A secure user authentication system built with Node.js, Express, MongoDB, and JWT (JSON Web Tokens).
- User registration and login
- Password hashing with bcrypt
- JWT-based authentication
- MongoDB database integration
- CORS support
- Environment variable configuration
- Node.js - JavaScript runtime
- Express.js - Web application framework
- MongoDB - NoSQL database
- Mongoose - MongoDB object modeling
- JWT (jsonwebtoken) - Token-based authentication
- bcrypt - Password hashing
- dotenv - Environment variable management
- CORS - Cross-Origin Resource Sharing
Before running this project, make sure you have:
- Node.js (v14 or higher)
- MongoDB installed and running
- npm or yarn package manager
- Clone the repository:
git clone https://github.com/KUNDANIOS/user-auth-system-.git
cd user-auth-system-- Install dependencies:
npm install- Create a
.envfile in the root directory:
JWT_SECRET=your-secret-key-change-in-production
JWT_EXPIRY=24h
MONGODB_URI=mongodb://localhost:27017/auth-system
PORT=5000-
Update the configuration values:
- Replace
JWT_SECRETwith a strong, unique secret key - Update
MONGODB_URIwith your MongoDB connection string - Adjust
PORTif needed
- Replace
-
Make sure MongoDB is running on your system
Start the server:
npm startFor development with auto-restart:
npm run devThe server will start on http://localhost:5000 (or your specified PORT).
- Open your browser and go to
http://localhost:5000 - You'll see the authentication interface
- Try registering a new user and then logging in
Test Registration:
curl -X POST http://localhost:5000/api/auth/register \
-H "Content-Type: application/json" \
-d '{"username":"testuser","email":"test@example.com","password":"Test123456"}'Test Login:
curl -X POST http://localhost:5000/api/auth/login \
-H "Content-Type: application/json" \
-d '{"email":"test@example.com","password":"Test123456"}'Test Protected Route (use token from login response):
curl -X GET http://localhost:5000/api/auth/profile \
-H "Authorization: Bearer YOUR_JWT_TOKEN_HERE"Successful Registration:
{
"message": "User registered successfully",
"userId": "507f1f77bcf86cd799439011"
}Successful Login:
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"user": {
"id": "507f1f77bcf86cd799439011",
"username": "testuser",
"email": "test@example.com"
}
}POST /api/auth/register
Content-Type: application/json
{
"username": "string",
"email": "string",
"password": "string"
}POST /api/auth/login
Content-Type: application/json
{
"email": "string",
"password": "string"
}GET /api/auth/profile
Authorization: Bearer <token>user-auth-system/
├── node_modules/
├── .env
├── .gitignore
├── package.json
├── package-lock.json
├── server.js
├── index.html
└── README.md
- Passwords are hashed using bcrypt with salt rounds
- JWT tokens for stateless authentication
- Environment variables for sensitive data
- CORS configuration for cross-origin requests
| Variable | Description | Default |
|---|---|---|
| JWT_SECRET | Secret key for JWT signing | Required |
| JWT_EXPIRY | Token expiration time | 24h |
| MONGODB_URI | MongoDB connection string | Required |
| PORT | Server port number | 5000 |
- Fork the repository
- Create your feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
This project is licensed under the MIT License.
KUNDANIOS
- Express.js documentation
- MongoDB documentation
- JWT.io for token debugging
- bcrypt library for secure password hashing