A secure Node.js + Express.js + MongoDB based authentication service with email verification, built for scalability and future extensions like JWT authentication, login sessions, and role-based access.
- User Registration with form validation
- Profile image upload with Multer
- Email verification using Nodemailer + Gmail SMTP
- Secure password hashing with Bcrypt
- Validation middleware with Express-Validator
- Database integration with Mongoose
- API & UI-based verification flow
- Configurable environment variables with dotenv
- index.js → App entry, DB connection, server setup
- routes/ → API route definitions (
/user,/auth) - controllers/ → Core business logic for users & mail verification
- helpers/ → Mailer and validation helpers
- models/ → User model with Mongoose schema
- schemas/ → Centralized schema definitions
- public/ → Uploaded profile images
- views/ → EJS templates for verification & error pages
POST /api/user/register→ Register a new userGET /verify-mail?id=USER_ID&action=verify→ Verify email via linkPOST /verify-mail→ Trigger verification mail API
- Backend: Node.js, Express.js
- Database: MongoDB, Mongoose
- Security: Helmet, Bcrypt, Cors
- Validation: Express-Validator
- Mailer: Nodemailer with Gmail SMTP
- Templating: EJS
- User login & session handling
- Password reset via secure email link
- Role-based access control (Admin, User)
- API rate limiting & request logging
- Swagger/OpenAPI documentation
- Clone repository & install dependencies
- Add
.envfile with database URL, name, email credentials, port - Run
nodemon index.js 4800ornodemon index.js <PORT> - Access app via
http://localhost:<PORT>