Skip to content

DIYA73/api-auth-service

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

10 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

πŸ” API Authentication Service

Production-ready authentication microservice β€” Node.js, Express, MongoDB, and JWT. User registration, login, token refresh, and role-based access control.

Node.js Express MongoDB JWT License: MIT


Features

  • User registration and login β€” email + password, hashed with bcryptjs
  • JWT access tokens β€” short-lived, sent in Authorization header
  • Refresh tokens β€” rotate tokens without requiring re-login
  • Role-based access control β€” user and admin roles with middleware guards
  • Protected routes β€” auth and role middleware applied per route
  • Clean architecture β€” controllers / middleware / models / routes separated

Project structure

api-auth-service/src/
β”œβ”€β”€ config/
β”‚   └── db.js              # MongoDB connection
β”œβ”€β”€ controllers/
β”‚   └── auth.controller.js # Register, login, refresh logic
β”œβ”€β”€ middleware/
β”‚   β”œβ”€β”€ auth.middleware.js  # JWT verification
β”‚   └── role.middleware.js  # Role-based guard
β”œβ”€β”€ models/
β”‚   └── User.js            # Mongoose user schema
β”œβ”€β”€ routes/
β”‚   β”œβ”€β”€ auth.routes.js     # /auth/*
β”‚   β”œβ”€β”€ protected.routes.js # /user/* (auth required)
β”‚   └── admin.routes.js    # /admin/* (admin role required)
└── server.js

Quick start

Prerequisites

  • Node.js 18+
  • MongoDB (local or Atlas)

1. Clone and configure

git clone https://github.com/DIYA73/api-auth-service.git
cd api-auth-service
cp .env.example .env
PORT=3000
MONGODB_URI=mongodb://localhost:27017/auth-service
JWT_SECRET=your-access-token-secret
JWT_REFRESH_SECRET=your-refresh-token-secret
JWT_EXPIRES_IN=15m
JWT_REFRESH_EXPIRES_IN=7d

2. Install and run

npm install
npm run dev      # development (nodemon)
npm start        # production

API reference

Auth routes

POST  /auth/register
Body: { "email": "user@example.com", "password": "secret", "role": "user" }

POST  /auth/login
Body: { "email": "user@example.com", "password": "secret" }
Returns: { access_token, refresh_token }

POST  /auth/refresh
Body: { "refresh_token": "..." }
Returns: { access_token }

Protected routes

GET  /user/profile         # requires valid JWT
GET  /admin/dashboard      # requires admin role

Example

# Register
curl -X POST http://localhost:3000/auth/register \
  -H "Content-Type: application/json" \
  -d '{"email":"you@example.com","password":"secret123"}'

# Login
TOKEN=$(curl -s -X POST http://localhost:3000/auth/login \
  -H "Content-Type: application/json" \
  -d '{"email":"you@example.com","password":"secret123"}' | jq -r .access_token)

# Access protected route
curl http://localhost:3000/user/profile \
  -H "Authorization: Bearer $TOKEN"

Notes

This service was built as a standalone authentication microservice. It is intended to be deployed independently and consumed by other services via HTTP or an API gateway.

License

MIT

About

πŸ” Production-ready authentication microservice with Node.js, Express, MongoDB, JWT. User registration, login, token refresh, role-based access

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors