quilox-auth

# Quilox Auth 🔑 Quilox-Auth is a robust and scalable authentication and authorization boilerplate built on the Node.js and Express.js stack. It provides a secure foundation for any API, featuring: # Overview JSON Web Token (JWT) Authentication: For stateless and secure user sessions. Role-Based Access Control (RBAC): To manage and restrict user permissions. Data Validation: Ensures incoming data is clean and valid. Secure Password Handling: Uses bcrypt for one-way password hashing. Modular Architecture: Keeps the codebase organized and easy to extend. This project is designed to be a starting point, providing all the core security features you need to build your API with confidence.This module is built with security best practices in mind, including password hashing, token expiration, and secure route protection. # Prerequisites To use this module, you should have the following installed: Node.js (LTS version) MongoDB npm Installation You can install Quilox Auth in your Node.js project using npm. npm install quilox-auth Since this module is a complete solution, you'll also need to install the core dependencies used in the project. npm install express mongoose bcrypt jsonwebtoken dotenv # Getting Started Follow these steps to get your project up and running. 1. Clone the Repository Bash: npm install git clone <your-repository-url> cd <your-project-directory> 2. Install Dependencies Use npm to install all the necessary packages for the project. Bash <npm install> 3. Configuration (.env) Create a .env file in the root of your project to store sensitive information. MONGO_URI=your_mongodb_connection_string JWT_SECRET=your_super_secret_jwt_key JWT_EXPIRES_IN=1h JWT_REFRESH_SECRET=your_super_secret_refresh_key JWT_REFRESH_EXPIRES_IN=7d 4. Run the Server Start the application using the following command: Bash node server.js The server should now be running, and you'll see a message in your console: Server is listening on port 3000. # API Endpoints POST /api/users Creates a new user (registration). Public GET /api/users Retrieves a list of all users. Private (Admin-only) GET /api/users/:id Retrieves a single user by ID. Private (Admin-only) PUT /api/users/:id Updates a user's details. Private (Admin-only) DELETE /api/users/:id Deletes a user. Private (Admin-only) POST /api/posts Creates a new post. Private (Admin/Editor) GET /api/posts Retrieves a list of all posts. Public GET /api/posts/:id Retrieves a single post by ID. Public PUT /api/posts/:id Updates a post. Private (Admin/Editor) DELETE /api/posts/:id Deletes a post. Private (Admin-only) # Project Structure . ├── .env # Environment variables ├── node_modules/ # Installed dependencies ├── package.json # Project metadata ├── server.js # Main entry point of the app └── src/ ├── api/ │ ├── routes/ │ │ ├── authRoutes.js # User registration and login │ │ ├── userRoutes.js # API endpoints for user management │ │ └── postRoutes.js # API endpoints for post management ├── middleware/ │ ├── authMiddleware.js # JWT authentication middleware │ ├── rbacMiddleware.js # Role-based access control │ └── validatorMiddleware.js# Joi-based data validation └── utils/ ├── jwtUtils.js # JWT generation and verification └── passwordUtils.js # Password hashing and comparison # Contributing We welcome contributions! If you would like to contribute, please follow these steps: Fork the repository. Create a new branch (git checkout -b feature/your-feature-name). Make your changes and write clear commit messages. Push to your fork (git push origin feature/your-feature-name). Create a pull request with a detailed description of your changes. # License This project is licensed under the MIT License. See the LICENSE file for details.