https://github.com/ilkaytech/advanced-mern-auth
https://github.com/ilkaytech/advanced-mern-auth
2fa-security jwt-token mongodb-database nextjs nodejs rate-limiting redis-cache shadcn-ui tailwind-css typescript zod
Last synced: 2 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/ilkaytech/advanced-mern-auth
- Owner: ilkaytech
- Created: 2024-12-01T17:26:03.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2025-08-21T11:40:11.000Z (10 months ago)
- Last Synced: 2025-08-21T13:32:23.387Z (10 months ago)
- Topics: 2fa-security, jwt-token, mongodb-database, nextjs, nodejs, rate-limiting, redis-cache, shadcn-ui, tailwind-css, typescript, zod
- Language: TypeScript
- Homepage:
- Size: 16.1 MB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Advanced Authentication System with Node.js, TypeScript, 2FA, JWT, Sessions & Next.js
A full-stack, secure authentication boilerplate built using **Node.js**, **Express**, **TypeScript**, and **Next.js**. It includes modern auth features like **email verification**, **2FA**, **access & refresh tokens**, **cookie-based sessions**, and more — all production-ready.
---
## Key Features
### Backend (Node.js + Express + TypeScript)
- **Modular Architecture** — Clean, scalable folder structure
- **MongoDB (Mongoose)** for schema modeling
- **User Registration & Login**
- **Email Verification with Resend**
- **Password Reset via Email**
- **Access & Refresh Tokens (JWT)**
- **Secure Cookies for Session Management**
- **Two-Factor Authentication (2FA)** using `speakeasy` and `qrcode`
- **Passport.js with JWT strategy**
- **Rate Limiting** middleware for brute-force protection
- **Environment-based Config with dotenv**
- **Validation with Zod**
---
### Frontend (Next.js + TypeScript + Tailwind CSS)
- **Reusable Auth Forms** (Sign up / Login)
- **Email Confirmation Page**
- **Protected Routes with Middleware**
- **User Dashboard with Session Info**
- **2FA Setup & Verification Flow**
- **Active Session Tracking & Management**
- **Logout with Secure Session Termination**
- **Light & Dark Mode UI**
---
## Getting Started
### Backend
```bash
cd backend
npm install
npm run dev
```
> Create a `.env` file and set up Mongo URI, JWT secrets, Resend API key, etc.
### Frontend
```bash
cd frontend
npm install
npm run dev
```
---
## 📌 Tech Stack
- **Backend**: Node.js, Express, MongoDB, TypeScript, Passport, JWT
- **Frontend**: Next.js, React, Tailwind CSS
- **Security**: Bcrypt, JWT, 2FA, Cookie-based auth, Rate limiting
- **Utilities**: Zod, Resend, dotenv, qrcode
---
## API Documentation
**Swagger**
- 🔗 [View Swagger UI](http://api-docs)
- 🔗 [Download Swagger JSON](http://api-docs-json)
You can import the JSON file into tools like **Postman**
---
Application Screenshots
