JWT Implementation

Author: devyfs

.env.example

@@ -0,0 +1,6 @@
+DB_HOST=
+DB_DATABASE=
+DB_USERNAME=
+DB_PASSWORD=
+
+JWT_SECRET= 

.gitignore

@@ -0,0 +1,26 @@
+# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
+
+/storage/outputs/*
+/storage/uploads/*
+# dependencies
+/node_modules
+/.pnp
+.pnp.js
+
+# testing
+/coverage
+
+# production
+/build
+
+# misc
+.DS_Store
+.env
+.env.local
+.env.development.local
+.env.test.local
+.env.production.local
+
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*

README.md

@@ -0,0 +1,11 @@
+<p align="center"><img src="https://jwt.io/img/pic_logo.svg" width="100"></p> 
+  
+### <h1 align="center" id="heading">JWT Authentication Implementation in Node.js</h1>
+
+1. Copy `.env.example` to `.env`
+2. Update Database Credentials
+3. Create users table (node-jwt.sql)
+4. Update `JWT_SECRET` Key 
+5. Test API's in Postman
+
+Note:- You can use any random string as `JWT_SECRET`

app.js

@@ -0,0 +1,18 @@
+const express = require('express');
+const path = require('path');
+const cookieParser = require('cookie-parser');
+const logger = require('morgan');
+require('dotenv').config();
+
+const indexRouter = require('./routes/index'); 
+const app = express();
+
+app.use(logger('dev'));
+app.use(express.json());
+app.use(express.urlencoded({ extended: false }));
+app.use(cookieParser());
+app.use(express.static(path.join(__dirname, 'public')));
+
+app.use('/api', indexRouter); 
+
+module.exports = app;

bin/www

@@ -0,0 +1,90 @@
+#!/usr/bin/env node
+
+/**
+ * Module dependencies.
+ */
+
+var app = require('../app');
+var debug = require('debug')('node-jwt:server');
+var http = require('http');
+
+/**
+ * Get port from environment and store in Express.
+ */
+
+var port = normalizePort(process.env.PORT || '3000');
+app.set('port', port);
+
+/**
+ * Create HTTP server.
+ */
+
+var server = http.createServer(app);
+
+/**
+ * Listen on provided port, on all network interfaces.
+ */
+
+server.listen(port);
+server.on('error', onError);
+server.on('listening', onListening);
+
+/**
+ * Normalize a port into a number, string, or false.
+ */
+
+function normalizePort(val) {
+  var port = parseInt(val, 10);
+
+  if (isNaN(port)) {
+    // named pipe
+    return val;
+  }
+
+  if (port >= 0) {
+    // port number
+    return port;
+  }
+
+  return false;
+}
+
+/**
+ * Event listener for HTTP server "error" event.
+ */
+
+function onError(error) {
+  if (error.syscall !== 'listen') {
+    throw error;
+  }
+
+  var bind = typeof port === 'string'
+    ? 'Pipe ' + port
+    : 'Port ' + port;
+
+  // handle specific listen errors with friendly messages
+  switch (error.code) {
+    case 'EACCES':
+      console.error(bind + ' requires elevated privileges');
+      process.exit(1);
+      break;
+    case 'EADDRINUSE':
+      console.error(bind + ' is already in use');
+      process.exit(1);
+      break;
+    default:
+      throw error;
+  }
+}
+
+/**
+ * Event listener for HTTP server "listening" event.
+ */
+
+function onListening() {
+  var addr = server.address();
+  var bind = typeof addr === 'string'
+    ? 'pipe ' + addr
+    : 'port ' + addr.port;
+  debug('Listening on ' + bind);
+}

config/database.js

@@ -0,0 +1,6 @@
+module.exports = { 
+    host: process.env.DB_HOST,
+    database: process.env.DB_DATABASE,
+    username: process.env.DB_USERNAME,
+    password: process.env.DB_PASSWORD
+}

config/jwt.js

@@ -0,0 +1,10 @@
+/*
+*    ttl - JWT time to live(seconds or time units(https://github.com/vercel/ms))
+*    ttl: 3600 // 1 hour
+*    ttl: '1h' // 1 hour
+*    ttl: '7d' // 7 days
+*/
+module.exports = { 
+    secret: process.env.JWT_SECRET,
+    ttl: 3600
+}

