{"id":19606737,"url":"https://github.com/learnwithfair/mern-user-admin-authentication","last_synced_at":"2026-06-08T22:32:28.915Z","repository":{"id":238089761,"uuid":"795847905","full_name":"learnwithfair/mern-user-admin-authentication","owner":"learnwithfair","description":"mern-user-admin-authentication with [learnwithfair, Learn with fair, Rahatul Rabbi, Md Rahatul Rabbi ,rahatulrabbi]","archived":false,"fork":false,"pushed_at":"2024-05-04T08:32:37.000Z","size":587,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-26T16:49:53.785Z","etag":null,"topics":["admin-auth","authentication","learn-with-fair","learnwithfair","mern","mern-stack","rahatul-rabbi","rahatulrabbi","user-authentication","web-authentication","web-development"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/learnwithfair.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-05-04T08:25:52.000Z","updated_at":"2024-05-04T08:32:40.000Z","dependencies_parsed_at":"2024-05-04T09:38:51.496Z","dependency_job_id":null,"html_url":"https://github.com/learnwithfair/mern-user-admin-authentication","commit_stats":null,"previous_names":["learnwithfair/mern-user-admin-authentication"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/learnwithfair/mern-user-admin-authentication","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/learnwithfair%2Fmern-user-admin-authentication","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/learnwithfair%2Fmern-user-admin-authentication/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/learnwithfair%2Fmern-user-admin-authentication/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/learnwithfair%2Fmern-user-admin-authentication/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/learnwithfair","download_url":"https://codeload.github.com/learnwithfair/mern-user-admin-authentication/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/learnwithfair%2Fmern-user-admin-authentication/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34083848,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-08T02:00:07.615Z","response_time":111,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["admin-auth","authentication","learn-with-fair","learnwithfair","mern","mern-stack","rahatul-rabbi","rahatulrabbi","user-authentication","web-authentication","web-development"],"created_at":"2024-11-11T10:07:04.435Z","updated_at":"2026-06-08T22:32:28.898Z","avatar_url":"https://github.com/learnwithfair.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# MERN-USER-ADMIN-AUTHENTICATION\n\n[![Youtube][youtube-shield]][youtube-url]\n[![Facebook][facebook-shield]][facebook-url]\n[![Instagram][instagram-shield]][instagram-url]\n[![LinkedIn][linkedin-shield]][linkedin-url]\n\nThanks for visiting my GitHub account!\n\n\u003cimg src =\"https://cdn-icons-png.flaticon.com/512/1791/1791961.png\" height = \"200px\" width = \"200px\"/\u003e**Authentication** is the process of determining whether someone or something is who or what they say they are. Authentication technology provides access control for systems by checking to see if a user's credentials match the credentials in a database of authorized users or a data authentication server. In doing this, authentication ensures that systems, processes and enterprise information are secure.\n\nThere are several authentication types. For user identity, users are typically identified with a user ID; authentication occurs when the user provides credentials, such as a password, that match their user ID.\n\n**Web Authentication** is a web standard published by the World Wide Web Consortium. WebAuthn is a core component of the FIDO2 Project under the guidance of the FIDO Alliance[see-more](https://www.techtarget.com/searchsecurity/definition/authentication)\n\n## Source Code (Download)\n\n- [Source-code](https://mega.nz/file/NDc21JbR#sH8I02B9UeaySHIwDwrC--5TskyXQrR-K6olIEZp3cA)\n- [Documentation](https://github.com/learnwithfair/node-express-documentation)\n\n## Template includes\n\n- User/Admin Registration Process\n- Login with Manually/Facebook\n- Login with Manually/Google.\n- Verify using JWT Token\n- For verification Send Mail to the user Email.\n- Crud Operation\n  - POST / -\u003e search the blog (Admin/User)\n  - POST /search-blogs -\u003e search the blog (Admin/User)\n  - GET /:id -\u003e get single blog\n  - POST / -\u003e create a blog (Admin)\n  - DELETE /:id -\u003e delete a blog (Admin)\n  - PUT /:id -\u003e update a blog (Admin)\n\n## Required Software (Download)\n\n- VS Code, Download -\u003ehttps://code.visualstudio.com/download\n- Node, Download-\u003e https://nodejs.org/en/download\n- MongoDB Shell(msi) , Download-\u003e https://www.mongodb.com/try/download/shell\n- MongoDB Compass (msi), Download-\u003e https://www.mongodb.com/try/download/community\n- Postman, Download-\u003e https://www.postman.com/downloads/\n\n**Or Online Database (MongoDB Atlas)**\n\n- Register -\u003e https://www.mongodb.com/cloud/atlas/register\n\n## ========== Environment Setup ==========\n\n1. Install Node.js\n2. To verify installation into command form by node -v\n3. For initialization npm write the query in the command window as npm init -y\n4. Setup the opening file into the package.json and change the file with main:'server.js'\n5. To create a server using the express package then write a query into the command window as npm install express.\n   Write code in the server file for initialization\n   const express = require(\"express\");\n   const app = express();\n   app.listen(3000, () =\u003e {\n   console.log(\"Server is running at http://localhost:3000\");\n   });\n\n6. Install the nodemon package for automatically running the server as- npm i --save-dev nodemon (For Developing purpose)\n7. setup the package.json file in the scripts key, write\n   \"scripts\": {\n   \"start\": \"node ./resources/backend/server.js\",\n   \"dev\": \"nodemon ./resources/backend/server.js\",\n   \"test\": \"echo \\\"Error: no test specified\\\" \u0026\u0026 exit 1\"\n   },\n8. use the Morgan package for automatic restart. Hence install the morgan package as npm install --save-dev morgan (Development purpose)\n   Write code in the server file for initialization\n   const morgan = require(\"morgan\");\n   app.use(morgan(\"dev\")); --\u003e Middlewire.\n9. Install Postman software for API testing by the URL endpoint.\n10. Install Mongobd + MongobdCompass and Mongoshell (For Database)\n\n## ========== Connect MongoDB Database ==========\n\n1. Install Mondodb + Mongodb Compass and Mongodb Shell download from the google.\n2. Set up Environment Variable in drive:c/program file\n3. Create a directory in the base path of the c drive named data. Inside the data directory create another folder db.\n4. Write the command in the CMD window as Mongod. And write the other command in the other CMD window as mongosh.\n5. Then Check the version as mongod --version and mongosh --version.\n6. Install mongoose package as npm i mongoose\n7. Create an atlas account. In the atlas account create a cluster that have a user(as atlas admin) and network access with any access IP address.\n8. Connect the database using URL from the atlas cluster or local Mongodb compass using the mongoose package as mongoose. connect('mongodb://localhost:27017/database-name);\n\n## How to use this template\n\n- Clone project in your local machine\n- Run the command in the root directory (Client)\n\n```cmd\ncd client\nnpm install\nnpm start\n\n```\n\n- Run the command in the root directory using another terminal (Server)\n\n```cmd\ncd server\nnpm install\nnpm start\n\n```\n\n- Visit project in your browser using path -\u003e `http://localhost:8000`\n\n## Configuration (If needed)\n\n- Step-1: Setup .env file in the server folder\n\n```env\nSERVER_PORT=8080\nMONGODB_URL=\nJWT_ACCOUNT_ACTIVATION_KEY=\nJWT_RESET_PASSWORD_KEY=\nJWT_ACCESS_TOKEN_KEY=\nJWT_REFRESH_TOKEN_KEY=\nSMTP_USERNAME=YOUR_GMAIL_HERE\nSMTP_PASSWORD=\nCLIENT_URL=\nSESSION_SECRET=\nGOOGLE_CLIENT_ID=\nGOOGLE_CLIENT_SECRET=\n\n```\n\n- Step-2: Setup for secrect key\n\n```js\nrequire(\"dotenv\").config();\n\nconst dev = {\n  db: {\n    mongoURL:\n      process.env.MONGODB_URL || \"mongodb://127.0.0.1:27017/database-name\",\n  },\n  app: {\n    port: process.env.SERVER_PORT || 8000,\n    jwtAccountActivationKey: process.env.JWT_ACCOUNT_ACTIVATION_KEY,\n    jwtResetPasswordKey: process.env.JWT_RESET_PASSWORD_KEY,\n    jwtAcessTokenKey: process.env.JWT_ACCESS_TOKEN_KEY,\n    jwtRefreshTokenKey: process.env.JWT_REFRESH_TOKEN_KEY,\n    smtpUsername: process.env.SMTP_USERNAME,\n    smtpPassword: process.env.SMTP_PASSWORD,\n    clientUrl: process.env.CLIENT_URL,\n    googleClientId: process.env.GOOGLE_CLIENT_ID,\n    googleClientSecret: process.env.GOOGLE_CLIENT_SECRET,\n  },\n};\n\nmodule.exports = dev;\n```\n\n## Working Principle\n\n- /test -\u003e health check (D)\n\n  - setup morgan\n  - create responseHandler - errorResponse, successResponse\n  - handle http errors\n  - test from Postman\n\n- /seed -\u003e seeding some data (D)\n\n  - crate dummy data\n  - store in database\n\n- /api/users\n\n  - POST /register -\u003e create the user account (D)\n    - get multi-part form data from the request body using multer\n    - input validation check -\u003e presence, image size, user exist\n    - password hashing with bcrypt\n    - create a jwt for storing user data temporarily\n    - send email with nodemailer (SMPTP gmail