This is a session-based authentication system built using Express.js and MongoDB. It includes secure authentication, user management, and developer utilities.
- User authentication (via password or OTP)
- Secure session management with
express-sessionand Redis - User email and password update
- Developer tools for testing login methods and OTP generation
- Swagger documentation for API exploration
-
Redis: This project requires Redis for session storage. Make sure Redis is installed and running on your system.
-
Node.js: Install Node.js (version 14 or higher).
-
MongoDB: Ensure MongoDB is installed and running.
-
Clone the repository:
git clone https://github.com/mohsen104/Session-Based-Authentication.git cd Session-Based-Authentication -
Install dependencies:
npm install
-
Create a
.envfile in the root directory and configure the following environment variables:NODE_ENV PORT MONGO_URI COOKIE_PARSER_SECRET_KEY JWT_SECRET_KEY SESSION_SECRET_KEY
-
Start the application:
-
Development mode:
npm run dev
-
Production mode:
npm start
-
The API is documented using Swagger and can be accessed at:
http://localhost:3000/api-docs
- Base URL:
http://localhost:3000/api - Tags:
User: Routes for user authentication and managementDev: Developer utilities
npm run dev: Run the app in development mode usingnodemon.npm start: Run the app in production mode.
-
Production:
express: Web frameworkexpress-session: Session managementconnect-redis: Redis session storemongoose: MongoDB object modelingbcryptjs: Password hashinghelmet: Security headerscors: Cross-origin resource sharing
-
Development:
dotenv: Environment variable managementnodemon: Development server reloaderswagger-jsdoc: API documentation generatorswagger-ui-express: Swagger UI for documentation