DEV Community: kathir b The latest articles on DEV Community by kathir b (@kathir_b_7a1a5642d3c42779). https://dev.to/kathir_b_7a1a5642d3c42779 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1984332%2Facd1d12c-ce40-4df3-9751-c748bc9e8dfb.png DEV Community: kathir b https://dev.to/kathir_b_7a1a5642d3c42779 en 📱 Mobile Web Dev Showdown: Frameworks, Performance & UX kathir b Wed, 04 Feb 2026 12:53:35 +0000 https://dev.to/kathir_b_7a1a5642d3c42779/mobile-web-dev-showdown-frameworks-performance-ux-4eh7 https://dev.to/kathir_b_7a1a5642d3c42779/mobile-web-dev-showdown-frameworks-performance-ux-4eh7 <h1> 📱 Mobile Web Dev Showdown: Frameworks, Performance &amp; UX </h1> <p><em>How to Build Mobile Experiences That Don’t Suck</em></p> <h2> Why Mobile Web Development Isn’t Just "Smaller Screens" </h2> <p>Let’s be real: mobile isn’t the future anymore—it’s the present. But building for mobile web is a whole different beast compared to desktop. It’s not just about making things smaller; it’s about rethinking touch interactions, performance on spotty connections, and interfaces that feel natural in your hand.</p> <p>In this post, we’ll compare the core considerations for mobile web development, complete with code examples and practical tips you can use today.</p> <h2> 1. 📱 Mobile-First Responsive Design </h2> <p>Forget desktop-first. On mobile, you’re dealing with:</p> <ul> <li>Touch targets that need to be at least 44×44px</li> <li>No hover states (RIP, <code>:hover</code>)</li> <li>Limited screen real estate</li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight css"><code><span class="c">/* Mobile-first responsive base */</span> <span class="nc">.button</span> <span class="p">{</span> <span class="nl">min-height</span><span class="p">:</span> <span class="m">44px</span><span class="p">;</span> <span class="c">/* Minimum touch target */</span> <span class="nl">min-width</span><span class="p">:</span> <span class="m">44px</span><span class="p">;</span> <span class="nl">padding</span><span class="p">:</span> <span class="m">1rem</span><span class="p">;</span> <span class="c">/* Space for fingers, not mice */</span> <span class="p">}</span> <span class="c">/* Viewport-relative units for fluid typography */</span> <span class="nt">h1</span> <span class="p">{</span> <span class="nl">font-size</span><span class="p">:</span> <span class="n">clamp</span><span class="p">(</span><span class="m">1.5rem</span><span class="p">,</span> <span class="m">5vw</span><span class="p">,</span> <span class="m">3rem</span><span class="p">);</span> <span class="p">}</span> <span class="o">~~~</span><span class="p">{</span><span class="err">%</span> <span class="err">endraw</span> <span class="err">%</span><span class="p">}</span> <span class="o">**</span><span class="nt">Pro</span> <span class="nt">tip</span><span class="o">**:</span> <span class="nt">Use</span> <span class="p">{</span><span class="err">%</span> <span class="err">raw</span> <span class="err">%</span><span class="p">}</span><span class="err">`</span><span class="nt">touch-action</span><span class="o">:</span> <span class="nt">manipulation</span><span class="err">`</span><span class="p">{</span><span class="err">%</span> <span class="err">endraw</span> <span class="err">%</span><span class="p">}</span> <span class="nt">to</span> <span class="nt">eliminate</span> <span class="nt">the</span> <span class="err">300</span><span class="nt">ms</span> <span class="nt">tap</span> <span class="nt">delay</span><span class="o">:</span><span class="p">{</span><span class="err">%</span> <span class="err">raw</span> <span class="err">%</span><span class="p">}</span> <span class="o">~~~</span><span class="nt">css</span> <span class="o">*</span> <span class="p">{</span> <span class="py">touch-action</span><span class="p">:</span> <span class="n">manipulation</span><span class="p">;</span> <span class="p">}</span> <span class="o">~~~</span><span class="p">{</span><span class="err">%</span> <span class="err">endraw</span> <span class="err">%</span><span class="p">}</span> <span class="err">##</span> <span class="err">2</span><span class="o">.</span> <span class="err">⚡</span> <span class="nt">Performance</span> <span class="nt">Is</span> <span class="nt">Non-Negotiable</span> <span class="nt">Mobile</span> <span class="nt">users</span> <span class="nt">have</span> <span class="nt">less</span> <span class="nt">patience</span> <span class="nt">and</span> <span class="nt">slower</span> <span class="nt">connections</span><span class="o">.</span> <span class="nt">Here</span><span class="s2">'s your performance checklist:{% raw %} ~~~javascript // Lazy load below-the-fold images const observer = new IntersectionObserver((entries) =&gt; { entries.forEach(entry =&gt; { if (entry.isIntersecting) { const img = entry.target; img.src = img.dataset.src; observer.unobserve(img); } }); }); // Register Service Worker for PWA capabilities if ('</span><span class="nt">serviceWorker</span><span class="s2">' in navigator) { navigator.serviceWorker.register('</span><span class="o">/</span><span class="nt">sw</span><span class="nc">.js</span><span class="s2">'); } ~~~ **Key Metrics:** - First Contentful Paint &lt; 1.5s - Time to Interactive &lt; 5s - First Input Delay &lt; 100ms ## 3. 🛠 Framework Face-Off ### React Native vs. PWA vs. Flutter Web **React Native Web**: ~~~jsx // One codebase for web and native import { View, Text } from '</span><span class="nt">react-native-web</span><span class="s2">'; const App = () =&gt; ( &lt;View style={{flex: 1, justifyContent: '</span><span class="nt">center</span><span class="s2">'}}&gt; &lt;Text&gt;Write once, run everywhere&lt;/Text&gt; &lt;/View&gt; ); ~~~ **PWA Checklist:** - Service Worker for offline - Web App Manifest - App-like navigation - Push notifications ## 4. 📊 Real-World Performance Comparison | Framework | Bundle Size | Time to Interactive | PWA Support | |-----------|-------------|-------------------|-------------| | React | 45kb gzipped | ~2.1s | ✅ | | Vue | 33kb gzipped | ~1.8s | ✅ | | Svelte | 4.5kb gzipped| ~1.2s | ✅ | | Vanilla JS| 0kb (native) | ~0.8s | ✅ | ## 5. 💡 Mobile-Specific Features You Need ~~~javascript // Device orientation window.addEventListener("deviceorientation", (event) =&gt; { const tiltLR = event.beta; // Tilt front/back const tiltFB = event.gamma; // Tilt left/right }); // Vibration API for haptic feedback navigator.vibrate(200); // Network information API if (navigator.connection) { navigator.connection.addEventListener('</span><span class="nt">change</span><span class="s2">', (e) =&gt; { adjustQualityBasedOnConnection(e.target.effectiveType); }); } ~~~ ## 6. 🧪 Testing Mobile Quirks ~~~javascript // Feature detection, not browser sniffing if ('</span><span class="nt">ontouchstart</span><span class="s2">' in window) { // Touch device document.addEventListener('</span><span class="nt">touchstart</span><span class="s2">', handleTouch, {passive: true}); } else { // Desktop document.addEventListener('</span><span class="nt">click</span><span class="s2">', handleClick); } // Check for PWA installation window.addEventListener('</span><span class="nt">beforeinstallprompt</span><span class="s2">', (e) =&gt; { // Prompt user to install PWA e.prompt(); }); ~~~ ## Key Takeaways 🎯 1. **Mobile-First is Content-First** – Design your information hierarchy for small screens first 2. **Performance = UX** – Users abandon sites that take &gt;3 seconds to load 3. **Touch First** – Design for thumbs, not cursors 4. **PWA is not optional** – Installability and offline access are expected 5. **Test on Real Devices** – Simulators lie about touch targets and latency ## The Bottom Line Mobile web development isn'</span><span class="nt">t</span> <span class="nt">just</span> <span class="nt">responsive</span> <span class="nt">design</span><span class="err">—</span><span class="nt">it</span><span class="s2">'s a fundamentally different approach. It'</span><span class="nt">s</span> <span class="nt">about</span> <span class="nt">touch</span> <span class="nt">interfaces</span><span class="o">,</span> <span class="nt">variable</span> <span class="nt">network</span> <span class="nt">conditions</span><span class="o">,</span> <span class="nt">and</span> <span class="nt">understanding</span> <span class="nt">that</span> <span class="nt">your</span> <span class="nt">user</span> <span class="nt">might</span> <span class="nt">be</span> <span class="nt">holding</span> <span class="nt">their</span> <span class="nt">phone</span> <span class="nt">while</span> <span class="nt">walking</span> <span class="nt">down</span> <span class="nt">the</span> <span class="nt">street</span><span class="o">.</span> <span class="nt">The</span> <span class="nt">best</span> <span class="nt">mobile</span> <span class="nt">experiences</span> <span class="nt">feel</span> <span class="nt">native</span><span class="o">,</span> <span class="nt">load</span> <span class="nt">instantly</span><span class="o">,</span> <span class="nt">and</span> <span class="nt">work</span> <span class="nt">offline</span><span class="o">.