Skip to content

nico-rodriguez/authentication-app

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

126 Commits
backend
backend
 
 
frontend
frontend
 
 
images
images
 
 
README.md
README.md
 
 

Repository files navigation

Authentication App

Solution for a challenge from Devchallenges.io.

Netlify Status

Visit https://authentication-app-473ad7.netlify.app.

Features

This application/site was created as a submission to a DevChallenges challenge. The challenge was to build an application to complete the given user stories.

It features:

  • Frontend deployed on Netlify; backend on Render
  • Username/Password authentication
  • Strong password policy enforcement
  • Rate limit to account creation and profile edition
  • OAuth authentication (GitHub and Google)
  • httpOnly cookies for session management
  • Client and server code are written in a modular and highly scalable way
  • Profile images stored in Cloudinary
  • Automatic dark mode
  • Redis database for session storage
  • Query and modify local Redis entries in real-time

Note: for the GitHub OAuth to work, third-party cookies must be enabled.

Overview

Signup (desktop, light theme)

signup-desktop-light

Login (desktop, dark theme)

login-desktop-dark

Welcome page (desktop, light theme)

welcome-desktop-light

Profile (mobile, light theme)

profile-mobile-light

Profile edit (desktop, light theme)

profile-edit-desktop-light

Getting started

After grabbing a local copy of the repository, you can start the backend server in development or production mode, by issuing either npm run start:dev or npm run start respectively, from inside backend/ folder.

When using Redis database locally, the package redis-commander allows one to query and modify the entries in the database in real time.

Regarding the session, a secret must be provided to verify the authenticity of each user session (it's used to sign the session cookie).

The user data is stored in a Mongo database.

Environment variables

The application expects certain environment variables (provided values are template examples):

PORT=5000

MONGODB_URL="mongodb+srv://xxxxxxxxxxxxxxxxxxxxxxxx"

# Redis configuration only needed in development mode
REDIS_HOST="localhost"
REDIS_PORT=6379

# Secret for signing the session cookie
SESSION_SECRET="xxxxxxxxxxxxxxxxxxxxxxxx"

# OAuth
# GitHub
GITHUB_CLIENT_ID="xxxxxxxxxxxxxxxxxxxxxxxx"
GITHUB_CLIENT_SECRET="xxxxxxxxxxxxxxxxxxxxxxxx"
# Google
GOOGLE_CLIENT_ID="xxxxxxxxxxxxxxxxxxxxxxxx"
GOOGLE_CLIENT_SECRET="xxxxxxxxxxxxxxxxxxxxxxxx"

CLOUDINARY_URL="cloudinary://xxxxxxxxxxxxxxxxxxxxxxxx"

FRONTEND_URL="http://xxxxxxxxxxxxxxxxxxxxxxxx"

Deployment

It's recommended to set up two OAuth applications: one for testing and another for production. Also, environment variables may be set with values different as those of development.

For the rate limiter, a store more appropriate for production should be used (memory-store is currently used).

Built With

About

Secure authentication application (username/password and OAuth)

authentication-app-473ad7.netlify.app/

Topics

nodejs javascript css html redis oauth react-router reactjs mongoose expressjs cloudinary multer oauth-github css-flexbox react-toastify helmetjs http-only-cookies oauth-google

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages