Skip to content

Home

Jump to bottom
Harmeet Singh edited this page Jul 25, 2025 · 1 revision

πŸ” Production-Grade Authentication Template

Welcome to the official wiki for the Production-Grade Authentication Template!
This project provides a robust, secure, and scalable foundation for authentication services built with Node.js, Express, MongoDB, and Redis.

πŸš€ Overview

This template is designed for teams and individuals who want a ready-to-use backend authentication solution with best practices for security, scalability, and developer experience.

Core Technologies:

  • Node.js (22.14.0+)
  • Express
  • MongoDB (via Mongoose)
  • Redis (via ioredis)
  • Docker (for containerization)
  • TypeScript types
  • Joi (validation)
  • Winston (logging)
  • Swagger (API docs)

✨ Key Features

  • Complete Authentication System
    User registration, email verification, JWT-based login, password reset, refresh token rotation, session management with Redis.

  • Security First Approach
    CORS, Helmet, rate limiting, MongoDB sanitization, XSS protection, secure HTTP-only cookies, Joi validation, content security policies.

  • Production Ready
    Dockerized deployment (dev/prod), Webpack bundling, environment configs, structured logging, health checks, database backup to S3, RabbitMQ integration.

  • Developer Experience
    Hot reloading, linting/formatting (ESLint, Prettier), git hooks (Husky), comprehensive tests, conventional commit messages, clear project structure.

πŸ“¦ Project Structure

πŸ—‚οΈ Folder Organization 
backend/
β”œβ”€β”€ docker/                # Docker configuration files
β”‚   β”œβ”€β”€ dev/               # Development Docker setup
β”‚   └── prod/              # Production Docker setup
β”œβ”€β”€ docs/                  # API documentation
β”‚   β”œβ”€β”€ swagger-output.json
β”‚   └── swagger.js
β”œβ”€β”€ logs/                  # Application logs
β”œβ”€β”€ nginx/                 # Nginx configuration for deployment
β”‚   β”œβ”€β”€ http.conf
β”‚   └── https.conf
β”œβ”€β”€ scripts/               # Utility scripts
β”‚   β”œβ”€β”€ cron.sh
β”‚   β”œβ”€β”€ dbBackup.js
β”‚   └── docker.sh
β”œβ”€β”€ src/                   # Source code
β”‚   β”œβ”€β”€ config/            # Configuration files
β”‚   β”œβ”€β”€ constant/          # Constants and enums
β”‚   β”œβ”€β”€ controllers/       # Request handlers
β”‚   β”œβ”€β”€ db/                # Database connection modules
β”‚   β”œβ”€β”€ helpers/           # Helper utilities
β”‚   β”œβ”€β”€ middlewares/       # Express middlewares
β”‚   β”œβ”€β”€ models/            # Mongoose models
β”‚   β”œβ”€β”€ repository/        # Data access layer
β”‚   β”œβ”€β”€ routes/            # API routes
β”‚   β”œβ”€β”€ services/          # Business logic layer
β”‚   β”œβ”€β”€ types/             # TypeScript type definitions
β”‚   β”œβ”€β”€ utils/             # Utility functions
β”‚   β”œβ”€β”€ validations/       # Input validation schemas
β”‚   β”œβ”€β”€ app.js             # Express application setup
β”‚   └── index.js           # Application entry point
└── test/                  # Test files
    β”œβ”€β”€ mockData/          # Mock data for tests
    β”œβ”€β”€ routes/            # API route tests
    β”œβ”€β”€ utils/             # Test utilities
    └── validations/       # Validation tests

πŸ›‘οΈ Security Highlights

  • JWT authentication with refresh token rotation
  • Password hashing (bcrypt)
  • Rate limiting
  • Robust input validation (Joi)
  • HTTP security headers (Helmet)
  • Secure cookies
  • Protection against NoSQL injection and XSS

πŸ—’οΈ Getting Started

Prerequisites:

  • Node.js β‰₯ 22.14.0
  • npm β‰₯ 10.7.0
  • MongoDB (latest)
  • Redis (latest)
  • Docker (optional for deployment)

Installation:

git clone https://github.com/Harmeet10000/ts-backend-production-template.git
cd ts-backend-production-template
npm install

Create a `.env.dev` file in the root directory with the following variables:

```env
# Server
NODE_ENV=development
PORT=3000
SERVER_URL=http://localhost:3000

# Database
DATABASE_URL=mongodb://localhost:27017/auth-service
REDIS_URL=redis://localhost:6379

# JWT
ACCESS_TOKEN_SECRET=your_access_token_secret
REFRESH_TOKEN_SECRET=your_refresh_token_secret
ACCESS_TOKEN_EXPIRY=900
REFRESH_TOKEN_EXPIRY=604800

# Email
EMAIL_HOST=smtp.example.com
EMAIL_PORT=587
EMAIL_USER=your_email@example.com
EMAIL_PASSWORD=your_email_password
EMAIL_FROM=noreply@yourservice.com

# Frontend
FRONTEND_URL=http://localhost:5173

# Backup Configuration
S3_BACKUP_ENABLED=true
S3_BUCKET_NAME=your-backup-bucket
AWS_REGION=us-east-1
S3_PREFIX=mongodb-backups/

πŸ› οΈ Available Scripts

πŸ“‹ NPM Commands
Command Description
npm run dev Start the development server with hot reload
npm run build Build the production bundle
npm run dev:prod Run production build with nodemon
npm start Start the production server
npm run swagger Generate Swagger documentation
npm test Run the test suite
npm run test:watch Run tests in watch mode
npm run test:coverage Run tests with coverage report
npm run lint Check code for linting errors
npm run lint:fix Fix linting errors automatically
npm run format Check code formatting
npm run format:fix Fix formatting issues automatically
npm run migrate:dev Run database migrations in development
npm run migrate:prod Run database migrations in production

πŸ§ͺ Testing

🧠 Test Commands

Run all tests:

npm test

Run tests in watch mode:

npm run test:watch

Generate test coverage report:

npm run test:coverage

🀝 Contributing

πŸ“œ Contribution Guidelines
  1. Fork the repository
  2. Create your feature branch (git checkout -b feature/amazing-feature)
  3. Commit your changes (git commit -m 'feat: add some amazing feature')
  4. Push to the branch (git push origin feature/amazing-feature)
  5. Open a Pull Request

πŸ“„ License

This project is licensed under the ISC License - see the LICENSE file for details.

⭐ Star this repository if you find it useful! ⭐

Created with ❀️ by Harmeet Singh

⬆️ Back to top ⬆️

Clone this wiki locally