https://github.com/mariokreitz/auth-api-test

A secure, scalable Node.js authentication API with JWT authentication, email verification, password reset, and Dockerized deployment using Nginx and MongoDB Atlas.
https://github.com/mariokreitz/auth-api-test

api authentication docker email-verification express https jwt mongodb-atlas nginx nodejs password-reset

Last synced: 10 months ago
JSON representation

A secure, scalable Node.js authentication API with JWT authentication, email verification, password reset, and Dockerized deployment using Nginx and MongoDB Atlas.

• Host: GitHub
• URL: https://github.com/mariokreitz/auth-api-test
• Owner: mariokreitz
• License: mit
• Created: 2025-01-09T04:29:21.000Z (about 1 year ago)
• Default Branch: main
• Last Pushed: 2025-01-18T13:58:29.000Z (12 months ago)
• Last Synced: 2025-01-25T16:14:39.232Z (12 months ago)
• Topics: api, authentication, docker, email-verification, express, https, jwt, mongodb-atlas, nginx, nodejs, password-reset
• Language: JavaScript
• Homepage: https://documenter.getpostman.com/view/40182248/2sAYQUqZXM
• Size: 228 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# 🚀 Auth API with Docker and Nginx

This project is a **Node.js-based authentication API** deployed using **Docker**, with **Nginx** serving as a reverse proxy. The API uses **MongoDB Atlas** for database storage and includes **JWT-based authentication**, user profile management, and secure email communication. 🔐

## 🛠 Features

- **User Authentication** (JWT) 🔑  

- **Email Verification** 📧  

- **Password Reset** 🔄  

- **User Profile Management** 🧑‍💼  

- **Admin Role Management** 👨‍💻  

- **Secure Communication via HTTPS** 🌐  

- **Login History** 📅  

  - Tracks successful and failed login attempts for better monitoring.

- **Auditing** 📝  

  - Logs all critical actions, such as profile changes, admin operations, and login attempts, ensuring a clear audit trail.

## 📝 Prerequisites

Before getting started, make sure you have the following:

- **Docker** 🐳 installed on your machine

- **Docker Compose** to manage multi-container setups 🛠

- A **domain** (for production use) 🌍

- **SSL certificates** for HTTPS (using Let's Encrypt) 🔒

- A **MongoDB Atlas** account for hosting the database 🌱

## 🚀 Project Setup

### 1. Clone the Repository

Start by cloning the repository to your local machine:

```bash

git clone https://github.com/mariokreitz/auth-api-test.git

cd auth-api-test

```

### 2. Docker Configuration

The project uses the `compose.yaml` file to define the services and environment variables. The setup includes:

- **Node.js API** (`server` service) 🖥️

- **Nginx reverse proxy** (`nginx` service) 🌐

#### Set Up the Production Data

In the `compose.yaml`, replace the environment variables with your production values:

```yaml

services:

  server:

    build:

      context: .

    environment:

      PORT: 3000

      NODE_ENV: production

      MONGO_URI: mongodb+srv://

      JWT_SECRET: 

      EMAIL_USER: 

      EMAIL_PASS: 

    expose:

      - "3000"

    networks:

      - backend

    restart: unless-stopped

  nginx:

    image: nginx:latest

    volumes:

      - ./nginx.conf:/etc/nginx/nginx.conf:ro

      - /etc/letsencrypt:/etc/letsencrypt:ro

    ports:

      - "443:443"

      - "80:80"

    depends_on:

      - server

    networks:

      - backend

    restart: unless-stopped

networks:

  backend:

    driver: bridge

```

Replace the following placeholders with your real values:

- ``

- ``

- ``

- ``

### 3. Copy Nginx Configuration

Copy the `.sample.nginx.conf` file to `nginx.conf` and replace `yourdomain.com` with your actual domain in the configuration:

```bash

cp .sample.nginx.conf nginx.conf

```

Then, in `nginx.conf`, replace:

```nginx

server {

    listen 80;

    server_name yourdomain.com www.yourdomain.com;

    # Redirect HTTP to HTTPS

    return 301 https://$host$request_uri;

}

```

With your real domain, for example:

```nginx

server {

    listen 80;

    server_name api.example.com www.api.example.com;

    # Redirect HTTP to HTTPS

    return 301 https://$host$request_uri;

}

```

### 4. Building and Running the Containers

To build and start the containers, run the following command:

```bash

docker compose up --build -d

```

This will run both containers in **detached mode**. The `server` container hosts the Node.js API on port `3000`, while the `nginx` container listens on ports `80` (HTTP) and `443` (HTTPS).

### 5. Nginx Configuration

Nginx is set up to:

1. Redirect all HTTP traffic to HTTPS 🔄

2. Act as a reverse proxy for the Node.js API 🖥️

Make sure to replace `yourdomain.com` with your actual domain (e.g., `api.example.com`) in the `nginx.conf` file.

```nginx

    server {

        listen 80;

        server_name yourdomain.com www.yourdomain.com;

        # Redirect HTTP to HTTPS

        return 301 https://$host$request_uri;

    }

    server {

        listen 443 ssl;

        server_name yourdomain.com www.yourdomain.com;

        # SSL Certificates (mounted from host)

        ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;

        ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;

        # SSL settings

        ssl_protocols TLSv1.2 TLSv1.3;

        ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384';

        ssl_prefer_server_ciphers off;

        # Security headers

        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

        add_header X-Content-Type-Options nosniff always;

        add_header X-Frame-Options DENY always;

        add_header X-XSS-Protection "1; mode=block" always;

        # Reverse proxy for backend API

        location / {

            proxy_pass http://server:3000;  # Docker container name 'server' from Docker Compose

            proxy_set_header Host $host;

            proxy_set_header X-Real-IP $remote_addr;

            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

            proxy_set_header X-Forwarded-Proto $scheme;

            proxy_set_header Cookie $http_cookie;

            proxy_cookie_path / /;

            proxy_cookie_domain server yourdomain.com;

        }

    }

```

### 6. Restart and Recovery

To ensure the containers restart automatically on failure, the `restart` policy is configured to `unless-stopped` in the `compose.yaml` file:

```yaml

services:

  server:

    restart: unless-stopped

  nginx:

    restart: unless-stopped

```

This guarantees that both the API and Nginx containers will automatically restart unless manually stopped.

### 7. Accessing the API

Once the containers are running, you can access the API at:

```

https://api.example.com

```

Test the authentication and other endpoints using tools like **Postman** or **Insomnia** to send requests to the API. 🔑

### 8. Stopping the Containers

To stop the containers, run the following command:

```bash

docker compose down

```

This command will stop and remove the containers, but leave the data volumes intact.

---

## 📑 API Documentation

The full API documentation for this project is available through Postman. You can view the documentation, including detailed information about all available endpoints, request/response formats, and usage examples by clicking the link below:

[**Auth API Documentation**](https://documenter.getpostman.com/view/40182248/2sAYQUqZXM) 📖

---

## 📜 License

This project is licensed under the **MIT License**. See the [LICENSE](LICENSE) file for details. 📄