Table of Contents
For this series, I'm following an excellent video tutorial from Traversy Media
Introduction
To get started with user registration and authentication, we'll begin by installing the necessary dependencies. Specifically, we'll use the bcryptjs library to securely store user passwords as hashes, and the jsonwebtoken library to generate JSON Web Tokens (JWT) for user authentication.
Install Dependencies
Firstly, let's install the required libraries:
npm i bcryptjs
npm i jsonwebtoken
Generate JWT Token
In this step, we are creating a function to generate a JWT token to use later. Write this function in userController.js file.
const jwt = require("jsonwebtoken");
const bcrypt = require("bcryptjs");
const asyncHandler = require("express-async-handler");
const User = require("../models/userModel");
// Generate JWT
const generateToken = (id) => {
return jwt.sign({ id }, process.env.JWT_SECRET, { expiresIn: "30d" });
};
Don't forget to initialize the JWT_SECRET variable in your .env file. You can choose any suitable value for it.
Register User
Now, we'll write down the logic for registering a user in userController.js file.
const registerUser = asyncHandler(async (req, res) => {
const { name, email, password } = req.body;
if (!name || !email || !password) {
res.status(400);
throw new Error("Please add all fields");
}
// check if user exists
const userExists = await User.findOne({ email });
if (userExists) {
res.status(400);
throw new Error("User already exists");
}
// create hash password
const salt = await bcrypt.genSalt(10);
const hashedPassword = await bcrypt.hash(password, salt);
// create user
const user = await User.create({
name,
email,
password: hashedPassword,
});
if (user) {
res.status(201).json({
_id: user.id,
name: user.name,
email: user.email,
token: generateToken(user._id),
});
} else {
res.status(400);
throw new Error("Invalid user data");
}
});
Let's test the registration process using Postman and ensure everything works as expected.
And it'll show an error if you try to add the same user again.
Authenticate User
To enable authentication for a registered user, we will implement a 'Login User' function within the userController file, which will involve verifying the user's identity by comparing their provided email and password.
const loginUser = asyncHandler(async (req, res) => {
const { email, password } = req.body;
if (!email || !password) {
res.status(400);
throw new Error("Please add all fields");
}
// Check for user email
const user = await User.findOne({ email });
if (user && (await bcrypt.compare(password, user.password))) {
res.json({
_id: user.id,
name: user.name,
email: user.email,
token: generateToken(user._id),
});
} else {
res.status(400);
throw new Error("Invalid credentials");
}
});
Let's test the login process with correct and incorrect credentials.
In the next article, we'll work on Authentication Middleware and also create a new API to get logged-in user data.
Connect with me
Top comments (8)
Thank you for sharing this is what I am goign to use for my project
Do you know how to add a middleware to routes ?
I'm glad that it is helpful for you.
I am going to write about middleware in my next blog but you can also check this video.
Thank you very much for the video link it was helpful because I was stuck on how to use the token
I know Traversy Media from Packt Publishing site, Brad is a very good tutor
So I have been able to finish a first version of a project API
You can find it on my GitHub
I am thinking about writing a tutorial on how I am coding it, it was inspired by Medusajs early versions
Certainly, it's a great idea to explore that topic in writing.
good job 👏👏
Nice series of tutorial. I'm adding this here as an intro, about how to secure APIs in node, using Basic Authentication, API Keys and JWT tokens. JWT tokens are definitely the best, especially for jam-stack apps.
What database do you use
For this series, I used MongoDB.