Skip to content

Aryan3522/Auth-Application

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

53 Commits
assets
assets
Β 
Β 
config
config
Β 
Β 
controllers
controllers
Β 
Β 
middleware
middleware
Β 
Β 
models
models
Β 
Β 
routes
routes
Β 
Β 
utils
utils
Β 
Β 
views
views
Β 
Β 
.gitignore
.gitignore
Β 
Β 
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 
SECURITY.md
SECURITY.md
Β 
Β 
package-lock.json
package-lock.json
Β 
Β 
package.json
package.json
Β 
Β 
server.js
server.js
Β 
Β 

Repository files navigation

πŸ” User Status Toggle API

A secure, production-ready REST API built with Node.js, Express.js, and MongoDB that enables authenticated users to perform bulk status operations across the entire user base.

πŸ“Έ Application Preview

Desktop View Mobile View

πŸ“Œ Overview

The User Status Toggle API demonstrates:

πŸ” Secure JWT authentication

⚑ Optimized bulk database operations

🧱 Scalable REST architecture

πŸ— Layered backend structure

🀝 Open-source contribution readiness

The system allows authenticated users to toggle the status of all users in a single atomic operation using MongoDB bulk updates.

πŸš€ Core Capabilities

βœ… User Registration

πŸ”‘ Secure Login with JWT

πŸ”’ Password Hashing via bcrypt

πŸ›‘ Protected Routes via Middleware

πŸ”„ Bulk Status Toggle (Active ↔ Inactive)

πŸ“Š MongoDB Aggregation Support

🧩 Clean Controller-Based Structure

βš™οΈ Production-ready configuration model

🧠 Bulk Toggle Logic

When the toggle endpoint is triggered:

If the majority of users are active β†’ all users become inactive

If the majority of users are inactive β†’ all users become active

βœ” Executed via a single bulk update
βœ” Optimized for scalability
βœ” Designed for production reliability

πŸ— System Architecture

Client
   β”‚
   β–Ό
Express Router
   β”‚
   β–Ό
Controller Layer
   β”‚
   β–Ό
MongoDB (via Mongoose)

πŸ“ Project Structure

β”œβ”€β”€ src/
β”‚   β”œβ”€β”€ controllers/
β”‚   β”œβ”€β”€ models/
β”‚   β”œβ”€β”€ routes/
β”‚   β”œβ”€β”€ middleware/
β”‚   └── app.js
β”œβ”€β”€ .env
β”œβ”€β”€ package.json
└── README.md

πŸ›  Technology Stack

Layer Technology
Runtime Node.js
Framework Express.js
Database MongoDB
ODM Mongoose
Authentication JWT
Security bcrypt

βš™οΈ Installation & Setup

1️⃣ Clone Repository

git clone https://github.com/your-username/Auth-Application.git <br/>
cd Auth-Application

2️⃣ Install Dependencies

npm install

3️⃣ Configure Environment Variables

Create a .env file in the root directory:

PORT=5000
MONGO_URI=your_mongodb_uri
JWT_SECRET=super_secure_jwt_secret

πŸ”Ž Environment Variables Explained

Variable Description
PORT Application runtime port
MONGO_URI MongoDB connection string (local or cloud)
JWT_SECRET Secret key used for signing JWT tokens

4️⃣ Start Application

npm start
Server will be available at:
http://localhost:5000

πŸ”— API Endpoints

πŸ“ User Signup

POST /api/auth/signup
{
  "email": "john@example.com",
  "password": "password123"
}

πŸ” User Login

POST /api/auth/login
{
  "email": "john@example.com",
  "password": "password123"
}

Returns:

{
  "token": "jwt_token_here"
}

⚑ Toggle All Users Status

POST /api/users/toggle-status

Requires header:

Authorization: Bearer <jwt_token>

Performs a bulk update across all user records.

πŸ”’ Security Model

πŸ” Passwords hashed using bcrypt

πŸ›‘ JWT secures protected routes

🧠 Middleware validates tokens before controller execution

πŸ”‘ Secrets stored only in environment variables

🚫 No sensitive data stored in source code

πŸ§ͺ Expected Flow

User registers

User logs in β†’ receives JWT

User calls protected toggle endpoint

All users’ statuses flip via bulk update

πŸ“¦ Production Considerations

Before deploying:

Use a strong JWT secret

Use a secure MongoDB URI

Enable HTTPS in production

Configure proper logging

Validate environment variables

Implement rate limiting (recommended)

Add input validation middleware

🀝 Contributing

This repository is open to contributions.

You can contribute to:

πŸš€ Backend performance improvements

πŸ” Security hardening

🎨 UI enhancements

πŸ§ͺ Test coverage

πŸ“¦ DevOps improvements

πŸ“˜ Documentation clarity

🧱 Architecture refactoring

πŸ“Œ Contribution Workflow

1️⃣ Fork the repository

2️⃣ Create a feature branch

git checkout -b feature/your-feature-name

3️⃣ Implement changes

4️⃣ Test thoroughly

5️⃣ Submit a Pull Request

βœ… Production Validation Requirement

Before submitting a PR:

βœ” Ensure authentication flow works

βœ” Ensure toggle logic remains correct

βœ” Ensure no breaking API changes

βœ” Test with a real MongoDB instance

βœ” Confirm environment variables are not hardcoded

βœ” Validate proper error handling

βœ” Confirm no sensitive data exposure

All contributions must maintain production stability.

πŸ“’ Opening Issues

Currently, there are no open issues.

If you would like to:

Improve UI

Enhance server logic

Add new features

Refactor architecture

Please open an issue first to discuss your proposal before implementation.

Collaborative discussion ensures consistency and quality.

πŸ“ˆ Roadmap

Planned Improvements:

πŸ”„ Role-based Access Control (Admin/User)

πŸ“Š Analytics Dashboard

πŸ§ͺ Unit & Integration Testing

πŸ“˜ Swagger / OpenAPI Documentation

🐳 Docker Support

πŸ” CI/CD Pipeline Integration

πŸ“‘ Logging & Monitoring

πŸ›‘ Rate Limiting & Security Enhancements

πŸ‘¨β€πŸ’» Maintainer

Aryan Hooda

Full Stack Developer | Software Engineer

⭐ Support

If this project helps you:

Give it a ⭐ on GitHub.

Contributions, feedback, and architectural suggestions are welcome.

About

auth-application-yhld.onrender.com/

Topics

nodejs open-source security mongodb mongoose rest-api expressjs bcrypt production-ready jwt-authentication authentication-api backend-architecture

Resources

Readme

License

MIT license

Security policy

Security policy
Activity

Stars

0 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages