A prebuilt Express JS Authentication & Authorization Project based on a REST API interface.

Overview

Bellatrix Logo

BELLATRIX

A Express JS project to provide you with a starter application framework for your Node JS application with built in routes and functionalities for the authentication and authorization needs of your application. We mainly focus on the security of the authentication and authorization routes

We keep implementing all the latest security measures and best practices that are required for the application's data to remain secure and make sure data and access is available to only the ones intended to. We do the boring security stuff so that you can enjoy your time building other exciting functionalities with out worrying about the security of your application

We follow some basic rules for the security of the app.

  • We use the JWT for the authentication and authorization of the application

  • We use an approach of time based token for the authentication and authorization of the application

  • For this user gets 2 tokens after successful login. One is called access_token (valid for 15 mins) and the other is called refresh_token

  • Every time the user makes a request to a protected route, the access_token should be sent in the Authorization header

  • Everytime the access_token expires, the user can request a new access_token by sending a GET request to \token route. The refresh_token should be provided in the Authorization header of the request

While keeping an eye on the security we also focus on performance, scalability and reusablity of the code by breaking the code to small middlewares and asynchronizing the processes as much as possible. We parallelize the promises and network requests when ever possible to make the application more performant scalable and reusable.

Steps to get started

  1. Clone the Bellatrix repository.

  2. Make sure to install the latest LTS version of Node JS

  3. After navigating to the project root directory, run the following command:

    npm install
  4. Create a .env file in the root of the project. This file will contain the environment variables required for the application to run. The file should contain the following fields:

    • DB_URI - URI of the MongoDB database.
    • JWT_ACS_SECRET - Secret key for the JWT access_token
    • JWT_REF_SECRET - Secret key for the JWT refresh_token
  5. Run the following command to start the application in production mode:

    npm start
  6. To start the application in development mode, run the following command:

    npm run dev
You might also like...

DisOwen project - Makes it easy and fun to use Discord

DisOwen project - Makes it easy and fun to use Discord

DisOwen project - Makes it easy and fun to use Discord. Also first userbot for Discord

Aug 4, 2022

:heavy_dollar_sign: Vibration API Wrappers

This library was to be published hand-to-hand with my article on the Vibration API. You can also view the documentation. Does my Device Support the AP

Nov 23, 2022

🧠 100'den fazla gereksiz bilgi ile oluşturulmuş bir JSON API.

🧠 Gereksiz Bilgiler API 100'den fazla gereksiz bilgi ile oluşturulmuş bir JSON API.

Sep 23, 2022

Fullstack nest (API/Monitering/machine learning, etc)

My backend nestjs requirement nodejs v16.13.1 checkpoint [devOnly] test connection to influx for monitoring (remaining security config) [devOnly] stes

Jan 18, 2022

API routes are great for APIs, but for small projects where you have to access server data or hide application logic, you can just call a server function from the client.

API routes are great for APIs, but for small projects where you have to access server data or hide application logic, you can just call a server function from the client.

Mar 6, 2022

Building dynamic form in Angular with Fluent API

ngx-fluent-form Building dynamic form in Angular with Fluent API. Features Support using Fluent API and JSON. Type-safe form configuration.

Dec 23, 2022

This web application retrieves real live data from the SpaceX API

This web application retrieves real live data from the SpaceX API

This web application retrieves real live data from the SpaceX API. It provides commercial and scientific space travel services, by allowing users to book rockets and join selected space missions.

Aug 9, 2022

An OAuth2 Authorization Server,Based on Spring Authorization Server

🚀 id-server 一个基于Spring Authorization Server的开源的授权服务器。 概念 一些概念 OAuth2Client 客户端指的是OAuth2 Client,但又不单单是一个OAuth2 Client,连id server本身都是一个客户端。 role 角色必须依附

Dec 30, 2022

The authentication-server is a node app that handles user registration, authentication & authorization with JWT.

The authentication-server is a node app that handles user registration, authentication & authorization with JWT.

Authentication Server The authentication-server is a node app that handles user registration, authentication & authorization with JWT. Here is the REP

Jul 24, 2022

Angular 14 JWT Authentication & Authorization with Web API and HttpOnly Cookie - Token Based Auth, Router, Forms, HttpClient, BootstrapBootstrap

Angular 14 JWT Authentication & Authorization with Web API and HttpOnly Cookie - Token Based Auth, Router, Forms, HttpClient, BootstrapBootstrap

Angular 14 JWT Authentication with Web API and HttpOnly Cookie example Build Angular 14 JWT Authentication & Authorization example with Web Api, HttpO

Dec 26, 2022

Preline UI is an open-source set of prebuilt UI components based on the utility-first Tailwind CSS framework.

Preline UI is an open-source set of prebuilt UI components based on the utility-first Tailwind CSS framework.

Preline UI is an open-source set of prebuilt UI components based on the utility-first Tailwind CSS framework. Why use Preline UI? Based on the Tailwin

Jan 3, 2023

Example project implementing authentication, authorization, and routing with Next.js and Supabase

Example project implementing authentication, authorization, and routing with Next.js and Supabase

Magic Link Authentication and Route Controls with Supabase and Next.js To run this project, To get started with this project, first create a new proje

Dec 11, 2022

Prefect API Authentication/Authorization Proxy for on-premises deployments

Proxy Authorization Service for Prefect UI and Prefect CLI Prefect is a great platform for building data flows/pipelines. It supports hybrid execution

Dec 10, 2022

React Native Boilerplate - The Boilerplate contains all the basic packages, common components and, prebuilt code architecture

 React Native Boilerplate - The Boilerplate contains all the basic packages, common components and, prebuilt code architecture

The Boilerplate contains all the basic packages, common components and, prebuilt code architecture. It will save developer's project setup time.

Dec 26, 2022

Firebase Angular Skeleton - Quickly create an application with a fully functional authentication, authorization and user management system.

Firebase Angular Skeleton - Quickly create an application with a fully functional authentication, authorization and user management system.

FAngS - Firebase Angular Skeleton FAngS lets you quickly create an application with a fully functional authentication, authorization and user manageme

Sep 21, 2022

This repository aims to create a POC about authentication and authorization using NestJS, Prisma and JWT.

A progressive Node.js framework for building efficient and scalable server-side applications. Description Nest framework TypeScript starter repository

Nov 2, 2022

An Amazon Kendra REST API CDK example with an API Gateway, including authentication with AWS Cognito and AWS X-Ray Tracing

An Amazon Kendra REST API CDK example with an API Gateway, including authentication with AWS Cognito and AWS X-Ray Tracing

Amazon Kendra Web Service CDK Sample Amazon Kendra has a robust JSON API for use with the AWS SDK (software development kit), but does not expose endp

Nov 28, 2022

This is a vanilla Node.js rest API created to show that it is possible to create a rest API using only vanilla Node.js

This is a vanilla Node.js rest API created to show that it is possible to create a rest API using only vanilla Node.js. But in most cases, I would recommend you to use something like Express in a production project for productivity purposes.

Jul 19, 2022

Tutorial Project : NodeJs API Multi Authorization Middleware with JWT

Tutorial How to Create API with multi route prefixs as well as Multi Authorization in NodeJs Installation npm install .env modify database informatio

Dec 10, 2022
Owner
Soumalya Bhattacharya
Leaving in a dual state both full-stack developer and ethical hacker. I'm the creator and destroyer simultaneously
Soumalya Bhattacharya
Online Golang Struct to TypeScript Interface Converter

Golang Struct to TypeScript Interface Use this tool live! https://stirlingmarketinggroup.github.io/go2ts/ This tool converts Go structs to TypeScript

Stirling Marketing Group 42 Dec 17, 2022
A Sequelize web builder interface. To make your own sequelize schema

A Sequelize web builder interface. To make your own sequelize schema

Ulysse 5 Mar 9, 2022
A simple server application that allows you to perform Wake-on-LAN remotely with a web interface

WoL Helper A simple server application that allows you to perform Wake-on-LAN remotely with a web interface. Usage Install: npm install -g wol-helper

Hongbo 5 Jul 27, 2022
A simple stateless microservice in Nodejs, Built with Node.js, Express and Mocha

A Stateless Microservice in NodeJS, having three major functionalities - Authentication, JSON patching and Image Thumbnail Generation.

Christotle Agholor 3 Feb 26, 2022
🌳 Tiny & elegant JavaScript HTTP client based on the browser Fetch API

Huge thanks to for sponsoring me! Ky is a tiny and elegant HTTP client based on the browser Fetch API Ky targets modern browsers and Deno. For older b

Sindre Sorhus 8.5k Jan 2, 2023
Add weak event listeners from your components/classes based on WeakRefs

Add weak event listeners from your components/classes based on WeakRefs. This package handles the boilerplate for you, which isn't too much anyways but not particularly good looking.

Ashish Shubham 3 Feb 25, 2022
Folder structure-based PHP wiki documentation engine

Mad simple PHP wiki engine for auto-generating documentation webpage with it's own language

Vortex 5 Sep 5, 2022
Max is a Typescript-based Discord bot with many functionalities

Max is a Typescript-based Discord bot with many functionalities. He is both my learning curve for understanding Discord's API as well as my current passion project.

Jack Levreau 4 May 24, 2022
A Project maintaining Repository ! Hosted for Hacktoberfest 2021.

HacktoberFest 2021 Hacktoberfest encourages participation in giving back to the open source community by completing pull requests, participating in ev

Tenet Coding 20 Oct 9, 2022
This is my To-do-list project for my Javascript module at Microverse.

To do List This is a To do list project built for learning purposes. Built With HTML Bootstrap Javascript CSS HTML Webpack How to use it Clone the rep

Jonathas Tavares 4 Oct 8, 2021