Skip to content

eritech98/Secure-Auth-System

BranchesTags

Repository files navigation

🔐 Secure Authentication App

A simple Node.js application with PostgreSQL for secure user registration and login, using bcrypt for password hashing and EJS for templating.

📌 Table of Contents

✅ Features

  • User registration with hashed passwords using bcrypt
  • Login authentication with password comparison
  • Secure PostgreSQL integration with parameterized queries
  • Simple EJS frontend templates
  • Clear error handling and user feedback
  • smtp gmail service for verificatin,reset password e.tc

🧰 Tech Stack

  • Backend: Node.js, Express
  • Database: PostgreSQL
  • Templating Engine: EJS
  • Middleware: body-parser, morgan
  • Security: bcrypt

🚀 Getting Started

  1. Clone the repository:
git clone https://github.com/your-username/secure-auth-app.git
cd secure-auth-app
  1. Install dependencies:
npm install

  1. Create views/ folder and add these .ejs files:

    • index.ejs (homepage)
    • login.ejs (login form)
    • secrets.ejs (protected page after login)

  2. Start the development server:

node index.js

Server runs on http://localhost:3000

🧱 Database Setup

  1. Open PostgreSQL CLI or pgAdmin.
  2. Create a new database:
CREATE DATABASE Secure;
  1. Create the users table:
CREATE TABLE users (
    id SERIAL PRIMARY KEY,
    email VARCHAR(255) UNIQUE NOT NULL,
    password TEXT NOT NULL
);

🌐 Available Routes

Method Route Description
GET / Home page
GET /login Login form
POST /register Register new user
POST /user-login Authenticate existing user

📸 Screenshots

All screenshots are stored in the /screenshots/ folder.

🏠 Homepage - /

Homepage

🔐 Login Page - /login

Login Page

📝 Register Page - /register

Register Page

🎉 Secrets Page - After Successful Login

Secrets Page

📁 Project Structure

secure-auth-app/
├── views/
│   ├── index.ejs
│   ├── login.ejs
│   └── secrets.ejs
├── screenshots/
│   ├── homepage.png
│   ├── login.png
│   ├── register.png
│   └── secrets.png
├── index.js
├── package.json
└── README.md

🔐 Security Notes

  • Passwords are hashed using bcrypt with 12 salt rounds.
  • SQL queries use parameterized values to prevent SQL injection.
  • In production, database credentials should not be hardcoded. Use environment variables and dotenv.

📦 Example .env File

DB_USER=postgres
DB_HOST=localhost
DB_NAME=Secure
DB_PASS=your_password
DB_PORT=5432

Then in index.js, use:

import dotenv from "dotenv";
dotenv.config();

const db = new pg.Client({
    user: process.env.DB_USER,
    host: process.env.DB_HOST,
    database: process.env.DB_NAME,
    password: process.env.DB_PASS,
    port: process.env.DB_PORT
});

📜 License

This project is licensed under the MIT License.
Feel free to use, modify, and share.

👨‍💻 Author

Erick Olando
🎓 Meteorologist & 💻 Software Developer
📫 Email: erickolando98@gmail.com
🔗 GitHub | LinkedIn

About

Secure auth system with PostgreSQL, bcrypt, Gmail SMTP for email verification, password reset, and forgot password flows.

Topics

nodejs javascript css git dotenv express schema es6 postgresql nodemon ejs nodemailer gmail-smtp ejs-templates gitbash bycrypt bycrypt-password bootstrap5

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages