This project is a backend CRUD application built with Express.js and SQLite. It includes user authentication, role-based access control, and session management.
- User authentication with JWT
- Role-based access control (Admin, SuperAdmin, Editor, User)
- Session management with automatic session timeout
- Email verification for user registration
- Logging of errors and requests
- Secure HTTP headers with Helmet
- CORS support
-
Clone the repository:
git clone https://github.com/your-username/express-api-sqlite.git cd express-api-sqlite
-
Install dependencies:
npm install
-
Set up environment variables: Create a
.env
file in the root directory and add the following variables:APP_NAME="Express_Auth" PORT=3500 APP_URL="https://localhost:3500" NODE_ENV="DEVELOPMENT" COOKIE_SECURE="false" COOKIE_SAME_SITE="Lax" SSL_CERT="ssl/selfsigned.crt" SSL_KEY="ssl/selfsigned.key" SUPER_ADMIN_EMAIL="[email protected]" SUPER_ADMIN_PASSWORD="!adminPassword123" EMAIL_HOST="localhost" EMAIL_PORT=1025 EMAIL_USER="project.2" EMAIL_PASS="secret.2" EMAIL_FROM="[email protected]" VERIFY_EMAIL_URL="https://localhost:3500/auth/verify-email" DATABASE_URL="" DATABASE_DIR="" DEFAULT_DATABASE_DIR="database" DEFAULT_DATABASE_FILE="default_database.sqlite" SESSION_TOKEN_SECRET="a7138b5f6aadacc54ae8aadfb416f2b8e8718e218c0a5d5dbb96cda05e742785" ACCESS_TOKEN_EXPIRE="30m" REFRESH_TOKEN_EXPIRE="1d" SESSION_TOKEN_EXPIRE="1hr" GITHUB_CLIENT_ID="" GITHUB_CLIENT_SECRET="" EMAIL_ENCRYPTION_KEY=9a5b7a00e88680075d447ead3350a43051a9fe55b16492447438f25b8d7e65f8 KEY_COUNT=200 ENCRYPTION_ALGORITHM=aes-256-cbc
-
Start the server:
npm run dev
- Access the API at
https://localhost:3500
- Use tools like Postman to test the endpoints
APP_NAME
: Your application namePORT
: The port your server will run onAPP_URL
: The URL of your applicationNODE_ENV
: The environment mode (DEVELOPMENT or PRODUCTION)COOKIE_SECURE
: Set cookies as httpOnly if trueCOOKIE_SAME_SITE
: SameSite attribute for cookiesSSL_CERT
: Path to your SSL certificateSSL_KEY
: Path to your SSL keySUPER_ADMIN_EMAIL
: Default SuperAdmin emailSUPER_ADMIN_PASSWORD
: Default SuperAdmin passwordEMAIL_HOST
: Email server hostEMAIL_PORT
: Email server portEMAIL_USER
: Email server userEMAIL_PASS
: Email server passwordEMAIL_FROM
: Email sender addressVERIFY_EMAIL_URL
: URL for email verificationDATABASE_URL
: URL for the databaseDATABASE_DIR
: Directory for the databaseDEFAULT_DATABASE_DIR
: Default directory for the databaseDEFAULT_DATABASE_FILE
: Default database fileSESSION_TOKEN_SECRET
: Secret for session tokensACCESS_TOKEN_EXPIRE
: Expiration time for access tokensREFRESH_TOKEN_EXPIRE
: Expiration time for refresh tokensSESSION_TOKEN_EXPIRE
: Expiration time for session tokensGITHUB_CLIENT_ID
: GitHub OAuth client IDGITHUB_CLIENT_SECRET
: GitHub OAuth client secretEMAIL_ENCRYPTION_KEY
: Key for email encryptionKEY_COUNT
: Number of keys to keep in the key rotation listENCRYPTION_ALGORITHM
: Algorithm for encryption
GET /api/users
: Get all usersPOST /api/users/add
: Add a new userPUT /api/users/:userId/update
: Update a userDELETE /api/users/:userId/del
: Delete a userGET /api/users/:userId
: Get a user by ID
This project is licensed under the ISC License.