{"id":49174235,"url":"https://github.com/aarontsang/secure-auth-threat-detection","last_synced_at":"2026-04-22T21:31:46.003Z","repository":{"id":327128860,"uuid":"1108002412","full_name":"aarontsang/secure-auth-threat-detection","owner":"aarontsang","description":"Backend service to maintain security. ","archived":false,"fork":false,"pushed_at":"2025-12-03T05:49:02.000Z","size":6921,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-12-04T12:50:34.147Z","etag":null,"topics":["bcrypt","cryptography","docker","jwt-authentication","postgresql","postman","reactjs","redis","salting"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/aarontsang.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-12-01T22:28:38.000Z","updated_at":"2025-12-03T05:49:06.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/aarontsang/secure-auth-threat-detection","commit_stats":null,"previous_names":["aarontsang/secure-auth-threat-detection"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/aarontsang/secure-auth-threat-detection","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aarontsang%2Fsecure-auth-threat-detection","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aarontsang%2Fsecure-auth-threat-detection/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aarontsang%2Fsecure-auth-threat-detection/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aarontsang%2Fsecure-auth-threat-detection/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/aarontsang","download_url":"https://codeload.github.com/aarontsang/secure-auth-threat-detection/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aarontsang%2Fsecure-auth-threat-detection/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32156434,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-22T17:06:48.269Z","status":"ssl_error","status_checked_at":"2026-04-22T17:06:19.037Z","response_time":58,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bcrypt","cryptography","docker","jwt-authentication","postgresql","postman","reactjs","redis","salting"],"created_at":"2026-04-22T21:31:45.412Z","updated_at":"2026-04-22T21:31:45.996Z","avatar_url":"https://github.com/aarontsang.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Secure Authentication \u0026 Threat Detection System\n\nA backend service that provides secure user authentication, detailed logging of login activity, rate limiting, and rule-based threat detection. \n\n---\n\n## Features\n\n### Authentication\n- User signup \u0026 login\n- Password hashing (bcrypt/argon2)\n- JWT access + refresh tokens\n- Role-based authorization (user/admin)\n\n### Security \u0026 Logging\n- IP + User-Agent logging\n- Persistent tracking of all login attempts\n- Suspicious activity analysis\n\n### Threat Detection\nRule-based engine detects:\n- Multiple failed logins from same IP\n- Logins from unusual geographic locations\n- Location jumps with logins\n\n### Admin Tools\n- View all login attempts\n- View generated threat alerts\n\n### Backend\n- **Node.js** + **TypeScript**\n- **Express.js**\n- **PostgreSQL** (persistent storage)\n- **JWT** for auth tokens\n- **bcrypt/argon2** for password hashing\n\n### Dev Tools\n- Postman\n\n\n### APIs\n\n| Route | Authorization | Payload | Returns |\n| :------- | :------: | :-------: | :-------: |\n| POST auth/signup | None | Email (required), Password (required), First Name (Optional), Last Name (Optional) | user_id, email, first and last name |\n| POST auth/login | None | Email (required), Password (required) | JWT token and user_id |\n| GET auth/refresh | User/Admin | None | Refreshed JWT token |\n| GET profile/me | User/Admin | None | user_id, email, full name |\n| GET admin/logs | Admin | None | all login attempts for the last 24 hours |\n| GET admin/alerts | Admin | None | all alerts for the last 24 hours |\n| POST admin/change-permissions | Admin | user_id, permission | user_id, email, new permission |\n\n\n# How to Run\n1. Install Node.js + npm\n   - Verify with ```node -v``` and ```npm -v```\n2. Install [PostgreSQL](https://www.postgresql.org/download/)\n   - Verify with ```psql --version```\n3. Update PORT, DATABASE_URL, and JWT_SECRET in ```.env```\n4. ```cd secure-auth-threat-detection/backend```\n5. Create the DB in Postgre\n   - ```psql -U postgres```\n   - Inside the psql console, ```CREATE DATABASE authdb;```, then quit with ```\\q```\n   - ```psql -U postgres -d authdb -f schema.sql```\n6. ```npm install``` to install all dependencies\n7. ```npm run dev``` to run!\n8. Check ```GET http://\u003cip-address\u003e:\u003cPORT\u003e/``` to verify it is running.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faarontsang%2Fsecure-auth-threat-detection","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faarontsang%2Fsecure-auth-threat-detection","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faarontsang%2Fsecure-auth-threat-detection/lists"}