first commit
This commit is contained in:
Patrick
@@ -0,0 +1,114 @@
|
||||
# airclientauth
|
||||
|
||||
A simple, lightweight authentication system built with Node.js, Express, SQLite, and JSON Web Tokens (JWT).
|
||||
|
||||
## Features
|
||||
|
||||
- **CLI User Management**: Easily create users from the command line.
|
||||
- **First-Login Password Setup**: Users created via CLI do not have initial passwords. They set their password securely on their first login attempt.
|
||||
- **JWT Authentication**: Generates tokens for secure API communication.
|
||||
- **SQLite Storage**: Hashes and stores passwords safely using bcrypt and SQLite.
|
||||
|
||||
## Installation
|
||||
|
||||
1. Clone or download the repository.
|
||||
2. Install dependencies:
|
||||
|
||||
```bash
|
||||
npm install
|
||||
```
|
||||
|
||||
## Usage
|
||||
|
||||
### 1. Start the Server
|
||||
|
||||
To start the API server on port 3000:
|
||||
|
||||
```bash
|
||||
npm start
|
||||
```
|
||||
*(The SQLite database `users.db` will be created automatically on the first run).*
|
||||
|
||||
### 2. Create a User (CLI)
|
||||
|
||||
You can create a new user account without a password using the built-in CLI tool:
|
||||
|
||||
```bash
|
||||
npm run airclientauth -- create myusername
|
||||
```
|
||||
|
||||
### 3. API Endpoints
|
||||
|
||||
#### Login / Set Password
|
||||
**`POST /login`**
|
||||
|
||||
- **First Login (Setting the Password)**
|
||||
When a user logs in for the first time, they must provide a password to set it.
|
||||
|
||||
*Request:*
|
||||
```json
|
||||
{
|
||||
"username": "myusername",
|
||||
"password": "mynewsecurepassword"
|
||||
}
|
||||
```
|
||||
*Response:*
|
||||
```json
|
||||
{
|
||||
"status": "success",
|
||||
"message": "Password set successfully. Logged in.",
|
||||
"token": "eyJhbGciOiJIUzI..."
|
||||
}
|
||||
```
|
||||
*(Note: If you attempt to log in for the first time without a password, the server will return a `403 Forbidden` status with `{ "status": "require_password" }` to let the client know it needs to prompt the user).*
|
||||
|
||||
- **Subsequent Logins**
|
||||
Once the password is set, use the same endpoint to log in.
|
||||
|
||||
*Request:*
|
||||
```json
|
||||
{
|
||||
"username": "myusername",
|
||||
"password": "mynewsecurepassword"
|
||||
}
|
||||
```
|
||||
*Response:*
|
||||
```json
|
||||
{
|
||||
"status": "success",
|
||||
"message": "Logged in successfully",
|
||||
"token": "eyJhbGciOiJIUzI..."
|
||||
}
|
||||
```
|
||||
|
||||
#### Verify Token
|
||||
**`GET /verify`**
|
||||
|
||||
Check if a provided JWT is still valid.
|
||||
|
||||
*Request Headers:*
|
||||
```
|
||||
Authorization: Bearer <your_jwt_token>
|
||||
```
|
||||
|
||||
*Response (Valid):*
|
||||
```json
|
||||
{
|
||||
"valid": true,
|
||||
"user": "myusername"
|
||||
}
|
||||
```
|
||||
|
||||
*Response (Invalid):*
|
||||
```json
|
||||
{
|
||||
"valid": false,
|
||||
"error": "Invalid or expired token"
|
||||
}
|
||||
```
|
||||
|
||||
## Tech Stack
|
||||
- **Express**: Web framework for the API endpoints.
|
||||
- **bcryptjs**: Secure password hashing.
|
||||
- **jsonwebtoken (JWT)**: Token-based authentication.
|
||||
- **sqlite3 / sqlite**: File-based database storage.
|
||||
Reference in New Issue
Block a user