|
| 1 | +# Express PostgreSQL API |
| 2 | +The Express PostgreSQL API is make a secure and reliable API use to Login, Registration and Verify USER. |
| 3 | + |
| 4 | +## Getting started |
| 5 | +### Requirements |
| 6 | +- [Node](https://nodejs.org/en/ "Node") |
| 7 | +- [PostgreSQL ](https://www.postgresql.org/ "PostgreSQL ") |
| 8 | +- [OpenSSL](https://wiki.openssl.org/index.php/Binaries "OpenSSL") |
| 9 | + |
| 10 | +### Create Database |
| 11 | + |
| 12 | +First, You need to create a database in PostgreSQL. after that, you need to create 2 tables in that. |
| 13 | + |
| 14 | +the query of tables are following. |
| 15 | + |
| 16 | +##### 1. Client Table |
| 17 | +This table stores information about users like Name, Email, Phone Number, etc. |
| 18 | + |
| 19 | +```sql |
| 20 | +CREATE TABLE public.clienttable |
| 21 | +( |
| 22 | + c_id serial NOT NULL PRIMARY KEY, |
| 23 | + fname character varying(50) NOT NULL, |
| 24 | + lname character varying(50) NOT NULL, |
| 25 | + username character varying(50) NOT NULL, |
| 26 | + email character varying(355) NOT NULL, |
| 27 | + cnumber character varying(355) NOT NULL, |
| 28 | + varified boolean NOT NULL, |
| 29 | + created_on timestamp without time zone NOT NULL, |
| 30 | + last_login timestamp without time zone, |
| 31 | + tccheck boolean NOT NULL, |
| 32 | + password_expiry boolean, |
| 33 | + salt character varying NOT NULL, |
| 34 | + hash character varying NOT NULL |
| 35 | +) |
| 36 | +``` |
| 37 | +##### 2. User Activity |
| 38 | +In this table is stored activity of the user when the user Login, make Registration, Change Password. |
| 39 | + |
| 40 | +```sql |
| 41 | + CREATE TABLE public.user_activity |
| 42 | +( |
| 43 | + a_id serial NOT NULL PRIMARY KEY, |
| 44 | + c_id integer NOT NULL, |
| 45 | + login_ip inet NOT NULL, |
| 46 | + activity character varying NOT NULL, |
| 47 | + activity_datetime timestamp without time zone NOT NULL, |
| 48 | + CONSTRAINT c_id |
| 49 | + FOREIGN KEY(c_id) |
| 50 | + REFERENCES clienttable(c_id) |
| 51 | + ) |
| 52 | +``` |
| 53 | + |
| 54 | +### Generating keys using OpenSSL |
| 55 | + |
| 56 | +Now you need to create Private and Public Key to generate a Token. |
| 57 | + |
| 58 | +For that first you need to create `Key` Folder in root |
| 59 | + |
| 60 | +1 .Generate an RSA private key, of size 2048, and output it to a file named private.key: |
| 61 | +```shell |
| 62 | +openssl genrsa -out key/private.key 2048 |
| 63 | +``` |
| 64 | + |
| 65 | +2 .Extract the public key from the key pair, which can be used in a certificate: |
| 66 | +```shell |
| 67 | +openssl rsa -in key/private.key -outform PEM -pubout -out key/public.key |
| 68 | +``` |
| 69 | + |
| 70 | +Note: make sure both key `private.key` and `public.key` save in `key` folder. |
| 71 | + |
| 72 | +### Install API |
| 73 | + |
| 74 | +Now you need to install API. For Installation, you need to follow the below steps. |
| 75 | + |
| 76 | +##### Step 1: get the goodies |
| 77 | +Note: if you don't have git, you can download a zip file of the project instead. |
| 78 | + |
| 79 | +```shell |
| 80 | +git clone https://github.com/jsuyog2/express-postgresql-api.git api |
| 81 | +cd api |
| 82 | +npm install |
| 83 | +``` |
| 84 | +##### Step 2: add your configuration |
| 85 | + |
| 86 | +Add your Postgres connection information to config/index.json.txt and rename it index.json. Information on the config options can be found [here](https://github.com/jsuyog2/express-postgresql-api/blob/master/config/README.md "here"). |
| 87 | + |
| 88 | +##### Step 3: fire it up! |
| 89 | +```shell |
| 90 | +npm start |
| 91 | +``` |
| 92 | + |
| 93 | +## Architecture |
| 94 | + |
| 95 | +### Due credit |
| 96 | + |
| 97 | +The real credit for this project goes to the great folks behind the following open source softwares and modules: |
| 98 | + |
| 99 | +#### Softwares |
| 100 | +- [PostgreSQL](https://www.postgresql.org/ "PostgreSQL") |
| 101 | +- [OpenSSL](https://wiki.openssl.org/index.php/Binaries "OpenSSL") |
| 102 | +- [Express](https://expressjs.com/ "Express") |
| 103 | +- [JWT Token](https://jwt.io/ "JWT Token") |
| 104 | + |
| 105 | +### How it works |
| 106 | + |
| 107 | +The core of the project is [Express](https://expressjs.com/ "Express"). |
| 108 | + |
| 109 | +> Express.js, or simply Express, is a back end web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs. It has been called the de facto standard server framework for Node.js. |
| 110 | +
|
| 111 | +All routes are stored in the `routes` folder and are automatically loaded on start. Check out the [routes readme](routes/README.md) for more information. |
| 112 | + |
| 113 | +[OpenSSL](https://wiki.openssl.org/index.php/Binaries "OpenSSL") is used for the generation of private and public keys. |
| 114 | + |
| 115 | +> OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end. It is widely used by Internet servers, including the majority of HTTPS websites. |
| 116 | +
|
| 117 | +OpenSSL is using to encrypt JWT Temporary Token. For generation of keys read documentation [Generating keys using OpenSSL](https://github.com/jsuyog2/express-postgresql-api#generating-keys-using-openssl "Generating keys using OpenSSL"). |
| 118 | + |
| 119 | +Data securely transmitting information using [JWT Token](https://jwt.io/ "JWT Token") |
| 120 | + |
| 121 | +> JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA. |
| 122 | +
|
| 123 | +Once the user is logged in, each subsequent request will include the JWT, allowing the user to access routes, services, and resources that are permitted with that token. JWT Token is secured using public/private key pairs. |
| 124 | + |
| 125 | +#### Modules |
| 126 | +- [pbkdf2-password](https://www.npmjs.com/package/pbkdf2-password "pbkdf2-password") |
| 127 | +- [NODEMAILER](https://nodemailer.com/about/ "NODEMAILER") |
| 128 | +- [request-ip](https://www.npmjs.com/package/request-ip "request-ip") |
| 129 | + |
| 130 | +Password is secure and hashed using [pbkdf2-password](https://www.npmjs.com/package/pbkdf2-password "pbkdf2-password") |
| 131 | + |
| 132 | +> Easy salt/password creation for Node.js. |
| 133 | +
|
| 134 | +Sends a mail to user for verification or change password using [NODEMAILER](https://nodemailer.com/about/ "NODEMAILER"). |
| 135 | + |
| 136 | +> Nodemailer is a module for Node.js applications to allow easy as cake email sending. |
| 137 | +
|
| 138 | +Retrieving IP address of user for encryption Login JWT Token using [request-ip](https://www.npmjs.com/package/request-ip "request-ip"). |
| 139 | + |
| 140 | +> A tiny Node.js module for retrieving a request's IP address. |
0 commit comments