Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ephraimduncan/node-express-auth-api

A Simple Node Authentication REST API with Express and MongoDB
https://github.com/ephraimduncan/node-express-auth-api

boilerplate express mongodb mongoose nodejs rest-api

Last synced: 20 days ago
JSON representation

A Simple Node Authentication REST API with Express and MongoDB

Host: GitHub
URL: https://github.com/ephraimduncan/node-express-auth-api
Owner: ephraimduncan
License: mit
Created: 2022-11-23T15:39:59.000Z (about 2 years ago)
Default Branch: main
Last Pushed: 2022-11-28T18:01:20.000Z (about 2 years ago)
Last Synced: 2024-12-06T05:42:18.998Z (26 days ago)
Topics: boilerplate, express, mongodb, mongoose, nodejs, rest-api
Language: JavaScript
Homepage:
Size: 60.5 KB
Stars: 1
Watchers: 2
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: readme.md
- Contributing: CONTRIBUTING.md
- License: LICENSE

Awesome Lists containing this project

README

        ## Node.js Auth API

A Simple Authentication RESTful API using Node.js, Express, and Mongoose.

By running a single command, you will get a production-ready Node.js app installed and fully configured on your machine. The app comes authentication using JWT, request validation

## Installation

If you would still prefer to do the installation manually, follow these steps:

Clone the repo:

```bash

git clone https://github.com/dephraiim/node-express-auth-api

cd node-express-auth-api

```

Install the dependencies:

```bash

pnpm install

```

Set the environment variables:

```bash

cp .env.example .env

# open .env and modify the environment variables (if needed)

```

## Table of Contents

- [Features](#features)

- [Commands](#commands)

- [Environment Variables](#environment-variables)

- [Project Structure](#project-structure)

- [API Endpoints](#api-endpoints)

- [Authentication and Authorization](#authentication-and-authorization)

- [Upcoming Features](#upcoming-features)

- [Contributing](#contributing)

## Features

- **NoSQL database**: [MongoDB](https://www.mongodb.com) object data modeling using [Mongoose](https://mongoosejs.com)

- **Authentication and authorization**: using [JWT](https://jwt.io)

- **Validation**: request data validation using [Joi](https://github.com/hapijs/joi)

- **Logging**: using [morgan](https://github.com/expressjs/morgan)

- **Error handling**: error handling mechanism using [http-errors](https://github.com/jshttp/http-errors)

- **Environment variables**: using [dotenv](https://github.com/motdotla/dotenv)

## Commands

Running locally:

```bash

pnpm dev

```

## Environment Variables

The environment variables can be found and modified in the `.env` file. They come with these default values:

```bash

# Port number

PORT=3000

# URL of the Mongo DB

MONGODB_URL=mongodb://127.0.0.1:27017/

DB_NAME=node_express_auth_api

# JWT

# JWT secret key

ACCESS_TOKEN_SECRET=""

REFRESH_TOKEN_SECRET=""

```

## Project Structure

```

src\

 |--controllers\    # Route controllers (controller layer)

 |--models\         # Mongoose models (data layer)

 |--routes\         # Routes

 |--lib\            # Utility classes and functions

 |--app.js          # Express app

```

## API Endpoints

List of available routes:

**Auth routes**:\

`POST /auth/register` - register\

`POST /auth/login` - login\

`POST /auth/refresh` - refresh auth tokens\

`POST /auth/logout` - logout a user\

## Authentication and Authorization

These routes require a valid JWT access token in the Authorization request header using the Bearer schema. If the request does not contain a valid access token, an Unauthorized (401) error is thrown.

**Generating Access Tokens**:

An access token can be generated by making a successful call to the register (`POST /auth/register`) or login (`POST /auth/login`) endpoints. The response of these endpoints also contains refresh tokens (explained below).

**Refreshing Access Tokens**:

After the access token expires, a new access token can be generated, by making a call to the refresh token endpoint (`POST /auth/refresh`) and sending along a valid refresh token in the request body. This call returns a new access token and a new refresh token.

## Upcoming Features

- Set Secure HTTP Headers using Helmet

- gzip compressiong with express-compression

- Continuous Integration with Github Actions

- Docker Support

- Git Hooks

- Unit and Integration Tests

- API Documentation with Swagger

- TypeScript Support

- Linting with ESLint

- Pagination

## Contributing

Contributions are more than welcome! Please check out the [contributing guide](CONTRIBUTING.md).

## License

[MIT](LICENSE)