{"id":17973289,"url":"https://github.com/shinniuwu/quickshield","last_synced_at":"2026-05-08T15:34:36.726Z","repository":{"id":259987521,"uuid":"879988134","full_name":"ShinniUwU/QuickShield","owner":"ShinniUwU","description":"This is a simple user management application built with Fastify, Prisma, and Node.js. It includes user registration, login, and password reset functionalities. The application is designed for personal use, but anyone is welcome to contribute and improve it!","archived":false,"fork":false,"pushed_at":"2024-10-28T23:08:56.000Z","size":60,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-03T23:23:10.520Z","etag":null,"topics":["api","auth","authentication","contribute","easyauth","fastauth","fastify","nodejs","performance","prisma","quickshield","sql"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ShinniUwU.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-10-28T23:01:00.000Z","updated_at":"2024-10-28T23:11:14.000Z","dependencies_parsed_at":"2024-10-29T00:18:26.890Z","dependency_job_id":"20ae12d1-a52d-4555-928f-ca8dc2ea5a93","html_url":"https://github.com/ShinniUwU/QuickShield","commit_stats":null,"previous_names":["shinniuwu/quickshield"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ShinniUwU/QuickShield","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ShinniUwU%2FQuickShield","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ShinniUwU%2FQuickShield/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ShinniUwU%2FQuickShield/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ShinniUwU%2FQuickShield/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ShinniUwU","download_url":"https://codeload.github.com/ShinniUwU/QuickShield/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ShinniUwU%2FQuickShield/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":263922513,"owners_count":23530338,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","auth","authentication","contribute","easyauth","fastauth","fastify","nodejs","performance","prisma","quickshield","sql"],"created_at":"2024-10-29T16:30:13.362Z","updated_at":"2026-05-08T15:34:36.720Z","avatar_url":"https://github.com/ShinniUwU.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# QuickShield — Fastify Auth Template\n\nQuickShield is a minimal, secure starter for user authentication built on **Fastify**, **Prisma**, and **TypeScript** (runs great on **Bun**). It ships with cookie-based sessions, CSRF protection, rate-limiting, and automatic Swagger docs generated from TypeBox route schemas.\n\n## Features\n\n- User registration, login, logout, and profile (`/me`)\n- Password reset via secure, one-time tokens\n- Encrypted cookie sessions (`@fastify/secure-session`), no Redis required\n- CSRF protection for state-changing routes\n- Rate limiting and security headers (helmet)\n- CORS allowlist via env\n- OpenAPI/Swagger UI at `/docs` (from TypeBox schemas)\n\n### CSRF usage\n\n- Call `GET /csrf` to retrieve a CSRF token. The token is tied to your session.\n- Send it in header `x-csrf-token` for any state-changing request (POST/PUT/PATCH/DELETE).\n- Example:\n\n  ```bash\n  curl -c cookie.txt http://localhost:3000/csrf\n  # =\u003e {\"token\":\"...\"}\n  curl -b cookie.txt -H \"x-csrf-token: \u003ctoken\u003e\" -H \"content-type: application/json\" \\\n       -X POST -d '{\"email\":\"dev@example.com\",\"password\":\"secret123\"}' http://localhost:3000/login\n  ```\n\n## Stack\n\n- Fastify, @sinclair/typebox, @fastify/swagger, @fastify/swagger-ui\n- @fastify/secure-session, @fastify/csrf-protection, @fastify/helmet, @fastify/cors, @fastify/rate-limit\n- Prisma ORM (+ @prisma/client)\n- Argon2 password hashing (argon2id)\n- Nodemailer email transport\n\n## Getting Started\n\n### Prerequisites\n\n- Bun or Node.js 18+\n- A relational DB (PostgreSQL recommended)\n\n### Installation\n\n1. **Clone the repository:**\n\n   ```bash\n   git clone https://github.com/ShinniUwU/QuickShield.git\n   cd QuickShield\n   ```\n\n2. **Install dependencies:**\n\n   ```bash\n   bun install\n   ```\n\n3. **Configure environment:**\n\n   Copy `.env.example` to `.env` and fill values. Generate a session secret:\n\n   ```bash\n   cp .env.example .env\n   openssl rand -base64 32  # paste into SESSION_SECRET\n   ```\n\n4. **Run Prisma migrations:**\n\n   ```bash\n   bunx prisma migrate dev --name init\n   ```\n\n5. **Start the server:**\n\n   ```bash\n   bun run start\n   ```\n\n   - API: `http://localhost:3000`\n   - Docs: `http://localhost:3000/docs`\n\n### Endpoints\n\nDocumented at `/docs`. Core routes:\n\n- POST `/register` — register user\n- POST `/login` — start session (cookie)\n- POST `/logout` — end session\n- GET `/me` — current user\n- POST `/forgot-password` — request reset link\n- POST `/reset-password` — submit new password\n\n### Dev SMTP (optional)\n\nRun a local SMTP sink on port 2525 and point `.env` to it for testing emails:\n\n```bash\nbun run smtp:dev\n```\n\n### License\n\nQuickShield is released under a permissive \"Creditware\" license.\n\nYou may use and modify it freely — including commercially — as long as\nyou give credit to the original QuickShield repository and don’t resell\nit uncredited.  See [LICENSE](./LICENSE) for full terms.\n\n### Contributing\n\nFork the repo and open a PR. Please keep changes focused and documented.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fshinniuwu%2Fquickshield","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fshinniuwu%2Fquickshield","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fshinniuwu%2Fquickshield/lists"}