
- Add multer, mime-types, and sharp packages for file handling - Create upload middleware with file validation and security - Implement file and avatar upload controllers - Add image processing with automatic avatar resizing to 200x200px - Create upload routes for multiple file types and avatars - Configure storage locations in /app/storage/uploads and /app/storage/avatars - Add file type validation (images, PDFs, documents) - Implement file size limits (10MB general, 5MB avatars) - Add protected and public endpoints for file management - Update README with comprehensive upload API documentation New endpoints: - POST /api/v1/upload/files - Upload multiple files (protected) - POST /api/v1/upload/avatar - Upload user avatar (protected) - GET /api/v1/upload/files - List files (protected) - GET /api/v1/upload/files/:filename - Download file (public) - GET /api/v1/upload/avatars/:filename - Get avatar (public) - DELETE /api/v1/upload/files/:filename - Delete file (protected)
4.5 KiB
4.5 KiB
User Authentication Service
A Node.js Express-based user authentication service with JWT token authentication and SQLite database.
Features
- User registration and login
- JWT token-based authentication
- Password hashing with bcryptjs
- SQLite database with Sequelize ORM
- File upload functionality with multer
- Image processing and avatar uploads
- Input validation with express-validator
- Rate limiting and security headers
- CORS enabled for all origins
- Health check endpoint
- Environment-based configuration
Environment Variables
Create a .env
file in the root directory with the following variables:
NODE_ENV
: Environment (development/production)PORT
: Server port (default: 3000)JWT_SECRET
: JWT secret key for token signing (required for production)JWT_EXPIRES_IN
: Token expiration time (default: 24h)
Copy .env.example
to .env
and update the values:
cp .env.example .env
Installation
- Install Node.js dependencies:
npm install
- Set up environment variables:
cp .env.example .env
- Start the application in development mode:
npm run dev
Or start in production mode:
npm start
API Endpoints
Public Endpoints
GET /
- Service informationGET /health
- Health checkPOST /api/v1/auth/register
- User registrationPOST /api/v1/auth/login
- User login
Protected Endpoints (require Bearer token)
GET /api/v1/users/me
- Get current user infoGET /api/v1/users/profile
- Get user profilePUT /api/v1/users/profile
- Update user profileDELETE /api/v1/users/deactivate
- Deactivate user account
File Upload Endpoints
POST /api/v1/upload/files
- Upload multiple files (protected)POST /api/v1/upload/avatar
- Upload user avatar (protected)GET /api/v1/upload/files
- List uploaded files (protected)GET /api/v1/upload/files/:filename
- Download specific file (public)GET /api/v1/upload/avatars/:filename
- Get avatar image (public)DELETE /api/v1/upload/files/:filename
- Delete file (protected)
Usage Examples
- Register a new user:
curl -X POST "http://localhost:3000/api/v1/auth/register" \
-H "Content-Type: application/json" \
-d '{"email": "user@example.com", "password": "password123"}'
- Login to get access token:
curl -X POST "http://localhost:3000/api/v1/auth/login" \
-H "Content-Type: application/json" \
-d '{"email": "user@example.com", "password": "password123"}'
- Access protected endpoint:
curl -X GET "http://localhost:3000/api/v1/users/me" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
- Update user profile:
curl -X PUT "http://localhost:3000/api/v1/users/profile" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{"email": "newemail@example.com"}'
- Upload files:
curl -X POST "http://localhost:3000/api/v1/upload/files" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-F "files=@/path/to/file1.pdf" \
-F "files=@/path/to/file2.jpg"
- Upload avatar:
curl -X POST "http://localhost:3000/api/v1/upload/avatar" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-F "avatar=@/path/to/avatar.jpg"
- List uploaded files:
curl -X GET "http://localhost:3000/api/v1/upload/files" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
Development
Available Scripts
npm start
- Start the production servernpm run dev
- Start development server with nodemonnpm run lint
- Run ESLintnpm run lint:fix
- Run ESLint with auto-fix
Project Structure
src/
├── config/ # Database configuration
├── controllers/ # Route controllers
│ ├── authController.js
│ ├── userController.js
│ └── uploadController.js
├── middleware/ # Custom middleware
│ ├── auth.js
│ └── upload.js
├── models/ # Sequelize models
├── routes/ # Express routes
│ ├── auth.js
│ ├── users.js
│ └── upload.js
├── utils/ # Utility functions
└── server.js # Main server file
File Upload Details
Supported File Types:
- Images: JPEG, JPG, PNG, GIF, WebP
- Documents: PDF, TXT, DOC, DOCX
Upload Limits:
- General files: 10MB per file, max 5 files
- Avatar images: 5MB per file, max 1 file
- Avatar images are automatically resized to 200x200px
Storage Locations:
- General files:
/app/storage/uploads/
- Avatar images:
/app/storage/avatars/