Too Long; Didn't Read
Express-js Boilerplate with user authentication system for Expressjs. It uses MySql for user data, and as a session store, too. The authentication system includes: User registration, login based on passport. Forgot – reset password functionality is valid for 1 hour. “Remember me” cookie value, and the “forgot password” key, are treated as passwords, because they are in fact equivalent to passwords. XSRf protection is taken from Brad Traversy’s presentation.