Skip to content
/ authbackendpackage Public

A modular auth backend npm package built with Node.js \& JWT for user registration, login, and route protection

3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

shreyashpatel5506/authbackendpackage

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

27 Commits
.github/workflows
.github/workflows
Β 
Β 
.gitignore
.gitignore
Β 
Β 
.npmignore
.npmignore
Β 
Β 
README.md
README.md
Β 
Β 
index.js
index.js
Β 
Β 
package-lock.json
package-lock.json
Β 
Β 
package.json
package.json
Β 
Β 

Repository files navigation

πŸ” AuthBackendPackage

A flexible and plug-and-play authentication module for Node.js applications. Provides features such as OTP-based verification, JWT authentication, email verification, password reset, and user profile management.

βœ… Successfully tested and used in production at: πŸ”— https://pulsetalk-6lrk.onrender.com

πŸ”§ Installation

npm i authbackendpackage

πŸ“¦ Module Setup

// index.js or app.js
import express from "express";
import { createAuthModule } from "authbackendpackage";
import userModel from "./models/user.model.js";
import cloudinary from "./lib/cloudinary.js";

const app = express();

const auth = createAuthModule({
  userModel,
  cloudinaryInstance: cloudinary,
  jwtSecret: process.env.JWT_SECRET,
  BREVO_API_KEY=your_brevo_api_key_here
BREVO_SENDER_EMAIL=noreply@pulsetalk.com
BREVO_SENDER_NAME=PulseTalk
  env: process.env.NODE_ENV,
});

☁️ Cloudinary Configuration

Create an account on Cloudinary, generate API credentials, and store them in your .env file.

Cloudinary Instance:

import { config } from "dotenv";
import { v2 as cloudinary } from "cloudinary";
config();

cloudinary.config({
  cloud_name: process.env.CLOUDINARY_CLOUD_NAME,
  api_key: process.env.CLOUDINARY_API_KEY,
  api_secret: process.env.CLOUDINARY_API_SECRET,
});

export default cloudinary;

πŸ” JWT Secret

Set a secure JWT_SECRET string in your .env file.

πŸ“§ Mail Setup

Generate an App Password from your Gmail settings and store it in .env.

πŸ‘‰ Follow this Gmail App Password Guide

πŸ‘€ User Model Example

import mongoose from 'mongoose';

const userSchema = new mongoose.Schema({
  email: { type: String, required: true, unique: true },
  name: { type: String, required: true },
  password: { type: String, required: true },
  profilePicture: { type: String, default: "" },
}, { timestamps: true });

const User = mongoose.model('User', userSchema);
export default User;

πŸ”€ Routes Setup

app.post("/api/send-otp", auth.sendOtp);
app.post("/api/verify-otp", auth.verifyOTP);
app.post("/api/signup", auth.signup);
app.post("/api/login", auth.login);
app.post("/api/logout", auth.logout);
app.put("/api/update-profile", auth.updateProfile);
app.get("/api/check-auth", auth.checkAuth);
app.post("/api/forgot-password", auth.forgotPassword);

πŸ›‘οΈ Middleware: Protect Route

import jwt from "jsonwebtoken";
import user from "../models/user.model.js";
import dotenv from "dotenv";
dotenv.config();

export const protectRoute = async (req, res, next) => {
  try {
    const token = req.cookies.jwt;
    if (!token) {
      return res.status(401).json({ message: "Not authorized - No token provided" });
    }

    const decoded = jwt.verify(token, process.env.JWT_SECRET || "shreyash5506");
    const foundUser = await user.findById(decoded.userId).select("-password");

    if (!foundUser) {
      return res.status(401).json({ message: "Not authorized - User not found" });
    }

    req.user = foundUser;
    next();
  } catch (error) {
    console.error("Auth middleware error:", error);
    res.status(401).json({ message: "Not authorized - Invalid token" });
  }
}

🧠 Features

  • βœ… OTP verification via email (SMTP)
  • βœ… Signup with verified OTP
  • βœ… Secure login with JWT
  • βœ… Profile update with image support (Cloudinary)
  • βœ… Forgot password with bcrypt
  • βœ… Cookie-based logout
  • βœ… Middleware-ready routes

πŸ§ͺ Example .env

BREVO_API_KEY=your_brevo_api_key_here
BREVO_SENDER_EMAIL=[email protected]
BREVO_SENDER_NAME=PulseTalk
JWT_SECRET=your-secret-key
NODE_ENV=development
CLOUDINARY_CLOUD_NAME=your-cloud-name
CLOUDINARY_API_KEY=your-api-key
CLOUDINARY_API_SECRET=your-api-secret

πŸ“₯ Request Examples

1. Send OTP

POST /api/send-otp
Content-Type: application/json
{
  "email": "[email protected]"
}

2. Verify OTP

POST /api/verify-otp
Content-Type: application/json
{
  "email": "[email protected]",
  "otp": "123456"
}

3. Signup

POST /api/signup
Content-Type: application/json
{
  "email": "[email protected]",
  "password": "your-password",
  "name": "User Name"
}

4. Login

POST /api/login
Content-Type: application/json
{
  "email": "[email protected]",
  "password": "your-password"
}

5. Update Profile

PUT /api/update-profile
Content-Type: application/json
{
  "name": "New Name",
  "profilePicture": "base64encodedImageOrUrl"
}

6. Forgot Password

POST /api/forgot-password
Content-Type: application/json
{
  "email": "[email protected]",
  "newPassword": "new-secure-password"
}

πŸ” Cookie-Based JWT Auth

Authentication is done using httpOnly cookies which automatically expire after 7 days for enhanced security.

πŸš€ Live Usage Demo

βœ… Successfully running on: 🌐 https://pulsetalk-6lrk.onrender.com

πŸ“„ License

Licensed under Apache-2.0.

Built with ❀️ by the Shreyash Team

About

A modular auth backend npm package built with Node.js \& JWT for user registration, login, and route protection

Topics

nodejs npm-package expressjs cloudinary jwt-authentication authentication-backend nodemodules npmpackage

Resources

Readme
Activity

Stars

3 stars

Watchers

0 watching

Forks

0 forks
Report repository

Packages

No packages published

Languages