JWT Authentication
Assignment 3
Due before our week 10 class.
Counts for 10% of your final grade.
The brief
This is the third of three take home assignments related to building a backend web service to support a simple class list application called cListR.
In the previous assignments you built the base for the cListR RESTful API using Node.js, the Express framework and MongoDB. For this assignment you will enhance that foundation with JWT based authentication.
In addition to correctly implementing all of the requirements from the previous assignment. The application will implement the following.
Core Requirements
- Create a new
/authrouter module that will support
- creating new users
- authenticating a user
- retrieving the currently logged-in user
Make sure to redact the user's password.
The user schema should have the following properties:
Property Type Required Max Length Default firstName String true 64 lastName String true 64 email String true 512 password String true 70 isAdmin Boolean true false All API routes for the students and courses resource paths should only be accessible to authenticated users.
All
POST,PUT,PATCH, andDELETEroutes for both the students and courses resource paths should be limited to authenticated users with theisAdminflag set to true.Record each login attempt in an
authentication_attemptscollection in MongoDB. The properties of each attempt document should include:
| Property | Type | Required | Max Length |
|---|---|---|---|
| username | String | true | 64 |
| ipAddress | String | true | 64 |
| didSucceed | Boolean | true | |
| createdAt | Date | true |
DO NOT record the password or the JWT.
- Ensure that you write clean and readable code. Pay attention to:
- no runtime errors
- consistent 2 space indentation
- logical grouping of related code
- semantically descriptive names for variables and functions
- well organized project folder structure
- properly formatted
package.jsonfile- correct project name
- your author details
Logistics
- Accept this GitHub Classroom assignment invitation.
- Clone the repo to your laptop.
- Build the project on your laptop.
- Test each route with Postman.
- Make git commits as you complete each requirement
- When everything is complete, push the final commit back up to GitHub and submit the GitHub repo's URL on Brightspace.
TIP
It is a good habit to make a git commit as you complete each logical requirement. This not only tracks your progress, but protects your working code in case you later break it and need to roll back.