{"id":30750812,"url":"https://github.com/haripatel07/nodejs-auth-system","last_synced_at":"2026-05-05T06:40:26.177Z","repository":{"id":311923303,"uuid":"1045615811","full_name":"haripatel07/nodejs-auth-system","owner":"haripatel07","description":"A secure and professional Node.js + Express.js Authentication API with JWT, role-based access control, and password reset functionality.","archived":false,"fork":false,"pushed_at":"2025-08-27T17:25:52.000Z","size":335,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-08-27T22:19:51.116Z","etag":null,"topics":["backend","express","jwt","mongodb","nodejs"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/haripatel07.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-08-27T13:06:56.000Z","updated_at":"2025-08-27T17:29:38.000Z","dependencies_parsed_at":"2025-08-27T22:20:30.677Z","dependency_job_id":"f4245498-8ba2-4073-8fbf-256613c8493b","html_url":"https://github.com/haripatel07/nodejs-auth-system","commit_stats":null,"previous_names":["haripatel07/nodejs-auth-system"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/haripatel07/nodejs-auth-system","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/haripatel07%2Fnodejs-auth-system","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/haripatel07%2Fnodejs-auth-system/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/haripatel07%2Fnodejs-auth-system/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/haripatel07%2Fnodejs-auth-system/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/haripatel07","download_url":"https://codeload.github.com/haripatel07/nodejs-auth-system/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/haripatel07%2Fnodejs-auth-system/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273568169,"owners_count":25128733,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-04T02:00:08.968Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["backend","express","jwt","mongodb","nodejs"],"created_at":"2025-09-04T07:02:03.966Z","updated_at":"2026-05-05T06:40:26.171Z","avatar_url":"https://github.com/haripatel07.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Authentication System API\r\n\r\nThis repository is a deployment-ready authentication API built with Node.js, Express, and MongoDB. It includes user registration, JWT authentication, role-based access control, and password reset functionality.\r\n\r\n## Key Features\r\n\r\n  * User registration and login secured with `bcrypt` password hashing.\r\n  * JWT authentication using `jsonwebtoken` with token expiration support.\r\n  * Role-based access control (`user`, `admin`) for protected routes.\r\n  * Password reset via secure, time-limited reset tokens.\r\n  * Centralized error handling and environment-based configuration.\r\n  * MongoDB data persistence with `mongoose`.\r\n\r\n## Architecture Overview\r\n\r\n  * `server.js`: Application entry point and route registration.\r\n  * `src/routes/authRoutes.js`: Authentication and authorization endpoints.\r\n  * `src/controllers/authController.js`: Request handling for auth operations.\r\n  * `src/middleware/authMiddleware.js`: JWT verification and protected route enforcement.\r\n  * `src/middleware/roleMiddleware.js`: Role-based authorization guard.\r\n  * `src/models/User.js`: User schema, password hashing, and role definition.\r\n  * `src/config/db.js`: MongoDB connection logic.\r\n\r\n## Environment Variables\r\n\r\nThe application depends on the following environment variables:\r\n\r\n  * `PORT` - application port, default is `3000`.\r\n  * `NODE_ENV` - runtime environment (`development` or `production`).\r\n  * `MONGO_URI` - MongoDB connection string.\r\n  * `JWT_SECRET` - secret used to sign JWT tokens.\r\n  * `JWT_ACCESS_EXPIRY` - access token lifetime (for example `15m`).\r\n  * `JWT_EXPIRES_IN` - fallback value for JWT expiry if access expiry is not set.\r\n  * `BCRYPT_ROUNDS` - number of salt rounds for password hashing.\r\n  * `JWT_REFRESH_EXPIRY` - optional refresh token lifetime when refresh token support is added.\r\n\r\n## Getting Started\r\n\r\n### Local Setup\r\n\r\n1. Install dependencies:\r\n\r\n```bash\r\nnpm install\r\n```\r\n\r\n2. Copy the example environment file:\r\n\r\n```bash\r\ncp .env.example .env\r\n```\r\n\r\n3. Update `.env` with your MongoDB connection string and secrets.\r\n\r\n4. Start the server:\r\n\r\n```bash\r\nnpm start\r\n```\r\n\r\nThe API will be available at `http://localhost:3000` when `PORT=3000` is configured.\r\n\r\n## Docker Deployment\r\n\r\n### Build and run with Docker\r\n\r\n```bash\r\ndocker build -t auth-system .\r\ndocker run --env-file .env -p 3000:3000 auth-system\r\n```\r\n\r\n### Run with Docker Compose\r\n\r\n```bash\r\ndocker-compose up --build\r\n```\r\n\r\nThe `docker-compose.yml` file starts the application and a MongoDB database with persistent storage.\r\n\r\n## API Endpoints\r\n\r\n### Public Routes\r\n\r\n| Method | Endpoint                       | Description                                   |\r\n| :----- | :----------------------------- | :-------------------------------------------- |\r\n| `POST` | `/api/auth/register`           | Register a new user.                          |\r\n| `POST` | `/api/auth/login`              | Authenticate and receive a JWT.               |\r\n| `POST` | `/api/auth/forgotpassword`     | Request a password reset token.               |\r\n| `PUT`  | `/api/auth/resetpassword/:resettoken` | Reset password using a reset token.    |\r\n\r\n### Protected Routes\r\n\r\n| Method | Endpoint                | Description                                |\r\n| :----- | :---------------------- | :----------------------------------------- |\r\n| `GET`  | `/api/auth/profile`     | Return authenticated user profile.         |\r\n| `GET`  | `/api/auth/admin`       | Access admin-only resources.               |\r\n\r\nProtected endpoints require an `Authorization` header with a Bearer token:\r\n\r\n```http\r\nAuthorization: Bearer \u003ctoken\u003e\r\n```\r\n\r\n## Deployment Notes\r\n\r\n  * Use `MONGO_URI` pointed at the `db` service when deploying with Docker Compose.\r\n  * Keep `JWT_SECRET` secure and do not commit `.env` to source control.\r\n  * Use production-ready values for `BCRYPT_ROUNDS` and token expiry times.\r\n\r\n## Supported Roles\r\n\r\n  * `user` - standard authenticated user.\r\n  * `admin` - elevated privileges for admin-only routes.\r\n\r\n## License\r\n\r\nThis project is released under the MIT License.\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fharipatel07%2Fnodejs-auth-system","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fharipatel07%2Fnodejs-auth-system","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fharipatel07%2Fnodejs-auth-system/lists"}