Skip to content
/ sg-login Public

A boilerplate for express auth with better-sqlite3

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

SteGriff/sg-login

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
.data
.data
 
 
logic
logic
 
 
ops
ops
 
 
public/css
public/css
 
 
sql
sql
 
 
views
views
 
 
.gitignore
.gitignore
 
 
index.mjs
index.mjs
 
 
learning.md
learning.md
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
readme.md
readme.md
 
 
results.mjs
results.mjs
 
 

Repository files navigation

sg-login

I'm making a reusable boilerplate for myself to use as the basis for Express apps with authentication.

Tech

  • ES Modules
  • Node 18
  • Nunjucks
  • Better-Sqlite3
  • Express Sessions
  • Try to do some best practices like salt and stuff
  • zxcvbn for password strength

Concepts

  • npm run migrations to run first time DB setup scripts
  • Server-side pages with progressive enhancement using petite-vue, generally.

Usage

The base system provides the following pages:

  • Index (/)
  • Login (/login)
  • Register (/register)

There are two usage styles:

  1. POST-Redirect-GET (PRG)
  2. JSON API

1. PRG

POST to the /login, /logout, or /register routes with Form Data (see example Login page). On success, you will be redirected to index with the Session User set. On failure, you'll stay on the page and the model will be a common result type with a status and message or model.

2. JSON

POST with form data or JSON data to the /api/login, /api/logout, or /api/register endpoints with e.g. {"username":"Ste","password":"Test"}.

await fetch("/api/login", {
  method: "POST",
  headers: {
    Accept: "application/json",
    "Content-Type": "application/json",
  },
  body: JSON.stringify({ username: "Ste", password: "Test" }),
});

Registration also accepts an optional email parameter (make this mandatory if you want).

You will receive a JSON response like:

{
  "status": "OK",
  "model": {
    "ID": 1,
    "Username": "Ste",
    "Email": "[email protected]"
  }
}

For failed registration, the response will have a message field, and the model field will be the complete result object from zxcvbn.

Successful registration logs you in immediately.

Get the current user with GET /api/user which will either return the user model or a 401 error.

Data

Users

Salt is 200 chars to accomodate 128 bytes to base64 (should be 172 chars)

Sqlite3

Each column in an SQLite 3 database is assigned one of the following type affinities:

  • TEXT
  • NUMERIC
  • INTEGER
  • REAL
  • BLOB

https://www.sqlite.org/datatype3.html

Download the SQLite CLI from: https://sqlite.org/download.html

Look for 'sqlite-tools-win32'

SQLite CLI docs

Run SQL

To run SQL migrations one-by-one or to run the inspections, use SQLite CLI, and, for example:

sqlite> .read sql/check-logs.sql

Operations (ops)

We have some mjs files in /ops which run things:

  • npm run migrations - runs /ops/migrations.mjs - sets up DB for first time;
  • npm run status - run /ops/status.mjs - gets stats about extant data.

About

A boilerplate for express auth with better-sqlite3

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Languages