Open varma-101 opened 14 hours ago
I would like to postpone this issue for later updates, as some contributors are working on features related to auth and sessions
for now comment of issue #37 i'll assign you that for now
I would like to work on this along with @varma-101 to make work easier
@ShaikHafiza it's postponed
make sure not to give pr for this right now any pr for this one won't be accepted until the other work in this field are over
Thanks for your consideration. i will try to deliver this fast.i will discuss with @ShaikHafiza and contribute together. And could you please mention me the deadline for this pr.
There's no deadline, i will remove the postponed tag nearly by 7th october, so that things get stable by then, so then you can start working on it
Thankyou @Luson045 I'll do my best.
[IMPORTANT] consider explaining your ideas here and aligning it with others discussion #40
Implement user authentication in the Node.js and Express.js backend using Passport.js. This task involves setting up secure login and signup routes that will handle user registration, login, and session management. The implementation should follow best security practices.
Requirements: Signup Route (/signup):
Create a POST route for user registration. Use Passport.js local strategy to handle user signup. Hash user passwords using PBKDF2 with a salt and store them in the database (e.g., MongoDB). Validate input fields like username, password, and email. Return appropriate success or error messages. Login Route (/login):
Create a POST route for user login. Authenticate users using the Passport.js local strategy. Check credentials against hashed passwords stored in the database. Return appropriate error messages for invalid login attempts. Passport.js Configuration:
Set up Passport.js with the local strategy for username and password authentication. Ensure that passwords are compared securely with the stored hash using the Node.js crypto library. Use passport.serializeUser and passport.deserializeUser to manage user sessions. Session and Security:
Manage user sessions using Express-session. Ensure sessions are secured, especially in production environments (e.g., use HTTPS, secure cookies). Implement necessary middleware for session handling.