# nodejsAuth **Repository Path**: zhangyo/nodejsAuth ## Basic Information - **Project Name**: nodejsAuth - **Description**: nodejsAuth - **Primary Language**: Unknown - **License**: Not specified - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 0 - **Created**: 2025-11-04 - **Last Updated**: 2025-11-05 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # NODEJS AUTH ## init - npm init -y - Automatically generates package.json - index.js => project entry - npm i modules - express - jsonwebtoken - bcryptjs - dotenv - mysql2/mongoose - npm i nodemon --save --dev ```json "scripts": { "dev": "nodemon src/index.js", "test": "echo "Error: no test specified" && exit 1" }, ``` ## Create folders & files - src/index.js - src/config - src/controllers - src/middlewares - src/routes - src/models - modify index.js ```js const express = require('express'); const dotenv = require('dotenv').config(); const app = express(); //middleware app.use(express.json()); //routes //start the server const PORT = process.env.PORT || 7002; app.listen(PORT, () => { console.log(`Listening on port ${PORT}`); }) ``` ## Modify .env ``` PORT=7001 JWT_SECRET=your-jwt-secret CONNECT_STRINGS=mongodb+srv://dbUser:@cluster0.rseogki.mongodb.net/?appName=Cluster0 ``` ## Create src/config/dbConnect.js ```js // --run-- --no-worker-- const mongoose = require('mongoose'); const dbConnect = async () => { try { const connect = await mongoose.connect(process.env.CONNECT_STRINGS) console.log(`Database Connected : ${connect.connection.host},${connect.connection.port}`); } catch (err) { console.error(err); process.exit(1); } } module.exports = dbConnect; ``` ## Modify src/index.js ```js // --run-- --no-worker-- const express = require('express'); const dotenv = require('dotenv').config(); const dbConnect = require('./config/dbConnect'); dbConnect(); const app = express(); //middleware app.use(express.json()); //routes //start the server const PORT = process.env.PORT || 7002; app.listen(PORT, () => { console.log(`Listening on port ${PORT}`); }) ``` ## Add src/routes/authRoutes.js ```js // --run-- --no-worker-- const express = require('express'); const router = express.Router(); router.post('/register', register); router.post('/login', login); module.exports = router; ``` ## Add src/controllers/authController.js ```js // --run-- --no-worker-- const register = (req, res) => { } const login = (req, res) => { } module.exports = { register, login, } ``` ## Add src/models/userModel.js ```js // --run-- --no-worker-- const mongoose = require('mongoose'); const userSchema = new mongoose.Schema({ username: { type: String, required: true, unique: true, }, password: { type: String, required: true, }, role: { type: String, required: true, enum: ['admin', 'manager', 'user'], } }, { timestamps: true }); module.exports = mongoose.model('User', userSchema); ``` ## Modify src/controllers/authController.js ```js // --run-- --no-worker-- const User = require('../models/userModel'); const jwt = require('jsonwebtoken'); const bcrypt = require('bcryptjs'); const register = async (req, res) => { try { const {username, password, role} = req.body; const hashedPassword = await bcrypt.hash(password, 10); const newUser = new User({username, password:hashedPassword, role}); console.log(newUser); await newUser.save(); res.status(201).json({message: `User registered with username ${username}`}); } catch (err) { res.status(500).json({message: `something went wrong: ${err}`}); } } const login = async (req, res) => { try { const {username, password} = req.body; const user = await User.findOne({username}); if (!user) { return res.status(404).json({message: `Invalid credentials`}); } const isMatch = await bcrypt.compare(password, user.password); if (!isMatch) { return res.status(400).json({message: `User with username ${username} does not exist`}); } // From mongoDB const token = jwt.sign( {id:user._id,role:user.role}, process.env.JWT_SECRET, {expiresIn: '1h'} ); res.status(200).json({token}); }catch(err) { res.status(500).json({message: `something went wrong: ${err}`}); } } module.exports = { register, login, } ``` ## Modify src/index.js ```js // --run-- --no-worker-- const express = require('express'); const dotenv = require('dotenv').config(); const dbConnect = require('./config/dbConnect'); const authRoutes = require('./routes/authRoutes'); dbConnect(); const app = express(); //middleware app.use(express.json()); //routes