Portfolio

User Authentication

Overview:

This is a simple User Authentication System using React on the front end and Node.js on the back end. This system allows users to register for an account, log in, and manage their session securely with JWT (JSON Web Tokens) for authentication. It includes essential features like password hashing, password confirmation, and validation to ensure the security and smooth operation of the system.

Screenshots

Key Features:

1. User Registration:

  • Users can sign up for an account by providing a username, email, password, and a confirmation password to ensure they enter their password correctly.
  • Passwords are securely hashed using bcrypt before being stored in the database, preventing unauthorized access in case of a data breach.

2. Login System:

  • Registered users can log in using their credentials (username and password). The password provided during login is compared to the hashed password stored in the database using bcrypt.compare().
  • Upon successful login, a JWT (JSON Web Token) is generated, which allows for secure session management.

3. Password Validation:

  • During sign-up, the Confirm Password field ensures that the user’s password and confirmation password match before the form can be submitted. This reduces user input errors and improves security.

4. Error Handling and Validation:

  • The system includes robust error messages and validations, such as checking if a username or email already exists during registration, or providing feedback if login credentials are incorrect.
  • Users are given clear messages, such as “Passwords do not match” during sign-up or “Invalid credentials” during login, to enhance user experience.

5. JWT-Based Authentication:

  • After a successful login, a JWT token is issued to the user, which is stored on the client side. The token is used to authenticate requests to protected routes, ensuring secure access to restricted parts of the application.

6. Security with Bcrypt:

  • Bcrypt is used to hash passwords, making it difficult for attackers to obtain the original password even if they gain access to the hashed values stored in the database.

Category:

, , ,

Tags:

, , , , ,

Links:

Leave a comment