Skip to content

ravirajbhardwaj/authentication

BranchesTags

Repository files navigation

🔐 Robust Authentication System GitHub Repo stars

A modern authentication system with features like secure password handling, email support, file uploads, and middleware-protected routes.

⚙️ Tech Stack

Node.js Express PostgreSQL Prisma Neon Cloudinary Nodemailer JWT Zod Pino

📚 Additional Documentation

Authentication Guide

Detailed documentation on how the authentication system works, including middleware usage, token management, and error handling.

Learning Resources

A curated list of resources to help you understand the technologies used in this project, such as Node.js, Express, MongoDB, and JWT.

🛠️ Installation

1. Clone the repository

git clone https://github.com/ravirajbhardwaj/authentication.git
cd authentication

2. Install dependencies

npm install

3. Set up environment variables

This project requires setting up environment variables and generating key pairs for authentication.

  1. Create a .env file in the root directory by copying the .env.example file:
cp .env.example .env
  1. Create a secrets directory at the root of the project:
mkdir secrets
  1. Inside the secrets directory, create two files:
  • private.pem: This will store the private key.
  • public.pem: This will store the public key.

  1. Generate a public and private key pair. You can use the following command to generate them: ✅ 1. Generate Private Key (private.pem)

    openssl genpkey -algorithm RSA -out private.pem -pkeyopt rsa_keygen_bits:2048
    • -algorithm RSA → We are using RSA algorithm.
    • rsa_keygen_bits:2048 → Sets key size to 2048 bits (standard secure size).
    • This generates private.pem.
    • The private key is used to sign the JWTs, ensuring that only the server can create valid tokens.
    • The private key should be kept secret and secure, as it is used to sign the JWTs.

    ✅ 2. Extract Public Key (public.pem) from Private Key

    openssl rsa -pubout -in private.pem -out public.pem
    • -pubout → Extracts the public key from the private key.
    • -in private.pem → Specifies the input file (private key).
    • -out public.pem → Specifies the output file (public key).
    • This generates public.pem.
    • The public key is derived from the private key, allowing you to share it without compromising security.
    • The private key should be kept secret and secure, while the public key can be shared with anyone who needs to verify the JWTs signed with the private key.
    • The public key is used to verify the JWTs, ensuring that they were signed by the server and have not been tampered with.

  1. Use the following commands to run the project:

    Development mode

    pnpm run dev

    Production mode

    pnpm start

📦 Postman Collection

📥 Use the Postman collection below to test all the available APIs:

Run In Postman

Import the collection into Postman and set the environment variables like server_url, etc.

✨ Author & License License: MIT

Ravi Raj Bhardwaj

Built with ❤️ to simplify auth flows and speed up backend development.

About

Build secure, scalable authentication systems

Topics

jwt oauth2 authentication oidc authentication-system autherization

Resources

Readme

License

View license

Contributing

Contributing
Activity

Stars

3 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages