npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

express-jwt-authenticator

v1.1.15

Published

express-jwt-authenticator is a powerful and secure Node.js authentication package that simplifies the implementation of JSON Web Token (JWT) based authentication in your applications. It provides a robust and flexible solution for user registration, login

Downloads

29

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

madhukrishnamadhukrishna

Keywords

jwtauthenticationregisterloginprotectverify email

Readme

express-jwt-authenticator

express-jwt-authenticator is a powerful and secure Node.js authentication package that simplifies the implementation of JSON Web Token (JWT) based authentication in your applications. It provides a robust and flexible solution for user registration, login, and protected route management, ensuring a seamless and secure user experience.

Provides you Methods for registration, login, user account deletion, password change,email sending method, password verification through email and a middleware for protecting other routes named protect.

Installation

To integrate express-jwt-authenticator into your Node.js project, install it via npm:

npm install express-jwt-authenticator

Configuration

Before using express-jwt-authenticator, make sure to set up the following environment variables in your project in .env file:

JWT_SECRET=your_jwt_secret                           # Secret key used to sign JWT tokens
JWT_EXPIRES_IN=7d                                    # Expiry time for JWT tokens (e.g., "1d", "2h")
[email protected]                    # Email address for sending verification emails
EMAIL_PASS=your_email_password_or_app_password       # Password or app-specific password for the above email
HOST=http://localhost:8000                           # Base URL for your application
EMAIL_VERIFICATION_ROUTE=verify-email               # Route for email verification link
LOGIN_URL=https://www.instagram.com/                #Login page link of your application
CONNECTION_STRING=`your database connection string` #connection url for mongodb

Sample Usage

1. Make sure, your express application is running and is successfully connected to the database

2. Use the Authentication Methods in Your Express App/Sample Usage

Integrate the provided authentication functions into your Express application by setting up routes as shown below:

const express = require("express");
const app = express();

app.use(express.json()); // Middleware to parse JSON bodies
const {
  initiateRegistration,
  completeRegistration,
  login,
  protect,
  deleteUserAccount,
  changePassword,
} = require("express-jwt-authenticator");

// Adding Config File Contents to process
require("dotenv").config({ path: "./config.env" });

const PORT = process.env.PORT || 8000;
const CONNECTION_STRING = process.env.CONNECTION_STRING;

const connectDb = require("./db.js");

// Load environment variables from .env file
require("dotenv").config();

// Database Connection
connectDb(CONNECTION_STRING);

// Route to initiate user registration
app.post("/initiateRegistration", initiateRegistration);

// Route to complete registration (typically through email verification)
app.get(
  `/${process.env.EMAIL_VERIFICATION_ROUTE}/:token`,
  completeRegistration
);

// Route to login and obtain a JWT token
app.post("/login", login);

// Route to change the user's password (protected)
app.post("/change-password", protect, changePassword);

// Route to delete the authenticated user's account (protected)
app.delete("/delete", protect, deleteUserAccount);

// Example of a protected route that only authenticated users can access
app.get("/myroute", protect, (req, res) => {
  res.send("Protected route, only authenticated users can access this.");
});

app.listen(PORT, () => {
  console.log(`Application listening on port ${PORT}`);
});

3. Connectdb function for database connection

const mongoose = require("mongoose");

const connectDb = (CONNECTION_STRING) => {
  mongoose
    .connect(CONNECTION_STRING)
    .then((conn) => {
      console.log(
        `Database connection successful on link : ${CONNECTION_STRING}`
      );
    })
    .catch((err) => {
      console.log("There was a problem while connecting to the database", err);
    });
};

module.exports = connectDb;

Documentation for Functions

initiateRegistration

  • Description: Initiates the user registration process by generating a verification email.
  • Method: POST
  • Route: /initiateRegistration
  • Request Body:
    • email (string, required): The email address of the user.
    • password (string, required): The password for the user account.
  • Response:
    • Success:
      • status: "success"
      • message: "Verification email sent successfully. Please check your email."
    • Failure:
      • status: "fail"
      • message: Detailed error message explaining the failure.

Example Request:

{
  "email": "[email protected]",
  "password": "securePassword123"
}

completeRegistration

This route would be hit by the user through the link sent to him on his/her email for verification.

  • Description: Completes the registration process by verifying the email and creating the user.
  • Method: POST
  • Route: /completeRegistration
  • Request Body:
    • token (string, required): The email verification token sent to the user's email.
  • Response:
    • Success:
      • status: "success"
      • message: "User account created successfully."
    • Failure:
      • status: "fail"
      • message: "Invalid or expired verification token."

login

  • Description: Logs in a user with their email and password to obtain a JWT token.
  • Method: POST
  • Route: /login
  • Request Body:
    • email (string, required): The email address of the user.
    • password (string, required): The password for the user account.
  • Response:
    • Success:
      • token (string): JWT token for authenticated access.
      • status: "success"
    • Failure:
      • status: "fail"
      • error: Detailed error message explaining the failure.

Example Request:

{
  "email": "[email protected]",
  "password": "securePassword123"
}

changePassword

  • Description: Changes the password for the authenticated user.
  • Method: POST
  • Route: /changePassword
  • Request Body:
    • oldPassword (string, required): The current password of the user.
    • newPassword (string, required): The new password to be set for the user account.
  • Response:
    • Success:
      • status: "success"
      • message: "Password updated successfully."
    • Failure:
      • status: "fail"
      • message: Detailed error message explaining the failure.

Example Request:

{
  "oldPassword": "currentPassword123",
  "newPassword": "newSecurePassword456"
}

deleteUserAccount

  • Description: Deletes the account of the authenticated user.
  • Method: DELETE
  • Route: /deleteUserAccount
  • Request Headers:
    • Authorization (string, required): JWT token in the format "Bearer <token>" for authentication.
  • Response:
    • Success:
      • status: "success"
      • message: "User account deleted successfully."
    • Failure:
      • status: "fail"
      • message: Detailed error message explaining the failure.

Example Request:

DELETE /deleteUserAccount
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Adding protect Middleware

To secure routes that require authentication, use the protect middleware before defining your route handlers. This ensures that only authenticated users can access protected routes.

Example Usage:

const express = require("express");
const app = express();
const {
  protect,
  login,
  deleteUserAccount,
} = require("express-jwt-authenticator");

// Example: Protecting a route that requires authentication
app.get("/protectedRoute", protect, (req, res) => {
  res.json({ message: "This is a protected route!" });
});

// Example: Using protect with other functions
app.post("/login", login);
app.delete("/deleteUserAccount", protect, deleteUserAccount);

// Start the server
const PORT = process.env.PORT || 3000;
app.listen(PORT, () => {
  console.log(`Server is running on port ${PORT}`);
});

sendMail

  • Description: Sends an email using the Gmail SMTP service. Useful for sending verification emails, notifications, and other communications.
  • Function Call: sendMail(from, to, subject, text,from,password/app password, html)
  • Parameters:
    • from (string, required): The email address of the sender.
    • to (string, required): The email address of the recipient.
    • subject (string, required): The subject line of the email.
    • text (string, required): The plain text version of the email content.
    • from (string, required): The email address of the sender.
    • app password/password (string,required): The password or the app password of the email.
    • html (string, optional): The HTML version of the email content.
  • Returns: A Promise that resolves when the email is successfully sent.

Example Usage:

const { sendMail } = require("express-jwt-authenticator");

// Example function to send an email through a protected route
  app.get("/myroute", protect, async (req, res) => {
    try {
      await sendMail(
        process.env.EMAIL_USER, // from
        "[email protected]", // to
        "Welcome to our application", // subject
        `Hello user, We appreciate your interest in our application, and that's really nice of you. Thankyou!`, // text
        process.env.EMAIL_USER, //from
        process.env.EMAIL_PASS  //app password, email password
      );
      console.log("email sent successfully.");
    } catch (error) {
      console.error("Error sending email:", error);
    }
    return res.send(
      "Protected route, only authenticated users can access this."
    );
  });
};