This is a simple scaffolding project used to test libraries.
- Rest services with Express.js
- Authentication with Passport.js
- MongoDb connection with Mongoose
- BCrypt with bcrypt-nodejs
- Cors support
- Users collection CRUD with MongoDb persistence
- Access token in jwt to handle basic authentication
- Refresh token to create access token
First install and configure mongodb. If the mongodb is hosted outside (ex. mlab) is possible to configure the URI and the db name in the files /src/env/development.js
Development on localhost or other development environment (ex. c9)
# Install packages
npm install
# Install mongo collection and default user
npm run mongo
# Run application with nodemon
npm run devIn production (ex. heroku) the environment variables to use are:
- NODE_ENV
- IP
- PORT
- DB_NAME
- DB_URI
- JWT_SECRET
You can find a Postman project with all the stub call exported in /test/nodejs-playground.postman_collection.json.
- Server side validation of Google OAuth2 client-side authentication (tricky)
- Tests
- Yarn
- Remove use of mongoose default mpromise (is deprecated)
- how to improve token lifecycle? I don't like the current result
- how is implemented mongoose id creation? See refresh token in signup
- why signin debug log return 401 but the actual result is 200?
- find a non deprecated libraries for bcrypt
- Stephen Grider great Udemy courses
- Passport flow overview great guide
- JWT
- csrf and node
- Token! great token example
- More Tokens
- More spanish refresh tokens docs
- Postmessage & OAuth 2.0
- Easy Node Authentication: Google
- google endpoints