How to create a single admin user without registration and all the other stuff typically seen in an authentication workflow?

View other answers to this thread
Start a personal dev blog on your domain for free and grow your readership.

3.4K+ developers have started their personal blogs on Hashnode in the last one month.

Write in Markdown · Publish articles on custom domain · Gain readership on day zero · Automatic GitHub backup and more

Steven Ventimiglia's photo

I would recommend doing what I do... search Google for something like, "npm passport express tutorial" or "express mongo user authentication tutorial". That will always result in some awesomesauce tutorial (most often, accompanied by a git repo.)

I'm not sure, but PassportJS doesn't seem necessary for this.

Maybe just use plain user authentication, starting the app off by checking for a user via Mongoose/Express, and if there is none, just having the initial user create an account with an email and password.

Martin Conde's photo

I have been searching for the past few days but the only "lightweight" solutions I came across had the username and password hard-coded into the app which seems pretty insecure or not?

I also feel passportJS is overkill for this kind of functionality and honestly quite surprised there aren't any tutorials on it since it seems a very normal use-case scenario.

Well I suppose I just need to learn more to be able to set it up that way :) I will try n look up more stuff related to the way you put it, thanks for that :)

Steven Ventimiglia's photo

Check out my Express repo. Tear out what's not needed and redo the Profile page (which has an experimental Admin/User toggle when you click on the name of the role - plus there are RPG elements to the user model, because that's how I keep it entertaining.) lol

There's a clean and secure user registration/authentication system there, and you can just write your own Middleware to control the user registration, then access to forms, etc. Clone it, customize it, and make it your own (which is also my purpose for the repo, in general.) It also uses bcrypt for hashing/salting the passwords.

PassportJS is cool, but I honestly don't see any use for it unless you're getting into Facebook/Github/LinkedIn login options - or connecting to an API as a user. For example, I have a similar clone of the repo above, but it uses PassportJS for Steam so gamers can log into their SteamIDs and pull the related JSON files for item inventory, etc.