An authentication system for school management system using nodejs and mysql
- Install MySQL DB.
- Create a database named school_system in it.
- Use the command "mysql -u root/<db_username> -p school_system/<db_name> < sqlDump/schoolupdated.sql".
- Change the mysql password (DB_PWD) in the .env file, set it as your db password.
- Install nodejs and npm
- Clone this repository using "git clone https://www.github.com/mohanram123/School-Auth.git"
- Change the directory to School-Auth.
- npm i
- npm start
- Keep your mysql db ready
- You can find the website on port 5000
- Google Open Authentication
- Handling SQL Injection
- XSS
- Safegaurding from malicious file uploads
This site support Google Open Authentication, which requires only the email address to grant access into a user's account, provided that the email is registered in the database. This makes logging into the account faster and more secure, as it avoids and phishing attempts.
The webpages in this school management site are secured from any Cross Site Scripting attacks, as the inputs are sanitised for the prevention of any of XSS payloads.
The login and register forms in this site are also secured from SQL injection attacks, as the inputs are sanitised of any sql injection payloads. The username and name fields (first name and last name) do not accept any special characters, remove white spaces and ensure there are no SQLI type payloads.
The site supports file uploads which check for the file's hash and check with an anti-virus database using the virus-total API, for the file's maliciousness. It can be modified to accept the required file formats and to discard certain file formats like - .exe, .php etc.