u003c/ul\u003e\n        \u003c/td\u003e\n      \u003c/tr\u003e\n      \u003ctr\u003e\n        \u003ctd\u003elastname\u003c/td\u003e\n        \u003ctd\u003e\n          \u003cul\u003e\n            \u003cli\u003eType: String\u003c/li\u003e\n            \u003cli\u003eRequired\u003c/li\u003e\n            \u003cli\u003eMin length: 3\u003c/li\u003e\n          \u003c/ul\u003e\n        \u003c/td\u003e\n      \u003c/tr\u003e\n      \u003ctr\u003e\n        \u003ctd\u003epassword\u003c/td\u003e\n        \u003ctd\u003e\n          \u003cul\u003e\n            \u003cli\u003eType: String\u003c/li\u003e\n            \u003cli\u003eRequired\u003c/li\u003e\n            \u003cli\u003eMin length: 8\u003c/li\u003e\n            \u003cli\u003eAt least one special character (e.g., @$!%*?\u0026()#^/).\u003c/li\u003e\n            \u003cli\u003eAt least one uppercase letter.\u003c/li\u003e\n            \u003cli\u003eAt least one lowercase letter.\u003c/li\u003e\n            \u003cli\u003eAt least one number.\u003c/li\u003e\n            \u003cli\u003eHashed with bcrypt\u003c/li\u003e\n          \u003c/ul\u003e\n        \u003c/td\u003e\n      \u003c/tr\u003e\n      \u003ctr\u003e\n        \u003ctd\u003ecreatedAt\u003c/td\u003e\n        \u003ctd\u003e\n          \u003cul\u003e\n            \u003cli\u003eType: Date\u003c/li\u003e\n            \u003cli\u003eGenerated by default when creating an object\u003c/li\u003e\n          \u003c/ul\u003e\n        \u003c/td\u003e\n      \u003c/tr\u003e\n      \u003ctr\u003e\n        \u003ctd\u003eupdatedAt\u003c/td\u003e\n        \u003ctd\u003e\n          \u003cul\u003e\n            \u003cli\u003eType: Date\u003c/li\u003e\n            \u003cli\u003eGenerated by default when creating an object and updated when updating an object\u003c/li\u003e\n          \u003c/ul\u003e\n        \u003c/td\u003e\n      \u003c/tr\u003e\n      \u003ctr\u003e\n        \u003ctd\u003eroles\u003c/td\u003e\n        \u003ctd\u003e\n          \u003cul\u003e\n            \u003cli\u003eType: [Number]\u003c/li\u003e\n            \u003cli\u003eUser role by default: [2000]\u003c/li\u003e\n            \u003cli\u003eCan only contain User and Admin roles [1000, 2000]\u003c/li\u003e\n            \u003cli\u003eRoles can only be assigned by another admin, you cannot create an user with an admin role\u003c/li\u003e\n          \u003c/ul\u003e\n        \u003c/td\u003e\n      \u003c/tr\u003e\n      \u003ctr\u003e\n        \u003ctd\u003erefreshToken\u003c/td\u003e\n        \u003ctd\u003e\n          \u003cul\u003e\n            \u003cli\u003eType: [String]\u003c/li\u003e\n            \u003cli\u003eDefault: []\u003c/li\u003e\n            \u003cli\u003eAn user can contain several refreshTokens for different connections\u003c/li\u003e\n            \u003cli\u003eThis attribute is stocked in cookies and allow the user to refresh his accesToken when it has been expired.\u003c/li\u003e\n          \u003c/ul\u003e\n        \u003c/td\u003e\n      \u003c/tr\u003e\n      \n\n  \u003c/tbody\u003e\n\u003c/table\u003e\n\n\n\u003ch6\u003e== USER ROLES ==\u003c/h6\u003e\n\n\n\u003ctable style=\"margin: 0 auto; width: fit-content; border: 1px solid black;\"\u003e\n  \u003ctr style=\"background: gray;\"\u003e\n    \u003cth style=\"border: 1px solid black;\"\u003eRole\u003c/th\u003e\n    \u003cth style=\"border: 1px solid black;\"\u003eCode\u003c/th\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd style=\"border: 1px solid black\"\u003eAdmin\u003c/td\u003e\n    \u003ctd style=\"border: 1px solid black\"\u003e1000\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd style=\"border: 1px solid black\"\u003eUser\u003c/td\u003e\n    \u003ctd style=\"border: 1px solid black\"\u003e2000\u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\n\u003ch6\u003e== ROUTES ==\u003c/h6\u003e\n\n\u003e /api/auth/\n  - \u003e\u003cdiv style=\"background-color:#7a9dc3;color:black;\"\u003e \u0026nbsp;\u0026nbsp;🔵 /login [POST]\u003c/div\u003e\n    \u003eAllow the user to login in the application, this API returns the a valid acces token for the user with 10m duration and store another token (refresh token) in cookies if first token expires. Also the refresh token is also stored en database.\n\n  - \u003e\u003cdiv style=\"background-color:#7ac37a; color:black\"\u003e \u0026nbsp;\u0026nbsp;🟢 /token [GET]\u003c/div\u003e\n    \u003eAllow the user to get a new access token if his token is already expired. This API uses the token stored in cookies in order to valid the connected user and return a new valid token.\n\n  - \u003e\u003cdiv style=\"background-color:#7ac37a; color:black\"\u003e \u0026nbsp;\u0026nbsp;🟢 /logout [GET]\u003c/div\u003e\n    \u003e Disconnect user from the application and clean cookies and remove the refresh token from the database.\n\n\u003e /api/users/\n  - \u003e\u003cdiv style=\"background-color:#7ac37a; color:black\"\u003e \u0026nbsp;\u0026nbsp;🟢 / [GET]\u003c/div\u003e\n    \u003e Returns all the users in the application. However the information is filtered depending of the user connected role.\n\n  - \u003e\u003cdiv style=\"background-color:#7a9dc3;color:black;\"\u003e \u0026nbsp;\u0026nbsp;🔵 / [POST]\u003c/div\u003e\n    \u003e Creates a new user, this API can only be called when we are not connected. It allow an user to create an account in the application.\n\n  - \u003e\u003cdiv style=\"background-color:#7ac37a; color:black\"\u003e \u0026nbsp;\u0026nbsp;🟢 /:id [GET]\u003c/div\u003e\n    \u003eGet an user by an id. This id can be the _id in database, or the username or email of user. The information is filtered depending of the user connected role.\n\n  - \u003e\u003cdiv style=\"background-color:#ebe876;color:black;\"\u003e \u0026nbsp;\u0026nbsp;🟡 /:id [PUT]\u003c/div\u003e\n    \u003eThis API allows the user to modify his own information. Or if it's an admin, a user information.\n    \u003e\n    \u003eA user can only modify : username, lastname, email and password.\n    \u003e An admin can also modify the roles.\n\n  - \u003e\u003cdiv style=\"background-color:#f77373;color:black;\"\u003e \u0026nbsp;\u0026nbsp;🔴 /:id [DELETE]\u003c/div\u003e\n    \u003eThis API allows the user delete his account. Or if it's an admin, a user account.\n    \u003eThe admin cannot be deleted if he is the last admin in the application.\n\n\u003chr/\u003e\n\u003ch5\u003eAuthor: \u003ci\u003eAndoni ALONSO TORT\u003c/i\u003e\u003ch5\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fandoniat%2Fauth_jwt_nodejs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fandoniat%2Fauth_jwt_nodejs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fandoniat%2Fauth_jwt_nodejs/lists"}