Authentication

Authentication Setup

Learn how to enable and configure JWT authentication in your Charcole project with optional module installation.

What is Charcole Authentication?

Charcole v2.1 introduces an optional JWT authentication module, a complete, production-ready authentication system that you can include with a single click during project creation.

This isn't just another auth library. It's a fully integrated system with:

User registration & login
JWT token generation & validation
Password hashing with bcrypt
Protected route middleware
Ready-to-use API endpoints
In-memory user repository for instant testing

The best part? It's completely optional. You choose whether to include it when creating your project.

Installation During Project Creation

The easiest way to get authentication in your Charcole project is to enable it during creation:

npx create-charcole@latest your-project-name

During the interactive setup, you'll be asked:

? Language: [TypeScript/JavaScript]
? Include JWT authentication module? [Yes/No]  ← Choose Yes

If you select Yes, Charcole will:

Copy the entire authentication module to your project
Set up all necessary configuration files
Create necessary auth endpoints ready to use

Your project structure will include:

src/modules/auth/ ├── auth.controller.ts ├── auth.middleware.ts ├── auth.routes.ts ├── auth.constants.ts ├── auth.service.ts └── auth.schemas.ts

Environment Configuration

Charcole's authentication module validates all environment variables on startup. Create or update your .env file with these settings:

Required Environment Variables

# Minimum required for authentication
JWT_SECRET=your-secret-key-here

Testing Your Setup (Quick Test Without Database)

One of Charcole's unique features is that you can test authentication immediately, without any database setup.

Start your server:

npm run dev

Then test the endpoints:

1. Register a User

curl -X POST http://localhost:3000/api/auth/register \
  -H "Content-Type: application/json" \
  -d '{
    "email": "test@example.com",
    "password": "SecurePassword123",
    "name": "Test User"
  }'

curl -X POST http://localhost:3000/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "test@example.com",
    "password": "SecurePassword123"
  }'

3. Access Protected Route

curl -X GET http://localhost:3000/api/auth/me \
  -H "Authorization: Bearer YOUR_TOKEN_HERE"

Available Authentication Endpoints

Once setup is complete, you'll have these RESTful endpoints:

Public Endpoints (No authentication required)

POST /api/auth/register Create a new user account POST /api/auth/login Authenticate and receive JWT token

Protected Endpoint

GET /api/auth/me Get current authenticated user

Why This Setup Matters

Charcole's authentication setup is designed to be:

Production-ready from day one
Modular - include only what you need
Testable - works without database
Secure - follows JWT best practices
Maintainable - clean separation of concerns

You're not just adding authentication. You're adding a complete auth system that scales with your application.

Ready to Secure Your API?

With Charcole's authentication module, you've eliminated weeks of setup time. You now have:

✅ User registration & login
✅ JWT token management
✅ Protected routes
✅ Password security
✅ No database dependency for testing

Your API is now secure and ready for real users.

Edit this pageorReport an issue

Repositories

Learn what repositories mean in Charcole and why they are one of the most powerful parts of the architecture.

JWT Configuration

Deep dive into JWT configuration options in Charcole - customize tokens, security settings, and authentication behavior.