This is the Backend for my final project at Flatiron School. This project was inspired for my passion for information security and my interest in software engineering and built over 2.5 weeks.
This is a password manager that will allow users to save login credentials for sites, create a unique password based on their needs, and check if a password has been found in a breach via HaveIBeenPwnd. It uses Bcrypt on the user login and AES encryption on the user saved credentials.
The frontend is currently hosted on Netlifly and the backend is hosted on Heroku. https://flatiron-passwordmanager.netlify.com/ is the live project for your entertainment.
- To allow users to be created
- To not allow users to use the same login name
- To allow users to create Account Groups
- To allow users to add Credential Pairs to Account Groups
- To allow users to delete Credential Pairs from Account Groups
- To allow users to delete empty Account Groups
- To allow users to check is a password has been found in HaveIBennPwnd
- To allow users to create a unique password to their needs with options of numbers and unique characters
- To allow users to logout and clear their session information
- To securly store passwords on login
- To securly store Credential Pairs with AES encryption before being send to the backend.
- Ensure that your fork and clone this repository
- Run
bundle install
to rails - Run
rails db:create
to create the database - Run
rails db:seed
to setup seed data for the database - You will need to update the .env.sample file to include your encryption keys in the respective locations. Then you can simply remove the .sample from the end of the .env.sample file and you will be able to seed your database and query the event related routes.
- Run
rails start
to run the database
- Ruby
- Rails
- Bcrypt
- Pwned
- Encryption
- Dotenv-rails
- JWT
- PostgresSQL
- Allow users to copy their created unique password into a new Account Group
- Work on ensuring users cannot input malicious code
- Make sure the key for each encryption is unique for each users and not accessable