Collecting workspace information# Eduverse API
A RESTful authentication API built with Express.js and MongoDB that provides user registration and login functionality with secure token-based authentication.
-
User Authentication
- Registration with fullname, email, and password
- Login with email and password
- JWT-based authentication
- Password encryption using bcrypt
- Session management with HTTP-only cookies
- Last login tracking
-
API Health Monitoring
- Database connection status
- Server uptime monitoring
- Memory usage statistics
- Environment information
-
Security Features
- Password hashing with bcrypt
- Token-based authentication
- HTTP-only secure cookies
- CORS protection
- Input validation
- Node.js - JavaScript runtime
- Express.js - Web framework
- MongoDB - NoSQL database
- Mongoose - MongoDB object modeling
- JWT - JSON Web Tokens for authentication
- bcrypt - Password hashing
- dotenv - Environment variable management
eduverse-api/
├── .env # Environment variables
├── app.js # Express application setup
├── constants.js # Application constants
├── index.js # Entry point
├── package.json # Project metadata and dependencies
├── controllers/ # Request handlers
│ └── user.controllers.js
├── db/ # Database configuration
│ └── config.js
├── middlewares/ # Custom middleware functions
│ └── verifyMember.middleware.js
├── models/ # Database models
│ └── user.models.js
├── routes/ # API routes
│ └── user.routes.js
└── utils/ # Utility functions
├── ApiError.js # Custom error handling
├── ApiResponse.js # Response formatting
└── asyncHandler.js # Async error wrapper
-
POST /api/v1/auth/register
- Register a new user
- Request body:
{ fullname, email, password } - Returns: User object without password
-
POST /api/v1/auth/login
- Login an existing user
- Request body:
{ email, password } - Returns: Access token
- Sets HTTP-only cookie with access token
- GET /health
- Check API and database health
- Returns: System status information
- Node.js (v16+)
- MongoDB instance (local or remote)
-
Clone the repository
git clone https://github.com/yourusername/eduverse-api.git cd eduverse-api -
Install dependencies
npm install
-
Configure environment variables Create a .env file in the root directory:
PORT=3001 MONGODB_URI=mongodb://localhost:27017 ACCESS_TOKEN_SECRET=your_secret_key_here ACCESS_TOKEN_EXPIRY=1d -
Start the server
npm start
The server will run at http://localhost:3001
curl -X POST http://localhost:3001/api/v1/auth/register \
-H "Content-Type: application/json" \
-d '{
"fullname": "John Doe",
"email": "john.doe@example.com",
"password": "securePassword123"
}'curl -X POST http://localhost:3001/api/v1/auth/login \
-H "Content-Type: application/json" \
-d '{
"email": "john.doe@example.com",
"password": "securePassword123"
}'curl -X GET http://localhost:3001/api/v1/protected-route \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."- Passwords are hashed using bcrypt with a salt factor of 10
- Authentication tokens are stored in HTTP-only cookies to prevent XSS attacks
- Input validation is performed on all user-provided data
- CORS is configured to allow only specific origins
The API uses a custom error handling system:
ApiErrorclass for throwing consistent errorsApiResponseclass for formatting successful responsesasyncHandlerutility to handle asynchronous errors
npm startPORT: Server port (default: 3001)MONGODB_URI: MongoDB connection stringACCESS_TOKEN_SECRET: Secret for JWT token signingACCESS_TOKEN_EXPIRY: JWT token expiration (e.g., "1d" for one day)
This project is licensed under the ISC License.
- Your Name - Initial work
- MongoDB team for their excellent database
- Express.js community for the robust web framework
- Node.js community for the JavaScript runtime