REST api related to authentication and authorization while user try to login or signup any specific application

About:

• This API help developer how to secure different api point so that any anonymous user may not take advantage of these weakness causes flood your database with invalid request or query something which lead to be access of your database and he/she able to see the confidential information which is related to user and deminish the image of the organization .

LOGIN AS ADMIN

TRY TO LOGIN USER WITHOUT ADMIN PRIVILEGES

TRY TO REMOVE SOMEONE WITHOUT ADMIN PRIVILEGES

DATABSE ENTRY

ENTER A WORNG EMAIL OR PASSWORD

PROMOTE NORMAL USER TO ADMIN

REGISTER AS ADMIN USING ADMIN PASSWORD WHICH IS GIVEN TO THEM BY ORGANIZATION

TRY TO DELETE USER WITHOUT PRIVILEGES

app.get('/',async(req,res)=>{
    res.send([{Info:"welcome to api Information page", },
     { "/api/register":"register User and admin with different privilage admin need to admin password for register"},
{"/api/login":"admin log using only through token and normal user need to send req.body having userId and password"},
{"/api/register":"register User and admin with different privilage admin need to admin password for register"},
{"modification":"update and delete the user done by admin only route are protected"},
{"/api/login/admin":"for admin"},
{"/api/login/normal":"normal user"},
{"/api/register/admin":"nee password for register as admin"},
{"/api/register/normal":"register as normal user"},
{"put request at .api/register/":"requset to pass req.body.isAdmin"},
{"delete /api/register/id":"pass id as parameter"},
{"the screenshot of testing of api are attach my github respository":"pls have a look"}])
});

• For Makeing it More secure and reliable I am still working on it .

Contributer's is Always welcome

• if anyone want to collaborate feel free to contact me or message me on linkedin :)

Regards & Welcome

Durgesh Tiwari