Angular & Nodejs JWT Authentication fullstack | Nodejs/Express RestAPIs + JWT + BCryptjs + Sequelize + MySQL – Part 2: Build Backend

angular-nodejs-jwt-authentication-tutorial-feature-image

The tutorial is Part 2 of the series: Angular & Nodejs JWT Authentication fullstack | Nodejs/Express RestAPIs + JWT + BCryptjs + Sequelize + MySQL. Today we’re gonna build a Nodejs Authentication & Authorization RestAPIs that can interact with MySQL database.

Part 1: Overview and Architecture.
Part 3: Build Frontend

JWT Authentication with Nodejs/Express RestAPIs

Demo

Overview

angular-nodejs-jwt-authentication-architecture-diagram-back-end-server

HTTP request that matches route will be accepted by CORS Middleware before coming to Security layer.

Security layer includes:
JWT Authentication Middleware: verify SignUp, verify token
Authorization Middleware: check User’s roles

Main Business Logic Processing interacts with database via Sequelize and send HTTP response (token, user information, data based on roles…) to client.

Config Middleware & RestAPIs

– For HTTP Header, we allow x-access-token for JWT.
– When a HTTP request call /signup api, it will also be passed to checkDuplicateUserNameOrEmail() and checkRolesExisted() funtions before going to controller’s signup() funtion.
– JWT Authentication middleware with verifyToken() and role checking funtions (isPmOrAdmin, isAdmin) will be called before controller returns authorized data (based on roles).

Generate Token

Inside controller’s signin() funtion, we use sign() funtion from jsonwebtoken:

Verify Token

We get token from x-access-token of HTTP headers, then use verify() function of jsonwebtoken:

User & Roles Relationship model

We define Role & User Sequelize models as below:

angular-nodejs-jwt-authentication-tutorial-back-end-sequelize-many-to-many-user-role

Implementation of the Many-to-Many relationship:

Nodejs server for JWT Authentication example Overview

Goal

The diagram below show how our system handles User Registration and User Login processes:

angular-nodejs-jwt-authentication-example-work-process-diagram

/api/auth/signup:

angular-nodejs-jwt-authentication-tutorial-back-end-signup-result

/api/auth/signin:

angular-nodejs-jwt-authentication-tutorial-back-end-signin-result

/api/test/user:

angular-nodejs-jwt-authentication-tutorial-back-end-get-user-content-result

/api/test/pm:

angular-nodejs-jwt-authentication-tutorial-back-end-get-pm-content-result

/api/test/admin:

angular-nodejs-jwt-authentication-tutorial-back-end-get-admin-content-result

Technologies

– Nodejs/Express
– Json Web Token
– BCryptjs
– Sequelize
– MySQL

Project Structure

angular-nodejs-jwt-authentication-tutorial-back-end-project-structure

config package defines MySQL Database Configuration, JWT Secret Key & User Roles.
model package defines Role & User Sequelize models.
router package defines RestAPI URLs, verification functions for signup api, JWT verification for signin api, and authorization functions for content requested by user roles.
controller package defines process functions for each RestAPIs declared in router package.

Practice

Create Nodejs Project

Following the guide to creating a NodeJS/Express project.

Install Express, Sequelize, MySQL, Json Web Token, Bcryptjs:
$npm install express sequelize mysql2 jsonwebtoken bcryptjs --save

package.json

Create Sequelize Models
User

model/user.model.js

Role

model/role.model.js

Sequelize Database Configuration

config/env.js

config/db.config.js

More details at: Sequelize Many-to-Many association – NodeJS/Express, MySQL

Define RestAPIs Router with Middleware
RestAPIs Router

router/router.js

Middleware functions

router/verifySignUp.js

router/verifyJwtToken.js

Implement RestApis Controller

controller/controller.js

We define jwt-secret-key & User Roles in config/config.js:

Server

server.js

SourceCode

Nodejs-JWT-Authentication



By grokonez | December 10, 2018.


Related Posts


Got Something To Say:

Your email address will not be published. Required fields are marked *

*