User Registration API

A Node.js Express REST API for user registration built with TypeScript, featuring password hashing with bcrypt, request validation, structured logging with Winston, and comprehensive error handling.

Features

• TypeScript: Fully typed with strict TypeScript configuration
• Express.js: Fast, unopinionated web framework
• Password Security: Bcrypt hashing with salt rounds
• Request Validation: Express-validator for input validation
• Structured Logging: Winston logger with file and console transports
• Error Handling: Comprehensive error handling with custom error classes
• Input Validation: Email, password (min 8 chars with complexity), and username validation
• Duplicate Prevention: Email uniqueness checking

API Endpoint

POST /api/users/register

Register a new user account.

Request Body:

{
  "email": "user@example.com",
  "password": "SecurePass123",
  "username": "johndoe"
}

Validation Rules:

• email: Must be a valid email address
• password: Minimum 8 characters, must contain at least one uppercase letter, one lowercase letter, and one number
• username: 3-30 characters, only letters, numbers, hyphens, and underscores

Success Response (201 Created):

{
  "message": "User registered successfully",
  "user": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "email": "user@example.com",
    "username": "johndoe",
    "createdAt": "2025-11-07T12:00:00.000Z"
  }
}

Error Responses:

400 Bad Request (Validation Error):

{
  "status": 400,
  "message": "Validation failed",
  "errors": [
    {
      "field": "password",
      "message": "Password must be at least 8 characters long"
    }
  ]
}

409 Conflict (Duplicate Email):

{
  "status": 409,
  "message": "A user with this email already exists"
}

500 Internal Server Error:

{
  "status": 500,
  "message": "Internal server error"
}

Installation

1. Clone the repository:

   git clone <repository-url>
   cd AI_Assisted_Coding_Claude

2. Install dependencies:

   npm install

3. Build the project:

   npm run build

Running the Application

Development Mode (with auto-reload):

npm run dev:watch

Development Mode (single run):

npm run dev

Production Mode:

npm run build
npm start

The server will start on http://localhost:3000 by default.

Environment Variables

• PORT: Server port (default: 3000)
• NODE_ENV: Environment (development/production)
• LOG_LEVEL: Winston log level (default: info)

Testing the API

Using cURL:

Successful registration:

curl -X POST http://localhost:3000/api/users/register \
  -H "Content-Type: application/json" \
  -d '{
    "email": "john@example.com",
    "password": "SecurePass123",
    "username": "johndoe"
  }'

Validation error (weak password):

curl -X POST http://localhost:3000/api/users/register \
  -H "Content-Type: application/json" \
  -d '{
    "email": "john@example.com",
    "password": "weak",
    "username": "johndoe"
  }'

Duplicate email error:

# Register the same email twice
curl -X POST http://localhost:3000/api/users/register \
  -H "Content-Type: application/json" \
  -d '{
    "email": "john@example.com",
    "password": "SecurePass123",
    "username": "johndoe"
  }'

Health Check:

curl http://localhost:3000/health

Project Structure

.
├── src/
│   ├── config/
│   │   └── logger.ts           # Winston logger configuration
│   ├── middleware/
│   │   ├── error.middleware.ts # Global error handling
│   │   └── validation.middleware.ts # Request validation
│   ├── routes/
│   │   └── user.routes.ts      # User registration endpoint
│   ├── types/
│   │   ├── user.types.ts       # User-related TypeScript types
│   │   └── express.types.ts    # Express-related types
│   ├── utils/
│   │   ├── password.util.ts    # Password hashing utilities
│   │   └── userStorage.util.ts # In-memory user storage
│   └── index.ts                # Application entry point
├── package.json
├── tsconfig.json
└── README.md

Architecture

Layers

1. Routes Layer (src/routes/): Defines API endpoints and routes requests
2. Middleware Layer (src/middleware/): Handles validation, error handling, and logging
3. Utils Layer (src/utils/): Business logic for password hashing and user storage
4. Config Layer (src/config/): Application configuration (logger, etc.)
5. Types Layer (src/types/): TypeScript type definitions and interfaces

Security Features

• Password Hashing: Uses bcrypt with 10 salt rounds
• Input Validation: Comprehensive validation using express-validator
• Type Safety: Full TypeScript strict mode enabled
• Error Handling: Prevents information leakage in error messages
• Logging: Structured logging for security auditing

Logging

The application uses Winston for structured logging with the following transports:

• Console: Colored output for development (not in production)
• File (combined.log): All logs
• File (error.log): Error-level logs only

Log format: JSON with timestamps and metadata

Data Storage

Note: This implementation uses an in-memory storage for demonstration purposes. In a production environment, replace the userStorage utility with a proper database solution like:

• PostgreSQL with TypeORM or Prisma
• MongoDB with Mongoose
• MySQL with Sequelize

Development

TypeScript Configuration

The project uses strict TypeScript settings:

• strict: true
• noImplicitAny: true
• strictNullChecks: true
• noUnusedLocals: true
• noUnusedParameters: true

Code Style

• Use meaningful variable and function names
• Follow async/await patterns for asynchronous operations
• Implement proper error handling with try-catch blocks
• Add comprehensive logging for debugging and monitoring

Future Enhancements

• Database integration (PostgreSQL, MongoDB, etc.)
• JWT-based authentication
• Email verification
• Rate limiting
• User login endpoint
• Password reset functionality
• Profile management endpoints
• Unit and integration tests
• API documentation with Swagger/OpenAPI
• Docker containerization

License

ISC

Author

Created as part of the AI_Assisted_Coding_Claude project.