API for managing users including registration, login, profile updates, and role-based access, etc. Built with Node.js, Express.js, MongoDB/Mongoose, and documented via Swagger. Designed for internal usage (Computer Science program, BINUS University International), but portable to any environment.
- Production base URL: https://csbi-users.csbihub.id/api/user
- Development base URL: http://localhost:5000/api/user
Swagger is configured in
utils/swagger.jsand points at the base paths above.
- Runtime: Node.js
- Framework: Express.js
- Database & ODM: MongoDB with Mongoose
- Auth: JSON Web Tokens (JWT), bcrypt
- Docs: Swagger (OpenAPI 3) via swagger-jsdoc + swagger-ui-express
- Security: helmet, cors, cookie-parser, dompurify + jsdom
- Email: nodemailer
- Dev Tooling: nodemon, dotenv
- CI/CD and Deployment: GitHub Actions and Cloudflare Tunnel
- Containerization: Docker
See package.json for full dependency list.
- User registration & authentication
- Passwords hashed with
bcrypt - JWT-based authentication (Bearer tokens)
- Passwords hashed with
- Role-based access with flexible role array:
- 0 = user
- 1 = admin
- 2 = staff
- etc...
- Profile management
- Personal Info: binusian_id, name, email, password, address, phone, bio, role, avatar, status
- Social Links: YouTube, Instagram, Facebook, Twitter, GitHub, Website
- Security
helmetfor HTTP headerscorswith configurable originscookie-parserfor cookie usage- Input sanitization via
dompurify+jsdom
- Email Support
- Verification & notification emails via
nodemailer
- Verification & notification emails via
- API Documentation
- OpenAPI 3 with
swagger-jsdoc+swagger-ui-express
- OpenAPI 3 with
- Developer Friendly
- .env config via
dotenv - Hot reload with
nodemon - Docker-ready
- CI/CD via GitHub Actions
- .env config via
-
Use Case Diagram:
-
Class Diagram:
- Activity and Sequence Diagram: Click here
- Use Case Model Document Report: Click here
- NodeJS v18 or above
- npm v9 or above
- MongoDB v6 or above
git clone https://github.com/Juwono136/REST_API_BUI_users_auth
cd user-management-apinpm installCreate .env file in project root:
PORT = 5000
CONNECTION_URL = MONGODB_URI
DB_NAME = YOUR_DABATASE_NAME
DEFAULT_CLIENT_URL = http://localhost:5173 #DEFAULT PORT (VITE)
INTERNET_SERVER = http://localhost:SERVER_PORT
NODE_ENV = production # OR DEVELOPMENT
REFRESH_TOKEN_SECRET = YOUR_REFRESH_TOKEN_SECRET
ACCESS_TOKEN_SECRET = YOUR_ACCESS_TOKEN_SECRET
ACTIVATION_TOKEN_SECRET = YOUR_ACTIVATION_TOKEN_SECRET
DOCKER_USERNAME = YOUR_DOCKER_HUB_USERNAME
DOCKER_PASSWORD = YOUR_DOCKER_HUB_PASSWORD
TUNNEL_NAME = YOUR_TUNNEL_NAME #CLOUDFLARE
EMAIL_USER = YOUR_EMAIL_HOST
EMAIL_PASSWORD = YOUR_GENERATE_TOKEN_PASSWORD
- Setting up GitHub Actions Runner on a remote server as a self-hosted
- Deploy application using Docker (Dockerfile)
# Base image
FROM node:alpine3.20
# Set working directory
WORKDIR /app
# Copy package files and install dependencies
COPY package.json ./
RUN npm install
# Copy application files
COPY . .
# Expose the application port (server_port)
EXPOSE 5000
# Command to run the application
CMD ["npm", "start"]- Save all secret variables from the .env file into GitHub Actions "Secrets and variables".
- Create a CI/CD Pipeline in the project folder (
.github/workflows/cicd.yml)
name: CI/CD Pipeline RestAPI Users
on:
push:
branches:
- master
paths-ignore:
- "README.md"
pull_request:
branches:
- master
jobs:
continuous-integration:
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Login to Docker Hub
run: docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
- name: Build Docker Image
run: docker build -t juwono136/restapi-users .
- name: Publish Image to Docker Hub
run: docker push juwono136/restapi-users:latest
continuous-deployment:
needs: continuous-integration
runs-on: self-hosted
steps:
- name: Pull image from docker hub
run: docker pull juwono136/restapi-users:latest
- name: Stop and Delete Old Container
run: |
docker stop restapi-users-container || true
docker rm restapi-users-container || true
- name: Run Docker Container
run: |
docker run -d \
-p 5000:5000 \
--name restapi-users-container \
--restart always \
-e PORT=${{ secrets.PORT }} \
-e CONNECTION_URL='${{ secrets.CONNECTION_URL }}' \
-e DB_NAME='${{ secrets.DB_NAME }}' \
-e DEFAULT_CLIENT_URL='${{ secrets.DEFAULT_CLIENT_URL }}' \
-e INTERNET_SERVER='${{ secrets.INTERNET_SERVER }}' \
-e NODE_ENV='${{ secrets.NODE_ENV }}' \
-e REFRESH_TOKEN_SECRET='${{ secrets.REFRESH_TOKEN_SECRET }}' \
-e ACCESS_TOKEN_SECRET='${{ secrets.ACCESS_TOKEN_SECRET }}' \
-e ACTIVATION_TOKEN_SECRET='${{ secrets.ACTIVATION_TOKEN_SECRET }}' \
-e EMAIL_USER='${{ secrets.EMAIL_USER }}' \
-e EMAIL_PASSWORD='${{ secrets.EMAIL_PASSWORD }}' \
juwono136/restapi-users
- name: Add Container to Tunnel
run: docker network connect ${{secrets.TUNNEL_NAME}} restapi-users-container- Push the project to Github repository as usual.
- Check the Actions tab in the GitHub repository to see the deployment process.
API Documentation is available at: https://csbi-users.csbihub.id/users/api-docs/
- Strong password hashing with bcrypt
- JWT expiration & refresh token flow
- Input sanitization to prevent XSS
- CORS configured for trusted domains only
- Helmet middleware for secure HTTP headers
- Two-factor authentication (2FA)
- Refresh token rotation & revocation
- GraphQL support
This project his open to contributions! (especially for Binusian Students)
- Found a bug? Open an issue.
- Have an idea? Suggest it here.
- Want to help with code? See the Contributing Guide.
Every little bit helps β thanks for supporting this project π
- Juwono (https://github.com/Juwono136)
- Ida Bagus Kerthyayana Manuaba (https://github.com/bagzcode)