Authentication boilerplate in Node.js with security and scalability in mind.
- login/logout/register + session expiry
- email verification (
"Confirm your email") - password reset (
"Forgot password") - password confirmation (
"Re-enter your password") - persistent login (
"Remember me") - account lockout (
"Too many failed login attempts") - rate limiting (
"Too many requests")
nodeandnpm(e.g. usingnvm)dockeranddocker-compose- could also use a local
mongodb-organdredis-server - otherwise, a remote service e.g. Atlas/mLab and Redis Labs
- could also use a local
# (Linux) Must export UID to have the right permissions
export UID
# Boot MongoDB & Redis containers, and launch a local Express server
npm run up| Method | URI | Middleware |
|---|---|---|
| POST | /register | guest |
| POST | /login | guest |
| POST | /logout | auth |
| GET|HEAD | /home | auth |
| POST | /email/verify | |
| POST | /email/resend | |
| POST | /password/email | |
| POST | /password/reset | |
| POST | /password/confirm | auth |