npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

signup-service

v0.1.3

Published

signup

Readme

signup-service

A flexible, framework-agnostic TypeScript library for implementing user registration, email verification, and account activation.

signup-service provides the complete signup workflow while remaining independent of databases, web frameworks, password hashing algorithms, mail providers, and storage implementations.

Instead of forcing you to use a particular stack, the library allows you to plug in your own repository, password hasher, email sender, and verification code storage.

Main Workflow

Sign up
 │
 ▼
Verify email/phone
 │
 ▼
Activate account

Step 1: sign up

sign up
   │
   ├── check username
   ├── check contact
   ├── hash password
   ├── save user
   ├── create passcode
   ├── send email
   └── mark "code sent"

Step 2: verify email/phone and activate account

verify email/phone (by sent-code)

   │
   ▼
check passcode

   │
   ▼
activate account

Signup Detailed Workflow

User
 │
 ▼
Validate Input
 │
 ▼
Check Username
 │
 ▼
Check Contact
 │
 ▼
Hash Password
 │
 ▼
Save User
 │
 ▼
Generate Verification Code
 │
 ▼
Hash Verification Code
 │
 ▼
Store Verification Code
 │
 ▼
Send Email / SMS
 │
 ▼
User Verifies Code
 │
 ▼
Activate Account

Architecture

Validator

SignupService
│
├── Repository
├── PasscodeRepository
├── Password Comparator
├── Passcode Comparator
├── Mail Sender
└── ID Generator

SQL Repository

Mail Sender

Utilities

Everything depends on interfaces.

That's a very strong design.

                SignupService
                      │
        ┌─────────────┼─────────────┐
        │             │             │
 Repository      Comparator     Mail Sender
        │
 Passcode Repository
        │
 Verification Code Storage

Everything is injected through interfaces, allowing you to integrate with any backend technology.


Features

  • ✔ Complete signup workflow
  • ✔ Email or phone verification
  • ✔ Account activation
  • ✔ Password hashing abstraction
  • ✔ Verification code hashing
  • ✔ Configurable validators
  • ✔ Generic repository interfaces
  • ✔ SQL repository implementation included
  • ✔ Database-independent design
  • ✔ Framework-independent
  • ✔ Configurable field mapping
  • ✔ Audit fields support
  • ✔ Password expiration support
  • ✔ TypeScript-first

Installation

npm install signup-service

or

yarn add signup-service

Quick Example

import { SignupService, Validator } from "signup-service";

const validator = new Validator();

const signup = new SignupService(
    status,
    repository,
    generateId,
    passwordComparator,
    passcodeComparator,
    passcodeRepository,
    sender,
    300,
    validator.validate
);

Register a user:

await signup.signup({
    username: "john",
    password: "Password@123",
    contact: "[email protected]"
});

Verify the account:

await signup.verify(userId, verificationCode);

Core Components

SignupService

Coordinates the complete registration workflow.

Responsibilities include:

  • validating user input
  • checking duplicate usernames
  • checking duplicate contacts
  • hashing passwords
  • saving users
  • generating verification codes
  • sending verification emails
  • activating accounts

Validator

Built-in validation for:

  • username
  • email
  • phone number
  • password complexity

Validators are replaceable with custom implementations.


Repository

interface Repository<ID, T> {
    checkUsername(username: string): Promise<boolean>;
    checkContact(contact: string): Promise<boolean>;
    save(id: ID, user: T): Promise<boolean>;
    verify(id: ID): Promise<boolean>;
    activate(id: ID, password?: string): Promise<boolean>;
}

Implement this interface for any storage engine.

Examples:

  • PostgreSQL
  • MySQL
  • SQL Server
  • SQLite
  • Oracle
  • MongoDB
  • DynamoDB

Passcode Repository

Stores verification codes separately from user data.

interface PasscodeRepository<ID> {
    save(...)
    load(...)
    delete(...)
}

Supports:

  • Redis
  • SQL
  • MongoDB
  • Memory
  • Custom implementations

Comparator

Password hashing is completely pluggable.

interface Comparator {
    hash(plaintext: string): Promise<string>;
    compare(data: string, encrypted: string): Promise<boolean>;
}

Compatible with:

  • bcrypt
  • argon2
  • scrypt
  • PBKDF2
  • custom algorithms

Mail Sender

The library is mail-provider agnostic.

send(to, passcode, expireAt)

Can be integrated with:

  • SMTP
  • SendGrid
  • Amazon SES
  • Mailgun
  • Postmark
  • Azure Email
  • Custom services

SQL Repository

The package includes a reusable SQL repository implementation.

Features:

  • configurable table names
  • configurable field names
  • automatic INSERT generation
  • status updates
  • account activation
  • field mapping
  • audit fields
  • optimistic version support

Nice Design Choices

Field mapping

map

lets users map

username

   ↓

user_name

without modifying the code.

Very useful.

Tracking

createdAt
updatedAt
createdBy
updatedBy

is optional.

Good.

Version field

Supports optimistic locking style versioning.

Nice feature.

Password expiry

Supports

maxPasswordAge

Not common in npm libraries.

Configurable Field Mapping

Existing database schema?

No problem.

{
    username: "user_name",
    contact: "email_address",
    password: "password_hash"
}

No schema migration required.

Audit Fields

The SQL repository can automatically populate

  • createdAt
  • createdBy
  • updatedAt
  • updatedBy
  • version

This makes it suitable for enterprise applications.


Password Storage

Passwords are never stored in plaintext.

The library hashes passwords before persistence using the injected comparator.


Verification Codes

Verification codes are:

  • randomly generated
  • hashed before storage
  • compared securely
  • expiration-aware

The application decides where they are stored.


Status Workflow

The registration lifecycle is configurable.

Example:

REGISTERED

↓

CODE_SENT

↓

ACTIVATED

Applications may define any status values.


Password Policies

Built-in support for:

  • minimum length
  • uppercase letters
  • lowercase letters
  • numbers
  • special characters

Custom validators may also be supplied.


Utility Functions

Included helpers:

  • isEmail()
  • isPhone()
  • isUsername()
  • isPassword()
  • generate()
  • addSeconds()
  • buildConfirmUrl()

Design Goals

The library follows several design principles:

  • Dependency Injection
  • Interface-first design
  • Database independence
  • Framework independence
  • Single Responsibility Principle
  • Open/Closed Principle

Typical Use Cases

  • SaaS platforms
  • Enterprise systems
  • Banking platforms
  • Insurance platforms
  • Government systems
  • Healthcare systems
  • Internal business applications
  • Microservices
  • Serverless applications
  • REST APIs
  • GraphQL APIs

Why signup-service?

Unlike authentication frameworks that require a specific stack, signup-service focuses only on the signup and account verification workflow.

You choose:

  • your database
  • your ORM
  • your password hashing algorithm
  • your mail provider
  • your web framework

The library provides the business logic while leaving infrastructure decisions to your application.


License

MIT