https://github.com/haripatel07/nodejs-auth-system
A secure and professional Node.js + Express.js Authentication API with JWT, role-based access control, and password reset functionality.
https://github.com/haripatel07/nodejs-auth-system
backend express jwt mongodb nodejs
Last synced: about 2 months ago
JSON representation
A secure and professional Node.js + Express.js Authentication API with JWT, role-based access control, and password reset functionality.
- Host: GitHub
- URL: https://github.com/haripatel07/nodejs-auth-system
- Owner: haripatel07
- License: mit
- Created: 2025-08-27T13:06:56.000Z (10 months ago)
- Default Branch: main
- Last Pushed: 2025-08-27T17:25:52.000Z (10 months ago)
- Last Synced: 2025-08-27T22:19:51.116Z (10 months ago)
- Topics: backend, express, jwt, mongodb, nodejs
- Language: JavaScript
- Homepage:
- Size: 327 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Authentication System API
This repository is a deployment-ready authentication API built with Node.js, Express, and MongoDB. It includes user registration, JWT authentication, role-based access control, and password reset functionality.
## Key Features
* User registration and login secured with `bcrypt` password hashing.
* JWT authentication using `jsonwebtoken` with token expiration support.
* Role-based access control (`user`, `admin`) for protected routes.
* Password reset via secure, time-limited reset tokens.
* Centralized error handling and environment-based configuration.
* MongoDB data persistence with `mongoose`.
## Architecture Overview
* `server.js`: Application entry point and route registration.
* `src/routes/authRoutes.js`: Authentication and authorization endpoints.
* `src/controllers/authController.js`: Request handling for auth operations.
* `src/middleware/authMiddleware.js`: JWT verification and protected route enforcement.
* `src/middleware/roleMiddleware.js`: Role-based authorization guard.
* `src/models/User.js`: User schema, password hashing, and role definition.
* `src/config/db.js`: MongoDB connection logic.
## Environment Variables
The application depends on the following environment variables:
* `PORT` - application port, default is `3000`.
* `NODE_ENV` - runtime environment (`development` or `production`).
* `MONGO_URI` - MongoDB connection string.
* `JWT_SECRET` - secret used to sign JWT tokens.
* `JWT_ACCESS_EXPIRY` - access token lifetime (for example `15m`).
* `JWT_EXPIRES_IN` - fallback value for JWT expiry if access expiry is not set.
* `BCRYPT_ROUNDS` - number of salt rounds for password hashing.
* `JWT_REFRESH_EXPIRY` - optional refresh token lifetime when refresh token support is added.
## Getting Started
### Local Setup
1. Install dependencies:
```bash
npm install
```
2. Copy the example environment file:
```bash
cp .env.example .env
```
3. Update `.env` with your MongoDB connection string and secrets.
4. Start the server:
```bash
npm start
```
The API will be available at `http://localhost:3000` when `PORT=3000` is configured.
## Docker Deployment
### Build and run with Docker
```bash
docker build -t auth-system .
docker run --env-file .env -p 3000:3000 auth-system
```
### Run with Docker Compose
```bash
docker-compose up --build
```
The `docker-compose.yml` file starts the application and a MongoDB database with persistent storage.
## API Endpoints
### Public Routes
| Method | Endpoint | Description |
| :----- | :----------------------------- | :-------------------------------------------- |
| `POST` | `/api/auth/register` | Register a new user. |
| `POST` | `/api/auth/login` | Authenticate and receive a JWT. |
| `POST` | `/api/auth/forgotpassword` | Request a password reset token. |
| `PUT` | `/api/auth/resetpassword/:resettoken` | Reset password using a reset token. |
### Protected Routes
| Method | Endpoint | Description |
| :----- | :---------------------- | :----------------------------------------- |
| `GET` | `/api/auth/profile` | Return authenticated user profile. |
| `GET` | `/api/auth/admin` | Access admin-only resources. |
Protected endpoints require an `Authorization` header with a Bearer token:
```http
Authorization: Bearer
```
## Deployment Notes
* Use `MONGO_URI` pointed at the `db` service when deploying with Docker Compose.
* Keep `JWT_SECRET` secure and do not commit `.env` to source control.
* Use production-ready values for `BCRYPT_ROUNDS` and token expiry times.
## Supported Roles
* `user` - standard authenticated user.
* `admin` - elevated privileges for admin-only routes.
## License
This project is released under the MIT License.