This project implements a secure user authentication system using Node.js, Sequelize, PostgreSQL, and JWT. It allows users to register, log in, and refresh their access tokens through a RESTful API. The system includes robust input validation, password hashing with bcrypt, and token management using JWT. The authentication process is structured into services, controllers, and routes for modularity and scalability. Secure access is provided through short-lived access tokens and long-lived refresh tokens. This solution is designed to handle common authentication workflows with an emphasis on security and performance.
This project implements a basic authentication system with user registration, login, and token refresh functionality using JWT and Sequelize. It utilizes PostgreSQL as the database and includes features such as password hashing with bcrypt and secure token management.
- Project Setup
- Authentication Resource
- Security and Validation
- Testing the Endpoints
- Project Structure
project/
├── controllers/ # Contains the controllers for handling requests
│ └── authController.js # Manages user authentication-related actions
├── models/ # Contains Sequelize models
│ └── user.js # User model definition
├── routes/ # Contains route definitions
│ └── authRoute.js # Authentication routes
├── services/ # Contains the service logic
│ └── authService.js # Business logic for user registration, login, and token refresh
├── migrations/ # Contains Sequelize migrations
├── config/ # Configuration files (e.g., database configuration)
├── .env # Environment variables for the app
├── package.json # Project dependencies and scripts
└── server.js # Entry point for the applicationYou will need the following:
- A Neon account and a project
- Node.js and npm
- Clone this repository.
git clone https://github.com/engraya/auth-project/tree/main- Navigate to the project directory and install the dependencies.
cd guide-neon-sequelize
npm install- Create a
.envfile in the root of the project and add the following environment variables:
DATABASE_URL=
NODE_ENV=development
DATABASE_URL=postgresql://yourusername:yourpassword@localhost:5432/yourdatabase
APP_PORT=3000
JWT_SECRET_KEY=yoursecretkey
JWT_EXPIRES_IN=1h
JWT_REFRESH_SECRET_KEY=yourrefreshsecretkey
JWT_REFRESH_EXPIRES_IN=30d
JWT_SECRET_KEY=
JWT_EXPIRES_IN=- Run the migrations using Sequelize.
npx sequelize db:migrate- Start the server.
node server.js- Visit
http://localhost:3000in your browser to see the list of authors and books. Or use curl to access the api from the terminal.
- The README now correctly reflects the auth endpoints (`/auth/register`, `/auth/login`, `/auth/refresh-token`) instead of the previous author and book endpoints.
- The `curl` examples are updated to match your authentication endpoints and their usage.