Thanks for visiting my GitHub account!
There are several authentication types. For user identity, users are typically identified with a user ID; authentication occurs when the user provides credentials, such as a password, that match their user ID.
Web Authentication is a web standard published by the World Wide Web Consortium. WebAuthn is a core component of the FIDO2 Project under the guidance of the FIDO Alliancesee-more
- User/Admin Registration Process
- Login with Manually/Facebook
- Login with Manually/Google.
- Verify using JWT Token
- For verification Send Mail to the user Email.
- Crud Operation
- POST / -> search the blog (Admin/User)
- POST /search-blogs -> search the blog (Admin/User)
- GET /:id -> get single blog
- POST / -> create a blog (Admin)
- DELETE /:id -> delete a blog (Admin)
- PUT /:id -> update a blog (Admin)
- VS Code, Download ->https://code.visualstudio.com/download
- Node, Download-> https://nodejs.org/en/download
- MongoDB Shell(msi) , Download-> https://www.mongodb.com/try/download/shell
- MongoDB Compass (msi), Download-> https://www.mongodb.com/try/download/community
- Postman, Download-> https://www.postman.com/downloads/
Or Online Database (MongoDB Atlas)
- Register -> https://www.mongodb.com/cloud/atlas/register
-
Install Node.js
-
To verify installation into command form by node -v
-
For initialization npm write the query in the command window as npm init -y
-
Setup the opening file into the package.json and change the file with main:'server.js'
-
To create a server using the express package then write a query into the command window as npm install express. Write code in the server file for initialization const express = require("express"); const app = express(); app.listen(3000, () => { console.log("Server is running at http://localhost:3000"); });
-
Install the nodemon package for automatically running the server as- npm i --save-dev nodemon (For Developing purpose)
-
setup the package.json file in the scripts key, write "scripts": { "start": "node ./resources/backend/server.js", "dev": "nodemon ./resources/backend/server.js", "test": "echo "Error: no test specified" && exit 1" },
-
use the Morgan package for automatic restart. Hence install the morgan package as npm install --save-dev morgan (Development purpose) Write code in the server file for initialization const morgan = require("morgan"); app.use(morgan("dev")); --> Middlewire.
-
Install Postman software for API testing by the URL endpoint.
-
Install Mongobd + MongobdCompass and Mongoshell (For Database)
- Install Mondodb + Mongodb Compass and Mongodb Shell download from the google.
- Set up Environment Variable in drive:c/program file
- Create a directory in the base path of the c drive named data. Inside the data directory create another folder db.
- Write the command in the CMD window as Mongod. And write the other command in the other CMD window as mongosh.
- Then Check the version as mongod --version and mongosh --version.
- Install mongoose package as npm i mongoose
- Create an atlas account. In the atlas account create a cluster that have a user(as atlas admin) and network access with any access IP address.
- Connect the database using URL from the atlas cluster or local Mongodb compass using the mongoose package as mongoose. connect('mongodb://localhost:27017/database-name);
- Clone project in your local machine
- Run the command in the root directory (Client)
cd client
npm install
npm start
- Run the command in the root directory using another terminal (Server)
cd server
npm install
npm start
- Visit project in your browser using path ->
http://localhost:8000
- Step-1: Setup .env file in the server folder
SERVER_PORT=8080
MONGODB_URL=
JWT_ACCOUNT_ACTIVATION_KEY=
JWT_RESET_PASSWORD_KEY=
JWT_ACCESS_TOKEN_KEY=
JWT_REFRESH_TOKEN_KEY=
SMTP_USERNAME=YOUR_GMAIL_HERE
SMTP_PASSWORD=
CLIENT_URL=
SESSION_SECRET=
GOOGLE_CLIENT_ID=
GOOGLE_CLIENT_SECRET=
- Step-2: Setup for secrect key
require("dotenv").config();
const dev = {
db: {
mongoURL:
process.env.MONGODB_URL || "mongodb://127.0.0.1:27017/database-name",
},
app: {
port: process.env.SERVER_PORT || 8000,
jwtAccountActivationKey: process.env.JWT_ACCOUNT_ACTIVATION_KEY,
jwtResetPasswordKey: process.env.JWT_RESET_PASSWORD_KEY,
jwtAcessTokenKey: process.env.JWT_ACCESS_TOKEN_KEY,
jwtRefreshTokenKey: process.env.JWT_REFRESH_TOKEN_KEY,
smtpUsername: process.env.SMTP_USERNAME,
smtpPassword: process.env.SMTP_PASSWORD,
clientUrl: process.env.CLIENT_URL,
googleClientId: process.env.GOOGLE_CLIENT_ID,
googleClientSecret: process.env.GOOGLE_CLIENT_SECRET,
},
};
module.exports = dev;-
/test -> health check (D)
- setup morgan
- create responseHandler - errorResponse, successResponse
- handle http errors
- test from Postman
-
/seed -> seeding some data (D)
- crate dummy data
- store in database
-
/api/users
- POST /register -> create the user account (D)
- get multi-part form data from the request body using multer
- input validation check -> presence, image size, user exist
- password hashing with bcrypt
- create a jwt for storing user data temporarily
- send email with nodemailer (SMPTP gmail username, password)
- POST /activate -> activate the user account (D)
- get the jwt from request
- check existance of jwt
- verify the jwt & decode the data
- create & save the new user
- GET /profile -> get the user account (D)
- get the id from request body
- findById()
- send response based on user found or not
- handle the mongoose Cast error
- DELETE /:id -> delete the user account (D)
- get the id from request body
- findById(id)
- if found delete the image from the server folder
- findByIdAndDelete(id)
- clear the cookies
- send response
- PUT /:id -> update the user account (D)
- get the data from request body and params
- create filter, updates, options
- check image exist -> image size -> change updates
- findByIdAndUpdate(filter, updates, options)
- if user was updated then send response
- PUT /update-password/:id -> update the password
- aa
- POST /forget-password -> forget the password
- PUT /reset-password -> reset the password
- PUT /ban/:id -> ban the user
- PUT /unban/:id -> unban the user
- GET - Admin - /all-users -> get all users including search & pagination (D)
- get data from request body
- search users using regex
- include pagination
- send response
- POST /register -> create the user account (D)
-
/api/auth (JWT Auth)
- POST /login -> isLoggedOut -> user login (D)
- middlewares: validateUserLogin, runValidation using express-validator, isLoggedOut
- extract request body
- check user's existance
- compare the password & return response
- check user is banned & return response
- create jwt token with an expiry time
- create http only cookie with less time
- POST /logout -> isLoggedIn -> user logout (D)
- clear the cookie
- send the response
- GET /refresh -> get refresh token (D)
- get old access token from cookie
- verify old token
- if verified - clear exisitng cookie, create refresh token (new token), cookie, return refresh token
- POST /login -> isLoggedOut -> user login (D)
-
Middleware
- isLoggedIn (D)
- isLoggedOut
- isAdmin
- uploadFile
- getRefreshToken
- userValidation
-
/api/blogs
- POST / -> search the blog (Admin/User)
- POST /search-blogs -> search the blog (Admin/User)
- GET /:id -> get single blog
- POST / -> create a blog (Admin)
- DELETE /:id -> delete a blog (Admin)
- PUT /:id -> update a blog (Admin)
-
package that we will need
npm install express cors http-errors multer body-parser bcrypt jsonwebtoken nodemailer cookie-parsernpm install --save-dev morgan nodemon
