NestJS Authentication Demo with AuthToken and RefreshToken, MongoDB as Database and PassportJS as Authentication Middleware Library
- NestJS
- ExpressJS
- MongoDB
- PassportJS(JWT)
- argon2
Frontend - NextJS(Next-Auth) - https://github.com/manojsethi/next-auth-demo
You can replace the file env.example to .env in your local environment and replace the values with real values
You can create the secret keys with the below little utility
node -e "console.log(require('crypto').randomBytes(48).toString('hex'))"
OR
node -e "console.log(require('crypto').randomBytes(48).toString('base64'))"
npm i
npm run start:dev
API can be listened at localhost 3000
POST /auth/signup
Parameter | Type | Description |
---|---|---|
name |
string |
Required. Name of the person signing up |
email |
string |
Required. Email of the person signing up |
password |
string |
Required. Password of the person signing up |
Password is hashed and saved in the db.
Example
{
"name": "Manoj",
"email": "manojsethi@manojsethi.com",
"password": "MyRandomPassword"
}
GET /auth/signin
Parameter | Type | Description |
---|---|---|
email |
string |
Required. Email of the person signing in |
password |
string |
Required. Password of the person signing in |
Example
{
"email": "manojsethi@manojsethi.com",
"password": "MyRandomPassword"
}
POST /auth/signin
Parameter | Type | Description |
---|---|---|
email |
string |
Required. Email of the person signing in |
password |
string |
Required. Password of the person signing in |
Example
{
"email": "manojsethi@manojsethi.com",
"password": "MyRandomPassword"
}
After you are logged in you need to set the Authorization Header with the value of Bearer {{AccessToken}} in order to access the further API
GET /auth/refresh
NOTE You need to pass Authorization Header with Bearer {{RefreshToken}} (RefreshToken received in signin request) to get the new pair of tokens.
GET /auth/logout
NOTE You need to pass Authorization Header with Bearer {{AccessToken}} (AccessToken received in signin request) as Logout is a secured route and is authenticated by AccessToken.
GET /users
GET /users/:id
PATCH /users/:id
Parameter | Type | Description |
---|---|---|
name |
string |
Optional Name of the person |
email |
string |
Optional Email of the person |
password |
string |
Optional Password of the person |
Example
{
"email": "manojsethi@manojsethi.com",
"password": "MyRandomPassword"
}
DELETE /users/:id
I'm a full stack developer working with Javascript Technologies. I have experience with
- NodeJS
- NestJS
- TypeScript
- ReactJS
- NextJS
- Docker
- Kubernetes
- AWS/Digital Ocean/GCP
- NGINX
- GraphQL