Skip to content

Implement User Registration and Authentication

We need to implement the user creation functionality, allowing users to register and authenticate on the platform. This will involve backend logic in the user-service to handle registration requests, storing user data securely in the database, and implementing authentication using hashed passwords. On the frontend, we will build forms to allow users to enter their details and handle user interactions.

Tasks:

  • Create user registration endpoint in user-service.
  • Implement password hashing and validation using a secure method.
  • Create user authentication endpoint with JWT token issuance.
  • Create registration form for users to input their details (name, email, password).
  • Implement form validation (required fields, email format, password strength).
  • Call backend API to create user upon successful form submission.
  • Display success or error messages based on the response from the backend.
  • Create User model in PostgreSQL with necessary fields (name, email, password_hash, etc.).
  • Set up migrations for the User model.
  • Write unit tests for user creation endpoint.
  • Write integration tests to verify frontend and backend integration for user registration.

Acceptance Criteria:

  • User Registration:
    • Users can submit their details via the registration form.
    • User data is securely stored in the database (password is hashed).
    • The system validates the form data (fields cannot be empty, email must be in the correct format, password must meet the strength requirements).
    • The user receives an appropriate message upon successful or failed registration (e.g., "Registration successful" or "Email already exists").
  • User Authentication:
    • Users can log in using their registered email and password.
    • Passwords are validated securely using the hashed version stored in the database.
    • On successful login, the system returns a JWT token for further requests.
    • The user receives an appropriate message upon successful or failed login (e.g., "Login successful" or "Invalid credentials").
  • Security:
    • Passwords are never stored in plain text (hashed and salted).
    • JWT tokens are returned securely on successful login and can be used for authenticated routes.
  • Frontend Integration:
    • The registration form must call the backend API and show success or error messages based on the result.
    • The UI must be user-friendly and responsive.
Edited by Obeng, Sinead (UG - Comp Sci & Elec Eng)