This is a session-based authentication system built using Express.js and MongoDB. It includes secure authentication, user management, and developer utilities.
- User authentication (via password or OTP)
- Secure session management with
express-session
and Redis - User email and password update
- Developer tools for testing login methods and OTP generation
- Swagger documentation for API exploration
-
Redis: This project requires Redis for session storage. Make sure Redis is installed and running on your system.
-
Node.js: Install Node.js (version 14 or higher).
-
MongoDB: Ensure MongoDB is installed and running.
-
Clone the repository:
git clone https://github.com/mohsen104/Session-Based-Authentication.git cd Session-Based-Authentication
-
Install dependencies:
npm install
-
Create a
.env
file in the root directory and configure the following environment variables:NODE_ENV PORT MONGO_URI COOKIE_PARSER_SECRET_KEY JWT_SECRET_KEY SESSION_SECRET_KEY
-
Start the application:
-
Development mode:
npm run dev
-
Production mode:
npm start
-
The API is documented using Swagger and can be accessed at:
http://localhost:3000/api-docs
- Base URL:
http://localhost:3000/api
- Tags:
User
: Routes for user authentication and managementDev
: Developer utilities
npm run dev
: Run the app in development mode usingnodemon
.npm start
: Run the app in production mode.
-
Production:
express
: Web frameworkexpress-session
: Session managementconnect-redis
: Redis session storemongoose
: MongoDB object modelingbcryptjs
: Password hashinghelmet
: Security headerscors
: Cross-origin resource sharing
-
Development:
dotenv
: Environment variable managementnodemon
: Development server reloaderswagger-jsdoc
: API documentation generatorswagger-ui-express
: Swagger UI for documentation