- Functionality: Implements user authentication using Passport.js with local and Google OAuth 2.0 strategies. π‘οΈπ
- Tech Stack:
Node.js
,Express.js
,MongoDB
,Passport.js
,EJS
,CSS
ππ» - Author: @shreyamalogi π©βπ»
- Year of Project: 2022 π
- Introduction
- Challenges Faced during Authentication Evolution
- Dependencies
- Navigating Project Evolution
- How to Run
- How to Start from Scratch
- License
- Contribution
This is a Node.js web application built by Shreya Malogi with Express.js, MongoDB, and Passport.js for user authentication. The application includes local authentication (username and password) and Google OAuth 2.0 authentication. ππ
-
Password Hashing Algorithm:
- Challenge: Selecting a secure password hashing algorithm.
- Solution: Started with
md5
and transitioned to the more securebcrypt
for robust password hashing. ππ
-
Passport.js Integration:
- Challenge: Integrating Passport.js for user authentication.
- Solution: Initially used
md5
andbcrypt
, later adopted Passport.js for a streamlined authentication process. π€π
-
Environment Variables Security:
- Challenge: Managing sensitive info like Google OAuth credentials.
- Solution: Used
dotenv
to securely load environment variables from a.env
file. ππ
- express: Web application framework for Node.js. π
- body-parser: Node.js body parsing middleware. π€
- ejs: Embedded JavaScript templates. π¨
- mongoose: MongoDB object modeling tool. π
- dotenv: Loads environment variables from a
.env
file. π - express-session: Session middleware for Express.js. π
- passport: Simple, unobtrusive authentication middleware for Node.js. π‘οΈ
- passport-local-mongoose: Passport.js plugin for simplifying username and password auth. π€
- passport-google-oauth20: Passport.js for authenticating with Google using OAuth 2.0.π
- mongoose-findorcreate: Mongoose plugin for simplifying the
findOneOrCreate
operation. π
To view detailed information about each commit and understand what happened at each version, you can use the git log
command without any additional filters. Here's how:
git log
ππ‘ This command will display a chronological list of all commits in your repository. Each commit entry includes information such as the commit hash, author, date, and commit message. The commit message typically provides a summary of the changes made in that commit.
Navigate through the log using the arrow keys. Press q
to exit and return to the command line.
If you want to see a condensed version of the log, you can use:
git log --oneline
π»π This will display each commit as a single line, showing only the commit hash and the first line of the commit message.
To see the changes introduced in a specific commit, you can use:
git show <commit-hash>
Replace <commit-hash>
with the actual commit hash you want to inspect. This command will display detailed information about the specified commit, including the changes made to files.
This way, you can review the commit history, understand the changes made at each version, and inspect specific commits for detailed information about the modifications introduced.πππ
Prerequisites:
- Node.js π
- npm (Node Package Manager) π¦
- MongoDB π
-
Start MongoDB Server:
- Ensure that your MongoDB server is running. If not, start it using:
Keep the
mongod
mongod
server running throughout the setup.
- Ensure that your MongoDB server is running. If not, start it using:
-
Clone the Repository:
git clone https://github.com/shreyamalogi/Full-Stack-Authentication-App.git
-
Navigate to the Project Directory:
cd <project-directory>
-
Install Dependencies:
npm install
-
Create a
.env
File:- In the root directory, create a
.env
file. - Add the following content:
Replace
CLIENT_ID=<your-google-client-id> CLIENT_SECRET=<your-google-client-secret>
<your-google-client-id>
and<your-google-client-secret>
with your Google OAuth 2.0 credentials.
- In the root directory, create a
-
Run the Application:
node app.js
-
Open Your Web Browser:
- Visit http://localhost:3000 to access the home page.
- Login and registration pages are available at http://localhost:3000/login and http://localhost:3000/register. πͺπ₯
- Google authentication is available at http://localhost:3000/auth/google. ππ
-
Register and Login:
- Click on "Register" and sign up with your
username
andpassword
. - Log in to access the brand new
secrets page
. π
- Click on "Register" and sign up with your
ππ
click here for secrets app guidelines/references
click her for secrets app overview
This project is enchanted under the spell of the MIT License. Share the magic responsibly!
MIT License
Copyright (c) 2022 Shreya Malogi
Excited about web security spells? Contribute to this magical project and make it even more secure. Don't forget to star the project! βπ