controllers/auth.controller.js

@@ -0,0 +1,57 @@
+const User = require('../models/user.model');
+const cache = require('../utils/cache');
+const jwtConfig = require('../config/jwt');
+const jwt = require('../utils/jwt');
+const bcrypt = require('bcrypt');
+
+exports.register = async (req, res) => {
+    const hashedPassword = await bcrypt.hash(req.body.password, 10);
+
+    const user = await User.create({
+        name: req.body.name,
+        email: req.body.email,
+        password: hashedPassword
+    });
+    return res.json(user);
+}
+
+exports.login = async (req, res) => {
+    const user = await User.findOne({
+        where: {
+            email: req.body.email
+        }
+    });
+    if (user) {
+        const isMatched = await bcrypt.compare(req.body.password, user.password);
+        if (isMatched) {
+            const token = await jwt.createToken({ id: user.id });
+            return res.json({
+                access_token: token,
+                token_type: 'Bearer',
+                expires_in: jwtConfig.ttl
+            });
+        }
+    }
+    return res.status(401).json({ error: 'Unauthorized' });
+}
+
+exports.getUser = async (req, res) => {
+    const user = await User.findByPk(req.user.id);
+    return res.json(user);
+}
+
+exports.logout = async (req, res) => {
+    let token = req.headers.authorization;
+    if (token.startsWith('Bearer ')) {
+        token = token.slice(7, token.length);
+    }
+    const decoded = await jwt.verifyToken(token.trim());
+
+    const now = new Date();
+    const expire = new Date(decoded.exp);
+    const milliseconds = now.getTime() - expire.getTime();
+    /* ----------------------------- BlackList Token ---------------------------- */
+    await cache.set(token, token, milliseconds);
+
+    return res.json({ message: 'Logged out successfully' });
+}

middleware/auth.guard.js

@@ -0,0 +1,29 @@
+const jwt = require('../utils/jwt');
+const cache = require('../utils/cache');
+
+module.exports = async (req, res, next) => {
+
+    let token = req.headers.authorization;
+    if (token && token.startsWith('Bearer ')) {
+        token = token.slice(7, token.length);
+    }
+
+    if (token) {
+        try {
+            /* ---------------------- Check For Blacklisted Tokens ---------------------- */
+            const isBlackListed = await cache.get(token.trim());
+            if (isBlackListed) {
+                return res.status(401).json({ error: 'Unauthorized' });
+            }
+            
+            const decoded = await jwt.verifyToken(token.trim());
+            req.user = decoded;
+            next();
+
+        } catch (error) { 
+            return res.status(401).json({ error: 'Unauthorized' });
+        }
+    } else {
+        return res.status(400).json({ error: 'Authorization header is missing.' })
+    }
+}

models/connection.js

@@ -0,0 +1,11 @@
+const { Sequelize } = require('sequelize');
+const config = require('../config/database'); 
+
+const sequelize = new Sequelize(config.database, config.username, config.password, {
+    host: config.host,
+    dialect: 'mysql',
+    operatorsAliases: 'false',
+    logging: false
+});  
+
+module.exports = sequelize

models/user.model.js

@@ -0,0 +1,18 @@
+const { DataTypes } = require('sequelize');
+const sequelize = require('./connection');
+
+const User = sequelize.define('User', {
+    name: {
+        type: DataTypes.STRING 
+    },
+    email: {
+        type: DataTypes.STRING 
+    },
+    password: {
+        type: DataTypes.STRING 
+    }
+}, {
+    createdAt: 'created_at',
+    updatedAt: 'updated_at'
+}); 
+module.exports = User;

node-jwt.sql

@@ -0,0 +1,70 @@
+-- phpMyAdmin SQL Dump
+-- version 5.1.1
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Generation Time: Mar 18, 2022 at 11:07 AM
+-- Server version: 10.4.22-MariaDB
+-- PHP Version: 7.4.26
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `node-jwt`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE `users` (
+  `id` bigint(20) UNSIGNED NOT NULL,
+  `name` varchar(255) COLLATE utf8mb4_unicode_ci NOT NULL,
+  `email` varchar(255) COLLATE utf8mb4_unicode_ci NOT NULL,
+  `password` varchar(255) COLLATE utf8mb4_unicode_ci NOT NULL,
+  `created_at` timestamp NULL DEFAULT NULL,
+  `updated_at` timestamp NULL DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
+
+--
+-- Dumping data for table `users`
+--
+
+INSERT INTO `users` (`id`, `name`, `email`, `password`, `created_at`, `updated_at`) VALUES
+(1, 'Akash Verma', '[email protected]', '$2b$10$Rlme91E11wfRumYjPfw07.8MXOXQDVMC1bPWWvv4PczJohwnGLTNC', '2022-03-18 08:49:40', '2022-03-18 08:49:40');
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`id`),
+  ADD UNIQUE KEY `users_email_unique` (`email`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `users`
+--
+ALTER TABLE `users`
+  MODIFY `id` bigint(20) UNSIGNED NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=2;
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;