This project is a Node.js-based API for user authentication and organisation management. It allows users to register, log in, manage their profile, and create or join organisations. The API is built with Express, PostgreSQL, and JWT for authentication.
- Features
- Technologies
- Installation
- Environment Variables
- Usage
- API Endpoints
- Testing
- Deployment
- User registration and login
- Password hashing with bcrypt
- JWT-based authentication
- Organisation creation and management
- Adding users to organisations
- Protected routes for authenticated users
- PostgreSQL integration with Sequelize
- Node.js
- Express
- PostgreSQL
- Sequelize
- JWT (jsonwebtoken)
- bcryptjs
To set up this project locally, follow these steps:
- Clone the repository:
git clone https://github.com/your-username/user-auth-system.git
cd user-auth-system
- Install dependencies:
npm install
- Create a
.envfile in the root directory and add your environment variables:
POSTGRES_URL=postgresql://[user].jlycnshtlrukiymtppel:[password]@aws-0-us-east-1.pooler.supabase.com:6543/[db-name]
JWT_SECRET=your_jwt_secret
- Start the server:
node server.js
The server should now be running on http://localhost:5000
The following environment variables are required:
MONGO_URI: MongoDB connection stringJWT_SECRET: Secret key for JWT
You can test the API endpoints using Postman or curl. Below are examples of how to use the endpoints.
Request Body:
{
"firstName": "John",
"lastName": "Doe",
"email": "[email protected]",
"password": "password123",
"phone": "1234567890"
}
Response:
{
"status": "success",
"message": "Registration successful",
"data": {
"accessToken": "eyJhbGciOiJIUzI1NiIsInR...",
"user": {
"userId": "d319f6fe-fbf4-454f-9c6c-56bda31488c3",
"firstName": "John",
"lastName": "Doe",
"email": "[email protected]",
"phone": "1234567890"
}
}
}
Request Body:
{
"email": "[email protected]",
"password": "password123"
}
Response:
{
"status": "success",
"message": "Login successful",
"data": {
"accessToken": "eyJhbGciOiJIUzI1NiIsInR...",
"user": {
"userId": "d319f6fe-fbf4-454f-9c6c-56bda31488c3",
"firstName": "John",
"lastName": "Doe",
"email": "[email protected]",
"phone": "1234567890"
}
}
}
Authorization: Bearer <accessToken>
Response:
{
"status": "success",
"message": "<message>",
"data": {
"userId": "string",
"firstName": "string",
"lastName": "string",
"email": "string",
"phone": "string"
}
}
Authorization: Bearer <accessToken>
Response:
{
"status": "success",
"message": "<message>",
"data": {
"organisations": [
{
"orgId": "string",
"name": "string",
"description": "string"
}
]
}
}
Authorization: Bearer <accessToken>
Response:
{
"status": "success",
"message": "<message>",
"data": {
"orgId": "string",
"name": "string",
"description": "string"
}
}
Authorization: Bearer <accessToken>
Request Body:
{
"name": "New Organisation",
"description": "This is a new organisation"
}
Response:
{
"status": "success",
"message": "<message>",
"data": {
"orgId": "string",
"name": "string",
"description": "string"
}
}
Authorization: Bearer <accessToken>
Request Body:
{
"userId": "string"
}
Response:
{
"status": "success",
"message": "User added to organisation successfully"
}
You can run the provided tests using the following command:
npx jest
- It should register user successfully with default organisation.
- It should fail if required fields are missing.
- It should fail if email is already in use.
- It should log the user in successfully.
- It should fail to log in with incorrect password.
- It should ensure token expires at the correct time and contains correct user details.
- It should ensure users can’t see data from organisations they don’t have access to.
This project is deployed on render.
- By Dev Isaac