Skip to content

weihanchen/user-authentication-nodejs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

130 Commits
client
client
 
 
public
public
 
 
server
server
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
Procfile
Procfile
 
 
app.json
app.json
 
 
package.json
package.json
 
 
readme.md
readme.md
 
 

Repository files navigation

Nodejs user authentication sample base on json web token

Build Status Coverage Status Dependency Status devDependencies Status

A nodejs server api for user authentication and use react to design frontend

Demo Site

Heroku Deployment

You can quickly setup a sample heroku application by clicking the button below.

Deploy

Requirement

System Environment Variables

  • PORT
  • SECRET_KEY
  • MONGO_CONNECTION

Install dependence packages

$ cd server
$ npm install
$ cd ../client
$ npm install

client react documentation

Config

  • server/config/database.js database and jwt secret configuration, default using system variables
  1. secret - jwt auth secret
  2. database - database connection

Packages

  1. Mongoose - mongodb object modeling
  2. Simple JWT - token use
  3. Morgan - HTTP request logger middleware for node.js
  4. moment - date parse
  5. bcrypt-nodejs - ecrypt password

Step

General config

  1. edit server/config/database.js or system variable for MONGO_CONNECTIONSECRET_KEY - database connection and jwt secret
  2. edit server/config/initial.js - super admin account and role's permissions
  3. export API_ENDPOINT with system variable, allow client connection with server endpoint.

Start with development

  1. server development: npm run dev:server
  2. client development: npm run dev:client, default port 8080

Production build and run

  1. npm run build:client
  2. npm start

initial users and rols step

  1. post /api/initialize to create roles and super admin account
  2. post api/users - create new account
  3. post api/users/login - login and get jwt token then frontend can store this token to use other api
  4. use request header: {Authorization: (jwt token)} when use other api

Authentication

Check token valid

  • /api/users/logout

Check token valid and expired

  • /api/users/:id
  • /api/users/me

Permissions(roles)

  • admin

    • delete - other users and roles
    • get - all users and roles
    • post - user and role
    • put - all users and other user's role

  • user

    • delete - self
    • get - self
    • post - signup
    • put - self but cannot update role

Documentation

  • request header - Authorization (json web token)

  • api - api root

  • api/initialize

    post - create roles and admin user

  • api/users

    post - create new user

  • api/users/login

    post - login and get jwt token

  • api/users/me

    get - get current user info

  • api/users/:id

    delete - delete user

    get - get user info

    put - update username、displayName only superadmin can update other user's role

API Test

  • npm install --dev
  • npm run test:server

To Do

  • admin dashboard
  • edit role name
  • edit password
  • add more test case for permissions
  • add business logic extension framework document
  • add swagger ui

About

A nodejs server api for user authentication and permissions

Topics

redux nodejs es6 reactjs user-auth jwt-secret

Resources

Readme
Activity

Stars

9 stars

Watchers

3 watching

Forks

8 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages