A secure user authentication system built with Node.js, Express, and MongoDB.
- User Registration: Users can create an account by providing necessary information (username, email, password). The system securely stores user data in a MongoDB database and hashes passwords using bcrypt.
- User Login: Users can log in using their credentials (username/email and password). Upon successful login, the backend generates a JSON Web Token (JWT) containing relevant user information.
- Protected Routes: Logged-in users can access protected routes. A session is maintained using JWT.
- Data Validation: Proper data validation is implemented on the server-side to ensure data integrity.
- Security: User input is sanitized to prevent vulnerabilities like Cross-Site Scripting (XSS).
- URL:
/api/auth/register
- Method:
POST
- Body:
{ "username": "yourusername", "email": "[email protected]", "password": "yourpassword" }
- Response:
201 Created
: User registered successfully.400 Bad Request
: Validation error (e.g., username already exists, missing fields).
- URL:
/api/auth/login
- Method:
POST
- Body:
{ "email": "[email protected]", "password": "yourpassword" }
- Response:
200 OK
: Login successful, returns a JWT token.400 Bad Request
: Validation error (e.g., incorrect password, missing fields).404 Not Found
: User not found.
- URL:
/api/auth/protected-route
- Method:
GET
- Headers:
x-auth-token
: JWT token
- Response:
200 OK
: Access granted.401 Unauthorized
: Access denied, token missing or invalid.
-
Clone the repository:
git clone https://github.com/your-username/your-repository.git
-
Navigate into the project directory:
cd your-repository
-
Install dependencies:
npm install
-
Set up environment variables:
Create a
.env
file in the root directory and add the following:PORT=5000 MONGO_URI=your_mongodb_connection_string JWT_SECRET=your_jwt_secret
-
Start the server:
nodemon app.js
- Node.js
- Express
- MongoDB
- Mongoose
- bcrypt
- JWT
- Express-validator
- XSS Protection: Implemented using
express-validator
to sanitize user inputs and prevent Cross-Site Scripting (XSS) attacks.
- Fork the repository.
- Create your feature branch (
git checkout -b feature/AmazingFeature
). - Commit your changes (
git commit -m 'Add some AmazingFeature'
). - Push to the branch (
git push origin feature/AmazingFeature
). - Open a pull request.
E-mail - [email protected]