Skip to content
/ express-auth Public

Implementation of authentication with jwt for express application. Please view README for available APIs

License

View license
12 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sudeepgumaste/express-auth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

50 Commits
src
src
 
 
.babelrc
.babelrc
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

Express Authenticaiton using JWT

How to use

  • Run this commands in terminal to install the dependencies

    npm install

  • Create a .env file with following

    PORT=[number that you wish the server to run on]
DB_URI=[mongo db URI]

ACCESS_TOKEN_SECRET=[secret key to sign access token with]

REFRESH_TOKEN_SECRET=[secret key to sign refresh token with]

VERIFY_TOKEN_SECRET=[secret key to sign email verification token with]

HOSTED_URL=[url where server is hosted on]

MAIL_ID=[Gmail ID to send verification mails from]
MAIL_PASSWORD=[Gmail app password]

  • Add verifyToken function from resources/auth/auth.middleware.js as middleware for protected routes

Dependencies

  • express - REST API Framework
  • @hapi/joi - Input validation
  • bcrypt - Password hashing
  • cors - Enable CORS
  • dotenv - Configuring environment variables
  • jsonwebtoken - JWT Authorisation
  • mongoose - MongoDB ODM
  • nodemailer - Send email
  • redis - Client to connect to redis server

Other dependencies

  • Redis

    User objects are cached in redis store for 15min or until they've been verified

    Installation files can be found here:

Scripts available

  • To start development server 
    npm run-script watch
  • To compile a production build 
    npm run-script build
  • To compile and start the server 
    npm run-script start

APIs available

  • POST /api/auth/register

    • Headers content-type: application/json
    • Body 
      {
    "email" : "test@example.com",
    "password" : "password",
    "name" : "testUser1"
}
    • Response 
      {
     "msg": "Verification link has been sent to your email"
}
    • Lifetime of access token is 5 min. Send the refresh token to get new access token

  • POST /api/auth/login

    • Headers content-type: application/json
    • Body 
      {
    "email" : "test@example.com",
    "password" : "password",
    "name" : "testUser1"
}
    • Response 
      {
    "accessToken" : "access token",
    "refreshToken" : "refresh token"
}

  • POST /api/auth/logout

    • Headers content-type: application/json authorization : Bearer [ Token ]
    • Body 
      None
    • Response
      • Status 204 on success 500 oterwise

  • POST /api/auth/refresh

    • Headers content-type: application/json
    • Body 
      {
    "token" : "User's refresh token"
}
    • Response 
      {
    "accessToken": "new access token"
}

  • GET /api/auth/:verifyToken

    • Headers 
      none
    • Body 
      none
    • Response 
      {
    "msg" : "account verified"
}

About

Implementation of authentication with jwt for express application. Please view README for available APIs

Topics

redis jwt express authentication auth authorization hacktoberfest protected-resources express-authorizations

Resources

Readme

License

View license
Activity

Stars

12 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages