⚙️ Installation
- Clone the repository:
1git clone https://github.com/ishanjarwal/passport-authentication - Install dependencies:
1cd client 2npm install 3 4cd ../server 5npm install - Add environment variables:
1# /server 2# Server port 3PORT=8080 4 5# Frontend origin for CORS 6FRONTEND_HOST=http://localhost:3000 7 8# MongoDB connection string 9DB_URL="" 10 11# Bcrypt salt rounds for password hashing 12SALT_ROUNDS= 13 14# SMTP username (your email address) 15EMAIL_USER= 16 17# Email address that appears in the "from" field 18EMAIL_FROM= 19 20# SMTP password or application-specific password 21EMAIL_PASSWORD= 22 23# SMTP port (usually 587 for TLS) 24EMAIL_PORT=587 25 26# SMTP provider hostname (e.g., Gmail) 27EMAIL_PROVIDER=smtp.gmail.com 28 29# JWT secret for access tokens 30JWT_ACCESS_TOKEN_SECRET= 31 32# JWT secret for refresh tokens 33JWT_REFRESH_TOKEN_SECRET= 34 35# JWT secret used for password reset links 36JWT_PASSWORD_RESET_SECRET= 37 38# Application environment (development | production) 39ENVIRONMENT=development 40 41# Google OAuth variables from cloud console 42GOOGLE_CLIENT_ID= 43GOOGLE_CLIENT_SECRET= 44 45# /client 46NEXT_PUBLIC_BASE_URL=http://localhost:8080/api/v1 47 - Start both development servers:
1npm run dev # in both /client and /server directories
🔌 API Reference
Create User
POST /user/
Sample Request Body:
1{
2"name": "John Doe",
3"email": "john@example.com",
4"password": "securePassword123"
5}Sample Success Response:
1{
2"status": "success",
3"message": "User created. Verification email sent."
4}Sample Error Response:
1{
2"status": "error",
3"message": "Validation error or rate limit exceeded"
4}Verify Email
POST /user/verify-email
Sample Request Body:
1{
2"email": "john@example.com",
3"otp": "1234"
4}Sample Success Response:
1{
2"status": "success",
3"message": "Account verified successfully."
4}Sample Error Response:
1{
2"status": "error",
3"message": "Invalid or expired OTP"
4}Resend OTP
POST /user/resend-otp
Sample Request Body:
1{
2"email": "john@example.com"
3}Sample Success Response:
1{
2"status": "success",
3"message": "OTP resent to your email."
4}Sample Error Response:
1{
2"status": "error",
3"message": "Rate limit exceeded / No Users found"
4}Login
POST /user/login
Sample Request Body:
1{
2"email": "john@example.com",
3"password": "securePassword123"
4}Sample Success Response:
1{
2"status": "success",
3"message": "Login successful",
4"body": {
5 "_id": "2893fhw8e8sda",
6 "name": "John Doe",
7 "email": "john@example.com"
8 }
9}Sample Error Response:
1{
2"status": "error",
3"message": "Invalid credentials"
4}Request Password Reset
POST /user/reset-password
Sample Request Body:
1{
2"email": "john@example.com"
3}Sample Success Response:
1{
2"status": "success",
3"message": "Password reset email sent."
4}Sample Error Response:
1{
2"status": "error",
3"message": "Email not found or rate limit exceeded"
4}Reset Password (with Token)
POST /user/reset-password/:token
Sample Request Body:
1{
2"password": "newSecurePassword123",
3"password_confirmation": "newSecurePassword123",
4}Sample Success Response:
1{
2"status": "success",
3"message": "Password updated successfully."
4}Sample Error Response:
1{
2"status": "error",
3"message": "Invalid or expired token"
4}Get Profile
GET /user/me
Sample Success Response:
1{
2"status": "success",
3"message": "User data fetched.",
4"body": {
5 "_id": "2893fhw8e8sda",
6 "name": "John Doe",
7 "email": "john@example.com",
8 "bio": "Hey there, I am a coder."
9 }
10}Sample Error Response:
1{
2"status": "error",
3"message": "Unauthorized or token expired"
4}Logout
GET /user/logout
Sample Success Response:
1{
2"status": "success",
3"message": "User logged out."
4}Sample Error Response:
1{
2"status": "error",
3"message": "Unauthorized or token expired"
4}Change Password
POST /user/change-password
Sample Request Body:
1{
2"password": "12345678",
3"password_confirmation": "12345678"
4}Sample Success Response:
1{
2"status": "success",
3"message": "Password changed successfully."
4}Sample Error Response:
1{
2"status": "error",
3"message": "passwords don't match "
4}Update User
PUT /user/
Sample Request Body:
1{
2"name": "New Name",
3"bio": "New Bio",
4}Sample Success Response:
1{
2"status": "success",
3"message": "Profile updated."
4}Sample Error Response:
1{
2"status": "error",
3"message": "Validation failed or unauthorized"
4}