Creating a Login System with MongoDB and Node.js (Using ES6 Imports and File Structure)
File Structure:
├── index.js
├── user.js
└── checkLoggedIn.js
Dependencies
express
: Web framework for Node.jsmongoose
: Library for MongoDB object data modelingexpress-session
: To manage sessionsconnect-mongo
: MongoDB session store forexpress-session
Install the depedencies with the following command:
npm install express mongoose express-session connect-mongo bcrypt
Code Setup
index.js
- Main Server File
// index.js
import express from "express";
import mongoose from "mongoose";
import session from "express-session";
import MongoStore from "connect-mongo";
import { User } from "./user.js";
import checkLoggedIn from "./checkLoggedIn.js";
import bcrypt from 'bcrypt';
// Initialize the Express app
const app = express();
app.use(express.json());
// Connect to MongoDB
mongoose.connect("mongodb://localhost:27017/loginDemo", { useNewUrlParser: true, useUnifiedTopology: true });
// Initialize session middleware
app.use(
session({
secret: "mysecret",
resave: false,
saveUninitialized: false,
store: MongoStore.create({ mongoUrl: "mongodb://localhost:27017/loginDemo" }),
})
);
// Routes
app.post('/login', async (req, res) => {
const { username, password } = req.body;
const user = await User.findOne({ username });
if (!user) {
return res.send('Invalid username or password');
}
const isMatch = await bcrypt.compare(password, user.password);
if (isMatch) {
req.session.userId = user._id;
return res.send('Logged in successfully');
} else {
return res.send('Invalid username or password');
}
});
app.get("/logout", (req, res) => {
req.session.destroy((err) => {
if (err) {
res.status(500).send("Could not log out.");
} else {
res.send("Logout successful");
}
});
});
app.get("/protected", checkLoggedIn, (req, res) => {
res.send("This is a protected route");
});
// Start the server
app.listen(3000, () => {
console.log("Server running on http://localhost:3000/");
});
user.js
- User Schema and Model
// user.js
import mongoose from "mongoose";
import bcrypt from 'bcrypt';
const UserSchema = new mongoose.Schema({
username: String,
password: String,
});
UserSchema.pre('save', function (next) {
const user = this;
if (this.isModified('password') || this.isNew) {
bcrypt.hash(user.password, 10, (err, hash) => {
if (err) {
return next(err);
}
user.password = hash;
next();
});
} else {
return next();
}
});
export const User = mongoose.model("User", UserSchema);
checkLoggedIn.js
- Middleware to Check Login Status
// checkLoggedIn.js
const checkLoggedIn = (req, res, next) => {
if (req.session.userId) {
next();
} else {
res.status(401).send("Not authorized. Please log in.");
}
};
export default checkLoggedIn;
And that's it! You now have a modular and organized login system using MongoDB, Node.js, and Express with ES6 imports and exports. To test this, you can use tools like Postman to send HTTP requests to your server. Make sure MongoDB is running before you start your app.