Skip to content

Add JWT authentication with password reset and 15 coding problems, and Google OAuth#55

Open
Aishwarya011k wants to merge 3 commits intoosl-vvce:masterfrom
Aishwarya011k:main
Open

Add JWT authentication with password reset and 15 coding problems, and Google OAuth#55
Aishwarya011k wants to merge 3 commits intoosl-vvce:masterfrom
Aishwarya011k:main

Conversation

@Aishwarya011k
Copy link
Contributor

@Aishwarya011k Aishwarya011k commented Feb 17, 2026
edited
Loading

📋 Description

✨ What's Included

Authentication System

  • User signup with email validation
  • Secure login with JWT tokens (7-day expiration)
  • Password hashing with bcrypt (10 rounds)
  • Protected user profile endpoint
  • Logout functionality

Password Reset

  • Forgot password email request
  • Secure token generation and hashing
  • 15-minute token expiration
  • SendGrid email integration with fallback
  • Password update functionality

Coding Problems

  • 15 problems across 5 test categories
  • 5 test cases per problem (75 total)
  • 3 difficulty levels: Easy, Medium, Hard
  • Multi-language support: JavaScript, Python, Java, C, C++

🧪 How to Test

Prerequisites

  • Node.js 14+
  • PostgreSQL 12+
  • SendGrid API key (optional)

Setup Steps

  1. Install dependencies

    npm install
cd server && npm install && cd ..

  2. Create database

    psql -U postgres
CREATE DATABASE "coding-platform";

  3. Create server/.env

    PORT=3001
NODE_ENV=development
DATABASE_URL=postgresql://postgres:YOUR_PASSWORD@localhost:5432/coding-platform
JWT_SECRET=dev-secret-key
SENDGRID_API_KEY=your-key-optional
EMAIL_FROM=Coding Platform <noreply@codingplatform.com>
FRONTEND_URL=http://localhost:3000

# Google OAuth Configuration
GOOGLE_CLIENT_ID=your-google-client-id.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=your-google-client-secret

  4. Start backend (Terminal 1)

    cd server && npm run dev

    Expected: ✅ Server listening on port 3001

  5. Start frontend (Terminal 2)

    npm start

    Expected: App opens at http://localhost:3000

Test Cases

Test 1: Sign Up

  • Click "Sign in" → "Create new account"
  • Enter name, email, password
  • Verify: Account page shows user info

Test 2: Sign In

  • Enter email and password
  • Verify: Logged in, profile visible

Test 3: Google OAuth Sign In

  • Click "Continue with Google"
  • Complete Google authentication
  • Verify: Logged in with profile picture and "Signed in with Google"

Test 4: Account Linking

  • Sign up with email/password
  • Sign out, then sign in with Google using same email
  • Verify: Account linked, both methods work

Test 5: View Profile

  • After login, verify name and email displayed
  • For Google users: verify profile picture shows

Test 6: Forgot Password

  • Click "Forgot password?" → Enter email
  • Verify: Reset link appears in terminal/email
  • Note: Only works for email/password users

Test 7: Reset Password

  • Use reset link, enter new password
  • Verify: Login works with new password

Test 8: View Problems

  • After login, scroll to "Browse Problems"
  • Verify: All 15 problems visible with difficulty levels

🔒 Security

✅ Passwords encrypted with bcrypt (10 rounds)
✅ JWT tokens expire after 7 days
✅ Reset tokens expire after 15 minutes
✅ Google OAuth 2.0 secure authentication
✅ Account linking prevents duplicate accounts
✅ Profile data securely retrieved from Google
✅ .env file gitignored (no secrets exposed)
✅ SQL injection prevented (parameterized queries)
✅ Input validation on all endpoints
✅ Helmet security headers enabled
✅ CORS configured

📊 Database Schema

CREATE TABLE users (
  id SERIAL PRIMARY KEY,
  name VARCHAR(100),
  email VARCHAR(100) UNIQUE NOT NULL,
  password VARCHAR(255),
  google_id VARCHAR(255),
  profile_picture TEXT,
  auth_provider VARCHAR(20) DEFAULT 'local',
  password_reset_token VARCHAR(255),
  password_reset_expiry TIMESTAMP,
  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
  updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);

New OAuth Fields:

  • google_id: Google OAuth unique identifier
  • profile_picture: User's profile image URL
  • auth_provider: "local" or "google" (determines auth method)

🎯 API Endpoints

Method Path Protected Description
POST /api/auth/signup No Register new user
POST /api/auth/signin No Login, get JWT token
POST /api/auth/signout No Logout
GET /api/auth/profile Yes Get user profile
POST /api/auth/forgot-password No Request password reset
POST /api/auth/reset-password No Complete password reset
GET /api/auth/google No Initiate Google OAuth
GET /api/auth/google/callback No Handle Google OAuth callback

✅ Conclusion

This PR introduces a complete authentication system with secure password reset functionality, 15 comprehensive coding problems, and seamless Google OAuth integration. Users can now register, login securely with email/password or Google, reset forgotten passwords, and access coding challenges.

@Aishwarya011k
feat: Implement user authentication and email verification
b73c52e 
- Added user signup and login endpoints with JWT authentication.
- Integrated email verification and password reset functionality using OTP.
- Created a SQLite database schema for users, submissions, and OTPs.
- Implemented email sending via SMTP and SendGrid.
- Updated frontend to handle authentication states and user account management.
- Added components for user authentication forms and account details.
- Included environment configuration for sensitive data.
@Aishwarya011k
feat: add ResetPassword component for password reset functionality
9ca60f4 
feat: create problems.js file with various coding problems and templates

feat: implement authService for user authentication and password management
@Aishwarya011k
feat: Implement Google OAuth authentication
1a70ce2 
- Added passport and passport-google-oauth20 dependencies for Google OAuth integration.
- Updated user model to include google_id, profile_picture, and auth_provider fields.
- Modified signup and signin controllers to handle local and Google OAuth users.
- Created Google OAuth routes and controllers for redirecting and handling callbacks.
- Enhanced user profile retrieval to include OAuth-related fields.
- Updated frontend components to support Google sign-in and display user profile information.
- Implemented JWT generation for authenticated users via Google OAuth.
@Aishwarya011k Aishwarya011k changed the title Add JWT authentication with password reset and 15 coding problems Add JWT authentication with password reset and 15 coding problems, and Google OAuth Feb 21, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Aishwarya011k