{"id":26664020,"url":"https://github.com/pkparthk/mern-auth","last_synced_at":"2026-04-20T04:03:21.185Z","repository":{"id":283713253,"uuid":"952684071","full_name":"pkparthk/Mern-Auth","owner":"pkparthk","description":"A MERN stack authentication system featuring role-based login for developers and admins, with React frontend and context-based state management.","archived":false,"fork":false,"pushed_at":"2025-03-21T19:23:06.000Z","size":214,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-10-20T01:20:07.712Z","etag":null,"topics":["authentication","context-api","fullstack","jwt","login-system","mern","react"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pkparthk.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-03-21T17:39:48.000Z","updated_at":"2025-07-13T21:06:03.000Z","dependencies_parsed_at":"2025-10-19T19:34:02.150Z","dependency_job_id":null,"html_url":"https://github.com/pkparthk/Mern-Auth","commit_stats":null,"previous_names":["pkparthk/mern-auth"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/pkparthk/Mern-Auth","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pkparthk%2FMern-Auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pkparthk%2FMern-Auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pkparthk%2FMern-Auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pkparthk%2FMern-Auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pkparthk","download_url":"https://codeload.github.com/pkparthk/Mern-Auth/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pkparthk%2FMern-Auth/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32032306,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-20T00:18:06.643Z","status":"online","status_checked_at":"2026-04-20T02:00:06.527Z","response_time":94,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","context-api","fullstack","jwt","login-system","mern","react"],"created_at":"2025-03-25T15:56:02.295Z","updated_at":"2026-04-20T04:03:21.167Z","avatar_url":"https://github.com/pkparthk.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# MERN Authentication Application\r\n\r\nA complete MERN (MongoDB, Express, React, Node.js) stack application featuring JWT authentication, SSL implementation, and role-based access control (admin and developer roles).\r\n\r\n\r\n## šŸŽ„ Watch the Demo Video\r\n\r\n [Watch the video](https://vimeo.com/1068247556)\r\n\r\n## Features\r\n\r\n- User registration and login with JWT authentication\r\n- Role-based authorization (Admin and Developer roles)\r\n- Secure routes with middleware protection\r\n- SSL implementation for secure communication\r\n- Password encryption using bcrypt\r\n- MongoDB database for data storage\r\n- React frontend with context API for state management\r\n- Responsive UI for various screen sizes\r\n- Here I use the self generated SSL certificates\r\n\r\n# Authentication API with SSL \r\n\r\n## **Overview** \r\nThis authentication system uses JWT-based authentication and enforces SSL for secure communication. \r\n\r\n## **Why SSL?** \r\nSSL ensures that all user credentials, JWT tokens, and sensitive data are encrypted during transmission, preventing attacks like MITM (Man-in-the-Middle) and data interception. \r\n\r\n## **Where SSL is Used?** \r\n- **Login \u0026 Registration**: Encrypts email and password during authentication. \r\n- **JWT Tokens**: Securely transmits authentication tokens over HTTPS. \r\n- **Secure Cookies (if used)**: Ensures cookies are sent over HTTPS only. \r\n\r\n## **Security Best Practices** \r\nāœ… Enforce HTTPS with **HSTS** \r\nāœ… Use **Secure \u0026 HttpOnly** flags for cookies \r\nāœ… Regularly update and renew SSL certificates \r\nāœ… Avoid storing JWTs in local storage \r\n\r\n\r\n## Project Structure\r\n\r\n```\r\nmern-auth-app/\r\nā”œā”€ā”€ frontend/ # React frontend\r\nā”‚ ā”œā”€ā”€ public/\r\nā”‚ ā”œā”€ā”€ src/\r\nā”‚ ā”‚ ā”œā”€ā”€ components/\r\nā”‚ ā”‚ ā”‚ ā”œā”€ā”€ auth/\r\nā”‚ ā”‚ ā”‚ ā”‚ ā”œā”€ā”€ Login.js\r\nā”‚ ā”‚ ā”‚ ā”‚ ā””ā”€ā”€ Register.js\r\nā”‚ ā”‚ ā”‚ ā”œā”€ā”€ dashboard/\r\nā”‚ ā”‚ ā”‚ ā”‚ ā”œā”€ā”€ Dashboard.js\r\nā”‚ ā”‚ ā”‚ ā”‚ ā”œā”€ā”€ AdminDashboard.js\r\nā”‚ ā”‚ ā”‚ ā”‚ ā””ā”€ā”€ DeveloperDashboard.js\r\nā”‚ ā”‚ ā”‚ ā”œā”€ā”€ layout/\r\nā”‚ ā”‚ ā”‚ ā”‚ ā””ā”€ā”€ NotFound.js\r\nā”‚ ā”‚ ā”‚ ā””ā”€ā”€ routing/\r\nā”‚ ā”‚ ā”‚ ā””ā”€ā”€ PrivateRoute.js\r\nā”‚ ā”‚ ā”œā”€ā”€ context/\r\nā”‚ ā”‚ ā”‚ ā””ā”€ā”€ AuthContext.js\r\nā”‚ ā”‚ ā”œā”€ā”€ App.css\r\nā”‚ ā”‚ ā”œā”€ā”€ App.js\r\nā”‚ ā”‚ ā””ā”€ā”€ index.js\r\nā”‚ ā””ā”€ā”€ package.json\r\nā”œā”€ā”€ backend/ # Node.js backend\r\nā”‚ ā”œā”€ā”€ middleware/\r\nā”‚ ā”‚ ā””ā”€ā”€ auth.js\r\nā”‚ ā”œā”€ā”€ models/\r\nā”‚ ā”‚ ā””ā”€ā”€ User.js\r\nā”‚ ā”œā”€ā”€ routes/\r\nā”‚ ā”‚ ā”œā”€ā”€ auth.js\r\nā”‚ ā”‚ ā””ā”€ā”€ users.js\r\nā”‚ ā”œā”€ā”€ .env\r\nā”‚ ā”œā”€ā”€ package.json\r\nā”‚ ā””ā”€ā”€ backend.js\r\nā”œā”€ā”€ ssl/ # SSL certificates\r\nā”‚ ā”œā”€ā”€ cert.pem\r\nā”‚ ā”œā”€ā”€ csr.pem\r\nā”‚ ā””ā”€ā”€ key.pem\r\nā””ā”€ā”€ README.md\r\n```\r\n\r\n## Prerequisites\r\n\r\n- Node.js (v14 or higher)\r\n- MongoDB (local or Atlas)\r\n- npm or yarn\r\n\r\n## Getting Started\r\n\r\n### 1. Clone the repository\r\n\r\n```bash\r\ngit clone https://github.com/yourusername/mern-auth-app.git\r\ncd mern-auth-app\r\n```\r\n\r\n### 2. Set up environment variables\r\n\r\nCreate a `.env` file in the backend directory:\r\n\r\n```bash\r\ncd backend\r\ntouch .env\r\n```\r\n\r\nAdd the following environment variables to the `.env` file:\r\n\r\n```\r\nPORT=5000\r\nHTTPS_PORT=5001\r\nMONGO_URI=mongodb://localhost:27017/mern-auth\r\nJWT_SECRET=your_jwt_secret_key_here\r\nJWT_EXPIRE=30d\r\n```\r\n\r\nReplace `your_jwt_secret_key_here` with a strong secret key.\r\n\r\n### 3. Generate SSL certificates\r\n\r\nFor production, use certificates from a trusted Certificate Authority like Let's Encrypt.\r\n\r\n### 4. Install backend dependencies\r\n\r\n```bash\r\ncd backend\r\nnpm install\r\n```\r\n\r\n### 5. Install frontend dependencies\r\n\r\n```bash\r\ncd ../frontend\r\nnpm install\r\n```\r\n\r\n### 6. Run the application\r\n\r\n#### Development mode\r\n\r\nFrom the root directory:\r\n\r\n```bash\r\n# Start MongoDB (if running locally)\r\nmongod\r\n\r\n# Start both frontend and backend (from backend directory)\r\ncd backend\r\nnpm run dev\r\n```\r\n\r\nOr start separately:\r\n\r\n```bash\r\n# Terminal 1 - Start backend\r\ncd backend\r\nnpm run backend\r\n\r\n# Terminal 2 - Start frontend\r\ncd frontend\r\nnpm start\r\n```\r\n\r\n#### Production mode\r\n\r\nFor production, build the React frontend:\r\n\r\n```bash\r\ncd frontend\r\nnpm run build\r\n```\r\n\r\nThen start the backend:\r\n\r\n```bash\r\ncd ../backend\r\nnpm start\r\n```\r\n\r\n## API Endpoints\r\n\r\n### Authentication\r\n\r\n- `POST /api/auth/register` - Register a new user\r\n- `POST /api/auth/login` - Login a user\r\n\r\n### Users\r\n\r\n- `GET /api/users/me` - Get current user (requires authentication)\r\n- `GET /api/users` - Get all users (requires admin role)\r\n\r\n## User Roles\r\n\r\n### Admin\r\n- Access to admin dashboard\r\n- Can view all users in the system\r\n- Has access to system configuration options\r\n\r\n### Developer\r\n- Access to developer dashboard\r\n- Restricted to developer-specific features\r\n\r\n## Security Features\r\n\r\n1. **JWT Authentication**: Secures API routes and authenticates users\r\n2. **Password Hashing**: Uses bcrypt to hash passwords before storage\r\n3. **SSL/HTTPS**: Encrypts data transmission between frontend and backend\r\n4. **Role-Based Authorization**: Controls access based on user roles\r\n5. **Protected Routes**: Middleware to verify JWT tokens\r\n6. **HTTP Security Headers**: Uses Helmet middleware to set security headers\r\n\r\n## Contributing\r\n\r\n1. Fork the repository\r\n2. Create your feature branch (`git checkout -b feature/amazing-feature`)\r\n3. Commit your changes (`git commit -m 'Add some amazing feature'`)\r\n4. Push to the branch (`git push origin feature/amazing-feature`)\r\n5. Open a Pull Request\r\n\r\n## License\r\n\r\nThis project is licensed under the MIT License - see the LICENSE file for details.\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpkparthk%2Fmern-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpkparthk%2Fmern-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpkparthk%2Fmern-auth/lists"}