app.use('/api/auth', authRoutes); //start the server const PORT = process.env.PORT || 7002; app.listen(PORT, () => { console.log(`Listening on port ${PORT}`); }) ``` ## Test - http://localhost:7001/api/auth/register - Method:POST - Content-type:application/json ```json { "username":"kevin", "password":"123456", "role":"user" } ``` - http://localhost:7001/api/auth/login - Method:POST - Content-type:application/json ```json { "username":"kevin", "password":"123456", } ``` - success response: token string ## Add src/routes/userRoutes.js ```js // --run-- --no-worker-- const express = require('express'); const router = express.Router(); // Only admin can access this router router.get('/admin', (req, res) => { res.json({message: 'Welcome Administrador'}); }) // Both admin and manager can access this router router.get('/manager', (req, res) => { res.json({message: 'Welcome Manager'}); }) // All can access this router router.get('/user', (req, res) => { res.json({message: 'Welcome User'}); }) module.exports = router; ``` ## Modify src/index.js ```js // --run-- --no-worker-- const express = require('express'); const dotenv = require('dotenv').config(); const dbConnect = require('./config/dbConnect'); const authRoutes = require('./routes/authRoutes'); const userRoutes = require('./routes/userRoutes'); dbConnect(); const app = express(); //middleware app.use(express.json()); //routes app.use('/api/auth', authRoutes); app.use('/api/users', userRoutes); //start the server const PORT = process.env.PORT || 7002; app.listen(PORT, () => { console.log(`Listening on port ${PORT}`); }) ``` ## Add src/middlewares/authMiddleware.js ```js // --run-- --no-worker-- const jwt = require('jsonwebtoken'); const verifyToken = (req, res, next) => { let token; let authHeader = req.headers.Authorization || req.headers.authorization; if (authHeader && authHeader.startsWith('Bearer ')) { token = authHeader.split(" ")[1]; if (!token) { res.status(401).json({message: 'No token, authorization denied'}); } try{ const decode = jwt.verify(token, process.env.JWT_SECRET); req.user = decode; console.log("The decoded user is :", req.user); next(); }catch(err){ res.status(400).json({message: 'Token is invalid'}); } }else { res.status(400).json({message: 'Token is invalid'}); } }; module.exports = verifyToken; ``` ## Update src/routes/userRoutes.js ```js // --run-- --no-worker-- const express = require('express'); const verifyToken = require('../middlewares/authMiddleware'); const router = express.Router(); // Only admin can access this router router.get('/admin', verifyToken, (req, res) => { res.json({message: 'Welcome Administrador'}); }) // Both admin and manager can access this router router.get('/manager', verifyToken, (req, res) => { res.json({message: 'Welcome Manager'}); }) // All can access this router router.get('/user', verifyToken, (req, res) => { res.json({message: 'Welcome User'}); }) module.exports = router; ``` ## Test token - http://localhost:7001/api/users/admin - http://localhost:7001/api/users/manager - http://localhost:7001/api/users/user - Method：GET - Header:Authorization :Bearer tokenStrings ## Add src/middlewares/roleMiddleware.js ```js // --run-- --no-worker-- const authorizeRoles = (...allowedRoles) => { return (req, res,next) => { if (!allowedRoles.includes(req.user.role)) { return res.status(403).send({message: 'Access denied'}); } next(); } } module.exports = authorizeRoles; ``` ## Update src/routes/userRoutes.js ```js // --run-- --no-worker-- const express = require('express'); const verifyToken = require('../middlewares/authMiddleware'); const authorizeRoles = require('../middlewares/roleMiddleware'); const router = express.Router(); // Only admin can access this router router.get('/admin', verifyToken,authorizeRoles("admin"), (req, res) => { res.json({message: 'Welcome Administrador'}); }) // Both admin and manager can access this router router.get('/manager', verifyToken,authorizeRoles("admin","manager"), (req, res) => { res.json({message: 'Welcome Manager'}); }) // All can access this router router.get('/user', verifyToken,authorizeRoles("admin","manager","user"), (req, res) => { res.json({message: 'Welcome User'}); }) module.exports = router; ``` ## Test Roles - http://localhost:7001/api/users/admin - http://localhost:7001/api/users/manager - http://localhost:7001/api/users/user - Method：GET - Header:Authorization :Bearer tokenStrings