simple-auth-cli

Simple Auth CLI

A robust authentication system implementation supporting multiple providers that can be integrated into your Node.js application with a single command.

Features

Authentication Methods

• Traditional Authentication

  • Email/Password registration and login
  • Password reset functionality
  • Email verification system

• OAuth2.0 Providers

  • Google
  • GitHub
  • Spotify
  • (Prepared for Facebook and Microsoft integration)

• Two-Factor Authentication (2FA)

  • WebAuthn support
  • Biometric authentication
  • Hardware security key support

Additional Security Features

• JWT-based authentication
• Refresh token rotation
• Session management
• Rate limiting
• CSRF protection
• Secure cookie handling

User Management

• Profile management
• Avatar upload and management
• Email change verification
• Username management
• Password recovery
• Account verification

Prerequisites

• Node.js (v14 or higher)
• MongoDB
• Environment variables (see Configuration section)

Installation

npx simple-auth-cli

Quick Start

• Initialize the authentication system:

npx simple-auth-cli

• Set up your environment variables in .env:

# Database
MONGODB_URI=your_mongodb_uri

# JWT
ACCESS_TOKEN_SECRET=your_access_token_secret
REFRESH_TOKEN_SECRET=your_refresh_token_secret
ACCESS_TOKEN_EXPIRY=1d
REFRESH_TOKEN_EXPIRY=10d

# OAuth Credentials
GOOGLE_CLIENT_ID=your_google_client_id
GOOGLE_CLIENT_SECRET=your_google_client_secret
GOOGLE_TOKEN_HOST=https://oauth2.googleapis.com

GITHUB_CLIENT_ID=your_github_client_id
GITHUB_CLIENT_SECRET=your_github_client_secret
GITHUB_TOKEN_HOST=https://github.com

SPOTIFY_CLIENT_ID=your_spotify_client_id
SPOTIFY_CLIENT_SECRET=your_spotify_client_secret
SPOTIFY_TOKEN_HOST=https://accounts.spotify.com

# Similarly add for other providers

# Cloudinary (for avatar storage)
CLOUDINARY_CLOUD_NAME=your_cloud_name
CLOUDINARY_API_KEY=your_api_key
CLOUDINARY_API_SECRET=your_api_secret

# Email Service
RESEND_API_KEY=your_resend_api_key

# Application
APPNAME=your_app_name
APPURL=your_app_url

API Endpoints

Authentication

• POST /api/v1/users/register - Register new user
• POST /api/v1/users/login - Login user
• POST /api/v1/users/logout - Logout user
• POST /api/v1/users/generateNewTokens - Refresh access token

OAuth

• GET /api/v1/users/oauth - Initialize OAuth flow
• GET /api/v1/users/auth/oauth/:provider/callback - OAuth callback URLs

Account Management

• POST /api/v1/users/verify - Verify email
• POST /api/v1/users/forgotPassword - Request password reset
• POST /api/v1/users/changePassword - Change password
• POST /api/v1/users/changeEmail - Change email
• POST /api/v1/users/changeUserName - Change username
• PATCH /api/v1/users/updateAvatar - Update profile picture

Two-Factor Authentication

• POST /api/v1/users/initialize2FA - Setup 2FA
• POST /api/v1/users/verify2FA - Verify 2FA
• POST /api/v1/users/verify2FALogin - Login with 2FA

Security Considerations

• All passwords are hashed using bcrypt
• JWTs are stored in HTTP-only cookies
• File upload validation
• Email verification required for critical actions

Error Handling

The system implements a centralized error handling mechanism with detailed error messages and appropriate HTTP status codes.

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

License

This project is licensed under the MIT License.