This project was created mainly just for fun and for personal use.
The purpose of this project is to make implementing auth in my future projects easier. Please note that this is my first user auth project, so there may be some security vulnerabilities. Passwords are hashed with bcrypt and JWTs are used as session tokens. I wouldn't recommend using this in any production environment without auditing it first.
- NodeJS
- PostgreSQL
- Express
- Passport
- Full user registration and login.
- Uses CAPTCHA to secure endpoints. Currently supports:
- OAuth support for the following providers:
- Discord
- GitHub
- Possibly more in the future.
- JWT for auth.
- Full password reset & email verification functionality.
- Ability for users to change their email and password.
- Adding new authenticated routes is easy.
- 2FA Support
- Partial support for user avatars, currently using the user's OAuth provider account's avatar (if registering through an OAuth provider), their Gravatar avatar (if they have one linked to their email address), or a custom avatar they upload. Avatars can be stored:
- Locally
- Amazon S3