Nodejitsu

Save time managing and deploying your node.js app. Code faster with jitsu and npm

npmawesome: user registration with lockit

About the author

Name
Location
Worldwide
nodejitsu nodejitsu

This is a guest post from Alex Gorbatchev and npmawesome.com. Nodejitsu loved what Alex was doing at npmawesome.com and is now supporting the project. Like what you see here? Why don't you contribute on Github?

So you get a really cool idea for an app or a service. You get all fired up, talk to your friends about, write down some bullet points and run that exciting git init command in an empty folder. One of the first things you are most likely to in the very near future is begin working on some kind of user login and registration process.

Of course, passport.js is great when you can leverage external authentication, but otherwise you are stuck rolling your own system… After a while you find yourself doing it over and over again. How boring! Wouldn't it be nice if somebody finally just wrote a module that you could plugin into your express app that would take care of all this user registration stuff?

Look no further than lockit (Github: zeMirco/lockit, License: MIT)! Lockit is a collection of modules written by Mirco Zeiss that helps you with initial user registraion and password management flow.

npm install lockit

Features

  1. Supports multiple database adapters (MongoDB, CouchDB, SQL).
  2. Sends confirmation emails.
  3. Manages email address verification with verification link expiration.
  4. Brings own Bootstrap based views which are easy to customize.
  5. Account locking after too many failed login attempts.
  6. Events for login, logout, signup and delete.
  7. Implementation of lots of best pratices.
  8. REST API
  9. Authentication for SPAs and CSRF support.

Usage

var Lockit = require('lockit');
var app = express();

// express middleware
// ...
// sessions are required
app.use(express.cookieParser('your secret here'));
app.use(express.cookieSession());

var config = {
  db: 'mongodb://127.0.0.1/test',
  dbCollection: 'users'
};

// use middleware before router so your own routes have access to
// req.session.email and req.session.username
var lockit = new Lockit(app, config);

// you now have all the routes like /login, /signup, etc.
// and you can listen on events. For example 'signup'
lockit.on('signup', function(user, res) {
  console.log('a new user signed up');

  // set signup.handleResponse to 'false' for this to work
  res.send('Welcome!');   
});

app.use(app.router);
// continue with express middleware
// ...

Emails

By default of course emails aren't being sent. That means that you won't receive any signup and password reset tokens. To send emails you need an email server and you have pass the right settings:

With mailgun you can send up to 10,000 emails per month for free. emailSettings - see nodemailer for more information.

config = {
  emailType: 'SMTP',
  emailSettings: {
    service: 'Mailgun',
    auth: {
      user: 'postmaster@username.mailgun.org',
      pass: 'secret-password'
    }
  }
}

Custom views

Lockit comes with built-in views which are based on Bootstrap. If you want to use your own custom views you can. It is dead simple. Put them into your views folder, for example views/lockit/myLogin.jade.

config = {
  login: {
    route: '/login',
    logoutRoute: '/logout',
    views: {
      login: 'lockit/myLogin.jade',
      loggedOut: 'lockit/myLogoutSuccess.jade'
    }
  }
}

Routes included

From lockit-signup

  • GET /signup
  • POST /signup
  • GET /signup/:token
  • GET /signup/resend-verification
  • POST /signup/resend-verification

From lockit-login

  • GET /login
  • POST /login
  • GET /logout

From lockit-forgot-password

  • GET /forgot-password
  • POST /forgot-password
  • GET /forgot-password/:token
  • POST /forgot-password/:token

From lockit-delete-account

  • GET /delete-account
  • POST /delete-account

Closing thoughts

I love how customizable lockit is and yet comes with very reasonable defaults. It has pretty much everything you need to get started with basic user registration and password management flow. Checkout lockit GitHub page for full set of options as well as its associated modules.

Other popular posts

- Scaling Isomorphic Javascript Code - Keep a node.js server up with Forever - Package.json dependencies done right - npm cheat sheet - 6 Must Have Node.js Modules Try our service
get $20