Closed lctoye closed 1 month ago
As mentioned in this issue and comment, Clerk is a great solution auth solution that meets our requirements.
We can decide and change the sign up option as we please. Google seems to be the easiest provider to use, but we can switch to email and password if we'd like.
Clerk provides the sign in and sign up components, so there is no need for testing security vulnerabilities or form validation.
Description
We will implement a user registration system, allowing new users to sign up using a simple form built with React and Next.js. The user will provide their email address (which acts as their username), and a password. Upon submission of the registration form the and successful validation of the entered data, the user credentials will be sent securely over HTTPS to our Express-based backend, where passwords will be hashed and stored in our PostgreSQL database. Alternatively, if incorrect data is provided, the user will receive an error message. Successfully registering their account will redirect users to the Login page.
Acceptance Criteria
Users should be able to register for a new account using a proper email address and a secure password which adheres to our password policy.
Incorrect credentials should result in an error message.
Validated user credentials should be securely stored in our PostgreSQL database, hashing and salting passwords for security and privacy.
After successful registration, the user should receive a confirmation message and be redirected to the Login page.
Testing Criteria
To confirm security and functionality, several registration attempts will be made:
Additionally, the following security tests should be performed: