JWT Authentication & Authorization in NodeJs/Express & MongoDB REST APIs
This application is a REST API that will enable to create a user, log in the registered user, log out a user from a single device, and log out a user from multiple devices. Using Node.js/Express and MongoDB with MongoDB Atlas, a cloud database service that hosts MongoDB databases to store our data.
JWT stands for JSON Web Token and is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed.
JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA. jwt.io/introduction/
In order to start the application and run the server which handles the authentication and authorization process you have to clone the repo into a directory and install the application's dependencies using npm or yarn
npm install
yarn
After the installation is complete run the server using the following command:
npm start
If everything goes as expected you will see a message in the terminal that the server is running at port 8000. You can change the server running in src/config.js file.
There are five available routes:
- POST /users/create
- POST /users/login
- GET /users/profile
- POST /users/logout
- POST /users/logoutall
Creates a new user
-
URL
/users/create
-
Method:
POST
-
Data Params
username [Required]
password [Required]
-
Success Response:
- Code: 200 OK
Content:{ "user": { "_id": "5e249c499899e94e6dfde811", "name": "Goo", "email": "[email protected]", "tokens": [ { "_id": "5e263647a4a67c5c7ff0694b", "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." } ] } }
- Code: 200 OK
-
Error Response:
- Code: 400 BAD REQUEST
- Code: 400 BAD REQUEST
-
Sample Call:
curl -i -X POST -d "{\"name\": \"Alan\", \"email\": \"[email protected]\", \"password\": \"ohshit\"}" -H "Content-Type: application/json" http://localhost:8000/users/login
work in progress..
work in progress..
work in progress..