# 🔐 Login Backend with Express, AWS Lambda and Dynamo DB

Published: 1 week ago (December 19, 2025 at 12:27 PM EST)

4 min read

Source: Dev.to

A robust, scalable backend API for authentication and user management built with Node.js and Express. Features secure login/signup, role‑based access control, and seamless integration with AWS DynamoDB, Stripe, and Brevo.

✨ Features

🔐 Authentication System – Secure user registration and login with JWT tokens
👥 Role‑Based Access Control – Four‑tier role system (User, Agent, Master, Super Admin)
🔒 Password Security – Bcrypt password hashing for secure password storage
📊 DynamoDB Integration – NoSQL database operations with AWS DynamoDB
💳 Payment Processing – Stripe integration for payment handling
📧 Email Services – Brevo integration for email communications
🚀 Serverless Ready – Can be deployed as an AWS Lambda function
🛡️ Security Middleware – JWT authentication and authorization middleware
📝 Input Validation – Request validation for signup and login endpoints
🏗️ MVC Architecture – Clean separation of concerns with Models, Views, and Controllers

🛠️ Tech Stack

Component	Technology
Runtime	Node.js
Framework	Express.js
Database	AWS DynamoDB
Authentication	JWT (JSON Web Tokens)
Password Hashing	bcryptjs
Payment	Stripe
Email	Brevo (formerly Sendinblue)
Deployment	Serverless (AWS Lambda compatible)

📋 Prerequisites

Node.js (v14 or higher)
npm or yarn
AWS Account (for DynamoDB)
Stripe Account (for payment processing)
Brevo Account (for email services)

🚀 Installation

1. Clone the repository

git clone https://github.com/puffer-git/login-dynamo-db.git
cd login-dynamo-db

2. Install dependencies

npm install

3. Set up environment variables

Create a .env file in the root directory with the following variables:

# Server Configuration
ENVIRONMENT=development
PORT=4000

# JWT Configuration
JWT_SECRET=your-super-secret-jwt-key-change-this-in-production
JWT_EXPIRES_IN=7d

# AWS DynamoDB Configuration
AWSREGION=us-east-1
AWSENDPOINT=https://dynamodb.us-east-1.amazonaws.com
AWSACCESSKEYID=your-aws-access-key-id
AWSSECRETKEY=your-aws-secret-access-key

# Stripe Configuration (optional)
STRIPE_SECRET_KEY=your-stripe-secret-key

# Brevo Configuration (optional)
BREVO_API_KEY=your-brevo-api-key

4. Set up DynamoDB tables

Create a DynamoDB table named users with:

Partition Key: id (String)
Point‑in‑time recovery: enabled (recommended for production)

🏃 Running the Application

Development Mode

npm run dev

The server starts at http://localhost:4000 with auto‑reload enabled.

Production Mode

npm start

Serverless Deployment

When ENVIRONMENT=production, the application exports a serverless handler suitable for AWS Lambda deployment.

📚 API Documentation

Base URL

Development: http://localhost:4000
Production: Your deployed endpoint

Authentication Endpoints

Register a New User

POST /auth/signup
Content-Type: application/json

{
  "player_name": "johndoe",
  "email": "john@example.com",
  "password": "securePassword123",
  "name": "John Doe"   // optional
}

Response (201 Created)

{
  "success": true,
  "message": "User created successfully",
  "data": {
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
  }
}

Error Responses

409 Conflict – Player name or email already exists
400 Bad Request – Validation error
500 Internal Server Error – Server error

POST /auth/login
Content-Type: application/json

{
  "identifier": "johndoe",   // Can be email or player_name
  "password": "securePassword123"
}

Response (200 OK)

{
  "success": true,
  "message": "Login successful",
  "data": {
    "user": {
      "role": "user",
      "player_name": "johndoe",
      "email": "john@example.com",
      "name": "John Doe"
    },
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
  }
}

Error Responses

401 Unauthorized – Invalid credentials
400 Bad Request – Validation error
500 Internal Server Error – Server error

Authentication Header

For protected routes, include the JWT token in the Authorization header:

Authorization: Bearer <token>

🏗️ Project Structure

login-dynamo-db/
├── app/
│   ├── constants/
│   │   ├── roles.js          # Role definitions and hierarchy
│   │   └── tables.js         # DynamoDB table configurations
│   ├── controllers/
│   │   └── auth/
│   │       ├── login/
│   │       │   ├── login.js
│   │       │   └── loginValidation.js
│   │       └── signup/
│   │           ├── signup.js
│   │           └── signupValidation.js
│   ├── db/
│   │   ├── dynamoClient.js   # DynamoDB client configuration
│   │   └── index.js          # Database exports
│   ├── middleware/
│   │   └── auth.js
│   └── ... (other folders/files)
├── config/
│   └── ... (configuration files)
├── routes/
│   └── ... (route definitions)
├── services/
│   └── ... (business logic, e.g., Stripe, Brevo)
├── tests/
│   └── ... (unit/integration tests)
├── .env.example
├── package.json
└── README.md

Additional structure:

├── app/
│   ├── middleware/
│   │   └── auth.js               # Authentication & authorization middleware
│   ├── models/
│   │   ├── BaseModel.js           # Base model for DynamoDB operations
│   │   └── UserModel.js           # User model with business logic
│   ├── routes/
│   │   ├── auth.js                # Authentication routes
│   │   └── index.js               # Route aggregator
│   ├── utils/
│   │   └── userUtils.js           # User utility functions
│   └── index.js                   # Express app configuration
├── index.js                       # Application entry point
├── package.json
└── README.md

🔐 Role System

The application supports a four‑tier role hierarchy:

USER – Basic user role (default)
AGENT – Agent‑level permissions
MASTER – Master‑level permissions
SUPER_ADMIN – Highest level of access

Roles are checked using middleware:

authenticate – Verifies JWT token
authorize(roles) – Checks if the user has specific role(s)
requireMinimumRole(role) – Checks if the user meets a minimum role level

🧪 Development

Code Style

Follow existing code patterns.
Use meaningful variable and function names.
Add JSDoc comments for functions.
Keep functions focused and single‑purpose.

Adding New Features

Create a feature branch:

git checkout -b feature/your-feature-name

Follow the MVC architecture:
- Models → app/models/
- Controllers → app/controllers/
- Routes → app/routes/
- Middleware → app/middleware/
Add validation for user inputs.
Write clear error messages.
Test your changes thoroughly.
Submit a pull request.

🤝 Contributing

Contributions are welcome! Please follow these steps:

Fork the repository.
Create your feature branch:
```
git checkout -b feature/AmazingFeature
```
Commit your changes:
```
git commit -m 'Add some AmazingFeature'
```
Push to the branch:
```
git push origin feature/AmazingFeature
```
Open a Pull Request.

Contribution Guidelines

Write clear, readable code.
Add comments for complex logic.
Follow the existing code structure.
Test your changes before submitting.
Update documentation if needed.

📝 License

This project is licensed under the MIT License – see the LICENSE file for details.

📧 Contact

Developer: Puffer

Email: devpuffer0807@gmail.com
Telegram: @devpuffer0807

🙏 Acknowledgments

Built with Express.js
Database powered by AWS DynamoDB
Payment processing by Stripe
Email services by Brevo

⭐️ Support

If you find this project helpful, please consider giving it a star!