Session Auth Service

A small Node.js/Express backend written in TypeScript implementing a simple session-based authentication flow using MongoDB for user storage and Redis for session management. Users can sign up, log in, and authenticate requests via cookies.

Table of Contents

• Features
• Tech Stack
• Environment Variables
• Installation
• Running the Project
• API Endpoints
• Scripts
• Project Structure
• Prerequisites

Features

• User registration (/signin) with hashed passwords (bcrypt)
• User login (/login) that generates a Redis-backed session ID
• Protected endpoint (/info) that requires a valid session cookie
• MongoDB integration for persisting user credentials
• Redis for storing active sessions with expiration
• Health and root endpoints for basic checks
• Environment variable configuration via dotenv

Tech Stack

• Language: TypeScript
• Runtime: Node.js
• Web Framework: Express
• Database: MongoDB (mongoose)
• Cache/Session Store: Redis
• Utilities: bcrypt, cookie-parser, dotenv
• Development Tools: ts-node, nodemon, TypeScript

Environment Variables

Create a .env file at the root of the server folder or otherwise set the following variables:

MONGO_URI=<mongodb connection string>
PORT=5000
SALT_ROUND=<bcrypt salt rounds (e.g. 10)>
NODE_ENV=development
SESSIONID_EXP_TIME=<session TTL in seconds, default 86400>

Note: All variables are required; the application will throw an error if any are missing.

Installation

1. Clone the repository.
2. Navigate to the server directory:

   cd server

3. Install dependencies:

   npm install

4. Configure environment variables as described above.

Running the Project

• Development mode (with hot reload):

  npm run dev

  This uses nodemon and ts-node.

• Build & start:

  npm run build
  npm start

  Compiles TypeScript to dist and runs the compiled code.

The server listens on the PORT value from the environment (default 5000).

API Endpoints

Method	Path	Description	Auth Required
GET	/	Basic OK response	No
GET	/health	Health check	No
POST	/signin	Register new user (username/password)	No
POST	/login	Authenticate and set session cookie	No
GET	/info	Get authenticated user info	Yes (cookie)

Authentication Flow

1. Sign up by posting a JSON body with username and password to /signin.
2. Log in by posting the same fields to /login. On success a cookie named sID is set with a session ID stored in Redis.
3. Protected requests include the cookie; /info verifies the session and returns the username.

Scripts (defined in package.json)

• dev – start server with ts-node and nodemon
• build – compile TypeScript to JavaScript (dist folder)
• start – run the compiled code from dist

Project Structure

server/
├── package.json
├── tsconfig.json
├── @types/
│   └── express.d.ts
└── src/
    ├── index.ts
    ├── config/
    │   ├── dbConnection.ts
    │   ├── env.ts
    │   └── redisConnect.ts
    ├── controller/
    │   ├── AuthController.controller.ts
    │   ├── loginController.controller.ts
    │   └── signinController.controller.ts
    ├── middleware/
    │   └── AuthMiddleware.middleware.ts
    ├── model/
    │   └── Dbmodel.ts
    ├── routes/
    │   ├── AuthRoute.routes.ts
    │   ├── loginRoute.routes.ts
    │   └── SigninRoute.routes.ts
    └── utils/
        └── sessionId.utils.ts

Prerequisites

• Node.js (v14 or higher)
• MongoDB instance running and accessible
• Redis instance running and accessible - CLI mode
• npm or yarn package manager## Troubleshooting

Notes

• Connection errors: Verify MongoDB and Redis instances are running
• "Environment variable missing" errors: Ensure all required variables in .env are set
• Port already in use: Change the PORT environment variable or kill the process using the port