Skip to content

soltex1/Node-Authentication-and-Authorization-Boilerplate

BranchesTags

Repository files navigation

Node-Authentication-and-Authorization-Boilerplate

🔐 A boilerplate application with JWT Authentication and Authorization strategies backed by Hapi and PostgreSQL.

DescriptionHow To UseDatabase ModelsScopesUsersEndpointsPluginsEnvironment Variables

Description

This project shows how to implement a consistent authentication and authorization system. There are a few endopoints, each one with a different authorization.

Use the Database Dump and the environment variable JWT_SECRET=MLH.gH)V#vj6m'J3 in order to execute the examples described below.

If you want to know more about how JWT works, please check the following links:

https://github.com/dwyl/hapi-auth-jwt2
https://github.com/dwyl/learn-json-web-tokens
https://jwt.io/introduction/

How To Use

git clone

npm install

node index.js to run the server.

Database Models

Table user

Name Type
id UUID
username VARCHAR
password VARCHAR (ENCRYPTED)
created_at TIMESTAMP WITH TIME ZONE
updated_at TIMESTAMP WITH TIME ZONE

Table user_session

Name Type
id UUID
user_id UUID
token VARCHAR
revoked BOOLEAN
created_at TIMESTAMP WITH TIME ZONE
updated_at TIMESTAMP WITH TIME ZONE

Table scope

Name Type
id UUID
name VARCHAR
created_at TIMESTAMP WITH TIME ZONE
updated_at TIMESTAMP WITH TIME ZONE

Table user_scope

Name Type
id UUID
user_id UUID
scope_id UUID
created_at TIMESTAMP WITH TIME ZONE
updated_at TIMESTAMP WITH TIME ZONE

You can download and use the Database Dump

Scopes

  • Admin: can access every section
  • A: can only access section A
  • B: can only access section B
  • C: can only access section C

Users

  • Admin: can access every section
  • user1: can only access section A and C
  • user2: can only access section B
  • user3: can only access section B

You can add as many scopes as you want and manage the permissions by adding or removing data from the user_scope table.

Endpoints

POST /users/login
POST /users/logout
POST /users/register
GET  /users/sectionA
GET  /users/sectionB
GET  /users/sectionC

Plugins

@hapi/boom
@hapi/glue
bcryptjs
bookshelf
jsonwebtoken
knex
pg

Internal Plugins

database.js

This plugin sets up the knex and bookshelf configurations.

auth.js

This plugin takes care of the authentication and authorization events.

Environment Variables

HOST
PORT
JWT_SECRET
DB_HOST
DB_NAME
DB_USER
DB_PASS

About

A boilerplate application with JWT Authentication and Authorization strategies backed by Hapi and PostgreSQL.

Topics

nodejs javascript jwt hapi knex postgresql jwt-authentication boilerplate-application bookshelfjs authorization-boilerplate

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages