This MERN project has 2 directories.
Before ANY command, ALWAYS check if you are in the correct directory!
client- the React.js app front-endserver- the Node.js, MongoDB, Express.js back-end
A small responsive web application, where a user can sign up (required are email, username, password), log in (required are email, password), and once logged in/verified, are greeted by a welcome screen that offers the possibility to log out.
MERN stack is used.
MongoDB and NoSQL database on MongoDB Atlas. Express.js framework for/in Node.js to benefit from out of the box functionality. React.js library for the client-side. Node.js runtime environment for the server-side.
- User Authentication (verification, validation of user credentials) & Authorization (access to particular areas of application, depending on level of authorization) with JSON Web Token
- bcrypt is used for password hashing
- at sign up, check will be done if user already exists (if email exists)
- if not, user will be created, token will be created
- at log in, check will be done if user already exists (if email exists)
- password will be compared (database <-> input)
- token will be created
- user will be logged in and redirected to simple welcome view
bcrypt- for password hashingcookie-parser- middleware, to handle cookie-based sessionscors- middleware, to enable Cross-Origin Resource Sharing for an Express.js applicationdotenv- to configure and separate data that is NOT supposed to be committed (environment variables)express- Node.js framework of choicejsonwebtoken- to create and verify JSON Web Tokensmongoose- to create the data model and to connect to the database on MongoDB Atlasnodemon- to automatically restart Node.js whenever a change has been made to the code
react- React.js and all of the depencencies coming withnpx create-react-appreact-cookie- universal cookies for React, handles cookie-based sessionsreact-router-dom- to enable client-side routingreact-toastify- to add (temporaryly ugly) notificationsaxios- HTTP client for Node.js and the browser
- clone project
- as there's a
package.jsoninclientAND apackage.jsoninserveryou need tocdinto each directory and runnpm installin each one of them - beware of the
.envfile which is not committed; you won't have theMONGODB_URI,PORTandTOKEN_KEYvariables and you won't have the assigned values so the project won't work unless you set these values (see below to get an idea how to set up your.envfile) cdintoserverfirst to start it withnpm start(will listen on port 4000)cdintoclientsecond to start it withnpm start(will open on http://localhost:3000 and immediately redirect to http://localhost:3000/login)- stop server/s with
ctrl c
Project has been coded along to https://www.freecodecamp.org/news/how-to-secure-your-mern-stack-application
Heads-up, in case you also want to code along, the freecodecamp tutorial is quite error prone. Along with generally wrong tutorial code, the following should be taken into consideration:
- you cannot create the
clientfolder as it is described- you need to create this folder by running
npx create-react-app client clientthen is the folder/project name
- you need to create this folder by running
.gitignoreneeds to be moved to the parent folderreact-auth-app- to successfully push EVERYTHING to a GitHub repo
- explanation how/why is missing
- you should have experiences with
- MongoDB, MongoDB Atlas
- how to set up a free cluster and an (empty! you don't need content upfront!) database
- otherwise following the tutorial is difficult
- the neutral example code shown in the tutorial how to connect to your MongoDB Atlas database is wrong
- needs to be as shown below (at time of writing)
- PLEASE REPLACE CONTENT BETWEEN
<s and>s WITH YOUR OWN MONGODB DATA!
mongodb+srv://<username>:<password>@<clustername>.<randomcharactersgeneratedbymongodb>.mongodb.net/<databasename>?retryWrites=true&w=majority
- explanation regarding the
.envfile is bad and incomplete- it is not mentioned that this file of course NEEDS to be
.gitignored - it is not mentioned how to handle
TOKEN_KEY, so this keeps the app from running successfully - basically something as shown below (at time of writing) is needed
- PLEASE REPLACE CONTENT BETWEEN
<s and>s WITH YOUR OWN MONGODB DATA!
- it is not mentioned that this file of course NEEDS to be
// .env file
MONGODB_URI = "mongodb+srv://<username>:<password>@<clustername>.<randomcharactersgeneratedbymongodb>.mongodb.net/<databasename>?retryWrites=true&w=majority"
PORT = 4000
TOKEN_KEY = Secret
- one should have experiences with Postman, otherwise following the tutorial is difficult
- deploy the React app on GitHub pages