User Service API

Objective: Develop a comprehensive user service API using Node.js and Express, managing user creation, login, and session handling. The project transitions from initial in-memory storage to advanced persistent storage using MongoDB and Redis for enhanced performance and reliability.

Technologies Used:

  • Node.js

  • Express

  • MongoDB (mongodb package)

  • Redis (node-redis package)

  • base64url (for deterministic user ID generation)

  • uuid4 (for generating random session IDs)

Phase 1: In-Memory Storage Implementation

  1. User Management:

    • Created endpoints for user registration and login.

    • Generated user IDs deterministically using base64url.

    • Stored user data in local memory arrays/objects.

  2. Session Management:

    • Generated random session IDs using uuid4.

    • Stored session data in local memory arrays/objects.

    • Implemented basic session validation.

  3. API Endpoints:

    • Create User: Endpoint to register a new user.

    • Login: Endpoint to authenticate a user and create a session.

    • Session Validation: Verify session validity for subsequent requests.

  4. Authentication and Security:

    • Implemented basic authentication using session IDs.

    • Ensured sessions were tied to individual users.

  5. Error Handling:

    • Used standard HTTP response codes.

    • Provided relevant error messages for various failure scenarios.

Outcome: Successfully demonstrated fundamental user creation and session management using in-memory storage, setting the foundation for further enhancements with persistent storage solutions.

Phase 2: Integration with MongoDB and Redis

  1. Persistent User Storage:

    • Replaced in-memory user storage with MongoDB.

    • Stored user data in a "users" collection within a dedicated MongoDB database named "assignment3".

    • Implemented async/await for MongoDB operations to ensure efficient data handling.

  2. Enhanced Session Management:

    • Replaced in-memory session storage with Redis.

    • Stored sessions in Redis with keys formatted as sessions:<sessionKey>.

    • Implemented session expiration after 10 seconds using Redis's EXPIRE function.

    • Removed previous sessions upon user login using a lookup pattern sessionsIdsByUserId:<userId>.

  3. API Endpoints:

    • Create User: Persisted new users in MongoDB.

    • Login: Authenticated users, created sessions in Redis, managed session expiration and cleanup.

    • Session Validation: Validated active sessions stored in Redis.

  4. Error Handling:

    • Maintained use of standard HTTP response codes.

    • Returned relevant error messages for various failure scenarios.

Outcome: The project successfully integrated MongoDB for persistent user storage and Redis for robust session management. These enhancements ensured data persistence, efficient session handling, and improved overall service reliability and scalability.