DrivenPass is a secure, production-grade password manager API built with Node.js, Express, TypeScript, and PostgreSQL. It enables users to safely store, retrieve, update, and delete credentials for various services, with robust authentication, encryption, and error handling.
🔗 Production URL: https://drivenpass-a2ns.onrender.com
✅ User Authentication
- Sign up with name, email, and password (bcrypt-hashed).
- Sign in with JWT-based authentication.
- Secure token validation middleware for protected routes.
✅ Credential Management
- Create, read, update, and delete credentials (title, url, username, password).
- Passwords are encrypted at rest using Cryptr.
- Unique credential titles per user.
- All credential operations require authentication.
✅ Account Deletion
- Users can delete their account and all associated credentials in a single operation.
✅ Validation & Error Handling
- Centralized schema validation with Joi.
- Unified error handler for all routes.
- Meaningful HTTP status codes for all error scenarios (422, 409, 404, 401, 400, etc.).
✅ Health Check
/healthendpoint for uptime monitoring.
✅ Demo User
- Database seeded with a demo user for easy testing.
- Passwords are never stored in plain text (bcrypt).
- Credential passwords are encrypted with an application secret (Cryptr).
- JWT tokens are required for all sensitive operations.
- Input validation prevents common attack vectors.
- Backend: Node.js, Express, TypeScript
- Database: PostgreSQL (managed via Prisma ORM)
- Authentication: JWT, bcrypt
- Encryption: Cryptr
- Validation: Joi
- Testing: Jest, Supertest
- Containerization: Docker, Docker Compose
- CI/CD: GitHub Actions
- Node.js 18+
- PostgreSQL (local or Docker)
- [Optional] Docker & Docker Compose
git clone https://github.com/your-username/drivenpass.git
cd drivenpassnpm installCopy .env.example to .env and fill in your secrets, or use the provided .env for local development.
Make sure PostgreSQL is running and accessible according to your .env configuration.
Run migrations and seed the demo user:
npx prisma migrate deploy
npx prisma db seednpm run devThe API will be available at http://localhost:5000.
docker compose up --buildThis will start both the backend and a PostgreSQL database (see docker-compose.yml).
The API will be available at http://localhost:5000.
You can override environment variables using a .env file or by editing the docker-compose.yml file.
- Unit & Integration:
npm run test - Coverage:
npm run test:coverage
The GitHub Actions pipeline (.github/workflows/ci-cd.yml) automates:
- Unit & Integration Tests
- Docker Build & Push to Docker Hub
- Deploy via Render Deploy Hook
Make sure to set these GitHub Secrets:
- DOCKERHUB_USERNAME, DOCKERHUB_TOKEN
- RENDER_DEPLOY_HOOK_URL
POST /sign-up— Register a new userPOST /sign-in— Authenticate and receive JWT
POST /credentials— Create credentialGET /credentials— List all credentialsGET /credentials/:id— Get credential by IDPUT /credentials/:id— Update credentialDELETE /credentials/:id— Delete credential
DELETE /erase— Delete user account and all credentials
GET /health— Returns"I'm OK"if the server is running
A demo user is seeded automatically:
{
"name": "Demo",
"email": "demo@driven.com.br",
"password": "demo123"
}Pull requests are welcome!
For major changes, please open an issue first to discuss what you'd like to change.
To contribute:
- Fork the repository
- Create a feature branch
- Commit your changes with clear messages
- Ensure tests are included if applicable
- Open a pull request
MIT © Victor Rodrigues
Project developed for Driven – Module 21. Demonstrates proficiency in Node.js, Express, TypeScript, PostgreSQL, Docker, CI/CD, error handling, API architecture, security best practices and more.