Express JWT Server Authentication

Table of contents

• Instalation
• API References
  • Auth endpoints
    • /api/auth/signup
    • /api/auth/signin
    • /api/auth/revoke
  • User endpoints
    • /api/user/me
    • /api/user/settings
    • /api/user/settings/username
    • /api/user/settings/username
    • /api/user/settings/password
• Error Handling - TODO
• Types - TODO

Installation

Install with npm

git clone https://github.com/pawix135/express-jwt-auth.git
cd express-jwt-auth
npm install

Change .env.example in the root of the directory to .env and replace variables with corresponding values.

NODE_ENV=<ENVIRONMENT_TYPE> # production | development
PORT=<SERVER_PORT> # 8080
JWT_ACCESS_SECRET=<ACCESS_TOKEN_SECRET> # openssl rand -base64 32
JWT_REFRESH_SECRET=<REFRESH_TOKEN_SECRET> # openssl rand -base64 32
DATABASE_URL=<DATABASE_URL> # Your Postgres database provider url

Geneare Prisma types and create migration.

npx prisma generate
npx prisma migrate dev --name init

Run development server

npm run dev

Build and run - TODO

npm run build
node ./dist/server.js

Database

The Prisma ORM is built on top of Postgres database. Right now there's only one model.

model User {
  id Int @id @default(autoincrement())
  username String @unique
  hash String
  email String? @unique
}

API References

Auth endpoints

/api/auth/signup

Create new user account

Request

POST /api/auth/signup HTTP/1.1
Content-Type: application/json

Request body

interface AuthSignUpBody {
  username: string;
  password: string;
}

Response

interface AuthSignUpResponse {
  auth: boolean,
  error?: APIError;
}

/api/auth/signin

Signs in user and sets authorization header for access token(30min) and cookie for refresh token(30 days).

Request

POST /api/auth/signin HTTP/1.1
Content-Type: application/json

Request body

interface AuthSignInBody {
  username: string;
  password: string;
}

Response

interface AuthSignUpResponse {
  access_token: string;
  auth: boolean;
  error?: APIError;
}

/api/auth/revoke

Revoke access token

Request

POST /api/auth/revoke HTTP/1.1
Content-Type: application/json
Cookie: <refresh_token>

Response

interface AuthRevokeResponse {
  access_token: string;
  auth: boolean;
  error?: APIError;
}

User endpoints

/api/user/me

Return user

Request

GET /api/user/me HTTP/1.1
Authorization: Bearer <access_token>

Response

interface UserMeResponse {
  ok: boolean;
  me: User;
  error?: APIError;
}

/api/user/settings

Update selected user settings

Request

POST /api/user/settings HTTP/1.1
Authorization: Bearer <access_token>

Request body

interface UserChangeSettingsBody{
  username?: string;
  email?: string;
  password?: string;
}

Response

interface UserChangeSettingsResponse {
  ok: boolean;
  success: boolean;
  error?: APIError;
}

/api/user/settings/username

Update user username

Request

POST /api/user/settings/username HTTP/1.1
Authorization: Bearer <access_token>

Request body

interface UserChangeUsernameBody{
  username: string;
}

Response

interface UserChangeUsernameResponse {
  ok: boolean;
  success: boolean;
  error?: APIError;
}

/api/user/settings/username

Update user email

Request

POST /api/user/settings/email HTTP/1.1
Authorization: Bearer <access_token>

Request body

interface UserChangeEmailBody{
  email: string;
}

Response

interface UserChangeEmailResponse {
  ok: boolean;
  success: boolean;
  error?: APIError;
}

/api/user/settings/password

Update user password

Request

POST /api/user/settings/password HTTP/1.1
Authorization: Bearer <access_token>

Request body

interface UserChangePasswordBody{
  password: string;
}

Response

interface UserChangePasswordResponse {
  ok: boolean;
  success: boolean;
  error?: APIError;
}