A secure user authentication system built with Node.js, Express, and MongoDB.

• User Registration: Users can create an account by providing necessary information (username, email, password). The system securely stores user data in a MongoDB database and hashes passwords using bcrypt.
• User Login: Users can log in using their credentials (username/email and password). Upon successful login, the backend generates a JSON Web Token (JWT) containing relevant user information.
• Protected Routes: Logged-in users can access protected routes. A session is maintained using JWT.
• Data Validation: Proper data validation is implemented on the server-side to ensure data integrity.
• Security: User input is sanitized to prevent vulnerabilities like Cross-Site Scripting (XSS).

• URL: /api/auth/register
• Method: POST
• Body:

  {
    "username": "yourusername",
    "email": "[email protected]",
    "password": "yourpassword"
  }

• Response:
  • 201 Created: User registered successfully.
  • 400 Bad Request: Validation error (e.g., username already exists, missing fields).

• URL: /api/auth/login
• Method: POST
• Body:

  {
    "email": "[email protected]",
    "password": "yourpassword"
  }

• Response:
  • 200 OK: Login successful, returns a JWT token.
  • 400 Bad Request: Validation error (e.g., incorrect password, missing fields).
  • 404 Not Found: User not found.

• URL: /api/auth/protected-route
• Method: GET
• Headers:
  • x-auth-token: JWT token
• Response:
  • 200 OK: Access granted.
  • 401 Unauthorized: Access denied, token missing or invalid.

1. Clone the repository:

   git clone https://github.com/your-username/your-repository.git

2. Navigate into the project directory:

   cd your-repository

3. Install dependencies:

   npm install

4. Set up environment variables:

   Create a .env file in the root directory and add the following:

   PORT=5000
   MONGO_URI=your_mongodb_connection_string
   JWT_SECRET=your_jwt_secret
   

5. Start the server:

   nodemon app.js

• Node.js
• Express
• MongoDB
• Mongoose
• bcrypt
• JWT
• Express-validator

• XSS Protection: Implemented using express-validator to sanitize user inputs and prevent Cross-Site Scripting (XSS) attacks.

1. Fork the repository.
2. Create your feature branch (git checkout -b feature/AmazingFeature).
3. Commit your changes (git commit -m 'Add some AmazingFeature').
4. Push to the branch (git push origin feature/AmazingFeature).
5. Open a pull request.

E-mail - [email protected]