RESTful API for authentication developed with Node.js, Express, Prisma, and Zod.
Follows a modular and secure architecture using access_token and refresh_token with JWT.
Repository: fioravante-dev/express-auth
- Node.js + Express
- TypeScript
- Prisma ORM
- Zod (schema validation)
- JSON Web Token (JWT)
- tsyringe (Dependency Injection)
- Vitest
- Docker
# Install dependencies
npm install
# Configure the database
npx prisma migrate dev --name init
# Run the server
npm run devOR run the entire API using Docker:
docker-compose upCreate a .env file at the root of the project with the following content:
DATABASE_URL=your-db-url
PORT=a-port # default 3333
JWT_ACCESS_SECRET=your-access-token-secret
JWT_REFRESH_SECRET=your-refresh-token-secretCreates a new user.
Body:
{
"email": "user@email.com",
"password": "123456",
"name": "Test User"
}Response:
{
"user": {
"id": "...",
"email": "...",
"name": "...",
"is_verified": false
},
"access_token": "...",
"refresh_token": "..."
}Authenticates a user.
Body:
{
"email": "user@email.com",
"password": "123456"
}Response:
{
"user": {
"id": "...",
"email": "...",
"name": "...",
"is_verified": false
},
"access_token": "...",
"refresh_token": "..."
}Generates a new pair of tokens from a valid refresh_token.
Body:
{
"refresh_token": "..."
}Response:
{
"access_token": "...",
"refresh_token": "..."
}Revokes the refresh_token.
Body:
{
"refresh_token": "..."
}Response:
{
"message": "Logged out successfully"
}- Role-based authorization middleware (admin, user, etc.)
- Swagger/OpenAPI documentation
- More Automated tests with Jest or Vitest
- OAuth
- More routes
Made with dedication by Pedro Fioravante
Project: ExpressAuth