Skip to content

GiorgiMakharadze/paseto-auth-nodejs-express

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
public
public
 
 
src
src
 
 
.dockerignore
.dockerignore
 
 
.env.example
.env.example
 
 
.eslintignore
.eslintignore
 
 
.eslintrc.js
.eslintrc.js
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
.prettierrc
.prettierrc
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 
package.json
package.json
 
 
tsconfig.json
tsconfig.json
 
 
yarn-error.log
yarn-error.log
 
 
yarn.lock
yarn.lock
 
 

Repository files navigation

Paseto authentication API

License: MIT

This is PASETO Auth API build with, Node.js, Express.js, MongoDB, Docker, Redis and more.

🚀 Features

🔐 User Authentication and Authorization

  • User Registration, Login, Logout, Password Reset, verify token, refresh token
  • Implementation of PASETO and CSRF for secure and stateless user authentication
  • Role-based access control for distinguishing between Admin and User roles

👮‍♂️ Admin Management

  • CRUD operations for parking zone management
  • Granting admin privileges
  • Deleting User

🛡️ Security

  • Implementation of CSRF Tokens
  • Defense against Cross-Site Scripting
  • Secure HTTP headers and rate limiting to prevent abuse
  • Utilization of Helmet to secure Express apps by setting HTTP response headers
  • Password hashing

💡 Getting Started

DOCS

When running app visit /api/v1/docs

Prerequisites

Installation Steps

  1. Clone the Repository
git clone https://github.com/GiorgiMakharadze/paseto-auth-nodejs-express.git
  1. Create dotenv file as shown in .env.example
NODE_ENV=dev
PORT=8000
MONGO_PATH=mongodb://localhost:27017/paseto-auth
CSRF_SECRET=safgawskgf29tasignaskgnaskg29ghoiasghnasiogh290THOIH5908HU6afd5229ASGFWGOPK405Y9adsoedihjnosehppkprehj0w43409ja0gj2-tpjpojg03yjf

REDIS_URL=redis://localhost:6379

[email protected]
[email protected]

#AWS
AWS_ACCESS_KEY_ID=Sfsdf2Dpcx
AWS_SECRET_ACCESS_KEY=asgasgkagjaopgj+stg3423QAafcpdgowpotgkps |
AWS_REGION=us-east-1
  1. run docker compose build
  2. run docker compose up
  3. You can use API
  4. The API is now ready for use! Remember, the API employs CSRF protection. First, make a GET request to /csrf-token, then include the received token in the headers of your API calls as x-csrf-token: value. This is crucial as, without the correct token, you are restricted to making only GET requests.
  5. If you wan to shut down run docker compose down
  6. If an issue arises and docker-compose build does not execute successfully, it is recommended to run npm install as an initial step before attempting to run docker-compose build again. This ensures that all the necessary Node.js dependencies are installed, potentially resolving any errors related to missing packages.

About

No description or website provided.

Topics

nodejs docker redis mongodb expressjs paseto

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages