HapiJS Authentication Sample
This sample project demonstrates how to set up a user authentication API with Hapi.js using JSON Web Tokens. There are several endpoints exposed in the sample, including user login and signup, along with an example of a protected instructors
resource.
Demo API
The API for the course is served at https://user-authentication-api.now.sh/api
Installation and Running the App
Clone the repo, then:
npm install
node server.js
The app will be served at localhost:3001
.
Local Setup
To setup the API locally, you will need to run MongoDB or have an MLab instance. Create a .env
file and populate it with the following values:
SECRET_KEY=<secret_key>
MLAB_USER=<mlab_user>
MLAB_PASSWORD=<secret_key>
MLAB_DOMAIN=<domain>
MLAB_DB=<database>
Available Routes
/api/users
POST - Used for signing up a user. Accepts
username
,email
, andpassword
to create a user. Returns a JWT.
/api/users/authenticate
POST - Used for logging a user in. Accepts
user
(where you can supply a usersusername
oremail
) andpassword
to authenticate a user. Returns a JWT.
/api/users
GET - Returns all users in the database. Requires a valid JWT with an
admin
scope.
/api/user/{id}
PATCH - Updates a user. Requires a valid JWT with an
admin
scope.
/api/instructors
GET - Returns all
instructors
in the database. Requires a valid JWT.
/api/instructors/{id}
GET - Returns a specific
instructor
in the database. Requires a valid JWT.
/api/instructors
POST - Saves a new
instructor
in the database. Requires a valid JWT with anadmin
scope.
/api/instructors/{id}
DELETE - Deletes an instructor with a specific
id
. Requires a valid JWT with anadmin
scope.
/api/users/check
POST - Checks whether a user already exists or not. Useful for doing async form validation.