{"id":17675671,"url":"https://github.com/deliaz/sails-api-jwt","last_synced_at":"2025-05-07T22:46:58.456Z","repository":{"id":75947991,"uuid":"100130200","full_name":"Deliaz/sails-api-jwt","owner":"Deliaz","description":"JWT-based API for user registration and authorization","archived":false,"fork":false,"pushed_at":"2022-08-30T21:56:59.000Z","size":90,"stargazers_count":23,"open_issues_count":6,"forks_count":3,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-05-07T22:46:51.969Z","etag":null,"topics":["api","backend","jwt","jwt-api","jwt-authentication","sails","sailsjs"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Deliaz.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-08-12T18:21:12.000Z","updated_at":"2023-10-11T16:17:18.000Z","dependencies_parsed_at":"2023-04-25T21:24:42.199Z","dependency_job_id":null,"html_url":"https://github.com/Deliaz/sails-api-jwt","commit_stats":{"total_commits":56,"total_committers":2,"mean_commits":28.0,"dds":0.1964285714285714,"last_synced_commit":"8c3d1619e05330e3fa2a66a2199ff69d1d7de3a5"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Deliaz%2Fsails-api-jwt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Deliaz%2Fsails-api-jwt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Deliaz%2Fsails-api-jwt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Deliaz%2Fsails-api-jwt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Deliaz","download_url":"https://codeload.github.com/Deliaz/sails-api-jwt/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252967984,"owners_count":21833247,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","backend","jwt","jwt-api","jwt-authentication","sails","sailsjs"],"created_at":"2024-10-24T07:23:05.829Z","updated_at":"2025-05-07T22:46:58.434Z","avatar_url":"https://github.com/Deliaz.png","language":"JavaScript","readme":"# JSON Web Token authorization API\n## Based on [Sails.js](http://sailsjs.com/) (v0.12)\n\n\n[![Coverage Status](https://coveralls.io/repos/github/Deliaz/sails-api-jwt/badge.svg?branch=master)](https://coveralls.io/github/Deliaz/sails-api-jwt?branch=master)\n[![Build status](https://travis-ci.org/Deliaz/sails-api-jwt.svg?branch=master)](https://travis-ci.org/Deliaz/sails-api-jwt)\n[![Greenkeeper badge](https://badges.greenkeeper.io/Deliaz/sails-api-jwt.svg)](https://greenkeeper.io/)\n\n\n__An example implementation of JWT-based API for user registration and authorization.__ \n\u003cbr\u003e\n\nIt supports:\n1. User register;\n2. User login;\n3. Getting account info;\n4. Token generation and validation;\n5. Password reset (with a reset token);\n6. Password change (with JWT credentials);\n7. Account locking.\n\nThings to do: \n1. Optional email notifications (based on environment);\n2. Keep reset token encrypted and with a validity date;\n3. Unlock after some freeze period;\n4. Registration confirmation (with a confirm token).\n\n* * * * *\n\n## Start\n```\nnpm run start\n```\nor, if you have Sails globally:\n```\nsails lift\n```\nFor security reasons, please change __JWT_SECRET__ in `api/config/env/development.js`. \n\n\n\n## Pass JWT\n\nToken-free endpoints: \n```\n/user/create\n/user/login\n/user/forgot\n/user/reset_password\n```  \n\nToken-required endpoints: \n```\n/user\n/user/change_password \n```\n\nTo pass a JWT use `Authorization` header: \n```\nAuthorization: Bearer \u003cJWT\u003e\n```\n\n## API methods description\nFor some reasons I do not use REST. Shortcuts also disabled by default \n(see `api/config/blueprints.js`).\n\n#### `POST /user/create` \nCreates a new user. Requirements for the password: length is 6-24, use letters and digits. \n\n__request__ \n```json\n{\n  \"email\": \"email@example.com\",\n  \"password\": \"abc123\",\n  \"password_confirm\": \"abc123\"\n}\n```\n\n__response__\n```json\n{\n  \"token\": \"\u003cJWT\u003e\"\n}\n```\n\n\n#### `POST /user/login` \n__request__ \n```json\n{\n  \"email\": \"email@example.com\",\n  \"password\": \"abc123\"\n}\n```\n\n__response__\n```json\n{\n  \"token\": \"\u003cJWT\u003e\"\n}\n```\nN.B. Account will be blocked after `5` fails in `2 mins` (configurable in `api/services/UserManager.js`).\n\n\n#### `GET /user`\nReturns basic info about current account. Requires authorization.  \n__request__ \nParams not required.\n\n__response__\n```json\n{\n  \"id\": 1,\n  \"email\": \"email@example.com\"\n}\n``` \n\n#### `POST /user/change_password`\nChanges user password. User should be authorized.   \n\n__request__ \n```json\n{\n  \"email\": \"email@example.com\",\n  \"password\": \"abc123\", \n  \"new_password\": \"xyz321\",\n  \"new_password_confirm\": \"xyz321\"\n}\n```\n\n__response__\n```json\n{\n  \"token\": \"\u003cJWT\u003e\"\n}\n```\nN.B. All old tokens will be invalid after changing password.\n\n#### `POST /user/forgot`\nInitiates procedure of password recovery.\n\n__request__ \n```json\n{\n  \"email\": \"email@example.com\"\n}\n```\n\n__response__\n```json\n{\n  \"message\": \"Check your email\"\n}\n``` \n\n#### `POST /user/reset_password`\nReset password to a new one with a reset token. Reset token sends to a user after \n`/user/forgot`.   \n\n__request__ \n```json\n{\n  \"email\": \"email@example.com\",\n  \"reset_token\": \"\u003cPassword Reset Token\u003e\",\n  \"new_password\": \"xyz321\",\n  \"new_password_confirm\": \"xyz321\"\n}\n```\n\n__response__\n```json\n{\n  \"message\": \"Done\"\n}\n```\n\n\n### HTTP codes\nAll endpoints uses HTTP status codes to notify about execution results  \n* `200` ok, reqeust executed successfully;\n* `201` created, new user created successfully;\n* `400` bad request, usually means wrong params;\n* `403` forbidden, for locked accounts;\n* `500` server error, something went wrong.\n\n\n### Tests\nThe project uses Travis-CI and Coveralls integration and has some tests. \nRun it via: \n```\nnpm run test\n``` \n\n\n\n#### Inspired by\nThis project is based on this repo:\n[https://github.com/swelham/sails-jwt-example](https://github.com/swelham/sails-jwt-example) *(unlicensed)*.  \nI refactored and improved it for myself.     \n\n\n#### License\nIt is MIT. \n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeliaz%2Fsails-api-jwt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdeliaz%2Fsails-api-jwt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeliaz%2Fsails-api-jwt/lists"}