</span> <span class="nt">They</span> <span class="nt">respect</span> <span class="nt">the</span> <span class="nt">user</span><span class="s2">'s data plan, battery, and attention. Your mobile site shouldn'</span><span class="nt">t</span> <span class="nt">just</span> <span class="nt">be</span> <span class="nt">a</span> <span class="s1">"mobile version"</span><span class="err">—</span><span class="nt">it</span> <span class="nt">should</span> <span class="nt">be</span> <span class="nt">the</span> <span class="nt">best</span> <span class="nt">version</span><span class="o">.</span> <span class="o">**</span><span class="nt">The</span> <span class="nt">winning</span> <span class="nt">formula</span><span class="o">**:</span> <span class="nt">Mobile-first</span> <span class="nt">responsive</span> <span class="nt">design</span> <span class="o">+</span> <span class="nt">PWA</span> <span class="nt">capabilities</span> <span class="o">+</span> <span class="nt">performance</span> <span class="nt">optimization</span><span class="o">.</span> <span class="nt">---</span> <span class="o">*</span><span class="nt">Ready</span> <span class="nt">to</span> <span class="nt">dive</span> <span class="nt">deeper</span><span class="o">?*</span> <span class="nt">Share</span> <span class="nt">your</span> <span class="nt">mobile</span> <span class="nt">web</span> <span class="nt">horror</span> <span class="nt">stories</span> <span class="nt">or</span> <span class="nt">success</span> <span class="nt">tips</span> <span class="nt">in</span> <span class="nt">the</span> <span class="nt">comments</span><span class="o">!</span> <span class="nt">What</span><span class="err">'</span><span class="nt">s</span> <span class="nt">your</span> <span class="nt">biggest</span> <span class="nt">mobile</span> <span class="nt">web</span> <span class="nt">development</span> <span class="nt">challenge</span><span class="o">?</span> <span class="nt">Tags</span><span class="o">:</span> <span class="nf">#MobileWeb</span> <span class="nf">#PWA</span> <span class="nf">#WebPerformance</span> <span class="nf">#Frontend</span> <span class="nf">#WebDev</span> </code></pre> </div> programming webdev tutorial Deploying a MERN Stack App on AWS EC2 kathir b Fri, 07 Mar 2025 12:21:43 +0000 https://dev.to/kathir_b_7a1a5642d3c42779/deploying-a-mern-stack-app-on-aws-ec2-4865 https://dev.to/kathir_b_7a1a5642d3c42779/deploying-a-mern-stack-app-on-aws-ec2-4865 <h2> Deploying a MERN Stack App on AWS EC2 </h2> <h3> Introduction </h3> <p>AWS EC2 is a scalable cloud server where we can host a MERN stack app. This guide walks through deployment. </p> <h3> Step 1: Launch an EC2 Instance </h3> <ol> <li>Log in to AWS Console. </li> <li>Choose Ubuntu Server 20.04. </li> <li>Configure security group to allow HTTP, HTTPS, and SSH access. </li> </ol> <h3> Step 2: Connect to EC2 </h3> <p>Use SSH:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>ssh <span class="nt">-i</span> your-key.pem ubuntu@your-ec2-instance-ip </code></pre> </div> <h3> Step 3: Install Node.js &amp; MongoDB </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>curl <span class="nt">-fsSL</span> https://deb.nodesource.com/setup_16.x | <span class="nb">sudo</span> <span class="nt">-E</span> bash - <span class="nb">sudo </span>apt <span class="nb">install</span> <span class="nt">-y</span> nodejs mongodb </code></pre> </div> <h3> Step 4: Deploy MERN App </h3> <p>Clone your repo, install dependencies, and start the app:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>git clone https://github.com/your-repo.git <span class="nb">cd </span>your-repo npm <span class="nb">install </span>node server.js </code></pre> </div> <h3> Step 5: Setup PM2 for Process Management </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install</span> <span class="nt">-g</span> pm2 pm2 start server.js <span class="nt">--name</span> mymernapp pm2 save pm2 startup </code></pre> </div> <h3> Step 6: Configure Nginx as a Reverse Proxy </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">sudo </span>apt <span class="nb">install </span>nginx <span class="nb">sudo </span>nano /etc/nginx/sites-available/default </code></pre> </div> <p>Add this configuration:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>server { listen 80; server_name your-domain.com; location / { proxy_pass http://localhost:5000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; } } </code></pre> </div> <p>Restart Nginx:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">sudo </span>systemctl restart nginx </code></pre> </div> <h3> Conclusion </h3> <p>Your MERN app is now running on AWS EC2 with Nginx handling traffic.</p> Mastering Web Scraping with Puppeteer kathir b Fri, 07 Mar 2025 12:21:38 +0000 https://dev.to/kathir_b_7a1a5642d3c42779/mastering-web-scraping-with-puppeteer-n9g https://dev.to/kathir_b_7a1a5642d3c42779/mastering-web-scraping-with-puppeteer-n9g <h2> Mastering Web Scraping with Puppeteer </h2> <h3> Introduction </h3> <p>Web scraping is a powerful technique for extracting data from websites. Puppeteer, a Node.js library, provides an easy-to-use API to automate browser tasks. </p> <h3> Step 1: Install Puppeteer </h3> <p>Run the following command:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>puppeteer </code></pre> </div> <h3> Step 2: Create a Scraper Script </h3> <p>Use Puppeteer to navigate a webpage and extract data:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">puppeteer</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">puppeteer</span><span class="dl">'</span><span class="p">);</span> <span class="p">(</span><span class="k">async </span><span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">browser</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">puppeteer</span><span class="p">.</span><span class="nf">launch</span><span class="p">({</span> <span class="na">headless</span><span class="p">:</span> <span class="kc">true</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">page</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">browser</span><span class="p">.</span><span class="nf">newPage</span><span class="p">();</span> <span class="k">await</span> <span class="nx">page</span><span class="p">.</span><span class="nf">goto</span><span class="p">(</span><span class="dl">'</span><span class="s1">https://example.com</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">data</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">page</span><span class="p">.</span><span class="nf">evaluate</span><span class="p">(()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">return</span> <span class="nb">document</span><span class="p">.</span><span class="nf">querySelector</span><span class="p">(</span><span class="dl">'</span><span class="s1">h1</span><span class="dl">'</span><span class="p">).</span><span class="nx">innerText</span><span class="p">;</span> <span class="p">});</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">Extracted Data:</span><span class="dl">"</span><span class="p">,</span> <span class="nx">data</span><span class="p">);</span> <span class="k">await</span> <span class="nx">browser</span><span class="p">.</span><span class="nf">close</span><span class="p">();</span> <span class="p">})();</span> </code></pre> </div> <h3> Step 3: Handling Dynamic Content </h3> <p>If the content loads dynamically, use Puppeteer's wait functions:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="k">await</span> <span class="nx">page</span><span class="p">.</span><span class="nf">waitForSelector</span><span class="p">(</span><span class="dl">'</span><span class="s1">.dynamic-content</span><span class="dl">'</span><span class="p">);</span> </code></pre> </div> <h3> Step 4: Optimizing Scraping </h3> <ul> <li>Use <code>page.setUserAgent</code> to mimic real browsers. </li> <li>Avoid detection by rotating headers and proxies. </li> </ul> <h3> Conclusion </h3> <p>Puppeteer is a powerful tool for web scraping, automation, and testing. Experiment with different techniques and optimize based on your needs.</p> How to Build a Secure User Authentication System in Node.js kathir b Fri, 07 Mar 2025 08:55:07 +0000 https://dev.to/kathir_b_7a1a5642d3c42779/how-to-build-a-secure-user-authentication-system-in-nodejs-3bok https://dev.to/kathir_b_7a1a5642d3c42779/how-to-build-a-secure-user-authentication-system-in-nodejs-3bok <h2> Introduction </h2> <p>User authentication is a critical part of any web application. In this tutorial, we'll build a <strong>secure authentication system in Node.js</strong> using <strong>JWT (JSON Web Token)</strong>, <strong>bcrypt</strong> for password hashing, and <strong>Express.js</strong> for handling routes.</p> <p>By the end of this guide, you'll be able to:</p> <ul> <li><strong>Register users securely</strong></li> <li><strong>Hash passwords using bcrypt</strong></li> <li><strong>Authenticate users using JWT</strong></li> <li><strong>Protect API routes with middleware</strong></li> </ul> <h2> Step 1: Set Up Your Node.js Project </h2> <p>First, create a new project and install dependencies:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">mkdir </span>auth-system <span class="o">&amp;&amp;</span> <span class="nb">cd </span>auth-system npm init <span class="nt">-y</span> npm <span class="nb">install </span>express bcryptjs jsonwebtoken dotenv cors mongoose </code></pre> </div> <h3> Create a <code>.env</code> File </h3> <p>Create a <code>.env</code> file for environment variables:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>PORT=5000 MONGO_URI=mongodb://localhost:27017/auth_db JWT_SECRET=your_jwt_secret_key </code></pre> </div> <h2> Step 2: Set Up Express Server </h2> <p>Create <code>server.js</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">dotenv</span><span class="dl">'</span><span class="p">).</span><span class="nf">config</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">express</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">express</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">mongoose</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">mongoose</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">cors</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">cors</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">userRoutes</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">./routes/userRoutes</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">();</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">express</span><span class="p">.</span><span class="nf">json</span><span class="p">());</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nf">cors</span><span class="p">());</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="dl">'</span><span class="s1">/api/users</span><span class="dl">'</span><span class="p">,</span> <span class="nx">userRoutes</span><span class="p">);</span> <span class="nx">mongoose</span><span class="p">.</span><span class="nf">connect</span><span class="p">(</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">MONGO_URI</span><span class="p">,</span> <span class="p">{</span> <span class="na">useNewUrlParser</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">useUnifiedTopology</span><span class="p">:</span> <span class="kc">true</span> <span class="p">})</span> <span class="p">.</span><span class="nf">then</span><span class="p">(()</span> <span class="o">=&gt;</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">MongoDB Connected</span><span class="dl">'</span><span class="p">))</span> <span class="p">.</span><span class="k">catch</span><span class="p">(</span><span class="nx">err</span> <span class="o">=&gt;</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">err</span><span class="p">));</span> <span class="kd">const</span> <span class="nx">PORT</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">PORT</span> <span class="o">||</span> <span class="mi">5000</span><span class="p">;</span> <span class="nx">app</span><span class="p">.</span><span class="nf">listen</span><span class="p">(</span><span class="nx">PORT</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="s2">`Server running on port </span><span class="p">${</span><span class="nx">PORT</span><span class="p">}</span><span class="s2">`</span><span class="p">));</span> </code></pre> </div> <h2> Step 3: Create User Model </h2> <p>Create <code>models/User.js</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">mongoose</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">mongoose</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">userSchema</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">mongoose</span><span class="p">.</span><span class="nc">Schema</span><span class="p">({</span> <span class="na">name</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">required</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="na">email</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">required</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">unique</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="na">password</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">required</span><span class="p">:</span> <span class="kc">true</span> <span class="p">}</span> <span class="p">});</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="nx">mongoose</span><span class="p">.</span><span class="nf">model</span><span class="p">(</span><span class="dl">'</span><span class="s1">User</span><span class="dl">'</span><span class="p">,</span> <span class="nx">userSchema</span><span class="p">);</span> </code></pre> </div> <h2> Step 4: Implement User Registration </h2> <p>Create <code>routes/userRoutes.js</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">express</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">express</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">bcrypt</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">bcryptjs</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">jwt</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">jsonwebtoken</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">User</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">../models/User</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">router</span> <span class="o">=</span> <span class="nx">express</span><span class="p">.</span><span class="nc">Router</span><span class="p">();</span> <span class="c1">// Register user</span> <span class="nx">router</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span><span class="dl">'</span><span class="s1">/register</span><span class="dl">'</span><span class="p">,</span> <span class="k">async </span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">name</span><span class="p">,</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">password</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">existingUser</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">User</span><span class="p">.</span><span class="nf">findOne</span><span class="p">({</span> <span class="nx">email</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="nx">existingUser</span><span class="p">)</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">400</span><span class="p">).</span><span class="nf">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">User already exists</span><span class="dl">'</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">hashedPassword</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">bcrypt</span><span class="p">.</span><span class="nf">hash</span><span class="p">(</span><span class="nx">password</span><span class="p">,</span> <span class="mi">10</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">User</span><span class="p">({</span> <span class="nx">name</span><span class="p">,</span> <span class="nx">email</span><span class="p">,</span> <span class="na">password</span><span class="p">:</span> <span class="nx">hashedPassword</span> <span class="p">});</span> <span class="k">await</span> <span class="nx">user</span><span class="p">.</span><span class="nf">save</span><span class="p">();</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">201</span><span class="p">).</span><span class="nf">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">User registered successfully</span><span class="dl">'</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">500</span><span class="p">).</span><span class="nf">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Server error</span><span class="dl">'</span> <span class="p">});</span> <span class="p">}</span> <span class="p">});</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="nx">router</span><span class="p">;</span> </code></pre> </div> <h2> Step 5: Implement User Login &amp; JWT Authentication </h2> <p>Add login logic in <code>userRoutes.js</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">router</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span><span class="dl">'</span><span class="s1">/login</span><span class="dl">'</span><span class="p">,</span> <span class="k">async </span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">password</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">User</span><span class="p">.</span><span class="nf">findOne</span><span class="p">({</span> <span class="nx">email</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">user</span><span class="p">)</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">400</span><span class="p">).</span><span class="nf">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Invalid credentials</span><span class="dl">'</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">isMatch</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">bcrypt</span><span class="p">.</span><span class="nf">compare</span><span class="p">(</span><span class="nx">password</span><span class="p">,</span> <span class="nx">user</span><span class="p">.</span><span class="nx">password</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">isMatch</span><span class="p">)</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">400</span><span class="p">).</span><span class="nf">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Invalid credentials</span><span class="dl">'</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">token</span> <span class="o">=</span> <span class="nx">jwt</span><span class="p">.</span><span class="nf">sign</span><span class="p">({</span> <span class="na">id</span><span class="p">:</span> <span class="nx">user</span><span class="p">.</span><span class="nx">_id</span> <span class="p">},</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">JWT_SECRET</span><span class="p">,</span> <span class="p">{</span> <span class="na">expiresIn</span><span class="p">:</span> <span class="dl">'</span><span class="s1">1h</span><span class="dl">'</span> <span class="p">});</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="nx">token</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">500</span><span class="p">).</span><span class="nf">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Server error</span><span class="dl">'</span> <span class="p">});</span> <span class="p">}</span> <span class="p">});</span> </code></pre> </div> <h2> Step 6: Protect API Routes with Middleware </h2> <p>Create <code>middleware/auth.js</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">jwt</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">jsonwebtoken</span><span class="dl">'</span><span class="p">);</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">token</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nf">header</span><span class="p">(</span><span class="dl">'</span><span class="s1">Authorization</span><span class="dl">'</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">token</span><span class="p">)</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">401</span><span class="p">).</span><span class="nf">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Access Denied</span><span class="dl">'</span> <span class="p">});</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">verified</span> <span class="o">=</span> <span class="nx">jwt</span><span class="p">.</span><span class="nf">verify</span><span class="p">(</span><span class="nx">token</span><span class="p">,</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">JWT_SECRET</span><span class="p">);</span> <span class="nx">req</span><span class="p">.</span><span class="nx">user</span> <span class="o">=</span> <span class="nx">verified</span><span class="p">;</span> <span class="nf">next</span><span class="p">();</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">400</span><span class="p">).</span><span class="nf">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Invalid Token</span><span class="dl">'</span> <span class="p">});</span> <span class="p">}</span> <span class="p">};</span> </code></pre> </div> <p>Apply middleware to <strong>protect routes</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">auth</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">../middleware/auth</span><span class="dl">'</span><span class="p">);</span> <span class="nx">router</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">/profile</span><span class="dl">'</span><span class="p">,</span> <span class="nx">auth</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Welcome to your profile</span><span class="dl">'</span> <span class="p">});</span> <span class="p">});</span> </code></pre> </div> <h2> Step 7: Test Your API with cURL or Postman </h2> <ul> <li> <strong>Register User:</strong> </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> curl <span class="nt">-X</span> POST <span class="nt">-H</span> <span class="s2">"Content-Type: application/json"</span> <span class="nt">-d</span> <span class="s1">'{"name": "John Doe", "email": "john@example.com", "password": "password123"}'</span> http://localhost:5000/api/users/register </code></pre> </div> <ul> <li> <strong>Login User:</strong> </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> curl <span class="nt">-X</span> POST <span class="nt">-H</span> <span class="s2">"Content-Type: application/json"</span> <span class="nt">-d</span> <span class="s1">'{"email": "john@example.com", "password": "password123"}'</span> http://localhost:5000/api/users/login </code></pre> </div> <ul> <li> <strong>Access Protected Route:</strong> </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> curl <span class="nt">-X</span> GET <span class="nt">-H</span> <span class="s2">"Authorization: Bearer YOUR_JWT_TOKEN"</span> http://localhost:5000/api/users/profile </code></pre> </div> <h2> Conclusion </h2> <p>You have successfully built a <strong>secure user authentication system in Node.js</strong> with <strong>JWT authentication</strong>! 🎉</p> <p>Next Steps:<br> ✅ Connect to a <strong>frontend</strong> (React/Angular/Vue)<br> ✅ Implement <strong>password reset</strong> functionality<br> ✅ Add <strong>role-based access control (RBAC)</strong></p> <p>Happy Coding! 🚀</p>