JWT-user-authentication-API-bolilerplate
Express JSON API with JWT user authentication.
Installation
npm install
Usage
npm run dev
will start a development server with nodemon
npm run prod
will start NODE_ENV=production
production server
File structure
โโโ app
โ โโโ controllers
โ โ โโโ user.js # Exports functions to use in routers
โ โโโ logs # Contains all the logs
โ โโโ models # Contains all models
โ โ โโโ User.js # User model
โ โโโ routes # contains all routes
โ โ โโโ api # where /api/ routes are stored
โ โ โ โโโ index.js # separates public from private routes with a middleware
โ โ โ โโโ private.js # contains all private routes
โ โ โ โโโ public.js # contains all public routes
โ โ โโโ index.js # where / routes are stored
โ โโโ translations # message translations
โ โโโ server.js # where the server starts and routes for the root path
โ โโโ utils.js # useful functions used in the entire application
โโโ config.js # where all JWT, Winston, Mongoose,... config goes
โโโ index.js # entry point, where mongoose connects to mongodb
โโโ public # public directory, should be used for serving static assets
โ โโโ index.html
Static routes
/
will serve files from /public
Public Routes
POST /api/user/register
Parameters:
email
uniquefirst_name
last_name
password
POST /api/user/login
Parameters:
email
password
Returns:
user
user objecttoken
jwt token
Private Routes
In order to access private routes you MUST pass the token
parameter that is given when logging in.
GET /api/user
- Returns the user from the database, useful for refreshing user data.
POST /api/user
- Updates user data
Parameters:
Any user field that you want to update, _id
, meta
and __v
will be ignored.
POST /api/user/checkpassword
- Returns true if the provided password is the same as the user's one
Parameters:
password
Current user password that you want to check.
DELETE /api/user
- Deletes the user
Examples
Login example
fetch('http://localhost:3000/api/user/login', {
method: 'POST',
body: JSON.stringify({
email: '[email protected]',
password: 'thepassword'
}),
headers: {
'Content-Type': 'application/json'
},
})
.then(res => res.json())
.then(res => {
if(res.success){ // {success: true, user: {...}, token: "..."}
localStorage.setItem('token', res.token);
localStorage.setItem('user', JSON.stringify(res.user)); // *optional*
}else{ // {success: false, message: "..."}
console.log(res.message);
}
})
.catch(error => {
// some server error
console.log("Error connecting to server: " + error);
});
Update user
fetch('http://localhost:3000/api/user', {
method: 'POST',
body: JSON.stringify({
token: localStorage.getItem('token'),
first_name: 'Jomajino'
}),
headers: {
'Content-Type': 'application/json',
}
})
.then(res => res.json())
.then(res => {
if(res.success){ // {success: true}
//update the user in local storage
let user = JSON.parse(localStorage.getItem('user'));
user.first_name = 'Jomajino';
localStorage.setItem('user', JSON.stringify(user));
}else{ // {success: false, message: "..."}
console.log(res.message);
}
})
.catch(error => {
// some server error
console.log("Error connecting to server: " + error);
});
Traslations helper library: Polylang