Giter Site home page Giter Site logo

sails-starter-app's Introduction

Sails starter app

A Sails starter app with sensible defaults

Get your Sails project started quicker. This starter app provides you with essential user authentication and session setup.

Out of the box:

  • User model with attributes that make sense
  • User authentication using Passport
  • "Remember Me" functionality
  • Password reset
  • CRSF protection
  • Use Kue for running background jobs (such as sending password reset instructions)
  • Separate API from "regular" routes - API routes are namespaced under /api/v1
  • All of the above are covered with tests (and you can add your own)!

Get started:

git clone [email protected]:ragulka/sails-starter-app.git
cd sails-starter-app
npm install
sails lift

Where is the login/new account etc page???

Oops, there aren't any. My idea was to provide a "view-less" starter app that only has JSON-based API. You can use POSTman - or your browser's console to issue AJAX requests.

Please note: you need to first create a user account before you can try logging in. To do that simply send a POST request to /api/v1/users with email, password, passwordConfirmation and the _csrf token. To get the csrf token, do GET /csrfToken.

After you've done this, you can try logging in with your credentials by doing

POST /session //... add your POST data (email and password)

Tests

The User model and session controller are covered by tests. You can run them with:

npm test

This starter app uses Mocha test framework (BDD style) and the wonderful Must assertion library.

If you want to add your own tests (for other models, etc), just add them to the test folder. Also note that the test databse is flushed of all data before and after running the test suite (using test/bootstrap.js).

A littlebit about the stack (components and modules used)

The starter app uses MongoDB as the database both for storing collections and sessions. Simply because I like to have full-stack Javascript/JSON... and Mongo is easy to set up.

For user authentication, it uses the wonderful Passport module by Jared Hanson. Along with it - Local and Remember Me strategy.

For password encryption, we use bcrypt.

API-key based authentication

Eventually this app will help you to authenticate requests with a user's API key, too. I plan to add HTTP Basic Authentication for this later.

A word about security

This app in no way should be considered totally secure. While it does provide you with sensible defaults by using CSRF protection and making it harder to hijack persistent session cookies, it doesn't cover other possible attack methods. Use with care. And if you find a hole, submit a PR to fix it.

sails-starter-app's People

Contributors

ragulka avatar

Watchers

James Cloos avatar Wane Little avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.