My first npm package about authentication

christosmito

christosmito

Posted on April 27, 2021

My first npm package about authentication

Intro

I have been coding in Express and Mongodb about 1,5 years now and on every project I have built up until now I had to write the same code again and again in order to implement the authentication. Repetition is something we, as programmers, hate. So, for that reason I decided to make my own authentication package in order to implement the authentication flow and the DRY principle.

Implementation

This npm package was built to be used with Express and Mongodb. The authentication is based on jwt. In addition, sendgrid was used to implement the reset password functionality for sending an email with the reset token link.

Usage

This package offers the below functionalities:

  • signup
  • login
  • logout
  • update password
  • forgot password

Let's see how easily we can use this package:
First we need to install the express-auth-flow package with this command

npm install express-auth-flow
or
yarn add express-auth-flow
Enter fullscreen mode Exit fullscreen mode

Then we need to create a user model with the name of our choice and create at least these fields(the names must be exactly the same) as shown below:

  • email
  • username
  • password

Below is demonstrated a simple example using mongoose(it is highly recommended to validate all the fields)

//Model file userModel.js

const mongoose = require("mongoose");

const { Schema } = mongoose;

const userSchema = new Schema({
    email: String,
    username: String,
    password: String
});

module.exports = mongoose.model("User", userSchema);
Enter fullscreen mode Exit fullscreen mode

Now in your router file you must require your user's model you created above, the express-auth-flow package and make routes as below. The paths and the names must be exactly the same in order the package to recognize them. The email for the forgot password functionality are sent via sendgrid and you have to create a free account and then create an api key. An example is shown below:

//Router file userRoutes.js

const express = require("express');

const User = require("The path to your user model");

const auth = require("express-auth-flow");

const router = express.Router();

//Only for forgot password functionality
const options = {
    apiKey: "your sendgrid api key",
    from: "your email that you verified on sendgrid",
    text: "The raw message",
    html: "The html formatted message"
};

router.post("/signup", auth("User").signup);
router.post("/login", auth("User").login);
router.post("/logout", auth("User").logout);
router.post("/update-password", auth("User").updatePassword);
router.post("/forgot-password", auth("User, options").forgotPassword);
router.post("/reset-password/:token", auth("User").resetPassword);

module.exports = router;
Enter fullscreen mode Exit fullscreen mode

Finally lets analyze the inputs that are expected from every router

/signup

The signup functionality is expect the below input:
email, username, password, confirmPassword

/login

The login functionality is expect the below input:
email, password

/logout

No input

/updatePassword:

email, password, newPassword, confirmNewPassword

/forgot-password

email

/reset-password/:token

password, confirmPassword

Notice

The forgot password functionality works like this:
First the user goes to /forgot-password route and fills the
email, password, newPassword, confirmNewPassword inputs. Then an email is sent to the provided email with a reset token link that is valid for 10 minutes and when the user redirects to this link must provide the password and the confirmPassword in order to save new password.

In the near future I am going to release a video tutorial on how to use this package

Thanks for your time and feel free to write any feedback.
contact me at this email: christosglx@hotmail.com

💖 💪 🙅 🚩
christosmito
christosmito

Posted on April 27, 2021

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related