username, password)\n  - POST /activate -\u003e activate the user account (D)\n    - get the jwt from request\n    - check existance of jwt\n    - verify the jwt \u0026 decode the data\n    - create \u0026 save the new user\n  - GET /profile -\u003e get the user account (D)\n    - get the id from request body\n    - findById()\n    - send response based on user found or not\n    - handle the mongoose Cast error\n  - DELETE /:id -\u003e delete the user account (D)\n    - get the id from request body\n    - findById(id)\n    - if found delete the image from the server folder\n    - findByIdAndDelete(id)\n    - clear the cookies\n    - send response\n  - PUT /:id -\u003e update the user account (D)\n    - get the data from request body and params\n    - create filter, updates, options\n    - check image exist -\u003e image size -\u003e change updates\n    - findByIdAndUpdate(filter, updates, options)\n    - if user was updated then send response\n  - PUT /update-password/:id -\u003e update the password\n    - aa\n  - POST /forget-password -\u003e forget the password\n  - PUT /reset-password -\u003e reset the password\n  - PUT /ban/:id -\u003e ban the user\n  - PUT /unban/:id -\u003e unban the user\n  - GET - Admin - /all-users -\u003e get all users including search \u0026 pagination (D)\n    - get data from request body\n    - search users using regex\n    - include pagination\n    - send response\n\n- /api/auth (JWT Auth)\n\n  - POST /login -\u003e isLoggedOut -\u003e user login (D)\n    - middlewares: validateUserLogin, runValidation using express-validator, isLoggedOut\n    - extract request body\n    - check user's existance\n    - compare the password \u0026 return response\n    - check user is banned \u0026 return response\n    - create jwt token with an expiry time\n    - create http only cookie with less time\n  - POST /logout -\u003e isLoggedIn -\u003e user logout (D)\n    - clear the cookie\n    - send the response\n  - GET /refresh -\u003e get refresh token (D)\n    - get old access token from cookie\n    - verify old token\n    - if verified - clear exisitng cookie, create refresh token (new token), cookie, return refresh token\n\n- Middleware\n\n  - isLoggedIn (D)\n  - isLoggedOut\n  - isAdmin\n  - uploadFile\n  - getRefreshToken\n  - userValidation\n\n- /api/blogs\n\n  - POST / -\u003e search the blog (Admin/User)\n  - POST /search-blogs -\u003e search the blog (Admin/User)\n  - GET /:id -\u003e get single blog\n  - POST / -\u003e create a blog (Admin)\n  - DELETE /:id -\u003e delete a blog (Admin)\n  - PUT /:id -\u003e update a blog (Admin)\n\n- package that we will need\n  `npm install express cors http-errors multer body-parser bcrypt jsonwebtoken nodemailer cookie-parser`\n  `npm install --save-dev morgan nodemon`\n\n## Follow Me\n\n[\u003cimg src='https://cdn.jsdelivr.net/npm/simple-icons@3.0.1/icons/github.svg' alt='github' height='40'\u003e](https://github.com/learnwithfair) [\u003cimg src='https://cdn.jsdelivr.net/npm/simple-icons@3.0.1/icons/facebook.svg' alt='facebook' height='40'\u003e](https://www.facebook.com/learnwithfair/) [\u003cimg src='https://cdn.jsdelivr.net/npm/simple-icons@3.0.1/icons/instagram.svg' alt='instagram' height='40'\u003e](https://www.instagram.com/learnwithfair/) [\u003cimg src='https://cdn.jsdelivr.net/npm/simple-icons@3.0.1/icons/twitter.svg' alt='twitter' height='40'\u003e](https://www.twiter.com/learnwithfair/) [\u003cimg src='https://cdn.jsdelivr.net/npm/simple-icons@3.0.1/icons/youtube.svg' alt='YouTube' height='40'\u003e](https://www.youtube.com/@learnwithfair)\n\n\u003c!-- MARKDOWN LINKS \u0026 IMAGES --\u003e\n\n[youtube-shield]: https://img.shields.io/badge/-Youtube-black.svg?style=flat-square\u0026logo=youtube\u0026color=555\u0026logoColor=white\n[youtube-url]: https://youtube.com/@learnwithfair\n[facebook-shield]: https://img.shields.io/badge/-Facebook-black.svg?style=flat-square\u0026logo=facebook\u0026color=555\u0026logoColor=white\n[facebook-url]: https://facebook.com/learnwithfair\n[instagram-shield]: https://img.shields.io/badge/-Instagram-black.svg?style=flat-square\u0026logo=instagram\u0026color=555\u0026logoColor=white\n[instagram-url]: https://instagram.com/learnwithfair\n[linkedin-shield]: https://img.shields.io/badge/-LinkedIn-black.svg?style=flat-square\u0026logo=linkedin\u0026colorB=555\n[linkedin-url]: https://linkedin.com/company/learnwithfair\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flearnwithfair%2Fmern-user-admin-authentication","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flearnwithfair%2Fmern-user-admin-authentication","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flearnwithfair%2Fmern-user-admin-authentication/lists"}